I am trying to make a script to get all the users and roles assigned to the resources of the subscription.
Working with PowerShell and according to the documentation this command should work:
Invoke-WebRequest -UseBasicParsing -Headers $ headerParams -Uri "https://graph.microsoft.com/beta/privilegedAccess/azureResources/roleAssignments/export?`$filter=resourceId+eq+'xxxxxxx '" -Method Get
But it does not work.
So I decided to go through all the resources, take the ID and do a foreach for all the assignements of each resource.
In the end I got what I was looking for but all with "ID's" I managed to drag the Resource Name and the Role Name but I can not convert the SubjectID into the DisplayName or UPN.
Is there any way to get the same report that PIM offers in the portal in a quick way in API Graph?
Thank you,
Javi
Working with PowerShell and according to the documentation this command should work:
Invoke-WebRequest -UseBasicParsing -Headers $ headerParams -Uri "https://graph.microsoft.com/beta/privilegedAccess/azureResources/roleAssignments/export?`$filter=resourceId+eq+'xxxxxxx '" -Method Get
But it does not work.
So I decided to go through all the resources, take the ID and do a foreach for all the assignements of each resource.
In the end I got what I was looking for but all with "ID's" I managed to drag the Resource Name and the Role Name but I can not convert the SubjectID into the DisplayName or UPN.
Is there any way to get the same report that PIM offers in the portal in a quick way in API Graph?
Thank you,
Javi