DEVHIDE
Login Or Sign up

How to write a PowerShell script which export ACL permissions from all the containers of all GEn2 Storage account in subscription?

187 Views Asked by At

We have multiple subscriptions with dozens of resource groups and each RG contains Gen 2 storage account. We need to export ACL permissions from all the containers of all the subfolders in each storage account i.e. Gen2. I have written 1 script which gives me ACL permissions of only parent folder not the sub-folders. Any suggestions to export ACL permissions of sub-folders as well?

Connect-AzAccount


$storageAccounts = Get-AzStorageAccount 


$results = foreach ($storageAccount in $storageAccounts) 


  {

    $containers = Get-AzStorageContainer -Context $storageAccount.Context

    foreach ($container in $containers) 

{

        $filesystem = Get-AzDataLakeGen2Item -Context $storageAccount.Context -FileSystem 
        $container.Name
        $s = $storageAccount.storageaccountname
        $r = $storageAccount.ResourceGroupName
        $filesystemname = $container.Name
        $aclpermission = $filesystem.ACL.Permissions -join ","
        $aclaccesscontroltype=$filesystem.ACL.AccessControlType -join ","

        [PSCustomObject]@{
            StorageAccountName = $s
            ResourceGroupName = $r 
            ContainerName = $filesystemname
            ACLpermission = $aclpermission
            ACLaccesscontroltype=$aclaccesscontroltype
        }
    }
}

$results | Export-Csv -Path "output.csv" -NoTypeInformation
azure powershell acl azure-data-lake-gen2 azure-storage-account
Original Q&A
1

There are 1 best solutions below

0
On BEST ANSWER

How to write a PowerShell script that exports ACL permissions from all the containers of all GEn2 Storage accounts in subscription? Any suggestions to export ACL permissions of sub-folders as well?

You can use the below PowerShell script to export ACL permissions of Container and subfolders.

Script:

Connect-AzAccount

$storageAccounts = Get-AzStorageAccount 

$results = foreach ($storageAccount in $storageAccounts) {
    $containers = Get-AzStorageContainer -Context $storageAccount.Context
    foreach ($container in $containers) {
        $filesystem = Get-AzDataLakeGen2Item -Context $storageAccount.Context -FileSystem $container.Name
        $subfolders = Get-AzDataLakeGen2ChildItem -Context $storageAccount.Context -FileSystem $container.Name -Path "/"
        foreach ($subfolder in $subfolders) {
            $subfolderitem = Get-AzDataLakeGen2Item -Context $storageAccount.Context -FileSystem $container.Name -Path $subfolder.Name
            $s = $storageAccount.storageaccountname
            $r = $storageAccount.ResourceGroupName
            $filesystemname = $container.Name
            $subfoldername = $subfolder.Name
            $aclpermission = $filesystem.ACL.Permissions -join ","
            $subfolderaclpermission = $subfolderitem.ACL.Permissions -join ","
            $aclaccesscontroltype = $filesystem.ACL.AccessControlType -join ","
            $subfolderaccesscontroltype = $subfolderitem.ACL.AccessControlType -join ","
    
            [PSCustomObject]@{
                StorageAccountName = $s
                ResourceGroupName = $r 
                ContainerName = $filesystemname
                Subfoldername = $subfoldername
                ACLpermission = $aclpermission
                ACLaccesscontroltype = $aclaccesscontroltype
                SubfolderACLpermission = $subfolderaclpermission
                SubfolderaccessControlType = $subfolderaccesscontroltype
            }
        }
    }
}

$results | Export-Csv -Path "output.csv" -NoTypeInformation

The above PowerShell script retrieves information about Azure Data Lake Gen2 items and exports the results to a CSV file. It iterates through each storage account, container, and subfolder, and retrieves the ACL information for each item. Finally, it creates a custom object that contains the relevant information and exports it to a CSV file.

Output: enter image description here

Related Questions in AZURE

Related Questions in POWERSHELL

Related Questions in ACL

Related Questions in AZURE-DATA-LAKE-GEN2

Related Questions in AZURE-STORAGE-ACCOUNT

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Popular Questions

Copyright © 2021 Jogjafile Inc.