Azure Role Assignments Audit Report
Overview:
Azure Administrators often come across challenges while tracking multiple Azure role assignments and removals. At present Azure provides Activity Logs but they make less sense to non-techsavy stakeholders. For example it includes Role Id, Principal Id but doesn't indicate Role names and Principal names which can make the report more readable. To ensure proper tracking and accountability, we need a comprehensive report that includes the following details:
- Initiator and Timestamp
- User/Group/Principal assigned/removed
- Role assigned/removed
- Scope of the Attempt
Pre-Requisites:
- Export subscription level Activity Logs to a Log Analytics Workspace. For this navigate to Subscription > Activity log > Export Activity Log > Add Diagnostic Setting
- Add Diagnostic Setting to export Administrative logs to a Log Analytic Workspace of your choice and hit the save button:
- Navigate to the Workspace and Retrieve the Workspace ID from the overview section, we'll require this in our script.
Solution:
We have created a solution that retrieves and refines information from the Log Analytic Workspace stored Activity Logs and creates a readable CSV report.
Sample Output:
PowerShell Script:
Please replace with appropriate workspace ID(line 32,33) and output CSV file path(line 57, 78). You can provide same values for both at multiple places. Based on the requirement and Log Analytics Retention the no. of days can also be edited(line 6,20)
Hope this helps!
Published on:
Learn moreRelated posts
Power BI Demo - Azure Maps are Where?
Moving to TLS 1.2 for Azure Cosmos DB: Ensuring Secure Connections
Security and reliability are at the core of modern cloud applications. To strengthen data protection and align with industry best practices, w...
GitHub Copilot for Azure DevOps users
Azure DevOps customers frequently ask us when GitHub Copilot will be available to them. What many don’t realize is that GitHub Copilot for Bus...
Rust in time! Announcing the Azure SDK for Rust Beta. 🎉
Announcing the first beta release of the Azure SDK for Rust. This release includes libraries for Identity, Key Vault secrets & keys, Event...
Introducing Azure AI Foundry Labs
Go passwordless when calling Azure OpenAI from Azure SQL using Managed Identities
Security is a significant topic today, and the ability to access a service requiring authentication without using an API key, password, or sec...
Spring Cloud Azure updates and troubleshooting tips for Java on AKS
This post shows the latest Spring Cloud Azure updates. The post Spring Cloud Azure updates and troubleshooting tips for Java on AKS appeared f...
Episode 395 – Getting Started with VDI in Azure with Azure Virtual Desktop
Welcome to Episode 395 of the Microsoft Cloud IT Pro Podcast. In this episode, we dive into Azure Virtual Desktop (AVD) and how it enables org...