Azure Role Assignments Audit Report
Overview:
Azure Administrators often come across challenges while tracking multiple Azure role assignments and removals. At present Azure provides Activity Logs but they make less sense to non-techsavy stakeholders. For example it includes Role Id, Principal Id but doesn't indicate Role names and Principal names which can make the report more readable. To ensure proper tracking and accountability, we need a comprehensive report that includes the following details:
- Initiator and Timestamp
- User/Group/Principal assigned/removed
- Role assigned/removed
- Scope of the Attempt
Pre-Requisites:
- Export subscription level Activity Logs to a Log Analytics Workspace. For this navigate to Subscription > Activity log > Export Activity Log > Add Diagnostic Setting
- Add Diagnostic Setting to export Administrative logs to a Log Analytic Workspace of your choice and hit the save button:
- Navigate to the Workspace and Retrieve the Workspace ID from the overview section, we'll require this in our script.
Solution:
We have created a solution that retrieves and refines information from the Log Analytic Workspace stored Activity Logs and creates a readable CSV report.
Sample Output:
PowerShell Script:
Please replace with appropriate workspace ID(line 32,33) and output CSV file path(line 57, 78). You can provide same values for both at multiple places. Based on the requirement and Log Analytics Retention the no. of days can also be edited(line 6,20)
Hope this helps!
Published on:
Learn moreRelated posts
How to Integrate Azure Service Bus with Microsoft Dynamics 365 CRM Step by Step with Example?
Keeping data flowing between applications is critical in today’s connected business world. Organizations using Microsoft Dynamics 365 CR...
Enhancing Secure Sign-Ins with Temporary Access Pass in Azure Active Directory
Introduction While working on improving user account recovery scenarios, a common challenge often arises: how to securely allow a user to sign...
Azure SDK Release (September 2025)
Azure SDK releases every month. In this post, you'll find this month's highlights and release notes. The post Azure SDK Release (September 202...
Batch Processing Triggered Pipeline Runs in Azure Synapse
This post describes a pattern for batch processing triggered pipeline runs in Azure Synapse
Reliably refreshing a Semantic Model from Azure Data Factory or Synapse Pipelines
This post describes a pattern for reliably refreshing Power BI semantic models from Azure Data Factory or Azure Synapse Pipelines.
Power Pages Fundamentals #24: Boosting Portal Security with Azure Single Sign-On: Quick Read Series
Contoso Motors is a large automotive service company.They have built a Power Pages customer portal for their external partners and customers t...
Building Azure functions that never store secrets — ever
What if your function could hit Microsoft Graph with no client secrets, no certs, and no Key Vault entries? That is exactly what a Managed id...
Azure Functions missing after zip deploy from GitHub Actions
Learn how to troubleshoot Azure Functions that don't appear after zip deployment from GitHub Actions, including platform architecture configur...