This repository was archived by the owner on Jul 15, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 6
Expand file tree
/
Copy pathAdd-AzLabRoleAssignments.ps1
More file actions
52 lines (42 loc) · 2.1 KB
/
Add-AzLabRoleAssignments.ps1
File metadata and controls
52 lines (42 loc) · 2.1 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
[CmdletBinding()]
param(
[parameter(Mandatory = $true, ValueFromPipelineByPropertyName = $true)]
[string]
$CsvConfigFile,
[parameter(Mandatory = $true, ValueFromPipelineByPropertyName = $true)]
[string]
$RoleDefinitionName
)
Set-StrictMode -Version Latest
Import-Module -Name Az.Resources -Force
# Make sure the input file does exist
if (-not (Test-Path -Path $CsvConfigFile)) {
Write-Error "Input CSV File must exist, please choose a valid file location..."
}
$scriptstartTime = Get-Date
Write-Host "Executing bulk teacher permission add script, starting at $scriptstartTime" -ForegroundColor Green
# Import the CSV file (plain import not using the library)
$labs = Import-Csv -Path $CsvConfigFile
# Loop through the labs to apply role assignments
foreach ($lab in $labs) {
# continue only if we have 'Teachers' column and it has data
if ($lab.PSObject.Properties['Teachers'] -and $lab.Teachers)
{
# Get the lab
$labObj = Get-AzResource -ResourceGroupName $lab.ResourceGroupName -Name $lab.LabName
$lab.Teachers.Split(";") | ForEach-Object {
# make sure we didn't accidently have an extra semicolon with empty data
if ($_) {
$roleAssignment = Get-AzRoleAssignment -SignInName $_ -Scope $labObj.ResourceId -RoleDefinitionName $RoleDefinitionName -ErrorAction SilentlyContinue
if ($roleAssignment) {
Write-Host "Role assignment for teacher $_ already exists in lab $($lab.LabName) in Resource Group Name $($lab.ResourceGroupName)" -ForegroundColor Yellow
}
else {
Write-Host "Adding role assignment for teacher $_ in lab $($lab.LabName) in Resource Group Name $($lab.ResourceGroupName)"
New-AzRoleAssignment -SignInName $_ -RoleDefinitionName $RoleDefinitionName -Scope $labObj.ResourceId | Out-Null
}
}
}
}
}
Write-Host "Completed bulk teacher permission add script, total duration $([math]::Round(((Get-Date) - $scriptstartTime).TotalMinutes, 1)) minutes" -ForegroundColor Green