-
Notifications
You must be signed in to change notification settings - Fork 4
/
Copy pathcreate-azurejson.ps1
70 lines (55 loc) · 2.29 KB
/
create-azurejson.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
# Connect to Azure
$azResourceModule = Get-module -Name Az.Resources
if ($azResourceModule -eq $null) {
Install-Module -Name Az.Resources -Repository PSGallery -Force
}
$azAccountModule = Get-module -Name Az.Accounts
if ($azAccountModule -eq $null) {
Install-Module -Name Az.Accounts -Repository PSGallery -Force
}
$SecurePassword = ConvertTo-SecureString -String "$env:CLIENT_SECRET"-AsPlainText -Force
$TenantId = "$env:TENANT_ID"
$ApplicationId = "$env:CLIENT_ID"
$Credential = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $ApplicationId, $SecurePassword
Connect-AzAccount -ServicePrincipal -TenantId $TenantId -Credential $Credential | Out-Null
# Retrieve role definitions and create a custom object
$roleMappings = @{}
Get-AzRoleDefinition | ForEach-Object {
$roleMappings[($_.Name -replace ' ', '')] = $_.Id
}
# Convert the custom object to JSON
$json = $roleMappings | ConvertTo-Json
# Convert JSON to PowerShell object
$jsonObject = $json | ConvertFrom-Json
# Convert to hashtable, sort it and then to custom object
$sortedHashtable = @{}
$jsonObject.PSObject.Properties | ForEach-Object {
if ($_.Name -notmatch "IsFixedSize|IsReadOnly|IsSynchronized|Keys") {
$sortedHashtable[$_.Name] = $_.Value
}
}
$sortedObject = New-Object PSObject
$sortedHashtable.GetEnumerator() | Sort-Object Name | ForEach-Object {
$sortedObject | Add-Member -NotePropertyName $_.Name -NotePropertyValue $_.Value
}
# Convert back to JSON, specify the depth to ensure all nested objects are converted
$sortedJson = $sortedObject | ConvertTo-Json -Depth 5
# Original Azure roles Json
$originalAzureRoleJson = Get-Content .\azure_roles.json
# Output the sorted JSON
$sortedJson | Out-File "azure_roles.json"
# Current Azure roles Json
$currentAzureRoleJson = Get-Content .\azure_roles.json
# Compare the original and current JSON counts
$newAzureRoleCount = $currentAzureRoleJson.count - $originalAzureRoleJson.count
& git config --local user.email "[email protected]"
& git config --local user.name "Paul Lizer"
# If there are new roles, commit and push the changes
& git diff --exit-code
if ($LASTEXITCODE -ne 0)
{
$commitMessage = "Added " + $newAzureRoleCount + " new roles."
& git add "azure_roles.json"
& git commit -m $commitMessage
& git push
}