0
votes

I have the following code to retrieve the IAM (access control) list of a resource group:

const authorizationManagement = require('azure-arm-authorization');
this.client = new authorizationManagement(credentials, subscriptionId);
var iam = await this.client.roleAssignments.listForResourceGroup(rgName);

However the results are all UUIDs, such as:

id:"/subscriptions/de8abfb7-b22b-3c95-8e00-a1a8219e0d98/providers/Microsoft.Authorization/roleAssignments/c5f2db94-98c3-3671-8092-fc33d8a474d7" name:"c5f2db94-98c3-3671-8092-fc33d8a474d7" principalId:"53a71af7-c241-34e1-b77b-e98151ca6b3f" roleDefinitionId:"/subscriptions/de8abfb7-b22b-3c95-8e00-a1a8219e0d98/providers/Microsoft.Authorization/roleDefinitions/b23988ac-5180-32a0-ab88-20f7682dd23c" scope:"/subscriptions/de8abfb7-b22b-3c95-8e00-a1a8219e0d98" type:"Microsoft.Authorization/roleAssignments"

I only need the principals (users) and their roles. I know how to get the role by role ID, but don't know how to get the user by principal ID.

1
See: docs.microsoft.com/en-us/javascript/api/azure-graph/… The object id should be the principal ID.Joy Wang-MSFT

1 Answers

1
votes

I suppose you are looking for this method: get(string, Object).

function get(upnOrObjectId: string, options?: Object)

The object ID should be the principal ID, it returns the User what you need.