search

Azure / enterprise-azure-policy-as-code

Enterprise-ready Azure Policy-as-Code (PaC) solution (includes Az DevOps pipeline)
https://azure.github.io/enterprise-azure-policy-as-code/
MIT License
422 stars 231 forks source link

Fix user assigned managed identity export #690

Closed anwather closed 3 months ago

anwather commented 3 months ago

Describe the bug User assigned managed identities are incorrectly being output during Export-AzPolicyResources

mortenlerudjordet commented 3 months ago

Ran a debug on the code, and userAssignedIdentities is a hashtable, but gets treated as a PSCustomObject.

In Export-AzPolicyResources on 698:

  if ($identityType -eq "UserAssigned") {
      $userAssignedIdentities = $policyAssignment.identity.userAssignedIdentities
      $identityProperty = $userAssignedIdentities.psobject.Properties
      $identity = $identityProperty.Name
      $identityEntry = @{
          userAssigned = $identity
          location     = $location
      }
  }

Adding following code fixes export:

if ($identityType -eq "UserAssigned") {
    $userAssignedIdentities = $policyAssignment.identity.userAssignedIdentities
    # $identityProperty = $userAssignedIdentities.psobject.Properties
    $identity = $userAssignedIdentities.GetEnumerator().Name
    if($identity.Count -gt 1) {
        $identityEntry = $identity | ForEach-Object {
            @{
                userAssigned = $PSItem
                location     = $location
            }
        }
    }
    else {
        $identityEntry = @{
            userAssigned = $identity
            location     = $location
        }
    }
}
anwather commented 3 months ago

@mortenlerudjordet - thanks works great - should release tomorrow.