Closed plus-zz closed 9 months ago
Updated to PSFalcon 2.2.6 - Now no error messages anymore. But IDs of custom roles will not be displayed.
Command with no custom roles:
Get-FalconRole -Cid xxxxx | Get-FalconRole
Command with error Detailed is not a valid parameter:
Get-FalconRole -Cid xxxxxxx -Id yyyyyyy -Detailed
PS: I love this PowerShell PSFalcon module, the wiki and the easy way of administration. Thank you for your awesome module, making everyday easier!
In my testing, the following command does return the role information for custom roles (i.e. those with an identifier value rather than plain text role label):
Get-FalconRole -Cid xxx | Get-FalconRole
The problem is that custom roles return a cid
value while the standard roles do not. Because of how PowerShell works, that means that you don't see the custom role in the final output. You can use Format-List
to see that it is there:
Get-FalconRole -Cid xxx | Get-FalconRole | Format-List
Or, you can use Select-Object
to force it to show in the table (with cid
being empty for all the other roles):
Get-FalconRole -Cid xxx | Get-FalconRole | Select-Object id,display_name,description,is_global,cid
I can't force it to end up in the final output automatically without adding some additional features to PSFalcon (which I do have on my bucket list for the future, but not anytime soon).
Thank you for your code-snippets. It's working like you described.
Maybe you can help me with a problem I try to solve.
I want in the end to create some kind of excel pivot table. Rows = Settings enabled / disabled within a Role. Columns = RoleName
Why this? CustomRoles will have the name of an EntraAD Security Group. Automation will add analysts to the corresponding Roles. Role permissions can be negotiated between different teams and then assigned.
Questions: How can I get a csv export of all enabled security settings for custom groups per CID?
Thank you for your super fast response! 🥇
How can I get a csv export of all enabled security settings for custom groups per CID?
There isn't an API available that will output the permissions for a given role. :(
Describe the bug get-FalconRole gives error messages for every custom role
To Reproduce Get parent API-Key. Create Child CID Custom role. Use get-FalconRole -CID xxxx to query all roles. Get first error messages for every custom role, then all default roles displayed.
Environment (please complete the following information):