[ BUG ] `Get-FalconRole` does not display custom roles - Githubissues

CrowdStrike / psfalcon

PowerShell for CrowdStrike's OAuth2 APIs

The Unlicense

350 stars 66 forks source link

[ BUG ] `Get-FalconRole` does not display custom roles #374

Closed plus-zz closed 9 months ago

plus-zz commented 9 months ago

Describe the bug get-FalconRole gives error messages for every custom role

To Reproduce Get parent API-Key. Create Child CID Custom role. Use get-FalconRole -CID xxxx to query all roles. Get first error messages for every custom role, then all default roles displayed.

Environment (please complete the following information):

PSFalcon: 2.2.5

plus-zz commented 9 months ago

Updated to PSFalcon 2.2.6 - Now no error messages anymore. But IDs of custom roles will not be displayed.

Command with no custom roles:

Get-FalconRole -Cid xxxxx | Get-FalconRole

Command with error Detailed is not a valid parameter:

Get-FalconRole -Cid xxxxxxx -Id yyyyyyy -Detailed

PS: I love this PowerShell PSFalcon module, the wiki and the easy way of administration. Thank you for your awesome module, making everyday easier!

bk-cs commented 9 months ago

In my testing, the following command does return the role information for custom roles (i.e. those with an identifier value rather than plain text role label):

Get-FalconRole -Cid xxx | Get-FalconRole

The problem is that custom roles return a cid value while the standard roles do not. Because of how PowerShell works, that means that you don't see the custom role in the final output. You can use Format-List to see that it is there:

Get-FalconRole -Cid xxx | Get-FalconRole | Format-List

Or, you can use Select-Object to force it to show in the table (with cid being empty for all the other roles):

Get-FalconRole -Cid xxx | Get-FalconRole | Select-Object id,display_name,description,is_global,cid

I can't force it to end up in the final output automatically without adding some additional features to PSFalcon (which I do have on my bucket list for the future, but not anytime soon).

plus-zz commented 8 months ago

Thank you for your code-snippets. It's working like you described.

Maybe you can help me with a problem I try to solve.

I want in the end to create some kind of excel pivot table. Rows = Settings enabled / disabled within a Role. Columns = RoleName

Why this? CustomRoles will have the name of an EntraAD Security Group. Automation will add analysts to the corresponding Roles. Role permissions can be negotiated between different teams and then assigned.

Questions: How can I get a csv export of all enabled security settings for custom groups per CID?

Thank you for your super fast response! 🥇

bk-cs commented 8 months ago

How can I get a csv export of all enabled security settings for custom groups per CID?

There isn't an API available that will output the permissions for a given role. :(