We have multiple subscriptions with dozens of resource groups and each RG contains Gen 2 storage account. We need to export ACL permissions from all the containers of all the subfolders in each storage account i.e. Gen2. I have written 1 script which gives me ACL permissions of only parent folder not the sub-folders. Any suggestions to export ACL permissions of sub-folders as well?
Connect-AzAccount
$storageAccounts = Get-AzStorageAccount
$results = foreach ($storageAccount in $storageAccounts)
{
$containers = Get-AzStorageContainer -Context $storageAccount.Context
foreach ($container in $containers)
{
$filesystem = Get-AzDataLakeGen2Item -Context $storageAccount.Context -FileSystem
$container.Name
$s = $storageAccount.storageaccountname
$r = $storageAccount.ResourceGroupName
$filesystemname = $container.Name
$aclpermission = $filesystem.ACL.Permissions -join ","
$aclaccesscontroltype=$filesystem.ACL.AccessControlType -join ","
[PSCustomObject]@{
StorageAccountName = $s
ResourceGroupName = $r
ContainerName = $filesystemname
ACLpermission = $aclpermission
ACLaccesscontroltype=$aclaccesscontroltype
}
}
}
$results | Export-Csv -Path "output.csv" -NoTypeInformation
You can use the below PowerShell script to export ACL permissions of
Containerandsubfolders.Script:
The above PowerShell script retrieves information about
Azure Data Lake Gen2 itemsand exports the results to a CSV file. It iterates through eachstorage account,container,andsubfolder, and retrieves the ACL information for each item. Finally, it creates a custom object that contains the relevant information and exports it to a CSV file.Output: