0

Powershell command 'az role assignment list --assignee user@company.com --all' is giving result in powershell but no results for below code snippet.

TokenCredential azureCliCredential = new AzureCliCredentialBuilder().build();
GraphServiceClient<Request> graphClient = GraphServiceClient.builder().authenticationProvider(new TokenCredentialAuthProvider(azureCliCredential)).buildClient();
AppRoleAssignmentCollectionPage appRoleAssignments = graphClient.users("objectid of user@company.com").appRoleAssignments().buildRequest().get();
System.out.println(appRoleAssignments);
dev4java
  • 86
  • 1
  • 8

1 Answers1

2

The reason it is not working is because the two things you are trying are for different things all together.

'az role assignment list --assignee user@company.com --all' is to get Azure RBAC role assignments i.e. roles assigned to a user for managing Azure Subscriptions.

However AppRoleAssignmentCollectionPage appRoleAssignments = graphClient.users("objectid of user@company.com").appRoleAssignments().buildRequest().get(); gets the roles assigned to the user for an application in Azure AD.

To get Azure RBAC role assignments using code, your will need to use Azure SDK for Java

Gaurav Mantri
  • 128,066
  • 12
  • 206
  • 241
  • thanks @Gaurav Mantri, actually my requirement is to get RBAC role assignments using Azure SDK for JAVA, do you have any reference – dev4java Mar 07 '22 at 10:56
  • @dev4java - I tried to look up the exact function you would need to use and closest I could get to was this: https://azuresdkdocs.blob.core.windows.net/$web/java/azure-resourcemanager/2.12.0/com/azure/resourcemanager/AccessManagement.html. – Gaurav Mantri Mar 07 '22 at 10:59
  • the above suggested 'AzureResourceManager' is giving the all the role definitions available on a resource but not what are the roles assigned (role definition details )to the user – dev4java Mar 08 '22 at 16:30