Functions/Public/Get-vRATenantRole.psm1

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
function Get-vRATenantRole {
<#
    .SYNOPSIS
    Retrieve vRA Tenant Role
    
    .DESCRIPTION
    Retrieve vRA Tenant Role
    
    .PARAMETER TenantId
    Specify the Tenant Id

    .PARAMETER PrincipalId
    Specify the Principal Id

    .PARAMETER Limit
    The number of entries returned per page from the API. This has a default value of 100.

    .INPUTS
    System.String

    .OUTPUTS
    System.Management.Automation.PSObject.
    
    .EXAMPLE
    Get-vRATenantRole -TenantId Tenant01 -PrincipalId Tenantadmin@vrademo.local
#>

[CmdletBinding()][OutputType('System.Management.Automation.PSObject')]

    Param (

    [parameter(Mandatory=$true)]
    [ValidateNotNullOrEmpty()]
    [String]$TenantId,
    
    [parameter(Mandatory=$true)]
    [ValidateNotNullOrEmpty()]
    [String[]]$PrincipalId,  
    
    [parameter(Mandatory=$false)]
    [ValidateNotNullOrEmpty()]
    [String]$Limit = "100"
    )
                
try {
        
        foreach ($Principal in $PrincipalId){

            $URI = "/identity/api/authorization/tenants/$($TenantId)/principals/$Principal/roles?limit=$($Limit)"

            # --- Run vRA REST Request
            $Response = Invoke-vRARestMethod -Method GET -URI $URI
        
            foreach ($Role in $Response.content) {
        
                [pscustomobject]@{

                    Principal = $Principal
                    Id = $Role.id
                    Name = $Role.name
                    Description = $Role.description
                    Type = $Role.'@type'
                    AssignedPermissions = $Role.assignedPermissions
                }
            }
        }
}
catch [Exception]{

    throw
}
}