Created
May 30, 2025 12:51
-
-
Save Mark-Broadhurst/2da97e1e4860e43d258e471f46280c7e to your computer and use it in GitHub Desktop.
Remove all role assignments for user
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Login to Azure | |
| Connect-AzAccount -SkipContextPopulation | |
| # Get all subscriptions | |
| $subscriptions = Get-AzSubscription | |
| # Loop through each subscription | |
| foreach ($subscription in $subscriptions) { | |
| # Set the current subscription context | |
| Set-AzContext -SubscriptionId $subscription.Id | |
| # Get the current user's object ID | |
| $currentUser = Get-AzADUser -UserPrincipalName "[email protected]" | |
| # Get all role assignments for the current user | |
| $roleAssignments = Get-AzRoleAssignment -ObjectId $currentUser.Id | |
| # Loop through each role assignment and remove it | |
| foreach ($roleAssignment in $roleAssignments) { | |
| Remove-AzRoleAssignment -ObjectId $roleAssignment.ObjectId -RoleDefinitionName $roleAssignment.RoleDefinitionName -Scope $roleAssignment.Scope | |
| Write-Output "Removed role assignment: $($roleAssignment.RoleDefinitionName) in subscription: $($subscription.Name)" | |
| } | |
| } | |
| Write-Output "All role assignments removed across all subscriptions." |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment