Anybody got a GC powershell script that will output domain,entityType,action from the permissions list?

Platform API CLI
1

Looking for a way to be able to programmaticaly and repeatedly as needed export a list of all permissions into a single row/csv of domain,entityType,action

I'm then wanting to be able to expand on that further and do the same for actual roles - eg csv of the permissions assigned to each role in the same domain, entityType, action format

2

Hi Vaughn,

I've written some quick scripts(works in both PS 5.1 and 7.0+) based on my understanding of the request. This assumes that the Genesys Cloud CLI has already been set-up.

1. Export all permissions in one CSV file

# Get all permissions and export to a single CSV

$permissions = @()

(gc.exe authorization permissions list -a | ConvertFrom-Json) |
    Select-Object -ExcludeProperty domain -ExpandProperty permissionMap |
    ForEach-Object { $i = 0 } {
        foreach($permissionMaps in $_.PSObject.Properties) {
            foreach($mapping in $permissionMaps.Value){
                if ($null -eq $mapping.domain ) {
                    continue
                }

                # Create the row
                $out = [pscustomobject]@{
                    domain = $mapping.domain
                    entityType = $mapping.entityType
                    action = $mapping.action
                }

                $permissions += $out
            }          
        }
    }

# Export to CSV
$permissions | Export-Csv -Path ".\all-permissions.csv" -NoTypeInformation

2. Export permissions for a specific role

# Get permissions for a specific role. Provide the role id in the variable below

$roleId = "d9375af4-bec7-453b-bb4a-e0b2fbc2bbac"

$permissions = @()

$role = (gc.exe authorization roles get $roleId | ConvertFrom-Json)
$roleName = $role.name

$role | Select-Object -ExpandProperty "permissionPolicies" |
    ForEach-Object { $i = 0 } {
        foreach($action in $_.actionSet) {
            $out = [pscustomobject]@{
                domain = $_.domain
                entityType = $_.entityName
                action = $action
            }

            $permissions += $out
        }
    }

$permissions | Export-Csv -Path ".\$roleName-permissions.csv" -NoTypeInformation

3. Export permissions for each role (1 csv file per role)

# Get permissions for each role in the organization (will produce one csv file per role)

(gc.exe authorization roles list -a | ConvertFrom-Json) |
    ForEach-Object { $i = 0 } {
        $roleId = $_.id
        $roleName = $_.name
        $permissions = @()

        $_ | Select-Object -ExpandProperty "permissionPolicies" |
            ForEach-Object { $i = 0 } {
                foreach($action in $_.actionSet) {
                    $out = [pscustomobject]@{
                        domain = $_.domain
                        entityType = $_.entityName
                        action = $action
                    }

                    $permissions += $out
                }
            }

        $permissions | Export-Csv -Path ".\$roleName-permissions.csv" -NoTypeInformation
    }

Please let me know if that works.

Also for future reference, these examples should also be available in the Quick Hits once I add it.

3

Thanks Prince, these work perfectly.

1 Like
4

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.