From 24a5ac955966f80bba5bd025f02020690c350c7f Mon Sep 17 00:00:00 2001 From: "Heinrich Gantenbein (techlake)" Date: Wed, 9 Nov 2022 14:06:21 -0600 Subject: [PATCH] Fixing bug with empty global notScopes --- ...d-AzPoliciesInitiativesAssignmentsPlan.ps1 | 2 +- .../Helpers/Build-AzPolicyAssignmentsPlan.ps1 | 2 +- ...Build-AzPolicyDefinitionsForInitiative.ps1 | 2 +- .../Get-AzAssignmentsAtScopeRecursive.ps1 | 20 +++++++++---------- Scripts/Helpers/Select-PacEnvironment.ps1 | 1 - 5 files changed, 13 insertions(+), 14 deletions(-) diff --git a/Scripts/Deploy/Build-AzPoliciesInitiativesAssignmentsPlan.ps1 b/Scripts/Deploy/Build-AzPoliciesInitiativesAssignmentsPlan.ps1 index d493426b..c2541f27 100644 --- a/Scripts/Deploy/Build-AzPoliciesInitiativesAssignmentsPlan.ps1 +++ b/Scripts/Deploy/Build-AzPoliciesInitiativesAssignmentsPlan.ps1 @@ -65,7 +65,7 @@ if ($PlanFile -eq "") { $PlanFile = $pacEnvironment.policyPlanOutputFile } -# Getting existing Policy Assignmentscls +# Getting existing Policy Assignments $existingAssignments = $null $scopeTreeInfo = Get-AzScopeTree ` -tenantId $pacEnvironment.tenantId ` diff --git a/Scripts/Helpers/Build-AzPolicyAssignmentsPlan.ps1 b/Scripts/Helpers/Build-AzPolicyAssignmentsPlan.ps1 index 8da2e9b8..11140f7e 100644 --- a/Scripts/Helpers/Build-AzPolicyAssignmentsPlan.ps1 +++ b/Scripts/Helpers/Build-AzPolicyAssignmentsPlan.ps1 @@ -9,7 +9,7 @@ function Build-AzPolicyAssignmentsPlan { [hashtable] $rootScope, [string] $rootScopeId, [hashtable] $scopeTreeInfo, - [array] $globalNotScopeList, + [array] $globalNotScopeList = @(), [string] $managedIdentityLocation, [hashtable] $allPolicyDefinitions, [hashtable] $customPolicyDefinitions, diff --git a/Scripts/Helpers/Build-AzPolicyDefinitionsForInitiative.ps1 b/Scripts/Helpers/Build-AzPolicyDefinitionsForInitiative.ps1 index 58625136..441551ad 100644 --- a/Scripts/Helpers/Build-AzPolicyDefinitionsForInitiative.ps1 +++ b/Scripts/Helpers/Build-AzPolicyDefinitionsForInitiative.ps1 @@ -12,7 +12,7 @@ function Build-AzPolicyDefinitionsForInitiative { ) - ######## validating each Policy Definition needed in Inititaive exists ########### + ######## validating each Policy Definition needed in Initiative exists ########### Write-Verbose " Check existence of referenced policyDefinitionIDs and build new array" $usingUndefinedReference = $false diff --git a/Scripts/Helpers/Get-AzAssignmentsAtScopeRecursive.ps1 b/Scripts/Helpers/Get-AzAssignmentsAtScopeRecursive.ps1 index c89b55b6..9d1f978d 100644 --- a/Scripts/Helpers/Get-AzAssignmentsAtScopeRecursive.ps1 +++ b/Scripts/Helpers/Get-AzAssignmentsAtScopeRecursive.ps1 @@ -331,16 +331,16 @@ function Get-AzAssignmentsAtSpecificScope { function Get-AzAssignmentsAtScopeRecursive { [CmdletBinding()] param( - [parameter(Mandatory = $True)] [object] $scopeTreeInfo, - [parameter(Mandatory = $True)] [string[]] $notScopeIn, - [parameter(Mandatory = $false)] [bool] $includeResourceGroups = $false, - [parameter(Mandatory = $false)] [bool] $getAssignments = $true, - [parameter(Mandatory = $false)] [bool] $getExemptions = $true, - [Parameter(Mandatory = $false)] [int] $expiringInDays = 7, - [parameter(Mandatory = $false)] [bool] $getRemediations = $false, - [parameter(Mandatory = $false)] [hashtable] $allPolicyDefinitions = $null, - [parameter(Mandatory = $false)] [hashtable] $allInitiativeDefinitions = $null, - [switch] $supressRoleAssignments + [object] $scopeTreeInfo, + [string[]] $notScopeIn = @(), + [bool] $includeResourceGroups = $false, + [bool] $getAssignments = $true, + [bool] $getExemptions = $true, + [int] $expiringInDays = 7, + [bool] $getRemediations = $false, + [hashtable] $allPolicyDefinitions = $null, + [hashtable] $allInitiativeDefinitions = $null, + [switch] $supressRoleAssignments ) [array] $subscriptionIds = @() diff --git a/Scripts/Helpers/Select-PacEnvironment.ps1 b/Scripts/Helpers/Select-PacEnvironment.ps1 index 3e44f2d3..a047714a 100644 --- a/Scripts/Helpers/Select-PacEnvironment.ps1 +++ b/Scripts/Helpers/Select-PacEnvironment.ps1 @@ -79,7 +79,6 @@ function Select-PacEnvironment { [array] $globalNotScopeList = @() if ($globalSettings.globalNotScopes) { $globalNotScopes = $globalSettings.globalNotScopes - $globalNotScopeList = @() if ($globalNotScopes.ContainsKey($pacEnvironmentSelector)) { $globalNotScopeList += $globalNotScopes[$pacEnvironmentSelector] }