Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add privileged service principals table to AAD report #1467

Open
wants to merge 10 commits into
base: main
Choose a base branch
from
Prev Previous commit
Next Next commit
updated by removing excessive hashtable
  • Loading branch information
dagarwal-mitre committed Dec 16, 2024
commit 67f3a45f630e3124341908f27a83fa854d83f70a
22 changes: 5 additions & 17 deletions PowerShell/ScubaGear/Modules/Providers/ExportAADProvider.psm1
Original file line number Diff line number Diff line change
@@ -123,27 +123,15 @@ function Export-AADProvider {
$PrivilegedUsers = @{}
$PrivilegedServicePrincipals = @{}

# Initialize an empty hashtable
$hashtable = @{}

# Iterate over each object in the array
foreach ($item in $PrivilegedObjects) {
foreach ($key in $item.Keys) {
$hashtable[$key] = $item[$key]
}
}

# Output the hashtable to verify
$hashtable | Format-Table -AutoSize

foreach ($key in $hashtable.Keys) {
#PrivilegedObjects is an array because of the tracker.trycommand, and so the first index is the hashtable
foreach ($key in $PrivilegedObjects[0].Keys) {
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Are we certain that $PrivilegedObjects will always contain at least one entry? Otherwise accessing the 0th index may throw an error if an entry does not exist.

Either way, I also think it would help to see some error handling to check if $PrivilegedObjects[0].Keys is not null prior to entering the loop.


# Check if it has ServicePrincipalId property instead of AppId
if ($null -ne $hashtable[$key].ServicePrincipalId) {
$PrivilegedServicePrincipals[$key] = $hashtable[$key]
if ($null -ne $PrivilegedObjects[0][$key].ServicePrincipalId) {
$PrivilegedServicePrincipals[$key] = $PrivilegedObjects[0][$key]
}
else {
$PrivilegedUsers[$key] = $hashtable[$key]
$PrivilegedUsers[$key] = $PrivilegedObjects[0][$key]
}
}