internal/functions/Out-PolicyExemptions.ps1
|
function Out-PolicyExemptions { [CmdletBinding()] param ( $Exemptions, $PacEnvironment, $PolicyExemptionsFolder, [switch] $OutputJson, [switch] $OutputCsv, [string] $FileExtension = "json", [switch] $ActiveExemptionsOnly ) $pacSelector = $PacEnvironment.pacSelector $outputPath = "$PolicyExemptionsFolder/$pacSelector" if (-not (Test-Path $outputPath)) { $null = New-Item $outputPath -Force -ItemType directory } $policyDefinitionReferenceIdsTransform = @{ label = "policyDefinitionReferenceIds" expression = { if ($_.policyDefinitionReferenceIds) { ($_.policyDefinitionReferenceIds -join ",").ToString() } else { '' } } } $metadataTransform = @{ label = "metadata" expression = { if ($_.metadata) { $temp = (ConvertTo-Json $_.metadata -Depth 100 -Compress).ToString() if ($temp -eq "{}") { '' } else { $temp } } else { '' } } } $resourceSelectorsTransform = @{ label = "resourceSelectors" expression = { if ($_.resourceSelectors) { (ConvertTo-Json $_.resourceSelectors -Depth 100 -Compress).ToString() } else { '' } } } $expiresInDaysTransform = @{ label = "expiresInDays" expression = { if ($_.expiresInDays -eq [Int32]::MaxValue) { 'n/a' } else { $_.expiresInDays } } } $assignmentScopeValidationTransform = @{ label = "assignmentScopeValidation" expression = { if ($_.assignmentScopeValidation) { $_.assignmentScopeValidation } else { '' } } } Write-Information "" $selectedExemptions = $Exemptions.Values $numberOfExemptions = $selectedExemptions.Count if ($ActiveExemptionsOnly) { $stem = "$outputPath/active-exemptions" Write-Information "===================================================================================================" Write-Information "Output $numberOfExemptions active (not expired or orphaned) Exemptions for epac environment '$pacSelector'" Write-Information "===================================================================================================" if ($OutputJson) { $selectedArray = $selectedExemptions | Where-Object status -eq "active" | Select-Object -Property name, ` displayName, ` description, ` exemptionCategory, ` expiresOn, ` scope, ` policyAssignmentId, ` policyDefinitionReferenceIds, ` resourceSelectors, ` metadata, ` assignmentScopeValidation $jsonArray = @() if ($selectedArray -and $selectedArray.Count -gt 0) { $jsonArray += $selectedArray } $jsonFile = "$stem.$FileExtension" if (Test-Path $jsonFile) { Remove-Item $jsonFile } $outputJsonObj = @{ exemptions = $jsonArray } ConvertTo-Json $outputJsonObj -Depth 100 | Out-File $jsonFile -Force } if ($OutputCsv) { $selectedArray = $selectedExemptions | Where-Object status -eq "active" | Select-Object -Property name, ` displayName, ` description, ` exemptionCategory, ` expiresOn, ` scope, ` policyAssignmentId, ` $policyDefinitionReferenceIdsTransform, ` $resourceSelectorsTransform, ` $metadataTransform, ` $assignmentScopeValidationTransform $excelArray = @() if ($null -ne $selectedArray -and $selectedArray.Count -gt 0) { $excelArray += $selectedArray } $csvFile = "$stem.csv" if (Test-Path $csvFile) { Remove-Item $csvFile } if ($excelArray.Count -gt 0) { $excelArray | ConvertTo-Csv -UseQuotes AsNeeded | Out-File $csvFile -Force } else { $columnHeaders = "name,displayName,description,exemptionCategory,expiresOn,scope,policyAssignmentId,policyDefinitionReferenceIds,metadata,assignmentScopeValidation" $columnHeaders | Out-File $csvFile -Force } } } else { $stem = "$outputPath/all-exemptions" Write-Information "===================================================================================================" Write-Information "Output $numberOfExemptions Exemptions (all) for epac environment '$pacSelector'" Write-Information "===================================================================================================" if ($OutputJson) { $selectedArray = $selectedExemptions | Select-Object -Property name, ` displayName, ` description, ` exemptionCategory, ` expiresOn, ` status, ` $expiresInDaysTransform, ` scope, ` policyAssignmentId, ` policyDefinitionReferenceIds, ` resourceSelectors, ` metadata, ` assignmentScopeValidation $jsonArray = @() if ($selectedArray -and $selectedArray.Count -gt 0) { $jsonArray += $selectedArray } $jsonFile = "$stem.$FileExtension" if (Test-Path $jsonFile) { Remove-Item $jsonFile } $outputJsonObj = @{ exemptions = $jsonArray } ConvertTo-Json $outputJsonObj -Depth 100 | Out-File $jsonFile -Force } if ($OutputCsv) { $selectedArray = $selectedExemptions | Select-Object -Property name, ` displayName, ` description, ` exemptionCategory, ` expiresOn, ` status, ` $expiresInDaysTransform, ` scope, ` policyAssignmentId, ` $policyDefinitionReferenceIdsTransform, ` $resourceSelectorsTransform, ` $metadataTransform, ` $assignmentScopeValidationTransform $excelArray = @() if ($null -ne $selectedArray -and $selectedArray.Count -gt 0) { $excelArray += $selectedArray } $csvFile = "$stem.csv" if (Test-Path $csvFile) { Remove-Item $csvFile } if ($excelArray.Count -gt 0) { $excelArray | ConvertTo-Csv -UseQuotes AsNeeded | Out-File $csvFile -Force } else { $columnHeaders = "name,displayName,description,exemptionCategory,expiresOn,status,expiresInDays,scope,policyAssignmentId,policyDefinitionReferenceIds,metadata,assignmentScopeValidation" $columnHeaders | Out-File $csvFile -Force } } } } |