Toolkit/Public/Get-RscOrganization.ps1
#Requires -Version 3 function Get-RscOrganization { <# .SYNOPSIS Retrieves Organizations defined in Rubrik Security Cloud .DESCRIPTION Rubrik Security Cloud Organizations are logically separated users, permissions and objects to achieve multi-tenancy. .LINK Schema reference: https://rubrikinc.github.io/rubrik-api-documentation/schema/reference .EXAMPLE # Get all roles Get-RscOrganization .EXAMPLE # Get role with specific name Get-RscOrganization "TenantA" #> [CmdletBinding( DefaultParameterSetName = "Name" )] Param( [Parameter( Mandatory = $false, ParameterSetName = "Id" )] [String]$Id, [Parameter( Position = 0, Mandatory = $false, ParameterSetName = "Name" )] [String]$Name ) Process { # The query is different for getting a single object by ID. if ($Id) { $roleTempQuery = New-RscQuery -GqlQuery getRolesByIds -FieldProfile FULL $query = New-RscQuery -GqlQuery org $query.var.orgId = $Id $query.field.Id = "tacos" $query.field.Name = "FETCH" $query.field.FullName = "FETCH" $query.field.Description = "FETCH" $query.field.AuthDomainConfig = [RubrikSecurityCloud.Types.TenantAuthDomainConfig]::ALLOW_AUTH_DOMAIN_CONTROL $query.field.ShouldEnforceMfaForAll = $true $query.field.IsEnvoyRequired = $true $query.field.AllowedClusters = "FETCH" $query.field.TenantNetworkHealth = [RubrikSecurityCloud.Types.TenantNetworkHealth]::TENANT_NETWORK_HEALTH_UNSPECIFIED $query.field.HasOwnIdpConfigured = $true $query.field.IsServiceAccountDisabled = $true $query.field.OrgAdminRole = $roleTempQuery.field[0] $query.field.Users = New-Object -TypeName RubrikSecurityCloud.Types.ExistingUser $query.field.Users[0].id = "FETCH" $query.field.Users[0].isOrgAdmin = $true $query.field.Users[0].user = New-Object -TypeName RubrikSecurityCloud.Types.User $query.field.Users[0].user.email = "FETCH" $query.field.Users[0].user.id = "FETCH" $query.field.Permissions = $roleTempQuery.field[0].Permissions[0] $query.field.SelfServicePermissions = New-Object -TypeName RubrikSecurityCloud.Types.SelfServicePermission $query.field.SsoGroups = New-Object -TypeName RubrikSecurityCloud.Types.SsoGroup $query.field.PhysicalStorageUsed = 1 $query.field.AllUrls = "FETCH" # "ClusterWithCapacityQuota" does not exist in the SDK # $query.Nodes[0].AllClusterCapacityQuotas = New-Object -TypeName RubrikSecurityCloud.Types.ClusterWithCapacityQuota $query.field.CrossAccountCapabilities = [RubrikSecurityCloud.Types.CrossAccountCapability]::CROSS_ACCOUNT_CAPABILITY_UNSPECIFIED $result = Invoke-Rsc -Query $query $result } else { $query = New-RscQuery -GqlQuery orgs if ($Name) { $query.var.nameFilter = $Name } # I'm using these to populate all fields instead of doing them individually. $roleTempQuery = New-RscQuery -GqlQuery getRolesByIds -FieldProfile FULL $query.field.Nodes[0].Id = "tacos" $query.field.Nodes[0].Name = "FETCH" $query.field.Nodes[0].FullName = "FETCH" $query.field.Nodes[0].Description = "FETCH" $query.field.Nodes[0].AuthDomainConfig = [RubrikSecurityCloud.Types.TenantAuthDomainConfig]::ALLOW_AUTH_DOMAIN_CONTROL $query.field.Nodes[0].ShouldEnforceMfaForAll = $true $query.field.Nodes[0].IsEnvoyRequired = $true $query.field.Nodes[0].AllowedClusters = "FETCH" $query.field.Nodes[0].TenantNetworkHealth = [RubrikSecurityCloud.Types.TenantNetworkHealth]::TENANT_NETWORK_HEALTH_UNSPECIFIED $query.field.Nodes[0].HasOwnIdpConfigured = $true $query.field.Nodes[0].IsServiceAccountDisabled = $true $query.field.Nodes[0].OrgAdminRole = $roleTempQuery.field[0] $query.field.Nodes[0].Users = New-Object -TypeName RubrikSecurityCloud.Types.ExistingUser $query.field.Nodes[0].Users[0].id = "FETCH" $query.field.Nodes[0].Users[0].isOrgAdmin = $true $query.field.Nodes[0].Users[0].user = New-Object -TypeName RubrikSecurityCloud.Types.User $query.field.Nodes[0].Users[0].user.email = "FETCH" $query.field.Nodes[0].Users[0].user.id = "FETCH" $query.field.Nodes[0].Permissions = $roleTempQuery.field[0].Permissions[0] $query.field.Nodes[0].SelfServicePermissions = New-Object -TypeName RubrikSecurityCloud.Types.SelfServicePermission $query.field.Nodes[0].SsoGroups = New-Object -TypeName RubrikSecurityCloud.Types.SsoGroup $query.field.Nodes[0].PhysicalStorageUsed = 1 $query.field.Nodes[0].AllUrls = "FETCH" # "ClusterWithCapacityQuota" does not exist in the SDK # $query.Nodes[0].AllClusterCapacityQuotas = New-Object -TypeName RubrikSecurityCloud.Types.ClusterWithCapacityQuota $query.field.Nodes[0].CrossAccountCapabilities = [RubrikSecurityCloud.Types.CrossAccountCapability]::CROSS_ACCOUNT_CAPABILITY_UNSPECIFIED $result = Invoke-Rsc -Query $query $result.nodes } } } |