rbac fixes

.gitignore

@@ -0,0 +1 @@
+Powershell/Tools/temp.ps1

Powershell/Lists/Azure/AzurePIM.ps1

@@ -30,7 +30,8 @@ function GetEligibleAssignments {
         [string] $scope
     )
 
-    $access_token = (Get-AzAccessToken -TenantId "e9792fd7-4044-47e7-a40d-3fba46f1cd09").Token
+    $securetoken = (Get-AzAccessToken -TenantId "e9792fd7-4044-47e7-a40d-3fba46f1cd09" -AsSecureString).Token
+    $access_token= ConvertFrom-SecureString -SecureString $securetoken -AsPlainText
 
     $url = "https://management.azure.com/$scope/providers/Microsoft.Authorization/roleEligibilityScheduleInstances?api-version=2020-10-01&`$filter=atScope()"
     

Powershell/Lists/Azure/AzureRBAC.ps1

@@ -158,15 +158,15 @@ foreach ($managementGroup in $managementGroups)
             $Result | Export-Csv -Path $fileName -Append -NoTypeInformation
         }
         
-        $allResources = Get-AzResource 
+        $allResources = Get-AzResource #-ResourceType Microsoft.Storage/storageAccounts/blobServices
 
         foreach ($resource in $allResources) {
 
             [ResourceCheck[]]$Result = @()
 
             try {
-                $roleAssignments = Get-AzRoleAssignment -Scope $resource.ResourceId | Where-Object Scope -eq $resource.ResourceId
+                $roleAssignments = Get-AzRoleAssignment -Scope $resource.ResourceId | Where-Object Scope -like "$($resource.ResourceId)*"
-
+                
                 foreach($roleAssignment in $roleAssignments) {
                     [ResourceCheck] $resourceCheck = [ResourceCheck]::new()
                     $resourceCheck.ResourceId = $resource.ResourceId