From 8ff1fe91c3d46d2d0d703586fac644cf21fdb196 Mon Sep 17 00:00:00 2001
From: Jurjen Ladenius <jurjen.ladenius@effectory.com>
Date: Thu, 18 Apr 2024 09:02:42 +0200
Subject: [PATCH] Subscription pim settings #99024

---
 Powershell/Tools/AzurePIM - role settings.ps1 | 38 +++++++++----------
 1 file changed, 19 insertions(+), 19 deletions(-)

diff --git a/Powershell/Tools/AzurePIM - role settings.ps1 b/Powershell/Tools/AzurePIM - role settings.ps1
index 13d9d81..3668119 100644
--- a/Powershell/Tools/AzurePIM - role settings.ps1	
+++ b/Powershell/Tools/AzurePIM - role settings.ps1	
@@ -66,29 +66,29 @@ foreach ($managementGroup in $managementGroups)
         UpdatePolicy -scope $scope -roleManagementPolicyName $assignmentName -patchValue $patchValue                                                
     }
 
-    # $subscriptions = Get-AzManagementGroupSubscription -Group $managementGroup.Name | Where-Object State -eq "Active"
+    $subscriptions = Get-AzManagementGroupSubscription -Group $managementGroup.Name | Where-Object State -eq "Active"
 
-    # foreach ($subscription in $subscriptions) 
-    # {
-    #     Write-Host "    --------------------------------------------------------------------"
+    foreach ($subscription in $subscriptions) 
+    {
+        Write-Host "    --------------------------------------------------------------------"
         
-    #     $scope = $subscription.Id.Substring($subscription.Parent.Length, $subscription.Id.Length - $subscription.Parent.Length)
-    #     $subscriptionId = $scope.Replace("/subscriptions/", "")
-    #     Write-Host "    Subscription [$($subscription.DisplayName) - $subscriptionId]"
-    #     Write-Host "    --------------------------------------------------------------------"
+        $scope = $subscription.Id.Substring($subscription.Parent.Length, $subscription.Id.Length - $subscription.Parent.Length)
+        $subscriptionId = $scope.Replace("/subscriptions/", "")
+        Write-Host "    Subscription [$($subscription.DisplayName) - $subscriptionId]"
+        Write-Host "    --------------------------------------------------------------------"
 
-    #     $assignments = GetAllPolicies -scope $scope | Where-Object { 
-    #                                                                     $prop = $_.properties
-    #                                                                     if ($prop.LastModifiedDateTime) { return $_ } 
-    #                                                                 }
+        $assignments = GetAllPolicies -scope $scope | Where-Object { 
+                                                                        $prop = $_.properties
+                                                                        if ($prop.LastModifiedDateTime) { return $_ } 
+                                                                    }
 
-    #     foreach ($assignment in $assignments) 
-    #     {
-    #         $assignmentName = $assignment.name
-    #         Write-Host "        Updating assignment [$($assignment.id)]"
-    #         UpdatePolicy -scope $scope -roleManagementPolicyName $assignmentName -patchValue $patchValue                                                
-    #     }
-    # }
+        foreach ($assignment in $assignments) 
+        {
+            $assignmentName = $assignment.name
+            Write-Host "        Updating assignment [$($assignment.id)]"
+            UpdatePolicy -scope $scope -roleManagementPolicyName $assignmentName -patchValue $patchValue                                                
+        }
+    }
 }
  Write-Host "=========================================================================================="
  Write-Host "Done."