This script retrieves and exports information about managed identities (both system-assigned and user-assigned) across all subscriptions in an Azure tenant. The output is saved as a CSV file.
- Collects user-assigned managed identities and their associated resources.
- Identifies system-assigned managed identities and their associated resource types.
- Supports multi-subscription scanning within the tenant.
- Outputs the data to a CSV file.
-
Install the required Python packages:
pip install -r requirements.txt
-
Ensure the Azure CLI is installed and logged in:
az login
-
Assign the necessary Azure permissions for the authenticated user:
- At the least, the
Readerrole is required on all of the subscriptions.
- At the least, the
-
Clone the repository:
git clone https://github.com/astrix-security/MI-Inventory.git cd MI-Inventory -
Run the script:
python mi-inventory.py
-
The script will output a CSV file named
managed_identities.csvcontaining the following columns:Name: The name of the managed identity.Managed Identity Type: EitherUser AssignedorSystem Assigned.Subscription: The subscription name.System Assigned Managed Identity Resource Type: The resource type of the system-assigned identity.User Managed Identity Associated Resource Count: Number of resources associated with the user-assigned identity.User Assigned Managed Identity Associated Resources: List of associated resources.
This project is licensed under the GPL 3 License - see the LICENSE file for details.