Skip to content

Commit

Permalink
Added retry capability for pulling PIM resources (#900)
Browse files Browse the repository at this point in the history
* Added retry capability

* Update

---------

Co-authored-by: Jesper Fajers <jesper@fajers.se>
  • Loading branch information
borondy and Jefajers authored Dec 12, 2024
1 parent c47f29e commit 5035c74
Show file tree
Hide file tree
Showing 2 changed files with 20 additions and 2 deletions.
21 changes: 19 additions & 2 deletions src/internal/functions/Get-AzOpsRoleEligibilityScheduleRequest.ps1
Original file line number Diff line number Diff line change
Expand Up @@ -26,12 +26,29 @@

# Process RoleEligibilitySchedule which is used to construct AzOpsRoleEligibilityScheduleRequest
Write-AzOpsMessage -LogLevel Debug -LogString 'Get-AzOpsRoleEligibilityScheduleRequest.Processing' -LogStringValues $ScopeObject.Scope -Target $ScopeObject
$roleEligibilitySchedules = Get-AzRoleEligibilitySchedule -Scope $ScopeObject.Scope -WarningAction SilentlyContinue | Where-Object {$_.Scope -eq $ScopeObject.Scope}
try {
$parameters = @{
Scope = $ScopeObject.Scope
}
$roleEligibilitySchedules = Invoke-AzOpsScriptBlock -ArgumentList $parameters -ScriptBlock {
Get-AzRoleEligibilitySchedule @parameters -WarningAction SilentlyContinue -ErrorAction Stop | Where-Object { $_.Scope -eq $parameters.Scope }
} -RetryCount 3 -RetryWait 5 -RetryType Exponential -ErrorAction Stop
}
catch {
Write-AzOpsMessage -LogLevel Warning -LogString 'Get-AzOpsRoleEligibilityScheduleRequest.Processing.Failed' -LogStringValues $_
return
}
if ($roleEligibilitySchedules) {
foreach ($roleEligibilitySchedule in $roleEligibilitySchedules) {
# Process roleEligibilitySchedule together with RoleEligibilityScheduleRequest
$parameters = @{
Scope = $ScopeObject.Scope
Name = $roleEligibilitySchedule.Name
}
$roleEligibilityScheduleRequest = $null
$roleEligibilityScheduleRequest = Get-AzRoleEligibilityScheduleRequest -Scope $ScopeObject.Scope -Name $roleEligibilitySchedule.Name -ErrorAction SilentlyContinue
$roleEligibilityScheduleRequest = Invoke-AzOpsScriptBlock -ArgumentList $parameters -ScriptBlock {
Get-AzRoleEligibilityScheduleRequest @parameters -ErrorAction SilentlyContinue
} -RetryCount 3 -RetryWait 5 -RetryType Exponential -ErrorAction SilentlyContinue
if ($roleEligibilityScheduleRequest) {
Write-AzOpsMessage -LogLevel Debug -LogString 'Get-AzOpsRoleEligibilityScheduleRequest.Assignment' -LogStringValues $roleEligibilitySchedule.Name -Target $ScopeObject
# Construct AzOpsRoleEligibilityScheduleRequest by combining information from roleEligibilitySchedule and roleEligibilityScheduleRequest
Expand Down
1 change: 1 addition & 0 deletions src/localized/en-us/Strings.psd1
Original file line number Diff line number Diff line change
Expand Up @@ -132,6 +132,7 @@
'Get-AzOpsRoleDefinition.Definition' = 'Processing object {0}' # $roleDefinition.id

'Get-AzOpsRoleEligibilityScheduleRequest.Processing' = 'Retrieving Privileged Identity Management RoleEligibilitySchedule at [{0}]' # $ScopeObject.Scope
'Get-AzOpsRoleEligibilityScheduleRequest.Processing.Failed' = 'Failed retrieving Privileged Identity Management RoleEligibilitySchedule [{0}]' # $_
'Get-AzOpsRoleEligibilityScheduleRequest.Processing.NotFound' = 'No RoleEligibilityScheduleRequest found at [{0}] for RoleEligibilitySchedule [{1}], creating template based on RoleEligibilitySchedule' # $ScopeObject.Scope, $roleEligibilitySchedule.Name
'Get-AzOpsRoleEligibilityScheduleRequest.Assignment' = 'Found Privileged Identity Management RoleEligibilityScheduleRequest assignment [{0}]' # $roleEligibilitySchedule.Name

Expand Down

0 comments on commit 5035c74

Please sign in to comment.