From a4f17225db076709b3f3eaad653d0807fbffe436 Mon Sep 17 00:00:00 2001
From: Zach Fey <zachary.fey@risk3sixty.com>
Date: Thu, 2 Mar 2023 14:55:23 -0500
Subject: [PATCH] Update azure-mgmt-authorization

---
 ScoutSuite/providers/azure/facade/rbac.py                 | 3 ++-
 .../providers/azure/resources/rbac/role_assignments.py    | 8 ++++----
 requirements.txt                                          | 2 +-
 3 files changed, 7 insertions(+), 6 deletions(-)

diff --git a/ScoutSuite/providers/azure/facade/rbac.py b/ScoutSuite/providers/azure/facade/rbac.py
index 9c43571f9..9102f1a41 100755
--- a/ScoutSuite/providers/azure/facade/rbac.py
+++ b/ScoutSuite/providers/azure/facade/rbac.py
@@ -28,7 +28,8 @@ async def get_roles(self, subscription_id: str):
     async def get_role_assignments(self, subscription_id: str):
         try:
             client = self.get_client(subscription_id)
-            return await run_concurrently(lambda: list(client.role_assignments.list()))
+            scope = f'/subscriptions/{subscription_id}'
+            return await run_concurrently(lambda: list(client.role_assignments.list_for_scope(scope=scope)))
         except Exception as e:
             print_exception(f'Failed to retrieve role assignments: {e}')
             return []
diff --git a/ScoutSuite/providers/azure/resources/rbac/role_assignments.py b/ScoutSuite/providers/azure/resources/rbac/role_assignments.py
index c92a4d650..8be3d5e78 100755
--- a/ScoutSuite/providers/azure/resources/rbac/role_assignments.py
+++ b/ScoutSuite/providers/azure/resources/rbac/role_assignments.py
@@ -17,11 +17,11 @@ def _parse_role_assignment(self, raw_role_assignment):
         role_assignment_dict = {}
         role_assignment_dict['id'] = raw_role_assignment.name
         role_assignment_dict['name'] = raw_role_assignment.name
-        role_assignment_dict['role_definition_id'] = raw_role_assignment.properties.role_definition_id
+        role_assignment_dict['role_definition_id'] = raw_role_assignment.role_definition_id
         role_assignment_dict['type'] = raw_role_assignment.type
-        role_assignment_dict['scope'] = raw_role_assignment.properties.scope
-        role_assignment_dict['principal_id'] = raw_role_assignment.properties.principal_id
-        role_assignment_dict['principal_type'] = "None"
+        role_assignment_dict['scope'] = raw_role_assignment.scope
+        role_assignment_dict['principal_id'] = raw_role_assignment.principal_id
+        role_assignment_dict['principal_type'] = raw_role_assignment.principal_type
         role_assignment_dict['can_delegate'] = "None"
         role_assignment_dict['additional_properties'] = raw_role_assignment.additional_properties
         return role_assignment_dict['id'], role_assignment_dict
diff --git a/requirements.txt b/requirements.txt
index 2a60d8fdd..7f53a4dfc 100755
--- a/requirements.txt
+++ b/requirements.txt
@@ -44,7 +44,7 @@ azure-mgmt-network==17.1.0
 azure-mgmt-redis==12.0.0
 azure-mgmt-web==1.0.0
 azure-mgmt-compute==18.2.0
-azure-mgmt-authorization==1.0.0
+azure-mgmt-authorization==3.0.0
 azure-mgmt-rdbms==8.0.0
 
 msgraph-core==0.2.2