Functions/Get-AHAllPolicyExemptions.ps1

<#
    .DESCRIPTION
        This function gets all policy exemptions for all management groups, subscriptions, resource groups, and individual resources.
    .EXAMPLE
        Get-AHAllPolicyExemptions
        Gets all policy exemptions for all management groups, subscriptions, resource groups, and individual resources.
    .EXAMPLE
        $Exemptions = Get-AHAllPolicyExemptions
        Gets all policy exemptions
    .EXAMPLE
        $Exemptions = Get-AHAllPolicyExemptions | Where{$_.Properties.PolicyDefinitionReferenceIds.Count -eq 0}
        Gets all policy exemptions then returns the ones that are applied to all policies, not just a subset of the policies within the .
    .EXAMPLE
        $Exemptions = Get-AHAllPolicyExemptions | Where{$_.Properties.ExpiresOn -lt [datetime]::Now}
        Gets all policy exemptions then returns the ones that have expired.
    .EXAMPLE
        $Exemptions = Get-AHAllPolicyExemptions | Where{$_.Properties.ExpiresOn -gt ([datetime]::Now).AddDays(365) -or '' -eq $_.Properties.ExpiresOn}
        Gets all policy exemptions then returns the ones that will expire over 1 year from now or have no expiration date.
    .EXAMPLE
        $Exemptions = Get-AHAllPolicyExemptions
        $Exemptions.Properties | select displayName, description | export-csv -Path C:\temp\Exemptions.csv -NoTypeInformation
        Gets the displayName and Description for all policy exemptions then exports them to a CSV file. I used this to audit the policy exemptions to make sure all entries were reasonable.
#>

function Get-AHAllPolicyExemptions {
    [CmdletBinding()]
    param ( 
        <# #Maybe I'll add in switches to make it easier later, until then there are examples
        [switch]
        $AppliedToAllPolicies,
        [switch]
        $ExcludeExpired,
        [switch]
        $IncludeExpired,
        [switch]
        $something
#>

    )
    Begin {
        $exemptions = @()
    }
    Process {
        $managementGroups = Get-AzManagementGroup #| ForEach-Object { Get-AzManagementGroup -Expand -Recurse -GroupName $_.Name }
        #Get management group exemptions
        ForEach ($managementGroup in $managementGroups) {
            $exemptions += Get-AzPolicyExemption -Scope $managementGroup.Id
        }
        #Get subscription exemptions
        $exemptionScriptBlock = {
            Get-AzPolicyExemption -IncludeDescendent
        }
        $exemptions += Invoke-AzureCommand -ScriptBlock $exemptionScriptBlock -AllSubscriptions
    }
    End {
        $exemptions
    }
}