diff --git a/utilities/tools/Get-RoleAssignmentList.ps1 b/utilities/tools/Get-RoleAssignmentList.ps1
index a4d1da43bc..3f5d7b209b 100644
--- a/utilities/tools/Get-RoleAssignmentList.ps1
+++ b/utilities/tools/Get-RoleAssignmentList.ps1
@@ -1,9 +1,9 @@
 <#
 .SYNOPSIS
-Fetch all available Role Definitions for the given ProviderNamespace
+Fetch relevant Role Definitions for the given ProviderNamespace
 
 .DESCRIPTION
-Fetch all available Role Definitions for the given ProviderNamespace
+Fetch relevant Role Definitions for the given ProviderNamespace by default. Optionally, you can fetch all available roles or include custom roles as well. 'Relevant' roles include the most common roles (e.g., Reader, Owner, etc.), as well as those that tie directly into the targeted resource type (e.g., a `Key Vault Secrets Reader` for a Key Vault).
 Leverges Microsoft Docs's [https://learn.microsoft.com/en-us/powershell/module/az.resources/get-azroledefinition?view=azps-8.3.0] to fetch the data
 
 .PARAMETER ProviderNamespace
@@ -15,6 +15,9 @@ Optional. The ResourceType to fetch the role definitions for
 .PARAMETER IncludeCustomRoles
 Optional. Whether to include custom roles or not
 
+.PARAMETER All
+Optional. Fetch all available roles that can be applied to the given Resource Type. By default it only fetches the relevant roles.
+
 .EXAMPLE
 Get-RoleAssignmentList -ProviderNamespace 'Microsoft.KeyVault' -ResourceType 'vaults'
 
@@ -31,7 +34,10 @@ function Get-RoleAssignmentList {
         [string] $ResourceType,
 
         [Parameter(Mandatory = $false)]
-        [switch] $IncludeCustomRoles
+        [switch] $IncludeCustomRoles,
+
+        [Parameter(Mandatory = $false)]
+        [switch] $All
     )
 
     begin {
@@ -57,54 +63,70 @@ function Get-RoleAssignmentList {
         if ("$ProviderNamespace/$ResourceType" -eq 'Microsoft.Authorization/RoleAssignments') {
             # No filter
             $relevantRoles = $roleDefinitions
-        } else {
+        }
+        else {
             # Filter Action based
-            $relevantRoles += $roleDefinitions | Where-Object {
-                $_.Actions -like "$ProviderNamespace/$ResourceType/*" -or
-                $_.Actions -like "$ProviderNamespace/`**" -or
-                $_.Actions -like '`**'
+            if ($All) {
+                $relevantRoles += $roleDefinitions | Where-Object {
+                    $_.Actions -like "$ProviderNamespace/$ResourceType/*" -or
+                    $_.Actions -like "$ProviderNamespace/`**" -or
+                    $_.Actions -like '`**' -or
+                    $_.DataActions -like "$ProviderNamespace/$ResourceType/*" -or
+                    $_.DataActions -like "$ProviderNamespace/`**" -or
+                    $_.DataActions -like '`**'
+                }
             }
-
-            # Filter Data Action based
-            $relevantRoles += $roleDefinitions | Where-Object {
-                $_.DataActions -like "$ProviderNamespace/$ResourceType/*" -or
-                $_.DataActions -like "$ProviderNamespace/`**" -or
-                $_.DataActions -like '`**'
+            else {
+                $relevantRoles += $roleDefinitions | Where-Object {
+                    $_.Actions -like "$ProviderNamespace/$ResourceType/*" -or
+                    $_.Actions -like "$ProviderNamespace/`**" -or
+                    $_.DataActions -like "$ProviderNamespace/$ResourceType/*" -or
+                    $_.DataActions -like "$ProviderNamespace/`**" -or
+                    # Leave general roles (https://learn.microsoft.com/en-us/azure/role-based-access-control/built-in-roles#general)
+                    $_.Id -eq 'b24988ac-6180-42a0-ab88-20f7382dd24c' -or # Contributor
+                    $_.Id -eq '8e3af657-a8ff-443c-a75c-2fe8c4bcb635' -or # Owner
+                    $_.Id -eq 'acdd72a7-3385-48ef-bd42-f606fba81ae7' -or # Reader
+                    $_.Id -eq 'f58310d9-a9f6-439a-9e8d-f62e7b41a168' -or # Role Based Access Control Administrator
+                    $_.Id -eq '18d7d88d-d35e-4fb5-a5c3-7773c20a72d9' # User Access Administrator
+                }
             }
-        }
 
-        # (Bicep-only) To comply with Bicep Linter Rule prefer-unquoted-property-names, remove quotes from role names not containing spaces
-        $resBicep = [System.Collections.ArrayList]@()
-        $resArm = [System.Collections.ArrayList]@()
-        if ("$ProviderNamespace/$ResourceType" -ne 'Microsoft.Authorization/RoleAssignments') {
-            foreach ($role in $relevantRoles | Sort-Object -Property 'Name' -Unique) {
-                if ($role.Name -match '\s') {
-                    $resBicep += "'{0}': subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '{1}')" -f $role.Name, $role.Id
-                } else {
-                    $resBicep += "{0}: subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '{1}')" -f $role.Name, $role.Id
+            # (Bicep-only) To comply with Bicep Linter Rule prefer-unquoted-property-names, remove quotes from role names not containing spaces
+            $resBicep = [System.Collections.ArrayList]@()
+            $resArm = [System.Collections.ArrayList]@()
+            if ("$ProviderNamespace/$ResourceType" -ne 'Microsoft.Authorization/RoleAssignments') {
+                foreach ($role in $relevantRoles | Sort-Object -Property 'Name' -Unique) {
+                    if ($role.Name -match '\s') {
+                        $resBicep += "'{0}': subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '{1}')" -f $role.Name, $role.Id
+                    }
+                    else {
+                        $resBicep += "{0}: subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '{1}')" -f $role.Name, $role.Id
+                    }
+                    $resArm += "`"{0}`": `"[subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '{1}')]`"," -f $role.Name, $role.Id
                 }
-                $resArm += "`"{0}`": `"[subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '{1}')]`"," -f $role.Name, $role.Id
             }
-        } else {
-            # different output format for the 'Microsoft.Authorization/RoleAssignments' module
-            foreach ($role in $relevantRoles | Sort-Object -Property 'Name' -Unique) {
-                if ($role.Name -match '\s') {
-                    $resBicep += "'{0}': '/providers/Microsoft.Authorization/roleDefinitions/{1}'" -f $role.Name, $role.Id
-                } else {
-                    $resBicep += "{0}: '/providers/Microsoft.Authorization/roleDefinitions/{1}'" -f $role.Name, $role.Id
+            else {
+                # different output format for the 'Microsoft.Authorization/RoleAssignments' module
+                foreach ($role in $relevantRoles | Sort-Object -Property 'Name' -Unique) {
+                    if ($role.Name -match '\s') {
+                        $resBicep += "'{0}': '/providers/Microsoft.Authorization/roleDefinitions/{1}'" -f $role.Name, $role.Id
+                    }
+                    else {
+                        $resBicep += "{0}: '/providers/Microsoft.Authorization/roleDefinitions/{1}'" -f $role.Name, $role.Id
+                    }
+                    $resArm += "`"{0}`": `"/providers/Microsoft.Authorization/roleDefinitions/{1}`"" -f $role.Name, $role.Id
                 }
-                $resArm += "`"{0}`": `"/providers/Microsoft.Authorization/roleDefinitions/{1}`"" -f $role.Name, $role.Id
             }
-        }
 
-        # Return arrays
-        return @{
-            bicepFormat = $resBicep
-            armFormat   = $resArm
+            # Return arrays
+            return @{
+                bicepFormat = $resBicep
+                armFormat   = $resArm
+            }
         }
-    }
 
-    end {
-        Write-Debug ('{0} exited' -f $MyInvocation.MyCommand)
+        end {
+            Write-Debug ('{0} exited' -f $MyInvocation.MyCommand)
+        }
     }
 }