Is there a powershell module that enables me to make PIM eligibility assignments? Or a way to assign PIM eligibility to a group (that I can then manage through powershell)? For all of Microsoft's talk of DevOps and Infrastructure as Code and powershell automation, there's a disappointing lack of any of these features/abilities for core infrastructure in and related to Azure/AAD (PIM, Conditional Access, AAD Connect,...……..). How does Microsoft recommend using RBAC to manage access through PIM?
Document Details
⚠Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.
- ID: d5eac37f-77bd-6367-bf29-f4f5ffb75c6f
- Version Independent ID: a9d7f46e-b074-8654-aa09-1568afa2e1d0
- Content: Assign Azure AD roles in PIM - Azure Active Directory
- Content Source: articles/active-directory/privileged-identity-management/pim-how-to-add-role-to-user.md
- Service: active-directory
- Sub-service: pim
- GitHub Login: @curtand
- Microsoft Alias: curtand
Scrapper9
All 2 comments
@Scrapper9, Thank you for sharing the query. We are working on this and will get back to you soon on this thread.
souravmishra-msft
on 25 Feb 2020
I agree, there is a disappointing lack of documentation and integration with native product RBAC assignments and PIM. For example, why can't I integrate Exchange RBAC with PIM to assign someone very granular permissions in Exchange without those permissions being permanently static? Huge investment needed in this area.
scottclarke1
on 13 Mar 2020
Related issues
paulmarshall
·
3Comments
JeffLoo-ong
·
3Comments
behnam89
·
3Comments
Ponant
·
3Comments
bityob
·
3Comments
Most helpful comment
I agree, there is a disappointing lack of documentation and integration with native product RBAC assignments and PIM. For example, why can't I integrate Exchange RBAC with PIM to assign someone very granular permissions in Exchange without those permissions being permanently static? Huge investment needed in this area.