Audit Azure AD Privileged Identity Management Role Settings
Azure AD Privileged Identity Management (PIM) is a feature of Azure AD that helps you manage, control, and monitor access to important resources in your organization. With PIM, you can enable just-in-time access for users, set up approval workflows for access requests, and monitor active access to ensure that it is being used by your organization's policies. This can help you reduce the risk of security breaches and ensure that your critical resources are only accessed by authorized users.
A few days ago, I published a script that lists all the Azure AD roles and from there, you can see that we have a lot of built-in Azure AD roles.
If you have completed all the Azure AD Privileged Identity Management roles configuration, it would be beneficial to verify if the settings align with your organization's policies and if anything has been missed. I have created a PowerShell script that can generate a CSV file. This includes Role ID, Role Name, Permanent Assignment status, Maximum Grant Period in Minutes, MFA Required status, Approval status, and the users who can approve access requests. This script can help you ensure that your settings are properly configured and help you identify any potential gaps.
PS! This script is still based on the AzureADPreview PowerShell Module.
This script reads all the Azure AD roles from my GitHub account and then uses the Get-AzureADMSPrivilegedRoleSetting cmdlet to get role settings. You can always combine Microsoft Graph and AzureADPreview modules together too.
Are you looking for expert help with implementing Azure AD Privileged Identity Management and ensuring the security of your Azure AD environment? I can assist with conducting security assessments and implementing Azure AD Privileged Identity Management to help protect your critical resources and reduce the risk of security breaches. Contact me to learn more and get started.
You might also like...
Import and Export Configuration Manager Baselines using PowerShell
1 min read
Microsoft ADCS Event Logs
2 min read
Scheduled Tasks and PowerShell Actions
4 min read
How can I list all Azure Arc Connected Nodes Service Principals?