When PIM is configured to managed an existing resource, will it affected the existing access control configured in this resource (Subscription) when it is onboarded to PIM?
Asked
Active
Viewed 215 times
2 Answers
0
yes and no. It will grant itself permissions to manage rights for other users, but it wont modify\alter rights for other users until you instruct it to do so.

4c74356b41
- 69,186
- 6
- 100
- 141
0
Azure Active Directory (Azure AD) Privileged Identity Management (PIM) is a service that enables you to control access to resources. The PIM will allow you to give access to grant itself permissions to manage rights.
It will just add a temporary RBAC to the resource, and it will be decommissioned after the time slot (maximum of 8 hrs).
You can read more about it here in MS doc

sɐunıɔןɐqɐp
- 3,332
- 15
- 36
- 40

displayuser
- 85
- 1
- 12