0

When PIM is configured to managed an existing resource, will it affected the existing access control configured in this resource (Subscription) when it is onboarded to PIM?

lonlee
  • 25
  • 3

2 Answers2

0

yes and no. It will grant itself permissions to manage rights for other users, but it wont modify\alter rights for other users until you instruct it to do so.

4c74356b41
  • 69,186
  • 6
  • 100
  • 141
0

Azure Active Directory (Azure AD) Privileged Identity Management (PIM) is a service that enables you to control access to resources. The PIM will allow you to give access to grant itself permissions to manage rights.

It will just add a temporary RBAC to the resource, and it will be decommissioned after the time slot (maximum of 8 hrs).

You can read more about it here in MS doc

sɐunıɔןɐqɐp
  • 3,332
  • 15
  • 36
  • 40
displayuser
  • 85
  • 1
  • 12