Azure service bus role assignment time based

Pankaj Joshi 286 Reputation points
2023-03-06T16:14:36.3933333+00:00

I have created a service bus namespace with one queue in it. I have disabled "local authentication" from overview due to security reason. Now I want to use service bus explorer from azure portal to view messages in queue/dlq using azure active directory authentication. So I want to assigned particular AD user "service bus data owner access" for limited time only e.g for 2 hours only. Could you please share azure cli command to achieve that?

Azure Service Bus
Azure Service Bus
An Azure service that provides cloud messaging as a service and hybrid integration.
542 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,294 questions
0 comments No comments
{count} votes

Accepted answer
  1. 2023-03-07T18:57:55.28+00:00

    Hello, az cli does not support assigning an Azure RBAC role for a limited time. You can however:

    1. Use a script. Follows a simple sample using PowerShell:
       az role assignment create # extra params
       sleep -Seconds (60*60*2) # secs * mins * hours
       az role assignment delete # extra params
    
    1. Use Privileged Identity Management. For licensing requirements take a look to Prerequisites. For how to, take a look to the steps detailed in Prepare PIM for Azure roles.

    Let us know if you need additional assistance. If the answer was helpful, please accept it so that others can find a solution.


0 additional answers

Sort by: Most helpful