What are the requirement for doing access reviews, audit and auditing on admin accounts via PIM in Azure AD? How I can do this?

Vinod Survase 3,851 Reputation points
2023-08-28T14:15:00.9433333+00:00

What are the requirement for doing access reviews, audit and auditing on admin accounts via PIM in Azure AD? How I can do this?

Azure Active Directory
Azure Active Directory
An Azure enterprise identity service that provides single sign-on and multi-factor authentication.
16,653 questions
0 comments
Accepted answer
  1. Michael Durkan 11,601 Reputation points MVP
    2023-08-28T16:14:09.6033333+00:00

    Hi

    To create access reviews for Azure resources, you must be assigned to the Owner or the User Access Administrator role for the Azure resources. To create access reviews for Azure AD roles, you must be assigned to the Global Administrator or the Privileged Role Administrator role.

    https://learn.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-create-roles-and-resource-roles-review#prerequisites

    Hope this helps,

    Thanks

    Michael Durkan

    • If the reply was helpful please upvote and/or accept as answer as this helps others in the community with similar questions. Thanks!
    1 person found this answer helpful.

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Dillon Silzer 46,036 Reputation points
    2023-08-28T16:27:02.5633333+00:00

    Hi Vinod,

    Just to add to Michael's answer, you should also understand the licensing requirements:

    Features by license (for Entra)

    https://learn.microsoft.com/en-us/azure/active-directory/governance/licensing-fundamentals

    Search the tab in the link above for PIM requirements.