What are the requirement for doing access reviews, audit and auditing on admin accounts via PIM in Azure AD? How I can do this?

Vinod Survase 4,756 Reputation points
2023-08-28T14:15:00.9433333+00:00

What are the requirement for doing access reviews, audit and auditing on admin accounts via PIM in Azure AD? How I can do this?

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
22,526 questions
0 comments No comments
{count} votes

Accepted answer
  1. Michael Durkan 12,216 Reputation points MVP
    2023-08-28T16:14:09.6033333+00:00

    Hi

    To create access reviews for Azure resources, you must be assigned to the Owner or the User Access Administrator role for the Azure resources. To create access reviews for Azure AD roles, you must be assigned to the Global Administrator or the Privileged Role Administrator role.

    https://learn.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-create-roles-and-resource-roles-review#prerequisites

    Hope this helps,

    Thanks

    Michael Durkan

    • If the reply was helpful please upvote and/or accept as answer as this helps others in the community with similar questions. Thanks!
    1 person found this answer helpful.

1 additional answer

Sort by: Most helpful
  1. Dillon Silzer 57,471 Reputation points
    2023-08-28T16:27:02.5633333+00:00

    Hi Vinod,

    Just to add to Michael's answer, you should also understand the licensing requirements:

    Features by license (for Entra)

    https://learn.microsoft.com/en-us/azure/active-directory/governance/licensing-fundamentals

    Search the tab in the link above for PIM requirements.


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.