I need the powershell command to active the PIM eligible assignment

Rajesh Padigae 0 Reputation points
2024-06-11T15:04:38.1066667+00:00

Hello Microsoft.

My Requirement is i have Multiple PIM Role Eligible Assignments in Azure.

I am not using MFA for activate, just using the Justification so every day I need to active the multiple roles which is taking time to activate all the role.

Is there a way to using Powershell Script which i can execute once it will enable all the roles?

PowerShell
PowerShell
A family of Microsoft task automation and configuration management frameworks consisting of a command-line shell and associated scripting language.
2,287 questions
Microsoft Entra Private Access
Microsoft Entra Private Access
Microsoft Entra Private Access provides secure and deep identity-aware, Zero Trust network access to all private apps and resources.
57 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. Vasil Michev 99,936 Reputation points MVP
    2024-06-11T17:03:43.49+00:00

    Yes, you can use the New-MgRoleManagementDirectoryRoleAssignmentScheduleRequest cmdlet for that, or the underlying call to the /roleManagement/directory/roleAssignmentScheduleRequests Graph API endpoint. For your scenario, the selfActivate action should do.

    Yoi can find additional details in the documentation: https://learn.microsoft.com/en-us/graph/api/rbacapplication-post-roleassignmentschedulerequests?view=graph-rest-1.0&tabs=powershell

    0 comments No comments

  2. Rajesh Padigae 0 Reputation points
    2024-06-12T08:18:18.8933333+00:00

    @Vasil Michev , this is for the MFA configuartion at the time of actiavting the role, we dont have MFA we just give the business justfication for this.

    Moreover I am looking for Multiple role, i have almost 11 different role which i enable daily.

    I need one script which will enable all the 11 role at one go.

    0 comments No comments