Does Get-AzureADMSPrivilegedRoleDefinition -ProviderId AzureResources still work?

Ken Eyler 0 Reputation points Microsoft Employee
2024-08-21T16:52:14.81+00:00

We are trying to elevate an Azure Resource subscription under Entra Privileged Identity Management (PIM).

https://github.com/Azure/azure-docs-powershell-azuread/blob/main/azureadps-2.0-preview/AzureAD/Get-AzureADMSPrivilegedRoleDefinition.md
The command in example 1 should work to retrieve the list of resources. We get the forbidden error

(example)
Get-AzureADMSPrivilegedRoleDefinition -ProviderId AzureResources -ResourceId e5e7d29d-5465-45ac-885f-4716a5ee74b5 -Id ff67e02b-d77b-4588-9f32-e02b7da6539b

This command works fine when using the -ProviderId aadRoles option.

Of course, the next step would be to elevate/activate the subscription, but we have not been able to get that fart to test that step. ;)

Does this command still work for listing Azure Resources (like subscriptions)
What is the correct commands to run in powershell to elevate/activate an Azure resource subscription?
Can this be done without using graph api?

Thanks

Ken

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
11,812 questions
PowerShell
PowerShell
A family of Microsoft task automation and configuration management frameworks consisting of a command-line shell and associated scripting language.
2,449 questions
0 comments No comments
{count} votes

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.