Late comeback but some interesting infos...
There is a preview feature on Azure which permit to grant RBAC-based roles with PIM: "Privileged Access groups".
It can be used to put users in custom AAD groups, which you can bind to Azure resources.
Consider that the AAD group attribute "Azure AD Roles can be assigned to the group" must be set to "YES" when you create the group.
More infos here : https://learn.microsoft.com/en-us/azure/active-directory/privileged-identity-management/groups-features
Thanks for the help.