Get Privilege Role with their Eligible and Permanent Members List using Powershell
Please add Azure PIM command, which can provide all roles & their members list (should show Eligible & Permanent attribute too) ?
Get-PrivilegedRoleAssignment shows role details for logged in user only.
Ben Hatton commented
FYI there is an export function in the portal that does exactly this, can be run at the subscription level and select to include all child resources. Doesn't work at Management Group though.
This is getting error please help as early as possible Get-PrivilegedRoleAssignment
Andy Ball commented
just hit this , real world scenario where i have been asked to audit the current PIM configuration , including only Azure Resources have been PIMmed and what settings are (require MFA etc)
Preview Powershell funcs here , but help is sketchy and having issues . Has been in Preview for about 7 months , any eta on release
Joshua Bines commented
Adding Eligible Members would also help automation for our admin acount creation.
Looks like the graph api is in beta. Some powershell CMDlet's would also be helpful.
Yes. We are using PIM for all contribute and owner roles in Azure Resource Manager. Currently any auditing of role eligibility needs to be done manually, which is a nightmare.
Shane Foley commented
How are you supposed to report on PIM?