Use JiT role activation with PIM#
Use just-in-time (JiT) activation of roles instead of persistent role assignment.
PIM helps manage the impact of identity compromise or misuse of permissions by reducing persistent access. With PIM, eligible identities can activate time-bound role assignments on an as needed basis (just-in-time). Activation typically occurs before a schedule change or management operation.
PIM is an Azure Active Directory (AD) feature included in Azure AD Premium P2.
Consider using Privileged Identity Management (PIM) to activate privileged roles on an as needed basis.
- What is Azure AD Privileged Identity Management?
- Discover Azure resources to manage in Privileged Identity Management
- Configure Azure resource role settings in Privileged Identity Management
- Lower exposure of privileged accounts
- No standing access / Just in Time privileges
- Use Azure AD Privileged Identity Management