Hey everyone! I'm working on a PowerShell script and I need some help. I'm able to list permanent roles in my Azure subscription, but I'm struggling to find a way to list the Eligible time-bound roles, also known as PIM roles. Any suggestions on how I can achieve this?
3 Answers
You can check out the Microsoft documentation for PIM APIs; specifically, the `Get-MgRoleManagementDirectoryRoleEligibilityScheduleRequest` command can help you list all eligible assignments. It's super useful!
Haha, what a function name!
I usually run the `Get-MgRoleManagementDirectoryRoleEligibilitySchedule` command to retrieve available roles. Here's a quick snippet where I set up parameters for activating roles. Don't forget to adjust the parameters as needed for your specific roles!
Thanks for sharing! I’ll give that a try.
If you want a script that can activate multiple roles at once, check out this GitHub link: [Activate-MultipleRoles.ps1](https://github.com/OTvedt/Scripts-For-Sharing/blob/master/Azure/PIM/Entra/Activate-MultipleRoles.ps1). It might have what you need!
At least the function name is short and easy to remember.