Managing Access in Azure Using Privileged Identity Management

Lab Steps

lock
Setting Up A Microsoft 365 Developer Account
lock
Assigning an Azure AD Role to a User
lock
Activating a Role Using Privileged Identity Management

Ready for the real environment experience?

DifficultyBeginner
Time Limit1h 15m
Students94
Ratings
4/5
starstarstarstarstar-border

Description

Azure AD Privileged Identity Management (PIM) lets admins manage and monitor the access in Azure, either to Azure AD roles or Azure resources. PIM gives just-in-time access to Azure AD roles and Azure resources that is also time-bound and approval based, which helps to mitigate risks of malicious actors gaining privileged access to Azure items and potentially causing harm to the organization. This also helps to mitigate the risk of excessive and unnecessary access permissions to resources. 

In this lab, you will assign a privileged role to a user and activate that role using PIM.

Note:

  • Due to this lab requiring the creation of a Microsoft 365 organization with an Admin Center, if you don't already have one you will need to provide a mobile phone number to pass the account creation process.
  • This lab requires signing in with a test user account. You may have to deal with additional security prompts by Azure AD. In which case, you may wish to skip these requests or disable the underlying feature for learning purposes. Cloud Academy does not endorse or recommend disabling any security measure in a production environment.

Learning Objectives

Upon completion of this lab, you will be able to:

  • Assign an eligible Azure AD role to a user
  • Activate the user's eligible role

Intended Audience

  • Candidates who are studying for the SC-900 (Security, Compliance, and Identity Fundamentals) Certification Exam

Prerequisites

  • Familiarity with Azure AD
  • An understanding of identity management concepts
Environment before
PREVIEW
arrow_forward
Environment after
PREVIEW
About the Author
Students2264
Labs38
Learning paths1

Adil is a Microsoft Certified Trainer, former Azure Engineer, and loves all things Azure. He is a certified Azure Administrator and Azure DevOps Expert and has worked for some of the biggest MSPs in the world (Cognizant, New Signature, CoreAzure). He loves to combine his two passions: cloud and teaching.

Adil specializes in Azure Infrastructure services and has a curiosity for new, in-preview services from Azure, getting his hands familiar with the content before most of the world does. Outside of work, Adil helps run a growing community of IT professionals looking to break into the cloud and regularly runs workshops and webinars.