Azure PIM Configuration

Attribute	Details
enablePIM	Select the Enable Privileged Identity Management checkbox to define the scope of the Azure Active Directory PIM roles (Azure Active Directory as well as Azure).
eligibleRoleExpiresAfter	Specifies the default duration for which Azure and Azure Active Directory eligible roles must be assigned to user. The values must be in the ISO_8601 duration format. For example, if eligible role needs to be assigned for 180 Days, use <entry key="eligibleRoleExpiresAfter" value="P180D" />
activeRoleExpiresAfter	Specifies the default duration for which Azure and Azure Active Directory Active roles must be assigned to user. The values must be in the ISO_8601 format. For example, if eligible role must be assigned for 10 Hours, use <entry key="activeRoleExpiresAfter" value="PT10H" />

enablePIM

Select the Enable Privileged Identity Management checkbox to define the scope of the Azure Active Directory PIM roles (Azure Active Directory as well as Azure).

eligibleRoleExpiresAfter

Specifies the default duration for which Azure and Azure Active Directory eligible roles must be assigned to user. The values must be in the ISO_8601 duration format.

For example, if eligible role needs to be assigned for 180 Days, use <entry key="eligibleRoleExpiresAfter" value="P180D" />

activeRoleExpiresAfter

Specifies the default duration for which Azure and Azure Active Directory Active roles must be assigned to user. The values must be in the ISO_8601 format.

For example, if eligible role must be assigned for 10 Hours, use <entry key="activeRoleExpiresAfter" value="PT10H" />


	You are here: