Configures Azure AD PIM via Microsoft Graph API to manage eligible role assignments, just-in-time activation, access reviews, and zero-trust policies. Audits activations and over-privileged accounts using Python.
npx claudepluginhub killvxk/cybersecurity-skills-zhThis skill uses the workspace's default tool permissions.
Azure AD 特权身份管理(PIM)通过将永久角色分配转换为需要激活的符合条件分配,来强制执行即时特权访问。本技能使用 Microsoft Graph API 枚举活跃和符合条件的角色分配、创建资格计划请求、配置角色管理策略(MFA 要求、审批工作流、最大激活时长)、审计 PIM 激活日志,以及识别应转换为符合条件分配的过度授权永久分配。
Configures Microsoft Entra Privileged Identity Management (PIM) for just-in-time role activation, approval workflows, and access reviews of Azure AD privileged roles. Useful for zero-trust identity governance setups.
Configures Microsoft Entra Privileged Identity Management (PIM) for just-in-time role activation, approval workflows, and access reviews for Azure AD privileged roles.
Configures Microsoft Entra PIM for just-in-time role activation, approval workflows, and access reviews of Azure AD privileged roles.
Share bugs, ideas, or general feedback.
Azure AD 特权身份管理(PIM)通过将永久角色分配转换为需要激活的符合条件分配,来强制执行即时特权访问。本技能使用 Microsoft Graph API 枚举活跃和符合条件的角色分配、创建资格计划请求、配置角色管理策略(MFA 要求、审批工作流、最大激活时长)、审计 PIM 激活日志,以及识别应转换为符合条件分配的过度授权永久分配。
msal、requestsRoleManagement.ReadWrite.Directory、RoleEligibilitySchedule.ReadWrite.Directory 权限的 Azure AD 应用注册包含永久与符合条件分配数量、过度授权账户、策略合规状态和最近激活历史的 JSON 审计报告。