This script automates the process of making Privileged Identity Management (PIM) assignments in Azure. It leverages fzf for fuzzy searching subscription names and resource group names for user convenience.
- Fuzzy search for subscription names and resource group names using
fzf - Customizable role assignments with duration and justification messages
- Supports verbose output for detailed operation logs
Ensure the following commands are installed and accessible in your environment:
curlaz(Azure CLI)jqfzf
./pim [OPTIONS]--subscription, -s: Subscription ID or name (fuzzy search enabled)--resource-group, -g: Resource group name (fuzzy search enabled)
--message, -m: Justification message--role, -r: Role name (default: Contributor)--time, -t: Duration (default: 8H). Format: 8H (hours) or 8M (minutes)--help: Show help message
./pim --subscription "My Subscription" --resource-group "MyResourceGroup" --message "Access required for deployment" --role "Contributor" --time "4H" --verboseIf you do not provide --subscription or --resource-group, the script will invoke fzf to let you select from available options.
You can run the script without specifying --subscription or --resource-group, and you will be prompted to select them using fzf.
./pim- Ensure you are logged into Azure CLI:
az login
- Run the script:
./pim --verbose
- Select the subscription and resource group using
fzf. - Provide the required justification message when prompted.
The script performs various checks and provides meaningful error messages for missing dependencies, invalid input formats, and operational errors.
Contributions are welcome! Please fork the repository and create a pull request with your changes.
This project is licensed under the MIT License. See the LICENSE file for details.