在 Privileged Identity Management 中评审对 Azure 资源角色的访问权限Review access to Azure resource roles in Privileged Identity Management

Privileged Identity Management (PIM) 访问评审有助于安全访问 Azure Active Directory (Azure AD) 中的特权角色。Privileged Identity Management (PIM) access reviews can help secure access to privileged roles in Azure Active Directory (Azure AD). 本文介绍了在 Azure AD 访问评审中完成特权角色分配评审的步骤。This article the steps to complete a review your privileged role assignments in an Azure AD access review.

如果已为你分配了管理角色,可能需要由管理员来完成你的访问评审,以确认你是否需要某个角色。If you are assigned to an administrative role, you might be required to complete an access review by your administrator to confirm your need for a role. 可以在包含链接的电子邮件中完成确认请求中的确认,也可以在 Azure 门户中进行确认。The confirmation request can come an email that includes a link, or you can confirm in the Azure portal.

如果是特权角色管理员并且想要了解访问权限审查,请参阅如何开始进行访问权限审查中的详细信息。If you're a privileged role administrator interested in access reviews, get more details at How to start an access review.

批准或拒绝访问权限Approve or deny access

你可以根据自己是否仍使用此角色来批准或拒绝访问。You can approve or deny access based on whether you still use this role or not. 如果想要继续充当此角色,请选择“批准”;如果不再需要此访问权限,请选择“拒绝”。 Choose Approve if you want to stay in the role, or Deny if you don't need the access anymore. 你的状态仅在审阅者应用结果后才会更改。Your status changes only after the reviewer applies the results.

请遵循以下步骤来查找并完成访问权限审查:Follow these steps to find and complete the access review:

  1. 登录到 Azure 门户Sign in to the Azure portal.

  2. 选择“Azure Active Directory”,打开“Privileged Identity Management”。 Select Azure Active Directory and open Privileged Identity Management.

  3. 选择“评审访问权限”。 Select Review access.

    Privileged Identity Management 应用程序屏幕截图,选中了“审阅访问权限”边栏选项卡

  4. 选择想要完成的审查。Select the review you want to complete.

  5. 选择“批准”或“拒绝”。 Choose Approve or Deny. 在“提供原因”框中,必要时输入进行决策的业务理由。 In the Provide a reason box, enter a business justification for your decision if needed.

    “审阅详细信息”页的屏幕截图

后续步骤Next steps