Giter Club home page Giter Club logo

az-pim-cli-bak's Introduction

Azure PIM CLI

Azure Privileged Identity Management Command Line Interface

az-pim-cli eases the process of listing and activating Azure PIM roles by allowing activation via the command line. Authentication is handled with the azure.identity library by utilizing the AzureCLICredential method.

Install

Install with go install

$ go install github.com/netr0m/az-pim-cli@latest

Clone and build yourself

# Clone the git repo
$ git clone https://github.com/netr0m/az-pim-cli.git

# Navigate into the repo directory and build
$ cd az-pim-cli
$ go build

# Move the az-pim-cli binary into your path
$ mv ./az-pim-cli /usr/local/bin

Configuration

In addition to supporting environment variables and command line arguments, the script also supports certain config parameters stored in a file. By default, the script will try to look for a YAML config file at $HOME/.az-pim-cli.yaml, but you may also override the config file to use by supplying the --config flag.

Prerequisites

This tool depends on az-cli for authentication. Please ensure that you've authenticated with your Azure tenant by running the command az login. A new browser window will open, asking you to authenticate. This should only be necessary to do once.

YAML config file

# $HOME/.az-pim-cli.yaml
tenantId: 1234-abcd-5678-efgh-90ij

Environment variables

Environment variables are prefixed with 'PIM_'

export PIM_TENANTID="1234-abcd-5678-efgh-90ij"

Usage

$ az-pim-cli --help
az-pim-cli is a utility that allows the user to list and activate eligible role assignments
        from Azure Active Directory Privileged Identity Management (PIM) directly from the command line

Usage:
  az-pim-cli [command]

Available Commands:
  activate    Brief
  completion  Generate the autocompletion script for the specified shell
  help        Help about any command
  list        Brief

Flags:
  -c, --config string      config file (default is $HOME/.az-pim-cli.yaml)
  -h, --help               help for az-pim-cli
  -t, --tenant-id string   The tenant ID of your Azure tenant

Use "az-pim-cli [command] --help" for more information about a command.

List eligible role assignments

$ az-pim-cli list --help
Query Azure PIM for eligible role assignments

Usage:
  az-pim-cli list [flags]

Aliases:
  list, l, ls

Flags:
  -h, --help   help for list

Global Flags:
  -c, --config string      config file (default is $HOME/.az-pim-cli.yaml)
  -t, --tenant-id string   The tenant ID of your Azure tenant

Activate a role

$ az-pim-cli activate --help
Sends a request to Azure PIM to activate the given role

Usage:
  az-pim-cli activate [flags]

Aliases:
  activate, a, ac, act

Flags:
  -d, --duration int                 Duration in minutes that the role should be activated for (default 480)
  -h, --help                         help for activate
  -r, --role-name string             Specify the role to activate, if multiple roles are found for a subscription (e.g. 'Owner' and 'Contributor')
  -s, --subscription-name string     The name of the subscription to activate
  -p, --subscription-prefix string   The name prefix of the subscription to activate (e.g. 'S399'). Alternative to 'subscription-name'.

Global Flags:
  -c, --config string      config file (default is $HOME/.az-pim-cli.yaml)
  -t, --tenant-id string   The tenant ID of your Azure tenant

Examples

# List eligible role assignments
$ az-pim-cli list
Opening in existing browser session.
== S398-XXX ==
         - Owner
         - Contributor
== S250-XXX ==
         - Contributor

# Activate the first matching role in a subscription with the prefix 's398'
$ az-pim-cli activate --subscription-prefix s398 --duration 60
Opening in existing browser session.
2023/06/30 14:27:04 Activating role 'Owner' in subscription 'S398-XXX'
2023/06/30 14:27:11 The role 'Owner' in 'S398-XXX' is now Active
2023/06/30 14:27:11     The role expires at 2023-06-30T13:27:08.6926537Z

# Activate a specific role ('Owner') in a subscription with the prefix 's398'
$ az-pim-cli activate -p s398 --role-name owner

az-pim-cli-bak's People

Contributors

netr0m avatar j-sokol avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.