ishenwei/nexus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
fc0dde291fa7c19f90564e88e6a04ed4c26b5ba6
nexus/wiki/concepts/PIM-Privileged-Identity-Management.md
weishen 861ba9d1f6 Auto-sync: 2026-04-19 00:02
2026-04-19 00:02:42 +08:00

31 lines
1.0 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
---
title: PIMPrivileged Identity Management
type: concept
tags: [Azure, Security, Access-Control]
date: 2026-04-14
---
## Definition
PIMPrivileged Identity Management特权身份管理是 Azure AD 的一项安全功能,用于管理和监控 Azure 环境中拥有提升权限的用户访问。PIM 通过实时审批流程和角色激活机制,减少长期特权账号带来的安全风险。
## Key Characteristics
- 特权角色的临时激活
- 多因素认证强制要求
- 审批工作流支持
- 详细审计日志记录
- 访问权限到期自动撤销
## Use Cases
- 按需激活管理员权限
- 实施最小权限原则
- 合规审计和报告
- 紧急访问场景管理
## Related Concepts
- [[Azure Active Directory]]Azure 身份识别服务
- [[Zero Trust Architecture]]:零信任架构
- [[Azure Landing Zone]]:使用 PIM 实施访问管理
## Connections
- [[PIMPrivileged Identity Management]] ← manages ← [[Azure Active Directory]]
- [[Azure Landing Zone]] ← uses ← [[PIMPrivileged Identity Management]]
Reference in New Issue View Git Blame Copy Permalink