View activity and audit history for Azure resource roles in PIM

With Azure Active Directory (Azure AD) Privileged Identity Management (PIM), you can view activity, activations, and audit history for Azure resources roles within your organization. This includes subscriptions, resource groups, and even virtual machines. Any resource within the Azure portal that leverages the Azure role-based access control (RBAC) functionality can take advantage of the security and lifecycle management capabilities in PIM.

View activity and activations

To see what actions a specific user took in various resources, you can view the Azure resource activity that's associated with a given activation period.

  1. Open Azure AD Privileged Identity Management.

  2. Click Azure resources.

  3. Click the resource you want to view activity and activations for.

  4. Click Roles or Members.

  5. Click a user.

    You see a graphical view of the user's actions in Azure resources by date. It also shows the recent role activations over that same time period.

    User details

  6. Click a specific role activation to see details and corresponding Azure resource activity that occurred while that user was active.

    Select role activation

Export role assignments with children

You may have a compliance requirement where you must provide a complete list of role assignments to auditors. PIM enables you to query role assignments at a specific resource, which includes role assignments for all child resources. Previously, it was difficult for administrators to get a complete list of role assignments for a subscription and they had to export role assignments for each specific resource. Using PIM, you can query for all active and eligible role assignments in a subscription including role assignments for all resource groups and resources.

  1. Open Azure AD Privileged Identity Management.

  2. Click Azure resources.

  3. Click the resource you want to export role assignments for, such as a subscription.

  4. Click Members.

  5. Click Export to open the Export membership pane.

    Export membership pane

  6. Click Export all members to export all role assignments in a CSV file.

    Export CSV file

View resource audit history

Resource audit gives you a view of all role activity for a resource.

  1. Open Azure AD Privileged Identity Management.

  2. Click Azure resources.

  3. Click the resource you want to view audit history for.

  4. Click Resource audit.

  5. Filter the history using a predefined date or custom range.

    Filter resource audit

  6. For Audit type, select Activate (Assigned + Activated).

    Activity detail

  7. Under Action, click (activity) for a user to see that user's activity detail in Azure resources.

    User activity detail

View my audit

My audit enables you to view your personal role activity.

  1. Open Azure AD Privileged Identity Management.

  2. Click Azure resources.

  3. Click the resource you want to view audit history for.

  4. Click My audit.

  5. Filter the history using a predefined date or custom range.

    Personal role activity

Next steps