This document describes the process of elevating your permissions using PIM (Privileged Identity Management) in Azure to administer resources in the test and production subscriptions.
- Launch the Azure portal.
- Ensure that you are using the "DfE Platform Identity" directory, this is shown under your username at the top right of the GUI. To change directory click on your username at the top right, click on "Switch directory" and then select "DfE Platform Identity".
- In the search bar at the top of the portal type in "PIM" and select "Azure AD Privileged Identity Management" from the search results.
- In the new blade that opens select "My roles" from the tasks section of the menu bar on the left.
- Under the "Activate" section of the menu select "Azure Resources".
- Chose the subscription you want to elevate your rights on and click "Activate". This will launch a new panel where you can specify duration and reason which must be completed before you can click Activate.
- In the test subscriptions, this is a self-authorisation process and you can use your elevated rights immediately. For the production subscription, a request will be sent to the approving users, ask in the #twd_apply_tech slack channel for someone to approve your request for elevated rights.