GoPIM

Golang CLI Azure PIM Utilities
Explore the docs »

View Demo · Report Bug · Request Feature

Table of Contents

1. About The Project
   • Built With
2. Getting Started
   • Prerequisites
   • Installation
3. Usage
4. Building
5. Roadmap
6. Contributing
7. License
8. Contact
9. Acknowledgments

About The Project

This started out as a project to help teach myself the Go programming language and ended up being a somewhat useful utility. The main purpose of the tool is to help speed up your day-to-day admin workflow. Manually clicking PIM activation links in the Azure portal is time consuming and frustrating. This tool allows you to concurrently submit multiple activations and monitor the progress along the way.

Currently the tool only supports activating Azure Subscription access roles. More types of target resources and activations coming soon.

(back to top)

Built With

• 

(back to top)

Getting Started

Currently supported on Linux, OSX and Windows.

Prerequisites

• Go (optional for running/building from source)

Installation

From the release builds, simply download the appropriate binary for your platform.

• OSX
• Linux
• Win32
• Win64

You can run as is or rename for your platform so the name isn't so long.

Windows

move gopim-windows-amd64.exe pim.exe

Linux

mv gopim-linux-amd64 pim && chmod 755 pim

OSX

mv gopim-darwin-amd64 pim && chmod 755 pim

You can also just run directly from a clone of this repo if you have golang installed.

(back to top)

Usage

Usage of pim:
  -debug
        Debug mode
  -dryrun
        Dry run mode, do not activate PIM
  -nocache
        Do not use cached authentication record
  -subs string
        Comma separated subscription names for PIM activation (required)
  -tenant string
        Azure Tenant ID
  -v    short alias for -version
  -version
        print version information and exit

Config

pim will read config from either the current directory or from the following directories depending on your platform:

• Linux: $HOME/.config/gopim
• Windows: %AppData%\gopim
• OSX: $HOME/Library/Application Support/gopim

Note: You need to specify your Azure Tenant ID either in the pim.toml config file or as an argument.

Use the pim.toml.example file as a template. Make sure to double-quote values as certain strings may be parsed incorrectly without them.

tenant = "681648d6-6955-45b6-a2d2-5fcfd92aedf4"

Using Go to run

To run, simply use go run , just provide a list of subscriptions to activate using PIM.

go run . -subs 'Learning Subscription,Other Subscription'

Using pre-built binaries

Linux

Run from the local directory

./pim -subs 'Learning Subscription,Other Subscription'

Or copy the executable to a location in your path such as /usr/local/bin and reference pim from anywhere

sudo cp pim /usr/local/bin/ && sudo chmod 775 /usr/local/bin/pim

Now run without specifying path...

pim -subs 'Learning Subscription,Other Subscription'

OSX

Pim runs on OSX very similarly to Linux. However, due to Apple app signing restrictions, you'll likely get an error like this when running for the first time:

"gopim-darwin-amd64" cannot be opened because the developer cannot be verified.
macOS cannot verify that this app is free from malware

Since I'm too cheap to fork out $99/yr for an Apple developer license, there's an extra step you'll need to do here.

xattr -d com.apple.quarantine pim

You can now run normally:

./pim -subs 'Learning Subscription,Other Subscription'

Windows

pim.exe -subs 'Learning Subscription,Other Subscription'

Sample output

If successful, you should see some output like the following:

10:28AM INF Already logged in to Azure. Skipping login step.
10:28AM INF Successfully retrieved roleEligibilityScheduleInstances
10:28AM INF Role found id=/subscriptions/00000000-0000-0000-0000-000000000000 subscription="Learning Subscription"
10:28AM INF Found roleEligibilityScheduleInstance subscription="Learning Subscription"
10:28AM INF Activating PIM displayName="Learning Subscription"
10:28AM INF Successfully activated PIM

(back to top)

Building

Go has a lovely cross compilation toolchain and is very easy to use. To build binaries for Windows (32/64bit), Linux (64bit) and OSX (64bit), use the build.sh script. If there is a need, I can create a Windows compatible build script as well.

Simply provide the project url as the build script arg:

./build.sh github.com/sanelson/gopim

If you want to just build for your current platform without the build script, run:

go build -o pim

(back to top)

Roadmap

• Support PIM Group activations
• Remove dependency on az cli
• Set up automated github builds
• Support Windows & OSX
  • Support Windows
  • Support and test OSX
• Create TUI for interactive use
• Create winget compatible installer
• Create Linux install script

See the open issues for a full list of proposed features (and known issues).

(back to top)

Contributing

Contributions are what make the open source community such an amazing place to learn, inspire, and create. Any contributions you make are greatly appreciated.

If you have a suggestion that would make this better, please fork the repo and create a pull request. You can also simply open an issue with the tag "enhancement". Don't forget to give the project a star! Thanks again!

1. Fork the Project
2. Create your Feature Branch (git checkout -b feature/AmazingFeature)
3. Commit your Changes (git commit -m 'Add some AmazingFeature')
4. Push to the Branch (git push origin feature/AmazingFeature)
5. Open a Pull Request

(back to top)

Top contributors:

License

Distributed under the MIT license. See LICENSE.txt for more information.

(back to top)

Contact

Sam Nelson - [email protected] Project Link: https://github.com/sanelson/gopim

(back to top)

Acknowledgments

• This awesome README template from Othneil Drew

(back to top)