Merge pull request #285938 from rolyon/rolyon-rbac-pim-integration-option-original-behavior

[Azure RBAC] PIM integration options

Author: prmerger-automator[bot]

articles/role-based-access-control/role-assignments-portal.yml

@@ -6,7 +6,7 @@ metadata:
   author: rolyon
   ms.author: rolyon
   manager: amycolannino
-  ms.date: 08/01/2024
+  ms.date: 08/30/2024
   ms.service: role-based-access-control
   ms.topic: how-to
   ms.custom:
@@ -174,6 +174,8 @@ procedureSection:
       > See the [Supplemental Terms of Use for Microsoft Azure Previews](https://azure.microsoft.com/support/legal/preview-supplemental-terms/) for legal terms that apply to Azure features that are in beta, preview, or otherwise not yet released into general availability.
 
       If you have a Microsoft Entra ID P2 or Microsoft Entra ID Governance license, an **Assignment type** tab will appear for management group, subscription, and resource group scopes. Use eligible assignments to provide just-in-time access to a role. This capability is being deployed in stages, so it might not be available yet in your tenant or your interface might look different. For more information, see [Integration with Privileged Identity Management (Preview)](./role-assignments.md#integration-with-privileged-identity-management-preview).
+
+      If you don't want to use the PIM functionality, select the **Active** assignment type and **Permanent** assignment duration options. These settings create a role assignment where the principal always has permissions in the role. 
     steps:
       - |
         On the **Assignment type** tab, select the **Assignment type**.

articles/role-based-access-control/role-assignments.md

@@ -1,11 +1,11 @@
 ---
 title: Understand Azure role assignments - Azure RBAC
 description: Learn about Azure role assignments in Azure role-based access control (Azure RBAC) for fine-grained access management of Azure resources.
-author: johndowns
+author: rolyon
 ms.service: role-based-access-control
 ms.topic: conceptual
-ms.date: 08/01/2024
-ms.author: jodowns
+ms.date: 08/30/2024
+ms.author: rolyon
 ---
 # Understand Azure role assignments
 
@@ -158,6 +158,8 @@ If you have a Microsoft Entra ID P2 or Microsoft Entra ID Governance license, [M
 
 The assignment type options available to you might vary depending or your PIM policy. For example, PIM policy defines whether permanent assignments can be created, maximum duration for time-bound assignments, roles activations requirements (approval, multifactor authentication, or Conditional Access authentication context), and other settings. For more information, see [Configure Azure resource role settings in Privileged Identity Management](/entra/id-governance/privileged-identity-management/pim-resource-roles-configure-role-settings).
 
+If you don't want to use the PIM functionality, select the **Active** assignment type and **Permanent** assignment duration options. These settings create a role assignment where the principal always has permissions in the role. 
+
 :::image type="content" source="./media/shared/assignment-type-eligible.png" alt-text="Screenshot of Add role assignment with Assignment type options displayed." lightbox="./media/shared/assignment-type-eligible.png":::
 
 To better understand PIM, you should review the following terms.