This project demonstrates a governance-driven identity management task in **Microsoft Entra ID:** replacing a Global Administrator (GA) assignment with a more appropriate Privileged Role Administrator (PRA) role. This supports least-privilege design, limits risk exposure, and exercises role reassignment processes in a real-world tenant simulation.
An enterprise-grade Identity Governance utility that automates Entra ID hygiene by auditing stale accounts and generating instant PowerShell remediation scripts. It streamlines security audits, offboarding workflows, and Identity Access Reviews (IAR) to eliminate 'ghost' licenses and mitigate unauthorized access risks.
Toy governance CLI demo: deny-by-default “danger actions” gated by signed, expiring capability leases (global revoke-all + nonce revoke) plus guarded memory quarantine. Simulation-only: no real network/shell/files. Includes tripwire + tests to prevent misuse.
Add a description, image, and links to the least-privilege-governance topic page so that developers can more easily learn about it.
To associate your repository with the least-privilege-governance topic, visit your repo's landing page and select "manage topics."