What is PIM for Groups?
PIM for Groups is part of the Azure Active Directory Privileged Identity Management. With PIM for Groups users can activate membership or ownership of an Azure AD security group or Microsoft 365 group. These groups can be used to assign access to for example Azure AD roles or Azure roles.
When using Azure PIM with PIM for Groups, you’re following the Microsoft best practices of ‘least privileged’ strategy.