Azure Active Directory Privileged Identity Management (PIM) provides similar functionality to the Microsoft Identity Manager, including Privileged Access Management (PAM) in the on-premises infrastructure.
If you need more information about the on-premises PAM solution, visit https://docs.microsoft.com/en-us/microsoft-identity-manager/pam/privileged-identity-management-for-active-directory-domain-services.
With Azure AD PIM, you can manage, control, and monitor your privileged identities and access to your directory information and resources in an Azure environment. The main reason for using Azure AD PIM is to reduce the attack surface and to enable administrative access just-in-time. Privileged access is often configured as permanent and unmonitored, but with Azure AD PIM you can avoid security breaches and risks...