Move all Intune built-in roles to Azure AD roles / custom roles
Add support to manage Intune built-in roles with Azure AD Custom RBAC roles and provide support for Azure PIM. Better governance of role and access across the Microsoft 365 platform is a much needed thing. Azure AD have tried to centralize the governance of roles and access assignment, but the different product groups keeps adding custom roles within their products for what ever reason.
Consider reaching out to Stuart and Vince to the Azure AD product group to hear about what they are doing in regards to custom roles in Azure AD:
Oliver Kieselbach commented
My magic wish would be to align Intune and AAD RBAC. I don't want to have AAD RBAC and Intune RBAC, there should be only one RBAC system to rule them all. To give up PIM when I use Itnune RBAC is not the way to go. Everything should be available with PIM even the Intune roles. please merge both systems somehow...
I agree, this would be very nice to have, especially with Help desk needing Intune access. JIT access would be great to have for us!
Thomas Bech Aagaard commented
This makes perfect sense, go go go ! :-)