This blog post will describe how to assign Azure Groups to Azure AD roles.
Two weeks ago Microsoft released the option to assign groups to Azure AD roles in public preview. In this blog post, I’ll show you how to do it. Let’s go!
Step 1: Create an Azure AD Group and enable the assign Azure AD role option.
Go to https://portal.azure.com and sign in with a Global Administrator. Then go to Azure Active Directory => Groups => + New group.
We will create a group SG_SU_TeamsAdmins and assign the Teams Service Administrator role to it. Be sure to set the Azure Ad roles can be assigned to the group (Preview) to Yes. Then click on Create.
Accept the message by clicking on Yes. Take note that this setting cannot be changed later.
Step 2: Assign the Azure Ad role
The next step is to assign the Teams Service Administrator role to the newly created group by clicking on + Add assignments.
Now choose the Teams Service Administrator role in the Directory Roles list and click on Add.
We’ve now added the Teams Service Administrator to the group SG_SU_TeamsAdmins. Now let add some members to the group!
Step 3: Add members to the group
The last step is to add a member to the new group. We will add John Doe to the SG_SU_TeamsAdmins to make him a Teams Service Administrator.
Now let’s verify that John Doe got the AD role assigned. Take note that this can take several minutes.
We’ve now got a Azure AD role assigned to a specific group. Makes our life as an administrator a little bit easier, doesn’t it?
You can find a full overview on all the Azure Ad role on the link here.
Hope you found this post informative. If you have any remarks or questions, feel free to leave a reply or give me a shout on social media.
More related blog posts: