Skip to content

Microsoft Azure Microsoft Azure: AD - Groups

Summary

This module contains actions for viewing and managing Azure AD Groups.

Actions

azure.ad.groups.

add_member

Add a member to a group.

Minimum Plugin Version: 2.0.0

Input

  • azure_client: an AzureClient dictionary

  • group_object_id: the object ID of the group

  • member_object_id: the object ID of the new member

Output

Nothing is outputted by this action.

Example
1
2
3
4
5
- azure.ad.groups.add_member:
  load:
    group_object_id: group.object_id
    member_object_id: user.object_id
    azure_client: azure_secrets

azure.ad.groups.

create_security_group

Create a new security group.

Minimum Plugin Version: 2.0.0

Input

  • azure_client: an AzureClient dictionary

  • display_name: a display name for the group

  • mail_nickname: a mail alias for the group

  • additional_properties: a dictionary containing any other attributes to set (see here for more information)

Output

A single Group dictionary.

Example
1
2
3
4
5
6
- azure.ad.groups.create_security_group:
    display_name: Help Desk
    mail_nickname: help.desk
  load:
    azure_client: azure_secrets
  save: new_group

azure.ad.groups.

delete_by_id

Delete the group with the supplied object ID.

Minimum Plugin Version: 2.0.0

Input

  • azure_client: an AzureClient dictionary

  • object_id: the group's object ID

Delete Permissions

Deleting an object requires your API application in Azure to be assigned the Global Administrators role.

Output

Nothing is outputted by this action.

Example
1
2
3
4
- azure.ad.groups.delete_by_id:
  load:
    object_id: group.object_id
    azure_client: azure_secrets

azure.ad.groups.

delete_by_name

Delete the group with the supplied display name.

Minimum Plugin Version: 2.0.0

Input

  • azure_client: an AzureClient dictionary

  • name: the name of the group to delete

Delete Permissions

Deleting an object requires your API application in Azure to be assigned the Global Administrators role.

Output

Nothing is outputted by this action.

Example
1
2
3
4
- azure.ad.groups.delete_by_name:
  load:
    name: group.display_name
    azure_client: azure_secrets

azure.ad.groups.

get_all

Get all groups.

Minimum Plugin Version: 1.0.0

Input
Output

A list of Group dictionaries.

Example
1
2
3
4
- azure.ad.groups.get_all:
  load:
    azure_client: azure_secrets
  save: all_groups

azure.ad.groups.

get_by_name

Get the group with the supplied display name.

Minimum Plugin Version: 1.0.0

Input

  • azure_client: an AzureClient dictionary

  • name: the group display name

Output

A single Group dictionary.

Example
1
2
3
4
5
- azure.ad.groups.get_by_name:
    name: ppa
  load:
    azure_client: azure_secrets
  save: ppa_group

azure.ad.groups.

get_groups

Get all groups that are a member of the supplied group.

Minimum Plugin Version: 2.0.0

Input

  • azure_client: an AzureClient dictionary

  • object_id: the group object ID

Output

A list of Group dictionaries.

Example
1
2
3
4
5
- azure.ad.groups.get_groups:
  load:
    object_id: group.object_id
    azure_client: azure_secrets
  save: group_list

azure.ad.groups.

get_members

Get all members of the supplied group.

Minimum Plugin Version: 2.0.0

Input

  • azure_client: an AzureClient dictionary

  • object_id: the group object ID

Output

A list of User or Group dictionaries.

Example
1
2
3
4
5
- azure.ad.groups.get_members:
  load:
    object_id: group.object_id
    azure_client: azure_secrets
  save: member_list

azure.ad.groups.

get_users

Get all users who are a member of the supplied group.

Minimum Plugin Version: 2.0.0

Input

  • azure_client: an AzureClient dictionary

  • object_id: the group object ID

Output

A list of User dictionaries.

Example
1
2
3
4
5
- azure.ad.groups.get_users:
  load:
    object_id: group.object_id
    azure_client: azure_secrets
  save: user_list

azure.ad.groups.

has_member

Determine whether the supplied member is in the supplied group.

Minimum Plugin Version: 2.0.0

Input

  • azure_client: an AzureClient dictionary

  • group_object_id: the group object ID

  • member_object_id: the member object ID to check

Output

A boolean is outputted by this action:

  • true if the supplied member is in the group

  • false if the supplied member is not in the group

Example
1
2
3
4
5
- azure.ad.groups.has_member:
  load:
    group_object_id: group.object_id
    member_object_id: member.object_id
  save: is_member

azure.ad.groups.

input_table

Display groups in a table, & allow the task operator to make a selection.

The table will have the following columns:

  • Display Name
  • Description
  • Mail Enabled
  • Security Enabled

Minimum Plugin Version: 2.0.0

Input

  • text: the title of the table

  • groups: a single or list of Group dictionaries to display in the table

  • minimum: the minimum number of acceptable selections

  • maximum: the maximum number of acceptable selections

Output

A list of Group dictionaries.

Tip
  • If neither a minimum or maximum is provided, the task operator will be able to submit 0 selections.
  • If minimum or maximum are provided, the operation will repeat until the task operator makes a valid number of selections.
Example
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
- active_directory.groups.get_all:
  load:
    azure_client: azure_client
  save: all_groups

- active_directory.groups.input_table:
    text: Please select up to 3 groups
    minimum: 1
    maximum: 3
  load:
    groups: all_groups
  save: selected_groups

azure.ad.groups.

output_table

Display a list of groups in a table. The table will have the following columns:

The table will have the following columns:

  • Display Name
  • Description
  • Mail Enabled
  • Security Enabled

Minimum Plugin Version: 2.0.0

Input

  • text: the title of the table

  • group_list: a list of Group dictionaries to display in the table

Output

Nothing is outputted by this action.

Example
  • Show a list of groups in a table
1
2
3
4
- azure.ad.groups.output_table:
    text: All groups for user: Jon Smith
  load:
    group_list: user_groups

azure.ad.groups.

remove_member

Remove a member from a group.

Minimum Plugin Version: 2.0.0

Input

  • azure_client: an AzureClient dictionary

  • group_object_id: the object ID of the group

  • member_object_id: the object ID of the member to remove

Output

Nothing is outputted by this action.

Example
1
2
3
4
5
- azure.ad.groups.remove_member:
  load:
    group_object_id: group.object_id
    member_object_id: user.object_id
    azure_client: azure_secrets