AZ-104 Azure Identity - Creating and Managing Groups

Describing groups
Practical Use
Creating a group
Managing group membership

Azure Management groups: Create a hierarchy of Azure management groups tailored to your organization to efficiently manage your subscriptions and resources.

Owners and Members: An owner of the group or a member of the group.
Type of group: A security group or a Microsoft 365 group.
Membership Type: Assigned, dynamic user or dynamic device.

To create a new group we can navigate to Entra ID then groups then add group

We have different membership types

Assigned: Manually or in bulk add users
Dynamic user: Add variables per fields such as department for example to add all users from X department
Dynamic Device: This apply to specific hardware devices.

We need to click on Add Dynamic Query to add our rules for dynamic users in this case.

Here we added a Rule Syntax to add all members of Company-name X to our group, there are multiple properties and operators we can use.

Now we need to add users then validate and see if they belong to group HR

we can also search by user-type for all Guest for example and apply a group for all Guests.

Group Types

Security: Security groups are used to manage access o shared resources for a group of users.
Microsoft 365: These groups are used to give members access to shared mailbox, calendar, files, etc.
Assigned: Users are specifically selected to be members of a group.
Dynamic user: Membership rules are created that automate group membership via user attributes.
Dynamic Device: Membership rules are created that automate group membership via devices attributes.

Azure Entra ID Mindmap

Azure Youtube Videos

AZ-104 - Administration - Azure Resource Manager

AZ-104 - Administration - Azure Portal and Cloud Shell Basics

AZ-104 - Administration - Azure CLI and Powershell

AZ-104 - Administration - Azure ARM Templates

AZ-104 - Governance and Compliance - Managing Subscriptions

AZ-104 - Governance and Compliance - Using management groups

AZ-104 - Governance and Compliance - Understanding Azure Policy

AZ-104 - Governance and Compliance - Tagging Resources

AZ-104 - Governance and Compliance - LAB Add Remove Tags

AZ-104 - Governance and Compliance - Locking and Moving Resources

AZ-104 - Governance and Compliance - Managing Azure Costs

AZ-104 - Governance and Compliance - Building a cloud governance strategy wth Azure tooling

AZ-104 Azure Identity - Conceptualizing Entra ID (Azure Active Directory)

AZ-104 Azure Identity - Managing Tenants

AZ-104 Azure Identity - Creating and Managing Users

AZ-104 Azure Identity - LAB Create and Manage Microsoft Entra ID Users in the Portal

AZ-104 Azure Identity - LAB Perform Bulk Microsof Entra ID Operations in the Portal

AZ-104 Azure Identity - Creating and Managing Groups

AZ-104 Azure Identity - Creating Administrative Units

AZ-104 Azure Identity - Configuring SSPR (self serfice password reset)

AZ-104 Azure Identity - Azure Entra ID Device Management

AZ-104 Azure RBAC - Understanding Roles in Azure

AZ-104 Azure RBAC - Assigning access to resources

AZ-104 Azure RBAC - LAB Using service Principal Identity to List AD Roles

AZ-104 Azure RBAC - Creating custom roles

AZ-104 Azure - Storage Accounts

AZ-104 Azure - Conceptualizing Azure Blog Storage

AZ-104 Azure - Configuring blob object replication

AZ-104 Azure - Configuring Blob Lifecycle Management

AZ-104 Azure Identity - Creating and Managing Groups

No Comments