3,269 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(281.6, 17%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGM%3C/text%3E%3C/svg%3E)
Hi There,
Please see the steps below via Powershell and through the Azure Portal.
- Create a Cloud-Only Group in Azure AD (Microsoft Entra ID):
- Use the
New-AzureADGroupcommand in PowerShell to create a new group. The syntax is as follows:
This command creates a new security group named “App Admins”.New-AzureADGroup -DisplayName "App Admins" -MailEnabled $false -MailNickName "appadmins" -SecurityEnabled $true - Use the
- Manually Add Members to the Group:
- Use the
Add-AzureADGroupMembercommand in PowerShell to add members to the group. The syntax is as follows:
ReplaceAdd-AzureADGroupMember -ObjectId <GroupObjectID> -RefObjectId <UserObjectID><GroupObjectID>with the Object ID of the “App Admins” group and<UserObjectID>with the Object ID of the user you want to add to the group. Repeat this step for each user you want to add. - Use the
- Assign Azure AD Role to the Group:
- Sign in to the Azure portal.
- In the Search box at the top, search for the scope you want to grant access to (e.g., Subscriptions, Resource groups, or a specific resource).
- Click Access Control (IAM).
- Click Add > Add role assignment.
- On the Role tab, select the “Application Administrator” and “Cloud Application Administrator” roles.
- On the Members tab, select Group, then click Select Members.
- Find and select the “App Admins” group, then click Next and Assign.
Please note that you must have the necessary permissions to perform these actions.
If you find this response helpful and it resolves your issue, please consider marking it as “Accepted” or giving it an upvote. This will help others in the community find the solution more easily.