az devops security group
Note
This reference is part of the azure-devops extension for the Azure CLI (version 2.30.0 or higher). The extension will automatically install the first time you run an az devops security group command. Learn more about extensions.
Manage security groups.
Commands
| az devops security group create |
Create a new Azure DevOps group. |
| az devops security group delete |
Delete an Azure DevOps group. |
| az devops security group list |
List all the groups in a project or organization. |
| az devops security group membership |
Manage memberships for security groups. |
| az devops security group membership add |
Add membership. |
| az devops security group membership list |
List memberships for a group or user. |
| az devops security group membership remove |
Remove membership. |
| az devops security group show |
Show group details. |
| az devops security group update |
Update name AND/OR description for an Azure DevOps group. |
az devops security group create
Create a new Azure DevOps group.
az devops security group create [--description]
[--detect {false, true}]
[--email-id]
[--groups]
[--name]
[--org]
[--origin-id]
[--project]
[--scope {organization, project}]Examples
Create an Azure DevOps Group with name and description
az devops security group create --name 'Some group name'
--description 'Something to describe this group'Add an existing AAD group to an Azure DevOps group
Get object ID of an existing AAD group
az ad group show -g '{Group Name}'
az devops security group create --origin-id '{Object ID}' --groups 'vssgp.someDescriptorForGroup'Add an existing AAD group to an Azure DevOps group with AAD group Email ID
az devops security group create --email-id '{Email ID of AAD group}'
--groups 'vssgp.someDescriptorForGroup'Create a new Azure DevOps group and add it to existing Azure DevOps groups.
az devops security group create --name 'Some group name'
--groups 'vssgp.someDescriptorForGroupOne,vssgp.someDescriptorForGroupTwo'Optional Parameters
Description of Azure DevOps group.
Automatically detect organization.
Create new group using the mail address as a reference to an existing group from an external AD or AAD backed provider. Required if name or origin-id is missing.
A comma separated list of descriptors referencing groups you want the newly created group to join.
Name of Azure DevOps group.
Azure DevOps organization URL. You can configure the default organization using az devops configure -d organization=ORG_URL. Required if not configured as default or picked up via git config. Example: https://dev.azure.com/MyOrganizationName/.
Create new group using the OriginID as a reference to an existing group from an external AD or AAD backed provider. Required if name or email-id is missing.
Name or ID of the project in which Azure DevOps group should be created.
Create group at project or organization level.
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az devops security group delete
Delete an Azure DevOps group.
az devops security group delete --id
[--detect {false, true}]
[--org]
[--yes]Required Parameters
Descriptor of the group.
Optional Parameters
Automatically detect organization.
Azure DevOps organization URL. You can configure the default organization using az devops configure -d organization=ORG_URL. Required if not configured as default or picked up via git config. Example: https://dev.azure.com/MyOrganizationName/.
Do not prompt for confirmation.
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az devops security group list
List all the groups in a project or organization.
az devops security group list [--continuation-token]
[--detect {false, true}]
[--org]
[--project]
[--scope {organization, project}]
[--subject-types]Optional Parameters
If there are more results that can't be returned in a single page, the result set will contain a continuation token for retrieval of the next set of results.
Automatically detect organization.
Azure DevOps organization URL. You can configure the default organization using az devops configure -d organization=ORG_URL. Required if not configured as default or picked up via git config. Example: https://dev.azure.com/MyOrganizationName/.
List groups for a particular project.
List groups at project or organization level.
A comma separated list of user subject subtypes to reduce the retrieved results. You can give initial part of descriptor [before the dot] as a filter e.g. vssgp,aadgp.
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az devops security group show
Show group details.
az devops security group show --id
[--detect {false, true}]
[--org]Required Parameters
Descriptor of the group.
Optional Parameters
Automatically detect organization.
Azure DevOps organization URL. You can configure the default organization using az devops configure -d organization=ORG_URL. Required if not configured as default or picked up via git config. Example: https://dev.azure.com/MyOrganizationName/.
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az devops security group update
Update name AND/OR description for an Azure DevOps group.
az devops security group update --id
[--description]
[--detect {false, true}]
[--name]
[--org]Required Parameters
Descriptor of the group.
Optional Parameters
New description for Azure DevOps group.
Automatically detect organization.
New name for Azure DevOps group.
Azure DevOps organization URL. You can configure the default organization using az devops configure -d organization=ORG_URL. Required if not configured as default or picked up via git config. Example: https://dev.azure.com/MyOrganizationName/.
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
Feedback
Submit and view feedback for