Azure Security Groups Assignment
Azure AD Security Groups are analogous to Security Groups in on-prem Windows Active Directory. They are Security Principals, which means they can be used to secure objects in Azure AD. They can be created natively in Azure AD, or synced from Windows AD with Azure AD Connect. Their membership can be static, or it can be generated dynamically with rules.
Note- This is an optional step, you can skip this step if you do not want to assign any security groups by clicking on the Save&Next button.
How to create a Rule for assigning Security Groups to users?¶
Once you are on this step you will see a section under the heading Add user to Security Group. This section represents a rule based on which security groups can be assigned to selected users.
Following are the steps to create a rule -
-
Firstly, you can set up the filters to select the users you want to assign Security groups to. You can create a filter using the following steps -
- Click on "Choose Attribute" and select employee attribute and operation you want to apply to match that attribute.
- Next, you get a "Value" field where you type the value you want to match the attribute with and also choose the OU you want to assign.
Figure 3. Example of a filter -
You can add multiple filters using the "AND" and "OR" logic. These logics can be added using the
:button present on the right of the value input field. -
You can add multiple rows of the above filters using
+button inside the box.
You can add or delete more rules with different priority using the Add a rule or delete button respectively.
Adding default security groups to all users¶
Additional to rule based security groups, all employees will also be assigned with default security groups. Simply search and select the security groups you want to apply to the entire company.
Import And Export Mapping Rules¶
Using this feature, you will be able to import all the mapping rules by uploading a .csv or .xlsx file. Also, you can export all the mapping rules as a .csv/.xlsx file.
To Import or Export a file you have to first click on Import/Export Mapping Rules button. Clicking on this button will open a Dialog box containing two tabs, one is for importing and other is for exporting the mapping rules. By default if the form is valid you will be redirected to Export tab otherwise the Export tab will remain disabled and you will be redirected to the Import tab.
Importing mapping rules¶
Steps for importing file:
-
Choose Import tab from the dialog box.
Figure 7. Dialog Box For Importing .xlsx or .csv File -
Now Click on Choose File button to choose the file you want to import. Clicking on button will open file directory from which you can select .csv or .xlsx file.
Figure 8. "Choose File" button for choosing file to be imported.
Figure 9. Windows Tab for choosing .xlsx or .csv File. -
After doing first 3 steps please wait while your file gets imported and rules get created.
Note - There is the specific format to import file. You can get the format by exporting some mapping rules.
Exporting mapping rules¶
Steps for exporting file:
-
Choose Export tab from a dialog box.
Figure 10. Dialog Box for Exporting File.
Figure 11. File Formats To Export. -
Now Select the file format from the dropdown and click on Export button. Once clicked your file will get exported in the selected format and the name of the file will be Hire2Retire_SG_Mapping_(TimeStamp).
Figure 12. "Export" button.
AI Insights for Azure Security Group Memberships¶
With RoboMQ’s new AI model, rule sets for Azure SGs can be seamlessly generated. Click the icon adjacent to 'Security Group Memberships' in the workflow, and fill out the form for more details. Upon submission, RoboMQ’s AI team will engage with you, craft rule sets, and deliver you as a CSV file.
