Azure Active Directory (Azure AD) v5.34.0, Jan 23 23

azuread.getGroup

Gets information about an Azure Active Directory group.

API Permissions

The following API permissions are required in order to use this data source.

When authenticated with a service principal, this data source requires one of the following application roles: Group.Read.All or Directory.Read.All

When authenticated with a user principal, this data source does not require any additional roles.

Example Usage

By Group Display Name)

using System.Collections.Generic;
using Pulumi;
using AzureAD = Pulumi.AzureAD;

return await Deployment.RunAsync(() => 
{
    var example = AzureAD.GetGroup.Invoke(new()
    {
        DisplayName = "MyGroupName",
        SecurityEnabled = true,
    });

});

package main

import (
	"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := azuread.LookupGroup(ctx, &azuread.LookupGroupArgs{
			DisplayName:     pulumi.StringRef("MyGroupName"),
			SecurityEnabled: pulumi.BoolRef(true),
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azuread.AzureadFunctions;
import com.pulumi.azuread.inputs.GetGroupArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var example = AzureadFunctions.getGroup(GetGroupArgs.builder()
            .displayName("MyGroupName")
            .securityEnabled(true)
            .build());

    }
}

import pulumi
import pulumi_azuread as azuread

example = azuread.get_group(display_name="MyGroupName",
    security_enabled=True)

import * as pulumi from "@pulumi/pulumi";
import * as azuread from "@pulumi/azuread";

const example = azuread.getGroup({
    displayName: "MyGroupName",
    securityEnabled: true,
});

variables:
  example:
    fn::invoke:
      Function: azuread:getGroup
      Arguments:
        displayName: MyGroupName
        securityEnabled: true

Using getGroup

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

function getGroup(args: GetGroupArgs, opts?: InvokeOptions): Promise<GetGroupResult>
function getGroupOutput(args: GetGroupOutputArgs, opts?: InvokeOptions): Output<GetGroupResult>

def get_group(display_name: Optional[str] = None,
              mail_enabled: Optional[bool] = None,
              object_id: Optional[str] = None,
              security_enabled: Optional[bool] = None,
              opts: Optional[InvokeOptions] = None) -> GetGroupResult
def get_group_output(display_name: Optional[pulumi.Input[str]] = None,
              mail_enabled: Optional[pulumi.Input[bool]] = None,
              object_id: Optional[pulumi.Input[str]] = None,
              security_enabled: Optional[pulumi.Input[bool]] = None,
              opts: Optional[InvokeOptions] = None) -> Output[GetGroupResult]

func LookupGroup(ctx *Context, args *LookupGroupArgs, opts ...InvokeOption) (*LookupGroupResult, error)
func LookupGroupOutput(ctx *Context, args *LookupGroupOutputArgs, opts ...InvokeOption) LookupGroupResultOutput

> Note: This function is named LookupGroup in the Go SDK.

public static class GetGroup 
{
    public static Task<GetGroupResult> InvokeAsync(GetGroupArgs args, InvokeOptions? opts = null)
    public static Output<GetGroupResult> Invoke(GetGroupInvokeArgs args, InvokeOptions? opts = null)
}

public static CompletableFuture<GetGroupResult> getGroup(GetGroupArgs args, InvokeOptions options)
// Output-based functions aren't available in Java yet

fn::invoke:
  function: azuread:index/getGroup:getGroup
  arguments:
    # arguments dictionary

The following arguments are supported:

DisplayName string: The display name for the group.
MailEnabled bool: Whether the group is mail-enabled.
ObjectId string: Specifies the object ID of the group.
SecurityEnabled bool: Whether the group is a security group.

DisplayName string: The display name for the group.
MailEnabled bool: Whether the group is mail-enabled.
ObjectId string: Specifies the object ID of the group.
SecurityEnabled bool: Whether the group is a security group.

displayName String: The display name for the group.
mailEnabled Boolean: Whether the group is mail-enabled.
objectId String: Specifies the object ID of the group.
securityEnabled Boolean: Whether the group is a security group.

displayName string: The display name for the group.
mailEnabled boolean: Whether the group is mail-enabled.
objectId string: Specifies the object ID of the group.
securityEnabled boolean: Whether the group is a security group.

display_name str: The display name for the group.
mail_enabled bool: Whether the group is mail-enabled.
object_id str: Specifies the object ID of the group.
security_enabled bool: Whether the group is a security group.

displayName String: The display name for the group.
mailEnabled Boolean: Whether the group is mail-enabled.
objectId String: Specifies the object ID of the group.
securityEnabled Boolean: Whether the group is a security group.

getGroup Result

The following output properties are available:

AssignableToRole bool: Indicates whether this group can be assigned to an Azure Active Directory role.
AutoSubscribeNewMembers bool: Indicates whether new members added to the group will be auto-subscribed to receive email notifications. Only set for Unified groups.
Behaviors List<string>: A list of behaviors for a Microsoft 365 group, such as AllowOnlyMembersToPost, HideGroupInOutlook, SubscribeNewGroupMembers and WelcomeEmailDisabled. See official documentation for more details.
Description string: The optional description of the group.
DisplayName string: The display name for the group.
DynamicMemberships List<Pulumi.AzureAD.Outputs.GetGroupDynamicMembership>: A dynamic_membership block as documented below.
ExternalSendersAllowed bool: Indicates whether people external to the organization can send messages to the group. Only set for Unified groups.
HideFromAddressLists bool: Indicates whether the group is displayed in certain parts of the Outlook user interface: in the Address Book, in address lists for selecting message recipients, and in the Browse Groups dialog for searching groups. Only set for Unified groups.
HideFromOutlookClients bool: Indicates whether the group is displayed in Outlook clients, such as Outlook for Windows and Outlook on the web. Only set for Unified groups.
Id string: The provider-assigned unique ID for this managed resource.
Mail string: The SMTP address for the group.
MailEnabled bool: Whether the group is mail-enabled.
MailNickname string: The mail alias for the group, unique in the organisation.
Members List<string>: List of object IDs of the group members.
ObjectId string: The object ID of the group.
OnpremisesDomainName string: The on-premises FQDN, also called dnsDomainName, synchronised from the on-premises directory when Azure AD Connect is used.
OnpremisesNetbiosName string: The on-premises NetBIOS name, synchronised from the on-premises directory when Azure AD Connect is used.
OnpremisesSamAccountName string: The on-premises SAM account name, synchronised from the on-premises directory when Azure AD Connect is used.
OnpremisesSecurityIdentifier string: The on-premises security identifier (SID), synchronised from the on-premises directory when Azure AD Connect is used.
OnpremisesSyncEnabled bool: Whether this group is synchronised from an on-premises directory (true), no longer synchronised (false), or has never been synchronised (null).
Owners List<string>: List of object IDs of the group owners.
PreferredLanguage string: The preferred language for a Microsoft 365 group, in ISO 639-1 notation.
ProvisioningOptions List<string>: A list of provisioning options for a Microsoft 365 group, such as Team. See official documentation for details.
ProxyAddresses List<string>: List of email addresses for the group that direct to the same group mailbox.
SecurityEnabled bool: Whether the group is a security group.
Theme string: The colour theme for a Microsoft 365 group. Possible values are Blue, Green, Orange, Pink, Purple, Red or Teal. When no theme is set, the value is null.
Types List<string>: A list of group types configured for the group. Supported values are DynamicMembership, which denotes a group with dynamic membership, and Unified, which specifies a Microsoft 365 group.
Visibility string: The group join policy and group content visibility. Possible values are Private, Public, or Hiddenmembership. Only Microsoft 365 groups can have Hiddenmembership visibility.

AssignableToRole bool: Indicates whether this group can be assigned to an Azure Active Directory role.
AutoSubscribeNewMembers bool: Indicates whether new members added to the group will be auto-subscribed to receive email notifications. Only set for Unified groups.
Behaviors []string: A list of behaviors for a Microsoft 365 group, such as AllowOnlyMembersToPost, HideGroupInOutlook, SubscribeNewGroupMembers and WelcomeEmailDisabled. See official documentation for more details.
Description string: The optional description of the group.
DisplayName string: The display name for the group.
DynamicMemberships []GetGroupDynamicMembership: A dynamic_membership block as documented below.
ExternalSendersAllowed bool: Indicates whether people external to the organization can send messages to the group. Only set for Unified groups.
HideFromAddressLists bool: Indicates whether the group is displayed in certain parts of the Outlook user interface: in the Address Book, in address lists for selecting message recipients, and in the Browse Groups dialog for searching groups. Only set for Unified groups.
HideFromOutlookClients bool: Indicates whether the group is displayed in Outlook clients, such as Outlook for Windows and Outlook on the web. Only set for Unified groups.
Id string: The provider-assigned unique ID for this managed resource.
Mail string: The SMTP address for the group.
MailEnabled bool: Whether the group is mail-enabled.
MailNickname string: The mail alias for the group, unique in the organisation.
Members []string: List of object IDs of the group members.
ObjectId string: The object ID of the group.
OnpremisesDomainName string: The on-premises FQDN, also called dnsDomainName, synchronised from the on-premises directory when Azure AD Connect is used.
OnpremisesNetbiosName string: The on-premises NetBIOS name, synchronised from the on-premises directory when Azure AD Connect is used.
OnpremisesSamAccountName string: The on-premises SAM account name, synchronised from the on-premises directory when Azure AD Connect is used.
OnpremisesSecurityIdentifier string: The on-premises security identifier (SID), synchronised from the on-premises directory when Azure AD Connect is used.
OnpremisesSyncEnabled bool: Whether this group is synchronised from an on-premises directory (true), no longer synchronised (false), or has never been synchronised (null).
Owners []string: List of object IDs of the group owners.
PreferredLanguage string: The preferred language for a Microsoft 365 group, in ISO 639-1 notation.
ProvisioningOptions []string: A list of provisioning options for a Microsoft 365 group, such as Team. See official documentation for details.
ProxyAddresses []string: List of email addresses for the group that direct to the same group mailbox.
SecurityEnabled bool: Whether the group is a security group.
Theme string: The colour theme for a Microsoft 365 group. Possible values are Blue, Green, Orange, Pink, Purple, Red or Teal. When no theme is set, the value is null.
Types []string: A list of group types configured for the group. Supported values are DynamicMembership, which denotes a group with dynamic membership, and Unified, which specifies a Microsoft 365 group.
Visibility string: The group join policy and group content visibility. Possible values are Private, Public, or Hiddenmembership. Only Microsoft 365 groups can have Hiddenmembership visibility.

assignableToRole Boolean: Indicates whether this group can be assigned to an Azure Active Directory role.
autoSubscribeNewMembers Boolean: Indicates whether new members added to the group will be auto-subscribed to receive email notifications. Only set for Unified groups.
behaviors List<String>: A list of behaviors for a Microsoft 365 group, such as AllowOnlyMembersToPost, HideGroupInOutlook, SubscribeNewGroupMembers and WelcomeEmailDisabled. See official documentation for more details.
description String: The optional description of the group.
displayName String: The display name for the group.
dynamicMemberships List<GetGroupDynamicMembership>: A dynamic_membership block as documented below.
externalSendersAllowed Boolean: Indicates whether people external to the organization can send messages to the group. Only set for Unified groups.
hideFromAddressLists Boolean: Indicates whether the group is displayed in certain parts of the Outlook user interface: in the Address Book, in address lists for selecting message recipients, and in the Browse Groups dialog for searching groups. Only set for Unified groups.
hideFromOutlookClients Boolean: Indicates whether the group is displayed in Outlook clients, such as Outlook for Windows and Outlook on the web. Only set for Unified groups.
id String: The provider-assigned unique ID for this managed resource.
mail String: The SMTP address for the group.
mailEnabled Boolean: Whether the group is mail-enabled.
mailNickname String: The mail alias for the group, unique in the organisation.
members List<String>: List of object IDs of the group members.
objectId String: The object ID of the group.
onpremisesDomainName String: The on-premises FQDN, also called dnsDomainName, synchronised from the on-premises directory when Azure AD Connect is used.
onpremisesNetbiosName String: The on-premises NetBIOS name, synchronised from the on-premises directory when Azure AD Connect is used.
onpremisesSamAccountName String: The on-premises SAM account name, synchronised from the on-premises directory when Azure AD Connect is used.
onpremisesSecurityIdentifier String: The on-premises security identifier (SID), synchronised from the on-premises directory when Azure AD Connect is used.
onpremisesSyncEnabled Boolean: Whether this group is synchronised from an on-premises directory (true), no longer synchronised (false), or has never been synchronised (null).
owners List<String>: List of object IDs of the group owners.
preferredLanguage String: The preferred language for a Microsoft 365 group, in ISO 639-1 notation.
provisioningOptions List<String>: A list of provisioning options for a Microsoft 365 group, such as Team. See official documentation for details.
proxyAddresses List<String>: List of email addresses for the group that direct to the same group mailbox.
securityEnabled Boolean: Whether the group is a security group.
theme String: The colour theme for a Microsoft 365 group. Possible values are Blue, Green, Orange, Pink, Purple, Red or Teal. When no theme is set, the value is null.
types List<String>: A list of group types configured for the group. Supported values are DynamicMembership, which denotes a group with dynamic membership, and Unified, which specifies a Microsoft 365 group.
visibility String: The group join policy and group content visibility. Possible values are Private, Public, or Hiddenmembership. Only Microsoft 365 groups can have Hiddenmembership visibility.

assignableToRole boolean: Indicates whether this group can be assigned to an Azure Active Directory role.
autoSubscribeNewMembers boolean: Indicates whether new members added to the group will be auto-subscribed to receive email notifications. Only set for Unified groups.
behaviors string[]: A list of behaviors for a Microsoft 365 group, such as AllowOnlyMembersToPost, HideGroupInOutlook, SubscribeNewGroupMembers and WelcomeEmailDisabled. See official documentation for more details.
description string: The optional description of the group.
displayName string: The display name for the group.
dynamicMemberships GetGroupDynamicMembership[]: A dynamic_membership block as documented below.
externalSendersAllowed boolean: Indicates whether people external to the organization can send messages to the group. Only set for Unified groups.
hideFromAddressLists boolean: Indicates whether the group is displayed in certain parts of the Outlook user interface: in the Address Book, in address lists for selecting message recipients, and in the Browse Groups dialog for searching groups. Only set for Unified groups.
hideFromOutlookClients boolean: Indicates whether the group is displayed in Outlook clients, such as Outlook for Windows and Outlook on the web. Only set for Unified groups.
id string: The provider-assigned unique ID for this managed resource.
mail string: The SMTP address for the group.
mailEnabled boolean: Whether the group is mail-enabled.
mailNickname string: The mail alias for the group, unique in the organisation.
members string[]: List of object IDs of the group members.
objectId string: The object ID of the group.
onpremisesDomainName string: The on-premises FQDN, also called dnsDomainName, synchronised from the on-premises directory when Azure AD Connect is used.
onpremisesNetbiosName string: The on-premises NetBIOS name, synchronised from the on-premises directory when Azure AD Connect is used.
onpremisesSamAccountName string: The on-premises SAM account name, synchronised from the on-premises directory when Azure AD Connect is used.
onpremisesSecurityIdentifier string: The on-premises security identifier (SID), synchronised from the on-premises directory when Azure AD Connect is used.
onpremisesSyncEnabled boolean: Whether this group is synchronised from an on-premises directory (true), no longer synchronised (false), or has never been synchronised (null).
owners string[]: List of object IDs of the group owners.
preferredLanguage string: The preferred language for a Microsoft 365 group, in ISO 639-1 notation.
provisioningOptions string[]: A list of provisioning options for a Microsoft 365 group, such as Team. See official documentation for details.
proxyAddresses string[]: List of email addresses for the group that direct to the same group mailbox.
securityEnabled boolean: Whether the group is a security group.
theme string: The colour theme for a Microsoft 365 group. Possible values are Blue, Green, Orange, Pink, Purple, Red or Teal. When no theme is set, the value is null.
types string[]: A list of group types configured for the group. Supported values are DynamicMembership, which denotes a group with dynamic membership, and Unified, which specifies a Microsoft 365 group.
visibility string: The group join policy and group content visibility. Possible values are Private, Public, or Hiddenmembership. Only Microsoft 365 groups can have Hiddenmembership visibility.

assignable_to_role bool: Indicates whether this group can be assigned to an Azure Active Directory role.
auto_subscribe_new_members bool: Indicates whether new members added to the group will be auto-subscribed to receive email notifications. Only set for Unified groups.
behaviors Sequence[str]: A list of behaviors for a Microsoft 365 group, such as AllowOnlyMembersToPost, HideGroupInOutlook, SubscribeNewGroupMembers and WelcomeEmailDisabled. See official documentation for more details.
description str: The optional description of the group.
display_name str: The display name for the group.
dynamic_memberships Sequence[GetGroupDynamicMembership]: A dynamic_membership block as documented below.
external_senders_allowed bool: Indicates whether people external to the organization can send messages to the group. Only set for Unified groups.
hide_from_address_lists bool: Indicates whether the group is displayed in certain parts of the Outlook user interface: in the Address Book, in address lists for selecting message recipients, and in the Browse Groups dialog for searching groups. Only set for Unified groups.
hide_from_outlook_clients bool: Indicates whether the group is displayed in Outlook clients, such as Outlook for Windows and Outlook on the web. Only set for Unified groups.
id str: The provider-assigned unique ID for this managed resource.
mail str: The SMTP address for the group.
mail_enabled bool: Whether the group is mail-enabled.
mail_nickname str: The mail alias for the group, unique in the organisation.
members Sequence[str]: List of object IDs of the group members.
object_id str: The object ID of the group.
onpremises_domain_name str: The on-premises FQDN, also called dnsDomainName, synchronised from the on-premises directory when Azure AD Connect is used.
onpremises_netbios_name str: The on-premises NetBIOS name, synchronised from the on-premises directory when Azure AD Connect is used.
onpremises_sam_account_name str: The on-premises SAM account name, synchronised from the on-premises directory when Azure AD Connect is used.
onpremises_security_identifier str: The on-premises security identifier (SID), synchronised from the on-premises directory when Azure AD Connect is used.
onpremises_sync_enabled bool: Whether this group is synchronised from an on-premises directory (true), no longer synchronised (false), or has never been synchronised (null).
owners Sequence[str]: List of object IDs of the group owners.
preferred_language str: The preferred language for a Microsoft 365 group, in ISO 639-1 notation.
provisioning_options Sequence[str]: A list of provisioning options for a Microsoft 365 group, such as Team. See official documentation for details.
proxy_addresses Sequence[str]: List of email addresses for the group that direct to the same group mailbox.
security_enabled bool: Whether the group is a security group.
theme str: The colour theme for a Microsoft 365 group. Possible values are Blue, Green, Orange, Pink, Purple, Red or Teal. When no theme is set, the value is null.
types Sequence[str]: A list of group types configured for the group. Supported values are DynamicMembership, which denotes a group with dynamic membership, and Unified, which specifies a Microsoft 365 group.
visibility str: The group join policy and group content visibility. Possible values are Private, Public, or Hiddenmembership. Only Microsoft 365 groups can have Hiddenmembership visibility.

assignableToRole Boolean: Indicates whether this group can be assigned to an Azure Active Directory role.
autoSubscribeNewMembers Boolean: Indicates whether new members added to the group will be auto-subscribed to receive email notifications. Only set for Unified groups.
behaviors List<String>: A list of behaviors for a Microsoft 365 group, such as AllowOnlyMembersToPost, HideGroupInOutlook, SubscribeNewGroupMembers and WelcomeEmailDisabled. See official documentation for more details.
description String: The optional description of the group.
displayName String: The display name for the group.
dynamicMemberships List<Property Map>: A dynamic_membership block as documented below.
externalSendersAllowed Boolean: Indicates whether people external to the organization can send messages to the group. Only set for Unified groups.
hideFromAddressLists Boolean: Indicates whether the group is displayed in certain parts of the Outlook user interface: in the Address Book, in address lists for selecting message recipients, and in the Browse Groups dialog for searching groups. Only set for Unified groups.
hideFromOutlookClients Boolean: Indicates whether the group is displayed in Outlook clients, such as Outlook for Windows and Outlook on the web. Only set for Unified groups.
id String: The provider-assigned unique ID for this managed resource.
mail String: The SMTP address for the group.
mailEnabled Boolean: Whether the group is mail-enabled.
mailNickname String: The mail alias for the group, unique in the organisation.
members List<String>: List of object IDs of the group members.
objectId String: The object ID of the group.
onpremisesDomainName String: The on-premises FQDN, also called dnsDomainName, synchronised from the on-premises directory when Azure AD Connect is used.
onpremisesNetbiosName String: The on-premises NetBIOS name, synchronised from the on-premises directory when Azure AD Connect is used.
onpremisesSamAccountName String: The on-premises SAM account name, synchronised from the on-premises directory when Azure AD Connect is used.
onpremisesSecurityIdentifier String: The on-premises security identifier (SID), synchronised from the on-premises directory when Azure AD Connect is used.
onpremisesSyncEnabled Boolean: Whether this group is synchronised from an on-premises directory (true), no longer synchronised (false), or has never been synchronised (null).
owners List<String>: List of object IDs of the group owners.
preferredLanguage String: The preferred language for a Microsoft 365 group, in ISO 639-1 notation.
provisioningOptions List<String>: A list of provisioning options for a Microsoft 365 group, such as Team. See official documentation for details.
proxyAddresses List<String>: List of email addresses for the group that direct to the same group mailbox.
securityEnabled Boolean: Whether the group is a security group.
theme String: The colour theme for a Microsoft 365 group. Possible values are Blue, Green, Orange, Pink, Purple, Red or Teal. When no theme is set, the value is null.
types List<String>: A list of group types configured for the group. Supported values are DynamicMembership, which denotes a group with dynamic membership, and Unified, which specifies a Microsoft 365 group.
visibility String: The group join policy and group content visibility. Possible values are Private, Public, or Hiddenmembership. Only Microsoft 365 groups can have Hiddenmembership visibility.

Supporting Types

GetGroupDynamicMembership

Enabled bool: Whether rule processing is "On" (true) or "Paused" (false).
Rule string: The rule that determines membership of this group.

Enabled bool: Whether rule processing is "On" (true) or "Paused" (false).
Rule string: The rule that determines membership of this group.

enabled Boolean: Whether rule processing is "On" (true) or "Paused" (false).
rule String: The rule that determines membership of this group.

enabled boolean: Whether rule processing is "On" (true) or "Paused" (false).
rule string: The rule that determines membership of this group.

enabled bool: Whether rule processing is "On" (true) or "Paused" (false).
rule str: The rule that determines membership of this group.

enabled Boolean: Whether rule processing is "On" (true) or "Paused" (false).
rule String: The rule that determines membership of this group.

Package Details

Repository: Azure Active Directory (Azure AD) pulumi/pulumi-azuread
License: Apache-2.0
Notes: This Pulumi package is based on the azuread Terraform Provider.