1. Packages
  2. Azure Active Directory (Azure AD)
  3. API Docs
  4. getGroups
Azure Active Directory (Azure AD) v5.53.2 published on Monday, Jul 15, 2024 by Pulumi

azuread.getGroups

Explore with Pulumi AI

azuread logo
Azure Active Directory (Azure AD) v5.53.2 published on Monday, Jul 15, 2024 by Pulumi

    Gets Object IDs or Display Names for multiple Azure Active Directory groups.

    API Permissions

    The following API permissions are required in order to use this data source.

    When authenticated with a service principal, this data source requires one of the following application roles: Group.Read.All or Directory.Read.All

    When authenticated with a user principal, this data source does not require any additional roles.

    Example Usage

    Look up by group name

    import * as pulumi from "@pulumi/pulumi";
    import * as azuread from "@pulumi/azuread";
    
    const example = azuread.getGroups({
        displayNames: [
            "group-a",
            "group-b",
        ],
    });
    
    import pulumi
    import pulumi_azuread as azuread
    
    example = azuread.get_groups(display_names=[
        "group-a",
        "group-b",
    ])
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := azuread.GetGroups(ctx, &azuread.GetGroupsArgs{
    			DisplayNames: []string{
    				"group-a",
    				"group-b",
    			},
    		}, nil)
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using AzureAD = Pulumi.AzureAD;
    
    return await Deployment.RunAsync(() => 
    {
        var example = AzureAD.GetGroups.Invoke(new()
        {
            DisplayNames = new[]
            {
                "group-a",
                "group-b",
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.azuread.AzureadFunctions;
    import com.pulumi.azuread.inputs.GetGroupsArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            final var example = AzureadFunctions.getGroups(GetGroupsArgs.builder()
                .displayNames(            
                    "group-a",
                    "group-b")
                .build());
    
        }
    }
    
    variables:
      example:
        fn::invoke:
          Function: azuread:getGroups
          Arguments:
            displayNames:
              - group-a
              - group-b
    

    Look up by display name prefix

    import * as pulumi from "@pulumi/pulumi";
    import * as azuread from "@pulumi/azuread";
    
    const sales = azuread.getGroups({
        displayNamePrefix: "sales-",
    });
    
    import pulumi
    import pulumi_azuread as azuread
    
    sales = azuread.get_groups(display_name_prefix="sales-")
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := azuread.GetGroups(ctx, &azuread.GetGroupsArgs{
    			DisplayNamePrefix: pulumi.StringRef("sales-"),
    		}, nil)
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using AzureAD = Pulumi.AzureAD;
    
    return await Deployment.RunAsync(() => 
    {
        var sales = AzureAD.GetGroups.Invoke(new()
        {
            DisplayNamePrefix = "sales-",
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.azuread.AzureadFunctions;
    import com.pulumi.azuread.inputs.GetGroupsArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            final var sales = AzureadFunctions.getGroups(GetGroupsArgs.builder()
                .displayNamePrefix("sales-")
                .build());
    
        }
    }
    
    variables:
      sales:
        fn::invoke:
          Function: azuread:getGroups
          Arguments:
            displayNamePrefix: sales-
    

    Look up all groups

    import * as pulumi from "@pulumi/pulumi";
    import * as azuread from "@pulumi/azuread";
    
    const all = azuread.getGroups({
        returnAll: true,
    });
    
    import pulumi
    import pulumi_azuread as azuread
    
    all = azuread.get_groups(return_all=True)
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := azuread.GetGroups(ctx, &azuread.GetGroupsArgs{
    			ReturnAll: pulumi.BoolRef(true),
    		}, nil)
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using AzureAD = Pulumi.AzureAD;
    
    return await Deployment.RunAsync(() => 
    {
        var all = AzureAD.GetGroups.Invoke(new()
        {
            ReturnAll = true,
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.azuread.AzureadFunctions;
    import com.pulumi.azuread.inputs.GetGroupsArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            final var all = AzureadFunctions.getGroups(GetGroupsArgs.builder()
                .returnAll(true)
                .build());
    
        }
    }
    
    variables:
      all:
        fn::invoke:
          Function: azuread:getGroups
          Arguments:
            returnAll: true
    

    Look up all mail-enabled groups

    import * as pulumi from "@pulumi/pulumi";
    import * as azuread from "@pulumi/azuread";
    
    const mailEnabled = azuread.getGroups({
        mailEnabled: true,
        returnAll: true,
    });
    
    import pulumi
    import pulumi_azuread as azuread
    
    mail_enabled = azuread.get_groups(mail_enabled=True,
        return_all=True)
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := azuread.GetGroups(ctx, &azuread.GetGroupsArgs{
    			MailEnabled: pulumi.BoolRef(true),
    			ReturnAll:   pulumi.BoolRef(true),
    		}, nil)
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using AzureAD = Pulumi.AzureAD;
    
    return await Deployment.RunAsync(() => 
    {
        var mailEnabled = AzureAD.GetGroups.Invoke(new()
        {
            MailEnabled = true,
            ReturnAll = true,
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.azuread.AzureadFunctions;
    import com.pulumi.azuread.inputs.GetGroupsArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            final var mailEnabled = AzureadFunctions.getGroups(GetGroupsArgs.builder()
                .mailEnabled(true)
                .returnAll(true)
                .build());
    
        }
    }
    
    variables:
      mailEnabled:
        fn::invoke:
          Function: azuread:getGroups
          Arguments:
            mailEnabled: true
            returnAll: true
    

    Look up all security-enabled groups that are not mail-enabled

    import * as pulumi from "@pulumi/pulumi";
    import * as azuread from "@pulumi/azuread";
    
    const securityOnly = azuread.getGroups({
        mailEnabled: false,
        returnAll: true,
        securityEnabled: true,
    });
    
    import pulumi
    import pulumi_azuread as azuread
    
    security_only = azuread.get_groups(mail_enabled=False,
        return_all=True,
        security_enabled=True)
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := azuread.GetGroups(ctx, &azuread.GetGroupsArgs{
    			MailEnabled:     pulumi.BoolRef(false),
    			ReturnAll:       pulumi.BoolRef(true),
    			SecurityEnabled: pulumi.BoolRef(true),
    		}, nil)
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using AzureAD = Pulumi.AzureAD;
    
    return await Deployment.RunAsync(() => 
    {
        var securityOnly = AzureAD.GetGroups.Invoke(new()
        {
            MailEnabled = false,
            ReturnAll = true,
            SecurityEnabled = true,
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.azuread.AzureadFunctions;
    import com.pulumi.azuread.inputs.GetGroupsArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            final var securityOnly = AzureadFunctions.getGroups(GetGroupsArgs.builder()
                .mailEnabled(false)
                .returnAll(true)
                .securityEnabled(true)
                .build());
    
        }
    }
    
    variables:
      securityOnly:
        fn::invoke:
          Function: azuread:getGroups
          Arguments:
            mailEnabled: false
            returnAll: true
            securityEnabled: true
    

    Using getGroups

    Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

    function getGroups(args: GetGroupsArgs, opts?: InvokeOptions): Promise<GetGroupsResult>
    function getGroupsOutput(args: GetGroupsOutputArgs, opts?: InvokeOptions): Output<GetGroupsResult>
    def get_groups(display_name_prefix: Optional[str] = None,
                   display_names: Optional[Sequence[str]] = None,
                   ignore_missing: Optional[bool] = None,
                   mail_enabled: Optional[bool] = None,
                   object_ids: Optional[Sequence[str]] = None,
                   return_all: Optional[bool] = None,
                   security_enabled: Optional[bool] = None,
                   opts: Optional[InvokeOptions] = None) -> GetGroupsResult
    def get_groups_output(display_name_prefix: Optional[pulumi.Input[str]] = None,
                   display_names: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
                   ignore_missing: Optional[pulumi.Input[bool]] = None,
                   mail_enabled: Optional[pulumi.Input[bool]] = None,
                   object_ids: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
                   return_all: Optional[pulumi.Input[bool]] = None,
                   security_enabled: Optional[pulumi.Input[bool]] = None,
                   opts: Optional[InvokeOptions] = None) -> Output[GetGroupsResult]
    func GetGroups(ctx *Context, args *GetGroupsArgs, opts ...InvokeOption) (*GetGroupsResult, error)
    func GetGroupsOutput(ctx *Context, args *GetGroupsOutputArgs, opts ...InvokeOption) GetGroupsResultOutput

    > Note: This function is named GetGroups in the Go SDK.

    public static class GetGroups 
    {
        public static Task<GetGroupsResult> InvokeAsync(GetGroupsArgs args, InvokeOptions? opts = null)
        public static Output<GetGroupsResult> Invoke(GetGroupsInvokeArgs args, InvokeOptions? opts = null)
    }
    public static CompletableFuture<GetGroupsResult> getGroups(GetGroupsArgs args, InvokeOptions options)
    // Output-based functions aren't available in Java yet
    
    fn::invoke:
      function: azuread:index/getGroups:getGroups
      arguments:
        # arguments dictionary

    The following arguments are supported:

    DisplayNamePrefix string
    A common display name prefix to match when returning groups.
    DisplayNames List<string>
    The display names of the groups.
    IgnoreMissing bool
    Ignore missing groups and return groups that were found. The data source will still fail if no groups are found. Cannot be specified with return_all. Defaults to false.
    MailEnabled bool
    Whether the returned groups should be mail-enabled. By itself this does not exclude security-enabled groups. Setting this to true ensures all groups are mail-enabled, and setting to false ensures that all groups are not mail-enabled. To ignore this filter, omit the property or set it to null. Cannot be specified together with object_ids.
    ObjectIds List<string>
    The object IDs of the groups.
    ReturnAll bool
    A flag to denote if all groups should be fetched and returned. Cannot be specified wth ignore_missing. Defaults to false.
    SecurityEnabled bool

    Whether the returned groups should be security-enabled. By itself this does not exclude mail-enabled groups. Setting this to true ensures all groups are security-enabled, and setting to false ensures that all groups are not security-enabled. To ignore this filter, omit the property or set it to null. Cannot be specified together with object_ids.

    One of display_names, display_name_prefix, object_ids or return_all should be specified. Either display_name or object_ids may be specified as an empty list, in which case no results will be returned.

    DisplayNamePrefix string
    A common display name prefix to match when returning groups.
    DisplayNames []string
    The display names of the groups.
    IgnoreMissing bool
    Ignore missing groups and return groups that were found. The data source will still fail if no groups are found. Cannot be specified with return_all. Defaults to false.
    MailEnabled bool
    Whether the returned groups should be mail-enabled. By itself this does not exclude security-enabled groups. Setting this to true ensures all groups are mail-enabled, and setting to false ensures that all groups are not mail-enabled. To ignore this filter, omit the property or set it to null. Cannot be specified together with object_ids.
    ObjectIds []string
    The object IDs of the groups.
    ReturnAll bool
    A flag to denote if all groups should be fetched and returned. Cannot be specified wth ignore_missing. Defaults to false.
    SecurityEnabled bool

    Whether the returned groups should be security-enabled. By itself this does not exclude mail-enabled groups. Setting this to true ensures all groups are security-enabled, and setting to false ensures that all groups are not security-enabled. To ignore this filter, omit the property or set it to null. Cannot be specified together with object_ids.

    One of display_names, display_name_prefix, object_ids or return_all should be specified. Either display_name or object_ids may be specified as an empty list, in which case no results will be returned.

    displayNamePrefix String
    A common display name prefix to match when returning groups.
    displayNames List<String>
    The display names of the groups.
    ignoreMissing Boolean
    Ignore missing groups and return groups that were found. The data source will still fail if no groups are found. Cannot be specified with return_all. Defaults to false.
    mailEnabled Boolean
    Whether the returned groups should be mail-enabled. By itself this does not exclude security-enabled groups. Setting this to true ensures all groups are mail-enabled, and setting to false ensures that all groups are not mail-enabled. To ignore this filter, omit the property or set it to null. Cannot be specified together with object_ids.
    objectIds List<String>
    The object IDs of the groups.
    returnAll Boolean
    A flag to denote if all groups should be fetched and returned. Cannot be specified wth ignore_missing. Defaults to false.
    securityEnabled Boolean

    Whether the returned groups should be security-enabled. By itself this does not exclude mail-enabled groups. Setting this to true ensures all groups are security-enabled, and setting to false ensures that all groups are not security-enabled. To ignore this filter, omit the property or set it to null. Cannot be specified together with object_ids.

    One of display_names, display_name_prefix, object_ids or return_all should be specified. Either display_name or object_ids may be specified as an empty list, in which case no results will be returned.

    displayNamePrefix string
    A common display name prefix to match when returning groups.
    displayNames string[]
    The display names of the groups.
    ignoreMissing boolean
    Ignore missing groups and return groups that were found. The data source will still fail if no groups are found. Cannot be specified with return_all. Defaults to false.
    mailEnabled boolean
    Whether the returned groups should be mail-enabled. By itself this does not exclude security-enabled groups. Setting this to true ensures all groups are mail-enabled, and setting to false ensures that all groups are not mail-enabled. To ignore this filter, omit the property or set it to null. Cannot be specified together with object_ids.
    objectIds string[]
    The object IDs of the groups.
    returnAll boolean
    A flag to denote if all groups should be fetched and returned. Cannot be specified wth ignore_missing. Defaults to false.
    securityEnabled boolean

    Whether the returned groups should be security-enabled. By itself this does not exclude mail-enabled groups. Setting this to true ensures all groups are security-enabled, and setting to false ensures that all groups are not security-enabled. To ignore this filter, omit the property or set it to null. Cannot be specified together with object_ids.

    One of display_names, display_name_prefix, object_ids or return_all should be specified. Either display_name or object_ids may be specified as an empty list, in which case no results will be returned.

    display_name_prefix str
    A common display name prefix to match when returning groups.
    display_names Sequence[str]
    The display names of the groups.
    ignore_missing bool
    Ignore missing groups and return groups that were found. The data source will still fail if no groups are found. Cannot be specified with return_all. Defaults to false.
    mail_enabled bool
    Whether the returned groups should be mail-enabled. By itself this does not exclude security-enabled groups. Setting this to true ensures all groups are mail-enabled, and setting to false ensures that all groups are not mail-enabled. To ignore this filter, omit the property or set it to null. Cannot be specified together with object_ids.
    object_ids Sequence[str]
    The object IDs of the groups.
    return_all bool
    A flag to denote if all groups should be fetched and returned. Cannot be specified wth ignore_missing. Defaults to false.
    security_enabled bool

    Whether the returned groups should be security-enabled. By itself this does not exclude mail-enabled groups. Setting this to true ensures all groups are security-enabled, and setting to false ensures that all groups are not security-enabled. To ignore this filter, omit the property or set it to null. Cannot be specified together with object_ids.

    One of display_names, display_name_prefix, object_ids or return_all should be specified. Either display_name or object_ids may be specified as an empty list, in which case no results will be returned.

    displayNamePrefix String
    A common display name prefix to match when returning groups.
    displayNames List<String>
    The display names of the groups.
    ignoreMissing Boolean
    Ignore missing groups and return groups that were found. The data source will still fail if no groups are found. Cannot be specified with return_all. Defaults to false.
    mailEnabled Boolean
    Whether the returned groups should be mail-enabled. By itself this does not exclude security-enabled groups. Setting this to true ensures all groups are mail-enabled, and setting to false ensures that all groups are not mail-enabled. To ignore this filter, omit the property or set it to null. Cannot be specified together with object_ids.
    objectIds List<String>
    The object IDs of the groups.
    returnAll Boolean
    A flag to denote if all groups should be fetched and returned. Cannot be specified wth ignore_missing. Defaults to false.
    securityEnabled Boolean

    Whether the returned groups should be security-enabled. By itself this does not exclude mail-enabled groups. Setting this to true ensures all groups are security-enabled, and setting to false ensures that all groups are not security-enabled. To ignore this filter, omit the property or set it to null. Cannot be specified together with object_ids.

    One of display_names, display_name_prefix, object_ids or return_all should be specified. Either display_name or object_ids may be specified as an empty list, in which case no results will be returned.

    getGroups Result

    The following output properties are available:

    DisplayNamePrefix string
    DisplayNames List<string>
    The display names of the groups.
    Id string
    The provider-assigned unique ID for this managed resource.
    MailEnabled bool
    ObjectIds List<string>
    The object IDs of the groups.
    SecurityEnabled bool
    IgnoreMissing bool
    ReturnAll bool
    DisplayNamePrefix string
    DisplayNames []string
    The display names of the groups.
    Id string
    The provider-assigned unique ID for this managed resource.
    MailEnabled bool
    ObjectIds []string
    The object IDs of the groups.
    SecurityEnabled bool
    IgnoreMissing bool
    ReturnAll bool
    displayNamePrefix String
    displayNames List<String>
    The display names of the groups.
    id String
    The provider-assigned unique ID for this managed resource.
    mailEnabled Boolean
    objectIds List<String>
    The object IDs of the groups.
    securityEnabled Boolean
    ignoreMissing Boolean
    returnAll Boolean
    displayNamePrefix string
    displayNames string[]
    The display names of the groups.
    id string
    The provider-assigned unique ID for this managed resource.
    mailEnabled boolean
    objectIds string[]
    The object IDs of the groups.
    securityEnabled boolean
    ignoreMissing boolean
    returnAll boolean
    display_name_prefix str
    display_names Sequence[str]
    The display names of the groups.
    id str
    The provider-assigned unique ID for this managed resource.
    mail_enabled bool
    object_ids Sequence[str]
    The object IDs of the groups.
    security_enabled bool
    ignore_missing bool
    return_all bool
    displayNamePrefix String
    displayNames List<String>
    The display names of the groups.
    id String
    The provider-assigned unique ID for this managed resource.
    mailEnabled Boolean
    objectIds List<String>
    The object IDs of the groups.
    securityEnabled Boolean
    ignoreMissing Boolean
    returnAll Boolean

    Package Details

    Repository
    Azure Active Directory (Azure AD) pulumi/pulumi-azuread
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the azuread Terraform Provider.
    azuread logo
    Azure Active Directory (Azure AD) v5.53.2 published on Monday, Jul 15, 2024 by Pulumi