Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Feature request: "flatten" option for microsoft.ad.group #128

Open
Yannik opened this issue Jun 24, 2024 · 0 comments · May be fixed by #132
Open

Feature request: "flatten" option for microsoft.ad.group #128

Yannik opened this issue Jun 24, 2024 · 0 comments · May be fixed by #132

Comments

@Yannik
Copy link

Yannik commented Jun 24, 2024

SUMMARY

For those of us working with hybrid on-premise ad/entra id environments, it can be a constant nuisance that entra does not support nested groups for lots of things, for example app role assigments. [1]

It would be incredibly helpful to have a flatten parameter on the microsoft.ad.group module, which, when going over set/add/remove items, checks if that item is a group, and, if it is, replaces that with its (flattened) members.

The resulting group will therefore be flat (only having direct members, no groups as members), making it suitable for use with azure ad.

[1] " App role assignment, for both access and provisioning. Assigning groups to an app is supported, but any groups nested within the directly assigned group won't have access.", https://learn.microsoft.com/en-us/entra/identity/users/directory-service-limits-restrictions

ISSUE TYPE
  • Feature Idea
COMPONENT NAME

microsoft.ad.group

Yannik added a commit to Yannik/microsoft.ad that referenced this issue Jul 1, 2024
Yannik added a commit to Yannik/microsoft.ad that referenced this issue Aug 5, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging a pull request may close this issue.

1 participant