Azure Active Directory Security Group Automation with Power Automate

Azure Active Directory is Microsoft’s cloud-based identity service, which allows users to access Microsoft online services, 3rd party Software-As-A-Service, and also custom line-of-business apps which supports modern authentication.

As enterprises moving to cloud, one of the key consideration is identity strategy, whether setting up a brand new identity store in cloud for cloud native apps, or hybrid identity where users identity is synchronize to cloud services like Azure Active Directory. The second option is more commonly adopted in enterprises including my customers, as this reduce the complexity of having multiple credentials.

In addition, this approach aligns with “Zero Trust Network” started in 2010 by John Kindervag, who was a principal analyst at Forrester Research. In traditional on-premise workload, perimeter-based network defense (such as firewalls) may be sufficient, but it has became obsolete in today’s context as more and more workload resides in cloud, and mobile workforce is increasing.

In general, instead of performing trust based on network locations, Zero Trust Network concept leverage on user trust claims to gain access, i.e. there’s an trust determination (a combination of various factors, such as identity, groups, devices used, authorization, location etc) before accessing organization resources. In this context, Identity and Access Management is one of the core components in this trust determination. Thus identity became…