Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

M365 Group (Assigned) is not allowing to communicate or grant access to environment and Role to be assigned #9477

Open
1 task done
kotesharepoint1 opened this issue Jan 9, 2025 · 0 comments
Open
1 task done

M365 Group (Assigned) is not allowing to communicate or grant access to environment and Role to be assigned #9477

kotesharepoint1 opened this issue Jan 9, 2025 · 0 comments
Labels
bug Something isn't working coe-starter-kit CoE Starter Kit issues

Comments

@kotesharepoint1
Copy link

Does this bug already exist in our backlog?

  • I have checked and confirm this is a new bug.

Describe the issue

Hi Team,

We have created M365 groups for Admin, Maker & User in Azure portal with Assigned type and added them in CoE toolkit communication methods. Also we have planned to use the same groups as security roles in CoE by add them in QA environment level where we installed CoE toolkit.

  1. Emails are not being triggered to App Owners (do we need to enable email separately for M365 group or update the Production environment variable to Yes for allowing emails in QA environment)
  2. Makers added in M365 group via Azure portal are not able to access CoE toolkit environment or apps shared with these groups (noticed a team created for each of these groups at backed and while sharing the app it's showing as group name with Team)
  3. What would be the recommended approach to manage for achieving below
    QA Environment (CoE installed) Access via M365 groups instead Security Groups for Admins, Makers & Users
    Security Role to be provided for these groups
    Avoid allowing makers to create apps or flows in QA environment, they should access only CoE apps
    Emails should be trigged to app owners and makers if environment request process initiated by Maker & approved/rejected by
    Admins
  4. Finally, we don't want to use security groups in our tenant, only M365 to manage the makers who can get environment access & CoE apps access.

Regards,
Kotesh

Expected Behavior

Makers should be able to access CoE apps (Maker Command Center & Developer Compliance Center) by adding or removing them from a M365 group in azure portal.

Direct access with maker role is able to access environment & CoE apps, we don't want to give them a higher level permission (Basic User, Maker, System Customizer) to avoid using them in QA environment where CoE installed.

What solution are you experiencing the issue with?

Core

What solution version are you using?

4.43

What app or flow are you having the issue with?

Environment Access & Communication Methods

What method are you using to get inventory and telemetry?

Cloud flows

Steps To Reproduce

No response

Anything else?

No response
@kotesharepoint1 kotesharepoint1 added bug Something isn't working coe-starter-kit CoE Starter Kit issues labels Jan 9, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working coe-starter-kit CoE Starter Kit issues
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@kotesharepoint1