This article applies to BHCE and BHE

The ability to add other principals to an Azure security group

Abuse Info

Via the Azure portal:

  1. Find the group in your tenant (Azure Active Directory -> Groups -> Find Group in list)
  2. Click the group from the list
  3. In the left pane, click “Members”
  4. At the top, click “Add members”
  5. Find the principals you want to add to the group and click them, then click “select” at the bottom
  6. You should see a message in the top right saying “Member successfully added”

Via PowerZure:
Add-AzureADGroup -User [UPN] -Group [Group name]

Opsec Considerations

The Azure activity log for the tenant will log who added what principal to what group, including the date and time.