Restrict non-admin users from creating security groups.

Why This Matters

Allowing non-admin users to create security groups can lead to unmanaged group sprawl, inconsistent naming conventions, and overly permissive access assignments. This reduces your ability to audit and control access to sensitive resources. By restricting group creation to administrators, you maintain centralized governance over your identity infrastructure.

What Aether365 Checks

Aether365 verifies that non-admin users are restricted from creating security groups in Microsoft Entra ID. This check appears in your Aether365 dashboard under the entra-id services category and flags any tenant where users without administrative roles can create security groups.