Skip to content

What is Group Rules for users in Azure DevOps?

  • by

In real time scenario, a user might need access to multiple projects across Azure DevOps.So instead of giving access to the user separately in different projects, what we can do is create a group and assign the users to the group (In turn those who are part of the group rule will have access to those projects and we get to choose in which projects they should have read access and contributor access)

Here is an example
Let us say user “Tom” needs “Contributor” Access to Project A and “Reader” access to Project B. Generally we would do these
1. Add Tom as part of Contributors for “Project A”
2. Add Tom as part of Readers for “Project B”

But instead of that we can create a simple group rules and add users/groups to the rule by restricting them to only certain projects

You can create a group by going to Organization Settings —> Users


Incase we have an Active directory group that should be part of a particular project then instead of adding them one by one we can add them enmasse by simply adding a group rule such that users who are part of the AAD group will have access to the project with a specific contributor group as shown below