Blog Post

Azure Governance and Management Blog
2 MIN READ

Announcing Public Preview for Azure Service Groups!

kenieva's avatar
kenieva
Icon for Microsoft rankMicrosoft
Aug 21, 2025

Service Groups (SGs), a new Azure group that supports flexible membership, is now publicly available for all Azure customers!

What are Service groups?

Service Groups are a new resource container enabling management and observability scenarios where flexibility in hierarchy and membership is needed. Service Groups are tenant level resources so they can have members across the tenant but do not interfere or use tenant-wide RBAC or Policy abilities.

 

Key Features

  • Low Privilege Management: Service Groups are designed to operate with minimal permissions, ensuring that users can manage resources without needing excessive access and appealing to multiple personas. Access to a Service Group does not grant role-based access control or policy inheritance to its members.
  • Flexible and Varying Hierarchies: Azure resources and scopes, from anywhere in the tenant, can become members of one or multiple service groups. Additionally, Service Groups can be nested providing the ability to have multiple hierarchy structures, i.e. Cost Center, Product, Organization, and more!
  • Monitoring Capabilities: From your application to infrastructure health, Azure Monitor features (such as Health Models) are now available to help you troubleshoot, investigate, and monitor your Service Group.

When should I use them?

Service Groups should be leveraged in scenarios where resources sprawl across existing containers making it difficult to monitor and manage them. This is commonly found in scenarios needing to model application hierarchy, company services and workloads. Service Groups cannot be used as a deployment scope nor to manage Policy nor RBAC.

Try it out!

Quickly start with Service Groups using REST API or Azure Portal!

For more information on Service Groups, please visit aka.ms/servicegroups.

FAQ 

Do Service Groups replace existing Azure groups?   

No, Service Groups have been designed to work in parallel with existing Azure Groups. For a comparison of existing scopes, please review the scenario comparison documentation.

Who can create Service Groups?

Anyone with a valid Azure user account in a Microsoft Entra directory can leverage Service Groups!

Why are Service Groups tenant level?

Service Groups are tenant level so they can have membership from across the tenant. However, unlike pre-existing tenant level resources (i.e, Management Groups), Service Groups do not have grant users' tenant wide access.

Share Your Feedback

You can reach our team by email at azureservicegroups@microsoft.com.

Published Aug 21, 2025
Version 1.0
governance
management
No CommentsBe the first to comment