we have a requirement for some users to access planner, but not to have access to the teams that the plans are created in. As planner uses the o365 groups I guess there is no way to restrict access without giving access to Teams, is there?
that doesn't really work though, consider someone in the PMO who would like to have an overview of current activities, but should not have access to documents in a Team.
This is a fundamental problem of building a security model on a single group. IT was great when groups where meant to be a replacement of a Distribution List, but now its a mess.