Skip to content

Initial Security Groups

The following groups are required during the provisioning stage to enable subsequent configuration. It is recommended to create two security groups:

Group type requirements

Microsoft Entra ID: Security groups do not need to be email-enabled. Standard security groups are sufficient for both access control and notifications.

Google Cloud Identity: Email-enabled groups are required for notifications to work correctly. The approver group must allow external senders ("Who can post" set to allow external) so that the LAAVAT Platform can deliver approval notifications.

  • Group "Initial Writer Groups": This group provides access to the 'System Configuration Endpoints' for submitting new configuration requests. Individuals in the System Admin role, or equivalent, should be added to this group.

  • Group "Initial Approver Groups": This group provides access to the 'System Configuration Endpoints' for approving configuration requests. Individuals in the System Owner/Approver role, or equivalent, should be added to this group

Write down group IDs on the registration form.