We have a need coming up to stop polices and deployments (IE connect) to users based on their Azure AD grouping. Is this even possible? I have seen LDAP grouping (limitations on policies to LDAP group), but nothing for Azure. I know this is a can of worms.
