![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(188.79999999999998, 53%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EFG%3C/text%3E%3C/svg%3E)
Azure Policy
An Azure service that is used to implement corporate governance and standards at scale for Azure resources.
868 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(188.79999999999998, 26%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EN%3C/text%3E%3C/svg%3E)
Hi @Fahad Gul
Thank you for posting this in Microsoft Q&A.
I understand your requirement to implement a Conditional Access policy to block new users who are not part of a specific group.
Yes, this approach is possible.
1.Create an exclusion group and include the users to whom you wish to grant access.
2.Create a Conditional Access policy that excludes the group.
a. Create new policy.
b. Under Assignments selects Users and groups > On the Include tab, select All Users > Under Exclude, select Users and groups and choose the exclusion group you created.
c. Select "Block access" to block users who are not part of the group.
d. Set enable policy to "on" and create policy.
Hope this helps. Do let us know if you any further queries.
Thanks,
Navya.
If this answers your query, do click Accept Answer and Yes for was this answer helpful. And, if you have any further query do let us know.