# Deleting an Amazon Managed Microsoft AD group Use the following procedure to delete an Amazon Managed Microsoft AD group with user and group management or Amazon Directory Service Data in either the Amazon Web Services Management Console, Amazon CLI, or Amazon Tools for PowerShell. **Important** When you delete a group, all information about the group is removed, including any permissions that group members inherit. **Before you begin either procedure, you need to complete the following:** + [Creating your Amazon Managed Microsoft AD](ms_ad_getting_started.md#ms_ad_getting_started_create_directory). + To use user and group management or Amazon Directory Service Data CLI, it must be enabled. For more information, see [Enable user and group management or Directory Service Data](ms_ad_users_groups_mgmt_enable_disable.md). + You can only enable this feature from the Primary Amazon Web Services Region for your directory. For more information, see [Primary vs additional Regions](https://docs.amazonaws.cn/directoryservice/latest/admin-guide/multi-region-global-primary-additional.html). + You'll need the necessary IAM permissions to use Amazon Directory Service Data. For more information, see [Amazon Directory Service API permissions: Actions, resources, and conditions reference](UsingWithDS_IAM_ResourcePermissions.md). To get started granting permissions to your users and workloads, you can use Amazon managed policies like [Amazon managed policy: AWSDirectoryServiceDataFullAccess](security-iam-awsmanpol.md#security-iam-awsmanpol-AWSDirectoryServiceDataFullAccess) or [Amazon managed policy: AWSDirectoryServiceDataReadOnlyAccess](security-iam-awsmanpol.md#security-iam-awsmanpol-AWSDirectoryServiceDataReadOnlyAccess). For more information, see [Security best practices in IAM](https://docs.amazonaws.cn//IAM/latest/UserGuide/best-practices.html#bp-use-aws-defined-policies). + [Create an Amazon Managed Microsoft AD group](ms_ad_create_group.md). ------ #### [ Amazon Web Services Management Console ] You can delete an Amazon Managed Microsoft AD group in the Amazon Web Services Management Console. **To delete an Amazon Managed Microsoft AD group with the Amazon Web Services Management Console** 1. Open the Amazon Directory Service console at [https://console.amazonaws.cn/directoryservicev2/](https://console.amazonaws.cn/directoryservicev2/). 1. From the navigation pane, choose **Active Directory**, and then choose **Directories**. You're directed to the **Directories** screen where you can view a list of directories in your Amazon Web Services Region. 1. Choose a directory. You're directed to the **Directory details** screen. 1. Choose **Group**. The tab shows a list of groups in your Amazon Web Services Region. 1. Choose the group that you want to delete. To find groups, enter the group name in the search box under the **Groups** section. You're directed to the **Group details** screen. 1. Choose **Delete group**. A dialog box appears where you can choose **Confirm** to delete the group. ------ #### [ Amazon CLI ] The following describes how to format a request that deletes an Amazon Managed Microsoft AD group with the Amazon Directory Service Data CLI. **To delete an Amazon Managed Microsoft AD group with the Amazon CLI** + Open the Amazon CLI, and run the following command, replacing the Directory ID and group name with your Amazon Managed Microsoft AD Directory ID and group name: ``` aws ds-data delete-group --directory-id d-1234567890 --sam-account-name "your-group-name" ``` ------ #### [ Amazon Tools for PowerShell ] The following describes how to format a request that deletes an Amazon Managed Microsoft AD group with the Amazon Tools for PowerShell. **To delete an Amazon Managed Microsoft AD group with the Amazon Tools for PowerShell** + Open PowerShell, and run the following command, replacing the Directory ID and group name with your Amazon Managed Microsoft AD Directory ID and group name: ``` Remove-DSDGroup -DirectoryId d-1234567890 -SAMAccountName "your-group-name" ``` ------