AzureAd – GSuite assinar usuarios

#add
$sp = Get-AzureADServicePrincipal -Filter "displayName eq 'GSUITE ADM'"
$appRole = $sp.AppRoles | Where-Object { $_.DisplayName -eq 'Default Organization' }
$user = Get-AzureADUser -ObjectId "eduardo.teste@pinhais.pr.gov.br"
New-AzureADUserAppRoleAssignment -ObjectId $user.ObjectId -PrincipalId $user.ObjectId -ResourceId $sp.ObjectId -Id $appRole.Id

#remove
$obj = Get-AzureADServiceAppRoleAssignment -ObjectId 08c7b728-1397-4ffb-8683-139f61cbf54c | Where-Object { $_.PrincipalDisplayName -eq "Eduardo Teste" }
Remove-AzureADServiceAppRoleAssignment -ObjectId 08c7b728-1397-4ffb-8683-139f61cbf54c -AppRoleAssignmentId $obj.ObjectId

#consulta
Get-AzureADServiceAppRoleAssignment -ObjectId 08c7b728-1397-4ffb-8683-139f61cbf54c

#Script para Adicionar usuarios atravá de um txt
$sp = Get-AzureADServicePrincipal -Filter "displayName eq 'GSUITE ADM'"
$appRole = $sp.AppRoles | Where-Object { $_.DisplayName -eq 'Default Organization' }

$array = Get-Content -Path @("C:\Users\eduardo.dalbello\Documents\gsuite.txt")
foreach($item in $array) {
$user = Get-AzureADUser -ObjectId $item
New-AzureADUserAppRoleAssignment -ObjectId $user.ObjectId -PrincipalId $user.ObjectId -ResourceId $sp.ObjectId -Id $appRole.Id
}

#remove
$array = Get-Content -Path @("C:\Users\eduardo.dalbello\Documents\gsuiter.txt")
foreach($item in $array) {
$obj = Get-AzureADServiceAppRoleAssignment -ObjectId 08c7b728-1397-4ffb-8683-139f61cbf54c | Where-Object { $_.PrincipalDisplayName -eq $item }
Remove-AzureADServiceAppRoleAssignment -ObjectId 08c7b728-1397-4ffb-8683-139f61cbf54c -AppRoleAssignmentId $obj.ObjectId
}

by:https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/assign-user-or-group-access-portal