Google Workspace (GSuite) Groups
Create an integration to manage access for sets of people in your Google Workspace
Last updated
Create an integration to manage access for sets of people in your Google Workspace
Last updated
Groups in Google Workspace allow for communication and collaboration within an organization. Administrators can create groups to manage settings and access to services for different sets of users. Users can utilize groups for activities, such as team communication, document sharing, and meetings.
Through this integration, Apono helps you securely manage access for sets of users in your Google Workspace.
The groups feature in Google Workspace differs from the Google Groups product.
Before starting this integration, be sure to acquire the items listed in the following table.
| Item | Description |
|---|---|
Apono Connector | On-prem connection serving as a bridge between a GCP instance and Apono |
Apono Premium | Apono plan providing the most features and dedicated account support |
Google Workspace Super Admin Role | User role enabling your user account to configure settings in Google Workspace |
Google Workspace Customer ID | Unique account ID On the Account settings page, under Profile, copy the Customer ID. |
In your Google Workspace, you must add the service account associated with the Apono connector to the Groups Admin role.
Use the following steps to assign this role:
On the Admin roles page, hover over the Groups Admin row. Several menu options appear.
Click Assign admin. The Groups Admin page appears.
Click Assign service accounts. The Assign role - Groups Admin modal appears.
Under Add service accounts, enter apono-connector-iam-sa@$PROJECT_ID.iam.gserviceaccount.com. Be sure to replace $PROJECT_ID with the project ID where the connector is installed.
Click ADD.
Click ASSIGN ROLE.
You can also use the steps below to integrate with Apono using Terraform.
In step 8, instead of clicking Confirm, follow the Are you integrating with Apono using Terraform? guidance.
Follow these steps to complete the integration:
On the Catalog tab, click Google Group. The Connect Integration page appears.
Under Discovery, click Next. The Apono connector section expands.
From the dropdown menu, select a connector.
If the desired connector is not listed, click + Add new connector and follow the instructions for creating a GCP connector.
Click Next. The Integration Config section expands.
Define the Integration Config settings.
| Setting | Description |
|---|---|
Integration Name | Unique, alphanumeric, user-friendly name used to identify this integration when constructing an access flow |
Customer ID | Unique Google account ID |
Click Next. The Get more with Apono section expands.
Define the Get more with Apono settings.
| Setting | Description |
|---|---|
Custom Access Details | (Optional) Instructions explaining how to access this integration's resources Upon accessing an integration, a message with these instructions will be displayed to end users in the User Portal. The message may include up to 400 characters. To view the message as it appears to end users, click Preview. |
Integration Owner | (Optional) Fallback approver if no resource owner is found Follow these steps to define one or several integration owners:
NOTE: When Resource Owner is defined, an Integration Owner must be defined. |
Resource Owner | (Optional) Group or role responsible for managing access approvals or rejections for the resource Follow these steps to define one or several resource owners:
NOTE: When this setting is defined, an Integration Owner must also be defined. |
Click Confirm.
Now that you have completed this integration, you can create access flows that grant permissions to groups within your Google Workspace.
