Skip to main content

Google Workspace

Maarten Decat
Updated

The Google Workspace connector for Elimity Insights fetches users and groups for a Google Workspace tenant so you can keep in control of your environment.

Follow the instructions below to set up the connector for your environment.

How it works

  • Elimity Insights periodically fetches users and groups for a Google Workspace tenant.
  • Write Elimity Insights queries to review and monitor updates to the data, or leverage existing queries.
  • Configure these stored queries to take action when the Elimity Insights data changes. 

Integration requirements

Setting up a Google Workspace source in Elimity Insights requires:

  • a Google Workspace account to create a dedicated service account and admin role, and
  • a user in Elimity Insights with the role Connector Admin or higher.

Integration instructions

The following sections will explain the different steps you'll need to take to set up the Google Workspace connector for Elimity Insights.

1. Setting up a dedicated service account in Google Cloud

The Google Workspace connector for Elimity Insights authenticates as a service account. We recommend creating a dedicated service account to assign the minimal amount of permissions. Refer to the official documentation for instructions on how to create a new service account. Take note of the newly created service account's email address. Generate a secret key for the service account (again, refer to the official documentation for more information) and store the resulting JSON file securely; you'll need it to set up a source in Elimity Insights. Also make sure to enable the Admin SDK API in the service account's related project, refer to the official documentation for detailed instructions.

2. Setting up a dedicated admin role in Google Workspace

We also recommend creating a dedicated admin role for the newly created service account. This admin role should only grant the 'Admin API > Groups > Read' and 'Admin API > Users > Read' privileges. The official documentation contains more information about creating a new admin role in Google Workspace.

3. Assigning the admin role in Google Workspace

Follow the instructions listed in the official documentation to assign the newly created admin role to the newly created service account.

4. Setting up a source in Elimity Insights

In Elimity Insights you can now create a new Google Workspace source providing the following configuration:

  • Google Workspace customer ID: your Google Workspace customer ID, refer to the official documentation for instructions on how to find this information.
  • User email pattern: regular expression to filter users by email address. Leave this option blank to include all users. This filtering also applies to external users.
  • Group email pattern: regular expression to filter groups by email address. Leave this option blank to include all groups.
  • Service account key: secret key you stored in step 1.

Changelog

v3.36.0

  • The connector now supports filtering users and groups by email address.
  • This update also adds a new 'External user' entity type for external group members.

v3.37.0

  • The connector now also imports external groups and their memberships in internal groups.

v3.40.0

  • Added 'type' attribute for group roles.

Comments

0 comments

Please sign in to leave a comment.

Powered by Zendesk