-
Notifications
You must be signed in to change notification settings - Fork 1.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Cloud Identity Group resources #3479
Cloud Identity Group resources #3479
Comments
Hello there, any feedback please ? |
Hi @rrey ! Thank you for opening this issue. In order to create a Google Cloud Identity Group, an Identity Source needs to be created in Cloud Search first. Do you have access to Cloud Search through a G-Suite Business license, or are you only using Cloud Identity? |
Hi @megan07 ! We don't have access to Cloud Search and we are only using Cloud Identity at this time. |
Thank you for your quick response! I’ve been digging into this a little bit, and my understanding from reading this (https://cloud.google.com/identity/docs/concepts/groups) is that there are two different APIs. The one linked above would be if you are trying to map groups to an external identity source, in which case you’d need to create an identity source in Cloud Search. However, from my understanding, I think you’re trying to create the Google Group managed by Admin Console and using this API https://developers.google.com/admin-sdk/directory/v1/guides/manage-groups. If that is the case, I will refer you to a Gsuite provider here as we have separate providers between Gsuite and GCP. |
Removing the waiting-response label so this doesn't get lost in automation, but if anyone who is subscribed to this could answer @megan07's question, that would help give us the information we need to get this prioritized. |
It looks like the Cloud Identiy Group API has beta support for Google Groups in addition to the Identity Groups that need an identity source. There's still some dependency on a GSuite integration, but it looks like GCP is building out functionality here. Labels on groups seem like a new feature not present in the GSuite Admin SDK. https://cloud.google.com/identity/docs/how-to/groups#manage_google_groups_beta |
Note sure if this should be a new ticket instead, but the datasources (as mentioned in the issue description) still seem to be unimplemented. |
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. If you feel I made an error 🤖 🙉 , please reach out to my human friends 👉 [email protected]. Thanks! |
Community Note
Description
I have a customer with an Active Directory (in Azure) and we are initiating a project in GCP.
We created an Organization and Google Engineers advised us to configue the provisioning of Cloud Identity with Azure AD. We did this and we now can use the AD user to connect to GCP.
The group management needs to be made at Cloud Identity level, and we were unable to find resources for cloud identity in the google provider.
Since the API exists, would it be possible to create the Terraform resources and datasources allowing to manage cloud identity ?
New or Affected Resource(s)
Potential Terraform Configuration
References
Cloud Identity API doc: https://cloud.google.com/identity/docs/reference/rest/
The text was updated successfully, but these errors were encountered: