Google Workspace - Remove Users
  • 19 Sep 2024
  • 1 Minute to read
  • Dark
    Light
  • PDF

Google Workspace - Remove Users

  • Dark
    Light
  • PDF

Article summary

Google Workspace - Remove Users removes each Google Workspace user retrieved from the saved query supplied as a trigger (or users selected in the asset table).

See Creating Enforcement Sets to learn more about adding Enforcement Actions to Enforcement Sets.

Note:

General Settings

  • Action name - The name of this Enforcement Action. The system sets a default name. You can change the name.
  • Configure Dynamic Values - Toggle on to enter a Dynamic Value statement. See Creating Enforcement Action Dynamic Value Statements to learn more about Dynamic Value statement syntax.

  • Use stored credentials from Google Workspace adapter - Select this option to use the first connected Google Workspace adapter credentials.
    • When you select this option, the Select Adapter Connection drop-down is available, and you can choose which adapter connection to use for this Enforcement Action.
    Note:

    To use this option, you must successfully configure a Google Workspace adapter connection.

Required Fields

These fields must be configured to run the Enforcement Set.

  • Action - Select the action to perform:
    • Delete - Delete the users from Google Workspace.
    • Suspend - Suspend the users. The account exists but is not usable.
  • Compute Node - The Axonius node to use when connecting to the specified host. For more details, see Connecting Additional Axonius Nodes.

Additional Fields

These fields are optional.

  • Gateway Name - Select the Gateway through which to connect to perform the action.

  • Email of an admin account to impersonate - The email of your Google Workspace admin.
  • JSON Key pair for the service account - Upload the JSON file you have created for your service account. For more details, refer to Google Workspace adapter.

APIs

Axonius uses the Google Workspace - Manage user accounts API.

Required Permissions

This action requires permission for removing a user.

Also this action requires that you enter the following scope in your Google account's Domain Wide Delegation for the Client ID used for this connection (inside the JSON file):
'https://www.googleapis.com/auth/admin.directory.user'


For more details about other Enforcement Actions available, see Action Library.



Was this article helpful?