Google Workspace - Remove Users From Group
  • 12 Feb 2024
  • 2 Minutes to read
  • Dark
    Light
  • PDF

Google Workspace - Remove Users From Group

  • Dark
    Light
  • PDF

Article summary

Google Workspace - Remove Users From Group removes the users retrieved from the saved query supplied as a trigger (or users that have been selected in the asset table) from a Google Workspace group.

See Creating Enforcement Sets to learn more about adding Enforcement Actions to Enforcement Sets.

General Settings

  • Enforcement Set name (required) - The name of the Enforcement Set. A default value is added by Axonius. You can change the name according to your needs.
  • Add description - Add a description of the Enforcement Set. It is recommended to describe what the Enforcement Set does.
  • Run action on assets matching following query (required) - Select an asset category and a query. The Enforcement Action will be run on the assets that match the query parameters.
  • Action name (required) - The name of the Main action. A default value is added by Axonius. You can change the name according to your needs.
  • Configure Dynamic Values - Toggle on to enter a Dynamic Value statement. See Creating Enforcement Action Dynamic Value Statements to learn more about Dynamic Value statement syntax.

  • Use Adapter Credentials - Select this option to use the first connected Google Workspace adapter credentials.
Note:

To use this option, you must successfully configure a Google Workspace adapter connection.

Required Fields

These fields must be configured to run the Enforcement Set.

  • Group email address - The email address of the Google Workspace group from which the member will be removed.
  • Compute Node - The Axonius node to use when connecting to the specified host. For more details, see Connecting Additional Axonius Nodes.

Additional Fields

These fields are optional.

  • Email of an admin account to impersonate - The email of your Google Workspace admin.
  • JSON Key pair for the service account - Upload the JSON file you created for your service account. For more details, refer to Google Workspace adapter.

APIs

Axonius uses the Google Workspace - Directory API: Group Members.

Required Permissions

This action requires permission to remove a user from a group.

Also, this action requires that you enter the following scope in your Google account's Domain Wide Delegation for the Client ID used for this connection (inside the JSON file):
'https://www.googleapis.com/auth/admin.directory.group'


For more details about other Enforcement Actions available, see Action Library.



Was this article helpful?