- 12 Feb 2024
- 1 Minute to read
- Print
- DarkLight
- PDF
Google Workspace - Remove Users From Group
- Updated on 12 Feb 2024
- 1 Minute to read
- Print
- DarkLight
- PDF
Google Workspace - Remove Users From Group removes the users retrieved from the saved query supplied as a trigger (or users that have been selected in the asset table) from a Google Workspace group.
- Not all asset categories are supported for all Enforcement Actions.
- See Actions supported for Activity Logs, Adapters Fetch History, and Asset Investigation modules.
- See Actions supported for Vulnerabilities.
- See Actions supported for Software.
General Settings
- Action name - The name of this Enforcement Action. The system sets a default name. You can change the name.
- Configure Dynamic Values - Toggle on to enter a Dynamic Value statement. See Creating Enforcement Action Dynamic Value Statements to learn more about Dynamic Value statement syntax.
- Use Adapter Credentials - Select this option to use the first connected Google Workspace adapter credentials.
To use this option, you must successfully configure a Google Workspace adapter connection.
Required Fields
These fields must be configured to run the Enforcement Set.
- Group email address - The email address of the Google Workspace group from which the member will be removed.
Compute Node - The Axonius node to use when connecting to the specified host. For more details, see Connecting Additional Axonius Nodes.
Additional Fields
These fields are optional.
- Email of an admin account to impersonate - The email of your Google Workspace admin.
- JSON Key pair for the service account - Upload the JSON file you created for your service account. For more details, refer to Google Workspace adapter.
APIs
Axonius uses the Google Workspace - Directory API: Group Members.
Required Permissions
This action requires permission to remove a user from a group.
Also, this action requires that you enter the following scope in your Google account's Domain Wide Delegation for the Client ID used for this connection (inside the JSON file):
'https://www.googleapis.com/auth/admin.directory.group'
For more details about other Enforcement Actions available, see Action Library.