Admin.google groups and Organizational Google Workspace Domains
Use case - Only allow users from specific domains into GCP
Organization Policy : Allow only allowed Domains into GCP
As a GCP Admin, this is a policy you will get to use often. To add legitimate, allowed domains (vendors, 3rd parties etc.) onto your GCP Platform (as IAM members).
What about Admin.google groups?
Before Cloud Identity, there were admin.google groups where users could be added and brought over (automatically) to your GCP platform.
This option still exists. The actual domains that these users belong to, DO NOT need to be part of the authorized domains at the top Org Level.
Leave a Reply