Skip to content
This repository has been archived by the owner on Aug 23, 2022. It is now read-only.

Latest commit

 

History

History

example-gsuite-authentication

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
README.md
README.md
 
 
main.tf
main.tf
 
 
terraform.tfvars.example
terraform.tfvars.example
 
 
variables.tf
variables.tf
 
 

README.md

Example GSuite Authentication

This folder contains an example how to implement the GSuite Authentication for Terraform.

Google Cloud Service account

Setup Service Account

Google SDK Documentation about Delegation

Go to IAM service accounts and create a Service account.

  • enter Service account name
  • add yourself to 'Grant users access to this service account'

Add key

In the Service account overview open the 'Actions' menu on the right of the dedicated service account and choose Manage keys. Click on 'Add key' and create a new key in JSON format, this key will be used for Terraform. Go back to Details and copy the Unique ID.

Add service account to domain-wide delegation for GWorkspace

Go to Google Admin console Domain wide delegation.

Get the Service account with the ID provided before (Service account details), then add the following oauth scopes:

https://www.googleapis.com/auth/admin.directory.user, https://www.googleapis.com/auth/admin.directory.userschema, https://www.googleapis.com/auth/admin.directory.group, https://www.googleapis.com/auth/apps.groups.settings

Provide Service account credentials to Terraform

Add credentials to terraform.tfvars, see terraform.tfvars.example.