G Suite (Google Workspace) Integration Guide

Owned by Daria Lebedeva
Last updated: Nov 18, 2024
3 min read

G Suite, or Google Workspace, is a suite of cloud computing, productivity and collaboration tools, software and products developed by Google AI.

 

Google Console

 

1. Log in to Google Console. Locate an existing Google service account one or create a new one using this guide.

 

2. Enable G Suite domain-wide delegation on this Google service account: 

2.1. Under Actions, click 'three dots' → Edit.

2.2. In the service account details, click ⌵ → Show domain-wide delegation. Ensure that the checkbox 'Enable G Suite Domain-wide Delegation' is checked.

2.3. Click Save to save updates. Read more

 

3. Add the service account in G-Suite Admin and delegate domain-wide authority:

3.1. Log in to G Suite domain's Admin console admin.google.com. From the main menu go to Security → API controls → Manage Domain Wide Delegation.

3.2. Click Add new. Add Client ID from the service account.

3.3. Add the following permissions in 'OAuth scopes':

https://www.googleapis.com/auth/admin.directory.device.chromeos.readonly

https://www.googleapis.com/auth/admin.directory.device.mobile.readonly

https://www.googleapis.com/auth/admin.directory.group.member.readonly

https://www.googleapis.com/auth/admin.directory.group.readonly

https://www.googleapis.com/auth/admin.directory.orgunit.readonly

https://www.googleapis.com/auth/admin.directory.user.readonly

https://www.googleapis.com/auth/admin.directory.user.alias.readonly

https://www.googleapis.com/auth/admin.directory.rolemanagement.readonly

https://www.googleapis.com/auth/admin.directory.userschema.readonly

https://www.googleapis.com/auth/admin.directory.customer.readonly

https://www.googleapis.com/auth/admin.directory.domain.readonly

https://www.googleapis.com/auth/admin.directory.resource.calendar.readonly Read more

3.4. Click Authorize.

 

Setup in Cloudaware

 

1. Log in to Cloudaware account → Admin.

2. Find G-Suite in the list of integrations. Click +Add.

3. Fill out the form:

WHERE

Google Service Account - select the service account that has been set up for G-Suite integration and added to Cloudaware, OR add a new one

Admin Email - add the valid admin email with read permissions for Directory API

Click Save.


4. The green light in 'Status' means that G-Suite integration has been added successfully. If there is a red light, please contact support@cloudaware.com.

5. To view G-Suite inventory data, go to Cloudaware CMDB Navigator. Select G-SUITE ADMIN.

List of G-Suite Objects

 

Cloudaware supports the following Google G-Suite objects:

Google G-Suite Customer
Google G-Suite Domain
Google G-Suite Domain Alias
Google G-Suite Group
Google G-Suite Member
Google G-Suite Organizational Unit
Google G-Suite Privilege
Google G-Suite Role
Google G-Suite Role Assignment
Google G-Suite Role Privilege Link
Google G-Suite User
Google G-Suite User Address
Google G-Suite User Instant Messenger
Google G-Suite User Location
Google G-Suite User Organization
Google G-Suite User Posix Account