Additional Configuration Parameters

The connector supports aggregation statistics logging, which is enabled by default in cases where the log level is set to Debug.

Aggregation statistics logging can be disabled by adding the following entry key in the application Debug page:

<entry key="disableStatistics" value="true"/>
Configure the following attributes to transfer data of Google Applications before account deletion by updating the entries in the application Debug page:

excludeAppsFromTransfer

List of Google Workspace apps that need to be excluded from data transfer.

By default, it contains Calendar and None. At least one entry (None) must be present in the list.

enableDataTransferOnDelete

This is a boolean flag that indicates if data transfer is performed after account deletion.
relationsForDataTransfer
List of relations required to be checked by the owner of the data as per the provided sequence. This attribute is used when newOwner is not provided in the provisioning form.

For example:
Copy
<entry key="relationsForDataTransfer"> <value> </List> <String>manager</String> <String>assistant</String> <String>father</String> </List> </value> </entry>
The connector supports a configurable page size for Group and Role by adding the following entries in the application Debug page:

groupPageSize

Number of records per page for Group Aggregation. The default value is the value provided in the Page Size field. For more information, refer to the Domain and Aggregation Settings topic. Maximum value: 200

<entry key ="groupPageSize" value="200"/>

rolePageSize

Number of records per page for Role Aggregation. The default value is the value provided in the Page Size field. For more information, refer to the Domain and Aggregation Settings topic. Maximum value: 100

<entry key ="rolePageSize"" value="100"/>

The connector supports account type configuration using the accountTypes attribute which creates a list of Account types you want to manage. If provided, Account Aggregation aggregates according to the configured list. By default, the connector aggregates all three account types (users, serviceAccount, and domain).

Copy

<entry key="accountTypes">
    <value>
        <List>
            <String>user</String>
            <String>serviceAccount</String>
            <String>domain</String>
        </List>
    </value>
</entry>

fetchCustomIamRolesOnly – Boolean/String. Fetches only custom roles during aggregation, when set as true. It skips all predefined roles.

<entry key="fetchCustomIamRolesOnly" value="true"/>
aggregateGARolesOnly – Boolean/String. Fetches GA'ed roles during aggregation, when set as true. It skips roles in different stages like alpha, beta, etc.

<entry key="aggregateGARolesOnly " value="true"/>
iamRoleView – String. Possible values are FULL or BASIC. FULL is the default value, which brings all permissions along with roles during aggregation. When set to BASIC it skips the includedPermission attribute.

<entry key="aggregateGARolesOnly " value="BASIC"/>
iamRolePageSize – Page size for role API. The default is 300. Maximum is 1,000

<entry key="aggregateGARolesOnly " value="500"/>
serviceAccountPageSize – Page size for the Service Account API. If not provided, the default is 100. Max is 500

<entry key="serviceAccountPageSize " value="50"/>
assetSearchPageSize – Page size for the Cloud Asset API. If not provided, the default is 500. Max is 500

<entry key="assetSearchPageSize " value="100"/>
Delta aggregation:
- Only supported for the User account type. It is the same as the existing delta aggregation in the connector. The Service Account and Domain account types do not support delta aggregation and therefore full aggregation is performed.
- The connector retrieves accounts and groups on the basis of Activity Events.
  The following table lists the default events considered by the Google Workspace connector and the respective entry key that can be added in the application Debug page to override the default activity events:

Delta Aggregation Type	Events	Entry Key
Account Delta Aggregation	ADD_NICKNAME,CHANGE_USER_RELATION,CHANGE_USER_ORGANIZATION,CHANGE_USER_IM,CHANGE_LAST_NAME,CHANGE_FIRST_NAME,CHANGE_PASSWORD_ON_NEXT_LOGIN,MOVE_USER_TO_ORG_UNIT,REMOVE_NICKNAME,RENAME_USER,SUSPEND_USER,UPDATE_BIRTHDATE,CHANGE_PASSWORD,UNDELETE_USER,UNSUSPEND_USER,CHANGE_USER_CUSTOM_FIELD	<entry key="accountUpdateEvents" value="\|ADD_NICKNAME\|CHANGE_USER_RELATION\|"/> Event names can be selected from the following Google Workspace documentation page: Admin Audit Activity Events - User Settings
Group Delta Aggregation	CHANGE_GROUP_SETTING,CHANGE_GROUP_DESCRIPTION,CHANGE_GROUP_NAME,DELETE_GROUP,REMOVE_GROUP_MEMBER	<entry key="groupUpdateEvents" value="\|CHANGE_GROUP_SETTING\|CHANGE_GROUP_DESCRIPTION\|"/> Event names can be selected from the following Google Workspace documentation page: Admin Audit Activity Events - Group Settings

Delta Aggregation Type

Events

Entry Key

Account Delta Aggregation

ADD_NICKNAME,CHANGE_USER_RELATION,CHANGE_USER_ORGANIZATION,CHANGE_USER_IM,CHANGE_LAST_NAME,CHANGE_FIRST_NAME,CHANGE_PASSWORD_ON_NEXT_LOGIN,MOVE_USER_TO_ORG_UNIT,REMOVE_NICKNAME,RENAME_USER,SUSPEND_USER,UPDATE_BIRTHDATE,CHANGE_PASSWORD,UNDELETE_USER,UNSUSPEND_USER,CHANGE_USER_CUSTOM_FIELD

Event names can be selected from the following Google Workspace documentation page:

Admin Audit Activity Events - User Settings

Group Delta Aggregation

CHANGE_GROUP_SETTING,CHANGE_GROUP_DESCRIPTION,CHANGE_GROUP_NAME,DELETE_GROUP,REMOVE_GROUP_MEMBER

Event names can be selected from the following Google Workspace documentation page:

Admin Audit Activity Events - Group Settings

Feedback is provided as an informational resource only and does not form part of SailPoint's official product documentation. SailPoint does not warrant or make any guarantees about the feedback (including without limitation as to its accuracy, relevance, or reliability). All feedback is subject to the terms set forth at https://developer.sailpoint.com/discuss/tos.


	You are here:

Additional Configuration Parameters

Documentation Feedback