Assigning Roles to an Impersonated User

Manage G-Suite Users/Groups/Roles

To assign the Roles (Built-in/Custom) to an Impersonated User for managing G-Suite Users/Groups/Roles, complete the following:

Go to Google Admin page.
In the left pane, go to the Directory and select Users tab.
Select the configured Impersonated user (used as jwt subject).
Expand the Admin roles and privileges section for that user.

Assign all the required roles here to this user mentioned in the documentation under the G-Suite section.

Manage Google Cloud Resources

To assign the Roles (Built-in/Custom) to an Impersonated User for managing cloud resources (When Manage Cloud Resources is enabled on the ISC user-interface), complete the following:

Go to Google Console.
Select IAM & Admin tab and make sure you are viewing it for the Organization (domain which is configured as organization ID) (such as, dev.sailpoint.com)
Select Grant Access button.
Under Add Principal, select the Impersonated User (IAM user) which is configured as jwt subject during source configuration(Google Workspace connector).

Feedback is provided as an informational resource only and does not form part of SailPoint's official product documentation. SailPoint does not warrant or make any guarantees about the feedback (including without limitation as to its accuracy, relevance, or reliability). All feedback is subject to the terms set forth at https://developer.sailpoint.com/discuss/tos.


	You are here:

Assigning Roles to an Impersonated User

Manage G-Suite Users/Groups/Roles

Manage Google Cloud Resources

Documentation Feedback