-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathgmail-policy.yaml
More file actions
24 lines (23 loc) · 921 Bytes
/
gmail-policy.yaml
File metadata and controls
24 lines (23 loc) · 921 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
# Organization Policy for Gmail API Push Notifications
#
# This policy allows the Gmail API service account to publish messages
# to your Pub/Sub topic for push notifications.
#
# To apply this policy (requires Organization Policy Administrator role):
# gcloud org-policies set-policy gmail-policy.yaml --project=inbound-org
#
# Or try the legacy command:
# gcloud resource-manager org-policies set-policy gmail-policy-legacy.yaml --project=inbound-org
#
# Without this policy, you'll get an error:
# "User gmail-api-push@system.gserviceaccount.com is not in permitted organization"
#
# Note: C0339rv4r is the inbound.org organization ID
name: projects/inbound-org/policies/iam.allowedPolicyMemberDomains
spec:
rules:
- allowAll: false
values:
allowedValues:
- "C0339rv4r" # inbound.org organization
- "gmail-api-push@system.gserviceaccount.com" # Gmail API service account