mirror of
https://github.com/GAM-team/GAM.git
synced 2026-07-03 20:31:35 +00:00
Create, update and delete Cloud Identity policies
Some checks failed
Build and test GAM / build (false, build, 1, Build Intel Ubuntu Jammy, ubuntu-22.04) (push) Has been cancelled
Build and test GAM / build (false, build, 10, Build x86_64 macOS 15, macos-15-intel) (push) Has been cancelled
Build and test GAM / build (false, build, 11, Build x86_64 macOS 26, macos-26-intel) (push) Has been cancelled
Build and test GAM / build (false, build, 12, Build Arm MacOS 26, macos-26) (push) Has been cancelled
Build and test GAM / build (false, build, 13, Build Intel Windows, windows-2025-vs2026) (push) Has been cancelled
Build and test GAM / build (false, build, 14, Build Arm Windows, windows-11-arm) (push) Has been cancelled
Build and test GAM / build (false, build, 2, Build Intel Ubuntu Noble, ubuntu-24.04) (push) Has been cancelled
Build and test GAM / build (false, build, 3, Build Arm Ubuntu Noble, ubuntu-24.04-arm) (push) Has been cancelled
Build and test GAM / build (false, build, 4, Build Arm Ubuntu Jammy, ubuntu-22.04-arm) (push) Has been cancelled
Build and test GAM / build (false, build, 5, Build Intel StaticX Legacy, ubuntu-22.04, yes) (push) Has been cancelled
Build and test GAM / build (false, build, 6, Build Arm StaticX Legacy, ubuntu-22.04-arm, yes) (push) Has been cancelled
Build and test GAM / build (false, build, 8, Build Arm MacOS 14, macos-14) (push) Has been cancelled
Build and test GAM / build (false, build, 9, Build Arm MacOS 15, macos-15) (push) Has been cancelled
Build and test GAM / build (false, test, 15, Test Python 3.10, ubuntu-24.04, 3.10) (push) Has been cancelled
Build and test GAM / build (false, test, 16, Test Python 3.11, ubuntu-24.04, 3.11) (push) Has been cancelled
Build and test GAM / build (false, test, 17, Test Python 3.12, ubuntu-24.04, 3.12) (push) Has been cancelled
Build and test GAM / build (false, test, 18, Test Python 3.13, ubuntu-24.04, 3.13) (push) Has been cancelled
Build and test GAM / build (false, test, 19, Test Python 3.15-dev, ubuntu-24.04, 3.15-dev) (push) Has been cancelled
Build and test GAM / build (true, test, 20, Test Python 3.14 freethread, ubuntu-24.04, 3.14) (push) Has been cancelled
Build and test GAM / publish (push) Has been cancelled
CodeQL / Analyze (python) (push) Has been cancelled
Push wiki / pushwiki (push) Has been cancelled
Some checks failed
Build and test GAM / build (false, build, 1, Build Intel Ubuntu Jammy, ubuntu-22.04) (push) Has been cancelled
Build and test GAM / build (false, build, 10, Build x86_64 macOS 15, macos-15-intel) (push) Has been cancelled
Build and test GAM / build (false, build, 11, Build x86_64 macOS 26, macos-26-intel) (push) Has been cancelled
Build and test GAM / build (false, build, 12, Build Arm MacOS 26, macos-26) (push) Has been cancelled
Build and test GAM / build (false, build, 13, Build Intel Windows, windows-2025-vs2026) (push) Has been cancelled
Build and test GAM / build (false, build, 14, Build Arm Windows, windows-11-arm) (push) Has been cancelled
Build and test GAM / build (false, build, 2, Build Intel Ubuntu Noble, ubuntu-24.04) (push) Has been cancelled
Build and test GAM / build (false, build, 3, Build Arm Ubuntu Noble, ubuntu-24.04-arm) (push) Has been cancelled
Build and test GAM / build (false, build, 4, Build Arm Ubuntu Jammy, ubuntu-22.04-arm) (push) Has been cancelled
Build and test GAM / build (false, build, 5, Build Intel StaticX Legacy, ubuntu-22.04, yes) (push) Has been cancelled
Build and test GAM / build (false, build, 6, Build Arm StaticX Legacy, ubuntu-22.04-arm, yes) (push) Has been cancelled
Build and test GAM / build (false, build, 8, Build Arm MacOS 14, macos-14) (push) Has been cancelled
Build and test GAM / build (false, build, 9, Build Arm MacOS 15, macos-15) (push) Has been cancelled
Build and test GAM / build (false, test, 15, Test Python 3.10, ubuntu-24.04, 3.10) (push) Has been cancelled
Build and test GAM / build (false, test, 16, Test Python 3.11, ubuntu-24.04, 3.11) (push) Has been cancelled
Build and test GAM / build (false, test, 17, Test Python 3.12, ubuntu-24.04, 3.12) (push) Has been cancelled
Build and test GAM / build (false, test, 18, Test Python 3.13, ubuntu-24.04, 3.13) (push) Has been cancelled
Build and test GAM / build (false, test, 19, Test Python 3.15-dev, ubuntu-24.04, 3.15-dev) (push) Has been cancelled
Build and test GAM / build (true, test, 20, Test Python 3.14 freethread, ubuntu-24.04, 3.14) (push) Has been cancelled
Build and test GAM / publish (push) Has been cancelled
CodeQL / Analyze (python) (push) Has been cancelled
Push wiki / pushwiki (push) Has been cancelled
This commit is contained in:
@@ -5,6 +5,8 @@
|
||||
- [Definitions](#definitions)
|
||||
- [Policies](#policies)
|
||||
- [Display Cloud Identity Policies](#display-cloud-identity-policies)
|
||||
- [Create and Update Cloud Identity Policies](#create-and-update-cloud-identity-policies)
|
||||
- [Delete Cloud Identity Policies](#delete-cloud-identity-policies)
|
||||
|
||||
## API documentation
|
||||
* [Policy API](https://cloud.google.com/identity/docs/reference/rest/v1/policies)
|
||||
@@ -35,6 +37,9 @@ You must enable access to policies in the GCP cloud console.
|
||||
* Click Organization Policy Administrator
|
||||
* Click Save
|
||||
|
||||
The commands to create, update and delete Cloud Identity policies for data loss prevention (DLP) rules and detectors
|
||||
were added in version `7.46.00`.
|
||||
|
||||
## Definitions
|
||||
```
|
||||
<CIPolicyName> ::= policies/<String>|settings/<String>|<String>
|
||||
@@ -87,7 +92,7 @@ gam show policies
|
||||
[formatjson]
|
||||
```
|
||||
By default, all policies are displayed.
|
||||
* `filter <String>` - Display filtered policies, See https://cloud.google.com/identity/docs/reference/rest/v1beta1/policies/list
|
||||
* `filter <String>` - Display filtered policies, See https://cloud.google.com/identity/docs/reference/rest/v1/policies/list
|
||||
* `group <REMatchPattern>` - Only display policies whose group email address matches the `<REMatchPattern>`
|
||||
* `ou|org|orgunit <REMatchPattern>` - Only display policies whose OU path matches the `<REMatchPattern>`
|
||||
|
||||
@@ -110,7 +115,7 @@ gam print policies [todrive <ToDriveAttribute>*]
|
||||
[formatjson [quotechar <Character>]]
|
||||
```
|
||||
By default, all policies are displayed:
|
||||
* `filter <String>` - Display filtered policies, See https://cloud.google.com/identity/docs/reference/rest/v1beta1/policies/list
|
||||
* `filter <String>` - Display filtered policies, See https://cloud.google.com/identity/docs/reference/rest/v1/policies/list
|
||||
* `group <REMatchPattern>` - Only display policies whose group email address matches the `<REMatchPattern>`
|
||||
* `ou|org|orgunit <REMatchPattern>` - Only display policies whose OU path matches the `<REMatchPattern>`
|
||||
|
||||
@@ -152,3 +157,32 @@ Print all polices that apply to the OU "/Staff" and its sub-OUs.
|
||||
```
|
||||
gam redirect csv ./StaffPolicies.csv print policies ou "^/Staff"
|
||||
```
|
||||
|
||||
## Create and Update Cloud Identity Policies
|
||||
Policies can be complex objects, it is probably easiest to create template policies in the Admin console (under Rules),
|
||||
output the JSON format data for those policies to be used in subsequent create and update commands.
|
||||
|
||||
```
|
||||
gam create policy
|
||||
json <JSONData>
|
||||
[(ou|orgunit <OrgUnitItem>)|(group <GroupItem>)|(query <String>)]
|
||||
gam update policy
|
||||
json <JSONData>
|
||||
[(ou|orgunit <OrgUnitItem>)|(group <GroupItem>)|(query <String>)]
|
||||
```
|
||||
```
|
||||
gam redirect stdout ./policy.json info policies policies/akajj264aoclblvncu
|
||||
Make changes to policy.json and update the policy.
|
||||
gam update policy json file policy.json
|
||||
|
||||
Update the policy to reference a different group.
|
||||
gam update policy json file policy.json group <EmailAddress>
|
||||
|
||||
Make changes to policy.json and create a new policy in a different OU.
|
||||
gam create policy json file policy.json ou <OrgUnitPath>
|
||||
```
|
||||
|
||||
## Delete Cloud Identity Policies
|
||||
```
|
||||
gam delete policies <CIPolicyNameEntity>
|
||||
```
|
||||
|
||||
@@ -10,6 +10,13 @@ Add the `-s` option to the end of the above commands to suppress creating the `g
|
||||
|
||||
See [Downloads-Installs-GAM7](https://github.com/GAM-team/GAM/wiki/Downloads-Installs) for Windows or other options, including manual installation
|
||||
|
||||
### 7.46.00
|
||||
|
||||
Added commands to create, update and delete Cloud Identity policies for data loss prevention (DLP) rules and detectors.
|
||||
|
||||
* See: https://github.com/GAM-team/GAM/wiki/Cloud-Identity-Policies
|
||||
* See: https://workspaceupdates.googleblog.com/2026/06/introducing-workspace-policy-api-mutate-endpoints-for-DLP.html
|
||||
|
||||
### 7.45.00
|
||||
|
||||
Added options `isdisabled [<Boolean>]`, `disabledafter <DateTime>` and `disabledbefore <DateTime>`
|
||||
|
||||
@@ -251,7 +251,7 @@ writes the credentials into the file oauth2.txt.
|
||||
```
|
||||
gamteam@server:/Users/gamteam$ rm -f /Users/gamteam/GAMConfig/oauth2.txt
|
||||
gamteam@server:/Users/gamteam$ gam version
|
||||
GAM 7.45.00 - https://github.com/GAM-team/GAM - pyinstaller
|
||||
GAM 7.46.00 - https://github.com/GAM-team/GAM - pyinstaller
|
||||
GAM Team <google-apps-manager@googlegroups.com>
|
||||
Python 3.14.5 64-bit final
|
||||
macOS Tahoe 26.5.1 arm64
|
||||
@@ -1034,7 +1034,7 @@ writes the credentials into the file oauth2.txt.
|
||||
```
|
||||
C:\>del C:\GAMConfig\oauth2.txt
|
||||
C:\>gam version
|
||||
GAM 7.45.00 - https://github.com/GAM-team/GAM - pythonsource
|
||||
GAM 7.46.00 - https://github.com/GAM-team/GAM - pythonsource
|
||||
GAM Team <google-apps-manager@googlegroups.com>
|
||||
Python 3.14.5 64-bit final
|
||||
Windows 11 10.0.26200 AMD64
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
Print the current version of Gam with details
|
||||
```
|
||||
gam version
|
||||
GAM 7.45.00 - https://github.com/GAM-team/GAM - pyinstaller
|
||||
GAM 7.46.00 - https://github.com/GAM-team/GAM - pyinstaller
|
||||
GAM Team <google-apps-manager@googlegroups.com>
|
||||
Python 3.14.5 64-bit final
|
||||
macOS Tahoe 26.5.1 arm64
|
||||
@@ -15,7 +15,7 @@ Time: 2026-02-15T07:51:00-08:00
|
||||
Print the current version of Gam with details and time offset information
|
||||
```
|
||||
gam version timeoffset
|
||||
GAM 7.45.00 - https://github.com/GAM-team/GAM - pyinstaller
|
||||
GAM 7.46.00 - https://github.com/GAM-team/GAM - pyinstaller
|
||||
GAM Team <google-apps-manager@googlegroups.com>
|
||||
Python 3.14.5 64-bit final
|
||||
macOS Tahoe 26.5.1 arm64
|
||||
@@ -27,7 +27,7 @@ Your system time differs from www.googleapis.com by less than 1 second
|
||||
Print the current version of Gam with extended details and SSL information
|
||||
```
|
||||
gam version extended
|
||||
GAM 7.45.00 - https://github.com/GAM-team/GAM - pyinstaller
|
||||
GAM 7.46.00 - https://github.com/GAM-team/GAM - pyinstaller
|
||||
GAM Team <google-apps-manager@googlegroups.com>
|
||||
Python 3.14.5 64-bit final
|
||||
macOS Tahoe 26.5.1 arm64
|
||||
@@ -35,21 +35,21 @@ Path: /Users/gamteam/bin/gam7
|
||||
Config File: /Users/gamteam/GamConfig/gam.cfg, Section: DEFAULT, customer_id: my_customer, domain: domain.com
|
||||
Time: 2026-02-15T07:51:00-08:00
|
||||
Your system time differs from admin.googleapis.com by less than 1 second
|
||||
OpenSSL 4.0.0 14 Apr 2026
|
||||
OpenSSL 4.0.1 9 Jun 2026
|
||||
arrow 1.4.0
|
||||
chardet 5.2.0
|
||||
cryptography 46.0.5
|
||||
filelock 3.21.2
|
||||
google-api-python-client 2.190.0
|
||||
google-auth-httplib2 0.3.0
|
||||
google-auth-oauthlib 1.2.4
|
||||
google-auth 2.48.0
|
||||
lxml 6.0.2
|
||||
chardet 7.4.3
|
||||
cryptography 48.0.0
|
||||
filelock 3.29.0
|
||||
google-api-python-client 2.196.0
|
||||
google-auth-httplib2 0.4.0
|
||||
google-auth-oauthlib 1.4.0
|
||||
google-auth 2.53.0
|
||||
lxml 6.1.1
|
||||
httplib2 0.31.2
|
||||
passlib 1.7.4
|
||||
pathvalidate 3.3.1
|
||||
pyscard 2.3.1
|
||||
yubikey-manager 5.9.0
|
||||
yubikey-manager 5.9.1
|
||||
admin.googleapis.com connects using TLSv1.3 TLS_AES_256_GCM_SHA384
|
||||
```
|
||||
|
||||
@@ -68,7 +68,7 @@ MacOS High Sierra 10.13.6 x86_64
|
||||
Path: /Users/gamteam/bin/gam7
|
||||
Version Check:
|
||||
Current: 5.35.08
|
||||
Latest: 7.45.00
|
||||
Latest: 7.46.00
|
||||
echo $?
|
||||
1
|
||||
```
|
||||
@@ -76,7 +76,7 @@ echo $?
|
||||
Print the current version number without details
|
||||
```
|
||||
gam version simple
|
||||
7.45.00
|
||||
7.46.00
|
||||
```
|
||||
In Linux/MacOS you can do:
|
||||
```
|
||||
@@ -86,7 +86,7 @@ echo $VER
|
||||
Print the current version of Gam and address of this Wiki
|
||||
```
|
||||
gam help
|
||||
GAM 7.45.00 - https://github.com/GAM-team/GAM
|
||||
GAM 7.46.00 - https://github.com/GAM-team/GAM
|
||||
GAM Team <google-apps-manager@googlegroups.com>
|
||||
Python 3.14.5 64-bit final
|
||||
macOS Tahoe 26.5.1 arm64
|
||||
|
||||
Reference in New Issue
Block a user