G Suite (Google Workspace)

G Suite, or Google Workspace, is a set of cloud-based productivity and collaboration tools developed by Google.

Setup in Google

Log in to the Google Console. Locate an existing Google service account one or create a new one.
Enable G Suite domain-wide delegation on this Google service account:

2.1. Under Actions, click 'three dots' → Edit.

2.2. In the service account details, click the ⌵ icon → Show domain-wide delegation. Ensure that the checkbox 'Enable G Suite Domain-wide Delegation' is checked.

2.3. Click Save to save updates. Read more
Add the service account in G Suite Admin and delegate domain-wide authority:

3.1. Log in to the G Suite domain's Admin console. From the main menu go to Security → API controls → Manage Domain Wide Delegation.

3.2. Click Add new. Add Client ID from the service account.

3.3. Add the following permissions in 'OAuth scopes':

https://www.googleapis.com/auth/admin.directory.device.chromeos.readonly
https://www.googleapis.com/auth/admin.directory.device.mobile.readonly
https://www.googleapis.com/auth/admin.directory.group.member.readonly
https://www.googleapis.com/auth/admin.directory.group.readonly
https://www.googleapis.com/auth/admin.directory.orgunit.readonly
https://www.googleapis.com/auth/admin.directory.user.readonly
https://www.googleapis.com/auth/admin.directory.user.alias.readonly
https://www.googleapis.com/auth/admin.directory.rolemanagement.readonly
https://www.googleapis.com/auth/admin.directory.userschema.readonly
https://www.googleapis.com/auth/admin.directory.customer.readonly
https://www.googleapis.com/auth/admin.directory.domain.readonly
https://www.googleapis.com/auth/admin.directory.resource.calendar.readonly Read more

3.4. Click Authorize.

Setup in Cloudaware

Log in to Cloudaware → Admin.
Find G Suite in integrations. Click +ADD.
Fill out the form:
WHERE
Google Service Account – select the service account that has been set up for G Suite integration and added to Cloudaware, or add a new one
Admin Email – the valid admin email with read permissions for Directory API

Click SAVE.
A green light in the ‘Status’ column indicates successful configuration. If the light is red, contact support@cloudaware.com.
To view G Suite-related data, go to Cloudaware CMDB Navigator. Select G SUITE ADMIN in the left-hand menu:

List of G Suite objects

Cloudaware supports the following Google G Suite objects:

Google G-Suite Customer CA10GS__CaGoogleGSuiteCustomer__c
Google G-Suite Domain CA10GS__CaGoogleGSuiteDomain__c
Google G-Suite Domain Alias CA10GS__CaGoogleGSuiteDomainAlias__c
Google G-Suite Group CA10GS__CaGoogleGSuiteGroup__c
Google G-Suite Member CA10GS__CaGoogleGSuiteMember__c
Google G-Suite Organizational Unit CA10GS__CaGoogleGSuiteOrganizationalUnit__c
Google G-Suite Privilege CA10GS__CaGoogleGSuitePrivilege__c
Google G-Suite Role CA10GS__CaGoogleGSuiteRole__c
Google G-Suite Role Assignment CA10GS__CaGoogleGSuiteRoleAssignment__c
Google G-Suite Role Privilege Link CA10GS__CaGoogleGSuiteRolePrivilegeLink__c
Google G-Suite User CA10GS__CaGoogleGSuiteUser__c
Google G-Suite User Address CA10GS__CaGoogleGSuiteUserAddress__c
Google G-Suite User Instant Messenger CA10GS__CaGoogleGSuiteUserInstantMessenger__c
Google G-Suite User Location CA10GS__CaGoogleGSuiteUserLocation__c
Google G-Suite User Organization CA10GS__CaGoogleGSuiteUserOrganization__c
Google G-Suite User Posix Account CA10GS__CaGoogleGSuiteUserPosixAccount__c