Git Product home page Git Product logo

create-service-account's Introduction

Create Service Account for Google Workspace Migration Products

These scripts are designed to automate the steps needed to create a service account for use with Google Workspace migration & sync products. They are meant to be executed within a Google Cloud Shell. The scripts generate a service account's private key JSON file which can then be provided to the migration or sync tool. The scripts automate the following:

  • Creates a GCP project
  • Enables APIs
  • Creates a service account
  • Authorizes the service account
  • Creates and downloads a service account key

Table of contents

Getting Started

In order to run these scripts, you must be a Google Workspace Super Administrator. The script that you execute will depend on which tool you are using. To get started, first select the tool that you are planning to use.

Usage

Google Workspace Migration for Microsoft Exchange (GWMME)

To create an authorized service account for Google Workspace Migration for Microsoft Exchange, copy and paste the command below in Cloud Shell.

  1. Open Cloud Shell
  2. Copy and paste the following command into Cloud Shell and press Enter.
python3 <(curl -s -S -L https://git.io/gwmme-create-service-account)

Google Workspace Migrate (GWM)

To create an authorized service account for Google Workspace Migration, copy and paste the command below in Cloud Shell.

  1. Open Cloud Shell
  2. Copy and paste the following command into Cloud Shell and press Enter.
python3 <(curl -s -S -L https://git.io/gwm-create-service-account)

Password Sync

To create an authorized service account for Password Sync, copy and paste the command below in Cloud Shell.

  1. Open Cloud Shell
  2. Copy and paste the following command into Cloud Shell and press Enter.
python3 <(curl -s -S -L https://git.io/password-sync-create-service-account)

Help

Bugs and Feature Requests

These scripts are not an officially supported Google product. Therefore, there is no guarantee or ETA for bug fixes or feature requests. That being said, if you think that there may be a bug or you want to request a feature, then please create a new issue.

Alternatives

If these scripts are not working for you, then you can use the manual steps instead. Select which product you are trying to create a service account for to see the manual steps


This is not an officially supported Google product.

create-service-account's People

Contributors

eesheesh avatar jay0lee avatar ssahni avatar

Stargazers

 avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar

Watchers

 avatar  avatar  avatar  avatar  avatar  avatar  avatar

create-service-account's Issues

password-sync-create-service-account fails to create a project

Project creation is failing. It seems that the project display name [display_name] is too long.
Here's the console output.

Welcome! This script will create and authorize the resources that are necessary to use Password Sync. The following steps will be performed on your behalf:

1. Create a Google Cloud Platform project
2. Enable APIs
3. Create a service account
4. Authorize the service account
5. Create a service account key

In the end, you will be prompted to download the service account key. This key can then be used for PasswordSync.

If you would like to perform these steps manually, then you can follow the instructions at https://support.google.com/a/answer/7378726.

Press Enter to continue or 'n' to exit:
Creating project...
Failed to execute command: `ERROR: (gcloud.projects.create) INVALID_ARGUMENT: field [display_name] has issue [project display name must be at most 30 characters]
- '@type': type.googleapis.com/google.rpc.BadRequest
  fieldViolations:
  - description: project display name must be at most 30 characters
    field: display_name
- '@type': type.googleapis.com/google.rpc.Help
  links:
  - url: https://cloud.google.com/resource-manager/reference/rest/v1/projects

admin_@cloudshell:~$

GWMME should also authorize the IMAP scope if needed

The script should ask the admin if they intend to migrate from Workspace, and add the https://www.googleapis.com/auth/gmail.imap_admin scope.

Maybe also give them the opportunity to do the DwD flow for the target domain as well, if they've selected that option.

Failing to download the generated JSON key

The script works fine and it successfully creates the key Filename: gwm-service-account-key-YYYY-MM-DD-XX-XX-XX.json, but the generated JSON key cannot be downloaded.

When I click the Download in the Download File pop up, it fails due to "No such file".

Workaround

  • See the name of the file
    ls -l /tmp
  • Open the file and copy and paste the text.
    cat /tmp/filename.json

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.