이 페이지에서는 ID 매핑 그룹을 만들고 검색하는 방법을 설명합니다. ID 매핑 그룹은 Active Directory 그룹과 같은 외부 ID 소스의 그룹을 미러링하는 그룹 유형입니다. ID 매핑 그룹은 Google Cloud Search용 ID 커넥터를 만들 때 사용됩니다.
ID 매핑 그룹을 만들려면 새 그룹의 인스턴스로 groups.create()를 호출합니다. 그룹 인스턴스에는 system/groups/external로 설정된 groupKey, Parent, label이 포함되어야 합니다. groupKey는 그룹을 고유하게 식별하는 namespace와 groupId의 조합입니다.
Python
다음 예시에서는 Python 클라이언트 라이브러리를 사용하여 ID 그룹을 만드는 도우미 함수를 보여줍니다. Google 관리 콘솔에서 ID 소스를 만들 때 가져온 ID 소스 ID를 사용하여 도우미 함수를 호출하고 그룹을 만듭니다.
defcreate_identity_group(service,identity_source_id,group_id,group_display_name,group_description):namespace="identitysources/"+identity_source_idgroup_key={"id":group_id,"namespace":namespace}group={"parent":namespace,"description":group_description,"displayName":group_display_name,"groupKey":group_key,"labels":{# Set the label to specify creation of an identity group."system/groups/external":""}}try:response=service.groups().create(body=group).execute()printresponseexceptException,e:printemyNewGroup=create_identity_group(idSvc,"ABC1234","zebra","Zebra external group","The Zebra group is an identity group representing the Zoolandexternalidentity")
네임스페이스를 제공하면 이름 충돌이 발생하지 않으며 동일한 외부 ID 소스에서 다른 그룹의 적절한 컨텍스트에 ID 매핑 그룹을 배치할 수 있습니다.
ID 매핑 그룹 검색
REST
ID 매핑 그룹을 검색하려면 쿼리 문자열로 groups.search()를 호출합니다. 모든 그룹을 검색하려면 system/groups/external 라벨만 제공하면 됩니다.
Python
다음 예시에서는 Python 클라이언트 라이브러리를 사용하여 ID 매핑 그룹을 검색하는 데 사용되는 도우미 함수를 보여줍니다.
defsearch_identity_groups(service,identity_source_id,pageSize,view):# Set the label to search for all identity groupssearchQuery="&query=namespace=identitysources/"+identity_source_id \
+"%20AND%20"+"labels:system/groups/external" \
+"&pageSize="+pageSize+"&view="+viewtry:searchGroupsRequest=service.groups().search()searchGroupsRequest.uri+=searchQueryresponse=searchGroupsRequest.execute()printresponseexceptException,e:printe
다음 단계
그룹이 존재하면 그룹의 멤버십을 만들 수 있습니다. ID 매핑 그룹의 멤버십을 만들려면 ID 매핑 그룹 멤버십 관리를 참조하세요.
[[["이해하기 쉬움","easyToUnderstand","thumb-up"],["문제가 해결됨","solvedMyProblem","thumb-up"],["기타","otherUp","thumb-up"]],[["이해하기 어려움","hardToUnderstand","thumb-down"],["잘못된 정보 또는 샘플 코드","incorrectInformationOrSampleCode","thumb-down"],["필요한 정보/샘플이 없음","missingTheInformationSamplesINeed","thumb-down"],["번역 문제","translationIssue","thumb-down"],["기타","otherDown","thumb-down"]],["최종 업데이트: 2025-09-04(UTC)"],[[["\u003cp\u003eIdentity-mapped groups mirror groups in external identity sources like Active Directory and are used when creating an identity connector for Google Cloud Search.\u003c/p\u003e\n"],["\u003cp\u003eCreating an identity-mapped group involves using the \u003ccode\u003egroups.create()\u003c/code\u003e API method and providing a \u003ccode\u003egroupKey\u003c/code\u003e, \u003ccode\u003eParent\u003c/code\u003e, and \u003ccode\u003elabel\u003c/code\u003e set to \u003ccode\u003esystem/groups/external\u003c/code\u003e, with the \u003ccode\u003egroupKey\u003c/code\u003e uniquely identifying the group through a \u003ccode\u003enamespace\u003c/code\u003e and \u003ccode\u003egroupId\u003c/code\u003e.\u003c/p\u003e\n"],["\u003cp\u003eWhen creating the identity group using Python, the namespace must be included to avoid naming conflicts and to ensure the group is in the proper context of the external identity source.\u003c/p\u003e\n"],["\u003cp\u003eSearching for identity-mapped groups is done via the \u003ccode\u003egroups.search()\u003c/code\u003e API method, where providing the \u003ccode\u003esystem/groups/external\u003c/code\u003e label will return all such groups.\u003c/p\u003e\n"],["\u003cp\u003eAfter creating an identity group, the next step is to create memberships, using the procedures described in "Managing identity-mapped group memberships".\u003c/p\u003e\n"]]],[],null,["# Creating and searching for identity-mapped groups\n=================================================\n\nThis page explains how to create and search for *identity-mapped groups*. An\nidentity-mapped group is a type of group that mirrors a group in an\nexternal identity source, such as an Active Directory group. Identity-mapped\ngroups are used when creating an identity connector for Google Cloud Search.\n\nFor more information about identity-mapped groups, see\n[Groups API overview](/identity/docs/groups#group-types).\n\nThe following sections demonstrate how to manage identity-mapped groups.\n\nBefore you begin\n----------------\n\n| **Note:** Before you use any of the Cloud Identity APIs, you must set up Cloud Identity. See [Setting up Cloud Identity](/identity/docs/set-up-cloud-identity-admin) for instructions.\n\nPerform the following tasks before proceeding with the information on this page:\n\n- [Create the identity source](https://support.google.com/a/answer/9039510)\n in the Google Admin console.\n\n- Read the [Groups API overview](/identity/docs/groups).\n\n- [Set up the Groups API](/identity/docs/how-to/setup).\n\nCreating an identity-mapped group\n---------------------------------\n\n### REST\n\nTo create an identity-mapped group, call\n[`groups.create()`](/identity/docs/reference/rest/v1/groups/create) with an\ninstance of the new group. The group instance must include a `groupKey` ,\n`Parent`, and `label` set to `system/groups/external`. The `groupKey` is a\ncombination of `namespace` and `groupId` that uniquely identifies the group.\n\n### Python\n\nThe following example shows a helper function to create an identity group\nusing the Python client library. Use the identity source ID, obtained when you\ncreated the identity source in the Google Admin console, to call the helper\nfunction and create a group: \n\n def create_identity_group(service, identity_source_id, group_id, group_display_name,\n group_description):\n namespace = \"identitysources/\" + identity_source_id\n group_key = {\"id\": group_id, \"namespace\": namespace}\n group = {\n \"parent\": namespace,\n \"description\": group_description,\n \"displayName\": group_display_name,\n \"groupKey\": group_key,\n \"labels\": {\n # Set the label to specify creation of an identity group.\n \"system/groups/external\": \"\"\n }\n }\n\n try:\n response = service.groups().create(body=group).execute()\n print response\n except Exception, e:\n print e\n\n myNewGroup = create_identity_group(\n idSvc,\n \"ABC1234\",\n \"zebra\",\n \"Zebra external group\",\n \"The Zebra group is an identity group representing the Zooland\n external identity\"\n )\n\nProviding the namespace ensures that you won't experience any naming\ncollisions, and places the identity-mapped group in the proper context of other\ngroups from the same external identity source.\n\n### Searching for identity-mapped groups\n\n### REST\n\nTo search for identity-mapped groups, call\n[`groups.search()`](/identity/docs/reference/rest/v1/groups/search) with a\nquery string. To search for all groups, you only need to provide the label\n`system/groups/external`.\n\n### Python\n\nThe following example shows a helper function used to\nsearch for identity-mapped groups using the Python client library: \n\n def search_identity_groups(service, identity_source_id, pageSize, view):\n # Set the label to search for all identity groups\n searchQuery = \"&query=namespace=identitysources/\" + identity_source_id \\\n + \"%20AND%20\" + \"labels:system/groups/external\" \\\n + \"&pageSize=\" + pageSize + \"&view=\" + view\n try:\n searchGroupsRequest = service.groups().search()\n searchGroupsRequest.uri += searchQuery\n response = searchGroupsRequest.execute()\n print response\n except Exception, e:\n print e\n\nWhat's next\n-----------\n\nAfter a group exists, you can create memberships for it. To create memberships\nfor an identity-mapped group, refer to\n[Managing identity-mapped group memberships](/identity/docs/how-to/memberships-identity-groups)."]]
