Creating security groups
This page explains how to create security groups. You can create a new security group or update a Google group to a security group.
Before you begin
Perform the following tasks before proceeding with the information on this page:
Read the Groups API overview.
Security group requirements
Security groups can only contain the following:
- Users inside or outside of your domain (while associated with a Google service)
- Service accounts inside or outside of your domain
- Security groups inside of your domain
You can't apply the security group label to a Google Group that doesn't meet these conditions.
Only predefined Super Admins or Groups Admins have the permissions to update security groups.
Creating a new security group
REST
To create a security group, call
groups.create()
with
an instance of the new group. The group instance must include a groupKey
,
Parent
, and labels
set to cloudidentity.googleapis.com/groups.security
and cloudidentity.googleapis.com/groups.discussion_forum
Python
The following example shows a helper function to create a Google Group using the Python client library:
def create_google_group(service, customer_id, group_id, group_display_name, group_description):
group_key = {"id": group_id}
group = {
"parent": "customers/" + customer_id,
"description": group_description,
"displayName": group_display_name,
"groupKey": group_key,
# Set the label to specify creation of a Google Group.
"labels": {
"cloudidentity.googleapis.com/groups.security": "",
"cloudidentity.googleapis.com/groups.discussion_forum": ""
}
}
try:
request = service.groups().create(body=group)
request.uri += "&initialGroupConfig=WITH_INITIAL_OWNER"
response = request.execute()
print(response)
except Exception as e:
print(e)
Updating a Google Group to a security group
REST
To update a Google Group to a security group, call
groups.patch()
with
updateMask
set to cloudidentity.googleapis.com/groups.security
and
cloudidentity.googleapis.com/groups.discussion_forum
.
Sample request body
{
"labels": {
"cloudidentity.googleapis.com/groups.security": "",
"cloudidentity.googleapis.com/groups.discussion_forum": ""
}
}
Python
The following example shows a helper function to update a Google Group to a security group using the Python client library:
def add_security_label_to_group(service, group_name):
group = {
"labels": {
"cloudidentity.googleapis.com/groups.security": "",
"cloudidentity.googleapis.com/groups.discussion_forum": ""
}
}
try:
request = service.groups().patch(name=group_name, body=group)
request.uri = request.uri + '&updateMask=labels'
response = request.execute()
print(response)
except Exception as e:
print(e)
Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2024-10-30 UTC.