Configure member restrictions for groups, available in open beta
We’re adding group level controls that will allow admins to restrict group memberships based on:
Internal or external members,
Member type (service account, user, group)
This feature is available as an open beta, which means you can use it without enrolling in a specific beta program.
Admins and end users who are group owners and managers
Why it’s important
This feature helps ensure Groups are properly configured and stay within the confines of specific restrictions. For example, if an Admin configures a group to exclude service accounts, that restriction will be preserved and enforced for all future group changes.
Once a restriction is in place, we’ll indicate whether there are violating memberships and suggested actions to resolve the discrepancy. Further, this feature will prevent any new changes from violating the current setting, ensuring the group remains secure.
Important note: Group owners and managers cannot remove restrictions once they’re applied, but may be able to add additional restrictions. For example, If a group is configured to contain individual users and groups, the group owner could further restrict it to only users. However, the group owner could not change a group which is set up to only contain individuals to allow both individuals and groups.
Admins: Visit the Help Center to learn more about applying member restrictions on groups and use our API documentation to learn more about managing group restrictions with the Cloud Identity API.
Group owners and managers: Use this guide to learn more about setting and viewing Group restrictions using the Cloud Identity API.
End users: No action required.
Rapid Release and Scheduled Release domains: Gradual rollout (up to 15 days for feature visibility) starting on October 5, 2021
Available to Google Workspace Enterprise Plus, Enterprise Standard, Education Plus, and Cloud Identity Premium customers
Not available to Google Workspace Essentials, Business Starter, Business Standard, Business Plus, Enterprise Essentials, Education Fundamentals, Frontline, and Nonprofits, as well as G Suite Basic and Business customers