Quick launch summary
In October 2021, we announced an open beta for group level controls that allow admins and end users who are group owners to restrict group memberships based on internal or external members and member type (service account, user, group). This feature is now generally available.
Member restrictions allow admins and end users who are group owners to limit group inclusion in several important ways:
- Restrict group membership to only Internal or external members of an organization
- Restrict by Member type - e.g. service accounts, users, and other groups.
The Cloud Identity Groups Memberships API can be used to check the state of memberships, which makes finding violating memberships easier
See the original announcement for more information.
Getting started
- Admins: Visit the Help Center to learn more about applying member restrictions on groups and use our API documentation to learn more about managing group restrictions with the Cloud Identity API.
- End users who are group owners and managers: Use this guide to learn more about setting and viewing Group restrictions using the Cloud Identity API.
Rollout pace
- Rapid Release and Scheduled Release domains: Available now to all users.
Availability
- Available to Google Workspace Enterprise Standard, Enterprise Plus, Education Plus, and Cloud Identity Premium customers
- Not available to Google Workspace Essentials, Business Starter, Business Standard, Business Plus, Enterprise Essentials, Education Fundamentals, Frontline, and Nonprofits, as well as G Suite Basic and Business customers
Resources
- Google Workspace Admin Help: Restrict group membership
- Cloud Identity API Documentation: Groups — Update Security Settings
- Cloud Identity API Documentation: Groups Memberships