I have a customer who has an Org policy in place to restrict GCP console access to users in their workspace domain ONLY. We have a 3rd party / vendor with a google group account that needs to be granted access to the GCP console so essentially whitelisting users from a different workspace domain is what is needed here. I tried to edit the policy and by the way I have no idea what the options in the policy are referring to, I chose custom, allow all rule and added my Org Id and it complained that there cannot be more than 1 rule in a policy because there was a rule already added, doesn’t make sense to me seems complicated. I followed the steps in this link
1 Like
As a workaround , I edited the policy to allow all , added the external account and reverted the policy.
1 Like
I’ve tried to add additional domain and got the same error like you. Looks like bug ? Or something is missing under the documentation. Is worth to create issue at issue tracker ?
–
cheers,
DamianS
LinkedIn medium.com Cloudskillsboost