Click HERE to see how Saviynt Intelligence is transforming the industry. |
06/15/2023 06:21 AM - edited 06/21/2023 06:06 AM
We have followed the below document to set the required permission for the service account that is used for the GCP connection.
Prerequisites to Manage the GCP Platform (saviyntcloud.com)
Configuring PAM for Google Cloud Platform (saviyntcloud.com)
While performing the import we can see all the projects and services accounts coming in from GCP, but the IAM accounts are not, we see the import job is failing with error. However, when I login to admin.google.com, the account has all the required permissions.
06/20/2023 01:00 PM
@lionelrl Thanks for posting your question. Domain_list value should reflect your organization name. Please see the below article where an example is given and it says to provide the domain names from where the accounts are supposed to be pulled from.
https://docs.saviyntcloud.com/bundle/GCP-v23x/page/Content/Creating-a-Connection-using-the-Service-A...https://docs.saviyntcloud.com/bundle/GCP-v23x/page/Content/Creating-a-Connection-using-the-Service-A...
Thanks,
Nagesh K
06/21/2023 06:15 AM - edited 06/22/2023 07:35 AM
Hi Nagesh,
Thank you for the solution , the accounts got imported. But there is an error brining in some data, not sure if it is just a warning which we can ignore.
Data truncation: Data too long for column 'CUSTOMPROPERTY1' at row 1
[Update] : The accounts are imported and while we try to bootstrap the accounts, it is failing. From the error logs I see that the account is inactive, but it is active in the endpoint. Please guide us, attaching the logs.
Thanks,
Lionel
06/26/2023 06:48 AM
@lionelrl The error says the process has failed at the creation of change password task for the account. Please verify the following in your env:
Then change password task for the account will get created successfully.
Thanks,
Nagesh K