Anyone have best practices or gotchas for running on multiple domains?
almost didn't thread.. use gam sections!
if you are using one gcp project to manage multiple, you have to trust your app on admin.google.com/ac/owl
and the gcp project has to be marked external and in production
i have spoken
This would be a good youtube video to do a deep dive on for the workspace group
Precision of language issue on my part - separate workspace tenants. So if I’m running GAM for tenant A locally in Terminal, should I just run it in GCP console for Tenant B?
This is where I’d like to actually see how some other people are doing it. I personally have always created a new project in each tenant that I’m managing and just use gam select client A etc. So completely different projects for each client and different authorizations for each one. But as I understand it, there is a way to just set up one project and authorize it across multiple clients so you don’t actually need to create a new project for each client. That is one of the things I’m not as clear on how to do or what the implications are
gam select client A
i use one project for most in the same vm. not necessarily in the same project.
if you are doing large GAM jobs and need API quota, multiple projects. if not, then one would suffice. security posture of each domain is to be considered as well (trusting oauth client ids, whether they allow project creation in the org, setting up domain wide delegation, etc.)
Yep. Good video to talk about tbh.
I only ever use one project.
Except when I don't lol
haha yea, not having to reconfigure oauth consent screen (especially now that it asks for more information) saves time.
Pro tip ; make sure to make some terminal profiles with some visual distinctions so you dont run your commands on the wrong domain 😂
That’s another thing I’d love to see someone walk through is something like that. I’m not completely sure how to do that
i think @nosubstitute uses alias? still have to try it out.
https://better-it.slack.com/archives/C2DMQ0BGE/p1603132072010900?thread_ts=1603122188.005600&cid=C2DMQ0BGE found it
welp, i messed up my .bashrc somehow
Not gonna lie - none of this thread has made any sense.
i had a similar thread in #gam in macadmins this morning.. writing a medium article hopefully that will make it a bit easier to understand
Yeah, I see a reference to this in the docs, but I can’t quite put it together.
https://docs.google.com/document/d/1gBJYaY7IWO3XpU-sA4fGshfzEBuQ75Y7Vugyy2QLq8Q/edit#heading=h.cvros6cy7igq this one?
I’ll take a look at that one. I was referring to https://github.com/taers232c/GAMADV-XTD/wiki/gam.cfg
The more I look at it, the more I think my question should have been - should I just run GAM in cloud shell on the secondary Workspace tenant? I don’t foresee needing to access it as much as our primary tenant, so if I don’t have to jump through a bunch of config hoops to run in locally, that would be dope.
Already have an account? Login
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.
Sorry, we're still checking this file's contents to make sure it's safe to download. Please try again in a few minutes.
Sorry, our virus scanner detected that this file isn't safe to download.
We use 3 different kinds of cookies. You can choose which cookies you want to accept. We need basic cookies to make this site work, therefore these are the minimum you can select. Learn more about our cookies.