It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda Campus Barracuda Campus
Barracuda XDR
Overview Documentation Materials

Integrating Google Workspace

  • Last updated on

Integrating Google Workspace involves performing the following procedures:

  • To set up the Google Workspace Project

  • To set up Barracuda XDR Dashboard

Setting up the Google Workspace Project

When integrating Google Workspace, you must add a user to a role that has the privileges in the table below, or use Super Admin :

Administrator Console Privileges

  • Reports

Admin API Privileges

  • Organizational Units: Read

  • Users: Read

  • Groups: Read

  • Schema Management: Schema Read

  • License Management: License read

  • Billing Management: Billing Read

  • Domain Allow List Management: Domain Allow List Read

  • Activity Rules: Read

To set up the Google Workspace Project

  1. Log in to Google Admin Console

  2. Click Add a User and populate the user information.
    NOTE Take note of the email address. You will need to share it with Barracuda XDR later.

  3. Add that new user to either Super Admin or create a Custom Role that has Access to the Admin API Privileges as outlined in the table above.
    NOTE This account cannot have two-factor authentication enforced on it.

  4. Create a new Google Workspace Project.

  5. Enter a Project Name and select the Parent Organization.
    1.png

  6. Navigate to Google Cloud Platform and click Go to Project Settings.

  7. On the Left Navigation, click IAM & Admin > Service Accounts .

  8. At the top of the screen, click Create Service Account.

    2.png

  9. Enter the Service account name and Description. The Service account id is generated. Click Create and Continue.

    3.png

  10. Click Continue.

  11. In Service Account Users Role, enter the user account you created in Step 1, then click Done.

    5.png

    You will be brought to the project home page and you will see the service account you created.

  12. To create a key, click the three dots under Action and click Manage Keys.

    6.png

  13. Click Add Key > Create new key .

    7.png

  14. Select JSON.

    8.png

    NOTE The .JSON file downloads automatically. Save this downloaded file. You must input it on the dashboard.

  15. Navigate to https://console.cloud.google.com/apis/library. Ensure your project is selected. Search for Admin SDK API and click it.

  16. If it is not enabled, enable it. When it is enabled, validate it.

    10.png

  17. Navigate to  APIs & Services > OAuth consent screen. In User Type, select Internal and click Create.

    12.png

  18. Enter an appropriate application name, such as skt-gcp-monitor . Enter the User support email  and, in the Developer contact information section, type the Email address of any admin user. Slick Save And Continue.

    13.png

  19. On the Scopes  page, click Add or Remove Scopes. Search for https://www.googleapis.com/auth/admin.reports.audit.readonly and add it. Click Update  > Save & Continue.

    14.png

  20. On the left navigation bar, click Credentials.

  21. Click the associated Service account in the Service Accounts Table.

  22. Click Show Advanced Settings.

    IntegratingWorkspaces22.png

  23. On the Service Account page, in the Domain-wide Delegation section, copy the Client ID .

  24. Navigate to Domain-wide Delegation (google.com) Click Add New  and paste the Client ID you just copied into its associated field.

  25. Add https://www.googleapis.com/auth/admin.reports.audit.readonly into OAuth Scopes and click Authorize.

To set up Barracuda XDR Dashboard

  1. In Barracuda XDR Dashboard, click Administration > Integrations

  2. On the Google Workspace card, click Setup.

    WorkspaceCard.png

  3. Add the Credentials .JSON file that was generated/downloaded earlier, and the email for the user you granted the sufficient privileges.

    WorkspaceEdit.png

  4. Click Test and Save.