Issue
- The org constraint doesn't allow certain values that are required to setup your glean instance
Resolution
- From the reported error message, note the constraint name and the values that need to be allowed. As an example, from the attached screenshot of an error message, the constraint name inferred is constraints/iam.allowedPolicyMemberDomains and the value that Glean requires to be permitted by this constraint is C00vrnlo8 (Please note that for some constraints there might be more than 1 value that Glean requires to be allowed)
- Create a yaml file (assume its located at /tmp/policy.yaml) with the below configuration:
name: projects/PROJECT_ID/policies/iam.allowedPolicyMemberDomains
spec:
rules:
values:
allowedValues:
- C00vrnlo8 - Execute the below command with credentials sufficient to modify org constraints in your organizations:
gcloud org-policies set-policy /tmp/policy.yaml
- Reupload the owner key
If you are still having difficulty please reach out to us: https://support.glean.com.