IAM Policy Issues #150

New Issue

Open

opened 2026-04-05 16:16:45 +02:00 by MrUnknownDE · 0 comments

MrUnknownDE commented 2026-04-05 16:16:45 +02:00

Owner

Copy Link

Originally created by @coltondick on 10/15/2025

I am struggling to setup an IAM policy that grants users access to their own emails. I've setup an ingestion for Google Workspace as an administrator. I've created a "End User" role with the following policy:

[
  {
    "action": ["read", "search"],
    "subject": "archive",
    "conditions": {
      "userEmail": "${user.email}"
    }
  },
  {
    "action": ["read", "search"],
    "subject": ["dashboard", "ingestion"]
  }
]

But when I login to a "End User" account I cannot see any of the emails associated with the user.email

*Originally created by @coltondick on 10/15/2025* I am struggling to setup an IAM policy that grants users access to their own emails. I've setup an ingestion for Google Workspace as an administrator. I've created a "End User" role with the following policy: ```json [ { "action": ["read", "search"], "subject": "archive", "conditions": { "userEmail": "${user.email}" } }, { "action": ["read", "search"], "subject": ["dashboard", "ingestion"] } ] ``` But when I login to a "End User" account I cannot see any of the emails associated with the `user.email`

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

gh-pages

v0.5.1-dev

v0.4.3-release

ee-legalhold

ee-retention

v0.4.3-dev

wayneshn-patch-1

v0.4.3-pre

v0.4.2-fix

v0.4.2-dev

v0.4.1-dev

mailbox-processing-opt

v0.4.0-fix

ee-init

docs-ocr

v0.3.x-fixes

issue-templates

security-update

create-funding-yml

display-versions

attachment-ocr

docs

user-api-key

demo-mode

v0.3.0

system-settings

wip

CLA-v2

role-based-access

dev

v0.5.0

v0.4.2

v0.4.1

v0.4.0

v0.3.4

v0.3.3

v0.3.2

v0.3.1

v0.3.0

v0.2.1

v0.2.0

v0.1.2

v0.1.1

v0.1.0

Labels

Clear labels

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

documentation

documentation

duplicate

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

good first issue

help wanted

help wanted

help wanted

help wanted

improvement

improvement

question

question

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

MrUnknownDE

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github/OpenArchiver#150