Anybody controlling the Apps Scripts default projects created by Google via Organization Policies? I wonder if it would be worth it to restrict those by adding an Organization Policy on the apps-script resource folder of the organization and then create custom projects as needed with more permissions/scopes. Is there some recommendation on this to keep a sane balance of control and flexibility for our users of Apps Scripts in gsuite?
we definitely had to adjust our org policies recently because of these; about 2 months ago policies that were previously not enforced for these mystical apps script projects were suddenly being enforced when apps script service was creating them. (the logging bucket location was the one we had to deal with specifically)…. I think keeping them split to their own folder with whatever constraints you find reasonable is about all you can do?
thanks for confirming I was not the only one having to deal with this. Any recommendation of the type of constraints/organization policies that should be typically applied on those? So far in our case, those apps scripts are just simple scripts not really talking to anything but just doing fancy calculation within a spreadsheet for instance. At least I believe it is. It’s so obfuscated that maybe other users are doing things I don’t know about…
