I am currently attempting to create a Context-Aware security rule in Google Workspace that would potentially block users from accessing Google apps if they are under iOS version 15.0.0. I would like to achieve this using CEL (common expressive language).
In Google Context-Aware, here is what the Basic set-up would look like without code:
Allow access to apps or apply rule if a user: Meets all attributes (AND)
Device OS: iOS iOS version is 15.0.0 (in the format of MAJOR.MINOR.PATCH)
So for my CEL code snippet I currently have: device.os == "iOS" && device.os_version <= "15.0.0"
However I receive this error: undefined field 'os'
Anyone know what may be up or why this may be happening? Any help is appreciated.
Thank you!
Here's the CEL code that you can use for the condition that you want to set on your Context-Aware Access in the Google Workspace Admin console to block users in accessing their Google Workspace apps if they are under iOS version 15.0.0.
device.os_type == OsType.IOS && device.versionAtLeast("15.0.0")
Reference:
Custom access level specification