make advantages of domain wide delegation more explicit

SamuZad · May 11, 2024 · 27131a6 · 27131a6
1 parent b82fdd9
commit 27131a6
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 2 deletions.
diff --git a/docs/index.md b/docs/index.md
@@ -48,7 +48,7 @@ provider "googleworkspace" {
 ## Authorization
 This provider uses [Admin SDK](https://developers.google.com/admin-sdk) API methods to manage resources on a Workspace customer domain. There are multiple ways to set up proper authorization for a service account:
 
-* Enable [domain-wide delegation](#using-domain-wide-delegation) to impersonate a user that has super administrator privileges. You cannot directly grant super administrator privileges to service accounts.
+* Enable [domain-wide delegation](#using-domain-wide-delegation) to impersonate a user that has super administrator privileges. You cannot directly grant super administrator privileges to service accounts. Therefore **domain-wide delegation is necessary for managing resources that require super administrator privileges, such as other super administrator users**.
 
 * Assign [specific administrator roles](https://support.google.com/a/answer/9807615?hl=en&ref_topic=9832445) directly to the service account.
 

diff --git a/templates/index.md.tmpl b/templates/index.md.tmpl
@@ -19,7 +19,7 @@ The Google Workspace provider provides resources to interact with Google Workspa
 ## Authorization
 This provider uses [Admin SDK](https://developers.google.com/admin-sdk) API methods to manage resources on a Workspace customer domain. There are multiple ways to set up proper authorization for a service account:
 
-* Enable [domain-wide delegation](#using-domain-wide-delegation) to impersonate a user that has super administrator privileges. You cannot directly grant super administrator privileges to service accounts.
+* Enable [domain-wide delegation](#using-domain-wide-delegation) to impersonate a user that has super administrator privileges. You cannot directly grant super administrator privileges to service accounts. Therefore **domain-wide delegation is necessary for managing resources that require super administrator privileges, such as other super administrator users**.
 
 * Assign [specific administrator roles](https://support.google.com/a/answer/9807615?hl=en&ref_topic=9832445) directly to the service account.