Public | Automated Build

Last pushed: 10 months ago
Short Description
Docker Image for Dito GAM
Full Description

Docker Image for Dito GAM

Setting up tokens for GAM

Full instructions for GAM setup can be located at:

Specifically, you will need to enable the APIs required by GAM as well as get
OAuth2 tokens by which GAM can access your domain through the APIs. The
following link has instructions on the specifics of enabling the APIs and
generating the token files needed by GAM:

Both of the files generated by this process (client_secrets.json and
oauth2service.json) will be used by this container via volume mounts to
import the credentials to the disposable container per run.

Quick Start

Make sure the client_secrets.json and oauth2service.json files have been
created prior to running the container, and also touch the oauth2.txt file
that will be written to by the container. You can then run one-off commands

sudo docker run -it --rm \
  -v /path/to/client_secrets.json:/gam/client_secrets.json:ro \
  -v /path/to/oauth2.txt:/gam/oauth2.txt \
  -v /path/to/oauth2service.json:/gam/oauth2service.json:ro \
  broadinstitute/gam:latest \
  /usr/bin/ info domain

The GitHub repository ( for
this container also contains a gam script with an accompanying
script that can be used to more easily run this container as you would run GAM
normally without a container.

./gam info domain

Mounted Volumes

Storing these JSON files inside the container is a VERY BAD idea, since
anyone with the container would then be able to act as an admin on your
Google Apps domain. This is why we manually volume mount the files in
per run of the container so that the files can be securely managed outside
of the container context to prevent misues.

Base Image

Built using the DockerHub base Alpine 3.2 image

Docker Pull Command
Source Repository