davidkotnik/novafarma
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: Add new gcloud commands, API clients, and third-party libraries across various services.

Browse Source
This commit is contained in:
David Kotnik
2026-01-01 20:26:35 +01:00
parent 5e23cbece0
commit a19e592eb7
25221 changed files with 8324611 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
gcloud auth application-default login/google-cloud-sdk/lib/surface/active_directory/__init__.py Normal file
View File

@@ -0,0 +1,35 @@
# -*- coding: utf-8 -*- #
# Copyright 2019 Google Inc. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Command group for Managed Microsoft AD."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.calliope import base
@base.ReleaseTracks(base.ReleaseTrack.GA,
base.ReleaseTrack.BETA,
base.ReleaseTrack.ALPHA)
class ActiveDirectory(base.Group):
"""Manage Managed Microsoft AD resources."""
category = base.IDENTITY_CATEGORY
def Filter(self, context, args):
# TODO(b/190523114): Determine if command group works with project number
base.RequireProjectID(args)
del context, args

28
gcloud auth application-default login/google-cloud-sdk/lib/surface/active_directory/domains/__init__.py Normal file
View File

@@ -0,0 +1,28 @@
# -*- coding: utf-8 -*- #
# Copyright 2019 Google Inc. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Command group for Managed Microsoft AD domains."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.calliope import base
@base.ReleaseTracks(base.ReleaseTrack.GA,
base.ReleaseTrack.BETA,
base.ReleaseTrack.ALPHA)
class Domains(base.Group):
"""Manage Managed Microsoft AD domains."""

27
gcloud auth application-default login/google-cloud-sdk/lib/surface/active_directory/domains/backups/__init__.py Normal file
View File

@@ -0,0 +1,27 @@
# -*- coding: utf-8 -*- #
# Copyright 2021 Google Inc. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Command group for Managed Microsoft AD backups."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.calliope import base
@base.ReleaseTracks(base.ReleaseTrack.GA,
base.ReleaseTrack.BETA, base.ReleaseTrack.ALPHA)
class Backups(base.Group):
"""Managed Microsoft AD Backups."""

52
gcloud auth application-default login/google-cloud-sdk/lib/surface/active_directory/domains/backups/create.yaml Normal file
View File

@@ -0,0 +1,52 @@
- release_tracks: [GA, ALPHA, BETA]
help_text:
brief: |
Create a Managed Microsoft AD domain backup.
description: |
Create a new Managed Microsoft AD domain backup with the specified name using Google Cloud's
Managed Service for Microsoft Active Directory.
This command can fail for the following reasons:
* The specified domain doesn't exist.
* The specified domain is being created.
* A backup already exists with the same target domain name.
* The active account doesn't have permission to access the specified domain.
* The active account doesn't have permission to create AD domain backups.
examples: |
To create an AD domain backup named `my-backup` under domain
`my-domain.com`, run:
$ {command} my-backup --domain=my-domain.com --project=my-proj --async
async:
collection: managedidentities.projects.locations.global.operations
request: &request
collection: managedidentities.projects.locations.global.domains.backups
method: create
ALPHA:
api_version: v1alpha1
BETA:
api_version: v1beta1
GA:
api_version: v1
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.active_directory.resources:backup
help_text: |
Name of the Managed Microsoft AD domain backup you want to create.
params:
- arg_name: labels
api_field: backup.labels.additionalProperties
metavar: KEY=VALUE
help_text: |
List of label KEY=VALUE pairs to add.
type:
arg_dict:
flatten: true
spec:
- api_field: key
- api_field: value

38
gcloud auth application-default login/google-cloud-sdk/lib/surface/active_directory/domains/backups/delete.yaml Normal file
View File

@@ -0,0 +1,38 @@
- release_tracks: [GA, ALPHA, BETA]
help_text:
brief: |
Delete a Managed Microsoft AD domain backup.
description: |
Delete a Managed Microsoft AD domain backup with the specified name using Google Cloud's
Managed Service for Microsoft Active Directory.
This command can fail for the following reasons:
* The specified backup doesn't exist.
* The active account doesn't have permission to access the specified domain.
* The active account doesn't have permission to access the specified AD domain backup.
examples: |
To delete an AD domain backup `my-backup` under domain
`projects/my-proj/locations/global/domains/my-domain.com`, run:
$ {command} projects/my-proj/locations/global/domains/my-domain.com/backups/my-backup \
--async
async:
collection: managedidentities.projects.locations.global.operations
request: &request
collection: managedidentities.projects.locations.global.domains.backups
ALPHA:
api_version: v1alpha1
BETA:
api_version: v1beta1
GA:
api_version: v1
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.active_directory.resources:backup
help_text: |
Name of the Managed Microsoft AD domain backup you want to delete.

35
gcloud auth application-default login/google-cloud-sdk/lib/surface/active_directory/domains/backups/describe.yaml Normal file
View File

@@ -0,0 +1,35 @@
- release_tracks: [GA, BETA, ALPHA]
help_text:
brief: |
Describe a Managed Microsoft AD domain backup.
description: |
Show metadata for a Managed Microsoft AD domain backup.
Displays all metadata associated with an Active Directory domain backup when provided with a
valid domain backup name.
This command can fail for the following reasons:
* The specified domain backup doesn't exist.
* The active account doesn't have permission to access the specified
domain.
examples: |
To display all metadata associated with an AD domain backup with the name
`my-backup` under the domain `my-domain` in project `my-project`, run:
$ {command} projects/my-proj/locations/global/domains/my-domain.com/backups/my-backup
request: &request
collection: managedidentities.projects.locations.global.domains.backups
ALPHA:
api_version: v1alpha1
BETA:
api_version: v1beta1
GA:
api_version: v1
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.active_directory.resources:backup
help_text: |
Name of the Managed Microsoft AD domain backup you want to describe.

47
gcloud auth application-default login/google-cloud-sdk/lib/surface/active_directory/domains/backups/list.yaml Normal file
View File

@@ -0,0 +1,47 @@
- release_tracks: [GA, BETA, ALPHA]
help_text:
brief: |
List all Managed Microsoft AD domain backups.
description: |
List all Managed Microsoft AD domain backups in the specified Managed Microsoft AD domain.
Displays associated Active Directory domain backups.
This command can fail for the following reasons:
* The active account doesn't have permission to access the specified
domain.
examples: |
To list all AD domain backups in the project `my-project` under domain
`my-domain.com`, run:
$ {command} --project=my-project --domain=my-domain.com --limit=5
request: &request
collection: managedidentities.projects.locations.global.domains.backups
ALPHA:
api_version: v1alpha1
BETA:
api_version: v1beta1
GA:
api_version: v1
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.active_directory.resources:domain
help_text: |
Name of the domain for which you want to list all associated Managed Microsoft AD domain backups.
response:
id_field: name
output:
format: |
table(
name.basename():label=NAME,
backup:label=BACKUP,
state:label=STATE,
type:label=TYPE,
description:label=DESCRIPTION,
createTime.date()
)

46
gcloud auth application-default login/google-cloud-sdk/lib/surface/active_directory/domains/backups/update.yaml Normal file
View File

@@ -0,0 +1,46 @@
- release_tracks: [GA, BETA, ALPHA]
help_text:
brief: |
Update a Managed Microsoft AD domain backup.
description: |
Update a Managed Microsoft AD domain backup.
* The specified backup doesn't exist.
* The active account doesn't have permission to access the specified domain.
* The active account doesn't have permission to access the specified domain backup.
examples: |
To update an AD domain backup `my-backup` under domain
`projects/my-proj/locations/global/domains/my-domain.com` with the labels `l1` and `l2`, run:
$ {command} projects/my-proj/locations/global/domains/my-domain.com/backups/my-backup \
--update-labels=l1=1,l2=2
async:
collection: managedidentities.projects.locations.global.operations
request: &request
collection: managedidentities.projects.locations.global.domains.backups
ALPHA:
api_version: v1alpha1
modify_request_hooks:
- googlecloudsdk.command_lib.active_directory.backup_util:UpdatePatchRequest
- googlecloudsdk.command_lib.active_directory.backup_util:UpdateLabels
BETA:
api_version: v1beta1
modify_request_hooks:
- googlecloudsdk.command_lib.active_directory.backup_util:UpdatePatchRequest
- googlecloudsdk.command_lib.active_directory.backup_util:UpdateLabels
GA:
api_version: v1
modify_request_hooks:
- googlecloudsdk.command_lib.active_directory.backup_util:UpdatePatchRequest
- googlecloudsdk.command_lib.active_directory.backup_util:UpdateLabels
method: patch
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.active_directory.resources:backup
help_text: |
Name of the Managed Microsoft AD domain backup you want to update.
additional_arguments_hook: googlecloudsdk.command_lib.active_directory.flags:BackupUpdateLabelsFlags

100
gcloud auth application-default login/google-cloud-sdk/lib/surface/active_directory/domains/create.yaml Normal file
View File

@@ -0,0 +1,100 @@
- release_tracks: [ALPHA, BETA, GA]
help_text:
brief: |
Create a Managed Microsoft AD domain.
description: |
Create a new Managed Microsoft AD domain with the given name using Google Cloud's
Managed Service for Microsoft Active Directory.
This command can fail for the following reasons:
* An AD domain with the same name already exists.
* The active account does not have permission to create AD domains.
* There is an overlap between the provided CIDR range and authorized network's CIDR.
* A valid region was not provided.
examples: |
The following command creates an AD domain with the name
`my-domain.com` in region `us-central1`, a network peering to `my-network` and
consuming the IP address range `10.172.0.0/24`.
$ {command} my-domain.com --region=us-central1 --reserved-ip-range="10.172.0.0/24"
--authorized-networks=projects/my-project/global/networks/my-network
async:
collection: managedidentities.projects.locations.global.operations
request: &request
collection: managedidentities.projects.locations.global.domains
modify_request_hooks:
- googlecloudsdk.command_lib.active_directory.util:AppendLocationsGlobalToParent
ALPHA:
api_version: v1alpha1
BETA:
api_version: v1beta1
GA:
api_version: v1
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.active_directory.resources:domain
help_text: |
Name of the managed Managed Microsoft AD domain you want to create.
params:
- arg_name: authorized-networks
api_field: domain.authorizedNetworks
help_text: |
Names of the Google Compute Engine networks to which the domain will be connected.
- arg_name: region
api_field: domain.locations
help_text: |
Google Compute Engine region in which to provision domain controllers.
required: true
- arg_name: admin-name
ALPHA:
api_field: domain.managedIdentitiesAdminName
BETA:
api_field: domain.admin
GA:
api_field: domain.admin
help_text: |
Name of the administrator that may be used to perform Active Directory
operations. This is a delegated administrator account provisioned by our service.
If left unspecified `MIAdmin` will be used. This is different from both the domain
administrator and the Directory Services Restore Mode (DSRM) administrator.
- arg_name: labels
api_field: domain.labels.additionalProperties
metavar: KEY=VALUE
help_text: |
List of label KEY=VALUE pairs to add.
type:
arg_dict:
flatten: true
spec:
- api_field: key
- api_field: value
- arg_name: tags
release_tracks: [GA]
# TODO(b/338531743): Remove hidden as part of GA launch.
hidden: true
api_field: domain.tags.additionalProperties
metavar: KEY=VALUE
help_text: |
List of tag KEY=VALUE pairs to add.
type:
arg_dict:
flatten: true
spec:
- api_field: key
- api_field: value
- arg_name: reserved-ip-range
api_field: domain.reservedIpRange
help_text: |
Classless Inter-Domain Routing range of internal addresses that
are reserved for this domain.
required: true
- arg_name: enable-audit-logs
type: bool
action: store_true
api_field: domain.auditLogsEnabled
help_text: |
If specified, Active Directory data audit logs are enabled for the domain.

31
gcloud auth application-default login/google-cloud-sdk/lib/surface/active_directory/domains/delete.yaml Normal file
View File

@@ -0,0 +1,31 @@
- release_tracks: [GA, BETA, ALPHA]
help_text:
brief: |
Delete a managed Microsoft Active Directory domain.
description: |
Delete a managed Microsoft Active Directory (AD) domain with
the given fully-qualified domain name.
This command can fail for the following reasons:
* The AD domain specified does not exist.
* The active account does not have permission to access the given
AD domain.
examples: |
The following command deletes an AD domain with the name
`my-domain.com`.
$ {command} my-domain.com
async:
collection: managedidentities.projects.locations.global.operations
request: &request
api_version: v1
collection: managedidentities.projects.locations.global.domains
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.active_directory.resources:domain
help_text: |
Name of the managed Managed Microsoft AD domain you want to delete.

35
gcloud auth application-default login/google-cloud-sdk/lib/surface/active_directory/domains/describe.yaml Normal file
View File

@@ -0,0 +1,35 @@
- release_tracks: [GA, BETA, ALPHA]
help_text:
brief: |
Describe a Managed Microsoft AD domain.
description: |
Show metadata for a Managed Microsoft AD domain.
Displays all metadata associated with a Active Directory domain given a
valid AD domain fully-qualified domain name.
This command can fail for the following reasons:
* The domain specified does not exist.
* The active account does not have permission to access the given
domain.
examples: |
The following command prints metadata for an AD domain with the name
`my-domain.com`.
$ {command} my-domain.com
request: &request
collection: managedidentities.projects.locations.global.domains
ALPHA:
api_version: v1alpha1
BETA:
api_version: v1beta1
GA:
api_version: v1
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.active_directory.resources:domain
help_text: |
Name of the Managed Microsoft AD domain you want to describe.

32
gcloud auth application-default login/google-cloud-sdk/lib/surface/active_directory/domains/describe_ldaps_settings.yaml Normal file
View File

@@ -0,0 +1,32 @@
- release_tracks: [GA, BETA, ALPHA]
help_text:
brief: |
Describe the LDAPS settings of a Managed Microsoft AD domain.
description: |
Describe the Lightweight Directory Access Protocol over TLS/SSL (LDAPS) settings of a Managed Microsoft AD domain.
This command can fail for the following reasons:
* The domain specified does not exist.
* The active account does not have permission to view LDAPS settings for the domain.
examples: |
The following command shows the LDAPS settings for an AD domain with the name
`my-domain.com`.
$ {command} my-domain.com
request: &request
ALPHA:
api_version: v1alpha1
BETA:
api_version: v1beta1
GA:
api_version: v1
collection: managedidentities.projects.locations.global.domains
method: getLdapssettings
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.active_directory.resources:domain
help_text: |
Name of the Managed Microsoft AD domain you want to describe.

51
gcloud auth application-default login/google-cloud-sdk/lib/surface/active_directory/domains/extend_schema.yaml Normal file
View File

@@ -0,0 +1,51 @@
- release_tracks: [ALPHA, BETA, GA]
help_text:
brief: |
Initiate schema extension for a Managed Microsoft AD domain.
description: |
Initiate schema extension for a Managed Microsoft AD domain.
This command can fail for the following reasons:
* The specified domain doesn't exist.
* The specified domain is either being created or updated.
* The specified domain is under maintenance.
* The active account doesn't have permission to initiate schema extension on the specified domain.
examples: |
The following command initiates a schema extension for the domain
`my-domain.com` in project `my-project`, with description `Test Description`,
using the LDIF file `demo.ldif`
$ {command} my-domain.com --description="Test Description" --ldif-file=demo.ldf --project=my-project --async
async:
collection: managedidentities.projects.locations.global.operations
request:
collection: managedidentities.projects.locations.global.domains
method: extendSchema
ALPHA:
api_version: v1alpha1
BETA:
api_version: v1beta1
GA:
api_version: v1
arguments:
resource:
help_text: |
Name of the Managed Microsoft AD domain for which you want to extend schema.
spec: !REF googlecloudsdk.command_lib.active_directory.resources:domain
params:
- arg_name: description
api_field: extendSchemaRequest.description
required: true
help_text: |
Description of schema change.
- arg_name: ldif-file
type: googlecloudsdk.calliope.arg_parsers:FileContents:binary=True
api_field: extendSchemaRequest.fileContents
required: true
help_text: |
Local LDIF file path that contains commands for schema extension. The file size can't be larger than 1 MB.

30
gcloud auth application-default login/google-cloud-sdk/lib/surface/active_directory/domains/get_iam_policy.yaml Normal file
View File

@@ -0,0 +1,30 @@
- release_tracks: [GA, BETA, ALPHA]
help_text:
brief: |
Describe the IAM policy for a Managed Microsoft AD domain.
description: |
*{command}* displays the IAM policy associated with an Managed Microsoft AD domain.
If formatted as JSON, the output can be edited and used as
a policy file for *set-iam-policy*. The output includes an "etag"
field identifying the version emitted and allowing detection of
concurrent policy updates.
This command can fail for the following reasons:
* The domain specified does not exist.
* The active account does not have permission to access the given
domain's IAM policies.
examples: |
To print the IAM policy for `my-domain.com`, run:
$ {command} my-domain.com
request: &request
api_version: v1
collection: managedidentities.projects.locations.global.domains
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.active_directory.resources:domain
help_text: |
Name of the Managed Microsoft AD domain that you want to get the IAM policy for.

69
gcloud auth application-default login/google-cloud-sdk/lib/surface/active_directory/domains/list.yaml Normal file
View File

@@ -0,0 +1,69 @@
- release_tracks: [GA, BETA, ALPHA]
help_text:
brief: |
List Managed Microsoft AD domains.
description: |
List all Managed Microsoft AD domains in the specified project.
You can specify the maximum number of domains to list using the
`--limit` flag.
examples: |
The following command lists a maximum of five domains:
$ {command} --limit=5
request: &request
collection: managedidentities.projects.locations.global.domains
modify_request_hooks:
- googlecloudsdk.command_lib.active_directory.util:AppendLocationsGlobalToParent
ALPHA:
api_version: v1alpha1
BETA:
api_version: v1beta1
GA:
api_version: v1
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.active_directory.resources:project
help_text: |
The project of the AD domains to display.
output:
ALPHA:
format: |
table(
name.basename():label=DOMAIN_NAME,
state:label=DOMAIN_STATE,
reservedIpRange:label=RESERVED_IP_RANGE,
locations:label=REGIONS,
labels:label=LABELS,
managedIdentitiesAdminName:label=ADMIN_NAME,
auditLogsEnabled:label=AUDIT_LOGS_ENABLED,
createTime.date():sort=1
)
BETA:
format: |
table(
name.basename():label=DOMAIN_NAME,
state:label=DOMAIN_STATE,
reservedIpRange:label=RESERVED_IP_RANGE,
locations:label=REGIONS,
labels:label=LABELS,
admin:label=ADMIN_NAME,
auditLogsEnabled:label=AUDIT_LOGS_ENABLED,
createTime.date():sort=1
)
GA:
format: |
table(
name.basename():label=DOMAIN_NAME,
state:label=DOMAIN_STATE,
reservedIpRange:label=RESERVED_IP_RANGE,
locations:label=REGIONS,
labels:label=LABELS,
admin:label=ADMIN_NAME,
auditLogsEnabled:label=AUDIT_LOGS_ENABLED,
createTime.date():sort=1
)

27
gcloud auth application-default login/google-cloud-sdk/lib/surface/active_directory/domains/migration/__init__.py Normal file
View File

@@ -0,0 +1,27 @@
# -*- coding: utf-8 -*- #
# Copyright 2022 Google Inc. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Command group for Managed Microsoft AD domains."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.calliope import base
@base.ReleaseTracks(base.ReleaseTrack.BETA,
base.ReleaseTrack.ALPHA)
class Domains(base.Group):
"""Manage Managed Microsoft AD domains."""

31
gcloud auth application-default login/google-cloud-sdk/lib/surface/active_directory/domains/migration/check_permissions.yaml Normal file
View File

@@ -0,0 +1,31 @@
- release_tracks: [ALPHA, BETA]
help_text:
brief: |
Check existing permissions on a Managed Microsoft AD domain for domain migration.
description: |
Check existing permissions on a Managed Microsoft AD domain for domain migration.
This command can fail for the following reasons:
* The specified domain doesn't exist.
* The specified domain is either being created or updated.
* The active account doesn't have permission to check migration permissions on the specified domain.
examples: |
The following command checks migration permissions on the domain
`my-domain.com` in project `my-project`.
$ {command} my-domain.com --project=my-project
request:
collection: managedidentities.projects.locations.global.domains
method: checkMigrationPermission
ALPHA:
api_version: v1alpha1
BETA:
api_version: v1beta1
arguments:
resource:
help_text: |
Name of the Managed Microsoft AD domain for which you want to check migration permissions.
spec: !REF googlecloudsdk.command_lib.active_directory.resources:domain

34
gcloud auth application-default login/google-cloud-sdk/lib/surface/active_directory/domains/migration/disable.yaml Normal file
View File

@@ -0,0 +1,34 @@
- release_tracks: [ALPHA, BETA]
help_text:
brief: |
Disable domain migration permissions on a Managed Microsoft AD domain.
description: |
Disable domain migration permissions on a Managed Microsoft AD domain.
This command can fail for the following reasons:
* The specified domain doesn't exist.
* The specified domain is either being created or updated.
* The active account doesn't have permission to disable migration permissions on the specified domain.
examples: |
The following command disables migration permissions on the domain
`my-domain.com` in project `my-project`.
$ {command} my-domain.com --project=my-project --async
async:
collection: managedidentities.projects.locations.global.operations
request:
collection: managedidentities.projects.locations.global.domains
method: disableMigration
ALPHA:
api_version: v1alpha1
BETA:
api_version: v1beta1
arguments:
resource:
help_text: |
Name of the Managed Microsoft AD domain on which you want to disable migration permissions.
spec: !REF googlecloudsdk.command_lib.active_directory.resources:domain

53
gcloud auth application-default login/google-cloud-sdk/lib/surface/active_directory/domains/migration/enable.yaml Normal file
View File

@@ -0,0 +1,53 @@
- release_tracks: [ALPHA, BETA]
help_text:
brief: |
Enable domain migration permissions on a Managed Microsoft AD domain.
description: |
Enable domain migration permissions on a Managed Microsoft AD domain.
This command can fail for the following reasons:
* The specified domain doesn't exist.
* The specified domain is either being created or updated.
* The active account doesn't have permission to enable migration permissions on the specified domain.
examples: |
The following command enables migration permissions on the domain
`my-domain.com` in project `my-project` for two on-premises domains `onprem-domain-1.com` and
`onprem-domain-2.com`, with SID Filtering disabled for `onprem-domain-1.com`.
$ {command} my-domain.com --onprem-domains=onprem-domain-1.com,onprem-domain-2.com --disable-sid-filtering-domains=onprem-domain-1.com --project=my-project --async
async:
collection: managedidentities.projects.locations.global.operations
request:
collection: managedidentities.projects.locations.global.domains
method: enableMigration
ALPHA:
api_version: v1alpha1
BETA:
api_version: v1beta1
modify_request_hooks:
- googlecloudsdk.command_lib.active_directory.migration_util:UpdateOnPremSIDDetails
input:
confirmation_prompt: |
You are about to enable SID History migration permissions
on Managed Microsoft AD domain [{__name__}] in [{projectsId}].
arguments:
resource:
help_text: |
Name of the Managed Microsoft AD domain on which you want to enable migration permissions.
spec: !REF googlecloudsdk.command_lib.active_directory.resources:domain
params:
- arg_name: onprem-domains
required: true
type: "googlecloudsdk.calliope.arg_parsers:ArgList:"
help_text: |
List of trusted domains that are being migrated.
- arg_name: disable-sid-filtering-domains
type: "googlecloudsdk.calliope.arg_parsers:ArgList:"
help_text: |
List of migrating domains on which SID Filtering must be disabled. The list is empty by default.

35
gcloud auth application-default login/google-cloud-sdk/lib/surface/active_directory/domains/reset_admin_password.yaml Normal file
View File

@@ -0,0 +1,35 @@
- release_tracks: [GA, BETA, ALPHA]
help_text:
brief: |
Reset the admin password for a Managed Microsoft AD domain.
description: |
Reset the delegated admin password for a Managed Microsoft AD domain given a valid AD domain
fully-qualified domain name.
This command can fail for the following reasons:
* The AD domain specified does not exist.
* The active account does not have permission to access the given
AD domain.
examples: |
The following command resets the admin password for an AD domain with
the name `my-domain.com`.
$ {command} my-domain.com
request: &request
collection: managedidentities.projects.locations.global.domains
api_version: v1
method: resetAdminPassword
input:
confirmation_prompt: |
You are about to reset the admin password for Managed Microsoft AD domain [{__name__}]
in [{projectsId}].
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.active_directory.resources:domain
help_text: |
Name of the Managed Microsoft AD domain you want to reset the password for.
command_type: GENERIC

43
gcloud auth application-default login/google-cloud-sdk/lib/surface/active_directory/domains/restore.yaml Normal file
View File

@@ -0,0 +1,43 @@
- release_tracks: [ALPHA, BETA, GA]
help_text:
brief: |
Restore a domain from the specified backup.
description: |
Restore a Managed Microsoft AD domain to a previous point in time when the
backup was taken.
This command can fail for the following reasons:
* The specified domain doesn't exist.
* The specified backup doesn't exist.
* The active account doesn't have permission to restore the specified domain.
examples: |
To restore the domain `my-domain.com` from backup `my-backup`, run:
$ {command} my-domain.com --backup=my-backup --async
async:
collection: managedidentities.projects.locations.global.operations
request:
collection: managedidentities.projects.locations.global.domains
ALPHA:
api_version: v1alpha1
BETA:
api_version: v1beta1
GA:
api_version: v1
method: restore
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.active_directory.resources:domain
help_text: |
Name of the Managed Microsoft AD domain you want to restore.
params:
- arg_name: backup
required: true
api_field: restoreDomainRequest.backupId
help_text: |
Name of the domain backup from which you want to restore the Managed Microsoft AD domain.

30
gcloud auth application-default login/google-cloud-sdk/lib/surface/active_directory/domains/set_iam_policy.yaml Normal file
View File

@@ -0,0 +1,30 @@
- release_tracks: [GA, BETA, ALPHA]
help_text:
brief: |
Set the IAM policy for a Managed Microsoft AD domain.
description: |
Set the IAM policy associated with a Managed Microsoft AD domain.
This command can fail for the following reasons:
* The domain specified does not exist.
* The active account does not have permission to access the given
domain's IAM policies.
examples: |
To set the IAM policy for `my-domain.com`, run:
$ {command} my-domain.com policy.json
See https://cloud.google.com/iam/docs/managing-policies for details of the
policy file format and contents.
request: &request
api_version: v1
collection: managedidentities.projects.locations.global.domains
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.active_directory.resources:domain
help_text: |
Name of the Managed Microsoft AD domain you want to set the IAM policy for.

27
gcloud auth application-default login/google-cloud-sdk/lib/surface/active_directory/domains/sql_integrations/__init__.py Normal file
View File

@@ -0,0 +1,27 @@
# -*- coding: utf-8 -*- #
# Copyright 2019 Google Inc. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Command group for Cloud SQL integrations with Managed Microsoft AD domains."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.calliope import base
@base.ReleaseTracks(base.ReleaseTrack.BETA,
base.ReleaseTrack.ALPHA)
class SqlIntegrations(base.Group):
"""Discover Cloud SQL integrations with Managed Microsoft AD domains."""

39
gcloud auth application-default login/google-cloud-sdk/lib/surface/active_directory/domains/sql_integrations/describe.yaml Normal file
View File

@@ -0,0 +1,39 @@
- release_tracks: [ALPHA, BETA]
help_text:
brief: |
Describe a Cloud SQL integration against a Managed Microsoft AD domain.
description: |
Describe a Cloud SQL integration against a Managed Microsoft AD domain.
Displays all details of a Cloud SQL integration given a valid integration ID.
examples: |
To describe a Cloud SQL integration with the ID
`my-integration` under the managed AD domain `my-domain`, run:
$ {command} my-integration --domain=my-domain --project=my-project
request:
ALPHA:
api_version: v1alpha1
BETA:
api_version: v1beta1
collection: managedidentities.projects.locations.global.domains.sqlIntegrations
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.active_directory.resources:sql_integration
help_text: |
Arguments and flags that specify the SQL integration you want to describe.
response:
id_field: name
output:
format: |
table(
name.basename():label=NAME,
sqlInstance:label=SQL_INSTANCE,
state:label=STATE,
createTime.date()
)

38
gcloud auth application-default login/google-cloud-sdk/lib/surface/active_directory/domains/sql_integrations/list.yaml Normal file
View File

@@ -0,0 +1,38 @@
- release_tracks: [ALPHA, BETA]
help_text:
brief: |
List Cloud SQL Integrations for a Managed Microsoft AD domain.
description: |
List all Cloud SQL integrations for a specified Managed Microsoft AD domain.
examples: |
The following command lists all Cloud SQL integrations in the `my-domain.com` domain created
in the `my-project` project.
$ {command} --project=my-project --domain=my-domain.com
request:
collection: managedidentities.projects.locations.global.domains.sqlIntegrations
ALPHA:
api_version: v1alpha1
BETA:
api_version: v1beta1
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.active_directory.resources:domain
help_text: |
AD domain whose SQL integrations are to be listed.
response:
id_field: name
output:
format: |
table(
name.basename():label=NAME,
sqlInstance:label=SQL_INSTANCE,
state:label=STATE,
createTime.date()
)

28
gcloud auth application-default login/google-cloud-sdk/lib/surface/active_directory/domains/trusts/__init__.py Normal file
View File

@@ -0,0 +1,28 @@
# -*- coding: utf-8 -*- #
# Copyright 2019 Google Inc. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Command group for Managed Microsoft AD domains."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.calliope import base
@base.ReleaseTracks(base.ReleaseTrack.GA,
base.ReleaseTrack.BETA,
base.ReleaseTrack.ALPHA)
class Domains(base.Group):
"""Manage Managed Microsoft AD domains."""

76
gcloud auth application-default login/google-cloud-sdk/lib/surface/active_directory/domains/trusts/create.yaml Normal file
View File

@@ -0,0 +1,76 @@
- release_tracks: [GA, BETA, ALPHA]
help_text:
brief: |
Create a Microsoft Active Directory Trust between a Managed Microsoft AD domain and another
domain.
description: |
Create a Microsoft Active Directory Trust between a Managed Microsoft AD domain and another
domain.
This command can fail for the following reasons:
* The domain specified does not exist.
* The active account does not have permission to access the given
domain.
* A trust already exists with the same target domain name.
* The active account does not have permission to create AD trusts.
examples: |
The following command creates an external, bidirectional AD trust between `my-domain.com` and
`target-domain.com`.
$ {command} my-domain.com --target-domain-name=target-domain.com
--target-dns-ip-addresses=10.177.0.2 --type=EXTERNAL --direction=BIDIRECTIONAL
--selective-authentication=false --async
async:
collection: managedidentities.projects.locations.global.operations
request:
api_version: v1
collection: managedidentities.projects.locations.global.domains
method: attachTrust
modify_request_hooks:
- googlecloudsdk.command_lib.active_directory.trust_create_util:AddExtraTrustCreateArgs
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.active_directory.resources:domain
help_text: |
Name of the Managed Microsoft AD domain you want to create an AD trust from.
params:
- arg_name: target-domain-name
api_field: attachTrustRequest.trust.targetDomainName
required: true
help_text: |
Target domain name for the Managed Microsoft AD Trust.
- arg_name: target-dns-ip-addresses
api_field: attachTrustRequest.trust.targetDnsIpAddresses
required: true
help_text: |
Target DNS server IP addresses that can resolve the target domain.
Only IPv4 is supported.
- arg_name: type
default: "FOREST"
api_field: attachTrustRequest.trust.trustType
help_text: |
Type of the trust. Must be FOREST or EXTERNAL. Default is FOREST.
- arg_name: direction
default: "BIDIRECTIONAL"
api_field: attachTrustRequest.trust.trustDirection
help_text: |
Direction of the trust.
Must be one of: INBOUND, OUTBOUND, BIDIRECTIONAL. Default is BIDIRECTIONAL.
- arg_name: selective-authentication
default: false
api_field: attachTrustRequest.trust.selectiveAuthentication
help_text: |
If specified, trusted side will only have selective access to approved set of resources.
Otherwise, the trusted side has forest/domain wide access. Default is false.
- arg_name: handshake-secret
api_field: attachTrustRequest.trust.trustHandshakeSecret
help_text: |
Trust handshake secret with target domain. The secret will not be stored. If not specified,
command will prompt user for secret.

44
gcloud auth application-default login/google-cloud-sdk/lib/surface/active_directory/domains/trusts/delete.yaml Normal file
View File

@@ -0,0 +1,44 @@
- release_tracks: [GA, BETA, ALPHA]
help_text:
brief: |
Delete an Active Directory Trust between a Managed Microsoft AD domain and a target domain.
description: |
Delete an Active Directory trust between a Managed Microsoft AD domain and a target domain.
This command can fail for the following reasons:
* The domain specified does not exist.
* The active account does not have permission to access the given
domain.
* The AD trust specified does not exist.
* The active account does not have permission to access the given
AD trust.
examples: |
The following command deletes an AD trust between `my-ad-domain.com` and
`my-target-domain.com`.
$ {command} my-ad-domain.com --target-domain-name=my-target-domain.com
async:
collection: managedidentities.projects.locations.global.operations
input:
confirmation_prompt: |
You are about to delete a trust from [{__name__}].
request:
api_version: v1
collection: managedidentities.projects.locations.global.domains
method: detachTrust
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.active_directory.resources:domain
help_text: |
Name of the Managed Microsoft AD domain you want to delete a trust from.
params:
- arg_name: target-domain-name
api_field: detachTrustRequest.trust.targetDomainName
required: true
help_text: |
Target domain name for the Managed Microsoft AD trust you want to delete.

50
gcloud auth application-default login/google-cloud-sdk/lib/surface/active_directory/domains/trusts/update.yaml Normal file
View File

@@ -0,0 +1,50 @@
- release_tracks: [GA, BETA, ALPHA]
help_text:
brief: |
Update target DNS IP addresses for a Managed Microsoft AD trust.
description: |
Update target DNS IP addresses for a Managed Microsoft AD trust between the
managed domain and the target domain.
This command can fail for the following reasons:
* The domain specified does not exist.
* The active account does not have permission to access the given
domain.
* The AD trust specified does not exist.
* The active account does not have permission to access the given
AD trust.
examples: |
The following command updates the target DNS IP address for the AD trust
between `my-domain.com` and ` my-target-domain.com` to `10.177.0.3`.
$ {command} my-domain.com --target-domain-name=my-target-domain.com
--target-dns-ip-addresses=10.177.0.3
async:
collection: managedidentities.projects.locations.global.operations
request:
api_version: v1
collection: managedidentities.projects.locations.global.domains
method: reconfigureTrust
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.active_directory.resources:domain
help_text: |
Name of the Managed Microsoft AD trust for which you want to update
target DNS IP Addresses.
params:
- arg_name: target-domain-name
api_field: reconfigureTrustRequest.targetDomainName
required: true
help_text: |
Target domain name for the Managed Microsoft AD trust you want to update.
- arg_name: target-dns-ip-addresses
api_field: reconfigureTrustRequest.targetDnsIpAddresses
required: true
help_text: |
DNS server IP addresses that can resolve the target domain.
Only IPv4 is supported.

43
gcloud auth application-default login/google-cloud-sdk/lib/surface/active_directory/domains/trusts/validate_state.yaml Normal file
View File

@@ -0,0 +1,43 @@
- release_tracks: [GA, BETA, ALPHA]
help_text:
brief: |
Validate the state of a Managed Microsoft AD trust.
description: |
Validate the state of a Managed Microsoft AD trust.
Verify that the trust has been properly created and that the domains/forests can
communicate with each other.
This command can fail for the following reasons:
* The AD domain specified does not exist.
* The active account does not have permission to access the given
AD domain.
* The AD trust specified does not exist.
* The active account does not have permission to access the given
AD trust.
examples: |
The following command validates state for an AD trust with the given target
domain name ` my-target-domain.com`.
$ {command} my-domain.com --target-domain-name=my-target-domain.com
async:
collection: managedidentities.projects.locations.global.operations
request:
api_version: v1
collection: managedidentities.projects.locations.global.domains
method: validateTrust
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.active_directory.resources:domain
help_text: |
Name of the the Managed Microsoft AD trust for which you want to validate state.
params:
- arg_name: target-domain-name
api_field: validateTrustRequest.trust.targetDomainName
required: true
help_text: |
Target domain name of the Managed Microsoft AD Active Directory trust you want to validate.

79
gcloud auth application-default login/google-cloud-sdk/lib/surface/active_directory/domains/update.yaml Normal file
View File

@@ -0,0 +1,79 @@
- release_tracks: [GA, BETA, ALPHA]
help_text:
brief: |
Update a Managed Microsoft AD domain.
description: |
Update the metadata and/or configuration parameters of a managed
Microsoft AD domain.
This command can fail for the following reasons:
* The AD domain specified does not exist.
* The active account does not have permission to update the given
AD domain.
examples: |
The following command updates an AD domain with the name
`my-domain.com` to add the two labels, `env` and `service` and to add a
provisioned region `us-west1`:
$ {command} my-domain.com --update-labels=env=test,service=foo \
--add-region=us-west1
This peers the domain `my-domain.com` to the network `my-network`.
$ {command} my-domain.com
--add-authorized-networks=projects/my-project/global/networks/my-network
async:
collection: managedidentities.projects.locations.global.operations
request: &request
ALPHA:
api_version: v1alpha1
modify_request_hooks:
- googlecloudsdk.command_lib.active_directory.domains_update_util:CheckFieldsSpecified
- googlecloudsdk.command_lib.active_directory.domains_update_util:UpdatePatchRequest
- googlecloudsdk.command_lib.active_directory.domains_update_util:UpdateLabels
- googlecloudsdk.command_lib.active_directory.flags:UpdateAuditLogsEnabled
- googlecloudsdk.command_lib.active_directory.flags:AddRegionFlag
- googlecloudsdk.command_lib.active_directory.flags:RemoveRegionFlag
- googlecloudsdk.command_lib.active_directory.flags:AddAuthorizedNetworksFlag
- googlecloudsdk.command_lib.active_directory.flags:RemoveAuthorizedNetworksFlag
BETA:
api_version: v1beta1
modify_request_hooks:
- googlecloudsdk.command_lib.active_directory.domains_update_util:CheckFieldsSpecified
- googlecloudsdk.command_lib.active_directory.domains_update_util:UpdatePatchRequest
- googlecloudsdk.command_lib.active_directory.domains_update_util:UpdateLabels
- googlecloudsdk.command_lib.active_directory.flags:UpdateAuditLogsEnabled
- googlecloudsdk.command_lib.active_directory.flags:AddRegionFlag
- googlecloudsdk.command_lib.active_directory.flags:RemoveRegionFlag
- googlecloudsdk.command_lib.active_directory.flags:AddAuthorizedNetworksFlag
- googlecloudsdk.command_lib.active_directory.flags:RemoveAuthorizedNetworksFlag
GA:
api_version: v1
modify_request_hooks:
- googlecloudsdk.command_lib.active_directory.domains_update_util:CheckFieldsSpecified
- googlecloudsdk.command_lib.active_directory.domains_update_util:UpdatePatchRequest
- googlecloudsdk.command_lib.active_directory.domains_update_util:UpdateLabels
- googlecloudsdk.command_lib.active_directory.flags:UpdateAuditLogsEnabled
- googlecloudsdk.command_lib.active_directory.flags:AddRegionFlag
- googlecloudsdk.command_lib.active_directory.flags:RemoveRegionFlag
- googlecloudsdk.command_lib.active_directory.flags:AddAuthorizedNetworksFlag
- googlecloudsdk.command_lib.active_directory.flags:RemoveAuthorizedNetworksFlag
collection: managedidentities.projects.locations.global.domains
method: patch
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.active_directory.resources:domain
help_text: |
Name of the Managed Microsoft AD domain you want to update.
additional_arguments_hook: googlecloudsdk.command_lib.active_directory.flags:AdditionalDomainUpdateArguments
params:
- arg_name: enable-audit-logs
type: bool
action: store_true
api_field: domain.auditLogsEnabled
help_text: |
If specified, Active Directory data audit logs are enabled for the domain.

64
gcloud auth application-default login/google-cloud-sdk/lib/surface/active_directory/domains/update_ldaps_settings.yaml Normal file
View File

@@ -0,0 +1,64 @@
- release_tracks: [GA, BETA, ALPHA]
help_text:
brief: Update the LDAPS settings for a domain.
description: |
Update a Managed Microsoft AD domain's Lightweight Directory Access Protocol over TLS/SSL (LDAPS) settings.
You must be safelisted for the Managed AD LDAPS Alpha in order to use this feature.
Consult the API documentation for a list of certificate requirements.
This command can fail for the following reasons:
* The certificate is invalid.
* The domain specified does not exist.
* The active account does not have permission to view LDAPS settings for the domain.
examples: |
To enable LDAPS for the first time or update the certificates being used:
$ {command} my-domain.com --certificate-pfx-file=certificate-chain-with-private-key.pfx --certificate-password="password"
To disable LDAPS:
$ {command} my-domain.com --clear-certificates
request:
collection: managedidentities.projects.locations.global.domains
ALPHA:
api_version: v1alpha1
BETA:
api_version: v1beta1
GA:
api_version: v1
method: updateLdapssettings
modify_request_hooks:
- googlecloudsdk.command_lib.active_directory.domains_update_util:ProcessPfxFile
- googlecloudsdk.command_lib.active_directory.domains_update_util:ReadPfxPasswordIfNeeded
- googlecloudsdk.command_lib.active_directory.domains_update_util:ClearCertificates
arguments:
resource:
help_text: |
Name of the managed Managed Microsoft AD domain you want to update.
spec: !REF googlecloudsdk.command_lib.active_directory.resources:domain
params:
- group:
mutex: true
required: true
params:
- group:
params:
- arg_name: certificate-pfx-file
type: googlecloudsdk.calliope.arg_parsers:FileContents:binary=True
help_text: |-
PKCS#12-formatted pfx file that specifies the certificate chain used to configure LDAPS.
If certificate-password is not specified, command will prompt user for secret.
required: true
- arg_name: certificate-password
help_text: |
Password used to encrypt the PKCS#12 certificate. If not specified, command will prompt user for secret.
- arg_name: clear-certificates
type: bool
help_text: |
Disable LDAPS by deleting all existing certificates. Certificates will need to be re-uploaded if LDAPS is to be re-enabled.
async:
collection: managedidentities.projects.locations.global.operations

28
gcloud auth application-default login/google-cloud-sdk/lib/surface/active_directory/operations/__init__.py Normal file
View File

@@ -0,0 +1,28 @@
# -*- coding: utf-8 -*- #
# Copyright 2019 Google Inc. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Command group for Managed Microsoft AD operations."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.calliope import base
@base.ReleaseTracks(base.ReleaseTrack.GA,
base.ReleaseTrack.BETA,
base.ReleaseTrack.ALPHA)
class Operations(base.Group):
"""Manage Managed Microsoft AD operations."""

77
gcloud auth application-default login/google-cloud-sdk/lib/surface/active_directory/operations/cancel.py Normal file
View File

@@ -0,0 +1,77 @@
# -*- coding: utf-8 -*- #
# Copyright 2019 Google Inc. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Command for Managed Microsoft AD operations cancel."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
import io
from googlecloudsdk.api_lib.active_directory import exceptions
from googlecloudsdk.calliope import base
from googlecloudsdk.calliope import display
from googlecloudsdk.command_lib.active_directory import flags
from googlecloudsdk.command_lib.active_directory import util
from googlecloudsdk.core import log
from googlecloudsdk.core.console import console_io
from googlecloudsdk.core.resource import resource_printer
@base.ReleaseTracks(base.ReleaseTrack.ALPHA,
base.ReleaseTrack.BETA,
base.ReleaseTrack.GA)
class Cancel(base.Command):
"""Cancel a Managed Microsoft AD operation."""
@staticmethod
def Args(parser):
"""Register flags for this command."""
flags.AddOperationResourceArg(parser, 'to cancel')
def Run(self, args):
# resource represents the Managed Microsoft AD operation.
resource = args.CONCEPTS.name.Parse()
client = util.GetClientForResource(resource)
messages = util.GetMessagesForResource(resource)
get_req = \
messages.ManagedidentitiesProjectsLocationsGlobalOperationsGetRequest(
name=resource.RelativeName())
op = client.projects_locations_global_operations.Get(get_req)
operation_string = io.StringIO()
print_format = display.Displayer(self, args).GetFormat()
resource_printer.Print(op, print_format, out=operation_string)
if not console_io.PromptContinue(
message='{}\nThis operation will be canceled'.format(
operation_string.getvalue())):
raise exceptions.ActiveDirectoryError('Cancel aborted by user.')
cancel_req = \
messages.ManagedidentitiesProjectsLocationsGlobalOperationsCancelRequest(
name=resource.RelativeName())
client.projects_locations_global_operations.Cancel(cancel_req)
log.status.write('Canceled [{0}].\n'.format(resource.RelativeName()))
Cancel.detailed_help = {
'brief':
'Cancel a Managed Microsoft AD operation.',
'EXAMPLES':
"""
The following command cancels an operation called
`operation-1484002552235-425b144f8c3f8-81aa4b49-0830d1e9`:
$ {command} operation-1484002552235-425b144f8c3f8-81aa4b49-0830d1e9
"""
}

27
gcloud auth application-default login/google-cloud-sdk/lib/surface/active_directory/operations/describe.yaml Normal file
View File

@@ -0,0 +1,27 @@
- release_tracks: [GA, BETA, ALPHA]
help_text:
brief: |
Describe a Managed Microsoft AD operation.
description: |
Describe a Managed Microsoft AD operation given a valid operation name.
This command can fail for the following reasons:
* The operation specified does not exist.
* The active account does not have permission to access the given
operation.
examples: |
The following command describes an operation called
`operation-1484002552235-425b144f8c3f8-81aa4b49-0830d1e9`:
$ {command} operation-1484002552235-425b144f8c3f8-81aa4b49-0830d1e9
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.active_directory.resources:operation
help_text: |
Name of the Managed Microsoft AD operation you want to describe.
request: &request
api_version: v1
collection: managedidentities.projects.locations.global.operations

37
gcloud auth application-default login/google-cloud-sdk/lib/surface/active_directory/operations/list.yaml Normal file
View File

@@ -0,0 +1,37 @@
- release_tracks: [GA, BETA, ALPHA]
help_text:
brief: |
List Managed Microsoft AD operations.
description: |
List all Managed Microsoft AD operations in the specified project.
You can specify the maximum number of operations to list using the
`--limit` flag.
examples: |
The following command lists a maximum of five operations:
$ {command} --limit=5
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.active_directory.resources:project
help_text: |
Region of the operations to display.
request: &request
api_version: v1
collection: managedidentities.projects.locations.global.operations
modify_request_hooks:
- googlecloudsdk.command_lib.active_directory.util:UpdateOperationRequestNameVariable
output:
format: |
table(
name.basename():label=OPERATION_NAME,
metadata.verb:label=TYPE,
metadata.target.basename(),
done,
metadata.createTime.date():sort=1,
duration(start=metadata.createTime,end=metadata.endTime,precision=0,calendar=false).slice(2:).join("").yesno(no="<1S"):label=DURATION
)

27
gcloud auth application-default login/google-cloud-sdk/lib/surface/active_directory/peerings/__init__.py Normal file
View File

@@ -0,0 +1,27 @@
# -*- coding: utf-8 -*- #
# Copyright 2019 Google Inc. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Command group for Managed Microsoft AD peerings."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.calliope import base
@base.ReleaseTracks(base.ReleaseTrack.GA,
base.ReleaseTrack.BETA,
base.ReleaseTrack.ALPHA)
class Peerings(base.Group):
"""Managed Microsoft AD peerings."""

51
gcloud auth application-default login/google-cloud-sdk/lib/surface/active_directory/peerings/create.yaml Normal file
View File

@@ -0,0 +1,51 @@
- release_tracks: [GA, BETA, ALPHA]
help_text:
brief: |
Create a Managed Microsoft Active Directory domain peering.
description: |
Create a new Managed Microsoft AD domain peering with the given name using Google Cloud's
Managed Service for Microsoft Active Directory.
This command can fail for the following reasons:
* A domain peering with the same name already exists.
* The active account does not have permission to create AD domains peerings.
* There is an overlap between the provided CIDR range and authorized network's CIDR.
examples: |
The following command creates an AD domain peering with the name
``my-peering'', network ``my-network'' and domain
``projects/domain-project/locations/global/domains/domain.com''
$ {command} my-peering --domain=projects/domain-project/locations/global/domains/domain.com --authorized-network=projects/network-project/global/networks/my-network
async:
collection: managedidentities.projects.locations.global.operations
request:
collection: managedidentities.projects.locations.global.peerings
method: create
modify_request_hooks:
- googlecloudsdk.command_lib.active_directory.util:AppendLocationsGlobalToParent
ALPHA:
api_version: v1alpha1
BETA:
api_version: v1beta1
GA:
api_version: v1
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.active_directory.resources:peering
help_text: |
Name of the managed Managed Microsoft AD domain peering you want to create.
params:
- arg_name: domain
required: true
api_field: peering.domainResource
help_text: |
Name of the managed Managed Microsoft AD domain you want to peer to.
- arg_name: authorized-network
required: true
api_field: peering.authorizedNetwork
help_text: |
Name of the Network that is authorized to communicate with Managed Microsoft AD domain. This is usually the full path name of the network in the peer project.

35
gcloud auth application-default login/google-cloud-sdk/lib/surface/active_directory/peerings/delete.yaml Normal file
View File

@@ -0,0 +1,35 @@
- release_tracks: [GA, BETA, ALPHA]
help_text:
brief: |
Delete a Managed Microsoft Active Directory domain peering.
description: |
Delete a Managed Microsoft Active Directory (AD) domain peering.
This command can fail for the following reasons:
* The active account does not have permission to access the given
AD domain.
* The domain peering is no longer existed.
examples: |
The following command deletes an AD domain peering with the name
``my-peering''.
$ {command} my-peering
async:
collection: managedidentities.projects.locations.global.operations
request: &request
collection: managedidentities.projects.locations.global.peerings
ALPHA:
api_version: v1alpha1
BETA:
api_version: v1beta1
GA:
api_version: v1
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.active_directory.resources:peering
help_text: |
Name of the managed Managed Microsoft AD domain peering you want to delete.

35
gcloud auth application-default login/google-cloud-sdk/lib/surface/active_directory/peerings/describe.yaml Normal file
View File

@@ -0,0 +1,35 @@
- release_tracks: [GA, BETA, ALPHA]
help_text:
brief: |
Describe a Managed Microsoft Active Directory domain peering.
description: |
Show metadata for a Managed Microsoft AD domain peering.
Displays all metadata associated with a Active Directory domain peering given a
valid domain peering name.
This command can fail for the following reasons:
* The specified domain peering does not exist.
* The active account does not have permission to access the given
domain.
examples: |
The following command gets metadata for an AD domain peering with the name
``my-peering''.
$ {command} my-peering
request: &request
collection: managedidentities.projects.locations.global.peerings
ALPHA:
api_version: v1alpha1
BETA:
api_version: v1beta1
GA:
api_version: v1
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.active_directory.resources:peering
help_text: |
Name of the Managed Microsoft AD domain peering you want to describe.

47
gcloud auth application-default login/google-cloud-sdk/lib/surface/active_directory/peerings/list.yaml Normal file
View File

@@ -0,0 +1,47 @@
- release_tracks: [GA, BETA, ALPHA]
help_text:
brief: |
List all Managed Microsoft Active Directory domain peerings.
description: |
List all Managed Microsoft AD domain peerings in the given project.
Displays associated Active Directory domain peerings.
This command can fail for the following reasons:
* The active account does not have permission to access the given
domain.
examples: |
The following command lists five AD domain peerings in the project.
$ {command} --limit=5
request: &request
collection: managedidentities.projects.locations.global.peerings
modify_request_hooks:
- googlecloudsdk.command_lib.active_directory.util:AppendLocationsGlobalToParent
ALPHA:
api_version: v1alpha1
BETA:
api_version: v1beta1
GA:
api_version: v1
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.active_directory.resources:project
help_text: |
Name of the project want to list all Managed Microsoft AD domain peerings.
response:
id_field: name
output:
format: |
table(
name.basename():label=PEERING_NAME,
domainResource:label=DOMAIN_NAME,
authorizedNetwork:label=AUTHORIZED_NETWORK,
state:label=PEERING_STATE,
createTime.date():sort=1
)

47
gcloud auth application-default login/google-cloud-sdk/lib/surface/active_directory/peerings/update.yaml Normal file
View File

@@ -0,0 +1,47 @@
- release_tracks: [GA, BETA, ALPHA]
help_text:
brief: |
Update a Managed Microsoft Active Directory domain peering.
description: |
Update a Managed Microsoft Active Directory (AD) domain peering.
This command can fail for the following reasons:
* The active account does not have permission to access the given
AD domain.
examples: |
The following command updates an AD domain peering ``my-peering'' with the label ``l1'' and ``l2''
$ {command} my-peering --update-labels=l1=1,l2=2
async:
collection: managedidentities.projects.locations.global.operations
request: &request
collection: managedidentities.projects.locations.global.peerings
ALPHA:
api_version: v1alpha1
modify_request_hooks:
- googlecloudsdk.command_lib.active_directory.peering_util:UpdatePatchRequest
- googlecloudsdk.command_lib.active_directory.peering_util:UpdateLabels
BETA:
api_version: v1beta1
modify_request_hooks:
- googlecloudsdk.command_lib.active_directory.peering_util:UpdatePatchRequest
- googlecloudsdk.command_lib.active_directory.peering_util:UpdateLabels
GA:
api_version: v1
modify_request_hooks:
- googlecloudsdk.command_lib.active_directory.peering_util:UpdatePatchRequest
- googlecloudsdk.command_lib.active_directory.peering_util:UpdateLabels
method: patch
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.active_directory.resources:peering
help_text: |
Name of the managed Managed Microsoft AD domain you want to delete.
additional_arguments_hook: googlecloudsdk.command_lib.active_directory.flags:PeeringUpdateLabelsFlags