101 lines
3.5 KiB
YAML
101 lines
3.5 KiB
YAML
- release_tracks: [ALPHA, BETA, GA]
|
|
|
|
help_text:
|
|
brief: |
|
|
Create a Managed Microsoft AD domain.
|
|
description: |
|
|
Create a new Managed Microsoft AD domain with the given name using Google Cloud's
|
|
Managed Service for Microsoft Active Directory.
|
|
|
|
This command can fail for the following reasons:
|
|
* An AD domain with the same name already exists.
|
|
* The active account does not have permission to create AD domains.
|
|
* There is an overlap between the provided CIDR range and authorized network's CIDR.
|
|
* A valid region was not provided.
|
|
examples: |
|
|
The following command creates an AD domain with the name
|
|
`my-domain.com` in region `us-central1`, a network peering to `my-network` and
|
|
consuming the IP address range `10.172.0.0/24`.
|
|
|
|
$ {command} my-domain.com --region=us-central1 --reserved-ip-range="10.172.0.0/24"
|
|
--authorized-networks=projects/my-project/global/networks/my-network
|
|
|
|
async:
|
|
collection: managedidentities.projects.locations.global.operations
|
|
|
|
request: &request
|
|
collection: managedidentities.projects.locations.global.domains
|
|
modify_request_hooks:
|
|
- googlecloudsdk.command_lib.active_directory.util:AppendLocationsGlobalToParent
|
|
ALPHA:
|
|
api_version: v1alpha1
|
|
BETA:
|
|
api_version: v1beta1
|
|
GA:
|
|
api_version: v1
|
|
|
|
arguments:
|
|
resource:
|
|
spec: !REF googlecloudsdk.command_lib.active_directory.resources:domain
|
|
help_text: |
|
|
Name of the managed Managed Microsoft AD domain you want to create.
|
|
params:
|
|
- arg_name: authorized-networks
|
|
api_field: domain.authorizedNetworks
|
|
help_text: |
|
|
Names of the Google Compute Engine networks to which the domain will be connected.
|
|
- arg_name: region
|
|
api_field: domain.locations
|
|
help_text: |
|
|
Google Compute Engine region in which to provision domain controllers.
|
|
required: true
|
|
- arg_name: admin-name
|
|
ALPHA:
|
|
api_field: domain.managedIdentitiesAdminName
|
|
BETA:
|
|
api_field: domain.admin
|
|
GA:
|
|
api_field: domain.admin
|
|
help_text: |
|
|
Name of the administrator that may be used to perform Active Directory
|
|
operations. This is a delegated administrator account provisioned by our service.
|
|
If left unspecified `MIAdmin` will be used. This is different from both the domain
|
|
administrator and the Directory Services Restore Mode (DSRM) administrator.
|
|
- arg_name: labels
|
|
api_field: domain.labels.additionalProperties
|
|
metavar: KEY=VALUE
|
|
help_text: |
|
|
List of label KEY=VALUE pairs to add.
|
|
type:
|
|
arg_dict:
|
|
flatten: true
|
|
spec:
|
|
- api_field: key
|
|
- api_field: value
|
|
- arg_name: tags
|
|
release_tracks: [GA]
|
|
# TODO(b/338531743): Remove hidden as part of GA launch.
|
|
hidden: true
|
|
api_field: domain.tags.additionalProperties
|
|
metavar: KEY=VALUE
|
|
help_text: |
|
|
List of tag KEY=VALUE pairs to add.
|
|
type:
|
|
arg_dict:
|
|
flatten: true
|
|
spec:
|
|
- api_field: key
|
|
- api_field: value
|
|
- arg_name: reserved-ip-range
|
|
api_field: domain.reservedIpRange
|
|
help_text: |
|
|
Classless Inter-Domain Routing range of internal addresses that
|
|
are reserved for this domain.
|
|
required: true
|
|
- arg_name: enable-audit-logs
|
|
type: bool
|
|
action: store_true
|
|
api_field: domain.auditLogsEnabled
|
|
help_text: |
|
|
If specified, Active Directory data audit logs are enabled for the domain.
|