domains
Creates, updates, deletes, gets or lists a domains resource.
Overview
| Name | domains |
| Type | Resource |
| Id | google.managedidentities.domains |
Fields
| Name | Datatype | Description |
|---|---|---|
name | string | Required. The unique name of the domain using the form: projects/{project_id}/locations/global/domains/{domain_name}. |
admin | string | Optional. The name of delegated administrator account used to perform Active Directory operations. If not specified, setupadmin will be used. |
auditLogsEnabled | boolean | Optional. Configuration for audit logs. True if audit logs are enabled, else false. Default is audit logs disabled. |
authorizedNetworks | array | Optional. The full names of the Google Compute Engine networks the domain instance is connected to. Networks can be added using UpdateDomain. The domain is only available on networks listed in authorized_networks. If CIDR subnets overlap between networks, domain creation will fail. |
createTime | string | Output only. The time the instance was created. |
fqdn | string | Output only. The fully-qualified domain name of the exposed domain used by clients to connect to the service. Similar to what would be chosen for an Active Directory set up on an internal network. |
labels | object | Optional. Resource labels that can contain user-provided metadata. |
locations | array | Required. Locations where domain needs to be provisioned. The locations can be specified according to https://cloud.google.com/compute/docs/regions-zones, such as us-west1 or us-east4. Each domain supports up to 4 locations, separated by commas. Each location will use a /26 block. |
reservedIpRange | string | Required. The CIDR range of internal addresses that are reserved for this domain. Reserved networks must be /24 or larger. Ranges must be unique and non-overlapping with existing subnets in [Domain].[authorized_networks]. |
state | string | Output only. The current state of this domain. |
statusMessage | string | Output only. Additional information about the current status of this domain, if available. |
trusts | array | Output only. The current trusts associated with the domain. |
updateTime | string | Output only. The last update time. |
Methods
| Name | Accessible by | Required Params | Description |
|---|---|---|---|
get | SELECT | domainsId, projectsId | Gets information about a domain. |
list | SELECT | projectsId | Lists domains in a project. |
create | INSERT | projectsId | Creates a Microsoft AD domain. |
delete | DELETE | domainsId, projectsId | Deletes a domain. |
patch | UPDATE | domainsId, projectsId | Updates the metadata and configuration of a domain. |
attach_trust | EXEC | domainsId, projectsId | Adds an AD trust to a domain. |
check_migration_permission | EXEC | domainsId, projectsId | CheckMigrationPermission API gets the current state of DomainMigration |
detach_trust | EXEC | domainsId, projectsId | Removes an AD trust. |
disable_migration | EXEC | domainsId, projectsId | Disable Domain Migration |
domain_join_machine | EXEC | domainsId, projectsId | DomainJoinMachine API joins a Compute Engine VM to the domain |
enable_migration | EXEC | domainsId, projectsId | Enable Domain Migration |
extend_schema | EXEC | domainsId, projectsId | Extend Schema for Domain |
reconfigure_trust | EXEC | domainsId, projectsId | Updates the DNS conditional forwarder. |
reset_admin_password | EXEC | domainsId, projectsId | Resets a domain's administrator password. |
restore | EXEC | domainsId, projectsId | RestoreDomain restores domain backup mentioned in the RestoreDomainRequest |
validate_trust | EXEC | domainsId, projectsId | Validates a trust state, that the target domain is reachable, and that the target domain is able to accept incoming trust requests. |
SELECT examples
Lists domains in a project.
SELECT
name,
admin,
auditLogsEnabled,
authorizedNetworks,
createTime,
fqdn,
labels,
locations,
reservedIpRange,
state,
statusMessage,
trusts,
updateTime
FROM google.managedidentities.domains
WHERE projectsId = '{{ projectsId }}';
INSERT example
Use the following StackQL query and manifest file to create a new domains resource.
- All Properties
- Manifest
/*+ create */
INSERT INTO google.managedidentities.domains (
projectsId,
name,
labels,
authorizedNetworks,
reservedIpRange,
locations,
admin,
auditLogsEnabled
)
SELECT
'{{ projectsId }}',
'{{ name }}',
'{{ labels }}',
'{{ authorizedNetworks }}',
'{{ reservedIpRange }}',
'{{ locations }}',
'{{ admin }}',
{{ auditLogsEnabled }}
;
- name: your_resource_model_name
props:
- name: name
value: string
- name: labels
value: object
- name: authorizedNetworks
value:
- string
- name: reservedIpRange
value: string
- name: locations
value:
- string
- name: admin
value: string
- name: fqdn
value: string
- name: createTime
value: string
- name: updateTime
value: string
- name: state
value: string
- name: statusMessage
value: string
- name: trusts
value:
- - name: targetDomainName
value: string
- name: trustType
value: string
- name: trustDirection
value: string
- name: selectiveAuthentication
value: boolean
- name: targetDnsIpAddresses
value:
- string
- name: trustHandshakeSecret
value: string
- name: createTime
value: string
- name: updateTime
value: string
- name: state
value: string
- name: stateDescription
value: string
- name: lastTrustHeartbeatTime
value: string
- name: auditLogsEnabled
value: boolean
UPDATE example
Updates a domains resource.
/*+ update */
UPDATE google.managedidentities.domains
SET
name = '{{ name }}',
labels = '{{ labels }}',
authorizedNetworks = '{{ authorizedNetworks }}',
reservedIpRange = '{{ reservedIpRange }}',
locations = '{{ locations }}',
admin = '{{ admin }}',
auditLogsEnabled = true|false
WHERE
domainsId = '{{ domainsId }}'
AND projectsId = '{{ projectsId }}';
DELETE example
Deletes the specified domains resource.
/*+ delete */
DELETE FROM google.managedidentities.domains
WHERE domainsId = '{{ domainsId }}'
AND projectsId = '{{ projectsId }}';