gcloud alpha active-directory domains trusts create

NAME
gcloud alpha active-directory domains trusts create - create a Microsoft Active Directory Trust between a Managed Microsoft AD ___domain and another ___domain
SYNOPSIS
gcloud alpha active-directory domains trusts create DOMAIN --target-dns-ip-addresses=[TARGET_DNS_IP_ADDRESSES,…] --target-___domain-name=TARGET_DOMAIN_NAME [--async] [--direction=DIRECTION; default="BIDIRECTIONAL"] [--handshake-secret=HANDSHAKE_SECRET] [--selective-authentication] [--type=TYPE; default="FOREST"] [GCLOUD_WIDE_FLAG]
DESCRIPTION
(ALPHA) Create a Microsoft Active Directory Trust between a Managed Microsoft AD ___domain and another ___domain.

This command can fail for the following reasons:

  • The ___domain specified does not exist.
  • The active account does not have permission to access the given ___domain.
  • A trust already exists with the same target ___domain name.
  • The active account does not have permission to create AD trusts.
EXAMPLES
The following command creates an external, bidirectional AD trust between my-___domain.com and target-___domain.com. 
gcloud alpha active-directory domains trusts create my-___domain.com --target-___domain-name=target-___domain.com --target-dns-ip-addresses=10.177.0.2 --type=EXTERNAL --direction=BIDIRECTIONAL --selective-authentication=false --async
POSITIONAL ARGUMENTS
Domain resource - Name of the Managed Microsoft AD ___domain you want to create an AD trust from. This represents a Cloud resource. (NOTE) Some attributes are not given arguments in this group but can be set in other ways.

To set the project attribute:

  • provide the argument ___domain on the command line with a fully specified name;
  • provide the argument --project on the command line;
  • set the property core/project.

This must be specified.

DOMAIN
ID of the ___domain or fully qualified identifier for the ___domain.

To set the ___domain attribute:

  • provide the argument ___domain on the command line.
REQUIRED FLAGS
--target-dns-ip-addresses=[TARGET_DNS_IP_ADDRESSES,…]
Target DNS server IP addresses that can resolve the target ___domain.

Only IPv4 is supported.

--target-___domain-name=TARGET_DOMAIN_NAME
Target ___domain name for the Managed Microsoft AD Trust.
OPTIONAL FLAGS
--async
Return immediately, without waiting for the operation in progress to complete.
--direction=DIRECTION; default="BIDIRECTIONAL"
Direction of the trust.

Must be one of: INBOUND, OUTBOUND, BIDIRECTIONAL. Default is BIDIRECTIONAL.

DIRECTION must be one of: bidirectional, inbound, outbound, trust-direction-unspecified.

--handshake-secret=HANDSHAKE_SECRET
Trust handshake secret with target ___domain. The secret will not be stored. If not specified, command will prompt user for secret.
--selective-authentication
If specified, trusted side will only have selective access to approved set of resources.

Otherwise, the trusted side has forest/___domain wide access. Default is false.

--type=TYPE; default="FOREST"
Type of the trust. Must be FOREST or EXTERNAL. Default is FOREST. TYPE must be one of: external, forest, trust-type-unspecified.
GCLOUD WIDE FLAGS
These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, --help, --impersonate-service-account, --log-http, --project, --quiet, --trace-token, --user-output-enabled, --verbosity.

Run $ gcloud help for details.

API REFERENCE
This command uses the managedidentities/v1 API. The full documentation for this API can be found at: https://cloud.google.com/managed-microsoft-ad/
NOTES
This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early access allowlist. These variants are also available: 
gcloud active-directory domains trusts create
 
gcloud beta active-directory domains trusts create