HEX
Server: Apache/2.4.65 (Ubuntu)
System: Linux ielts-store-v2 6.8.0-1036-gcp #38~22.04.1-Ubuntu SMP Thu Aug 14 01:19:18 UTC 2025 x86_64
User: root (0)
PHP: 7.2.34-54+ubuntu20.04.1+deb.sury.org+1
Disabled: pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,
$ pwd: /snap/google-cloud-cli/current/lib/surface/active_directory/domains/trusts/
Upload Files
File: //snap/google-cloud-cli/current/lib/surface/active_directory/domains/trusts/create.yaml
- release_tracks: [GA, BETA, ALPHA]

  help_text:
    brief: |
      Create a Microsoft Active Directory Trust between a Managed Microsoft AD domain and another
      domain.
    description: |
      Create a Microsoft Active Directory Trust between a Managed Microsoft AD domain and another
      domain.

      This command can fail for the following reasons:
        * The domain specified does not exist.
        * The active account does not have permission to access the given
          domain.
        * A trust already exists with the same target domain name.
        * The active account does not have permission to create AD trusts.
    examples: |
      The following command creates an external, bidirectional AD trust between `my-domain.com` and
      `target-domain.com`.

        $ {command} my-domain.com --target-domain-name=target-domain.com
        --target-dns-ip-addresses=10.177.0.2 --type=EXTERNAL --direction=BIDIRECTIONAL
        --selective-authentication=false --async

  async:
    collection: managedidentities.projects.locations.global.operations

  request:
    api_version: v1
    collection: managedidentities.projects.locations.global.domains
    method: attachTrust
    modify_request_hooks:
    - googlecloudsdk.command_lib.active_directory.trust_create_util:AddExtraTrustCreateArgs

  arguments:
    resource:
      spec: !REF googlecloudsdk.command_lib.active_directory.resources:domain
      help_text: |
        Name of the Managed Microsoft AD domain you want to create an AD trust from.
    params:
    - arg_name: target-domain-name
      api_field: attachTrustRequest.trust.targetDomainName
      required: true
      help_text: |
        Target domain name for the Managed Microsoft AD Trust.
    - arg_name: target-dns-ip-addresses
      api_field: attachTrustRequest.trust.targetDnsIpAddresses
      required: true
      help_text: |
        Target DNS server IP addresses that can resolve the target domain.

        Only IPv4 is supported.
    - arg_name: type
      default: "FOREST"
      api_field: attachTrustRequest.trust.trustType
      help_text: |
        Type of the trust. Must be FOREST or EXTERNAL. Default is FOREST.
    - arg_name: direction
      default: "BIDIRECTIONAL"
      api_field: attachTrustRequest.trust.trustDirection
      help_text: |
        Direction of the trust.

        Must be one of: INBOUND, OUTBOUND, BIDIRECTIONAL. Default is BIDIRECTIONAL.
    - arg_name: selective-authentication
      default: false
      api_field: attachTrustRequest.trust.selectiveAuthentication
      help_text: |
        If specified, trusted side will only have selective access to approved set of resources.

        Otherwise, the trusted side has forest/domain wide access. Default is false.
    - arg_name: handshake-secret
      api_field: attachTrustRequest.trust.trustHandshakeSecret
      help_text: |
       Trust handshake secret with target domain. The secret will not be stored. If not specified,
       command will prompt user for secret.
@ Telegram