googleActiveDirectoryPeering

Creates a Peering for Managed AD instance.

\~> Warning: This resource is in beta, and should be used with the terraform-provider-google-beta provider. See Provider Versions for more details on beta resources.

To get more information about Peering, see:

• API documentation
• How-to Guides
• Active Directory Domain Peering

Example Usage - Active Directory Peering Basic

resource "google_active_directory_peering" "ad-domain-peering" {
    provider           = google-beta
    domain_resource    = google_active_directory_domain.ad-domain.name
    peering_id         = "ad-domain-peering"
    authorized_network = google_compute_network.peered-network.id
    labels             = {
        foo = "bar"
    }
}

resource "google_active_directory_domain" "ad-domain" {
    provider            = google-beta
    domain_name         = "ad.test.d-%{random_suffix}.com"
    locations           = ["us-central1"]
    reserved_ip_range   = "192.168.255.0/24"
    authorized_networks = [google_compute_network.source-network.id]
}

resource "google_compute_network" "peered-network" {
    provider = google-beta
    project  = google_project_service.compute.project
    name     = "ad-peered-network"
}

resource "google_compute_network" "source-network" {
    provider = google-beta
    name     = "ad-network"
}

resource "google_project_service" "compute" {
    provider = google-beta
    project  = google_project.peered-project.project_id
    service  = "compute.googleapis.com"
}

resource "google_project" "peered-project" {
    provider        = google-beta
    name            = "peered-project-%{random_suffix}"
    project_id      = "peered-project-%{random_suffix}"
    org_id          = "123456789"
    billing_account = "000000-0000000-0000000-000000"
}

Argument Reference

The following arguments are supported:

• authorizedNetwork - (Required) The full names of the Google Compute Engine networks to which the instance is connected. Caller needs to make sure that CIDR subnets do not overlap between networks, else peering creation will fail.

• domainResource - (Required) Full domain resource path for the Managed AD Domain involved in peering. The resource path should be in the form projects/{projectId}/locations/global/domains/{domainName}

• peeringId - (Required)

• labels - (Optional) Resource labels that can contain user-provided metadata

• status - (Optional) The current state of this Peering.

• statusMessage - (Optional) Additional information about the current status of this peering, if available.

• project - (Optional) The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

Attributes Reference

In addition to the arguments listed above, the following computed attributes are exported:

• id - an identifier for the resource with format projects/{{project}}/locations/global/domains/{{peeringId}}

• name - Unique name of the peering in this scope including projects and location using the form: projects/{projectId}/locations/global/peerings/{peeringId}.

Timeouts

This resource provides the following Timeouts configuration options:

• create - Default is 20 minutes.
• update - Default is 20 minutes.
• delete - Default is 20 minutes.

Import

This resource does not support import.

User Project Overrides

This resource supports User Project Overrides.