v5.18.0/website/docs/r/active_directory_domain_trust.html.markdown - terraform-provider-google-beta - Git at Google

 ---
 # ----------------------------------------------------------------------------
 #
 #     ***     AUTO GENERATED CODE    ***    Type: MMv1     ***
 #
 # ----------------------------------------------------------------------------
 #
 #     This file is automatically generated by Magic Modules and manual
 #     changes will be clobbered when the file is regenerated.
 #
 #     Please read more about how to change this file in
 #     .github/CONTRIBUTING.md.
 #
 # ----------------------------------------------------------------------------
 subcategory: "Managed Microsoft Active Directory"
 description: |-
   Adds a trust between Active Directory domains
 ---

 # google\_active\_directory\_domain\_trust

 Adds a trust between Active Directory domains


 To get more information about DomainTrust, see:

 * [API documentation](https://cloud.google.com/managed-microsoft-ad/reference/rest/v1/projects.locations.global.domains/attachTrust)
 * How-to Guides
     * [Active Directory Trust](https://cloud.google.com/managed-microsoft-ad/docs/create-one-way-trust)

 ~> **Warning:** All arguments including the following potentially sensitive
 values will be stored in the raw state as plain text: `trust_handshake_secret`.
 [Read more about sensitive data in state](https://www.terraform.io/language/state/sensitive-data).

 ## Example Usage - Active Directory Domain Trust Basic


 ```hcl
 resource "google_active_directory_domain_trust" "ad-domain-trust" {
     domain     = "test-managed-ad.com"
     target_domain_name = "example-gcp.com"
     target_dns_ip_addresses = ["10.1.0.100"]
     trust_direction         = "OUTBOUND"
     trust_type              = "FOREST"
     trust_handshake_secret  = "Testing1!"
 }
 ```

 ## Argument Reference

 The following arguments are supported:


 * `target_domain_name` -
   (Required)
   The fully qualified target domain name which will be in trust with the current domain.

 * `trust_type` -
   (Required)
   The type of trust represented by the trust resource.
   Possible values are: `FOREST`, `EXTERNAL`.

 * `trust_direction` -
   (Required)
   The trust direction, which decides if the current domain is trusted, trusting, or both.
   Possible values are: `INBOUND`, `OUTBOUND`, `BIDIRECTIONAL`.

 * `target_dns_ip_addresses` -
   (Required)
   The target DNS server IP addresses which can resolve the remote domain involved in the trust.

 * `trust_handshake_secret` -
   (Required)
   The trust secret used for the handshake with the target domain. This will not be stored.
   **Note**: This property is sensitive and will not be displayed in the plan.

 * `domain` -
   (Required)
   The fully qualified domain name. e.g. mydomain.myorganization.com, with the restrictions,
   https://cloud.google.com/managed-microsoft-ad/reference/rest/v1/projects.locations.global.domains.


 - - -


 * `selective_authentication` -
   (Optional)
   Whether the trusted side has forest/domain wide access or selective access to an approved set of resources.

 * `project` - (Optional) The ID of the project in which the resource belongs.
     If it is not provided, the provider project is used.


 ## Attributes Reference

 In addition to the arguments listed above, the following computed attributes are exported:

 * `id` - an identifier for the resource with format `projects/{{project}}/locations/global/domains/{{domain}}/{{target_domain_name}}`


 ## Timeouts

 This resource provides the following
 [Timeouts](https://developer.hashicorp.com/terraform/plugin/sdkv2/resources/retries-and-customizable-timeouts) configuration options:

 - `create` - Default is 20 minutes.
 - `update` - Default is 20 minutes.
 - `delete` - Default is 20 minutes.

 ## Import


 DomainTrust can be imported using any of these accepted formats:

 * `projects/{{project}}/locations/global/domains/{{domain}}/{{target_domain_name}}`
 * `{{project}}/{{domain}}/{{target_domain_name}}`
 * `{{domain}}/{{target_domain_name}}`


 In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import DomainTrust using one of the formats above. For example:

 ```tf
 import {
   id = "projects/{{project}}/locations/global/domains/{{domain}}/{{target_domain_name}}"
   to = google_active_directory_domain_trust.default
 }
 ```

 When using the [`terraform import` command](https://developer.hashicorp.com/terraform/cli/commands/import), DomainTrust can be imported using one of the formats above. For example:

 ```
 $ terraform import google_active_directory_domain_trust.default projects/{{project}}/locations/global/domains/{{domain}}/{{target_domain_name}}
 $ terraform import google_active_directory_domain_trust.default {{project}}/{{domain}}/{{target_domain_name}}
 $ terraform import google_active_directory_domain_trust.default {{domain}}/{{target_domain_name}}
 ```

 ## User Project Overrides

 This resource supports [User Project Overrides](https://registry.terraform.io/providers/hashicorp/google/latest/docs/guides/provider_reference#user_project_override).
	---
	# ----------------------------------------------------------------------------
	#
	# * AUTO GENERATED CODE * Type: MMv1 ***
	#
	# ----------------------------------------------------------------------------
	#
	# This file is automatically generated by Magic Modules and manual
	# changes will be clobbered when the file is regenerated.
	#
	# Please read more about how to change this file in
	# .github/CONTRIBUTING.md.
	#
	# ----------------------------------------------------------------------------
	subcategory: "Managed Microsoft Active Directory"
	description: \|-
	Adds a trust between Active Directory domains
	---

	# google\_active\_directory\_domain\_trust

	Adds a trust between Active Directory domains


	To get more information about DomainTrust, see:

	* [API documentation](https://cloud.google.com/managed-microsoft-ad/reference/rest/v1/projects.locations.global.domains/attachTrust)
	* How-to Guides
	* [Active Directory Trust](https://cloud.google.com/managed-microsoft-ad/docs/create-one-way-trust)

	~> Warning: All arguments including the following potentially sensitive
	values will be stored in the raw state as plain text: `trust_handshake_secret`.
	[Read more about sensitive data in state](https://www.terraform.io/language/state/sensitive-data).

	## Example Usage - Active Directory Domain Trust Basic


	```hcl
	resource "google_active_directory_domain_trust" "ad-domain-trust" {
	domain = "test-managed-ad.com"
	target_domain_name = "example-gcp.com"
	target_dns_ip_addresses = ["10.1.0.100"]
	trust_direction = "OUTBOUND"
	trust_type = "FOREST"
	trust_handshake_secret = "Testing1!"
	}
	```

	## Argument Reference

	The following arguments are supported:


	* `target_domain_name` -
	(Required)
	The fully qualified target domain name which will be in trust with the current domain.

	* `trust_type` -
	(Required)
	The type of trust represented by the trust resource.
	Possible values are: `FOREST`, `EXTERNAL`.

	* `trust_direction` -
	(Required)
	The trust direction, which decides if the current domain is trusted, trusting, or both.
	Possible values are: `INBOUND`, `OUTBOUND`, `BIDIRECTIONAL`.

	* `target_dns_ip_addresses` -
	(Required)
	The target DNS server IP addresses which can resolve the remote domain involved in the trust.

	* `trust_handshake_secret` -
	(Required)
	The trust secret used for the handshake with the target domain. This will not be stored.
	Note: This property is sensitive and will not be displayed in the plan.

	* `domain` -
	(Required)
	The fully qualified domain name. e.g. mydomain.myorganization.com, with the restrictions,
	https://cloud.google.com/managed-microsoft-ad/reference/rest/v1/projects.locations.global.domains.


	- - -


	* `selective_authentication` -
	(Optional)
	Whether the trusted side has forest/domain wide access or selective access to an approved set of resources.

	* `project` - (Optional) The ID of the project in which the resource belongs.
	If it is not provided, the provider project is used.


	## Attributes Reference

	In addition to the arguments listed above, the following computed attributes are exported:

	* `id` - an identifier for the resource with format `projects/{{project}}/locations/global/domains/{{domain}}/{{target_domain_name}}`


	## Timeouts

	This resource provides the following
	[Timeouts](https://developer.hashicorp.com/terraform/plugin/sdkv2/resources/retries-and-customizable-timeouts) configuration options:

	- `create` - Default is 20 minutes.
	- `update` - Default is 20 minutes.
	- `delete` - Default is 20 minutes.

	## Import


	DomainTrust can be imported using any of these accepted formats:

	* `projects/{{project}}/locations/global/domains/{{domain}}/{{target_domain_name}}`
	* `{{project}}/{{domain}}/{{target_domain_name}}`
	* `{{domain}}/{{target_domain_name}}`


	In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import DomainTrust using one of the formats above. For example:

	```tf
	import {
	id = "projects/{{project}}/locations/global/domains/{{domain}}/{{target_domain_name}}"
	to = google_active_directory_domain_trust.default
	}
	```

	When using the [`terraform import` command](https://developer.hashicorp.com/terraform/cli/commands/import), DomainTrust can be imported using one of the formats above. For example:

	```
	$ terraform import google_active_directory_domain_trust.default projects/{{project}}/locations/global/domains/{{domain}}/{{target_domain_name}}
	$ terraform import google_active_directory_domain_trust.default {{project}}/{{domain}}/{{target_domain_name}}
	$ terraform import google_active_directory_domain_trust.default {{domain}}/{{target_domain_name}}
	```

	## User Project Overrides

	This resource supports [User Project Overrides](https://registry.terraform.io/providers/hashicorp/google/latest/docs/guides/provider_reference#user_project_override).