ManagedIdentitiesServiceClient

ManagedIdentitiesServiceClient

API Overview

The managedidentites.googleapis.com service implements the Google Cloud Managed Identites API for identity services (e.g. Microsoft Active Directory).

The Managed Identities service provides methods to manage (create/read/update/delete) domains, reset managed identities admin password, add/remove domain controllers in GCP regions and add/remove VPC peering.

Data Model

The Managed Identities service exposes the following resources:

  • Locations as global, named as follows: projects/{project_id}/locations/global.

  • Domains, named as follows: /projects/{project_id}/locations/global/domain/{domain_name}.

The {domain_name} refers to fully qualified domain name in the customer project e.g. mydomain.myorganization.com, with the following restrictions:

  • Must contain only lowercase letters, numbers, periods and hyphens.
  • Must start with a letter.
  • Must contain between 2-64 characters.
  • Must end with a number or a letter.
  • Must not start with period.
  • First segement length (mydomain form example above) shouldn't exceed 15 chars.
  • The last segment cannot be fully numeric.
  • Must be unique within the customer project.

Constructor

new ManagedIdentitiesServiceClient(optionsopt, gaxInstanceopt)

Construct an instance of ManagedIdentitiesServiceClient.

Parameters:
Name Type Attributes Description
options object <optional>

The configuration object. The options accepted by the constructor are described in detail in this document. The common options are:

Properties
Name Type Attributes Description
credentials object <optional>

Credentials object.

Properties
Name Type Attributes Description
client_email string <optional>
private_key string <optional>
email string <optional>

Account email address. Required when using a .pem or .p12 keyFilename.
keyFilename string <optional>

Full path to the a .json, .pem, or .p12 key downloaded from the Google Developers Console. If you provide a path to a JSON file, the projectId option below is not necessary. NOTE: .pem and .p12 require you to specify options.email as well.
port number <optional>

The port on which to connect to the remote host.
projectId string <optional>

The project ID from the Google Developer's Console, e.g. 'grape-spaceship-123'. We will also check the environment variable GCLOUD_PROJECT for your project ID. If your app is running in an environment which supports Application Default Credentials, your project ID will be detected automatically.
apiEndpoint string <optional>

The domain name of the API remote host.
clientConfig gax.ClientConfig <optional>

Client configuration override. Follows the structure of gapicConfig.
fallback boolean | "rest" <optional>

Use HTTP fallback mode. Pass "rest" to use HTTP/1.1 REST API instead of gRPC. For more information, please check the documentation.
gaxInstance gax <optional>

loaded instance of google-gax. Useful if you need to avoid loading the default gRPC version and want to use the fallback HTTP implementation. Load only fallback version and pass it to the constructor: const gax = require('google-gax/build/src/fallback'); // avoids loading google-gax with gRPC const client = new ManagedIdentitiesServiceClient({fallback: 'rest'}, gax);

Members

apiEndpoint

The DNS address for this API service - same as servicePath(), exists for compatibility reasons.

port

The port for this API service.

scopes

The scopes needed to make gRPC calls for every method defined in this service.

servicePath

The DNS address for this API service.

Methods

(async) checkAttachTrustProgress(name) → {Promise}

Check the status of the long running operation returned by attachTrust().

Parameters:
Name Type Description
name String

The operation name that will be passed.
Returns:
Type Description
Promise
  • The promise which resolves to an object. The decoded operation object has result and metadata field to get information from. Please see the documentation for more details and examples.
Example
  /**
   * This snippet has been automatically generated and should be regarded as a code template only.
   * It will require modifications to work.
   * It may require correct/in-range values for request initialization.
   * TODO(developer): Uncomment these variables before running the sample.
   */
  /**
   *  Required. The resource domain name, project name and location using the form:
   *  `projects/{project_id}/locations/global/domains/{domain_name}`
   */
  // const name = 'abc123'
  /**
   *  Required. The domain trust resource.
   */
  // const trust = {}

  // Imports the Managedidentities library
  const {ManagedIdentitiesServiceClient} = require('@google-cloud/managed-identities').v1;

  // Instantiates a client
  const managedidentitiesClient = new ManagedIdentitiesServiceClient();

  async function callAttachTrust() {
    // Construct request
    const request = {
      name,
      trust,
    };

    // Run request
    const [operation] = await managedidentitiesClient.attachTrust(request);
    const [response] = await operation.promise();
    console.log(response);
  }

  callAttachTrust();

(async) checkCreateMicrosoftAdDomainProgress(name) → {Promise}

Check the status of the long running operation returned by createMicrosoftAdDomain().

Parameters:
Name Type Description
name String

The operation name that will be passed.
Returns:
Type Description
Promise
  • The promise which resolves to an object. The decoded operation object has result and metadata field to get information from. Please see the documentation for more details and examples.
Example
  /**
   * This snippet has been automatically generated and should be regarded as a code template only.
   * It will require modifications to work.
   * It may require correct/in-range values for request initialization.
   * TODO(developer): Uncomment these variables before running the sample.
   */
  /**
   *  Required. The resource project name and location using the form:
   *  `projects/{project_id}/locations/global`
   */
  // const parent = 'abc123'
  /**
   *  Required. The fully qualified domain name.
   *  e.g. mydomain.myorganization.com, with the following restrictions:
   *   * Must contain only lowercase letters, numbers, periods and hyphens.
   *   * Must start with a letter.
   *   * Must contain between 2-64 characters.
   *   * Must end with a number or a letter.
   *   * Must not start with period.
   *   * First segement length (mydomain form example above) shouldn't exceed
   *     15 chars.
   *   * The last segment cannot be fully numeric.
   *   * Must be unique within the customer project.
   */
  // const domainName = 'abc123'
  /**
   *  Required. A Managed Identity domain resource.
   */
  // const domain = {}

  // Imports the Managedidentities library
  const {ManagedIdentitiesServiceClient} = require('@google-cloud/managed-identities').v1;

  // Instantiates a client
  const managedidentitiesClient = new ManagedIdentitiesServiceClient();

  async function callCreateMicrosoftAdDomain() {
    // Construct request
    const request = {
      parent,
      domainName,
      domain,
    };

    // Run request
    const [operation] = await managedidentitiesClient.createMicrosoftAdDomain(request);
    const [response] = await operation.promise();
    console.log(response);
  }

  callCreateMicrosoftAdDomain();

(async) checkDeleteDomainProgress(name) → {Promise}

Check the status of the long running operation returned by deleteDomain().

Parameters:
Name Type Description
name String

The operation name that will be passed.
Returns:
Type Description
Promise
  • The promise which resolves to an object. The decoded operation object has result and metadata field to get information from. Please see the documentation for more details and examples.
Example
  /**
   * This snippet has been automatically generated and should be regarded as a code template only.
   * It will require modifications to work.
   * It may require correct/in-range values for request initialization.
   * TODO(developer): Uncomment these variables before running the sample.
   */
  /**
   *  Required. The domain resource name using the form:
   *  `projects/{project_id}/locations/global/domains/{domain_name}`
   */
  // const name = 'abc123'

  // Imports the Managedidentities library
  const {ManagedIdentitiesServiceClient} = require('@google-cloud/managed-identities').v1;

  // Instantiates a client
  const managedidentitiesClient = new ManagedIdentitiesServiceClient();

  async function callDeleteDomain() {
    // Construct request
    const request = {
      name,
    };

    // Run request
    const [operation] = await managedidentitiesClient.deleteDomain(request);
    const [response] = await operation.promise();
    console.log(response);
  }

  callDeleteDomain();

(async) checkDetachTrustProgress(name) → {Promise}

Check the status of the long running operation returned by detachTrust().

Parameters:
Name Type Description
name String

The operation name that will be passed.
Returns:
Type Description
Promise
  • The promise which resolves to an object. The decoded operation object has result and metadata field to get information from. Please see the documentation for more details and examples.
Example
  /**
   * This snippet has been automatically generated and should be regarded as a code template only.
   * It will require modifications to work.
   * It may require correct/in-range values for request initialization.
   * TODO(developer): Uncomment these variables before running the sample.
   */
  /**
   *  Required. The resource domain name, project name, and location using the form:
   *  `projects/{project_id}/locations/global/domains/{domain_name}`
   */
  // const name = 'abc123'
  /**
   *  Required. The domain trust resource to removed.
   */
  // const trust = {}

  // Imports the Managedidentities library
  const {ManagedIdentitiesServiceClient} = require('@google-cloud/managed-identities').v1;

  // Instantiates a client
  const managedidentitiesClient = new ManagedIdentitiesServiceClient();

  async function callDetachTrust() {
    // Construct request
    const request = {
      name,
      trust,
    };

    // Run request
    const [operation] = await managedidentitiesClient.detachTrust(request);
    const [response] = await operation.promise();
    console.log(response);
  }

  callDetachTrust();

(async) checkReconfigureTrustProgress(name) → {Promise}

Check the status of the long running operation returned by reconfigureTrust().

Parameters:
Name Type Description
name String

The operation name that will be passed.
Returns:
Type Description
Promise
  • The promise which resolves to an object. The decoded operation object has result and metadata field to get information from. Please see the documentation for more details and examples.
Example
  /**
   * This snippet has been automatically generated and should be regarded as a code template only.
   * It will require modifications to work.
   * It may require correct/in-range values for request initialization.
   * TODO(developer): Uncomment these variables before running the sample.
   */
  /**
   *  Required. The resource domain name, project name and location using the form:
   *  `projects/{project_id}/locations/global/domains/{domain_name}`
   */
  // const name = 'abc123'
  /**
   *  Required. The fully-qualified target domain name which will be in trust with current
   *  domain.
   */
  // const targetDomainName = 'abc123'
  /**
   *  Required. The target DNS server IP addresses to resolve the remote domain involved
   *  in the trust.
   */
  // const targetDnsIpAddresses = 'abc123'

  // Imports the Managedidentities library
  const {ManagedIdentitiesServiceClient} = require('@google-cloud/managed-identities').v1;

  // Instantiates a client
  const managedidentitiesClient = new ManagedIdentitiesServiceClient();

  async function callReconfigureTrust() {
    // Construct request
    const request = {
      name,
      targetDomainName,
      targetDnsIpAddresses,
    };

    // Run request
    const [operation] = await managedidentitiesClient.reconfigureTrust(request);
    const [response] = await operation.promise();
    console.log(response);
  }

  callReconfigureTrust();

(async) checkUpdateDomainProgress(name) → {Promise}

Check the status of the long running operation returned by updateDomain().

Parameters:
Name Type Description
name String

The operation name that will be passed.
Returns:
Type Description
Promise
  • The promise which resolves to an object. The decoded operation object has result and metadata field to get information from. Please see the documentation for more details and examples.
Example
  /**
   * This snippet has been automatically generated and should be regarded as a code template only.
   * It will require modifications to work.
   * It may require correct/in-range values for request initialization.
   * TODO(developer): Uncomment these variables before running the sample.
   */
  /**
   *  Required. Mask of fields to update. At least one path must be supplied in this
   *  field. The elements of the repeated paths field may only include
   *  fields from Domain google.cloud.managedidentities.v1.Domain:
   *   * `labels`
   *   * `locations`
   *   * `authorized_networks`
   */
  // const updateMask = {}
  /**
   *  Required. Domain message with updated fields. Only supported fields specified in
   *  update_mask are updated.
   */
  // const domain = {}

  // Imports the Managedidentities library
  const {ManagedIdentitiesServiceClient} = require('@google-cloud/managed-identities').v1;

  // Instantiates a client
  const managedidentitiesClient = new ManagedIdentitiesServiceClient();

  async function callUpdateDomain() {
    // Construct request
    const request = {
      updateMask,
      domain,
    };

    // Run request
    const [operation] = await managedidentitiesClient.updateDomain(request);
    const [response] = await operation.promise();
    console.log(response);
  }

  callUpdateDomain();

(async) checkValidateTrustProgress(name) → {Promise}

Check the status of the long running operation returned by validateTrust().

Parameters:
Name Type Description
name String

The operation name that will be passed.
Returns:
Type Description
Promise
  • The promise which resolves to an object. The decoded operation object has result and metadata field to get information from. Please see the documentation for more details and examples.
Example
  /**
   * This snippet has been automatically generated and should be regarded as a code template only.
   * It will require modifications to work.
   * It may require correct/in-range values for request initialization.
   * TODO(developer): Uncomment these variables before running the sample.
   */
  /**
   *  Required. The resource domain name, project name, and location using the form:
   *  `projects/{project_id}/locations/global/domains/{domain_name}`
   */
  // const name = 'abc123'
  /**
   *  Required. The domain trust to validate trust state for.
   */
  // const trust = {}

  // Imports the Managedidentities library
  const {ManagedIdentitiesServiceClient} = require('@google-cloud/managed-identities').v1;

  // Instantiates a client
  const managedidentitiesClient = new ManagedIdentitiesServiceClient();

  async function callValidateTrust() {
    // Construct request
    const request = {
      name,
      trust,
    };

    // Run request
    const [operation] = await managedidentitiesClient.validateTrust(request);
    const [response] = await operation.promise();
    console.log(response);
  }

  callValidateTrust();

close() → {Promise}

Terminate the gRPC channel and close the client.

The client will no longer be usable and all future behavior is undefined.

Returns:
Type Description
Promise

A promise that resolves when the client is closed.

domainPath(project, location, domain) → {string}

Return a fully-qualified domain resource name string.

Parameters:
Name Type Description
project string
location string
domain string
Returns:
Type Description
string

Resource name string.

getProjectId() → {Promise}

Return the project ID used by this class.

Returns:
Type Description
Promise

A promise that resolves to string containing the project ID.

initialize() → {Promise}

Initialize the client. Performs asynchronous operations (such as authentication) and prepares the client. This function will be called automatically when any class method is called for the first time, but if you need to initialize it before calling an actual method, feel free to call initialize() directly.

You can await on this method if you want to make sure the client is initialized.

Returns:
Type Description
Promise

A promise that resolves to an authenticated service stub.

listDomainsAsync(request, optionsopt) → {Object}

Equivalent to listDomains, but returns an iterable object.

for-await-of syntax is used with the iterable to get response elements on-demand.

Parameters:
Name Type Attributes Description
request Object

The request object that will be sent.

Properties
Name Type Attributes Description
parent string

Required. The resource name of the domain location using the form: projects/{project_id}/locations/global
pageSize number <optional>

Optional. The maximum number of items to return. If not specified, a default value of 1000 will be used. Regardless of the page_size value, the response may include a partial list. Callers should rely on a response's next_page_token to determine if there are additional results to list.
pageToken string <optional>

Optional. The next_page_token value returned from a previous ListDomainsRequest request, if any.
filter string <optional>

Optional. A filter specifying constraints of a list operation. For example, Domain.fqdn="mydomain.myorginization".
orderBy string <optional>

Optional. Specifies the ordering of results. See Sorting order for more information.
options object <optional>

Call options. See CallOptions for more details.
Returns:
Type Description
Object

An iterable Object that allows async iteration. When you iterate the returned iterable, each element will be an object representing Domain. The API will be called under the hood as needed, once per the page, so you can stop the iteration when you don't need more results. Please see the documentation for more details and examples.
Example
  /**
   * This snippet has been automatically generated and should be regarded as a code template only.
   * It will require modifications to work.
   * It may require correct/in-range values for request initialization.
   * TODO(developer): Uncomment these variables before running the sample.
   */
  /**
   *  Required. The resource name of the domain location using the form:
   *  `projects/{project_id}/locations/global`
   */
  // const parent = 'abc123'
  /**
   *  Optional. The maximum number of items to return.
   *  If not specified, a default value of 1000 will be used.
   *  Regardless of the page_size value, the response may include a partial list.
   *  Callers should rely on a response's
   *  next_page_token google.cloud.managedidentities.v1.ListDomainsResponse.next_page_token 
   *  to determine if there are additional results to list.
   */
  // const pageSize = 1234
  /**
   *  Optional. The `next_page_token` value returned from a previous ListDomainsRequest
   *  request, if any.
   */
  // const pageToken = 'abc123'
  /**
   *  Optional. A filter specifying constraints of a list operation.
   *  For example, `Domain.fqdn="mydomain.myorginization"`.
   */
  // const filter = 'abc123'
  /**
   *  Optional. Specifies the ordering of results. See
   *  Sorting
   *  order (https://cloud.google.com/apis/design/design_patterns#sorting_order)
   *  for more information.
   */
  // const orderBy = 'abc123'

  // Imports the Managedidentities library
  const {ManagedIdentitiesServiceClient} = require('@google-cloud/managed-identities').v1;

  // Instantiates a client
  const managedidentitiesClient = new ManagedIdentitiesServiceClient();

  async function callListDomains() {
    // Construct request
    const request = {
      parent,
    };

    // Run request
    const iterable = await managedidentitiesClient.listDomainsAsync(request);
    for await (const response of iterable) {
        console.log(response);
    }
  }

  callListDomains();

listDomainsStream(request, optionsopt) → {Stream}

Equivalent to method.name.toCamelCase(), but returns a NodeJS Stream object.

Parameters:
Name Type Attributes Description
request Object

The request object that will be sent.

Properties
Name Type Attributes Description
parent string

Required. The resource name of the domain location using the form: projects/{project_id}/locations/global
pageSize number <optional>

Optional. The maximum number of items to return. If not specified, a default value of 1000 will be used. Regardless of the page_size value, the response may include a partial list. Callers should rely on a response's next_page_token to determine if there are additional results to list.
pageToken string <optional>

Optional. The next_page_token value returned from a previous ListDomainsRequest request, if any.
filter string <optional>

Optional. A filter specifying constraints of a list operation. For example, Domain.fqdn="mydomain.myorginization".
orderBy string <optional>

Optional. Specifies the ordering of results. See Sorting order for more information.
options object <optional>

Call options. See CallOptions for more details.
Returns:
Type Description
Stream

An object stream which emits an object representing Domain on 'data' event. The client library will perform auto-pagination by default: it will call the API as many times as needed. Note that it can affect your quota. We recommend using listDomainsAsync() method described below for async iteration which you can stop as needed. Please see the documentation for more details and examples.

locationPath(project, location) → {string}

Return a fully-qualified location resource name string.

Parameters:
Name Type Description
project string
location string
Returns:
Type Description
string

Resource name string.

matchDomainFromDomainName(domainName) → {string}

Parse the domain from Domain resource.

Parameters:
Name Type Description
domainName string

A fully-qualified path representing Domain resource.
Returns:
Type Description
string

A string representing the domain.

matchLocationFromDomainName(domainName) → {string}

Parse the location from Domain resource.

Parameters:
Name Type Description
domainName string

A fully-qualified path representing Domain resource.
Returns:
Type Description
string

A string representing the location.

matchLocationFromLocationName(locationName) → {string}

Parse the location from Location resource.

Parameters:
Name Type Description
locationName string

A fully-qualified path representing Location resource.
Returns:
Type Description
string

A string representing the location.

matchProjectFromDomainName(domainName) → {string}

Parse the project from Domain resource.

Parameters:
Name Type Description
domainName string

A fully-qualified path representing Domain resource.
Returns:
Type Description
string

A string representing the project.

matchProjectFromLocationName(locationName) → {string}

Parse the project from Location resource.

Parameters:
Name Type Description
locationName string

A fully-qualified path representing Location resource.
Returns:
Type Description
string

A string representing the project.

matchProjectFromProjectName(projectName) → {string}

Parse the project from Project resource.

Parameters:
Name Type Description
projectName string

A fully-qualified path representing Project resource.
Returns:
Type Description
string

A string representing the project.

projectPath(project) → {string}

Return a fully-qualified project resource name string.

Parameters:
Name Type Description
project string
Returns:
Type Description
string

Resource name string.