Adding and removing regions

Managed Service for Microsoft Active Directory supports multiple regions. Combined with the multi-regional nature of Virtual Private Clouds, you can quickly scale your Active Directory infrastructure across Google Cloud.

Regions

The following regions are currently supported:

  • asia-east1
  • asia-east2
  • asia-northeast1
  • asia-northeast2
  • asia-south1
  • asia-southeast1
  • australia-southeast1
  • europe-north1
  • europe-west1
  • europe-west2
  • europe-west3
  • europe-west4
  • europe-west6
  • northamerica-northeast1
  • southamerica-east1
  • us-central1
  • us-east1
  • us-east4
  • us-west1
  • us-west2

Adding a region

Managed Service for Microsoft Active Directory uses a single Active Directory site. The site is not constrained to a specific VPC subnet; it spans all regions and subnets of your VPC. For example, if your domain controllers are located in us-west1, but your VPC spans us-west1, us-east1, and us-central1, the domain will be available in all 3 regions, not only us-west1.

However, to increase availability, you may choose to deploy domain controllers to additional regions. Up to 4 regions are supported for each domain.

You can only add domain controllers to the following regions. Note that doesn't affect the general availability of your Managed Microsoft AD domain, which is available in all regions where your VPC has a presence.

To add domain controllers to an additional region, follow the steps below.

Console

  1. Open the Managed Microsoft AD page in the Cloud Console.
    Open the Managed Microsoft AD page

  2. Select the domain to add a region to, then click Edit.

  3. Click Add Region and choose the region to add from the menu.

  4. Select Save Changes.

gcloud

To add a region, run the following command, replacing [DOMAIN-NAME] with the name of your domain (such as ad.mycompany.com) and [REGION] with the region to add (for example, us-west1).

gcloud active-directory domains update [DOMAIN-NAME] \
  --add-region=[REGION]

You can only add a single region at a time.

Removing a region

As your needs evolve, you can easily retire domain controllers from region. All data is replicated, so removing a region will not result in data loss.

Console

  1. Open the Managed Microsoft AD page in the Cloud Console.
    Open the Managed Microsoft AD page

  2. Select the domain to remove a region from, then click Edit.

  3. Under the Regions section, click the Delete icon next to the region to remove.

  4. Select Save Changes.

gcloud

To remove a region, run the following command, replacing [DOMAIN-NAME] with the name of your domain (such as ad.mycompany.com) and [REGION] with the region to remove (for example, us-west1).

gcloud active-directory domains update [DOMAIN-NAME] \
  --remove-region=[REGION]

You can only remove a single region at a time, and there must always be at least 1 region associated with a domain.