NAME
    gcloud alpha agent-identity connectors create - create connectors

SYNOPSIS
    gcloud alpha agent-identity connectors create
        (CONNECTOR : --location=LOCATION)
        (--api-key=API_KEY
          | --three-legged-oauth-authorization-url=THREE_LEGGED_OAUTH_AUTHORIZATION_URL --three-legged-oauth-client-id=THREE_LEGGED_OAUTH_CLIENT_ID --three-legged-oauth-client-secret=THREE_LEGGED_OAUTH_CLIENT_SECRET --three-legged-oauth-token-url=THREE_LEGGED_OAUTH_TOKEN_URL | --two-legged-oauth-client-id=TWO_LEGGED_OAUTH_CLIENT_ID --two-legged-oauth-client-secret=TWO_LEGGED_OAUTH_CLIENT_SECRET --two-legged-oauth-token-endpoint=TWO_LEGGED_OAUTH_TOKEN_ENDPOINT)
        [--allowed-scopes=[ALLOWED_SCOPES,...]]
        [--blocked-scopes=[BLOCKED_SCOPES,...]] [--description=DESCRIPTION]
        [--labels=[LABELS,...]] [--request-id=REQUEST_ID] [--state=STATE]
        [--workload-ids=[WORKLOAD_IDS,...]] [GCLOUD_WIDE_FLAG ...]

DESCRIPTION
    (ALPHA) Create a connector

EXAMPLES
    To create the connector, run:

        $ gcloud alpha agent-identity connectors create

POSITIONAL ARGUMENTS
     Connector resource - Identifier. The full resource name of the connector.
     Format: projects/{project}/locations/{location}/connectors/{connector} The
     arguments in this group can be used to specify the attributes of this
     resource. (NOTE) Some attributes are not given arguments in this group but
     can be set in other ways.

     To set the project attribute:
      ◆ provide the argument connector on the command line with a fully
        specified name;
      ◆ provide the argument --project on the command line;
      ◆ set the property core/project.

     This must be specified.

       CONNECTOR
          ID of the connector or fully qualified identifier for the connector.

          To set the connector attribute:
          ▸ provide the argument connector on the command line.

          This positional argument must be specified if any of the other
          arguments in this group are specified.

       --location=LOCATION
          The location id of the connector resource.

          To set the location attribute:
          ▸ provide the argument connector on the command line with a fully
            specified name;
          ▸ provide the argument --location on the command line.

REQUIRED FLAGS
     Connector type specific parameters. Required when creating a connector.

     This must be specified.

       Arguments for the type.

       At most one of these can be specified:

         Message describing ApiKeyParams object.

         --api-key=API_KEY
            The API key for this connector.

         Message describing ThreeLeggedOAuth object.

         --three-legged-oauth-authorization-url=THREE_LEGGED_OAUTH_AUTHORIZATION_URL
            The authorization endpoint to send users to for consenting to
            delegate to the agent. eg. "https://auth.atlassian.com/authorize"

         --three-legged-oauth-client-id=THREE_LEGGED_OAUTH_CLIENT_ID
            The client ID of the OAuth client.

         --three-legged-oauth-client-secret=THREE_LEGGED_OAUTH_CLIENT_SECRET
            The client secret of the OAuth client.

         --three-legged-oauth-token-url=THREE_LEGGED_OAUTH_TOKEN_URL
            The token endpoint for requesting tokens on behalf of an end user.
            eg. "https://auth.atlassian.com/oauth/token"

         Message describing TwoLeggedOAuth object.

         --two-legged-oauth-client-id=TWO_LEGGED_OAUTH_CLIENT_ID
            The client ID of the OAuth client.

         --two-legged-oauth-client-secret=TWO_LEGGED_OAUTH_CLIENT_SECRET
            The client secret of the OAuth client.

         --two-legged-oauth-token-endpoint=TWO_LEGGED_OAUTH_TOKEN_ENDPOINT
            The token endpoint of the OAuth client.

OPTIONAL FLAGS
     --allowed-scopes=[ALLOWED_SCOPES,...]
        List of scopes that are allowed to be requested for this connector. If
        this list is non-empty, only scopes within this list may be requested.
        If this list is empty, all scopes may be requested. Scopes appearing in
        blocked_scopes are disallowed even if they appear in allowed_scopes.
        The number of allowed scopes is limited to 200. Scopes must be
        comma-separated.

     --blocked-scopes=[BLOCKED_SCOPES,...]
        List of scopes that are blocked from being requested for this
        connector. If a scope appears in this list, it may not be requested,
        even if it also appears in allowed_scopes. blocked_scopes takes
        precedence over allowed_scopes. The number of blocked scopes is limited
        to 200. Scopes must be comma-separated.

     --description=DESCRIPTION
        Description of the resource. Must be less than 256 characters.

     --labels=[LABELS,...]
        Labels as key value pairs.

         KEY
            Keys must start with a lowercase character and contain only hyphens
            (-), underscores (_), lowercase characters, and numbers.

         VALUE
            Values must contain only hyphens (-), underscores (_), lowercase
            characters, and numbers.

        Shorthand Example:

            --labels=string=string

        JSON Example:

            --labels='{"string": "string"}'

        File Example:

            --labels=path_to_file.(yaml|json)

     --request-id=REQUEST_ID
        An optional request ID to identify requests. Specify a unique request
        ID so that if you must retry your request, the server will know to
        ignore the request if it has already been completed. The server will
        guarantee that for at least 60 minutes since the first request.

        For example, consider a situation where you make an initial request and
        the request times out. If you make the request again with the same
        request ID, the server can check if original operation with the same
        request ID was received, and if so, will ignore the second request.
        This prevents clients from accidentally creating duplicate commitments.

        The request ID must be a valid UUID with the exception that zero UUID
        is not supported (00000000-0000-0000-0000-000000000000).

     --state=STATE
        The state of the connector. STATE must be one of:

         disabled
            Disabled and cannot be used.
         enabled
            Enabled and can be used.

     --workload-ids=[WORKLOAD_IDS,...]
        Workload identity (SPIFFE ID) of the agent.

GCLOUD WIDE FLAGS
    These flags are available to all commands: --access-token-file, --account,
    --billing-project, --configuration, --flags-file, --flatten, --format,
    --help, --impersonate-service-account, --log-http, --project, --quiet,
    --trace-token, --user-output-enabled, --verbosity.

    Run $ gcloud help for details.

API REFERENCE
    This command uses the iamconnectors/v1alpha API. The full documentation for
    this API can be found at: https://cloud.google.com/iam/docs/

NOTES
    This command is currently in alpha and might change without notice. If this
    command fails with API permission errors despite specifying the correct
    project, you might be trying to access an API with an invitation-only early
    access allowlist.

