NAME
    gcloud alpha network-security firewall-endpoints create - create a Firewall
        Plus endpoint

SYNOPSIS
    gcloud alpha network-security firewall-endpoints create
        (FIREWALL_ENDPOINT : --organization=ORGANIZATION --zone=ZONE) [--async]
        [--billing-project=BILLING_PROJECT] [--block-partial-http]
        [--content-cloud-region=CONTENT_CLOUD_REGION]
        [--description=DESCRIPTION] [--enable-jumbo-frames] [--enable-wildfire]
        [--enable-wildfire-analysis-logging] [--labels=[KEY=VALUE,...]]
        [--max-wait=MAX_WAIT; default="60m"]
        [--target-firewall-attachment=TARGET_FIREWALL_ATTACHMENT]
        [--wildfire-analysis-action=WILDFIRE_ANALYSIS_ACTION]
        [--wildfire-analysis-timeout=WILDFIRE_ANALYSIS_TIMEOUT]
        [--wildfire-lookup-action=WILDFIRE_LOOKUP_ACTION]
        [--wildfire-lookup-timeout=WILDFIRE_LOOKUP_TIMEOUT]
        [--wildfire-region=WILDFIRE_REGION] [GCLOUD_WIDE_FLAG ...]

DESCRIPTION
    (ALPHA) Create a firewall endpoint. Successful creation of an endpoint
    results in an endpoint in READY state. Check the progress of endpoint
    creation by using gcloud network-security firewall-endpoints list.

    For more examples, refer to the EXAMPLES section below.

EXAMPLES
    To create a firewall endpoint called my-endpoint, in zone us-central1-a and
    organization ID 1234, run:

        $ gcloud alpha network-security firewall-endpoints create \
            my-endpoint --zone=us-central1-a --organization=1234

POSITIONAL ARGUMENTS
     Firewall endpoint resource - Firewall Plus. The arguments in this group
     can be used to specify the attributes of this resource. (NOTE) Some
     attributes are not given arguments in this group but can be set in other
     ways.

     To set the project attribute:
      ◆ provide the argument FIREWALL_ENDPOINT on the command line with a
        fully specified name;
      ◆ set the property core/project. This resource can be one of the
        following types:
        [networksecurity.organizations.locations.firewallEndpoints,
        networksecurity.projects.locations.firewallEndpoints].

     This must be specified.

       FIREWALL_ENDPOINT
          ID of the firewall endpoint or fully qualified identifier for the
          firewall endpoint.

          To set the endpoint-name attribute:
          ▸ provide the argument FIREWALL_ENDPOINT on the command line.

          This positional argument must be specified if any of the other
          arguments in this group are specified.

       --organization=ORGANIZATION
          Organization ID of the firewall endpoint.

          To set the organization attribute:
          ▸ provide the argument FIREWALL_ENDPOINT on the command line with a
            fully specified name;
          ▸ provide the argument --organization on the command line. Must be
            specified for resource of type
            [networksecurity.organizations.locations.firewallEndpoints].

       --zone=ZONE
          Zone of the firewall endpoint.

          To set the zone attribute:
          ▸ provide the argument FIREWALL_ENDPOINT on the command line with a
            fully specified name;
          ▸ provide the argument --zone on the command line.

FLAGS
     --async
        Return immediately, without waiting for the operation in progress to
        complete. The default is True. Enabled by default, use --no-async to
        disable.

     --billing-project=BILLING_PROJECT
        The Google Cloud project ID to use for API enablement check, quota, and
        endpoint uptime billing. Overrides the default billing/quota_project
        property value for this command invocation.

     --block-partial-http
        Whether the endpoint will block HTTP partial responses. Defaults to
        false.

     --content-cloud-region=CONTENT_CLOUD_REGION
        The content cloud region the endpoint will use. Defaults to the nearest
        available region.

     --description=DESCRIPTION
        Description of the endpoint

     --enable-jumbo-frames
        Enable jumbo frames for the firewall endpoint. To disable jumbo frames,
        use --no-enable-jumbo-frames.

     --enable-wildfire
        If set to true, enable WildFire functionality on the endpoint. Use
        --enable-wildfire to enable. To disable, use --no-enable-wildfire.

     --enable-wildfire-analysis-logging
        Whether to disable WildFire submission log generation for files that
        timeout during WildFire inline cloud analysis. Defaults to false.

     --labels=[KEY=VALUE,...]
        List of label KEY=VALUE pairs to add.

        Keys must start with a lowercase character and contain only hyphens
        (-), underscores (_), lowercase characters, and numbers. Values must
        contain only hyphens (-), underscores (_), lowercase characters, and
        numbers.

     --max-wait=MAX_WAIT; default="60m"
        Time to synchronously wait for the operation to complete, after which
        the operation continues asynchronously. Ignored if --no-async isn't
        specified. See $ gcloud topic datetimes for information on time
        formats.

     --target-firewall-attachment=TARGET_FIREWALL_ATTACHMENT
        Target firewall attachment where third party endpoint forwards traffic.

     --wildfire-analysis-action=WILDFIRE_ANALYSIS_ACTION
        The action to take on WildFire inline cloud analysis timeout.
        WILDFIRE_ANALYSIS_ACTION must be one of: ALLOW, DENY.

     --wildfire-analysis-timeout=WILDFIRE_ANALYSIS_TIMEOUT
        The timeout (in milliseconds) on a file being held while WildFire
        inline cloud analysis is performed.

     --wildfire-lookup-action=WILDFIRE_LOOKUP_ACTION
        The action to take on WildFire real time signature lookup timeout.
        WILDFIRE_LOOKUP_ACTION must be one of: ALLOW, DENY.

     --wildfire-lookup-timeout=WILDFIRE_LOOKUP_TIMEOUT
        The timeout (in milliseconds) to hold a file while the WildFire real
        time signature cloud performs a signature lookup.

     --wildfire-region=WILDFIRE_REGION
        The region WildFire submissions from this endpoint will be sent to for
        analysis by WildFire. Defaults to the nearest available region.

GCLOUD WIDE FLAGS
    These flags are available to all commands: --access-token-file, --account,
    --billing-project, --configuration, --flags-file, --flatten, --format,
    --help, --impersonate-service-account, --log-http, --project, --quiet,
    --trace-token, --user-output-enabled, --verbosity.

    Run $ gcloud help for details.

NOTES
    This command is currently in alpha and might change without notice. If this
    command fails with API permission errors despite specifying the correct
    project, you might be trying to access an API with an invitation-only early
    access allowlist. These variants are also available:

        $ gcloud network-security firewall-endpoints create

        $ gcloud beta network-security firewall-endpoints create

