1
0
Fork 0
mirror of https://github.com/imjasonh/gcloud-help synced 2026-07-16 12:22:03 +00:00

gcloud: Thu Nov 9 11:45:52 UTC 2023

This commit is contained in:
Automated 2023-11-09 11:45:52 +00:00
parent f2c5d1d45f
commit 03f0979970
300 changed files with 8569 additions and 1319 deletions

View file

@ -150,6 +150,9 @@ GROUPS
shared-vpc
Configure shared VPC.
snapshot-settings
Describe and update Compute Engine snapshot settings.
snapshots
List, describe, and delete Compute Engine snapshots.

View file

@ -10,8 +10,11 @@ SYNOPSIS
[--internal-ipv6-prefix-length=INTERNAL_IPV6_PREFIX_LENGTH]
[--ipv6-network-tier=IPV6_NETWORK_TIER] [--network=NETWORK]
[--network-interface=NETWORK_INTERFACE; default="nic0"]
[--private-network-ip=PRIVATE_NETWORK_IP] [--stack-type=STACK_TYPE]
[--subnetwork=SUBNETWORK] [--zone=ZONE] [GCLOUD_WIDE_FLAG ...]
[--private-network-ip=PRIVATE_NETWORK_IP]
[--security-policy=SECURITY_POLICY]
[--security-policy-region=SECURITY_POLICY_REGION]
[--stack-type=STACK_TYPE] [--subnetwork=SUBNETWORK] [--zone=ZONE]
[GCLOUD_WIDE_FLAG ...]
DESCRIPTION
gcloud compute instances network-interfaces update updates network
@ -91,6 +94,15 @@ FLAGS
available in the new subnetwork, then another available IP address will
be allocated automatically from the new subnetwork CIDR range.
--security-policy=SECURITY_POLICY
The security policy that will be set for this instance network
interface. To remove the policy from this instance network interface
set the policy to an empty string.
--security-policy-region=SECURITY_POLICY_REGION
Region of the security policy to operate on. Overrides the default
compute/region property value for this command invocation.
--stack-type=STACK_TYPE
The stack type for the default network interface. Determines if IPv6 is
enabled on the default network interface. STACK_TYPE must be one of:

View file

@ -89,16 +89,22 @@ FLAGS
throughput.
--max-throughput=MAX_THROUGHPUT
Maximum throughput in Mbps. Value must be a multiple of 100 from
300 through 1000. Must be higher than the value specified by
--min-throughput; the set value, if applicable, or the default
minimum throughput value.
Maximum throughput of the connector in Mbps. Refers to the expected
throughput when using an e2-micro machine type. Value must be a
multiple of 100 from 300 through 1000. Must be higher than the
value specified by --min-throughput. If both max-throughput and
max-instances are provided, max-instances takes precedence over
max-throughput. The use of max-throughput is discouraged in favor
of max-instances.
--min-throughput=MIN_THROUGHPUT
Minimum throughput in Mbps. Value must be a multiple of 100 from
200 through 900. Must be lower than the value specified by
--max-throughput; the set value, if applicable, or the default
maximum throughput value.
Minimum throughput of the connector in Mbps. Refers to the expected
throughput when using an e2-micro machine type. Value must be a
multiple of 100 from 200 through 900. Must be lower than the value
specified by --max-throughput. If both min-throughput and
min-instances are provided, min-instances takes precedence over
min-throughput. The use of min-throughput is discouraged in favor
of min-instances.
At most one of these can be specified:

View file

@ -0,0 +1,64 @@
NAME
gcloud compute security-policies add-user-defined-field - add a user
defined field to a Compute Engine security policy
SYNOPSIS
gcloud compute security-policies add-user-defined-field NAME --base=BASE
--offset=OFFSET --size=SIZE
--user-defined-field-name=USER_DEFINED_FIELD_NAME [--mask=MASK]
[--region=REGION] [GCLOUD_WIDE_FLAG ...]
DESCRIPTION
gcloud compute security-policies add-user-defined-field is used to add user
defined fields to security policies.
EXAMPLES
To add a user defined field run this:
$ gcloud compute security-policies add-user-defined-field \
SECURITY_POLICY --user-defined-field-name=my-field --base=ipv6 \
--offset=10 --size=3
POSITIONAL ARGUMENTS
NAME
Name of the security policy to update.
REQUIRED FLAGS
--base=BASE
The base relative to which offset is measured. BASE must be one of:
ipv4, ipv6, tcp, udp.
--offset=OFFSET
Offset of the first byte of the field (in network byte order) relative
to base.
--size=SIZE
Size of the field in bytes. Valid values: 1-4.
--user-defined-field-name=USER_DEFINED_FIELD_NAME
The name for the user defined field.
OPTIONAL FLAGS
--mask=MASK
If specified, apply this mask (bitwise AND) to the field to ignore bits
before matching. Encoded as a hexadecimal number (starting with "0x").
--region=REGION
Region of the security policy to update. Overrides the default
compute/region property value for this command invocation.
GCLOUD WIDE FLAGS
These flags are available to all commands: --access-token-file, --account,
--billing-project, --configuration, --flags-file, --flatten, --format,
--help, --impersonate-service-account, --log-http, --project, --quiet,
--trace-token, --user-output-enabled, --verbosity.
Run $ gcloud help for details.
NOTES
These variants are also available:
$ gcloud alpha compute security-policies add-user-defined-field
$ gcloud beta compute security-policies add-user-defined-field

View file

@ -36,6 +36,9 @@ COMMANDS
Add a layer7 ddos defense threshold config to a Compute Engine security
policy.
add-user-defined-field
Add a user defined field to a Compute Engine security policy.
create
Create a Compute Engine security policy.
@ -61,6 +64,9 @@ COMMANDS
Remove a layer7 ddos defense threshold config from a Compute Engine
security policy.
remove-user-defined-field
Remove a user defined field from a Compute Engine security policy.
update
Update a Compute Engine security policy.

View file

@ -0,0 +1,47 @@
NAME
gcloud compute security-policies remove-user-defined-field - remove a user
defined field from a Compute Engine security policy
SYNOPSIS
gcloud compute security-policies remove-user-defined-field NAME
--user-defined-field-name=USER_DEFINED_FIELD_NAME [--region=REGION]
[GCLOUD_WIDE_FLAG ...]
DESCRIPTION
gcloud compute security-policies remove-user-defined-field is used to
remove user defined fields from security policies.
EXAMPLES
To remove a user defined field run this:
$ gcloud compute security-policies remove-user-defined-field \
SECURITY_POLICY --user-defined-field-name=my-field
POSITIONAL ARGUMENTS
NAME
Name of the security policy to update.
REQUIRED FLAGS
--user-defined-field-name=USER_DEFINED_FIELD_NAME
The name of the user defined field to remove.
OPTIONAL FLAGS
--region=REGION
Region of the security policy to update. Overrides the default
compute/region property value for this command invocation.
GCLOUD WIDE FLAGS
These flags are available to all commands: --access-token-file, --account,
--billing-project, --configuration, --flags-file, --flatten, --format,
--help, --impersonate-service-account, --log-http, --project, --quiet,
--trace-token, --user-output-enabled, --verbosity.
Run $ gcloud help for details.
NOTES
These variants are also available:
$ gcloud alpha compute security-policies remove-user-defined-field
$ gcloud beta compute security-policies remove-user-defined-field

View file

@ -4,7 +4,15 @@ NAME
SYNOPSIS
gcloud compute security-policies rules create PRIORITY --action=ACTION
(--expression=EXPRESSION | --src-ip-ranges=[SRC_IP_RANGE,...])
(--expression=EXPRESSION --network-dest-ip-ranges=[DEST_IP_RANGE,...]
--network-dest-ports=[DEST_PORT,...]
--network-ip-protocols=[IP_PROTOCOL,...]
--network-src-asns=[SRC_ASN,...]
--network-src-ip-ranges=[SRC_IP_RANGE,...]
--network-src-ports=[SRC_PORT,...]
--network-src-region-codes=[SRC_REGION_CODE,...]
--network-user-defined-fields=[NAME;VALUE:VALUE:...,...]
--src-ip-ranges=[SRC_IP_RANGE,...])
[--ban-duration-sec=BAN_DURATION_SEC]
[--ban-threshold-count=BAN_THRESHOLD_COUNT]
[--ban-threshold-interval-sec=BAN_THRESHOLD_INTERVAL_SEC]
@ -75,11 +83,48 @@ REQUIRED FLAGS
Security policy rule matcher.
Exactly one of these must be specified:
At least one of these must be specified:
--expression=EXPRESSION
The Cloud Armor rules language expression to match for this rule.
--network-dest-ip-ranges=[DEST_IP_RANGE,...]
The destination IPs/IP ranges to match for this rule. To match all
IPs specify *.
--network-dest-ports=[DEST_PORT,...]
The destination ports to match for this rule. Each element can be an
16-bit unsigned decimal number (e.g. "80") or range (e.g."0-1023"),
To match all destination ports specify *.
--network-ip-protocols=[IP_PROTOCOL,...]
The IP protocols to match for this rule. Each element can be an 8-bit
unsigned decimal number (e.g. "6"), range (e.g."253-254"), or one of
the following protocol names: "tcp", "udp", "icmp", "esp", "ah",
"ipip", or "sctp". To match all protocols specify *.
--network-src-asns=[SRC_ASN,...]
BGP Autonomous System Number associated with the source IP address to
match for this rule.
--network-src-ip-ranges=[SRC_IP_RANGE,...]
The source IPs/IP ranges to match for this rule. To match all IPs
specify *.
--network-src-ports=[SRC_PORT,...]
The source ports to match for this rule. Each element can be an
16-bit unsigned decimal number (e.g. "80") or range (e.g."0-1023"),
To match all source ports specify *.
--network-src-region-codes=[SRC_REGION_CODE,...]
The two letter ISO 3166-1 alpha-2 country code associated with the
source IP address to match for this rule. To match all region codes
specify *.
--network-user-defined-fields=[NAME;VALUE:VALUE:...,...]
Each element names a defined field and lists the matching values for
that field.
--src-ip-ranges=[SRC_IP_RANGE,...]
The source IPs/IP ranges to match for this rule. To match all IPs
specify *.

View file

@ -22,8 +22,15 @@ SYNOPSIS
[--region=REGION]
[--request-headers-to-add=[REQUEST_HEADERS_TO_ADD,...]]
[--security-policy=SECURITY_POLICY]
[--expression=EXPRESSION | --src-ip-ranges=[SRC_IP_RANGE,...]]
[GCLOUD_WIDE_FLAG ...]
[--expression=EXPRESSION --network-dest-ip-ranges=[DEST_IP_RANGE,...]
--network-dest-ports=[DEST_PORT,...]
--network-ip-protocols=[IP_PROTOCOL,...]
--network-src-asns=[SRC_ASN,...]
--network-src-ip-ranges=[SRC_IP_RANGE,...]
--network-src-ports=[SRC_PORT,...]
--network-src-region-codes=[SRC_REGION_CODE,...]
--network-user-defined-fields=[NAME;VALUE:VALUE:...,...]
--src-ip-ranges=[SRC_IP_RANGE,...]] [GCLOUD_WIDE_FLAG ...]
DESCRIPTION
gcloud compute security-policies rules update is used to update security
@ -211,11 +218,46 @@ FLAGS
Security policy rule matcher.
At most one of these can be specified:
--expression=EXPRESSION
The Cloud Armor rules language expression to match for this rule.
--network-dest-ip-ranges=[DEST_IP_RANGE,...]
The destination IPs/IP ranges to match for this rule. To match all
IPs specify *.
--network-dest-ports=[DEST_PORT,...]
The destination ports to match for this rule. Each element can be an
16-bit unsigned decimal number (e.g. "80") or range (e.g."0-1023"),
To match all destination ports specify *.
--network-ip-protocols=[IP_PROTOCOL,...]
The IP protocols to match for this rule. Each element can be an 8-bit
unsigned decimal number (e.g. "6"), range (e.g."253-254"), or one of
the following protocol names: "tcp", "udp", "icmp", "esp", "ah",
"ipip", or "sctp". To match all protocols specify *.
--network-src-asns=[SRC_ASN,...]
BGP Autonomous System Number associated with the source IP address to
match for this rule.
--network-src-ip-ranges=[SRC_IP_RANGE,...]
The source IPs/IP ranges to match for this rule. To match all IPs
specify *.
--network-src-ports=[SRC_PORT,...]
The source ports to match for this rule. Each element can be an
16-bit unsigned decimal number (e.g. "80") or range (e.g."0-1023"),
To match all source ports specify *.
--network-src-region-codes=[SRC_REGION_CODE,...]
The two letter ISO 3166-1 alpha-2 country code associated with the
source IP address to match for this rule. To match all region codes
specify *.
--network-user-defined-fields=[NAME;VALUE:VALUE:...,...]
Each element names a defined field and lists the matching values for
that field.
--src-ip-ranges=[SRC_IP_RANGE,...]
The source IPs/IP ranges to match for this rule. To match all IPs
specify *.

View file

@ -0,0 +1,33 @@
NAME
gcloud compute snapshot-settings describe - describe snapshot settings
SYNOPSIS
gcloud compute snapshot-settings describe [GCLOUD_WIDE_FLAG ...]
DESCRIPTION
Describe the snapshot settings of a project.
EXAMPLES
To display the snapshot settings of a project called my-project, run:
$ gcloud compute snapshot-settings describe --project=my-project
GCLOUD WIDE FLAGS
These flags are available to all commands: --access-token-file, --account,
--billing-project, --configuration, --flags-file, --flatten, --format,
--help, --impersonate-service-account, --log-http, --project, --quiet,
--trace-token, --user-output-enabled, --verbosity.
Run $ gcloud help for details.
API REFERENCE
This command uses the compute/v1 API. The full documentation for this API
can be found at: https://cloud.google.com/compute/
NOTES
These variants are also available:
$ gcloud alpha compute snapshot-settings describe
$ gcloud beta compute snapshot-settings describe

View file

@ -0,0 +1,31 @@
NAME
gcloud compute snapshot-settings - describe and update Compute Engine
snapshot settings
SYNOPSIS
gcloud compute snapshot-settings COMMAND [GCLOUD_WIDE_FLAG ...]
DESCRIPTION
Describe and update Compute Engine snapshot settings.
GCLOUD WIDE FLAGS
These flags are available to all commands: --help.
Run $ gcloud help for details.
COMMANDS
COMMAND is one of the following:
describe
Describe snapshot settings.
update
Update snapshot settings.
NOTES
These variants are also available:
$ gcloud alpha compute snapshot-settings
$ gcloud beta compute snapshot-settings

View file

@ -0,0 +1,69 @@
NAME
gcloud compute snapshot-settings update - update snapshot settings
SYNOPSIS
gcloud compute snapshot-settings update [--async]
[--storage-location-names=[STORAGE_LOCATION_NAMES,...]]
[--storage-location-policy=STORAGE_LOCATION_POLICY]
[GCLOUD_WIDE_FLAG ...]
DESCRIPTION
Update the snapshot settings of a project.
EXAMPLES
To update the snapshot settings and set the storage location policy to the
nearest multi-region as the source disk, run:
$ gcloud compute snapshot-settings update \
--storage-location-policy=nearest-multi-region
To update the snapshot settings and set the storage location policy to the
same region as the source disk, run:
$ gcloud alpha compute snapshot-settings update \ --storage-location-policy=local-region
To update the snapshot settings and set the storage location policy to
store snapshots in a specific location like us-west1, run:
$ gcloud compute snapshot-settings update \
--storage-location-policy=specific-locations \
--storage-location-names=us-west1
FLAGS
--async
Return immediately, without waiting for the operation in progress to
complete.
--storage-location-names=[STORAGE_LOCATION_NAMES,...]
The custom storage locations that you specify for the project's
snapshots. Use this flag only when you use the SPECIFIC_LOCATIONS value
for the --storage-location-policy flag. For more information, refer to
the snapshot settings documentation at
https://cloud.google.com/compute/docs/disks/snapshot-settings.
--storage-location-policy=STORAGE_LOCATION_POLICY
The storage location policy. For more information, refer to the
snapshot settings documentation at
https://cloud.google.com/compute/docs/disks/snapshot-settings.
STORAGE_LOCATION_POLICY must be one of: local-region,
nearest-multi-region, specific-locations.
GCLOUD WIDE FLAGS
These flags are available to all commands: --access-token-file, --account,
--billing-project, --configuration, --flags-file, --flatten, --format,
--help, --impersonate-service-account, --log-http, --project, --quiet,
--trace-token, --user-output-enabled, --verbosity.
Run $ gcloud help for details.
API REFERENCE
This command uses the compute/v1 API. The full documentation for this API
can be found at: https://cloud.google.com/compute/
NOTES
These variants are also available:
$ gcloud alpha compute snapshot-settings update
$ gcloud beta compute snapshot-settings update

View file

@ -35,6 +35,9 @@ COMMANDS
list
List Google Compute Engine target instances.
update
Update a Compute Engine target instance.
NOTES
These variants are also available:

View file

@ -0,0 +1,70 @@
NAME
gcloud compute target-instances update - update a Compute Engine target
instance
SYNOPSIS
gcloud compute target-instances update NAME
[--security-policy=SECURITY_POLICY]
[--security-policy-region=SECURITY_POLICY_REGION] [--zone=ZONE]
[GCLOUD_WIDE_FLAG ...]
DESCRIPTION
gcloud compute target-instances update updates a Compute Engine target
instance.
EXAMPLES
To update the security policy run this:
$ gcloud compute target-instances update TARGET_INSTANCE \
--security-policy='my-policy'
POSITIONAL ARGUMENTS
NAME
Name of the target instance to update.
FLAGS
--security-policy=SECURITY_POLICY
The security policy that will be set for this target instance. To
remove the policy from this target instance set the policy to an empty
string.
--security-policy-region=SECURITY_POLICY_REGION
Region of the security policy to operate on. Overrides the default
compute/region property value for this command invocation.
--zone=ZONE
Zone of the target instance to update. If not specified and the
compute/zone property isn't set, you might be prompted to select a zone
(interactive mode only).
To avoid prompting when this flag is omitted, you can set the
compute/zone property:
$ gcloud config set compute/zone ZONE
A list of zones can be fetched by running:
$ gcloud compute zones list
To unset the property, run:
$ gcloud config unset compute/zone
Alternatively, the zone can be stored in the environment variable
CLOUDSDK_COMPUTE_ZONE.
GCLOUD WIDE FLAGS
These flags are available to all commands: --access-token-file, --account,
--billing-project, --configuration, --flags-file, --flatten, --format,
--help, --impersonate-service-account, --log-http, --project, --quiet,
--trace-token, --user-output-enabled, --verbosity.
Run $ gcloud help for details.
NOTES
These variants are also available:
$ gcloud alpha compute target-instances update
$ gcloud beta compute target-instances update

View file

@ -53,6 +53,9 @@ COMMANDS
set-backup
Set a backup pool for a target pool.
update
Update a Compute Engine target pool.
NOTES
These variants are also available:

View file

@ -0,0 +1,66 @@
NAME
gcloud compute target-pools update - update a Compute Engine target pool
SYNOPSIS
gcloud compute target-pools update NAME [--region=REGION]
[--security-policy=SECURITY_POLICY]
[--security-policy-region=SECURITY_POLICY_REGION]
[GCLOUD_WIDE_FLAG ...]
DESCRIPTION
gcloud compute target-pools update updates a Compute Engine target pool.
EXAMPLES
To update the security policy run this:
$ gcloud compute target-pools update TARGET_POOL \
--security-policy='my-policy'
POSITIONAL ARGUMENTS
NAME
The name of the target pool.
FLAGS
--region=REGION
Region of the target pool to update. If not specified, you might be
prompted to select a region (interactive mode only).
To avoid prompting when this flag is omitted, you can set the
compute/region property:
$ gcloud config set compute/region REGION
A list of regions can be fetched by running:
$ gcloud compute regions list
To unset the property, run:
$ gcloud config unset compute/region
Alternatively, the region can be stored in the environment variable
CLOUDSDK_COMPUTE_REGION.
--security-policy=SECURITY_POLICY
The security policy that will be set for this target pool. To remove
the policy from this target pool set the policy to an empty string.
--security-policy-region=SECURITY_POLICY_REGION
Region of the security policy to operate on. Overrides the default
compute/region property value for this command invocation.
GCLOUD WIDE FLAGS
These flags are available to all commands: --access-token-file, --account,
--billing-project, --configuration, --flags-file, --flatten, --format,
--help, --impersonate-service-account, --log-http, --project, --quiet,
--trace-token, --user-output-enabled, --verbosity.
Run $ gcloud help for details.
NOTES
These variants are also available:
$ gcloud alpha compute target-pools update
$ gcloud beta compute target-pools update

View file

@ -4,8 +4,9 @@ NAME
SYNOPSIS
gcloud compute tpus tpu-vm update (TPU : --zone=ZONE)
[--add-tags=[TAGS,...]] [--async] [--description=DESCRIPTION]
[--internal-ips] [--clear-tags | --remove-tags=[TAG,...]]
[GCLOUD_WIDE_FLAG ...]
[--internal-ips] [--update-labels=[KEY=VALUE,...]]
[--clear-labels | --remove-labels=[KEY,...]]
[--clear-tags | --remove-tags=[TAG,...]] [GCLOUD_WIDE_FLAG ...]
DESCRIPTION
Update a Cloud TPU VM node.
@ -17,6 +18,25 @@ EXAMPLES
$ gcloud compute tpus tpu-vm update my-tpu \
--description="A new description"
To modify a TPU VM node with ID my-tpu in the default user project, network
and compute/zone (with other defaults supplied by API) by adding labels k0,
with value value0 and label k1 with value value1 and removing labels with
key k2, run:
$ gcloud compute tpus tpu-vm update my-tpu \
--update-labels=k0=value0,k1=value1 --remove-labels=k2
Labels can be used to identify the TPU VM node. To list TPU VM nodes with
the k1:value1 label, run:
$ gcloud compute tpus tpu-vm list --filter='labels.k1=value1'
To list only the labels when describing a resource, use --format to filter
the result:
$ gcloud compute tpus tpu-vm describe my-tpu \
--format="default(labels)"
POSITIONAL ARGUMENTS
Tpu resource - Name of the Cloud TPU VM node to update. The arguments in
this group can be used to specify the attributes of this resource. (NOTE)
@ -70,6 +90,33 @@ FLAGS
default is that external IP addresses will be associated with the TPU
workers.
--update-labels=[KEY=VALUE,...]
Resource labels to update that represent user-provided metadata. If a
label exists, its value is modified. Otherwise, a new label is created.
See https://cloud.google.com/compute/docs/labeling-resources for
details.
At most one of these can be specified:
--clear-labels
Remove all labels. If --update-labels is also specified then
--clear-labels is applied first.
For example, to remove all labels:
$ gcloud compute tpus tpu-vm update --clear-labels
To remove all existing labels and create two new labels, 'foo' and
'baz':
$ gcloud compute tpus tpu-vm update --clear-labels \
--update-labels foo=bar,baz=qux
--remove-labels=[KEY,...]
List of label keys to remove. If a label does not exist it is
silently ignored. If --update-labels is also specified then
--update-labels is applied first.
At most one of these can be specified:
--clear-tags