diff --git a/gcloud/_version b/gcloud/_version index f1d9c0438..3980e963a 100644 --- a/gcloud/_version +++ b/gcloud/_version @@ -1,8 +1,8 @@ -Google Cloud SDK 468.0.0 -alpha 2024.03.08 -beta 2024.03.08 -bq 2.0.101 +Google Cloud SDK 469.0.0 +alpha 2024.03.15 +beta 2024.03.15 +bq 2.1.1 bundled-python3-unix 3.11.8 -core 2024.03.08 +core 2024.03.15 gcloud-crc32c 1.0.0 gsutil 5.27 diff --git a/gcloud/alpha/alloydb/instances/create b/gcloud/alpha/alloydb/instances/create index 5999c0e50..0bb8b0158 100644 --- a/gcloud/alpha/alloydb/instances/create +++ b/gcloud/alpha/alloydb/instances/create @@ -5,6 +5,7 @@ NAME SYNOPSIS gcloud alpha alloydb instances create INSTANCE --cluster=CLUSTER --cpu-count=CPU_COUNT --instance-type=INSTANCE_TYPE --region=REGION + [--allowed-psc-projects=[ALLOWED_PSC_PROJECTS,...]] [--assign-inbound-public-ip=ASSIGN_INBOUND_PUBLIC_IP] [--async] [--availability-type=AVAILABILITY_TYPE] [--database-flags=FLAG=VALUE,[FLAG=VALUE,...]] @@ -63,6 +64,12 @@ REQUIRED FLAGS regions at https://cloud.google.com/sql/docs/instance-locations. OPTIONAL FLAGS + --allowed-psc-projects=[ALLOWED_PSC_PROJECTS,...] + Comma-separated list of allowed consumer projects to create endpoints + for Private Services Connect (PSC) connectivity for the instance. Only + instances in PSC-enabled clusters are allowed to set this field.(e.g., + --allowed-psc-projects=project1,12345678,project2) + --assign-inbound-public-ip=ASSIGN_INBOUND_PUBLIC_IP Specify to enable or disable public IP on an instance. On instance creation only disabling public IP is allowed. If you want to enable diff --git a/gcloud/alpha/alloydb/instances/update b/gcloud/alpha/alloydb/instances/update index 67249ae0f..2e23a6561 100644 --- a/gcloud/alpha/alloydb/instances/update +++ b/gcloud/alpha/alloydb/instances/update @@ -4,8 +4,9 @@ NAME SYNOPSIS gcloud alpha alloydb instances update INSTANCE --cluster=CLUSTER - --region=REGION [--assign-inbound-public-ip=ASSIGN_INBOUND_PUBLIC_IP] - [--async] [--authorized-external-networks=[AUTHORIZED_NETWORK,...]] + --region=REGION [--allowed-psc-projects=[ALLOWED_PSC_PROJECTS,...]] + [--assign-inbound-public-ip=ASSIGN_INBOUND_PUBLIC_IP] [--async] + [--authorized-external-networks=[AUTHORIZED_NETWORK,...]] [--availability-type=AVAILABILITY_TYPE] [--cpu-count=CPU_COUNT] [--database-flags=FLAG=VALUE,[FLAG=VALUE,...]] [--insights-config-query-plans-per-minute=INSIGHTS_CONFIG_QUERY_PLANS_PER_MINUTE] @@ -39,6 +40,12 @@ REQUIRED FLAGS regions at https://cloud.google.com/sql/docs/instance-locations. OPTIONAL FLAGS + --allowed-psc-projects=[ALLOWED_PSC_PROJECTS,...] + Comma-separated list of allowed consumer projects to create endpoints + for Private Services Connect (PSC) connectivity for the instance. Only + instances in PSC-enabled clusters are allowed to set this field.(e.g., + --allowed-psc-projects=project1,12345678,project2) + --assign-inbound-public-ip=ASSIGN_INBOUND_PUBLIC_IP Specify to enable or disable public IP on an instance. ASSIGN_INBOUND_PUBLIC_IP must be one of: diff --git a/gcloud/alpha/bigtable/app-profiles/create b/gcloud/alpha/bigtable/app-profiles/create index 8eaea2dd0..5d8275a29 100644 --- a/gcloud/alpha/bigtable/app-profiles/create +++ b/gcloud/alpha/bigtable/app-profiles/create @@ -7,8 +7,10 @@ SYNOPSIS (APP_PROFILE : --instance=INSTANCE) ([--route-any : --restrict-to=[RESTRICT_TO,...]] | [--route-to=ROUTE_TO : --transactional-writes]) - [--description=DESCRIPTION] [--force] [--priority=PRIORITY] - [GCLOUD_WIDE_FLAG ...] + [--description=DESCRIPTION] [--force] + [--data-boost + --data-boost-compute-billing-owner=DATA_BOOST_COMPUTE_BILLING_OWNER + | [--priority=PRIORITY : --standard]] [GCLOUD_WIDE_FLAG ...] DESCRIPTION (ALPHA) Create a new Bigtable app profile. @@ -37,6 +39,13 @@ EXAMPLES $ gcloud alpha bigtable app-profiles create my-app-profile-id \ --instance=my-instance-id --route-any --priority=PRIORITY_MEDIUM + To create an app profile with Data Boost enabled which bills usage to the + host project, run: + + $ gcloud alpha bigtable app-profiles create my-app-profile-id \ + --instance=my-instance-id --data-boost \ + --data-boost-compute-billing-owner=HOST_PAYS + POSITIONAL ARGUMENTS App profile resource - The app profile to create. The arguments in this group can be used to specify the attributes of this resource. (NOTE) Some @@ -102,16 +111,57 @@ OPTIONAL FLAGS --force Ignore warnings and force create. - --priority=PRIORITY - Specify the request priority. If not specified, the app profile uses - PRIORITY_HIGH by default. PRIORITY must be one of: + At most one of these can be specified: - PRIORITY_HIGH - Requests are treated with high priority. - PRIORITY_LOW - Requests are treated with low priority. - PRIORITY_MEDIUM - Requests are treated with medium priority. + Data Boost Read-only Isolation + + --data-boost + Use Data Boost Read-only Isolation, rather than Standard Isolation. + If specified, --data-boost-compute-billing-owner is required. + Specifying Data Boost Read-only Isolation on an app profile which + has Standard Isolation enabled may cause unexpected behavior for + running applications. + + This flag argument must be specified if any of the other arguments + in this group are specified. + + --data-boost-compute-billing-owner=DATA_BOOST_COMPUTE_BILLING_OWNER + Specify the Data Boost Compute Billing Owner, required if + --data-boost is passed. DATA_BOOST_COMPUTE_BILLING_OWNER must be + (only one value is supported): + + HOST_PAYS + Compute Billing should be accounted towards the host Cloud + Project (containing the targeted Bigtable Instance / Table). + + This flag argument must be specified if any of the other arguments + in this group are specified. + + Standard Isolation + + --priority=PRIORITY + Specify the request priority under Standard Isolation. Passing this + option implies Standard Isolation, e.g. the --standard option. If + not specified, the app profile uses Standard Isolation with + PRIORITY_HIGH by default. Specifying request priority on an app + profile that has Data Boost Read-Only Isolation enabled will change + the isolation to Standard and use the specified priority, which may + cause unexpected behavior for running applications. PRIORITY must + be one of: + + PRIORITY_HIGH + Requests are treated with high priority. + PRIORITY_LOW + Requests are treated with low priority. + PRIORITY_MEDIUM + Requests are treated with medium priority. + + This flag argument must be specified if any of the other arguments + in this group are specified. + + --standard + Use Standard Isolation, rather than Data Boost Read-only Isolation. + If specified, --priority is required. GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, diff --git a/gcloud/alpha/bigtable/app-profiles/update b/gcloud/alpha/bigtable/app-profiles/update index 52dc200bd..503b4942d 100644 --- a/gcloud/alpha/bigtable/app-profiles/update +++ b/gcloud/alpha/bigtable/app-profiles/update @@ -4,7 +4,10 @@ NAME SYNOPSIS gcloud alpha bigtable app-profiles update (APP_PROFILE : --instance=INSTANCE) [--async] - [--description=DESCRIPTION] [--force] [--priority=PRIORITY] + [--description=DESCRIPTION] [--force] + [--data-boost + --data-boost-compute-billing-owner=DATA_BOOST_COMPUTE_BILLING_OWNER + | [--priority=PRIORITY : --standard]] [[--route-any : --restrict-to=[RESTRICT_TO,...]] | [--route-to=ROUTE_TO : --transactional-writes]] [GCLOUD_WIDE_FLAG ...] @@ -35,6 +38,13 @@ EXAMPLES $ gcloud alpha bigtable app-profiles update my-app-profile-id \ --instance=my-instance-id --priority=PRIORITY_LOW + To update an app profile to enable Data Boost which bills usage to the host + project, run: + + $ gcloud alpha bigtable app-profiles update my-app-profile-id \ + --instance=my-instance-id --data-boost \ + --data-boost-compute-billing-owner=HOST_PAYS + POSITIONAL ARGUMENTS App profile resource - The app profile to update. The arguments in this group can be used to specify the attributes of this resource. (NOTE) Some @@ -78,16 +88,57 @@ FLAGS --force Ignore warnings and force update. - --priority=PRIORITY - Specify the request priority. If not specified, the app profile uses - PRIORITY_HIGH by default. PRIORITY must be one of: + At most one of these can be specified: - PRIORITY_HIGH - Requests are treated with high priority. - PRIORITY_LOW - Requests are treated with low priority. - PRIORITY_MEDIUM - Requests are treated with medium priority. + Data Boost Read-only Isolation + + --data-boost + Use Data Boost Read-only Isolation, rather than Standard Isolation. + If specified, --data-boost-compute-billing-owner is required. + Specifying Data Boost Read-only Isolation on an app profile which + has Standard Isolation enabled may cause unexpected behavior for + running applications. + + This flag argument must be specified if any of the other arguments + in this group are specified. + + --data-boost-compute-billing-owner=DATA_BOOST_COMPUTE_BILLING_OWNER + Specify the Data Boost Compute Billing Owner, required if + --data-boost is passed. DATA_BOOST_COMPUTE_BILLING_OWNER must be + (only one value is supported): + + HOST_PAYS + Compute Billing should be accounted towards the host Cloud + Project (containing the targeted Bigtable Instance / Table). + + This flag argument must be specified if any of the other arguments + in this group are specified. + + Standard Isolation + + --priority=PRIORITY + Specify the request priority under Standard Isolation. Passing this + option implies Standard Isolation, e.g. the --standard option. If + not specified, the app profile uses Standard Isolation with + PRIORITY_HIGH by default. Specifying request priority on an app + profile that has Data Boost Read-Only Isolation enabled will change + the isolation to Standard and use the specified priority, which may + cause unexpected behavior for running applications. PRIORITY must + be one of: + + PRIORITY_HIGH + Requests are treated with high priority. + PRIORITY_LOW + Requests are treated with low priority. + PRIORITY_MEDIUM + Requests are treated with medium priority. + + This flag argument must be specified if any of the other arguments + in this group are specified. + + --standard + Use Standard Isolation, rather than Data Boost Read-only Isolation. + If specified, --priority is required. At most one of these can be specified: diff --git a/gcloud/alpha/compute/instance-groups/managed/update b/gcloud/alpha/compute/instance-groups/managed/update index 63f1cfb0c..9e4d2673a 100644 --- a/gcloud/alpha/compute/instance-groups/managed/update +++ b/gcloud/alpha/compute/instance-groups/managed/update @@ -7,6 +7,9 @@ SYNOPSIS [--default-action-on-vm-failure=ACTION_ON_VM_FAILURE] [--description=DESCRIPTION] [--[no-]force-update-on-repair] [--instance-redistribution-type=TYPE] + [--instance-selection=name=NAME, + machine-type=MACHINE_TYPE[,machine-type=MACHINE_TYPE...][,rank=RANK]] + [--instance-selection-machine-types=[MACHINE_TYPE,...]] [--list-managed-instances-results=MODE] [--remove-stateful-disks=DEVICE_NAME,[DEVICE_NAME,...]] [--remove-stateful-external-ips=INTERFACE_NAME,[...]] @@ -109,6 +112,15 @@ FLAGS The managed instance group proactively redistributes instances to meet its target distribution. + --instance-selection=name=NAME,machine-type=MACHINE_TYPE[,machine-type=MACHINE_TYPE...][,rank=RANK] + Named selection of machine types with an optional rank. eg. + --instance-selection="name=instance-selection-1,machine-type=e2-standard-8,machine-type=t2d-standard-8,rank=0" + + --instance-selection-machine-types=[MACHINE_TYPE,...] + Primary machine types to use for the Compute Engine instances that will + be created with the managed instance group. If not provided, machine + type specified in the instance template will be used. + --list-managed-instances-results=MODE Pagination behavior for the group's listManagedInstances API method. This flag does not affect the group's gcloud or console list-instances diff --git a/gcloud/alpha/compute/instance-templates/create b/gcloud/alpha/compute/instance-templates/create index 000b55f11..a35b3ec57 100644 --- a/gcloud/alpha/compute/instance-templates/create +++ b/gcloud/alpha/compute/instance-templates/create @@ -14,6 +14,7 @@ SYNOPSIS [--disk=[auto-delete=AUTO-DELETE], [boot=BOOT],[device-name=DEVICE-NAME],[mode=MODE],[name=NAME]] [--[no-]enable-nested-virtualization] [--[no-]enable-uefi-networking] + [--enable-watchdog-timer] [--external-ipv6-address=EXTERNAL_IPV6_ADDRESS] [--external-ipv6-prefix-length=EXTERNAL_IPV6_PREFIX_LENGTH] [--graceful-shutdown] @@ -268,6 +269,10 @@ FLAGS support. For available processor types on Compute Engine, see https://cloud.google.com/compute/docs/cpu-platforms. + storage-pool + The name of the storage pool in which the new disk is created. The + new disk and the storage pool must be in the same location. + boot If yes, indicates that this is a boot disk. The instance will use the first partition of the disk for its root file system. The @@ -337,10 +342,6 @@ FLAGS to. You must provide exactly two replica zones, and one zone must be the same as the instance zone. - storage-pool - The name of the storage pool in which the new disk is created. The - new disk and the storage pool must be in the same location. - --description=DESCRIPTION Specifies a textual description for the instance template. @@ -387,6 +388,9 @@ FLAGS --enable-uefi-networking to enable and --no-enable-uefi-networking to disable. + --enable-watchdog-timer + Enable a watchdog timer device on VM instances. Disabled by default. + --external-ipv6-address=EXTERNAL_IPV6_ADDRESS Assigns the given external IPv6 address to the instance that is created. The address must be the first IP address in the range. This diff --git a/gcloud/alpha/compute/instance-templates/create-with-container b/gcloud/alpha/compute/instance-templates/create-with-container index d4af94dc7..50181838f 100644 --- a/gcloud/alpha/compute/instance-templates/create-with-container +++ b/gcloud/alpha/compute/instance-templates/create-with-container @@ -357,6 +357,10 @@ FLAGS support. For available processor types on Compute Engine, see https://cloud.google.com/compute/docs/cpu-platforms. + storage-pool + The name of the storage pool in which the new disk is created. The + new disk and the storage pool must be in the same location. + multi-writer If yes, the disk is created in multi-writer mode so that it can be attached with read-write access to two VMs. The default value is diff --git a/gcloud/alpha/compute/instances/bulk/create b/gcloud/alpha/compute/instances/bulk/create index 040ad056b..fb6ed9101 100644 --- a/gcloud/alpha/compute/instances/bulk/create +++ b/gcloud/alpha/compute/instances/bulk/create @@ -17,7 +17,8 @@ SYNOPSIS [--disk=[boot=BOOT], [device-name=DEVICE-NAME],[name=NAME],[scope=SCOPE]] [--enable-display-device] [--[no-]enable-nested-virtualization] - [--[no-]enable-uefi-networking] [--erase-windows-vss-signature] + [--[no-]enable-uefi-networking] [--enable-watchdog-timer] + [--erase-windows-vss-signature] [--host-error-timeout-seconds=HOST_ERROR_TIMEOUT_SECONDS] [--instance-termination-action=INSTANCE_TERMINATION_ACTION] [--labels=[KEY=VALUE,...]] @@ -290,6 +291,10 @@ OPTIONAL FLAGS support. For available processor types on Compute Engine, see https://cloud.google.com/compute/docs/cpu-platforms. + storage-pool + The name of the storage pool in which the new disk is created. The + new disk and the storage pool must be in the same location. + boot If yes, indicates that this is a boot disk. The instance will use the first partition of the disk for its root file system. The @@ -373,10 +378,6 @@ OPTIONAL FLAGS to. You must provide exactly two replica zones, and one zone must be the same as the instance zone. - storage-pool - The name of the storage pool in which the new disk is created. The - new disk and the storage pool must be in the same location. - --description=DESCRIPTION Specifies a textual description of the instances. @@ -416,6 +417,9 @@ OPTIONAL FLAGS --enable-uefi-networking to enable and --no-enable-uefi-networking to disable. + --enable-watchdog-timer + Enable a watchdog timer device on VM instances. Disabled by default. + --erase-windows-vss-signature Specifies whether the disk restored from source snapshots or source machine image should erase Windows specific VSS signature. See diff --git a/gcloud/alpha/compute/instances/create b/gcloud/alpha/compute/instances/create index 90064722d..63e4f882c 100644 --- a/gcloud/alpha/compute/instances/create +++ b/gcloud/alpha/compute/instances/create @@ -17,7 +17,8 @@ SYNOPSIS [--disk=[auto-delete=AUTO-DELETE],[boot=BOOT],[device-name=DEVICE-NAME], [force-attach=FORCE-ATTACH],[mode=MODE],[name=NAME],[scope=SCOPE]] [--enable-display-device] [--[no-]enable-nested-virtualization] - [--[no-]enable-uefi-networking] [--erase-windows-vss-signature] + [--[no-]enable-uefi-networking] [--enable-watchdog-timer] + [--erase-windows-vss-signature] [--external-ipv6-address=EXTERNAL_IPV6_ADDRESS] [--external-ipv6-prefix-length=EXTERNAL_IPV6_PREFIX_LENGTH] [--graceful-shutdown] @@ -309,6 +310,10 @@ FLAGS support. For available processor types on Compute Engine, see https://cloud.google.com/compute/docs/cpu-platforms. + storage-pool + The name of the storage pool in which the new disk is created. The + new disk and the storage pool must be in the same location. + boot If yes, indicates that this is a boot disk. The instance will use the first partition of the disk for its root file system. The @@ -425,10 +430,6 @@ FLAGS to. You must provide exactly two replica zones, and one zone must be the same as the instance zone. - storage-pool - The name of the storage pool in which the new disk is created. The - new disk and the storage pool must be in the same location. - --csek-key-file=FILE Path to a Customer-Supplied Encryption Key (CSEK) key file that maps Compute Engine resources to user managed keys to be used when creating, @@ -500,6 +501,9 @@ FLAGS --enable-uefi-networking to enable and --no-enable-uefi-networking to disable. + --enable-watchdog-timer + Enable a watchdog timer device on VM instances. Disabled by default. + --erase-windows-vss-signature Specifies whether the disk restored from source snapshots or source machine image should erase Windows specific VSS signature. See diff --git a/gcloud/alpha/compute/instances/create-with-container b/gcloud/alpha/compute/instances/create-with-container index 64ec47a3f..c71f59284 100644 --- a/gcloud/alpha/compute/instances/create-with-container +++ b/gcloud/alpha/compute/instances/create-with-container @@ -364,6 +364,10 @@ FLAGS support. For available processor types on Compute Engine, see https://cloud.google.com/compute/docs/cpu-platforms. + storage-pool + The name of the storage pool in which the new disk is created. The + new disk and the storage pool must be in the same location. + multi-writer If yes, the disk is created in multi-writer mode so that it can be attached with read-write access to two VMs. The default value is diff --git a/gcloud/alpha/compute/queued-resources/create b/gcloud/alpha/compute/queued-resources/create index 807184006..5c9bd358b 100644 --- a/gcloud/alpha/compute/queued-resources/create +++ b/gcloud/alpha/compute/queued-resources/create @@ -18,7 +18,8 @@ SYNOPSIS [--disk=[boot=BOOT], [device-name=DEVICE-NAME],[name=NAME],[scope=SCOPE]] [--enable-display-device] [--[no-]enable-nested-virtualization] - [--[no-]enable-uefi-networking] [--erase-windows-vss-signature] + [--[no-]enable-uefi-networking] [--enable-watchdog-timer] + [--erase-windows-vss-signature] [--host-error-timeout-seconds=HOST_ERROR_TIMEOUT_SECONDS] [--instance-termination-action=INSTANCE_TERMINATION_ACTION] [--labels=[KEY=VALUE,...]] @@ -274,6 +275,10 @@ OPTIONAL FLAGS support. For available processor types on Compute Engine, see https://cloud.google.com/compute/docs/cpu-platforms. + storage-pool + The name of the storage pool in which the new disk is created. The + new disk and the storage pool must be in the same location. + boot If yes, indicates that this is a boot disk. The instance will use the first partition of the disk for its root file system. The @@ -396,6 +401,9 @@ OPTIONAL FLAGS --enable-uefi-networking to enable and --no-enable-uefi-networking to disable. + --enable-watchdog-timer + Enable a watchdog timer device on VM instances. Disabled by default. + --erase-windows-vss-signature Specifies whether the disk restored from source snapshots or source machine image should erase Windows specific VSS signature. See diff --git a/gcloud/alpha/container/attached/clusters/delete b/gcloud/alpha/container/attached/clusters/delete index 41256aeaf..f71f97ff8 100644 --- a/gcloud/alpha/container/attached/clusters/delete +++ b/gcloud/alpha/container/attached/clusters/delete @@ -58,7 +58,7 @@ FLAGS complete. --ignore-errors - Force delete an Attached cluster. Deletion of Attached cluster will + Force delete an Attached cluster. Deletion of the Attached cluster will succeed even if errors occur during deleting in-cluster resources. Using this parameter may result in orphaned resources in the cluster. diff --git a/gcloud/alpha/container/aws/clusters/delete b/gcloud/alpha/container/aws/clusters/delete index 77ff0b5e4..6f1344d63 100644 --- a/gcloud/alpha/container/aws/clusters/delete +++ b/gcloud/alpha/container/aws/clusters/delete @@ -4,7 +4,8 @@ NAME SYNOPSIS gcloud alpha container aws clusters delete (CLUSTER : --location=LOCATION) - [--allow-missing] [--async] [--validate-only] [GCLOUD_WIDE_FLAG ...] + [--allow-missing] [--async] [--ignore-errors] [--validate-only] + [GCLOUD_WIDE_FLAG ...] DESCRIPTION (ALPHA) Delete an Anthos cluster on AWS. @@ -55,6 +56,11 @@ FLAGS Return immediately, without waiting for the operation in progress to complete. + --ignore-errors + Force delete an AWS cluster. Deletion of the AWS cluster will succeed + even if errors occur during deleting in-cluster resources. Using this + parameter may result in orphaned resources in the cluster. + --validate-only Validate the cluster to delete, but don't actually perform it. diff --git a/gcloud/alpha/container/aws/node-pools/delete b/gcloud/alpha/container/aws/node-pools/delete index 1a65b0b7c..dc88e6245 100644 --- a/gcloud/alpha/container/aws/node-pools/delete +++ b/gcloud/alpha/container/aws/node-pools/delete @@ -5,7 +5,7 @@ NAME SYNOPSIS gcloud alpha container aws node-pools delete (NODE_POOL : --cluster=CLUSTER --location=LOCATION) [--allow-missing] - [--async] [--validate-only] [GCLOUD_WIDE_FLAG ...] + [--async] [--ignore-errors] [--validate-only] [GCLOUD_WIDE_FLAG ...] DESCRIPTION (ALPHA) Delete a node pool in an Anthos cluster on AWS. @@ -58,13 +58,18 @@ POSITIONAL ARGUMENTS FLAGS --allow-missing - Allow idempotent deletion of cluster. The request will still succeed in - case the cluster does not exist. + Allow idempotent deletion of node pool. The request will still succeed + in case the node pool does not exist. --async Return immediately, without waiting for the operation in progress to complete. + --ignore-errors + Force delete an AWS node pool. Deletion of the AWS node pool will + succeed even if errors occur during deleting in-node pool resources. + Using this parameter may result in orphaned resources in the node pool. + --validate-only Validate the node pool to delete, but don't actually perform it. diff --git a/gcloud/alpha/container/azure/clients/delete b/gcloud/alpha/container/azure/clients/delete index c206da394..506a5040c 100644 --- a/gcloud/alpha/container/azure/clients/delete +++ b/gcloud/alpha/container/azure/clients/delete @@ -47,8 +47,8 @@ POSITIONAL ARGUMENTS FLAGS --allow-missing - Allow idempotent deletion of cluster. The request will still succeed in - case the cluster does not exist. + Allow idempotent deletion of client. The request will still succeed in + case the client does not exist. --async Return immediately, without waiting for the operation in progress to diff --git a/gcloud/alpha/container/azure/clusters/delete b/gcloud/alpha/container/azure/clusters/delete index 2f6dc1334..e48f9672b 100644 --- a/gcloud/alpha/container/azure/clusters/delete +++ b/gcloud/alpha/container/azure/clusters/delete @@ -5,7 +5,7 @@ NAME SYNOPSIS gcloud alpha container azure clusters delete (CLUSTER : --location=LOCATION) [--allow-missing] [--async] - [GCLOUD_WIDE_FLAG ...] + [--ignore-errors] [GCLOUD_WIDE_FLAG ...] DESCRIPTION (ALPHA) Delete an Anthos cluster on Azure. @@ -56,6 +56,11 @@ FLAGS Return immediately, without waiting for the operation in progress to complete. + --ignore-errors + Force delete an Azure cluster. Deletion of the Azure cluster will + succeed even if errors occur during deleting in-cluster resources. + Using this parameter may result in orphaned resources in the cluster. + GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, diff --git a/gcloud/alpha/container/azure/node-pools/delete b/gcloud/alpha/container/azure/node-pools/delete index 99eba5fc4..0ba25f52d 100644 --- a/gcloud/alpha/container/azure/node-pools/delete +++ b/gcloud/alpha/container/azure/node-pools/delete @@ -5,7 +5,7 @@ NAME SYNOPSIS gcloud alpha container azure node-pools delete (NODE_POOL : --cluster=CLUSTER --location=LOCATION) [--allow-missing] - [--async] [GCLOUD_WIDE_FLAG ...] + [--async] [--ignore-errors] [GCLOUD_WIDE_FLAG ...] DESCRIPTION (ALPHA) Delete a node pool in an Anthos cluster on Azure. @@ -58,13 +58,18 @@ POSITIONAL ARGUMENTS FLAGS --allow-missing - Allow idempotent deletion of cluster. The request will still succeed in - case the cluster does not exist. + Allow idempotent deletion of node pool. The request will still succeed + in case the node pool does not exist. --async Return immediately, without waiting for the operation in progress to complete. + --ignore-errors + Force delete an Azure node pool. Deletion of the Azure node pool will + succeed even if errors occur during deleting in-node pool resources. + Using this parameter may result in orphaned resources in the node pool. + GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, diff --git a/gcloud/alpha/container/fleet/scopes/help b/gcloud/alpha/container/fleet/scopes/help index ef75155c4..6283bb2f0 100644 --- a/gcloud/alpha/container/fleet/scopes/help +++ b/gcloud/alpha/container/fleet/scopes/help @@ -43,6 +43,9 @@ COMMANDS list (ALPHA) List fleet scopes in a project. + list-memberships + (ALPHA) List memberships bound to a fleet scope. + remove-iam-policy-binding (ALPHA) Remove IAM policy binding of a Fleet Scope. diff --git a/gcloud/alpha/container/fleet/scopes/list-memberships b/gcloud/alpha/container/fleet/scopes/list-memberships new file mode 100644 index 000000000..8e9686b07 --- /dev/null +++ b/gcloud/alpha/container/fleet/scopes/list-memberships @@ -0,0 +1,91 @@ +NAME + gcloud alpha container fleet scopes list-memberships - list memberships + bound to a fleet scope + +SYNOPSIS + gcloud alpha container fleet scopes list-memberships SCOPE + [--filter=EXPRESSION] [--limit=LIMIT] [--page-size=PAGE_SIZE] + [--sort-by=[FIELD,...]] [--uri] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (ALPHA) This command can fail for the following reasons: + ▪ The scope specified does not exist. + ▪ The user does not have access to the specified scope. + +EXAMPLES + The following command lists memberships bound to scope SCOPE in project + PROJECT_ID: + + $ gcloud alpha container fleet scopes list-memberships SCOPE \ + --project=PROJECT_ID + +POSITIONAL ARGUMENTS + Scope resource - The group of arguments defining the Fleet Scope. This + represents a Cloud resource. (NOTE) Some attributes are not given + arguments in this group but can be set in other ways. + + To set the project attribute: + ◆ provide the argument SCOPE on the command line with a fully specified + name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + To set the location attribute: + ◆ provide the argument SCOPE on the command line with a fully specified + name; + ◆ global is the only supported location. + + This must be specified. + + SCOPE + ID of the scope or fully qualified identifier for the scope. + + To set the scope attribute: + ▸ provide the argument SCOPE on the command line. + +LIST COMMAND FLAGS + --filter=EXPRESSION + Apply a Boolean filter EXPRESSION to each resource item to be listed. + If the expression evaluates True, then that item is listed. For more + details and examples of filter expressions, run $ gcloud topic filters. + This flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --limit=LIMIT + Maximum number of resources to list. The default is unlimited. This + flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --page-size=PAGE_SIZE + Some services group resource list output into pages. This flag + specifies the maximum number of resources per page. The default is + determined by the service if it supports paging, otherwise it is + unlimited (no paging). Paging may be applied before or after --filter + and --limit depending on the service. + + --sort-by=[FIELD,...] + Comma-separated list of resource field key names to sort by. The + default order is ascending. Prefix a field with ``~'' for descending + order on that field. This flag interacts with other flags that are + applied in this order: --flatten, --sort-by, --filter, --limit. + + --uri + Print a list of resource URIs instead of the default output, and change + the command output to a list of URIs. If this flag is used with + --format, the formatting is applied on this URI list. To display URIs + alongside other keys instead, use the uri() transform. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in alpha and might change without notice. If this + command fails with API permission errors despite specifying the correct + project, you might be trying to access an API with an invitation-only early + access allowlist. + diff --git a/gcloud/alpha/container/hub/scopes/help b/gcloud/alpha/container/hub/scopes/help index b728612fc..5b1554a0c 100644 --- a/gcloud/alpha/container/hub/scopes/help +++ b/gcloud/alpha/container/hub/scopes/help @@ -43,6 +43,9 @@ COMMANDS list (ALPHA) List fleet scopes in a project. + list-memberships + (ALPHA) List memberships bound to a fleet scope. + remove-iam-policy-binding (ALPHA) Remove IAM policy binding of a Fleet Scope. diff --git a/gcloud/alpha/container/hub/scopes/list-memberships b/gcloud/alpha/container/hub/scopes/list-memberships new file mode 100644 index 000000000..0b3ef2e09 --- /dev/null +++ b/gcloud/alpha/container/hub/scopes/list-memberships @@ -0,0 +1,91 @@ +NAME + gcloud alpha container hub scopes list-memberships - list memberships bound + to a fleet scope + +SYNOPSIS + gcloud alpha container hub scopes list-memberships SCOPE + [--filter=EXPRESSION] [--limit=LIMIT] [--page-size=PAGE_SIZE] + [--sort-by=[FIELD,...]] [--uri] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (ALPHA) This command can fail for the following reasons: + ▪ The scope specified does not exist. + ▪ The user does not have access to the specified scope. + +EXAMPLES + The following command lists memberships bound to scope SCOPE in project + PROJECT_ID: + + $ gcloud alpha container hub scopes list-memberships SCOPE \ + --project=PROJECT_ID + +POSITIONAL ARGUMENTS + Scope resource - The group of arguments defining the Fleet Scope. This + represents a Cloud resource. (NOTE) Some attributes are not given + arguments in this group but can be set in other ways. + + To set the project attribute: + ◆ provide the argument SCOPE on the command line with a fully specified + name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + To set the location attribute: + ◆ provide the argument SCOPE on the command line with a fully specified + name; + ◆ global is the only supported location. + + This must be specified. + + SCOPE + ID of the scope or fully qualified identifier for the scope. + + To set the scope attribute: + ▸ provide the argument SCOPE on the command line. + +LIST COMMAND FLAGS + --filter=EXPRESSION + Apply a Boolean filter EXPRESSION to each resource item to be listed. + If the expression evaluates True, then that item is listed. For more + details and examples of filter expressions, run $ gcloud topic filters. + This flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --limit=LIMIT + Maximum number of resources to list. The default is unlimited. This + flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --page-size=PAGE_SIZE + Some services group resource list output into pages. This flag + specifies the maximum number of resources per page. The default is + determined by the service if it supports paging, otherwise it is + unlimited (no paging). Paging may be applied before or after --filter + and --limit depending on the service. + + --sort-by=[FIELD,...] + Comma-separated list of resource field key names to sort by. The + default order is ascending. Prefix a field with ``~'' for descending + order on that field. This flag interacts with other flags that are + applied in this order: --flatten, --sort-by, --filter, --limit. + + --uri + Print a list of resource URIs instead of the default output, and change + the command output to a list of URIs. If this flag is used with + --format, the formatting is applied on this URI list. To display URIs + alongside other keys instead, use the uri() transform. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in alpha and might change without notice. If this + command fails with API permission errors despite specifying the correct + project, you might be trying to access an API with an invitation-only early + access allowlist. + diff --git a/gcloud/alpha/monitoring/uptime/list-ips b/gcloud/alpha/monitoring/uptime/list-ips index 78786c041..033a6c1cf 100644 --- a/gcloud/alpha/monitoring/uptime/list-ips +++ b/gcloud/alpha/monitoring/uptime/list-ips @@ -2,7 +2,9 @@ NAME gcloud alpha monitoring uptime list-ips - list uptime check server ips SYNOPSIS - gcloud alpha monitoring uptime list-ips [GCLOUD_WIDE_FLAG ...] + gcloud alpha monitoring uptime list-ips [--filter=EXPRESSION] + [--limit=LIMIT] [--page-size=PAGE_SIZE] [--sort-by=[FIELD,...]] [--uri] + [GCLOUD_WIDE_FLAG ...] DESCRIPTION (ALPHA) List uptime check egress ips. @@ -15,6 +17,38 @@ EXAMPLES More information can be found at https://cloud.google.com/monitoring/uptime-checks/using-uptime-checks +LIST COMMAND FLAGS + --filter=EXPRESSION + Apply a Boolean filter EXPRESSION to each resource item to be listed. + If the expression evaluates True, then that item is listed. For more + details and examples of filter expressions, run $ gcloud topic filters. + This flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --limit=LIMIT + Maximum number of resources to list. The default is unlimited. This + flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --page-size=PAGE_SIZE + Some services group resource list output into pages. This flag + specifies the maximum number of resources per page. The default is + determined by the service if it supports paging, otherwise it is + unlimited (no paging). Paging may be applied before or after --filter + and --limit depending on the service. + + --sort-by=[FIELD,...] + Comma-separated list of resource field key names to sort by. The + default order is ascending. Prefix a field with ``~'' for descending + order on that field. This flag interacts with other flags that are + applied in this order: --flatten, --sort-by, --filter, --limit. + + --uri + Print a list of resource URIs instead of the default output, and change + the command output to a list of URIs. If this flag is used with + --format, the formatting is applied on this URI list. To display URIs + alongside other keys instead, use the uri() transform. + GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, diff --git a/gcloud/alpha/network-security/firewall-endpoint-associations/create b/gcloud/alpha/network-security/firewall-endpoint-associations/create index 8d248579c..28a3779d2 100644 --- a/gcloud/alpha/network-security/firewall-endpoint-associations/create +++ b/gcloud/alpha/network-security/firewall-endpoint-associations/create @@ -161,7 +161,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud network-security firewall-endpoint-associations create $ gcloud beta network-security firewall-endpoint-associations create diff --git a/gcloud/alpha/network-security/firewall-endpoint-associations/delete b/gcloud/alpha/network-security/firewall-endpoint-associations/delete index a4884896c..4228c082c 100644 --- a/gcloud/alpha/network-security/firewall-endpoint-associations/delete +++ b/gcloud/alpha/network-security/firewall-endpoint-associations/delete @@ -81,7 +81,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud network-security firewall-endpoint-associations delete $ gcloud beta network-security firewall-endpoint-associations delete diff --git a/gcloud/alpha/network-security/firewall-endpoint-associations/describe b/gcloud/alpha/network-security/firewall-endpoint-associations/describe index bd09ca1b4..7b9841c73 100644 --- a/gcloud/alpha/network-security/firewall-endpoint-associations/describe +++ b/gcloud/alpha/network-security/firewall-endpoint-associations/describe @@ -68,7 +68,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud network-security firewall-endpoint-associations describe $ gcloud beta network-security firewall-endpoint-associations \ describe diff --git a/gcloud/alpha/network-security/firewall-endpoint-associations/help b/gcloud/alpha/network-security/firewall-endpoint-associations/help index 044b2796e..03f3fff09 100644 --- a/gcloud/alpha/network-security/firewall-endpoint-associations/help +++ b/gcloud/alpha/network-security/firewall-endpoint-associations/help @@ -36,7 +36,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud network-security firewall-endpoint-associations $ gcloud beta network-security firewall-endpoint-associations diff --git a/gcloud/alpha/network-security/firewall-endpoint-associations/list b/gcloud/alpha/network-security/firewall-endpoint-associations/list index 375d5cf7e..b583f759f 100644 --- a/gcloud/alpha/network-security/firewall-endpoint-associations/list +++ b/gcloud/alpha/network-security/firewall-endpoint-associations/list @@ -73,7 +73,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud network-security firewall-endpoint-associations list $ gcloud beta network-security firewall-endpoint-associations list diff --git a/gcloud/alpha/network-security/firewall-endpoint-associations/update b/gcloud/alpha/network-security/firewall-endpoint-associations/update index 263b951c3..1dcdaf8b1 100644 --- a/gcloud/alpha/network-security/firewall-endpoint-associations/update +++ b/gcloud/alpha/network-security/firewall-endpoint-associations/update @@ -180,7 +180,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud network-security firewall-endpoint-associations update $ gcloud beta network-security firewall-endpoint-associations update diff --git a/gcloud/alpha/network-security/firewall-endpoints/create b/gcloud/alpha/network-security/firewall-endpoints/create index 244e9d39c..f87295be4 100644 --- a/gcloud/alpha/network-security/firewall-endpoints/create +++ b/gcloud/alpha/network-security/firewall-endpoints/create @@ -100,7 +100,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud network-security firewall-endpoints create $ gcloud beta network-security firewall-endpoints create diff --git a/gcloud/alpha/network-security/firewall-endpoints/delete b/gcloud/alpha/network-security/firewall-endpoints/delete index 7263151a1..2fe582798 100644 --- a/gcloud/alpha/network-security/firewall-endpoints/delete +++ b/gcloud/alpha/network-security/firewall-endpoints/delete @@ -82,7 +82,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud network-security firewall-endpoints delete $ gcloud beta network-security firewall-endpoints delete diff --git a/gcloud/alpha/network-security/firewall-endpoints/describe b/gcloud/alpha/network-security/firewall-endpoints/describe index 71535882e..c0c3beb00 100644 --- a/gcloud/alpha/network-security/firewall-endpoints/describe +++ b/gcloud/alpha/network-security/firewall-endpoints/describe @@ -69,7 +69,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud network-security firewall-endpoints describe $ gcloud beta network-security firewall-endpoints describe diff --git a/gcloud/alpha/network-security/firewall-endpoints/help b/gcloud/alpha/network-security/firewall-endpoints/help index 89e3f053f..638ddd24a 100644 --- a/gcloud/alpha/network-security/firewall-endpoints/help +++ b/gcloud/alpha/network-security/firewall-endpoints/help @@ -36,7 +36,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud network-security firewall-endpoints $ gcloud beta network-security firewall-endpoints diff --git a/gcloud/alpha/network-security/firewall-endpoints/list b/gcloud/alpha/network-security/firewall-endpoints/list index 9e9a4c575..47a7112aa 100644 --- a/gcloud/alpha/network-security/firewall-endpoints/list +++ b/gcloud/alpha/network-security/firewall-endpoints/list @@ -70,7 +70,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud network-security firewall-endpoints list $ gcloud beta network-security firewall-endpoints list diff --git a/gcloud/alpha/network-security/firewall-endpoints/update b/gcloud/alpha/network-security/firewall-endpoints/update index a28d4586d..90a384119 100644 --- a/gcloud/alpha/network-security/firewall-endpoints/update +++ b/gcloud/alpha/network-security/firewall-endpoints/update @@ -129,7 +129,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud network-security firewall-endpoints update $ gcloud beta network-security firewall-endpoints update diff --git a/gcloud/alpha/network-security/security-profile-groups/create b/gcloud/alpha/network-security/security-profile-groups/create index 4904539a7..f330f56ef 100644 --- a/gcloud/alpha/network-security/security-profile-groups/create +++ b/gcloud/alpha/network-security/security-profile-groups/create @@ -133,7 +133,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud network-security security-profile-groups create $ gcloud beta network-security security-profile-groups create diff --git a/gcloud/alpha/network-security/security-profile-groups/delete b/gcloud/alpha/network-security/security-profile-groups/delete index f6da8b291..98ba19ea6 100644 --- a/gcloud/alpha/network-security/security-profile-groups/delete +++ b/gcloud/alpha/network-security/security-profile-groups/delete @@ -72,7 +72,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud network-security security-profile-groups delete $ gcloud beta network-security security-profile-groups delete diff --git a/gcloud/alpha/network-security/security-profile-groups/describe b/gcloud/alpha/network-security/security-profile-groups/describe index 78c1e3377..b7cbafec0 100644 --- a/gcloud/alpha/network-security/security-profile-groups/describe +++ b/gcloud/alpha/network-security/security-profile-groups/describe @@ -68,7 +68,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud network-security security-profile-groups describe $ gcloud beta network-security security-profile-groups describe diff --git a/gcloud/alpha/network-security/security-profile-groups/help b/gcloud/alpha/network-security/security-profile-groups/help index e3ae0f740..51c31df36 100644 --- a/gcloud/alpha/network-security/security-profile-groups/help +++ b/gcloud/alpha/network-security/security-profile-groups/help @@ -36,7 +36,8 @@ EXAMPLES $ gcloud alpha network-security security-profile-groups describe \ my-security-profile-group --organization=1234 --location=global - To list Security Profile Groups in specifed location and organization, run: + To list Security Profile Groups in specified location and organization, + run: $ gcloud alpha network-security security-profile-groups list \ --location=global @@ -79,7 +80,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud network-security security-profile-groups $ gcloud beta network-security security-profile-groups diff --git a/gcloud/alpha/network-security/security-profile-groups/list b/gcloud/alpha/network-security/security-profile-groups/list index 192974f13..6865ca032 100644 --- a/gcloud/alpha/network-security/security-profile-groups/list +++ b/gcloud/alpha/network-security/security-profile-groups/list @@ -89,7 +89,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud network-security security-profile-groups list $ gcloud beta network-security security-profile-groups list diff --git a/gcloud/alpha/network-security/security-profile-groups/update b/gcloud/alpha/network-security/security-profile-groups/update index 4b5b709ca..60d2c0778 100644 --- a/gcloud/alpha/network-security/security-profile-groups/update +++ b/gcloud/alpha/network-security/security-profile-groups/update @@ -152,7 +152,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud network-security security-profile-groups update $ gcloud beta network-security security-profile-groups update diff --git a/gcloud/alpha/network-security/security-profiles/help b/gcloud/alpha/network-security/security-profiles/help index 15750812f..667e3eaa9 100644 --- a/gcloud/alpha/network-security/security-profiles/help +++ b/gcloud/alpha/network-security/security-profiles/help @@ -24,7 +24,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud network-security security-profiles $ gcloud beta network-security security-profiles diff --git a/gcloud/alpha/network-security/security-profiles/threat-prevention/add-override b/gcloud/alpha/network-security/security-profiles/threat-prevention/add-override index 6f1bec018..a17853417 100644 --- a/gcloud/alpha/network-security/security-profiles/threat-prevention/add-override +++ b/gcloud/alpha/network-security/security-profiles/threat-prevention/add-override @@ -128,7 +128,10 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud network-security security-profiles threat-prevention \ + add-override $ gcloud beta network-security security-profiles threat-prevention \ add-override diff --git a/gcloud/alpha/network-security/security-profiles/threat-prevention/create b/gcloud/alpha/network-security/security-profiles/threat-prevention/create index c6cba500d..fb59f5999 100644 --- a/gcloud/alpha/network-security/security-profiles/threat-prevention/create +++ b/gcloud/alpha/network-security/security-profiles/threat-prevention/create @@ -79,7 +79,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud network-security security-profiles threat-prevention create $ gcloud beta network-security security-profiles threat-prevention \ create diff --git a/gcloud/alpha/network-security/security-profiles/threat-prevention/delete b/gcloud/alpha/network-security/security-profiles/threat-prevention/delete index 71b44352d..b3045584f 100644 --- a/gcloud/alpha/network-security/security-profiles/threat-prevention/delete +++ b/gcloud/alpha/network-security/security-profiles/threat-prevention/delete @@ -71,7 +71,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud network-security security-profiles threat-prevention delete $ gcloud beta network-security security-profiles threat-prevention \ delete diff --git a/gcloud/alpha/network-security/security-profiles/threat-prevention/delete-override b/gcloud/alpha/network-security/security-profiles/threat-prevention/delete-override index b68837de7..c9796871f 100644 --- a/gcloud/alpha/network-security/security-profiles/threat-prevention/delete-override +++ b/gcloud/alpha/network-security/security-profiles/threat-prevention/delete-override @@ -123,7 +123,10 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud network-security security-profiles threat-prevention \ + delete-override $ gcloud beta network-security security-profiles threat-prevention \ delete-override diff --git a/gcloud/alpha/network-security/security-profiles/threat-prevention/help b/gcloud/alpha/network-security/security-profiles/threat-prevention/help index c02148540..5669e8f73 100644 --- a/gcloud/alpha/network-security/security-profiles/threat-prevention/help +++ b/gcloud/alpha/network-security/security-profiles/threat-prevention/help @@ -11,7 +11,7 @@ DESCRIPTION EXAMPLES To create a Security Profile with the name my-security-profile which - includes location as global or region specifed and organization ID, + includes location as global or region specified and organization ID, optional description as New Security Profile, run: $ gcloud alpha network-security security-profiles \ @@ -65,13 +65,13 @@ EXAMPLES the changes should apply, location either global or region specified and security_profile_id the Security Profile Identifier. - To list Security Profiles in specifed location and organization, run: + To list Security Profiles in specified location and organization, run: $ gcloud alpha network-security security-profiles \ threat-prevention list --location=global To delete a Security Profile called my-security-profile which includes - location as global or region specifed and organization ID, run: + location as global or region specified and organization ID, run: $ gcloud alpha network-security security-profiles \ threat-prevention delete my-security-profile @@ -109,7 +109,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud network-security security-profiles threat-prevention $ gcloud beta network-security security-profiles threat-prevention diff --git a/gcloud/alpha/network-security/security-profiles/threat-prevention/list b/gcloud/alpha/network-security/security-profiles/threat-prevention/list index e179f2a02..cf8a55377 100644 --- a/gcloud/alpha/network-security/security-profiles/threat-prevention/list +++ b/gcloud/alpha/network-security/security-profiles/threat-prevention/list @@ -89,7 +89,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud network-security security-profiles threat-prevention list $ gcloud beta network-security security-profiles threat-prevention \ list diff --git a/gcloud/alpha/network-security/security-profiles/threat-prevention/list-overrides b/gcloud/alpha/network-security/security-profiles/threat-prevention/list-overrides index 8e0b056de..f495d24bb 100644 --- a/gcloud/alpha/network-security/security-profiles/threat-prevention/list-overrides +++ b/gcloud/alpha/network-security/security-profiles/threat-prevention/list-overrides @@ -70,7 +70,10 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud network-security security-profiles threat-prevention \ + list-overrides $ gcloud beta network-security security-profiles threat-prevention \ list-overrides diff --git a/gcloud/alpha/network-security/security-profiles/threat-prevention/update-override b/gcloud/alpha/network-security/security-profiles/threat-prevention/update-override index 174fb41de..2b87713af 100644 --- a/gcloud/alpha/network-security/security-profiles/threat-prevention/update-override +++ b/gcloud/alpha/network-security/security-profiles/threat-prevention/update-override @@ -128,7 +128,10 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud network-security security-profiles threat-prevention \ + update-override $ gcloud beta network-security security-profiles threat-prevention \ update-override diff --git a/gcloud/alpha/projects/create b/gcloud/alpha/projects/create index abb9e7b84..39cff2d37 100644 --- a/gcloud/alpha/projects/create +++ b/gcloud/alpha/projects/create @@ -70,6 +70,8 @@ FLAGS Example: 123/environment=production,123/costCenter=marketing + Note: Currently this field is in Preview. + GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, diff --git a/gcloud/alpha/pubsub/topics/create b/gcloud/alpha/pubsub/topics/create index 5ea95d8b5..e881dcda0 100644 --- a/gcloud/alpha/pubsub/topics/create +++ b/gcloud/alpha/pubsub/topics/create @@ -6,6 +6,10 @@ SYNOPSIS gcloud alpha pubsub topics create TOPIC [TOPIC ...] [--labels=[KEY=VALUE,...]] [--message-retention-duration=MESSAGE_RETENTION_DURATION] + [--kinesis-ingestion-consumer-arn=KINESIS_INGESTION_CONSUMER_ARN + --kinesis-ingestion-role-arn=KINESIS_INGESTION_ROLE_ARN + --kinesis-ingestion-service-account=KINESIS_INGESTION_SERVICE_ACCOUNT + --kinesis-ingestion-stream-arn=KINESIS_INGESTION_STREAM_ARN] [--message-encoding=ENCODING (--schema=SCHEMA : --schema-project=SCHEMA_PROJECT) : --first-revision-id=FIRST_REVISION_ID @@ -66,6 +70,36 @@ FLAGS is one of "s", "m", "h", and "d" for seconds, minutes, hours, and days, respectively. If the unit is omitted, seconds is assumed. + The following flags are for specifying ingestion settings for an import + topic from Amazon Web Services (AWS) Kinesis Data Streams + + --kinesis-ingestion-consumer-arn=KINESIS_INGESTION_CONSUMER_ARN + The Kinesis data streams consumer Amazon Resource Name (ARN) to use + for ingestion. + + This flag argument must be specified if any of the other arguments in + this group are specified. + + --kinesis-ingestion-role-arn=KINESIS_INGESTION_ROLE_ARN + AWS role ARN to be used for Federated Identity authentication with + Kinesis. + + This flag argument must be specified if any of the other arguments in + this group are specified. + + --kinesis-ingestion-service-account=KINESIS_INGESTION_SERVICE_ACCOUNT + The service account to be used for Federated Identity authentication + with Kinesis. + + This flag argument must be specified if any of the other arguments in + this group are specified. + + --kinesis-ingestion-stream-arn=KINESIS_INGESTION_STREAM_ARN + The Kinesis data stream ARN from which to ingest data. + + This flag argument must be specified if any of the other arguments in + this group are specified. + Schema settings. The schema that messages published to this topic must conform to and the expected message encoding. diff --git a/gcloud/alpha/pubsub/topics/update b/gcloud/alpha/pubsub/topics/update index 4ffef78b0..4fe84d8d9 100644 --- a/gcloud/alpha/pubsub/topics/update +++ b/gcloud/alpha/pubsub/topics/update @@ -3,6 +3,11 @@ NAME SYNOPSIS gcloud alpha pubsub topics update TOPIC [--update-labels=[KEY=VALUE,...]] + [--clear-ingestion-data-source-settings + | --kinesis-ingestion-consumer-arn=KINESIS_INGESTION_CONSUMER_ARN + --kinesis-ingestion-role-arn=KINESIS_INGESTION_ROLE_ARN + --kinesis-ingestion-service-account=KINESIS_INGESTION_SERVICE_ACCOUNT + --kinesis-ingestion-stream-arn=KINESIS_INGESTION_STREAM_ARN] [--clear-labels | --remove-labels=[KEY,...]] [--clear-message-retention-duration | --message-retention-duration=MESSAGE_RETENTION_DURATION] @@ -102,6 +107,45 @@ FLAGS contain only hyphens (-), underscores (_), lowercase characters, and numbers. + Specify either --clear-ingestion-data-source-settings or a new ingestion + source. + + At most one of these can be specified: + + --clear-ingestion-data-source-settings + If set, clear the Ingestion Data Source Settings from the topic. Use + --no-clear-ingestion-data-source-settings to disable this flag. + + The following flags are for specifying ingestion settings for an import + topic from Amazon Web Services (AWS) Kinesis Data Streams + + --kinesis-ingestion-consumer-arn=KINESIS_INGESTION_CONSUMER_ARN + The Kinesis data streams consumer Amazon Resource Name (ARN) to use + for ingestion. + + This flag argument must be specified if any of the other arguments + in this group are specified. + + --kinesis-ingestion-role-arn=KINESIS_INGESTION_ROLE_ARN + AWS role ARN to be used for Federated Identity authentication with + Kinesis. + + This flag argument must be specified if any of the other arguments + in this group are specified. + + --kinesis-ingestion-service-account=KINESIS_INGESTION_SERVICE_ACCOUNT + The service account to be used for Federated Identity + authentication with Kinesis. + + This flag argument must be specified if any of the other arguments + in this group are specified. + + --kinesis-ingestion-stream-arn=KINESIS_INGESTION_STREAM_ARN + The Kinesis data stream ARN from which to ingest data. + + This flag argument must be specified if any of the other arguments + in this group are specified. + At most one of these can be specified: --clear-labels diff --git a/gcloud/alpha/recaptcha/keys/create b/gcloud/alpha/recaptcha/keys/create index f820fa493..204e98287 100644 --- a/gcloud/alpha/recaptcha/keys/create +++ b/gcloud/alpha/recaptcha/keys/create @@ -204,6 +204,9 @@ OPTIONAL FLAGS --waf-service=WAF_SERVICE The WAF service provider to use. WAF_SERVICE must be one of: + akamai + Akamai + ca Cloud Armor diff --git a/gcloud/alpha/redis/clusters/create b/gcloud/alpha/redis/clusters/create index 1225bf616..d31bbc603 100644 --- a/gcloud/alpha/redis/clusters/create +++ b/gcloud/alpha/redis/clusters/create @@ -6,7 +6,8 @@ SYNOPSIS gcloud alpha redis clusters create (CLUSTER : --region=REGION) --network=NETWORK --shard-count=SHARD_COUNT [--async] [--auth-mode=AUTH_MODE] [--replica-count=REPLICA_COUNT] - [--transit-encryption-mode=TRANSIT_ENCRYPTION_MODE] + [--transit-encryption-mode=TRANSIT_ENCRYPTION_MODE] [--zone=ZONE] + [--zone-distribution-mode=ZONE_DISTRIBUTION_MODE] [GCLOUD_WIDE_FLAG ...] DESCRIPTION @@ -112,6 +113,20 @@ OPTIONAL FLAGS The cluster uses server managed encryption for in-transit encryption. + --zone=ZONE + The zone used to allocate the cluster nodes. Applicable only if the + zone-distribution-mode is set to single-zone. + + --zone-distribution-mode=ZONE_DISTRIBUTION_MODE + Determines how the cluster nodes are distributed across zones. + ZONE_DISTRIBUTION_MODE must be one of: + + multi-zone + Allocate cluster nodes across multiple zones. + + single-zone + Allocate cluster nodes in a single zone. + GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, diff --git a/gcloud/alpha/resource-manager/folders/create b/gcloud/alpha/resource-manager/folders/create index cd46b4dde..d29fdb839 100644 --- a/gcloud/alpha/resource-manager/folders/create +++ b/gcloud/alpha/resource-manager/folders/create @@ -43,6 +43,8 @@ OPTIONAL FLAGS Example: 123/environment=production,123/costCenter=marketing + Note: Currently this field is in Preview. + GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, diff --git a/gcloud/alpha/run/jobs/create b/gcloud/alpha/run/jobs/create index 8e027c751..b14ab64ac 100644 --- a/gcloud/alpha/run/jobs/create +++ b/gcloud/alpha/run/jobs/create @@ -10,9 +10,12 @@ SYNOPSIS [--set-cloudsql-instances=[CLOUDSQL-INSTANCES,...]] [--task-timeout=TASK_TIMEOUT] [--tasks=TASKS; default=1] [--vpc-connector=VPC_CONNECTOR] [--vpc-egress=VPC_EGRESS] - [--args=[ARG,...] --command=[COMMAND,...] --cpu=CPU - --depends-on=[CONTAINER,...] - --image=IMAGE --memory=MEMORY --clear-env-vars + [--add-volume=[KEY=VALUE,...] + --clear-volumes --remove-volume=[VOLUME,...]] + [--add-volume-mount=[volume=NAME,mount-path=MOUNT_PATH,...] + --args=[ARG,...] --clear-volume-mounts --command=[COMMAND,...] + --cpu=CPU --depends-on=[CONTAINER,...] --image=IMAGE --memory=MEMORY + --remove-volume-mount=[MOUNT_PATH,...] --clear-env-vars | --env-vars-file=FILE_PATH | --set-env-vars=[KEY=VALUE,...] | --remove-env-vars=[KEY,...] --update-env-vars=[KEY=VALUE,...] --clear-secrets @@ -141,10 +144,65 @@ FLAGS https://cloud.google.com/run/docs/securing/private-networking#send_requests_to_other_services_and_services for more information. + --add-volume=[KEY=VALUE,...] + Adds a volume to the Cloud Run resource. To add more than one volume, + specify this flag multiple times. Volumes must have a name and type + key. Only certain values are supported for type. Depending on the + provided type, other keys will be required. The following types are + supported with the specified additional keys: + + cloud-storage: A volume representing a Cloud Storage bucket. This + volume type is mounted using Cloud Storage FUSE. See + https://cloud.google.com/storage/docs/gcs-fuse for the details and + limitations of this filesystem. Additional keys: + ◆ bucket: (required) the name of the bucket to use as the source of + this volume + ◆ readonly: (optional) A boolean. If true, this volume will be + read-only from all mounts. + + in-memory: An ephemeral volume that stores data in the instance's + memory. With this type of volume, data is not shared between instances + and all data will be lost when the instance it is on is terminated. + Additional keys: + ◆ size-limit: (optional) A quantity representing the maximum amount + of memory allocated to this volume, such as "512Mi" or "3G". Data + stored in an in-memory volume consumes the memory allocation of the + container that wrote the data. If size-limit is not specified, the + maximum size will be half the total memory limit of all containers. + + nfs: Represents a volume backed by an NFS server. Additional keys: + ◆ location: (required) The location of the NFS Server, in the form + SERVER:/PATH + ◆ readonly: (optional) A boolean. If true, this volume will be + read-only from all mounts. + + secret: Represents a secret stored in Secret Manager as a volume. + Additional keys: + ◆ secret: (required) The name of the secret in Secret Manager. Must + be a secret in the same project being deployed or be an alias mapped + in the run.googleapis.com/secrets annotation. + ◆ version: (required) The version of the secret to make available in + the volume. + ◆ path: (required) The relative path within the volume to mount that + version. + + --clear-volumes + Remove all existing volumes from the Cloud Run resource, including + volumes mounted as secrets + + --remove-volume=[VOLUME,...] + Removes volumes from the Cloud Run resource. + Container Flags If the --container is specified the following arguments may only be specified after a --container flag. + --add-volume-mount=[volume=NAME,mount-path=MOUNT_PATH,...] + Adds a mount to the current container. Must contain the keys + volume=NAME and mount-path=/PATH where NAME is the name of a volume + on this resource and PATH is the path within the container's + filesystem to mount this volume. + --args=[ARG,...] Comma-separated arguments passed to the command run by the container image. If not specified and no '--command' is provided, @@ -152,6 +210,9 @@ FLAGS specified, no arguments are passed. To reset this field to its default, pass an empty string. + --clear-volume-mounts + Remove all existing mounts from the current container. + --command=[COMMAND,...] Entrypoint for the container image. If not specified, the container image's default Entrypoint is run. To reset this field to its @@ -177,6 +238,10 @@ FLAGS --memory=MEMORY Set a memory limit. Ex: 1024Mi, 4Gi. + --remove-volume-mount=[MOUNT_PATH,...] + Removes the volume mounted at the specified path from the current + container. + At most one of these can be specified: --clear-env-vars diff --git a/gcloud/alpha/sql/instances/switchover b/gcloud/alpha/sql/instances/switchover index 004b46585..468817e09 100644 --- a/gcloud/alpha/sql/instances/switchover +++ b/gcloud/alpha/sql/instances/switchover @@ -4,7 +4,7 @@ NAME SYNOPSIS gcloud alpha sql instances switchover REPLICA [--async] - [GCLOUD_WIDE_FLAG ...] + [--db-timeout=DB_TIMEOUT] [GCLOUD_WIDE_FLAG ...] DESCRIPTION (ALPHA) Switches over a Cloud SQL instance to one of its replicas. Only @@ -24,6 +24,11 @@ FLAGS Return immediately, without waiting for the operation in progress to complete. + --db-timeout=DB_TIMEOUT + (MySQL only) Cloud SQL instance operations timeout, which is the sum of + all database operations. Default value is 10 minutes and can be + modified to a maximum value of 24h. + GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, diff --git a/gcloud/alpha/transfer/jobs/create b/gcloud/alpha/transfer/jobs/create index cbe2dec91..43c97e7f0 100644 --- a/gcloud/alpha/transfer/jobs/create +++ b/gcloud/alpha/transfer/jobs/create @@ -90,6 +90,17 @@ POSITIONAL ARGUMENTS A file transfer agent must be installed on the POSIX filesystem, and you need an agent pool flag on this jobs command to activate the agent. + Hadoop Distributed File System (HDFS) - Specify the hdfs:// scheme + followed by the absolute path to the desired directory, starting from + the root of the file system (denoted by a leading slash). For example: + ◆ hdfs:///path/directory/ + + Namenode details should not be included in the path specification, as + they are required separately during the agent installation process. + + A file transfer agent must be installed, and you need an agent pool + flag on this jobs command to activate the agent. + Publicly-accessible objects - Specify the URL of a TSV file containing a list of URLs of publicly-accessible objects. For example: ◆ http://example.com/tsvfile diff --git a/gcloud/alpha/transfer/jobs/update b/gcloud/alpha/transfer/jobs/update index a9bea3ad1..d20df25ed 100644 --- a/gcloud/alpha/transfer/jobs/update +++ b/gcloud/alpha/transfer/jobs/update @@ -100,6 +100,18 @@ FLAGS you need an agent pool flag on this jobs command to activate the agent. + Hadoop Distributed File System (HDFS) - Specify the hdfs:// scheme + followed by the absolute path to the desired directory, starting from + the root of the file system (denoted by a leading slash). For + example: + ▸ hdfs:///path/directory/ + + Namenode details should not be included in the path specification, as + they are required separately during the agent installation process. + + A file transfer agent must be installed, and you need an agent pool + flag on this jobs command to activate the agent. + Publicly-accessible objects - Specify the URL of a TSV file containing a list of URLs of publicly-accessible objects. For example: diff --git a/gcloud/beta/bigtable/app-profiles/create b/gcloud/beta/bigtable/app-profiles/create index a198d7c30..87cc572eb 100644 --- a/gcloud/beta/bigtable/app-profiles/create +++ b/gcloud/beta/bigtable/app-profiles/create @@ -7,8 +7,10 @@ SYNOPSIS (APP_PROFILE : --instance=INSTANCE) ([--route-any : --restrict-to=[RESTRICT_TO,...]] | [--route-to=ROUTE_TO : --transactional-writes]) - [--description=DESCRIPTION] [--force] [--priority=PRIORITY] - [GCLOUD_WIDE_FLAG ...] + [--description=DESCRIPTION] [--force] + [--data-boost + --data-boost-compute-billing-owner=DATA_BOOST_COMPUTE_BILLING_OWNER + | [--priority=PRIORITY : --standard]] [GCLOUD_WIDE_FLAG ...] DESCRIPTION (BETA) Create a new Bigtable app profile. @@ -37,6 +39,13 @@ EXAMPLES $ gcloud beta bigtable app-profiles create my-app-profile-id \ --instance=my-instance-id --route-any --priority=PRIORITY_MEDIUM + To create an app profile with Data Boost enabled which bills usage to the + host project, run: + + $ gcloud beta bigtable app-profiles create my-app-profile-id \ + --instance=my-instance-id --data-boost \ + --data-boost-compute-billing-owner=HOST_PAYS + POSITIONAL ARGUMENTS App profile resource - The app profile to create. The arguments in this group can be used to specify the attributes of this resource. (NOTE) Some @@ -102,16 +111,57 @@ OPTIONAL FLAGS --force Ignore warnings and force create. - --priority=PRIORITY - Specify the request priority. If not specified, the app profile uses - PRIORITY_HIGH by default. PRIORITY must be one of: + At most one of these can be specified: - PRIORITY_HIGH - Requests are treated with high priority. - PRIORITY_LOW - Requests are treated with low priority. - PRIORITY_MEDIUM - Requests are treated with medium priority. + Data Boost Read-only Isolation + + --data-boost + Use Data Boost Read-only Isolation, rather than Standard Isolation. + If specified, --data-boost-compute-billing-owner is required. + Specifying Data Boost Read-only Isolation on an app profile which + has Standard Isolation enabled may cause unexpected behavior for + running applications. + + This flag argument must be specified if any of the other arguments + in this group are specified. + + --data-boost-compute-billing-owner=DATA_BOOST_COMPUTE_BILLING_OWNER + Specify the Data Boost Compute Billing Owner, required if + --data-boost is passed. DATA_BOOST_COMPUTE_BILLING_OWNER must be + (only one value is supported): + + HOST_PAYS + Compute Billing should be accounted towards the host Cloud + Project (containing the targeted Bigtable Instance / Table). + + This flag argument must be specified if any of the other arguments + in this group are specified. + + Standard Isolation + + --priority=PRIORITY + Specify the request priority under Standard Isolation. Passing this + option implies Standard Isolation, e.g. the --standard option. If + not specified, the app profile uses Standard Isolation with + PRIORITY_HIGH by default. Specifying request priority on an app + profile that has Data Boost Read-Only Isolation enabled will change + the isolation to Standard and use the specified priority, which may + cause unexpected behavior for running applications. PRIORITY must + be one of: + + PRIORITY_HIGH + Requests are treated with high priority. + PRIORITY_LOW + Requests are treated with low priority. + PRIORITY_MEDIUM + Requests are treated with medium priority. + + This flag argument must be specified if any of the other arguments + in this group are specified. + + --standard + Use Standard Isolation, rather than Data Boost Read-only Isolation. + If specified, --priority is required. GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, diff --git a/gcloud/beta/bigtable/app-profiles/update b/gcloud/beta/bigtable/app-profiles/update index 0d4974000..fd0a6e906 100644 --- a/gcloud/beta/bigtable/app-profiles/update +++ b/gcloud/beta/bigtable/app-profiles/update @@ -4,7 +4,10 @@ NAME SYNOPSIS gcloud beta bigtable app-profiles update (APP_PROFILE : --instance=INSTANCE) [--async] - [--description=DESCRIPTION] [--force] [--priority=PRIORITY] + [--description=DESCRIPTION] [--force] + [--data-boost + --data-boost-compute-billing-owner=DATA_BOOST_COMPUTE_BILLING_OWNER + | [--priority=PRIORITY : --standard]] [[--route-any : --restrict-to=[RESTRICT_TO,...]] | [--route-to=ROUTE_TO : --transactional-writes]] [GCLOUD_WIDE_FLAG ...] @@ -35,6 +38,13 @@ EXAMPLES $ gcloud beta bigtable app-profiles update my-app-profile-id \ --instance=my-instance-id --priority=PRIORITY_LOW + To update an app profile to enable Data Boost which bills usage to the host + project, run: + + $ gcloud beta bigtable app-profiles update my-app-profile-id \ + --instance=my-instance-id --data-boost \ + --data-boost-compute-billing-owner=HOST_PAYS + POSITIONAL ARGUMENTS App profile resource - The app profile to update. The arguments in this group can be used to specify the attributes of this resource. (NOTE) Some @@ -78,16 +88,57 @@ FLAGS --force Ignore warnings and force update. - --priority=PRIORITY - Specify the request priority. If not specified, the app profile uses - PRIORITY_HIGH by default. PRIORITY must be one of: + At most one of these can be specified: - PRIORITY_HIGH - Requests are treated with high priority. - PRIORITY_LOW - Requests are treated with low priority. - PRIORITY_MEDIUM - Requests are treated with medium priority. + Data Boost Read-only Isolation + + --data-boost + Use Data Boost Read-only Isolation, rather than Standard Isolation. + If specified, --data-boost-compute-billing-owner is required. + Specifying Data Boost Read-only Isolation on an app profile which + has Standard Isolation enabled may cause unexpected behavior for + running applications. + + This flag argument must be specified if any of the other arguments + in this group are specified. + + --data-boost-compute-billing-owner=DATA_BOOST_COMPUTE_BILLING_OWNER + Specify the Data Boost Compute Billing Owner, required if + --data-boost is passed. DATA_BOOST_COMPUTE_BILLING_OWNER must be + (only one value is supported): + + HOST_PAYS + Compute Billing should be accounted towards the host Cloud + Project (containing the targeted Bigtable Instance / Table). + + This flag argument must be specified if any of the other arguments + in this group are specified. + + Standard Isolation + + --priority=PRIORITY + Specify the request priority under Standard Isolation. Passing this + option implies Standard Isolation, e.g. the --standard option. If + not specified, the app profile uses Standard Isolation with + PRIORITY_HIGH by default. Specifying request priority on an app + profile that has Data Boost Read-Only Isolation enabled will change + the isolation to Standard and use the specified priority, which may + cause unexpected behavior for running applications. PRIORITY must + be one of: + + PRIORITY_HIGH + Requests are treated with high priority. + PRIORITY_LOW + Requests are treated with low priority. + PRIORITY_MEDIUM + Requests are treated with medium priority. + + This flag argument must be specified if any of the other arguments + in this group are specified. + + --standard + Use Standard Isolation, rather than Data Boost Read-only Isolation. + If specified, --priority is required. At most one of these can be specified: diff --git a/gcloud/beta/compute/disks/create b/gcloud/beta/compute/disks/create index 55b3d7106..87fdee12f 100644 --- a/gcloud/beta/compute/disks/create +++ b/gcloud/beta/compute/disks/create @@ -13,7 +13,8 @@ SYNOPSIS [--provisioned-iops=PROVISIONED_IOPS] [--provisioned-throughput=PROVISIONED_THROUGHPUT] [--replica-zones=ZONE,ZONE] [--no-require-csek-key-create] - [--resource-policies=[RESOURCE_POLICY,...]] [--size=SIZE] [--type=TYPE] + [--resource-policies=[RESOURCE_POLICY,...]] [--size=SIZE] + [--storage-pool=STORAGE_POOL] [--type=TYPE] [--image-family-scope=IMAGE_FAMILY_SCOPE --image-project=IMAGE_PROJECT --image=IMAGE | --image-family=IMAGE_FAMILY | --primary-disk=PRIMARY_DISK @@ -167,6 +168,9 @@ FLAGS will be used. For details about disk size limits, refer to: https://cloud.google.com/compute/docs/disks + --storage-pool=STORAGE_POOL + Specifies the URI of the storage pool in which the disk is created. + --type=TYPE Specifies the type of disk to create. To get a list of available disk types, run gcloud compute disk-types list. The default disk type is diff --git a/gcloud/beta/compute/instance-templates/create b/gcloud/beta/compute/instance-templates/create index ef6d33986..9dc2e6bf2 100644 --- a/gcloud/beta/compute/instance-templates/create +++ b/gcloud/beta/compute/instance-templates/create @@ -260,6 +260,10 @@ FLAGS support. For available processor types on Compute Engine, see https://cloud.google.com/compute/docs/cpu-platforms. + storage-pool + The name of the storage pool in which the new disk is created. The + new disk and the storage pool must be in the same location. + boot If yes, indicates that this is a boot disk. The instance will use the first partition of the disk for its root file system. The diff --git a/gcloud/beta/compute/instance-templates/create-with-container b/gcloud/beta/compute/instance-templates/create-with-container index 7347bb255..813b75996 100644 --- a/gcloud/beta/compute/instance-templates/create-with-container +++ b/gcloud/beta/compute/instance-templates/create-with-container @@ -349,6 +349,10 @@ FLAGS support. For available processor types on Compute Engine, see https://cloud.google.com/compute/docs/cpu-platforms. + storage-pool + The name of the storage pool in which the new disk is created. The + new disk and the storage pool must be in the same location. + multi-writer If yes, the disk is created in multi-writer mode so that it can be attached with read-write access to two VMs. The default value is diff --git a/gcloud/beta/compute/instances/bulk/create b/gcloud/beta/compute/instances/bulk/create index bbc96660f..7ca1dbc01 100644 --- a/gcloud/beta/compute/instances/bulk/create +++ b/gcloud/beta/compute/instances/bulk/create @@ -287,6 +287,10 @@ OPTIONAL FLAGS support. For available processor types on Compute Engine, see https://cloud.google.com/compute/docs/cpu-platforms. + storage-pool + The name of the storage pool in which the new disk is created. The + new disk and the storage pool must be in the same location. + boot If yes, indicates that this is a boot disk. The instance will use the first partition of the disk for its root file system. The diff --git a/gcloud/beta/compute/instances/create b/gcloud/beta/compute/instances/create index 734652482..d3349ef07 100644 --- a/gcloud/beta/compute/instances/create +++ b/gcloud/beta/compute/instances/create @@ -281,6 +281,10 @@ FLAGS support. For available processor types on Compute Engine, see https://cloud.google.com/compute/docs/cpu-platforms. + storage-pool + The name of the storage pool in which the new disk is created. The + new disk and the storage pool must be in the same location. + boot If yes, indicates that this is a boot disk. The instance will use the first partition of the disk for its root file system. The diff --git a/gcloud/beta/compute/instances/create-with-container b/gcloud/beta/compute/instances/create-with-container index 400074ad3..f4da4e4bc 100644 --- a/gcloud/beta/compute/instances/create-with-container +++ b/gcloud/beta/compute/instances/create-with-container @@ -356,6 +356,10 @@ FLAGS support. For available processor types on Compute Engine, see https://cloud.google.com/compute/docs/cpu-platforms. + storage-pool + The name of the storage pool in which the new disk is created. The + new disk and the storage pool must be in the same location. + multi-writer If yes, the disk is created in multi-writer mode so that it can be attached with read-write access to two VMs. The default value is diff --git a/gcloud/beta/dataflow/flex-template/build b/gcloud/beta/dataflow/flex-template/build index e528310a5..694d65c20 100644 --- a/gcloud/beta/dataflow/flex-template/build +++ b/gcloud/beta/dataflow/flex-template/build @@ -29,7 +29,7 @@ DESCRIPTION (BETA) Builds a flex template file from the specified parameters. EXAMPLES - To build and store a the flex template json file, run: + To build and store a flex template JSON file, run: $ gcloud beta dataflow flex-template build \ gs://template-file-gcs-path --image=gcr://image-path \ @@ -46,7 +46,7 @@ EXAMPLES rets/password-secret/versions/latest" \ --metadata-file=metadata.json --sdk-language=JAVA - To build the template image and flex template json file, run: + To build the template image and flex template JSON file, run: $ gcloud beta dataflow flex-template build \ gs://template-file-gcs-path \ diff --git a/gcloud/beta/monitoring/uptime/list-ips b/gcloud/beta/monitoring/uptime/list-ips index 4b133bfcd..5c7f01571 100644 --- a/gcloud/beta/monitoring/uptime/list-ips +++ b/gcloud/beta/monitoring/uptime/list-ips @@ -2,7 +2,9 @@ NAME gcloud beta monitoring uptime list-ips - list uptime check server ips SYNOPSIS - gcloud beta monitoring uptime list-ips [GCLOUD_WIDE_FLAG ...] + gcloud beta monitoring uptime list-ips [--filter=EXPRESSION] + [--limit=LIMIT] [--page-size=PAGE_SIZE] [--sort-by=[FIELD,...]] [--uri] + [GCLOUD_WIDE_FLAG ...] DESCRIPTION (BETA) List uptime check egress ips. @@ -15,6 +17,38 @@ EXAMPLES More information can be found at https://cloud.google.com/monitoring/uptime-checks/using-uptime-checks +LIST COMMAND FLAGS + --filter=EXPRESSION + Apply a Boolean filter EXPRESSION to each resource item to be listed. + If the expression evaluates True, then that item is listed. For more + details and examples of filter expressions, run $ gcloud topic filters. + This flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --limit=LIMIT + Maximum number of resources to list. The default is unlimited. This + flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --page-size=PAGE_SIZE + Some services group resource list output into pages. This flag + specifies the maximum number of resources per page. The default is + determined by the service if it supports paging, otherwise it is + unlimited (no paging). Paging may be applied before or after --filter + and --limit depending on the service. + + --sort-by=[FIELD,...] + Comma-separated list of resource field key names to sort by. The + default order is ascending. Prefix a field with ``~'' for descending + order on that field. This flag interacts with other flags that are + applied in this order: --flatten, --sort-by, --filter, --limit. + + --uri + Print a list of resource URIs instead of the default output, and change + the command output to a list of URIs. If this flag is used with + --format, the formatting is applied on this URI list. To display URIs + alongside other keys instead, use the uri() transform. + GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, diff --git a/gcloud/beta/network-security/firewall-endpoint-associations/create b/gcloud/beta/network-security/firewall-endpoint-associations/create index efeda4871..fabe9e6e6 100644 --- a/gcloud/beta/network-security/firewall-endpoint-associations/create +++ b/gcloud/beta/network-security/firewall-endpoint-associations/create @@ -158,8 +158,10 @@ GCLOUD WIDE FLAGS Run $ gcloud help for details. NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud network-security firewall-endpoint-associations create $ gcloud alpha network-security firewall-endpoint-associations create diff --git a/gcloud/beta/network-security/firewall-endpoint-associations/delete b/gcloud/beta/network-security/firewall-endpoint-associations/delete index 07844a860..c58532841 100644 --- a/gcloud/beta/network-security/firewall-endpoint-associations/delete +++ b/gcloud/beta/network-security/firewall-endpoint-associations/delete @@ -78,8 +78,10 @@ GCLOUD WIDE FLAGS Run $ gcloud help for details. NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud network-security firewall-endpoint-associations delete $ gcloud alpha network-security firewall-endpoint-associations delete diff --git a/gcloud/beta/network-security/firewall-endpoint-associations/describe b/gcloud/beta/network-security/firewall-endpoint-associations/describe index b775a186f..724c4694c 100644 --- a/gcloud/beta/network-security/firewall-endpoint-associations/describe +++ b/gcloud/beta/network-security/firewall-endpoint-associations/describe @@ -65,8 +65,10 @@ GCLOUD WIDE FLAGS Run $ gcloud help for details. NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud network-security firewall-endpoint-associations describe $ gcloud alpha network-security firewall-endpoint-associations \ describe diff --git a/gcloud/beta/network-security/firewall-endpoint-associations/help b/gcloud/beta/network-security/firewall-endpoint-associations/help index 732a5e176..37638f7f0 100644 --- a/gcloud/beta/network-security/firewall-endpoint-associations/help +++ b/gcloud/beta/network-security/firewall-endpoint-associations/help @@ -33,8 +33,10 @@ COMMANDS (BETA) Update a Firewall Plus endpoint association. NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud network-security firewall-endpoint-associations $ gcloud alpha network-security firewall-endpoint-associations diff --git a/gcloud/beta/network-security/firewall-endpoint-associations/list b/gcloud/beta/network-security/firewall-endpoint-associations/list index b2ebec7df..eb9f5af88 100644 --- a/gcloud/beta/network-security/firewall-endpoint-associations/list +++ b/gcloud/beta/network-security/firewall-endpoint-associations/list @@ -72,8 +72,10 @@ GCLOUD WIDE FLAGS Run $ gcloud help for details. NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud network-security firewall-endpoint-associations list $ gcloud alpha network-security firewall-endpoint-associations list diff --git a/gcloud/beta/network-security/firewall-endpoint-associations/update b/gcloud/beta/network-security/firewall-endpoint-associations/update index 0025f84e9..5637e05c3 100644 --- a/gcloud/beta/network-security/firewall-endpoint-associations/update +++ b/gcloud/beta/network-security/firewall-endpoint-associations/update @@ -177,8 +177,10 @@ GCLOUD WIDE FLAGS Run $ gcloud help for details. NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud network-security firewall-endpoint-associations update $ gcloud alpha network-security firewall-endpoint-associations update diff --git a/gcloud/beta/network-security/firewall-endpoints/create b/gcloud/beta/network-security/firewall-endpoints/create index 5590793b0..b350003dc 100644 --- a/gcloud/beta/network-security/firewall-endpoints/create +++ b/gcloud/beta/network-security/firewall-endpoints/create @@ -93,8 +93,10 @@ GCLOUD WIDE FLAGS Run $ gcloud help for details. NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud network-security firewall-endpoints create $ gcloud alpha network-security firewall-endpoints create diff --git a/gcloud/beta/network-security/firewall-endpoints/delete b/gcloud/beta/network-security/firewall-endpoints/delete index 4616708d3..58f7ad374 100644 --- a/gcloud/beta/network-security/firewall-endpoints/delete +++ b/gcloud/beta/network-security/firewall-endpoints/delete @@ -79,8 +79,10 @@ GCLOUD WIDE FLAGS Run $ gcloud help for details. NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud network-security firewall-endpoints delete $ gcloud alpha network-security firewall-endpoints delete diff --git a/gcloud/beta/network-security/firewall-endpoints/describe b/gcloud/beta/network-security/firewall-endpoints/describe index a8fa691d7..7a813e934 100644 --- a/gcloud/beta/network-security/firewall-endpoints/describe +++ b/gcloud/beta/network-security/firewall-endpoints/describe @@ -66,8 +66,10 @@ GCLOUD WIDE FLAGS Run $ gcloud help for details. NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud network-security firewall-endpoints describe $ gcloud alpha network-security firewall-endpoints describe diff --git a/gcloud/beta/network-security/firewall-endpoints/help b/gcloud/beta/network-security/firewall-endpoints/help index 3881cb79d..4bed160b5 100644 --- a/gcloud/beta/network-security/firewall-endpoints/help +++ b/gcloud/beta/network-security/firewall-endpoints/help @@ -33,8 +33,10 @@ COMMANDS (BETA) Update a Firewall Plus endpoint. NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud network-security firewall-endpoints $ gcloud alpha network-security firewall-endpoints diff --git a/gcloud/beta/network-security/firewall-endpoints/list b/gcloud/beta/network-security/firewall-endpoints/list index 60e2d9ffb..f99d15066 100644 --- a/gcloud/beta/network-security/firewall-endpoints/list +++ b/gcloud/beta/network-security/firewall-endpoints/list @@ -67,8 +67,10 @@ GCLOUD WIDE FLAGS Run $ gcloud help for details. NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud network-security firewall-endpoints list $ gcloud alpha network-security firewall-endpoints list diff --git a/gcloud/beta/network-security/firewall-endpoints/update b/gcloud/beta/network-security/firewall-endpoints/update index b52e7e391..8b3c18bb7 100644 --- a/gcloud/beta/network-security/firewall-endpoints/update +++ b/gcloud/beta/network-security/firewall-endpoints/update @@ -126,8 +126,10 @@ GCLOUD WIDE FLAGS Run $ gcloud help for details. NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud network-security firewall-endpoints update $ gcloud alpha network-security firewall-endpoints update diff --git a/gcloud/beta/network-security/security-profile-groups/create b/gcloud/beta/network-security/security-profile-groups/create index 41779d18b..ca008e056 100644 --- a/gcloud/beta/network-security/security-profile-groups/create +++ b/gcloud/beta/network-security/security-profile-groups/create @@ -130,8 +130,10 @@ GCLOUD WIDE FLAGS Run $ gcloud help for details. NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud network-security security-profile-groups create $ gcloud alpha network-security security-profile-groups create diff --git a/gcloud/beta/network-security/security-profile-groups/delete b/gcloud/beta/network-security/security-profile-groups/delete index 589399d97..2261d5ad5 100644 --- a/gcloud/beta/network-security/security-profile-groups/delete +++ b/gcloud/beta/network-security/security-profile-groups/delete @@ -69,8 +69,10 @@ API REFERENCE for this API can be found at: https://cloud.google.com/networking NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud network-security security-profile-groups delete $ gcloud alpha network-security security-profile-groups delete diff --git a/gcloud/beta/network-security/security-profile-groups/describe b/gcloud/beta/network-security/security-profile-groups/describe index 28716483c..7619124ff 100644 --- a/gcloud/beta/network-security/security-profile-groups/describe +++ b/gcloud/beta/network-security/security-profile-groups/describe @@ -65,8 +65,10 @@ API REFERENCE for this API can be found at: https://cloud.google.com/networking NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud network-security security-profile-groups describe $ gcloud alpha network-security security-profile-groups describe diff --git a/gcloud/beta/network-security/security-profile-groups/help b/gcloud/beta/network-security/security-profile-groups/help index 559acbf56..d72392f6e 100644 --- a/gcloud/beta/network-security/security-profile-groups/help +++ b/gcloud/beta/network-security/security-profile-groups/help @@ -36,7 +36,8 @@ EXAMPLES $ gcloud beta network-security security-profile-groups describe \ my-security-profile-group --organization=1234 --location=global - To list Security Profile Groups in specifed location and organization, run: + To list Security Profile Groups in specified location and organization, + run: $ gcloud beta network-security security-profile-groups list \ --location=global @@ -76,8 +77,10 @@ COMMANDS (BETA) Update a Security Profile Group. NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud network-security security-profile-groups $ gcloud alpha network-security security-profile-groups diff --git a/gcloud/beta/network-security/security-profile-groups/list b/gcloud/beta/network-security/security-profile-groups/list index 78c4bd106..c4986d710 100644 --- a/gcloud/beta/network-security/security-profile-groups/list +++ b/gcloud/beta/network-security/security-profile-groups/list @@ -86,8 +86,10 @@ API REFERENCE for this API can be found at: https://cloud.google.com/networking NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud network-security security-profile-groups list $ gcloud alpha network-security security-profile-groups list diff --git a/gcloud/beta/network-security/security-profile-groups/update b/gcloud/beta/network-security/security-profile-groups/update index 810afc660..f1536f0ba 100644 --- a/gcloud/beta/network-security/security-profile-groups/update +++ b/gcloud/beta/network-security/security-profile-groups/update @@ -149,8 +149,10 @@ GCLOUD WIDE FLAGS Run $ gcloud help for details. NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud network-security security-profile-groups update $ gcloud alpha network-security security-profile-groups update diff --git a/gcloud/beta/network-security/security-profiles/help b/gcloud/beta/network-security/security-profiles/help index a0e37ef44..32fba26d3 100644 --- a/gcloud/beta/network-security/security-profiles/help +++ b/gcloud/beta/network-security/security-profiles/help @@ -20,8 +20,10 @@ GROUPS (BETA) Manage Security Profiles - Threat Prevention Profile. NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud network-security security-profiles $ gcloud alpha network-security security-profiles diff --git a/gcloud/beta/network-security/security-profiles/threat-prevention/add-override b/gcloud/beta/network-security/security-profiles/threat-prevention/add-override index b96f3038e..20e219204 100644 --- a/gcloud/beta/network-security/security-profiles/threat-prevention/add-override +++ b/gcloud/beta/network-security/security-profiles/threat-prevention/add-override @@ -124,8 +124,11 @@ GCLOUD WIDE FLAGS Run $ gcloud help for details. NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud network-security security-profiles threat-prevention \ + add-override $ gcloud alpha network-security security-profiles \ threat-prevention add-override diff --git a/gcloud/beta/network-security/security-profiles/threat-prevention/create b/gcloud/beta/network-security/security-profiles/threat-prevention/create index 5e3d90d43..ce84881d6 100644 --- a/gcloud/beta/network-security/security-profiles/threat-prevention/create +++ b/gcloud/beta/network-security/security-profiles/threat-prevention/create @@ -75,8 +75,10 @@ GCLOUD WIDE FLAGS Run $ gcloud help for details. NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud network-security security-profiles threat-prevention create $ gcloud alpha network-security security-profiles \ threat-prevention create diff --git a/gcloud/beta/network-security/security-profiles/threat-prevention/delete b/gcloud/beta/network-security/security-profiles/threat-prevention/delete index b6a784bbd..d4b5a22a3 100644 --- a/gcloud/beta/network-security/security-profiles/threat-prevention/delete +++ b/gcloud/beta/network-security/security-profiles/threat-prevention/delete @@ -68,8 +68,10 @@ API REFERENCE for this API can be found at: https://cloud.google.com/networking NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud network-security security-profiles threat-prevention delete $ gcloud alpha network-security security-profiles \ threat-prevention delete diff --git a/gcloud/beta/network-security/security-profiles/threat-prevention/delete-override b/gcloud/beta/network-security/security-profiles/threat-prevention/delete-override index d2e820895..a18a46b85 100644 --- a/gcloud/beta/network-security/security-profiles/threat-prevention/delete-override +++ b/gcloud/beta/network-security/security-profiles/threat-prevention/delete-override @@ -118,8 +118,11 @@ GCLOUD WIDE FLAGS Run $ gcloud help for details. NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud network-security security-profiles threat-prevention \ + delete-override $ gcloud alpha network-security security-profiles \ threat-prevention delete-override diff --git a/gcloud/beta/network-security/security-profiles/threat-prevention/help b/gcloud/beta/network-security/security-profiles/threat-prevention/help index 908f32cc6..71b926503 100644 --- a/gcloud/beta/network-security/security-profiles/threat-prevention/help +++ b/gcloud/beta/network-security/security-profiles/threat-prevention/help @@ -11,7 +11,7 @@ DESCRIPTION EXAMPLES To create a Security Profile with the name my-security-profile which - includes location as global or region specifed and organization ID, + includes location as global or region specified and organization ID, optional description as New Security Profile, run: $ gcloud beta network-security security-profiles threat-prevention \ @@ -63,13 +63,13 @@ EXAMPLES the changes should apply, location either global or region specified and security_profile_id the Security Profile Identifier. - To list Security Profiles in specifed location and organization, run: + To list Security Profiles in specified location and organization, run: $ gcloud beta network-security security-profiles threat-prevention \ list --location=global To delete a Security Profile called my-security-profile which includes - location as global or region specifed and organization ID, run: + location as global or region specified and organization ID, run: $ gcloud beta network-security security-profiles threat-prevention \ delete my-security-profile @@ -104,8 +104,10 @@ COMMANDS (BETA) Update Overrides of Threat Prevention Profile. NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud network-security security-profiles threat-prevention $ gcloud alpha network-security security-profiles threat-prevention diff --git a/gcloud/beta/network-security/security-profiles/threat-prevention/list b/gcloud/beta/network-security/security-profiles/threat-prevention/list index 786e491f8..36be629d3 100644 --- a/gcloud/beta/network-security/security-profiles/threat-prevention/list +++ b/gcloud/beta/network-security/security-profiles/threat-prevention/list @@ -86,8 +86,10 @@ API REFERENCE for this API can be found at: https://cloud.google.com/networking NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud network-security security-profiles threat-prevention list $ gcloud alpha network-security security-profiles \ threat-prevention list diff --git a/gcloud/beta/network-security/security-profiles/threat-prevention/list-overrides b/gcloud/beta/network-security/security-profiles/threat-prevention/list-overrides index c2dda4758..8b82799b6 100644 --- a/gcloud/beta/network-security/security-profiles/threat-prevention/list-overrides +++ b/gcloud/beta/network-security/security-profiles/threat-prevention/list-overrides @@ -67,8 +67,11 @@ GCLOUD WIDE FLAGS Run $ gcloud help for details. NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud network-security security-profiles threat-prevention \ + list-overrides $ gcloud alpha network-security security-profiles \ threat-prevention list-overrides diff --git a/gcloud/beta/network-security/security-profiles/threat-prevention/update-override b/gcloud/beta/network-security/security-profiles/threat-prevention/update-override index 09f60bb10..291a75f3b 100644 --- a/gcloud/beta/network-security/security-profiles/threat-prevention/update-override +++ b/gcloud/beta/network-security/security-profiles/threat-prevention/update-override @@ -124,8 +124,11 @@ GCLOUD WIDE FLAGS Run $ gcloud help for details. NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud network-security security-profiles threat-prevention \ + update-override $ gcloud alpha network-security security-profiles \ threat-prevention update-override diff --git a/gcloud/beta/projects/create b/gcloud/beta/projects/create index 10b045e6f..1683e1f7e 100644 --- a/gcloud/beta/projects/create +++ b/gcloud/beta/projects/create @@ -70,6 +70,8 @@ FLAGS Example: 123/environment=production,123/costCenter=marketing + Note: Currently this field is in Preview. + GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, diff --git a/gcloud/beta/pubsub/topics/create b/gcloud/beta/pubsub/topics/create index 1a48c6265..e34ceb5dd 100644 --- a/gcloud/beta/pubsub/topics/create +++ b/gcloud/beta/pubsub/topics/create @@ -5,6 +5,10 @@ SYNOPSIS gcloud beta pubsub topics create TOPIC [TOPIC ...] [--labels=[KEY=VALUE,...]] [--message-retention-duration=MESSAGE_RETENTION_DURATION] + [--kinesis-ingestion-consumer-arn=KINESIS_INGESTION_CONSUMER_ARN + --kinesis-ingestion-role-arn=KINESIS_INGESTION_ROLE_ARN + --kinesis-ingestion-service-account=KINESIS_INGESTION_SERVICE_ACCOUNT + --kinesis-ingestion-stream-arn=KINESIS_INGESTION_STREAM_ARN] [--message-encoding=ENCODING (--schema=SCHEMA : --schema-project=SCHEMA_PROJECT) : --first-revision-id=FIRST_REVISION_ID @@ -65,6 +69,36 @@ FLAGS is one of "s", "m", "h", and "d" for seconds, minutes, hours, and days, respectively. If the unit is omitted, seconds is assumed. + The following flags are for specifying ingestion settings for an import + topic from Amazon Web Services (AWS) Kinesis Data Streams + + --kinesis-ingestion-consumer-arn=KINESIS_INGESTION_CONSUMER_ARN + The Kinesis data streams consumer Amazon Resource Name (ARN) to use + for ingestion. + + This flag argument must be specified if any of the other arguments in + this group are specified. + + --kinesis-ingestion-role-arn=KINESIS_INGESTION_ROLE_ARN + AWS role ARN to be used for Federated Identity authentication with + Kinesis. + + This flag argument must be specified if any of the other arguments in + this group are specified. + + --kinesis-ingestion-service-account=KINESIS_INGESTION_SERVICE_ACCOUNT + The service account to be used for Federated Identity authentication + with Kinesis. + + This flag argument must be specified if any of the other arguments in + this group are specified. + + --kinesis-ingestion-stream-arn=KINESIS_INGESTION_STREAM_ARN + The Kinesis data stream ARN from which to ingest data. + + This flag argument must be specified if any of the other arguments in + this group are specified. + Schema settings. The schema that messages published to this topic must conform to and the expected message encoding. diff --git a/gcloud/beta/pubsub/topics/update b/gcloud/beta/pubsub/topics/update index ef6bf555e..07df86625 100644 --- a/gcloud/beta/pubsub/topics/update +++ b/gcloud/beta/pubsub/topics/update @@ -3,6 +3,11 @@ NAME SYNOPSIS gcloud beta pubsub topics update TOPIC [--update-labels=[KEY=VALUE,...]] + [--clear-ingestion-data-source-settings + | --kinesis-ingestion-consumer-arn=KINESIS_INGESTION_CONSUMER_ARN + --kinesis-ingestion-role-arn=KINESIS_INGESTION_ROLE_ARN + --kinesis-ingestion-service-account=KINESIS_INGESTION_SERVICE_ACCOUNT + --kinesis-ingestion-stream-arn=KINESIS_INGESTION_STREAM_ARN] [--clear-labels | --remove-labels=[KEY,...]] [--clear-message-retention-duration | --message-retention-duration=MESSAGE_RETENTION_DURATION] @@ -102,6 +107,45 @@ FLAGS contain only hyphens (-), underscores (_), lowercase characters, and numbers. + Specify either --clear-ingestion-data-source-settings or a new ingestion + source. + + At most one of these can be specified: + + --clear-ingestion-data-source-settings + If set, clear the Ingestion Data Source Settings from the topic. Use + --no-clear-ingestion-data-source-settings to disable this flag. + + The following flags are for specifying ingestion settings for an import + topic from Amazon Web Services (AWS) Kinesis Data Streams + + --kinesis-ingestion-consumer-arn=KINESIS_INGESTION_CONSUMER_ARN + The Kinesis data streams consumer Amazon Resource Name (ARN) to use + for ingestion. + + This flag argument must be specified if any of the other arguments + in this group are specified. + + --kinesis-ingestion-role-arn=KINESIS_INGESTION_ROLE_ARN + AWS role ARN to be used for Federated Identity authentication with + Kinesis. + + This flag argument must be specified if any of the other arguments + in this group are specified. + + --kinesis-ingestion-service-account=KINESIS_INGESTION_SERVICE_ACCOUNT + The service account to be used for Federated Identity + authentication with Kinesis. + + This flag argument must be specified if any of the other arguments + in this group are specified. + + --kinesis-ingestion-stream-arn=KINESIS_INGESTION_STREAM_ARN + The Kinesis data stream ARN from which to ingest data. + + This flag argument must be specified if any of the other arguments + in this group are specified. + At most one of these can be specified: --clear-labels diff --git a/gcloud/beta/redis/clusters/create b/gcloud/beta/redis/clusters/create index 33c869685..8bf73996b 100644 --- a/gcloud/beta/redis/clusters/create +++ b/gcloud/beta/redis/clusters/create @@ -6,7 +6,8 @@ SYNOPSIS gcloud beta redis clusters create (CLUSTER : --region=REGION) --network=NETWORK --shard-count=SHARD_COUNT [--async] [--auth-mode=AUTH_MODE] [--replica-count=REPLICA_COUNT] - [--transit-encryption-mode=TRANSIT_ENCRYPTION_MODE] + [--transit-encryption-mode=TRANSIT_ENCRYPTION_MODE] [--zone=ZONE] + [--zone-distribution-mode=ZONE_DISTRIBUTION_MODE] [GCLOUD_WIDE_FLAG ...] DESCRIPTION @@ -112,6 +113,20 @@ OPTIONAL FLAGS The cluster uses server managed encryption for in-transit encryption. + --zone=ZONE + The zone used to allocate the cluster nodes. Applicable only if the + zone-distribution-mode is set to single-zone. + + --zone-distribution-mode=ZONE_DISTRIBUTION_MODE + Determines how the cluster nodes are distributed across zones. + ZONE_DISTRIBUTION_MODE must be one of: + + multi-zone + Allocate cluster nodes across multiple zones. + + single-zone + Allocate cluster nodes in a single zone. + GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, diff --git a/gcloud/beta/resource-manager/folders/create b/gcloud/beta/resource-manager/folders/create index 9e6735fe8..0c384a1fc 100644 --- a/gcloud/beta/resource-manager/folders/create +++ b/gcloud/beta/resource-manager/folders/create @@ -43,6 +43,8 @@ OPTIONAL FLAGS Example: 123/environment=production,123/costCenter=marketing + Note: Currently this field is in Preview. + GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, diff --git a/gcloud/beta/run/deploy b/gcloud/beta/run/deploy index d73f6b309..a157c39b8 100644 --- a/gcloud/beta/run/deploy +++ b/gcloud/beta/run/deploy @@ -569,6 +569,12 @@ FLAGS that wrote the data. If size-limit is not specified, the maximum size will be half the total memory limit of all containers. + nfs: Represents a volume backed by an NFS server. Additional keys: + ◆ location: (required) The location of the NFS Server, in the form + SERVER:/PATH + ◆ readonly: (optional) A boolean. If true, this volume will be + read-only from all mounts. + --clear-volumes Remove all existing volumes from the Cloud Run resource, including volumes mounted as secrets diff --git a/gcloud/beta/run/jobs/create b/gcloud/beta/run/jobs/create index f8fec4713..e35adb4ed 100644 --- a/gcloud/beta/run/jobs/create +++ b/gcloud/beta/run/jobs/create @@ -12,6 +12,10 @@ SYNOPSIS [--set-secrets=[KEY=SECRET_NAME:SECRET_VERSION,...]] [--task-timeout=TASK_TIMEOUT] [--tasks=TASKS; default=1] [--vpc-connector=VPC_CONNECTOR] [--vpc-egress=VPC_EGRESS] + [--add-volume=[KEY=VALUE,...] + --clear-volumes --remove-volume=[VOLUME,...]] + [--add-volume-mount=[volume=NAME,mount-path=MOUNT_PATH,...] + --clear-volume-mounts --remove-volume-mount=[MOUNT_PATH,...]] [--async | --execute-now --wait] [--env-vars-file=FILE_PATH | --set-env-vars=[KEY=VALUE,...]] [--network=NETWORK --network-tags=[TAG,...] --subnet=SUBNET] @@ -164,6 +168,58 @@ OPTIONAL FLAGS https://cloud.google.com/run/docs/securing/private-networking#send_requests_to_other_services_and_services for more information. + --add-volume=[KEY=VALUE,...] + Adds a volume to the Cloud Run resource. To add more than one volume, + specify this flag multiple times. Volumes must have a name and type + key. Only certain values are supported for type. Depending on the + provided type, other keys will be required. The following types are + supported with the specified additional keys: + + cloud-storage: A volume representing a Cloud Storage bucket. This + volume type is mounted using Cloud Storage FUSE. See + https://cloud.google.com/storage/docs/gcs-fuse for the details and + limitations of this filesystem. Additional keys: + ◆ bucket: (required) the name of the bucket to use as the source of + this volume + ◆ readonly: (optional) A boolean. If true, this volume will be + read-only from all mounts. + + in-memory: An ephemeral volume that stores data in the instance's + memory. With this type of volume, data is not shared between instances + and all data will be lost when the instance it is on is terminated. + Additional keys: + ◆ size-limit: (optional) A quantity representing the maximum amount + of memory allocated to this volume, such as "512Mi" or "3G". Data + stored in an in-memory volume consumes the memory allocation of the + container that wrote the data. If size-limit is not specified, the + maximum size will be half the total memory limit of all containers. + + nfs: Represents a volume backed by an NFS server. Additional keys: + ◆ location: (required) The location of the NFS Server, in the form + SERVER:/PATH + ◆ readonly: (optional) A boolean. If true, this volume will be + read-only from all mounts. + + --clear-volumes + Remove all existing volumes from the Cloud Run resource, including + volumes mounted as secrets + + --remove-volume=[VOLUME,...] + Removes volumes from the Cloud Run resource. + + --add-volume-mount=[volume=NAME,mount-path=MOUNT_PATH,...] + Adds a mount to the current container. Must contain the keys + volume=NAME and mount-path=/PATH where NAME is the name of a volume on + this resource and PATH is the path within the container's filesystem to + mount this volume. + + --clear-volume-mounts + Remove all existing mounts from the current container. + + --remove-volume-mount=[MOUNT_PATH,...] + Removes the volume mounted at the specified path from the current + container. + At most one of these can be specified: --async diff --git a/gcloud/beta/run/jobs/deploy b/gcloud/beta/run/jobs/deploy index 37a38262e..db469ccba 100644 --- a/gcloud/beta/run/jobs/deploy +++ b/gcloud/beta/run/jobs/deploy @@ -193,6 +193,12 @@ FLAGS container that wrote the data. If size-limit is not specified, the maximum size will be half the total memory limit of all containers. + nfs: Represents a volume backed by an NFS server. Additional keys: + ◆ location: (required) The location of the NFS Server, in the form + SERVER:/PATH + ◆ readonly: (optional) A boolean. If true, this volume will be + read-only from all mounts. + --clear-volumes Remove all existing volumes from the Cloud Run resource, including volumes mounted as secrets diff --git a/gcloud/beta/run/jobs/update b/gcloud/beta/run/jobs/update index 11603473f..6fbdd4a57 100644 --- a/gcloud/beta/run/jobs/update +++ b/gcloud/beta/run/jobs/update @@ -203,6 +203,12 @@ FLAGS container that wrote the data. If size-limit is not specified, the maximum size will be half the total memory limit of all containers. + nfs: Represents a volume backed by an NFS server. Additional keys: + ◆ location: (required) The location of the NFS Server, in the form + SERVER:/PATH + ◆ readonly: (optional) A boolean. If true, this volume will be + read-only from all mounts. + --clear-volumes Remove all existing volumes from the Cloud Run resource, including volumes mounted as secrets diff --git a/gcloud/beta/run/services/update b/gcloud/beta/run/services/update index 35d666dd6..aba39ee9d 100644 --- a/gcloud/beta/run/services/update +++ b/gcloud/beta/run/services/update @@ -451,6 +451,12 @@ FLAGS that wrote the data. If size-limit is not specified, the maximum size will be half the total memory limit of all containers. + nfs: Represents a volume backed by an NFS server. Additional keys: + ◆ location: (required) The location of the NFS Server, in the form + SERVER:/PATH + ◆ readonly: (optional) A boolean. If true, this volume will be + read-only from all mounts. + --clear-volumes Remove all existing volumes from the Cloud Run resource, including volumes mounted as secrets diff --git a/gcloud/beta/secrets/create b/gcloud/beta/secrets/create index 6e453e2cc..e504aaab8 100644 --- a/gcloud/beta/secrets/create +++ b/gcloud/beta/secrets/create @@ -4,7 +4,9 @@ NAME SYNOPSIS gcloud beta secrets create (SECRET : --location=LOCATION) [--data-file=PATH] [--labels=[KEY=VALUE,...]] + [--regional-kms-key-name=KMS-KEY-NAME] [--set-annotations=[KEY=VALUE,...]] [--topics=[TOPICS,...]] + [--version-destroy-ttl=VERSION-DESTROY-TTL] [--expire-time=EXPIRE-TIME | --ttl=TTL] [--next-rotation-time=NEXT_ROTATION_TIME --rotation-period=ROTATION_PERIOD] @@ -73,6 +75,10 @@ EXAMPLES --next-rotation-time="2030-01-01T15:30:00-05:00" \ --rotation-period="7200s" + Create a secret with delayed secret version destroy enabled: + + $ gcloud beta secrets create my-secret --version-destroy-ttl="86400s" + POSITIONAL ARGUMENTS Global or regional secret resource - create a secret The arguments in this group can be used to specify the attributes of this resource. (NOTE) Some @@ -120,6 +126,10 @@ FLAGS contain only hyphens (-), underscores (_), lowercase characters, and numbers. + --regional-kms-key-name=KMS-KEY-NAME + Regional KMS key with which to encrypt and decrypt the secret. Only + valid for regional secrets. + Annotations --set-annotations=[KEY=VALUE,...] @@ -129,6 +139,13 @@ FLAGS --topics=[TOPICS,...] List of Pub/Sub topics to configure on the secret. + --version-destroy-ttl=VERSION-DESTROY-TTL + Secret Version Time To Live (TTL) after destruction request. For secret + with TTL>0, version destruction does not happen immediately on calling + destroy; instead, the version goes to a disabled state and destruction + happens after the TTL expires. See $ gcloud topic datetimes for + information on duration formats. + Expiration. At most one of these can be specified: diff --git a/gcloud/beta/secrets/update b/gcloud/beta/secrets/update index ef0ac1dc1..ff51b108c 100644 --- a/gcloud/beta/secrets/update +++ b/gcloud/beta/secrets/update @@ -15,7 +15,8 @@ SYNOPSIS [--next-rotation-time=NEXT_ROTATION_TIME --remove-next-rotation-time --remove-rotation-period --remove-rotation-schedule --rotation-period=ROTATION_PERIOD] - [GCLOUD_WIDE_FLAG ...] + [--remove-version-destroy-ttl + | --version-destroy-ttl=VERSION-DESTROY-TTL] [GCLOUD_WIDE_FLAG ...] DESCRIPTION (BETA) Update a secret's metadata (e.g. labels). This command will return @@ -63,6 +64,14 @@ EXAMPLES $ gcloud beta secrets update my-secret --remove-rotation-schedule + Update version destroy ttl of a secret: + + $ gcloud beta secrets update my-secret --version-destroy-ttl="86400s" + + Disable delayed secret version destroy: + + $ gcloud beta secrets update my-secret --remove-version-destroy-ttl + POSITIONAL ARGUMENTS Global or regional secret resource - to update The arguments in this group can be used to specify the attributes of this resource. (NOTE) Some @@ -203,6 +212,20 @@ FLAGS --rotation-period=ROTATION_PERIOD Duration of time (in seconds) between rotation notifications. + Version destroy ttl. + + At most one of these can be specified: + + --remove-version-destroy-ttl + If set, removes the version destroy TTL from the secret. + + --version-destroy-ttl=VERSION-DESTROY-TTL + Secret Version TTL after destruction request. For secret with TTL>0, + version destruction does not happen immediately on calling destroy; + instead, the version goes to a disabled state and destruction happens + after the TTL expires. See $ gcloud topic datetimes for information + on duration formats. + GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, diff --git a/gcloud/beta/sql/instances/switchover b/gcloud/beta/sql/instances/switchover index 3a3915f15..5699d3ba9 100644 --- a/gcloud/beta/sql/instances/switchover +++ b/gcloud/beta/sql/instances/switchover @@ -4,11 +4,11 @@ NAME SYNOPSIS gcloud beta sql instances switchover REPLICA [--async] - [GCLOUD_WIDE_FLAG ...] + [--db-timeout=DB_TIMEOUT] [GCLOUD_WIDE_FLAG ...] DESCRIPTION - (BETA) Switches over a Cloud SQL instance to one of its replicas. Currently - only supported on Cloud SQL for SQL Server instances. + (BETA) Switches over a Cloud SQL instance to one of its replicas. Only + supported on Cloud SQL for SQL Server and MySQL instances. EXAMPLES To switch over an instance to its replica called replica-instance: @@ -24,6 +24,11 @@ FLAGS Return immediately, without waiting for the operation in progress to complete. + --db-timeout=DB_TIMEOUT + (MySQL only) Cloud SQL instance operations timeout, which is the sum of + all database operations. Default value is 10 minutes and can be + modified to a maximum value of 24h. + GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, diff --git a/gcloud/compute/disks/create b/gcloud/compute/disks/create index e86f396cd..2b575ea20 100644 --- a/gcloud/compute/disks/create +++ b/gcloud/compute/disks/create @@ -11,7 +11,8 @@ SYNOPSIS [--provisioned-iops=PROVISIONED_IOPS] [--provisioned-throughput=PROVISIONED_THROUGHPUT] [--replica-zones=ZONE,ZONE] [--no-require-csek-key-create] - [--resource-policies=[RESOURCE_POLICY,...]] [--size=SIZE] [--type=TYPE] + [--resource-policies=[RESOURCE_POLICY,...]] [--size=SIZE] + [--storage-pool=STORAGE_POOL] [--type=TYPE] [--image-family-scope=IMAGE_FAMILY_SCOPE --image-project=IMAGE_PROJECT --image=IMAGE | --image-family=IMAGE_FAMILY | --primary-disk=PRIMARY_DISK @@ -142,6 +143,9 @@ FLAGS will be used. For details about disk size limits, refer to: https://cloud.google.com/compute/docs/disks + --storage-pool=STORAGE_POOL + Specifies the URI of the storage pool in which the disk is created. + --type=TYPE Specifies the type of disk to create. To get a list of available disk types, run gcloud compute disk-types list. The default disk type is diff --git a/gcloud/compute/instance-templates/create b/gcloud/compute/instance-templates/create index 0d6a3db4f..bef1aa335 100644 --- a/gcloud/compute/instance-templates/create +++ b/gcloud/compute/instance-templates/create @@ -252,6 +252,10 @@ FLAGS support. For available processor types on Compute Engine, see https://cloud.google.com/compute/docs/cpu-platforms. + storage-pool + The name of the storage pool in which the new disk is created. The + new disk and the storage pool must be in the same location. + boot If yes, indicates that this is a boot disk. The instance will use the first partition of the disk for its root file system. The diff --git a/gcloud/compute/instance-templates/create-with-container b/gcloud/compute/instance-templates/create-with-container index c1a9bd37c..6cd6620bc 100644 --- a/gcloud/compute/instance-templates/create-with-container +++ b/gcloud/compute/instance-templates/create-with-container @@ -334,6 +334,10 @@ FLAGS support. For available processor types on Compute Engine, see https://cloud.google.com/compute/docs/cpu-platforms. + storage-pool + The name of the storage pool in which the new disk is created. The + new disk and the storage pool must be in the same location. + replica-zones Required for each regional disk associated with the instance. Specify the URLs of the zones where the disk should be replicated diff --git a/gcloud/compute/instances/bulk/create b/gcloud/compute/instances/bulk/create index 7b93ac29a..97f818bda 100644 --- a/gcloud/compute/instances/bulk/create +++ b/gcloud/compute/instances/bulk/create @@ -285,6 +285,10 @@ OPTIONAL FLAGS support. For available processor types on Compute Engine, see https://cloud.google.com/compute/docs/cpu-platforms. + storage-pool + The name of the storage pool in which the new disk is created. The + new disk and the storage pool must be in the same location. + boot If yes, indicates that this is a boot disk. The instance will use the first partition of the disk for its root file system. The diff --git a/gcloud/compute/instances/create b/gcloud/compute/instances/create index 3a8b3e2ee..e3bb0e364 100644 --- a/gcloud/compute/instances/create +++ b/gcloud/compute/instances/create @@ -281,6 +281,10 @@ FLAGS support. For available processor types on Compute Engine, see https://cloud.google.com/compute/docs/cpu-platforms. + storage-pool + The name of the storage pool in which the new disk is created. The + new disk and the storage pool must be in the same location. + boot If yes, indicates that this is a boot disk. The instance will use the first partition of the disk for its root file system. The diff --git a/gcloud/compute/instances/create-with-container b/gcloud/compute/instances/create-with-container index a7f36b005..55e9911be 100644 --- a/gcloud/compute/instances/create-with-container +++ b/gcloud/compute/instances/create-with-container @@ -357,6 +357,10 @@ FLAGS support. For available processor types on Compute Engine, see https://cloud.google.com/compute/docs/cpu-platforms. + storage-pool + The name of the storage pool in which the new disk is created. The + new disk and the storage pool must be in the same location. + replica-zones Required for each regional disk associated with the instance. Specify the URLs of the zones where the disk should be replicated diff --git a/gcloud/container/attached/clusters/delete b/gcloud/container/attached/clusters/delete index e4ada99a8..f7868c1c7 100644 --- a/gcloud/container/attached/clusters/delete +++ b/gcloud/container/attached/clusters/delete @@ -58,7 +58,7 @@ FLAGS complete. --ignore-errors - Force delete an Attached cluster. Deletion of Attached cluster will + Force delete an Attached cluster. Deletion of the Attached cluster will succeed even if errors occur during deleting in-cluster resources. Using this parameter may result in orphaned resources in the cluster. diff --git a/gcloud/container/aws/clusters/delete b/gcloud/container/aws/clusters/delete index 6517b0761..c85ce97b6 100644 --- a/gcloud/container/aws/clusters/delete +++ b/gcloud/container/aws/clusters/delete @@ -3,7 +3,8 @@ NAME SYNOPSIS gcloud container aws clusters delete (CLUSTER : --location=LOCATION) - [--allow-missing] [--async] [--validate-only] [GCLOUD_WIDE_FLAG ...] + [--allow-missing] [--async] [--ignore-errors] [--validate-only] + [GCLOUD_WIDE_FLAG ...] DESCRIPTION Delete an Anthos cluster on AWS. @@ -53,6 +54,11 @@ FLAGS Return immediately, without waiting for the operation in progress to complete. + --ignore-errors + Force delete an AWS cluster. Deletion of the AWS cluster will succeed + even if errors occur during deleting in-cluster resources. Using this + parameter may result in orphaned resources in the cluster. + --validate-only Validate the cluster to delete, but don't actually perform it. diff --git a/gcloud/container/aws/node-pools/delete b/gcloud/container/aws/node-pools/delete index fd094ca0b..3dec6700e 100644 --- a/gcloud/container/aws/node-pools/delete +++ b/gcloud/container/aws/node-pools/delete @@ -5,7 +5,7 @@ NAME SYNOPSIS gcloud container aws node-pools delete (NODE_POOL : --cluster=CLUSTER --location=LOCATION) [--allow-missing] - [--async] [--validate-only] [GCLOUD_WIDE_FLAG ...] + [--async] [--ignore-errors] [--validate-only] [GCLOUD_WIDE_FLAG ...] DESCRIPTION Delete a node pool in an Anthos cluster on AWS. @@ -58,13 +58,18 @@ POSITIONAL ARGUMENTS FLAGS --allow-missing - Allow idempotent deletion of cluster. The request will still succeed in - case the cluster does not exist. + Allow idempotent deletion of node pool. The request will still succeed + in case the node pool does not exist. --async Return immediately, without waiting for the operation in progress to complete. + --ignore-errors + Force delete an AWS node pool. Deletion of the AWS node pool will + succeed even if errors occur during deleting in-node pool resources. + Using this parameter may result in orphaned resources in the node pool. + --validate-only Validate the node pool to delete, but don't actually perform it. diff --git a/gcloud/container/azure/clients/delete b/gcloud/container/azure/clients/delete index 01e4bcdaa..8ce771c87 100644 --- a/gcloud/container/azure/clients/delete +++ b/gcloud/container/azure/clients/delete @@ -46,8 +46,8 @@ POSITIONAL ARGUMENTS FLAGS --allow-missing - Allow idempotent deletion of cluster. The request will still succeed in - case the cluster does not exist. + Allow idempotent deletion of client. The request will still succeed in + case the client does not exist. --async Return immediately, without waiting for the operation in progress to diff --git a/gcloud/container/azure/clusters/delete b/gcloud/container/azure/clusters/delete index af5540f3d..2954ef14e 100644 --- a/gcloud/container/azure/clusters/delete +++ b/gcloud/container/azure/clusters/delete @@ -3,7 +3,7 @@ NAME SYNOPSIS gcloud container azure clusters delete (CLUSTER : --location=LOCATION) - [--allow-missing] [--async] [GCLOUD_WIDE_FLAG ...] + [--allow-missing] [--async] [--ignore-errors] [GCLOUD_WIDE_FLAG ...] DESCRIPTION Delete an Anthos cluster on Azure. @@ -54,6 +54,11 @@ FLAGS Return immediately, without waiting for the operation in progress to complete. + --ignore-errors + Force delete an Azure cluster. Deletion of the Azure cluster will + succeed even if errors occur during deleting in-cluster resources. + Using this parameter may result in orphaned resources in the cluster. + GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, diff --git a/gcloud/container/azure/node-pools/delete b/gcloud/container/azure/node-pools/delete index cbbabf34c..7ec97e306 100644 --- a/gcloud/container/azure/node-pools/delete +++ b/gcloud/container/azure/node-pools/delete @@ -5,7 +5,7 @@ NAME SYNOPSIS gcloud container azure node-pools delete (NODE_POOL : --cluster=CLUSTER --location=LOCATION) [--allow-missing] - [--async] [GCLOUD_WIDE_FLAG ...] + [--async] [--ignore-errors] [GCLOUD_WIDE_FLAG ...] DESCRIPTION Delete a node pool in an Anthos cluster on Azure. @@ -58,13 +58,18 @@ POSITIONAL ARGUMENTS FLAGS --allow-missing - Allow idempotent deletion of cluster. The request will still succeed in - case the cluster does not exist. + Allow idempotent deletion of node pool. The request will still succeed + in case the node pool does not exist. --async Return immediately, without waiting for the operation in progress to complete. + --ignore-errors + Force delete an Azure node pool. Deletion of the Azure node pool will + succeed even if errors occur during deleting in-node pool resources. + Using this parameter may result in orphaned resources in the node pool. + GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, diff --git a/gcloud/database-migration/migration-jobs/create b/gcloud/database-migration/migration-jobs/create index f7b18350a..9cb154c30 100644 --- a/gcloud/database-migration/migration-jobs/create +++ b/gcloud/database-migration/migration-jobs/create @@ -9,7 +9,7 @@ SYNOPSIS [--conversion-workspace=CONVERSION_WORKSPACE] [--display-name=DISPLAY_NAME] [--dump-parallel-level=DUMP_PARALLEL_LEVEL] [--dump-path=DUMP_PATH] - [--filter=FILTER] [--labels=[KEY=VALUE,...]] + [--dump-type=DUMP_TYPE] [--filter=FILTER] [--labels=[KEY=VALUE,...]] [--cmek-key=CMEK_KEY : --cmek-keyring=CMEK_KEYRING --cmek-project=CMEK_PROJECT] [--peer-vpc=PEER_VPC | --static-ip @@ -199,6 +199,10 @@ OPTIONAL FLAGS Path to the dump file in Google Cloud Storage, in the format: gs://[BUCKET_NAME]/[OBJECT_NAME]. + --dump-type=DUMP_TYPE + The type of the data dump. Currently applicable for MySQL to MySQL + migrations only. DUMP_TYPE must be one of: LOGICAL, PHYSICAL. + --filter=FILTER Filter the entities based on AIP-160 (https://google.aip.dev/160) standard. Example: to filter all tables whose name start with diff --git a/gcloud/database-migration/migration-jobs/update b/gcloud/database-migration/migration-jobs/update index f2b364b65..230da7b19 100644 --- a/gcloud/database-migration/migration-jobs/update +++ b/gcloud/database-migration/migration-jobs/update @@ -7,8 +7,8 @@ SYNOPSIS (MIGRATION_JOB : --region=REGION) [--no-async] [--commit-id=COMMIT_ID] [--destination=DESTINATION] [--display-name=DISPLAY_NAME] [--dump-parallel-level=DUMP_PARALLEL_LEVEL] [--dump-path=DUMP_PATH] - [--filter=FILTER] [--source=SOURCE] [--type=TYPE] - [--update-labels=[KEY=VALUE,...]] + [--dump-type=DUMP_TYPE] [--filter=FILTER] [--source=SOURCE] + [--type=TYPE] [--update-labels=[KEY=VALUE,...]] [--clear-labels | --remove-labels=[KEY,...]] [--peer-vpc=PEER_VPC | --static-ip | --vm=VM --vm-ip=VM_IP --vm-port=VM_PORT --vpc=VPC] @@ -110,6 +110,10 @@ FLAGS Path to the dump file in Google Cloud Storage, in the format: gs://[BUCKET_NAME]/[OBJECT_NAME]. + --dump-type=DUMP_TYPE + The type of the data dump. Currently applicable for MySQL to MySQL + migrations only. DUMP_TYPE must be one of: LOGICAL, PHYSICAL. + --filter=FILTER Filter the entities based on AIP-160 (https://google.aip.dev/160) standard. Example: to filter all tables whose name start with diff --git a/gcloud/dataflow/flex-template/build b/gcloud/dataflow/flex-template/build index 7024026df..beb16e225 100644 --- a/gcloud/dataflow/flex-template/build +++ b/gcloud/dataflow/flex-template/build @@ -29,7 +29,7 @@ DESCRIPTION Builds a flex template file from the specified parameters. EXAMPLES - To build and store a the flex template json file, run: + To build and store a flex template JSON file, run: $ gcloud dataflow flex-template build gs://template-file-gcs-path \ --image=gcr://image-path \ @@ -45,7 +45,7 @@ EXAMPLES rets/password-secret/versions/latest" \ --metadata-file=metadata.json --sdk-language=JAVA - To build the template image and flex template json file, run: + To build the template image and flex template JSON file, run: $ gcloud dataflow flex-template build gs://template-file-gcs-path \ --image-gcr-path=gcr://path-to-store-image \ diff --git a/gcloud/monitoring/uptime/list-ips b/gcloud/monitoring/uptime/list-ips index 787a18243..8545a9bdd 100644 --- a/gcloud/monitoring/uptime/list-ips +++ b/gcloud/monitoring/uptime/list-ips @@ -2,7 +2,9 @@ NAME gcloud monitoring uptime list-ips - list uptime check server ips SYNOPSIS - gcloud monitoring uptime list-ips [GCLOUD_WIDE_FLAG ...] + gcloud monitoring uptime list-ips [--filter=EXPRESSION] [--limit=LIMIT] + [--page-size=PAGE_SIZE] [--sort-by=[FIELD,...]] [--uri] + [GCLOUD_WIDE_FLAG ...] DESCRIPTION List uptime check egress ips. @@ -15,6 +17,38 @@ EXAMPLES More information can be found at https://cloud.google.com/monitoring/uptime-checks/using-uptime-checks +LIST COMMAND FLAGS + --filter=EXPRESSION + Apply a Boolean filter EXPRESSION to each resource item to be listed. + If the expression evaluates True, then that item is listed. For more + details and examples of filter expressions, run $ gcloud topic filters. + This flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --limit=LIMIT + Maximum number of resources to list. The default is unlimited. This + flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --page-size=PAGE_SIZE + Some services group resource list output into pages. This flag + specifies the maximum number of resources per page. The default is + determined by the service if it supports paging, otherwise it is + unlimited (no paging). Paging may be applied before or after --filter + and --limit depending on the service. + + --sort-by=[FIELD,...] + Comma-separated list of resource field key names to sort by. The + default order is ascending. Prefix a field with ``~'' for descending + order on that field. This flag interacts with other flags that are + applied in this order: --flatten, --sort-by, --filter, --limit. + + --uri + Print a list of resource URIs instead of the default output, and change + the command output to a list of URIs. If this flag is used with + --format, the formatting is applied on this URI list. To display URIs + alongside other keys instead, use the uri() transform. + GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, diff --git a/gcloud/network-security/firewall-endpoint-associations/create b/gcloud/network-security/firewall-endpoint-associations/create new file mode 100644 index 000000000..b811999a8 --- /dev/null +++ b/gcloud/network-security/firewall-endpoint-associations/create @@ -0,0 +1,166 @@ +NAME + gcloud network-security firewall-endpoint-associations create - create a + Firewall Plus endpoint association + +SYNOPSIS + gcloud network-security firewall-endpoint-associations create + [ASSOCIATION_ID] --network=NETWORK --zone=ZONE + (--endpoint=ENDPOINT + : --endpoint-zone=ENDPOINT_ZONE --organization=ORGANIZATION) + [--async] [--labels=[KEY=VALUE,...]] + [--max-wait=MAX_WAIT; default="60m"] + [--tls-inspection-policy=TLS_INSPECTION_POLICY + : --tls-inspection-policy-project=TLS_INSPECTION_POLICY_PROJECT + --tls-inspection-policy-region=TLS_INSPECTION_POLICY_REGION] + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Associate the specified network with the firewall endpoint. Successful + creation of a firewall endpoint association results in an association in + READY state. Check the progress of association creation by using gcloud + network-security firewall-endpoint-associations list. + + For more examples, refer to the EXAMPLES section below. + +EXAMPLES + To associate a network with a firewall endpoint, run: + + $ gcloud network-security firewall-endpoint-associations create \ + --network=projects/my-project/networks/global/myNetwork \ + --endpoint=organizations/1234/locations/us-central1-a/\ + firewallEndpoints/my-endpoint --zone=us-central1-a \ + --project=my-project + +POSITIONAL ARGUMENTS + [ASSOCIATION_ID] + Name to give the association. If not specified, an auto-generated UUID + will be used. + +REQUIRED FLAGS + Network resource - Firewall Plus. This represents a Cloud resource. (NOTE) + Some attributes are not given arguments in this group but can be set in + other ways. + + To set the project attribute: + ◆ provide the argument --network on the command line with a fully + specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + --network=NETWORK + ID of the network or fully qualified identifier for the network. + + To set the network-name attribute: + ▸ provide the argument --network on the command line. + + --zone=ZONE + Zone of a firewall endpoint association + + Firewall endpoint resource - Firewall Plus. The arguments in this group + can be used to specify the attributes of this resource. + + This must be specified. + + --endpoint=ENDPOINT + ID of the firewall endpoint or fully qualified identifier for the + firewall endpoint. + + To set the endpoint-name attribute: + ▸ provide the argument --endpoint on the command line. + + This flag argument must be specified if any of the other arguments in + this group are specified. + + --endpoint-zone=ENDPOINT_ZONE + Zone of the firewall endpoint. + + To set the endpoint-zone attribute: + ▸ provide the argument --endpoint on the command line with a fully + specified name; + ▸ provide the argument --endpoint-zone on the command line; + ▸ provide the argument --zone on the command line; + ▸ provide the argument FIREWALL_ENDPOINT_ASSOCIATION on the command + line with a fully specified name. + + --organization=ORGANIZATION + Organization ID to which the changes should apply. + + To set the organization attribute: + ▸ provide the argument --endpoint on the command line with a fully + specified name; + ▸ provide the argument --organization on the command line. + +OPTIONAL FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. The default is True. Enabled by default, use --no-async to + disable. + + --labels=[KEY=VALUE,...] + List of label KEY=VALUE pairs to add. + + Keys must start with a lowercase character and contain only hyphens + (-), underscores (_), lowercase characters, and numbers. Values must + contain only hyphens (-), underscores (_), lowercase characters, and + numbers. + + --max-wait=MAX_WAIT; default="60m" + Time to synchronously wait for the operation to complete, after which + the operation continues asynchronously. Ignored if --no-async isn't + specified. See $ gcloud topic datetimes for information on time + formats. + + TLS Inspection Policy resource - Path to TLS Inspection Policy + configuration to use for intercepting TLS-encrypted traffic in this + network. The arguments in this group can be used to specify the attributes + of this resource. + + --tls-inspection-policy=TLS_INSPECTION_POLICY + ID of the TLS Inspection Policy or fully qualified identifier for the + TLS Inspection Policy. + + To set the tls_inspection_policy attribute: + ▸ provide the argument --tls-inspection-policy on the command line. + + This flag argument must be specified if any of the other arguments in + this group are specified. + + --tls-inspection-policy-project=TLS_INSPECTION_POLICY_PROJECT + Project of the TLS Inspection Policy. + + To set the tls-inspection-policy-project attribute: + ▸ provide the argument --tls-inspection-policy on the command line + with a fully specified name; + ▸ provide the argument --tls-inspection-policy-project on the + command line; + ▸ provide the argument --project on the command line; + ▸ provide the argument FIREWALL_ENDPOINT_ASSOCIATION on the command + line with a fully specified name. + + --tls-inspection-policy-region=TLS_INSPECTION_POLICY_REGION + Region of the TLS Inspection Policy. NOTE: TLS Inspection Policy + needs to be in the same region as Firewall Plus endpoint resource. + + To set the tls-inspection-policy-region attribute: + ▸ provide the argument --tls-inspection-policy on the command line + with a fully specified name; + ▸ provide the argument --tls-inspection-policy-region on the + command line. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + These variants are also available: + + $ gcloud alpha network-security firewall-endpoint-associations create + + $ gcloud beta network-security firewall-endpoint-associations create + diff --git a/gcloud/network-security/firewall-endpoint-associations/delete b/gcloud/network-security/firewall-endpoint-associations/delete new file mode 100644 index 000000000..2a7a65df1 --- /dev/null +++ b/gcloud/network-security/firewall-endpoint-associations/delete @@ -0,0 +1,85 @@ +NAME + gcloud network-security firewall-endpoint-associations delete - delete a + Firewall Plus endpoint association + +SYNOPSIS + gcloud network-security firewall-endpoint-associations delete + (FIREWALL_ENDPOINT_ASSOCIATION : --zone=ZONE) [--async] + [--max-wait=MAX_WAIT; default="60m"] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Unassociate the specified network from a firewall endpoint. Check the + progress of association deletion by using gcloud network-security + firewall-endpoint-associations list. + + For more examples, refer to the EXAMPLES section below. + +EXAMPLES + To unassociate a network from a firewall, run: + + $ gcloud network-security firewall-endpoint-associations delete \ + my-assoc --zone=us-central1-a --project=my-project OR + $ gcloud network-security firewall-endpoint-associations delete \ + projects/my-project/locations/us-central1-a/\ + firewallEndpointAssociations/my-association + +POSITIONAL ARGUMENTS + Firewall endpoint association resource - Firewall Plus. The arguments in + this group can be used to specify the attributes of this resource. (NOTE) + Some attributes are not given arguments in this group but can be set in + other ways. + + To set the project attribute: + ◆ provide the argument FIREWALL_ENDPOINT_ASSOCIATION on the command + line with a fully specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + FIREWALL_ENDPOINT_ASSOCIATION + ID of the firewall endpoint association or fully qualified identifier + for the firewall endpoint association. + + To set the association-name attribute: + ▸ provide the argument FIREWALL_ENDPOINT_ASSOCIATION on the command + line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --zone=ZONE + Zone of the firewall endpoint association. + + To set the zone attribute: + ▸ provide the argument FIREWALL_ENDPOINT_ASSOCIATION on the command + line with a fully specified name; + ▸ provide the argument --zone on the command line. + +FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. The default is True. Enabled by default, use --no-async to + disable. + + --max-wait=MAX_WAIT; default="60m" + Time to synchronously wait for the operation to complete, after which + the operation continues asynchronously. Ignored if --no-async isn't + specified. See $ gcloud topic datetimes for information on time + formats. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + These variants are also available: + + $ gcloud alpha network-security firewall-endpoint-associations delete + + $ gcloud beta network-security firewall-endpoint-associations delete + diff --git a/gcloud/network-security/firewall-endpoint-associations/describe b/gcloud/network-security/firewall-endpoint-associations/describe new file mode 100644 index 000000000..4df656255 --- /dev/null +++ b/gcloud/network-security/firewall-endpoint-associations/describe @@ -0,0 +1,73 @@ +NAME + gcloud network-security firewall-endpoint-associations describe - describe + a Firewall Plus endpoint association + +SYNOPSIS + gcloud network-security firewall-endpoint-associations describe + (FIREWALL_ENDPOINT_ASSOCIATION : --zone=ZONE) [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Describe a firewall endpoint association. + + For more examples, refer to the EXAMPLES section below. + +EXAMPLES + To get a description of a firewall endpoint association called + my-association, run: + + $ gcloud network-security firewall-endpoint-associations describe \ + my-association --zone=us-central1-a --project=my-project OR + $ gcloud network-security firewall-endpoint-associations describe \ + projects/my-project/locations/us-central1-a/\ + firewallEndpointAssociations/my-association + +POSITIONAL ARGUMENTS + Firewall endpoint association resource - Firewall Plus. The arguments in + this group can be used to specify the attributes of this resource. (NOTE) + Some attributes are not given arguments in this group but can be set in + other ways. + + To set the project attribute: + ◆ provide the argument FIREWALL_ENDPOINT_ASSOCIATION on the command + line with a fully specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + FIREWALL_ENDPOINT_ASSOCIATION + ID of the firewall endpoint association or fully qualified identifier + for the firewall endpoint association. + + To set the association-name attribute: + ▸ provide the argument FIREWALL_ENDPOINT_ASSOCIATION on the command + line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --zone=ZONE + Zone of the firewall endpoint association. + + To set the zone attribute: + ▸ provide the argument FIREWALL_ENDPOINT_ASSOCIATION on the command + line with a fully specified name; + ▸ provide the argument --zone on the command line. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + These variants are also available: + + $ gcloud alpha network-security firewall-endpoint-associations \ + describe + + $ gcloud beta network-security firewall-endpoint-associations \ + describe + diff --git a/gcloud/network-security/firewall-endpoint-associations/help b/gcloud/network-security/firewall-endpoint-associations/help new file mode 100644 index 000000000..f1e186223 --- /dev/null +++ b/gcloud/network-security/firewall-endpoint-associations/help @@ -0,0 +1,41 @@ +NAME + gcloud network-security firewall-endpoint-associations - create and manage + Firewall Plus endpoint associations + +SYNOPSIS + gcloud network-security firewall-endpoint-associations COMMAND + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Create and manage Firewall Plus endpoint associations. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --help. + + Run $ gcloud help for details. + +COMMANDS + COMMAND is one of the following: + + create + Create a Firewall Plus endpoint association. + + delete + Delete a Firewall Plus endpoint association. + + describe + Describe a Firewall Plus endpoint association. + + list + List Firewall Plus endpoint associations. + + update + Update a Firewall Plus endpoint association. + +NOTES + These variants are also available: + + $ gcloud alpha network-security firewall-endpoint-associations + + $ gcloud beta network-security firewall-endpoint-associations + diff --git a/gcloud/network-security/firewall-endpoint-associations/list b/gcloud/network-security/firewall-endpoint-associations/list new file mode 100644 index 000000000..7f934bf39 --- /dev/null +++ b/gcloud/network-security/firewall-endpoint-associations/list @@ -0,0 +1,80 @@ +NAME + gcloud network-security firewall-endpoint-associations list - list Firewall + Plus endpoint associations + +SYNOPSIS + gcloud network-security firewall-endpoint-associations list + [--zone=ZONE; default="-"] [--filter=EXPRESSION] [--limit=LIMIT] + [--page-size=PAGE_SIZE] [--sort-by=[FIELD,...]] [--uri] + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + List firewall endpoint associations. + + For more examples, refer to the EXAMPLES section below. + +EXAMPLES + To list firewall endpoint associations, run: + + $ gcloud network-security firewall-endpoint-associations list \ + --zone=us-central1-a --project=my-project + + To list firewall endpoint associations in all zones, run: + + $ gcloud network-security firewall-endpoint-associations list \ + --project=my-project + + The project is automatically read from the core/project property if it is + defined. + +FLAGS + --zone=ZONE; default="-" + Zone for the list operation + +LIST COMMAND FLAGS + --filter=EXPRESSION + Apply a Boolean filter EXPRESSION to each resource item to be listed. + If the expression evaluates True, then that item is listed. For more + details and examples of filter expressions, run $ gcloud topic filters. + This flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --limit=LIMIT + Maximum number of resources to list. The default is unlimited. This + flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --page-size=PAGE_SIZE + Some services group resource list output into pages. This flag + specifies the maximum number of resources per page. The default is + determined by the service if it supports paging, otherwise it is + unlimited (no paging). Paging may be applied before or after --filter + and --limit depending on the service. + + --sort-by=[FIELD,...] + Comma-separated list of resource field key names to sort by. The + default order is ascending. Prefix a field with ``~'' for descending + order on that field. This flag interacts with other flags that are + applied in this order: --flatten, --sort-by, --filter, --limit. + + --uri + Print a list of resource URIs instead of the default output, and change + the command output to a list of URIs. If this flag is used with + --format, the formatting is applied on this URI list. To display URIs + alongside other keys instead, use the uri() transform. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + These variants are also available: + + $ gcloud alpha network-security firewall-endpoint-associations list + + $ gcloud beta network-security firewall-endpoint-associations list + diff --git a/gcloud/network-security/firewall-endpoint-associations/update b/gcloud/network-security/firewall-endpoint-associations/update new file mode 100644 index 000000000..496805301 --- /dev/null +++ b/gcloud/network-security/firewall-endpoint-associations/update @@ -0,0 +1,184 @@ +NAME + gcloud network-security firewall-endpoint-associations update - update a + Firewall Plus endpoint association + +SYNOPSIS + gcloud network-security firewall-endpoint-associations update + (FIREWALL_ENDPOINT_ASSOCIATION : --zone=ZONE) [--async] + [--max-wait=MAX_WAIT; default="60m"] + [--disabled | --update-labels=[KEY=VALUE,...] --clear-labels + | --remove-labels=[KEY,...] --no-tls-inspection-policy + | [--tls-inspection-policy=TLS_INSPECTION_POLICY + : --tls-inspection-policy-project=TLS_INSPECTION_POLICY_PROJECT + --tls-inspection-policy-region=TLS_INSPECTION_POLICY_REGION]] + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Update a firewall endpoint association. Check the progress of association + update by using gcloud network-security firewall-endpoint-associations + describe. + + For more examples, refer to the EXAMPLES section below. + +EXAMPLES + To update labels k1 and k2, run: + + $ gcloud network-security firewall-endpoint-associations update \ + my-assoc --zone=us-central1-a --project=my-proj \ + --update-labels=k1=v1,k2=v2 + + To remove labels k3 and k4, run: + + $ gcloud network-security firewall-endpoint-associations update \ + my-assoc --zone=us-central1-a --project=my-proj \ + --remove-labels=k3,k4 + + To clear all labels from the firewall endpoint association, run: + + $ gcloud network-security firewall-endpoint-associations update \ + my-assoc --zone=us-central1-a --project=my-proj --clear-labels + +POSITIONAL ARGUMENTS + Firewall endpoint association resource - Firewall Plus. The arguments in + this group can be used to specify the attributes of this resource. (NOTE) + Some attributes are not given arguments in this group but can be set in + other ways. + + To set the project attribute: + ◆ provide the argument FIREWALL_ENDPOINT_ASSOCIATION on the command + line with a fully specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + FIREWALL_ENDPOINT_ASSOCIATION + ID of the firewall endpoint association or fully qualified identifier + for the firewall endpoint association. + + To set the association-name attribute: + ▸ provide the argument FIREWALL_ENDPOINT_ASSOCIATION on the command + line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --zone=ZONE + Zone of the firewall endpoint association. + + To set the zone attribute: + ▸ provide the argument FIREWALL_ENDPOINT_ASSOCIATION on the command + line with a fully specified name; + ▸ provide the argument --zone on the command line. + +FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. The default is True. Enabled by default, use --no-async to + disable. + + --max-wait=MAX_WAIT; default="60m" + Time to synchronously wait for the operation to complete, after which + the operation continues asynchronously. Ignored if --no-async isn't + specified. See $ gcloud topic datetimes for information on time + formats. + + At most one of these can be specified: + + --disabled + Disable a firewall endpoint association. To enable a disabled + association, use: + + $ gcloud network-security firewall-endpoint-associations update \ + MY-ASSOCIATION --no-disabled + + --update-labels=[KEY=VALUE,...] + List of label KEY=VALUE pairs to update. If a label exists, its value + is modified. Otherwise, a new label is created. + + Keys must start with a lowercase character and contain only hyphens + (-), underscores (_), lowercase characters, and numbers. Values must + contain only hyphens (-), underscores (_), lowercase characters, and + numbers. + + At most one of these can be specified: + + --clear-labels + Remove all labels. If --update-labels is also specified then + --clear-labels is applied first. + + For example, to remove all labels: + + $ gcloud network-security firewall-endpoint-associations update \ + --clear-labels + + To remove all existing labels and create two new labels, foo and + baz: + + $ gcloud network-security firewall-endpoint-associations update \ + --clear-labels --update-labels foo=bar,baz=qux + + --remove-labels=[KEY,...] + List of label keys to remove. If a label does not exist it is + silently ignored. If --update-labels is also specified then + --update-labels is applied first. + + At most one of these can be specified: + + --no-tls-inspection-policy + Remove TLS inspection policy from this association. + + TLS Inspection Policy resource - Path to TLS Inspection Policy + configuration to use for intercepting TLS-encrypted traffic in this + network. The arguments in this group can be used to specify the + attributes of this resource. + + --tls-inspection-policy=TLS_INSPECTION_POLICY + ID of the TLS Inspection Policy or fully qualified identifier for + the TLS Inspection Policy. + + To set the tls_inspection_policy attribute: + ◇ provide the argument --tls-inspection-policy on the command + line. + + This flag argument must be specified if any of the other + arguments in this group are specified. + + --tls-inspection-policy-project=TLS_INSPECTION_POLICY_PROJECT + Project of the TLS Inspection Policy. + + To set the tls-inspection-policy-project attribute: + ◇ provide the argument --tls-inspection-policy on the command + line with a fully specified name; + ◇ provide the argument --tls-inspection-policy-project on the + command line; + ◇ provide the argument --project on the command line; + ◇ provide the argument FIREWALL_ENDPOINT_ASSOCIATION on the + command line with a fully specified name. + + --tls-inspection-policy-region=TLS_INSPECTION_POLICY_REGION + Region of the TLS Inspection Policy. NOTE: TLS Inspection Policy + needs to be in the same region as Firewall Plus endpoint + resource. + + To set the tls-inspection-policy-region attribute: + ◇ provide the argument --tls-inspection-policy on the command + line with a fully specified name; + ◇ provide the argument --tls-inspection-policy-region on the + command line. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + These variants are also available: + + $ gcloud alpha network-security firewall-endpoint-associations update + + $ gcloud beta network-security firewall-endpoint-associations update + diff --git a/gcloud/network-security/firewall-endpoints/create b/gcloud/network-security/firewall-endpoints/create new file mode 100644 index 000000000..13387bd1b --- /dev/null +++ b/gcloud/network-security/firewall-endpoints/create @@ -0,0 +1,101 @@ +NAME + gcloud network-security firewall-endpoints create - create a Firewall Plus + endpoint + +SYNOPSIS + gcloud network-security firewall-endpoints create + (FIREWALL_ENDPOINT : --organization=ORGANIZATION --zone=ZONE) + --billing-project=BILLING_PROJECT [--async] [--description=DESCRIPTION] + [--labels=[KEY=VALUE,...]] [--max-wait=MAX_WAIT; default="60m"] + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Create a firewall endpoint. Successful creation of an endpoint results in + an endpoint in READY state. Check the progress of endpoint creation by + using gcloud network-security firewall-endpoints list. + + For more examples, refer to the EXAMPLES section below. + +EXAMPLES + To create a firewall endpoint called my-endpoint, in zone us-central1-a and + organization ID 1234, run: + + $ gcloud network-security firewall-endpoints create my-endpoint \ + --zone=us-central1-a --organization=1234 + +POSITIONAL ARGUMENTS + Firewall endpoint resource - Firewall Plus. The arguments in this group + can be used to specify the attributes of this resource. + + This must be specified. + + FIREWALL_ENDPOINT + ID of the firewall endpoint or fully qualified identifier for the + firewall endpoint. + + To set the endpoint-name attribute: + ▸ provide the argument FIREWALL_ENDPOINT on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --organization=ORGANIZATION + Organization ID of the firewall endpoint. + + To set the organization attribute: + ▸ provide the argument FIREWALL_ENDPOINT on the command line with a + fully specified name; + ▸ provide the argument --organization on the command line. + + --zone=ZONE + Zone of the firewall endpoint. + + To set the zone attribute: + ▸ provide the argument FIREWALL_ENDPOINT on the command line with a + fully specified name; + ▸ provide the argument --zone on the command line. + +REQUIRED FLAGS + --billing-project=BILLING_PROJECT + The Google Cloud project ID to use for API enablement check, quota, and + endpoint uptime billing. Overrides the default billing/quota_project + property value for this command invocation. + +OPTIONAL FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. The default is True. Enabled by default, use --no-async to + disable. + + --description=DESCRIPTION + Description of the endpoint + + --labels=[KEY=VALUE,...] + List of label KEY=VALUE pairs to add. + + Keys must start with a lowercase character and contain only hyphens + (-), underscores (_), lowercase characters, and numbers. Values must + contain only hyphens (-), underscores (_), lowercase characters, and + numbers. + + --max-wait=MAX_WAIT; default="60m" + Time to synchronously wait for the operation to complete, after which + the operation continues asynchronously. Ignored if --no-async isn't + specified. See $ gcloud topic datetimes for information on time + formats. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + These variants are also available: + + $ gcloud alpha network-security firewall-endpoints create + + $ gcloud beta network-security firewall-endpoints create + diff --git a/gcloud/network-security/firewall-endpoints/delete b/gcloud/network-security/firewall-endpoints/delete new file mode 100644 index 000000000..77066c6e6 --- /dev/null +++ b/gcloud/network-security/firewall-endpoints/delete @@ -0,0 +1,87 @@ +NAME + gcloud network-security firewall-endpoints delete - delete a Firewall Plus + endpoint + +SYNOPSIS + gcloud network-security firewall-endpoints delete + (FIREWALL_ENDPOINT : --organization=ORGANIZATION --zone=ZONE) [--async] + [--max-wait=MAX_WAIT; default="60m"] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Delete a firewall endpoint. Check the progress of endpoint deletion by + using gcloud network-security firewall-endpoints list. + + For more examples, refer to the EXAMPLES section below. + +EXAMPLES + To delete a firewall endpoint called my-endpoint, in zone us-central1-a and + organization ID 1234, run: + + $ gcloud network-security firewall-endpoints delete my-endpoint \ + --zone=us-central1-a --organization=1234 + + OR + + $ gcloud network-security firewall-endpoints delete \ + organizations/1234/locations/us-central1-a/firewallEndpoints/\ + my-endpoint + +POSITIONAL ARGUMENTS + Firewall endpoint resource - Firewall Plus. The arguments in this group + can be used to specify the attributes of this resource. + + This must be specified. + + FIREWALL_ENDPOINT + ID of the firewall endpoint or fully qualified identifier for the + firewall endpoint. + + To set the endpoint-name attribute: + ▸ provide the argument FIREWALL_ENDPOINT on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --organization=ORGANIZATION + Organization ID of the firewall endpoint. + + To set the organization attribute: + ▸ provide the argument FIREWALL_ENDPOINT on the command line with a + fully specified name; + ▸ provide the argument --organization on the command line. + + --zone=ZONE + Zone of the firewall endpoint. + + To set the zone attribute: + ▸ provide the argument FIREWALL_ENDPOINT on the command line with a + fully specified name; + ▸ provide the argument --zone on the command line. + +FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. The default is True. Enabled by default, use --no-async to + disable. + + --max-wait=MAX_WAIT; default="60m" + Time to synchronously wait for the operation to complete, after which + the operation continues asynchronously. Ignored if --no-async isn't + specified. See $ gcloud topic datetimes for information on time + formats. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + These variants are also available: + + $ gcloud alpha network-security firewall-endpoints delete + + $ gcloud beta network-security firewall-endpoints delete + diff --git a/gcloud/network-security/firewall-endpoints/describe b/gcloud/network-security/firewall-endpoints/describe new file mode 100644 index 000000000..6b898f3b9 --- /dev/null +++ b/gcloud/network-security/firewall-endpoints/describe @@ -0,0 +1,74 @@ +NAME + gcloud network-security firewall-endpoints describe - describe a Firewall + Plus endpoint + +SYNOPSIS + gcloud network-security firewall-endpoints describe + (FIREWALL_ENDPOINT : --organization=ORGANIZATION --zone=ZONE) + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Describe a firewall endpoint. + + For more examples, refer to the EXAMPLES section below. + +EXAMPLES + To get a description of a firewall endpoint called my-endpoint in zone + us-central1-a and organization ID 1234, run: + + $ gcloud network-security firewall-endpoints describe my-endpoint \ + --zone=us-central1-a --organization=1234 + + OR + + $ gcloud network-security firewall-endpoints describe \ + organizations/1234/locations/us-central1-a/firewallEndpoints/\ + my-endpoint + +POSITIONAL ARGUMENTS + Firewall endpoint resource - Firewall Plus. The arguments in this group + can be used to specify the attributes of this resource. + + This must be specified. + + FIREWALL_ENDPOINT + ID of the firewall endpoint or fully qualified identifier for the + firewall endpoint. + + To set the endpoint-name attribute: + ▸ provide the argument FIREWALL_ENDPOINT on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --organization=ORGANIZATION + Organization ID of the firewall endpoint. + + To set the organization attribute: + ▸ provide the argument FIREWALL_ENDPOINT on the command line with a + fully specified name; + ▸ provide the argument --organization on the command line. + + --zone=ZONE + Zone of the firewall endpoint. + + To set the zone attribute: + ▸ provide the argument FIREWALL_ENDPOINT on the command line with a + fully specified name; + ▸ provide the argument --zone on the command line. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + These variants are also available: + + $ gcloud alpha network-security firewall-endpoints describe + + $ gcloud beta network-security firewall-endpoints describe + diff --git a/gcloud/network-security/firewall-endpoints/help b/gcloud/network-security/firewall-endpoints/help new file mode 100644 index 000000000..1f9c3ab51 --- /dev/null +++ b/gcloud/network-security/firewall-endpoints/help @@ -0,0 +1,40 @@ +NAME + gcloud network-security firewall-endpoints - create and manage Firewall + Plus endpoints + +SYNOPSIS + gcloud network-security firewall-endpoints COMMAND [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Create and manage Firewall Plus endpoints. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --help. + + Run $ gcloud help for details. + +COMMANDS + COMMAND is one of the following: + + create + Create a Firewall Plus endpoint. + + delete + Delete a Firewall Plus endpoint. + + describe + Describe a Firewall Plus endpoint. + + list + List Firewall Plus endpoints. + + update + Update a Firewall Plus endpoint. + +NOTES + These variants are also available: + + $ gcloud alpha network-security firewall-endpoints + + $ gcloud beta network-security firewall-endpoints + diff --git a/gcloud/network-security/firewall-endpoints/list b/gcloud/network-security/firewall-endpoints/list new file mode 100644 index 000000000..ff31deb8a --- /dev/null +++ b/gcloud/network-security/firewall-endpoints/list @@ -0,0 +1,74 @@ +NAME + gcloud network-security firewall-endpoints list - list Firewall Plus + endpoints + +SYNOPSIS + gcloud network-security firewall-endpoints list --organization=ORGANIZATION + --zone=ZONE [--filter=EXPRESSION] [--limit=LIMIT] + [--page-size=PAGE_SIZE] [--sort-by=[FIELD,...]] [--uri] + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + List firewall endpoints. + + For more examples, refer to the EXAMPLES section below. + +EXAMPLES + To list firewall endpoints in organization ID 1234, run: + + $ gcloud network-security firewall-endpoints list --organization=1234 + +REQUIRED FLAGS + --organization=ORGANIZATION + The organization for a list operation + + --zone=ZONE + The zone for a list operation + +LIST COMMAND FLAGS + --filter=EXPRESSION + Apply a Boolean filter EXPRESSION to each resource item to be listed. + If the expression evaluates True, then that item is listed. For more + details and examples of filter expressions, run $ gcloud topic filters. + This flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --limit=LIMIT + Maximum number of resources to list. The default is unlimited. This + flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --page-size=PAGE_SIZE + Some services group resource list output into pages. This flag + specifies the maximum number of resources per page. The default is + determined by the service if it supports paging, otherwise it is + unlimited (no paging). Paging may be applied before or after --filter + and --limit depending on the service. + + --sort-by=[FIELD,...] + Comma-separated list of resource field key names to sort by. The + default order is ascending. Prefix a field with ``~'' for descending + order on that field. This flag interacts with other flags that are + applied in this order: --flatten, --sort-by, --filter, --limit. + + --uri + Print a list of resource URIs instead of the default output, and change + the command output to a list of URIs. If this flag is used with + --format, the formatting is applied on this URI list. To display URIs + alongside other keys instead, use the uri() transform. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + These variants are also available: + + $ gcloud alpha network-security firewall-endpoints list + + $ gcloud beta network-security firewall-endpoints list + diff --git a/gcloud/network-security/firewall-endpoints/update b/gcloud/network-security/firewall-endpoints/update new file mode 100644 index 000000000..4ac341086 --- /dev/null +++ b/gcloud/network-security/firewall-endpoints/update @@ -0,0 +1,131 @@ +NAME + gcloud network-security firewall-endpoints update - update a Firewall Plus + endpoint + +SYNOPSIS + gcloud network-security firewall-endpoints update + (FIREWALL_ENDPOINT : --organization=ORGANIZATION --zone=ZONE) [--async] + [--description=DESCRIPTION] [--max-wait=MAX_WAIT; default="60m"] + [--update-billing-project=BILLING_PROJECT] + [--update-labels=[KEY=VALUE,...]] + [--clear-labels | --remove-labels=[KEY,...]] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Update a firewall endpoint. Check the progress of endpoint update by using + gcloud network-security firewall-endpoints describe. + + For more examples, refer to the EXAMPLES section below. + +EXAMPLES + To update labels k1 and k2, run: + + $ gcloud network-security firewall-endpoints update my-endpoint \ + --zone=us-central1-a --organization=1234 \ + --update-labels=k1=v1,k2=v2 + + To remove labels k3 and k4, run: + + $ gcloud network-security firewall-endpoints update my-endpoint \ + --zone=us-central1-a --organization=1234 --remove-labels=k3,k4 + + To clear all labels from the firewall endpoint, run: + + $ gcloud network-security firewall-endpoints update my-endpoint \ + --zone=us-central1-a --organization=1234 --clear-labels + +POSITIONAL ARGUMENTS + Firewall endpoint resource - Firewall Plus. The arguments in this group + can be used to specify the attributes of this resource. + + This must be specified. + + FIREWALL_ENDPOINT + ID of the firewall endpoint or fully qualified identifier for the + firewall endpoint. + + To set the endpoint-name attribute: + ▸ provide the argument FIREWALL_ENDPOINT on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --organization=ORGANIZATION + Organization ID of the firewall endpoint. + + To set the organization attribute: + ▸ provide the argument FIREWALL_ENDPOINT on the command line with a + fully specified name; + ▸ provide the argument --organization on the command line. + + --zone=ZONE + Zone of the firewall endpoint. + + To set the zone attribute: + ▸ provide the argument FIREWALL_ENDPOINT on the command line with a + fully specified name; + ▸ provide the argument --zone on the command line. + +FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. The default is True. Enabled by default, use --no-async to + disable. + + --description=DESCRIPTION + Description of the endpoint + + --max-wait=MAX_WAIT; default="60m" + Time to synchronously wait for the operation to complete, after which + the operation continues asynchronously. Ignored if --no-async isn't + specified. See $ gcloud topic datetimes for information on time + formats. + + --update-billing-project=BILLING_PROJECT + The Google Cloud project ID to use for API enablement check, quota, and + endpoint uptime billing. Overrides the default billing/quota_project + property value for this command invocation. + + --update-labels=[KEY=VALUE,...] + List of label KEY=VALUE pairs to update. If a label exists, its value + is modified. Otherwise, a new label is created. + + Keys must start with a lowercase character and contain only hyphens + (-), underscores (_), lowercase characters, and numbers. Values must + contain only hyphens (-), underscores (_), lowercase characters, and + numbers. + + At most one of these can be specified: + + --clear-labels + Remove all labels. If --update-labels is also specified then + --clear-labels is applied first. + + For example, to remove all labels: + + $ gcloud network-security firewall-endpoints update --clear-labels + + To remove all existing labels and create two new labels, foo and baz: + + $ gcloud network-security firewall-endpoints update --clear-labels \ + --update-labels foo=bar,baz=qux + + --remove-labels=[KEY,...] + List of label keys to remove. If a label does not exist it is + silently ignored. If --update-labels is also specified then + --update-labels is applied first. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + These variants are also available: + + $ gcloud alpha network-security firewall-endpoints update + + $ gcloud beta network-security firewall-endpoints update + diff --git a/gcloud/network-security/help b/gcloud/network-security/help index aab3f04d8..ba85bfe47 100644 --- a/gcloud/network-security/help +++ b/gcloud/network-security/help @@ -24,12 +24,24 @@ GROUPS client-tls-policies Manage Network Security ClientTlsPolicies. + firewall-endpoint-associations + Create and manage Firewall Plus endpoint associations. + + firewall-endpoints + Create and manage Firewall Plus endpoints. + gateway-security-policies Manage Network Security Gateway Security Policies. org-address-groups Manage Network Security AddressGroups. + security-profile-groups + Manage Network Security - Security Profile Groups. + + security-profiles + Manage Network Security - Security Profiles. + server-tls-policies Manage Network Security ServerTlsPolicies. diff --git a/gcloud/network-security/security-profile-groups/create b/gcloud/network-security/security-profile-groups/create new file mode 100644 index 000000000..278bb067d --- /dev/null +++ b/gcloud/network-security/security-profile-groups/create @@ -0,0 +1,138 @@ +NAME + gcloud network-security security-profile-groups create - create a new + Security Profile Group + +SYNOPSIS + gcloud network-security security-profile-groups create + (SECURITY_PROFILE_GROUP + : --location=LOCATION --organization=ORGANIZATION) + (--threat-prevention-profile=THREAT_PREVENTION_PROFILE + : --security-profile-location=SECURITY_PROFILE_LOCATION + --security-profile-organization=SECURITY_PROFILE_ORGANIZATION) + [--async] [--description=DESCRIPTION] [--labels=[KEY=VALUE,...]] + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Create a new Security Profile Group with the given name. + +EXAMPLES + To create a Security Profile Group with the name my-security-profile-group, + with a threat prevention profile using --threat-prevention-profile flag and + optional description as optional description, run: + + $ gcloud network-security security-profile-groups create \ + my-security-profile-group --organization=1234 \ + --location=global \ + --threat-prevention-profile=`organizations/1234/locations/\ + global/securityProfiles/my-security-profile` \ + --description='optional description' + +POSITIONAL ARGUMENTS + Security profile group resource - Security Profile Group Name. The + arguments in this group can be used to specify the attributes of this + resource. + + This must be specified. + + SECURITY_PROFILE_GROUP + ID of the security_profile_group or fully qualified identifier for + the security_profile_group. + + To set the security_profile_group attribute: + ▸ provide the argument SECURITY_PROFILE_GROUP on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + location of the security_profile_group - Global. + + To set the location attribute: + ▸ provide the argument SECURITY_PROFILE_GROUP on the command line + with a fully specified name; + ▸ provide the argument --location on the command line. + + --organization=ORGANIZATION + Organization ID of Security Profile Group + + To set the organization attribute: + ▸ provide the argument SECURITY_PROFILE_GROUP on the command line + with a fully specified name; + ▸ provide the argument --organization on the command line. + +REQUIRED FLAGS + Security Profile resource - Path to Security Profile resource. The + arguments in this group can be used to specify the attributes of this + resource. + + This must be specified. + + --threat-prevention-profile=THREAT_PREVENTION_PROFILE + ID of the Security Profile or fully qualified identifier for the + Security Profile. + + To set the security_profile attribute: + ▸ provide the argument --threat-prevention-profile on the command + line. + + This flag argument must be specified if any of the other arguments in + this group are specified. + + --security-profile-location=SECURITY_PROFILE_LOCATION + Location of the Security Profile. NOTE: Only global security profiles + are supported. + + To set the security-profile-location attribute: + ▸ provide the argument --threat-prevention-profile on the command + line with a fully specified name; + ▸ provide the argument --security-profile-location on the command + line; + ▸ provide the argument --location on the command line; + ▸ provide the argument + networksecurity.organizations.locations.securityProfileGroups on + the command line with a fully specified name. + + --security-profile-organization=SECURITY_PROFILE_ORGANIZATION + Organization ID of the Security Profile. + + To set the security-profile-organization attribute: + ▸ provide the argument --threat-prevention-profile on the command + line with a fully specified name; + ▸ provide the argument --security-profile-organization on the + command line; + ▸ provide the argument --organization on the command line; + ▸ provide the argument + networksecurity.organizations.locations.securityProfileGroups on + the command line with a fully specified name. + +OPTIONAL FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. The default is False. + + --description=DESCRIPTION + Brief description of the security profile group + + --labels=[KEY=VALUE,...] + List of label KEY=VALUE pairs to add. + + Keys must start with a lowercase character and contain only hyphens + (-), underscores (_), lowercase characters, and numbers. Values must + contain only hyphens (-), underscores (_), lowercase characters, and + numbers. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + These variants are also available: + + $ gcloud alpha network-security security-profile-groups create + + $ gcloud beta network-security security-profile-groups create + diff --git a/gcloud/network-security/security-profile-groups/delete b/gcloud/network-security/security-profile-groups/delete new file mode 100644 index 000000000..4404f3bef --- /dev/null +++ b/gcloud/network-security/security-profile-groups/delete @@ -0,0 +1,77 @@ +NAME + gcloud network-security security-profile-groups delete - delete a Security + Profile Group + +SYNOPSIS + gcloud network-security security-profile-groups delete + (SECURITY_PROFILE_GROUP + : --location=LOCATION --organization=ORGANIZATION) [--async] + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Delete the specified Security Profile Group. + +EXAMPLES + To delete an Security Profile Group called my-security-profile-group run: + + $ gcloud network-security security-profile-groups delete \ + my-security-profile-group --organization=1234 --location=global + +POSITIONAL ARGUMENTS + Security profile group resource - Name of the Security Profile Group you + want to delete. The arguments in this group can be used to specify the + attributes of this resource. + + This must be specified. + + SECURITY_PROFILE_GROUP + ID of the security_profile_group or fully qualified identifier for + the security_profile_group. + + To set the security_profile_group attribute: + ▸ provide the argument security_profile_group on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + Location ID of the resource. + + To set the location attribute: + ▸ provide the argument security_profile_group on the command line + with a fully specified name; + ▸ provide the argument --location on the command line; + ▸ use default global location . + + --organization=ORGANIZATION + Organization number. + + To set the organization attribute: + ▸ provide the argument security_profile_group on the command line + with a fully specified name; + ▸ provide the argument --organization on the command line. + +FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +API REFERENCE + This command uses the networksecurity/v1 API. The full documentation for + this API can be found at: https://cloud.google.com/networking + +NOTES + These variants are also available: + + $ gcloud alpha network-security security-profile-groups delete + + $ gcloud beta network-security security-profile-groups delete + diff --git a/gcloud/network-security/security-profile-groups/describe b/gcloud/network-security/security-profile-groups/describe new file mode 100644 index 000000000..20a9184fb --- /dev/null +++ b/gcloud/network-security/security-profile-groups/describe @@ -0,0 +1,73 @@ +NAME + gcloud network-security security-profile-groups describe - describe a + Security Profile Group + +SYNOPSIS + gcloud network-security security-profile-groups describe + (SECURITY_PROFILE_GROUP + : --location=LOCATION --organization=ORGANIZATION) + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Show details of a Security Profile Group. + +EXAMPLES + To show details of a Security Profile Group named my-security-profile-group + run: + + $ gcloud network-security security-profile-groups describe \ + my-security-profile-group --organization=1234 --location=global + +POSITIONAL ARGUMENTS + Security profile group resource - Name of the Security Profile Group to be + described. The arguments in this group can be used to specify the + attributes of this resource. + + This must be specified. + + SECURITY_PROFILE_GROUP + ID of the security_profile_group or fully qualified identifier for + the security_profile_group. + + To set the security_profile_group attribute: + ▸ provide the argument security_profile_group on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + Location ID of the resource. + + To set the location attribute: + ▸ provide the argument security_profile_group on the command line + with a fully specified name; + ▸ provide the argument --location on the command line; + ▸ use default global location . + + --organization=ORGANIZATION + Organization number. + + To set the organization attribute: + ▸ provide the argument security_profile_group on the command line + with a fully specified name; + ▸ provide the argument --organization on the command line. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +API REFERENCE + This command uses the networksecurity/v1 API. The full documentation for + this API can be found at: https://cloud.google.com/networking + +NOTES + These variants are also available: + + $ gcloud alpha network-security security-profile-groups describe + + $ gcloud beta network-security security-profile-groups describe + diff --git a/gcloud/network-security/security-profile-groups/help b/gcloud/network-security/security-profile-groups/help new file mode 100644 index 000000000..1019204b0 --- /dev/null +++ b/gcloud/network-security/security-profile-groups/help @@ -0,0 +1,85 @@ +NAME + gcloud network-security security-profile-groups - manage Network Security - + Security Profile Groups + +SYNOPSIS + gcloud network-security security-profile-groups COMMAND + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Manage Network Security - Security Profile Groups. + +EXAMPLES + To create a Security Profile Group with the name my-security-profile-group + (Either a fully specified path or --location and --organization flags for + SPG should be specified), --threat-prevention-profile my-security-profile + and optional description as optional description, run: + + $ gcloud network-security security-profile-groups create \ + my-security-profile-group --organization=1234 \ + --location=global \ + --threat-prevention-profile=`organizations/1234/locations/\ + global/securityProfiles/my-security-profile` \ + --description='optional description' + + To delete an Security Profile Group called my-security-profile-group + (Either a fully specified path or --location and --organization flags for + SPG should be specified) run: + + $ gcloud network-security security-profile-groups delete \ + my-security-profile-group --organization=1234 --location=global + + To show details of a Security Profile Group named my-security-profile-group + (Either a fully specified path or --location and --organization flags for + SPG should be specified) run: + + $ gcloud network-security security-profile-groups describe \ + my-security-profile-group --organization=1234 --location=global + + To list Security Profile Groups in specified location and organization, + run: + + $ gcloud network-security security-profile-groups list \ + --location=global + + To update an SPG with new Threat prevention profile my-new-security-profile + (Either a fully specified path or --location and --organization flags for + SPG should be specified), run: + + $ gcloud network-security security-profile-groups update \ + my-security-profile-group --organization=1234 \ + --location=global \ + --threat-prevention-profile=`organizations/1234/locations/\ + global/securityProfiles/my-new-security-profile` \ + --description='New Security Profile of type threat prevention' + +GCLOUD WIDE FLAGS + These flags are available to all commands: --help. + + Run $ gcloud help for details. + +COMMANDS + COMMAND is one of the following: + + create + Create a new Security Profile Group. + + delete + Delete a Security Profile Group. + + describe + Describe a Security Profile Group. + + list + List Security Profile groups. + + update + Update a Security Profile Group. + +NOTES + These variants are also available: + + $ gcloud alpha network-security security-profile-groups + + $ gcloud beta network-security security-profile-groups + diff --git a/gcloud/network-security/security-profile-groups/list b/gcloud/network-security/security-profile-groups/list new file mode 100644 index 000000000..6cc94edda --- /dev/null +++ b/gcloud/network-security/security-profile-groups/list @@ -0,0 +1,94 @@ +NAME + gcloud network-security security-profile-groups list - list Security + Profile groups + +SYNOPSIS + gcloud network-security security-profile-groups list + (--location=LOCATION : --organization=ORGANIZATION) + [--filter=EXPRESSION] [--limit=LIMIT] [--page-size=PAGE_SIZE] + [--sort-by=[FIELD,...]] [--uri] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + List all Security Profile Groups in the specified location. + +EXAMPLES + To list Security Profile Groups in specifed location, run: + + $ gcloud network-security security-profile-groups list \ + --location=global + +REQUIRED FLAGS + Location resource - The location of Security Profile Groups to display. + The arguments in this group can be used to specify the attributes of this + resource. + + This must be specified. + + --location=LOCATION + ID of the location or fully qualified identifier for the location. + + To set the location attribute: + ▸ provide the argument --location on the command line. + + This flag argument must be specified if any of the other arguments in + this group are specified. + + --organization=ORGANIZATION + Organization number. + + To set the organization attribute: + ▸ provide the argument --location on the command line with a fully + specified name; + ▸ provide the argument --organization on the command line. + +LIST COMMAND FLAGS + --filter=EXPRESSION + Apply a Boolean filter EXPRESSION to each resource item to be listed. + If the expression evaluates True, then that item is listed. For more + details and examples of filter expressions, run $ gcloud topic filters. + This flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --limit=LIMIT + Maximum number of resources to list. The default is unlimited. This + flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --page-size=PAGE_SIZE + Some services group resource list output into pages. This flag + specifies the maximum number of resources per page. The default is + determined by the service if it supports paging, otherwise it is + unlimited (no paging). Paging may be applied before or after --filter + and --limit depending on the service. + + --sort-by=[FIELD,...] + Comma-separated list of resource field key names to sort by. The + default order is ascending. Prefix a field with ``~'' for descending + order on that field. This flag interacts with other flags that are + applied in this order: --flatten, --sort-by, --filter, --limit. + + --uri + Print a list of resource URIs instead of the default output, and change + the command output to a list of URIs. If this flag is used with + --format, the formatting is applied on this URI list. To display URIs + alongside other keys instead, use the uri() transform. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +API REFERENCE + This command uses the networksecurity/v1 API. The full documentation for + this API can be found at: https://cloud.google.com/networking + +NOTES + These variants are also available: + + $ gcloud alpha network-security security-profile-groups list + + $ gcloud beta network-security security-profile-groups list + diff --git a/gcloud/network-security/security-profile-groups/update b/gcloud/network-security/security-profile-groups/update new file mode 100644 index 000000000..44d5b7a9e --- /dev/null +++ b/gcloud/network-security/security-profile-groups/update @@ -0,0 +1,157 @@ +NAME + gcloud network-security security-profile-groups update - update a Security + Profile Group + +SYNOPSIS + gcloud network-security security-profile-groups update + (SECURITY_PROFILE_GROUP + : --location=LOCATION --organization=ORGANIZATION) [--async] + [--description=DESCRIPTION] [--update-labels=[KEY=VALUE,...]] + [--clear-labels | --remove-labels=[KEY,...]] + [--threat-prevention-profile=THREAT_PREVENTION_PROFILE + : --security-profile-location=SECURITY_PROFILE_LOCATION + --security-profile-organization=SECURITY_PROFILE_ORGANIZATION] + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Update details of a Security Profile Group. + +EXAMPLES + To update a Security Profile Group with new threat prevention profile + my-new-security-profile, run: + + $ gcloud network-security security-profile-groups update \ + my-security-profile-group --organization=1234 \ + --location=global \ + --threat-prevention-profile=`organizations/1234/locations/\ + global/securityProfiles/my-new-security-profile` \ + --description='New Security Profile of type threat prevention' + +POSITIONAL ARGUMENTS + Security profile group resource - Security Profile Group Name. The + arguments in this group can be used to specify the attributes of this + resource. + + This must be specified. + + SECURITY_PROFILE_GROUP + ID of the security_profile_group or fully qualified identifier for + the security_profile_group. + + To set the security_profile_group attribute: + ▸ provide the argument SECURITY_PROFILE_GROUP on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + location of the security_profile_group - Global. + + To set the location attribute: + ▸ provide the argument SECURITY_PROFILE_GROUP on the command line + with a fully specified name; + ▸ provide the argument --location on the command line. + + --organization=ORGANIZATION + Organization ID of Security Profile Group + + To set the organization attribute: + ▸ provide the argument SECURITY_PROFILE_GROUP on the command line + with a fully specified name; + ▸ provide the argument --organization on the command line. + +FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. The default is False. + + --description=DESCRIPTION + Brief description of the security profile group + + --update-labels=[KEY=VALUE,...] + List of label KEY=VALUE pairs to update. If a label exists, its value + is modified. Otherwise, a new label is created. + + Keys must start with a lowercase character and contain only hyphens + (-), underscores (_), lowercase characters, and numbers. Values must + contain only hyphens (-), underscores (_), lowercase characters, and + numbers. + + At most one of these can be specified: + + --clear-labels + Remove all labels. If --update-labels is also specified then + --clear-labels is applied first. + + For example, to remove all labels: + + $ gcloud network-security security-profile-groups update \ + --clear-labels + + To remove all existing labels and create two new labels, foo and baz: + + $ gcloud network-security security-profile-groups update \ + --clear-labels --update-labels foo=bar,baz=qux + + --remove-labels=[KEY,...] + List of label keys to remove. If a label does not exist it is + silently ignored. If --update-labels is also specified then + --update-labels is applied first. + + Security Profile resource - Path to Security Profile resource. The + arguments in this group can be used to specify the attributes of this + resource. + + --threat-prevention-profile=THREAT_PREVENTION_PROFILE + ID of the Security Profile or fully qualified identifier for the + Security Profile. + + To set the security_profile attribute: + ▸ provide the argument --threat-prevention-profile on the command + line. + + This flag argument must be specified if any of the other arguments in + this group are specified. + + --security-profile-location=SECURITY_PROFILE_LOCATION + Location of the Security Profile. NOTE: Only global security profiles + are supported. + + To set the security-profile-location attribute: + ▸ provide the argument --threat-prevention-profile on the command + line with a fully specified name; + ▸ provide the argument --security-profile-location on the command + line; + ▸ provide the argument --location on the command line; + ▸ provide the argument + networksecurity.organizations.locations.securityProfileGroups on + the command line with a fully specified name. + + --security-profile-organization=SECURITY_PROFILE_ORGANIZATION + Organization ID of the Security Profile. + + To set the security-profile-organization attribute: + ▸ provide the argument --threat-prevention-profile on the command + line with a fully specified name; + ▸ provide the argument --security-profile-organization on the + command line; + ▸ provide the argument --organization on the command line; + ▸ provide the argument + networksecurity.organizations.locations.securityProfileGroups on + the command line with a fully specified name. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + These variants are also available: + + $ gcloud alpha network-security security-profile-groups update + + $ gcloud beta network-security security-profile-groups update + diff --git a/gcloud/network-security/security-profiles/help b/gcloud/network-security/security-profiles/help new file mode 100644 index 000000000..a6678e0ac --- /dev/null +++ b/gcloud/network-security/security-profiles/help @@ -0,0 +1,28 @@ +NAME + gcloud network-security security-profiles - manage Network Security - + Security Profiles + +SYNOPSIS + gcloud network-security security-profiles GROUP [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Manage Network Security - Security Profiles. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --help. + + Run $ gcloud help for details. + +GROUPS + GROUP is one of the following: + + threat-prevention + Manage Security Profiles - Threat Prevention Profile. + +NOTES + These variants are also available: + + $ gcloud alpha network-security security-profiles + + $ gcloud beta network-security security-profiles + diff --git a/gcloud/network-security/security-profiles/threat-prevention/add-override b/gcloud/network-security/security-profiles/threat-prevention/add-override new file mode 100644 index 000000000..be37bfda7 --- /dev/null +++ b/gcloud/network-security/security-profiles/threat-prevention/add-override @@ -0,0 +1,133 @@ +NAME + gcloud network-security security-profiles threat-prevention add-override - + add overrides to Threat Prevention Profile + +SYNOPSIS + gcloud network-security security-profiles threat-prevention add-override + (SECURITY_PROFILE : --location=LOCATION --organization=ORGANIZATION) + --action=ACTION + (--severities=[SEVERITY_LEVEL,...] | --threat-ids=[THREAT-ID,...]) + [--async] [--update-labels=[KEY=VALUE,...]] + [--clear-labels | --remove-labels=[KEY,...]] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Add severities or threat-ids to existing threat prevention profile with + intended action on each specified. Check the updates of add-override + command by using gcloud network-security security-profiles + threat-prevention list-override my-security-profile. + + For more examples, refer to the EXAMPLES section below. + +EXAMPLES + To add an override, run: + + $ gcloud network-security security-profiles threat-prevention \ + add-override my-security-profile --severities=MEDIUM \ + --action=ALLOW + + my-security-profile is the name of the Security Profile in the format + organizations/{organizationID}/locations/{location}/securityProfiles/ + {security_profile_id} where organizationID is the organization ID to which + the changes should apply, location - global specified and + security_profile_id the Security Profile Identifier + +POSITIONAL ARGUMENTS + Security profile resource - Security Profile Name. The arguments in this + group can be used to specify the attributes of this resource. + + This must be specified. + + SECURITY_PROFILE + ID of the security_profile or fully qualified identifier for the + security_profile. + + To set the security_profile attribute: + ▸ provide the argument security_profile on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + location of the security_profile - Global. + + To set the location attribute: + ▸ provide the argument security_profile on the command line with a + fully specified name; + ▸ provide the argument --location on the command line. + + --organization=ORGANIZATION + Organization ID to which the changes should apply. + + To set the organization attribute: + ▸ provide the argument security_profile on the command line with a + fully specified name; + ▸ provide the argument --organization on the command line. + +REQUIRED FLAGS + --action=ACTION + Action associated with severity or threat-id. ACTION must be one of: + DEFAULT, ALLOW, ALERT, DENY. + + Exactly one of these must be specified: + + --severities=[SEVERITY_LEVEL,...] + List of comma-separated severities where each value in the list + indicates the severity of the threat. + + --threat-ids=[THREAT-ID,...] + List of comma-separated threat identifiers where each identifier in + the list is a vendor-specified Signature ID representing a threat + type. + +OPTIONAL FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. The default is False. + + --update-labels=[KEY=VALUE,...] + List of label KEY=VALUE pairs to update. If a label exists, its value + is modified. Otherwise, a new label is created. + + Keys must start with a lowercase character and contain only hyphens + (-), underscores (_), lowercase characters, and numbers. Values must + contain only hyphens (-), underscores (_), lowercase characters, and + numbers. + + At most one of these can be specified: + + --clear-labels + Remove all labels. If --update-labels is also specified then + --clear-labels is applied first. + + For example, to remove all labels: + + $ gcloud network-security security-profiles threat-prevention \ + add-override --clear-labels + + To remove all existing labels and create two new labels, foo and baz: + + $ gcloud network-security security-profiles threat-prevention \ + add-override --clear-labels --update-labels foo=bar,baz=qux + + --remove-labels=[KEY,...] + List of label keys to remove. If a label does not exist it is + silently ignored. If --update-labels is also specified then + --update-labels is applied first. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + These variants are also available: + + $ gcloud alpha network-security security-profiles \ + threat-prevention add-override + + $ gcloud beta network-security security-profiles threat-prevention \ + add-override + diff --git a/gcloud/network-security/security-profiles/threat-prevention/create b/gcloud/network-security/security-profiles/threat-prevention/create new file mode 100644 index 000000000..648a5f59b --- /dev/null +++ b/gcloud/network-security/security-profiles/threat-prevention/create @@ -0,0 +1,85 @@ +NAME + gcloud network-security security-profiles threat-prevention create - create + a new Threat Prevention Profile + +SYNOPSIS + gcloud network-security security-profiles threat-prevention create + (SECURITY_PROFILE : --location=LOCATION --organization=ORGANIZATION) + [--async] [--description=DESCRIPTION] [--labels=[KEY=VALUE,...]] + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Create a new Security Profile with the given name. + +EXAMPLES + To create a Security Profile with the name my-security-profile and an + optional description as New Security Profile, run: + + $ gcloud network-security security-profiles threat-prevention \ + create my-security-profile --description="New Security Profile" + +POSITIONAL ARGUMENTS + Security profile resource - Security Profile Name. The arguments in this + group can be used to specify the attributes of this resource. + + This must be specified. + + SECURITY_PROFILE + ID of the security_profile or fully qualified identifier for the + security_profile. + + To set the security_profile attribute: + ▸ provide the argument security_profile on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + location of the security_profile - Global. + + To set the location attribute: + ▸ provide the argument security_profile on the command line with a + fully specified name; + ▸ provide the argument --location on the command line. + + --organization=ORGANIZATION + Organization ID to which the changes should apply. + + To set the organization attribute: + ▸ provide the argument security_profile on the command line with a + fully specified name; + ▸ provide the argument --organization on the command line. + +FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. The default is False. + + --description=DESCRIPTION + Brief description of the security profile + + --labels=[KEY=VALUE,...] + List of label KEY=VALUE pairs to add. + + Keys must start with a lowercase character and contain only hyphens + (-), underscores (_), lowercase characters, and numbers. Values must + contain only hyphens (-), underscores (_), lowercase characters, and + numbers. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + These variants are also available: + + $ gcloud alpha network-security security-profiles \ + threat-prevention create + + $ gcloud beta network-security security-profiles threat-prevention \ + create + diff --git a/gcloud/network-security/security-profiles/threat-prevention/delete b/gcloud/network-security/security-profiles/threat-prevention/delete new file mode 100644 index 000000000..c5d9f7572 --- /dev/null +++ b/gcloud/network-security/security-profiles/threat-prevention/delete @@ -0,0 +1,78 @@ +NAME + gcloud network-security security-profiles threat-prevention delete - delete + a Security Profile + +SYNOPSIS + gcloud network-security security-profiles threat-prevention delete + (SECURITY_PROFILE : --location=LOCATION --organization=ORGANIZATION) + [--async] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Delete the specified Security Profile. + +EXAMPLES + To delete a Security Profile called my-security-profile run: + + $ gcloud network-security security-profiles threat-prevention \ + delete my-security-profile + +POSITIONAL ARGUMENTS + Security profile resource - Name of the Security Profile you want to + delete. The arguments in this group can be used to specify the attributes + of this resource. + + This must be specified. + + SECURITY_PROFILE + ID of the security_profile or fully qualified identifier for the + security_profile. + + To set the security_profile attribute: + ▸ provide the argument security_profile on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + Location ID of the resource. + + To set the location attribute: + ▸ provide the argument security_profile on the command line with a + fully specified name; + ▸ provide the argument --location on the command line; + ▸ use default global location . + + --organization=ORGANIZATION + Organization number. + + To set the organization attribute: + ▸ provide the argument security_profile on the command line with a + fully specified name; + ▸ provide the argument --organization on the command line. + +FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +API REFERENCE + This command uses the networksecurity/v1 API. The full documentation for + this API can be found at: https://cloud.google.com/networking + +NOTES + These variants are also available: + + $ gcloud alpha network-security security-profiles \ + threat-prevention delete + + $ gcloud beta network-security security-profiles threat-prevention \ + delete + diff --git a/gcloud/network-security/security-profiles/threat-prevention/delete-override b/gcloud/network-security/security-profiles/threat-prevention/delete-override new file mode 100644 index 000000000..92b0b3471 --- /dev/null +++ b/gcloud/network-security/security-profiles/threat-prevention/delete-override @@ -0,0 +1,127 @@ +NAME + gcloud network-security security-profiles threat-prevention delete-override + - delete overrides of Threat Prevention Profile + +SYNOPSIS + gcloud network-security security-profiles threat-prevention delete-override + (SECURITY_PROFILE : --location=LOCATION --organization=ORGANIZATION) + (--severities=[SEVERITY_LEVEL,...] | --threat-ids=[THREAT-ID,...]) + [--async] [--update-labels=[KEY=VALUE,...]] + [--clear-labels | --remove-labels=[KEY,...]] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + To delete existing severities or threat-ids of threat prevention profile. + Check the updates of update-override command by using gcloud + network-security security-profiles threat-prevention list-override + my-security-profile. + + For more examples, refer to the EXAMPLES section below. + +EXAMPLES + To delete an override, run: + + $ gcloud network-security security-profiles threat-prevention \ + delete-override my-security-profile --severities=MEDIUM + + my-security-profile is the name of the Security Profile in the format + organizations/{organizationID}/locations/{location}/securityProfiles/ + {security_profile_id} where organizationID is the organization ID to which + the changes should apply, location - global specified and + security_profile_id the Security Profile Identifier + +POSITIONAL ARGUMENTS + Security profile resource - Security Profile Name. The arguments in this + group can be used to specify the attributes of this resource. + + This must be specified. + + SECURITY_PROFILE + ID of the security_profile or fully qualified identifier for the + security_profile. + + To set the security_profile attribute: + ▸ provide the argument security_profile on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + location of the security_profile - Global. + + To set the location attribute: + ▸ provide the argument security_profile on the command line with a + fully specified name; + ▸ provide the argument --location on the command line. + + --organization=ORGANIZATION + Organization ID to which the changes should apply. + + To set the organization attribute: + ▸ provide the argument security_profile on the command line with a + fully specified name; + ▸ provide the argument --organization on the command line. + +REQUIRED FLAGS + Exactly one of these must be specified: + + --severities=[SEVERITY_LEVEL,...] + List of comma-separated severities where each value in the list + indicates the severity of the threat. + + --threat-ids=[THREAT-ID,...] + List of comma-separated threat identifiers where each identifier in + the list is a vendor-specified Signature ID representing a threat + type. + +OPTIONAL FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. The default is False. + + --update-labels=[KEY=VALUE,...] + List of label KEY=VALUE pairs to update. If a label exists, its value + is modified. Otherwise, a new label is created. + + Keys must start with a lowercase character and contain only hyphens + (-), underscores (_), lowercase characters, and numbers. Values must + contain only hyphens (-), underscores (_), lowercase characters, and + numbers. + + At most one of these can be specified: + + --clear-labels + Remove all labels. If --update-labels is also specified then + --clear-labels is applied first. + + For example, to remove all labels: + + $ gcloud network-security security-profiles threat-prevention \ + delete-override --clear-labels + + To remove all existing labels and create two new labels, foo and baz: + + $ gcloud network-security security-profiles threat-prevention \ + delete-override --clear-labels --update-labels foo=bar,baz=qux + + --remove-labels=[KEY,...] + List of label keys to remove. If a label does not exist it is + silently ignored. If --update-labels is also specified then + --update-labels is applied first. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + These variants are also available: + + $ gcloud alpha network-security security-profiles \ + threat-prevention delete-override + + $ gcloud beta network-security security-profiles threat-prevention \ + delete-override + diff --git a/gcloud/network-security/security-profiles/threat-prevention/help b/gcloud/network-security/security-profiles/threat-prevention/help new file mode 100644 index 000000000..a9a0346a7 --- /dev/null +++ b/gcloud/network-security/security-profiles/threat-prevention/help @@ -0,0 +1,112 @@ +NAME + gcloud network-security security-profiles threat-prevention - manage + Security Profiles - Threat Prevention Profile + +SYNOPSIS + gcloud network-security security-profiles threat-prevention COMMAND + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Manage Security Profiles - Threat Prevention Profile. + +EXAMPLES + To create a Security Profile with the name my-security-profile which + includes location as global or region specified and organization ID, + optional description as New Security Profile, run: + + $ gcloud network-security security-profiles threat-prevention \ + create my-security-profile --description="New Security Profile" + + To add an override, run: + + $ gcloud network-security security-profiles threat-prevention \ + add-override my-security-profile --severities=MEDIUM \ + --action=ALLOW + + `my-security-profile` is the name of the Security Profile in the + format organizations/{organizationID}/locations/{location}/securityProfiles/ + {security_profile_id} where organizationID is the organization ID to which + the changes should apply, location either global or region specified and + security_profile_id the Security Profile Identifier. + + To update an override, run: + + $ gcloud network-security security-profiles threat-prevention \ + update-override my-security-profile --severities=MEDIUM \ + --action=ALLOW + + `my-security-profile` is the name of the Security Profile in the + format organizations/{organizationID}/locations/{location}/securityProfiles/ + {security_profile_id} where organizationID is the organization ID to which + the changes should apply, location either global or region specified and + security_profile_id the Security Profile Identifier. + + To list overrides, run: + + $ gcloud network-security security-profiles threat-prevention \ + list-overrides my-security-profile + + `my-security-profile` is the name of the Security Profile in the + format organizations/{organizationID}/locations/{location}/securityProfiles/ + {security_profile_id} where organizationID is the organization ID to which + the changes should apply, location either global or region specified and + security_profile_id the Security Profile Identifier. + + To delete an override, run: + + $ gcloud network-security security-profiles threat-prevention \ + delete-override my-security-profile --severities=MEDIUM + + `my-security-profile` is the name of the Security Profile in the + format organizations/{organizationID}/locations/{location}/securityProfiles/ + {security_profile_id} where organizationID is the organization ID to which + the changes should apply, location either global or region specified and + security_profile_id the Security Profile Identifier. + + To list Security Profiles in specified location and organization, run: + + $ gcloud network-security security-profiles threat-prevention list \ + --location=global + + To delete a Security Profile called my-security-profile which includes + location as global or region specified and organization ID, run: + + $ gcloud network-security security-profiles threat-prevention \ + delete my-security-profile + +GCLOUD WIDE FLAGS + These flags are available to all commands: --help. + + Run $ gcloud help for details. + +COMMANDS + COMMAND is one of the following: + + add-override + Add overrides to Threat Prevention Profile. + + create + Create a new Threat Prevention Profile. + + delete + Delete a Security Profile. + + delete-override + Delete overrides of Threat Prevention Profile. + + list + List Security Profiles. + + list-overrides + List overrides of Threat Prevention Profile. + + update-override + Update Overrides of Threat Prevention Profile. + +NOTES + These variants are also available: + + $ gcloud alpha network-security security-profiles threat-prevention + + $ gcloud beta network-security security-profiles threat-prevention + diff --git a/gcloud/network-security/security-profiles/threat-prevention/list b/gcloud/network-security/security-profiles/threat-prevention/list new file mode 100644 index 000000000..d646a9b5b --- /dev/null +++ b/gcloud/network-security/security-profiles/threat-prevention/list @@ -0,0 +1,96 @@ +NAME + gcloud network-security security-profiles threat-prevention list - list + Security Profiles + +SYNOPSIS + gcloud network-security security-profiles threat-prevention list + (--location=LOCATION : --organization=ORGANIZATION) + [--filter=EXPRESSION] [--limit=LIMIT] [--page-size=PAGE_SIZE] + [--sort-by=[FIELD,...]] [--uri] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + List all Security Profiles in the specified location. + +EXAMPLES + To list Security Profiles in specifed location run: + + $ gcloud network-security security-profiles threat-prevention list \ + --location=global + +REQUIRED FLAGS + Location resource - The organization of Security Profiles to display. The + arguments in this group can be used to specify the attributes of this + resource. + + This must be specified. + + --location=LOCATION + ID of the location or fully qualified identifier for the location. + + To set the location attribute: + ▸ provide the argument --location on the command line. + + This flag argument must be specified if any of the other arguments in + this group are specified. + + --organization=ORGANIZATION + Organization number. + + To set the organization attribute: + ▸ provide the argument --location on the command line with a fully + specified name; + ▸ provide the argument --organization on the command line. + +LIST COMMAND FLAGS + --filter=EXPRESSION + Apply a Boolean filter EXPRESSION to each resource item to be listed. + If the expression evaluates True, then that item is listed. For more + details and examples of filter expressions, run $ gcloud topic filters. + This flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --limit=LIMIT + Maximum number of resources to list. The default is unlimited. This + flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --page-size=PAGE_SIZE + Some services group resource list output into pages. This flag + specifies the maximum number of resources per page. The default is + determined by the service if it supports paging, otherwise it is + unlimited (no paging). Paging may be applied before or after --filter + and --limit depending on the service. + + --sort-by=[FIELD,...] + Comma-separated list of resource field key names to sort by. The + default order is ascending. Prefix a field with ``~'' for descending + order on that field. This flag interacts with other flags that are + applied in this order: --flatten, --sort-by, --filter, --limit. + + --uri + Print a list of resource URIs instead of the default output, and change + the command output to a list of URIs. If this flag is used with + --format, the formatting is applied on this URI list. To display URIs + alongside other keys instead, use the uri() transform. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +API REFERENCE + This command uses the networksecurity/v1 API. The full documentation for + this API can be found at: https://cloud.google.com/networking + +NOTES + These variants are also available: + + $ gcloud alpha network-security security-profiles \ + threat-prevention list + + $ gcloud beta network-security security-profiles threat-prevention \ + list + diff --git a/gcloud/network-security/security-profiles/threat-prevention/list-overrides b/gcloud/network-security/security-profiles/threat-prevention/list-overrides new file mode 100644 index 000000000..206802156 --- /dev/null +++ b/gcloud/network-security/security-profiles/threat-prevention/list-overrides @@ -0,0 +1,75 @@ +NAME + gcloud network-security security-profiles threat-prevention list-overrides + - list overrides of Threat Prevention Profile + +SYNOPSIS + gcloud network-security security-profiles threat-prevention list-overrides + (SECURITY_PROFILE : --location=LOCATION --organization=ORGANIZATION) + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + To list existing severities or threat-ids of threat prevention profile. + + For more examples, refer to the EXAMPLES section below. + +EXAMPLES + To list overrides, run: + + $ gcloud network-security security-profiles threat-prevention \ + list-overrides my-security-profile + + my-security-profile is the name of the Security Profile in the format + organizations/{organizationID}/locations/{location}/securityProfiles/ + {security_profile_id} where organizationID is the organization ID to which + the changes should apply, location - global specified and + security_profile_id the Security Profile Identifier + +POSITIONAL ARGUMENTS + Security profile resource - Security Profile Name. The arguments in this + group can be used to specify the attributes of this resource. + + This must be specified. + + SECURITY_PROFILE + ID of the security_profile or fully qualified identifier for the + security_profile. + + To set the security_profile attribute: + ▸ provide the argument security_profile on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + location of the security_profile - Global. + + To set the location attribute: + ▸ provide the argument security_profile on the command line with a + fully specified name; + ▸ provide the argument --location on the command line. + + --organization=ORGANIZATION + Organization ID to which the changes should apply. + + To set the organization attribute: + ▸ provide the argument security_profile on the command line with a + fully specified name; + ▸ provide the argument --organization on the command line. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + These variants are also available: + + $ gcloud alpha network-security security-profiles \ + threat-prevention list-overrides + + $ gcloud beta network-security security-profiles threat-prevention \ + list-overrides + diff --git a/gcloud/network-security/security-profiles/threat-prevention/update-override b/gcloud/network-security/security-profiles/threat-prevention/update-override new file mode 100644 index 000000000..1882cd2e0 --- /dev/null +++ b/gcloud/network-security/security-profiles/threat-prevention/update-override @@ -0,0 +1,133 @@ +NAME + gcloud network-security security-profiles threat-prevention update-override + - update Overrides of Threat Prevention Profile + +SYNOPSIS + gcloud network-security security-profiles threat-prevention update-override + (SECURITY_PROFILE : --location=LOCATION --organization=ORGANIZATION) + --action=ACTION + (--severities=[SEVERITY_LEVEL,...] | --threat-ids=[THREAT-ID,...]) + [--async] [--update-labels=[KEY=VALUE,...]] + [--clear-labels | --remove-labels=[KEY,...]] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + To update existing severities or threat-ids of threat prevention profile + with intended action on each specified. Check the updates of + update-override command by using gcloud network-security security-profiles + threat-prevention list-override my-security-profile. + + For more examples, refer to the EXAMPLES section below. + +EXAMPLES + To update an override, run: + + $ gcloud network-security security-profiles threat-prevention \ + update-override my-security-profile --severities=MEDIUM \ + --action=ALLOW + + my-security-profile is the name of the Security Profile in the format + organizations/{organizationID}/locations/{location}/securityProfiles/ + {security_profile_id} where organizationID is the organization ID to which + the changes should apply, location - global specified and + security_profile_id the Security Profile Identifier + +POSITIONAL ARGUMENTS + Security profile resource - Security Profile Name. The arguments in this + group can be used to specify the attributes of this resource. + + This must be specified. + + SECURITY_PROFILE + ID of the security_profile or fully qualified identifier for the + security_profile. + + To set the security_profile attribute: + ▸ provide the argument security_profile on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + location of the security_profile - Global. + + To set the location attribute: + ▸ provide the argument security_profile on the command line with a + fully specified name; + ▸ provide the argument --location on the command line. + + --organization=ORGANIZATION + Organization ID to which the changes should apply. + + To set the organization attribute: + ▸ provide the argument security_profile on the command line with a + fully specified name; + ▸ provide the argument --organization on the command line. + +REQUIRED FLAGS + --action=ACTION + Action associated with severity or threat-id. ACTION must be one of: + DEFAULT, ALLOW, ALERT, DENY. + + Exactly one of these must be specified: + + --severities=[SEVERITY_LEVEL,...] + List of comma-separated severities where each value in the list + indicates the severity of the threat. + + --threat-ids=[THREAT-ID,...] + List of comma-separated threat identifiers where each identifier in + the list is a vendor-specified Signature ID representing a threat + type. + +OPTIONAL FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. The default is False. + + --update-labels=[KEY=VALUE,...] + List of label KEY=VALUE pairs to update. If a label exists, its value + is modified. Otherwise, a new label is created. + + Keys must start with a lowercase character and contain only hyphens + (-), underscores (_), lowercase characters, and numbers. Values must + contain only hyphens (-), underscores (_), lowercase characters, and + numbers. + + At most one of these can be specified: + + --clear-labels + Remove all labels. If --update-labels is also specified then + --clear-labels is applied first. + + For example, to remove all labels: + + $ gcloud network-security security-profiles threat-prevention \ + update-override --clear-labels + + To remove all existing labels and create two new labels, foo and baz: + + $ gcloud network-security security-profiles threat-prevention \ + update-override --clear-labels --update-labels foo=bar,baz=qux + + --remove-labels=[KEY,...] + List of label keys to remove. If a label does not exist it is + silently ignored. If --update-labels is also specified then + --update-labels is applied first. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + These variants are also available: + + $ gcloud alpha network-security security-profiles \ + threat-prevention update-override + + $ gcloud beta network-security security-profiles threat-prevention \ + update-override + diff --git a/gcloud/projects/create b/gcloud/projects/create index f21a809e9..1243138e3 100644 --- a/gcloud/projects/create +++ b/gcloud/projects/create @@ -70,6 +70,8 @@ FLAGS Example: 123/environment=production,123/costCenter=marketing + Note: Currently this field is in Preview. + GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, diff --git a/gcloud/pubsub/topics/create b/gcloud/pubsub/topics/create index 050d2f9c4..4ebc11970 100644 --- a/gcloud/pubsub/topics/create +++ b/gcloud/pubsub/topics/create @@ -4,6 +4,10 @@ NAME SYNOPSIS gcloud pubsub topics create TOPIC [TOPIC ...] [--labels=[KEY=VALUE,...]] [--message-retention-duration=MESSAGE_RETENTION_DURATION] + [--kinesis-ingestion-consumer-arn=KINESIS_INGESTION_CONSUMER_ARN + --kinesis-ingestion-role-arn=KINESIS_INGESTION_ROLE_ARN + --kinesis-ingestion-service-account=KINESIS_INGESTION_SERVICE_ACCOUNT + --kinesis-ingestion-stream-arn=KINESIS_INGESTION_STREAM_ARN] [--message-encoding=ENCODING (--schema=SCHEMA : --schema-project=SCHEMA_PROJECT) : --first-revision-id=FIRST_REVISION_ID @@ -64,6 +68,36 @@ FLAGS is one of "s", "m", "h", and "d" for seconds, minutes, hours, and days, respectively. If the unit is omitted, seconds is assumed. + The following flags are for specifying ingestion settings for an import + topic from Amazon Web Services (AWS) Kinesis Data Streams + + --kinesis-ingestion-consumer-arn=KINESIS_INGESTION_CONSUMER_ARN + The Kinesis data streams consumer Amazon Resource Name (ARN) to use + for ingestion. + + This flag argument must be specified if any of the other arguments in + this group are specified. + + --kinesis-ingestion-role-arn=KINESIS_INGESTION_ROLE_ARN + AWS role ARN to be used for Federated Identity authentication with + Kinesis. + + This flag argument must be specified if any of the other arguments in + this group are specified. + + --kinesis-ingestion-service-account=KINESIS_INGESTION_SERVICE_ACCOUNT + The service account to be used for Federated Identity authentication + with Kinesis. + + This flag argument must be specified if any of the other arguments in + this group are specified. + + --kinesis-ingestion-stream-arn=KINESIS_INGESTION_STREAM_ARN + The Kinesis data stream ARN from which to ingest data. + + This flag argument must be specified if any of the other arguments in + this group are specified. + Schema settings. The schema that messages published to this topic must conform to and the expected message encoding. diff --git a/gcloud/pubsub/topics/update b/gcloud/pubsub/topics/update index 5db032f3a..b403682f5 100644 --- a/gcloud/pubsub/topics/update +++ b/gcloud/pubsub/topics/update @@ -3,6 +3,11 @@ NAME SYNOPSIS gcloud pubsub topics update TOPIC [--update-labels=[KEY=VALUE,...]] + [--clear-ingestion-data-source-settings + | --kinesis-ingestion-consumer-arn=KINESIS_INGESTION_CONSUMER_ARN + --kinesis-ingestion-role-arn=KINESIS_INGESTION_ROLE_ARN + --kinesis-ingestion-service-account=KINESIS_INGESTION_SERVICE_ACCOUNT + --kinesis-ingestion-stream-arn=KINESIS_INGESTION_STREAM_ARN] [--clear-labels | --remove-labels=[KEY,...]] [--clear-message-retention-duration | --message-retention-duration=MESSAGE_RETENTION_DURATION] @@ -102,6 +107,45 @@ FLAGS contain only hyphens (-), underscores (_), lowercase characters, and numbers. + Specify either --clear-ingestion-data-source-settings or a new ingestion + source. + + At most one of these can be specified: + + --clear-ingestion-data-source-settings + If set, clear the Ingestion Data Source Settings from the topic. Use + --no-clear-ingestion-data-source-settings to disable this flag. + + The following flags are for specifying ingestion settings for an import + topic from Amazon Web Services (AWS) Kinesis Data Streams + + --kinesis-ingestion-consumer-arn=KINESIS_INGESTION_CONSUMER_ARN + The Kinesis data streams consumer Amazon Resource Name (ARN) to use + for ingestion. + + This flag argument must be specified if any of the other arguments + in this group are specified. + + --kinesis-ingestion-role-arn=KINESIS_INGESTION_ROLE_ARN + AWS role ARN to be used for Federated Identity authentication with + Kinesis. + + This flag argument must be specified if any of the other arguments + in this group are specified. + + --kinesis-ingestion-service-account=KINESIS_INGESTION_SERVICE_ACCOUNT + The service account to be used for Federated Identity + authentication with Kinesis. + + This flag argument must be specified if any of the other arguments + in this group are specified. + + --kinesis-ingestion-stream-arn=KINESIS_INGESTION_STREAM_ARN + The Kinesis data stream ARN from which to ingest data. + + This flag argument must be specified if any of the other arguments + in this group are specified. + At most one of these can be specified: --clear-labels diff --git a/gcloud/recaptcha/keys/create b/gcloud/recaptcha/keys/create index 8eb22d79e..096491ee7 100644 --- a/gcloud/recaptcha/keys/create +++ b/gcloud/recaptcha/keys/create @@ -204,6 +204,9 @@ OPTIONAL FLAGS --waf-service=WAF_SERVICE The WAF service provider to use. WAF_SERVICE must be one of: + akamai + Akamai + ca Cloud Armor diff --git a/gcloud/resource-manager/folders/create b/gcloud/resource-manager/folders/create index 339c4273b..83a6d797e 100644 --- a/gcloud/resource-manager/folders/create +++ b/gcloud/resource-manager/folders/create @@ -43,6 +43,8 @@ OPTIONAL FLAGS Example: 123/environment=production,123/costCenter=marketing + Note: Currently this field is in Preview. + GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, diff --git a/gcloud/transfer/jobs/create b/gcloud/transfer/jobs/create index b6e70fcdf..e653e7658 100644 --- a/gcloud/transfer/jobs/create +++ b/gcloud/transfer/jobs/create @@ -89,6 +89,17 @@ POSITIONAL ARGUMENTS A file transfer agent must be installed on the POSIX filesystem, and you need an agent pool flag on this jobs command to activate the agent. + Hadoop Distributed File System (HDFS) - Specify the hdfs:// scheme + followed by the absolute path to the desired directory, starting from + the root of the file system (denoted by a leading slash). For example: + ◆ hdfs:///path/directory/ + + Namenode details should not be included in the path specification, as + they are required separately during the agent installation process. + + A file transfer agent must be installed, and you need an agent pool + flag on this jobs command to activate the agent. + Publicly-accessible objects - Specify the URL of a TSV file containing a list of URLs of publicly-accessible objects. For example: ◆ http://example.com/tsvfile diff --git a/gcloud/transfer/jobs/update b/gcloud/transfer/jobs/update index 3979f1d36..f5df142ce 100644 --- a/gcloud/transfer/jobs/update +++ b/gcloud/transfer/jobs/update @@ -100,6 +100,18 @@ FLAGS you need an agent pool flag on this jobs command to activate the agent. + Hadoop Distributed File System (HDFS) - Specify the hdfs:// scheme + followed by the absolute path to the desired directory, starting from + the root of the file system (denoted by a leading slash). For + example: + ▸ hdfs:///path/directory/ + + Namenode details should not be included in the path specification, as + they are required separately during the agent installation process. + + A file transfer agent must be installed, and you need an agent pool + flag on this jobs command to activate the agent. + Publicly-accessible objects - Specify the URL of a TSV file containing a list of URLs of publicly-accessible objects. For example: diff --git a/gcloud/workbench/instances/add-iam-policy-binding b/gcloud/workbench/instances/add-iam-policy-binding index a8ada3e87..615e5d528 100644 --- a/gcloud/workbench/instances/add-iam-policy-binding +++ b/gcloud/workbench/instances/add-iam-policy-binding @@ -1,6 +1,6 @@ NAME - gcloud workbench instances add-iam-policy-binding - add IAM policy binding - for an instance + gcloud workbench instances add-iam-policy-binding - adds IAM policy binding + for a workbench instance SYNOPSIS gcloud workbench instances add-iam-policy-binding diff --git a/gcloud/workbench/instances/check-instance-upgradability b/gcloud/workbench/instances/check-instance-upgradability index 32f8d32a2..ba2eebfb0 100644 --- a/gcloud/workbench/instances/check-instance-upgradability +++ b/gcloud/workbench/instances/check-instance-upgradability @@ -1,13 +1,13 @@ NAME - gcloud workbench instances check-instance-upgradability - request for - checking if an instance is upgradeable + gcloud workbench instances check-instance-upgradability - checks if a + workbench instance is upgradeable SYNOPSIS gcloud workbench instances check-instance-upgradability (INSTANCE : --location=LOCATION) [GCLOUD_WIDE_FLAG ...] DESCRIPTION - Request for checking if an instance is upgradeable. + Checks if a workbench instance is upgradeable. EXAMPLES To check if an instance can be upgraded, run: diff --git a/gcloud/workbench/instances/create b/gcloud/workbench/instances/create index 1f0318697..fd93f1e35 100644 --- a/gcloud/workbench/instances/create +++ b/gcloud/workbench/instances/create @@ -1,5 +1,5 @@ NAME - gcloud workbench instances create - request for creating an instance + gcloud workbench instances create - creates a workbench instance SYNOPSIS gcloud workbench instances create (INSTANCE : --location=LOCATION) @@ -37,7 +37,7 @@ SYNOPSIS --shielded-vtpm=SHIELDED_VTPM] [GCLOUD_WIDE_FLAG ...] DESCRIPTION - Request for creating an instance. + Creates a workbench instance. EXAMPLES To create an instance from a VmImage family, run: diff --git a/gcloud/workbench/instances/delete b/gcloud/workbench/instances/delete index dadacd9e7..10c5c979f 100644 --- a/gcloud/workbench/instances/delete +++ b/gcloud/workbench/instances/delete @@ -1,12 +1,12 @@ NAME - gcloud workbench instances delete - request for deleting instances + gcloud workbench instances delete - deletes a workbench instance SYNOPSIS gcloud workbench instances delete (INSTANCE : --location=LOCATION) [--async] [GCLOUD_WIDE_FLAG ...] DESCRIPTION - Request for deleting workbench instances. + Deletes a workbench instance. EXAMPLES To delete an instance, run: diff --git a/gcloud/workbench/instances/describe b/gcloud/workbench/instances/describe index 627b5f9aa..fdef29392 100644 --- a/gcloud/workbench/instances/describe +++ b/gcloud/workbench/instances/describe @@ -1,12 +1,12 @@ NAME - gcloud workbench instances describe - request for describing instances + gcloud workbench instances describe - describes a workbench instance SYNOPSIS gcloud workbench instances describe (INSTANCE : --location=LOCATION) [GCLOUD_WIDE_FLAG ...] DESCRIPTION - Request for describing workbench instances. + Describes a workbench instance. EXAMPLES To describe an instance, run: diff --git a/gcloud/workbench/instances/diagnose b/gcloud/workbench/instances/diagnose index 6975c6c84..da35c07f7 100644 --- a/gcloud/workbench/instances/diagnose +++ b/gcloud/workbench/instances/diagnose @@ -1,5 +1,5 @@ NAME - gcloud workbench instances diagnose - request for diagnosing instances + gcloud workbench instances diagnose - diagnoses a workbench instance SYNOPSIS gcloud workbench instances diagnose (INSTANCE : --location=LOCATION) @@ -8,7 +8,7 @@ SYNOPSIS [--relative-path=RELATIVE_PATH] [GCLOUD_WIDE_FLAG ...] DESCRIPTION - Request for diagnosing workbench instances. + Diagnoses a workbench instance. EXAMPLES To diagnose an instance, run: diff --git a/gcloud/workbench/instances/get-config b/gcloud/workbench/instances/get-config new file mode 100644 index 000000000..ac573508a --- /dev/null +++ b/gcloud/workbench/instances/get-config @@ -0,0 +1,28 @@ +NAME + gcloud workbench instances get-config - describes the valid configurations + for workbench instances + +SYNOPSIS + gcloud workbench instances get-config [--location=LOCATION] + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Describes the valid configurations for workbench instances. + +EXAMPLES + For valid configurations, run: + + $ gcloud workbench instances get-config --location=us-west1-a + +FLAGS + --location=LOCATION + Google Cloud location of this environment + https://cloud.google.com/compute/docs/regions-zones/#locations. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. diff --git a/gcloud/workbench/instances/get-iam-policy b/gcloud/workbench/instances/get-iam-policy index 590aa55cc..4d50ee24c 100644 --- a/gcloud/workbench/instances/get-iam-policy +++ b/gcloud/workbench/instances/get-iam-policy @@ -1,5 +1,6 @@ NAME - gcloud workbench instances get-iam-policy - get IAM policy for an instance + gcloud workbench instances get-iam-policy - gets IAM policy for a workbench + instance SYNOPSIS gcloud workbench instances get-iam-policy (INSTANCE : --location=LOCATION) diff --git a/gcloud/workbench/instances/help b/gcloud/workbench/instances/help index 82acc6eac..3d9358ee4 100644 --- a/gcloud/workbench/instances/help +++ b/gcloud/workbench/instances/help @@ -16,52 +16,55 @@ COMMANDS COMMAND is one of the following: add-iam-policy-binding - Add IAM policy binding for an instance. + Adds IAM policy binding for a workbench instance. check-instance-upgradability - Request for checking if an instance is upgradeable. + Checks if a workbench instance is upgradeable. create - Request for creating an instance. + Creates a workbench instance. delete - Request for deleting instances. + Deletes a workbench instance. describe - Request for describing instances. + Describes a workbench instance. diagnose - Request for diagnosing instances. + Diagnoses a workbench instance. + + get-config + Describes the valid configurations for workbench instances. get-iam-policy - Get IAM policy for an instance. + Gets IAM policy for a workbench instance. list - Request for listing instances. + Lists workbench instances. remove-iam-policy-binding - Remove IAM policy binding for an instance. + Removes IAM policy binding for a workbench instance. reset - Request for resetting instances. + Resets a workbench instance. resize-disk - Request for updating instances. + Resizes the workbench instance's disk. rollback - Request for rolling back instances. + Rolls back a workbench instance. set-iam-policy - Set the IAM policy for an Instance. + Sets the IAM policy for a workbench instance. start - Request for starting instances. + Starts a workbench instance. stop - Request for stopping instances. + Stops a workbench instance. update - Request for updating instances. + Updates a workbench instance. upgrade - Request for upgrading instances. + Upgrades a workbench instance. diff --git a/gcloud/workbench/instances/list b/gcloud/workbench/instances/list index e7dd1c529..c1af4b628 100644 --- a/gcloud/workbench/instances/list +++ b/gcloud/workbench/instances/list @@ -1,5 +1,5 @@ NAME - gcloud workbench instances list - request for listing instances + gcloud workbench instances list - lists workbench instances SYNOPSIS gcloud workbench instances list [--location=LOCATION] [--filter=EXPRESSION] @@ -7,7 +7,7 @@ SYNOPSIS [GCLOUD_WIDE_FLAG ...] DESCRIPTION - Request for listing instances. + Lists workbench instances. EXAMPLES To list instances in a particular location, run: diff --git a/gcloud/workbench/instances/remove-iam-policy-binding b/gcloud/workbench/instances/remove-iam-policy-binding index 570f69cfb..68929d682 100644 --- a/gcloud/workbench/instances/remove-iam-policy-binding +++ b/gcloud/workbench/instances/remove-iam-policy-binding @@ -1,6 +1,6 @@ NAME - gcloud workbench instances remove-iam-policy-binding - remove IAM policy - binding for an instance + gcloud workbench instances remove-iam-policy-binding - removes IAM policy + binding for a workbench instance SYNOPSIS gcloud workbench instances remove-iam-policy-binding diff --git a/gcloud/workbench/instances/reset b/gcloud/workbench/instances/reset index 15be7cb47..3ee1432da 100644 --- a/gcloud/workbench/instances/reset +++ b/gcloud/workbench/instances/reset @@ -1,12 +1,12 @@ NAME - gcloud workbench instances reset - request for resetting instances + gcloud workbench instances reset - resets a workbench instance SYNOPSIS gcloud workbench instances reset (INSTANCE : --location=LOCATION) [--async] [GCLOUD_WIDE_FLAG ...] DESCRIPTION - Request for resetting workbench instances. + Resets a workbench instance. EXAMPLES To reset an instance, run: diff --git a/gcloud/workbench/instances/resize-disk b/gcloud/workbench/instances/resize-disk index 740fd29a3..6db7f319c 100644 --- a/gcloud/workbench/instances/resize-disk +++ b/gcloud/workbench/instances/resize-disk @@ -1,5 +1,6 @@ NAME - gcloud workbench instances resize-disk - request for updating instances + gcloud workbench instances resize-disk - resizes the workbench instance's + disk SYNOPSIS gcloud workbench instances resize-disk (INSTANCE : --location=LOCATION) @@ -7,7 +8,7 @@ SYNOPSIS [--async] [GCLOUD_WIDE_FLAG ...] DESCRIPTION - Request for resizing the workbench instances disk. + Resizes the workbench instance's disk. EXAMPLES To increase the boot disk size for an instance, run: diff --git a/gcloud/workbench/instances/rollback b/gcloud/workbench/instances/rollback index 2d05bbe20..301c15430 100644 --- a/gcloud/workbench/instances/rollback +++ b/gcloud/workbench/instances/rollback @@ -1,12 +1,12 @@ NAME - gcloud workbench instances rollback - request for rolling back instances + gcloud workbench instances rollback - rolls back a workbench instance SYNOPSIS gcloud workbench instances rollback (INSTANCE : --location=LOCATION) --target-snapshot=TARGET_SNAPSHOT [--async] [GCLOUD_WIDE_FLAG ...] DESCRIPTION - Request for rolling back workbench instances. + Rolls back a workbench instance. EXAMPLES To rollback an instance, run: diff --git a/gcloud/workbench/instances/set-iam-policy b/gcloud/workbench/instances/set-iam-policy index 0cd960783..e51381ade 100644 --- a/gcloud/workbench/instances/set-iam-policy +++ b/gcloud/workbench/instances/set-iam-policy @@ -1,6 +1,6 @@ NAME - gcloud workbench instances set-iam-policy - set the IAM policy for an - Instance + gcloud workbench instances set-iam-policy - sets the IAM policy for a + workbench instance SYNOPSIS gcloud workbench instances set-iam-policy (INSTANCE : --location=LOCATION) diff --git a/gcloud/workbench/instances/start b/gcloud/workbench/instances/start index 6c25d0143..94e2de28b 100644 --- a/gcloud/workbench/instances/start +++ b/gcloud/workbench/instances/start @@ -1,12 +1,12 @@ NAME - gcloud workbench instances start - request for starting instances + gcloud workbench instances start - starts a workbench instance SYNOPSIS gcloud workbench instances start (INSTANCE : --location=LOCATION) [--async] [GCLOUD_WIDE_FLAG ...] DESCRIPTION - Request for starting workbench instances. + Starts a workbench instance. EXAMPLES To start an instance, run: diff --git a/gcloud/workbench/instances/stop b/gcloud/workbench/instances/stop index eb181b99a..340f41009 100644 --- a/gcloud/workbench/instances/stop +++ b/gcloud/workbench/instances/stop @@ -1,12 +1,12 @@ NAME - gcloud workbench instances stop - request for stopping instances + gcloud workbench instances stop - stops a workbench instance SYNOPSIS gcloud workbench instances stop (INSTANCE : --location=LOCATION) [--async] [GCLOUD_WIDE_FLAG ...] DESCRIPTION - Request for stopping workbench instances. + Stops a workbench instance. EXAMPLES To stop an instance, run: diff --git a/gcloud/workbench/instances/update b/gcloud/workbench/instances/update index 77545583a..bb126f8ca 100644 --- a/gcloud/workbench/instances/update +++ b/gcloud/workbench/instances/update @@ -1,5 +1,5 @@ NAME - gcloud workbench instances update - request for updating instances + gcloud workbench instances update - updates a workbench instance SYNOPSIS gcloud workbench instances update (INSTANCE : --location=LOCATION) @@ -14,7 +14,7 @@ SYNOPSIS --shielded-vtpm=SHIELDED_VTPM] [GCLOUD_WIDE_FLAG ...] DESCRIPTION - Request for updating workbench instances. + Updates a workbench instance. EXAMPLES To update machine type for an instance, run: diff --git a/gcloud/workbench/instances/upgrade b/gcloud/workbench/instances/upgrade index 58f3d2ae7..2cfcd69db 100644 --- a/gcloud/workbench/instances/upgrade +++ b/gcloud/workbench/instances/upgrade @@ -1,12 +1,12 @@ NAME - gcloud workbench instances upgrade - request for upgrading instances + gcloud workbench instances upgrade - upgrades a workbench instance SYNOPSIS gcloud workbench instances upgrade (INSTANCE : --location=LOCATION) [--async] [GCLOUD_WIDE_FLAG ...] DESCRIPTION - Request for upgrading workbench instances. + Upgrades a workbench instance. EXAMPLES To upgrade an instance, run: diff --git a/gcloud/workstations/configs/create b/gcloud/workstations/configs/create index 23e899fd4..db1e7d3b7 100644 --- a/gcloud/workstations/configs/create +++ b/gcloud/workstations/configs/create @@ -10,9 +10,9 @@ SYNOPSIS [--container-env=[CONTAINER_ENV,...]] [--container-run-as-user=CONTAINER_RUN_AS_USER] [--container-working-dir=CONTAINER_WORKING_DIR] - [--disable-public-ip-addresses] [--disable-tcp-connections] - [--enable-audit-agent] [--enable-confidential-compute] - [--enable-nested-virtualization] + [--disable-public-ip-addresses] [--disable-ssh-to-vm] + [--disable-tcp-connections] [--enable-audit-agent] + [--enable-confidential-compute] [--enable-nested-virtualization] [--ephemeral-directory=[PROPERTY=VALUE,...]] [--idle-timeout=IDLE_TIMEOUT; default=7200] [--labels=[LABELS,...]] [--machine-type=MACHINE_TYPE; default="e2-standard-4"] @@ -137,6 +137,10 @@ FLAGS Default value is false. If set, instances will have no public IP address. + --disable-ssh-to-vm + Default value is False. If set, workstations disable SSH connections to + the root VM. + --disable-tcp-connections Default value is false. If set, workstations don't allow plain TCP connections. diff --git a/gcloud/workstations/configs/update b/gcloud/workstations/configs/update index 693030437..95e9e457b 100644 --- a/gcloud/workstations/configs/update +++ b/gcloud/workstations/configs/update @@ -21,6 +21,7 @@ SYNOPSIS [--shielded-vtpm] [--container-custom-image=CONTAINER_CUSTOM_IMAGE | --container-predefined-image=CONTAINER_PREDEFINED_IMAGE] + [--disable-ssh-to-vm | --enable-ssh-to-vm] [--disable-tcp-connections | --enable-tcp-connections] [GCLOUD_WIDE_FLAG ...] @@ -228,6 +229,14 @@ FLAGS webstorm WebStorm + At most one of these can be specified: + + --disable-ssh-to-vm + If set, workstations disable SSH connections to the root VM. + + --enable-ssh-to-vm + If set, workstations enable SSH connections to the root VM. + At most one of these can be specified: --disable-tcp-connections