mirror of
https://github.com/imjasonh/gcloud-help
synced 2026-07-18 23:08:48 +00:00
gcloud: Wed Oct 1 11:06:24 UTC 2025
This commit is contained in:
parent
1dea1ef852
commit
a0434a4d7a
247 changed files with 8086 additions and 424 deletions
|
|
@ -7,7 +7,9 @@ SYNOPSIS
|
|||
(APPLICATION : --location=LOCATION --security-gateway=SECURITY_GATEWAY)
|
||||
--endpoint-matchers=[hostname=HOSTNAME],[ports=PORTS] [--async]
|
||||
[--display-name=DISPLAY_NAME] [--request-id=REQUEST_ID]
|
||||
[--upstreams=[egressPolicy=EGRESSPOLICY],[network=NETWORK]]
|
||||
[--schema=SCHEMA]
|
||||
[--upstreams=[egressPolicy=EGRESSPOLICY],
|
||||
[external=EXTERNAL],[network=NETWORK],[proxyProtocol=PROXYPROTOCOL]]
|
||||
[GCLOUD_WIDE_FLAG ...]
|
||||
|
||||
DESCRIPTION
|
||||
|
|
@ -65,11 +67,11 @@ REQUIRED FLAGS
|
|||
combination of hostname and ports as endpoint matchers is used to match
|
||||
the application. Match conditions for OR logic. An array of match
|
||||
conditions to allow for multiple matching criteria. The rule is
|
||||
considered a match if one of the conditions is met. The conditions can
|
||||
be one of the following combinations (Hostname), (Hostname & Ports)
|
||||
considered a match if one of the conditions is met. The conditions
|
||||
should be the following combination: (Hostname & Ports)
|
||||
|
||||
EXAMPLES: Hostname - (".example.com"), ("xyz.example.com") Hostname and
|
||||
Ports - ("example.com" and "22"), ("example.com" and "22,33") etc.
|
||||
EXAMPLES: Hostname and Ports - (".example.com", "443"), ("example.com"
|
||||
and "22"), ("example.com" and "22,33") etc.
|
||||
|
||||
hostname
|
||||
Hostname of the application.
|
||||
|
|
@ -95,7 +97,7 @@ OPTIONAL FLAGS
|
|||
complete.
|
||||
|
||||
--display-name=DISPLAY_NAME
|
||||
An arbitrary user-provided name for the Application resource. Cannot
|
||||
An arbitrary user-provided name for the application resource. Cannot
|
||||
exceed 64 characters.
|
||||
|
||||
--request-id=REQUEST_ID
|
||||
|
|
@ -104,7 +106,17 @@ OPTIONAL FLAGS
|
|||
ignore request if it has already been completed. The server will
|
||||
guarantee that for at least 60 minutes since the first request.
|
||||
|
||||
--upstreams=[egressPolicy=EGRESSPOLICY],[network=NETWORK]
|
||||
--schema=SCHEMA
|
||||
Type of the external application. SCHEMA must be one of:
|
||||
|
||||
api-gateway
|
||||
Service Discovery API endpoint when Service Discovery is enabled in
|
||||
Gateway.
|
||||
proxy-gateway
|
||||
Proxy which routes traffic to actual applications, like Netscaler
|
||||
Gateway.
|
||||
|
||||
--upstreams=[egressPolicy=EGRESSPOLICY],[external=EXTERNAL],[network=NETWORK],[proxyProtocol=PROXYPROTOCOL]
|
||||
Which upstream resources to forward traffic to.
|
||||
|
||||
egressPolicy
|
||||
|
|
@ -113,6 +125,18 @@ OPTIONAL FLAGS
|
|||
regions
|
||||
List of the regions where the application sends traffic.
|
||||
|
||||
external
|
||||
List of the external endpoints to forward traffic to.
|
||||
|
||||
endpoints
|
||||
List of the endpoints to forward traffic to.
|
||||
|
||||
hostname
|
||||
Hostname of the endpoint.
|
||||
|
||||
port
|
||||
Port of the endpoint.
|
||||
|
||||
network
|
||||
Network to forward traffic to.
|
||||
|
||||
|
|
@ -120,13 +144,63 @@ OPTIONAL FLAGS
|
|||
Network name is of the format:
|
||||
projects/{project}/global/networks/{network}.
|
||||
|
||||
proxyProtocol
|
||||
Enables proxy protocol configuration for the upstream.
|
||||
|
||||
allowedClientHeaders
|
||||
List of the allowed client header names.
|
||||
|
||||
clientIp
|
||||
Client IP configuration. The client IP address is included if
|
||||
true.
|
||||
|
||||
contextualHeaders
|
||||
Configuration for the contextual headers.
|
||||
|
||||
deviceInfo
|
||||
Device info configuration.
|
||||
|
||||
outputType
|
||||
The output type of the delegated device info.
|
||||
|
||||
groupInfo
|
||||
Group info configuration.
|
||||
|
||||
outputType
|
||||
The output type of the delegated group info.
|
||||
|
||||
outputType
|
||||
Default output type for all enabled headers.
|
||||
|
||||
userInfo
|
||||
User info configuration.
|
||||
|
||||
outputType
|
||||
The output type of the delegated user info.
|
||||
|
||||
gatewayIdentity
|
||||
Gateway identity configuration.
|
||||
|
||||
metadataHeaders
|
||||
Custom resource specific headers along with the values. The
|
||||
names should conform to RFC 9110: > Field names SHOULD
|
||||
constrain themselves to alphanumeric characters, "-", and ".",
|
||||
and SHOULD begin with a letter. Field values SHOULD contain
|
||||
only ASCII printable characters and tab.
|
||||
|
||||
KEY
|
||||
Sets KEY value.
|
||||
|
||||
VALUE
|
||||
Sets VALUE value.
|
||||
|
||||
Shorthand Example:
|
||||
|
||||
--upstreams=egressPolicy={regions=[string]},network={name=string} --upstreams=egressPolicy={regions=[string]},network={name=string}
|
||||
--upstreams=egressPolicy={regions=[string]},external={endpoints=[{hostname=string,port=int}]},network={name=string},proxyProtocol={allowedClientHeaders=[string],clientIp=boolean,contextualHeaders={deviceInfo={outputType=string},groupInfo={outputType=string},outputType=string,userInfo={outputType=string}},gatewayIdentity=string,metadataHeaders={string=string}} --upstreams=egressPolicy={regions=[string]},external={endpoints=[{hostname=string,port=int}]},network={name=string},proxyProtocol={allowedClientHeaders=[string],clientIp=boolean,contextualHeaders={deviceInfo={outputType=string},groupInfo={outputType=string},outputType=string,userInfo={outputType=string}},gatewayIdentity=string,metadataHeaders={string=string}}
|
||||
|
||||
JSON Example:
|
||||
|
||||
--upstreams='[{"egressPolicy": {"regions": ["string"]}, "network": {"name": "string"}}]'
|
||||
--upstreams='[{"egressPolicy": {"regions": ["string"]}, "external": {"endpoints": [{"hostname": "string", "port": int}]}, "network": {"name": "string"}, "proxyProtocol": {"allowedClientHeaders": ["string"], "clientIp": boolean, "contextualHeaders": {"deviceInfo": {"outputType": "string"}, "groupInfo": {"outputType": "string"}, "outputType": "string", "userInfo": {"outputType": "string"}}, "gatewayIdentity": "string", "metadataHeaders": {"string": "string"}}}]'
|
||||
|
||||
File Example:
|
||||
|
||||
|
|
|
|||
|
|
@ -6,14 +6,18 @@ SYNOPSIS
|
|||
gcloud beta beyondcorp security-gateways applications update
|
||||
(APPLICATION : --location=LOCATION --security-gateway=SECURITY_GATEWAY)
|
||||
[--async] [--display-name=DISPLAY_NAME] [--request-id=REQUEST_ID]
|
||||
[--schema=SCHEMA]
|
||||
[--endpoint-matchers=[hostname=HOSTNAME],[ports=PORTS]
|
||||
| --add-endpoint-matchers=[hostname=HOSTNAME],[ports=PORTS]
|
||||
--clear-endpoint-matchers
|
||||
| --remove-endpoint-matchers=[hostname=HOSTNAME],[ports=PORTS]]
|
||||
[--upstreams=[egressPolicy=EGRESSPOLICY],[network=NETWORK]
|
||||
| --add-upstreams=[egressPolicy=EGRESSPOLICY],[network=NETWORK]
|
||||
[--upstreams=[egressPolicy=EGRESSPOLICY],
|
||||
[external=EXTERNAL],[network=NETWORK],[proxyProtocol=PROXYPROTOCOL]
|
||||
| --add-upstreams=[egressPolicy=EGRESSPOLICY],
|
||||
[external=EXTERNAL],[network=NETWORK],[proxyProtocol=PROXYPROTOCOL]
|
||||
--clear-upstreams
|
||||
| --remove-upstreams=[egressPolicy=EGRESSPOLICY],[network=NETWORK]]
|
||||
| --remove-upstreams=[egressPolicy=EGRESSPOLICY],
|
||||
[external=EXTERNAL],[network=NETWORK],[proxyProtocol=PROXYPROTOCOL]]
|
||||
[GCLOUD_WIDE_FLAG ...]
|
||||
|
||||
DESCRIPTION
|
||||
|
|
@ -71,7 +75,7 @@ FLAGS
|
|||
complete.
|
||||
|
||||
--display-name=DISPLAY_NAME
|
||||
An arbitrary user-provided name for the Application resource. Cannot
|
||||
An arbitrary user-provided name for the application resource. Cannot
|
||||
exceed 64 characters.
|
||||
|
||||
--request-id=REQUEST_ID
|
||||
|
|
@ -89,6 +93,16 @@ FLAGS
|
|||
The request ID must be a valid UUID with the exception that zero UUID
|
||||
is not supported (00000000-0000-0000-0000-000000000000).
|
||||
|
||||
--schema=SCHEMA
|
||||
Type of the external application. SCHEMA must be one of:
|
||||
|
||||
api-gateway
|
||||
Service Discovery API endpoint when Service Discovery is enabled in
|
||||
Gateway.
|
||||
proxy-gateway
|
||||
Proxy which routes traffic to actual applications, like Netscaler
|
||||
Gateway.
|
||||
|
||||
Update endpoint_matchers.
|
||||
|
||||
At most one of these can be specified:
|
||||
|
|
@ -99,12 +113,11 @@ FLAGS
|
|||
matchers is used to match the application. Match conditions for OR
|
||||
logic. An array of match conditions to allow for multiple matching
|
||||
criteria. The rule is considered a match if one of the conditions is
|
||||
met. The conditions can be one of the following combinations
|
||||
(Hostname), (Hostname & Ports)
|
||||
met. The conditions should be the following combination: (Hostname &
|
||||
Ports)
|
||||
|
||||
EXAMPLES: Hostname - (".example.com"), ("xyz.example.com") Hostname
|
||||
and Ports - ("example.com" and "22"), ("example.com" and "22,33")
|
||||
etc.
|
||||
EXAMPLES: Hostname and Ports - (".example.com", "443"),
|
||||
("example.com" and "22"), ("example.com" and "22,33") etc.
|
||||
|
||||
hostname
|
||||
Hostname of the application.
|
||||
|
|
@ -130,12 +143,11 @@ FLAGS
|
|||
matchers is used to match the application. Match conditions for OR
|
||||
logic. An array of match conditions to allow for multiple matching
|
||||
criteria. The rule is considered a match if one of the conditions is
|
||||
met. The conditions can be one of the following combinations
|
||||
(Hostname), (Hostname & Ports)
|
||||
met. The conditions should be the following combination: (Hostname &
|
||||
Ports)
|
||||
|
||||
EXAMPLES: Hostname - (".example.com"), ("xyz.example.com") Hostname
|
||||
and Ports - ("example.com" and "22"), ("example.com" and "22,33")
|
||||
etc.
|
||||
EXAMPLES: Hostname and Ports - (".example.com", "443"),
|
||||
("example.com" and "22"), ("example.com" and "22,33") etc.
|
||||
|
||||
hostname
|
||||
Hostname of the application.
|
||||
|
|
@ -166,12 +178,11 @@ FLAGS
|
|||
and ports as endpoint matchers is used to match the application.
|
||||
Match conditions for OR logic. An array of match conditions to
|
||||
allow for multiple matching criteria. The rule is considered a
|
||||
match if one of the conditions is met. The conditions can be one of
|
||||
the following combinations (Hostname), (Hostname & Ports)
|
||||
match if one of the conditions is met. The conditions should be the
|
||||
following combination: (Hostname & Ports)
|
||||
|
||||
EXAMPLES: Hostname - (".example.com"), ("xyz.example.com") Hostname
|
||||
and Ports - ("example.com" and "22"), ("example.com" and "22,33")
|
||||
etc.
|
||||
EXAMPLES: Hostname and Ports - (".example.com", "443"),
|
||||
("example.com" and "22"), ("example.com" and "22,33") etc.
|
||||
|
||||
hostname
|
||||
Hostname of the application.
|
||||
|
|
@ -195,7 +206,7 @@ FLAGS
|
|||
|
||||
At most one of these can be specified:
|
||||
|
||||
--upstreams=[egressPolicy=EGRESSPOLICY],[network=NETWORK]
|
||||
--upstreams=[egressPolicy=EGRESSPOLICY],[external=EXTERNAL],[network=NETWORK],[proxyProtocol=PROXYPROTOCOL]
|
||||
Set upstreams to new value. Which upstream resources to forward
|
||||
traffic to.
|
||||
|
||||
|
|
@ -205,6 +216,18 @@ FLAGS
|
|||
regions
|
||||
List of the regions where the application sends traffic.
|
||||
|
||||
external
|
||||
List of the external endpoints to forward traffic to.
|
||||
|
||||
endpoints
|
||||
List of the endpoints to forward traffic to.
|
||||
|
||||
hostname
|
||||
Hostname of the endpoint.
|
||||
|
||||
port
|
||||
Port of the endpoint.
|
||||
|
||||
network
|
||||
Network to forward traffic to.
|
||||
|
||||
|
|
@ -212,19 +235,69 @@ FLAGS
|
|||
Network name is of the format:
|
||||
projects/{project}/global/networks/{network}.
|
||||
|
||||
proxyProtocol
|
||||
Enables proxy protocol configuration for the upstream.
|
||||
|
||||
allowedClientHeaders
|
||||
List of the allowed client header names.
|
||||
|
||||
clientIp
|
||||
Client IP configuration. The client IP address is included if
|
||||
true.
|
||||
|
||||
contextualHeaders
|
||||
Configuration for the contextual headers.
|
||||
|
||||
deviceInfo
|
||||
Device info configuration.
|
||||
|
||||
outputType
|
||||
The output type of the delegated device info.
|
||||
|
||||
groupInfo
|
||||
Group info configuration.
|
||||
|
||||
outputType
|
||||
The output type of the delegated group info.
|
||||
|
||||
outputType
|
||||
Default output type for all enabled headers.
|
||||
|
||||
userInfo
|
||||
User info configuration.
|
||||
|
||||
outputType
|
||||
The output type of the delegated user info.
|
||||
|
||||
gatewayIdentity
|
||||
Gateway identity configuration.
|
||||
|
||||
metadataHeaders
|
||||
Custom resource specific headers along with the values. The
|
||||
names should conform to RFC 9110: > Field names SHOULD
|
||||
constrain themselves to alphanumeric characters, "-", and
|
||||
".", and SHOULD begin with a letter. Field values SHOULD
|
||||
contain only ASCII printable characters and tab.
|
||||
|
||||
KEY
|
||||
Sets KEY value.
|
||||
|
||||
VALUE
|
||||
Sets VALUE value.
|
||||
|
||||
Shorthand Example:
|
||||
|
||||
--upstreams=egressPolicy={regions=[string]},network={name=string} --upstreams=egressPolicy={regions=[string]},network={name=string}
|
||||
--upstreams=egressPolicy={regions=[string]},external={endpoints=[{hostname=string,port=int}]},network={name=string},proxyProtocol={allowedClientHeaders=[string],clientIp=boolean,contextualHeaders={deviceInfo={outputType=string},groupInfo={outputType=string},outputType=string,userInfo={outputType=string}},gatewayIdentity=string,metadataHeaders={string=string}} --upstreams=egressPolicy={regions=[string]},external={endpoints=[{hostname=string,port=int}]},network={name=string},proxyProtocol={allowedClientHeaders=[string],clientIp=boolean,contextualHeaders={deviceInfo={outputType=string},groupInfo={outputType=string},outputType=string,userInfo={outputType=string}},gatewayIdentity=string,metadataHeaders={string=string}}
|
||||
|
||||
JSON Example:
|
||||
|
||||
--upstreams='[{"egressPolicy": {"regions": ["string"]}, "network": {"name": "string"}}]'
|
||||
--upstreams='[{"egressPolicy": {"regions": ["string"]}, "external": {"endpoints": [{"hostname": "string", "port": int}]}, "network": {"name": "string"}, "proxyProtocol": {"allowedClientHeaders": ["string"], "clientIp": boolean, "contextualHeaders": {"deviceInfo": {"outputType": "string"}, "groupInfo": {"outputType": "string"}, "outputType": "string", "userInfo": {"outputType": "string"}}, "gatewayIdentity": "string", "metadataHeaders": {"string": "string"}}}]'
|
||||
|
||||
File Example:
|
||||
|
||||
--upstreams=path_to_file.(yaml|json)
|
||||
|
||||
--add-upstreams=[egressPolicy=EGRESSPOLICY],[network=NETWORK]
|
||||
--add-upstreams=[egressPolicy=EGRESSPOLICY],[external=EXTERNAL],[network=NETWORK],[proxyProtocol=PROXYPROTOCOL]
|
||||
Add new value to upstreams list. Which upstream resources to forward
|
||||
traffic to.
|
||||
|
||||
|
|
@ -234,6 +307,18 @@ FLAGS
|
|||
regions
|
||||
List of the regions where the application sends traffic.
|
||||
|
||||
external
|
||||
List of the external endpoints to forward traffic to.
|
||||
|
||||
endpoints
|
||||
List of the endpoints to forward traffic to.
|
||||
|
||||
hostname
|
||||
Hostname of the endpoint.
|
||||
|
||||
port
|
||||
Port of the endpoint.
|
||||
|
||||
network
|
||||
Network to forward traffic to.
|
||||
|
||||
|
|
@ -241,13 +326,63 @@ FLAGS
|
|||
Network name is of the format:
|
||||
projects/{project}/global/networks/{network}.
|
||||
|
||||
proxyProtocol
|
||||
Enables proxy protocol configuration for the upstream.
|
||||
|
||||
allowedClientHeaders
|
||||
List of the allowed client header names.
|
||||
|
||||
clientIp
|
||||
Client IP configuration. The client IP address is included if
|
||||
true.
|
||||
|
||||
contextualHeaders
|
||||
Configuration for the contextual headers.
|
||||
|
||||
deviceInfo
|
||||
Device info configuration.
|
||||
|
||||
outputType
|
||||
The output type of the delegated device info.
|
||||
|
||||
groupInfo
|
||||
Group info configuration.
|
||||
|
||||
outputType
|
||||
The output type of the delegated group info.
|
||||
|
||||
outputType
|
||||
Default output type for all enabled headers.
|
||||
|
||||
userInfo
|
||||
User info configuration.
|
||||
|
||||
outputType
|
||||
The output type of the delegated user info.
|
||||
|
||||
gatewayIdentity
|
||||
Gateway identity configuration.
|
||||
|
||||
metadataHeaders
|
||||
Custom resource specific headers along with the values. The
|
||||
names should conform to RFC 9110: > Field names SHOULD
|
||||
constrain themselves to alphanumeric characters, "-", and
|
||||
".", and SHOULD begin with a letter. Field values SHOULD
|
||||
contain only ASCII printable characters and tab.
|
||||
|
||||
KEY
|
||||
Sets KEY value.
|
||||
|
||||
VALUE
|
||||
Sets VALUE value.
|
||||
|
||||
Shorthand Example:
|
||||
|
||||
--add-upstreams=egressPolicy={regions=[string]},network={name=string} --add-upstreams=egressPolicy={regions=[string]},network={name=string}
|
||||
--add-upstreams=egressPolicy={regions=[string]},external={endpoints=[{hostname=string,port=int}]},network={name=string},proxyProtocol={allowedClientHeaders=[string],clientIp=boolean,contextualHeaders={deviceInfo={outputType=string},groupInfo={outputType=string},outputType=string,userInfo={outputType=string}},gatewayIdentity=string,metadataHeaders={string=string}} --add-upstreams=egressPolicy={regions=[string]},external={endpoints=[{hostname=string,port=int}]},network={name=string},proxyProtocol={allowedClientHeaders=[string],clientIp=boolean,contextualHeaders={deviceInfo={outputType=string},groupInfo={outputType=string},outputType=string,userInfo={outputType=string}},gatewayIdentity=string,metadataHeaders={string=string}}
|
||||
|
||||
JSON Example:
|
||||
|
||||
--add-upstreams='[{"egressPolicy": {"regions": ["string"]}, "network": {"name": "string"}}]'
|
||||
--add-upstreams='[{"egressPolicy": {"regions": ["string"]}, "external": {"endpoints": [{"hostname": "string", "port": int}]}, "network": {"name": "string"}, "proxyProtocol": {"allowedClientHeaders": ["string"], "clientIp": boolean, "contextualHeaders": {"deviceInfo": {"outputType": "string"}, "groupInfo": {"outputType": "string"}, "outputType": "string", "userInfo": {"outputType": "string"}}, "gatewayIdentity": "string", "metadataHeaders": {"string": "string"}}}]'
|
||||
|
||||
File Example:
|
||||
|
||||
|
|
@ -258,7 +393,7 @@ FLAGS
|
|||
--clear-upstreams
|
||||
Clear upstreams value and set to empty list.
|
||||
|
||||
--remove-upstreams=[egressPolicy=EGRESSPOLICY],[network=NETWORK]
|
||||
--remove-upstreams=[egressPolicy=EGRESSPOLICY],[external=EXTERNAL],[network=NETWORK],[proxyProtocol=PROXYPROTOCOL]
|
||||
Remove existing value from upstreams list. Which upstream resources
|
||||
to forward traffic to.
|
||||
|
||||
|
|
@ -268,6 +403,18 @@ FLAGS
|
|||
regions
|
||||
List of the regions where the application sends traffic.
|
||||
|
||||
external
|
||||
List of the external endpoints to forward traffic to.
|
||||
|
||||
endpoints
|
||||
List of the endpoints to forward traffic to.
|
||||
|
||||
hostname
|
||||
Hostname of the endpoint.
|
||||
|
||||
port
|
||||
Port of the endpoint.
|
||||
|
||||
network
|
||||
Network to forward traffic to.
|
||||
|
||||
|
|
@ -275,13 +422,63 @@ FLAGS
|
|||
Network name is of the format:
|
||||
projects/{project}/global/networks/{network}.
|
||||
|
||||
proxyProtocol
|
||||
Enables proxy protocol configuration for the upstream.
|
||||
|
||||
allowedClientHeaders
|
||||
List of the allowed client header names.
|
||||
|
||||
clientIp
|
||||
Client IP configuration. The client IP address is included
|
||||
if true.
|
||||
|
||||
contextualHeaders
|
||||
Configuration for the contextual headers.
|
||||
|
||||
deviceInfo
|
||||
Device info configuration.
|
||||
|
||||
outputType
|
||||
The output type of the delegated device info.
|
||||
|
||||
groupInfo
|
||||
Group info configuration.
|
||||
|
||||
outputType
|
||||
The output type of the delegated group info.
|
||||
|
||||
outputType
|
||||
Default output type for all enabled headers.
|
||||
|
||||
userInfo
|
||||
User info configuration.
|
||||
|
||||
outputType
|
||||
The output type of the delegated user info.
|
||||
|
||||
gatewayIdentity
|
||||
Gateway identity configuration.
|
||||
|
||||
metadataHeaders
|
||||
Custom resource specific headers along with the values. The
|
||||
names should conform to RFC 9110: > Field names SHOULD
|
||||
constrain themselves to alphanumeric characters, "-", and
|
||||
".", and SHOULD begin with a letter. Field values SHOULD
|
||||
contain only ASCII printable characters and tab.
|
||||
|
||||
KEY
|
||||
Sets KEY value.
|
||||
|
||||
VALUE
|
||||
Sets VALUE value.
|
||||
|
||||
Shorthand Example:
|
||||
|
||||
--remove-upstreams=egressPolicy={regions=[string]},network={name=string} --remove-upstreams=egressPolicy={regions=[string]},network={name=string}
|
||||
--remove-upstreams=egressPolicy={regions=[string]},external={endpoints=[{hostname=string,port=int}]},network={name=string},proxyProtocol={allowedClientHeaders=[string],clientIp=boolean,contextualHeaders={deviceInfo={outputType=string},groupInfo={outputType=string},outputType=string,userInfo={outputType=string}},gatewayIdentity=string,metadataHeaders={string=string}} --remove-upstreams=egressPolicy={regions=[string]},external={endpoints=[{hostname=string,port=int}]},network={name=string},proxyProtocol={allowedClientHeaders=[string],clientIp=boolean,contextualHeaders={deviceInfo={outputType=string},groupInfo={outputType=string},outputType=string,userInfo={outputType=string}},gatewayIdentity=string,metadataHeaders={string=string}}
|
||||
|
||||
JSON Example:
|
||||
|
||||
--remove-upstreams='[{"egressPolicy": {"regions": ["string"]}, "network": {"name": "string"}}]'
|
||||
--remove-upstreams='[{"egressPolicy": {"regions": ["string"]}, "external": {"endpoints": [{"hostname": "string", "port": int}]}, "network": {"name": "string"}, "proxyProtocol": {"allowedClientHeaders": ["string"], "clientIp": boolean, "contextualHeaders": {"deviceInfo": {"outputType": "string"}, "groupInfo": {"outputType": "string"}, "outputType": "string", "userInfo": {"outputType": "string"}}, "gatewayIdentity": "string", "metadataHeaders": {"string": "string"}}}]'
|
||||
|
||||
File Example:
|
||||
|
||||
|
|
|
|||
|
|
@ -5,7 +5,15 @@ SYNOPSIS
|
|||
gcloud beta beyondcorp security-gateways create
|
||||
(SECURITY_GATEWAY : --location=LOCATION) [--async]
|
||||
[--display-name=DISPLAY_NAME] [--hubs=[HUBS,...]]
|
||||
[--request-id=REQUEST_ID] [GCLOUD_WIDE_FLAG ...]
|
||||
[--request-id=REQUEST_ID]
|
||||
[--resource-override-path=RESOURCE_OVERRIDE_PATH]
|
||||
[--proxy-protocol-config-allowed-client-headers=[PROXY_PROTOCOL_CONFIG_ALLOWED_CLIENT_HEADERS,
|
||||
...] --proxy-protocol-config-client-ip
|
||||
--proxy-protocol-config-gateway-identity=PROXY_PROTOCOL_CONFIG_GATEWAY_IDENTITY --proxy-protocol-config-metadata-headers=[PROXY_PROTOCOL_CONFIG_METADATA_HEADERS,
|
||||
...] --contextual-headers-output-type=CONTEXTUAL_HEADERS_OUTPUT_TYPE
|
||||
--device-info-output-type=DEVICE_INFO_OUTPUT_TYPE
|
||||
--group-info-output-type=GROUP_INFO_OUTPUT_TYPE
|
||||
--user-info-output-type=USER_INFO_OUTPUT_TYPE] [GCLOUD_WIDE_FLAG ...]
|
||||
|
||||
DESCRIPTION
|
||||
(BETA) Create a securityGateway
|
||||
|
|
@ -82,9 +90,116 @@ FLAGS
|
|||
--request-id=REQUEST_ID
|
||||
An optional request ID to identify requests. Specify a unique request
|
||||
ID so that if you must retry your request, the server will know to
|
||||
ignore request if it has already been completed. The server will
|
||||
ignore the request if it has already been completed. The server will
|
||||
guarantee that for at least 60 minutes since the first request.
|
||||
|
||||
Settings related to the Service Discovery.
|
||||
|
||||
If Service Discovery is done through API, defines its settings.
|
||||
|
||||
This must be specified.
|
||||
|
||||
API operation descriptor.
|
||||
|
||||
This must be specified.
|
||||
|
||||
--resource-override-path=RESOURCE_OVERRIDE_PATH
|
||||
Contains uri path fragment where HTTP request is sent.
|
||||
|
||||
The configuration for the proxy.
|
||||
|
||||
--proxy-protocol-config-allowed-client-headers=[PROXY_PROTOCOL_CONFIG_ALLOWED_CLIENT_HEADERS,...]
|
||||
List of the allowed client header names.
|
||||
|
||||
--proxy-protocol-config-client-ip
|
||||
Client IP configuration. The client IP address is included if true.
|
||||
|
||||
--proxy-protocol-config-gateway-identity=PROXY_PROTOCOL_CONFIG_GATEWAY_IDENTITY
|
||||
Gateway identity configuration.
|
||||
PROXY_PROTOCOL_CONFIG_GATEWAY_IDENTITY must be (only one value is
|
||||
supported):
|
||||
|
||||
resource-name
|
||||
Resource name for gateway identity, in the format:
|
||||
projects/{project_id}/locations/{location_id}/securityGateways/{security_gateway_id}
|
||||
|
||||
--proxy-protocol-config-metadata-headers=[PROXY_PROTOCOL_CONFIG_METADATA_HEADERS,...]
|
||||
Custom resource specific headers along with the values. The names
|
||||
should conform to RFC 9110: > Field names SHOULD constrain themselves
|
||||
to alphanumeric characters, "-", and ".", and SHOULD begin with a
|
||||
letter. Field values SHOULD contain only ASCII printable characters
|
||||
and tab.
|
||||
|
||||
KEY
|
||||
Sets KEY value.
|
||||
|
||||
VALUE
|
||||
Sets VALUE value.
|
||||
|
||||
Shorthand Example:
|
||||
|
||||
--proxy-protocol-config-metadata-headers=string=string
|
||||
|
||||
JSON Example:
|
||||
|
||||
--proxy-protocol-config-metadata-headers='{"string": "string"}'
|
||||
|
||||
File Example:
|
||||
|
||||
--proxy-protocol-config-metadata-headers=path_to_file.(yaml|json)
|
||||
|
||||
Contextual headers configuration.
|
||||
|
||||
--contextual-headers-output-type=CONTEXTUAL_HEADERS_OUTPUT_TYPE
|
||||
Default output type for all enabled headers.
|
||||
CONTEXTUAL_HEADERS_OUTPUT_TYPE must be one of:
|
||||
|
||||
json
|
||||
JSON output type.
|
||||
none
|
||||
Explicitly disable header output.
|
||||
protobuf
|
||||
Protobuf output type.
|
||||
|
||||
Delegated device info configuration.
|
||||
|
||||
--device-info-output-type=DEVICE_INFO_OUTPUT_TYPE
|
||||
The output type of the delegated device info.
|
||||
DEVICE_INFO_OUTPUT_TYPE must be one of:
|
||||
|
||||
json
|
||||
JSON output type.
|
||||
none
|
||||
Explicitly disable header output.
|
||||
protobuf
|
||||
Protobuf output type.
|
||||
|
||||
Delegated group info configuration.
|
||||
|
||||
--group-info-output-type=GROUP_INFO_OUTPUT_TYPE
|
||||
The output type of the delegated group info.
|
||||
GROUP_INFO_OUTPUT_TYPE must be one of:
|
||||
|
||||
json
|
||||
JSON output type.
|
||||
none
|
||||
Explicitly disable header output.
|
||||
protobuf
|
||||
Protobuf output type.
|
||||
|
||||
Delegated user info configuration.
|
||||
|
||||
--user-info-output-type=USER_INFO_OUTPUT_TYPE
|
||||
The output type of the delegated user info. USER_INFO_OUTPUT_TYPE
|
||||
must be one of:
|
||||
|
||||
json
|
||||
JSON output type.
|
||||
none
|
||||
Explicitly disable header output.
|
||||
protobuf
|
||||
Protobuf output type.
|
||||
|
||||
GCLOUD WIDE FLAGS
|
||||
These flags are available to all commands: --access-token-file, --account,
|
||||
--billing-project, --configuration, --flags-file, --flatten, --format,
|
||||
|
|
|
|||
|
|
@ -5,6 +5,20 @@ SYNOPSIS
|
|||
gcloud beta beyondcorp security-gateways update
|
||||
(SECURITY_GATEWAY : --location=LOCATION) [--async]
|
||||
[--display-name=DISPLAY_NAME] [--request-id=REQUEST_ID]
|
||||
[--clear-proxy-protocol-config --[no-]proxy-protocol-config-client-ip
|
||||
--proxy-protocol-config-gateway-identity=PROXY_PROTOCOL_CONFIG_GATEWAY_IDENTITY --contextual-headers-output-type=CONTEXTUAL_HEADERS_OUTPUT_TYPE --device-info-output-type=DEVICE_INFO_OUTPUT_TYPE --group-info-output-type=GROUP_INFO_OUTPUT_TYPE --user-info-output-type=USER_INFO_OUTPUT_TYPE --proxy-protocol-config-allowed-client-headers=[PROXY_PROTOCOL_CONFIG_ALLOWED_CLIENT_HEADERS,
|
||||
...]
|
||||
| --add-proxy-protocol-config-allowed-client-headers=[ADD_PROXY_PROTOCOL_CONFIG_ALLOWED_CLIENT_HEADERS,
|
||||
...] --clear-proxy-protocol-config-allowed-client-headers
|
||||
| --remove-proxy-protocol-config-allowed-client-headers=[REMOVE_PROXY_PROTOCOL_CONFIG_ALLOWED_CLIENT_HEADERS,
|
||||
...]
|
||||
--proxy-protocol-config-metadata-headers=[PROXY_PROTOCOL_CONFIG_METADATA_HEADERS,
|
||||
...]
|
||||
| --update-proxy-protocol-config-metadata-headers=[UPDATE_PROXY_PROTOCOL_CONFIG_METADATA_HEADERS,
|
||||
...] --clear-proxy-protocol-config-metadata-headers
|
||||
| --remove-proxy-protocol-config-metadata-headers=REMOVE_PROXY_PROTOCOL_CONFIG_METADATA_HEADERS]
|
||||
[--clear-service-discovery
|
||||
--resource-override-path=RESOURCE_OVERRIDE_PATH]
|
||||
[--hubs=[HUBS,...] | --update-hubs=[UPDATE_HUBS,...] --clear-hubs
|
||||
| --remove-hubs=REMOVE_HUBS] [GCLOUD_WIDE_FLAG ...]
|
||||
|
||||
|
|
@ -73,6 +87,192 @@ FLAGS
|
|||
The request ID must be a valid UUID with the exception that zero UUID
|
||||
is not supported (00000000-0000-0000-0000-000000000000).
|
||||
|
||||
The configuration for the proxy.
|
||||
|
||||
--clear-proxy-protocol-config
|
||||
Set
|
||||
googleCloudBeyondcorpSecuritygatewaysV1SecurityGateway.proxyProtocolConfig
|
||||
back to default value.
|
||||
|
||||
--[no-]proxy-protocol-config-client-ip
|
||||
Client IP configuration. The client IP address is included if true.
|
||||
Use --proxy-protocol-config-client-ip to enable and
|
||||
--no-proxy-protocol-config-client-ip to disable.
|
||||
|
||||
--proxy-protocol-config-gateway-identity=PROXY_PROTOCOL_CONFIG_GATEWAY_IDENTITY
|
||||
Gateway identity configuration.
|
||||
PROXY_PROTOCOL_CONFIG_GATEWAY_IDENTITY must be (only one value is
|
||||
supported):
|
||||
|
||||
resource-name
|
||||
Resource name for gateway identity, in the format:
|
||||
projects/{project_id}/locations/{location_id}/securityGateways/{security_gateway_id}
|
||||
|
||||
Contextual headers configuration.
|
||||
|
||||
--contextual-headers-output-type=CONTEXTUAL_HEADERS_OUTPUT_TYPE
|
||||
Default output type for all enabled headers.
|
||||
CONTEXTUAL_HEADERS_OUTPUT_TYPE must be one of:
|
||||
|
||||
json
|
||||
JSON output type.
|
||||
none
|
||||
Explicitly disable header output.
|
||||
protobuf
|
||||
Protobuf output type.
|
||||
|
||||
Delegated device info configuration.
|
||||
|
||||
--device-info-output-type=DEVICE_INFO_OUTPUT_TYPE
|
||||
The output type of the delegated device info.
|
||||
DEVICE_INFO_OUTPUT_TYPE must be one of:
|
||||
|
||||
json
|
||||
JSON output type.
|
||||
none
|
||||
Explicitly disable header output.
|
||||
protobuf
|
||||
Protobuf output type.
|
||||
|
||||
Delegated group info configuration.
|
||||
|
||||
--group-info-output-type=GROUP_INFO_OUTPUT_TYPE
|
||||
The output type of the delegated group info.
|
||||
GROUP_INFO_OUTPUT_TYPE must be one of:
|
||||
|
||||
json
|
||||
JSON output type.
|
||||
none
|
||||
Explicitly disable header output.
|
||||
protobuf
|
||||
Protobuf output type.
|
||||
|
||||
Delegated user info configuration.
|
||||
|
||||
--user-info-output-type=USER_INFO_OUTPUT_TYPE
|
||||
The output type of the delegated user info. USER_INFO_OUTPUT_TYPE
|
||||
must be one of:
|
||||
|
||||
json
|
||||
JSON output type.
|
||||
none
|
||||
Explicitly disable header output.
|
||||
protobuf
|
||||
Protobuf output type.
|
||||
|
||||
Update proxy_protocol_config_allowed_client_headers.
|
||||
|
||||
At most one of these can be specified:
|
||||
|
||||
--proxy-protocol-config-allowed-client-headers=[PROXY_PROTOCOL_CONFIG_ALLOWED_CLIENT_HEADERS,...]
|
||||
Set proxy_protocol_config_allowed_client_headers to new value.
|
||||
|
||||
--add-proxy-protocol-config-allowed-client-headers=[ADD_PROXY_PROTOCOL_CONFIG_ALLOWED_CLIENT_HEADERS,...]
|
||||
Add new value to proxy_protocol_config_allowed_client_headers list.
|
||||
|
||||
At most one of these can be specified:
|
||||
|
||||
--clear-proxy-protocol-config-allowed-client-headers
|
||||
Clear proxy_protocol_config_allowed_client_headers value and set
|
||||
to empty list.
|
||||
|
||||
--remove-proxy-protocol-config-allowed-client-headers=[REMOVE_PROXY_PROTOCOL_CONFIG_ALLOWED_CLIENT_HEADERS,...]
|
||||
Remove existing value from
|
||||
proxy_protocol_config_allowed_client_headers list.
|
||||
|
||||
Update proxy_protocol_config_metadata_headers.
|
||||
|
||||
At most one of these can be specified:
|
||||
|
||||
--proxy-protocol-config-metadata-headers=[PROXY_PROTOCOL_CONFIG_METADATA_HEADERS,...]
|
||||
Set proxy_protocol_config_metadata_headers to new value. Custom
|
||||
resource specific headers along with the values. The names should
|
||||
conform to RFC 9110: > Field names SHOULD constrain themselves to
|
||||
alphanumeric characters, "-", and ".", and SHOULD begin with a
|
||||
letter. Field values SHOULD contain only ASCII printable characters
|
||||
and tab.
|
||||
|
||||
KEY
|
||||
Sets KEY value.
|
||||
|
||||
VALUE
|
||||
Sets VALUE value.
|
||||
|
||||
Shorthand Example:
|
||||
|
||||
--proxy-protocol-config-metadata-headers=string=string
|
||||
|
||||
JSON Example:
|
||||
|
||||
--proxy-protocol-config-metadata-headers='{"string": "string"}'
|
||||
|
||||
File Example:
|
||||
|
||||
--proxy-protocol-config-metadata-headers=path_to_file.(yaml|json)
|
||||
|
||||
--update-proxy-protocol-config-metadata-headers=[UPDATE_PROXY_PROTOCOL_CONFIG_METADATA_HEADERS,...]
|
||||
Update proxy_protocol_config_metadata_headers value or add key
|
||||
value pair. Custom resource specific headers along with the values.
|
||||
The names should conform to RFC 9110: > Field names SHOULD
|
||||
constrain themselves to alphanumeric characters, "-", and ".", and
|
||||
SHOULD begin with a letter. Field values SHOULD contain only ASCII
|
||||
printable characters and tab.
|
||||
|
||||
KEY
|
||||
Sets KEY value.
|
||||
|
||||
VALUE
|
||||
Sets VALUE value.
|
||||
|
||||
Shorthand Example:
|
||||
|
||||
--update-proxy-protocol-config-metadata-headers=string=string
|
||||
|
||||
JSON Example:
|
||||
|
||||
--update-proxy-protocol-config-metadata-headers='{"string": "string"}'
|
||||
|
||||
File Example:
|
||||
|
||||
--update-proxy-protocol-config-metadata-headers=path_to_file.(yaml|json)
|
||||
|
||||
At most one of these can be specified:
|
||||
|
||||
--clear-proxy-protocol-config-metadata-headers
|
||||
Clear proxy_protocol_config_metadata_headers value and set to
|
||||
empty map.
|
||||
|
||||
--remove-proxy-protocol-config-metadata-headers=REMOVE_PROXY_PROTOCOL_CONFIG_METADATA_HEADERS
|
||||
Remove existing value from map
|
||||
proxy_protocol_config_metadata_headers. Sets
|
||||
remove_proxy_protocol_config_metadata_headers value.
|
||||
|
||||
Shorthand Example:
|
||||
|
||||
--remove-proxy-protocol-config-metadata-headers=string,string
|
||||
|
||||
JSON Example:
|
||||
|
||||
--remove-proxy-protocol-config-metadata-headers=["string"]
|
||||
|
||||
File Example:
|
||||
|
||||
--remove-proxy-protocol-config-metadata-headers=path_to_file.(yaml|json)
|
||||
|
||||
Settings related to the Service Discovery.
|
||||
|
||||
--clear-service-discovery
|
||||
Set
|
||||
googleCloudBeyondcorpSecuritygatewaysV1SecurityGateway.serviceDiscovery
|
||||
back to default value.
|
||||
|
||||
If Service Discovery is done through API, defines its settings.
|
||||
|
||||
API operation descriptor.
|
||||
|
||||
--resource-override-path=RESOURCE_OVERRIDE_PATH
|
||||
Contains uri path fragment where HTTP request is sent.
|
||||
|
||||
Update hubs.
|
||||
|
||||
At most one of these can be specified:
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue