diff --git a/gcloud/_version b/gcloud/_version index 184ca896f..3c7e0bffc 100644 --- a/gcloud/_version +++ b/gcloud/_version @@ -1,8 +1,8 @@ -Google Cloud SDK 511.0.0 -alpha 2025.02.18 -beta 2025.02.18 +Google Cloud SDK 512.0.0 +alpha 2025.02.21 +beta 2025.02.21 bq 2.1.13 bundled-python3-unix 3.12.8 -core 2025.02.18 +core 2025.02.21 gcloud-crc32c 1.0.0 gsutil 5.33 diff --git a/gcloud/ai/endpoints/deploy-model b/gcloud/ai/endpoints/deploy-model index d5aabe063..33c36f3e1 100644 --- a/gcloud/ai/endpoints/deploy-model +++ b/gcloud/ai/endpoints/deploy-model @@ -143,10 +143,7 @@ OPTIONAL FLAGS have access to the resource project. --spot - If true, online prediction access logs are sent to Cloud Logging. - - These logs are standard server access logs, containing information like - timestamp and latency for each prediction request. + If true, schedule the deployment workload on Spot VMs. --traffic-split=[DEPLOYED_MODEL_ID=VALUE,...] List of pairs of deployed model id and value to set as traffic split. diff --git a/gcloud/alloydb/instances/create b/gcloud/alloydb/instances/create index 5127a997f..496cf00a9 100644 --- a/gcloud/alloydb/instances/create +++ b/gcloud/alloydb/instances/create @@ -15,6 +15,7 @@ SYNOPSIS [--[no-]insights-config-record-application-tags] [--[no-]insights-config-record-client-address] [--[no-]outbound-public-ip] + [--psc-network-attachment-uri=PSC_NETWORK_ATTACHMENT_URI] [--read-pool-node-count=READ_POOL_NODE_COUNT] [--[no-]require-connectors] [--ssl-mode=SSL_MODE; default="ENCRYPTED_ONLY"] [GCLOUD_WIDE_FLAG ...] @@ -136,6 +137,12 @@ OPTIONAL FLAGS Add outbound Public IP connectivity to an AlloyDB instance. Use --outbound-public-ip to enable and --no-outbound-public-ip to disable. + --psc-network-attachment-uri=PSC_NETWORK_ATTACHMENT_URI + Full URI of the network attachment that is configured to support + outbound connectivity from an AlloyDB instance which uses Private + Service Connect (PSC). For example, this would be of the + form:psc-network-attachment-uri=projects/test-project/regions/us-central1/networkAttachments/my-na + --read-pool-node-count=READ_POOL_NODE_COUNT Read capacity, i.e. number of nodes in a read pool instance. diff --git a/gcloud/alloydb/instances/create-secondary b/gcloud/alloydb/instances/create-secondary index d3e38df46..26951cbce 100644 --- a/gcloud/alloydb/instances/create-secondary +++ b/gcloud/alloydb/instances/create-secondary @@ -9,8 +9,10 @@ SYNOPSIS [--authorized-external-networks=[AUTHORIZED_NETWORK,...]] [--availability-type=AVAILABILITY_TYPE] [--database-flags=FLAG=VALUE,[FLAG=VALUE,...]] - [--[no-]outbound-public-ip] [--[no-]require-connectors] - [--ssl-mode=SSL_MODE] [GCLOUD_WIDE_FLAG ...] + [--[no-]outbound-public-ip] + [--psc-network-attachment-uri=PSC_NETWORK_ATTACHMENT_URI] + [--[no-]require-connectors] [--ssl-mode=SSL_MODE] + [GCLOUD_WIDE_FLAG ...] DESCRIPTION Creates a new AlloyDB SECONDARY instance within a given cluster. @@ -84,6 +86,12 @@ OPTIONAL FLAGS Add outbound Public IP connectivity to an AlloyDB instance. Use --outbound-public-ip to enable and --no-outbound-public-ip to disable. + --psc-network-attachment-uri=PSC_NETWORK_ATTACHMENT_URI + Full URI of the network attachment that is configured to support + outbound connectivity from an AlloyDB instance which uses Private + Service Connect (PSC). For example, this would be of the + form:psc-network-attachment-uri=projects/test-project/regions/us-central1/networkAttachments/my-na + --[no-]require-connectors Enable or disable enforcing connectors only (ex: AuthProxy) connections to the database. Use --require-connectors to enable and diff --git a/gcloud/alloydb/instances/update b/gcloud/alloydb/instances/update index 9800fe8d5..137a1ee2d 100644 --- a/gcloud/alloydb/instances/update +++ b/gcloud/alloydb/instances/update @@ -7,13 +7,15 @@ SYNOPSIS [--allowed-psc-projects=[ALLOWED_PSC_PROJECTS,...]] [--assign-inbound-public-ip=ASSIGN_INBOUND_PUBLIC_IP] [--async] [--authorized-external-networks=[AUTHORIZED_NETWORK,...]] - [--availability-type=AVAILABILITY_TYPE] [--cpu-count=CPU_COUNT] + [--availability-type=AVAILABILITY_TYPE] + [--clear-psc-network-attachment-uri] [--cpu-count=CPU_COUNT] [--database-flags=FLAG=VALUE,[FLAG=VALUE,...]] [--insights-config-query-plans-per-minute=INSIGHTS_CONFIG_QUERY_PLANS_PER_MINUTE] [--insights-config-query-string-length=INSIGHTS_CONFIG_QUERY_STRING_LENGTH] [--[no-]insights-config-record-application-tags] [--[no-]insights-config-record-client-address] [--[no-]outbound-public-ip] + [--psc-network-attachment-uri=PSC_NETWORK_ATTACHMENT_URI] [--read-pool-node-count=READ_POOL_NODE_COUNT] [--[no-]require-connectors] [--ssl-mode=SSL_MODE] [GCLOUD_WIDE_FLAG ...] @@ -80,6 +82,10 @@ OPTIONAL FLAGS production instances; instance does not automatically fail over to another zone. + --clear-psc-network-attachment-uri + Disable outbound connectivity from an AlloyDB instance which uses + Private Service Connect (PSC). + --cpu-count=CPU_COUNT Whole number value indicating how many vCPUs the machine should contain. Each vCPU count corresponds to a N2 high-mem machine: @@ -119,6 +125,12 @@ OPTIONAL FLAGS Add outbound Public IP connectivity to an AlloyDB instance. Use --outbound-public-ip to enable and --no-outbound-public-ip to disable. + --psc-network-attachment-uri=PSC_NETWORK_ATTACHMENT_URI + Full URI of the network attachment that is configured to support + outbound connectivity from an AlloyDB instance which uses Private + Service Connect (PSC). For example, this would be of the + form:psc-network-attachment-uri=projects/test-project/regions/us-central1/networkAttachments/my-na + --read-pool-node-count=READ_POOL_NODE_COUNT Read capacity, i.e. number of nodes in a read pool instance. diff --git a/gcloud/alpha/ai/endpoints/deploy-model b/gcloud/alpha/ai/endpoints/deploy-model index 10cc37cb4..863d9a7ba 100644 --- a/gcloud/alpha/ai/endpoints/deploy-model +++ b/gcloud/alpha/ai/endpoints/deploy-model @@ -145,10 +145,7 @@ OPTIONAL FLAGS have access to the resource project. --spot - If true, online prediction access logs are sent to Cloud Logging. - - These logs are standard server access logs, containing information like - timestamp and latency for each prediction request. + If true, schedule the deployment workload on Spot VMs. --tpu-topology=TPU_TOPOLOGY CloudTPU topology to use for this deployment. Required for multihost diff --git a/gcloud/alpha/alloydb/instances/create b/gcloud/alpha/alloydb/instances/create index 258bc086d..24db2df62 100644 --- a/gcloud/alpha/alloydb/instances/create +++ b/gcloud/alpha/alloydb/instances/create @@ -31,7 +31,7 @@ SYNOPSIS [--[no-]observability-config-record-application-tags] [--[no-]observability-config-track-active-queries] [--observability-config-track-wait-events] [--[no-]outbound-public-ip] - [--psc-network-attachment-url=PSC_NETWORK_ATTACHMENT_URL] + [--psc-network-attachment-uri=PSC_NETWORK_ATTACHMENT_URI] [--read-pool-node-count=READ_POOL_NODE_COUNT] [--[no-]require-connectors] [--ssl-mode=SSL_MODE; default="ENCRYPTED_ONLY"] [GCLOUD_WIDE_FLAG ...] @@ -226,11 +226,11 @@ OPTIONAL FLAGS Add outbound Public IP connectivity to an AlloyDB instance. Use --outbound-public-ip to enable and --no-outbound-public-ip to disable. - --psc-network-attachment-url=PSC_NETWORK_ATTACHMENT_URL - Full URL of the network attachment that is configured to support + --psc-network-attachment-uri=PSC_NETWORK_ATTACHMENT_URI + Full URI of the network attachment that is configured to support outbound connectivity from an AlloyDB instance which uses Private Service Connect (PSC). For example, this would be of the - form:psc-network-attachment-url=projects/test-project/regions/us-central1/networkAttachments/my-na + form:psc-network-attachment-uri=projects/test-project/regions/us-central1/networkAttachments/my-na --read-pool-node-count=READ_POOL_NODE_COUNT Read capacity, i.e. number of nodes in a read pool instance. diff --git a/gcloud/alpha/alloydb/instances/create-secondary b/gcloud/alpha/alloydb/instances/create-secondary index f01e39ca9..f2478547e 100644 --- a/gcloud/alpha/alloydb/instances/create-secondary +++ b/gcloud/alpha/alloydb/instances/create-secondary @@ -9,8 +9,10 @@ SYNOPSIS [--authorized-external-networks=[AUTHORIZED_NETWORK,...]] [--availability-type=AVAILABILITY_TYPE] [--database-flags=FLAG=VALUE,[FLAG=VALUE,...]] - [--[no-]outbound-public-ip] [--[no-]require-connectors] - [--ssl-mode=SSL_MODE] [GCLOUD_WIDE_FLAG ...] + [--[no-]outbound-public-ip] + [--psc-network-attachment-uri=PSC_NETWORK_ATTACHMENT_URI] + [--[no-]require-connectors] [--ssl-mode=SSL_MODE] + [GCLOUD_WIDE_FLAG ...] DESCRIPTION (ALPHA) Creates a new AlloyDB SECONDARY instance within a given cluster. @@ -84,6 +86,12 @@ OPTIONAL FLAGS Add outbound Public IP connectivity to an AlloyDB instance. Use --outbound-public-ip to enable and --no-outbound-public-ip to disable. + --psc-network-attachment-uri=PSC_NETWORK_ATTACHMENT_URI + Full URI of the network attachment that is configured to support + outbound connectivity from an AlloyDB instance which uses Private + Service Connect (PSC). For example, this would be of the + form:psc-network-attachment-uri=projects/test-project/regions/us-central1/networkAttachments/my-na + --[no-]require-connectors Enable or disable enforcing connectors only (ex: AuthProxy) connections to the database. Use --require-connectors to enable and diff --git a/gcloud/alpha/alloydb/instances/update b/gcloud/alpha/alloydb/instances/update index 0b0abe7bc..76e318a18 100644 --- a/gcloud/alpha/alloydb/instances/update +++ b/gcloud/alpha/alloydb/instances/update @@ -8,7 +8,7 @@ SYNOPSIS [--assign-inbound-public-ip=ASSIGN_INBOUND_PUBLIC_IP] [--async] [--authorized-external-networks=[AUTHORIZED_NETWORK,...]] [--availability-type=AVAILABILITY_TYPE] - [--clear-psc-network-attachment-url] + [--clear-psc-network-attachment-uri] [--connection-pooling-ignore-startup-parameters=[STARTUP_PARAMETERS, ...]] [--connection-pooling-max-client-connections=CONNECTION_POOLING_MAX_CLIENT_CONNECTIONS] @@ -31,7 +31,7 @@ SYNOPSIS [--[no-]observability-config-record-application-tags] [--[no-]observability-config-track-active-queries] [--observability-config-track-wait-events] [--[no-]outbound-public-ip] - [--psc-network-attachment-url=PSC_NETWORK_ATTACHMENT_URL] + [--psc-network-attachment-uri=PSC_NETWORK_ATTACHMENT_URI] [--read-pool-node-count=READ_POOL_NODE_COUNT] [--[no-]require-connectors] [--ssl-mode=SSL_MODE] [--update-mode=UPDATE_MODE] [GCLOUD_WIDE_FLAG ...] @@ -98,7 +98,7 @@ OPTIONAL FLAGS production instances; instance does not automatically fail over to another zone. - --clear-psc-network-attachment-url + --clear-psc-network-attachment-uri Disable outbound connectivity from an AlloyDB instance which uses Private Service Connect (PSC). @@ -213,11 +213,11 @@ OPTIONAL FLAGS Add outbound Public IP connectivity to an AlloyDB instance. Use --outbound-public-ip to enable and --no-outbound-public-ip to disable. - --psc-network-attachment-url=PSC_NETWORK_ATTACHMENT_URL - Full URL of the network attachment that is configured to support + --psc-network-attachment-uri=PSC_NETWORK_ATTACHMENT_URI + Full URI of the network attachment that is configured to support outbound connectivity from an AlloyDB instance which uses Private Service Connect (PSC). For example, this would be of the - form:psc-network-attachment-url=projects/test-project/regions/us-central1/networkAttachments/my-na + form:psc-network-attachment-uri=projects/test-project/regions/us-central1/networkAttachments/my-na --read-pool-node-count=READ_POOL_NODE_COUNT Read capacity, i.e. number of nodes in a read pool instance. diff --git a/gcloud/alpha/bigtable/app-profiles/create b/gcloud/alpha/bigtable/app-profiles/create index bd4a896ff..23bfc58b0 100644 --- a/gcloud/alpha/bigtable/app-profiles/create +++ b/gcloud/alpha/bigtable/app-profiles/create @@ -124,23 +124,23 @@ OPTIONAL FLAGS Data Boost Read-only Isolation --data-boost - Use Data Boost Read-only Isolation, rather than Standard Isolation. - If specified, --data-boost-compute-billing-owner is required. - Specifying Data Boost Read-only Isolation on an app profile which - has Standard Isolation enabled may cause unexpected behavior for - running applications. + Use Data Boost serverless compute option, rather than standard + provisioned node compute. If specified, + --data-boost-compute-billing-owner is required. Specifying Data + Boost compute on an app profile that uses standard provisioned node + compute may cause unexpected behavior for running applications. This flag argument must be specified if any of the other arguments in this group are specified. --data-boost-compute-billing-owner=DATA_BOOST_COMPUTE_BILLING_OWNER - Specify the Data Boost Compute Billing Owner, required if + Specify the Data Boost compute billing owner, required if --data-boost is passed. DATA_BOOST_COMPUTE_BILLING_OWNER must be (only one value is supported): HOST_PAYS - Compute Billing should be accounted towards the host Cloud - Project (containing the targeted Bigtable Instance / Table). + Compute billing should be accounted towards the host Cloud + project (containing the targeted Bigtable instance / table). This flag argument must be specified if any of the other arguments in this group are specified. @@ -148,14 +148,15 @@ OPTIONAL FLAGS Standard Isolation --priority=PRIORITY - Specify the request priority under Standard Isolation. Passing this - option implies Standard Isolation, e.g. the --standard option. If - not specified, the app profile uses Standard Isolation with - PRIORITY_HIGH by default. Specifying request priority on an app - profile that has Data Boost Read-Only Isolation enabled will change - the isolation to Standard and use the specified priority, which may - cause unexpected behavior for running applications. PRIORITY must - be one of: + Specify the request priority under standard provisioned node + compute capabilities. Passing this option implies standard + provisioned node compute, e.g. the --standard option. If not + specified, the app profile uses standard provisioned node compute + with PRIORITY_HIGH by default. Specifying request priority on an + app profile that has Data Boost serverless compute enabled changes + the compute option to standard and uses the specified priority, + which might cause unexpected behavior for running applications. + PRIORITY must be one of: PRIORITY_HIGH Requests are treated with high priority. @@ -168,8 +169,8 @@ OPTIONAL FLAGS in this group are specified. --standard - Use Standard Isolation, rather than Data Boost Read-only Isolation. - If specified, --priority is required. + Use standard provisioned node compute option, rather than Data + Boost compute option. If specified, --priority is required. GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, diff --git a/gcloud/alpha/bigtable/app-profiles/update b/gcloud/alpha/bigtable/app-profiles/update index 79c070d9d..41927b8c7 100644 --- a/gcloud/alpha/bigtable/app-profiles/update +++ b/gcloud/alpha/bigtable/app-profiles/update @@ -98,23 +98,23 @@ FLAGS Data Boost Read-only Isolation --data-boost - Use Data Boost Read-only Isolation, rather than Standard Isolation. - If specified, --data-boost-compute-billing-owner is required. - Specifying Data Boost Read-only Isolation on an app profile which - has Standard Isolation enabled may cause unexpected behavior for - running applications. + Use Data Boost serverless compute option, rather than standard + provisioned node compute. If specified, + --data-boost-compute-billing-owner is required. Specifying Data + Boost compute on an app profile that uses standard provisioned node + compute may cause unexpected behavior for running applications. This flag argument must be specified if any of the other arguments in this group are specified. --data-boost-compute-billing-owner=DATA_BOOST_COMPUTE_BILLING_OWNER - Specify the Data Boost Compute Billing Owner, required if + Specify the Data Boost compute billing owner, required if --data-boost is passed. DATA_BOOST_COMPUTE_BILLING_OWNER must be (only one value is supported): HOST_PAYS - Compute Billing should be accounted towards the host Cloud - Project (containing the targeted Bigtable Instance / Table). + Compute billing should be accounted towards the host Cloud + project (containing the targeted Bigtable instance / table). This flag argument must be specified if any of the other arguments in this group are specified. @@ -122,14 +122,15 @@ FLAGS Standard Isolation --priority=PRIORITY - Specify the request priority under Standard Isolation. Passing this - option implies Standard Isolation, e.g. the --standard option. If - not specified, the app profile uses Standard Isolation with - PRIORITY_HIGH by default. Specifying request priority on an app - profile that has Data Boost Read-Only Isolation enabled will change - the isolation to Standard and use the specified priority, which may - cause unexpected behavior for running applications. PRIORITY must - be one of: + Specify the request priority under standard provisioned node + compute capabilities. Passing this option implies standard + provisioned node compute, e.g. the --standard option. If not + specified, the app profile uses standard provisioned node compute + with PRIORITY_HIGH by default. Specifying request priority on an + app profile that has Data Boost serverless compute enabled changes + the compute option to standard and uses the specified priority, + which might cause unexpected behavior for running applications. + PRIORITY must be one of: PRIORITY_HIGH Requests are treated with high priority. @@ -142,8 +143,8 @@ FLAGS in this group are specified. --standard - Use Standard Isolation, rather than Data Boost Read-only Isolation. - If specified, --priority is required. + Use standard provisioned node compute option, rather than Data + Boost compute option. If specified, --priority is required. At most one of these can be specified: diff --git a/gcloud/alpha/bq/help b/gcloud/alpha/bq/help index ebab12303..8867287fe 100644 --- a/gcloud/alpha/bq/help +++ b/gcloud/alpha/bq/help @@ -21,6 +21,9 @@ GROUPS jobs (ALPHA) Interact with and manage jobs in Google BigQuery. + migration-workflows + (ALPHA) Manage Migration Workflow resources. + tables (ALPHA) Interact with and manage Google BigQuery tables. diff --git a/gcloud/alpha/bq/migration-workflows/delete b/gcloud/alpha/bq/migration-workflows/delete new file mode 100644 index 000000000..2aa4a0360 --- /dev/null +++ b/gcloud/alpha/bq/migration-workflows/delete @@ -0,0 +1,66 @@ +NAME + gcloud alpha bq migration-workflows delete - delete migrationWorkflows + +SYNOPSIS + gcloud alpha bq migration-workflows delete (WORKFLOW : --location=LOCATION) + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (ALPHA) Delete a migrationWorkflow + +EXAMPLES + To delete the migrationWorkflow, run: + + $ gcloud alpha bq migration-workflows delete + +POSITIONAL ARGUMENTS + Workflow resource - The unique identifier for the migration workflow. + Example: projects/123/locations/us/workflows/1234 The arguments in this + group can be used to specify the attributes of this resource. (NOTE) Some + attributes are not given arguments in this group but can be set in other + ways. + + To set the project attribute: + ◆ provide the argument workflow on the command line with a fully + specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + WORKFLOW + ID of the workflow or fully qualified identifier for the workflow. + + To set the workflow attribute: + ▸ provide the argument workflow on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + The location id of the workflow resource. + + To set the location attribute: + ▸ provide the argument workflow on the command line with a fully + specified name; + ▸ provide the argument --location on the command line. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +API REFERENCE + This command uses the bigquerymigration/v2 API. The full documentation for + this API can be found at: + https://cloud.google.com/solutions/migration/dw2bq/dw-bq-migration-overview + +NOTES + This command is currently in alpha and might change without notice. If this + command fails with API permission errors despite specifying the correct + project, you might be trying to access an API with an invitation-only early + access allowlist. + diff --git a/gcloud/alpha/bq/migration-workflows/describe b/gcloud/alpha/bq/migration-workflows/describe new file mode 100644 index 000000000..d0b726d32 --- /dev/null +++ b/gcloud/alpha/bq/migration-workflows/describe @@ -0,0 +1,66 @@ +NAME + gcloud alpha bq migration-workflows describe - describe migrationWorkflows + +SYNOPSIS + gcloud alpha bq migration-workflows describe + (WORKFLOW : --location=LOCATION) [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (ALPHA) Describe a migrationWorkflow + +EXAMPLES + To describe the migrationWorkflow, run: + + $ gcloud alpha bq migration-workflows describe + +POSITIONAL ARGUMENTS + Workflow resource - The unique identifier for the migration workflow. + Example: projects/123/locations/us/workflows/1234 The arguments in this + group can be used to specify the attributes of this resource. (NOTE) Some + attributes are not given arguments in this group but can be set in other + ways. + + To set the project attribute: + ◆ provide the argument workflow on the command line with a fully + specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + WORKFLOW + ID of the workflow or fully qualified identifier for the workflow. + + To set the workflow attribute: + ▸ provide the argument workflow on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + The location id of the workflow resource. + + To set the location attribute: + ▸ provide the argument workflow on the command line with a fully + specified name; + ▸ provide the argument --location on the command line. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +API REFERENCE + This command uses the bigquerymigration/v2 API. The full documentation for + this API can be found at: + https://cloud.google.com/solutions/migration/dw2bq/dw-bq-migration-overview + +NOTES + This command is currently in alpha and might change without notice. If this + command fails with API permission errors despite specifying the correct + project, you might be trying to access an API with an invitation-only early + access allowlist. + diff --git a/gcloud/alpha/bq/migration-workflows/help b/gcloud/alpha/bq/migration-workflows/help new file mode 100644 index 000000000..47f6c37d2 --- /dev/null +++ b/gcloud/alpha/bq/migration-workflows/help @@ -0,0 +1,32 @@ +NAME + gcloud alpha bq migration-workflows - manage Migration Workflow resources + +SYNOPSIS + gcloud alpha bq migration-workflows COMMAND [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (ALPHA) Manage Migration Workflow resources. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --help. + + Run $ gcloud help for details. + +COMMANDS + COMMAND is one of the following: + + delete + (ALPHA) Delete migrationWorkflows. + + describe + (ALPHA) Describe migrationWorkflows. + + list + (ALPHA) List migrationWorkflows. + +NOTES + This command is currently in alpha and might change without notice. If this + command fails with API permission errors despite specifying the correct + project, you might be trying to access an API with an invitation-only early + access allowlist. + diff --git a/gcloud/alpha/bq/migration-workflows/list b/gcloud/alpha/bq/migration-workflows/list new file mode 100644 index 000000000..86abecbee --- /dev/null +++ b/gcloud/alpha/bq/migration-workflows/list @@ -0,0 +1,87 @@ +NAME + gcloud alpha bq migration-workflows list - list migrationWorkflows + +SYNOPSIS + gcloud alpha bq migration-workflows list --location=LOCATION + [--filter=EXPRESSION] [--limit=LIMIT] [--page-size=PAGE_SIZE] + [--sort-by=[FIELD,...]] [--uri] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (ALPHA) List migrationWorkflows + +EXAMPLES + To list all migrationWorkflows, run: + + $ gcloud alpha bq migration-workflows list + +REQUIRED FLAGS + Location resource - The project and location of the migration workflows to + list. Example: projects/123/locations/us This represents a Cloud resource. + (NOTE) Some attributes are not given arguments in this group but can be + set in other ways. + + To set the project attribute: + ◆ provide the argument --location on the command line with a fully + specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + --location=LOCATION + ID of the location or fully qualified identifier for the location. + + To set the location attribute: + ▸ provide the argument --location on the command line. + +LIST COMMAND FLAGS + --filter=EXPRESSION + Apply a Boolean filter EXPRESSION to each resource item to be listed. + If the expression evaluates True, then that item is listed. For more + details and examples of filter expressions, run $ gcloud topic filters. + This flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --limit=LIMIT + Maximum number of resources to list. The default is unlimited. This + flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --page-size=PAGE_SIZE + Some services group resource list output into pages. This flag + specifies the maximum number of resources per page. The default is + determined by the service if it supports paging, otherwise it is + unlimited (no paging). Paging may be applied before or after --filter + and --limit depending on the service. + + --sort-by=[FIELD,...] + Comma-separated list of resource field key names to sort by. The + default order is ascending. Prefix a field with ``~'' for descending + order on that field. This flag interacts with other flags that are + applied in this order: --flatten, --sort-by, --filter, --limit. + + --uri + Print a list of resource URIs instead of the default output, and change + the command output to a list of URIs. If this flag is used with + --format, the formatting is applied on this URI list. To display URIs + alongside other keys instead, use the uri() transform. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +API REFERENCE + This command uses the bigquerymigration/v2 API. The full documentation for + this API can be found at: + https://cloud.google.com/solutions/migration/dw2bq/dw-bq-migration-overview + +NOTES + This command is currently in alpha and might change without notice. If this + command fails with API permission errors despite specifying the correct + project, you might be trying to access an API with an invitation-only early + access allowlist. + diff --git a/gcloud/alpha/compute/backend-services/create b/gcloud/alpha/compute/backend-services/create index 751a59686..0be981aa6 100644 --- a/gcloud/alpha/compute/backend-services/create +++ b/gcloud/alpha/compute/backend-services/create @@ -27,6 +27,7 @@ SYNOPSIS oauth2-client-secret=OAUTH2-CLIENT-SECRET]] [--idle-timeout-sec=IDLE_TIMEOUT_SEC] [--ip-address-selection-policy=IP_ADDRESS_SELECTION_POLICY] + [--ip-port-dynamic-forwarding] [--load-balancing-scheme=LOAD_BALANCING_SCHEME; default="EXTERNAL"] [--locality-lb-policy=LOCALITY_LB_POLICY] [--logging-optional=LOGGING_OPTIONAL] @@ -377,6 +378,9 @@ FLAGS IP_ADDRESS_SELECTION_POLICY must be one of: IPV4_ONLY, PREFER_IPV6, IPV6_ONLY. + --ip-port-dynamic-forwarding + Enables Dynamic Forwarding in IpPort selection mode. + --load-balancing-scheme=LOAD_BALANCING_SCHEME; default="EXTERNAL" Specifies the load balancer type. Choose EXTERNAL for the classic Application Load Balancers, the external passthrough Network Load diff --git a/gcloud/alpha/compute/backend-services/update b/gcloud/alpha/compute/backend-services/update index 2ab2e7e87..63b0f4f61 100644 --- a/gcloud/alpha/compute/backend-services/update +++ b/gcloud/alpha/compute/backend-services/update @@ -24,6 +24,7 @@ SYNOPSIS oauth2-client-secret=OAUTH2-CLIENT-SECRET]] [--idle-timeout-sec=IDLE_TIMEOUT_SEC] [--ip-address-selection-policy=IP_ADDRESS_SELECTION_POLICY] + [--ip-port-dynamic-forwarding] [--load-balancing-scheme=LOAD_BALANCING_SCHEME] [--locality-lb-policy=LOCALITY_LB_POLICY] [--logging-optional=LOGGING_OPTIONAL] @@ -306,6 +307,9 @@ FLAGS IP_ADDRESS_SELECTION_POLICY must be one of: IPV4_ONLY, PREFER_IPV6, IPV6_ONLY. + --ip-port-dynamic-forwarding + Enables Dynamic Forwarding in IpPort selection mode. + --load-balancing-scheme=LOAD_BALANCING_SCHEME Only for the Global external ALB migration. diff --git a/gcloud/alpha/compute/interconnects/attachments/dedicated/create b/gcloud/alpha/compute/interconnects/attachments/dedicated/create index c2e2975b3..1cc74996f 100644 --- a/gcloud/alpha/compute/interconnects/attachments/dedicated/create +++ b/gcloud/alpha/compute/interconnects/attachments/dedicated/create @@ -5,6 +5,10 @@ NAME SYNOPSIS gcloud alpha compute interconnects attachments dedicated create NAME --interconnect=INTERCONNECT --router=ROUTER [--bandwidth=BANDWIDTH] + [--candidate-cloud-router-ip-address=CANDIDATE_CLOUD_ROUTER_IP_ADDRESS] + [--candidate-cloud-router-ipv6-address=CANDIDATE_CLOUD_ROUTER_IPV6_ADDRESS] + [--candidate-customer-router-ip-address=CANDIDATE_CUSTOMER_ROUTER_IP_ADDRESS] + [--candidate-customer-router-ipv6-address=CANDIDATE_CUSTOMER_ROUTER_IPV6_ADDRESS] [--candidate-ipv6-subnets=[IPV6_SUBNET,...]] [--candidate-subnets=[SUBNET,...]] [--cloud-router-ipv6-interface-id=INTERFACE_ID] @@ -63,6 +67,22 @@ OPTIONAL FLAGS 100g 100 Gbit/s + --candidate-cloud-router-ip-address=CANDIDATE_CLOUD_ROUTER_IP_ADDRESS + Single IPv4 address + prefix length to be configured on the cloud + router interface for this interconnect attachment + + --candidate-cloud-router-ipv6-address=CANDIDATE_CLOUD_ROUTER_IPV6_ADDRESS + Single IPv6 address + prefix length to be configured on the cloud + router interface for this interconnect attachment + + --candidate-customer-router-ip-address=CANDIDATE_CUSTOMER_ROUTER_IP_ADDRESS + Single IPv4 address + prefix length to be configured on the customer + router interface for this interconnect attachment + + --candidate-customer-router-ipv6-address=CANDIDATE_CUSTOMER_ROUTER_IPV6_ADDRESS + Single IPv6 address + prefix length to be configured on the customer + router interface for this interconnect attachment + --candidate-ipv6-subnets=[IPV6_SUBNET,...] The candididate-ipv6-subnets field is not available. diff --git a/gcloud/alpha/compute/interconnects/cross-site-networks/create b/gcloud/alpha/compute/interconnects/cross-site-networks/create index 0087a1a4d..308f8482a 100644 --- a/gcloud/alpha/compute/interconnects/cross-site-networks/create +++ b/gcloud/alpha/compute/interconnects/cross-site-networks/create @@ -40,5 +40,7 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. + access allowlist. This variant is also available: + + $ gcloud beta compute interconnects cross-site-networks create diff --git a/gcloud/alpha/compute/interconnects/cross-site-networks/delete b/gcloud/alpha/compute/interconnects/cross-site-networks/delete index 8fc7aff0e..1e42618bb 100644 --- a/gcloud/alpha/compute/interconnects/cross-site-networks/delete +++ b/gcloud/alpha/compute/interconnects/cross-site-networks/delete @@ -26,5 +26,7 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. + access allowlist. This variant is also available: + + $ gcloud beta compute interconnects cross-site-networks delete diff --git a/gcloud/alpha/compute/interconnects/cross-site-networks/describe b/gcloud/alpha/compute/interconnects/cross-site-networks/describe index 4ec9df290..52e1f27a9 100644 --- a/gcloud/alpha/compute/interconnects/cross-site-networks/describe +++ b/gcloud/alpha/compute/interconnects/cross-site-networks/describe @@ -27,5 +27,7 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. + access allowlist. This variant is also available: + + $ gcloud beta compute interconnects cross-site-networks describe diff --git a/gcloud/alpha/compute/interconnects/cross-site-networks/help b/gcloud/alpha/compute/interconnects/cross-site-networks/help index 7e89917d8..111779d32 100644 --- a/gcloud/alpha/compute/interconnects/cross-site-networks/help +++ b/gcloud/alpha/compute/interconnects/cross-site-networks/help @@ -36,5 +36,7 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. + access allowlist. This variant is also available: + + $ gcloud beta compute interconnects cross-site-networks diff --git a/gcloud/alpha/compute/interconnects/cross-site-networks/list b/gcloud/alpha/compute/interconnects/cross-site-networks/list index 0973e002e..e9d0c39ca 100644 --- a/gcloud/alpha/compute/interconnects/cross-site-networks/list +++ b/gcloud/alpha/compute/interconnects/cross-site-networks/list @@ -64,5 +64,7 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. + access allowlist. This variant is also available: + + $ gcloud beta compute interconnects cross-site-networks list diff --git a/gcloud/alpha/compute/interconnects/cross-site-networks/update b/gcloud/alpha/compute/interconnects/cross-site-networks/update index 5f838cc29..dd7a4fe82 100644 --- a/gcloud/alpha/compute/interconnects/cross-site-networks/update +++ b/gcloud/alpha/compute/interconnects/cross-site-networks/update @@ -31,5 +31,7 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. + access allowlist. This variant is also available: + + $ gcloud beta compute interconnects cross-site-networks update diff --git a/gcloud/alpha/compute/interconnects/wire-groups/add-endpoint b/gcloud/alpha/compute/interconnects/wire-groups/add-endpoint index 40421414b..619769149 100644 --- a/gcloud/alpha/compute/interconnects/wire-groups/add-endpoint +++ b/gcloud/alpha/compute/interconnects/wire-groups/add-endpoint @@ -44,5 +44,7 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. + access allowlist. This variant is also available: + + $ gcloud beta compute interconnects wire-groups add-endpoint diff --git a/gcloud/alpha/compute/interconnects/wire-groups/add-interconnect b/gcloud/alpha/compute/interconnects/wire-groups/add-interconnect index 2b4f9ded3..47119c57a 100644 --- a/gcloud/alpha/compute/interconnects/wire-groups/add-interconnect +++ b/gcloud/alpha/compute/interconnects/wire-groups/add-interconnect @@ -57,5 +57,7 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. + access allowlist. This variant is also available: + + $ gcloud beta compute interconnects wire-groups add-interconnect diff --git a/gcloud/alpha/compute/interconnects/wire-groups/create b/gcloud/alpha/compute/interconnects/wire-groups/create index c05fdd4bf..f306ada57 100644 --- a/gcloud/alpha/compute/interconnects/wire-groups/create +++ b/gcloud/alpha/compute/interconnects/wire-groups/create @@ -5,13 +5,12 @@ NAME SYNOPSIS gcloud alpha compute interconnects wire-groups create NAME --bandwidth-unmetered=BANDWIDTH_UNMETERED - --cross-site-network=CROSS_SITE_NETWORK --type=TYPE - [--admin-enabled=ADMIN_ENABLED] + --cross-site-network=CROSS_SITE_NETWORK --type=TYPE [--admin-enabled] [--bandwidth-allocation=BANDWIDTH_ALLOCATION] [--bandwidth-metered=BANDWIDTH_METERED] [--description=DESCRIPTION] [--fault-response=FAULT_RESPONSE] - [--network-service-class=NETWORK_SERVICE_CLASS] - [--validate-only=VALIDATE_ONLY] [GCLOUD_WIDE_FLAG ...] + [--network-service-class=NETWORK_SERVICE_CLASS] [--validate-only] + [GCLOUD_WIDE_FLAG ...] DESCRIPTION (ALPHA) gcloud alpha compute interconnects wire-groups create is used to @@ -26,9 +25,8 @@ EXAMPLES $ gcloud alpha compute interconnects wire-groups create \ example-wire-group --project my-project \ - --cross-site-network example-cross-site-network --type WIRE \ - --bandwidth-unmetered 10g --network-service-class BRONZE \ - --bandwidth-allocation ALLOCATE_PER_WIRE + --cross-site-network example-cross-site-network \ + --type REDUNDANT --bandwidth-unmetered 1 POSITIONAL ARGUMENTS NAME @@ -45,24 +43,36 @@ REQUIRED FLAGS The type for the wire group. TYPE must be one of: BOX_AND_CROSS - Box and cross + Box and cross type wire groups must have two VLAN tags. The first + is for the same-zone pseudowire, and the second is for the + cross-zone pseudowire. REDUNDANT - Redundant + Redundant type wire groups must have only one VLAN tag. WIRE - Wire + Single wire type wire groups must have only one VLAN tag. OPTIONAL FLAGS - --admin-enabled=ADMIN_ENABLED - Set admin-enabled on the wire group. + --admin-enabled + Administrative status of the wire group. If not provided on creation, + defaults to enabled. When this is enabled, the wire group is + operational and will carry traffic. Use --no-admin-enabled to disable + it. --bandwidth-allocation=BANDWIDTH_ALLOCATION The bandwidth allocation for the wire group. BANDWIDTH_ALLOCATION must be one of: ALLOCATE_PER_WIRE - Allocate per wire. + Configures a separate unmetered bandwidth allocation (and + associated charges) for each wire in the group. SHARED_WITH_WIRE_GROUP - Shared with wire group. + Configures one unmetered bandwidth allocation for the wire group. + The unmetered bandwidth is divided equally across each wire in the + group, but dynamic throttling reallocates unused unmetered + bandwidth from unused or underused wires to other wires in the + group. For example, with a four-wire box-and-cross group, when one + Interconnect connection is down, the unmetered bandwidth of the two + down wires is reallocated to the remaining up wires. --bandwidth-metered=BANDWIDTH_METERED The amount of metered bandwidth to assign to the wire group. @@ -83,12 +93,12 @@ OPTIONAL FLAGS must be one of: BRONZE - Bronze. + The lowest service class. GOLD - Gold. + The highest service class. - --validate-only=VALIDATE_ONLY - Only validates the configuration, but does not create it. + --validate-only + Validate the new configuration, but don't update it. GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, @@ -102,5 +112,7 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. + access allowlist. This variant is also available: + + $ gcloud beta compute interconnects wire-groups create diff --git a/gcloud/alpha/compute/interconnects/wire-groups/delete b/gcloud/alpha/compute/interconnects/wire-groups/delete index d39e02d15..677472567 100644 --- a/gcloud/alpha/compute/interconnects/wire-groups/delete +++ b/gcloud/alpha/compute/interconnects/wire-groups/delete @@ -30,5 +30,7 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. + access allowlist. This variant is also available: + + $ gcloud beta compute interconnects wire-groups delete diff --git a/gcloud/alpha/compute/interconnects/wire-groups/describe b/gcloud/alpha/compute/interconnects/wire-groups/describe index bbf699692..868c6af6a 100644 --- a/gcloud/alpha/compute/interconnects/wire-groups/describe +++ b/gcloud/alpha/compute/interconnects/wire-groups/describe @@ -30,5 +30,7 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. + access allowlist. This variant is also available: + + $ gcloud beta compute interconnects wire-groups describe diff --git a/gcloud/alpha/compute/interconnects/wire-groups/help b/gcloud/alpha/compute/interconnects/wire-groups/help index b7bccb81c..57351d99d 100644 --- a/gcloud/alpha/compute/interconnects/wire-groups/help +++ b/gcloud/alpha/compute/interconnects/wire-groups/help @@ -39,7 +39,7 @@ COMMANDS (ALPHA) Remove endpoint from a Compute Engine wire group. remove-interconnect - (ALPHA) Remove interconnect to a Compute Engine wire group. + (ALPHA) Remove interconnect from a wire group. update (ALPHA) Update a Compute Engine wire group. @@ -48,5 +48,7 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. + access allowlist. This variant is also available: + + $ gcloud beta compute interconnects wire-groups diff --git a/gcloud/alpha/compute/interconnects/wire-groups/list b/gcloud/alpha/compute/interconnects/wire-groups/list index 0d65a3b79..ca5e7bf85 100644 --- a/gcloud/alpha/compute/interconnects/wire-groups/list +++ b/gcloud/alpha/compute/interconnects/wire-groups/list @@ -69,5 +69,7 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. + access allowlist. This variant is also available: + + $ gcloud beta compute interconnects wire-groups list diff --git a/gcloud/alpha/compute/interconnects/wire-groups/remove-endpoint b/gcloud/alpha/compute/interconnects/wire-groups/remove-endpoint index 137fc6630..7d4ee31ea 100644 --- a/gcloud/alpha/compute/interconnects/wire-groups/remove-endpoint +++ b/gcloud/alpha/compute/interconnects/wire-groups/remove-endpoint @@ -45,5 +45,7 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. + access allowlist. This variant is also available: + + $ gcloud beta compute interconnects wire-groups remove-endpoint diff --git a/gcloud/alpha/compute/interconnects/wire-groups/remove-interconnect b/gcloud/alpha/compute/interconnects/wire-groups/remove-interconnect index 76510395f..1ae2f1f02 100644 --- a/gcloud/alpha/compute/interconnects/wire-groups/remove-interconnect +++ b/gcloud/alpha/compute/interconnects/wire-groups/remove-interconnect @@ -1,6 +1,6 @@ NAME gcloud alpha compute interconnects wire-groups remove-interconnect - remove - interconnect to a Compute Engine wire group + interconnect from a wire group SYNOPSIS gcloud alpha compute interconnects wire-groups remove-interconnect NAME @@ -50,5 +50,7 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. + access allowlist. This variant is also available: + + $ gcloud beta compute interconnects wire-groups remove-interconnect diff --git a/gcloud/alpha/compute/interconnects/wire-groups/update b/gcloud/alpha/compute/interconnects/wire-groups/update index dc6e4e155..44ff3cd49 100644 --- a/gcloud/alpha/compute/interconnects/wire-groups/update +++ b/gcloud/alpha/compute/interconnects/wire-groups/update @@ -4,13 +4,13 @@ NAME SYNOPSIS gcloud alpha compute interconnects wire-groups update NAME - --cross-site-network=CROSS_SITE_NETWORK [--admin-enabled=ADMIN_ENABLED] + --cross-site-network=CROSS_SITE_NETWORK [--admin-enabled] [--bandwidth-allocation=BANDWIDTH_ALLOCATION] [--bandwidth-metered=BANDWIDTH_METERED] [--bandwidth-unmetered=BANDWIDTH_UNMETERED] [--description=DESCRIPTION] [--fault-response=FAULT_RESPONSE] [--network-service-class=NETWORK_SERVICE_CLASS] [--type=TYPE] - [--validate-only=VALIDATE_ONLY] [GCLOUD_WIDE_FLAG ...] + [--validate-only] [GCLOUD_WIDE_FLAG ...] DESCRIPTION (ALPHA) gcloud alpha compute interconnects wire-groups update is used to @@ -25,17 +25,26 @@ REQUIRED FLAGS Name of the crossSiteNetwork to operate on. OPTIONAL FLAGS - --admin-enabled=ADMIN_ENABLED - Set admin-enabled on the wire group. + --admin-enabled + Administrative status of the wire group. When this is enabled, the wire + group is operational and will carry traffic. Use --no-admin-enabled to + disable it. --bandwidth-allocation=BANDWIDTH_ALLOCATION The bandwidth allocation for the wire group. BANDWIDTH_ALLOCATION must be one of: ALLOCATE_PER_WIRE - Allocate per wire. + Configures a separate unmetered bandwidth allocation (and + associated charges) for each wire in the group. SHARED_WITH_WIRE_GROUP - Shared with wire group. + Configures one unmetered bandwidth allocation for the wire group. + The unmetered bandwidth is divided equally across each wire in the + group, but dynamic throttling reallocates unused unmetered + bandwidth from unused or underused wires to other wires in the + group. For example, with a four-wire box-and-cross group, when one + Interconnect connection is down, the unmetered bandwidth of the two + down wires is reallocated to the remaining up wires. --bandwidth-metered=BANDWIDTH_METERED The amount of metered bandwidth to assign to the wire group. @@ -59,22 +68,24 @@ OPTIONAL FLAGS must be one of: BRONZE - Bronze. + The lowest service class. GOLD - Gold. + The highest service class. --type=TYPE The type for the wire group. TYPE must be one of: BOX_AND_CROSS - Box and cross + Box and cross type wire groups must have two VLAN tags. The first + is for the same-zone pseudowire, and the second is for the + cross-zone pseudowire. REDUNDANT - Redundant + Redundant type wire groups must have only one VLAN tag. WIRE - Wire + Single wire type wire groups must have only one VLAN tag. - --validate-only=VALIDATE_ONLY - Only validates the configuration, but does not create it. + --validate-only + Validate the new configuration, but don't update it. GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, @@ -88,5 +99,7 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. + access allowlist. This variant is also available: + + $ gcloud beta compute interconnects wire-groups update diff --git a/gcloud/alpha/compute/vpn-tunnels/create b/gcloud/alpha/compute/vpn-tunnels/create index a27629955..fc2a75706 100644 --- a/gcloud/alpha/compute/vpn-tunnels/create +++ b/gcloud/alpha/compute/vpn-tunnels/create @@ -14,9 +14,15 @@ SYNOPSIS [--description=DESCRIPTION] [--ike-version=IKE_VERSION] [--interface=INTERFACE] [--local-traffic-selector=CIDR,[CIDR,...]] [--peer-external-gateway-interface=PEER_EXTERNAL_GATEWAY_INTERFACE] - [--region=REGION] [--remote-traffic-selector=CIDR,[CIDR,...]] - [--router=ROUTER] [--router-region=ROUTER_REGION] - [GCLOUD_WIDE_FLAG ...] + [--phase1-dh=GROUPS,[GROUPS,...]] + [--phase1-encryption=ALGORITHMS,[ALGORITHMS,...]] + [--phase1-integrity=ALGORITHMS,[ALGORITHMS,...]] + [--phase1-prf=PSEUDORANDOM FUNCTIONS,[...]] + [--phase2-encryption=ALGORITHMS,[ALGORITHMS,...]] + [--phase2-integrity=ALGORITHMS,[ALGORITHMS,...]] + [--phase2-pfs=ALGORITHMS,[ALGORITHMS,...]] [--region=REGION] + [--remote-traffic-selector=CIDR,[CIDR,...]] [--router=ROUTER] + [--router-region=ROUTER_REGION] [GCLOUD_WIDE_FLAG ...] DESCRIPTION (ALPHA) gcloud alpha compute vpn-tunnels create is used to create a Classic @@ -110,6 +116,27 @@ OPTIONAL FLAGS a Highly Available VPN gateway to an External Vpn Gateway. PEER_EXTERNAL_GATEWAY_INTERFACE must be one of: 0, 1, 2, 3. + --phase1-dh=GROUPS,[GROUPS,...] + Phase 1 Diffie-Hellman groups. + + --phase1-encryption=ALGORITHMS,[ALGORITHMS,...] + Phase 1 encryption algorithms. + + --phase1-integrity=ALGORITHMS,[ALGORITHMS,...] + Phase 1 integrity algorithms. + + --phase1-prf=PSEUDORANDOM FUNCTIONS,[...] + Phase 1 pseudorandom functions. + + --phase2-encryption=ALGORITHMS,[ALGORITHMS,...] + Phase 2 encryption algorithms. + + --phase2-integrity=ALGORITHMS,[ALGORITHMS,...] + Phase 2 integrity algorithms. + + --phase2-pfs=ALGORITHMS,[ALGORITHMS,...] + Phase 2 perfect forward secerecy algorithms. + --region=REGION Region of the VPN Tunnel to create. If not specified, you might be prompted to select a region (interactive mode only). diff --git a/gcloud/alpha/dataproc/clusters/create b/gcloud/alpha/dataproc/clusters/create index 489f16f92..32b8dd77b 100644 --- a/gcloud/alpha/dataproc/clusters/create +++ b/gcloud/alpha/dataproc/clusters/create @@ -57,8 +57,9 @@ SYNOPSIS : --gce-pd-kms-key-keyring=GCE_PD_KMS_KEY_KEYRING --gce-pd-kms-key-location=GCE_PD_KMS_KEY_LOCATION --gce-pd-kms-key-project=GCE_PD_KMS_KEY_PROJECT] - [--metadata=KEY=VALUE,[KEY=VALUE,...] --scopes=SCOPE,[SCOPE,...] - --service-account=SERVICE_ACCOUNT + [--metadata=KEY=VALUE,[KEY=VALUE,...] + --resource-manager-tags=KEY=VALUE,[KEY=VALUE,...] + --scopes=SCOPE,[SCOPE,...] --service-account=SERVICE_ACCOUNT --tags=TAG,[TAG,...] --network=NETWORK | --subnet=SUBNET --reservation=RESERVATION --reservation-affinity=RESERVATION_AFFINITY; default="any"] @@ -561,6 +562,10 @@ FLAGS Metadata to be made available to the guest operating system running on the instances + --resource-manager-tags=KEY=VALUE,[KEY=VALUE,...] + Specifies a list of resource manager tags to apply to each cluster + node (master and worker nodes). + --scopes=SCOPE,[SCOPE,...] Specifies scopes for the node instances. Multiple SCOPEs can be specified, separated by commas. Examples: diff --git a/gcloud/alpha/dataproc/workflow-templates/set-managed-cluster b/gcloud/alpha/dataproc/workflow-templates/set-managed-cluster index 1d766e178..603038e78 100644 --- a/gcloud/alpha/dataproc/workflow-templates/set-managed-cluster +++ b/gcloud/alpha/dataproc/workflow-templates/set-managed-cluster @@ -51,8 +51,9 @@ SYNOPSIS --kerberos-root-principal-password-uri=KERBEROS_ROOT_PRINCIPAL_PASSWORD_URI [--kerberos-kms-key=KERBEROS_KMS_KEY : --kerberos-kms-key-keyring=KERBEROS_KMS_KEY_KEYRING --kerberos-kms-key-location=KERBEROS_KMS_KEY_LOCATION --kerberos-kms-key-project=KERBEROS_KMS_KEY_PROJECT]] [--kms-key=KMS_KEY : --kms-keyring=KMS_KEYRING --kms-location=KMS_LOCATION --kms-project=KMS_PROJECT] - [--metadata=KEY=VALUE,[KEY=VALUE,...] --scopes=SCOPE,[SCOPE,...] - --service-account=SERVICE_ACCOUNT + [--metadata=KEY=VALUE,[KEY=VALUE,...] + --resource-manager-tags=KEY=VALUE,[KEY=VALUE,...] + --scopes=SCOPE,[SCOPE,...] --service-account=SERVICE_ACCOUNT --tags=TAG,[TAG,...] --network=NETWORK | --subnet=SUBNET --reservation=RESERVATION --reservation-affinity=RESERVATION_AFFINITY; default="any"] @@ -622,6 +623,10 @@ FLAGS Metadata to be made available to the guest operating system running on the instances + --resource-manager-tags=KEY=VALUE,[KEY=VALUE,...] + Specifies a list of resource manager tags to apply to each cluster + node (master and worker nodes). + --scopes=SCOPE,[SCOPE,...] Specifies scopes for the node instances. Multiple SCOPEs can be specified, separated by commas. Examples: diff --git a/gcloud/alpha/edge-cloud/container/clusters/create b/gcloud/alpha/edge-cloud/container/clusters/create index bf5e89e0a..3a6337d55 100644 --- a/gcloud/alpha/edge-cloud/container/clusters/create +++ b/gcloud/alpha/edge-cloud/container/clusters/create @@ -7,6 +7,7 @@ SYNOPSIS (CLUSTER : --location=LOCATION) [--admin-users=ADMIN_USERS] [--async] [--cluster-ipv4-cidr=CLUSTER_IPV4_CIDR; default="10.0.0.0/17"] [--cluster-ipv6-cidr=CLUSTER_IPV6_CIDR] + [--container-default-runtime-class=CONTAINER_DEFAULT_RUNTIME_CLASS] [--control-plane-kms-key=CONTROL_PLANE_KMS_KEY] [--control-plane-machine-filter=CONTROL_PLANE_MACHINE_FILTER] [--control-plane-node-count=CONTROL_PLANE_NODE_COUNT] @@ -89,6 +90,10 @@ FLAGS If specified, all pods in the cluster are assigned an RFC4193 IPv6 address from this block. This field cannot be changed after creation. + --container-default-runtime-class=CONTAINER_DEFAULT_RUNTIME_CLASS + Name of the default runtime class for containers. It supports two + values RUNC and GVISOR. + --control-plane-kms-key=CONTROL_PLANE_KMS_KEY Google Cloud KMS key that will be used to secure persistent disks of the control plane VMs of a remote control plane cluster. The Edge diff --git a/gcloud/alpha/functions/deploy b/gcloud/alpha/functions/deploy index 8e4ece3ff..36ee16726 100644 --- a/gcloud/alpha/functions/deploy +++ b/gcloud/alpha/functions/deploy @@ -116,12 +116,15 @@ FLAGS value. --docker-registry=DOCKER_REGISTRY - Docker Registry to use for storing the function's Docker images. The - option artifact-registry is used by default. + (DEPRECATED) Docker Registry to use for storing the function's Docker + images. The option artifact-registry is used by default. - Warning: Artifact Registry and Container Registry have different image - storage costs. For more details, please see - https://cloud.google.com/functions/pricing#deployment_costs. + With the general transition from Container Registry to + Artifact Registry, the option to specify docker registry is deprecated. + All container image storage and management will automatically + transition to Artifact Registry. + For more information, see + https://cloud.google.com/artifact-registry/docs/transition/transition-from-gcr DOCKER_REGISTRY must be one of: artifact-registry, container-registry. diff --git a/gcloud/alpha/iap/settings/get b/gcloud/alpha/iap/settings/get index dd1fcff5f..137950159 100644 --- a/gcloud/alpha/iap/settings/get +++ b/gcloud/alpha/iap/settings/get @@ -63,6 +63,23 @@ EXAMPLES --resource-type=backend-services --service=SERVICE_ID \ --region=REGION_ID + To get the IAP setting for all forwarding rules within a project, run: + + $ gcloud alpha iap settings get --project=PROJECT_ID \ + --resource-type=forwarding-rule + + To get the IAP setting for a forwarding rule within a project, run: + + $ gcloud alpha iap settings get --project=PROJECT_ID \ + --resource-type=forwarding-rule --service=SERVICE_ID + + To get the IAP setting for a regional forwarding rule within a project, + run: + + $ gcloud alpha iap settings get --project=PROJECT_ID \ + --resource-type=forwarding-rule --service=SERVICE_ID \ + --region=REGION_ID + FLAGS --folder=FOLDER Folder ID. diff --git a/gcloud/alpha/iap/settings/set b/gcloud/alpha/iap/settings/set index df7d84b5f..fabc3a59c 100644 --- a/gcloud/alpha/iap/settings/set +++ b/gcloud/alpha/iap/settings/set @@ -66,6 +66,23 @@ EXAMPLES --project=PROJECT_ID --resource-type=backend-services \ --service=SERVICE_ID --region=REGION_ID + To set the IAP setting for all forwarding rule within a project, run: + + $ gcloud alpha iap settings set iap_settings.yaml \ + --project=PROJECT_ID --resource-type=forwarding-rule + + To set the IAP setting for a forwarding rule within a project, run: + + $ gcloud alpha iap settings set iap_settings.yaml \ + --project=PROJECT_ID --resource-type=forwarding-rule \ + --service=SERVICE_ID + + To set the IAP setting for a region forwarding rule within a project, run: + + $ gcloud alpha iap settings set iap_settings.yaml \ + --project=PROJECT_ID --resource-type=forwarding-rule \ + --service=SERVICE_ID --region=REGION_ID + POSITIONAL ARGUMENTS SETTING_FILE JSON or YAML file containing the IAP resource settings. diff --git a/gcloud/alpha/kms/keys/create b/gcloud/alpha/kms/keys/create index d31f5eab3..db69a3d9c 100644 --- a/gcloud/alpha/kms/keys/create +++ b/gcloud/alpha/kms/keys/create @@ -204,16 +204,17 @@ OPTIONAL FLAGS aes-256-ctr, aes-256-gcm, ec-sign-ed25519, ec-sign-p256-sha256, ec-sign-p384-sha384, ec-sign-secp256k1-sha256, external-symmetric-encryption, google-symmetric-encryption, hmac-sha1, - hmac-sha224, hmac-sha256, hmac-sha384, hmac-sha512, - rsa-decrypt-oaep-2048-sha1, rsa-decrypt-oaep-2048-sha256, - rsa-decrypt-oaep-3072-sha1, rsa-decrypt-oaep-3072-sha256, - rsa-decrypt-oaep-4096-sha1, rsa-decrypt-oaep-4096-sha256, - rsa-decrypt-oaep-4096-sha512, rsa-sign-pkcs1-2048-sha256, - rsa-sign-pkcs1-3072-sha256, rsa-sign-pkcs1-4096-sha256, - rsa-sign-pkcs1-4096-sha512, rsa-sign-pss-2048-sha256, - rsa-sign-pss-3072-sha256, rsa-sign-pss-4096-sha256, - rsa-sign-pss-4096-sha512, rsa-sign-raw-pkcs1-2048, - rsa-sign-raw-pkcs1-3072, rsa-sign-raw-pkcs1-4096. + hmac-sha224, hmac-sha256, hmac-sha384, hmac-sha512, pq-sign-ml-dsa-65, + pq-sign-slh-dsa-sha2-128s, rsa-decrypt-oaep-2048-sha1, + rsa-decrypt-oaep-2048-sha256, rsa-decrypt-oaep-3072-sha1, + rsa-decrypt-oaep-3072-sha256, rsa-decrypt-oaep-4096-sha1, + rsa-decrypt-oaep-4096-sha256, rsa-decrypt-oaep-4096-sha512, + rsa-sign-pkcs1-2048-sha256, rsa-sign-pkcs1-3072-sha256, + rsa-sign-pkcs1-4096-sha256, rsa-sign-pkcs1-4096-sha512, + rsa-sign-pss-2048-sha256, rsa-sign-pss-3072-sha256, + rsa-sign-pss-4096-sha256, rsa-sign-pss-4096-sha512, + rsa-sign-raw-pkcs1-2048, rsa-sign-raw-pkcs1-3072, + rsa-sign-raw-pkcs1-4096. --destroy-scheduled-duration=DESTROY_SCHEDULED_DURATION The amount of time that versions of the key should spend in the diff --git a/gcloud/alpha/kms/keys/update b/gcloud/alpha/kms/keys/update index 01c8c44d1..9572df059 100644 --- a/gcloud/alpha/kms/keys/update +++ b/gcloud/alpha/kms/keys/update @@ -175,16 +175,17 @@ FLAGS aes-256-ctr, aes-256-gcm, ec-sign-ed25519, ec-sign-p256-sha256, ec-sign-p384-sha384, ec-sign-secp256k1-sha256, external-symmetric-encryption, google-symmetric-encryption, hmac-sha1, - hmac-sha224, hmac-sha256, hmac-sha384, hmac-sha512, - rsa-decrypt-oaep-2048-sha1, rsa-decrypt-oaep-2048-sha256, - rsa-decrypt-oaep-3072-sha1, rsa-decrypt-oaep-3072-sha256, - rsa-decrypt-oaep-4096-sha1, rsa-decrypt-oaep-4096-sha256, - rsa-decrypt-oaep-4096-sha512, rsa-sign-pkcs1-2048-sha256, - rsa-sign-pkcs1-3072-sha256, rsa-sign-pkcs1-4096-sha256, - rsa-sign-pkcs1-4096-sha512, rsa-sign-pss-2048-sha256, - rsa-sign-pss-3072-sha256, rsa-sign-pss-4096-sha256, - rsa-sign-pss-4096-sha512, rsa-sign-raw-pkcs1-2048, - rsa-sign-raw-pkcs1-3072, rsa-sign-raw-pkcs1-4096. + hmac-sha224, hmac-sha256, hmac-sha384, hmac-sha512, pq-sign-ml-dsa-65, + pq-sign-slh-dsa-sha2-128s, rsa-decrypt-oaep-2048-sha1, + rsa-decrypt-oaep-2048-sha256, rsa-decrypt-oaep-3072-sha1, + rsa-decrypt-oaep-3072-sha256, rsa-decrypt-oaep-4096-sha1, + rsa-decrypt-oaep-4096-sha256, rsa-decrypt-oaep-4096-sha512, + rsa-sign-pkcs1-2048-sha256, rsa-sign-pkcs1-3072-sha256, + rsa-sign-pkcs1-4096-sha256, rsa-sign-pkcs1-4096-sha512, + rsa-sign-pss-2048-sha256, rsa-sign-pss-3072-sha256, + rsa-sign-pss-4096-sha256, rsa-sign-pss-4096-sha512, + rsa-sign-raw-pkcs1-2048, rsa-sign-raw-pkcs1-3072, + rsa-sign-raw-pkcs1-4096. --next-rotation-time=NEXT_ROTATION_TIME Next automatic rotation time of the key. See $ gcloud topic datetimes diff --git a/gcloud/alpha/kms/keys/versions/get-public-key b/gcloud/alpha/kms/keys/versions/get-public-key index 5bedc8f2a..6d2c38b91 100644 --- a/gcloud/alpha/kms/keys/versions/get-public-key +++ b/gcloud/alpha/kms/keys/versions/get-public-key @@ -5,22 +5,29 @@ NAME SYNOPSIS gcloud alpha kms keys versions get-public-key VERSION [--key=KEY] [--keyring=KEYRING] [--location=LOCATION] [--output-file=OUTPUT_FILE] - [GCLOUD_WIDE_FLAG ...] + [--public-key-format=PUBLIC_KEY_FORMAT] [GCLOUD_WIDE_FLAG ...] DESCRIPTION - (ALPHA) Returns the PEM-format public key for the specified asymmetric key - version. + (ALPHA) Returns the public key of the given asymmetric key version in the + specified format. - The optional flag output-file indicates the path to store PEM. If not - specified. PEM will be printed to stdout. + The optional flag output-file indicates the path to store the public key. + If not specified, the public key will be printed to stdout. + + The optional flag public-key-format indicates the format in which the + public key will be returned. For the PQC algorithms, this must be specified + and set to NIST_PQC. For all other algorithms, this flag is optional and + defaults to PEM. See "Retrieve a public key" in the Cloud KMS documentation + (https://cloud.google.com/kms/docs/retrieve-public-key) for more + information about the supported formats. EXAMPLES The following command saves the public key for CryptoKey frodo Version 2 to - '/tmp/my/pem.file': + '/tmp/my/public_key.file': $ gcloud alpha kms keys versions get-public-key 2 --key=frodo \ --keyring=fellowship --location=us-east1 \ - --output-file=/tmp/my/pem.file + --public-key-format=PEM --output-file=/tmp/my/public_key.file POSITIONAL ARGUMENTS VERSION @@ -37,7 +44,10 @@ FLAGS Location of the keyring. --output-file=OUTPUT_FILE - Path to the output file to store PEM. + Path to the output file to store public key. + + --public-key-format=PUBLIC_KEY_FORMAT + The format in which the public key will be returned. GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, diff --git a/gcloud/alpha/kms/keys/versions/import b/gcloud/alpha/kms/keys/versions/import index 5438988c0..9957e364a 100644 --- a/gcloud/alpha/kms/keys/versions/import +++ b/gcloud/alpha/kms/keys/versions/import @@ -34,16 +34,17 @@ REQUIRED FLAGS aes-128-cbc, aes-128-ctr, aes-128-gcm, aes-256-cbc, aes-256-ctr, aes-256-gcm, ec-sign-ed25519, ec-sign-p256-sha256, ec-sign-p384-sha384, ec-sign-secp256k1-sha256, google-symmetric-encryption, hmac-sha1, - hmac-sha224, hmac-sha256, hmac-sha384, hmac-sha512, - rsa-decrypt-oaep-2048-sha1, rsa-decrypt-oaep-2048-sha256, - rsa-decrypt-oaep-3072-sha1, rsa-decrypt-oaep-3072-sha256, - rsa-decrypt-oaep-4096-sha1, rsa-decrypt-oaep-4096-sha256, - rsa-decrypt-oaep-4096-sha512, rsa-sign-pkcs1-2048-sha256, - rsa-sign-pkcs1-3072-sha256, rsa-sign-pkcs1-4096-sha256, - rsa-sign-pkcs1-4096-sha512, rsa-sign-pss-2048-sha256, - rsa-sign-pss-3072-sha256, rsa-sign-pss-4096-sha256, - rsa-sign-pss-4096-sha512, rsa-sign-raw-pkcs1-2048, - rsa-sign-raw-pkcs1-3072, rsa-sign-raw-pkcs1-4096. + hmac-sha224, hmac-sha256, hmac-sha384, hmac-sha512, pq-sign-ml-dsa-65, + pq-sign-slh-dsa-sha2-128s, rsa-decrypt-oaep-2048-sha1, + rsa-decrypt-oaep-2048-sha256, rsa-decrypt-oaep-3072-sha1, + rsa-decrypt-oaep-3072-sha256, rsa-decrypt-oaep-4096-sha1, + rsa-decrypt-oaep-4096-sha256, rsa-decrypt-oaep-4096-sha512, + rsa-sign-pkcs1-2048-sha256, rsa-sign-pkcs1-3072-sha256, + rsa-sign-pkcs1-4096-sha256, rsa-sign-pkcs1-4096-sha512, + rsa-sign-pss-2048-sha256, rsa-sign-pss-3072-sha256, + rsa-sign-pss-4096-sha256, rsa-sign-pss-4096-sha512, + rsa-sign-raw-pkcs1-2048, rsa-sign-raw-pkcs1-3072, + rsa-sign-raw-pkcs1-4096. --import-job=IMPORT_JOB Name of the import job to import from. diff --git a/gcloud/alpha/network-security/backend-authentication-configs/create b/gcloud/alpha/network-security/backend-authentication-configs/create new file mode 100644 index 000000000..71fd07fe5 --- /dev/null +++ b/gcloud/alpha/network-security/backend-authentication-configs/create @@ -0,0 +1,96 @@ +NAME + gcloud alpha network-security backend-authentication-configs create - + create a BackendAuthenticationConfig + +SYNOPSIS + gcloud alpha network-security backend-authentication-configs create + (BACKEND_AUTHENTICATION_CONFIG : --location=LOCATION) [--async] + [--client-certificate=CLIENT_CERTIFICATE] [--description=DESCRIPTION] + [--labels=[KEY=VALUE,...]] [--trust-config=TRUST_CONFIG] + [--well-known-roots=WELL_KNOWN_ROOTS] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (ALPHA) Create a new BackendAuthenticationConfig. + +EXAMPLES + To create a config named backend-authentication-config, run: + + $ gcloud alpha network-security backend-authentication-configs \ + create backend-authentication-config \ + --trust-config=projects/my-project/locations/global/\ + trustConfigs/my-trust-config --location=global + +POSITIONAL ARGUMENTS + Backend authentication config resource - Realm to be created. The + arguments in this group can be used to specify the attributes of this + resource. (NOTE) Some attributes are not given arguments in this group but + can be set in other ways. + + To set the project attribute: + ◆ provide the argument backend_authentication_config on the command + line with a fully specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + BACKEND_AUTHENTICATION_CONFIG + ID of the backend authentication config or fully qualified identifier + for the backend authentication config. + + To set the backend_authentication_config attribute: + ▸ provide the argument backend_authentication_config on the command + line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + The location Id. + + To set the location attribute: + ▸ provide the argument backend_authentication_config on the command + line with a fully specified name; + ▸ provide the argument --location on the command line. + +FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. + + --client-certificate=CLIENT_CERTIFICATE + ID of certificate resource. + + --description=DESCRIPTION + Description of the backend authentication config. + + --labels=[KEY=VALUE,...] + List of label KEY=VALUE pairs to add. + + --trust-config=TRUST_CONFIG + ID of trust config resource. + + --well-known-roots=WELL_KNOWN_ROOTS + Indicates whether the load balancer should trust backend server + certificates. WELL_KNOWN_ROOTS must be one of: none, public-roots. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +API REFERENCE + This command uses the networksecurity/v1alpha1 API. The full documentation + for this API can be found at: https://cloud.google.com/networking + +NOTES + This command is currently in alpha and might change without notice. If this + command fails with API permission errors despite specifying the correct + project, you might be trying to access an API with an invitation-only early + access allowlist. This variant is also available: + + $ gcloud beta network-security backend-authentication-configs create + diff --git a/gcloud/alpha/network-security/backend-authentication-configs/delete b/gcloud/alpha/network-security/backend-authentication-configs/delete new file mode 100644 index 000000000..e193f00f3 --- /dev/null +++ b/gcloud/alpha/network-security/backend-authentication-configs/delete @@ -0,0 +1,81 @@ +NAME + gcloud alpha network-security backend-authentication-configs delete - + delete BackendAuthenticationConfig + +SYNOPSIS + gcloud alpha network-security backend-authentication-configs delete + (BACKEND_AUTHENTICATION_CONFIG : --location=LOCATION) [--async] + [--etag=ETAG] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (ALPHA) Delete the specified BackendAuthenticationConfig. + +EXAMPLES + To delete a BackendAuthenticationConfig called + 'my-backend-authentication-config', run: + + $ gcloud alpha network-security backend-authentication-configs \ + delete my-backend-authentication-config --location=global + +POSITIONAL ARGUMENTS + Backend authentication config resource - Name of the + BackendAuthenticationConfig you want to delete. The arguments in this + group can be used to specify the attributes of this resource. (NOTE) Some + attributes are not given arguments in this group but can be set in other + ways. + + To set the project attribute: + ◆ provide the argument backend_authentication_config on the command + line with a fully specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + BACKEND_AUTHENTICATION_CONFIG + ID of the backend authentication config or fully qualified identifier + for the backend authentication config. + + To set the backend_authentication_config attribute: + ▸ provide the argument backend_authentication_config on the command + line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + The location Id. + + To set the location attribute: + ▸ provide the argument backend_authentication_config on the command + line with a fully specified name; + ▸ provide the argument --location on the command line. + +FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. + + --etag=ETAG + The entity-tag of the BackendAuthenticationConfig. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +API REFERENCE + This command uses the networksecurity/v1alpha1 API. The full documentation + for this API can be found at: https://cloud.google.com/networking + +NOTES + This command is currently in alpha and might change without notice. If this + command fails with API permission errors despite specifying the correct + project, you might be trying to access an API with an invitation-only early + access allowlist. This variant is also available: + + $ gcloud beta network-security backend-authentication-configs delete + diff --git a/gcloud/alpha/network-security/backend-authentication-configs/describe b/gcloud/alpha/network-security/backend-authentication-configs/describe new file mode 100644 index 000000000..14e43d08e --- /dev/null +++ b/gcloud/alpha/network-security/backend-authentication-configs/describe @@ -0,0 +1,73 @@ +NAME + gcloud alpha network-security backend-authentication-configs describe - + describe BackendAuthenticationConfig + +SYNOPSIS + gcloud alpha network-security backend-authentication-configs describe + (BACKEND_AUTHENTICATION_CONFIG : --location=LOCATION) + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (ALPHA) Describe the specified BackendAuthenticationConfig. + +EXAMPLES + To describe a BackendAuthenticationConfig called + 'my-backend-authentication-config', run: + + $ gcloud alpha network-security backend-authentication-configs \ + describe my-backend-authentication-config --location=global + +POSITIONAL ARGUMENTS + Backend authentication config resource - The BackendAuthenticationConfig + you want to describe. The arguments in this group can be used to specify + the attributes of this resource. (NOTE) Some attributes are not given + arguments in this group but can be set in other ways. + + To set the project attribute: + ◆ provide the argument backend_authentication_config on the command + line with a fully specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + BACKEND_AUTHENTICATION_CONFIG + ID of the backend authentication config or fully qualified identifier + for the backend authentication config. + + To set the backend_authentication_config attribute: + ▸ provide the argument backend_authentication_config on the command + line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + The location Id. + + To set the location attribute: + ▸ provide the argument backend_authentication_config on the command + line with a fully specified name; + ▸ provide the argument --location on the command line. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +API REFERENCE + This command uses the networksecurity/v1alpha1 API. The full documentation + for this API can be found at: https://cloud.google.com/networking + +NOTES + This command is currently in alpha and might change without notice. If this + command fails with API permission errors despite specifying the correct + project, you might be trying to access an API with an invitation-only early + access allowlist. This variant is also available: + + $ gcloud beta network-security backend-authentication-configs \ + describe + diff --git a/gcloud/alpha/network-security/backend-authentication-configs/export b/gcloud/alpha/network-security/backend-authentication-configs/export new file mode 100644 index 000000000..bd16e4d77 --- /dev/null +++ b/gcloud/alpha/network-security/backend-authentication-configs/export @@ -0,0 +1,81 @@ +NAME + gcloud alpha network-security backend-authentication-configs export - + export BackendAuthenticationConfig + +SYNOPSIS + gcloud alpha network-security backend-authentication-configs export + (BACKEND_AUTHENTICATION_CONFIG : --location=LOCATION) + [--destination=DESTINATION] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (ALPHA) Export a BackendAuthenticationConfig. + +EXAMPLES + To export a BackendAuthenticationConfig, run: + + $ gcloud alpha network-security backend-authentication-configs \ + export my-backend-authentication-config \ + --destination=my-backend-authentication-config.yaml \ + --location=global + +POSITIONAL ARGUMENTS + Backend authentication config resource - Name of the + BackendAuthenticationConfig to export. The arguments in this group can be + used to specify the attributes of this resource. (NOTE) Some attributes + are not given arguments in this group but can be set in other ways. + + To set the project attribute: + ◆ provide the argument backend_authentication_config on the command + line with a fully specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + BACKEND_AUTHENTICATION_CONFIG + ID of the backend authentication config or fully qualified identifier + for the backend authentication config. + + To set the backend_authentication_config attribute: + ▸ provide the argument backend_authentication_config on the command + line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + The location Id. + + To set the location attribute: + ▸ provide the argument backend_authentication_config on the command + line with a fully specified name; + ▸ provide the argument --location on the command line. + +FLAGS + --destination=DESTINATION + Path to a YAML file where the configuration will be exported. The + exported data will not contain any output-only fields. Alternatively, + you may omit this flag to write to standard output. For a schema + describing the export/import format, see + $CLOUDSDKROOT/lib/googlecloudsdk/schemas/... + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +API REFERENCE + This command uses the networksecurity/v1alpha1 API. The full documentation + for this API can be found at: https://cloud.google.com/networking + +NOTES + This command is currently in alpha and might change without notice. If this + command fails with API permission errors despite specifying the correct + project, you might be trying to access an API with an invitation-only early + access allowlist. This variant is also available: + + $ gcloud beta network-security backend-authentication-configs export + diff --git a/gcloud/alpha/network-security/backend-authentication-configs/help b/gcloud/alpha/network-security/backend-authentication-configs/help new file mode 100644 index 000000000..9a6b72a22 --- /dev/null +++ b/gcloud/alpha/network-security/backend-authentication-configs/help @@ -0,0 +1,45 @@ +NAME + gcloud alpha network-security backend-authentication-configs - manage + Network Security BackendAuthenticationConfigs + +SYNOPSIS + gcloud alpha network-security backend-authentication-configs COMMAND + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (ALPHA) Manage Network Security BackendAuthenticationConfigs. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --help. + + Run $ gcloud help for details. + +COMMANDS + COMMAND is one of the following: + + create + (ALPHA) Create a BackendAuthenticationConfig. + + delete + (ALPHA) Delete BackendAuthenticationConfig. + + describe + (ALPHA) Describe BackendAuthenticationConfig. + + export + (ALPHA) Export BackendAuthenticationConfig. + + import + (ALPHA) Import BackendAuthenticationConfigs. + + list + (ALPHA) List BackendAuthenticationConfigs. + +NOTES + This command is currently in alpha and might change without notice. If this + command fails with API permission errors despite specifying the correct + project, you might be trying to access an API with an invitation-only early + access allowlist. This variant is also available: + + $ gcloud beta network-security backend-authentication-configs + diff --git a/gcloud/alpha/network-security/backend-authentication-configs/import b/gcloud/alpha/network-security/backend-authentication-configs/import new file mode 100644 index 000000000..cc3ca8f6f --- /dev/null +++ b/gcloud/alpha/network-security/backend-authentication-configs/import @@ -0,0 +1,87 @@ +NAME + gcloud alpha network-security backend-authentication-configs import - + import BackendAuthenticationConfigs + +SYNOPSIS + gcloud alpha network-security backend-authentication-configs import + (BACKEND_AUTHENTICATION_CONFIG : --location=LOCATION) [--async] + [--source=SOURCE] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (ALPHA) Import a BackendAuthenticationConfigs. + +EXAMPLES + To import a BackendAuthenticationConfigs from a YAML file, run: + + $ gcloud alpha network-security backend-authentication-configs \ + import my-backend-authentication-config \ + --source=my-backend-authentication-config.yaml --location=global + +POSITIONAL ARGUMENTS + Backend authentication config resource - Name of the + BackendAuthenticationConfigs to import. The arguments in this group can be + used to specify the attributes of this resource. (NOTE) Some attributes + are not given arguments in this group but can be set in other ways. + + To set the project attribute: + ◆ provide the argument backend_authentication_config on the command + line with a fully specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + BACKEND_AUTHENTICATION_CONFIG + ID of the backend authentication config or fully qualified identifier + for the backend authentication config. + + To set the backend_authentication_config attribute: + ▸ provide the argument backend_authentication_config on the command + line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + The location Id. + + To set the location attribute: + ▸ provide the argument backend_authentication_config on the command + line with a fully specified name; + ▸ provide the argument --location on the command line. + +FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. + + --source=SOURCE + Path to a YAML file containing the configuration export data. The YAML + file must not contain any output-only fields. Alternatively, you may + omit this flag to read from standard input. For a schema describing the + export/import format, see: $CLOUDSDKROOT/lib/googlecloudsdk/schemas/... + + $CLOUDSDKROOT is can be obtained with the following command: + + $ gcloud info --format='value(installation.sdk_root)' + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +API REFERENCE + This command uses the networksecurity/v1alpha1 API. The full documentation + for this API can be found at: https://cloud.google.com/networking + +NOTES + This command is currently in alpha and might change without notice. If this + command fails with API permission errors despite specifying the correct + project, you might be trying to access an API with an invitation-only early + access allowlist. This variant is also available: + + $ gcloud beta network-security backend-authentication-configs import + diff --git a/gcloud/alpha/network-security/backend-authentication-configs/list b/gcloud/alpha/network-security/backend-authentication-configs/list new file mode 100644 index 000000000..78a1cdadb --- /dev/null +++ b/gcloud/alpha/network-security/backend-authentication-configs/list @@ -0,0 +1,90 @@ +NAME + gcloud alpha network-security backend-authentication-configs list - list + BackendAuthenticationConfigs + +SYNOPSIS + gcloud alpha network-security backend-authentication-configs list + [--location=LOCATION] [--filter=EXPRESSION] [--limit=LIMIT] + [--page-size=PAGE_SIZE] [--sort-by=[FIELD,...]] [--uri] + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (ALPHA) List all BackendAuthenticationConfigs in the current project. + +EXAMPLES + To list BackendAuthenticationConfigs in the current project, run: + + $ gcloud alpha network-security backend-authentication-configs list + +FLAGS + Location resource - The location of the BackendAuthenticationConfigs to + display. This represents a Cloud resource. (NOTE) Some attributes are not + given arguments in this group but can be set in other ways. + + To set the project attribute: + ◆ provide the argument --location on the command line with a fully + specified name; + ◆ if left empty, will use the wildcard '-' to list all locations with a + fully specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + --location=LOCATION + ID of the location or fully qualified identifier for the location. + + To set the location attribute: + ▸ provide the argument --location on the command line; + ▸ if left empty, will use the wildcard '-' to list all locations. + +LIST COMMAND FLAGS + --filter=EXPRESSION + Apply a Boolean filter EXPRESSION to each resource item to be listed. + If the expression evaluates True, then that item is listed. For more + details and examples of filter expressions, run $ gcloud topic filters. + This flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --limit=LIMIT + Maximum number of resources to list. The default is unlimited. This + flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --page-size=PAGE_SIZE + Some services group resource list output into pages. This flag + specifies the maximum number of resources per page. The default is + determined by the service if it supports paging, otherwise it is + unlimited (no paging). Paging may be applied before or after --filter + and --limit depending on the service. + + --sort-by=[FIELD,...] + Comma-separated list of resource field key names to sort by. The + default order is ascending. Prefix a field with ``~'' for descending + order on that field. This flag interacts with other flags that are + applied in this order: --flatten, --sort-by, --filter, --limit. + + --uri + Print a list of resource URIs instead of the default output, and change + the command output to a list of URIs. If this flag is used with + --format, the formatting is applied on this URI list. To display URIs + alongside other keys instead, use the uri() transform. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +API REFERENCE + This command uses the networksecurity/v1alpha1 API. The full documentation + for this API can be found at: https://cloud.google.com/networking + +NOTES + This command is currently in alpha and might change without notice. If this + command fails with API permission errors despite specifying the correct + project, you might be trying to access an API with an invitation-only early + access allowlist. This variant is also available: + + $ gcloud beta network-security backend-authentication-configs list + diff --git a/gcloud/alpha/network-security/help b/gcloud/alpha/network-security/help index 0a2689ae1..0347832bc 100644 --- a/gcloud/alpha/network-security/help +++ b/gcloud/alpha/network-security/help @@ -21,6 +21,9 @@ GROUPS authorization-policies (ALPHA) Manage Network Security AuthorizationPolicies. + backend-authentication-configs + (ALPHA) Manage Network Security BackendAuthenticationConfigs. + client-tls-policies (ALPHA) Manage Network Security ClientTlsPolicies. diff --git a/gcloud/alpha/network-security/security-profiles/custom-mirroring/create b/gcloud/alpha/network-security/security-profiles/custom-mirroring/create index c2956bd04..fe26b70b2 100644 --- a/gcloud/alpha/network-security/security-profiles/custom-mirroring/create +++ b/gcloud/alpha/network-security/security-profiles/custom-mirroring/create @@ -120,7 +120,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud network-security security-profiles custom-mirroring create $ gcloud beta network-security security-profiles custom-mirroring \ create diff --git a/gcloud/alpha/network-security/security-profiles/custom-mirroring/delete b/gcloud/alpha/network-security/security-profiles/custom-mirroring/delete index 93e5c876e..4c2f14650 100644 --- a/gcloud/alpha/network-security/security-profiles/custom-mirroring/delete +++ b/gcloud/alpha/network-security/security-profiles/custom-mirroring/delete @@ -71,7 +71,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud network-security security-profiles custom-mirroring delete $ gcloud beta network-security security-profiles custom-mirroring \ delete diff --git a/gcloud/alpha/network-security/security-profiles/custom-mirroring/describe b/gcloud/alpha/network-security/security-profiles/custom-mirroring/describe index ecdce4f2d..5c091d3bf 100644 --- a/gcloud/alpha/network-security/security-profiles/custom-mirroring/describe +++ b/gcloud/alpha/network-security/security-profiles/custom-mirroring/describe @@ -66,7 +66,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud network-security security-profiles custom-mirroring describe $ gcloud beta network-security security-profiles custom-mirroring \ describe diff --git a/gcloud/alpha/network-security/security-profiles/custom-mirroring/help b/gcloud/alpha/network-security/security-profiles/custom-mirroring/help index fac5ef6dc..db7d4b5e9 100644 --- a/gcloud/alpha/network-security/security-profiles/custom-mirroring/help +++ b/gcloud/alpha/network-security/security-profiles/custom-mirroring/help @@ -37,7 +37,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud network-security security-profiles custom-mirroring $ gcloud beta network-security security-profiles custom-mirroring diff --git a/gcloud/alpha/network-security/security-profiles/custom-mirroring/list b/gcloud/alpha/network-security/security-profiles/custom-mirroring/list index 4e5061c75..9ccd65560 100644 --- a/gcloud/alpha/network-security/security-profiles/custom-mirroring/list +++ b/gcloud/alpha/network-security/security-profiles/custom-mirroring/list @@ -83,7 +83,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud network-security security-profiles custom-mirroring list $ gcloud beta network-security security-profiles custom-mirroring \ list diff --git a/gcloud/alpha/network-security/security-profiles/custom-mirroring/update b/gcloud/alpha/network-security/security-profiles/custom-mirroring/update index 7101482fc..7866f9297 100644 --- a/gcloud/alpha/network-security/security-profiles/custom-mirroring/update +++ b/gcloud/alpha/network-security/security-profiles/custom-mirroring/update @@ -112,7 +112,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud network-security security-profiles custom-mirroring update $ gcloud beta network-security security-profiles custom-mirroring \ update diff --git a/gcloud/alpha/run/deploy b/gcloud/alpha/run/deploy index fdf402e9a..27ea9e669 100644 --- a/gcloud/alpha/run/deploy +++ b/gcloud/alpha/run/deploy @@ -8,7 +8,7 @@ SYNOPSIS [--concurrency=CONCURRENCY] [--container=CONTAINER] [--[no-]cpu-boost] [--[no-]cpu-throttling] [--[no-]default-url] [--delegate-builds] [--[no-]deploy-health-check] [--description=DESCRIPTION] - [--execution-environment=EXECUTION_ENVIRONMENT] + [--execution-environment=EXECUTION_ENVIRONMENT] [--gpu-type=GPU_TYPE] [--ingress=INGRESS; default="all"] [--[no-]invoker-iam-check] [--max=MAX] [--max-instances=MAX_INSTANCES] [--max-surge=MAX_SURGE] [--max-unavailable=MAX_UNAVAILABLE] [--mesh=MESH] [--min=MIN] @@ -185,6 +185,9 @@ FLAGS gen2 Run the application in a second generation execution environment. + --gpu-type=GPU_TYPE + The GPU type to use. + --ingress=INGRESS; default="all" Set the ingress traffic sources allowed to call the service. For Cloud Run the --[no-]allow-unauthenticated flag separately controls the @@ -457,7 +460,7 @@ FLAGS --gpu=GPU Cloud Run supports values 0 or 1. 1 gpu also requires a minimum 4 - --cpu value 1 gpu also requires a minimum 8Gi --memory value. + --cpu value and a minimum 8Gi --memory value. --liveness-probe=[KEY=VALUE,...] Comma separated settings for liveness probe in the form KEY=VALUE. diff --git a/gcloud/alpha/run/jobs/create b/gcloud/alpha/run/jobs/create index 7d9f07d6c..25696ec08 100644 --- a/gcloud/alpha/run/jobs/create +++ b/gcloud/alpha/run/jobs/create @@ -3,10 +3,10 @@ NAME SYNOPSIS gcloud alpha run jobs create [JOB] [--binary-authorization=POLICY] - [--breakglass=JUSTIFICATION] [--container=CONTAINER] [--key=KEY] - [--labels=[KEY=VALUE,...]] [--max-retries=MAX_RETRIES] - [--parallelism=PARALLELISM] [--region=REGION] - [--service-account=SERVICE_ACCOUNT] + [--breakglass=JUSTIFICATION] [--container=CONTAINER] + [--gpu-type=GPU_TYPE] [--key=KEY] [--labels=[KEY=VALUE,...]] + [--max-retries=MAX_RETRIES] [--parallelism=PARALLELISM] + [--region=REGION] [--service-account=SERVICE_ACCOUNT] [--set-cloudsql-instances=[CLOUDSQL-INSTANCES,...]] [--task-timeout=TASK_TIMEOUT] [--tasks=TASKS; default=1] [--vpc-connector=VPC_CONNECTOR] [--vpc-egress=VPC_EGRESS] @@ -14,7 +14,8 @@ SYNOPSIS --clear-volumes --remove-volume=[VOLUME,...]] [--add-volume-mount=[volume=NAME,mount-path=MOUNT_PATH,...] --args=[ARG,...] --clear-volume-mounts --command=[COMMAND,...] - --cpu=CPU --depends-on=[CONTAINER,...] --image=IMAGE --memory=MEMORY + --cpu=CPU --depends-on=[CONTAINER,...] --gpu=GPU --image=IMAGE + --memory=MEMORY --remove-volume-mount=[MOUNT_PATH,...] --clear-env-vars | --env-vars-file=FILE_PATH | --set-env-vars=[KEY=VALUE,...] | --remove-env-vars=[KEY,...] @@ -76,6 +77,9 @@ FLAGS Specifies a container by name. Flags following --container will apply to the specified container. + --gpu-type=GPU_TYPE + The GPU type to use. + --key=KEY CMEK key reference to encrypt the container with. @@ -232,6 +236,10 @@ FLAGS --depends-on=[CONTAINER,...] List of container dependencies to add to the current container. + --gpu=GPU + Cloud Run supports values 0 or 1. 1 gpu also requires a minimum 4 + --cpu value and a minimum 8Gi --memory value. + --image=IMAGE Name of the container image to deploy (e.g. us-docker.pkg.dev/cloudrun/container/job:latest). diff --git a/gcloud/alpha/run/jobs/deploy b/gcloud/alpha/run/jobs/deploy index 3b062bec3..d20ae078c 100644 --- a/gcloud/alpha/run/jobs/deploy +++ b/gcloud/alpha/run/jobs/deploy @@ -3,10 +3,10 @@ NAME SYNOPSIS gcloud alpha run jobs deploy [JOB] [--binary-authorization=POLICY] - [--breakglass=JUSTIFICATION] [--container=CONTAINER] [--key=KEY] - [--labels=[KEY=VALUE,...]] [--max-retries=MAX_RETRIES] - [--parallelism=PARALLELISM] [--region=REGION] - [--remove-containers=[CONTAINER,...]] + [--breakglass=JUSTIFICATION] [--container=CONTAINER] + [--gpu-type=GPU_TYPE] [--key=KEY] [--labels=[KEY=VALUE,...]] + [--max-retries=MAX_RETRIES] [--parallelism=PARALLELISM] + [--region=REGION] [--remove-containers=[CONTAINER,...]] [--service-account=SERVICE_ACCOUNT] [--set-cloudsql-instances=[CLOUDSQL-INSTANCES,...]] [--task-timeout=TASK_TIMEOUT] [--tasks=TASKS; default=1] @@ -15,7 +15,7 @@ SYNOPSIS --clear-volumes --remove-volume=[VOLUME,...]] [--add-volume-mount=[volume=NAME,mount-path=MOUNT_PATH,...] --args=[ARG,...] --clear-volume-mounts --command=[COMMAND,...] - --cpu=CPU --depends-on=[CONTAINER,...] --memory=MEMORY + --cpu=CPU --depends-on=[CONTAINER,...] --gpu=GPU --memory=MEMORY --remove-volume-mount=[MOUNT_PATH,...] --clear-env-vars | --env-vars-file=FILE_PATH | --set-env-vars=[KEY=VALUE,...] | --remove-env-vars=[KEY,...] @@ -78,6 +78,9 @@ FLAGS Specifies a container by name. Flags following --container will apply to the specified container. + --gpu-type=GPU_TYPE + The GPU type to use. + --key=KEY CMEK key reference to encrypt the container with. @@ -238,6 +241,10 @@ FLAGS --depends-on=[CONTAINER,...] List of container dependencies to add to the current container. + --gpu=GPU + Cloud Run supports values 0 or 1. 1 gpu also requires a minimum 4 + --cpu value and a minimum 8Gi --memory value. + --memory=MEMORY Set a memory limit. Ex: 1024Mi, 4Gi. diff --git a/gcloud/alpha/run/jobs/update b/gcloud/alpha/run/jobs/update index fdaf91b8b..908f89878 100644 --- a/gcloud/alpha/run/jobs/update +++ b/gcloud/alpha/run/jobs/update @@ -3,8 +3,8 @@ NAME SYNOPSIS gcloud alpha run jobs update [JOB] [--breakglass=JUSTIFICATION] - [--clear-vpc-connector] [--container=CONTAINER] [--key=KEY] - [--max-retries=MAX_RETRIES] [--parallelism=PARALLELISM] + [--clear-vpc-connector] [--container=CONTAINER] [--gpu-type=GPU_TYPE] + [--key=KEY] [--max-retries=MAX_RETRIES] [--parallelism=PARALLELISM] [--region=REGION] [--remove-containers=[CONTAINER,...]] [--service-account=SERVICE_ACCOUNT] [--task-timeout=TASK_TIMEOUT] [--tasks=TASKS; default=1] [--vpc-connector=VPC_CONNECTOR] @@ -17,7 +17,8 @@ SYNOPSIS --clear-volumes --remove-volume=[VOLUME,...]] [--add-volume-mount=[volume=NAME,mount-path=MOUNT_PATH,...] --args=[ARG,...] --clear-volume-mounts --command=[COMMAND,...] - --cpu=CPU --depends-on=[CONTAINER,...] --image=IMAGE --memory=MEMORY + --cpu=CPU --depends-on=[CONTAINER,...] --gpu=GPU --image=IMAGE + --memory=MEMORY --remove-volume-mount=[MOUNT_PATH,...] --clear-env-vars | --env-vars-file=FILE_PATH | --set-env-vars=[KEY=VALUE,...] | --remove-env-vars=[KEY,...] @@ -76,6 +77,9 @@ FLAGS Specifies a container by name. Flags following --container will apply to the specified container. + --gpu-type=GPU_TYPE + The GPU type to use. + --key=KEY CMEK key reference to encrypt the container with. @@ -248,6 +252,10 @@ FLAGS --depends-on=[CONTAINER,...] List of container dependencies to add to the current container. + --gpu=GPU + Cloud Run supports values 0 or 1. 1 gpu also requires a minimum 4 + --cpu value and a minimum 8Gi --memory value. + --image=IMAGE Name of the container image to deploy (e.g. us-docker.pkg.dev/cloudrun/container/job:latest). diff --git a/gcloud/alpha/run/multi-region-services/update b/gcloud/alpha/run/multi-region-services/update index 0f662738b..783417b6d 100644 --- a/gcloud/alpha/run/multi-region-services/update +++ b/gcloud/alpha/run/multi-region-services/update @@ -10,7 +10,7 @@ SYNOPSIS [--concurrency=CONCURRENCY] [--container=CONTAINER] [--[no-]cpu-boost] [--[no-]cpu-throttling] [--[no-]default-url] [--[no-]deploy-health-check] [--description=DESCRIPTION] - [--execution-environment=EXECUTION_ENVIRONMENT] + [--execution-environment=EXECUTION_ENVIRONMENT] [--gpu-type=GPU_TYPE] [--ingress=INGRESS; default="all"] [--[no-]invoker-iam-check] [--max=MAX] [--max-instances=MAX_INSTANCES] [--max-surge=MAX_SURGE] [--max-unavailable=MAX_UNAVAILABLE] [--mesh=MESH] [--min=MIN] @@ -152,6 +152,9 @@ FLAGS gen2 Run the application in a second generation execution environment. + --gpu-type=GPU_TYPE + The GPU type to use. + --ingress=INGRESS; default="all" Set the ingress traffic sources allowed to call the service. For Cloud Run the --[no-]allow-unauthenticated flag separately controls the diff --git a/gcloud/alpha/run/services/update b/gcloud/alpha/run/services/update index 5975566d8..87a79f4b4 100644 --- a/gcloud/alpha/run/services/update +++ b/gcloud/alpha/run/services/update @@ -8,7 +8,7 @@ SYNOPSIS [--concurrency=CONCURRENCY] [--container=CONTAINER] [--[no-]cpu-boost] [--[no-]cpu-throttling] [--[no-]default-url] [--[no-]deploy-health-check] [--description=DESCRIPTION] - [--execution-environment=EXECUTION_ENVIRONMENT] + [--execution-environment=EXECUTION_ENVIRONMENT] [--gpu-type=GPU_TYPE] [--ingress=INGRESS; default="all"] [--[no-]invoker-iam-check] [--max=MAX] [--max-instances=MAX_INSTANCES] [--max-surge=MAX_SURGE] [--max-unavailable=MAX_UNAVAILABLE] [--mesh=MESH] [--min=MIN] @@ -152,6 +152,9 @@ FLAGS gen2 Run the application in a second generation execution environment. + --gpu-type=GPU_TYPE + The GPU type to use. + --ingress=INGRESS; default="all" Set the ingress traffic sources allowed to call the service. For Cloud Run the --[no-]allow-unauthenticated flag separately controls the @@ -424,7 +427,7 @@ FLAGS --gpu=GPU Cloud Run supports values 0 or 1. 1 gpu also requires a minimum 4 - --cpu value 1 gpu also requires a minimum 8Gi --memory value. + --cpu value and a minimum 8Gi --memory value. --image=IMAGE Name of the container image to deploy (e.g. diff --git a/gcloud/alpha/sql/export/help b/gcloud/alpha/sql/export/help index 4644efe71..9afa31085 100644 --- a/gcloud/alpha/sql/export/help +++ b/gcloud/alpha/sql/export/help @@ -24,6 +24,10 @@ COMMANDS sql (ALPHA) Exports data from a Cloud SQL instance to a SQL file. + tde + (ALPHA) Export a TDE certificate from a Cloud SQL for SQL Server + instance. + NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct diff --git a/gcloud/alpha/sql/export/tde b/gcloud/alpha/sql/export/tde new file mode 100644 index 000000000..1f7f3f70d --- /dev/null +++ b/gcloud/alpha/sql/export/tde @@ -0,0 +1,94 @@ +NAME + gcloud alpha sql export tde - export a TDE certificate from a Cloud SQL for + SQL Server instance + +SYNOPSIS + gcloud alpha sql export tde INSTANCE + (--cert-path=CERT_PATH --certificate=CERTIFICATE + --pvk-path=PVK_PATH (--prompt-for-pvk-password + | --pvk-password=PVK_PASSWORD)) [--async] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (ALPHA) Exports a TDE certificate from a Cloud SQL instance to a Google + Cloud Storage bucket. This is only supported for SQL Server. + +EXAMPLES + To export a TDE certificate with the name foo and private key password + my-pvk-password in the Cloud SQL instance my-instance to certificate path + my-bucket/my-cert.cert and private key path my-bucket/my-key.pvk, run: + + $ gcloud alpha sql export tde my-instance --certificate=foo \ + --cert-path=gs://my-bucket/my-cert.cert \ + --pvk-path=gs://my-bucket/my-key.pvk \ + --pvk-password=my-pvk-password + + To export a TDE certificate with the name foo and private key password + my-pvk-password in the Cloud SQL instance my-instance and prompting for the + private key password, run: + + $ gcloud alpha sql export tde my-instance --certificate=foo \ + --cert-path=gs://my-bucket/my-cert.cert \ + --pvk-path=gs://my-bucket/my-key.pvk --prompt-for-pvk-password + +POSITIONAL ARGUMENTS + INSTANCE + Cloud SQL instance ID. + +REQUIRED FLAGS + Encryption info to support importing a TDE certificate file + + This must be specified. + + --cert-path=CERT_PATH + Path to the encryption certificate file in Google Cloud Storage. The + URI is in the form gs://bucketName/fileName. + + This flag argument must be specified if any of the other arguments in + this group are specified. + + --certificate=CERTIFICATE + Name of the encryption certificate. + + This flag argument must be specified if any of the other arguments in + this group are specified. + + --pvk-path=PVK_PATH + Path to the encryption private key file in Google Cloud Storage. The + URI is in the form gs://bucketName/fileName. + + This flag argument must be specified if any of the other arguments in + this group are specified. + + Exactly one of these must be specified: + + --prompt-for-pvk-password + Prompt for the private key password associated with the certificate + file with character echo disabled. The password is all typed + characters up to but not including the RETURN or ENTER key. + + --pvk-password=PVK_PASSWORD + The private key password associated with the certificate file. + +OPTIONAL FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in alpha and might change without notice. If this + command fails with API permission errors despite specifying the correct + project, you might be trying to access an API with an invitation-only early + access allowlist. These variants are also available: + + $ gcloud sql export tde + + $ gcloud beta sql export tde + diff --git a/gcloud/alpha/sql/import/bak b/gcloud/alpha/sql/import/bak index aaa5e4d23..363ace661 100644 --- a/gcloud/alpha/sql/import/bak +++ b/gcloud/alpha/sql/import/bak @@ -4,9 +4,9 @@ NAME SYNOPSIS gcloud alpha sql import bak INSTANCE [URI] --database=DATABASE, -d DATABASE - [--async] [--bak-type=BAK_TYPE; default="FULL"] [--no-recovery] - [--recovery-only] [--stop-at=STOP_AT] [--stop-at-mark=STOP_AT_MARK] - [--[no-]striped] + [--async] [--bak-type=BAK_TYPE; default="FULL"] [--keep-encrypted] + [--no-recovery] [--recovery-only] [--stop-at=STOP_AT] + [--stop-at-mark=STOP_AT_MARK] [--[no-]striped] [--cert-path=CERT_PATH --pvk-path=PVK_PATH (--prompt-for-pvk-password | --pvk-password=PVK_PASSWORD)] [GCLOUD_WIDE_FLAG ...] @@ -56,6 +56,9 @@ OPTIONAL FLAGS Type of bak file that will be imported. Applicable to SQL Server only. BAK_TYPE must be one of: FULL, DIFF, TLOG. + --keep-encrypted + Whether or not to decrypt the imported encrypted BAK file. + --no-recovery Whether or not the SQL Server import is execueted with NORECOVERY keyword. diff --git a/gcloud/alpha/sql/import/help b/gcloud/alpha/sql/import/help index 4d31a39a2..9f5b4df33 100644 --- a/gcloud/alpha/sql/import/help +++ b/gcloud/alpha/sql/import/help @@ -24,6 +24,10 @@ COMMANDS sql (ALPHA) Imports data into a Cloud SQL instance from a SQL dump file. + tde + (ALPHA) Import TDE certificate into a Cloud SQL for SQL Server + instance. + NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct diff --git a/gcloud/alpha/sql/import/tde b/gcloud/alpha/sql/import/tde new file mode 100644 index 000000000..73437cd05 --- /dev/null +++ b/gcloud/alpha/sql/import/tde @@ -0,0 +1,98 @@ +NAME + gcloud alpha sql import tde - import TDE certificate into a Cloud SQL for + SQL Server instance + +SYNOPSIS + gcloud alpha sql import tde INSTANCE + (--cert-path=CERT_PATH --certificate=CERTIFICATE + --pvk-path=PVK_PATH (--prompt-for-pvk-password + | --pvk-password=PVK_PASSWORD)) [--async] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (ALPHA) gcloud alpha sql import tde imports a TDE certificate into a Cloud + SQL instance from a certificate file in Google Cloud Storage. + + For detailed help on importing data into Cloud SQL, refer to this guide: + https://cloud.google.com/sql/docs/sqlserver/import-export/importing + +EXAMPLES + To import a TDE certificate with the name foo and certificate path + my-bucket/my-cert.cert and private key path my-bucket/my-key.pvk and pvk + password my-pvk-password into the Cloud SQL instance my-instance, run: + + $ gcloud alpha sql import tde my-instance --certificate=foo \ + --cert-path=gs://my-bucket/my-cert.cert \ + --pvk-path=gs://my-bucket/my-key.pvk \ + --pvk-password=my-pvk-password + + To import a TDE certificate with the name foo and certificate path + my-bucket/my-cert.cert and private key path my-bucket/my-key.pvk into the + Cloud SQL instance my-instance and prompting for the private key password, + run: + + $ gcloud alpha sql import tde my-instance --certificate=foo \ + --cert-path=gs://my-bucket/my-cert.cert \ + --pvk-path=gs://my-bucket/my-key.pvk --prompt-for-pvk-password + +POSITIONAL ARGUMENTS + INSTANCE + Cloud SQL instance ID. + +REQUIRED FLAGS + Encryption info to support importing a TDE certificate file + + This must be specified. + + --cert-path=CERT_PATH + Path to the encryption certificate file in Google Cloud Storage. The + URI is in the form gs://bucketName/fileName. + + This flag argument must be specified if any of the other arguments in + this group are specified. + + --certificate=CERTIFICATE + Name of the encryption certificate. + + This flag argument must be specified if any of the other arguments in + this group are specified. + + --pvk-path=PVK_PATH + Path to the encryption private key file in Google Cloud Storage. The + URI is in the form gs://bucketName/fileName. + + This flag argument must be specified if any of the other arguments in + this group are specified. + + Exactly one of these must be specified: + + --prompt-for-pvk-password + Prompt for the private key password associated with the certificate + file with character echo disabled. The password is all typed + characters up to but not including the RETURN or ENTER key. + + --pvk-password=PVK_PASSWORD + The private key password associated with the certificate file. + +OPTIONAL FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in alpha and might change without notice. If this + command fails with API permission errors despite specifying the correct + project, you might be trying to access an API with an invitation-only early + access allowlist. These variants are also available: + + $ gcloud sql import tde + + $ gcloud beta sql import tde + diff --git a/gcloud/alpha/sql/instances/patch b/gcloud/alpha/sql/instances/patch index fc1b629ce..66f7fd3d3 100644 --- a/gcloud/alpha/sql/instances/patch +++ b/gcloud/alpha/sql/instances/patch @@ -26,6 +26,7 @@ SYNOPSIS [--[no-]enable-private-service-connect] [--failover-dr-replica-name=FAILOVER_DR_REPLICA_NAME] [--follow-gae-app=FOLLOW_GAE_APP] + [--[no-]include-replicas-for-major-version-upgrade] [--[no-]insights-config-query-insights-enabled] [--insights-config-query-plans-per-minute=INSIGHTS_CONFIG_QUERY_PLANS_PER_MINUTE] [--insights-config-query-string-length=INSIGHTS_CONFIG_QUERY_STRING_LENGTH] @@ -245,6 +246,14 @@ FLAGS should follow. It must be in the same region as the instance. WARNING: Instance may be restarted. + --[no-]include-replicas-for-major-version-upgrade + Enable the major version upgrade of replicas when the in-place major + version upgrade of a primary instance is initated with + --database-version. Use --include-replicas-for-major-version-upgrade to + enable and --no-include-replicas-for-major--version-upgrade to disable. + Use --include-replicas-for-major-version-upgrade to enable and + --no-include-replicas-for-major-version-upgrade to disable. + --[no-]insights-config-query-insights-enabled Enable query insights feature to provide query and query plan analytics. diff --git a/gcloud/alpha/storage/batch-operations/jobs/create b/gcloud/alpha/storage/batch-operations/jobs/create index def169657..c65bde7e6 100644 --- a/gcloud/alpha/storage/batch-operations/jobs/create +++ b/gcloud/alpha/storage/batch-operations/jobs/create @@ -11,7 +11,8 @@ SYNOPSIS | [--delete-object : --enable-permanent-object-deletion] | --[no-]put-object-event-based-hold --[no-]put-object-temporary-hold) [--description=DESCRIPTION] - [GCLOUD_WIDE_FLAG ...] + [--log-actions=[LOG_ACTIONS,...] + --log-action-states=[LOG_ACTION_STATES,...]] [GCLOUD_WIDE_FLAG ...] DESCRIPTION (ALPHA) Create a batch operation job, allowing you to perform operations @@ -19,21 +20,32 @@ DESCRIPTION manner. EXAMPLES - To create a batch job with the name my-job to perform object deletion where - the manifest file gs://my-bucket/manifest.csv specifies the objects to be - transformed: + To create a batch job with the name my-job to perform object deletion on + bucket my-bucket and the manifest file gs://my-bucket/manifest.csv + specifies the objects to be transformed: $ gcloud alpha storage batch-operations jobs create my-job \ + --bucket=my-bucket \ --manifest-location=gs://my-bucket/manifest.csv --delete-object To create a batch job with the name my-job to update object metadata - Content-Disposition to inline and Content-Language to en where you want to - match objects with the prefix prefix1 or prefix2: + Content-Disposition to inline and Content-Language to en on bucket + my-bucket where you want to match objects with the prefix prefix1 or + prefix2: $ gcloud alpha storage batch-operations jobs create my-job \ - --included-object-prefixes=prefix1,prefix2 \ + --bucket=my-bucket --included-object-prefixes=prefix1,prefix2 \ --put-metadata=Content-Disposition=inline,Content-Language=en + To create a batch job with the name my-job to put object event based hold + on objects in bucket my-bucket with logging config enabled for + corresponding transform action and succeeded and failed action states: + + $ gcloud alpha storage batch-operations jobs create my-job \ + --bucket=my-bucket --put-object-event-based-hold \ + --put-metadata=Content-Disposition=inline,Content-Language=en \ + --log-actions=transform --log-action-states=succeeded,failed + POSITIONAL ARGUMENTS Batch job resource - The batch job to create. This represents a Cloud resource. (NOTE) Some attributes are not given arguments in this group but @@ -137,10 +149,29 @@ REQUIRED FLAGS --put-object-temporary-hold to enable and --no-put-object-temporary-hold to disable. -OPTIONAL FLAGS +FLAGS --description=DESCRIPTION Description for the batch job. +LOGGING_CONFIG FLAGS + LOGGING CONFIG + + Configure which transfer actions and action states are reported when logs + are generated for this job. Logs can be viewed by running the following + command: gcloud logging read + "resource.type=storagebatchoperations.googleapis.com/Job" + + --log-actions=[LOG_ACTIONS,...] + Define the batch job actions to report in logs. (e.g., + --log-actions=transform). LOG_ACTIONS must be (only one value is + supported): transform. + + --log-action-states=[LOG_ACTION_STATES,...] + The states in which the actions specified in --log-actions are + logged. Separate multiple states with a comma, omitting the space + after the comma (e.g., --log-action-states=succeeded,failed). + LOG_ACTION_STATES must be one of: failed, succeeded. + GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, diff --git a/gcloud/alpha/transfer/jobs/create b/gcloud/alpha/transfer/jobs/create index 9bbd37d62..36d4e7fea 100644 --- a/gcloud/alpha/transfer/jobs/create +++ b/gcloud/alpha/transfer/jobs/create @@ -386,7 +386,7 @@ FLAGS The states in which the actions specified in --log-actions are logged. Separate multiple states with a comma, omitting the space after the comma (e.g., --log-action-states=succeeded,failed). - LOG_ACTION_STATES must be one of: failed, succeeded. + LOG_ACTION_STATES must be one of: failed, skipped, succeeded. ADDITIONAL OPTIONS diff --git a/gcloud/alpha/transfer/jobs/update b/gcloud/alpha/transfer/jobs/update index 2539364be..da0e83f05 100644 --- a/gcloud/alpha/transfer/jobs/update +++ b/gcloud/alpha/transfer/jobs/update @@ -450,7 +450,7 @@ FLAGS The states in which the actions specified in --log-actions are logged. Separate multiple states with a comma, omitting the space after the comma (e.g., --log-action-states=succeeded,failed). - LOG_ACTION_STATES must be one of: failed, succeeded. + LOG_ACTION_STATES must be one of: failed, skipped, succeeded. ADDITIONAL OPTIONS diff --git a/gcloud/beta/ai/endpoints/deploy-model b/gcloud/beta/ai/endpoints/deploy-model index 9e25a4c2f..4def09703 100644 --- a/gcloud/beta/ai/endpoints/deploy-model +++ b/gcloud/beta/ai/endpoints/deploy-model @@ -145,10 +145,7 @@ OPTIONAL FLAGS have access to the resource project. --spot - If true, online prediction access logs are sent to Cloud Logging. - - These logs are standard server access logs, containing information like - timestamp and latency for each prediction request. + If true, schedule the deployment workload on Spot VMs. --tpu-topology=TPU_TOPOLOGY CloudTPU topology to use for this deployment. Required for multihost diff --git a/gcloud/beta/alloydb/instances/create b/gcloud/beta/alloydb/instances/create index 3fb46da90..71e0ca20a 100644 --- a/gcloud/beta/alloydb/instances/create +++ b/gcloud/beta/alloydb/instances/create @@ -21,6 +21,7 @@ SYNOPSIS [--[no-]observability-config-record-application-tags] [--[no-]observability-config-track-active-queries] [--observability-config-track-wait-events] [--[no-]outbound-public-ip] + [--psc-network-attachment-uri=PSC_NETWORK_ATTACHMENT_URI] [--read-pool-node-count=READ_POOL_NODE_COUNT] [--[no-]require-connectors] [--ssl-mode=SSL_MODE; default="ENCRYPTED_ONLY"] [GCLOUD_WIDE_FLAG ...] @@ -178,6 +179,12 @@ OPTIONAL FLAGS Add outbound Public IP connectivity to an AlloyDB instance. Use --outbound-public-ip to enable and --no-outbound-public-ip to disable. + --psc-network-attachment-uri=PSC_NETWORK_ATTACHMENT_URI + Full URI of the network attachment that is configured to support + outbound connectivity from an AlloyDB instance which uses Private + Service Connect (PSC). For example, this would be of the + form:psc-network-attachment-uri=projects/test-project/regions/us-central1/networkAttachments/my-na + --read-pool-node-count=READ_POOL_NODE_COUNT Read capacity, i.e. number of nodes in a read pool instance. diff --git a/gcloud/beta/alloydb/instances/create-secondary b/gcloud/beta/alloydb/instances/create-secondary index b39cf4e82..ff8aa58b3 100644 --- a/gcloud/beta/alloydb/instances/create-secondary +++ b/gcloud/beta/alloydb/instances/create-secondary @@ -9,8 +9,10 @@ SYNOPSIS [--authorized-external-networks=[AUTHORIZED_NETWORK,...]] [--availability-type=AVAILABILITY_TYPE] [--database-flags=FLAG=VALUE,[FLAG=VALUE,...]] - [--[no-]outbound-public-ip] [--[no-]require-connectors] - [--ssl-mode=SSL_MODE] [GCLOUD_WIDE_FLAG ...] + [--[no-]outbound-public-ip] + [--psc-network-attachment-uri=PSC_NETWORK_ATTACHMENT_URI] + [--[no-]require-connectors] [--ssl-mode=SSL_MODE] + [GCLOUD_WIDE_FLAG ...] DESCRIPTION (BETA) Creates a new AlloyDB SECONDARY instance within a given cluster. @@ -84,6 +86,12 @@ OPTIONAL FLAGS Add outbound Public IP connectivity to an AlloyDB instance. Use --outbound-public-ip to enable and --no-outbound-public-ip to disable. + --psc-network-attachment-uri=PSC_NETWORK_ATTACHMENT_URI + Full URI of the network attachment that is configured to support + outbound connectivity from an AlloyDB instance which uses Private + Service Connect (PSC). For example, this would be of the + form:psc-network-attachment-uri=projects/test-project/regions/us-central1/networkAttachments/my-na + --[no-]require-connectors Enable or disable enforcing connectors only (ex: AuthProxy) connections to the database. Use --require-connectors to enable and diff --git a/gcloud/beta/alloydb/instances/update b/gcloud/beta/alloydb/instances/update index d656bb601..d5577a8af 100644 --- a/gcloud/beta/alloydb/instances/update +++ b/gcloud/beta/alloydb/instances/update @@ -7,7 +7,8 @@ SYNOPSIS --region=REGION [--allowed-psc-projects=[ALLOWED_PSC_PROJECTS,...]] [--assign-inbound-public-ip=ASSIGN_INBOUND_PUBLIC_IP] [--async] [--authorized-external-networks=[AUTHORIZED_NETWORK,...]] - [--availability-type=AVAILABILITY_TYPE] [--cpu-count=CPU_COUNT] + [--availability-type=AVAILABILITY_TYPE] + [--clear-psc-network-attachment-uri] [--cpu-count=CPU_COUNT] [--database-flags=FLAG=VALUE,[FLAG=VALUE,...]] [--insights-config-query-plans-per-minute=INSIGHTS_CONFIG_QUERY_PLANS_PER_MINUTE] [--insights-config-query-string-length=INSIGHTS_CONFIG_QUERY_STRING_LENGTH] @@ -20,6 +21,7 @@ SYNOPSIS [--[no-]observability-config-record-application-tags] [--[no-]observability-config-track-active-queries] [--observability-config-track-wait-events] [--[no-]outbound-public-ip] + [--psc-network-attachment-uri=PSC_NETWORK_ATTACHMENT_URI] [--read-pool-node-count=READ_POOL_NODE_COUNT] [--[no-]require-connectors] [--ssl-mode=SSL_MODE] [--update-mode=UPDATE_MODE] [GCLOUD_WIDE_FLAG ...] @@ -86,6 +88,10 @@ OPTIONAL FLAGS production instances; instance does not automatically fail over to another zone. + --clear-psc-network-attachment-uri + Disable outbound connectivity from an AlloyDB instance which uses + Private Service Connect (PSC). + --cpu-count=CPU_COUNT Whole number value indicating how many vCPUs the machine should contain. Each vCPU count corresponds to a N2 high-mem machine: @@ -160,6 +166,12 @@ OPTIONAL FLAGS Add outbound Public IP connectivity to an AlloyDB instance. Use --outbound-public-ip to enable and --no-outbound-public-ip to disable. + --psc-network-attachment-uri=PSC_NETWORK_ATTACHMENT_URI + Full URI of the network attachment that is configured to support + outbound connectivity from an AlloyDB instance which uses Private + Service Connect (PSC). For example, this would be of the + form:psc-network-attachment-uri=projects/test-project/regions/us-central1/networkAttachments/my-na + --read-pool-node-count=READ_POOL_NODE_COUNT Read capacity, i.e. number of nodes in a read pool instance. diff --git a/gcloud/beta/bigtable/app-profiles/create b/gcloud/beta/bigtable/app-profiles/create index 9c357f05f..7a7e0ee34 100644 --- a/gcloud/beta/bigtable/app-profiles/create +++ b/gcloud/beta/bigtable/app-profiles/create @@ -124,23 +124,23 @@ OPTIONAL FLAGS Data Boost Read-only Isolation --data-boost - Use Data Boost Read-only Isolation, rather than Standard Isolation. - If specified, --data-boost-compute-billing-owner is required. - Specifying Data Boost Read-only Isolation on an app profile which - has Standard Isolation enabled may cause unexpected behavior for - running applications. + Use Data Boost serverless compute option, rather than standard + provisioned node compute. If specified, + --data-boost-compute-billing-owner is required. Specifying Data + Boost compute on an app profile that uses standard provisioned node + compute may cause unexpected behavior for running applications. This flag argument must be specified if any of the other arguments in this group are specified. --data-boost-compute-billing-owner=DATA_BOOST_COMPUTE_BILLING_OWNER - Specify the Data Boost Compute Billing Owner, required if + Specify the Data Boost compute billing owner, required if --data-boost is passed. DATA_BOOST_COMPUTE_BILLING_OWNER must be (only one value is supported): HOST_PAYS - Compute Billing should be accounted towards the host Cloud - Project (containing the targeted Bigtable Instance / Table). + Compute billing should be accounted towards the host Cloud + project (containing the targeted Bigtable instance / table). This flag argument must be specified if any of the other arguments in this group are specified. @@ -148,14 +148,15 @@ OPTIONAL FLAGS Standard Isolation --priority=PRIORITY - Specify the request priority under Standard Isolation. Passing this - option implies Standard Isolation, e.g. the --standard option. If - not specified, the app profile uses Standard Isolation with - PRIORITY_HIGH by default. Specifying request priority on an app - profile that has Data Boost Read-Only Isolation enabled will change - the isolation to Standard and use the specified priority, which may - cause unexpected behavior for running applications. PRIORITY must - be one of: + Specify the request priority under standard provisioned node + compute capabilities. Passing this option implies standard + provisioned node compute, e.g. the --standard option. If not + specified, the app profile uses standard provisioned node compute + with PRIORITY_HIGH by default. Specifying request priority on an + app profile that has Data Boost serverless compute enabled changes + the compute option to standard and uses the specified priority, + which might cause unexpected behavior for running applications. + PRIORITY must be one of: PRIORITY_HIGH Requests are treated with high priority. @@ -168,8 +169,8 @@ OPTIONAL FLAGS in this group are specified. --standard - Use Standard Isolation, rather than Data Boost Read-only Isolation. - If specified, --priority is required. + Use standard provisioned node compute option, rather than Data + Boost compute option. If specified, --priority is required. GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, diff --git a/gcloud/beta/bigtable/app-profiles/update b/gcloud/beta/bigtable/app-profiles/update index 89e0eb7fd..3879a251c 100644 --- a/gcloud/beta/bigtable/app-profiles/update +++ b/gcloud/beta/bigtable/app-profiles/update @@ -98,23 +98,23 @@ FLAGS Data Boost Read-only Isolation --data-boost - Use Data Boost Read-only Isolation, rather than Standard Isolation. - If specified, --data-boost-compute-billing-owner is required. - Specifying Data Boost Read-only Isolation on an app profile which - has Standard Isolation enabled may cause unexpected behavior for - running applications. + Use Data Boost serverless compute option, rather than standard + provisioned node compute. If specified, + --data-boost-compute-billing-owner is required. Specifying Data + Boost compute on an app profile that uses standard provisioned node + compute may cause unexpected behavior for running applications. This flag argument must be specified if any of the other arguments in this group are specified. --data-boost-compute-billing-owner=DATA_BOOST_COMPUTE_BILLING_OWNER - Specify the Data Boost Compute Billing Owner, required if + Specify the Data Boost compute billing owner, required if --data-boost is passed. DATA_BOOST_COMPUTE_BILLING_OWNER must be (only one value is supported): HOST_PAYS - Compute Billing should be accounted towards the host Cloud - Project (containing the targeted Bigtable Instance / Table). + Compute billing should be accounted towards the host Cloud + project (containing the targeted Bigtable instance / table). This flag argument must be specified if any of the other arguments in this group are specified. @@ -122,14 +122,15 @@ FLAGS Standard Isolation --priority=PRIORITY - Specify the request priority under Standard Isolation. Passing this - option implies Standard Isolation, e.g. the --standard option. If - not specified, the app profile uses Standard Isolation with - PRIORITY_HIGH by default. Specifying request priority on an app - profile that has Data Boost Read-Only Isolation enabled will change - the isolation to Standard and use the specified priority, which may - cause unexpected behavior for running applications. PRIORITY must - be one of: + Specify the request priority under standard provisioned node + compute capabilities. Passing this option implies standard + provisioned node compute, e.g. the --standard option. If not + specified, the app profile uses standard provisioned node compute + with PRIORITY_HIGH by default. Specifying request priority on an + app profile that has Data Boost serverless compute enabled changes + the compute option to standard and uses the specified priority, + which might cause unexpected behavior for running applications. + PRIORITY must be one of: PRIORITY_HIGH Requests are treated with high priority. @@ -142,8 +143,8 @@ FLAGS in this group are specified. --standard - Use Standard Isolation, rather than Data Boost Read-only Isolation. - If specified, --priority is required. + Use standard provisioned node compute option, rather than Data + Boost compute option. If specified, --priority is required. At most one of these can be specified: diff --git a/gcloud/beta/compute/interconnects/cross-site-networks/create b/gcloud/beta/compute/interconnects/cross-site-networks/create new file mode 100644 index 000000000..3f0c9c862 --- /dev/null +++ b/gcloud/beta/compute/interconnects/cross-site-networks/create @@ -0,0 +1,43 @@ +NAME + gcloud beta compute interconnects cross-site-networks create - create a + Compute Engine cross site network + +SYNOPSIS + gcloud beta compute interconnects cross-site-networks create NAME + [--description=DESCRIPTION] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) gcloud beta compute interconnects cross-site-networks create is used + to create cross site networks. A cross site network contains wire groups. + + For an example, refer to the EXAMPLES section below. + +EXAMPLES + To create a cross site network, run: + + $ gcloud beta compute interconnects cross-site-networks create \ + example-cross-site-network --project=my-project \ + --description="Example cross site network" + +POSITIONAL ARGUMENTS + NAME + Name of the crossSiteNetwork to create. + +FLAGS + --description=DESCRIPTION + An optional, textual description for the cross site network. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud alpha compute interconnects cross-site-networks create + diff --git a/gcloud/beta/compute/interconnects/cross-site-networks/delete b/gcloud/beta/compute/interconnects/cross-site-networks/delete new file mode 100644 index 000000000..3cb9deb41 --- /dev/null +++ b/gcloud/beta/compute/interconnects/cross-site-networks/delete @@ -0,0 +1,30 @@ +NAME + gcloud beta compute interconnects cross-site-networks delete - delete + Compute Engine cross site networks + +SYNOPSIS + gcloud beta compute interconnects cross-site-networks delete NAME + [NAME ...] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) gcloud beta compute interconnects cross-site-networks delete deletes + Compute Engine cross site networks. + +POSITIONAL ARGUMENTS + NAME [NAME ...] + Names of the crossSiteNetworks to delete. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud alpha compute interconnects cross-site-networks delete + diff --git a/gcloud/beta/compute/interconnects/cross-site-networks/describe b/gcloud/beta/compute/interconnects/cross-site-networks/describe new file mode 100644 index 000000000..d576c0257 --- /dev/null +++ b/gcloud/beta/compute/interconnects/cross-site-networks/describe @@ -0,0 +1,31 @@ +NAME + gcloud beta compute interconnects cross-site-networks describe - describe a + Compute Engine cross site network + +SYNOPSIS + gcloud beta compute interconnects cross-site-networks describe NAME + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) gcloud beta compute interconnects cross-site-networks describe + displays all data associated with Compute Engine cross site network in a + project. + +POSITIONAL ARGUMENTS + NAME + Name of the crossSiteNetwork to describe. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud alpha compute interconnects cross-site-networks describe + diff --git a/gcloud/beta/compute/interconnects/cross-site-networks/help b/gcloud/beta/compute/interconnects/cross-site-networks/help new file mode 100644 index 000000000..f08eca5fa --- /dev/null +++ b/gcloud/beta/compute/interconnects/cross-site-networks/help @@ -0,0 +1,40 @@ +NAME + gcloud beta compute interconnects cross-site-networks - create or + manipulate cross site networks + +SYNOPSIS + gcloud beta compute interconnects cross-site-networks COMMAND + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) Create or manipulate cross site networks. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --help. + + Run $ gcloud help for details. + +COMMANDS + COMMAND is one of the following: + + create + (BETA) Create a Compute Engine cross site network. + + delete + (BETA) Delete Compute Engine cross site networks. + + describe + (BETA) Describe a Compute Engine cross site network. + + list + (BETA) List Google Compute Engine cross site networks. + + update + (BETA) Update a Compute Engine cross site network. + +NOTES + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud alpha compute interconnects cross-site-networks + diff --git a/gcloud/beta/compute/interconnects/cross-site-networks/list b/gcloud/beta/compute/interconnects/cross-site-networks/list new file mode 100644 index 000000000..cad2d1967 --- /dev/null +++ b/gcloud/beta/compute/interconnects/cross-site-networks/list @@ -0,0 +1,68 @@ +NAME + gcloud beta compute interconnects cross-site-networks list - list Google + Compute Engine cross site networks + +SYNOPSIS + gcloud beta compute interconnects cross-site-networks list + [--filter=EXPRESSION] [--limit=LIMIT] [--page-size=PAGE_SIZE] + [--sort-by=[FIELD,...]] [--uri] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) gcloud beta compute interconnects cross-site-networks list displays + all Google Compute Engine cross site networks in a project. + +EXAMPLES + To list all cross site networks in a project in table form, run: + + $ gcloud beta compute interconnects cross-site-networks list + + To list the URIs of all cross site networks in a project, run: + + $ gcloud beta compute interconnects cross-site-networks list --uri + +LIST COMMAND FLAGS + --filter=EXPRESSION + Apply a Boolean filter EXPRESSION to each resource item to be listed. + If the expression evaluates True, then that item is listed. For more + details and examples of filter expressions, run $ gcloud topic filters. + This flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --limit=LIMIT + Maximum number of resources to list. The default is unlimited. This + flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --page-size=PAGE_SIZE + Some services group resource list output into pages. This flag + specifies the maximum number of resources per page. The default is + determined by the service if it supports paging, otherwise it is + unlimited (no paging). Paging may be applied before or after --filter + and --limit depending on the service. + + --sort-by=[FIELD,...] + Comma-separated list of resource field key names to sort by. The + default order is ascending. Prefix a field with ``~'' for descending + order on that field. This flag interacts with other flags that are + applied in this order: --flatten, --sort-by, --filter, --limit. + + --uri + Print a list of resource URIs instead of the default output, and change + the command output to a list of URIs. If this flag is used with + --format, the formatting is applied on this URI list. To display URIs + alongside other keys instead, use the uri() transform. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud alpha compute interconnects cross-site-networks list + diff --git a/gcloud/beta/compute/interconnects/cross-site-networks/update b/gcloud/beta/compute/interconnects/cross-site-networks/update new file mode 100644 index 000000000..5c4706bbb --- /dev/null +++ b/gcloud/beta/compute/interconnects/cross-site-networks/update @@ -0,0 +1,35 @@ +NAME + gcloud beta compute interconnects cross-site-networks update - update a + Compute Engine cross site network + +SYNOPSIS + gcloud beta compute interconnects cross-site-networks update NAME + [--description=DESCRIPTION] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) gcloud beta compute interconnects cross-site-networks update is used + to update cross site networks. A cross site network encapsulates wire + groups. + +POSITIONAL ARGUMENTS + NAME + Name of the crossSiteNetwork to update. + +FLAGS + --description=DESCRIPTION + An optional, textual description for the cross site network. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud alpha compute interconnects cross-site-networks update + diff --git a/gcloud/beta/compute/interconnects/help b/gcloud/beta/compute/interconnects/help index 6a1eda847..d9c4fbc5b 100644 --- a/gcloud/beta/compute/interconnects/help +++ b/gcloud/beta/compute/interconnects/help @@ -26,6 +26,9 @@ GROUPS attachments (BETA) Read and manipulate Compute Engine interconnect attachments. + cross-site-networks + (BETA) Create or manipulate cross site networks. + locations (BETA) Read and manipulate Compute Engine interconnect locations. @@ -37,6 +40,9 @@ GROUPS (BETA) Read and manipulate Google Compute Engine interconnect remote locations. + wire-groups + (BETA) Create or manipulate wire groups. + COMMANDS COMMAND is one of the following: diff --git a/gcloud/beta/compute/interconnects/wire-groups/add-endpoint b/gcloud/beta/compute/interconnects/wire-groups/add-endpoint new file mode 100644 index 000000000..057c48bbf --- /dev/null +++ b/gcloud/beta/compute/interconnects/wire-groups/add-endpoint @@ -0,0 +1,48 @@ +NAME + gcloud beta compute interconnects wire-groups add-endpoint - add endpoint + to a Compute Engine wire group + +SYNOPSIS + gcloud beta compute interconnects wire-groups add-endpoint NAME + --cross-site-network=CROSS_SITE_NETWORK --endpoint-label=ENDPOINT_LABEL + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) gcloud beta compute interconnects wire-groups add-endpoint is used + to add endpoints to a wire group. + + For an example, refer to the EXAMPLES section below. + +EXAMPLES + To add endpoint example-endpoint to wire group example-wire-group, run: + + $ gcloud beta compute interconnects wire-groups add-endpoint \ + example-wire-group --project=example-project \ + --cross-site-network=example-cross-site-network \ + --endpoint-label=example-endpoint + +POSITIONAL ARGUMENTS + NAME + Name of the wire group to update. + +REQUIRED FLAGS + --cross-site-network=CROSS_SITE_NETWORK + Name of the crossSiteNetwork to operate on. + + --endpoint-label=ENDPOINT_LABEL + The endpoint label for the wire group. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud alpha compute interconnects wire-groups add-endpoint + diff --git a/gcloud/beta/compute/interconnects/wire-groups/add-interconnect b/gcloud/beta/compute/interconnects/wire-groups/add-interconnect new file mode 100644 index 000000000..290ae8ada --- /dev/null +++ b/gcloud/beta/compute/interconnects/wire-groups/add-interconnect @@ -0,0 +1,61 @@ +NAME + gcloud beta compute interconnects wire-groups add-interconnect - add + interconnect to a Compute Engine wire group + +SYNOPSIS + gcloud beta compute interconnects wire-groups add-interconnect NAME + --cross-site-network=CROSS_SITE_NETWORK --endpoint-label=ENDPOINT_LABEL + --interconnect=INTERCONNECT --interconnect-label=INTERCONNECT_LABEL + --vlan-tags=VLAN_TAGS [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) gcloud beta compute interconnects wire-groups add-interconnect is + used to add interconnects to a wire group. + + For an example, refer to the EXAMPLES section below. + +EXAMPLES + To add an interconnect example-interconnect to wire group + example-wire-group, run: + + $ gcloud beta compute interconnects wire-groups add-interconnect \ + example-wire-group --project=example-project \ + --cross-site-network=example-cross-site-network \ + --endpoint-label=example-endpoint \ + --interconnect-label=example-interconnect \ + --interconnect=some-interconnect-uri --vlan-tags=111,222 + +POSITIONAL ARGUMENTS + NAME + Name of the wire group to update. + +REQUIRED FLAGS + --cross-site-network=CROSS_SITE_NETWORK + Name of the crossSiteNetwork to operate on. + + --endpoint-label=ENDPOINT_LABEL + The endpoint label for the wire group. + + --interconnect=INTERCONNECT + The interconnect for the wire group endpoint. + + --interconnect-label=INTERCONNECT_LABEL + The interconnect label for the wire group endpoint. + + --vlan-tags=VLAN_TAGS + The vlan tags for the interconnect on the wire group endpoint. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud alpha compute interconnects wire-groups add-interconnect + diff --git a/gcloud/beta/compute/interconnects/wire-groups/create b/gcloud/beta/compute/interconnects/wire-groups/create new file mode 100644 index 000000000..6778be2ef --- /dev/null +++ b/gcloud/beta/compute/interconnects/wire-groups/create @@ -0,0 +1,85 @@ +NAME + gcloud beta compute interconnects wire-groups create - create a Compute + Engine wire group + +SYNOPSIS + gcloud beta compute interconnects wire-groups create NAME + --bandwidth-unmetered=BANDWIDTH_UNMETERED + --cross-site-network=CROSS_SITE_NETWORK --type=TYPE [--admin-enabled] + [--description=DESCRIPTION] [--fault-response=FAULT_RESPONSE] + [--validate-only] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) gcloud beta compute interconnects wire-groups create is used to + create wire groups. A wire group represents a group of redundant wires + between interconnects in two different metros. Each WireGroup belongs to a + CrossSiteNetwork. + + For an example, refer to the EXAMPLES section below. + +EXAMPLES + To create a wire group, run: + + $ gcloud beta compute interconnects wire-groups create \ + example-wire-group --project my-project \ + --cross-site-network example-cross-site-network \ + --type REDUNDANT --bandwidth-unmetered 1 + +POSITIONAL ARGUMENTS + NAME + Name of the wire group to create. + +REQUIRED FLAGS + --bandwidth-unmetered=BANDWIDTH_UNMETERED + The amount of unmetered bandwidth to assign to the wire group. + + --cross-site-network=CROSS_SITE_NETWORK + Name of the crossSiteNetwork to operate on. + + --type=TYPE + The type for the wire group. TYPE must be one of: + + BOX_AND_CROSS + Box and cross type wire groups must have two VLAN tags. The first + is for the same-zone pseudowire, and the second is for the + cross-zone pseudowire. + REDUNDANT + Redundant type wire groups must have only one VLAN tag. + WIRE + Single wire type wire groups must have only one VLAN tag. + +OPTIONAL FLAGS + --admin-enabled + Administrative status of the wire group. If not provided on creation, + defaults to enabled. When this is enabled, the wire group is + operational and will carry traffic. Use --no-admin-enabled to disable + it. + + --description=DESCRIPTION + An optional, textual description for the wire group. + + --fault-response=FAULT_RESPONSE + The fault response for the wire group. FAULT_RESPONSE must be one of: + + DISABLE_PORT + Disable port + NONE + None + + --validate-only + Validate the new configuration, but don't update it. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud alpha compute interconnects wire-groups create + diff --git a/gcloud/beta/compute/interconnects/wire-groups/delete b/gcloud/beta/compute/interconnects/wire-groups/delete new file mode 100644 index 000000000..c63b11f7b --- /dev/null +++ b/gcloud/beta/compute/interconnects/wire-groups/delete @@ -0,0 +1,34 @@ +NAME + gcloud beta compute interconnects wire-groups delete - delete Compute + Engine wire groups + +SYNOPSIS + gcloud beta compute interconnects wire-groups delete NAME [NAME ...] + --cross-site-network=CROSS_SITE_NETWORK [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) gcloud beta compute interconnects wire-groups delete deletes Compute + Engine wire groups. + +POSITIONAL ARGUMENTS + NAME [NAME ...] + Names of the wire groups to delete. + +REQUIRED FLAGS + --cross-site-network=CROSS_SITE_NETWORK + Name of the crossSiteNetwork to operate on. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud alpha compute interconnects wire-groups delete + diff --git a/gcloud/beta/compute/interconnects/wire-groups/describe b/gcloud/beta/compute/interconnects/wire-groups/describe new file mode 100644 index 000000000..3c1a56c09 --- /dev/null +++ b/gcloud/beta/compute/interconnects/wire-groups/describe @@ -0,0 +1,34 @@ +NAME + gcloud beta compute interconnects wire-groups describe - describe a Compute + Engine wire group + +SYNOPSIS + gcloud beta compute interconnects wire-groups describe NAME + --cross-site-network=CROSS_SITE_NETWORK [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) gcloud beta compute interconnects wire-groups describe displays all + data associated with Compute Engine wire group in a project. + +POSITIONAL ARGUMENTS + NAME + Name of the wire group to describe. + +REQUIRED FLAGS + --cross-site-network=CROSS_SITE_NETWORK + Name of the crossSiteNetwork to operate on. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud alpha compute interconnects wire-groups describe + diff --git a/gcloud/beta/compute/interconnects/wire-groups/help b/gcloud/beta/compute/interconnects/wire-groups/help new file mode 100644 index 000000000..26e41addf --- /dev/null +++ b/gcloud/beta/compute/interconnects/wire-groups/help @@ -0,0 +1,52 @@ +NAME + gcloud beta compute interconnects wire-groups - create or manipulate wire + groups + +SYNOPSIS + gcloud beta compute interconnects wire-groups COMMAND + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) Create or manipulate wire groups. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --help. + + Run $ gcloud help for details. + +COMMANDS + COMMAND is one of the following: + + add-endpoint + (BETA) Add endpoint to a Compute Engine wire group. + + add-interconnect + (BETA) Add interconnect to a Compute Engine wire group. + + create + (BETA) Create a Compute Engine wire group. + + delete + (BETA) Delete Compute Engine wire groups. + + describe + (BETA) Describe a Compute Engine wire group. + + list + (BETA) List Google Compute Engine wire groups. + + remove-endpoint + (BETA) Remove endpoint from a Compute Engine wire group. + + remove-interconnect + (BETA) Remove interconnect from a wire group. + + update + (BETA) Update a Compute Engine wire group. + +NOTES + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud alpha compute interconnects wire-groups + diff --git a/gcloud/beta/compute/interconnects/wire-groups/list b/gcloud/beta/compute/interconnects/wire-groups/list new file mode 100644 index 000000000..d9c08cc6a --- /dev/null +++ b/gcloud/beta/compute/interconnects/wire-groups/list @@ -0,0 +1,73 @@ +NAME + gcloud beta compute interconnects wire-groups list - list Google Compute + Engine wire groups + +SYNOPSIS + gcloud beta compute interconnects wire-groups list + --cross-site-network=CROSS_SITE_NETWORK [--filter=EXPRESSION] + [--limit=LIMIT] [--page-size=PAGE_SIZE] [--sort-by=[FIELD,...]] [--uri] + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) gcloud beta compute interconnects wire-groups list displays all + Google Compute Engine wire groups in a project. + +EXAMPLES + To list all wire groups in a project in table form, run: + + $ gcloud beta compute interconnects wire-groups list + + To list the URIs of all wire groups in a project, run: + + $ gcloud beta compute interconnects wire-groups list --uri + +REQUIRED FLAGS + --cross-site-network=CROSS_SITE_NETWORK + Name of the crossSiteNetwork to operate on. + +LIST COMMAND FLAGS + --filter=EXPRESSION + Apply a Boolean filter EXPRESSION to each resource item to be listed. + If the expression evaluates True, then that item is listed. For more + details and examples of filter expressions, run $ gcloud topic filters. + This flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --limit=LIMIT + Maximum number of resources to list. The default is unlimited. This + flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --page-size=PAGE_SIZE + Some services group resource list output into pages. This flag + specifies the maximum number of resources per page. The default is + determined by the service if it supports paging, otherwise it is + unlimited (no paging). Paging may be applied before or after --filter + and --limit depending on the service. + + --sort-by=[FIELD,...] + Comma-separated list of resource field key names to sort by. The + default order is ascending. Prefix a field with ``~'' for descending + order on that field. This flag interacts with other flags that are + applied in this order: --flatten, --sort-by, --filter, --limit. + + --uri + Print a list of resource URIs instead of the default output, and change + the command output to a list of URIs. If this flag is used with + --format, the formatting is applied on this URI list. To display URIs + alongside other keys instead, use the uri() transform. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud alpha compute interconnects wire-groups list + diff --git a/gcloud/beta/compute/interconnects/wire-groups/remove-endpoint b/gcloud/beta/compute/interconnects/wire-groups/remove-endpoint new file mode 100644 index 000000000..f7028f847 --- /dev/null +++ b/gcloud/beta/compute/interconnects/wire-groups/remove-endpoint @@ -0,0 +1,49 @@ +NAME + gcloud beta compute interconnects wire-groups remove-endpoint - remove + endpoint from a Compute Engine wire group + +SYNOPSIS + gcloud beta compute interconnects wire-groups remove-endpoint NAME + --cross-site-network=CROSS_SITE_NETWORK --endpoint-label=ENDPOINT_LABEL + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) gcloud beta compute interconnects wire-groups remove-endpoint is + used to remove endpoints from a wire group. + + For an example, refer to the EXAMPLES section below. + +EXAMPLES + To remove endpoint example-endpoint from wire group example-wire-group, + run: + + $ gcloud beta compute interconnects wire-groups remove-endpoint \ + example-wire-group --project=example-project \ + --cross-site-network=example-cross-site-network \ + --endpoint-label=example-endpoint + +POSITIONAL ARGUMENTS + NAME + Name of the wire group to update. + +REQUIRED FLAGS + --cross-site-network=CROSS_SITE_NETWORK + Name of the crossSiteNetwork to operate on. + + --endpoint-label=ENDPOINT_LABEL + The endpoint label for the wire group. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud alpha compute interconnects wire-groups remove-endpoint + diff --git a/gcloud/beta/compute/interconnects/wire-groups/remove-interconnect b/gcloud/beta/compute/interconnects/wire-groups/remove-interconnect new file mode 100644 index 000000000..709326fdb --- /dev/null +++ b/gcloud/beta/compute/interconnects/wire-groups/remove-interconnect @@ -0,0 +1,54 @@ +NAME + gcloud beta compute interconnects wire-groups remove-interconnect - remove + interconnect from a wire group + +SYNOPSIS + gcloud beta compute interconnects wire-groups remove-interconnect NAME + --cross-site-network=CROSS_SITE_NETWORK --endpoint-label=ENDPOINT_LABEL + --interconnect-label=INTERCONNECT_LABEL [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) gcloud beta compute interconnects wire-groups remove-interconnect is + used to remove interconnects from a wire group endpoint. + + For an example, refer to the EXAMPLES section below. + +EXAMPLES + To remove an interconnect example-interconnect from wire group + example-wire-group, run: + + $ gcloud beta compute interconnects wire-groups \ + remove-interconnect example-wire-group \ + --project=example-project \ + --cross-site-network=example-cross-site-network \ + --endpoint-label=example-endpoint \ + --interconnect-label=example-interconnect + +POSITIONAL ARGUMENTS + NAME + Name of the wire group to update. + +REQUIRED FLAGS + --cross-site-network=CROSS_SITE_NETWORK + Name of the crossSiteNetwork to operate on. + + --endpoint-label=ENDPOINT_LABEL + The endpoint label for the wire group. + + --interconnect-label=INTERCONNECT_LABEL + The interconnect label for the wire group endpoint. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud alpha compute interconnects wire-groups remove-interconnect + diff --git a/gcloud/beta/compute/interconnects/wire-groups/update b/gcloud/beta/compute/interconnects/wire-groups/update new file mode 100644 index 000000000..8a6f4b630 --- /dev/null +++ b/gcloud/beta/compute/interconnects/wire-groups/update @@ -0,0 +1,72 @@ +NAME + gcloud beta compute interconnects wire-groups update - update a Compute + Engine wire group + +SYNOPSIS + gcloud beta compute interconnects wire-groups update NAME + --cross-site-network=CROSS_SITE_NETWORK [--admin-enabled] + [--bandwidth-unmetered=BANDWIDTH_UNMETERED] [--description=DESCRIPTION] + [--fault-response=FAULT_RESPONSE] [--type=TYPE] [--validate-only] + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) gcloud beta compute interconnects wire-groups update is used to + update wire groups. A wire group represents a group of redundant wires. + +POSITIONAL ARGUMENTS + NAME + Name of the wire group to update. + +REQUIRED FLAGS + --cross-site-network=CROSS_SITE_NETWORK + Name of the crossSiteNetwork to operate on. + +OPTIONAL FLAGS + --admin-enabled + Administrative status of the wire group. When this is enabled, the wire + group is operational and will carry traffic. Use --no-admin-enabled to + disable it. + + --bandwidth-unmetered=BANDWIDTH_UNMETERED + The amount of unmetered bandwidth to assign to the wire group. + + --description=DESCRIPTION + An optional, textual description for the wire group. + + --fault-response=FAULT_RESPONSE + The fault response for the wire group. FAULT_RESPONSE must be one of: + + DISABLE_PORT + Disable port + NONE + None + + --type=TYPE + The type for the wire group. TYPE must be one of: + + BOX_AND_CROSS + Box and cross type wire groups must have two VLAN tags. The first + is for the same-zone pseudowire, and the second is for the + cross-zone pseudowire. + REDUNDANT + Redundant type wire groups must have only one VLAN tag. + WIRE + Single wire type wire groups must have only one VLAN tag. + + --validate-only + Validate the new configuration, but don't update it. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud alpha compute interconnects wire-groups update + diff --git a/gcloud/beta/dataflow/help b/gcloud/beta/dataflow/help index 2a14a16c3..fab1f6618 100644 --- a/gcloud/beta/dataflow/help +++ b/gcloud/beta/dataflow/help @@ -40,10 +40,6 @@ GROUPS (BETA) A group of subcommands for working with Cloud Dataflow snapshots. - sql - (BETA) (DEPRECATED) A group of subcommands for working with Dataflow - SQL. - yaml (BETA) A group of subcommands for launching Beam YAML jobs on Dataflow. diff --git a/gcloud/beta/dataflow/sql/help b/gcloud/beta/dataflow/sql/help deleted file mode 100644 index 1eb8b4271..000000000 --- a/gcloud/beta/dataflow/sql/help +++ /dev/null @@ -1,33 +0,0 @@ -NAME - gcloud beta dataflow sql - a group of subcommands for working with Dataflow - SQL - -SYNOPSIS - gcloud beta dataflow sql COMMAND [GCLOUD_WIDE_FLAG ...] - -DESCRIPTION - (BETA) (DEPRECATED) A group of subcommands for working with Dataflow SQL. - - This command is deprecated and will be removed January 31, 2025. Please see - Beam YAML (https://beam.apache.org/documentation/sdks/yaml/) and Beam - notebooks - (https://cloud.google.com/dataflow/docs/guides/notebook-advanced#beam-sql) - for alternatives. - -GCLOUD WIDE FLAGS - These flags are available to all commands: --help. - - Run $ gcloud help for details. - -COMMANDS - COMMAND is one of the following: - - query - (BETA) (DEPRECATED) Execute the user-specified SQL query on Dataflow. - -NOTES - This command is currently in beta and might change without notice. This - variant is also available: - - $ gcloud dataflow sql - diff --git a/gcloud/beta/dataflow/sql/query b/gcloud/beta/dataflow/sql/query deleted file mode 100644 index fba8e8979..000000000 --- a/gcloud/beta/dataflow/sql/query +++ /dev/null @@ -1,221 +0,0 @@ -NAME - gcloud beta dataflow sql query - execute the user-specified SQL query on - Dataflow - -SYNOPSIS - gcloud beta dataflow sql query QUERY --job-name=JOB_NAME --region=REGION - ([--bigquery-table=BIGQUERY_TABLE : --bigquery-dataset=BIGQUERY_DATASET - --bigquery-project=BIGQUERY_PROJECT] [--pubsub-topic=PUBSUB_TOPIC - : --pubsub-project=PUBSUB_PROJECT]) - [--bigquery-write-disposition=BIGQUERY_WRITE_DISPOSITION; - default="write-empty"] [--dataflow-kms-key=DATAFLOW_KMS_KEY] - [--disable-public-ips] [--dry-run] [--max-workers=MAX_WORKERS] - [--network=NETWORK] [--num-workers=NUM_WORKERS] - [--pubsub-create-disposition=PUBSUB_CREATE_DISPOSITION; - default="create-if-not-found"] - [--service-account-email=SERVICE_ACCOUNT_EMAIL] - [--subnetwork=SUBNETWORK] [--worker-machine-type=WORKER_MACHINE_TYPE] - [--parameter=PARAMETER | --parameters-file=PARAMETERS_FILE] - [--worker-region=WORKER_REGION | --worker-zone=WORKER_ZONE - | --zone=ZONE] [GCLOUD_WIDE_FLAG ...] - -DESCRIPTION - (BETA) (DEPRECATED) This command is deprecated and will be removed January - 31, 2025. Please see Beam YAML - (https://beam.apache.org/documentation/sdks/yaml/) and Beam notebooks - (https://cloud.google.com/dataflow/docs/guides/notebook-advanced#beam-sql) - for alternatives. - - Execute the user-specified SQL query on Dataflow. Queries must comply to - the ZetaSQL dialect (https://github.com/google/zetasql). Results may be - written to either BigQuery or Cloud Pub/Sub. - -EXAMPLES - To execute a simple SQL query on Dataflow that reads from and writes to - BigQuery, run: - - $ gcloud beta dataflow sql query \ - 'SELECT word FROM - bigquery.table.`my-project`.input_dataset.input_table where count - > 3' --job-name=my-job --region=us-west1 \ - --bigquery-dataset=my_output_dataset \ - --bigquery-table=my_output_table - - To execute a simple SQL query on Dataflow that reads from and writes to - Cloud Pub/Sub, run: - - $ gcloud beta dataflow sql query \ - 'SELECT word FROM pubsub.topic.`my-project`.input_topic where - count > 3' --job-name=my-job --region=us-west1 \ - --pubsub-topic=my_output_topic - - To join data from BigQuery and Cloud Pub/Sub and write the result to Cloud - Pub/Sub, run: - - $ gcloud beta dataflow sql query \ - 'SELECT bq.name AS name FROM - pubsub.topic.`my-project`.input_topic p INNER JOIN - bigquery.table.`my-project`.input_dataset.input_table bq ON p.id = - bq.id' --job-name=my-job --region=us-west1 \ - --pubsub-topic=my_output_topic - - To execute a parameterized SQL query that reads from and writes to - BigQuery, run: - - $ gcloud beta dataflow sql query \ - 'SELECT word FROM - bigquery.table.`my-project`.input_dataset.input_table where count - > @threshold' --parameter=threshold:INT64:5 --job-name=my-job \ - --region=us-west1 --bigquery-dataset=my_output_dataset \ - --bigquery-table=my_output_table - -POSITIONAL ARGUMENTS - QUERY - The SQL query to execute. - -REQUIRED FLAGS - --job-name=JOB_NAME - The unique name to assign to the Cloud Dataflow job. - - --region=REGION - Region ID of the job's regional endpoint. Defaults to 'us-central1'. - - The destination(s) for the output of the query. - - At least one of these must be specified: - - BigQuery table resource - The BigQuery table to write query output to. - The arguments in this group can be used to specify the attributes of - this resource. - - --bigquery-table=BIGQUERY_TABLE - ID of the BigQuery table or fully qualified identifier for the - BigQuery table. - - To set the bigquery-table attribute: - ▫ provide the argument --bigquery-table on the command line. - - This flag argument must be specified if any of the other arguments - in this group are specified. - - --bigquery-dataset=BIGQUERY_DATASET - The BigQuery dataset ID. - - To set the bigquery-dataset attribute: - ▫ provide the argument --bigquery-table on the command line with - a fully specified name; - ▫ provide the argument --bigquery-dataset on the command line. - - --bigquery-project=BIGQUERY_PROJECT - The BigQuery project ID. - - To set the bigquery-project attribute: - ▫ provide the argument --bigquery-table on the command line with - a fully specified name; - ▫ provide the argument --bigquery-project on the command line. - - Pub/Sub topic resource - The Cloud Pub/Sub topic to write query output - to. The arguments in this group can be used to specify the attributes of - this resource. - - --pubsub-topic=PUBSUB_TOPIC - ID of the Pub/Sub topic or fully qualified identifier for the - Pub/Sub topic. - - To set the pubsub-topic attribute: - ▫ provide the argument --pubsub-topic on the command line. - - This flag argument must be specified if any of the other arguments - in this group are specified. - - --pubsub-project=PUBSUB_PROJECT - The Pub/Sub project ID. - - To set the pubsub-project attribute: - ▫ provide the argument --pubsub-topic on the command line with a - fully specified name; - ▫ provide the argument --pubsub-project on the command line. - -OPTIONAL FLAGS - --bigquery-write-disposition=BIGQUERY_WRITE_DISPOSITION; default="write-empty" - The behavior of the BigQuery write operation. - BIGQUERY_WRITE_DISPOSITION must be one of: write-empty, write-truncate, - write-append. - - --dataflow-kms-key=DATAFLOW_KMS_KEY - The Cloud KMS key to protect the job resources. - - --disable-public-ips - The Cloud Dataflow workers must not use public IP addresses. Overrides - the default dataflow/disable_public_ips property value for this command - invocation. - - --dry-run - Construct but do not run the SQL pipeline, for smoke testing. - - --max-workers=MAX_WORKERS - The maximum number of workers to run. - - --network=NETWORK - The Compute Engine network for launching instances to run your - pipeline. - - --num-workers=NUM_WORKERS - The initial number of workers to use. - - --pubsub-create-disposition=PUBSUB_CREATE_DISPOSITION; default="create-if-not-found" - The behavior of the Pub/Sub create operation. PUBSUB_CREATE_DISPOSITION - must be one of: create-if-not-found, fail-if-not-found. - - --service-account-email=SERVICE_ACCOUNT_EMAIL - The service account to run the workers as. - - --subnetwork=SUBNETWORK - The Compute Engine subnetwork for launching instances to run your - pipeline. - - --worker-machine-type=WORKER_MACHINE_TYPE - The type of machine to use for workers. Defaults to server-specified. - - At most one of these can be specified: - - --parameter=PARAMETER - Parameters to pass to a query. Parameters must use the format - name:type:value, for example min_word_count:INT64:250. - - --parameters-file=PARAMETERS_FILE - Path to a file containing query parameters in JSON format. e.g. - [{"parameterType": {"type": "STRING"}, "parameterValue": {"value": - "foo"}, "name": "x"}, {"parameterType": {"type": "FLOAT64"}, - "parameterValue": {"value": "1.0"}, "name": "y"}] - - Worker location options. - - At most one of these can be specified: - - --worker-region=WORKER_REGION - The region to run the workers in. - - --worker-zone=WORKER_ZONE - The zone to run the workers in. - - --zone=ZONE - (DEPRECATED) The zone to run the workers in. - - The --zone option is deprecated; use --worker-region or --worker-zone - instead. - -GCLOUD WIDE FLAGS - These flags are available to all commands: --access-token-file, --account, - --billing-project, --configuration, --flags-file, --flatten, --format, - --help, --impersonate-service-account, --log-http, --project, --quiet, - --trace-token, --user-output-enabled, --verbosity. - - Run $ gcloud help for details. - -NOTES - This command is currently in beta and might change without notice. This - variant is also available: - - $ gcloud dataflow sql query - diff --git a/gcloud/beta/dataproc/clusters/create b/gcloud/beta/dataproc/clusters/create index 0def91c50..ff0c54a9c 100644 --- a/gcloud/beta/dataproc/clusters/create +++ b/gcloud/beta/dataproc/clusters/create @@ -57,8 +57,9 @@ SYNOPSIS : --gce-pd-kms-key-keyring=GCE_PD_KMS_KEY_KEYRING --gce-pd-kms-key-location=GCE_PD_KMS_KEY_LOCATION --gce-pd-kms-key-project=GCE_PD_KMS_KEY_PROJECT] - [--metadata=KEY=VALUE,[KEY=VALUE,...] --scopes=SCOPE,[SCOPE,...] - --service-account=SERVICE_ACCOUNT + [--metadata=KEY=VALUE,[KEY=VALUE,...] + --resource-manager-tags=KEY=VALUE,[KEY=VALUE,...] + --scopes=SCOPE,[SCOPE,...] --service-account=SERVICE_ACCOUNT --tags=TAG,[TAG,...] --network=NETWORK | --subnet=SUBNET --reservation=RESERVATION --reservation-affinity=RESERVATION_AFFINITY; default="any"] @@ -561,6 +562,10 @@ FLAGS Metadata to be made available to the guest operating system running on the instances + --resource-manager-tags=KEY=VALUE,[KEY=VALUE,...] + Specifies a list of resource manager tags to apply to each cluster + node (master and worker nodes). + --scopes=SCOPE,[SCOPE,...] Specifies scopes for the node instances. Multiple SCOPEs can be specified, separated by commas. Examples: diff --git a/gcloud/beta/dataproc/workflow-templates/set-managed-cluster b/gcloud/beta/dataproc/workflow-templates/set-managed-cluster index a95aa8728..8339a81b8 100644 --- a/gcloud/beta/dataproc/workflow-templates/set-managed-cluster +++ b/gcloud/beta/dataproc/workflow-templates/set-managed-cluster @@ -51,8 +51,9 @@ SYNOPSIS --kerberos-root-principal-password-uri=KERBEROS_ROOT_PRINCIPAL_PASSWORD_URI [--kerberos-kms-key=KERBEROS_KMS_KEY : --kerberos-kms-key-keyring=KERBEROS_KMS_KEY_KEYRING --kerberos-kms-key-location=KERBEROS_KMS_KEY_LOCATION --kerberos-kms-key-project=KERBEROS_KMS_KEY_PROJECT]] [--kms-key=KMS_KEY : --kms-keyring=KMS_KEYRING --kms-location=KMS_LOCATION --kms-project=KMS_PROJECT] - [--metadata=KEY=VALUE,[KEY=VALUE,...] --scopes=SCOPE,[SCOPE,...] - --service-account=SERVICE_ACCOUNT + [--metadata=KEY=VALUE,[KEY=VALUE,...] + --resource-manager-tags=KEY=VALUE,[KEY=VALUE,...] + --scopes=SCOPE,[SCOPE,...] --service-account=SERVICE_ACCOUNT --tags=TAG,[TAG,...] --network=NETWORK | --subnet=SUBNET --reservation=RESERVATION --reservation-affinity=RESERVATION_AFFINITY; default="any"] @@ -622,6 +623,10 @@ FLAGS Metadata to be made available to the guest operating system running on the instances + --resource-manager-tags=KEY=VALUE,[KEY=VALUE,...] + Specifies a list of resource manager tags to apply to each cluster + node (master and worker nodes). + --scopes=SCOPE,[SCOPE,...] Specifies scopes for the node instances. Multiple SCOPEs can be specified, separated by commas. Examples: diff --git a/gcloud/beta/functions/deploy b/gcloud/beta/functions/deploy index 681679ecd..d39a6dcbe 100644 --- a/gcloud/beta/functions/deploy +++ b/gcloud/beta/functions/deploy @@ -112,12 +112,15 @@ FLAGS value. --docker-registry=DOCKER_REGISTRY - Docker Registry to use for storing the function's Docker images. The - option artifact-registry is used by default. + (DEPRECATED) Docker Registry to use for storing the function's Docker + images. The option artifact-registry is used by default. - Warning: Artifact Registry and Container Registry have different image - storage costs. For more details, please see - https://cloud.google.com/functions/pricing#deployment_costs. + With the general transition from Container Registry to + Artifact Registry, the option to specify docker registry is deprecated. + All container image storage and management will automatically + transition to Artifact Registry. + For more information, see + https://cloud.google.com/artifact-registry/docs/transition/transition-from-gcr DOCKER_REGISTRY must be one of: artifact-registry, container-registry. diff --git a/gcloud/beta/iap/settings/get b/gcloud/beta/iap/settings/get index 7c0f88af5..638ed9880 100644 --- a/gcloud/beta/iap/settings/get +++ b/gcloud/beta/iap/settings/get @@ -63,6 +63,23 @@ EXAMPLES --resource-type=backend-services --service=SERVICE_ID \ --region=REGION_ID + To get the IAP setting for all forwarding rules within a project, run: + + $ gcloud beta iap settings get --project=PROJECT_ID \ + --resource-type=forwarding-rule + + To get the IAP setting for a forwarding rule within a project, run: + + $ gcloud beta iap settings get --project=PROJECT_ID \ + --resource-type=forwarding-rule --service=SERVICE_ID + + To get the IAP setting for a regional forwarding rule within a project, + run: + + $ gcloud beta iap settings get --project=PROJECT_ID \ + --resource-type=forwarding-rule --service=SERVICE_ID \ + --region=REGION_ID + FLAGS --folder=FOLDER Folder ID. @@ -82,7 +99,7 @@ FLAGS Resource type of the IAP resource. For Backend Services, you can use both compute and backend-services as resource type. RESOURCE_TYPE must be one of: app-engine, iap_web, compute, organization, folder, - forwarding-rule, backend-services. + backend-services, forwarding-rule. --service=SERVICE Service name. Optional when resource-type is compute or app-engine. diff --git a/gcloud/beta/iap/settings/set b/gcloud/beta/iap/settings/set index 556f86a25..0cc7b238f 100644 --- a/gcloud/beta/iap/settings/set +++ b/gcloud/beta/iap/settings/set @@ -65,6 +65,23 @@ EXAMPLES --project=PROJECT_ID --resource-type=backend-services \ --service=SERVICE_ID --region=REGION_ID + To set the IAP setting for all forwarding rule within a project, run: + + $ gcloud beta iap settings set iap_settings.yaml \ + --project=PROJECT_ID --resource-type=forwarding-rule + + To set the IAP setting for a forwarding rule within a project, run: + + $ gcloud beta iap settings set iap_settings.yaml \ + --project=PROJECT_ID --resource-type=forwarding-rule \ + --service=SERVICE_ID + + To set the IAP setting for a region forwarding rule within a project, run: + + $ gcloud beta iap settings set iap_settings.yaml \ + --project=PROJECT_ID --resource-type=forwarding-rule \ + --service=SERVICE_ID --region=REGION_ID + POSITIONAL ARGUMENTS SETTING_FILE JSON or YAML file containing the IAP resource settings. @@ -132,7 +149,7 @@ FLAGS Resource type of the IAP resource. For Backend Services, you can use both compute and backend-services as resource type. RESOURCE_TYPE must be one of: app-engine, iap_web, compute, organization, folder, - forwarding-rule, backend-services. + backend-services, forwarding-rule. --service=SERVICE Service name. Optional when resource-type is compute or app-engine. diff --git a/gcloud/beta/kms/keys/create b/gcloud/beta/kms/keys/create index 8077ad390..3a09f2075 100644 --- a/gcloud/beta/kms/keys/create +++ b/gcloud/beta/kms/keys/create @@ -204,16 +204,17 @@ OPTIONAL FLAGS aes-256-ctr, aes-256-gcm, ec-sign-ed25519, ec-sign-p256-sha256, ec-sign-p384-sha384, ec-sign-secp256k1-sha256, external-symmetric-encryption, google-symmetric-encryption, hmac-sha1, - hmac-sha224, hmac-sha256, hmac-sha384, hmac-sha512, - rsa-decrypt-oaep-2048-sha1, rsa-decrypt-oaep-2048-sha256, - rsa-decrypt-oaep-3072-sha1, rsa-decrypt-oaep-3072-sha256, - rsa-decrypt-oaep-4096-sha1, rsa-decrypt-oaep-4096-sha256, - rsa-decrypt-oaep-4096-sha512, rsa-sign-pkcs1-2048-sha256, - rsa-sign-pkcs1-3072-sha256, rsa-sign-pkcs1-4096-sha256, - rsa-sign-pkcs1-4096-sha512, rsa-sign-pss-2048-sha256, - rsa-sign-pss-3072-sha256, rsa-sign-pss-4096-sha256, - rsa-sign-pss-4096-sha512, rsa-sign-raw-pkcs1-2048, - rsa-sign-raw-pkcs1-3072, rsa-sign-raw-pkcs1-4096. + hmac-sha224, hmac-sha256, hmac-sha384, hmac-sha512, pq-sign-ml-dsa-65, + pq-sign-slh-dsa-sha2-128s, rsa-decrypt-oaep-2048-sha1, + rsa-decrypt-oaep-2048-sha256, rsa-decrypt-oaep-3072-sha1, + rsa-decrypt-oaep-3072-sha256, rsa-decrypt-oaep-4096-sha1, + rsa-decrypt-oaep-4096-sha256, rsa-decrypt-oaep-4096-sha512, + rsa-sign-pkcs1-2048-sha256, rsa-sign-pkcs1-3072-sha256, + rsa-sign-pkcs1-4096-sha256, rsa-sign-pkcs1-4096-sha512, + rsa-sign-pss-2048-sha256, rsa-sign-pss-3072-sha256, + rsa-sign-pss-4096-sha256, rsa-sign-pss-4096-sha512, + rsa-sign-raw-pkcs1-2048, rsa-sign-raw-pkcs1-3072, + rsa-sign-raw-pkcs1-4096. --destroy-scheduled-duration=DESTROY_SCHEDULED_DURATION The amount of time that versions of the key should spend in the diff --git a/gcloud/beta/kms/keys/update b/gcloud/beta/kms/keys/update index c598ff430..41087a343 100644 --- a/gcloud/beta/kms/keys/update +++ b/gcloud/beta/kms/keys/update @@ -175,16 +175,17 @@ FLAGS aes-256-ctr, aes-256-gcm, ec-sign-ed25519, ec-sign-p256-sha256, ec-sign-p384-sha384, ec-sign-secp256k1-sha256, external-symmetric-encryption, google-symmetric-encryption, hmac-sha1, - hmac-sha224, hmac-sha256, hmac-sha384, hmac-sha512, - rsa-decrypt-oaep-2048-sha1, rsa-decrypt-oaep-2048-sha256, - rsa-decrypt-oaep-3072-sha1, rsa-decrypt-oaep-3072-sha256, - rsa-decrypt-oaep-4096-sha1, rsa-decrypt-oaep-4096-sha256, - rsa-decrypt-oaep-4096-sha512, rsa-sign-pkcs1-2048-sha256, - rsa-sign-pkcs1-3072-sha256, rsa-sign-pkcs1-4096-sha256, - rsa-sign-pkcs1-4096-sha512, rsa-sign-pss-2048-sha256, - rsa-sign-pss-3072-sha256, rsa-sign-pss-4096-sha256, - rsa-sign-pss-4096-sha512, rsa-sign-raw-pkcs1-2048, - rsa-sign-raw-pkcs1-3072, rsa-sign-raw-pkcs1-4096. + hmac-sha224, hmac-sha256, hmac-sha384, hmac-sha512, pq-sign-ml-dsa-65, + pq-sign-slh-dsa-sha2-128s, rsa-decrypt-oaep-2048-sha1, + rsa-decrypt-oaep-2048-sha256, rsa-decrypt-oaep-3072-sha1, + rsa-decrypt-oaep-3072-sha256, rsa-decrypt-oaep-4096-sha1, + rsa-decrypt-oaep-4096-sha256, rsa-decrypt-oaep-4096-sha512, + rsa-sign-pkcs1-2048-sha256, rsa-sign-pkcs1-3072-sha256, + rsa-sign-pkcs1-4096-sha256, rsa-sign-pkcs1-4096-sha512, + rsa-sign-pss-2048-sha256, rsa-sign-pss-3072-sha256, + rsa-sign-pss-4096-sha256, rsa-sign-pss-4096-sha512, + rsa-sign-raw-pkcs1-2048, rsa-sign-raw-pkcs1-3072, + rsa-sign-raw-pkcs1-4096. --next-rotation-time=NEXT_ROTATION_TIME Next automatic rotation time of the key. See $ gcloud topic datetimes diff --git a/gcloud/beta/kms/keys/versions/get-public-key b/gcloud/beta/kms/keys/versions/get-public-key index 79e5376a7..cd0dd7cd0 100644 --- a/gcloud/beta/kms/keys/versions/get-public-key +++ b/gcloud/beta/kms/keys/versions/get-public-key @@ -5,22 +5,29 @@ NAME SYNOPSIS gcloud beta kms keys versions get-public-key VERSION [--key=KEY] [--keyring=KEYRING] [--location=LOCATION] [--output-file=OUTPUT_FILE] - [GCLOUD_WIDE_FLAG ...] + [--public-key-format=PUBLIC_KEY_FORMAT] [GCLOUD_WIDE_FLAG ...] DESCRIPTION - (BETA) Returns the PEM-format public key for the specified asymmetric key - version. + (BETA) Returns the public key of the given asymmetric key version in the + specified format. - The optional flag output-file indicates the path to store PEM. If not - specified. PEM will be printed to stdout. + The optional flag output-file indicates the path to store the public key. + If not specified, the public key will be printed to stdout. + + The optional flag public-key-format indicates the format in which the + public key will be returned. For the PQC algorithms, this must be specified + and set to NIST_PQC. For all other algorithms, this flag is optional and + defaults to PEM. See "Retrieve a public key" in the Cloud KMS documentation + (https://cloud.google.com/kms/docs/retrieve-public-key) for more + information about the supported formats. EXAMPLES The following command saves the public key for CryptoKey frodo Version 2 to - '/tmp/my/pem.file': + '/tmp/my/public_key.file': $ gcloud beta kms keys versions get-public-key 2 --key=frodo \ --keyring=fellowship --location=us-east1 \ - --output-file=/tmp/my/pem.file + --public-key-format=PEM --output-file=/tmp/my/public_key.file POSITIONAL ARGUMENTS VERSION @@ -37,7 +44,10 @@ FLAGS Location of the keyring. --output-file=OUTPUT_FILE - Path to the output file to store PEM. + Path to the output file to store public key. + + --public-key-format=PUBLIC_KEY_FORMAT + The format in which the public key will be returned. GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, diff --git a/gcloud/beta/kms/keys/versions/import b/gcloud/beta/kms/keys/versions/import index ba0bbae71..5d8ec9ecb 100644 --- a/gcloud/beta/kms/keys/versions/import +++ b/gcloud/beta/kms/keys/versions/import @@ -34,16 +34,17 @@ REQUIRED FLAGS aes-128-cbc, aes-128-ctr, aes-128-gcm, aes-256-cbc, aes-256-ctr, aes-256-gcm, ec-sign-ed25519, ec-sign-p256-sha256, ec-sign-p384-sha384, ec-sign-secp256k1-sha256, google-symmetric-encryption, hmac-sha1, - hmac-sha224, hmac-sha256, hmac-sha384, hmac-sha512, - rsa-decrypt-oaep-2048-sha1, rsa-decrypt-oaep-2048-sha256, - rsa-decrypt-oaep-3072-sha1, rsa-decrypt-oaep-3072-sha256, - rsa-decrypt-oaep-4096-sha1, rsa-decrypt-oaep-4096-sha256, - rsa-decrypt-oaep-4096-sha512, rsa-sign-pkcs1-2048-sha256, - rsa-sign-pkcs1-3072-sha256, rsa-sign-pkcs1-4096-sha256, - rsa-sign-pkcs1-4096-sha512, rsa-sign-pss-2048-sha256, - rsa-sign-pss-3072-sha256, rsa-sign-pss-4096-sha256, - rsa-sign-pss-4096-sha512, rsa-sign-raw-pkcs1-2048, - rsa-sign-raw-pkcs1-3072, rsa-sign-raw-pkcs1-4096. + hmac-sha224, hmac-sha256, hmac-sha384, hmac-sha512, pq-sign-ml-dsa-65, + pq-sign-slh-dsa-sha2-128s, rsa-decrypt-oaep-2048-sha1, + rsa-decrypt-oaep-2048-sha256, rsa-decrypt-oaep-3072-sha1, + rsa-decrypt-oaep-3072-sha256, rsa-decrypt-oaep-4096-sha1, + rsa-decrypt-oaep-4096-sha256, rsa-decrypt-oaep-4096-sha512, + rsa-sign-pkcs1-2048-sha256, rsa-sign-pkcs1-3072-sha256, + rsa-sign-pkcs1-4096-sha256, rsa-sign-pkcs1-4096-sha512, + rsa-sign-pss-2048-sha256, rsa-sign-pss-3072-sha256, + rsa-sign-pss-4096-sha256, rsa-sign-pss-4096-sha512, + rsa-sign-raw-pkcs1-2048, rsa-sign-raw-pkcs1-3072, + rsa-sign-raw-pkcs1-4096. --import-job=IMPORT_JOB Name of the import job to import from. diff --git a/gcloud/beta/network-security/backend-authentication-configs/create b/gcloud/beta/network-security/backend-authentication-configs/create new file mode 100644 index 000000000..147821604 --- /dev/null +++ b/gcloud/beta/network-security/backend-authentication-configs/create @@ -0,0 +1,94 @@ +NAME + gcloud beta network-security backend-authentication-configs create - create + a BackendAuthenticationConfig + +SYNOPSIS + gcloud beta network-security backend-authentication-configs create + (BACKEND_AUTHENTICATION_CONFIG : --location=LOCATION) [--async] + [--client-certificate=CLIENT_CERTIFICATE] [--description=DESCRIPTION] + [--labels=[KEY=VALUE,...]] [--trust-config=TRUST_CONFIG] + [--well-known-roots=WELL_KNOWN_ROOTS] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) Create a new BackendAuthenticationConfig. + +EXAMPLES + To create a config named backend-authentication-config, run: + + $ gcloud beta network-security backend-authentication-configs \ + create backend-authentication-config \ + --trust-config=projects/my-project/locations/global/\ + trustConfigs/my-trust-config --location=global + +POSITIONAL ARGUMENTS + Backend authentication config resource - Realm to be created. The + arguments in this group can be used to specify the attributes of this + resource. (NOTE) Some attributes are not given arguments in this group but + can be set in other ways. + + To set the project attribute: + ◆ provide the argument backend_authentication_config on the command + line with a fully specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + BACKEND_AUTHENTICATION_CONFIG + ID of the backend authentication config or fully qualified identifier + for the backend authentication config. + + To set the backend_authentication_config attribute: + ▸ provide the argument backend_authentication_config on the command + line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + The location Id. + + To set the location attribute: + ▸ provide the argument backend_authentication_config on the command + line with a fully specified name; + ▸ provide the argument --location on the command line. + +FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. + + --client-certificate=CLIENT_CERTIFICATE + ID of certificate resource. + + --description=DESCRIPTION + Description of the backend authentication config. + + --labels=[KEY=VALUE,...] + List of label KEY=VALUE pairs to add. + + --trust-config=TRUST_CONFIG + ID of trust config resource. + + --well-known-roots=WELL_KNOWN_ROOTS + Indicates whether the load balancer should trust backend server + certificates. WELL_KNOWN_ROOTS must be one of: none, public-roots. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +API REFERENCE + This command uses the networksecurity/v1beta1 API. The full documentation + for this API can be found at: https://cloud.google.com/networking + +NOTES + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud alpha network-security backend-authentication-configs create + diff --git a/gcloud/beta/network-security/backend-authentication-configs/delete b/gcloud/beta/network-security/backend-authentication-configs/delete new file mode 100644 index 000000000..53d1ffcd6 --- /dev/null +++ b/gcloud/beta/network-security/backend-authentication-configs/delete @@ -0,0 +1,79 @@ +NAME + gcloud beta network-security backend-authentication-configs delete - delete + BackendAuthenticationConfig + +SYNOPSIS + gcloud beta network-security backend-authentication-configs delete + (BACKEND_AUTHENTICATION_CONFIG : --location=LOCATION) [--async] + [--etag=ETAG] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) Delete the specified BackendAuthenticationConfig. + +EXAMPLES + To delete a BackendAuthenticationConfig called + 'my-backend-authentication-config', run: + + $ gcloud beta network-security backend-authentication-configs \ + delete my-backend-authentication-config --location=global + +POSITIONAL ARGUMENTS + Backend authentication config resource - Name of the + BackendAuthenticationConfig you want to delete. The arguments in this + group can be used to specify the attributes of this resource. (NOTE) Some + attributes are not given arguments in this group but can be set in other + ways. + + To set the project attribute: + ◆ provide the argument backend_authentication_config on the command + line with a fully specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + BACKEND_AUTHENTICATION_CONFIG + ID of the backend authentication config or fully qualified identifier + for the backend authentication config. + + To set the backend_authentication_config attribute: + ▸ provide the argument backend_authentication_config on the command + line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + The location Id. + + To set the location attribute: + ▸ provide the argument backend_authentication_config on the command + line with a fully specified name; + ▸ provide the argument --location on the command line. + +FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. + + --etag=ETAG + The entity-tag of the BackendAuthenticationConfig. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +API REFERENCE + This command uses the networksecurity/v1beta1 API. The full documentation + for this API can be found at: https://cloud.google.com/networking + +NOTES + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud alpha network-security backend-authentication-configs delete + diff --git a/gcloud/beta/network-security/backend-authentication-configs/describe b/gcloud/beta/network-security/backend-authentication-configs/describe new file mode 100644 index 000000000..33a2d7757 --- /dev/null +++ b/gcloud/beta/network-security/backend-authentication-configs/describe @@ -0,0 +1,71 @@ +NAME + gcloud beta network-security backend-authentication-configs describe - + describe BackendAuthenticationConfig + +SYNOPSIS + gcloud beta network-security backend-authentication-configs describe + (BACKEND_AUTHENTICATION_CONFIG : --location=LOCATION) + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) Describe the specified BackendAuthenticationConfig. + +EXAMPLES + To describe a BackendAuthenticationConfig called + 'my-backend-authentication-config', run: + + $ gcloud beta network-security backend-authentication-configs \ + describe my-backend-authentication-config --location=global + +POSITIONAL ARGUMENTS + Backend authentication config resource - The BackendAuthenticationConfig + you want to describe. The arguments in this group can be used to specify + the attributes of this resource. (NOTE) Some attributes are not given + arguments in this group but can be set in other ways. + + To set the project attribute: + ◆ provide the argument backend_authentication_config on the command + line with a fully specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + BACKEND_AUTHENTICATION_CONFIG + ID of the backend authentication config or fully qualified identifier + for the backend authentication config. + + To set the backend_authentication_config attribute: + ▸ provide the argument backend_authentication_config on the command + line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + The location Id. + + To set the location attribute: + ▸ provide the argument backend_authentication_config on the command + line with a fully specified name; + ▸ provide the argument --location on the command line. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +API REFERENCE + This command uses the networksecurity/v1beta1 API. The full documentation + for this API can be found at: https://cloud.google.com/networking + +NOTES + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud alpha network-security backend-authentication-configs \ + describe + diff --git a/gcloud/beta/network-security/backend-authentication-configs/export b/gcloud/beta/network-security/backend-authentication-configs/export new file mode 100644 index 000000000..ceb2b1b60 --- /dev/null +++ b/gcloud/beta/network-security/backend-authentication-configs/export @@ -0,0 +1,79 @@ +NAME + gcloud beta network-security backend-authentication-configs export - export + BackendAuthenticationConfig + +SYNOPSIS + gcloud beta network-security backend-authentication-configs export + (BACKEND_AUTHENTICATION_CONFIG : --location=LOCATION) + [--destination=DESTINATION] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) Export a BackendAuthenticationConfig. + +EXAMPLES + To export a BackendAuthenticationConfig, run: + + $ gcloud beta network-security backend-authentication-configs \ + export my-backend-authentication-config \ + --destination=my-backend-authentication-config.yaml \ + --location=global + +POSITIONAL ARGUMENTS + Backend authentication config resource - Name of the + BackendAuthenticationConfig to export. The arguments in this group can be + used to specify the attributes of this resource. (NOTE) Some attributes + are not given arguments in this group but can be set in other ways. + + To set the project attribute: + ◆ provide the argument backend_authentication_config on the command + line with a fully specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + BACKEND_AUTHENTICATION_CONFIG + ID of the backend authentication config or fully qualified identifier + for the backend authentication config. + + To set the backend_authentication_config attribute: + ▸ provide the argument backend_authentication_config on the command + line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + The location Id. + + To set the location attribute: + ▸ provide the argument backend_authentication_config on the command + line with a fully specified name; + ▸ provide the argument --location on the command line. + +FLAGS + --destination=DESTINATION + Path to a YAML file where the configuration will be exported. The + exported data will not contain any output-only fields. Alternatively, + you may omit this flag to write to standard output. For a schema + describing the export/import format, see + $CLOUDSDKROOT/lib/googlecloudsdk/schemas/... + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +API REFERENCE + This command uses the networksecurity/v1beta1 API. The full documentation + for this API can be found at: https://cloud.google.com/networking + +NOTES + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud alpha network-security backend-authentication-configs export + diff --git a/gcloud/beta/network-security/backend-authentication-configs/help b/gcloud/beta/network-security/backend-authentication-configs/help new file mode 100644 index 000000000..1fa0dbc6d --- /dev/null +++ b/gcloud/beta/network-security/backend-authentication-configs/help @@ -0,0 +1,43 @@ +NAME + gcloud beta network-security backend-authentication-configs - manage + Network Security BackendAuthenticationConfigs + +SYNOPSIS + gcloud beta network-security backend-authentication-configs COMMAND + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) Manage Network Security BackendAuthenticationConfigs. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --help. + + Run $ gcloud help for details. + +COMMANDS + COMMAND is one of the following: + + create + (BETA) Create a BackendAuthenticationConfig. + + delete + (BETA) Delete BackendAuthenticationConfig. + + describe + (BETA) Describe BackendAuthenticationConfig. + + export + (BETA) Export BackendAuthenticationConfig. + + import + (BETA) Import BackendAuthenticationConfigs. + + list + (BETA) List BackendAuthenticationConfigs. + +NOTES + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud alpha network-security backend-authentication-configs + diff --git a/gcloud/beta/network-security/backend-authentication-configs/import b/gcloud/beta/network-security/backend-authentication-configs/import new file mode 100644 index 000000000..bcc91264f --- /dev/null +++ b/gcloud/beta/network-security/backend-authentication-configs/import @@ -0,0 +1,85 @@ +NAME + gcloud beta network-security backend-authentication-configs import - import + BackendAuthenticationConfigs + +SYNOPSIS + gcloud beta network-security backend-authentication-configs import + (BACKEND_AUTHENTICATION_CONFIG : --location=LOCATION) [--async] + [--source=SOURCE] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) Import a BackendAuthenticationConfigs. + +EXAMPLES + To import a BackendAuthenticationConfigs from a YAML file, run: + + $ gcloud beta network-security backend-authentication-configs \ + import my-backend-authentication-config \ + --source=my-backend-authentication-config.yaml --location=global + +POSITIONAL ARGUMENTS + Backend authentication config resource - Name of the + BackendAuthenticationConfigs to import. The arguments in this group can be + used to specify the attributes of this resource. (NOTE) Some attributes + are not given arguments in this group but can be set in other ways. + + To set the project attribute: + ◆ provide the argument backend_authentication_config on the command + line with a fully specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + BACKEND_AUTHENTICATION_CONFIG + ID of the backend authentication config or fully qualified identifier + for the backend authentication config. + + To set the backend_authentication_config attribute: + ▸ provide the argument backend_authentication_config on the command + line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + The location Id. + + To set the location attribute: + ▸ provide the argument backend_authentication_config on the command + line with a fully specified name; + ▸ provide the argument --location on the command line. + +FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. + + --source=SOURCE + Path to a YAML file containing the configuration export data. The YAML + file must not contain any output-only fields. Alternatively, you may + omit this flag to read from standard input. For a schema describing the + export/import format, see: $CLOUDSDKROOT/lib/googlecloudsdk/schemas/... + + $CLOUDSDKROOT is can be obtained with the following command: + + $ gcloud info --format='value(installation.sdk_root)' + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +API REFERENCE + This command uses the networksecurity/v1beta1 API. The full documentation + for this API can be found at: https://cloud.google.com/networking + +NOTES + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud alpha network-security backend-authentication-configs import + diff --git a/gcloud/beta/network-security/backend-authentication-configs/list b/gcloud/beta/network-security/backend-authentication-configs/list new file mode 100644 index 000000000..77a2bf6db --- /dev/null +++ b/gcloud/beta/network-security/backend-authentication-configs/list @@ -0,0 +1,88 @@ +NAME + gcloud beta network-security backend-authentication-configs list - list + BackendAuthenticationConfigs + +SYNOPSIS + gcloud beta network-security backend-authentication-configs list + [--location=LOCATION] [--filter=EXPRESSION] [--limit=LIMIT] + [--page-size=PAGE_SIZE] [--sort-by=[FIELD,...]] [--uri] + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) List all BackendAuthenticationConfigs in the current project. + +EXAMPLES + To list BackendAuthenticationConfigs in the current project, run: + + $ gcloud beta network-security backend-authentication-configs list + +FLAGS + Location resource - The location of the BackendAuthenticationConfigs to + display. This represents a Cloud resource. (NOTE) Some attributes are not + given arguments in this group but can be set in other ways. + + To set the project attribute: + ◆ provide the argument --location on the command line with a fully + specified name; + ◆ if left empty, will use the wildcard '-' to list all locations with a + fully specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + --location=LOCATION + ID of the location or fully qualified identifier for the location. + + To set the location attribute: + ▸ provide the argument --location on the command line; + ▸ if left empty, will use the wildcard '-' to list all locations. + +LIST COMMAND FLAGS + --filter=EXPRESSION + Apply a Boolean filter EXPRESSION to each resource item to be listed. + If the expression evaluates True, then that item is listed. For more + details and examples of filter expressions, run $ gcloud topic filters. + This flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --limit=LIMIT + Maximum number of resources to list. The default is unlimited. This + flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --page-size=PAGE_SIZE + Some services group resource list output into pages. This flag + specifies the maximum number of resources per page. The default is + determined by the service if it supports paging, otherwise it is + unlimited (no paging). Paging may be applied before or after --filter + and --limit depending on the service. + + --sort-by=[FIELD,...] + Comma-separated list of resource field key names to sort by. The + default order is ascending. Prefix a field with ``~'' for descending + order on that field. This flag interacts with other flags that are + applied in this order: --flatten, --sort-by, --filter, --limit. + + --uri + Print a list of resource URIs instead of the default output, and change + the command output to a list of URIs. If this flag is used with + --format, the formatting is applied on this URI list. To display URIs + alongside other keys instead, use the uri() transform. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +API REFERENCE + This command uses the networksecurity/v1beta1 API. The full documentation + for this API can be found at: https://cloud.google.com/networking + +NOTES + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud alpha network-security backend-authentication-configs list + diff --git a/gcloud/beta/network-security/help b/gcloud/beta/network-security/help index 10f2f4719..c42aa8b7d 100644 --- a/gcloud/beta/network-security/help +++ b/gcloud/beta/network-security/help @@ -24,6 +24,9 @@ GROUPS authz-policies (BETA) Manage Network Security AuthzPolicy resources. + backend-authentication-configs + (BETA) Manage Network Security BackendAuthenticationConfigs. + client-tls-policies (BETA) Manage Network Security ClientTlsPolicies. diff --git a/gcloud/beta/network-security/security-profiles/custom-mirroring/create b/gcloud/beta/network-security/security-profiles/custom-mirroring/create index f9c62296a..6c2acdd9d 100644 --- a/gcloud/beta/network-security/security-profiles/custom-mirroring/create +++ b/gcloud/beta/network-security/security-profiles/custom-mirroring/create @@ -117,8 +117,10 @@ GCLOUD WIDE FLAGS Run $ gcloud help for details. NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud network-security security-profiles custom-mirroring create $ gcloud alpha network-security security-profiles custom-mirroring \ create diff --git a/gcloud/beta/network-security/security-profiles/custom-mirroring/delete b/gcloud/beta/network-security/security-profiles/custom-mirroring/delete index abae3f012..3d0ff2474 100644 --- a/gcloud/beta/network-security/security-profiles/custom-mirroring/delete +++ b/gcloud/beta/network-security/security-profiles/custom-mirroring/delete @@ -68,8 +68,10 @@ API REFERENCE for this API can be found at: https://cloud.google.com/networking NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud network-security security-profiles custom-mirroring delete $ gcloud alpha network-security security-profiles custom-mirroring \ delete diff --git a/gcloud/beta/network-security/security-profiles/custom-mirroring/describe b/gcloud/beta/network-security/security-profiles/custom-mirroring/describe index 57863ac0d..e2b01fe86 100644 --- a/gcloud/beta/network-security/security-profiles/custom-mirroring/describe +++ b/gcloud/beta/network-security/security-profiles/custom-mirroring/describe @@ -63,8 +63,10 @@ API REFERENCE for this API can be found at: https://cloud.google.com/networking NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud network-security security-profiles custom-mirroring describe $ gcloud alpha network-security security-profiles custom-mirroring \ describe diff --git a/gcloud/beta/network-security/security-profiles/custom-mirroring/help b/gcloud/beta/network-security/security-profiles/custom-mirroring/help index fea692c85..80a854a81 100644 --- a/gcloud/beta/network-security/security-profiles/custom-mirroring/help +++ b/gcloud/beta/network-security/security-profiles/custom-mirroring/help @@ -34,8 +34,10 @@ COMMANDS (BETA) Updates a Custom Mirroring Profile. NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud network-security security-profiles custom-mirroring $ gcloud alpha network-security security-profiles custom-mirroring diff --git a/gcloud/beta/network-security/security-profiles/custom-mirroring/list b/gcloud/beta/network-security/security-profiles/custom-mirroring/list index eb8c75620..1c0a35183 100644 --- a/gcloud/beta/network-security/security-profiles/custom-mirroring/list +++ b/gcloud/beta/network-security/security-profiles/custom-mirroring/list @@ -80,8 +80,10 @@ GCLOUD WIDE FLAGS Run $ gcloud help for details. NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud network-security security-profiles custom-mirroring list $ gcloud alpha network-security security-profiles custom-mirroring \ list diff --git a/gcloud/beta/network-security/security-profiles/custom-mirroring/update b/gcloud/beta/network-security/security-profiles/custom-mirroring/update index 7d8450c3d..b1cdf98ff 100644 --- a/gcloud/beta/network-security/security-profiles/custom-mirroring/update +++ b/gcloud/beta/network-security/security-profiles/custom-mirroring/update @@ -109,8 +109,10 @@ GCLOUD WIDE FLAGS Run $ gcloud help for details. NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud network-security security-profiles custom-mirroring update $ gcloud alpha network-security security-profiles custom-mirroring \ update diff --git a/gcloud/beta/network-security/security-profiles/threat-prevention/add-override b/gcloud/beta/network-security/security-profiles/threat-prevention/add-override index ba351d4d0..e9bcc39a0 100644 --- a/gcloud/beta/network-security/security-profiles/threat-prevention/add-override +++ b/gcloud/beta/network-security/security-profiles/threat-prevention/add-override @@ -7,15 +7,16 @@ SYNOPSIS add-override (SECURITY_PROFILE : --location=LOCATION --organization=ORGANIZATION) --action=ACTION - (--severities=[SEVERITY_LEVEL,...] | --threat-ids=[THREAT-ID,...]) - [--async] [--update-labels=[KEY=VALUE,...]] + (--antivirus=[PROTOCOL,...] | --severities=[SEVERITY_LEVEL,...] + | --threat-ids=[THREAT-ID,...]) [--async] + [--update-labels=[KEY=VALUE,...]] [--clear-labels | --remove-labels=[KEY,...]] [GCLOUD_WIDE_FLAG ...] DESCRIPTION - (BETA) Add severities or threat-ids to existing threat prevention profile - with intended action on each specified. Check the updates of add-override - command by using gcloud network-security security-profiles - threat-prevention list-override my-security-profile. + (BETA) Add antivirus, severities, or threat-ids to existing threat + prevention profile with intended action on each specified. Check the + updates of add-override command by using gcloud network-security + security-profiles threat-prevention list-override my-security-profile. For more examples, refer to the EXAMPLES section below. @@ -66,11 +67,15 @@ POSITIONAL ARGUMENTS REQUIRED FLAGS --action=ACTION - Action associated with severity or threat-id. ACTION must be one of: - DEFAULT_ACTION, ALLOW, ALERT, DENY. + Action associated with antivirus, severity, or threat-id. ACTION must + be one of: DEFAULT_ACTION, ALLOW, ALERT, DENY. Exactly one of these must be specified: + --antivirus=[PROTOCOL,...] + List of comma-separated protocols where each value in the list + indicates the protocol of the antivirus threat. + --severities=[SEVERITY_LEVEL,...] List of comma-separated severities where each value in the list indicates the severity of the threat. diff --git a/gcloud/beta/network-security/security-profiles/threat-prevention/delete-override b/gcloud/beta/network-security/security-profiles/threat-prevention/delete-override index a18a46b85..63b9276df 100644 --- a/gcloud/beta/network-security/security-profiles/threat-prevention/delete-override +++ b/gcloud/beta/network-security/security-profiles/threat-prevention/delete-override @@ -6,14 +6,15 @@ SYNOPSIS gcloud beta network-security security-profiles threat-prevention delete-override (SECURITY_PROFILE : --location=LOCATION --organization=ORGANIZATION) - (--severities=[SEVERITY_LEVEL,...] | --threat-ids=[THREAT-ID,...]) - [--async] [--update-labels=[KEY=VALUE,...]] + (--antivirus=[PROTOCOL,...] | --severities=[SEVERITY_LEVEL,...] + | --threat-ids=[THREAT-ID,...]) [--async] + [--update-labels=[KEY=VALUE,...]] [--clear-labels | --remove-labels=[KEY,...]] [GCLOUD_WIDE_FLAG ...] DESCRIPTION - (BETA) To delete existing severities or threat-ids of threat prevention - profile. Check the updates of update-override command by using gcloud - network-security security-profiles threat-prevention list-override + (BETA) To delete existing antivirus, severities, or threat-ids of threat + prevention profile. Check the updates of update-override command by using + gcloud network-security security-profiles threat-prevention list-override my-security-profile. For more examples, refer to the EXAMPLES section below. @@ -65,6 +66,10 @@ POSITIONAL ARGUMENTS REQUIRED FLAGS Exactly one of these must be specified: + --antivirus=[PROTOCOL,...] + List of comma-separated protocols where each value in the list + indicates the protocol of the antivirus threat. + --severities=[SEVERITY_LEVEL,...] List of comma-separated severities where each value in the list indicates the severity of the threat. diff --git a/gcloud/beta/network-security/security-profiles/threat-prevention/list-overrides b/gcloud/beta/network-security/security-profiles/threat-prevention/list-overrides index 8b82799b6..e7aceae1d 100644 --- a/gcloud/beta/network-security/security-profiles/threat-prevention/list-overrides +++ b/gcloud/beta/network-security/security-profiles/threat-prevention/list-overrides @@ -9,8 +9,8 @@ SYNOPSIS [GCLOUD_WIDE_FLAG ...] DESCRIPTION - (BETA) To list existing severities or threat-ids of threat prevention - profile. + (BETA) To list existing antivirus, severities, or threat-ids of threat + prevention profile. For more examples, refer to the EXAMPLES section below. diff --git a/gcloud/beta/network-security/security-profiles/threat-prevention/update-override b/gcloud/beta/network-security/security-profiles/threat-prevention/update-override index fd2a39ca4..66c55dfde 100644 --- a/gcloud/beta/network-security/security-profiles/threat-prevention/update-override +++ b/gcloud/beta/network-security/security-profiles/threat-prevention/update-override @@ -7,15 +7,16 @@ SYNOPSIS update-override (SECURITY_PROFILE : --location=LOCATION --organization=ORGANIZATION) --action=ACTION - (--severities=[SEVERITY_LEVEL,...] | --threat-ids=[THREAT-ID,...]) - [--async] [--update-labels=[KEY=VALUE,...]] + (--antivirus=[PROTOCOL,...] | --severities=[SEVERITY_LEVEL,...] + | --threat-ids=[THREAT-ID,...]) [--async] + [--update-labels=[KEY=VALUE,...]] [--clear-labels | --remove-labels=[KEY,...]] [GCLOUD_WIDE_FLAG ...] DESCRIPTION - (BETA) To update existing severities or threat-ids of threat prevention - profile with intended action on each specified. Check the updates of - update-override command by using gcloud network-security security-profiles - threat-prevention list-override my-security-profile. + (BETA) To update existing antivirus, severities, or threat-ids of threat + prevention profile with intended action on each specified. Check the + updates of update-override command by using gcloud network-security + security-profiles threat-prevention list-override my-security-profile. For more examples, refer to the EXAMPLES section below. @@ -66,11 +67,15 @@ POSITIONAL ARGUMENTS REQUIRED FLAGS --action=ACTION - Action associated with severity or threat-id. ACTION must be one of: - DEFAULT_ACTION, ALLOW, ALERT, DENY. + Action associated with antivirus, severity, or threat-id. ACTION must + be one of: DEFAULT_ACTION, ALLOW, ALERT, DENY. Exactly one of these must be specified: + --antivirus=[PROTOCOL,...] + List of comma-separated protocols where each value in the list + indicates the protocol of the antivirus threat. + --severities=[SEVERITY_LEVEL,...] List of comma-separated severities where each value in the list indicates the severity of the threat. diff --git a/gcloud/beta/run/deploy b/gcloud/beta/run/deploy index 004c1f18d..ed1d0929c 100644 --- a/gcloud/beta/run/deploy +++ b/gcloud/beta/run/deploy @@ -425,7 +425,7 @@ FLAGS --gpu=GPU Cloud Run supports values 0 or 1. 1 gpu also requires a minimum 4 - --cpu value 1 gpu also requires a minimum 8Gi --memory value. + --cpu value and a minimum 8Gi --memory value. --liveness-probe=[KEY=VALUE,...] Comma separated settings for liveness probe in the form KEY=VALUE. diff --git a/gcloud/beta/run/services/update b/gcloud/beta/run/services/update index 2898ee5ac..1fc437a95 100644 --- a/gcloud/beta/run/services/update +++ b/gcloud/beta/run/services/update @@ -393,7 +393,7 @@ FLAGS --gpu=GPU Cloud Run supports values 0 or 1. 1 gpu also requires a minimum 4 - --cpu value 1 gpu also requires a minimum 8Gi --memory value. + --cpu value and a minimum 8Gi --memory value. --image=IMAGE Name of the container image to deploy (e.g. diff --git a/gcloud/beta/sql/export/help b/gcloud/beta/sql/export/help index 25a3bda9e..1929e35a5 100644 --- a/gcloud/beta/sql/export/help +++ b/gcloud/beta/sql/export/help @@ -24,6 +24,10 @@ COMMANDS sql (BETA) Exports data from a Cloud SQL instance to a SQL file. + tde + (BETA) Export a TDE certificate from a Cloud SQL for SQL Server + instance. + NOTES This command is currently in beta and might change without notice. These variants are also available: diff --git a/gcloud/beta/sql/export/tde b/gcloud/beta/sql/export/tde new file mode 100644 index 000000000..051498316 --- /dev/null +++ b/gcloud/beta/sql/export/tde @@ -0,0 +1,92 @@ +NAME + gcloud beta sql export tde - export a TDE certificate from a Cloud SQL for + SQL Server instance + +SYNOPSIS + gcloud beta sql export tde INSTANCE + (--cert-path=CERT_PATH --certificate=CERTIFICATE + --pvk-path=PVK_PATH (--prompt-for-pvk-password + | --pvk-password=PVK_PASSWORD)) [--async] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) Exports a TDE certificate from a Cloud SQL instance to a Google + Cloud Storage bucket. This is only supported for SQL Server. + +EXAMPLES + To export a TDE certificate with the name foo and private key password + my-pvk-password in the Cloud SQL instance my-instance to certificate path + my-bucket/my-cert.cert and private key path my-bucket/my-key.pvk, run: + + $ gcloud beta sql export tde my-instance --certificate=foo \ + --cert-path=gs://my-bucket/my-cert.cert \ + --pvk-path=gs://my-bucket/my-key.pvk \ + --pvk-password=my-pvk-password + + To export a TDE certificate with the name foo and private key password + my-pvk-password in the Cloud SQL instance my-instance and prompting for the + private key password, run: + + $ gcloud beta sql export tde my-instance --certificate=foo \ + --cert-path=gs://my-bucket/my-cert.cert \ + --pvk-path=gs://my-bucket/my-key.pvk --prompt-for-pvk-password + +POSITIONAL ARGUMENTS + INSTANCE + Cloud SQL instance ID. + +REQUIRED FLAGS + Encryption info to support importing a TDE certificate file + + This must be specified. + + --cert-path=CERT_PATH + Path to the encryption certificate file in Google Cloud Storage. The + URI is in the form gs://bucketName/fileName. + + This flag argument must be specified if any of the other arguments in + this group are specified. + + --certificate=CERTIFICATE + Name of the encryption certificate. + + This flag argument must be specified if any of the other arguments in + this group are specified. + + --pvk-path=PVK_PATH + Path to the encryption private key file in Google Cloud Storage. The + URI is in the form gs://bucketName/fileName. + + This flag argument must be specified if any of the other arguments in + this group are specified. + + Exactly one of these must be specified: + + --prompt-for-pvk-password + Prompt for the private key password associated with the certificate + file with character echo disabled. The password is all typed + characters up to but not including the RETURN or ENTER key. + + --pvk-password=PVK_PASSWORD + The private key password associated with the certificate file. + +OPTIONAL FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud sql export tde + + $ gcloud alpha sql export tde + diff --git a/gcloud/beta/sql/import/bak b/gcloud/beta/sql/import/bak index 1420d517e..6bca2879b 100644 --- a/gcloud/beta/sql/import/bak +++ b/gcloud/beta/sql/import/bak @@ -4,9 +4,9 @@ NAME SYNOPSIS gcloud beta sql import bak INSTANCE [URI] --database=DATABASE, -d DATABASE - [--async] [--bak-type=BAK_TYPE; default="FULL"] [--no-recovery] - [--recovery-only] [--stop-at=STOP_AT] [--stop-at-mark=STOP_AT_MARK] - [--[no-]striped] + [--async] [--bak-type=BAK_TYPE; default="FULL"] [--keep-encrypted] + [--no-recovery] [--recovery-only] [--stop-at=STOP_AT] + [--stop-at-mark=STOP_AT_MARK] [--[no-]striped] [--cert-path=CERT_PATH --pvk-path=PVK_PATH (--prompt-for-pvk-password | --pvk-password=PVK_PASSWORD)] [GCLOUD_WIDE_FLAG ...] @@ -56,6 +56,9 @@ OPTIONAL FLAGS Type of bak file that will be imported. Applicable to SQL Server only. BAK_TYPE must be one of: FULL, DIFF, TLOG. + --keep-encrypted + Whether or not to decrypt the imported encrypted BAK file. + --no-recovery Whether or not the SQL Server import is execueted with NORECOVERY keyword. diff --git a/gcloud/beta/sql/import/help b/gcloud/beta/sql/import/help index b5734263c..93c775f4a 100644 --- a/gcloud/beta/sql/import/help +++ b/gcloud/beta/sql/import/help @@ -24,6 +24,9 @@ COMMANDS sql (BETA) Imports data into a Cloud SQL instance from a SQL dump file. + tde + (BETA) Import TDE certificate into a Cloud SQL for SQL Server instance. + NOTES This command is currently in beta and might change without notice. These variants are also available: diff --git a/gcloud/beta/sql/import/tde b/gcloud/beta/sql/import/tde new file mode 100644 index 000000000..47ee42c97 --- /dev/null +++ b/gcloud/beta/sql/import/tde @@ -0,0 +1,96 @@ +NAME + gcloud beta sql import tde - import TDE certificate into a Cloud SQL for + SQL Server instance + +SYNOPSIS + gcloud beta sql import tde INSTANCE + (--cert-path=CERT_PATH --certificate=CERTIFICATE + --pvk-path=PVK_PATH (--prompt-for-pvk-password + | --pvk-password=PVK_PASSWORD)) [--async] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) gcloud beta sql import tde imports a TDE certificate into a Cloud + SQL instance from a certificate file in Google Cloud Storage. + + For detailed help on importing data into Cloud SQL, refer to this guide: + https://cloud.google.com/sql/docs/sqlserver/import-export/importing + +EXAMPLES + To import a TDE certificate with the name foo and certificate path + my-bucket/my-cert.cert and private key path my-bucket/my-key.pvk and pvk + password my-pvk-password into the Cloud SQL instance my-instance, run: + + $ gcloud beta sql import tde my-instance --certificate=foo \ + --cert-path=gs://my-bucket/my-cert.cert \ + --pvk-path=gs://my-bucket/my-key.pvk \ + --pvk-password=my-pvk-password + + To import a TDE certificate with the name foo and certificate path + my-bucket/my-cert.cert and private key path my-bucket/my-key.pvk into the + Cloud SQL instance my-instance and prompting for the private key password, + run: + + $ gcloud beta sql import tde my-instance --certificate=foo \ + --cert-path=gs://my-bucket/my-cert.cert \ + --pvk-path=gs://my-bucket/my-key.pvk --prompt-for-pvk-password + +POSITIONAL ARGUMENTS + INSTANCE + Cloud SQL instance ID. + +REQUIRED FLAGS + Encryption info to support importing a TDE certificate file + + This must be specified. + + --cert-path=CERT_PATH + Path to the encryption certificate file in Google Cloud Storage. The + URI is in the form gs://bucketName/fileName. + + This flag argument must be specified if any of the other arguments in + this group are specified. + + --certificate=CERTIFICATE + Name of the encryption certificate. + + This flag argument must be specified if any of the other arguments in + this group are specified. + + --pvk-path=PVK_PATH + Path to the encryption private key file in Google Cloud Storage. The + URI is in the form gs://bucketName/fileName. + + This flag argument must be specified if any of the other arguments in + this group are specified. + + Exactly one of these must be specified: + + --prompt-for-pvk-password + Prompt for the private key password associated with the certificate + file with character echo disabled. The password is all typed + characters up to but not including the RETURN or ENTER key. + + --pvk-password=PVK_PASSWORD + The private key password associated with the certificate file. + +OPTIONAL FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud sql import tde + + $ gcloud alpha sql import tde + diff --git a/gcloud/beta/sql/instances/patch b/gcloud/beta/sql/instances/patch index 36a6c8879..1cdd1cdd8 100644 --- a/gcloud/beta/sql/instances/patch +++ b/gcloud/beta/sql/instances/patch @@ -26,6 +26,7 @@ SYNOPSIS [--[no-]enable-private-service-connect] [--failover-dr-replica-name=FAILOVER_DR_REPLICA_NAME] [--follow-gae-app=FOLLOW_GAE_APP] + [--[no-]include-replicas-for-major-version-upgrade] [--[no-]insights-config-query-insights-enabled] [--insights-config-query-plans-per-minute=INSIGHTS_CONFIG_QUERY_PLANS_PER_MINUTE] [--insights-config-query-string-length=INSIGHTS_CONFIG_QUERY_STRING_LENGTH] @@ -245,6 +246,14 @@ FLAGS should follow. It must be in the same region as the instance. WARNING: Instance may be restarted. + --[no-]include-replicas-for-major-version-upgrade + Enable the major version upgrade of replicas when the in-place major + version upgrade of a primary instance is initated with + --database-version. Use --include-replicas-for-major-version-upgrade to + enable and --no-include-replicas-for-major--version-upgrade to disable. + Use --include-replicas-for-major-version-upgrade to enable and + --no-include-replicas-for-major-version-upgrade to disable. + --[no-]insights-config-query-insights-enabled Enable query insights feature to provide query and query plan analytics. diff --git a/gcloud/beta/workbench/executions/create b/gcloud/beta/workbench/executions/create new file mode 100644 index 000000000..a7fc4d2d3 --- /dev/null +++ b/gcloud/beta/workbench/executions/create @@ -0,0 +1,245 @@ +NAME + gcloud beta workbench executions create - create a Workbench execution + +SYNOPSIS + gcloud beta workbench executions create --region=REGION + (--display-name=DISPLAY_NAME --gcs-output-uri=GCS_OUTPUT_URI + --service-account=SERVICE_ACCOUNT (--direct-content=DIRECT_CONTENT + | [--gcs-notebook-uri=GCS_NOTEBOOK_URI : --generation=GENERATION]) + : --execution-timeout=EXECUTION_TIMEOUT; default="24h" + --kernel-name=KERNEL_NAME; default="python3" + --accelerator-count=ACCELERATOR_COUNT + --accelerator-type=ACCELERATOR_TYPE --machine-type=MACHINE_TYPE; + default="e2-standard-4" --disk-size-gb=DISK_SIZE_GB; default=100 + --disk-type=DISK_TYPE; default="PD_STANDARD" + --no-enable-internet-access + --network=NETWORK [--subnetwork=SUBNETWORK + : --subnetwork-region=SUBNETWORK_REGION] [--kms-key=KMS_KEY + : --kms-keyring=KMS_KEYRING + --kms-location=KMS_LOCATION --kms-project=KMS_PROJECT]) [--async] + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) Create a Workbench notebook execution. + +EXAMPLES + To create an execution of a notebook file with Cloud Storage URI + gs://my-bucket/my-notebook.ipynb, with an execution job display name + my-execution, running with service account + my-service-account@my-project.iam.gserviceaccount.com, with results + uploaded to Cloud Storage bucket gs://my-bucket/results, and in region + us-central1, with a compute configuration of n1-standard-4 machine type: + + $ gcloud beta workbench executions create \ + --display-name=my-execution \ + --gcs-notebook-uri=gs://my-bucket/my-notebook.ipynb \ + --service-account=my-service-account@my-project.iam.gserviceacco\ + unt.com --gcs-output-uri=gs://my-bucket/results \ + --region=us-central1 --machine-type=n1-standard-4 + +REQUIRED FLAGS + Region resource - Cloud region to create. This represents a Cloud + resource. (NOTE) Some attributes are not given arguments in this group but + can be set in other ways. + + To set the project attribute: + ◆ provide the argument --region on the command line with a fully + specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + --region=REGION + ID of the region or fully qualified identifier for the region. + + To set the region attribute: + ▸ provide the argument --region on the command line. + + Configuration of the execution job. + + This must be specified. + + --display-name=DISPLAY_NAME + The display name of the execution. + + This flag argument must be specified if any of the other arguments in + this group are specified. + + --gcs-output-uri=GCS_OUTPUT_URI + The Cloud Storage location to upload notebook execution results to. + Format: gs://bucket-name. + + This flag argument must be specified if any of the other arguments in + this group are specified. + + --service-account=SERVICE_ACCOUNT + The service account to run the execution as + + This flag argument must be specified if any of the other arguments in + this group are specified. + + --execution-timeout=EXECUTION_TIMEOUT; default="24h" + The max running time of the execution job, as a duration. See '$ + gcloud topic datetimes' for details on formatting the input duration. + + --kernel-name=KERNEL_NAME; default="python3" + The kernel name to use for the execution. + + Source of the notebook to execute. + + Exactly one of these must be specified: + + --direct-content=DIRECT_CONTENT + The direct notebook content as IPYNB. This can be a local filepath + to an .ipynb file or can be set to - to read content from stdin. + + The Cloud Storage notebook source. + + --gcs-notebook-uri=GCS_NOTEBOOK_URI + The Cloud Storage uri pointing to the notebook. Format: + gs://bucket/notebook_file.ipynb + + This flag argument must be specified if any of the other + arguments in this group are specified. + + --generation=GENERATION + The version of the Cloud Storage object to read. If unset, the + current version of the object will be used. + + Compute configuration of the execution job. + + The machine configuration of the runtime. + + --accelerator-count=ACCELERATOR_COUNT + The number of accelerators used by the runtime. + + --accelerator-type=ACCELERATOR_TYPE + The type of hardware accelerator used by the runtime. If + specified, --accelerator-count must also be specified. + ACCELERATOR_TYPE must be one of: NVIDIA_TESLA_V100, + NVIDIA_TESLA_T4, NVIDIA_TESLA_A100, NVIDIA_A100_80GB, NVIDIA_L4. + + --machine-type=MACHINE_TYPE; default="e2-standard-4" + The Compute Engine machine type selected for the runtime. + + The configuration for the data disk of the runtime. + + --disk-size-gb=DISK_SIZE_GB; default=100 + The disk size of the runtime in GB. If specified, the --disk-type + must also be specified. The minimum size is 10GB and the maximum + is 65536GB. + + --disk-type=DISK_TYPE; default="PD_STANDARD" + The type of the persistent disk. DISK_TYPE must be one of: + PD_STANDARD, PD_SSD, PD_BALANCED, PD_EXTREME. + + The network configuration for the runtime. + + --enable-internet-access + Enable public internet access for the runtime. Enabled by + default, use --no-enable-internet-access to disable. + + Network resource - The name of the VPC that this runtime is in. This + represents a Cloud resource. (NOTE) Some attributes are not given + arguments in this group but can be set in other ways. + + To set the project attribute: + ◇ provide the argument --network on the command line with a fully + specified name; + ◇ provide the argument --project on the command line; + ◇ set the property core/project. + + --network=NETWORK + ID of the network or fully qualified identifier for the + network. + + To set the network attribute: + ▹ provide the argument --network on the command line. + + Subnetwork resource - The name of the subnetwork that this runtime + is in. The arguments in this group can be used to specify the + attributes of this resource. (NOTE) Some attributes are not given + arguments in this group but can be set in other ways. + + To set the project attribute: + ◇ provide the argument --subnetwork on the command line with a + fully specified name; + ◇ provide the argument --project on the command line; + ◇ set the property core/project. + + --subnetwork=SUBNETWORK + ID of the subnetwork or fully qualified identifier for the + subnetwork. + + To set the subnetwork attribute: + ▹ provide the argument --subnetwork on the command line. + + This flag argument must be specified if any of the other + arguments in this group are specified. + + --subnetwork-region=SUBNETWORK_REGION + Google Cloud region of this subnetwork + https://cloud.google.com/compute/docs/regions-zones/#locations. + + To set the subnetwork-region attribute: + ▹ provide the argument --subnetwork on the command line with + a fully specified name; + ▹ provide the argument --subnetwork-region on the command + line. + + Key resource - The Cloud KMS encryption key (customer-managed encryption + key) used to protect the execution. The key must be in the same region + as the execution. If not specified, Google-managed encryption will be + used. The arguments in this group can be used to specify the attributes + of this resource. + + --kms-key=KMS_KEY + ID of the key or fully qualified identifier for the key. + + To set the kms-key attribute: + ▫ provide the argument --kms-key on the command line. + + This flag argument must be specified if any of the other arguments + in this group are specified. + + --kms-keyring=KMS_KEYRING + KMS keyring id of the key. + + To set the kms-keyring attribute: + ▫ provide the argument --kms-key on the command line with a fully + specified name; + ▫ provide the argument --kms-keyring on the command line. + + --kms-location=KMS_LOCATION + Cloud location for the key. + + To set the kms-location attribute: + ▫ provide the argument --kms-key on the command line with a fully + specified name; + ▫ provide the argument --kms-location on the command line. + + --kms-project=KMS_PROJECT + Cloud project id for the key. + + To set the kms-project attribute: + ▫ provide the argument --kms-key on the command line with a fully + specified name; + ▫ provide the argument --kms-project on the command line. + +OPTIONAL FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in beta and might change without notice. + diff --git a/gcloud/beta/workbench/executions/delete b/gcloud/beta/workbench/executions/delete new file mode 100644 index 000000000..bbe846e21 --- /dev/null +++ b/gcloud/beta/workbench/executions/delete @@ -0,0 +1,64 @@ +NAME + gcloud beta workbench executions delete - delete an execution + +SYNOPSIS + gcloud beta workbench executions delete (EXECUTION : --region=REGION) + [--async] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) Delete a Workbench notebook execution. + +EXAMPLES + To delete an execution with id my-execution, in region us-central1, run: + + $ gcloud beta workbench executions delete my-execution \ + --region=us-central1 + +POSITIONAL ARGUMENTS + Notebook execution job resource - Unique resource name of the execution to + delete. The arguments in this group can be used to specify the attributes + of this resource. (NOTE) Some attributes are not given arguments in this + group but can be set in other ways. + + To set the project attribute: + ◆ provide the argument execution on the command line with a fully + specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + EXECUTION + ID of the notebook execution job or fully qualified identifier for + the notebook execution job. + + To set the name attribute: + ▸ provide the argument execution on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --region=REGION + Cloud region for the notebook execution job. + + To set the region attribute: + ▸ provide the argument execution on the command line with a fully + specified name; + ▸ provide the argument --region on the command line. + +FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in beta and might change without notice. + diff --git a/gcloud/beta/workbench/executions/describe b/gcloud/beta/workbench/executions/describe new file mode 100644 index 000000000..768c8f9a7 --- /dev/null +++ b/gcloud/beta/workbench/executions/describe @@ -0,0 +1,60 @@ +NAME + gcloud beta workbench executions describe - describe an execution + +SYNOPSIS + gcloud beta workbench executions describe (EXECUTION : --region=REGION) + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) Describe a Workbench notebook execution. + +EXAMPLES + To describe a notebook execution with id my-execution in region + us-central1, run: + + $ gcloud beta workbench executions describe my-execution \ + --region=us-central1 + +POSITIONAL ARGUMENTS + Notebook execution job resource - Unique resource name of the execution to + describe. The arguments in this group can be used to specify the + attributes of this resource. (NOTE) Some attributes are not given + arguments in this group but can be set in other ways. + + To set the project attribute: + ◆ provide the argument execution on the command line with a fully + specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + EXECUTION + ID of the notebook execution job or fully qualified identifier for + the notebook execution job. + + To set the name attribute: + ▸ provide the argument execution on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --region=REGION + Cloud region for the notebook execution job. + + To set the region attribute: + ▸ provide the argument execution on the command line with a fully + specified name; + ▸ provide the argument --region on the command line. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in beta and might change without notice. + diff --git a/gcloud/beta/workbench/executions/help b/gcloud/beta/workbench/executions/help new file mode 100644 index 000000000..9c95c9098 --- /dev/null +++ b/gcloud/beta/workbench/executions/help @@ -0,0 +1,32 @@ +NAME + gcloud beta workbench executions - workbench executions command group + +SYNOPSIS + gcloud beta workbench executions COMMAND [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) Workbench executions command group. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --help. + + Run $ gcloud help for details. + +COMMANDS + COMMAND is one of the following: + + create + (BETA) Create a Workbench execution. + + delete + (BETA) Delete an execution. + + describe + (BETA) Describe an execution. + + list + (BETA) List your notebook execution jobs. + +NOTES + This command is currently in beta and might change without notice. + diff --git a/gcloud/beta/workbench/executions/list b/gcloud/beta/workbench/executions/list new file mode 100644 index 000000000..eb80bb1c7 --- /dev/null +++ b/gcloud/beta/workbench/executions/list @@ -0,0 +1,78 @@ +NAME + gcloud beta workbench executions list - list your notebook execution jobs + +SYNOPSIS + gcloud beta workbench executions list --region=REGION [--filter=EXPRESSION] + [--limit=LIMIT] [--page-size=PAGE_SIZE] [--sort-by=[FIELD,...]] [--uri] + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) List your project's Workbench executions in a given region. + +EXAMPLES + To list your executions in region us-central1, run: + + $ gcloud beta workbench executions list --region=us-central1 + +REQUIRED FLAGS + Region resource - Cloud region for which to list all executions. This + represents a Cloud resource. (NOTE) Some attributes are not given + arguments in this group but can be set in other ways. + + To set the project attribute: + ◆ provide the argument --region on the command line with a fully + specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + --region=REGION + ID of the region or fully qualified identifier for the region. + + To set the region attribute: + ▸ provide the argument --region on the command line. + +LIST COMMAND FLAGS + --filter=EXPRESSION + Apply a Boolean filter EXPRESSION to each resource item to be listed. + If the expression evaluates True, then that item is listed. For more + details and examples of filter expressions, run $ gcloud topic filters. + This flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --limit=LIMIT + Maximum number of resources to list. The default is unlimited. This + flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --page-size=PAGE_SIZE + Some services group resource list output into pages. This flag + specifies the maximum number of resources per page. The default is + determined by the service if it supports paging, otherwise it is + unlimited (no paging). Paging may be applied before or after --filter + and --limit depending on the service. + + --sort-by=[FIELD,...] + Comma-separated list of resource field key names to sort by. The + default order is ascending. Prefix a field with ``~'' for descending + order on that field. This flag interacts with other flags that are + applied in this order: --flatten, --sort-by, --filter, --limit. + + --uri + Print a list of resource URIs instead of the default output, and change + the command output to a list of URIs. If this flag is used with + --format, the formatting is applied on this URI list. To display URIs + alongside other keys instead, use the uri() transform. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in beta and might change without notice. + diff --git a/gcloud/beta/workbench/help b/gcloud/beta/workbench/help index 975dce8c4..d03a4425f 100644 --- a/gcloud/beta/workbench/help +++ b/gcloud/beta/workbench/help @@ -12,6 +12,15 @@ GCLOUD WIDE FLAGS Run $ gcloud help for details. +GROUPS + GROUP is one of the following: + + executions + (BETA) Workbench executions command group. + + schedules + (BETA) Workbench schedules command group. + NOTES This command is currently in beta and might change without notice. This variant is also available: diff --git a/gcloud/beta/workbench/schedules/create b/gcloud/beta/workbench/schedules/create new file mode 100644 index 000000000..1aa2a21f3 --- /dev/null +++ b/gcloud/beta/workbench/schedules/create @@ -0,0 +1,305 @@ +NAME + gcloud beta workbench schedules create - create a schedule + +SYNOPSIS + gcloud beta workbench schedules create --region=REGION + (--cron-schedule=CRON_SCHEDULE --display-name=DISPLAY_NAME + (--execution-display-name=EXECUTION_DISPLAY_NAME + --gcs-output-uri=GCS_OUTPUT_URI --service-account=SERVICE_ACCOUNT + ([--gcs-notebook-uri=GCS_NOTEBOOK_URI : --generation=GENERATION]) + : --execution-timeout=EXECUTION_TIMEOUT; default="24h" + --kernel-name=KERNEL_NAME; default="python3" + --accelerator-count=ACCELERATOR_COUNT + --accelerator-type=ACCELERATOR_TYPE --machine-type=MACHINE_TYPE; + default="e2-standard-4" --disk-size-gb=DISK_SIZE_GB; default=100 + --disk-type=DISK_TYPE; default="PD_STANDARD" + --no-enable-internet-access + --network=NETWORK [--subnetwork=SUBNETWORK + : --subnetwork-region=SUBNETWORK_REGION] [--kms-key=KMS_KEY + : --kms-keyring=KMS_KEYRING + --kms-location=KMS_LOCATION --kms-project=KMS_PROJECT]) + : --enable-queueing --end-time=END_TIME + --max-concurrent-runs=MAX_CONCURRENT_RUNS; + default=1 --max-runs=MAX_RUNS --start-time=START_TIME) + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) Create a schedule to run a Workbench notebook execution job. + +EXAMPLES + To create a schedule in region us-central1 with the following schedule + properties: + ▪ display name: my-schedule, + ▪ cron schedule: TZ=America/Los_Angeles * * * * *, + ▪ maximum concurrent runs allowed: 1, + ▪ start time: 2025-01-01T00:00:00-06:00, + + for a notebook execution job: + ▪ with display name my-execution, + ▪ running notebook file from Cloud Storage URI + gs://my-bucket/my-notebook.ipynb, + ▪ running with service account + my-service-account@my-project.iam.gserviceaccount.com, + ▪ with results uploaded to Cloud Storage bucket gs://my-bucket/results + ▪ with machine type n1-standard-4, + + Run the following command: $ gcloud beta workbench schedules create --region=us-central1 \ + --display-name=my-schedule \ + --cron-schedule='TZ=America/Los_Angeles * * * * *' \ + --max-concurrent-runs=1 --start-time=2025-01-01T00:00:00-06:00 \ + --execution-display-name=my-execution \ + --gcs-notebook-uri=gs://my-bucket/my-notebook.ipynb \ + --service-account=my-service-account@my-project.iam.gserviceacco\ + unt.com --gcs-output-uri=gs://my-bucket/results \ + --machine-type=n1-standard-4 + +REQUIRED FLAGS + Region resource - Cloud region to create. This represents a Cloud + resource. (NOTE) Some attributes are not given arguments in this group but + can be set in other ways. + + To set the project attribute: + ◆ provide the argument --region on the command line with a fully + specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + --region=REGION + ID of the region or fully qualified identifier for the region. + + To set the region attribute: + ▸ provide the argument --region on the command line. + + Configuration of the schedule. + + This must be specified. + + --cron-schedule=CRON_SCHEDULE + Cron schedule (https://en.wikipedia.org/wiki/Cron) to launch + scheduled runs. To explicitly set a timezone to the cron tab, apply a + prefix in the cron tab: "CRON_TZ=${IANA_TIME_ZONE}" or + "TZ=${IANA_TIME_ZONE}". The ${IANA_TIME_ZONE} may only be a valid + string from IANA time zone database. For example, + "CRON_TZ=America/New_York 1 * * * ", or "TZ=America/New_York 1 * * * + ". + + This flag argument must be specified if any of the other arguments in + this group are specified. + + --display-name=DISPLAY_NAME + The display name of the schedule. + + This flag argument must be specified if any of the other arguments in + this group are specified. + + --enable-queueing + Enables new scheduled runs to be queued when max_concurrent_runs + limit is reached. If set to true, new runs will be queued instead of + skipped. + + --end-time=END_TIME + Timestamp after which no new runs can be scheduled. If specified, the + schedule will be completed when either end_time is reached or when + scheduled_run_count >= max_run_count. If neither end time nor + max_run_count is specified, new runs will keep getting scheduled + until this Schedule is paused or deleted. Must be in the RFC 3339 + (https://www.ietf.org/rfc/rfc3339.txt) format. E.g. + "2026-01-01T00:00:00Z" or "2026-01-01T00:00:00-05:00" + + --max-concurrent-runs=MAX_CONCURRENT_RUNS; default=1 + Maximum number of runs that can be started concurrently for this + Schedule. This is the limit for starting the scheduled requests and + not the execution of the notebook execution jobs created by the + requests. + + --max-runs=MAX_RUNS + The max runs for the schedule. + + --start-time=START_TIME + The timestamp after which the first run can be scheduled. Defaults to + the schedule creation time. Must be in the RFC 3339 + (https://www.ietf.org/rfc/rfc3339.txt) format. E.g. + "2026-01-01T00:00:00Z" or "2026-01-01T00:00:00-05:00" + + Configuration of the execution job. + + This must be specified. + + --execution-display-name=EXECUTION_DISPLAY_NAME + The display name of the execution. + + This flag argument must be specified if any of the other arguments + in this group are specified. + + --gcs-output-uri=GCS_OUTPUT_URI + The Cloud Storage location to upload notebook execution results to. + Format: gs://bucket-name. + + This flag argument must be specified if any of the other arguments + in this group are specified. + + --service-account=SERVICE_ACCOUNT + The service account to run the execution as + + This flag argument must be specified if any of the other arguments + in this group are specified. + + --execution-timeout=EXECUTION_TIMEOUT; default="24h" + The max running time of the execution job, as a duration. See '$ + gcloud topic datetimes' for details on formatting the input + duration. + + --kernel-name=KERNEL_NAME; default="python3" + The kernel name to use for the execution. + + Source of the notebook to execute. + + This must be specified. + + The Cloud Storage notebook source. + + --gcs-notebook-uri=GCS_NOTEBOOK_URI + The Cloud Storage uri pointing to the notebook. Format: + gs://bucket/notebook_file.ipynb + + This flag argument must be specified if any of the other + arguments in this group are specified. + + --generation=GENERATION + The version of the Cloud Storage object to read. If unset, the + current version of the object will be used. + + Compute configuration of the execution job. + + The machine configuration of the runtime. + + --accelerator-count=ACCELERATOR_COUNT + The number of accelerators used by the runtime. + + --accelerator-type=ACCELERATOR_TYPE + The type of hardware accelerator used by the runtime. If + specified, --accelerator-count must also be specified. + ACCELERATOR_TYPE must be one of: NVIDIA_TESLA_V100, + NVIDIA_TESLA_T4, NVIDIA_TESLA_A100, NVIDIA_A100_80GB, + NVIDIA_L4. + + --machine-type=MACHINE_TYPE; default="e2-standard-4" + The Compute Engine machine type selected for the runtime. + + The configuration for the data disk of the runtime. + + --disk-size-gb=DISK_SIZE_GB; default=100 + The disk size of the runtime in GB. If specified, the + --disk-type must also be specified. The minimum size is 10GB + and the maximum is 65536GB. + + --disk-type=DISK_TYPE; default="PD_STANDARD" + The type of the persistent disk. DISK_TYPE must be one of: + PD_STANDARD, PD_SSD, PD_BALANCED, PD_EXTREME. + + The network configuration for the runtime. + + --enable-internet-access + Enable public internet access for the runtime. Enabled by + default, use --no-enable-internet-access to disable. + + Network resource - The name of the VPC that this runtime is in. + This represents a Cloud resource. (NOTE) Some attributes are not + given arguments in this group but can be set in other ways. + + To set the project attribute: + ▹ provide the argument --network on the command line with a + fully specified name; + ▹ provide the argument --project on the command line; + ▹ set the property core/project. + + --network=NETWORK + ID of the network or fully qualified identifier for the + network. + + To set the network attribute: + ▪ provide the argument --network on the command line. + + Subnetwork resource - The name of the subnetwork that this runtime + is in. The arguments in this group can be used to specify the + attributes of this resource. (NOTE) Some attributes are not given + arguments in this group but can be set in other ways. + + To set the project attribute: + ▹ provide the argument --subnetwork on the command line with a + fully specified name; + ▹ provide the argument --project on the command line; + ▹ set the property core/project. + + --subnetwork=SUBNETWORK + ID of the subnetwork or fully qualified identifier for the + subnetwork. + + To set the subnetwork attribute: + ▪ provide the argument --subnetwork on the command line. + + This flag argument must be specified if any of the other + arguments in this group are specified. + + --subnetwork-region=SUBNETWORK_REGION + Google Cloud region of this subnetwork + https://cloud.google.com/compute/docs/regions-zones/#locations. + + To set the subnetwork-region attribute: + ▪ provide the argument --subnetwork on the command line + with a fully specified name; + ▪ provide the argument --subnetwork-region on the command + line. + + Key resource - The Cloud KMS encryption key (customer-managed + encryption key) used to protect the execution. The key must be in the + same region as the execution. If not specified, Google-managed + encryption will be used. The arguments in this group can be used to + specify the attributes of this resource. + + --kms-key=KMS_KEY + ID of the key or fully qualified identifier for the key. + + To set the kms-key attribute: + ◇ provide the argument --kms-key on the command line. + + This flag argument must be specified if any of the other + arguments in this group are specified. + + --kms-keyring=KMS_KEYRING + KMS keyring id of the key. + + To set the kms-keyring attribute: + ◇ provide the argument --kms-key on the command line with a + fully specified name; + ◇ provide the argument --kms-keyring on the command line. + + --kms-location=KMS_LOCATION + Cloud location for the key. + + To set the kms-location attribute: + ◇ provide the argument --kms-key on the command line with a + fully specified name; + ◇ provide the argument --kms-location on the command line. + + --kms-project=KMS_PROJECT + Cloud project id for the key. + + To set the kms-project attribute: + ◇ provide the argument --kms-key on the command line with a + fully specified name; + ◇ provide the argument --kms-project on the command line. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in beta and might change without notice. + diff --git a/gcloud/beta/workbench/schedules/delete b/gcloud/beta/workbench/schedules/delete new file mode 100644 index 000000000..923e4a506 --- /dev/null +++ b/gcloud/beta/workbench/schedules/delete @@ -0,0 +1,64 @@ +NAME + gcloud beta workbench schedules delete - delete a schedule + +SYNOPSIS + gcloud beta workbench schedules delete (SCHEDULE : --region=REGION) + [--async] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) Delete a Workbench notebook execution schedule. + +EXAMPLES + To delete a schedule with id my-schedule, in region us-central1, run: + + $ gcloud beta workbench schedules delete my-schedule \ + --region=us-central1 + +POSITIONAL ARGUMENTS + Schedule resource - Unique, system-generated resource name of the schedule + to delete. The arguments in this group can be used to specify the + attributes of this resource. (NOTE) Some attributes are not given + arguments in this group but can be set in other ways. + + To set the project attribute: + ◆ provide the argument schedule on the command line with a fully + specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + SCHEDULE + ID of the schedule or fully qualified identifier for the schedule. + + To set the name attribute: + ▸ provide the argument schedule on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --region=REGION + Cloud region for the schedule. + + To set the region attribute: + ▸ provide the argument schedule on the command line with a fully + specified name; + ▸ provide the argument --region on the command line; + ▸ set the property colab/region. + +FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in beta and might change without notice. + diff --git a/gcloud/beta/workbench/schedules/describe b/gcloud/beta/workbench/schedules/describe new file mode 100644 index 000000000..383640a09 --- /dev/null +++ b/gcloud/beta/workbench/schedules/describe @@ -0,0 +1,59 @@ +NAME + gcloud beta workbench schedules describe - describe a schedule + +SYNOPSIS + gcloud beta workbench schedules describe (SCHEDULE : --region=REGION) + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) Describe a Workbench notebook execution schedule. + +EXAMPLES + To describe a schedule with id my-schedule in region us-central1, run: + + $ gcloud beta workbench schedules describe my-schedule \ + --region=us-central1 + +POSITIONAL ARGUMENTS + Schedule resource - Unique, system-generated resource name of the schedule + to describe. The arguments in this group can be used to specify the + attributes of this resource. (NOTE) Some attributes are not given + arguments in this group but can be set in other ways. + + To set the project attribute: + ◆ provide the argument schedule on the command line with a fully + specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + SCHEDULE + ID of the schedule or fully qualified identifier for the schedule. + + To set the name attribute: + ▸ provide the argument schedule on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --region=REGION + Cloud region for the schedule. + + To set the region attribute: + ▸ provide the argument schedule on the command line with a fully + specified name; + ▸ provide the argument --region on the command line; + ▸ set the property colab/region. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in beta and might change without notice. + diff --git a/gcloud/beta/workbench/schedules/help b/gcloud/beta/workbench/schedules/help new file mode 100644 index 000000000..e89a519a0 --- /dev/null +++ b/gcloud/beta/workbench/schedules/help @@ -0,0 +1,41 @@ +NAME + gcloud beta workbench schedules - workbench schedules command group + +SYNOPSIS + gcloud beta workbench schedules COMMAND [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) Workbench schedules command group. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --help. + + Run $ gcloud help for details. + +COMMANDS + COMMAND is one of the following: + + create + (BETA) Create a schedule. + + delete + (BETA) Delete a schedule. + + describe + (BETA) Describe a schedule. + + list + (BETA) List your Workbench notebook execution schedules. + + pause + (BETA) Pause a schedule. + + resume + (BETA) Resume a schedule. + + update + (BETA) Update a schedule. + +NOTES + This command is currently in beta and might change without notice. + diff --git a/gcloud/beta/workbench/schedules/list b/gcloud/beta/workbench/schedules/list new file mode 100644 index 000000000..2a6d202b8 --- /dev/null +++ b/gcloud/beta/workbench/schedules/list @@ -0,0 +1,80 @@ +NAME + gcloud beta workbench schedules list - list your Workbench notebook + execution schedules + +SYNOPSIS + gcloud beta workbench schedules list --region=REGION [--filter=EXPRESSION] + [--limit=LIMIT] [--page-size=PAGE_SIZE] [--sort-by=[FIELD,...]] [--uri] + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) List your project's Workbench notebook execution schedules in a + given region. + +EXAMPLES + To list your schedules in region us-central1, run: + + $ gcloud beta workbench schedules list --region=us-central1 + +REQUIRED FLAGS + Region resource - Cloud region for which to list all schedules. This + represents a Cloud resource. (NOTE) Some attributes are not given + arguments in this group but can be set in other ways. + + To set the project attribute: + ◆ provide the argument --region on the command line with a fully + specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + --region=REGION + ID of the region or fully qualified identifier for the region. + + To set the region attribute: + ▸ provide the argument --region on the command line. + +LIST COMMAND FLAGS + --filter=EXPRESSION + Apply a Boolean filter EXPRESSION to each resource item to be listed. + If the expression evaluates True, then that item is listed. For more + details and examples of filter expressions, run $ gcloud topic filters. + This flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --limit=LIMIT + Maximum number of resources to list. The default is unlimited. This + flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --page-size=PAGE_SIZE + Some services group resource list output into pages. This flag + specifies the maximum number of resources per page. The default is + determined by the service if it supports paging, otherwise it is + unlimited (no paging). Paging may be applied before or after --filter + and --limit depending on the service. + + --sort-by=[FIELD,...] + Comma-separated list of resource field key names to sort by. The + default order is ascending. Prefix a field with ``~'' for descending + order on that field. This flag interacts with other flags that are + applied in this order: --flatten, --sort-by, --filter, --limit. + + --uri + Print a list of resource URIs instead of the default output, and change + the command output to a list of URIs. If this flag is used with + --format, the formatting is applied on this URI list. To display URIs + alongside other keys instead, use the uri() transform. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in beta and might change without notice. + diff --git a/gcloud/beta/workbench/schedules/pause b/gcloud/beta/workbench/schedules/pause new file mode 100644 index 000000000..8f7086a59 --- /dev/null +++ b/gcloud/beta/workbench/schedules/pause @@ -0,0 +1,59 @@ +NAME + gcloud beta workbench schedules pause - pause a schedule + +SYNOPSIS + gcloud beta workbench schedules pause (SCHEDULE : --region=REGION) + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) Pause a Workbench notebook execution schedule. + +EXAMPLES + To pause a schedule with id my-schedule, in region us-central1, run: + + $ gcloud beta workbench schedules pause my-schedule \ + --region=us-central1 + +POSITIONAL ARGUMENTS + Schedule resource - Unique, system-generated resource name of the schedule + to pause. The arguments in this group can be used to specify the + attributes of this resource. (NOTE) Some attributes are not given + arguments in this group but can be set in other ways. + + To set the project attribute: + ◆ provide the argument schedule on the command line with a fully + specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + SCHEDULE + ID of the schedule or fully qualified identifier for the schedule. + + To set the name attribute: + ▸ provide the argument schedule on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --region=REGION + Cloud region for the schedule. + + To set the region attribute: + ▸ provide the argument schedule on the command line with a fully + specified name; + ▸ provide the argument --region on the command line; + ▸ set the property colab/region. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in beta and might change without notice. + diff --git a/gcloud/beta/workbench/schedules/resume b/gcloud/beta/workbench/schedules/resume new file mode 100644 index 000000000..075775340 --- /dev/null +++ b/gcloud/beta/workbench/schedules/resume @@ -0,0 +1,66 @@ +NAME + gcloud beta workbench schedules resume - resume a schedule + +SYNOPSIS + gcloud beta workbench schedules resume (SCHEDULE : --region=REGION) + [--enable-catch-up] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) Resume a Workbench notebook execution schedule. + +EXAMPLES + To resume a paused schedule with id my-schedule, in region us-central1, + run: + + $ gcloud beta workbench schedules resume my-schedule \ + --region=us-central1 + +POSITIONAL ARGUMENTS + Schedule resource - Unique, system-generated resource name of the schedule + to resume. The arguments in this group can be used to specify the + attributes of this resource. (NOTE) Some attributes are not given + arguments in this group but can be set in other ways. + + To set the project attribute: + ◆ provide the argument schedule on the command line with a fully + specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + SCHEDULE + ID of the schedule or fully qualified identifier for the schedule. + + To set the name attribute: + ▸ provide the argument schedule on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --region=REGION + Cloud region for the schedule. + + To set the region attribute: + ▸ provide the argument schedule on the command line with a fully + specified name; + ▸ provide the argument --region on the command line; + ▸ set the property colab/region. + +FLAGS + --enable-catch-up + Enables backfilling missed runs when the schedule is resumed from + PAUSED state. If enabled, all missed runs will be scheduled and new + runs will be scheduled after the backfill is complete. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in beta and might change without notice. + diff --git a/gcloud/beta/workbench/schedules/update b/gcloud/beta/workbench/schedules/update new file mode 100644 index 000000000..2181808c7 --- /dev/null +++ b/gcloud/beta/workbench/schedules/update @@ -0,0 +1,110 @@ +NAME + gcloud beta workbench schedules update - update a schedule + +SYNOPSIS + gcloud beta workbench schedules update (SCHEDULE : --region=REGION) + (--cron-schedule=CRON_SCHEDULE --display-name=DISPLAY_NAME + --enable-queueing --end-time=END_TIME + --max-concurrent-runs=MAX_CONCURRENT_RUNS + --max-runs=MAX_RUNS --start-time=START_TIME) [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) Update a Workbench notebook execution schedule. + +EXAMPLES + To update the cron schedule and max runs of a schedule with id my-schedule, + in region us-central1, run: + + $ gcloud beta workbench schedules update my-schedule \ + --region=us-central1 \ + --cron-schedule='TZ=America/Los_Angeles 0 0 * * 0' --max-runs=2 + +POSITIONAL ARGUMENTS + Schedule resource - Unique, system-generated resource name of the schedule + to update. The arguments in this group can be used to specify the + attributes of this resource. (NOTE) Some attributes are not given + arguments in this group but can be set in other ways. + + To set the project attribute: + ◆ provide the argument schedule on the command line with a fully + specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + SCHEDULE + ID of the schedule or fully qualified identifier for the schedule. + + To set the name attribute: + ▸ provide the argument schedule on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --region=REGION + Cloud region for the schedule. + + To set the region attribute: + ▸ provide the argument schedule on the command line with a fully + specified name; + ▸ provide the argument --region on the command line; + ▸ set the property colab/region. + +REQUIRED FLAGS + Configuration of the schedule. + + At least one of these must be specified: + + --cron-schedule=CRON_SCHEDULE + Cron schedule (https://en.wikipedia.org/wiki/Cron) to launch + scheduled runs. To explicitly set a timezone to the cron tab, apply a + prefix in the cron tab: "CRON_TZ=${IANA_TIME_ZONE}" or + "TZ=${IANA_TIME_ZONE}". The ${IANA_TIME_ZONE} may only be a valid + string from IANA time zone database. For example, + "CRON_TZ=America/New_York 1 * * * ", or "TZ=America/New_York 1 * * * + ". + + --display-name=DISPLAY_NAME + The display name of the schedule. + + --enable-queueing + Enables new scheduled runs to be queued when max_concurrent_runs + limit is reached. If set to true, new runs will be queued instead of + skipped. + + --end-time=END_TIME + Timestamp after which no new runs can be scheduled. If specified, the + schedule will be completed when either end_time is reached or when + scheduled_run_count >= max_run_count. If neither end time nor + max_run_count is specified, new runs will keep getting scheduled + until this Schedule is paused or deleted. Must be in the RFC 3339 + (https://www.ietf.org/rfc/rfc3339.txt) format. E.g. + "2026-01-01T00:00:00Z" or "2026-01-01T00:00:00-05:00" + + --max-concurrent-runs=MAX_CONCURRENT_RUNS + Maximum number of runs that can be started concurrently for this + Schedule. This is the limit for starting the scheduled requests and + not the execution of the notebook execution jobs created by the + requests. + + --max-runs=MAX_RUNS + The max runs for the schedule. + + --start-time=START_TIME + The timestamp after which the first run can be scheduled. Defaults to + the schedule creation time. Must be in the RFC 3339 + (https://www.ietf.org/rfc/rfc3339.txt) format. E.g. + "2026-01-01T00:00:00Z" or "2026-01-01T00:00:00-05:00" + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in beta and might change without notice. + diff --git a/gcloud/bigtable/app-profiles/create b/gcloud/bigtable/app-profiles/create index ed5a30f8b..1a8eecd5d 100644 --- a/gcloud/bigtable/app-profiles/create +++ b/gcloud/bigtable/app-profiles/create @@ -5,8 +5,10 @@ SYNOPSIS gcloud bigtable app-profiles create (APP_PROFILE : --instance=INSTANCE) ([--route-any : --restrict-to=[RESTRICT_TO,...] --row-affinity] | [--route-to=ROUTE_TO : --transactional-writes]) - [--description=DESCRIPTION] [--force] [--priority=PRIORITY] - [GCLOUD_WIDE_FLAG ...] + [--description=DESCRIPTION] [--force] + [--data-boost + --data-boost-compute-billing-owner=DATA_BOOST_COMPUTE_BILLING_OWNER + | [--priority=PRIORITY : --standard]] [GCLOUD_WIDE_FLAG ...] DESCRIPTION Create a new Bigtable app profile. @@ -40,6 +42,13 @@ EXAMPLES $ gcloud bigtable app-profiles create my-app-profile-id \ --instance=my-instance-id --route-any --row-affinity + To create an app profile with Data Boost enabled which bills usage to the + host project, run: + + $ gcloud bigtable app-profiles create my-app-profile-id \ + --instance=my-instance-id --data-boost \ + --data-boost-compute-billing-owner=HOST_PAYS + POSITIONAL ARGUMENTS App profile resource - The app profile to create. The arguments in this group can be used to specify the attributes of this resource. (NOTE) Some @@ -108,16 +117,58 @@ OPTIONAL FLAGS --force Ignore warnings and force create. - --priority=PRIORITY - Specify the request priority. If not specified, the app profile uses - PRIORITY_HIGH by default. PRIORITY must be one of: + At most one of these can be specified: - PRIORITY_HIGH - Requests are treated with high priority. - PRIORITY_LOW - Requests are treated with low priority. - PRIORITY_MEDIUM - Requests are treated with medium priority. + Data Boost Read-only Isolation + + --data-boost + Use Data Boost serverless compute option, rather than standard + provisioned node compute. If specified, + --data-boost-compute-billing-owner is required. Specifying Data + Boost compute on an app profile that uses standard provisioned node + compute may cause unexpected behavior for running applications. + + This flag argument must be specified if any of the other arguments + in this group are specified. + + --data-boost-compute-billing-owner=DATA_BOOST_COMPUTE_BILLING_OWNER + Specify the Data Boost compute billing owner, required if + --data-boost is passed. DATA_BOOST_COMPUTE_BILLING_OWNER must be + (only one value is supported): + + HOST_PAYS + Compute billing should be accounted towards the host Cloud + project (containing the targeted Bigtable instance / table). + + This flag argument must be specified if any of the other arguments + in this group are specified. + + Standard Isolation + + --priority=PRIORITY + Specify the request priority under standard provisioned node + compute capabilities. Passing this option implies standard + provisioned node compute, e.g. the --standard option. If not + specified, the app profile uses standard provisioned node compute + with PRIORITY_HIGH by default. Specifying request priority on an + app profile that has Data Boost serverless compute enabled changes + the compute option to standard and uses the specified priority, + which might cause unexpected behavior for running applications. + PRIORITY must be one of: + + PRIORITY_HIGH + Requests are treated with high priority. + PRIORITY_LOW + Requests are treated with low priority. + PRIORITY_MEDIUM + Requests are treated with medium priority. + + This flag argument must be specified if any of the other arguments + in this group are specified. + + --standard + Use standard provisioned node compute option, rather than Data + Boost compute option. If specified, --priority is required. GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, diff --git a/gcloud/bigtable/app-profiles/update b/gcloud/bigtable/app-profiles/update index ab5dc3bcb..ff1c01f33 100644 --- a/gcloud/bigtable/app-profiles/update +++ b/gcloud/bigtable/app-profiles/update @@ -3,7 +3,10 @@ NAME SYNOPSIS gcloud bigtable app-profiles update (APP_PROFILE : --instance=INSTANCE) - [--async] [--description=DESCRIPTION] [--force] [--priority=PRIORITY] + [--async] [--description=DESCRIPTION] [--force] + [--data-boost + --data-boost-compute-billing-owner=DATA_BOOST_COMPUTE_BILLING_OWNER + | [--priority=PRIORITY : --standard]] [[--route-any : --restrict-to=[RESTRICT_TO,...] --row-affinity] | [--route-to=ROUTE_TO : --transactional-writes]] [GCLOUD_WIDE_FLAG ...] @@ -39,6 +42,13 @@ EXAMPLES $ gcloud bigtable app-profiles update my-app-profile-id \ --instance=my-instance-id --route-any --row-affinity + To update an app profile to enable Data Boost which bills usage to the host + project, run: + + $ gcloud bigtable app-profiles update my-app-profile-id \ + --instance=my-instance-id --data-boost \ + --data-boost-compute-billing-owner=HOST_PAYS + POSITIONAL ARGUMENTS App profile resource - The app profile to update. The arguments in this group can be used to specify the attributes of this resource. (NOTE) Some @@ -82,16 +92,58 @@ FLAGS --force Ignore warnings and force update. - --priority=PRIORITY - Specify the request priority. If not specified, the app profile uses - PRIORITY_HIGH by default. PRIORITY must be one of: + At most one of these can be specified: - PRIORITY_HIGH - Requests are treated with high priority. - PRIORITY_LOW - Requests are treated with low priority. - PRIORITY_MEDIUM - Requests are treated with medium priority. + Data Boost Read-only Isolation + + --data-boost + Use Data Boost serverless compute option, rather than standard + provisioned node compute. If specified, + --data-boost-compute-billing-owner is required. Specifying Data + Boost compute on an app profile that uses standard provisioned node + compute may cause unexpected behavior for running applications. + + This flag argument must be specified if any of the other arguments + in this group are specified. + + --data-boost-compute-billing-owner=DATA_BOOST_COMPUTE_BILLING_OWNER + Specify the Data Boost compute billing owner, required if + --data-boost is passed. DATA_BOOST_COMPUTE_BILLING_OWNER must be + (only one value is supported): + + HOST_PAYS + Compute billing should be accounted towards the host Cloud + project (containing the targeted Bigtable instance / table). + + This flag argument must be specified if any of the other arguments + in this group are specified. + + Standard Isolation + + --priority=PRIORITY + Specify the request priority under standard provisioned node + compute capabilities. Passing this option implies standard + provisioned node compute, e.g. the --standard option. If not + specified, the app profile uses standard provisioned node compute + with PRIORITY_HIGH by default. Specifying request priority on an + app profile that has Data Boost serverless compute enabled changes + the compute option to standard and uses the specified priority, + which might cause unexpected behavior for running applications. + PRIORITY must be one of: + + PRIORITY_HIGH + Requests are treated with high priority. + PRIORITY_LOW + Requests are treated with low priority. + PRIORITY_MEDIUM + Requests are treated with medium priority. + + This flag argument must be specified if any of the other arguments + in this group are specified. + + --standard + Use standard provisioned node compute option, rather than Data + Boost compute option. If specified, --priority is required. At most one of these can be specified: diff --git a/gcloud/dataflow/help b/gcloud/dataflow/help index 7024b31aa..fd8cc4ded 100644 --- a/gcloud/dataflow/help +++ b/gcloud/dataflow/help @@ -33,9 +33,6 @@ GROUPS snapshots A group of subcommands for working with Cloud Dataflow snapshots. - sql - (DEPRECATED) A group of subcommands for working with Dataflow SQL. - yaml A group of subcommands for launching Beam YAML jobs on Dataflow. diff --git a/gcloud/dataflow/sql/help b/gcloud/dataflow/sql/help deleted file mode 100644 index 480321d7b..000000000 --- a/gcloud/dataflow/sql/help +++ /dev/null @@ -1,31 +0,0 @@ -NAME - gcloud dataflow sql - a group of subcommands for working with Dataflow SQL - -SYNOPSIS - gcloud dataflow sql COMMAND [GCLOUD_WIDE_FLAG ...] - -DESCRIPTION - (DEPRECATED) A group of subcommands for working with Dataflow SQL. - - This command is deprecated and will be removed January 31, 2025. Please see - Beam YAML (https://beam.apache.org/documentation/sdks/yaml/) and Beam - notebooks - (https://cloud.google.com/dataflow/docs/guides/notebook-advanced#beam-sql) - for alternatives. - -GCLOUD WIDE FLAGS - These flags are available to all commands: --help. - - Run $ gcloud help for details. - -COMMANDS - COMMAND is one of the following: - - query - (DEPRECATED) Execute the user-specified SQL query on Dataflow. - -NOTES - This variant is also available: - - $ gcloud beta dataflow sql - diff --git a/gcloud/dataflow/sql/query b/gcloud/dataflow/sql/query deleted file mode 100644 index 3d29fdc08..000000000 --- a/gcloud/dataflow/sql/query +++ /dev/null @@ -1,220 +0,0 @@ -NAME - gcloud dataflow sql query - execute the user-specified SQL query on - Dataflow - -SYNOPSIS - gcloud dataflow sql query QUERY --job-name=JOB_NAME --region=REGION - ([--bigquery-table=BIGQUERY_TABLE : --bigquery-dataset=BIGQUERY_DATASET - --bigquery-project=BIGQUERY_PROJECT] [--pubsub-topic=PUBSUB_TOPIC - : --pubsub-project=PUBSUB_PROJECT]) - [--bigquery-write-disposition=BIGQUERY_WRITE_DISPOSITION; - default="write-empty"] [--dataflow-kms-key=DATAFLOW_KMS_KEY] - [--disable-public-ips] [--dry-run] [--max-workers=MAX_WORKERS] - [--network=NETWORK] [--num-workers=NUM_WORKERS] - [--pubsub-create-disposition=PUBSUB_CREATE_DISPOSITION; - default="create-if-not-found"] - [--service-account-email=SERVICE_ACCOUNT_EMAIL] - [--subnetwork=SUBNETWORK] [--worker-machine-type=WORKER_MACHINE_TYPE] - [--parameter=PARAMETER | --parameters-file=PARAMETERS_FILE] - [--worker-region=WORKER_REGION | --worker-zone=WORKER_ZONE - | --zone=ZONE] [GCLOUD_WIDE_FLAG ...] - -DESCRIPTION - (DEPRECATED) This command is deprecated and will be removed January 31, - 2025. Please see Beam YAML - (https://beam.apache.org/documentation/sdks/yaml/) and Beam notebooks - (https://cloud.google.com/dataflow/docs/guides/notebook-advanced#beam-sql) - for alternatives. - - Execute the user-specified SQL query on Dataflow. Queries must comply to - the ZetaSQL dialect (https://github.com/google/zetasql). Results may be - written to either BigQuery or Cloud Pub/Sub. - -EXAMPLES - To execute a simple SQL query on Dataflow that reads from and writes to - BigQuery, run: - - $ gcloud dataflow sql query \ - 'SELECT word FROM - bigquery.table.`my-project`.input_dataset.input_table where count - > 3' --job-name=my-job --region=us-west1 \ - --bigquery-dataset=my_output_dataset \ - --bigquery-table=my_output_table - - To execute a simple SQL query on Dataflow that reads from and writes to - Cloud Pub/Sub, run: - - $ gcloud dataflow sql query \ - 'SELECT word FROM pubsub.topic.`my-project`.input_topic where - count > 3' --job-name=my-job --region=us-west1 \ - --pubsub-topic=my_output_topic - - To join data from BigQuery and Cloud Pub/Sub and write the result to Cloud - Pub/Sub, run: - - $ gcloud dataflow sql query \ - 'SELECT bq.name AS name FROM - pubsub.topic.`my-project`.input_topic p INNER JOIN - bigquery.table.`my-project`.input_dataset.input_table bq ON p.id = - bq.id' --job-name=my-job --region=us-west1 \ - --pubsub-topic=my_output_topic - - To execute a parameterized SQL query that reads from and writes to - BigQuery, run: - - $ gcloud dataflow sql query \ - 'SELECT word FROM - bigquery.table.`my-project`.input_dataset.input_table where count - > @threshold' --parameter=threshold:INT64:5 --job-name=my-job \ - --region=us-west1 --bigquery-dataset=my_output_dataset \ - --bigquery-table=my_output_table - -POSITIONAL ARGUMENTS - QUERY - The SQL query to execute. - -REQUIRED FLAGS - --job-name=JOB_NAME - The unique name to assign to the Cloud Dataflow job. - - --region=REGION - Region ID of the job's regional endpoint. Defaults to 'us-central1'. - - The destination(s) for the output of the query. - - At least one of these must be specified: - - BigQuery table resource - The BigQuery table to write query output to. - The arguments in this group can be used to specify the attributes of - this resource. - - --bigquery-table=BIGQUERY_TABLE - ID of the BigQuery table or fully qualified identifier for the - BigQuery table. - - To set the bigquery-table attribute: - ▫ provide the argument --bigquery-table on the command line. - - This flag argument must be specified if any of the other arguments - in this group are specified. - - --bigquery-dataset=BIGQUERY_DATASET - The BigQuery dataset ID. - - To set the bigquery-dataset attribute: - ▫ provide the argument --bigquery-table on the command line with - a fully specified name; - ▫ provide the argument --bigquery-dataset on the command line. - - --bigquery-project=BIGQUERY_PROJECT - The BigQuery project ID. - - To set the bigquery-project attribute: - ▫ provide the argument --bigquery-table on the command line with - a fully specified name; - ▫ provide the argument --bigquery-project on the command line. - - Pub/Sub topic resource - The Cloud Pub/Sub topic to write query output - to. The arguments in this group can be used to specify the attributes of - this resource. - - --pubsub-topic=PUBSUB_TOPIC - ID of the Pub/Sub topic or fully qualified identifier for the - Pub/Sub topic. - - To set the pubsub-topic attribute: - ▫ provide the argument --pubsub-topic on the command line. - - This flag argument must be specified if any of the other arguments - in this group are specified. - - --pubsub-project=PUBSUB_PROJECT - The Pub/Sub project ID. - - To set the pubsub-project attribute: - ▫ provide the argument --pubsub-topic on the command line with a - fully specified name; - ▫ provide the argument --pubsub-project on the command line. - -OPTIONAL FLAGS - --bigquery-write-disposition=BIGQUERY_WRITE_DISPOSITION; default="write-empty" - The behavior of the BigQuery write operation. - BIGQUERY_WRITE_DISPOSITION must be one of: write-empty, write-truncate, - write-append. - - --dataflow-kms-key=DATAFLOW_KMS_KEY - The Cloud KMS key to protect the job resources. - - --disable-public-ips - The Cloud Dataflow workers must not use public IP addresses. Overrides - the default dataflow/disable_public_ips property value for this command - invocation. - - --dry-run - Construct but do not run the SQL pipeline, for smoke testing. - - --max-workers=MAX_WORKERS - The maximum number of workers to run. - - --network=NETWORK - The Compute Engine network for launching instances to run your - pipeline. - - --num-workers=NUM_WORKERS - The initial number of workers to use. - - --pubsub-create-disposition=PUBSUB_CREATE_DISPOSITION; default="create-if-not-found" - The behavior of the Pub/Sub create operation. PUBSUB_CREATE_DISPOSITION - must be one of: create-if-not-found, fail-if-not-found. - - --service-account-email=SERVICE_ACCOUNT_EMAIL - The service account to run the workers as. - - --subnetwork=SUBNETWORK - The Compute Engine subnetwork for launching instances to run your - pipeline. - - --worker-machine-type=WORKER_MACHINE_TYPE - The type of machine to use for workers. Defaults to server-specified. - - At most one of these can be specified: - - --parameter=PARAMETER - Parameters to pass to a query. Parameters must use the format - name:type:value, for example min_word_count:INT64:250. - - --parameters-file=PARAMETERS_FILE - Path to a file containing query parameters in JSON format. e.g. - [{"parameterType": {"type": "STRING"}, "parameterValue": {"value": - "foo"}, "name": "x"}, {"parameterType": {"type": "FLOAT64"}, - "parameterValue": {"value": "1.0"}, "name": "y"}] - - Worker location options. - - At most one of these can be specified: - - --worker-region=WORKER_REGION - The region to run the workers in. - - --worker-zone=WORKER_ZONE - The zone to run the workers in. - - --zone=ZONE - (DEPRECATED) The zone to run the workers in. - - The --zone option is deprecated; use --worker-region or --worker-zone - instead. - -GCLOUD WIDE FLAGS - These flags are available to all commands: --access-token-file, --account, - --billing-project, --configuration, --flags-file, --flatten, --format, - --help, --impersonate-service-account, --log-http, --project, --quiet, - --trace-token, --user-output-enabled, --verbosity. - - Run $ gcloud help for details. - -NOTES - This variant is also available: - - $ gcloud beta dataflow sql query - diff --git a/gcloud/dataproc/clusters/create b/gcloud/dataproc/clusters/create index b749dc55c..8d1a52636 100644 --- a/gcloud/dataproc/clusters/create +++ b/gcloud/dataproc/clusters/create @@ -64,8 +64,9 @@ SYNOPSIS --kerberos-root-principal-password-uri=KERBEROS_ROOT_PRINCIPAL_PASSWORD_URI [--kerberos-kms-key=KERBEROS_KMS_KEY : --kerberos-kms-key-keyring=KERBEROS_KMS_KEY_KEYRING --kerberos-kms-key-location=KERBEROS_KMS_KEY_LOCATION --kerberos-kms-key-project=KERBEROS_KMS_KEY_PROJECT]] [--kms-key=KMS_KEY : --kms-keyring=KMS_KEYRING --kms-location=KMS_LOCATION --kms-project=KMS_PROJECT] - [--metadata=KEY=VALUE,[KEY=VALUE,...] --scopes=SCOPE,[SCOPE,...] - --service-account=SERVICE_ACCOUNT + [--metadata=KEY=VALUE,[KEY=VALUE,...] + --resource-manager-tags=KEY=VALUE,[KEY=VALUE,...] + --scopes=SCOPE,[SCOPE,...] --service-account=SERVICE_ACCOUNT --tags=TAG,[TAG,...] --network=NETWORK | --subnet=SUBNET --reservation=RESERVATION --reservation-affinity=RESERVATION_AFFINITY; default="any"] @@ -776,6 +777,10 @@ FLAGS Metadata to be made available to the guest operating system running on the instances + --resource-manager-tags=KEY=VALUE,[KEY=VALUE,...] + Specifies a list of resource manager tags to apply to each cluster + node (master and worker nodes). + --scopes=SCOPE,[SCOPE,...] Specifies scopes for the node instances. Multiple SCOPEs can be specified, separated by commas. Examples: diff --git a/gcloud/dataproc/workflow-templates/set-managed-cluster b/gcloud/dataproc/workflow-templates/set-managed-cluster index 5ab3baa94..2c4db9d24 100644 --- a/gcloud/dataproc/workflow-templates/set-managed-cluster +++ b/gcloud/dataproc/workflow-templates/set-managed-cluster @@ -52,8 +52,9 @@ SYNOPSIS --kerberos-root-principal-password-uri=KERBEROS_ROOT_PRINCIPAL_PASSWORD_URI [--kerberos-kms-key=KERBEROS_KMS_KEY : --kerberos-kms-key-keyring=KERBEROS_KMS_KEY_KEYRING --kerberos-kms-key-location=KERBEROS_KMS_KEY_LOCATION --kerberos-kms-key-project=KERBEROS_KMS_KEY_PROJECT]] [--kms-key=KMS_KEY : --kms-keyring=KMS_KEYRING --kms-location=KMS_LOCATION --kms-project=KMS_PROJECT] - [--metadata=KEY=VALUE,[KEY=VALUE,...] --scopes=SCOPE,[SCOPE,...] - --service-account=SERVICE_ACCOUNT + [--metadata=KEY=VALUE,[KEY=VALUE,...] + --resource-manager-tags=KEY=VALUE,[KEY=VALUE,...] + --scopes=SCOPE,[SCOPE,...] --service-account=SERVICE_ACCOUNT --tags=TAG,[TAG,...] --network=NETWORK | --subnet=SUBNET --reservation=RESERVATION --reservation-affinity=RESERVATION_AFFINITY; default="any"] @@ -643,6 +644,10 @@ FLAGS Metadata to be made available to the guest operating system running on the instances + --resource-manager-tags=KEY=VALUE,[KEY=VALUE,...] + Specifies a list of resource manager tags to apply to each cluster + node (master and worker nodes). + --scopes=SCOPE,[SCOPE,...] Specifies scopes for the node instances. Multiple SCOPEs can be specified, separated by commas. Examples: diff --git a/gcloud/functions/deploy b/gcloud/functions/deploy index fae1b57eb..a11cc90c7 100644 --- a/gcloud/functions/deploy +++ b/gcloud/functions/deploy @@ -112,12 +112,15 @@ FLAGS value. --docker-registry=DOCKER_REGISTRY - Docker Registry to use for storing the function's Docker images. The - option artifact-registry is used by default. + (DEPRECATED) Docker Registry to use for storing the function's Docker + images. The option artifact-registry is used by default. - Warning: Artifact Registry and Container Registry have different image - storage costs. For more details, please see - https://cloud.google.com/functions/pricing#deployment_costs. + With the general transition from Container Registry to + Artifact Registry, the option to specify docker registry is deprecated. + All container image storage and management will automatically + transition to Artifact Registry. + For more information, see + https://cloud.google.com/artifact-registry/docs/transition/transition-from-gcr DOCKER_REGISTRY must be one of: artifact-registry, container-registry. diff --git a/gcloud/iap/settings/get b/gcloud/iap/settings/get index 607f9ebb1..9c28ee0bd 100644 --- a/gcloud/iap/settings/get +++ b/gcloud/iap/settings/get @@ -63,6 +63,23 @@ EXAMPLES --resource-type=backend-services --service=SERVICE_ID \ --region=REGION_ID + To get the IAP setting for all forwarding rules within a project, run: + + $ gcloud iap settings get --project=PROJECT_ID \ + --resource-type=forwarding-rule + + To get the IAP setting for a forwarding rule within a project, run: + + $ gcloud iap settings get --project=PROJECT_ID \ + --resource-type=forwarding-rule --service=SERVICE_ID + + To get the IAP setting for a regional forwarding rule within a project, + run: + + $ gcloud iap settings get --project=PROJECT_ID \ + --resource-type=forwarding-rule --service=SERVICE_ID \ + --region=REGION_ID + FLAGS --folder=FOLDER Folder ID. @@ -82,7 +99,7 @@ FLAGS Resource type of the IAP resource. For Backend Services, you can use both compute and backend-services as resource type. RESOURCE_TYPE must be one of: app-engine, iap_web, compute, organization, folder, - backend-services. + backend-services, forwarding-rule. --service=SERVICE Service name. Optional when resource-type is compute or app-engine. diff --git a/gcloud/iap/settings/set b/gcloud/iap/settings/set index 1b43dac20..e14dec610 100644 --- a/gcloud/iap/settings/set +++ b/gcloud/iap/settings/set @@ -63,6 +63,22 @@ EXAMPLES --resource-type=backend-services --service=SERVICE_ID \ --region=REGION_ID + To set the IAP setting for all forwarding rule within a project, run: + + $ gcloud iap settings set iap_settings.yaml --project=PROJECT_ID \ + --resource-type=forwarding-rule + + To set the IAP setting for a forwarding rule within a project, run: + + $ gcloud iap settings set iap_settings.yaml --project=PROJECT_ID \ + --resource-type=forwarding-rule --service=SERVICE_ID + + To set the IAP setting for a region forwarding rule within a project, run: + + $ gcloud iap settings set iap_settings.yaml --project=PROJECT_ID \ + --resource-type=forwarding-rule --service=SERVICE_ID \ + --region=REGION_ID + POSITIONAL ARGUMENTS SETTING_FILE JSON or YAML file containing the IAP resource settings. @@ -130,7 +146,7 @@ FLAGS Resource type of the IAP resource. For Backend Services, you can use both compute and backend-services as resource type. RESOURCE_TYPE must be one of: app-engine, iap_web, compute, organization, folder, - backend-services. + backend-services, forwarding-rule. --service=SERVICE Service name. Optional when resource-type is compute or app-engine. diff --git a/gcloud/iap/web/add-iam-policy-binding b/gcloud/iap/web/add-iam-policy-binding index 3a426fb89..8d1bba038 100644 --- a/gcloud/iap/web/add-iam-policy-binding +++ b/gcloud/iap/web/add-iam-policy-binding @@ -121,7 +121,7 @@ OPTIONAL FLAGS --resource-type=RESOURCE_TYPE Resource type of the IAP resource. RESOURCE_TYPE must be one of: - app-engine, backend-services. + app-engine, backend-services, forwarding-rule. --service=SERVICE Service name. diff --git a/gcloud/iap/web/get-iam-policy b/gcloud/iap/web/get-iam-policy index 0d0c0f189..268581b0f 100644 --- a/gcloud/iap/web/get-iam-policy +++ b/gcloud/iap/web/get-iam-policy @@ -68,7 +68,7 @@ FLAGS --resource-type=RESOURCE_TYPE Resource type of the IAP resource. RESOURCE_TYPE must be one of: - app-engine, backend-services. + app-engine, backend-services, forwarding-rule. --service=SERVICE Service name. diff --git a/gcloud/iap/web/remove-iam-policy-binding b/gcloud/iap/web/remove-iam-policy-binding index e507a5f95..bb908ab69 100644 --- a/gcloud/iap/web/remove-iam-policy-binding +++ b/gcloud/iap/web/remove-iam-policy-binding @@ -138,7 +138,7 @@ OPTIONAL FLAGS --resource-type=RESOURCE_TYPE Resource type of the IAP resource. RESOURCE_TYPE must be one of: - app-engine, backend-services. + app-engine, backend-services, forwarding-rule. --service=SERVICE Service name. diff --git a/gcloud/iap/web/set-iam-policy b/gcloud/iap/web/set-iam-policy index fcd5bc107..614d03b7a 100644 --- a/gcloud/iap/web/set-iam-policy +++ b/gcloud/iap/web/set-iam-policy @@ -78,7 +78,7 @@ FLAGS --resource-type=RESOURCE_TYPE Resource type of the IAP resource. RESOURCE_TYPE must be one of: - app-engine, backend-services. + app-engine, backend-services, forwarding-rule. --service=SERVICE Service name. diff --git a/gcloud/kms/keys/create b/gcloud/kms/keys/create index f18bf2e98..99f4f1e99 100644 --- a/gcloud/kms/keys/create +++ b/gcloud/kms/keys/create @@ -204,16 +204,17 @@ OPTIONAL FLAGS aes-256-ctr, aes-256-gcm, ec-sign-ed25519, ec-sign-p256-sha256, ec-sign-p384-sha384, ec-sign-secp256k1-sha256, external-symmetric-encryption, google-symmetric-encryption, hmac-sha1, - hmac-sha224, hmac-sha256, hmac-sha384, hmac-sha512, - rsa-decrypt-oaep-2048-sha1, rsa-decrypt-oaep-2048-sha256, - rsa-decrypt-oaep-3072-sha1, rsa-decrypt-oaep-3072-sha256, - rsa-decrypt-oaep-4096-sha1, rsa-decrypt-oaep-4096-sha256, - rsa-decrypt-oaep-4096-sha512, rsa-sign-pkcs1-2048-sha256, - rsa-sign-pkcs1-3072-sha256, rsa-sign-pkcs1-4096-sha256, - rsa-sign-pkcs1-4096-sha512, rsa-sign-pss-2048-sha256, - rsa-sign-pss-3072-sha256, rsa-sign-pss-4096-sha256, - rsa-sign-pss-4096-sha512, rsa-sign-raw-pkcs1-2048, - rsa-sign-raw-pkcs1-3072, rsa-sign-raw-pkcs1-4096. + hmac-sha224, hmac-sha256, hmac-sha384, hmac-sha512, pq-sign-ml-dsa-65, + pq-sign-slh-dsa-sha2-128s, rsa-decrypt-oaep-2048-sha1, + rsa-decrypt-oaep-2048-sha256, rsa-decrypt-oaep-3072-sha1, + rsa-decrypt-oaep-3072-sha256, rsa-decrypt-oaep-4096-sha1, + rsa-decrypt-oaep-4096-sha256, rsa-decrypt-oaep-4096-sha512, + rsa-sign-pkcs1-2048-sha256, rsa-sign-pkcs1-3072-sha256, + rsa-sign-pkcs1-4096-sha256, rsa-sign-pkcs1-4096-sha512, + rsa-sign-pss-2048-sha256, rsa-sign-pss-3072-sha256, + rsa-sign-pss-4096-sha256, rsa-sign-pss-4096-sha512, + rsa-sign-raw-pkcs1-2048, rsa-sign-raw-pkcs1-3072, + rsa-sign-raw-pkcs1-4096. --destroy-scheduled-duration=DESTROY_SCHEDULED_DURATION The amount of time that versions of the key should spend in the diff --git a/gcloud/kms/keys/update b/gcloud/kms/keys/update index a1478f0e6..3b5f3f144 100644 --- a/gcloud/kms/keys/update +++ b/gcloud/kms/keys/update @@ -175,16 +175,17 @@ FLAGS aes-256-ctr, aes-256-gcm, ec-sign-ed25519, ec-sign-p256-sha256, ec-sign-p384-sha384, ec-sign-secp256k1-sha256, external-symmetric-encryption, google-symmetric-encryption, hmac-sha1, - hmac-sha224, hmac-sha256, hmac-sha384, hmac-sha512, - rsa-decrypt-oaep-2048-sha1, rsa-decrypt-oaep-2048-sha256, - rsa-decrypt-oaep-3072-sha1, rsa-decrypt-oaep-3072-sha256, - rsa-decrypt-oaep-4096-sha1, rsa-decrypt-oaep-4096-sha256, - rsa-decrypt-oaep-4096-sha512, rsa-sign-pkcs1-2048-sha256, - rsa-sign-pkcs1-3072-sha256, rsa-sign-pkcs1-4096-sha256, - rsa-sign-pkcs1-4096-sha512, rsa-sign-pss-2048-sha256, - rsa-sign-pss-3072-sha256, rsa-sign-pss-4096-sha256, - rsa-sign-pss-4096-sha512, rsa-sign-raw-pkcs1-2048, - rsa-sign-raw-pkcs1-3072, rsa-sign-raw-pkcs1-4096. + hmac-sha224, hmac-sha256, hmac-sha384, hmac-sha512, pq-sign-ml-dsa-65, + pq-sign-slh-dsa-sha2-128s, rsa-decrypt-oaep-2048-sha1, + rsa-decrypt-oaep-2048-sha256, rsa-decrypt-oaep-3072-sha1, + rsa-decrypt-oaep-3072-sha256, rsa-decrypt-oaep-4096-sha1, + rsa-decrypt-oaep-4096-sha256, rsa-decrypt-oaep-4096-sha512, + rsa-sign-pkcs1-2048-sha256, rsa-sign-pkcs1-3072-sha256, + rsa-sign-pkcs1-4096-sha256, rsa-sign-pkcs1-4096-sha512, + rsa-sign-pss-2048-sha256, rsa-sign-pss-3072-sha256, + rsa-sign-pss-4096-sha256, rsa-sign-pss-4096-sha512, + rsa-sign-raw-pkcs1-2048, rsa-sign-raw-pkcs1-3072, + rsa-sign-raw-pkcs1-4096. --next-rotation-time=NEXT_ROTATION_TIME Next automatic rotation time of the key. See $ gcloud topic datetimes diff --git a/gcloud/kms/keys/versions/get-public-key b/gcloud/kms/keys/versions/get-public-key index 51f1183ef..837880d36 100644 --- a/gcloud/kms/keys/versions/get-public-key +++ b/gcloud/kms/keys/versions/get-public-key @@ -5,21 +5,29 @@ NAME SYNOPSIS gcloud kms keys versions get-public-key VERSION [--key=KEY] [--keyring=KEYRING] [--location=LOCATION] [--output-file=OUTPUT_FILE] - [GCLOUD_WIDE_FLAG ...] + [--public-key-format=PUBLIC_KEY_FORMAT] [GCLOUD_WIDE_FLAG ...] DESCRIPTION - Returns the PEM-format public key for the specified asymmetric key version. + Returns the public key of the given asymmetric key version in the specified + format. - The optional flag output-file indicates the path to store PEM. If not - specified. PEM will be printed to stdout. + The optional flag output-file indicates the path to store the public key. + If not specified, the public key will be printed to stdout. + + The optional flag public-key-format indicates the format in which the + public key will be returned. For the PQC algorithms, this must be specified + and set to NIST_PQC. For all other algorithms, this flag is optional and + defaults to PEM. See "Retrieve a public key" in the Cloud KMS documentation + (https://cloud.google.com/kms/docs/retrieve-public-key) for more + information about the supported formats. EXAMPLES The following command saves the public key for CryptoKey frodo Version 2 to - '/tmp/my/pem.file': + '/tmp/my/public_key.file': $ gcloud kms keys versions get-public-key 2 --key=frodo \ --keyring=fellowship --location=us-east1 \ - --output-file=/tmp/my/pem.file + --public-key-format=PEM --output-file=/tmp/my/public_key.file POSITIONAL ARGUMENTS VERSION @@ -36,7 +44,10 @@ FLAGS Location of the keyring. --output-file=OUTPUT_FILE - Path to the output file to store PEM. + Path to the output file to store public key. + + --public-key-format=PUBLIC_KEY_FORMAT + The format in which the public key will be returned. GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, diff --git a/gcloud/kms/keys/versions/import b/gcloud/kms/keys/versions/import index 6195af20b..7d97173bd 100644 --- a/gcloud/kms/keys/versions/import +++ b/gcloud/kms/keys/versions/import @@ -34,16 +34,17 @@ REQUIRED FLAGS aes-128-cbc, aes-128-ctr, aes-128-gcm, aes-256-cbc, aes-256-ctr, aes-256-gcm, ec-sign-ed25519, ec-sign-p256-sha256, ec-sign-p384-sha384, ec-sign-secp256k1-sha256, google-symmetric-encryption, hmac-sha1, - hmac-sha224, hmac-sha256, hmac-sha384, hmac-sha512, - rsa-decrypt-oaep-2048-sha1, rsa-decrypt-oaep-2048-sha256, - rsa-decrypt-oaep-3072-sha1, rsa-decrypt-oaep-3072-sha256, - rsa-decrypt-oaep-4096-sha1, rsa-decrypt-oaep-4096-sha256, - rsa-decrypt-oaep-4096-sha512, rsa-sign-pkcs1-2048-sha256, - rsa-sign-pkcs1-3072-sha256, rsa-sign-pkcs1-4096-sha256, - rsa-sign-pkcs1-4096-sha512, rsa-sign-pss-2048-sha256, - rsa-sign-pss-3072-sha256, rsa-sign-pss-4096-sha256, - rsa-sign-pss-4096-sha512, rsa-sign-raw-pkcs1-2048, - rsa-sign-raw-pkcs1-3072, rsa-sign-raw-pkcs1-4096. + hmac-sha224, hmac-sha256, hmac-sha384, hmac-sha512, pq-sign-ml-dsa-65, + pq-sign-slh-dsa-sha2-128s, rsa-decrypt-oaep-2048-sha1, + rsa-decrypt-oaep-2048-sha256, rsa-decrypt-oaep-3072-sha1, + rsa-decrypt-oaep-3072-sha256, rsa-decrypt-oaep-4096-sha1, + rsa-decrypt-oaep-4096-sha256, rsa-decrypt-oaep-4096-sha512, + rsa-sign-pkcs1-2048-sha256, rsa-sign-pkcs1-3072-sha256, + rsa-sign-pkcs1-4096-sha256, rsa-sign-pkcs1-4096-sha512, + rsa-sign-pss-2048-sha256, rsa-sign-pss-3072-sha256, + rsa-sign-pss-4096-sha256, rsa-sign-pss-4096-sha512, + rsa-sign-raw-pkcs1-2048, rsa-sign-raw-pkcs1-3072, + rsa-sign-raw-pkcs1-4096. --import-job=IMPORT_JOB Name of the import job to import from. diff --git a/gcloud/network-security/security-profile-groups/create b/gcloud/network-security/security-profile-groups/create index 8d2c3f4e3..c6e0a70cb 100644 --- a/gcloud/network-security/security-profile-groups/create +++ b/gcloud/network-security/security-profile-groups/create @@ -7,6 +7,8 @@ SYNOPSIS (SECURITY_PROFILE_GROUP : --location=LOCATION --organization=ORGANIZATION) [--async] [--description=DESCRIPTION] [--labels=[KEY=VALUE,...]] + [--custom-mirroring-profile=CUSTOM_MIRRORING_PROFILE + : --custom-mirroring-profile-location=CUSTOM_MIRRORING_PROFILE_LOCATION --custom-mirroring-profile-organization=CUSTOM_MIRRORING_PROFILE_ORGANIZATION] [--threat-prevention-profile=THREAT_PREVENTION_PROFILE : --threat-prevention-profile-location=THREAT_PREVENTION_PROFILE_LOCATION --threat-prevention-profile-organization=THREAT_PREVENTION_PROFILE_ORGANIZATION] [GCLOUD_WIDE_FLAG ...] @@ -75,6 +77,48 @@ FLAGS contain only hyphens (-), underscores (_), lowercase characters, and numbers. + Security Profile resource - Path to Security Profile resource. The + arguments in this group can be used to specify the attributes of this + resource. + + --custom-mirroring-profile=CUSTOM_MIRRORING_PROFILE + ID of the Security Profile or fully qualified identifier for the + Security Profile. + + To set the custom-mirroring-profile-profile attribute: + ▸ provide the argument --custom-mirroring-profile on the command + line. + + This flag argument must be specified if any of the other arguments in + this group are specified. + + --custom-mirroring-profile-location=CUSTOM_MIRRORING_PROFILE_LOCATION + Location of the Security Profile. NOTE: Only global security profiles + are supported. + + To set the custom-mirroring-profile-location attribute: + ▸ provide the argument --custom-mirroring-profile on the command + line with a fully specified name; + ▸ provide the argument --custom-mirroring-profile-location on the + command line; + ▸ provide the argument --location on the command line; + ▸ provide the argument + networksecurity.organizations.locations.securityProfileGroups on + the command line with a fully specified name. + + --custom-mirroring-profile-organization=CUSTOM_MIRRORING_PROFILE_ORGANIZATION + Organization ID of the Security Profile. + + To set the custom-mirroring-profile-organization attribute: + ▸ provide the argument --custom-mirroring-profile on the command + line with a fully specified name; + ▸ provide the argument --custom-mirroring-profile-organization on + the command line; + ▸ provide the argument --organization on the command line; + ▸ provide the argument + networksecurity.organizations.locations.securityProfileGroups on + the command line with a fully specified name. + Security Profile resource - Path to Security Profile resource. The arguments in this group can be used to specify the attributes of this resource. diff --git a/gcloud/network-security/security-profiles/custom-mirroring/create b/gcloud/network-security/security-profiles/custom-mirroring/create new file mode 100644 index 000000000..4497a82bc --- /dev/null +++ b/gcloud/network-security/security-profiles/custom-mirroring/create @@ -0,0 +1,127 @@ +NAME + gcloud network-security security-profiles custom-mirroring create - create + a new Custom Mirroring Profile + +SYNOPSIS + gcloud network-security security-profiles custom-mirroring create + (SECURITY_PROFILE : --location=LOCATION --organization=ORGANIZATION) + (--mirroring-endpoint-group=MIRRORING_ENDPOINT_GROUP + : --mirroring-endpoint-group-location=MIRRORING_ENDPOINT_GROUP_LOCATION) + [--async] [--description=DESCRIPTION] [--labels=[KEY=VALUE,...]] + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Create a new Custom Mirroring Security Profile. + +EXAMPLES + To create a Custom Mirroring Security Profile named mirroring-profile + linked to a Mirroring Endpoint Group (q.v.), run: + + $ gcloud network-security security-profiles custom-mirroring \ + create mirroring-profile --description="A Mirroring Profile" \ + --mirroring-endpoint-group=projects/my-project/locations/\ + global/mirroringEndpointGroups/my-mep + +POSITIONAL ARGUMENTS + Security profile resource - Security Profile Name. The arguments in this + group can be used to specify the attributes of this resource. + + This must be specified. + + SECURITY_PROFILE + ID of the security_profile or fully qualified identifier for the + security_profile. + + To set the security_profile attribute: + ▸ provide the argument security_profile on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + location of the security_profile - Global. + + To set the location attribute: + ▸ provide the argument security_profile on the command line with a + fully specified name; + ▸ provide the argument --location on the command line. + + --organization=ORGANIZATION + Organization ID to which the changes should apply. + + To set the organization attribute: + ▸ provide the argument security_profile on the command line with a + fully specified name; + ▸ provide the argument --organization on the command line. + +REQUIRED FLAGS + Mirroring endpoint group resource - Mirroring Endpoint Group. The + arguments in this group can be used to specify the attributes of this + resource. (NOTE) Some attributes are not given arguments in this group but + can be set in other ways. + + To set the project attribute: + ◆ provide the argument --mirroring-endpoint-group on the command line + with a fully specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + --mirroring-endpoint-group=MIRRORING_ENDPOINT_GROUP + ID of the mirroring endpoint group or fully qualified identifier for + the mirroring endpoint group. + + To set the id attribute: + ▸ provide the argument --mirroring-endpoint-group on the command + line. + + This flag argument must be specified if any of the other arguments in + this group are specified. + + --mirroring-endpoint-group-location=MIRRORING_ENDPOINT_GROUP_LOCATION + Location of the mirroring endpoint group. + + To set the location attribute: + ▸ provide the argument --mirroring-endpoint-group on the command + line with a fully specified name; + ▸ provide the argument --mirroring-endpoint-group-location on the + command line; + ▸ provide the argument --location on the command line; + ▸ provide the argument + networksecurity.projects.locations.mirroringEndpointGroupAssociations + on the command line with a fully specified name. + +OPTIONAL FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. The default is False. + + --description=DESCRIPTION + Brief description of the security profile + + --labels=[KEY=VALUE,...] + List of label KEY=VALUE pairs to add. + + Keys must start with a lowercase character and contain only hyphens + (-), underscores (_), lowercase characters, and numbers. Values must + contain only hyphens (-), underscores (_), lowercase characters, and + numbers. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + These variants are also available: + + $ gcloud alpha network-security security-profiles custom-mirroring \ + create + + $ gcloud beta network-security security-profiles custom-mirroring \ + create + diff --git a/gcloud/network-security/security-profiles/custom-mirroring/delete b/gcloud/network-security/security-profiles/custom-mirroring/delete new file mode 100644 index 000000000..cf7cfcf12 --- /dev/null +++ b/gcloud/network-security/security-profiles/custom-mirroring/delete @@ -0,0 +1,78 @@ +NAME + gcloud network-security security-profiles custom-mirroring delete - delete + a Security Profile + +SYNOPSIS + gcloud network-security security-profiles custom-mirroring delete + (SECURITY_PROFILE : --location=LOCATION --organization=ORGANIZATION) + [--async] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Delete the specified Security Profile. + +EXAMPLES + To delete a Security Profile called my-security-profile run: + + $ gcloud network-security security-profiles custom-mirroring \ + delete my-security-profile + +POSITIONAL ARGUMENTS + Security profile resource - Name of the Security Profile you want to + delete. The arguments in this group can be used to specify the attributes + of this resource. + + This must be specified. + + SECURITY_PROFILE + ID of the security_profile or fully qualified identifier for the + security_profile. + + To set the security_profile attribute: + ▸ provide the argument security_profile on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + Location ID of the resource. + + To set the location attribute: + ▸ provide the argument security_profile on the command line with a + fully specified name; + ▸ provide the argument --location on the command line; + ▸ use default global location . + + --organization=ORGANIZATION + Organization number. + + To set the organization attribute: + ▸ provide the argument security_profile on the command line with a + fully specified name; + ▸ provide the argument --organization on the command line. + +FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +API REFERENCE + This command uses the networksecurity/v1 API. The full documentation for + this API can be found at: https://cloud.google.com/networking + +NOTES + These variants are also available: + + $ gcloud alpha network-security security-profiles custom-mirroring \ + delete + + $ gcloud beta network-security security-profiles custom-mirroring \ + delete + diff --git a/gcloud/network-security/security-profiles/custom-mirroring/describe b/gcloud/network-security/security-profiles/custom-mirroring/describe new file mode 100644 index 000000000..c3cf8f04e --- /dev/null +++ b/gcloud/network-security/security-profiles/custom-mirroring/describe @@ -0,0 +1,73 @@ +NAME + gcloud network-security security-profiles custom-mirroring describe - + describe a Custom MirroringSecurity Profile + +SYNOPSIS + gcloud network-security security-profiles custom-mirroring describe + (SECURITY_PROFILE : --location=LOCATION --organization=ORGANIZATION) + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Show details of the Security Profile. + +EXAMPLES + To show details of a Security Profile named my-mirroring-sp run: + + $ gcloud network-security security-profiles custom-mirroring \ + describe my-mirroring-sp --organization=1234 --location=global + +POSITIONAL ARGUMENTS + Security profile resource - Name of the Security Profile to be described. + The arguments in this group can be used to specify the attributes of this + resource. + + This must be specified. + + SECURITY_PROFILE + ID of the security_profile or fully qualified identifier for the + security_profile. + + To set the security_profile attribute: + ▸ provide the argument security_profile on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + Location ID of the resource. + + To set the location attribute: + ▸ provide the argument security_profile on the command line with a + fully specified name; + ▸ provide the argument --location on the command line; + ▸ use default global location . + + --organization=ORGANIZATION + Organization number. + + To set the organization attribute: + ▸ provide the argument security_profile on the command line with a + fully specified name; + ▸ provide the argument --organization on the command line. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +API REFERENCE + This command uses the networksecurity/v1 API. The full documentation for + this API can be found at: https://cloud.google.com/networking + +NOTES + These variants are also available: + + $ gcloud alpha network-security security-profiles custom-mirroring \ + describe + + $ gcloud beta network-security security-profiles custom-mirroring \ + describe + diff --git a/gcloud/network-security/security-profiles/custom-mirroring/help b/gcloud/network-security/security-profiles/custom-mirroring/help new file mode 100644 index 000000000..c66341bd0 --- /dev/null +++ b/gcloud/network-security/security-profiles/custom-mirroring/help @@ -0,0 +1,42 @@ +NAME + gcloud network-security security-profiles custom-mirroring - manage + Security Profiles - Custom Mirroring Profile + +SYNOPSIS + gcloud network-security security-profiles custom-mirroring COMMAND + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + This class provides commands for managing Custom Mirroring Security + Profile. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --help. + + Run $ gcloud help for details. + +COMMANDS + COMMAND is one of the following: + + create + Create a new Custom Mirroring Profile. + + delete + Delete a Security Profile. + + describe + Describe a Custom MirroringSecurity Profile. + + list + List Custom Mirroring Security Profiles. + + update + Updates a Custom Mirroring Profile. + +NOTES + These variants are also available: + + $ gcloud alpha network-security security-profiles custom-mirroring + + $ gcloud beta network-security security-profiles custom-mirroring + diff --git a/gcloud/network-security/security-profiles/custom-mirroring/list b/gcloud/network-security/security-profiles/custom-mirroring/list new file mode 100644 index 000000000..b7e3da27a --- /dev/null +++ b/gcloud/network-security/security-profiles/custom-mirroring/list @@ -0,0 +1,91 @@ +NAME + gcloud network-security security-profiles custom-mirroring list - list + Custom Mirroring Security Profiles + +SYNOPSIS + gcloud network-security security-profiles custom-mirroring list + [--location=LOCATION : --organization=ORGANIZATION] + [--filter=EXPRESSION] [--limit=LIMIT] [--page-size=PAGE_SIZE] + [--sort-by=[FIELD,...]] [--uri] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + List Custom Mirroring Security Profiles. + + For more examples, refer to the EXAMPLES section below. + +EXAMPLES + To list Custom Mirroring security profiles in an organization, run: + + $ gcloud network-security security-profiles custom-mirroring list \ + --organization=12345 --location=global + +FLAGS + Location resource - Parent resource for the list operation. The arguments + in this group can be used to specify the attributes of this resource. + + --location=LOCATION + ID of the location or fully qualified identifier for the location. + + To set the location attribute: + ▸ provide the argument --location on the command line. + + This flag argument must be specified if any of the other arguments in + this group are specified. + + --organization=ORGANIZATION + Organization ID of the location. + + To set the organization attribute: + ▸ provide the argument --location on the command line with a fully + specified name; + ▸ provide the argument --organization on the command line. + +LIST COMMAND FLAGS + --filter=EXPRESSION + Apply a Boolean filter EXPRESSION to each resource item to be listed. + If the expression evaluates True, then that item is listed. For more + details and examples of filter expressions, run $ gcloud topic filters. + This flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --limit=LIMIT + Maximum number of resources to list. The default is unlimited. This + flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --page-size=PAGE_SIZE + Some services group resource list output into pages. This flag + specifies the maximum number of resources per page. The default is + determined by the service if it supports paging, otherwise it is + unlimited (no paging). Paging may be applied before or after --filter + and --limit depending on the service. + + --sort-by=[FIELD,...] + Comma-separated list of resource field key names to sort by. The + default order is ascending. Prefix a field with ``~'' for descending + order on that field. This flag interacts with other flags that are + applied in this order: --flatten, --sort-by, --filter, --limit. + + --uri + Print a list of resource URIs instead of the default output, and change + the command output to a list of URIs. If this flag is used with + --format, the formatting is applied on this URI list. To display URIs + alongside other keys instead, use the uri() transform. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + These variants are also available: + + $ gcloud alpha network-security security-profiles custom-mirroring \ + list + + $ gcloud beta network-security security-profiles custom-mirroring \ + list + diff --git a/gcloud/network-security/security-profiles/custom-mirroring/update b/gcloud/network-security/security-profiles/custom-mirroring/update new file mode 100644 index 000000000..f155055dd --- /dev/null +++ b/gcloud/network-security/security-profiles/custom-mirroring/update @@ -0,0 +1,119 @@ +NAME + gcloud network-security security-profiles custom-mirroring update - updates + a Custom Mirroring Profile + +SYNOPSIS + gcloud network-security security-profiles custom-mirroring update + (SECURITY_PROFILE : --location=LOCATION --organization=ORGANIZATION) + [--async] [--description=DESCRIPTION] [--update-labels=[KEY=VALUE,...]] + [--clear-labels | --remove-labels=[KEY,...]] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Update a Custom Mirroring Security Profile. + + The supported fields for update are description and labels. + +EXAMPLES + To update the description of a Custom Mirroring Security Profile named + mirroring-profile, run: + + $ gcloud network-security security-profiles custom-mirroring \ + update mirroring-profile --description="A new description" \ + --organization=1234567890 --location=global + + To change the labels of a Custom Mirroring Security Profile named + mirroring-profile, run: + + $ gcloud network-security security-profiles custom-mirroring \ + update mirroring-profile \ + --update-labels=key1=value1,key2=value2 \ + --delete-labels=key3,key4 --organization=1234567890 \ + --location=glob + +POSITIONAL ARGUMENTS + Security profile resource - Security Profile Name. The arguments in this + group can be used to specify the attributes of this resource. + + This must be specified. + + SECURITY_PROFILE + ID of the security_profile or fully qualified identifier for the + security_profile. + + To set the security_profile attribute: + ▸ provide the argument security_profile on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + location of the security_profile - Global. + + To set the location attribute: + ▸ provide the argument security_profile on the command line with a + fully specified name; + ▸ provide the argument --location on the command line. + + --organization=ORGANIZATION + Organization ID to which the changes should apply. + + To set the organization attribute: + ▸ provide the argument security_profile on the command line with a + fully specified name; + ▸ provide the argument --organization on the command line. + +FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. The default is False. + + --description=DESCRIPTION + Brief description of the security profile + + --update-labels=[KEY=VALUE,...] + List of label KEY=VALUE pairs to update. If a label exists, its value + is modified. Otherwise, a new label is created. + + Keys must start with a lowercase character and contain only hyphens + (-), underscores (_), lowercase characters, and numbers. Values must + contain only hyphens (-), underscores (_), lowercase characters, and + numbers. + + At most one of these can be specified: + + --clear-labels + Remove all labels. If --update-labels is also specified then + --clear-labels is applied first. + + For example, to remove all labels: + + $ gcloud network-security security-profiles custom-mirroring \ + update --clear-labels + + To remove all existing labels and create two new labels, foo and baz: + + $ gcloud network-security security-profiles custom-mirroring \ + update --clear-labels --update-labels foo=bar,baz=qux + + --remove-labels=[KEY,...] + List of label keys to remove. If a label does not exist it is + silently ignored. If --update-labels is also specified then + --update-labels is applied first. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + These variants are also available: + + $ gcloud alpha network-security security-profiles custom-mirroring \ + update + + $ gcloud beta network-security security-profiles custom-mirroring \ + update + diff --git a/gcloud/network-security/security-profiles/help b/gcloud/network-security/security-profiles/help index a6678e0ac..b1ec96170 100644 --- a/gcloud/network-security/security-profiles/help +++ b/gcloud/network-security/security-profiles/help @@ -16,6 +16,9 @@ GCLOUD WIDE FLAGS GROUPS GROUP is one of the following: + custom-mirroring + Manage Security Profiles - Custom Mirroring Profile. + threat-prevention Manage Security Profiles - Threat Prevention Profile. diff --git a/gcloud/privateca/roots/create b/gcloud/privateca/roots/create index e12cf6558..051223261 100644 --- a/gcloud/privateca/roots/create +++ b/gcloud/privateca/roots/create @@ -4,7 +4,9 @@ NAME SYNOPSIS gcloud privateca roots create (CERTIFICATE_AUTHORITY : --location=LOCATION --pool=POOL) - [--auto-enable] [--bucket=BUCKET] [--dns-san=[DNS_SAN,...]] + [--auto-enable] [--bucket=BUCKET] + [--custom-aia-urls=[CUSTOM_AIA_URLS,...]] + [--custom-cdp-urls=[CUSTOM_CDP_URLS,...]] [--dns-san=[DNS_SAN,...]] [--email-san=[EMAIL_SAN,...]] [--from-ca=FROM_CA] [--ip-san=[IP_SAN,...]] [--labels=[KEY=VALUE,...]] [--subject=[SUBJECT,...]] [--subject-key-id=SUBJECT_KEY_ID] @@ -99,6 +101,16 @@ FLAGS certificates and CRLs for CAs in this pool. If omitted, a new bucket will be created and managed by the service on your behalf. + --custom-aia-urls=[CUSTOM_AIA_URLS,...] + One or more comma-separated URLs that will be added to the Authority + Information Access extension in the issued certificate. These URLs are + where the issuer CA certificate is located. + + --custom-cdp-urls=[CUSTOM_CDP_URLS,...] + One or more comma-separated URLs that will be added to the CRL + Distribution Points (CDP) extension in the issued certificate. These + URLs are where CRL information is located. + --dns-san=[DNS_SAN,...] One or more comma-separated DNS Subject Alternative Names. diff --git a/gcloud/privateca/subordinates/create b/gcloud/privateca/subordinates/create index e73ee46ae..62f9fff90 100644 --- a/gcloud/privateca/subordinates/create +++ b/gcloud/privateca/subordinates/create @@ -7,7 +7,9 @@ SYNOPSIS (CERTIFICATE_AUTHORITY : --location=LOCATION --pool=POOL) (--create-csr --csr-output-file=CSR_OUTPUT_FILE | [--issuer-pool=ISSUER_POOL : --issuer-location=ISSUER_LOCATION]) - [--auto-enable] [--bucket=BUCKET] [--dns-san=[DNS_SAN,...]] + [--auto-enable] [--bucket=BUCKET] + [--custom-aia-urls=[CUSTOM_AIA_URLS,...]] + [--custom-cdp-urls=[CUSTOM_CDP_URLS,...]] [--dns-san=[DNS_SAN,...]] [--email-san=[EMAIL_SAN,...]] [--from-ca=FROM_CA] [--ip-san=[IP_SAN,...]] [--issuer-ca=ISSUER_CA] [--labels=[KEY=VALUE,...]] [--subject=[SUBJECT,...]] @@ -164,6 +166,16 @@ OPTIONAL FLAGS certificates and CRLs for CAs in this pool. If omitted, a new bucket will be created and managed by the service on your behalf. + --custom-aia-urls=[CUSTOM_AIA_URLS,...] + One or more comma-separated URLs that will be added to the Authority + Information Access extension in the issued certificate. These URLs are + where the issuer CA certificate is located. + + --custom-cdp-urls=[CUSTOM_CDP_URLS,...] + One or more comma-separated URLs that will be added to the CRL + Distribution Points (CDP) extension in the issued certificate. These + URLs are where CRL information is located. + --dns-san=[DNS_SAN,...] One or more comma-separated DNS Subject Alternative Names. diff --git a/gcloud/sql/export/help b/gcloud/sql/export/help index c3dfab3bc..fe35c4a7c 100644 --- a/gcloud/sql/export/help +++ b/gcloud/sql/export/help @@ -24,6 +24,9 @@ COMMANDS sql Exports data from a Cloud SQL instance to a SQL file. + tde + Export a TDE certificate from a Cloud SQL for SQL Server instance. + NOTES These variants are also available: diff --git a/gcloud/sql/export/tde b/gcloud/sql/export/tde new file mode 100644 index 000000000..26013fcd1 --- /dev/null +++ b/gcloud/sql/export/tde @@ -0,0 +1,91 @@ +NAME + gcloud sql export tde - export a TDE certificate from a Cloud SQL for SQL + Server instance + +SYNOPSIS + gcloud sql export tde INSTANCE + (--cert-path=CERT_PATH --certificate=CERTIFICATE + --pvk-path=PVK_PATH (--prompt-for-pvk-password + | --pvk-password=PVK_PASSWORD)) [--async] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Exports a TDE certificate from a Cloud SQL instance to a Google Cloud + Storage bucket. This is only supported for SQL Server. + +EXAMPLES + To export a TDE certificate with the name foo and private key password + my-pvk-password in the Cloud SQL instance my-instance to certificate path + my-bucket/my-cert.cert and private key path my-bucket/my-key.pvk, run: + + $ gcloud sql export tde my-instance --certificate=foo \ + --cert-path=gs://my-bucket/my-cert.cert \ + --pvk-path=gs://my-bucket/my-key.pvk \ + --pvk-password=my-pvk-password + + To export a TDE certificate with the name foo and private key password + my-pvk-password in the Cloud SQL instance my-instance and prompting for the + private key password, run: + + $ gcloud sql export tde my-instance --certificate=foo \ + --cert-path=gs://my-bucket/my-cert.cert \ + --pvk-path=gs://my-bucket/my-key.pvk --prompt-for-pvk-password + +POSITIONAL ARGUMENTS + INSTANCE + Cloud SQL instance ID. + +REQUIRED FLAGS + Encryption info to support importing a TDE certificate file + + This must be specified. + + --cert-path=CERT_PATH + Path to the encryption certificate file in Google Cloud Storage. The + URI is in the form gs://bucketName/fileName. + + This flag argument must be specified if any of the other arguments in + this group are specified. + + --certificate=CERTIFICATE + Name of the encryption certificate. + + This flag argument must be specified if any of the other arguments in + this group are specified. + + --pvk-path=PVK_PATH + Path to the encryption private key file in Google Cloud Storage. The + URI is in the form gs://bucketName/fileName. + + This flag argument must be specified if any of the other arguments in + this group are specified. + + Exactly one of these must be specified: + + --prompt-for-pvk-password + Prompt for the private key password associated with the certificate + file with character echo disabled. The password is all typed + characters up to but not including the RETURN or ENTER key. + + --pvk-password=PVK_PASSWORD + The private key password associated with the certificate file. + +OPTIONAL FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + These variants are also available: + + $ gcloud alpha sql export tde + + $ gcloud beta sql export tde + diff --git a/gcloud/sql/import/bak b/gcloud/sql/import/bak index eb9bd3df2..8f83360c4 100644 --- a/gcloud/sql/import/bak +++ b/gcloud/sql/import/bak @@ -4,9 +4,9 @@ NAME SYNOPSIS gcloud sql import bak INSTANCE [URI] --database=DATABASE, -d DATABASE - [--async] [--bak-type=BAK_TYPE; default="FULL"] [--no-recovery] - [--recovery-only] [--stop-at=STOP_AT] [--stop-at-mark=STOP_AT_MARK] - [--[no-]striped] + [--async] [--bak-type=BAK_TYPE; default="FULL"] [--keep-encrypted] + [--no-recovery] [--recovery-only] [--stop-at=STOP_AT] + [--stop-at-mark=STOP_AT_MARK] [--[no-]striped] [--cert-path=CERT_PATH --pvk-path=PVK_PATH (--prompt-for-pvk-password | --pvk-password=PVK_PASSWORD)] [GCLOUD_WIDE_FLAG ...] @@ -55,6 +55,9 @@ OPTIONAL FLAGS Type of bak file that will be imported. Applicable to SQL Server only. BAK_TYPE must be one of: FULL, DIFF, TLOG. + --keep-encrypted + Whether or not to decrypt the imported encrypted BAK file. + --no-recovery Whether or not the SQL Server import is execueted with NORECOVERY keyword. diff --git a/gcloud/sql/import/help b/gcloud/sql/import/help index 65a3dc795..082789c6d 100644 --- a/gcloud/sql/import/help +++ b/gcloud/sql/import/help @@ -24,6 +24,9 @@ COMMANDS sql Imports data into a Cloud SQL instance from a SQL dump file. + tde + Import TDE certificate into a Cloud SQL for SQL Server instance. + NOTES These variants are also available: diff --git a/gcloud/sql/import/tde b/gcloud/sql/import/tde new file mode 100644 index 000000000..d400f6c5d --- /dev/null +++ b/gcloud/sql/import/tde @@ -0,0 +1,95 @@ +NAME + gcloud sql import tde - import TDE certificate into a Cloud SQL for SQL + Server instance + +SYNOPSIS + gcloud sql import tde INSTANCE + (--cert-path=CERT_PATH --certificate=CERTIFICATE + --pvk-path=PVK_PATH (--prompt-for-pvk-password + | --pvk-password=PVK_PASSWORD)) [--async] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + gcloud sql import tde imports a TDE certificate into a Cloud SQL instance + from a certificate file in Google Cloud Storage. + + For detailed help on importing data into Cloud SQL, refer to this guide: + https://cloud.google.com/sql/docs/sqlserver/import-export/importing + +EXAMPLES + To import a TDE certificate with the name foo and certificate path + my-bucket/my-cert.cert and private key path my-bucket/my-key.pvk and pvk + password my-pvk-password into the Cloud SQL instance my-instance, run: + + $ gcloud sql import tde my-instance --certificate=foo \ + --cert-path=gs://my-bucket/my-cert.cert \ + --pvk-path=gs://my-bucket/my-key.pvk \ + --pvk-password=my-pvk-password + + To import a TDE certificate with the name foo and certificate path + my-bucket/my-cert.cert and private key path my-bucket/my-key.pvk into the + Cloud SQL instance my-instance and prompting for the private key password, + run: + + $ gcloud sql import tde my-instance --certificate=foo \ + --cert-path=gs://my-bucket/my-cert.cert \ + --pvk-path=gs://my-bucket/my-key.pvk --prompt-for-pvk-password + +POSITIONAL ARGUMENTS + INSTANCE + Cloud SQL instance ID. + +REQUIRED FLAGS + Encryption info to support importing a TDE certificate file + + This must be specified. + + --cert-path=CERT_PATH + Path to the encryption certificate file in Google Cloud Storage. The + URI is in the form gs://bucketName/fileName. + + This flag argument must be specified if any of the other arguments in + this group are specified. + + --certificate=CERTIFICATE + Name of the encryption certificate. + + This flag argument must be specified if any of the other arguments in + this group are specified. + + --pvk-path=PVK_PATH + Path to the encryption private key file in Google Cloud Storage. The + URI is in the form gs://bucketName/fileName. + + This flag argument must be specified if any of the other arguments in + this group are specified. + + Exactly one of these must be specified: + + --prompt-for-pvk-password + Prompt for the private key password associated with the certificate + file with character echo disabled. The password is all typed + characters up to but not including the RETURN or ENTER key. + + --pvk-password=PVK_PASSWORD + The private key password associated with the certificate file. + +OPTIONAL FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + These variants are also available: + + $ gcloud alpha sql import tde + + $ gcloud beta sql import tde + diff --git a/gcloud/sql/instances/patch b/gcloud/sql/instances/patch index 16a36b077..034736ce1 100644 --- a/gcloud/sql/instances/patch +++ b/gcloud/sql/instances/patch @@ -22,6 +22,7 @@ SYNOPSIS [--enable-point-in-time-recovery] [--failover-dr-replica-name=FAILOVER_DR_REPLICA_NAME] [--follow-gae-app=FOLLOW_GAE_APP] + [--[no-]include-replicas-for-major-version-upgrade] [--[no-]insights-config-query-insights-enabled] [--insights-config-query-plans-per-minute=INSIGHTS_CONFIG_QUERY_PLANS_PER_MINUTE] [--insights-config-query-string-length=INSIGHTS_CONFIG_QUERY_STRING_LENGTH] @@ -231,6 +232,14 @@ FLAGS should follow. It must be in the same region as the instance. WARNING: Instance may be restarted. + --[no-]include-replicas-for-major-version-upgrade + Enable the major version upgrade of replicas when the in-place major + version upgrade of a primary instance is initated with + --database-version. Use --include-replicas-for-major-version-upgrade to + enable and --no-include-replicas-for-major--version-upgrade to disable. + Use --include-replicas-for-major-version-upgrade to enable and + --no-include-replicas-for-major-version-upgrade to disable. + --[no-]insights-config-query-insights-enabled Enable query insights feature to provide query and query plan analytics. diff --git a/gcloud/transfer/jobs/create b/gcloud/transfer/jobs/create index e653e7658..d9d053be0 100644 --- a/gcloud/transfer/jobs/create +++ b/gcloud/transfer/jobs/create @@ -376,7 +376,7 @@ FLAGS The states in which the actions specified in --log-actions are logged. Separate multiple states with a comma, omitting the space after the comma (e.g., --log-action-states=succeeded,failed). - LOG_ACTION_STATES must be one of: failed, succeeded. + LOG_ACTION_STATES must be one of: failed, skipped, succeeded. ADDITIONAL OPTIONS diff --git a/gcloud/transfer/jobs/update b/gcloud/transfer/jobs/update index f5df142ce..3b20eafb6 100644 --- a/gcloud/transfer/jobs/update +++ b/gcloud/transfer/jobs/update @@ -449,7 +449,7 @@ FLAGS The states in which the actions specified in --log-actions are logged. Separate multiple states with a comma, omitting the space after the comma (e.g., --log-action-states=succeeded,failed). - LOG_ACTION_STATES must be one of: failed, succeeded. + LOG_ACTION_STATES must be one of: failed, skipped, succeeded. ADDITIONAL OPTIONS