diff --git a/gcloud/_version b/gcloud/_version index 27f7e7b45..bf18703de 100644 --- a/gcloud/_version +++ b/gcloud/_version @@ -1,8 +1,8 @@ -Google Cloud SDK 431.0.0 -alpha 2023.05.12 -beta 2023.05.12 -bq 2.0.92 +Google Cloud SDK 432.0.0 +alpha 2023.05.19 +beta 2023.05.19 +bq 2.0.93 bundled-python3-unix 3.9.16 -core 2023.05.12 +core 2023.05.19 gcloud-crc32c 1.0.0 -gsutil 5.23 +gsutil 5.24 diff --git a/gcloud/ai/index-endpoints/create b/gcloud/ai/index-endpoints/create index 590727f7d..eb770a1c9 100644 --- a/gcloud/ai/index-endpoints/create +++ b/gcloud/ai/index-endpoints/create @@ -3,8 +3,9 @@ NAME SYNOPSIS gcloud ai index-endpoints create --display-name=DISPLAY_NAME - --network=NETWORK [--description=DESCRIPTION] - [--labels=[KEY=VALUE,...]] [--region=REGION] [GCLOUD_WIDE_FLAG ...] + [--description=DESCRIPTION] [--labels=[KEY=VALUE,...]] + [--network=NETWORK] [--public-endpoint-enabled] [--region=REGION] + [GCLOUD_WIDE_FLAG ...] EXAMPLES To create an index endpoint under project example with network @@ -19,10 +20,6 @@ REQUIRED FLAGS --display-name=DISPLAY_NAME Display name of the index endpoint. - --network=NETWORK - The Google Compute Engine network name to which the IndexEndpoint - should be peered. - OPTIONAL FLAGS --description=DESCRIPTION Description of the index endpoint. @@ -35,6 +32,13 @@ OPTIONAL FLAGS contain only hyphens (-), underscores (_), lowercase characters, and numbers. + --network=NETWORK + The Google Compute Engine network name to which the IndexEndpoint + should be peered. + + --public-endpoint-enabled + If true, the deployed index will be accessible through public endpoint. + Region resource - Cloud region to create index endpoint. This represents a Cloud resource. (NOTE) Some attributes are not given arguments in this group but can be set in other ways. diff --git a/gcloud/alpha/ai/index-endpoints/create b/gcloud/alpha/ai/index-endpoints/create index 0a84c9bcf..10c77391e 100644 --- a/gcloud/alpha/ai/index-endpoints/create +++ b/gcloud/alpha/ai/index-endpoints/create @@ -4,8 +4,9 @@ NAME SYNOPSIS gcloud alpha ai index-endpoints create --display-name=DISPLAY_NAME - --network=NETWORK [--description=DESCRIPTION] - [--labels=[KEY=VALUE,...]] [--region=REGION] [GCLOUD_WIDE_FLAG ...] + [--description=DESCRIPTION] [--labels=[KEY=VALUE,...]] + [--network=NETWORK] [--public-endpoint-enabled] [--region=REGION] + [GCLOUD_WIDE_FLAG ...] EXAMPLES To create an index endpoint under project example with network @@ -20,10 +21,6 @@ REQUIRED FLAGS --display-name=DISPLAY_NAME Display name of the index endpoint. - --network=NETWORK - The Google Compute Engine network name to which the IndexEndpoint - should be peered. - OPTIONAL FLAGS --description=DESCRIPTION Description of the index endpoint. @@ -36,6 +33,13 @@ OPTIONAL FLAGS contain only hyphens (-), underscores (_), lowercase characters, and numbers. + --network=NETWORK + The Google Compute Engine network name to which the IndexEndpoint + should be peered. + + --public-endpoint-enabled + If true, the deployed index will be accessible through public endpoint. + Region resource - Cloud region to create index endpoint. This represents a Cloud resource. (NOTE) Some attributes are not given arguments in this group but can be set in other ways. diff --git a/gcloud/alpha/artifacts/repositories/create b/gcloud/alpha/artifacts/repositories/create index 3de1b62eb..578665c1f 100644 --- a/gcloud/alpha/artifacts/repositories/create +++ b/gcloud/alpha/artifacts/repositories/create @@ -7,8 +7,7 @@ SYNOPSIS (REPOSITORY : --location=LOCATION) --repository-format=REPOSITORY_FORMAT [--allow-snapshot-overwrites] [--async] [--description=DESCRIPTION] [--kms-key=KMS_KEY] - [--labels=[KEY=VALUE,...]] - [--version-policy=VERSION_POLICY; default="NONE"] + [--labels=[KEY=VALUE,...]] [--version-policy=VERSION_POLICY] [GCLOUD_WIDE_FLAG ...] DESCRIPTION @@ -112,7 +111,7 @@ OPTIONAL FLAGS contain only hyphens (-), underscores (_), lowercase characters, and numbers. - --version-policy=VERSION_POLICY; default="NONE" + --version-policy=VERSION_POLICY (Maven only) The package versions that the repository will store. VERSION_POLICY must be one of: diff --git a/gcloud/alpha/batch/jobs/submit b/gcloud/alpha/batch/jobs/submit index 19aa962ed..908e35ed0 100644 --- a/gcloud/alpha/batch/jobs/submit +++ b/gcloud/alpha/batch/jobs/submit @@ -7,8 +7,8 @@ SYNOPSIS --container-entrypoint=CONTAINER_ENTRYPOINT --container-image-uri=CONTAINER_IMAGE_URI | --script-file-path=SCRIPT_FILE_PATH | --script-text=SCRIPT_TEXT) - [--machine-type=MACHINE_TYPE] [--priority=PRIORITY] - [--provisioning-model=PROVISIONING_MODEL] + [--job-prefix=JOB_PREFIX] [--machine-type=MACHINE_TYPE] + [--priority=PRIORITY] [--provisioning-model=PROVISIONING_MODEL] [--network=NETWORK --subnetwork=SUBNETWORK : --no-external-ip-address] [GCLOUD_WIDE_FLAG ...] @@ -119,6 +119,11 @@ REQUIRED FLAGS Text to run as first runnable in task spec. OPTIONAL FLAGS + --job-prefix=JOB_PREFIX + Specify the job prefix. A job ID in the format of job prefix + + %Y%m%d-%H%M%S will be generated. Note that job prefix cannot be + specified while JOB ID positional argument is specified. + --machine-type=MACHINE_TYPE Specify the Compute Engine machine type, for example, e2-standard-4. Currently only one machine type is supported. diff --git a/gcloud/alpha/builds/triggers/create/manual b/gcloud/alpha/builds/triggers/create/manual index 5a0e2624d..b336e320c 100644 --- a/gcloud/alpha/builds/triggers/create/manual +++ b/gcloud/alpha/builds/triggers/create/manual @@ -9,10 +9,10 @@ SYNOPSIS default="/" --dockerfile-image=DOCKERFILE_IMAGE]) : --description=DESCRIPTION --name=NAME --region=REGION --[no-]require-approval --service-account=SERVICE_ACCOUNT - --substitutions=[KEY=VALUE,...] (--branch=BRANCH - | --tag=TAG) (--repository=REPOSITORY + --substitutions=[KEY=VALUE,...] --branch=BRANCH + | --tag=TAG --repository=REPOSITORY | [--repo=REPO --repo-type=REPO_TYPE - : --github-enterprise-config=GITHUB_ENTERPRISE_CONFIG])]) + : --github-enterprise-config=GITHUB_ENTERPRISE_CONFIG]]) [GCLOUD_WIDE_FLAG ...] DESCRIPTION @@ -134,7 +134,7 @@ REQUIRED FLAGS Flags for repository and branch information - Exactly one of these must be specified: + At most one of these can be specified: --branch=BRANCH Branch to build. @@ -144,7 +144,7 @@ REQUIRED FLAGS Flags for repository information - Exactly one of these must be specified: + At most one of these can be specified: --repository=REPOSITORY Repository resource (2nd gen) to use, in the format diff --git a/gcloud/alpha/builds/triggers/create/pubsub b/gcloud/alpha/builds/triggers/create/pubsub index 4946587ad..b8f8675f3 100644 --- a/gcloud/alpha/builds/triggers/create/pubsub +++ b/gcloud/alpha/builds/triggers/create/pubsub @@ -11,10 +11,10 @@ SYNOPSIS : --description=DESCRIPTION --name=NAME --region=REGION --[no-]require-approval --service-account=SERVICE_ACCOUNT --subscription-filter=SUBSCRIPTION_FILTER - --substitutions=[KEY=VALUE,...] (--branch=BRANCH - | --tag=TAG) (--repository=REPOSITORY + --substitutions=[KEY=VALUE,...] --branch=BRANCH + | --tag=TAG --repository=REPOSITORY | [--repo=REPO --repo-type=REPO_TYPE - : --github-enterprise-config=GITHUB_ENTERPRISE_CONFIG])]) + : --github-enterprise-config=GITHUB_ENTERPRISE_CONFIG]]) [GCLOUD_WIDE_FLAG ...] DESCRIPTION @@ -152,7 +152,7 @@ REQUIRED FLAGS Flags for repository and branch information - Exactly one of these must be specified: + At most one of these can be specified: --branch=BRANCH Branch to build. @@ -162,7 +162,7 @@ REQUIRED FLAGS Flags for repository information - Exactly one of these must be specified: + At most one of these can be specified: --repository=REPOSITORY Repository resource (2nd gen) to use, in the format diff --git a/gcloud/alpha/builds/triggers/create/webhook b/gcloud/alpha/builds/triggers/create/webhook index ab07ff8e8..865ea61e4 100644 --- a/gcloud/alpha/builds/triggers/create/webhook +++ b/gcloud/alpha/builds/triggers/create/webhook @@ -11,10 +11,10 @@ SYNOPSIS : --description=DESCRIPTION --name=NAME --region=REGION --[no-]require-approval --service-account=SERVICE_ACCOUNT --subscription-filter=SUBSCRIPTION_FILTER - --substitutions=[KEY=VALUE,...] (--branch=BRANCH - | --tag=TAG) (--repository=REPOSITORY + --substitutions=[KEY=VALUE,...] --branch=BRANCH + | --tag=TAG --repository=REPOSITORY | [--repo=REPO --repo-type=REPO_TYPE - : --github-enterprise-config=GITHUB_ENTERPRISE_CONFIG])]) + : --github-enterprise-config=GITHUB_ENTERPRISE_CONFIG]]) [GCLOUD_WIDE_FLAG ...] DESCRIPTION @@ -158,7 +158,7 @@ REQUIRED FLAGS Flags for repository and branch information - Exactly one of these must be specified: + At most one of these can be specified: --branch=BRANCH Branch to build. @@ -168,7 +168,7 @@ REQUIRED FLAGS Flags for repository information - Exactly one of these must be specified: + At most one of these can be specified: --repository=REPOSITORY Repository resource (2nd gen) to use, in the format diff --git a/gcloud/alpha/composer/environments/run b/gcloud/alpha/composer/environments/run index a4abc735e..c1f7d9479 100644 --- a/gcloud/alpha/composer/environments/run +++ b/gcloud/alpha/composer/environments/run @@ -96,7 +96,10 @@ POSITIONAL ARGUMENTS for more info). [SUBCOMMAND_NESTED] - Additional subcommand in case it is nested. + Additional subcommand in case it is nested. The following is a list of + allowed nested subcommands: + ◆ db: check + ◆ all other subcommands: all nested subcommands are allowed [-- CMD_ARGS ...] Command line arguments to the subcommand. diff --git a/gcloud/alpha/compute/disks/update b/gcloud/alpha/compute/disks/update index 153b8b21a..06f004aad 100644 --- a/gcloud/alpha/compute/disks/update +++ b/gcloud/alpha/compute/disks/update @@ -46,7 +46,7 @@ FLAGS --provisioned-throughput=PROVISIONED_THROUGHPUT Provisioned throughput of disk to update. The throughput unit is MB per - sec. Only for use with disks of type hyperdisk-throughput + sec. --update-labels=[KEY=VALUE,...] List of label KEY=VALUE pairs to update. If a label exists, its value diff --git a/gcloud/alpha/compute/firewall-policies/rules/create b/gcloud/alpha/compute/firewall-policies/rules/create index 520fbd605..035d8741f 100644 --- a/gcloud/alpha/compute/firewall-policies/rules/create +++ b/gcloud/alpha/compute/firewall-policies/rules/create @@ -12,6 +12,7 @@ SYNOPSIS [--dest-threat-intelligence=[DEST_THREAT_INTELLIGENCE_LISTS,...]] [--direction=DIRECTION] [--[no-]disabled] [--[no-]enable-logging] [--layer4-configs=[LAYER4_CONFIG,...]] [--organization=ORGANIZATION] + [--security-profile-group=SECURITY_PROFILE_GROUP] [--src-address-groups=[SOURCE_ADDRESS_GROUPS,...]] [--src-fqdns=[SOURCE_FQDNS,...]] [--src-ip-ranges=[SRC_IP_RANGE,...]] [--src-region-codes=[SOURCE_REGION_CODES,...]] @@ -91,6 +92,17 @@ OPTIONAL FLAGS Organization which the organization firewall policy belongs to. Must be set if FIREWALL_POLICY is short name. + --security-profile-group=SECURITY_PROFILE_GROUP + An org-based security profile group to be used with + apply_security_profile_group action.Allowed formats are:a) + http(s):////organizations//locations/global/securityProfileGroups/b) + (//)/organizations//locations/global/securityProfileGroups/c) + In case 'c' gCloud CLI will create a reference matching format + 'a',but to make it work CLOUDSDK_API_ENDPOINT_OVERRIDES_NETWORKSERVICES + property must be set.In order to set this property, please run the + command 'gcloud config set api_endpoint_overrides/networkservices + https:///' + --src-address-groups=[SOURCE_ADDRESS_GROUPS,...] Source address groups to match for this rule. Can only be specified if DIRECTION is ingress. diff --git a/gcloud/alpha/compute/firewall-policies/rules/update b/gcloud/alpha/compute/firewall-policies/rules/update index 70bf8cab5..00f49044a 100644 --- a/gcloud/alpha/compute/firewall-policies/rules/update +++ b/gcloud/alpha/compute/firewall-policies/rules/update @@ -13,6 +13,7 @@ SYNOPSIS [--direction=DIRECTION] [--[no-]disabled] [--[no-]enable-logging] [--layer4-configs=[LAYER4_CONFIG,...]] [--new-priority=NEW_PRIORITY] [--organization=ORGANIZATION] + [--security-profile-group=SECURITY_PROFILE_GROUP] [--src-address-groups=[SOURCE_ADDRESS_GROUPS,...]] [--src-fqdns=[SOURCE_FQDNS,...]] [--src-ip-ranges=[SRC_IP_RANGE,...]] [--src-region-codes=[SOURCE_REGION_CODES,...]] @@ -96,6 +97,17 @@ OPTIONAL FLAGS Organization which the organization firewall policy belongs to. Must be set if FIREWALL_POLICY is short name. + --security-profile-group=SECURITY_PROFILE_GROUP + An org-based security profile group to be used with + apply_security_profile_group action.Allowed formats are:a) + http(s):////organizations//locations/global/securityProfileGroups/b) + (//)/organizations//locations/global/securityProfileGroups/c) + In case 'c' gCloud CLI will create a reference matching format + 'a',but to make it work CLOUDSDK_API_ENDPOINT_OVERRIDES_NETWORKSERVICES + property must be set.In order to set this property, please run the + command 'gcloud config set api_endpoint_overrides/networkservices + https:///' + --src-address-groups=[SOURCE_ADDRESS_GROUPS,...] Source address groups to match for this rule. Can only be specified if DIRECTION is ingress. diff --git a/gcloud/alpha/compute/instance-groups/managed/create b/gcloud/alpha/compute/instance-groups/managed/create index 24bee6da7..8b278dfeb 100644 --- a/gcloud/alpha/compute/instance-groups/managed/create +++ b/gcloud/alpha/compute/instance-groups/managed/create @@ -5,6 +5,7 @@ NAME SYNOPSIS gcloud alpha compute instance-groups managed create NAME --size=SIZE --template=TEMPLATE [--base-instance-name=BASE_INSTANCE_NAME] + [--default-action-on-vm-failure=ACTION_ON_VM_FAILURE] [--description=DESCRIPTION] [--[no-]force-update-on-repair] [--initial-delay=INITIAL_DELAY] [--instance-redistribution-type=TYPE] [--list-managed-instances-results=MODE] @@ -72,6 +73,17 @@ OPTIONAL FLAGS with the managed instance group. If not provided base instance name will be the prefix of instance group name. + --default-action-on-vm-failure=ACTION_ON_VM_FAILURE + Specifies the action that a MIG performs on a failed or an unhealthy + VM. A VM is marked as unhealthy when the application running on that VM + fails a health check. By default, the value of the flag is set to + repair. ACTION_ON_VM_FAILURE must be one of: + + do-nothing + MIG does not repair a failed or an unhealthy VM. + repair + MIG automatically repairs a failed or an unhealthy VM. + --description=DESCRIPTION An optional description for this group. diff --git a/gcloud/alpha/compute/instance-groups/managed/update b/gcloud/alpha/compute/instance-groups/managed/update index bdcb8ae94..0ba6bffb2 100644 --- a/gcloud/alpha/compute/instance-groups/managed/update +++ b/gcloud/alpha/compute/instance-groups/managed/update @@ -4,6 +4,7 @@ NAME SYNOPSIS gcloud alpha compute instance-groups managed update NAME + [--default-action-on-vm-failure=ACTION_ON_VM_FAILURE] [--description=DESCRIPTION] [--[no-]force-update-on-repair] [--instance-redistribution-type=TYPE] [--list-managed-instances-results=MODE] @@ -61,6 +62,17 @@ POSITIONAL ARGUMENTS Name of the managed instance group to update. FLAGS + --default-action-on-vm-failure=ACTION_ON_VM_FAILURE + Specifies the action that a MIG performs on a failed or an unhealthy + VM. A VM is marked as unhealthy when the application running on that VM + fails a health check. By default, the value of the flag is set to + repair. ACTION_ON_VM_FAILURE must be one of: + + do-nothing + MIG does not repair a failed or an unhealthy VM. + repair + MIG automatically repairs a failed or an unhealthy VM. + --description=DESCRIPTION An optional description for this group. To clear the description, set the value to an empty string. diff --git a/gcloud/alpha/compute/instance-templates/create b/gcloud/alpha/compute/instance-templates/create index 06e322ffa..57d800df8 100644 --- a/gcloud/alpha/compute/instance-templates/create +++ b/gcloud/alpha/compute/instance-templates/create @@ -251,6 +251,10 @@ FLAGS number of I/O operations per second that the disk can handle. Value must be between 10,000 and 120,000. + provisioned-throughput + Indicates how much throughput to provision for the disk. This sets + the number of throughput mb per second that the disk can handle. + disk-resource-policy Resource policy to apply to the disk. Specify a full or partial URL. For example: @@ -342,10 +346,6 @@ FLAGS be the same as the instance zone. You can't use this option with boot disks. - provisioned-throughput - Indicates how much throughput to provision for the disk. This sets - the number of throughput mb per second that the disk can handle. - --description=DESCRIPTION Specifies a textual description for the instance template. diff --git a/gcloud/alpha/compute/instance-templates/create-with-container b/gcloud/alpha/compute/instance-templates/create-with-container index fcea39c5d..7b2cbbc16 100644 --- a/gcloud/alpha/compute/instance-templates/create-with-container +++ b/gcloud/alpha/compute/instance-templates/create-with-container @@ -329,6 +329,10 @@ FLAGS number of I/O operations per second that the disk can handle. Value must be between 10,000 and 120,000. + provisioned-throughput + Indicates how much throughput to provision for the disk. This sets + the number of throughput mb per second that the disk can handle. + disk-resource-policy Resource policy to apply to the disk. Specify a full or partial URL. For example: diff --git a/gcloud/alpha/compute/instances/bulk/create b/gcloud/alpha/compute/instances/bulk/create index 28bdce800..1ce9ba06b 100644 --- a/gcloud/alpha/compute/instances/bulk/create +++ b/gcloud/alpha/compute/instances/bulk/create @@ -277,6 +277,10 @@ OPTIONAL FLAGS number of I/O operations per second that the disk can handle. Value must be between 10,000 and 120,000. + provisioned-throughput + Indicates how much throughput to provision for the disk. This sets + the number of throughput mb per second that the disk can handle. + disk-resource-policy Resource policy to apply to the disk. Specify a full or partial URL. For example: @@ -375,10 +379,6 @@ OPTIONAL FLAGS Path to a Customer-Supplied Encryption Key (CSEK) key file for the image. Must be specified with image-csek-required. - provisioned-throughput - Indicates how much throughput to provision for the disk. This sets - the number of throughput mb per second that the disk can handle. - --description=DESCRIPTION Specifies a textual description of the instances. diff --git a/gcloud/alpha/compute/instances/create b/gcloud/alpha/compute/instances/create index 23aff73a5..c97b9f564 100644 --- a/gcloud/alpha/compute/instances/create +++ b/gcloud/alpha/compute/instances/create @@ -282,6 +282,10 @@ FLAGS number of I/O operations per second that the disk can handle. Value must be between 10,000 and 120,000. + provisioned-throughput + Indicates how much throughput to provision for the disk. This sets + the number of throughput mb per second that the disk can handle. + disk-resource-policy Resource policy to apply to the disk. Specify a full or partial URL. For example: @@ -408,10 +412,6 @@ FLAGS be the same as the instance zone. You can't use this option with boot disks. - provisioned-throughput - Indicates how much throughput to provision for the disk. This sets - the number of throughput mb per second that the disk can handle. - --csek-key-file=FILE Path to a Customer-Supplied Encryption Key (CSEK) key file that maps Compute Engine resources to user managed keys to be used when creating, diff --git a/gcloud/alpha/compute/instances/create-with-container b/gcloud/alpha/compute/instances/create-with-container index 442cc1468..5a3a1e9d2 100644 --- a/gcloud/alpha/compute/instances/create-with-container +++ b/gcloud/alpha/compute/instances/create-with-container @@ -352,6 +352,10 @@ FLAGS number of I/O operations per second that the disk can handle. Value must be between 10,000 and 120,000. + provisioned-throughput + Indicates how much throughput to provision for the disk. This sets + the number of throughput mb per second that the disk can handle. + disk-resource-policy Resource policy to apply to the disk. Specify a full or partial URL. For example: diff --git a/gcloud/alpha/compute/interconnects/attachments/dedicated/create b/gcloud/alpha/compute/interconnects/attachments/dedicated/create index c1d85e889..716e85d5b 100644 --- a/gcloud/alpha/compute/interconnects/attachments/dedicated/create +++ b/gcloud/alpha/compute/interconnects/attachments/dedicated/create @@ -74,12 +74,11 @@ OPTIONAL FLAGS Up to 16 candidate prefixes that can be used to restrict the allocation of cloudRouterIpAddress and customerRouterIpAddress for this attachment. All prefixes must be within link-local address space. - Google will attempt to select an unused subnet of SUBNET_LENGTH from - the supplied candidate subnet(s), or all of link-local space if no - subnets supplied. Google will not re-use a subnet already in-use by - your project, even if it's contained in one of the candidate subnets. - The request will fail if all candidate subnets are in use at Google's - edge. + Google attempts to select an unused subnet of SUBNET_LENGTH from the + supplied candidate subnet(s), or all of link-local space if no subnets + supplied. Google does not re-use a subnet already in-use by your + project, even if it's contained in one of the candidate subnets. The + request fails if all candidate subnets are in use at Google's edge. --cloud-router-ipv6-interface-id=INTERFACE_ID If supplied, the interface id (index within the subnet) to be used for @@ -177,14 +176,7 @@ OPTIONAL FLAGS whose remote location's "constraints.subnetLengthRange" field specifies a minimum subnet length of 30. In that case, the default value is 30. The default value is recommended when there's no requirement on the - subnet length. SUBNET_LENGTH must be one of: - - 29: - subnet length 29. - 30: - subnet length 30. - - SUBNET_LENGTH must be one of: 29, 30. + subnet length. SUBNET_LENGTH must be one of: 29, 30. --vlan=VLAN Desired VLAN for this attachment, in the range 2-4093. If not supplied, diff --git a/gcloud/alpha/compute/interconnects/create b/gcloud/alpha/compute/interconnects/create index 0a9bfdee1..4185bb497 100644 --- a/gcloud/alpha/compute/interconnects/create +++ b/gcloud/alpha/compute/interconnects/create @@ -32,7 +32,7 @@ EXAMPLES $ gcloud alpha compute interconnects create \ example-cc-interconnect --interconnect-type=DEDICATED \ - --link-type=LINK_TYPE_ETHERNET_100G_LR \ + --link-type=LINK_TYPE_ETHERNET_10G_LR \ --location=example-zone1-1 --requested-link-count=1 \ --remote-location=example-remote-location \ --noc-contact-email=noc@example.com \ @@ -80,7 +80,7 @@ OPTIONAL FLAGS --customer-name=CUSTOMER_NAME Customer name to put in the Letter of Authorization as the party authorized to request an interconnect. This field is required for most - Interconnects, however it is prohibited when creating a Cross-Cloud + interconnects, however it is prohibited when creating a Cross-Cloud Interconnect. --description=DESCRIPTION diff --git a/gcloud/alpha/compute/interconnects/help b/gcloud/alpha/compute/interconnects/help index 6b4bf5de2..3976996ef 100644 --- a/gcloud/alpha/compute/interconnects/help +++ b/gcloud/alpha/compute/interconnects/help @@ -34,7 +34,7 @@ GROUPS configuration. remote-locations - (ALPHA) Read and manipulate Compute Engine interconnect remote + (ALPHA) Read and manipulate Google Compute Engine interconnect remote locations. COMMANDS diff --git a/gcloud/alpha/compute/interconnects/remote-locations/describe b/gcloud/alpha/compute/interconnects/remote-locations/describe index 417f1cbd4..0754f46e0 100644 --- a/gcloud/alpha/compute/interconnects/remote-locations/describe +++ b/gcloud/alpha/compute/interconnects/remote-locations/describe @@ -1,15 +1,16 @@ NAME gcloud alpha compute interconnects remote-locations describe - describe a - Compute Engine interconnect remote location + Google Compute Engine interconnect remote location SYNOPSIS gcloud alpha compute interconnects remote-locations describe NAME [GCLOUD_WIDE_FLAG ...] DESCRIPTION - (ALPHA) Displays all data associated with Compute Engine interconnect - remote location in a project. + (ALPHA) Displays all data associated with Google Compute Engine + interconnect remote location in a project. +EXAMPLES Example of usage: $ gcloud alpha compute interconnects remote-locations describe \ @@ -17,7 +18,7 @@ DESCRIPTION POSITIONAL ARGUMENTS NAME - Name of the interconnect remote location to describe. + Name of the Cloud Interconnect remote location to describe. GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, @@ -31,5 +32,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. + access allowlist. These variants are also available: + + $ gcloud compute interconnects remote-locations describe + + $ gcloud beta compute interconnects remote-locations describe diff --git a/gcloud/alpha/compute/interconnects/remote-locations/help b/gcloud/alpha/compute/interconnects/remote-locations/help index bb7f9340f..cc5af2924 100644 --- a/gcloud/alpha/compute/interconnects/remote-locations/help +++ b/gcloud/alpha/compute/interconnects/remote-locations/help @@ -1,6 +1,6 @@ NAME gcloud alpha compute interconnects remote-locations - read and manipulate - Compute Engine interconnect remote locations + Google Compute Engine interconnect remote locations SYNOPSIS gcloud alpha compute interconnects remote-locations COMMAND @@ -18,14 +18,18 @@ COMMANDS COMMAND is one of the following: describe - (ALPHA) Describe a Compute Engine interconnect remote location. + (ALPHA) Describe a Google Compute Engine interconnect remote location. list - (ALPHA) List Google Compute Engine interconnect remote locations. + (ALPHA) List Google Compute Engine Cloud Interconnect remote locations. NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. + access allowlist. These variants are also available: + + $ gcloud compute interconnects remote-locations + + $ gcloud beta compute interconnects remote-locations diff --git a/gcloud/alpha/compute/interconnects/remote-locations/list b/gcloud/alpha/compute/interconnects/remote-locations/list index adf7a2604..f3edf2b8d 100644 --- a/gcloud/alpha/compute/interconnects/remote-locations/list +++ b/gcloud/alpha/compute/interconnects/remote-locations/list @@ -1,6 +1,6 @@ NAME gcloud alpha compute interconnects remote-locations list - list Google - Compute Engine interconnect remote locations + Compute Engine Cloud Interconnect remote locations SYNOPSIS gcloud alpha compute interconnects remote-locations list @@ -9,14 +9,16 @@ SYNOPSIS DESCRIPTION (ALPHA) gcloud alpha compute interconnects remote-locations list displays - all Google Compute Engine interconnect remote locations in a project. + all Google Compute Engine Cloud Interconnect remote locations in a project. EXAMPLES - To list all interconnect remote locations in a project in table form, run: + To list all Cloud Interconnect remote locations in a project in table form, + run: $ gcloud alpha compute interconnects remote-locations list - To list the URIs of all interconnect remote locations in a project, run: + To list the URIs of all Cloud Interconnect remote locations in a project, + run: $ gcloud alpha compute interconnects remote-locations list --uri @@ -64,5 +66,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. + access allowlist. These variants are also available: + + $ gcloud compute interconnects remote-locations list + + $ gcloud beta compute interconnects remote-locations list diff --git a/gcloud/alpha/compute/network-firewall-policies/rules/create b/gcloud/alpha/compute/network-firewall-policies/rules/create index 1a9a91932..b58532ace 100644 --- a/gcloud/alpha/compute/network-firewall-policies/rules/create +++ b/gcloud/alpha/compute/network-firewall-policies/rules/create @@ -12,6 +12,7 @@ SYNOPSIS [--dest-threat-intelligence=[DEST_THREAT_INTELLIGENCE_LISTS,...]] [--direction=DIRECTION] [--[no-]disabled] [--[no-]enable-logging] [--layer4-configs=[LAYER4_CONFIG,...]] + [--security-profile-group=SECURITY_PROFILE_GROUP] [--src-address-groups=[SOURCE_ADDRESS_GROUPS,...]] [--src-fqdns=[SOURCE_FQDNS,...]] [--src-ip-ranges=[SRC_IP_RANGE,...]] [--src-region-codes=[SOURCE_REGION_CODES,...]] @@ -96,6 +97,10 @@ OPTIONAL FLAGS A list of destination protocols and ports to which the firewall rule will apply. + --security-profile-group=SECURITY_PROFILE_GROUP + A security profile group to be used with apply_security_profile_group + action. + --src-address-groups=[SOURCE_ADDRESS_GROUPS,...] Source address groups to match for this rule. Can only be specified if DIRECTION is ingress. diff --git a/gcloud/alpha/compute/network-firewall-policies/rules/update b/gcloud/alpha/compute/network-firewall-policies/rules/update index 963488bd1..15ec05add 100644 --- a/gcloud/alpha/compute/network-firewall-policies/rules/update +++ b/gcloud/alpha/compute/network-firewall-policies/rules/update @@ -12,6 +12,7 @@ SYNOPSIS [--dest-threat-intelligence=[DEST_THREAT_INTELLIGENCE_LISTS,...]] [--direction=DIRECTION] [--[no-]disabled] [--[no-]enable-logging] [--layer4-configs=[LAYER4_CONFIG,...]] [--new-priority=NEW_PRIORITY] + [--security-profile-group=SECURITY_PROFILE_GROUP] [--src-address-groups=[SOURCE_ADDRESS_GROUPS,...]] [--src-fqdns=[SOURCE_FQDNS,...]] [--src-ip-ranges=[SRC_IP_RANGE,...]] [--src-region-codes=[SOURCE_REGION_CODES,...]] @@ -92,6 +93,10 @@ OPTIONAL FLAGS --new-priority=NEW_PRIORITY New priority for the rule to update. Valid in [0, 65535]. + --security-profile-group=SECURITY_PROFILE_GROUP + A security profile group to be used with apply_security_profile_group + action. + --src-address-groups=[SOURCE_ADDRESS_GROUPS,...] Source address groups to match for this rule. Can only be specified if DIRECTION is ingress. diff --git a/gcloud/alpha/compute/queued-resources/create b/gcloud/alpha/compute/queued-resources/create index c99d38199..aad9c1b2b 100644 --- a/gcloud/alpha/compute/queued-resources/create +++ b/gcloud/alpha/compute/queued-resources/create @@ -261,6 +261,10 @@ OPTIONAL FLAGS number of I/O operations per second that the disk can handle. Value must be between 10,000 and 120,000. + provisioned-throughput + Indicates how much throughput to provision for the disk. This sets + the number of throughput mb per second that the disk can handle. + disk-resource-policy Resource policy to apply to the disk. Specify a full or partial URL. For example: @@ -359,10 +363,6 @@ OPTIONAL FLAGS Path to a Customer-Supplied Encryption Key (CSEK) key file for the image. Must be specified with image-csek-required. - provisioned-throughput - Indicates how much throughput to provision for the disk. This sets - the number of throughput mb per second that the disk can handle. - --description=DESCRIPTION Specifies a textual description of the instances. diff --git a/gcloud/alpha/compute/routers/nats/create b/gcloud/alpha/compute/routers/nats/create index 3a94f62f4..48d02a3aa 100644 --- a/gcloud/alpha/compute/routers/nats/create +++ b/gcloud/alpha/compute/routers/nats/create @@ -128,10 +128,13 @@ OPTIONAL FLAGS For VM Endpoints ENDPOINT_TYPE_SWG For Secure Web Gateway Endpoints + ENDPOINT_TYPE_MANAGED_PROXY_LB + For Regional Internal/External HTTP(S) and TCP Proxy load balancer endpoints The default is ENDPOINT_TYPE_VM. - ENDPOINT_TYPE must be one of: ENDPOINT_TYPE_VM, ENDPOINT_TYPE_SWG. + ENDPOINT_TYPE must be one of: ENDPOINT_TYPE_VM, ENDPOINT_TYPE_SWG, + ENDPOINT_TYPE_MANAGED_PROXY_LB. --icmp-idle-timeout=ICMP_IDLE_TIMEOUT Timeout for ICMP connections. See diff --git a/gcloud/alpha/compute/target-http-proxies/create b/gcloud/alpha/compute/target-http-proxies/create index 886da0a9e..58a6ecad1 100644 --- a/gcloud/alpha/compute/target-http-proxies/create +++ b/gcloud/alpha/compute/target-http-proxies/create @@ -4,7 +4,9 @@ NAME SYNOPSIS gcloud alpha compute target-http-proxies create NAME --url-map=URL_MAP - [--description=DESCRIPTION] [--proxy-bind] [--global | --region=REGION] + [--description=DESCRIPTION] + [--http-keep-alive-timeout-sec=HTTP_KEEP_ALIVE_TIMEOUT_SEC] + [--proxy-bind] [--global | --region=REGION] [--global-url-map | --url-map-region=URL_MAP_REGION] [GCLOUD_WIDE_FLAG ...] @@ -48,6 +50,13 @@ OPTIONAL FLAGS --description=DESCRIPTION An optional, textual description for the target HTTP proxy. + --http-keep-alive-timeout-sec=HTTP_KEEP_ALIVE_TIMEOUT_SEC + Specifies how long to keep a connection open, after completing a + response, while there is no matching traffic (in seconds). If an HTTP + keep-alive is not specified, a default value (610 seconds) will be + used. For Global external HTTP(S) load balancer, the minimum allowed + value is 5 seconds and the maximum allowed value is 1200 seconds. + --proxy-bind This flag applies when the load_balancing_scheme of the associated backend service is INTERNAL_SELF_MANAGED. When specified, the envoy diff --git a/gcloud/alpha/compute/target-http-proxies/update b/gcloud/alpha/compute/target-http-proxies/update index b5e15f93b..0f47b74e8 100644 --- a/gcloud/alpha/compute/target-http-proxies/update +++ b/gcloud/alpha/compute/target-http-proxies/update @@ -4,6 +4,8 @@ NAME SYNOPSIS gcloud alpha compute target-http-proxies update NAME --url-map=URL_MAP + [--clear-http-keep-alive-timeout-sec + | --http-keep-alive-timeout-sec=HTTP_KEEP_ALIVE_TIMEOUT_SEC] [--global | --region=REGION] [--global-url-map | --url-map-region=URL_MAP_REGION] [GCLOUD_WIDE_FLAG ...] @@ -41,6 +43,18 @@ REQUIRED FLAGS referring to, you must first delete the target HTTP proxy. OPTIONAL FLAGS + At most one of these can be specified: + + --clear-http-keep-alive-timeout-sec + Clears previously configured http keep alive timeout sec + + --http-keep-alive-timeout-sec=HTTP_KEEP_ALIVE_TIMEOUT_SEC + Specifies how long to keep a connection open, after completing a + response, while there is no matching traffic (in seconds). If an HTTP + keep-alive is not specified, a default value (610 seconds) will be + used. For Global external HTTP(S) load balancer, the minimum allowed + value is 5 seconds and the maximum allowed value is 1200 seconds. + At most one of these can be specified: --global diff --git a/gcloud/alpha/compute/target-https-proxies/create b/gcloud/alpha/compute/target-https-proxies/create index aa27e4461..731891d5c 100644 --- a/gcloud/alpha/compute/target-https-proxies/create +++ b/gcloud/alpha/compute/target-https-proxies/create @@ -5,8 +5,9 @@ NAME SYNOPSIS gcloud alpha compute target-https-proxies create NAME --url-map=URL_MAP [--certificate-map=CERTIFICATE_MAP] [--description=DESCRIPTION] + [--http-keep-alive-timeout-sec=HTTP_KEEP_ALIVE_TIMEOUT_SEC] [--proxy-bind] [--quic-override=QUIC_OVERRIDE; default="NONE"] - [--ssl-policy=SSL_POLICY] + [--server-tls-policy=SERVER_TLS_POLICY] [--ssl-policy=SSL_POLICY] [--certificate-manager-certificates=[CERTIFICATE_MANAGER_CERTIFICATES, ...] | --ssl-certificates=SSL_CERTIFICATE,[...]] [--global | --region=REGION] @@ -78,6 +79,13 @@ OPTIONAL FLAGS --description=DESCRIPTION An optional, textual description for the target HTTPS proxy. + --http-keep-alive-timeout-sec=HTTP_KEEP_ALIVE_TIMEOUT_SEC + Specifies how long to keep a connection open, after completing a + response, while there is no matching traffic (in seconds). If an HTTP + keep-alive is not specified, a default value (610 seconds) will be + used. For Global external HTTP(S) load balancer, the minimum allowed + value is 5 seconds and the maximum allowed value is 1200 seconds. + --proxy-bind This flag applies when the load_balancing_scheme of the associated backend service is INTERNAL_SELF_MANAGED. When specified, the envoy @@ -97,6 +105,28 @@ OPTIONAL FLAGS NONE Allows Google to control when QUIC is rolled out. + Server tls policy resource - The server TLS policy to attach. This + represents a Cloud resource. (NOTE) Some attributes are not given + arguments in this group but can be set in other ways. + + To set the project attribute: + ◆ provide the argument --server-tls-policy on the command line with a + fully specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + To set the location attribute: + ◆ provide the argument --server-tls-policy on the command line with a + fully specified name; + ◆ default value of location is [global]. + + --server-tls-policy=SERVER_TLS_POLICY + ID of the server_tls_policy or fully qualified identifier for the + server_tls_policy. + + To set the server_tls_policy attribute: + ▸ provide the argument --server-tls-policy on the command line. + --ssl-policy=SSL_POLICY A reference to an SSL policy resource that defines the server-side support for SSL features and affects the connections between clients diff --git a/gcloud/alpha/compute/target-https-proxies/update b/gcloud/alpha/compute/target-https-proxies/update index 5ebffb71f..d0a312e36 100644 --- a/gcloud/alpha/compute/target-https-proxies/update +++ b/gcloud/alpha/compute/target-https-proxies/update @@ -10,6 +10,9 @@ SYNOPSIS | --ssl-certificates=SSL_CERTIFICATE,[...] --global-ssl-certificates | --ssl-certificates-region=SSL_CERTIFICATES_REGION | --certificate-map=CERTIFICATE_MAP | --clear-certificate-map] + [--clear-http-keep-alive-timeout-sec + | --http-keep-alive-timeout-sec=HTTP_KEEP_ALIVE_TIMEOUT_SEC] + [--clear-server-tls-policy | --server-tls-policy=SERVER_TLS_POLICY] [--clear-ssl-policy | --ssl-policy=SSL_POLICY --global-ssl-policy | --ssl-policy-region=SSL_POLICY_REGION] [--global | --region=REGION] [--global-url-map | --url-map-region=URL_MAP_REGION] @@ -160,6 +163,45 @@ FLAGS --clear-certificate-map Removes any attached certificate map from the HTTPS proxy. + At most one of these can be specified: + + --clear-http-keep-alive-timeout-sec + Clears previously configured http keep alive timeout sec + + --http-keep-alive-timeout-sec=HTTP_KEEP_ALIVE_TIMEOUT_SEC + Specifies how long to keep a connection open, after completing a + response, while there is no matching traffic (in seconds). If an HTTP + keep-alive is not specified, a default value (610 seconds) will be + used. For Global external HTTP(S) load balancer, the minimum allowed + value is 5 seconds and the maximum allowed value is 1200 seconds. + + At most one of these can be specified: + + --clear-server-tls-policy + Removes any attached Server TLS policy. + + Server tls policy resource - The server TLS policy to attach. This + represents a Cloud resource. (NOTE) Some attributes are not given + arguments in this group but can be set in other ways. + + To set the project attribute: + ▸ provide the argument --server-tls-policy on the command line with a + fully specified name; + ▸ provide the argument --project on the command line; + ▸ set the property core/project. + + To set the location attribute: + ▸ provide the argument --server-tls-policy on the command line with a + fully specified name; + ▸ default value of location is [global]. + + --server-tls-policy=SERVER_TLS_POLICY + ID of the server_tls_policy or fully qualified identifier for the + server_tls_policy. + + To set the server_tls_policy attribute: + ▫ provide the argument --server-tls-policy on the command line. + At most one of these can be specified: --clear-ssl-policy diff --git a/gcloud/alpha/config/get b/gcloud/alpha/config/get index e9614d1c9..e3cb27550 100644 --- a/gcloud/alpha/config/get +++ b/gcloud/alpha/config/get @@ -204,6 +204,10 @@ AVAILABLE PROPERTIES Overrides API endpoint for gcloud app command group. Defaults to https://appengine.googleapis.com/ + apphub + Overrides API endpoint for gcloud apphub command group. Defaults to + https://apphub.googleapis.com/ + artifactregistry Overrides API endpoint for gcloud artifacts command group. Defaults to https://artifactregistry.googleapis.com/ diff --git a/gcloud/alpha/config/help b/gcloud/alpha/config/help index a9789cbc0..80def35c7 100644 --- a/gcloud/alpha/config/help +++ b/gcloud/alpha/config/help @@ -236,6 +236,10 @@ AVAILABLE PROPERTIES Overrides API endpoint for gcloud app command group. Defaults to https://appengine.googleapis.com/ + apphub + Overrides API endpoint for gcloud apphub command group. Defaults to + https://apphub.googleapis.com/ + artifactregistry Overrides API endpoint for gcloud artifacts command group. Defaults to https://artifactregistry.googleapis.com/ diff --git a/gcloud/alpha/config/list b/gcloud/alpha/config/list index 2a2e21c7d..f6c90ab59 100644 --- a/gcloud/alpha/config/list +++ b/gcloud/alpha/config/list @@ -248,6 +248,10 @@ AVAILABLE PROPERTIES Overrides API endpoint for gcloud app command group. Defaults to https://appengine.googleapis.com/ + apphub + Overrides API endpoint for gcloud apphub command group. Defaults to + https://apphub.googleapis.com/ + artifactregistry Overrides API endpoint for gcloud artifacts command group. Defaults to https://artifactregistry.googleapis.com/ diff --git a/gcloud/alpha/config/set b/gcloud/alpha/config/set index 91c05a9e3..c0d9500df 100644 --- a/gcloud/alpha/config/set +++ b/gcloud/alpha/config/set @@ -251,6 +251,10 @@ AVAILABLE PROPERTIES Overrides API endpoint for gcloud app command group. Defaults to https://appengine.googleapis.com/ + apphub + Overrides API endpoint for gcloud apphub command group. Defaults to + https://apphub.googleapis.com/ + artifactregistry Overrides API endpoint for gcloud artifacts command group. Defaults to https://artifactregistry.googleapis.com/ diff --git a/gcloud/alpha/config/unset b/gcloud/alpha/config/unset index f0212dbf6..60673c511 100644 --- a/gcloud/alpha/config/unset +++ b/gcloud/alpha/config/unset @@ -212,6 +212,10 @@ AVAILABLE PROPERTIES Overrides API endpoint for gcloud app command group. Defaults to https://appengine.googleapis.com/ + apphub + Overrides API endpoint for gcloud apphub command group. Defaults to + https://apphub.googleapis.com/ + artifactregistry Overrides API endpoint for gcloud artifacts command group. Defaults to https://artifactregistry.googleapis.com/ diff --git a/gcloud/alpha/container/bare-metal/admin-clusters/unenroll b/gcloud/alpha/container/bare-metal/admin-clusters/unenroll index a0cd89168..aaaaad237 100644 --- a/gcloud/alpha/container/bare-metal/admin-clusters/unenroll +++ b/gcloud/alpha/container/bare-metal/admin-clusters/unenroll @@ -6,7 +6,7 @@ NAME SYNOPSIS gcloud alpha container bare-metal admin-clusters unenroll (ADMIN_CLUSTER : --location=LOCATION) [--allow-missing] [--async] - [--validate-only] [GCLOUD_WIDE_FLAG ...] + [--ignore-errors] [--validate-only] [GCLOUD_WIDE_FLAG ...] DESCRIPTION (ALPHA) Unenroll an Anthos on bare metal admin cluster so that it is no @@ -61,6 +61,10 @@ FLAGS Return immediately, without waiting for the operation in progress to complete. + --ignore-errors + If set, the unenrollment of a bare metal admin cluster resource will + succeed even if errors occur during unenrollment. + --validate-only If set, only validate the request, but do not actually perform the operation. diff --git a/gcloud/alpha/container/bare-metal/operations/wait b/gcloud/alpha/container/bare-metal/operations/wait index 14d9c6cd8..fa41338ad 100644 --- a/gcloud/alpha/container/bare-metal/operations/wait +++ b/gcloud/alpha/container/bare-metal/operations/wait @@ -4,7 +4,8 @@ NAME SYNOPSIS gcloud alpha container bare-metal operations wait - (OPERATION_ID : --location=LOCATION) [GCLOUD_WIDE_FLAG ...] + (OPERATION_ID : --location=LOCATION) [--timeout=TIMEOUT] + [GCLOUD_WIDE_FLAG ...] DESCRIPTION (ALPHA) Poll an operation for completion. @@ -47,6 +48,10 @@ POSITIONAL ARGUMENTS ▸ provide the argument --location on the command line; ▸ set the property container_bare_metal/location. +FLAGS + --timeout=TIMEOUT + Timeout (seconds) waiting for the operation to complete. + GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, diff --git a/gcloud/alpha/container/vmware/clusters/create b/gcloud/alpha/container/vmware/clusters/create index 1deb2cc08..5d6a672b8 100644 --- a/gcloud/alpha/container/vmware/clusters/create +++ b/gcloud/alpha/container/vmware/clusters/create @@ -29,8 +29,9 @@ SYNOPSIS [ips=IPS],[netmask=NETMASK]) [--admin-users=ADMIN_USERS] [--annotations=[KEY=VALUE,...]] [--async] [--description=DESCRIPTION] [--disable-aag-config] [--disable-vsphere-csi] [--enable-auto-repair] - [--enable-control-plane-v2] [--enable-vm-tracking] [--validate-only] + [--enable-vm-tracking] [--validate-only] [--cpus=CPUS --enable-auto-resize --memory=MEMORY --replicas=REPLICAS] + [--disable-control-plane-v2 | --enable-control-plane-v2] [--enable-advanced-networking --enable-dataplane-v2] [GCLOUD_WIDE_FLAG ...] @@ -278,6 +279,16 @@ OPTIONAL FLAGS Users that will be granted the cluster-admin role on the cluster, providing full access to the cluster. + To add multiple users, specify one in each flag. When updating, the + update command overwrites the whole grant list. Specify all existing + and new users that you want to be cluster administrators. + + Examples: + + $ gcloud alpha container vmware clusters create + --admin-users alice@example.com + --admin-users bob@example.com + --annotations=[KEY=VALUE,...] Annotations on the VMware user cluster. @@ -305,9 +316,6 @@ OPTIONAL FLAGS --enable-auto-repair If set, deploy the cluster-health-controller. - --enable-control-plane-v2 - If set, enable control plane v2. - --enable-vm-tracking If set, enable VM tracking. @@ -334,6 +342,14 @@ OPTIONAL FLAGS Number of control plane nodes for this VMware user cluster. (default: 1 replica). + At most one of these can be specified: + + --disable-control-plane-v2 + If set, disable control plane v2. + + --enable-control-plane-v2 + If set, enable control plane v2. + Dataplane V2 configurations --enable-advanced-networking diff --git a/gcloud/alpha/container/vmware/clusters/update b/gcloud/alpha/container/vmware/clusters/update index e554642cc..03ff41a86 100644 --- a/gcloud/alpha/container/vmware/clusters/update +++ b/gcloud/alpha/container/vmware/clusters/update @@ -66,6 +66,16 @@ FLAGS Users that will be granted the cluster-admin role on the cluster, providing full access to the cluster. + To add multiple users, specify one in each flag. When updating, the + update command overwrites the whole grant list. Specify all existing + and new users that you want to be cluster administrators. + + Examples: + + $ gcloud alpha container vmware clusters update + --admin-users alice@example.com + --admin-users bob@example.com + --async Return immediately, without waiting for the operation in progress to complete. diff --git a/gcloud/alpha/netapp/volumes/create b/gcloud/alpha/netapp/volumes/create index 73a9b378f..5acd5db1e 100644 --- a/gcloud/alpha/netapp/volumes/create +++ b/gcloud/alpha/netapp/volumes/create @@ -3,8 +3,7 @@ NAME SYNOPSIS gcloud alpha netapp volumes create (VOLUME : --location=LOCATION) - --capacity=CAPACITY - --network=[name=NAME],[reserved-ip-range=RESERVED-IP-RANGE] + --capacity=CAPACITY --network=[name=NAME],[psa-range=PSA-RANGE] --protocols=PROTOCOL,[PROTOCOL,...] --share-name=SHARE_NAME --storage-pool=STORAGE_POOL [--async] [--description=DESCRIPTION] [--enable-kerberos=ENABLE_KERBEROS] [--enable-ldap=ENABLE_LDAP] @@ -72,20 +71,17 @@ REQUIRED FLAGS The desired capacity of the Volume in GiB or TiB units.If no capacity unit is specified, GiB is assumed. - --network=[name=NAME],[reserved-ip-range=RESERVED-IP-RANGE] + --network=[name=NAME],[psa-range=PSA-RANGE] Network configuration for a Cloud NetApp Files Volume. Specifying - reserved-ip-range is optional. + psa-range is optional. name The name of the Google Compute Engine VPC network to which the - instance is connected. - reserved-ip-range - The reserved-ip-range can have an allocated IP address range - (https://cloud.google.com/compute/docs/ip-addresses/reserve-static-internal-ip-address). - When the name of an allocated IP address range is specified, it - must be one of the ranges associated with the private service - access connection. The range you specify can't overlap with either - existing subnets or assigned IP address ranges for other Cloud - NetApp Files Volumes in the selected VPC network. + volume is connected. + psa-range + The psa-range is the name of the allocated range of the Private + Service Access connection. The range you specify can't overlap with + either existing subnets or assigned IP address ranges for other + Cloud NetApp Files Volumes in the selected VPC network. --protocols=PROTOCOL,[PROTOCOL,...] Type of File System protocols for the Cloud NetApp Files VolumeValid diff --git a/gcloud/alpha/netapp/volumes/update b/gcloud/alpha/netapp/volumes/update index cb3d046b9..9a3b008e2 100644 --- a/gcloud/alpha/netapp/volumes/update +++ b/gcloud/alpha/netapp/volumes/update @@ -14,7 +14,7 @@ SYNOPSIS [kerberos-5p-read-only=KERBEROS-5P-READ-ONLY], [kerberos-5p-read-write=KERBEROS-5P-READ-WRITE], [nfsv3=NFSV3],[nfsv4=NFSV4]] [--from-snapshot=FROM_SNAPSHOT] - [--network=[name=NAME],[reserved-ip-range=RESERVED-IP-RANGE]] + [--network=[name=NAME],[psa-range=PSA-RANGE]] [--protocols=PROTOCOL,[PROTOCOL,...]] [--security-style=SECURITY_STYLE; default="SECURITY_STYLE_UNSPECIFIED"] [--share-name=SHARE_NAME] @@ -124,20 +124,17 @@ FLAGS To set the snapshot attribute: ▸ provide the argument --from-snapshot on the command line. - --network=[name=NAME],[reserved-ip-range=RESERVED-IP-RANGE] + --network=[name=NAME],[psa-range=PSA-RANGE] Network configuration for a Cloud NetApp Files Volume. Specifying - reserved-ip-range is optional. + psa-range is optional. name The name of the Google Compute Engine VPC network to which the - instance is connected. - reserved-ip-range - The reserved-ip-range can have an allocated IP address range - (https://cloud.google.com/compute/docs/ip-addresses/reserve-static-internal-ip-address). - When the name of an allocated IP address range is specified, it - must be one of the ranges associated with the private service - access connection. The range you specify can't overlap with either - existing subnets or assigned IP address ranges for other Cloud - NetApp Files Volumes in the selected VPC network. + volume is connected. + psa-range + The psa-range is the name of the allocated range of the Private + Service Access connection. The range you specify can't overlap with + either existing subnets or assigned IP address ranges for other + Cloud NetApp Files Volumes in the selected VPC network. --protocols=PROTOCOL,[PROTOCOL,...] Type of File System protocols for the Cloud NetApp Files VolumeValid diff --git a/gcloud/alpha/network-security/firewall-endpoints/create b/gcloud/alpha/network-security/firewall-endpoints/create new file mode 100644 index 000000000..5448335ca --- /dev/null +++ b/gcloud/alpha/network-security/firewall-endpoints/create @@ -0,0 +1,92 @@ +NAME + gcloud alpha network-security firewall-endpoints create - create a Firewall + Plus endpoint + +SYNOPSIS + gcloud alpha network-security firewall-endpoints create + (FIREWALL_ENDPOINT : --organization=ORGANIZATION --zone=ZONE) [--async] + [--labels=[KEY=VALUE,...]] [--max-wait=MAX_WAIT; default="60m"] + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (ALPHA) Create a firewall endpoint. Successful creation of an endpoint + results in an endpoint in READY state. Check the progress of endpoint + creation by using gcloud network-security firewall-endpoints list. + + For more examples, refer to the EXAMPLES section below. + +EXAMPLES + To create a firewall endpoint called my-endpoint, in zone us-central1-a and + organization ID 1234, run: + + $ gcloud alpha network-security firewall-endpoints create \ + my-endpoint --zone=us-central1-a --organization=1234 + +POSITIONAL ARGUMENTS + Firewall endpoint resource - Firewall Plus. The arguments in this group + can be used to specify the attributes of this resource. + + This must be specified. + + FIREWALL_ENDPOINT + ID of the firewall endpoint or fully qualified identifier for the + firewall endpoint. + + To set the endpoint-name attribute: + ▸ provide the argument FIREWALL_ENDPOINT on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --organization=ORGANIZATION + Organization ID of the firewall endpoint. + + To set the organization attribute: + ▸ provide the argument FIREWALL_ENDPOINT on the command line with a + fully specified name; + ▸ provide the argument --organization on the command line. + + --zone=ZONE + Zone of the firewall endpoint. + + To set the zone attribute: + ▸ provide the argument FIREWALL_ENDPOINT on the command line with a + fully specified name; + ▸ provide the argument --zone on the command line. + +FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. The default is True. Enabled by default, use --no-async to + disable. + + --labels=[KEY=VALUE,...] + List of label KEY=VALUE pairs to add. + + Keys must start with a lowercase character and contain only hyphens + (-), underscores (_), lowercase characters, and numbers. Values must + contain only hyphens (-), underscores (_), lowercase characters, and + numbers. + + --max-wait=MAX_WAIT; default="60m" + Time to synchronously wait for the operation to complete, after which + the operation continues asynchronously. Ignored if --no-async isn't + specified. See $ gcloud topic datetimes for information on time + formats. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in alpha and might change without notice. If this + command fails with API permission errors despite specifying the correct + project, you might be trying to access an API with an invitation-only early + access allowlist. This variant is also available: + + $ gcloud beta network-security firewall-endpoints create + diff --git a/gcloud/alpha/network-security/firewall-endpoints/delete b/gcloud/alpha/network-security/firewall-endpoints/delete new file mode 100644 index 000000000..7263151a1 --- /dev/null +++ b/gcloud/alpha/network-security/firewall-endpoints/delete @@ -0,0 +1,88 @@ +NAME + gcloud alpha network-security firewall-endpoints delete - delete a Firewall + Plus endpoint + +SYNOPSIS + gcloud alpha network-security firewall-endpoints delete + (FIREWALL_ENDPOINT : --organization=ORGANIZATION --zone=ZONE) [--async] + [--max-wait=MAX_WAIT; default="60m"] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (ALPHA) Delete a firewall endpoint. Check the progress of endpoint deletion + by using gcloud network-security firewall-endpoints list. + + For more examples, refer to the EXAMPLES section below. + +EXAMPLES + To delete a firewall endpoint called my-endpoint, in zone us-central1-a and + organization ID 1234, run: + + $ gcloud alpha network-security firewall-endpoints delete \ + my-endpoint --zone=us-central1-a --organization=1234 + + OR + + $ gcloud alpha network-security firewall-endpoints delete \ + organizations/1234/locations/us-central1-a/firewallEndpoints/\ + my-endpoint + +POSITIONAL ARGUMENTS + Firewall endpoint resource - Firewall Plus. The arguments in this group + can be used to specify the attributes of this resource. + + This must be specified. + + FIREWALL_ENDPOINT + ID of the firewall endpoint or fully qualified identifier for the + firewall endpoint. + + To set the endpoint-name attribute: + ▸ provide the argument FIREWALL_ENDPOINT on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --organization=ORGANIZATION + Organization ID of the firewall endpoint. + + To set the organization attribute: + ▸ provide the argument FIREWALL_ENDPOINT on the command line with a + fully specified name; + ▸ provide the argument --organization on the command line. + + --zone=ZONE + Zone of the firewall endpoint. + + To set the zone attribute: + ▸ provide the argument FIREWALL_ENDPOINT on the command line with a + fully specified name; + ▸ provide the argument --zone on the command line. + +FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. The default is True. Enabled by default, use --no-async to + disable. + + --max-wait=MAX_WAIT; default="60m" + Time to synchronously wait for the operation to complete, after which + the operation continues asynchronously. Ignored if --no-async isn't + specified. See $ gcloud topic datetimes for information on time + formats. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in alpha and might change without notice. If this + command fails with API permission errors despite specifying the correct + project, you might be trying to access an API with an invitation-only early + access allowlist. This variant is also available: + + $ gcloud beta network-security firewall-endpoints delete + diff --git a/gcloud/alpha/network-security/firewall-endpoints/describe b/gcloud/alpha/network-security/firewall-endpoints/describe new file mode 100644 index 000000000..71535882e --- /dev/null +++ b/gcloud/alpha/network-security/firewall-endpoints/describe @@ -0,0 +1,75 @@ +NAME + gcloud alpha network-security firewall-endpoints describe - describe a + Firewall Plus endpoint + +SYNOPSIS + gcloud alpha network-security firewall-endpoints describe + (FIREWALL_ENDPOINT : --organization=ORGANIZATION --zone=ZONE) + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (ALPHA) Describe a firewall endpoint. + + For more examples, refer to the EXAMPLES section below. + +EXAMPLES + To get a description of a firewall endpoint called my-endpoint in zone + us-central1-a and organization ID 1234, run: + + $ gcloud alpha network-security firewall-endpoints describe \ + my-endpoint --zone=us-central1-a --organization=1234 + + OR + + $ gcloud alpha network-security firewall-endpoints describe \ + organizations/1234/locations/us-central1-a/firewallEndpoints/\ + my-endpoint + +POSITIONAL ARGUMENTS + Firewall endpoint resource - Firewall Plus. The arguments in this group + can be used to specify the attributes of this resource. + + This must be specified. + + FIREWALL_ENDPOINT + ID of the firewall endpoint or fully qualified identifier for the + firewall endpoint. + + To set the endpoint-name attribute: + ▸ provide the argument FIREWALL_ENDPOINT on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --organization=ORGANIZATION + Organization ID of the firewall endpoint. + + To set the organization attribute: + ▸ provide the argument FIREWALL_ENDPOINT on the command line with a + fully specified name; + ▸ provide the argument --organization on the command line. + + --zone=ZONE + Zone of the firewall endpoint. + + To set the zone attribute: + ▸ provide the argument FIREWALL_ENDPOINT on the command line with a + fully specified name; + ▸ provide the argument --zone on the command line. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in alpha and might change without notice. If this + command fails with API permission errors despite specifying the correct + project, you might be trying to access an API with an invitation-only early + access allowlist. This variant is also available: + + $ gcloud beta network-security firewall-endpoints describe + diff --git a/gcloud/alpha/network-security/firewall-endpoints/help b/gcloud/alpha/network-security/firewall-endpoints/help new file mode 100644 index 000000000..9b5002ca9 --- /dev/null +++ b/gcloud/alpha/network-security/firewall-endpoints/help @@ -0,0 +1,39 @@ +NAME + gcloud alpha network-security firewall-endpoints - create and manage + Firewall Plus endpoints + +SYNOPSIS + gcloud alpha network-security firewall-endpoints COMMAND + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (ALPHA) Create and manage Firewall Plus endpoints. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --help. + + Run $ gcloud help for details. + +COMMANDS + COMMAND is one of the following: + + create + (ALPHA) Create a Firewall Plus endpoint. + + delete + (ALPHA) Delete a Firewall Plus endpoint. + + describe + (ALPHA) Describe a Firewall Plus endpoint. + + list + (ALPHA) List Firewall Plus endpoints. + +NOTES + This command is currently in alpha and might change without notice. If this + command fails with API permission errors despite specifying the correct + project, you might be trying to access an API with an invitation-only early + access allowlist. This variant is also available: + + $ gcloud beta network-security firewall-endpoints + diff --git a/gcloud/alpha/network-security/firewall-endpoints/list b/gcloud/alpha/network-security/firewall-endpoints/list new file mode 100644 index 000000000..9e9a4c575 --- /dev/null +++ b/gcloud/alpha/network-security/firewall-endpoints/list @@ -0,0 +1,76 @@ +NAME + gcloud alpha network-security firewall-endpoints list - list Firewall Plus + endpoints + +SYNOPSIS + gcloud alpha network-security firewall-endpoints list + --organization=ORGANIZATION --zone=ZONE [--filter=EXPRESSION] + [--limit=LIMIT] [--page-size=PAGE_SIZE] [--sort-by=[FIELD,...]] [--uri] + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (ALPHA) List firewall endpoints. + + For more examples, refer to the EXAMPLES section below. + +EXAMPLES + To list firewall endpoints in organization ID 1234, run: + + $ gcloud alpha network-security firewall-endpoints list \ + --organization=1234 + +REQUIRED FLAGS + --organization=ORGANIZATION + The organization for a list operation + + --zone=ZONE + The zone for a list operation + +LIST COMMAND FLAGS + --filter=EXPRESSION + Apply a Boolean filter EXPRESSION to each resource item to be listed. + If the expression evaluates True, then that item is listed. For more + details and examples of filter expressions, run $ gcloud topic filters. + This flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --limit=LIMIT + Maximum number of resources to list. The default is unlimited. This + flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --page-size=PAGE_SIZE + Some services group resource list output into pages. This flag + specifies the maximum number of resources per page. The default is + determined by the service if it supports paging, otherwise it is + unlimited (no paging). Paging may be applied before or after --filter + and --limit depending on the service. + + --sort-by=[FIELD,...] + Comma-separated list of resource field key names to sort by. The + default order is ascending. Prefix a field with ``~'' for descending + order on that field. This flag interacts with other flags that are + applied in this order: --flatten, --sort-by, --filter, --limit. + + --uri + Print a list of resource URIs instead of the default output, and change + the command output to a list of URIs. If this flag is used with + --format, the formatting is applied on this URI list. To display URIs + alongside other keys instead, use the uri() transform. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in alpha and might change without notice. If this + command fails with API permission errors despite specifying the correct + project, you might be trying to access an API with an invitation-only early + access allowlist. This variant is also available: + + $ gcloud beta network-security firewall-endpoints list + diff --git a/gcloud/alpha/network-security/help b/gcloud/alpha/network-security/help index 4cdce1356..319f0edc5 100644 --- a/gcloud/alpha/network-security/help +++ b/gcloud/alpha/network-security/help @@ -21,6 +21,9 @@ GROUPS client-tls-policies (ALPHA) Manage Network Security ClientTlsPolicies. + firewall-endpoints + (ALPHA) Create and manage Firewall Plus endpoints. + gateway-security-policies (ALPHA) Manage Network Security Gateway Security Policies. diff --git a/gcloud/alpha/network-security/security-profile-groups/create b/gcloud/alpha/network-security/security-profile-groups/create index 485c7e766..4dee90a0e 100644 --- a/gcloud/alpha/network-security/security-profile-groups/create +++ b/gcloud/alpha/network-security/security-profile-groups/create @@ -86,5 +86,7 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. + access allowlist. This variant is also available: + + $ gcloud beta network-security security-profile-groups create diff --git a/gcloud/alpha/network-security/security-profile-groups/delete b/gcloud/alpha/network-security/security-profile-groups/delete index c2ba3a2c7..10340af70 100644 --- a/gcloud/alpha/network-security/security-profile-groups/delete +++ b/gcloud/alpha/network-security/security-profile-groups/delete @@ -5,7 +5,7 @@ NAME SYNOPSIS gcloud alpha network-security security-profile-groups delete (SECURITY_PROFILE_GROUP - : --location=LOCATION --organization=ORGANIZATION) + : --location=LOCATION --organization=ORGANIZATION) [--async] [GCLOUD_WIDE_FLAG ...] DESCRIPTION @@ -52,6 +52,11 @@ POSITIONAL ARGUMENTS with a fully specified name; ▸ provide the argument --organization on the command line. +FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. + GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, @@ -68,5 +73,7 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. + access allowlist. This variant is also available: + + $ gcloud beta network-security security-profile-groups delete diff --git a/gcloud/alpha/network-security/security-profile-groups/describe b/gcloud/alpha/network-security/security-profile-groups/describe index a0d3ff043..a78ad8c96 100644 --- a/gcloud/alpha/network-security/security-profile-groups/describe +++ b/gcloud/alpha/network-security/security-profile-groups/describe @@ -68,5 +68,7 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. + access allowlist. This variant is also available: + + $ gcloud beta network-security security-profile-groups describe diff --git a/gcloud/alpha/network-security/security-profile-groups/help b/gcloud/alpha/network-security/security-profile-groups/help index 16fe22037..e3ae0f740 100644 --- a/gcloud/alpha/network-security/security-profile-groups/help +++ b/gcloud/alpha/network-security/security-profile-groups/help @@ -79,5 +79,7 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. + access allowlist. This variant is also available: + + $ gcloud beta network-security security-profile-groups diff --git a/gcloud/alpha/network-security/security-profile-groups/list b/gcloud/alpha/network-security/security-profile-groups/list index e611c2fd8..3bcd567ad 100644 --- a/gcloud/alpha/network-security/security-profile-groups/list +++ b/gcloud/alpha/network-security/security-profile-groups/list @@ -89,5 +89,7 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. + access allowlist. This variant is also available: + + $ gcloud beta network-security security-profile-groups list diff --git a/gcloud/alpha/network-security/security-profile-groups/update b/gcloud/alpha/network-security/security-profile-groups/update index 8088d8724..ee6c5250a 100644 --- a/gcloud/alpha/network-security/security-profile-groups/update +++ b/gcloud/alpha/network-security/security-profile-groups/update @@ -85,5 +85,7 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. + access allowlist. This variant is also available: + + $ gcloud beta network-security security-profile-groups update diff --git a/gcloud/alpha/network-security/security-profiles/help b/gcloud/alpha/network-security/security-profiles/help index adf7f5504..15750812f 100644 --- a/gcloud/alpha/network-security/security-profiles/help +++ b/gcloud/alpha/network-security/security-profiles/help @@ -24,5 +24,7 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. + access allowlist. This variant is also available: + + $ gcloud beta network-security security-profiles diff --git a/gcloud/alpha/network-security/security-profiles/threat-prevention/add-override b/gcloud/alpha/network-security/security-profiles/threat-prevention/add-override index 33b21ab03..a5c77ab1f 100644 --- a/gcloud/alpha/network-security/security-profiles/threat-prevention/add-override +++ b/gcloud/alpha/network-security/security-profiles/threat-prevention/add-override @@ -71,11 +71,11 @@ REQUIRED FLAGS Exactly one of these must be specified: --severities=[SEVERITY_LEVEL,...] - List of comma seperated severities where each value in the list + List of comma-separated severities where each value in the list indicates the severity of the threat. --threat-ids=[THREAT-ID,...] - List of comma seperated threat identifiers where each identifier in + List of comma-separated threat identifiers where each identifier in the list is a vendor-specified Signature ID representing a threat type. @@ -96,5 +96,8 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. + access allowlist. This variant is also available: + + $ gcloud beta network-security security-profiles threat-prevention \ + add-override diff --git a/gcloud/alpha/network-security/security-profiles/threat-prevention/create b/gcloud/alpha/network-security/security-profiles/threat-prevention/create index 7bbc1986e..c68b63cc6 100644 --- a/gcloud/alpha/network-security/security-profiles/threat-prevention/create +++ b/gcloud/alpha/network-security/security-profiles/threat-prevention/create @@ -71,5 +71,8 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. + access allowlist. This variant is also available: + + $ gcloud beta network-security security-profiles threat-prevention \ + create diff --git a/gcloud/alpha/network-security/security-profiles/threat-prevention/delete b/gcloud/alpha/network-security/security-profiles/threat-prevention/delete index 1aa83d3f9..1338bc6bc 100644 --- a/gcloud/alpha/network-security/security-profiles/threat-prevention/delete +++ b/gcloud/alpha/network-security/security-profiles/threat-prevention/delete @@ -71,5 +71,8 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. + access allowlist. This variant is also available: + + $ gcloud beta network-security security-profiles threat-prevention \ + delete diff --git a/gcloud/alpha/network-security/security-profiles/threat-prevention/delete-override b/gcloud/alpha/network-security/security-profiles/threat-prevention/delete-override index 818e9a3c3..b2b3f25f5 100644 --- a/gcloud/alpha/network-security/security-profiles/threat-prevention/delete-override +++ b/gcloud/alpha/network-security/security-profiles/threat-prevention/delete-override @@ -66,11 +66,11 @@ REQUIRED FLAGS Exactly one of these must be specified: --severities=[SEVERITY_LEVEL,...] - List of comma seperated severities where each value in the list + List of comma-separated severities where each value in the list indicates the severity of the threat. --threat-ids=[THREAT-ID,...] - List of comma seperated threat identifiers where each identifier in + List of comma-separated threat identifiers where each identifier in the list is a vendor-specified Signature ID representing a threat type. @@ -91,5 +91,8 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. + access allowlist. This variant is also available: + + $ gcloud beta network-security security-profiles threat-prevention \ + delete-override diff --git a/gcloud/alpha/network-security/security-profiles/threat-prevention/help b/gcloud/alpha/network-security/security-profiles/threat-prevention/help index 58c3f2ee2..c02148540 100644 --- a/gcloud/alpha/network-security/security-profiles/threat-prevention/help +++ b/gcloud/alpha/network-security/security-profiles/threat-prevention/help @@ -109,5 +109,7 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. + access allowlist. This variant is also available: + + $ gcloud beta network-security security-profiles threat-prevention diff --git a/gcloud/alpha/network-security/security-profiles/threat-prevention/list b/gcloud/alpha/network-security/security-profiles/threat-prevention/list index 1dbed987e..d210b2d23 100644 --- a/gcloud/alpha/network-security/security-profiles/threat-prevention/list +++ b/gcloud/alpha/network-security/security-profiles/threat-prevention/list @@ -89,5 +89,8 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. + access allowlist. This variant is also available: + + $ gcloud beta network-security security-profiles threat-prevention \ + list diff --git a/gcloud/alpha/network-security/security-profiles/threat-prevention/list-overrides b/gcloud/alpha/network-security/security-profiles/threat-prevention/list-overrides index f22e07d86..ea7a64256 100644 --- a/gcloud/alpha/network-security/security-profiles/threat-prevention/list-overrides +++ b/gcloud/alpha/network-security/security-profiles/threat-prevention/list-overrides @@ -70,5 +70,8 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. + access allowlist. This variant is also available: + + $ gcloud beta network-security security-profiles threat-prevention \ + list-overrides diff --git a/gcloud/alpha/network-security/security-profiles/threat-prevention/update-override b/gcloud/alpha/network-security/security-profiles/threat-prevention/update-override index bf5af5b39..7245e5bf0 100644 --- a/gcloud/alpha/network-security/security-profiles/threat-prevention/update-override +++ b/gcloud/alpha/network-security/security-profiles/threat-prevention/update-override @@ -71,11 +71,11 @@ REQUIRED FLAGS Exactly one of these must be specified: --severities=[SEVERITY_LEVEL,...] - List of comma seperated severities where each value in the list + List of comma-separated severities where each value in the list indicates the severity of the threat. --threat-ids=[THREAT-ID,...] - List of comma seperated threat identifiers where each identifier in + List of comma-separated threat identifiers where each identifier in the list is a vendor-specified Signature ID representing a threat type. @@ -96,5 +96,8 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. + access allowlist. This variant is also available: + + $ gcloud beta network-security security-profiles threat-prevention \ + update-override diff --git a/gcloud/alpha/recaptcha/keys/create b/gcloud/alpha/recaptcha/keys/create index 2d22e8fe9..57632361f 100644 --- a/gcloud/alpha/recaptcha/keys/create +++ b/gcloud/alpha/recaptcha/keys/create @@ -88,9 +88,9 @@ REQUIRED FLAGS arguments in this group are specified. --private-key-file=PRIVATE_KEY_FILE - File path to an authentication key (.p8 file extension). This is - generated in the Apple Developer Center under Certificates, - Identifiers & Profiles. + File path to a private key (downloaded as a text file with a .p8 + file extension) generated for your Apple Developer account. + Ensure that DeviceCheck is enabled for the private key. This flag argument must be specified if any of the other arguments in this group are specified. diff --git a/gcloud/alpha/recaptcha/keys/update b/gcloud/alpha/recaptcha/keys/update index ee35f8c70..14d9d59f1 100644 --- a/gcloud/alpha/recaptcha/keys/update +++ b/gcloud/alpha/recaptcha/keys/update @@ -97,9 +97,9 @@ FLAGS arguments in this group are specified. --private-key-file=PRIVATE_KEY_FILE - File path to an authentication key (.p8 file extension). This is - generated in the Apple Developer Center under Certificates, - Identifiers & Profiles. + File path to a private key (downloaded as a text file with a .p8 + file extension) generated for your Apple Developer account. + Ensure that DeviceCheck is enabled for the private key. This flag argument must be specified if any of the other arguments in this group are specified. diff --git a/gcloud/alpha/storage/du b/gcloud/alpha/storage/du new file mode 100644 index 000000000..e2850f8ef --- /dev/null +++ b/gcloud/alpha/storage/du @@ -0,0 +1,101 @@ +NAME + gcloud alpha storage du - displays the amount of space in bytes used up + storage resources + +SYNOPSIS + gcloud alpha storage du [URL ...] [--additional-headers=HEADER=VALUE] + [--all-versions, -a] + [--exclude-name-pattern=EXCLUDE_NAME_PATTERN, -e EXCLUDE_NAME_PATTERN] + [--exclude-name-pattern-file=EXCLUDE_NAME_PATTERN_FILE, + -X EXCLUDE_NAME_PATTERN_FILE] [--readable-sizes, -r] + [--summarize, -s] [--total, -c] [--zero-terminator, -0] + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (ALPHA) Displays the amount of space in bytes used up by the objects in a + bucket, subdirectory, or project. + +EXAMPLES + To list the size of each object in a bucket: + + $ gcloud alpha storage du gs://bucketname + + To list the size of each object in the prefix subdirectory: + + $ gcloud alpha storage du gs://bucketname/prefix/* + + To print the total number of bytes in a bucket in human-readable form: + + $ gcloud alpha storage du -ch gs://bucketname + + To see a summary of the total number of bytes in two given buckets: + + $ gcloud alpha storage du -s gs://bucket1 gs://bucket2 + + To list the size of each object in a bucket with Object Versioning enabled, + including noncurrent objects: + + $ gcloud alpha storage du -a gs://bucketname + + To list the size of each object in a bucket, except objects that end in + ".bak", with each object printed ending in a null byte: + + $ gcloud alpha storage du -e "*.bak" -0 gs://bucketname + + To list the size of each bucket in a project and the total size of the + project: + + $ gcloud alpha storage du --summarize --readable-sizes --total + +POSITIONAL ARGUMENTS + [URL ...] + The url of objects to list. + +FLAGS + --additional-headers=HEADER=VALUE + Includes arbitrary headers in storage API calls. Accepts a comma + separated list of key=value pairs, e.g. header1=value1,header2=value2. + Overrides the default storage/additional_headers property value for + this command invocation. + + --all-versions, -a + Includes noncurrent object versions for a bucket with Object Versioning + enabled. Also prints the generation and metageneration number for each + listed object. + + --exclude-name-pattern=EXCLUDE_NAME_PATTERN, -e EXCLUDE_NAME_PATTERN + Exclude a pattern from the report. Example: -e ".o" excludes any object + that ends in ".o". Can be specified multiple times. + + --exclude-name-pattern-file=EXCLUDE_NAME_PATTERN_FILE, -X EXCLUDE_NAME_PATTERN_FILE + Similar to -e, but excludes patterns from the given file. The patterns + to exclude should be listed one per line. + + --readable-sizes, -r + Prints object sizes in human-readable format. For example, 1 KiB, 234 + MiB, or 2GiB. + + --summarize, -s + Displays only the summary for each argument. + + --total, -c + Includes a total size of all input sources. + + --zero-terminator, -0 + Ends each output line with a 0 byte rather than a newline. You can use + this to make the output machine-readable. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in alpha and might change without notice. If this + command fails with API permission errors despite specifying the correct + project, you might be trying to access an API with an invitation-only early + access allowlist. + diff --git a/gcloud/alpha/storage/help b/gcloud/alpha/storage/help index ae3c1aa08..02f83d581 100644 --- a/gcloud/alpha/storage/help +++ b/gcloud/alpha/storage/help @@ -38,6 +38,10 @@ COMMANDS cp (ALPHA) Upload, download, and copy Cloud Storage objects. + du + (ALPHA) Displays the amount of space in bytes used up storage + resources. + hash (ALPHA) Calculates hashes on local or cloud files. diff --git a/gcloud/artifacts/repositories/create b/gcloud/artifacts/repositories/create index cb97d1ffc..464a5d8a9 100644 --- a/gcloud/artifacts/repositories/create +++ b/gcloud/artifacts/repositories/create @@ -11,8 +11,7 @@ SYNOPSIS [--remote-mvn-repo=REMOTE_MVN_REPO] [--remote-npm-repo=REMOTE_NPM_REPO] [--remote-python-repo=REMOTE_PYTHON_REPO] [--remote-repo-config-desc=REMOTE_REPO_CONFIG_DESC] - [--upstream-policy-file=FILE] - [--version-policy=VERSION_POLICY; default="NONE"] + [--upstream-policy-file=FILE] [--version-policy=VERSION_POLICY] [GCLOUD_WIDE_FLAG ...] DESCRIPTION @@ -159,7 +158,7 @@ OPTIONAL FLAGS "priority": 1 }, { "id": "test2", "repository": "projects/p2/locations/us-west2/repository/repo2", "priority": 2 } ] - --version-policy=VERSION_POLICY; default="NONE" + --version-policy=VERSION_POLICY (Maven only) The package versions that the repository will store. VERSION_POLICY must be one of: diff --git a/gcloud/beta/ai/index-endpoints/create b/gcloud/beta/ai/index-endpoints/create index 8eade7d04..d454a6556 100644 --- a/gcloud/beta/ai/index-endpoints/create +++ b/gcloud/beta/ai/index-endpoints/create @@ -4,8 +4,9 @@ NAME SYNOPSIS gcloud beta ai index-endpoints create --display-name=DISPLAY_NAME - --network=NETWORK [--description=DESCRIPTION] - [--labels=[KEY=VALUE,...]] [--region=REGION] [GCLOUD_WIDE_FLAG ...] + [--description=DESCRIPTION] [--labels=[KEY=VALUE,...]] + [--network=NETWORK] [--public-endpoint-enabled] [--region=REGION] + [GCLOUD_WIDE_FLAG ...] EXAMPLES To create an index endpoint under project example with network @@ -20,10 +21,6 @@ REQUIRED FLAGS --display-name=DISPLAY_NAME Display name of the index endpoint. - --network=NETWORK - The Google Compute Engine network name to which the IndexEndpoint - should be peered. - OPTIONAL FLAGS --description=DESCRIPTION Description of the index endpoint. @@ -36,6 +33,13 @@ OPTIONAL FLAGS contain only hyphens (-), underscores (_), lowercase characters, and numbers. + --network=NETWORK + The Google Compute Engine network name to which the IndexEndpoint + should be peered. + + --public-endpoint-enabled + If true, the deployed index will be accessible through public endpoint. + Region resource - Cloud region to create index endpoint. This represents a Cloud resource. (NOTE) Some attributes are not given arguments in this group but can be set in other ways. diff --git a/gcloud/beta/artifacts/docker/upgrade/help b/gcloud/beta/artifacts/docker/upgrade/help index a6064a846..b78f1d3c3 100644 --- a/gcloud/beta/artifacts/docker/upgrade/help +++ b/gcloud/beta/artifacts/docker/upgrade/help @@ -6,8 +6,8 @@ SYNOPSIS gcloud beta artifacts docker upgrade COMMAND [GCLOUD_WIDE_FLAG ...] DESCRIPTION - (BETA) To print an equivalant Artifact Registry IAM policy for - 'gcr.io/my-project' within scope projects/my-project: + (BETA) To print an equivalent Artifact Registry IAM policy for + 'gcr.io/my-project': $ gcloud beta artifacts docker upgrade print-iam-policy gcr.io \ --project=my-project diff --git a/gcloud/beta/artifacts/docker/upgrade/print-iam-policy b/gcloud/beta/artifacts/docker/upgrade/print-iam-policy index 65a9114df..b9f766fd3 100644 --- a/gcloud/beta/artifacts/docker/upgrade/print-iam-policy +++ b/gcloud/beta/artifacts/docker/upgrade/print-iam-policy @@ -4,53 +4,30 @@ NAME SYNOPSIS gcloud beta artifacts docker upgrade print-iam-policy DOMAIN - [--folder=FOLDER_ID | --organization=ORGANIZATION_ID] [GCLOUD_WIDE_FLAG ...] DESCRIPTION (BETA) Print an Artifact Registry IAM policy that is equivalent to the IAM policy applied to the storage bucket for the specified Container Registry hostname. Apply the returned policy to the Artifact Registry repository - that will replace the specified host. By default, this command only - considers IAM policies within the project-level scope, so policies that are - at the folder or organization level will not be included in the generated - policy. To change the scope, use the --organization or --folder flags. + that will replace the specified host. If the project has an organization, + this command analyzes IAM policies at the organization level. Otherwise, + this command analyzes IAM policies at the project level. See required + permissions at + https://cloud.google.com/policy-intelligence/docs/analyze-iam-policies#required-permissions. EXAMPLES - To print an equivalant Artifact Registry IAM policy for 'gcr.io/my-project' - within scope projects/my-project: + To print an equivalent Artifact Registry IAM policy for + 'gcr.io/my-project': $ gcloud beta artifacts docker upgrade print-iam-policy upgrade \ print-iam-policy gcr.io --project=my-project - To print an equivalant Artifact Registry IAM policy for 'gcr.io/my-project' - within scope folders/123: - - $ gcloud beta artifacts docker upgrade print-iam-policy upgrade \ - print-iam-policy gcr.io --project=my-project --folder=123 - - To print an equivalant Artifact Registry IAM policy for 'gcr.io/my-project' - within scope organizations/123: - - $ gcloud beta artifacts docker upgrade print-iam-policy upgrade \ - print-iam-policy gcr.io --project=my-project --organization=123 - POSITIONAL ARGUMENTS DOMAIN A Container Registry domain. Valid values are: [gcr.io, asia.gcr.io, eu.gcr.io, us.gcr.io] -FLAGS - At most one of these can be specified: - - --folder=FOLDER_ID - Folder ID on which to scope IAM analysis. Only policies defined at or - below this folder will be included in the analysis. - - --organization=ORGANIZATION_ID - Organization ID on which to scope IAM analysis. Only policies defined - at or below this organization will be included in the analysis. - GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, diff --git a/gcloud/beta/artifacts/repositories/create b/gcloud/beta/artifacts/repositories/create index 9c0917510..60832dbb7 100644 --- a/gcloud/beta/artifacts/repositories/create +++ b/gcloud/beta/artifacts/repositories/create @@ -7,8 +7,7 @@ SYNOPSIS (REPOSITORY : --location=LOCATION) --repository-format=REPOSITORY_FORMAT [--allow-snapshot-overwrites] [--async] [--description=DESCRIPTION] [--kms-key=KMS_KEY] - [--labels=[KEY=VALUE,...]] - [--version-policy=VERSION_POLICY; default="NONE"] + [--labels=[KEY=VALUE,...]] [--version-policy=VERSION_POLICY] [GCLOUD_WIDE_FLAG ...] DESCRIPTION @@ -112,7 +111,7 @@ OPTIONAL FLAGS contain only hyphens (-), underscores (_), lowercase characters, and numbers. - --version-policy=VERSION_POLICY; default="NONE" + --version-policy=VERSION_POLICY (Maven only) The package versions that the repository will store. VERSION_POLICY must be one of: diff --git a/gcloud/beta/builds/triggers/create/manual b/gcloud/beta/builds/triggers/create/manual index d0386e377..fa56f5090 100644 --- a/gcloud/beta/builds/triggers/create/manual +++ b/gcloud/beta/builds/triggers/create/manual @@ -9,10 +9,10 @@ SYNOPSIS default="/" --dockerfile-image=DOCKERFILE_IMAGE]) : --description=DESCRIPTION --name=NAME --region=REGION --[no-]require-approval --service-account=SERVICE_ACCOUNT - --substitutions=[KEY=VALUE,...] (--branch=BRANCH - | --tag=TAG) (--repository=REPOSITORY + --substitutions=[KEY=VALUE,...] --branch=BRANCH + | --tag=TAG --repository=REPOSITORY | [--repo=REPO --repo-type=REPO_TYPE - : --github-enterprise-config=GITHUB_ENTERPRISE_CONFIG])]) + : --github-enterprise-config=GITHUB_ENTERPRISE_CONFIG]]) [GCLOUD_WIDE_FLAG ...] DESCRIPTION @@ -134,7 +134,7 @@ REQUIRED FLAGS Flags for repository and branch information - Exactly one of these must be specified: + At most one of these can be specified: --branch=BRANCH Branch to build. @@ -144,7 +144,7 @@ REQUIRED FLAGS Flags for repository information - Exactly one of these must be specified: + At most one of these can be specified: --repository=REPOSITORY Repository resource (2nd gen) to use, in the format diff --git a/gcloud/beta/builds/triggers/create/pubsub b/gcloud/beta/builds/triggers/create/pubsub index 53a4d6ddc..1595f5369 100644 --- a/gcloud/beta/builds/triggers/create/pubsub +++ b/gcloud/beta/builds/triggers/create/pubsub @@ -11,10 +11,10 @@ SYNOPSIS : --description=DESCRIPTION --name=NAME --region=REGION --[no-]require-approval --service-account=SERVICE_ACCOUNT --subscription-filter=SUBSCRIPTION_FILTER - --substitutions=[KEY=VALUE,...] (--branch=BRANCH - | --tag=TAG) (--repository=REPOSITORY + --substitutions=[KEY=VALUE,...] --branch=BRANCH + | --tag=TAG --repository=REPOSITORY | [--repo=REPO --repo-type=REPO_TYPE - : --github-enterprise-config=GITHUB_ENTERPRISE_CONFIG])]) + : --github-enterprise-config=GITHUB_ENTERPRISE_CONFIG]]) [GCLOUD_WIDE_FLAG ...] DESCRIPTION @@ -152,7 +152,7 @@ REQUIRED FLAGS Flags for repository and branch information - Exactly one of these must be specified: + At most one of these can be specified: --branch=BRANCH Branch to build. @@ -162,7 +162,7 @@ REQUIRED FLAGS Flags for repository information - Exactly one of these must be specified: + At most one of these can be specified: --repository=REPOSITORY Repository resource (2nd gen) to use, in the format diff --git a/gcloud/beta/builds/triggers/create/webhook b/gcloud/beta/builds/triggers/create/webhook index 237a2b171..6bae07711 100644 --- a/gcloud/beta/builds/triggers/create/webhook +++ b/gcloud/beta/builds/triggers/create/webhook @@ -11,10 +11,10 @@ SYNOPSIS : --description=DESCRIPTION --name=NAME --region=REGION --[no-]require-approval --service-account=SERVICE_ACCOUNT --subscription-filter=SUBSCRIPTION_FILTER - --substitutions=[KEY=VALUE,...] (--branch=BRANCH - | --tag=TAG) (--repository=REPOSITORY + --substitutions=[KEY=VALUE,...] --branch=BRANCH + | --tag=TAG --repository=REPOSITORY | [--repo=REPO --repo-type=REPO_TYPE - : --github-enterprise-config=GITHUB_ENTERPRISE_CONFIG])]) + : --github-enterprise-config=GITHUB_ENTERPRISE_CONFIG]]) [GCLOUD_WIDE_FLAG ...] DESCRIPTION @@ -158,7 +158,7 @@ REQUIRED FLAGS Flags for repository and branch information - Exactly one of these must be specified: + At most one of these can be specified: --branch=BRANCH Branch to build. @@ -168,7 +168,7 @@ REQUIRED FLAGS Flags for repository information - Exactly one of these must be specified: + At most one of these can be specified: --repository=REPOSITORY Repository resource (2nd gen) to use, in the format diff --git a/gcloud/beta/composer/environments/run b/gcloud/beta/composer/environments/run index d4e00b84f..eb39ce75b 100644 --- a/gcloud/beta/composer/environments/run +++ b/gcloud/beta/composer/environments/run @@ -96,7 +96,10 @@ POSITIONAL ARGUMENTS for more info). [SUBCOMMAND_NESTED] - Additional subcommand in case it is nested. + Additional subcommand in case it is nested. The following is a list of + allowed nested subcommands: + ◆ db: check + ◆ all other subcommands: all nested subcommands are allowed [-- CMD_ARGS ...] Command line arguments to the subcommand. diff --git a/gcloud/beta/compute/disks/create b/gcloud/beta/compute/disks/create index dd9739fda..419bbd4b7 100644 --- a/gcloud/beta/compute/disks/create +++ b/gcloud/beta/compute/disks/create @@ -9,8 +9,9 @@ SYNOPSIS [--labels=[KEY=VALUE,...]] [--licenses=[LICENSE,...]] [--multi-writer] [--physical-block-size=PHYSICAL_BLOCK_SIZE; default="4096"] [--primary-disk-project=PRIMARY_DISK_PROJECT] - [--provisioned-iops=PROVISIONED_IOPS] [--replica-zones=ZONE,ZONE] - [--no-require-csek-key-create] + [--provisioned-iops=PROVISIONED_IOPS] + [--provisioned-throughput=PROVISIONED_THROUGHPUT] + [--replica-zones=ZONE,ZONE] [--no-require-csek-key-create] [--resource-policies=[RESOURCE_POLICY,...]] [--size=SIZE] [--type=TYPE] [--image-family-scope=IMAGE_FAMILY_SCOPE --image-project=IMAGE_PROJECT --image=IMAGE @@ -123,6 +124,10 @@ FLAGS Provisioned IOPS of disk to create. Only for use with disks of type pd-extreme and hyperdisk-extreme. + --provisioned-throughput=PROVISIONED_THROUGHPUT + Provisioned throughput of disk to create. The throughput unit is MB per + sec. Only for use with disks of type hyperdisk-throughput. + --replica-zones=ZONE,ZONE A comma-separated list of exactly 2 zones that a regional disk will be replicated to. Required when creating regional disk. The zones must be diff --git a/gcloud/beta/compute/disks/update b/gcloud/beta/compute/disks/update index 98c6cb497..5529cbf03 100644 --- a/gcloud/beta/compute/disks/update +++ b/gcloud/beta/compute/disks/update @@ -3,7 +3,9 @@ NAME SYNOPSIS gcloud beta compute disks update DISK_NAME - [--provisioned-iops=PROVISIONED_IOPS] [--update-labels=[KEY=VALUE,...]] + [--provisioned-iops=PROVISIONED_IOPS] + [--provisioned-throughput=PROVISIONED_THROUGHPUT] + [--update-labels=[KEY=VALUE,...]] [--clear-architecture | --update-architecture=UPDATE_ARCHITECTURE] [--clear-labels | --remove-labels=[KEY,...]] [--clear-user-licenses | --update-user-licenses=[LICENSE,...]] @@ -42,6 +44,10 @@ FLAGS Provisioned IOPS of disk to update. Only for use with disks of type hyperdisk-extreme. + --provisioned-throughput=PROVISIONED_THROUGHPUT + Provisioned throughput of disk to update. The throughput unit is MB per + sec. + --update-labels=[KEY=VALUE,...] List of label KEY=VALUE pairs to update. If a label exists, its value is modified. Otherwise, a new label is created. diff --git a/gcloud/beta/compute/instance-templates/create b/gcloud/beta/compute/instance-templates/create index 61d2dc0aa..acaf96b1c 100644 --- a/gcloud/beta/compute/instance-templates/create +++ b/gcloud/beta/compute/instance-templates/create @@ -232,6 +232,10 @@ FLAGS number of I/O operations per second that the disk can handle. Value must be between 10,000 and 120,000. + provisioned-throughput + Indicates how much throughput to provision for the disk. This sets + the number of throughput mb per second that the disk can handle. + disk-resource-policy Resource policy to apply to the disk. Specify a full or partial URL. For example: diff --git a/gcloud/beta/compute/instance-templates/create-with-container b/gcloud/beta/compute/instance-templates/create-with-container index b640095ff..6415a171e 100644 --- a/gcloud/beta/compute/instance-templates/create-with-container +++ b/gcloud/beta/compute/instance-templates/create-with-container @@ -321,6 +321,10 @@ FLAGS number of I/O operations per second that the disk can handle. Value must be between 10,000 and 120,000. + provisioned-throughput + Indicates how much throughput to provision for the disk. This sets + the number of throughput mb per second that the disk can handle. + disk-resource-policy Resource policy to apply to the disk. Specify a full or partial URL. For example: diff --git a/gcloud/beta/compute/instances/bulk/create b/gcloud/beta/compute/instances/bulk/create index caa64b448..94996bf14 100644 --- a/gcloud/beta/compute/instances/bulk/create +++ b/gcloud/beta/compute/instances/bulk/create @@ -260,6 +260,10 @@ OPTIONAL FLAGS number of I/O operations per second that the disk can handle. Value must be between 10,000 and 120,000. + provisioned-throughput + Indicates how much throughput to provision for the disk. This sets + the number of throughput mb per second that the disk can handle. + disk-resource-policy Resource policy to apply to the disk. Specify a full or partial URL. For example: diff --git a/gcloud/beta/compute/instances/create b/gcloud/beta/compute/instances/create index aca078607..5befbd261 100644 --- a/gcloud/beta/compute/instances/create +++ b/gcloud/beta/compute/instances/create @@ -251,6 +251,10 @@ FLAGS number of I/O operations per second that the disk can handle. Value must be between 10,000 and 120,000. + provisioned-throughput + Indicates how much throughput to provision for the disk. This sets + the number of throughput mb per second that the disk can handle. + disk-resource-policy Resource policy to apply to the disk. Specify a full or partial URL. For example: diff --git a/gcloud/beta/compute/instances/create-with-container b/gcloud/beta/compute/instances/create-with-container index 09c1480ac..1e7926b16 100644 --- a/gcloud/beta/compute/instances/create-with-container +++ b/gcloud/beta/compute/instances/create-with-container @@ -330,6 +330,10 @@ FLAGS number of I/O operations per second that the disk can handle. Value must be between 10,000 and 120,000. + provisioned-throughput + Indicates how much throughput to provision for the disk. This sets + the number of throughput mb per second that the disk can handle. + disk-resource-policy Resource policy to apply to the disk. Specify a full or partial URL. For example: diff --git a/gcloud/beta/compute/interconnects/attachments/dedicated/create b/gcloud/beta/compute/interconnects/attachments/dedicated/create index 9912098e4..144c34eea 100644 --- a/gcloud/beta/compute/interconnects/attachments/dedicated/create +++ b/gcloud/beta/compute/interconnects/attachments/dedicated/create @@ -11,7 +11,8 @@ SYNOPSIS [--customer-router-ipv6-interface-id=PEER_INTERFACE_ID] [--description=DESCRIPTION] [--enable-admin] [--encryption=ENCRYPTION] [--ipsec-internal-addresses=[ADDRESSES]] [--mtu=MTU] [--region=REGION] - [--stack-type=STACK_TYPE] [--vlan=VLAN] [GCLOUD_WIDE_FLAG ...] + [--stack-type=STACK_TYPE] [--subnet-length=SUBNET_LENGTH] [--vlan=VLAN] + [GCLOUD_WIDE_FLAG ...] DESCRIPTION (BETA) gcloud beta compute interconnects attachments dedicated create is @@ -73,11 +74,11 @@ OPTIONAL FLAGS Up to 16 candidate prefixes that can be used to restrict the allocation of cloudRouterIpAddress and customerRouterIpAddress for this attachment. All prefixes must be within link-local address space. - Google will attempt to select an unused /29 from the supplied candidate - subnet(s), or all of link-local space if no subnets supplied. Google - will not re-use a /29 already in-use by your project, even if it's - contained in one of the candidate subnets. The request will fail if all - /29s within the candidate subnets are in use at Google's edge. + Google attempts to select an unused subnet of SUBNET_LENGTH from the + supplied candidate subnet(s), or all of link-local space if no subnets + supplied. Google does not re-use a subnet already in-use by your + project, even if it's contained in one of the candidate subnets. The + request fails if all candidate subnets are in use at Google's edge. --cloud-router-ipv6-interface-id=INTERFACE_ID If supplied, the interface id (index within the subnet) to be used for @@ -166,6 +167,14 @@ OPTIONAL FLAGS IPV4_ONLY Only IPv4 protocol is enabled on this attachment. + --subnet-length=SUBNET_LENGTH + The length of the IPv4 subnet mask for this attachment. 29 is the + default value, except for attachments on Cross-Cloud Interconnects + whose remote location's "constraints.subnetLengthRange" field specifies + a minimum subnet length of 30. In that case, the default value is 30. + The default value is recommended when there's no requirement on the + subnet length. SUBNET_LENGTH must be one of: 29, 30. + --vlan=VLAN Desired VLAN for this attachment, in the range 2-4093. If not supplied, Google will automatically select a VLAN. diff --git a/gcloud/beta/compute/interconnects/create b/gcloud/beta/compute/interconnects/create index 518405f6e..9c6869c77 100644 --- a/gcloud/beta/compute/interconnects/create +++ b/gcloud/beta/compute/interconnects/create @@ -3,11 +3,12 @@ NAME interconnect SYNOPSIS - gcloud beta compute interconnects create NAME --customer-name=CUSTOMER_NAME + gcloud beta compute interconnects create NAME --interconnect-type=INTERCONNECT_TYPE --link-type=LINK_TYPE --location=LOCATION --requested-link-count=REQUESTED_LINK_COUNT - [--admin-enabled] [--description=DESCRIPTION] - [--noc-contact-email=NOC_CONTACT_EMAIL] [GCLOUD_WIDE_FLAG ...] + [--admin-enabled] [--customer-name=CUSTOMER_NAME] + [--description=DESCRIPTION] [--noc-contact-email=NOC_CONTACT_EMAIL] + [--remote-location=REMOTE_LOCATION] [GCLOUD_WIDE_FLAG ...] DESCRIPTION (BETA) gcloud beta compute interconnects create is used to create @@ -27,15 +28,21 @@ EXAMPLES --noc-contact-email=noc@example.com \ --description="Example interconnect" + To create a Cross-Cloud Interconnect, run: + + $ gcloud beta compute interconnects create example-cc-interconnect \ + --interconnect-type=DEDICATED \ + --link-type=LINK_TYPE_ETHERNET_10G_LR \ + --location=example-zone1-1 --requested-link-count=1 \ + --remote-location=example-remote-location \ + --noc-contact-email=noc@example.com \ + --description="Example Cross-Cloud Interconnect" + POSITIONAL ARGUMENTS NAME Name of the interconnect to create. REQUIRED FLAGS - --customer-name=CUSTOMER_NAME - Customer name to put in the Letter of Authorization as the party - authorized to request an interconnect. - --interconnect-type=INTERCONNECT_TYPE Type of the interconnect. INTERCONNECT_TYPE must be one of: @@ -70,6 +77,12 @@ OPTIONAL FLAGS operational and will carry traffic across any functioning linked interconnect attachments. Use --no-admin-enabled to disable it. + --customer-name=CUSTOMER_NAME + Customer name to put in the Letter of Authorization as the party + authorized to request an interconnect. This field is required for most + interconnects, however it is prohibited when creating a Cross-Cloud + Interconnect. + --description=DESCRIPTION An optional, textual description for the interconnect. @@ -77,6 +90,12 @@ OPTIONAL FLAGS Email address to contact the customer NOC for operations and maintenance notifications regarding this interconnect. + --remote-location=REMOTE_LOCATION + The remote location for a Cross-Cloud Interconnect. The remote + locations can be listed by using the gcloud beta compute interconnects + remote-locations list command to find the appropriate remote location + to use when creating a Cross-Cloud Interconnect. + GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, diff --git a/gcloud/beta/compute/interconnects/help b/gcloud/beta/compute/interconnects/help index 505799a94..d4fa9f0a8 100644 --- a/gcloud/beta/compute/interconnects/help +++ b/gcloud/beta/compute/interconnects/help @@ -29,6 +29,10 @@ GROUPS locations (BETA) Read and manipulate Compute Engine interconnect locations. + remote-locations + (BETA) Read and manipulate Google Compute Engine interconnect remote + locations. + COMMANDS COMMAND is one of the following: diff --git a/gcloud/beta/compute/interconnects/remote-locations/describe b/gcloud/beta/compute/interconnects/remote-locations/describe new file mode 100644 index 000000000..57a86e1fe --- /dev/null +++ b/gcloud/beta/compute/interconnects/remote-locations/describe @@ -0,0 +1,38 @@ +NAME + gcloud beta compute interconnects remote-locations describe - describe a + Google Compute Engine interconnect remote location + +SYNOPSIS + gcloud beta compute interconnects remote-locations describe NAME + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) Displays all data associated with Google Compute Engine interconnect + remote location in a project. + +EXAMPLES + Example of usage: + + $ gcloud beta compute interconnects remote-locations describe \ + my-remote-location + +POSITIONAL ARGUMENTS + NAME + Name of the Cloud Interconnect remote location to describe. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud compute interconnects remote-locations describe + + $ gcloud alpha compute interconnects remote-locations describe + diff --git a/gcloud/beta/compute/interconnects/remote-locations/help b/gcloud/beta/compute/interconnects/remote-locations/help new file mode 100644 index 000000000..0d6ac0338 --- /dev/null +++ b/gcloud/beta/compute/interconnects/remote-locations/help @@ -0,0 +1,33 @@ +NAME + gcloud beta compute interconnects remote-locations - read and manipulate + Google Compute Engine interconnect remote locations + +SYNOPSIS + gcloud beta compute interconnects remote-locations COMMAND + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) Read and manipulate Cloud Interconnect remote locations. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --help. + + Run $ gcloud help for details. + +COMMANDS + COMMAND is one of the following: + + describe + (BETA) Describe a Google Compute Engine interconnect remote location. + + list + (BETA) List Google Compute Engine Cloud Interconnect remote locations. + +NOTES + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud compute interconnects remote-locations + + $ gcloud alpha compute interconnects remote-locations + diff --git a/gcloud/beta/compute/interconnects/remote-locations/list b/gcloud/beta/compute/interconnects/remote-locations/list new file mode 100644 index 000000000..5330cf4ae --- /dev/null +++ b/gcloud/beta/compute/interconnects/remote-locations/list @@ -0,0 +1,72 @@ +NAME + gcloud beta compute interconnects remote-locations list - list Google + Compute Engine Cloud Interconnect remote locations + +SYNOPSIS + gcloud beta compute interconnects remote-locations list + [--filter=EXPRESSION] [--limit=LIMIT] [--page-size=PAGE_SIZE] + [--sort-by=[FIELD,...]] [--uri] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) gcloud beta compute interconnects remote-locations list displays all + Google Compute Engine Cloud Interconnect remote locations in a project. + +EXAMPLES + To list all Cloud Interconnect remote locations in a project in table form, + run: + + $ gcloud beta compute interconnects remote-locations list + + To list the URIs of all Cloud Interconnect remote locations in a project, + run: + + $ gcloud beta compute interconnects remote-locations list --uri + +LIST COMMAND FLAGS + --filter=EXPRESSION + Apply a Boolean filter EXPRESSION to each resource item to be listed. + If the expression evaluates True, then that item is listed. For more + details and examples of filter expressions, run $ gcloud topic filters. + This flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --limit=LIMIT + Maximum number of resources to list. The default is unlimited. This + flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --page-size=PAGE_SIZE + Some services group resource list output into pages. This flag + specifies the maximum number of resources per page. The default is + determined by the service if it supports paging, otherwise it is + unlimited (no paging). Paging may be applied before or after --filter + and --limit depending on the service. + + --sort-by=[FIELD,...] + Comma-separated list of resource field key names to sort by. The + default order is ascending. Prefix a field with ``~'' for descending + order on that field. This flag interacts with other flags that are + applied in this order: --flatten, --sort-by, --filter, --limit. + + --uri + Print a list of resource URIs instead of the default output, and change + the command output to a list of URIs. If this flag is used with + --format, the formatting is applied on this URI list. To display URIs + alongside other keys instead, use the uri() transform. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud compute interconnects remote-locations list + + $ gcloud alpha compute interconnects remote-locations list + diff --git a/gcloud/beta/compute/service-attachments/create b/gcloud/beta/compute/service-attachments/create index 636daf1d8..117166d68 100644 --- a/gcloud/beta/compute/service-attachments/create +++ b/gcloud/beta/compute/service-attachments/create @@ -8,7 +8,7 @@ SYNOPSIS --producer-forwarding-rule=PRODUCER_FORWARDING_RULE [--connection-preference=CONNECTION_PREFERENCE; default="ACCEPT_AUTOMATIC"] - [--consumer-accept-list=[PROJECT=LIMIT,...]] + [--consumer-accept-list=[PROJECT_OR_NETWORK=LIMIT,...]] [--consumer-reject-list=[REJECT_LIST,...]] [--description=DESCRIPTION] [--domain-names=[DOMAIN_NAMES,...]] [--enable-proxy-protocol] [--nat-subnets-region=NAT_SUBNETS_REGION] @@ -64,20 +64,31 @@ OPTIONAL FLAGS Only accept connection requests from consumers with the approval of the service provider. - --consumer-accept-list=[PROJECT=LIMIT,...] - Adds consumer project(s) with connection limit(s) to the accept list of - the service attachment. + --consumer-accept-list=[PROJECT_OR_NETWORK=LIMIT,...] + Specifies which consumer projects or networks are allowed to connect to + the service attachment. Each project or network has a connection limit. + A given service attachment can manage connections at either the project + or network level. Therefore, both the accept and reject lists for a + given service attachment must contain either only projects or only + networks. For example, --consumer-accept-list myProjectId1=20 accepts a consumer - project myProjectId1 with connection limit 20. + project myProjectId1 with connection limit 20; --consumer-accept-list + projects/myProjectId1/global/networks/myNet1=20 accepts a consumer + network myNet1 with connection limit 20 - ◆ PROJECT_ID_OR_NUM - Consumer project id or number. - ◆ CONNECTION_LIMIT - The max number of allowed connections. + ◆ PROJECT_OR_NETWORK - Consumer project ID, project number or network + URL. + ◆ CONNECTION_LIMIT - The maximum number of allowed connections. --consumer-reject-list=[REJECT_LIST,...] - Specifies a comma separated list of projects that are not allowed to - connect to this service attachment. The project can be specified using - its id or number. + Specifies a comma separated list of projects or networks that are not + allowed to connect to this service attachment. The project can be + specified using its project ID or project number and the network can be + specified using its URL. A given service attachment can manage + connections at either the project or network level. Therefore, both the + reject and accept lists for a given service attachment must contain + either only projects or only networks. --description=DESCRIPTION An optional, textual description for the service attachment. diff --git a/gcloud/beta/compute/service-attachments/update b/gcloud/beta/compute/service-attachments/update index 6243ede77..78303296e 100644 --- a/gcloud/beta/compute/service-attachments/update +++ b/gcloud/beta/compute/service-attachments/update @@ -5,7 +5,7 @@ NAME SYNOPSIS gcloud beta compute service-attachments update NAME [--connection-preference=CONNECTION_PREFERENCE] - [--consumer-accept-list=[PROJECT=LIMIT,...]] + [--consumer-accept-list=[PROJECT_OR_NETWORK=LIMIT,...]] [--consumer-reject-list=[REJECT_LIST,...]] [--description=DESCRIPTION] [--[no-]enable-proxy-protocol] [--nat-subnets=NAT_SUBNETS,[NAT_SUBNETS,...]] @@ -50,20 +50,31 @@ FLAGS Only accept connection requests from consumers with the approval of the service provider. - --consumer-accept-list=[PROJECT=LIMIT,...] - Adds consumer project(s) with connection limit(s) to the accept list of - the service attachment. + --consumer-accept-list=[PROJECT_OR_NETWORK=LIMIT,...] + Specifies which consumer projects or networks are allowed to connect to + the service attachment. Each project or network has a connection limit. + A given service attachment can manage connections at either the project + or network level. Therefore, both the accept and reject lists for a + given service attachment must contain either only projects or only + networks. For example, --consumer-accept-list myProjectId1=20 accepts a consumer - project myProjectId1 with connection limit 20. + project myProjectId1 with connection limit 20; --consumer-accept-list + projects/myProjectId1/global/networks/myNet1=20 accepts a consumer + network myNet1 with connection limit 20 - ◆ PROJECT_ID_OR_NUM - Consumer project id or number. - ◆ CONNECTION_LIMIT - The max number of allowed connections. + ◆ PROJECT_OR_NETWORK - Consumer project ID, project number or network + URL. + ◆ CONNECTION_LIMIT - The maximum number of allowed connections. --consumer-reject-list=[REJECT_LIST,...] - Specifies a comma separated list of projects that are not allowed to - connect to this service attachment. The project can be specified using - its id or number. + Specifies a comma separated list of projects or networks that are not + allowed to connect to this service attachment. The project can be + specified using its project ID or project number and the network can be + specified using its URL. A given service attachment can manage + connections at either the project or network level. Therefore, both the + reject and accept lists for a given service attachment must contain + either only projects or only networks. --description=DESCRIPTION An optional, textual description for the service attachment. diff --git a/gcloud/beta/config/get b/gcloud/beta/config/get index 410f96b46..753b538b4 100644 --- a/gcloud/beta/config/get +++ b/gcloud/beta/config/get @@ -204,6 +204,10 @@ AVAILABLE PROPERTIES Overrides API endpoint for gcloud app command group. Defaults to https://appengine.googleapis.com/ + apphub + Overrides API endpoint for gcloud apphub command group. Defaults to + https://apphub.googleapis.com/ + artifactregistry Overrides API endpoint for gcloud artifacts command group. Defaults to https://artifactregistry.googleapis.com/ diff --git a/gcloud/beta/config/help b/gcloud/beta/config/help index 4d663f0c7..fd825e4fc 100644 --- a/gcloud/beta/config/help +++ b/gcloud/beta/config/help @@ -236,6 +236,10 @@ AVAILABLE PROPERTIES Overrides API endpoint for gcloud app command group. Defaults to https://appengine.googleapis.com/ + apphub + Overrides API endpoint for gcloud apphub command group. Defaults to + https://apphub.googleapis.com/ + artifactregistry Overrides API endpoint for gcloud artifacts command group. Defaults to https://artifactregistry.googleapis.com/ diff --git a/gcloud/beta/config/list b/gcloud/beta/config/list index e51049155..89b6bef49 100644 --- a/gcloud/beta/config/list +++ b/gcloud/beta/config/list @@ -248,6 +248,10 @@ AVAILABLE PROPERTIES Overrides API endpoint for gcloud app command group. Defaults to https://appengine.googleapis.com/ + apphub + Overrides API endpoint for gcloud apphub command group. Defaults to + https://apphub.googleapis.com/ + artifactregistry Overrides API endpoint for gcloud artifacts command group. Defaults to https://artifactregistry.googleapis.com/ diff --git a/gcloud/beta/config/set b/gcloud/beta/config/set index b33dca05e..04611d6d4 100644 --- a/gcloud/beta/config/set +++ b/gcloud/beta/config/set @@ -251,6 +251,10 @@ AVAILABLE PROPERTIES Overrides API endpoint for gcloud app command group. Defaults to https://appengine.googleapis.com/ + apphub + Overrides API endpoint for gcloud apphub command group. Defaults to + https://apphub.googleapis.com/ + artifactregistry Overrides API endpoint for gcloud artifacts command group. Defaults to https://artifactregistry.googleapis.com/ diff --git a/gcloud/beta/config/unset b/gcloud/beta/config/unset index 76f10cd04..2ad34ab94 100644 --- a/gcloud/beta/config/unset +++ b/gcloud/beta/config/unset @@ -212,6 +212,10 @@ AVAILABLE PROPERTIES Overrides API endpoint for gcloud app command group. Defaults to https://appengine.googleapis.com/ + apphub + Overrides API endpoint for gcloud apphub command group. Defaults to + https://apphub.googleapis.com/ + artifactregistry Overrides API endpoint for gcloud artifacts command group. Defaults to https://artifactregistry.googleapis.com/ diff --git a/gcloud/beta/container/bare-metal/admin-clusters/unenroll b/gcloud/beta/container/bare-metal/admin-clusters/unenroll index cfb7b5190..1bb10e487 100644 --- a/gcloud/beta/container/bare-metal/admin-clusters/unenroll +++ b/gcloud/beta/container/bare-metal/admin-clusters/unenroll @@ -6,7 +6,7 @@ NAME SYNOPSIS gcloud beta container bare-metal admin-clusters unenroll (ADMIN_CLUSTER : --location=LOCATION) [--allow-missing] [--async] - [--validate-only] [GCLOUD_WIDE_FLAG ...] + [--ignore-errors] [--validate-only] [GCLOUD_WIDE_FLAG ...] DESCRIPTION (BETA) Unenroll an Anthos on bare metal admin cluster so that it is no @@ -61,6 +61,10 @@ FLAGS Return immediately, without waiting for the operation in progress to complete. + --ignore-errors + If set, the unenrollment of a bare metal admin cluster resource will + succeed even if errors occur during unenrollment. + --validate-only If set, only validate the request, but do not actually perform the operation. diff --git a/gcloud/beta/container/vmware/clusters/create b/gcloud/beta/container/vmware/clusters/create index 0cbf38db0..e17b89ae6 100644 --- a/gcloud/beta/container/vmware/clusters/create +++ b/gcloud/beta/container/vmware/clusters/create @@ -29,8 +29,9 @@ SYNOPSIS [ips=IPS],[netmask=NETMASK]) [--admin-users=ADMIN_USERS] [--annotations=[KEY=VALUE,...]] [--async] [--description=DESCRIPTION] [--disable-aag-config] [--disable-vsphere-csi] [--enable-auto-repair] - [--enable-control-plane-v2] [--enable-vm-tracking] [--validate-only] + [--enable-vm-tracking] [--validate-only] [--cpus=CPUS --enable-auto-resize --memory=MEMORY --replicas=REPLICAS] + [--disable-control-plane-v2 | --enable-control-plane-v2] [--enable-advanced-networking --enable-dataplane-v2] [GCLOUD_WIDE_FLAG ...] @@ -278,6 +279,16 @@ OPTIONAL FLAGS Users that will be granted the cluster-admin role on the cluster, providing full access to the cluster. + To add multiple users, specify one in each flag. When updating, the + update command overwrites the whole grant list. Specify all existing + and new users that you want to be cluster administrators. + + Examples: + + $ gcloud beta container vmware clusters create + --admin-users alice@example.com + --admin-users bob@example.com + --annotations=[KEY=VALUE,...] Annotations on the VMware user cluster. @@ -305,9 +316,6 @@ OPTIONAL FLAGS --enable-auto-repair If set, deploy the cluster-health-controller. - --enable-control-plane-v2 - If set, enable control plane v2. - --enable-vm-tracking If set, enable VM tracking. @@ -334,6 +342,14 @@ OPTIONAL FLAGS Number of control plane nodes for this VMware user cluster. (default: 1 replica). + At most one of these can be specified: + + --disable-control-plane-v2 + If set, disable control plane v2. + + --enable-control-plane-v2 + If set, enable control plane v2. + Dataplane V2 configurations --enable-advanced-networking diff --git a/gcloud/beta/container/vmware/clusters/update b/gcloud/beta/container/vmware/clusters/update index 41b663d0a..6841839e9 100644 --- a/gcloud/beta/container/vmware/clusters/update +++ b/gcloud/beta/container/vmware/clusters/update @@ -66,6 +66,16 @@ FLAGS Users that will be granted the cluster-admin role on the cluster, providing full access to the cluster. + To add multiple users, specify one in each flag. When updating, the + update command overwrites the whole grant list. Specify all existing + and new users that you want to be cluster administrators. + + Examples: + + $ gcloud beta container vmware clusters update + --admin-users alice@example.com + --admin-users bob@example.com + --async Return immediately, without waiting for the operation in progress to complete. diff --git a/gcloud/beta/network-security/firewall-endpoints/create b/gcloud/beta/network-security/firewall-endpoints/create new file mode 100644 index 000000000..45d87bcca --- /dev/null +++ b/gcloud/beta/network-security/firewall-endpoints/create @@ -0,0 +1,90 @@ +NAME + gcloud beta network-security firewall-endpoints create - create a Firewall + Plus endpoint + +SYNOPSIS + gcloud beta network-security firewall-endpoints create + (FIREWALL_ENDPOINT : --organization=ORGANIZATION --zone=ZONE) [--async] + [--labels=[KEY=VALUE,...]] [--max-wait=MAX_WAIT; default="60m"] + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) Create a firewall endpoint. Successful creation of an endpoint + results in an endpoint in READY state. Check the progress of endpoint + creation by using gcloud network-security firewall-endpoints list. + + For more examples, refer to the EXAMPLES section below. + +EXAMPLES + To create a firewall endpoint called my-endpoint, in zone us-central1-a and + organization ID 1234, run: + + $ gcloud beta network-security firewall-endpoints create \ + my-endpoint --zone=us-central1-a --organization=1234 + +POSITIONAL ARGUMENTS + Firewall endpoint resource - Firewall Plus. The arguments in this group + can be used to specify the attributes of this resource. + + This must be specified. + + FIREWALL_ENDPOINT + ID of the firewall endpoint or fully qualified identifier for the + firewall endpoint. + + To set the endpoint-name attribute: + ▸ provide the argument FIREWALL_ENDPOINT on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --organization=ORGANIZATION + Organization ID of the firewall endpoint. + + To set the organization attribute: + ▸ provide the argument FIREWALL_ENDPOINT on the command line with a + fully specified name; + ▸ provide the argument --organization on the command line. + + --zone=ZONE + Zone of the firewall endpoint. + + To set the zone attribute: + ▸ provide the argument FIREWALL_ENDPOINT on the command line with a + fully specified name; + ▸ provide the argument --zone on the command line. + +FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. The default is True. Enabled by default, use --no-async to + disable. + + --labels=[KEY=VALUE,...] + List of label KEY=VALUE pairs to add. + + Keys must start with a lowercase character and contain only hyphens + (-), underscores (_), lowercase characters, and numbers. Values must + contain only hyphens (-), underscores (_), lowercase characters, and + numbers. + + --max-wait=MAX_WAIT; default="60m" + Time to synchronously wait for the operation to complete, after which + the operation continues asynchronously. Ignored if --no-async isn't + specified. See $ gcloud topic datetimes for information on time + formats. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud alpha network-security firewall-endpoints create + diff --git a/gcloud/beta/network-security/firewall-endpoints/delete b/gcloud/beta/network-security/firewall-endpoints/delete new file mode 100644 index 000000000..4616708d3 --- /dev/null +++ b/gcloud/beta/network-security/firewall-endpoints/delete @@ -0,0 +1,86 @@ +NAME + gcloud beta network-security firewall-endpoints delete - delete a Firewall + Plus endpoint + +SYNOPSIS + gcloud beta network-security firewall-endpoints delete + (FIREWALL_ENDPOINT : --organization=ORGANIZATION --zone=ZONE) [--async] + [--max-wait=MAX_WAIT; default="60m"] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) Delete a firewall endpoint. Check the progress of endpoint deletion + by using gcloud network-security firewall-endpoints list. + + For more examples, refer to the EXAMPLES section below. + +EXAMPLES + To delete a firewall endpoint called my-endpoint, in zone us-central1-a and + organization ID 1234, run: + + $ gcloud beta network-security firewall-endpoints delete \ + my-endpoint --zone=us-central1-a --organization=1234 + + OR + + $ gcloud beta network-security firewall-endpoints delete \ + organizations/1234/locations/us-central1-a/firewallEndpoints/\ + my-endpoint + +POSITIONAL ARGUMENTS + Firewall endpoint resource - Firewall Plus. The arguments in this group + can be used to specify the attributes of this resource. + + This must be specified. + + FIREWALL_ENDPOINT + ID of the firewall endpoint or fully qualified identifier for the + firewall endpoint. + + To set the endpoint-name attribute: + ▸ provide the argument FIREWALL_ENDPOINT on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --organization=ORGANIZATION + Organization ID of the firewall endpoint. + + To set the organization attribute: + ▸ provide the argument FIREWALL_ENDPOINT on the command line with a + fully specified name; + ▸ provide the argument --organization on the command line. + + --zone=ZONE + Zone of the firewall endpoint. + + To set the zone attribute: + ▸ provide the argument FIREWALL_ENDPOINT on the command line with a + fully specified name; + ▸ provide the argument --zone on the command line. + +FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. The default is True. Enabled by default, use --no-async to + disable. + + --max-wait=MAX_WAIT; default="60m" + Time to synchronously wait for the operation to complete, after which + the operation continues asynchronously. Ignored if --no-async isn't + specified. See $ gcloud topic datetimes for information on time + formats. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud alpha network-security firewall-endpoints delete + diff --git a/gcloud/beta/network-security/firewall-endpoints/describe b/gcloud/beta/network-security/firewall-endpoints/describe new file mode 100644 index 000000000..a8fa691d7 --- /dev/null +++ b/gcloud/beta/network-security/firewall-endpoints/describe @@ -0,0 +1,73 @@ +NAME + gcloud beta network-security firewall-endpoints describe - describe a + Firewall Plus endpoint + +SYNOPSIS + gcloud beta network-security firewall-endpoints describe + (FIREWALL_ENDPOINT : --organization=ORGANIZATION --zone=ZONE) + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) Describe a firewall endpoint. + + For more examples, refer to the EXAMPLES section below. + +EXAMPLES + To get a description of a firewall endpoint called my-endpoint in zone + us-central1-a and organization ID 1234, run: + + $ gcloud beta network-security firewall-endpoints describe \ + my-endpoint --zone=us-central1-a --organization=1234 + + OR + + $ gcloud beta network-security firewall-endpoints describe \ + organizations/1234/locations/us-central1-a/firewallEndpoints/\ + my-endpoint + +POSITIONAL ARGUMENTS + Firewall endpoint resource - Firewall Plus. The arguments in this group + can be used to specify the attributes of this resource. + + This must be specified. + + FIREWALL_ENDPOINT + ID of the firewall endpoint or fully qualified identifier for the + firewall endpoint. + + To set the endpoint-name attribute: + ▸ provide the argument FIREWALL_ENDPOINT on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --organization=ORGANIZATION + Organization ID of the firewall endpoint. + + To set the organization attribute: + ▸ provide the argument FIREWALL_ENDPOINT on the command line with a + fully specified name; + ▸ provide the argument --organization on the command line. + + --zone=ZONE + Zone of the firewall endpoint. + + To set the zone attribute: + ▸ provide the argument FIREWALL_ENDPOINT on the command line with a + fully specified name; + ▸ provide the argument --zone on the command line. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud alpha network-security firewall-endpoints describe + diff --git a/gcloud/beta/network-security/firewall-endpoints/help b/gcloud/beta/network-security/firewall-endpoints/help new file mode 100644 index 000000000..b20bd6cd9 --- /dev/null +++ b/gcloud/beta/network-security/firewall-endpoints/help @@ -0,0 +1,37 @@ +NAME + gcloud beta network-security firewall-endpoints - create and manage + Firewall Plus endpoints + +SYNOPSIS + gcloud beta network-security firewall-endpoints COMMAND + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) Create and manage Firewall Plus endpoints. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --help. + + Run $ gcloud help for details. + +COMMANDS + COMMAND is one of the following: + + create + (BETA) Create a Firewall Plus endpoint. + + delete + (BETA) Delete a Firewall Plus endpoint. + + describe + (BETA) Describe a Firewall Plus endpoint. + + list + (BETA) List Firewall Plus endpoints. + +NOTES + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud alpha network-security firewall-endpoints + diff --git a/gcloud/beta/network-security/firewall-endpoints/list b/gcloud/beta/network-security/firewall-endpoints/list new file mode 100644 index 000000000..60e2d9ffb --- /dev/null +++ b/gcloud/beta/network-security/firewall-endpoints/list @@ -0,0 +1,74 @@ +NAME + gcloud beta network-security firewall-endpoints list - list Firewall Plus + endpoints + +SYNOPSIS + gcloud beta network-security firewall-endpoints list + --organization=ORGANIZATION --zone=ZONE [--filter=EXPRESSION] + [--limit=LIMIT] [--page-size=PAGE_SIZE] [--sort-by=[FIELD,...]] [--uri] + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) List firewall endpoints. + + For more examples, refer to the EXAMPLES section below. + +EXAMPLES + To list firewall endpoints in organization ID 1234, run: + + $ gcloud beta network-security firewall-endpoints list \ + --organization=1234 + +REQUIRED FLAGS + --organization=ORGANIZATION + The organization for a list operation + + --zone=ZONE + The zone for a list operation + +LIST COMMAND FLAGS + --filter=EXPRESSION + Apply a Boolean filter EXPRESSION to each resource item to be listed. + If the expression evaluates True, then that item is listed. For more + details and examples of filter expressions, run $ gcloud topic filters. + This flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --limit=LIMIT + Maximum number of resources to list. The default is unlimited. This + flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --page-size=PAGE_SIZE + Some services group resource list output into pages. This flag + specifies the maximum number of resources per page. The default is + determined by the service if it supports paging, otherwise it is + unlimited (no paging). Paging may be applied before or after --filter + and --limit depending on the service. + + --sort-by=[FIELD,...] + Comma-separated list of resource field key names to sort by. The + default order is ascending. Prefix a field with ``~'' for descending + order on that field. This flag interacts with other flags that are + applied in this order: --flatten, --sort-by, --filter, --limit. + + --uri + Print a list of resource URIs instead of the default output, and change + the command output to a list of URIs. If this flag is used with + --format, the formatting is applied on this URI list. To display URIs + alongside other keys instead, use the uri() transform. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud alpha network-security firewall-endpoints list + diff --git a/gcloud/beta/network-security/help b/gcloud/beta/network-security/help index 66bed892c..73f4a1b3b 100644 --- a/gcloud/beta/network-security/help +++ b/gcloud/beta/network-security/help @@ -21,9 +21,18 @@ GROUPS client-tls-policies (BETA) Manage Network Security ClientTlsPolicies. + firewall-endpoints + (BETA) Create and manage Firewall Plus endpoints. + gateway-security-policies (BETA) Manage Network Security Gateway Security Policies. + security-profile-groups + (BETA) Manage Network Security - Security Profile Groups. + + security-profiles + (BETA) Manage Network Security - Security Profiles. + server-tls-policies (BETA) Manage Network Security ServerTlsPolicies. diff --git a/gcloud/beta/network-security/security-profile-groups/create b/gcloud/beta/network-security/security-profile-groups/create new file mode 100644 index 000000000..1c3af6f3e --- /dev/null +++ b/gcloud/beta/network-security/security-profile-groups/create @@ -0,0 +1,90 @@ +NAME + gcloud beta network-security security-profile-groups create - create a new + Security Profile Group + +SYNOPSIS + gcloud beta network-security security-profile-groups create + (SECURITY_PROFILE_GROUP + : --location=LOCATION --organization=ORGANIZATION) + --threat-prevention-profile=THREAT_PREVENTION_PROFILE [--async] + [--description=DESCRIPTION] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) Create a new Security Profile Group with the given name. + +EXAMPLES + To create a Security Profile Group with the name my-security-profile-group + (Either a fully specified path or --location and --organization flags for + SPG should be specified), --threat-prevention-profile my-security-profile + and optional description as optional description, run: + + $ gcloud beta network-security security-profile-groups create \ + my-security-profile-group --organization=1234 \ + --location=global \ + --threat-prevention-profile=`organizations/1234/locations/\ + global/securityProfiles/my-security-profile` \ + --description='optional description' + +POSITIONAL ARGUMENTS + Security profile group resource - Name of the security profile group to be + created. The arguments in this group can be used to specify the attributes + of this resource. + + This must be specified. + + SECURITY_PROFILE_GROUP + ID of the security profile group or fully qualified identifier for + the security profile group. + + To set the security_profile_group attribute: + ▸ provide the argument security_profile_group on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + Location Id. + + To set the location attribute: + ▸ provide the argument security_profile_group on the command line + with a fully specified name; + ▸ provide the argument --location on the command line. + + --organization=ORGANIZATION + Organization number. + + To set the organization attribute: + ▸ provide the argument security_profile_group on the command line + with a fully specified name; + ▸ provide the argument --organization on the command line. + +REQUIRED FLAGS + --threat-prevention-profile=THREAT_PREVENTION_PROFILE + Name of the security profile of type threat prevention. + +OPTIONAL FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. + + --description=DESCRIPTION + Description of the security profile group. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +API REFERENCE + This command uses the networksecurity/v1beta1 API. The full documentation + for this API can be found at: https://cloud.google.com/networking + +NOTES + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud alpha network-security security-profile-groups create + diff --git a/gcloud/beta/network-security/security-profile-groups/delete b/gcloud/beta/network-security/security-profile-groups/delete new file mode 100644 index 000000000..9b5cffdc6 --- /dev/null +++ b/gcloud/beta/network-security/security-profile-groups/delete @@ -0,0 +1,77 @@ +NAME + gcloud beta network-security security-profile-groups delete - delete a + Security Profile Group + +SYNOPSIS + gcloud beta network-security security-profile-groups delete + (SECURITY_PROFILE_GROUP + : --location=LOCATION --organization=ORGANIZATION) [--async] + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) Delete the specified Security Profile Group. + +EXAMPLES + To delete an Security Profile Group called my-security-profile-group + (Either a fully specified path or --location and --organization flags for + SPG should be specified) run: + + $ gcloud beta network-security security-profile-groups delete \ + my-security-profile-group --organization=1234 --location=global + +POSITIONAL ARGUMENTS + Security profile group resource - Name of the Security Profile Group you + want to delete. The arguments in this group can be used to specify the + attributes of this resource. + + This must be specified. + + SECURITY_PROFILE_GROUP + ID of the security profile group or fully qualified identifier for + the security profile group. + + To set the security_profile_group attribute: + ▸ provide the argument security_profile_group on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + Location Id. + + To set the location attribute: + ▸ provide the argument security_profile_group on the command line + with a fully specified name; + ▸ provide the argument --location on the command line. + + --organization=ORGANIZATION + Organization number. + + To set the organization attribute: + ▸ provide the argument security_profile_group on the command line + with a fully specified name; + ▸ provide the argument --organization on the command line. + +FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +API REFERENCE + This command uses the networksecurity/v1beta1 API. The full documentation + for this API can be found at: https://cloud.google.com/networking + +NOTES + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud alpha network-security security-profile-groups delete + diff --git a/gcloud/beta/network-security/security-profile-groups/describe b/gcloud/beta/network-security/security-profile-groups/describe new file mode 100644 index 000000000..0f1a8482f --- /dev/null +++ b/gcloud/beta/network-security/security-profile-groups/describe @@ -0,0 +1,72 @@ +NAME + gcloud beta network-security security-profile-groups describe - describe a + Security Profile Group + +SYNOPSIS + gcloud beta network-security security-profile-groups describe + (SECURITY_PROFILE_GROUP + : --location=LOCATION --organization=ORGANIZATION) + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) Show details of a Security Profile Group. + +EXAMPLES + To show details of a Security Profile Group named my-security-profile-group + (Either a fully specified path or --location and --organization flags for + SPG should be specified) run: + + $ gcloud beta network-security security-profile-groups describe \ + my-security-profile-group --organization=1234 --location=global + +POSITIONAL ARGUMENTS + Security profile group resource - Name of the Security Profile Group to be + described. The arguments in this group can be used to specify the + attributes of this resource. + + This must be specified. + + SECURITY_PROFILE_GROUP + ID of the security profile group or fully qualified identifier for + the security profile group. + + To set the security_profile_group attribute: + ▸ provide the argument security_profile_group on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + Location Id. + + To set the location attribute: + ▸ provide the argument security_profile_group on the command line + with a fully specified name; + ▸ provide the argument --location on the command line. + + --organization=ORGANIZATION + Organization number. + + To set the organization attribute: + ▸ provide the argument security_profile_group on the command line + with a fully specified name; + ▸ provide the argument --organization on the command line. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +API REFERENCE + This command uses the networksecurity/v1beta1 API. The full documentation + for this API can be found at: https://cloud.google.com/networking + +NOTES + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud alpha network-security security-profile-groups describe + diff --git a/gcloud/beta/network-security/security-profile-groups/help b/gcloud/beta/network-security/security-profile-groups/help new file mode 100644 index 000000000..559acbf56 --- /dev/null +++ b/gcloud/beta/network-security/security-profile-groups/help @@ -0,0 +1,83 @@ +NAME + gcloud beta network-security security-profile-groups - manage Network + Security - Security Profile Groups + +SYNOPSIS + gcloud beta network-security security-profile-groups COMMAND + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) Manage Network Security - Security Profile Groups. + +EXAMPLES + To create a Security Profile Group with the name my-security-profile-group + (Either a fully specified path or --location and --organization flags for + SPG should be specified), --threat-prevention-profile my-security-profile + and optional description as optional description, run: + + $ gcloud beta network-security security-profile-groups create \ + my-security-profile-group --organization=1234 \ + --location=global \ + --threat-prevention-profile=`organizations/1234/locations/\ + global/securityProfiles/my-security-profile` \ + --description='optional description' + + To delete an Security Profile Group called my-security-profile-group + (Either a fully specified path or --location and --organization flags for + SPG should be specified) run: + + $ gcloud beta network-security security-profile-groups delete \ + my-security-profile-group --organization=1234 --location=global + + To show details of a Security Profile Group named my-security-profile-group + (Either a fully specified path or --location and --organization flags for + SPG should be specified) run: + + $ gcloud beta network-security security-profile-groups describe \ + my-security-profile-group --organization=1234 --location=global + + To list Security Profile Groups in specifed location and organization, run: + + $ gcloud beta network-security security-profile-groups list \ + --location=global + + To update an SPG with new Threat prevention profile my-new-security-profile + (Either a fully specified path or --location and --organization flags for + SPG should be specified), run: + + $ gcloud beta network-security security-profile-groups update \ + my-security-profile-group --organization=1234 \ + --location=global \ + --threat-prevention-profile=`organizations/1234/locations/\ + global/securityProfiles/my-new-security-profile` \ + --description='New Security Profile of type threat prevention' + +GCLOUD WIDE FLAGS + These flags are available to all commands: --help. + + Run $ gcloud help for details. + +COMMANDS + COMMAND is one of the following: + + create + (BETA) Create a new Security Profile Group. + + delete + (BETA) Delete a Security Profile Group. + + describe + (BETA) Describe a Security Profile Group. + + list + (BETA) List Security Profile groups. + + update + (BETA) Update a Security Profile Group. + +NOTES + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud alpha network-security security-profile-groups + diff --git a/gcloud/beta/network-security/security-profile-groups/list b/gcloud/beta/network-security/security-profile-groups/list new file mode 100644 index 000000000..aa1376957 --- /dev/null +++ b/gcloud/beta/network-security/security-profile-groups/list @@ -0,0 +1,93 @@ +NAME + gcloud beta network-security security-profile-groups list - list Security + Profile groups + +SYNOPSIS + gcloud beta network-security security-profile-groups list + (--location=LOCATION : --organization=ORGANIZATION) + [--filter=EXPRESSION] [--limit=LIMIT] [--page-size=PAGE_SIZE] + [--sort-by=[FIELD,...]] [--uri] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) List all Security Profile Groups in the specified location. + +EXAMPLES + To list Security Profile Groups in specifed location and organization, run: + + $ gcloud beta network-security security-profile-groups list \ + --location=global + +REQUIRED FLAGS + Location resource - The location of Security Profile Groups to display. + The arguments in this group can be used to specify the attributes of this + resource. + + This must be specified. + + --location=LOCATION + ID of the location or fully qualified identifier for the location. + + To set the location attribute: + ▸ provide the argument --location on the command line. + + This flag argument must be specified if any of the other arguments in + this group are specified. + + --organization=ORGANIZATION + Organization number. + + To set the organization attribute: + ▸ provide the argument --location on the command line with a fully + specified name; + ▸ provide the argument --organization on the command line. + +LIST COMMAND FLAGS + --filter=EXPRESSION + Apply a Boolean filter EXPRESSION to each resource item to be listed. + If the expression evaluates True, then that item is listed. For more + details and examples of filter expressions, run $ gcloud topic filters. + This flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --limit=LIMIT + Maximum number of resources to list. The default is unlimited. This + flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --page-size=PAGE_SIZE + Some services group resource list output into pages. This flag + specifies the maximum number of resources per page. The default is + determined by the service if it supports paging, otherwise it is + unlimited (no paging). Paging may be applied before or after --filter + and --limit depending on the service. + + --sort-by=[FIELD,...] + Comma-separated list of resource field key names to sort by. The + default order is ascending. Prefix a field with ``~'' for descending + order on that field. This flag interacts with other flags that are + applied in this order: --flatten, --sort-by, --filter, --limit. + + --uri + Print a list of resource URIs instead of the default output, and change + the command output to a list of URIs. If this flag is used with + --format, the formatting is applied on this URI list. To display URIs + alongside other keys instead, use the uri() transform. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +API REFERENCE + This command uses the networksecurity/v1beta1 API. The full documentation + for this API can be found at: https://cloud.google.com/networking + +NOTES + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud alpha network-security security-profile-groups list + diff --git a/gcloud/beta/network-security/security-profile-groups/update b/gcloud/beta/network-security/security-profile-groups/update new file mode 100644 index 000000000..3377ded4a --- /dev/null +++ b/gcloud/beta/network-security/security-profile-groups/update @@ -0,0 +1,89 @@ +NAME + gcloud beta network-security security-profile-groups update - update a + Security Profile Group + +SYNOPSIS + gcloud beta network-security security-profile-groups update + (SECURITY_PROFILE_GROUP + : --location=LOCATION --organization=ORGANIZATION) [--async] + [--description=DESCRIPTION] + [--threat-prevention-profile=THREAT_PREVENTION_PROFILE] + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) Update the details of a Security Profile Group. + +EXAMPLES + To update an SPG with new Threat prevention profile my-new-security-profile + (Either a fully specified path or --location and --organization flags for + SPG should be specified), run: + + $ gcloud beta network-security security-profile-groups update \ + my-security-profile-group --organization=1234 \ + --location=global \ + --threat-prevention-profile=`organizations/1234/locations/\ + global/securityProfiles/my-new-security-profile` \ + --description='New Security Profile of type threat prevention' + +POSITIONAL ARGUMENTS + Security profile group resource - Name of the Security Profile Group to be + updated. The arguments in this group can be used to specify the attributes + of this resource. + + This must be specified. + + SECURITY_PROFILE_GROUP + ID of the security profile group or fully qualified identifier for + the security profile group. + + To set the security_profile_group attribute: + ▸ provide the argument security_profile_group on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + Location Id. + + To set the location attribute: + ▸ provide the argument security_profile_group on the command line + with a fully specified name; + ▸ provide the argument --location on the command line. + + --organization=ORGANIZATION + Organization number. + + To set the organization attribute: + ▸ provide the argument security_profile_group on the command line + with a fully specified name; + ▸ provide the argument --organization on the command line. + +FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. + + --description=DESCRIPTION + New description of the Security Profile Group. + + --threat-prevention-profile=THREAT_PREVENTION_PROFILE + Name of the security profile of type threat prevention. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +API REFERENCE + This command uses the networksecurity/v1beta1 API. The full documentation + for this API can be found at: https://cloud.google.com/networking + +NOTES + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud alpha network-security security-profile-groups update + diff --git a/gcloud/beta/network-security/security-profiles/help b/gcloud/beta/network-security/security-profiles/help new file mode 100644 index 000000000..a0e37ef44 --- /dev/null +++ b/gcloud/beta/network-security/security-profiles/help @@ -0,0 +1,27 @@ +NAME + gcloud beta network-security security-profiles - manage Network Security - + Security Profiles + +SYNOPSIS + gcloud beta network-security security-profiles GROUP [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) Manage Network Security - Security Profiles. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --help. + + Run $ gcloud help for details. + +GROUPS + GROUP is one of the following: + + threat-prevention + (BETA) Manage Security Profiles - Threat Prevention Profile. + +NOTES + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud alpha network-security security-profiles + diff --git a/gcloud/beta/network-security/security-profiles/threat-prevention/add-override b/gcloud/beta/network-security/security-profiles/threat-prevention/add-override new file mode 100644 index 000000000..8771848c1 --- /dev/null +++ b/gcloud/beta/network-security/security-profiles/threat-prevention/add-override @@ -0,0 +1,101 @@ +NAME + gcloud beta network-security security-profiles threat-prevention + add-override - add overrides to Threat Prevention Profile + +SYNOPSIS + gcloud beta network-security security-profiles threat-prevention + add-override + (SECURITY_PROFILE : --location=LOCATION --organization=ORGANIZATION) + --action=ACTION + (--severities=[SEVERITY_LEVEL,...] | --threat-ids=[THREAT-ID,...]) + [--async] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) Add severities or threat-ids to existing threat prevention profile + with intended action on each specified. Check the updates of add-override + command by using gcloud network-security security-profiles + threat-prevention list-override my-security-profile. + + For more examples, refer to the EXAMPLES section below. + +EXAMPLES + To add an override, run: + + $ gcloud beta network-security security-profiles threat-prevention \ + add-override my-security-profile --severities=MEDIUM \ + --action=ALLOW + + my-security-profile is the name of the Security Profile in the format + organizations/{organizationID}/locations/{location}/securityProfiles/ + {security_profile_id} where organizationID is the organization ID to which + the changes should apply, location either global or region specified and + security_profile_id the Security Profile Identifier + +POSITIONAL ARGUMENTS + Security profile resource - Security Profile Name. The arguments in this + group can be used to specify the attributes of this resource. + + This must be specified. + + SECURITY_PROFILE + ID of the security_profile or fully qualified identifier for the + security_profile. + + To set the security_profile attribute: + ▸ provide the argument security_profile on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + location of the security_profile Global|Region. + + To set the location attribute: + ▸ provide the argument security_profile on the command line with a + fully specified name; + ▸ provide the argument --location on the command line. + + --organization=ORGANIZATION + Organization ID to which the changes should apply. + + To set the organization attribute: + ▸ provide the argument security_profile on the command line with a + fully specified name; + ▸ provide the argument --organization on the command line. + +REQUIRED FLAGS + --action=ACTION + Action associated with severity or threat-id. ACTION must be one of: + DEFAULT, ALLOW, ALERT, DENY. + + Exactly one of these must be specified: + + --severities=[SEVERITY_LEVEL,...] + List of comma-separated severities where each value in the list + indicates the severity of the threat. + + --threat-ids=[THREAT-ID,...] + List of comma-separated threat identifiers where each identifier in + the list is a vendor-specified Signature ID representing a threat + type. + +OPTIONAL FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. The default is False. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud alpha network-security security-profiles \ + threat-prevention add-override + diff --git a/gcloud/beta/network-security/security-profiles/threat-prevention/create b/gcloud/beta/network-security/security-profiles/threat-prevention/create new file mode 100644 index 000000000..73a033bbf --- /dev/null +++ b/gcloud/beta/network-security/security-profiles/threat-prevention/create @@ -0,0 +1,75 @@ +NAME + gcloud beta network-security security-profiles threat-prevention create - + create a new Threat Prevention Profile + +SYNOPSIS + gcloud beta network-security security-profiles threat-prevention create + (SECURITY_PROFILE : --location=LOCATION --organization=ORGANIZATION) + [--async] [--description=DESCRIPTION] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) Create a new Security Profile with the given name. + +EXAMPLES + To create a Security Profile with the name my-security-profile which + includes location as global or region specifed and organization ID, + optional description as New Security Profile, run: + + $ gcloud beta network-security security-profiles threat-prevention \ + create my-security-profile --description="New Security Profile" + +POSITIONAL ARGUMENTS + Security profile resource - Security Profile Name. The arguments in this + group can be used to specify the attributes of this resource. + + This must be specified. + + SECURITY_PROFILE + ID of the security_profile or fully qualified identifier for the + security_profile. + + To set the security_profile attribute: + ▸ provide the argument security_profile on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + location of the security_profile Global|Region. + + To set the location attribute: + ▸ provide the argument security_profile on the command line with a + fully specified name; + ▸ provide the argument --location on the command line. + + --organization=ORGANIZATION + Organization ID to which the changes should apply. + + To set the organization attribute: + ▸ provide the argument security_profile on the command line with a + fully specified name; + ▸ provide the argument --organization on the command line. + +FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. The default is False. + + --description=DESCRIPTION + Brief description of the security profile + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud alpha network-security security-profiles \ + threat-prevention create + diff --git a/gcloud/beta/network-security/security-profiles/threat-prevention/delete b/gcloud/beta/network-security/security-profiles/threat-prevention/delete new file mode 100644 index 000000000..dbe7a1a02 --- /dev/null +++ b/gcloud/beta/network-security/security-profiles/threat-prevention/delete @@ -0,0 +1,76 @@ +NAME + gcloud beta network-security security-profiles threat-prevention delete - + delete a Security Profile + +SYNOPSIS + gcloud beta network-security security-profiles threat-prevention delete + (SECURITY_PROFILE : --location=LOCATION --organization=ORGANIZATION) + [--async] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) Delete the specified Security Profile. + +EXAMPLES + To delete a Security Profile called my-security-profile which includes + location as global or region specifed and organization ID, run: + + $ gcloud beta network-security security-profiles threat-prevention \ + delete my-security-profile + +POSITIONAL ARGUMENTS + Security profile resource - Name of the Security Profile you want to + delete. The arguments in this group can be used to specify the attributes + of this resource. + + This must be specified. + + SECURITY_PROFILE + ID of the security_profile or fully qualified identifier for the + security_profile. + + To set the security_profile attribute: + ▸ provide the argument security_profile on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + Location Id. + + To set the location attribute: + ▸ provide the argument security_profile on the command line with a + fully specified name; + ▸ provide the argument --location on the command line. + + --organization=ORGANIZATION + Organization number. + + To set the organization attribute: + ▸ provide the argument security_profile on the command line with a + fully specified name; + ▸ provide the argument --organization on the command line. + +FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +API REFERENCE + This command uses the networksecurity/v1beta1 API. The full documentation + for this API can be found at: https://cloud.google.com/networking + +NOTES + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud alpha network-security security-profiles \ + threat-prevention delete + diff --git a/gcloud/beta/network-security/security-profiles/threat-prevention/delete-override b/gcloud/beta/network-security/security-profiles/threat-prevention/delete-override new file mode 100644 index 000000000..82192b7ce --- /dev/null +++ b/gcloud/beta/network-security/security-profiles/threat-prevention/delete-override @@ -0,0 +1,95 @@ +NAME + gcloud beta network-security security-profiles threat-prevention + delete-override - delete overrides of Threat Prevention Profile + +SYNOPSIS + gcloud beta network-security security-profiles threat-prevention + delete-override + (SECURITY_PROFILE : --location=LOCATION --organization=ORGANIZATION) + (--severities=[SEVERITY_LEVEL,...] | --threat-ids=[THREAT-ID,...]) + [--async] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) To delete existing severities or threat-ids of threat prevention + profile. Check the updates of update-override command by using gcloud + network-security security-profiles threat-prevention list-override + my-security-profile. + + For more examples, refer to the EXAMPLES section below. + +EXAMPLES + To delete an override, run: + + $ gcloud beta network-security security-profiles threat-prevention \ + delete-override my-security-profile --severities=MEDIUM + + my-security-profile is the name of the Security Profile in the format + organizations/{organizationID}/locations/{location}/securityProfiles/ + {security_profile_id} where organizationID is the organization ID to which + the changes should apply, location either global or region specified and + security_profile_id the Security Profile Identifier + +POSITIONAL ARGUMENTS + Security profile resource - Security Profile Name. The arguments in this + group can be used to specify the attributes of this resource. + + This must be specified. + + SECURITY_PROFILE + ID of the security_profile or fully qualified identifier for the + security_profile. + + To set the security_profile attribute: + ▸ provide the argument security_profile on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + location of the security_profile Global|Region. + + To set the location attribute: + ▸ provide the argument security_profile on the command line with a + fully specified name; + ▸ provide the argument --location on the command line. + + --organization=ORGANIZATION + Organization ID to which the changes should apply. + + To set the organization attribute: + ▸ provide the argument security_profile on the command line with a + fully specified name; + ▸ provide the argument --organization on the command line. + +REQUIRED FLAGS + Exactly one of these must be specified: + + --severities=[SEVERITY_LEVEL,...] + List of comma-separated severities where each value in the list + indicates the severity of the threat. + + --threat-ids=[THREAT-ID,...] + List of comma-separated threat identifiers where each identifier in + the list is a vendor-specified Signature ID representing a threat + type. + +OPTIONAL FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. The default is False. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud alpha network-security security-profiles \ + threat-prevention delete-override + diff --git a/gcloud/beta/network-security/security-profiles/threat-prevention/help b/gcloud/beta/network-security/security-profiles/threat-prevention/help new file mode 100644 index 000000000..908f32cc6 --- /dev/null +++ b/gcloud/beta/network-security/security-profiles/threat-prevention/help @@ -0,0 +1,111 @@ +NAME + gcloud beta network-security security-profiles threat-prevention - manage + Security Profiles - Threat Prevention Profile + +SYNOPSIS + gcloud beta network-security security-profiles threat-prevention COMMAND + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) Manage Security Profiles - Threat Prevention Profile. + +EXAMPLES + To create a Security Profile with the name my-security-profile which + includes location as global or region specifed and organization ID, + optional description as New Security Profile, run: + + $ gcloud beta network-security security-profiles threat-prevention \ + create my-security-profile --description="New Security Profile" + + To add an override, run: + + $ gcloud beta network-security security-profiles threat-prevention \ + add-override my-security-profile --severities=MEDIUM \ + --action=ALLOW + + `my-security-profile` is the name of the Security Profile in the + format organizations/{organizationID}/locations/{location}/securityProfiles/ + {security_profile_id} where organizationID is the organization ID to which + the changes should apply, location either global or region specified and + security_profile_id the Security Profile Identifier. + + To update an override, run: + + $ gcloud beta network-security security-profiles threat-prevention \ + update-override my-security-profile --severities=MEDIUM \ + --action=ALLOW + + `my-security-profile` is the name of the Security Profile in the + format organizations/{organizationID}/locations/{location}/securityProfiles/ + {security_profile_id} where organizationID is the organization ID to which + the changes should apply, location either global or region specified and + security_profile_id the Security Profile Identifier. + + To list overrides, run: + + $ gcloud beta network-security security-profiles threat-prevention \ + list-overrides my-security-profile + + `my-security-profile` is the name of the Security Profile in the + format organizations/{organizationID}/locations/{location}/securityProfiles/ + {security_profile_id} where organizationID is the organization ID to which + the changes should apply, location either global or region specified and + security_profile_id the Security Profile Identifier. + + To delete an override, run: + + $ gcloud beta network-security security-profiles threat-prevention \ + delete-override my-security-profile --severities=MEDIUM + + `my-security-profile` is the name of the Security Profile in the + format organizations/{organizationID}/locations/{location}/securityProfiles/ + {security_profile_id} where organizationID is the organization ID to which + the changes should apply, location either global or region specified and + security_profile_id the Security Profile Identifier. + + To list Security Profiles in specifed location and organization, run: + + $ gcloud beta network-security security-profiles threat-prevention \ + list --location=global + + To delete a Security Profile called my-security-profile which includes + location as global or region specifed and organization ID, run: + + $ gcloud beta network-security security-profiles threat-prevention \ + delete my-security-profile + +GCLOUD WIDE FLAGS + These flags are available to all commands: --help. + + Run $ gcloud help for details. + +COMMANDS + COMMAND is one of the following: + + add-override + (BETA) Add overrides to Threat Prevention Profile. + + create + (BETA) Create a new Threat Prevention Profile. + + delete + (BETA) Delete a Security Profile. + + delete-override + (BETA) Delete overrides of Threat Prevention Profile. + + list + (BETA) List Security Profiles. + + list-overrides + (BETA) List overrides of Threat Prevention Profile. + + update-override + (BETA) Update Overrides of Threat Prevention Profile. + +NOTES + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud alpha network-security security-profiles threat-prevention + diff --git a/gcloud/beta/network-security/security-profiles/threat-prevention/list b/gcloud/beta/network-security/security-profiles/threat-prevention/list new file mode 100644 index 000000000..36e0ad759 --- /dev/null +++ b/gcloud/beta/network-security/security-profiles/threat-prevention/list @@ -0,0 +1,94 @@ +NAME + gcloud beta network-security security-profiles threat-prevention list - + list Security Profiles + +SYNOPSIS + gcloud beta network-security security-profiles threat-prevention list + (--location=LOCATION : --organization=ORGANIZATION) + [--filter=EXPRESSION] [--limit=LIMIT] [--page-size=PAGE_SIZE] + [--sort-by=[FIELD,...]] [--uri] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) List all Security Profiles in the specified location. + +EXAMPLES + To list Security Profiles in specifed location and organization, run: + + $ gcloud beta network-security security-profiles threat-prevention \ + list --location=global + +REQUIRED FLAGS + Location resource - The organization of Security Profiles to display. The + arguments in this group can be used to specify the attributes of this + resource. + + This must be specified. + + --location=LOCATION + ID of the location or fully qualified identifier for the location. + + To set the location attribute: + ▸ provide the argument --location on the command line. + + This flag argument must be specified if any of the other arguments in + this group are specified. + + --organization=ORGANIZATION + Organization number. + + To set the organization attribute: + ▸ provide the argument --location on the command line with a fully + specified name; + ▸ provide the argument --organization on the command line. + +LIST COMMAND FLAGS + --filter=EXPRESSION + Apply a Boolean filter EXPRESSION to each resource item to be listed. + If the expression evaluates True, then that item is listed. For more + details and examples of filter expressions, run $ gcloud topic filters. + This flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --limit=LIMIT + Maximum number of resources to list. The default is unlimited. This + flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --page-size=PAGE_SIZE + Some services group resource list output into pages. This flag + specifies the maximum number of resources per page. The default is + determined by the service if it supports paging, otherwise it is + unlimited (no paging). Paging may be applied before or after --filter + and --limit depending on the service. + + --sort-by=[FIELD,...] + Comma-separated list of resource field key names to sort by. The + default order is ascending. Prefix a field with ``~'' for descending + order on that field. This flag interacts with other flags that are + applied in this order: --flatten, --sort-by, --filter, --limit. + + --uri + Print a list of resource URIs instead of the default output, and change + the command output to a list of URIs. If this flag is used with + --format, the formatting is applied on this URI list. To display URIs + alongside other keys instead, use the uri() transform. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +API REFERENCE + This command uses the networksecurity/v1beta1 API. The full documentation + for this API can be found at: https://cloud.google.com/networking + +NOTES + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud alpha network-security security-profiles \ + threat-prevention list + diff --git a/gcloud/beta/network-security/security-profiles/threat-prevention/list-overrides b/gcloud/beta/network-security/security-profiles/threat-prevention/list-overrides new file mode 100644 index 000000000..f099c1738 --- /dev/null +++ b/gcloud/beta/network-security/security-profiles/threat-prevention/list-overrides @@ -0,0 +1,75 @@ +NAME + gcloud beta network-security security-profiles threat-prevention + list-overrides - list overrides of Threat Prevention Profile + +SYNOPSIS + gcloud beta network-security security-profiles threat-prevention + list-overrides + (SECURITY_PROFILE : --location=LOCATION --organization=ORGANIZATION) + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) To list existing severities or threat-ids of threat prevention + profile. + + For more examples, refer to the EXAMPLES section below. + +EXAMPLES + To list overrides, run: + + $ gcloud beta network-security security-profiles threat-prevention \ + list-overrides my-security-profile + + my-security-profile is the name of the Security Profile in the format + organizations/{organizationID}/locations/{location}/securityProfiles/ + {security_profile_id} where organizationID is the organization ID to which + the changes should apply, location either global or region specified and + security_profile_id the Security Profile Identifier + +POSITIONAL ARGUMENTS + Security profile resource - Security Profile Name. The arguments in this + group can be used to specify the attributes of this resource. + + This must be specified. + + SECURITY_PROFILE + ID of the security_profile or fully qualified identifier for the + security_profile. + + To set the security_profile attribute: + ▸ provide the argument security_profile on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + location of the security_profile Global|Region. + + To set the location attribute: + ▸ provide the argument security_profile on the command line with a + fully specified name; + ▸ provide the argument --location on the command line. + + --organization=ORGANIZATION + Organization ID to which the changes should apply. + + To set the organization attribute: + ▸ provide the argument security_profile on the command line with a + fully specified name; + ▸ provide the argument --organization on the command line. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud alpha network-security security-profiles \ + threat-prevention list-overrides + diff --git a/gcloud/beta/network-security/security-profiles/threat-prevention/update-override b/gcloud/beta/network-security/security-profiles/threat-prevention/update-override new file mode 100644 index 000000000..d349ed722 --- /dev/null +++ b/gcloud/beta/network-security/security-profiles/threat-prevention/update-override @@ -0,0 +1,101 @@ +NAME + gcloud beta network-security security-profiles threat-prevention + update-override - update Overrides of Threat Prevention Profile + +SYNOPSIS + gcloud beta network-security security-profiles threat-prevention + update-override + (SECURITY_PROFILE : --location=LOCATION --organization=ORGANIZATION) + --action=ACTION + (--severities=[SEVERITY_LEVEL,...] | --threat-ids=[THREAT-ID,...]) + [--async] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) To update existing severities or threat-ids of threat prevention + profile with intended action on each specified. Check the updates of + update-override command by using gcloud network-security security-profiles + threat-prevention list-override my-security-profile. + + For more examples, refer to the EXAMPLES section below. + +EXAMPLES + To update an override, run: + + $ gcloud beta network-security security-profiles threat-prevention \ + update-override my-security-profile --severities=MEDIUM \ + --action=ALLOW + + my-security-profile is the name of the Security Profile in the format + organizations/{organizationID}/locations/{location}/securityProfiles/ + {security_profile_id} where organizationID is the organization ID to which + the changes should apply, location either global or region specified and + security_profile_id the Security Profile Identifier + +POSITIONAL ARGUMENTS + Security profile resource - Security Profile Name. The arguments in this + group can be used to specify the attributes of this resource. + + This must be specified. + + SECURITY_PROFILE + ID of the security_profile or fully qualified identifier for the + security_profile. + + To set the security_profile attribute: + ▸ provide the argument security_profile on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + location of the security_profile Global|Region. + + To set the location attribute: + ▸ provide the argument security_profile on the command line with a + fully specified name; + ▸ provide the argument --location on the command line. + + --organization=ORGANIZATION + Organization ID to which the changes should apply. + + To set the organization attribute: + ▸ provide the argument security_profile on the command line with a + fully specified name; + ▸ provide the argument --organization on the command line. + +REQUIRED FLAGS + --action=ACTION + Action associated with severity or threat-id. ACTION must be one of: + DEFAULT, ALLOW, ALERT, DENY. + + Exactly one of these must be specified: + + --severities=[SEVERITY_LEVEL,...] + List of comma-separated severities where each value in the list + indicates the severity of the threat. + + --threat-ids=[THREAT-ID,...] + List of comma-separated threat identifiers where each identifier in + the list is a vendor-specified Signature ID representing a threat + type. + +OPTIONAL FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. The default is False. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud alpha network-security security-profiles \ + threat-prevention update-override + diff --git a/gcloud/builds/triggers/create/manual b/gcloud/builds/triggers/create/manual index 0d14dc524..2d34f24a1 100644 --- a/gcloud/builds/triggers/create/manual +++ b/gcloud/builds/triggers/create/manual @@ -9,10 +9,10 @@ SYNOPSIS default="/" --dockerfile-image=DOCKERFILE_IMAGE]) : --description=DESCRIPTION --name=NAME --region=REGION --[no-]require-approval --service-account=SERVICE_ACCOUNT - --substitutions=[KEY=VALUE,...] (--branch=BRANCH - | --tag=TAG) (--repository=REPOSITORY + --substitutions=[KEY=VALUE,...] --branch=BRANCH + | --tag=TAG --repository=REPOSITORY | [--repo=REPO --repo-type=REPO_TYPE - : --github-enterprise-config=GITHUB_ENTERPRISE_CONFIG])]) + : --github-enterprise-config=GITHUB_ENTERPRISE_CONFIG]]) [GCLOUD_WIDE_FLAG ...] DESCRIPTION @@ -134,7 +134,7 @@ REQUIRED FLAGS Flags for repository and branch information - Exactly one of these must be specified: + At most one of these can be specified: --branch=BRANCH Branch to build. @@ -144,7 +144,7 @@ REQUIRED FLAGS Flags for repository information - Exactly one of these must be specified: + At most one of these can be specified: --repository=REPOSITORY Repository resource (2nd gen) to use, in the format diff --git a/gcloud/builds/triggers/create/pubsub b/gcloud/builds/triggers/create/pubsub index 9709ff367..4495e38d9 100644 --- a/gcloud/builds/triggers/create/pubsub +++ b/gcloud/builds/triggers/create/pubsub @@ -11,10 +11,10 @@ SYNOPSIS : --description=DESCRIPTION --name=NAME --region=REGION --[no-]require-approval --service-account=SERVICE_ACCOUNT --subscription-filter=SUBSCRIPTION_FILTER - --substitutions=[KEY=VALUE,...] (--branch=BRANCH - | --tag=TAG) (--repository=REPOSITORY + --substitutions=[KEY=VALUE,...] --branch=BRANCH + | --tag=TAG --repository=REPOSITORY | [--repo=REPO --repo-type=REPO_TYPE - : --github-enterprise-config=GITHUB_ENTERPRISE_CONFIG])]) + : --github-enterprise-config=GITHUB_ENTERPRISE_CONFIG]]) [GCLOUD_WIDE_FLAG ...] DESCRIPTION @@ -150,7 +150,7 @@ REQUIRED FLAGS Flags for repository and branch information - Exactly one of these must be specified: + At most one of these can be specified: --branch=BRANCH Branch to build. @@ -160,7 +160,7 @@ REQUIRED FLAGS Flags for repository information - Exactly one of these must be specified: + At most one of these can be specified: --repository=REPOSITORY Repository resource (2nd gen) to use, in the format diff --git a/gcloud/builds/triggers/create/webhook b/gcloud/builds/triggers/create/webhook index 06e9b00ee..c27b314f8 100644 --- a/gcloud/builds/triggers/create/webhook +++ b/gcloud/builds/triggers/create/webhook @@ -11,10 +11,10 @@ SYNOPSIS : --description=DESCRIPTION --name=NAME --region=REGION --[no-]require-approval --service-account=SERVICE_ACCOUNT --subscription-filter=SUBSCRIPTION_FILTER - --substitutions=[KEY=VALUE,...] (--branch=BRANCH - | --tag=TAG) (--repository=REPOSITORY + --substitutions=[KEY=VALUE,...] --branch=BRANCH + | --tag=TAG --repository=REPOSITORY | [--repo=REPO --repo-type=REPO_TYPE - : --github-enterprise-config=GITHUB_ENTERPRISE_CONFIG])]) + : --github-enterprise-config=GITHUB_ENTERPRISE_CONFIG]]) [GCLOUD_WIDE_FLAG ...] DESCRIPTION @@ -156,7 +156,7 @@ REQUIRED FLAGS Flags for repository and branch information - Exactly one of these must be specified: + At most one of these can be specified: --branch=BRANCH Branch to build. @@ -166,7 +166,7 @@ REQUIRED FLAGS Flags for repository information - Exactly one of these must be specified: + At most one of these can be specified: --repository=REPOSITORY Repository resource (2nd gen) to use, in the format diff --git a/gcloud/composer/environments/run b/gcloud/composer/environments/run index 1a56c198d..4033b9635 100644 --- a/gcloud/composer/environments/run +++ b/gcloud/composer/environments/run @@ -95,7 +95,10 @@ POSITIONAL ARGUMENTS for more info). [SUBCOMMAND_NESTED] - Additional subcommand in case it is nested. + Additional subcommand in case it is nested. The following is a list of + allowed nested subcommands: + ◆ db: check + ◆ all other subcommands: all nested subcommands are allowed [-- CMD_ARGS ...] Command line arguments to the subcommand. diff --git a/gcloud/compute/disks/create b/gcloud/compute/disks/create index c39d72f68..a56397b2d 100644 --- a/gcloud/compute/disks/create +++ b/gcloud/compute/disks/create @@ -7,6 +7,7 @@ SYNOPSIS [--description=DESCRIPTION] [--guest-os-features=[GUEST_OS_FEATURE,...]] [--labels=[KEY=VALUE,...]] [--licenses=[LICENSE,...]] [--provisioned-iops=PROVISIONED_IOPS] + [--provisioned-throughput=PROVISIONED_THROUGHPUT] [--replica-zones=ZONE,ZONE] [--no-require-csek-key-create] [--resource-policies=[RESOURCE_POLICY,...]] [--size=SIZE] [--type=TYPE] [--image-family-scope=IMAGE_FAMILY_SCOPE @@ -93,6 +94,10 @@ FLAGS Provisioned IOPS of disk to create. Only for use with disks of type pd-extreme and hyperdisk-extreme. + --provisioned-throughput=PROVISIONED_THROUGHPUT + Provisioned throughput of disk to create. The throughput unit is MB per + sec. Only for use with disks of type hyperdisk-throughput. + --replica-zones=ZONE,ZONE A comma-separated list of exactly 2 zones that a regional disk will be replicated to. Required when creating regional disk. The zones must be diff --git a/gcloud/compute/disks/update b/gcloud/compute/disks/update index eab46f66c..8c098eb74 100644 --- a/gcloud/compute/disks/update +++ b/gcloud/compute/disks/update @@ -3,6 +3,7 @@ NAME SYNOPSIS gcloud compute disks update DISK_NAME [--provisioned-iops=PROVISIONED_IOPS] + [--provisioned-throughput=PROVISIONED_THROUGHPUT] [--update-labels=[KEY=VALUE,...]] [--clear-architecture | --update-architecture=UPDATE_ARCHITECTURE] [--clear-labels | --remove-labels=[KEY,...]] @@ -39,6 +40,10 @@ FLAGS Provisioned IOPS of disk to update. Only for use with disks of type hyperdisk-extreme. + --provisioned-throughput=PROVISIONED_THROUGHPUT + Provisioned throughput of disk to update. The throughput unit is MB per + sec. + --update-labels=[KEY=VALUE,...] List of label KEY=VALUE pairs to update. If a label exists, its value is modified. Otherwise, a new label is created. diff --git a/gcloud/compute/instance-templates/create b/gcloud/compute/instance-templates/create index f7ce4e42e..538e93dc7 100644 --- a/gcloud/compute/instance-templates/create +++ b/gcloud/compute/instance-templates/create @@ -222,6 +222,10 @@ FLAGS number of I/O operations per second that the disk can handle. Value must be between 10,000 and 120,000. + provisioned-throughput + Indicates how much throughput to provision for the disk. This sets + the number of throughput mb per second that the disk can handle. + disk-resource-policy Resource policy to apply to the disk. Specify a full or partial URL. For example: diff --git a/gcloud/compute/instance-templates/create-with-container b/gcloud/compute/instance-templates/create-with-container index 1b5dee5e8..ced5e647a 100644 --- a/gcloud/compute/instance-templates/create-with-container +++ b/gcloud/compute/instance-templates/create-with-container @@ -306,6 +306,10 @@ FLAGS number of I/O operations per second that the disk can handle. Value must be between 10,000 and 120,000. + provisioned-throughput + Indicates how much throughput to provision for the disk. This sets + the number of throughput mb per second that the disk can handle. + disk-resource-policy Resource policy to apply to the disk. Specify a full or partial URL. For example: diff --git a/gcloud/compute/instances/bulk/create b/gcloud/compute/instances/bulk/create index 82404a58b..c24b667f4 100644 --- a/gcloud/compute/instances/bulk/create +++ b/gcloud/compute/instances/bulk/create @@ -255,6 +255,10 @@ OPTIONAL FLAGS number of I/O operations per second that the disk can handle. Value must be between 10,000 and 120,000. + provisioned-throughput + Indicates how much throughput to provision for the disk. This sets + the number of throughput mb per second that the disk can handle. + disk-resource-policy Resource policy to apply to the disk. Specify a full or partial URL. For example: diff --git a/gcloud/compute/instances/create b/gcloud/compute/instances/create index 33f5ee394..dfc62e86f 100644 --- a/gcloud/compute/instances/create +++ b/gcloud/compute/instances/create @@ -248,6 +248,10 @@ FLAGS number of I/O operations per second that the disk can handle. Value must be between 10,000 and 120,000. + provisioned-throughput + Indicates how much throughput to provision for the disk. This sets + the number of throughput mb per second that the disk can handle. + disk-resource-policy Resource policy to apply to the disk. Specify a full or partial URL. For example: diff --git a/gcloud/compute/instances/create-with-container b/gcloud/compute/instances/create-with-container index 33ab6a180..742dfa64e 100644 --- a/gcloud/compute/instances/create-with-container +++ b/gcloud/compute/instances/create-with-container @@ -328,6 +328,10 @@ FLAGS number of I/O operations per second that the disk can handle. Value must be between 10,000 and 120,000. + provisioned-throughput + Indicates how much throughput to provision for the disk. This sets + the number of throughput mb per second that the disk can handle. + disk-resource-policy Resource policy to apply to the disk. Specify a full or partial URL. For example: diff --git a/gcloud/compute/interconnects/attachments/dedicated/create b/gcloud/compute/interconnects/attachments/dedicated/create index a43184557..3cd7812eb 100644 --- a/gcloud/compute/interconnects/attachments/dedicated/create +++ b/gcloud/compute/interconnects/attachments/dedicated/create @@ -11,7 +11,8 @@ SYNOPSIS [--customer-router-ipv6-interface-id=PEER_INTERFACE_ID] [--description=DESCRIPTION] [--enable-admin] [--encryption=ENCRYPTION] [--ipsec-internal-addresses=[ADDRESSES]] [--mtu=MTU] [--region=REGION] - [--stack-type=STACK_TYPE] [--vlan=VLAN] [GCLOUD_WIDE_FLAG ...] + [--stack-type=STACK_TYPE] [--subnet-length=SUBNET_LENGTH] [--vlan=VLAN] + [GCLOUD_WIDE_FLAG ...] DESCRIPTION gcloud compute interconnects attachments dedicated create is used to create @@ -73,11 +74,11 @@ OPTIONAL FLAGS Up to 16 candidate prefixes that can be used to restrict the allocation of cloudRouterIpAddress and customerRouterIpAddress for this attachment. All prefixes must be within link-local address space. - Google will attempt to select an unused /29 from the supplied candidate - subnet(s), or all of link-local space if no subnets supplied. Google - will not re-use a /29 already in-use by your project, even if it's - contained in one of the candidate subnets. The request will fail if all - /29s within the candidate subnets are in use at Google's edge. + Google attempts to select an unused subnet of SUBNET_LENGTH from the + supplied candidate subnet(s), or all of link-local space if no subnets + supplied. Google does not re-use a subnet already in-use by your + project, even if it's contained in one of the candidate subnets. The + request fails if all candidate subnets are in use at Google's edge. --cloud-router-ipv6-interface-id=INTERFACE_ID If supplied, the interface id (index within the subnet) to be used for @@ -166,6 +167,14 @@ OPTIONAL FLAGS IPV4_ONLY Only IPv4 protocol is enabled on this attachment. + --subnet-length=SUBNET_LENGTH + The length of the IPv4 subnet mask for this attachment. 29 is the + default value, except for attachments on Cross-Cloud Interconnects + whose remote location's "constraints.subnetLengthRange" field specifies + a minimum subnet length of 30. In that case, the default value is 30. + The default value is recommended when there's no requirement on the + subnet length. SUBNET_LENGTH must be one of: 29, 30. + --vlan=VLAN Desired VLAN for this attachment, in the range 2-4093. If not supplied, Google will automatically select a VLAN. diff --git a/gcloud/compute/interconnects/create b/gcloud/compute/interconnects/create index 9332ecb14..d6d40e83c 100644 --- a/gcloud/compute/interconnects/create +++ b/gcloud/compute/interconnects/create @@ -2,11 +2,12 @@ NAME gcloud compute interconnects create - create a Compute Engine interconnect SYNOPSIS - gcloud compute interconnects create NAME --customer-name=CUSTOMER_NAME + gcloud compute interconnects create NAME --interconnect-type=INTERCONNECT_TYPE --link-type=LINK_TYPE --location=LOCATION --requested-link-count=REQUESTED_LINK_COUNT - [--admin-enabled] [--description=DESCRIPTION] - [--noc-contact-email=NOC_CONTACT_EMAIL] [GCLOUD_WIDE_FLAG ...] + [--admin-enabled] [--customer-name=CUSTOMER_NAME] + [--description=DESCRIPTION] [--noc-contact-email=NOC_CONTACT_EMAIL] + [--remote-location=REMOTE_LOCATION] [GCLOUD_WIDE_FLAG ...] DESCRIPTION gcloud compute interconnects create is used to create interconnects. An @@ -26,15 +27,21 @@ EXAMPLES --noc-contact-email=noc@example.com \ --description="Example interconnect" + To create a Cross-Cloud Interconnect, run: + + $ gcloud compute interconnects create example-cc-interconnect \ + --interconnect-type=DEDICATED \ + --link-type=LINK_TYPE_ETHERNET_10G_LR \ + --location=example-zone1-1 --requested-link-count=1 \ + --remote-location=example-remote-location \ + --noc-contact-email=noc@example.com \ + --description="Example Cross-Cloud Interconnect" + POSITIONAL ARGUMENTS NAME Name of the interconnect to create. REQUIRED FLAGS - --customer-name=CUSTOMER_NAME - Customer name to put in the Letter of Authorization as the party - authorized to request an interconnect. - --interconnect-type=INTERCONNECT_TYPE Type of the interconnect. INTERCONNECT_TYPE must be one of: @@ -66,6 +73,12 @@ OPTIONAL FLAGS operational and will carry traffic across any functioning linked interconnect attachments. Use --no-admin-enabled to disable it. + --customer-name=CUSTOMER_NAME + Customer name to put in the Letter of Authorization as the party + authorized to request an interconnect. This field is required for most + interconnects, however it is prohibited when creating a Cross-Cloud + Interconnect. + --description=DESCRIPTION An optional, textual description for the interconnect. @@ -73,6 +86,12 @@ OPTIONAL FLAGS Email address to contact the customer NOC for operations and maintenance notifications regarding this interconnect. + --remote-location=REMOTE_LOCATION + The remote location for a Cross-Cloud Interconnect. The remote + locations can be listed by using the gcloud compute interconnects + remote-locations list command to find the appropriate remote location + to use when creating a Cross-Cloud Interconnect. + GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, diff --git a/gcloud/compute/interconnects/help b/gcloud/compute/interconnects/help index d159b5061..5b542e002 100644 --- a/gcloud/compute/interconnects/help +++ b/gcloud/compute/interconnects/help @@ -29,6 +29,10 @@ GROUPS locations Read and manipulate Compute Engine interconnect locations. + remote-locations + Read and manipulate Google Compute Engine interconnect remote + locations. + COMMANDS COMMAND is one of the following: diff --git a/gcloud/compute/interconnects/remote-locations/describe b/gcloud/compute/interconnects/remote-locations/describe new file mode 100644 index 000000000..0c2353572 --- /dev/null +++ b/gcloud/compute/interconnects/remote-locations/describe @@ -0,0 +1,37 @@ +NAME + gcloud compute interconnects remote-locations describe - describe a Google + Compute Engine interconnect remote location + +SYNOPSIS + gcloud compute interconnects remote-locations describe NAME + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Displays all data associated with Google Compute Engine interconnect remote + location in a project. + +EXAMPLES + Example of usage: + + $ gcloud compute interconnects remote-locations describe \ + my-remote-location + +POSITIONAL ARGUMENTS + NAME + Name of the Cloud Interconnect remote location to describe. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + These variants are also available: + + $ gcloud alpha compute interconnects remote-locations describe + + $ gcloud beta compute interconnects remote-locations describe + diff --git a/gcloud/compute/interconnects/remote-locations/help b/gcloud/compute/interconnects/remote-locations/help new file mode 100644 index 000000000..126a794dc --- /dev/null +++ b/gcloud/compute/interconnects/remote-locations/help @@ -0,0 +1,32 @@ +NAME + gcloud compute interconnects remote-locations - read and manipulate Google + Compute Engine interconnect remote locations + +SYNOPSIS + gcloud compute interconnects remote-locations COMMAND + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Read and manipulate Cloud Interconnect remote locations. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --help. + + Run $ gcloud help for details. + +COMMANDS + COMMAND is one of the following: + + describe + Describe a Google Compute Engine interconnect remote location. + + list + List Google Compute Engine Cloud Interconnect remote locations. + +NOTES + These variants are also available: + + $ gcloud alpha compute interconnects remote-locations + + $ gcloud beta compute interconnects remote-locations + diff --git a/gcloud/compute/interconnects/remote-locations/list b/gcloud/compute/interconnects/remote-locations/list new file mode 100644 index 000000000..274286f69 --- /dev/null +++ b/gcloud/compute/interconnects/remote-locations/list @@ -0,0 +1,71 @@ +NAME + gcloud compute interconnects remote-locations list - list Google Compute + Engine Cloud Interconnect remote locations + +SYNOPSIS + gcloud compute interconnects remote-locations list [--filter=EXPRESSION] + [--limit=LIMIT] [--page-size=PAGE_SIZE] [--sort-by=[FIELD,...]] [--uri] + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + gcloud compute interconnects remote-locations list displays all Google + Compute Engine Cloud Interconnect remote locations in a project. + +EXAMPLES + To list all Cloud Interconnect remote locations in a project in table form, + run: + + $ gcloud compute interconnects remote-locations list + + To list the URIs of all Cloud Interconnect remote locations in a project, + run: + + $ gcloud compute interconnects remote-locations list --uri + +LIST COMMAND FLAGS + --filter=EXPRESSION + Apply a Boolean filter EXPRESSION to each resource item to be listed. + If the expression evaluates True, then that item is listed. For more + details and examples of filter expressions, run $ gcloud topic filters. + This flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --limit=LIMIT + Maximum number of resources to list. The default is unlimited. This + flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --page-size=PAGE_SIZE + Some services group resource list output into pages. This flag + specifies the maximum number of resources per page. The default is + determined by the service if it supports paging, otherwise it is + unlimited (no paging). Paging may be applied before or after --filter + and --limit depending on the service. + + --sort-by=[FIELD,...] + Comma-separated list of resource field key names to sort by. The + default order is ascending. Prefix a field with ``~'' for descending + order on that field. This flag interacts with other flags that are + applied in this order: --flatten, --sort-by, --filter, --limit. + + --uri + Print a list of resource URIs instead of the default output, and change + the command output to a list of URIs. If this flag is used with + --format, the formatting is applied on this URI list. To display URIs + alongside other keys instead, use the uri() transform. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + These variants are also available: + + $ gcloud alpha compute interconnects remote-locations list + + $ gcloud beta compute interconnects remote-locations list + diff --git a/gcloud/compute/service-attachments/create b/gcloud/compute/service-attachments/create index 1a7292ff8..80e1fedf6 100644 --- a/gcloud/compute/service-attachments/create +++ b/gcloud/compute/service-attachments/create @@ -8,7 +8,7 @@ SYNOPSIS --producer-forwarding-rule=PRODUCER_FORWARDING_RULE [--connection-preference=CONNECTION_PREFERENCE; default="ACCEPT_AUTOMATIC"] - [--consumer-accept-list=[PROJECT=LIMIT,...]] + [--consumer-accept-list=[PROJECT_OR_NETWORK=LIMIT,...]] [--consumer-reject-list=[REJECT_LIST,...]] [--description=DESCRIPTION] [--domain-names=[DOMAIN_NAMES,...]] [--enable-proxy-protocol] [--nat-subnets-region=NAT_SUBNETS_REGION] @@ -64,20 +64,31 @@ OPTIONAL FLAGS Only accept connection requests from consumers with the approval of the service provider. - --consumer-accept-list=[PROJECT=LIMIT,...] - Adds consumer project(s) with connection limit(s) to the accept list of - the service attachment. + --consumer-accept-list=[PROJECT_OR_NETWORK=LIMIT,...] + Specifies which consumer projects or networks are allowed to connect to + the service attachment. Each project or network has a connection limit. + A given service attachment can manage connections at either the project + or network level. Therefore, both the accept and reject lists for a + given service attachment must contain either only projects or only + networks. For example, --consumer-accept-list myProjectId1=20 accepts a consumer - project myProjectId1 with connection limit 20. + project myProjectId1 with connection limit 20; --consumer-accept-list + projects/myProjectId1/global/networks/myNet1=20 accepts a consumer + network myNet1 with connection limit 20 - ◆ PROJECT_ID_OR_NUM - Consumer project id or number. - ◆ CONNECTION_LIMIT - The max number of allowed connections. + ◆ PROJECT_OR_NETWORK - Consumer project ID, project number or network + URL. + ◆ CONNECTION_LIMIT - The maximum number of allowed connections. --consumer-reject-list=[REJECT_LIST,...] - Specifies a comma separated list of projects that are not allowed to - connect to this service attachment. The project can be specified using - its id or number. + Specifies a comma separated list of projects or networks that are not + allowed to connect to this service attachment. The project can be + specified using its project ID or project number and the network can be + specified using its URL. A given service attachment can manage + connections at either the project or network level. Therefore, both the + reject and accept lists for a given service attachment must contain + either only projects or only networks. --description=DESCRIPTION An optional, textual description for the service attachment. diff --git a/gcloud/compute/service-attachments/update b/gcloud/compute/service-attachments/update index 41e79318f..fd7e8635f 100644 --- a/gcloud/compute/service-attachments/update +++ b/gcloud/compute/service-attachments/update @@ -5,7 +5,7 @@ NAME SYNOPSIS gcloud compute service-attachments update NAME [--connection-preference=CONNECTION_PREFERENCE] - [--consumer-accept-list=[PROJECT=LIMIT,...]] + [--consumer-accept-list=[PROJECT_OR_NETWORK=LIMIT,...]] [--consumer-reject-list=[REJECT_LIST,...]] [--description=DESCRIPTION] [--[no-]enable-proxy-protocol] [--nat-subnets=NAT_SUBNETS,[NAT_SUBNETS,...]] @@ -50,20 +50,31 @@ FLAGS Only accept connection requests from consumers with the approval of the service provider. - --consumer-accept-list=[PROJECT=LIMIT,...] - Adds consumer project(s) with connection limit(s) to the accept list of - the service attachment. + --consumer-accept-list=[PROJECT_OR_NETWORK=LIMIT,...] + Specifies which consumer projects or networks are allowed to connect to + the service attachment. Each project or network has a connection limit. + A given service attachment can manage connections at either the project + or network level. Therefore, both the accept and reject lists for a + given service attachment must contain either only projects or only + networks. For example, --consumer-accept-list myProjectId1=20 accepts a consumer - project myProjectId1 with connection limit 20. + project myProjectId1 with connection limit 20; --consumer-accept-list + projects/myProjectId1/global/networks/myNet1=20 accepts a consumer + network myNet1 with connection limit 20 - ◆ PROJECT_ID_OR_NUM - Consumer project id or number. - ◆ CONNECTION_LIMIT - The max number of allowed connections. + ◆ PROJECT_OR_NETWORK - Consumer project ID, project number or network + URL. + ◆ CONNECTION_LIMIT - The maximum number of allowed connections. --consumer-reject-list=[REJECT_LIST,...] - Specifies a comma separated list of projects that are not allowed to - connect to this service attachment. The project can be specified using - its id or number. + Specifies a comma separated list of projects or networks that are not + allowed to connect to this service attachment. The project can be + specified using its project ID or project number and the network can be + specified using its URL. A given service attachment can manage + connections at either the project or network level. Therefore, both the + reject and accept lists for a given service attachment must contain + either only projects or only networks. --description=DESCRIPTION An optional, textual description for the service attachment. diff --git a/gcloud/config/get b/gcloud/config/get index 5320422d6..febdd59e1 100644 --- a/gcloud/config/get +++ b/gcloud/config/get @@ -204,6 +204,10 @@ AVAILABLE PROPERTIES Overrides API endpoint for gcloud app command group. Defaults to https://appengine.googleapis.com/ + apphub + Overrides API endpoint for gcloud apphub command group. Defaults to + https://apphub.googleapis.com/ + artifactregistry Overrides API endpoint for gcloud artifacts command group. Defaults to https://artifactregistry.googleapis.com/ diff --git a/gcloud/config/help b/gcloud/config/help index 1770cca07..746989c1b 100644 --- a/gcloud/config/help +++ b/gcloud/config/help @@ -236,6 +236,10 @@ AVAILABLE PROPERTIES Overrides API endpoint for gcloud app command group. Defaults to https://appengine.googleapis.com/ + apphub + Overrides API endpoint for gcloud apphub command group. Defaults to + https://apphub.googleapis.com/ + artifactregistry Overrides API endpoint for gcloud artifacts command group. Defaults to https://artifactregistry.googleapis.com/ diff --git a/gcloud/config/list b/gcloud/config/list index 2dfd51219..8c07fe263 100644 --- a/gcloud/config/list +++ b/gcloud/config/list @@ -248,6 +248,10 @@ AVAILABLE PROPERTIES Overrides API endpoint for gcloud app command group. Defaults to https://appengine.googleapis.com/ + apphub + Overrides API endpoint for gcloud apphub command group. Defaults to + https://apphub.googleapis.com/ + artifactregistry Overrides API endpoint for gcloud artifacts command group. Defaults to https://artifactregistry.googleapis.com/ diff --git a/gcloud/config/set b/gcloud/config/set index c205f46f3..d8a559c05 100644 --- a/gcloud/config/set +++ b/gcloud/config/set @@ -251,6 +251,10 @@ AVAILABLE PROPERTIES Overrides API endpoint for gcloud app command group. Defaults to https://appengine.googleapis.com/ + apphub + Overrides API endpoint for gcloud apphub command group. Defaults to + https://apphub.googleapis.com/ + artifactregistry Overrides API endpoint for gcloud artifacts command group. Defaults to https://artifactregistry.googleapis.com/ diff --git a/gcloud/config/unset b/gcloud/config/unset index 3c22e3679..5c071b2fa 100644 --- a/gcloud/config/unset +++ b/gcloud/config/unset @@ -212,6 +212,10 @@ AVAILABLE PROPERTIES Overrides API endpoint for gcloud app command group. Defaults to https://appengine.googleapis.com/ + apphub + Overrides API endpoint for gcloud apphub command group. Defaults to + https://apphub.googleapis.com/ + artifactregistry Overrides API endpoint for gcloud artifacts command group. Defaults to https://artifactregistry.googleapis.com/ diff --git a/gcloud/database-migration/connection-profiles/create/alloydb b/gcloud/database-migration/connection-profiles/create/alloydb index 0eda7b2f2..5601fa01a 100644 --- a/gcloud/database-migration/connection-profiles/create/alloydb +++ b/gcloud/database-migration/connection-profiles/create/alloydb @@ -9,6 +9,8 @@ SYNOPSIS [--cluster-labels=[KEY=VALUE,...]] [--database-flags=[FLAG=VALUE,...]] [--display-name=DISPLAY_NAME] [--labels=[KEY=VALUE,...]] [--network=NETWORK] [--primary-labels=[KEY=VALUE,...]] + [--kms-key=KMS_KEY + : --kms-keyring=KMS_KEYRING --kms-project=KMS_PROJECT] [GCLOUD_WIDE_FLAG ...] DESCRIPTION @@ -105,6 +107,43 @@ OPTIONAL FLAGS The resource labels for an AlloyDB primary instance. An object containing a list of "key": "value" pairs. + Kms key resource - Name of the CMEK (customer-managed encryption key) used + for this AlloyDB cluster. For example, + projects/myProject/locations/us-central1/keyRings/myKeyRing/cryptoKeys/myKey. + The arguments in this group can be used to specify the attributes of this + resource. (NOTE) Some attributes are not given arguments in this group but + can be set in other ways. + + To set the region attribute: + ◆ provide the argument --kms-key on the command line with a fully + specified name; + ◆ provide the argument --region on the command line. + + --kms-key=KMS_KEY + ID of the kms-key or fully qualified identifier for the kms-key. + + To set the kms-key attribute: + ▸ provide the argument --kms-key on the command line. + + This flag argument must be specified if any of the other arguments in + this group are specified. + + --kms-keyring=KMS_KEYRING + The CMEK keyring id of the kms-key. + + To set the kms-keyring attribute: + ▸ provide the argument --kms-key on the command line with a fully + specified name; + ▸ provide the argument --kms-keyring on the command line. + + --kms-project=KMS_PROJECT + The Cloud project id for the kms-key. + + To set the kms-project attribute: + ▸ provide the argument --kms-key on the command line with a fully + specified name; + ▸ provide the argument --kms-project on the command line. + GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, diff --git a/gcloud/database-migration/connection-profiles/create/cloudsql b/gcloud/database-migration/connection-profiles/create/cloudsql index 03be134a8..f5378d3af 100644 --- a/gcloud/database-migration/connection-profiles/create/cloudsql +++ b/gcloud/database-migration/connection-profiles/create/cloudsql @@ -16,7 +16,10 @@ SYNOPSIS [--require-ssl] [--root-password=ROOT_PASSWORD] [--secondary-zone=SECONDARY_ZONE] [--storage-auto-resize-limit=STORAGE_AUTO_RESIZE_LIMIT] - [--user-labels=[KEY=VALUE,...]] [--zone=ZONE] [GCLOUD_WIDE_FLAG ...] + [--user-labels=[KEY=VALUE,...]] [--zone=ZONE] + [--cmek-key=CMEK_KEY + : --cmek-keyring=CMEK_KEYRING --cmek-project=CMEK_PROJECT] + [GCLOUD_WIDE_FLAG ...] DESCRIPTION Create a Database Migration Service destination connection profile for @@ -206,6 +209,42 @@ OPTIONAL FLAGS Google Cloud Platform zone where your Cloud SQL database instance is located. + Cmek key resource - Name of the CMEK (customer-managed encryption key) + used for the connection profile. For example, + projects/myProject/locations/us-central1/keyRings/myKeyRing/cryptoKeys/myKey. + The arguments in this group can be used to specify the attributes of this + resource. (NOTE) Some attributes are not given arguments in this group but + can be set in other ways. + + To set the region attribute: + ◆ provide the argument --cmek-key on the command line with a fully + specified name. + + --cmek-key=CMEK_KEY + ID of the cmek-key or fully qualified identifier for the cmek-key. + + To set the cmek-key attribute: + ▸ provide the argument --cmek-key on the command line. + + This flag argument must be specified if any of the other arguments in + this group are specified. + + --cmek-keyring=CMEK_KEYRING + The CMEK keyring id of the cmek-key. + + To set the cmek-keyring attribute: + ▸ provide the argument --cmek-key on the command line with a fully + specified name; + ▸ provide the argument --cmek-keyring on the command line. + + --cmek-project=CMEK_PROJECT + The Cloud project id for the cmek-key. + + To set the cmek-project attribute: + ▸ provide the argument --cmek-key on the command line with a fully + specified name; + ▸ provide the argument --cmek-project on the command line. + GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, diff --git a/gcloud/recaptcha/keys/create b/gcloud/recaptcha/keys/create index 6f5db7a23..d6a154fd6 100644 --- a/gcloud/recaptcha/keys/create +++ b/gcloud/recaptcha/keys/create @@ -88,9 +88,9 @@ REQUIRED FLAGS arguments in this group are specified. --private-key-file=PRIVATE_KEY_FILE - File path to an authentication key (.p8 file extension). This is - generated in the Apple Developer Center under Certificates, - Identifiers & Profiles. + File path to a private key (downloaded as a text file with a .p8 + file extension) generated for your Apple Developer account. + Ensure that DeviceCheck is enabled for the private key. This flag argument must be specified if any of the other arguments in this group are specified. diff --git a/gcloud/recaptcha/keys/update b/gcloud/recaptcha/keys/update index a327f2400..2449725b3 100644 --- a/gcloud/recaptcha/keys/update +++ b/gcloud/recaptcha/keys/update @@ -97,9 +97,9 @@ FLAGS arguments in this group are specified. --private-key-file=PRIVATE_KEY_FILE - File path to an authentication key (.p8 file extension). This is - generated in the Apple Developer Center under Certificates, - Identifiers & Profiles. + File path to a private key (downloaded as a text file with a .p8 + file extension) generated for your Apple Developer account. + Ensure that DeviceCheck is enabled for the private key. This flag argument must be specified if any of the other arguments in this group are specified. diff --git a/gcloud/vmware/private-clouds/create b/gcloud/vmware/private-clouds/create index c376f8719..f943360ff 100644 --- a/gcloud/vmware/private-clouds/create +++ b/gcloud/vmware/private-clouds/create @@ -36,6 +36,19 @@ EXAMPLES In the second example, the project and location are taken from gcloud properties core/project and compute/zone. + To create a stretched private cloud in the us-west2 region using us-west2-a + zone as preferred and us-west2-b zone as secondary + + $ gcloud vmware private-clouds create my-private-cloud \ + --project=sample-project --location=us-west2 \ + --cluster=my-management-cluster \ + --node-type-config=type=standard-72,count=6 \ + --management-range=192.168.0.0/24 \ + --vmware-engine-network=my-network --type=STRETCHED \ + --preferred-zone=us-west2-a --secondary-zone=us-west2-b + + The project is taken from gcloud properties core/project. + POSITIONAL ARGUMENTS Private cloud resource - private_cloud. The arguments in this group can be used to specify the attributes of this resource. (NOTE) Some attributes