From ec6dc40f99d8b63ef2df6877afa8fcaf87691a33 Mon Sep 17 00:00:00 2001 From: Automated Date: Wed, 11 Dec 2024 10:18:23 +0000 Subject: [PATCH] gcloud: Wed Dec 11 10:18:23 UTC 2024 --- gcloud/_version | 12 +- .../perimeters/dry-run/update | 10 +- .../access-context-manager/perimeters/update | 10 +- gcloud/alloydb/clusters/create-secondary | 7 + gcloud/alloydb/clusters/restore | 7 + .../perimeters/dry-run/update | 10 +- .../access-context-manager/perimeters/update | 10 +- .../alpha/alloydb/clusters/create-secondary | 7 + gcloud/alpha/alloydb/clusters/restore | 7 + gcloud/alpha/artifacts/packages/delete | 2 +- gcloud/alpha/bigtable/app-profiles/create | 10 +- gcloud/alpha/bigtable/app-profiles/update | 10 +- gcloud/alpha/bigtable/clusters/create | 6 + gcloud/alpha/bigtable/instances/create | 11 +- gcloud/alpha/composer/environments/create | 7 +- .../composer/environments/list-workloads | 4 +- gcloud/alpha/composer/environments/update | 4 +- .../user-workloads-config-maps/create | 4 +- .../user-workloads-config-maps/delete | 4 +- .../user-workloads-config-maps/describe | 4 +- .../user-workloads-config-maps/help | 4 +- .../user-workloads-config-maps/list | 4 +- .../user-workloads-config-maps/update | 4 +- .../user-workloads-secrets/create | 4 +- .../user-workloads-secrets/delete | 4 +- .../user-workloads-secrets/describe | 4 +- .../environments/user-workloads-secrets/help | 4 +- .../environments/user-workloads-secrets/list | 4 +- .../user-workloads-secrets/update | 4 +- .../get-effective-security-policies | 108 +++ gcloud/alpha/compute/backend-services/help | 4 + .../compute/firewall-policies/export-rules | 4 +- .../compute/firewall-policies/import-rules | 4 +- .../compute/firewall-policies/rules/create | 4 +- .../compute/firewall-policies/rules/update | 4 +- .../alpha/compute/instance-templates/create | 10 +- gcloud/alpha/compute/instances/create | 10 +- gcloud/alpha/compute/instances/delete | 4 +- .../instances/ops-agents/policies/create | 1 + .../instances/ops-agents/policies/update | 1 + gcloud/alpha/compute/instances/set-scheduling | 12 +- gcloud/alpha/compute/instances/stop | 4 +- gcloud/alpha/compute/instances/update | 12 +- .../network-firewall-policies/export-rules | 4 +- .../network-firewall-policies/import-rules | 4 +- .../network-firewall-policies/rules/create | 4 +- .../network-firewall-policies/rules/update | 4 +- gcloud/alpha/compute/networks/create | 6 +- gcloud/alpha/compute/networks/update | 6 +- .../org-security-policies/associations/create | 18 +- .../org-security-policies/associations/delete | 4 +- .../compute/org-security-policies/copy-rules | 8 +- .../compute/org-security-policies/create | 35 +- .../compute/org-security-policies/delete | 6 +- .../compute/org-security-policies/describe | 6 +- .../alpha/compute/org-security-policies/list | 2 +- .../compute/org-security-policies/list-rules | 6 +- .../alpha/compute/org-security-policies/move | 8 +- .../org-security-policies/rules/create | 53 +- .../org-security-policies/rules/delete | 4 +- .../org-security-policies/rules/describe | 4 +- .../org-security-policies/rules/update | 48 +- .../compute/org-security-policies/update | 34 +- .../compute/reservations/blocks/describe | 8 +- gcloud/alpha/compute/reservations/blocks/help | 9 +- gcloud/alpha/compute/reservations/blocks/list | 4 +- .../reservations/blocks/perform-maintenance | 77 ++ gcloud/alpha/compute/reservations/help | 3 + .../compute/reservations/perform-maintenance | 69 ++ gcloud/alpha/config/get | 4 + gcloud/alpha/config/help | 4 + gcloud/alpha/config/list | 4 + gcloud/alpha/config/set | 4 + gcloud/alpha/config/unset | 4 + gcloud/alpha/container/clusters/create | 41 +- gcloud/alpha/container/clusters/create-auto | 41 +- gcloud/alpha/container/clusters/update | 2 - gcloud/alpha/container/fleet/packages/delete | 4 +- .../fleet/packages/resource-bundles/delete | 5 +- .../packages/resource-bundles/releases/delete | 8 +- gcloud/alpha/container/hub/packages/delete | 4 +- .../hub/packages/resource-bundles/delete | 5 +- .../packages/resource-bundles/releases/delete | 8 +- .../container/vmware/admin-clusters/update | 11 +- gcloud/alpha/container/vmware/clusters/create | 2 +- gcloud/alpha/container/vmware/clusters/update | 2 +- .../alpha/container/vmware/clusters/upgrade | 2 +- .../developer-connect/connections/create | 436 +++++++-- .../developer-connect/connections/delete | 4 +- .../developer-connect/connections/describe | 4 +- .../connections/git-repository-links/create | 4 +- .../connections/git-repository-links/delete | 4 +- .../connections/git-repository-links/describe | 4 +- .../git-repository-links/fetch-read-token | 5 +- .../fetch-read-write-token | 5 +- .../connections/git-repository-links/help | 4 +- .../connections/git-repository-links/list | 4 +- .../alpha/developer-connect/connections/help | 4 +- .../alpha/developer-connect/connections/list | 4 +- .../developer-connect/connections/update | 347 +++++-- gcloud/alpha/developer-connect/help | 4 +- .../alpha/developer-connect/operations/cancel | 4 +- .../alpha/developer-connect/operations/delete | 4 +- .../developer-connect/operations/describe | 4 +- .../alpha/developer-connect/operations/help | 4 +- .../alpha/developer-connect/operations/list | 4 +- .../alpha/developer-connect/operations/wait | 4 +- gcloud/alpha/functions/add-iam-policy-binding | 2 +- .../functions/add-invoker-policy-binding | 2 +- gcloud/alpha/functions/call | 2 +- gcloud/alpha/functions/delete | 2 +- gcloud/alpha/functions/deploy | 2 +- gcloud/alpha/functions/describe | 2 +- gcloud/alpha/functions/get-iam-policy | 2 +- .../alpha/functions/remove-iam-policy-binding | 2 +- .../functions/remove-invoker-policy-binding | 2 +- gcloud/alpha/functions/set-iam-policy | 2 +- gcloud/alpha/looker/instances/create | 16 + gcloud/alpha/looker/instances/update | 28 + gcloud/alpha/memorystore/help | 4 +- gcloud/alpha/memorystore/instances/create | 4 +- gcloud/alpha/memorystore/instances/delete | 4 +- gcloud/alpha/memorystore/instances/describe | 4 +- .../instances/get-certificate-authority | 4 +- gcloud/alpha/memorystore/instances/help | 4 +- gcloud/alpha/memorystore/instances/list | 4 +- gcloud/alpha/memorystore/instances/update | 4 +- gcloud/alpha/memorystore/operations/cancel | 4 +- gcloud/alpha/memorystore/operations/delete | 4 +- gcloud/alpha/memorystore/operations/describe | 4 +- gcloud/alpha/memorystore/operations/help | 4 +- gcloud/alpha/memorystore/operations/list | 4 +- gcloud/alpha/network-security/help | 12 + .../intercept-deployment-groups/create | 125 +++ .../intercept-deployment-groups/delete | 90 ++ .../intercept-deployment-groups/describe | 76 ++ .../intercept-deployment-groups/help | 46 + .../intercept-deployment-groups/list | 94 ++ .../intercept-deployment-groups/update | 127 +++ .../intercept-deployments/create | 187 ++++ .../intercept-deployments/delete | 82 ++ .../intercept-deployments/describe | 74 ++ .../intercept-deployments/help | 43 + .../intercept-deployments/list | 95 ++ .../intercept-deployments/update | 125 +++ .../create | 172 ++++ .../delete | 91 ++ .../describe | 77 ++ .../help | 43 + .../list | 101 ++ .../update | 127 +++ .../intercept-endpoint-groups/create | 147 +++ .../intercept-endpoint-groups/delete | 88 ++ .../intercept-endpoint-groups/describe | 73 ++ .../intercept-endpoint-groups/help | 43 + .../intercept-endpoint-groups/list | 102 ++ .../intercept-endpoint-groups/update | 127 +++ .../security-profiles/describe | 70 ++ .../network-security/security-profiles/help | 8 +- gcloud/alpha/redis/clusters/backups/list | 14 +- gcloud/alpha/redis/clusters/create | 26 +- gcloud/alpha/redis/clusters/update | 24 +- .../alpha/resource-manager/tags/keys/create | 5 +- gcloud/alpha/run/deploy | 51 +- gcloud/alpha/run/jobs/execute | 36 +- gcloud/alpha/run/multi-region-services/update | 35 +- gcloud/alpha/run/services/update | 35 +- gcloud/alpha/source-manager/instances/create | 8 +- gcloud/alpha/sql/instances/create | 6 +- gcloud/alpha/sql/ssl/server-certs/create | 4 +- gcloud/alpha/sql/ssl/server-certs/help | 4 +- gcloud/alpha/sql/ssl/server-certs/list | 4 +- gcloud/alpha/sql/ssl/server-certs/rollback | 4 +- gcloud/alpha/sql/ssl/server-certs/rotate | 4 +- gcloud/alpha/storage/buckets/create | 2 +- gcloud/alpha/storage/buckets/relocate | 17 +- gcloud/artifacts/docker/upgrade/migrate | 9 +- gcloud/artifacts/packages/delete | 2 +- .../perimeters/dry-run/update | 10 +- .../access-context-manager/perimeters/update | 10 +- gcloud/beta/alloydb/clusters/create-secondary | 7 + gcloud/beta/alloydb/clusters/restore | 7 + gcloud/beta/artifacts/packages/delete | 2 +- gcloud/beta/bigtable/app-profiles/create | 10 +- gcloud/beta/bigtable/app-profiles/update | 10 +- gcloud/beta/bigtable/clusters/create | 6 + gcloud/beta/bigtable/instances/create | 11 +- gcloud/beta/colab/runtimes/assign | 111 --- gcloud/beta/colab/runtimes/help | 6 +- gcloud/beta/colab/runtimes/stop | 67 ++ gcloud/beta/composer/environments/create | 7 +- .../beta/composer/environments/list-workloads | 6 +- gcloud/beta/composer/environments/update | 4 +- .../user-workloads-config-maps/create | 6 +- .../user-workloads-config-maps/delete | 6 +- .../user-workloads-config-maps/describe | 6 +- .../user-workloads-config-maps/help | 6 +- .../user-workloads-config-maps/list | 6 +- .../user-workloads-config-maps/update | 6 +- .../user-workloads-secrets/create | 6 +- .../user-workloads-secrets/delete | 6 +- .../user-workloads-secrets/describe | 6 +- .../environments/user-workloads-secrets/help | 6 +- .../environments/user-workloads-secrets/list | 6 +- .../user-workloads-secrets/update | 6 +- .../get-effective-security-policies | 106 +++ gcloud/beta/compute/backend-services/help | 4 + gcloud/beta/compute/commitments/create | 4 +- .../compute/firewall-policies/export-rules | 48 + gcloud/beta/compute/firewall-policies/help | 6 + .../compute/firewall-policies/import-rules | 49 + .../compute/firewall-policies/rules/create | 4 +- .../compute/firewall-policies/rules/update | 4 +- .../managed/resize-requests/create | 21 +- gcloud/beta/compute/instance-templates/create | 13 + gcloud/beta/compute/instances/create | 13 + gcloud/beta/compute/instances/delete | 8 +- .../instances/ops-agents/policies/create | 1 + .../instances/ops-agents/policies/update | 1 + gcloud/beta/compute/instances/set-scheduling | 15 +- gcloud/beta/compute/instances/stop | 9 +- gcloud/beta/compute/instances/update | 14 + .../network-firewall-policies/export-rules | 52 ++ .../compute/network-firewall-policies/help | 6 + .../network-firewall-policies/import-rules | 53 ++ .../network-firewall-policies/rules/create | 4 +- .../network-firewall-policies/rules/update | 4 +- gcloud/beta/compute/networks/create | 6 +- gcloud/beta/compute/networks/subnets/create | 2 + gcloud/beta/compute/networks/update | 6 +- .../org-security-policies/associations/create | 18 +- .../org-security-policies/associations/delete | 4 +- .../compute/org-security-policies/copy-rules | 8 +- .../beta/compute/org-security-policies/create | 35 +- .../beta/compute/org-security-policies/delete | 6 +- .../compute/org-security-policies/describe | 6 +- .../beta/compute/org-security-policies/list | 2 +- .../compute/org-security-policies/list-rules | 6 +- .../beta/compute/org-security-policies/move | 8 +- .../org-security-policies/rules/create | 56 +- .../org-security-policies/rules/delete | 4 +- .../org-security-policies/rules/describe | 4 +- .../compute/org-security-policies/rules/help | 2 +- .../org-security-policies/rules/update | 47 +- .../beta/compute/org-security-policies/update | 34 +- .../beta/compute/reservations/blocks/describe | 62 ++ gcloud/beta/compute/reservations/blocks/help | 29 + gcloud/beta/compute/reservations/blocks/list | 98 ++ gcloud/beta/compute/reservations/help | 8 +- gcloud/beta/config/get | 4 + gcloud/beta/config/help | 4 + gcloud/beta/config/list | 4 + gcloud/beta/config/set | 4 + gcloud/beta/config/unset | 4 + gcloud/beta/container/clusters/create | 41 +- gcloud/beta/container/clusters/create-auto | 41 +- gcloud/beta/container/clusters/update | 2 - .../container/vmware/admin-clusters/update | 11 +- gcloud/beta/container/vmware/clusters/create | 2 +- gcloud/beta/container/vmware/clusters/update | 2 +- gcloud/beta/container/vmware/clusters/upgrade | 2 +- .../beta/developer-connect/connections/create | 438 +++++++-- .../beta/developer-connect/connections/delete | 6 +- .../developer-connect/connections/describe | 6 +- .../connections/git-repository-links/create | 6 +- .../connections/git-repository-links/delete | 6 +- .../connections/git-repository-links/describe | 6 +- .../git-repository-links/fetch-read-token | 7 +- .../fetch-read-write-token | 7 +- .../connections/git-repository-links/help | 6 +- .../connections/git-repository-links/list | 6 +- .../beta/developer-connect/connections/help | 6 +- .../beta/developer-connect/connections/list | 6 +- .../beta/developer-connect/connections/update | 349 +++++-- gcloud/beta/developer-connect/help | 6 +- .../beta/developer-connect/operations/cancel | 6 +- .../beta/developer-connect/operations/delete | 6 +- .../developer-connect/operations/describe | 6 +- gcloud/beta/developer-connect/operations/help | 6 +- gcloud/beta/developer-connect/operations/list | 6 +- gcloud/beta/developer-connect/operations/wait | 6 +- gcloud/beta/eventarc/enrollments/create | 10 +- gcloud/beta/eventarc/enrollments/update | 33 +- .../beta/eventarc/google-api-sources/create | 7 +- .../beta/eventarc/google-api-sources/update | 35 +- gcloud/beta/eventarc/message-buses/create | 7 +- gcloud/beta/eventarc/message-buses/update | 37 +- gcloud/beta/eventarc/pipelines/create | 474 +++++----- gcloud/beta/eventarc/pipelines/update | 494 +++++----- gcloud/beta/filestore/backups/create | 6 +- gcloud/beta/filestore/instances/create | 9 +- gcloud/beta/functions/add-iam-policy-binding | 2 +- .../beta/functions/add-invoker-policy-binding | 2 +- gcloud/beta/functions/call | 2 +- gcloud/beta/functions/delete | 2 +- gcloud/beta/functions/deploy | 2 +- gcloud/beta/functions/describe | 2 +- gcloud/beta/functions/get-iam-policy | 2 +- .../beta/functions/remove-iam-policy-binding | 2 +- .../functions/remove-invoker-policy-binding | 2 +- gcloud/beta/functions/set-iam-policy | 2 +- gcloud/beta/iam/policy-bindings/create | 5 +- gcloud/beta/iam/policy-bindings/delete | 5 +- gcloud/beta/iam/policy-bindings/describe | 5 +- gcloud/beta/iam/policy-bindings/help | 5 +- gcloud/beta/iam/policy-bindings/list | 5 +- .../search-target-policy-bindings | 5 +- gcloud/beta/iam/policy-bindings/update | 5 +- .../principal-access-boundary-policies/create | 5 +- .../principal-access-boundary-policies/delete | 5 +- .../describe | 5 +- .../principal-access-boundary-policies/help | 5 +- .../principal-access-boundary-policies/list | 5 +- .../search-policy-bindings | 6 +- .../principal-access-boundary-policies/update | 5 +- gcloud/beta/memorystore/help | 6 +- gcloud/beta/memorystore/instances/create | 6 +- gcloud/beta/memorystore/instances/delete | 6 +- gcloud/beta/memorystore/instances/describe | 6 +- .../instances/get-certificate-authority | 6 +- gcloud/beta/memorystore/instances/help | 6 +- gcloud/beta/memorystore/instances/list | 6 +- gcloud/beta/memorystore/instances/update | 6 +- gcloud/beta/memorystore/operations/cancel | 6 +- gcloud/beta/memorystore/operations/delete | 6 +- gcloud/beta/memorystore/operations/describe | 6 +- gcloud/beta/memorystore/operations/help | 6 +- gcloud/beta/memorystore/operations/list | 6 +- gcloud/beta/network-security/help | 12 + .../intercept-deployment-groups/create | 123 +++ .../intercept-deployment-groups/delete | 88 ++ .../intercept-deployment-groups/describe | 74 ++ .../intercept-deployment-groups/help | 44 + .../intercept-deployment-groups/list | 92 ++ .../intercept-deployment-groups/update | 125 +++ .../intercept-deployments/create | 185 ++++ .../intercept-deployments/delete | 80 ++ .../intercept-deployments/describe | 72 ++ .../intercept-deployments/help | 41 + .../intercept-deployments/list | 93 ++ .../intercept-deployments/update | 123 +++ .../create | 170 ++++ .../delete | 89 ++ .../describe | 75 ++ .../help | 41 + .../list | 99 ++ .../update | 125 +++ .../intercept-endpoint-groups/create | 145 +++ .../intercept-endpoint-groups/delete | 86 ++ .../intercept-endpoint-groups/describe | 71 ++ .../intercept-endpoint-groups/help | 41 + .../intercept-endpoint-groups/list | 100 ++ .../intercept-endpoint-groups/update | 125 +++ gcloud/beta/redis/clusters/backups/list | 14 +- gcloud/beta/redis/clusters/create | 26 +- gcloud/beta/redis/clusters/update | 24 +- gcloud/beta/resource-manager/tags/keys/create | 5 +- gcloud/beta/run/deploy | 29 +- gcloud/beta/run/jobs/create | 172 ++-- gcloud/beta/run/jobs/deploy | 228 +++-- gcloud/beta/run/jobs/execute | 36 +- gcloud/beta/run/jobs/update | 215 +++-- gcloud/beta/run/multi-region-services/update | 13 +- gcloud/beta/run/services/update | 13 +- gcloud/beta/source-manager/instances/create | 8 +- gcloud/beta/sql/instances/create | 6 +- gcloud/beta/sql/ssl/server-certs/create | 6 +- gcloud/beta/sql/ssl/server-certs/help | 6 +- gcloud/beta/sql/ssl/server-certs/list | 6 +- gcloud/beta/sql/ssl/server-certs/rollback | 6 +- gcloud/beta/sql/ssl/server-certs/rotate | 6 +- gcloud/bigtable/app-profiles/create | 10 +- gcloud/bigtable/app-profiles/update | 10 +- gcloud/bigtable/clusters/create | 6 + gcloud/bigtable/instances/create | 11 +- gcloud/colab/runtimes/help | 3 + gcloud/colab/runtimes/stop | 66 ++ gcloud/composer/environments/create | 63 +- gcloud/composer/environments/help | 10 + gcloud/composer/environments/list-workloads | 63 ++ gcloud/composer/environments/update | 86 +- .../user-workloads-config-maps/create | 72 ++ .../user-workloads-config-maps/delete | 72 ++ .../user-workloads-config-maps/describe | 74 ++ .../user-workloads-config-maps/help | 42 + .../user-workloads-config-maps/list | 67 ++ .../user-workloads-config-maps/update | 72 ++ .../user-workloads-secrets/create | 71 ++ .../user-workloads-secrets/delete | 71 ++ .../user-workloads-secrets/describe | 72 ++ .../environments/user-workloads-secrets/help | 42 + .../environments/user-workloads-secrets/list | 67 ++ .../user-workloads-secrets/update | 71 ++ gcloud/compute/commitments/create | 4 +- .../managed/resize-requests/create | 22 +- gcloud/compute/network-endpoint-groups/create | 16 +- gcloud/compute/network-endpoint-groups/update | 17 +- gcloud/compute/networks/create | 47 +- gcloud/compute/networks/subnets/create | 2 + gcloud/compute/networks/update | 44 + gcloud/config/get | 4 + gcloud/config/help | 4 + gcloud/config/list | 4 + gcloud/config/set | 4 + gcloud/config/unset | 4 + gcloud/container/clusters/create | 52 +- gcloud/container/clusters/create-auto | 49 + gcloud/container/clusters/update | 11 + gcloud/container/vmware/admin-clusters/update | 11 +- gcloud/container/vmware/clusters/create | 2 +- gcloud/container/vmware/clusters/update | 2 +- gcloud/container/vmware/clusters/upgrade | 2 +- .../database-migration/migration-jobs/create | 11 +- .../database-migration/migration-jobs/update | 11 +- gcloud/developer-connect/connections/create | 868 ++++++++++++++++++ gcloud/developer-connect/connections/delete | 96 ++ gcloud/developer-connect/connections/describe | 69 ++ .../connections/git-repository-links/create | 170 ++++ .../connections/git-repository-links/delete | 111 +++ .../connections/git-repository-links/describe | 81 ++ .../git-repository-links/fetch-read-token | 83 ++ .../fetch-read-write-token | 85 ++ .../connections/git-repository-links/help | 44 + .../connections/git-repository-links/list | 105 +++ gcloud/developer-connect/connections/help | 45 + gcloud/developer-connect/connections/list | 87 ++ gcloud/developer-connect/connections/update | 800 ++++++++++++++++ gcloud/developer-connect/help | 30 + gcloud/developer-connect/operations/cancel | 66 ++ gcloud/developer-connect/operations/delete | 66 ++ gcloud/developer-connect/operations/describe | 66 ++ gcloud/developer-connect/operations/help | 39 + gcloud/developer-connect/operations/list | 87 ++ gcloud/developer-connect/operations/wait | 66 ++ gcloud/edge-cloud/container/clusters/create | 11 +- gcloud/edge-cloud/container/clusters/update | 11 +- gcloud/eventarc/channel-connections/create | 5 +- gcloud/eventarc/channels/create | 11 +- gcloud/eventarc/channels/update | 33 +- gcloud/eventarc/triggers/create | 7 +- gcloud/eventarc/triggers/update | 33 +- gcloud/filestore/backups/create | 6 +- gcloud/filestore/instances/create | 9 +- gcloud/functions/add-iam-policy-binding | 2 +- gcloud/functions/add-invoker-policy-binding | 2 +- gcloud/functions/call | 2 +- gcloud/functions/delete | 2 +- gcloud/functions/deploy | 2 +- gcloud/functions/describe | 2 +- gcloud/functions/get-iam-policy | 2 +- gcloud/functions/remove-iam-policy-binding | 2 +- .../functions/remove-invoker-policy-binding | 2 +- gcloud/functions/set-iam-policy | 2 +- gcloud/iam/help | 6 + gcloud/iam/policy-bindings/create | 236 +++++ gcloud/iam/policy-bindings/delete | 106 +++ gcloud/iam/policy-bindings/describe | 98 ++ gcloud/iam/policy-bindings/help | 40 + gcloud/iam/policy-bindings/list | 118 +++ .../search-target-policy-bindings | 127 +++ gcloud/iam/policy-bindings/update | 227 +++++ .../principal-access-boundary-policies/create | 164 ++++ .../principal-access-boundary-policies/delete | 87 ++ .../describe | 74 ++ .../principal-access-boundary-policies/help | 42 + .../principal-access-boundary-policies/list | 94 ++ .../search-policy-bindings | 102 ++ .../principal-access-boundary-policies/update | 292 ++++++ gcloud/looker/instances/create | 16 + gcloud/memorystore/help | 30 + gcloud/memorystore/instances/create | 305 ++++++ gcloud/memorystore/instances/delete | 88 ++ gcloud/memorystore/instances/describe | 69 ++ .../instances/get-certificate-authority | 69 ++ gcloud/memorystore/instances/help | 42 + gcloud/memorystore/instances/list | 90 ++ gcloud/memorystore/instances/update | 288 ++++++ gcloud/memorystore/operations/cancel | 67 ++ gcloud/memorystore/operations/delete | 67 ++ gcloud/memorystore/operations/describe | 67 ++ gcloud/memorystore/operations/help | 36 + gcloud/memorystore/operations/list | 88 ++ gcloud/resource-manager/tags/keys/create | 5 +- gcloud/run/deploy | 30 +- gcloud/run/services/update | 16 +- gcloud/sql/instances/create | 22 +- gcloud/sql/ssl/help | 4 + gcloud/sql/ssl/server-certs/create | 35 + gcloud/sql/ssl/server-certs/help | 38 + gcloud/sql/ssl/server-certs/list | 63 ++ gcloud/sql/ssl/server-certs/rollback | 35 + gcloud/sql/ssl/server-certs/rotate | 35 + gcloud/storage/buckets/create | 2 +- 493 files changed, 17655 insertions(+), 1753 deletions(-) create mode 100644 gcloud/alpha/compute/backend-services/get-effective-security-policies create mode 100644 gcloud/alpha/compute/reservations/blocks/perform-maintenance create mode 100644 gcloud/alpha/compute/reservations/perform-maintenance create mode 100644 gcloud/alpha/network-security/intercept-deployment-groups/create create mode 100644 gcloud/alpha/network-security/intercept-deployment-groups/delete create mode 100644 gcloud/alpha/network-security/intercept-deployment-groups/describe create mode 100644 gcloud/alpha/network-security/intercept-deployment-groups/help create mode 100644 gcloud/alpha/network-security/intercept-deployment-groups/list create mode 100644 gcloud/alpha/network-security/intercept-deployment-groups/update create mode 100644 gcloud/alpha/network-security/intercept-deployments/create create mode 100644 gcloud/alpha/network-security/intercept-deployments/delete create mode 100644 gcloud/alpha/network-security/intercept-deployments/describe create mode 100644 gcloud/alpha/network-security/intercept-deployments/help create mode 100644 gcloud/alpha/network-security/intercept-deployments/list create mode 100644 gcloud/alpha/network-security/intercept-deployments/update create mode 100644 gcloud/alpha/network-security/intercept-endpoint-group-associations/create create mode 100644 gcloud/alpha/network-security/intercept-endpoint-group-associations/delete create mode 100644 gcloud/alpha/network-security/intercept-endpoint-group-associations/describe create mode 100644 gcloud/alpha/network-security/intercept-endpoint-group-associations/help create mode 100644 gcloud/alpha/network-security/intercept-endpoint-group-associations/list create mode 100644 gcloud/alpha/network-security/intercept-endpoint-group-associations/update create mode 100644 gcloud/alpha/network-security/intercept-endpoint-groups/create create mode 100644 gcloud/alpha/network-security/intercept-endpoint-groups/delete create mode 100644 gcloud/alpha/network-security/intercept-endpoint-groups/describe create mode 100644 gcloud/alpha/network-security/intercept-endpoint-groups/help create mode 100644 gcloud/alpha/network-security/intercept-endpoint-groups/list create mode 100644 gcloud/alpha/network-security/intercept-endpoint-groups/update create mode 100644 gcloud/alpha/network-security/security-profiles/describe delete mode 100644 gcloud/beta/colab/runtimes/assign create mode 100644 gcloud/beta/colab/runtimes/stop create mode 100644 gcloud/beta/compute/backend-services/get-effective-security-policies create mode 100644 gcloud/beta/compute/firewall-policies/export-rules create mode 100644 gcloud/beta/compute/firewall-policies/import-rules create mode 100644 gcloud/beta/compute/network-firewall-policies/export-rules create mode 100644 gcloud/beta/compute/network-firewall-policies/import-rules create mode 100644 gcloud/beta/compute/reservations/blocks/describe create mode 100644 gcloud/beta/compute/reservations/blocks/help create mode 100644 gcloud/beta/compute/reservations/blocks/list create mode 100644 gcloud/beta/network-security/intercept-deployment-groups/create create mode 100644 gcloud/beta/network-security/intercept-deployment-groups/delete create mode 100644 gcloud/beta/network-security/intercept-deployment-groups/describe create mode 100644 gcloud/beta/network-security/intercept-deployment-groups/help create mode 100644 gcloud/beta/network-security/intercept-deployment-groups/list create mode 100644 gcloud/beta/network-security/intercept-deployment-groups/update create mode 100644 gcloud/beta/network-security/intercept-deployments/create create mode 100644 gcloud/beta/network-security/intercept-deployments/delete create mode 100644 gcloud/beta/network-security/intercept-deployments/describe create mode 100644 gcloud/beta/network-security/intercept-deployments/help create mode 100644 gcloud/beta/network-security/intercept-deployments/list create mode 100644 gcloud/beta/network-security/intercept-deployments/update create mode 100644 gcloud/beta/network-security/intercept-endpoint-group-associations/create create mode 100644 gcloud/beta/network-security/intercept-endpoint-group-associations/delete create mode 100644 gcloud/beta/network-security/intercept-endpoint-group-associations/describe create mode 100644 gcloud/beta/network-security/intercept-endpoint-group-associations/help create mode 100644 gcloud/beta/network-security/intercept-endpoint-group-associations/list create mode 100644 gcloud/beta/network-security/intercept-endpoint-group-associations/update create mode 100644 gcloud/beta/network-security/intercept-endpoint-groups/create create mode 100644 gcloud/beta/network-security/intercept-endpoint-groups/delete create mode 100644 gcloud/beta/network-security/intercept-endpoint-groups/describe create mode 100644 gcloud/beta/network-security/intercept-endpoint-groups/help create mode 100644 gcloud/beta/network-security/intercept-endpoint-groups/list create mode 100644 gcloud/beta/network-security/intercept-endpoint-groups/update create mode 100644 gcloud/colab/runtimes/stop create mode 100644 gcloud/composer/environments/list-workloads create mode 100644 gcloud/composer/environments/user-workloads-config-maps/create create mode 100644 gcloud/composer/environments/user-workloads-config-maps/delete create mode 100644 gcloud/composer/environments/user-workloads-config-maps/describe create mode 100644 gcloud/composer/environments/user-workloads-config-maps/help create mode 100644 gcloud/composer/environments/user-workloads-config-maps/list create mode 100644 gcloud/composer/environments/user-workloads-config-maps/update create mode 100644 gcloud/composer/environments/user-workloads-secrets/create create mode 100644 gcloud/composer/environments/user-workloads-secrets/delete create mode 100644 gcloud/composer/environments/user-workloads-secrets/describe create mode 100644 gcloud/composer/environments/user-workloads-secrets/help create mode 100644 gcloud/composer/environments/user-workloads-secrets/list create mode 100644 gcloud/composer/environments/user-workloads-secrets/update create mode 100644 gcloud/developer-connect/connections/create create mode 100644 gcloud/developer-connect/connections/delete create mode 100644 gcloud/developer-connect/connections/describe create mode 100644 gcloud/developer-connect/connections/git-repository-links/create create mode 100644 gcloud/developer-connect/connections/git-repository-links/delete create mode 100644 gcloud/developer-connect/connections/git-repository-links/describe create mode 100644 gcloud/developer-connect/connections/git-repository-links/fetch-read-token create mode 100644 gcloud/developer-connect/connections/git-repository-links/fetch-read-write-token create mode 100644 gcloud/developer-connect/connections/git-repository-links/help create mode 100644 gcloud/developer-connect/connections/git-repository-links/list create mode 100644 gcloud/developer-connect/connections/help create mode 100644 gcloud/developer-connect/connections/list create mode 100644 gcloud/developer-connect/connections/update create mode 100644 gcloud/developer-connect/help create mode 100644 gcloud/developer-connect/operations/cancel create mode 100644 gcloud/developer-connect/operations/delete create mode 100644 gcloud/developer-connect/operations/describe create mode 100644 gcloud/developer-connect/operations/help create mode 100644 gcloud/developer-connect/operations/list create mode 100644 gcloud/developer-connect/operations/wait create mode 100644 gcloud/iam/policy-bindings/create create mode 100644 gcloud/iam/policy-bindings/delete create mode 100644 gcloud/iam/policy-bindings/describe create mode 100644 gcloud/iam/policy-bindings/help create mode 100644 gcloud/iam/policy-bindings/list create mode 100644 gcloud/iam/policy-bindings/search-target-policy-bindings create mode 100644 gcloud/iam/policy-bindings/update create mode 100644 gcloud/iam/principal-access-boundary-policies/create create mode 100644 gcloud/iam/principal-access-boundary-policies/delete create mode 100644 gcloud/iam/principal-access-boundary-policies/describe create mode 100644 gcloud/iam/principal-access-boundary-policies/help create mode 100644 gcloud/iam/principal-access-boundary-policies/list create mode 100644 gcloud/iam/principal-access-boundary-policies/search-policy-bindings create mode 100644 gcloud/iam/principal-access-boundary-policies/update create mode 100644 gcloud/memorystore/help create mode 100644 gcloud/memorystore/instances/create create mode 100644 gcloud/memorystore/instances/delete create mode 100644 gcloud/memorystore/instances/describe create mode 100644 gcloud/memorystore/instances/get-certificate-authority create mode 100644 gcloud/memorystore/instances/help create mode 100644 gcloud/memorystore/instances/list create mode 100644 gcloud/memorystore/instances/update create mode 100644 gcloud/memorystore/operations/cancel create mode 100644 gcloud/memorystore/operations/delete create mode 100644 gcloud/memorystore/operations/describe create mode 100644 gcloud/memorystore/operations/help create mode 100644 gcloud/memorystore/operations/list create mode 100644 gcloud/sql/ssl/server-certs/create create mode 100644 gcloud/sql/ssl/server-certs/help create mode 100644 gcloud/sql/ssl/server-certs/list create mode 100644 gcloud/sql/ssl/server-certs/rollback create mode 100644 gcloud/sql/ssl/server-certs/rotate diff --git a/gcloud/_version b/gcloud/_version index 8fb7c69b1..5d366d17d 100644 --- a/gcloud/_version +++ b/gcloud/_version @@ -1,8 +1,8 @@ -Google Cloud SDK 502.0.0 -alpha 2024.11.15 -beta 2024.11.15 -bq 2.1.9 +Google Cloud SDK 503.0.0 +alpha 2024.12.06 +beta 2024.12.06 +bq 2.1.10 bundled-python3-unix 3.11.9 -core 2024.11.15 +core 2024.12.06 gcloud-crc32c 1.0.0 -gsutil 5.31 +gsutil 5.32 diff --git a/gcloud/access-context-manager/perimeters/dry-run/update b/gcloud/access-context-manager/perimeters/dry-run/update index 05326e423..3abcda94f 100644 --- a/gcloud/access-context-manager/perimeters/dry-run/update +++ b/gcloud/access-context-manager/perimeters/dry-run/update @@ -4,7 +4,7 @@ NAME SYNOPSIS gcloud access-context-manager perimeters dry-run update - (PERIMETER : --policy=POLICY) [--async] + (PERIMETER : --policy=POLICY) [--async] [--etag=etag] [--add-access-levels=[ACCESS-LEVELS,...] | --clear-access-levels | --remove-access-levels=[ACCESS-LEVELS,...]] [--add-resources=[RESOURCES,...] | --clear-resources @@ -72,6 +72,14 @@ FLAGS Return immediately, without waiting for the operation in progress to complete. + --etag=etag + The etag for the version of the Access Policy that this operation is to + be performed on. If, at the time of the operation, the etag for the + Access Policy stored in Access Context Manager is different from the + specified etag, then the commit operation will not be performed and the + call will fail. If etag is not provided, the operation will be + performed as if a valid etag is provided. + These flags modify the member Access Level of this Service Perimeter. At most one of these can be specified: diff --git a/gcloud/access-context-manager/perimeters/update b/gcloud/access-context-manager/perimeters/update index 57b5dc33f..553e98147 100644 --- a/gcloud/access-context-manager/perimeters/update +++ b/gcloud/access-context-manager/perimeters/update @@ -4,7 +4,7 @@ NAME SYNOPSIS gcloud access-context-manager perimeters update - (PERIMETER : --policy=POLICY) [--description=DESCRIPTION] + (PERIMETER : --policy=POLICY) [--description=DESCRIPTION] [--etag=etag] [--title=TITLE] [--type=TYPE] [--add-access-levels=[LEVEL,...] | --clear-access-levels | --remove-access-levels=[LEVEL,...] @@ -64,6 +64,14 @@ FLAGS --description=DESCRIPTION Long-form description of service perimeter. + --etag=etag + The etag for the version of the Access Policy that this operation is to + be performed on. If, at the time of the operation, the etag for the + Access Policy stored in Access Context Manager is different from the + specified etag, then the commit operation will not be performed and the + call will fail. If etag is not provided, the operation will be + performed as if a valid etag is provided. + --title=TITLE Short human-readable title of the service perimeter. diff --git a/gcloud/alloydb/clusters/create-secondary b/gcloud/alloydb/clusters/create-secondary index 4a2379b75..211316e18 100644 --- a/gcloud/alloydb/clusters/create-secondary +++ b/gcloud/alloydb/clusters/create-secondary @@ -6,6 +6,7 @@ SYNOPSIS gcloud alloydb clusters create-secondary CLUSTER --primary-cluster=PRIMARY_CLUSTER --region=REGION [--allocated-ip-range-name=ALLOCATED_IP_RANGE_NAME] [--async] + [--tags=[KEY=VALUE,...]] [--automated-backup-days-of-week=[DAYS_OF_WEEK,...] --automated-backup-start-times=[START_TIMES,...] --automated-backup-window=TIMEOUT_PERIOD --enable-automated-backup @@ -55,6 +56,12 @@ OPTIONAL FLAGS Return immediately, without waiting for the operation in progress to complete. + --tags=[KEY=VALUE,...] + List of tags KEY=VALUE pairs to bind. Each item must be expressed as + =. + + Example: 123/environment=production,123/costCenter=marketing + Automated backup policy. If unspecified, automated backups are copied from the associated primary cluster. diff --git a/gcloud/alloydb/clusters/restore b/gcloud/alloydb/clusters/restore index bc0887b1c..de88b8564 100644 --- a/gcloud/alloydb/clusters/restore +++ b/gcloud/alloydb/clusters/restore @@ -8,6 +8,7 @@ SYNOPSIS | --point-in-time=POINT_IN_TIME --source-cluster=SOURCE_CLUSTER) [--allocated-ip-range-name=ALLOCATED_IP_RANGE_NAME] [--async] [--enable-private-service-connect] [--network=NETWORK] + [--tags=[KEY=VALUE,...]] [--kms-key=KMS_KEY : --kms-keyring=KMS_KEYRING --kms-location=KMS_LOCATION --kms-project=KMS_PROJECT] [GCLOUD_WIDE_FLAG ...] @@ -91,6 +92,12 @@ OPTIONAL FLAGS testsharednetwork, this would be of the form:--network=projects/testproject/global/networks/testsharednetwork + --tags=[KEY=VALUE,...] + List of tags KEY=VALUE pairs to bind. Each item must be expressed as + =. + + Example: 123/environment=production,123/costCenter=marketing + Key resource - The Cloud KMS (Key Management Service) cryptokey that will be used to protect the cluster. The 'AlloyDB Service Agent' service account must hold permission 'Cloud KMS CryptoKey Encrypter/Decrypter'. diff --git a/gcloud/alpha/access-context-manager/perimeters/dry-run/update b/gcloud/alpha/access-context-manager/perimeters/dry-run/update index fc8c636ad..38c3e969e 100644 --- a/gcloud/alpha/access-context-manager/perimeters/dry-run/update +++ b/gcloud/alpha/access-context-manager/perimeters/dry-run/update @@ -4,7 +4,7 @@ NAME SYNOPSIS gcloud alpha access-context-manager perimeters dry-run update - (PERIMETER : --policy=POLICY) [--async] + (PERIMETER : --policy=POLICY) [--async] [--etag=etag] [--add-access-levels=[ACCESS-LEVELS,...] | --clear-access-levels | --remove-access-levels=[ACCESS-LEVELS,...]] [--add-resources=[RESOURCES,...] | --clear-resources @@ -72,6 +72,14 @@ FLAGS Return immediately, without waiting for the operation in progress to complete. + --etag=etag + The etag for the version of the Access Policy that this operation is to + be performed on. If, at the time of the operation, the etag for the + Access Policy stored in Access Context Manager is different from the + specified etag, then the commit operation will not be performed and the + call will fail. If etag is not provided, the operation will be + performed as if a valid etag is provided. + These flags modify the member Access Level of this Service Perimeter. At most one of these can be specified: diff --git a/gcloud/alpha/access-context-manager/perimeters/update b/gcloud/alpha/access-context-manager/perimeters/update index 055d64de2..6eb0a6d63 100644 --- a/gcloud/alpha/access-context-manager/perimeters/update +++ b/gcloud/alpha/access-context-manager/perimeters/update @@ -4,7 +4,7 @@ NAME SYNOPSIS gcloud alpha access-context-manager perimeters update - (PERIMETER : --policy=POLICY) [--description=DESCRIPTION] + (PERIMETER : --policy=POLICY) [--description=DESCRIPTION] [--etag=etag] [--title=TITLE] [--type=TYPE] [--add-access-levels=[LEVEL,...] | --clear-access-levels | --remove-access-levels=[LEVEL,...] @@ -64,6 +64,14 @@ FLAGS --description=DESCRIPTION Long-form description of service perimeter. + --etag=etag + The etag for the version of the Access Policy that this operation is to + be performed on. If, at the time of the operation, the etag for the + Access Policy stored in Access Context Manager is different from the + specified etag, then the commit operation will not be performed and the + call will fail. If etag is not provided, the operation will be + performed as if a valid etag is provided. + --title=TITLE Short human-readable title of the service perimeter. diff --git a/gcloud/alpha/alloydb/clusters/create-secondary b/gcloud/alpha/alloydb/clusters/create-secondary index 01ded5615..30938cbbe 100644 --- a/gcloud/alpha/alloydb/clusters/create-secondary +++ b/gcloud/alpha/alloydb/clusters/create-secondary @@ -6,6 +6,7 @@ SYNOPSIS gcloud alpha alloydb clusters create-secondary CLUSTER --primary-cluster=PRIMARY_CLUSTER --region=REGION [--allocated-ip-range-name=ALLOCATED_IP_RANGE_NAME] [--async] + [--tags=[KEY=VALUE,...]] [--automated-backup-days-of-week=[DAYS_OF_WEEK,...] --automated-backup-start-times=[START_TIMES,...] --automated-backup-window=TIMEOUT_PERIOD --enable-automated-backup @@ -55,6 +56,12 @@ OPTIONAL FLAGS Return immediately, without waiting for the operation in progress to complete. + --tags=[KEY=VALUE,...] + List of tags KEY=VALUE pairs to bind. Each item must be expressed as + =. + + Example: 123/environment=production,123/costCenter=marketing + Automated backup policy. If unspecified, automated backups are copied from the associated primary cluster. diff --git a/gcloud/alpha/alloydb/clusters/restore b/gcloud/alpha/alloydb/clusters/restore index a1a856e1a..c9f984086 100644 --- a/gcloud/alpha/alloydb/clusters/restore +++ b/gcloud/alpha/alloydb/clusters/restore @@ -8,6 +8,7 @@ SYNOPSIS | --point-in-time=POINT_IN_TIME --source-cluster=SOURCE_CLUSTER) [--allocated-ip-range-name=ALLOCATED_IP_RANGE_NAME] [--async] [--enable-private-service-connect] [--network=NETWORK] + [--tags=[KEY=VALUE,...]] [--kms-key=KMS_KEY : --kms-keyring=KMS_KEYRING --kms-location=KMS_LOCATION --kms-project=KMS_PROJECT] [GCLOUD_WIDE_FLAG ...] @@ -91,6 +92,12 @@ OPTIONAL FLAGS testsharednetwork, this would be of the form:--network=projects/testproject/global/networks/testsharednetwork + --tags=[KEY=VALUE,...] + List of tags KEY=VALUE pairs to bind. Each item must be expressed as + =. + + Example: 123/environment=production,123/costCenter=marketing + Key resource - The Cloud KMS (Key Management Service) cryptokey that will be used to protect the cluster. The 'AlloyDB Service Agent' service account must hold permission 'Cloud KMS CryptoKey Encrypter/Decrypter'. diff --git a/gcloud/alpha/artifacts/packages/delete b/gcloud/alpha/artifacts/packages/delete index 041082c6f..b5d044d35 100644 --- a/gcloud/alpha/artifacts/packages/delete +++ b/gcloud/alpha/artifacts/packages/delete @@ -18,7 +18,7 @@ EXAMPLES To delete a package named my-pkg under the current project, repository, and location, run: - $ gcloud alpha artifacts packages delete my-repo + $ gcloud alpha artifacts packages delete my-pkg POSITIONAL ARGUMENTS Package resource - The Artifact Registry package to delete. The arguments diff --git a/gcloud/alpha/bigtable/app-profiles/create b/gcloud/alpha/bigtable/app-profiles/create index 5d8275a29..bd4a896ff 100644 --- a/gcloud/alpha/bigtable/app-profiles/create +++ b/gcloud/alpha/bigtable/app-profiles/create @@ -5,7 +5,7 @@ NAME SYNOPSIS gcloud alpha bigtable app-profiles create (APP_PROFILE : --instance=INSTANCE) - ([--route-any : --restrict-to=[RESTRICT_TO,...]] + ([--route-any : --restrict-to=[RESTRICT_TO,...] --row-affinity] | [--route-to=ROUTE_TO : --transactional-writes]) [--description=DESCRIPTION] [--force] [--data-boost @@ -46,6 +46,11 @@ EXAMPLES --instance=my-instance-id --data-boost \ --data-boost-compute-billing-owner=HOST_PAYS + To create an app profile with row-affinity routing enabled, run: + + $ gcloud alpha bigtable app-profiles create my-app-profile-id \ + --instance=my-instance-id --route-any --row-affinity + POSITIONAL ARGUMENTS App profile resource - The app profile to create. The arguments in this group can be used to specify the attributes of this resource. (NOTE) Some @@ -93,6 +98,9 @@ REQUIRED FLAGS Cluster IDs to route to using the Multi Cluster Routing Policy. If unset, all clusters in the instance are eligible. + --row-affinity + Use row-affinity routing for this app profile. + Single Cluster Routing Policy --route-to=ROUTE_TO diff --git a/gcloud/alpha/bigtable/app-profiles/update b/gcloud/alpha/bigtable/app-profiles/update index 503b4942d..79c070d9d 100644 --- a/gcloud/alpha/bigtable/app-profiles/update +++ b/gcloud/alpha/bigtable/app-profiles/update @@ -8,7 +8,7 @@ SYNOPSIS [--data-boost --data-boost-compute-billing-owner=DATA_BOOST_COMPUTE_BILLING_OWNER | [--priority=PRIORITY : --standard]] - [[--route-any : --restrict-to=[RESTRICT_TO,...]] + [[--route-any : --restrict-to=[RESTRICT_TO,...] --row-affinity] | [--route-to=ROUTE_TO : --transactional-writes]] [GCLOUD_WIDE_FLAG ...] @@ -45,6 +45,11 @@ EXAMPLES --instance=my-instance-id --data-boost \ --data-boost-compute-billing-owner=HOST_PAYS + To update an app profile to enable row-affinity routing, run: + + $ gcloud alpha bigtable app-profiles update my-app-profile-id \ + --instance=my-instance-id --route-any --row-affinity + POSITIONAL ARGUMENTS App profile resource - The app profile to update. The arguments in this group can be used to specify the attributes of this resource. (NOTE) Some @@ -154,6 +159,9 @@ FLAGS Cluster IDs to route to using the Multi Cluster Routing Policy. If unset, all clusters in the instance are eligible. + --row-affinity + Use row-affinity routing for this app profile. + Single Cluster Routing Policy --route-to=ROUTE_TO diff --git a/gcloud/alpha/bigtable/clusters/create b/gcloud/alpha/bigtable/clusters/create index b2fe23bd9..390424294 100644 --- a/gcloud/alpha/bigtable/clusters/create +++ b/gcloud/alpha/bigtable/clusters/create @@ -4,6 +4,8 @@ NAME SYNOPSIS gcloud alpha bigtable clusters create (CLUSTER : --instance=INSTANCE) --zone=ZONE [--async] + [--node-scaling-factor=NODE_SCALING_FACTOR; + default="node-scaling-factor-1x"] [--kms-key=KMS_KEY : --kms-keyring=KMS_KEYRING --kms-location=KMS_LOCATION --kms-project=KMS_PROJECT] [--num-nodes=NUM_NODES; default=3 @@ -69,6 +71,10 @@ OPTIONAL FLAGS Return immediately, without waiting for the operation in progress to complete. + --node-scaling-factor=NODE_SCALING_FACTOR; default="node-scaling-factor-1x" + Node scaling factor for the cluster. NODE_SCALING_FACTOR must be one + of: node-scaling-factor-1x, node-scaling-factor-2x. + Key resource - The Cloud KMS (Key Management Service) cryptokey that will be used to protect the cluster. The arguments in this group can be used to specify the attributes of this resource. diff --git a/gcloud/alpha/bigtable/instances/create b/gcloud/alpha/bigtable/instances/create index e61aaa56c..da825b1c9 100644 --- a/gcloud/alpha/bigtable/instances/create +++ b/gcloud/alpha/bigtable/instances/create @@ -4,11 +4,12 @@ NAME SYNOPSIS gcloud alpha bigtable instances create INSTANCE --display-name=DISPLAY_NAME [--async] [--cluster=CLUSTER] - [--cluster-config=[id=ID,zone=ZONE,nodes=NODES,kms-key=KMS_KEY, - autoscaling-min-nodes=AUTOSCALING_MIN_NODES, + [--cluster-config=[id=ID,zone=ZONE,[nodes=NODES], + [node-scaling-factor=NODE_SCALING_FACTOR],[kms-key=KMS_KEY], + [autoscaling-min-nodes=AUTOSCALING_MIN_NODES, autoscaling-max-nodes=AUTOSCALING_MAX_NODES, autoscaling-cpu-target=AUTOSCALING_CPU_TARGET, - autoscaling-storage-target=AUTOSCALING_STORAGE_TARGET,...]] + autoscaling-storage-target=AUTOSCALING_STORAGE_TARGET],...]] [--cluster-num-nodes=CLUSTER_NUM_NODES] [--cluster-storage-type=CLUSTER_STORAGE_TYPE; default="ssd"] [--cluster-zone=CLUSTER_ZONE] @@ -72,7 +73,7 @@ OPTIONAL FLAGS The --cluster argument is deprecated; use --cluster-config instead. - --cluster-config=[id=ID,zone=ZONE,nodes=NODES,kms-key=KMS_KEY,autoscaling-min-nodes=AUTOSCALING_MIN_NODES,autoscaling-max-nodes=AUTOSCALING_MAX_NODES,autoscaling-cpu-target=AUTOSCALING_CPU_TARGET,autoscaling-storage-target=AUTOSCALING_STORAGE_TARGET,...] + --cluster-config=[id=ID,zone=ZONE,[nodes=NODES],[node-scaling-factor=NODE_SCALING_FACTOR],[kms-key=KMS_KEY],[autoscaling-min-nodes=AUTOSCALING_MIN_NODES,autoscaling-max-nodes=AUTOSCALING_MAX_NODES,autoscaling-cpu-target=AUTOSCALING_CPU_TARGET,autoscaling-storage-target=AUTOSCALING_STORAGE_TARGET],...] Repeatable. Specify cluster config as a key-value dictionary. This is the recommended argument for specifying cluster configurations. @@ -85,6 +86,8 @@ OPTIONAL FLAGS *nodes*: The number of nodes in the cluster. Default=1. + *node-scaling-factor*: The node scaling factor for the cluster. Default=node-scaling-factor-1x. NODE_SCALING_FACTOR must be one of: node-scaling-factor-1x, node-scaling-factor-2x. + *kms-key*: The Cloud KMS (Key Management Service) cryptokey that will be used to protect the cluster. *autoscaling-min-nodes*: The minimum number of nodes for autoscaling. diff --git a/gcloud/alpha/composer/environments/create b/gcloud/alpha/composer/environments/create index 8e2891c97..e29b3fa24 100644 --- a/gcloud/alpha/composer/environments/create +++ b/gcloud/alpha/composer/environments/create @@ -319,6 +319,9 @@ FLAGS If not specified, cluster nodes will be assigned public IP addresses. + When used with Composer 3, disable internet connection from any + Composer component. + When used with Composer 1.x, cannot be specified unless --enable-ip-alias is also specified. @@ -440,7 +443,7 @@ FLAGS --disable-private-builds-only Builds performed during operations that install Python packages have - an access to the internet supported in Composer 3 or greater. + an access to the internet, supported in Composer 3 or greater. --enable-private-builds-only Builds performed during operations that install Python packages have @@ -643,7 +646,7 @@ FLAGS this group are specified. --subnetwork=SUBNETWORK - The Compute Engine subnetwork + The Compute Engine Subnetwork (https://cloud.google.com/compute/docs/subnetworks) to which the environment will be connected. diff --git a/gcloud/alpha/composer/environments/list-workloads b/gcloud/alpha/composer/environments/list-workloads index b04ab14aa..49eac0791 100644 --- a/gcloud/alpha/composer/environments/list-workloads +++ b/gcloud/alpha/composer/environments/list-workloads @@ -59,7 +59,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud composer environments list-workloads $ gcloud beta composer environments list-workloads diff --git a/gcloud/alpha/composer/environments/update b/gcloud/alpha/composer/environments/update index 496e70c8c..e095342f4 100644 --- a/gcloud/alpha/composer/environments/update +++ b/gcloud/alpha/composer/environments/update @@ -263,7 +263,7 @@ REQUIRED FLAGS --disable-private-builds-only Builds performed during operations that install Python packages - have an access to the internet supported in Composer 3 or greater. + have an access to the internet, supported in Composer 3 or greater. --enable-private-builds-only Builds performed during operations that install Python packages @@ -335,7 +335,7 @@ REQUIRED FLAGS arguments in this group are specified. --subnetwork=SUBNETWORK - The Compute Engine subnetwork + The Compute Engine Subnetwork (https://cloud.google.com/compute/docs/subnetworks) to which the environment will be connected. diff --git a/gcloud/alpha/composer/environments/user-workloads-config-maps/create b/gcloud/alpha/composer/environments/user-workloads-config-maps/create index 0c9eabdc4..1346faaed 100644 --- a/gcloud/alpha/composer/environments/user-workloads-config-maps/create +++ b/gcloud/alpha/composer/environments/user-workloads-config-maps/create @@ -67,7 +67,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud composer environments user-workloads-config-maps create $ gcloud beta composer environments user-workloads-config-maps create diff --git a/gcloud/alpha/composer/environments/user-workloads-config-maps/delete b/gcloud/alpha/composer/environments/user-workloads-config-maps/delete index cb0f4c7e1..6d5bb5bb6 100644 --- a/gcloud/alpha/composer/environments/user-workloads-config-maps/delete +++ b/gcloud/alpha/composer/environments/user-workloads-config-maps/delete @@ -66,7 +66,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud composer environments user-workloads-config-maps delete $ gcloud beta composer environments user-workloads-config-maps delete diff --git a/gcloud/alpha/composer/environments/user-workloads-config-maps/describe b/gcloud/alpha/composer/environments/user-workloads-config-maps/describe index 9757c8ffd..39b82dfa1 100644 --- a/gcloud/alpha/composer/environments/user-workloads-config-maps/describe +++ b/gcloud/alpha/composer/environments/user-workloads-config-maps/describe @@ -67,7 +67,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud composer environments user-workloads-config-maps describe $ gcloud beta composer environments user-workloads-config-maps \ describe diff --git a/gcloud/alpha/composer/environments/user-workloads-config-maps/help b/gcloud/alpha/composer/environments/user-workloads-config-maps/help index 0bf81ed20..d6462154e 100644 --- a/gcloud/alpha/composer/environments/user-workloads-config-maps/help +++ b/gcloud/alpha/composer/environments/user-workloads-config-maps/help @@ -38,7 +38,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud composer environments user-workloads-config-maps $ gcloud beta composer environments user-workloads-config-maps diff --git a/gcloud/alpha/composer/environments/user-workloads-config-maps/list b/gcloud/alpha/composer/environments/user-workloads-config-maps/list index 1dc0cd272..4e456e7f1 100644 --- a/gcloud/alpha/composer/environments/user-workloads-config-maps/list +++ b/gcloud/alpha/composer/environments/user-workloads-config-maps/list @@ -62,7 +62,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud composer environments user-workloads-config-maps list $ gcloud beta composer environments user-workloads-config-maps list diff --git a/gcloud/alpha/composer/environments/user-workloads-config-maps/update b/gcloud/alpha/composer/environments/user-workloads-config-maps/update index 13591c8e6..94c9457f2 100644 --- a/gcloud/alpha/composer/environments/user-workloads-config-maps/update +++ b/gcloud/alpha/composer/environments/user-workloads-config-maps/update @@ -67,7 +67,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud composer environments user-workloads-config-maps update $ gcloud beta composer environments user-workloads-config-maps update diff --git a/gcloud/alpha/composer/environments/user-workloads-secrets/create b/gcloud/alpha/composer/environments/user-workloads-secrets/create index 3b48ada80..5e8cdf97b 100644 --- a/gcloud/alpha/composer/environments/user-workloads-secrets/create +++ b/gcloud/alpha/composer/environments/user-workloads-secrets/create @@ -66,7 +66,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud composer environments user-workloads-secrets create $ gcloud beta composer environments user-workloads-secrets create diff --git a/gcloud/alpha/composer/environments/user-workloads-secrets/delete b/gcloud/alpha/composer/environments/user-workloads-secrets/delete index 9a26ad845..a9e1c3e00 100644 --- a/gcloud/alpha/composer/environments/user-workloads-secrets/delete +++ b/gcloud/alpha/composer/environments/user-workloads-secrets/delete @@ -66,7 +66,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud composer environments user-workloads-secrets delete $ gcloud beta composer environments user-workloads-secrets delete diff --git a/gcloud/alpha/composer/environments/user-workloads-secrets/describe b/gcloud/alpha/composer/environments/user-workloads-secrets/describe index 484a2cf6c..30eeb6d38 100644 --- a/gcloud/alpha/composer/environments/user-workloads-secrets/describe +++ b/gcloud/alpha/composer/environments/user-workloads-secrets/describe @@ -67,7 +67,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud composer environments user-workloads-secrets describe $ gcloud beta composer environments user-workloads-secrets describe diff --git a/gcloud/alpha/composer/environments/user-workloads-secrets/help b/gcloud/alpha/composer/environments/user-workloads-secrets/help index e0a1bb5b2..74eb8d7ee 100644 --- a/gcloud/alpha/composer/environments/user-workloads-secrets/help +++ b/gcloud/alpha/composer/environments/user-workloads-secrets/help @@ -38,7 +38,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud composer environments user-workloads-secrets $ gcloud beta composer environments user-workloads-secrets diff --git a/gcloud/alpha/composer/environments/user-workloads-secrets/list b/gcloud/alpha/composer/environments/user-workloads-secrets/list index eacf19685..43194e100 100644 --- a/gcloud/alpha/composer/environments/user-workloads-secrets/list +++ b/gcloud/alpha/composer/environments/user-workloads-secrets/list @@ -62,7 +62,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud composer environments user-workloads-secrets list $ gcloud beta composer environments user-workloads-secrets list diff --git a/gcloud/alpha/composer/environments/user-workloads-secrets/update b/gcloud/alpha/composer/environments/user-workloads-secrets/update index 33decab3d..621c1a3ca 100644 --- a/gcloud/alpha/composer/environments/user-workloads-secrets/update +++ b/gcloud/alpha/composer/environments/user-workloads-secrets/update @@ -66,7 +66,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud composer environments user-workloads-secrets update $ gcloud beta composer environments user-workloads-secrets update diff --git a/gcloud/alpha/compute/backend-services/get-effective-security-policies b/gcloud/alpha/compute/backend-services/get-effective-security-policies new file mode 100644 index 000000000..1e42c0eea --- /dev/null +++ b/gcloud/alpha/compute/backend-services/get-effective-security-policies @@ -0,0 +1,108 @@ +NAME + gcloud alpha compute backend-services get-effective-security-policies - get + the effective security policies of a Compute Engine backend service + +SYNOPSIS + gcloud alpha compute backend-services get-effective-security-policies + BACKEND_SERVICE_NAME [NAME ...] [--regexp=REGEXP, -r REGEXP] + [--filter=EXPRESSION] [--limit=LIMIT] [--page-size=PAGE_SIZE] + [--sort-by=[FIELD,...]] [--uri] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (ALPHA) gcloud alpha compute backend-services + get-effective-security-policies is used to get the effective security + policies applied to the backend service. + +EXAMPLES + To get the effective security policies of backend_service with name + example-backend_service, run: + + $ gcloud alpha compute backend-services \ + get-effective-security-policies example-backend_service + + To show all fields of the security policy, please show in JSON format with + option --format=json + + To list more the fields of the effective security policy rules in table + format, run: + + $ gcloud alpha compute backend-services \ + get-effective-security-policies example-backend_service \ + --format="table( + type, + security_policy_name, + priority, + description, + action, + preview, + expression, + src_ip_ranges.list():label=SRC_RANGES)" + +POSITIONAL ARGUMENTS + BACKEND_SERVICE_NAME + Name of the backend service to get effective security policies. + + [NAME ...] + (DEPRECATED) If provided, show details for the specified names and/or + URIs of resources. + + Argument NAME is deprecated. Use --filter="name=( 'NAME' ... )" + instead. + +FLAGS + --regexp=REGEXP, -r REGEXP + (DEPRECATED) Regular expression to filter the names of the results on. + Any names that do not match the entire regular expression will be + filtered out. + + Flag --regexp is deprecated. Use --filter="name~'REGEXP'" instead. + +LIST COMMAND FLAGS + --filter=EXPRESSION + Apply a Boolean filter EXPRESSION to each resource item to be listed. + If the expression evaluates True, then that item is listed. For more + details and examples of filter expressions, run $ gcloud topic filters. + This flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --limit=LIMIT + Maximum number of resources to list. The default is unlimited. This + flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --page-size=PAGE_SIZE + Some services group resource list output into pages. This flag + specifies the maximum number of resources per page. The default is + determined by the service if it supports paging, otherwise it is + unlimited (no paging). Paging may be applied before or after --filter + and --limit depending on the service. + + --sort-by=[FIELD,...] + Comma-separated list of resource field key names to sort by. The + default order is ascending. Prefix a field with ``~'' for descending + order on that field. This flag interacts with other flags that are + applied in this order: --flatten, --sort-by, --filter, --limit. + + --uri + Print a list of resource URIs instead of the default output, and change + the command output to a list of URIs. If this flag is used with + --format, the formatting is applied on this URI list. To display URIs + alongside other keys instead, use the uri() transform. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in alpha and might change without notice. If this + command fails with API permission errors despite specifying the correct + project, you might be trying to access an API with an invitation-only early + access allowlist. This variant is also available: + + $ gcloud beta compute backend-services \ + get-effective-security-policies + diff --git a/gcloud/alpha/compute/backend-services/help b/gcloud/alpha/compute/backend-services/help index 4d40dc89f..94b75f12e 100644 --- a/gcloud/alpha/compute/backend-services/help +++ b/gcloud/alpha/compute/backend-services/help @@ -55,6 +55,10 @@ COMMANDS export (ALPHA) Export a backend service. + get-effective-security-policies + (ALPHA) Get the effective security policies of a Compute Engine backend + service. + get-health (ALPHA) Get backend health statuses from a backend service. diff --git a/gcloud/alpha/compute/firewall-policies/export-rules b/gcloud/alpha/compute/firewall-policies/export-rules index 1fbfbeb40..5f1270e1e 100644 --- a/gcloud/alpha/compute/firewall-policies/export-rules +++ b/gcloud/alpha/compute/firewall-policies/export-rules @@ -44,5 +44,7 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. + access allowlist. This variant is also available: + + $ gcloud beta compute firewall-policies export-rules diff --git a/gcloud/alpha/compute/firewall-policies/import-rules b/gcloud/alpha/compute/firewall-policies/import-rules index e4c2f8b6e..f10a9e82b 100644 --- a/gcloud/alpha/compute/firewall-policies/import-rules +++ b/gcloud/alpha/compute/firewall-policies/import-rules @@ -45,5 +45,7 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. + access allowlist. This variant is also available: + + $ gcloud beta compute firewall-policies import-rules diff --git a/gcloud/alpha/compute/firewall-policies/rules/create b/gcloud/alpha/compute/firewall-policies/rules/create index 6fc6993f1..7b1ab2bf4 100644 --- a/gcloud/alpha/compute/firewall-policies/rules/create +++ b/gcloud/alpha/compute/firewall-policies/rules/create @@ -67,8 +67,8 @@ OPTIONAL FLAGS --dest-network-scope=DEST_NETWORK_SCOPE Use this flag to indicate that the rule should match internet or non-internet traffic. It applies to destination traffic for egress - rules. Valid values are INTERNET, NON_INTERNET and INTRA_VPC. Use empty - string to clear the field. + rules. Valid values are INTERNET and NON_INTERNET. Use empty string to + clear the field. --dest-region-codes=[DEST_REGION_CODES,...] Destination Region Code to match for this rule. Can only be specified diff --git a/gcloud/alpha/compute/firewall-policies/rules/update b/gcloud/alpha/compute/firewall-policies/rules/update index a5a9a0eab..0de13277c 100644 --- a/gcloud/alpha/compute/firewall-policies/rules/update +++ b/gcloud/alpha/compute/firewall-policies/rules/update @@ -69,8 +69,8 @@ OPTIONAL FLAGS --dest-network-scope=DEST_NETWORK_SCOPE Use this flag to indicate that the rule should match internet or non-internet traffic. It applies to destination traffic for egress - rules. Valid values are INTERNET, NON_INTERNET and INTRA_VPC. Use empty - string to clear the field. + rules. Valid values are INTERNET and NON_INTERNET. Use empty string to + clear the field. --dest-region-codes=[DEST_REGION_CODES,...] Destination Region Code to match for this rule. Can only be specified diff --git a/gcloud/alpha/compute/instance-templates/create b/gcloud/alpha/compute/instance-templates/create index 6e4a8e527..2bf3c8d3f 100644 --- a/gcloud/alpha/compute/instance-templates/create +++ b/gcloud/alpha/compute/instance-templates/create @@ -450,10 +450,12 @@ FLAGS Enables graceful shutdown for the instance. --graceful-shutdown-max-duration=GRACEFUL_SHUTDOWN_MAX_DURATION - Specifies time needed to gracefully shutdown the instance. After that - time, the instance goes to STOPPING even if graceful shutdown is not - completed.e.g. 300s, 1h. See $ gcloud topic datetimes for information - on duration formats. + Specifies the maximum time for the graceful shutdown. After this time, + the instance is set to STOPPING even if tasks are still running. + Specify the time as the number of hours, minutes, or seconds followed + by h, m, and s respectively. For example, specify 30m for 30 minutes or + 20m10s for 20 minutes and 10 seconds. The value must be between 1 + second and 1 hour. --host-error-timeout-seconds=HOST_ERROR_TIMEOUT_SECONDS The timeout in seconds for host error detection. The value must be set diff --git a/gcloud/alpha/compute/instances/create b/gcloud/alpha/compute/instances/create index 1057bfbf6..33ff9356f 100644 --- a/gcloud/alpha/compute/instances/create +++ b/gcloud/alpha/compute/instances/create @@ -569,10 +569,12 @@ FLAGS Enables graceful shutdown for the instance. --graceful-shutdown-max-duration=GRACEFUL_SHUTDOWN_MAX_DURATION - Specifies time needed to gracefully shutdown the instance. After that - time, the instance goes to STOPPING even if graceful shutdown is not - completed.e.g. 300s, 1h. See $ gcloud topic datetimes for information - on duration formats. + Specifies the maximum time for the graceful shutdown. After this time, + the instance is set to STOPPING even if tasks are still running. + Specify the time as the number of hours, minutes, or seconds followed + by h, m, and s respectively. For example, specify 30m for 30 minutes or + 20m10s for 20 minutes and 10 seconds. The value must be between 1 + second and 1 hour. --host-error-timeout-seconds=HOST_ERROR_TIMEOUT_SECONDS The timeout in seconds for host error detection. The value must be set diff --git a/gcloud/alpha/compute/instances/delete b/gcloud/alpha/compute/instances/delete index af2e1ae5e..60b040e09 100644 --- a/gcloud/alpha/compute/instances/delete +++ b/gcloud/alpha/compute/instances/delete @@ -27,7 +27,9 @@ POSITIONAL ARGUMENTS FLAGS --no-graceful-shutdown - If specified, skips graceful shutdown. + Deletes the instance immediately without gracefully shutting it down. + If a graceful shutdown is in progress, then the instance is forcefully + stopped and deleted. --zone=ZONE Zone of the instances to delete. If not specified, you might be diff --git a/gcloud/alpha/compute/instances/ops-agents/policies/create b/gcloud/alpha/compute/instances/ops-agents/policies/create index 3aae555bc..ad57d255d 100644 --- a/gcloud/alpha/compute/instances/ops-agents/policies/create +++ b/gcloud/alpha/compute/instances/ops-agents/policies/create @@ -249,6 +249,7 @@ REQUIRED FLAGS ubuntu 23.04 ubuntu 23.10 ubuntu 24.04 + ubuntu 24.10 windows 10.* windows 6.* diff --git a/gcloud/alpha/compute/instances/ops-agents/policies/update b/gcloud/alpha/compute/instances/ops-agents/policies/update index f01ad4834..157317b3a 100644 --- a/gcloud/alpha/compute/instances/ops-agents/policies/update +++ b/gcloud/alpha/compute/instances/ops-agents/policies/update @@ -286,6 +286,7 @@ FLAGS ubuntu 23.04 ubuntu 23.10 ubuntu 24.04 + ubuntu 24.10 windows 10.* windows 6.* diff --git a/gcloud/alpha/compute/instances/set-scheduling b/gcloud/alpha/compute/instances/set-scheduling index 8988abbfe..0778b4a95 100644 --- a/gcloud/alpha/compute/instances/set-scheduling +++ b/gcloud/alpha/compute/instances/set-scheduling @@ -46,14 +46,16 @@ FLAGS overcommitted and utilize the full CPU count assigned. --[no-]graceful-shutdown - If set to true, enables graceful shutdown for the instance. Use + Enables or disables graceful shutdown for the instance. Use --graceful-shutdown to enable and --no-graceful-shutdown to disable. --graceful-shutdown-max-duration=GRACEFUL_SHUTDOWN_MAX_DURATION - Specifies time needed to gracefully shutdown the instance. After that - time, the instance goes to STOPPING even if graceful shutdown is not - completed.e.g. 300s, 1h. See $ gcloud topic datetimes for information - on duration formats. + Specifies the maximum time for the graceful shutdown. After this time, + the instance is set to STOPPING even if tasks are still running. + Specify the time as the number of hours, minutes, or seconds followed + by h, m, and s respectively. For example, specify 30m for 30 minutes or + 20m10s for 20 minutes and 10 seconds. The value must be between 1 + second and 1 hour. --host-error-timeout-seconds=HOST_ERROR_TIMEOUT_SECONDS The timeout in seconds for host error detection. The value must be set diff --git a/gcloud/alpha/compute/instances/stop b/gcloud/alpha/compute/instances/stop index bc8174b71..43b2515a8 100644 --- a/gcloud/alpha/compute/instances/stop +++ b/gcloud/alpha/compute/instances/stop @@ -53,7 +53,9 @@ FLAGS If set to true, local SSD data is discarded. --no-graceful-shutdown - If specified, skips graceful shutdown. + Stops the instance immediately without gracefully shutting it down. If + a graceful shutdown is in progress, then the instance is forcefully + stopped. --zone=ZONE Zone of the instances to operate on. If not specified, you might be diff --git a/gcloud/alpha/compute/instances/update b/gcloud/alpha/compute/instances/update index a42b49b10..ee25f7384 100644 --- a/gcloud/alpha/compute/instances/update +++ b/gcloud/alpha/compute/instances/update @@ -58,14 +58,16 @@ FLAGS enable and --no-enable-display-device to disable. --[no-]graceful-shutdown - If set to true, enables graceful shutdown for the instance. Use + Enables or disables graceful shutdown for the instance. Use --graceful-shutdown to enable and --no-graceful-shutdown to disable. --graceful-shutdown-max-duration=GRACEFUL_SHUTDOWN_MAX_DURATION - Specifies time needed to gracefully shutdown the instance. After that - time, the instance goes to STOPPING even if graceful shutdown is not - completed.e.g. 300s, 1h. See $ gcloud topic datetimes for information - on duration formats. + Specifies the maximum time for the graceful shutdown. After this time, + the instance is set to STOPPING even if tasks are still running. + Specify the time as the number of hours, minutes, or seconds followed + by h, m, and s respectively. For example, specify 30m for 30 minutes or + 20m10s for 20 minutes and 10 seconds. The value must be between 1 + second and 1 hour. --min-cpu-platform=PLATFORM When specified, the VM will be scheduled on host with specified CPU diff --git a/gcloud/alpha/compute/network-firewall-policies/export-rules b/gcloud/alpha/compute/network-firewall-policies/export-rules index a36557f32..6cf37421b 100644 --- a/gcloud/alpha/compute/network-firewall-policies/export-rules +++ b/gcloud/alpha/compute/network-firewall-policies/export-rules @@ -48,5 +48,7 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. + access allowlist. This variant is also available: + + $ gcloud beta compute network-firewall-policies export-rules diff --git a/gcloud/alpha/compute/network-firewall-policies/import-rules b/gcloud/alpha/compute/network-firewall-policies/import-rules index 4c4161c10..1c6b827b9 100644 --- a/gcloud/alpha/compute/network-firewall-policies/import-rules +++ b/gcloud/alpha/compute/network-firewall-policies/import-rules @@ -49,5 +49,7 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. + access allowlist. This variant is also available: + + $ gcloud beta compute network-firewall-policies import-rules diff --git a/gcloud/alpha/compute/network-firewall-policies/rules/create b/gcloud/alpha/compute/network-firewall-policies/rules/create index dcd7ca0bd..dd9432e42 100644 --- a/gcloud/alpha/compute/network-firewall-policies/rules/create +++ b/gcloud/alpha/compute/network-firewall-policies/rules/create @@ -77,8 +77,8 @@ OPTIONAL FLAGS --dest-network-scope=DEST_NETWORK_SCOPE Use this flag to indicate that the rule should match internet or non-internet traffic. It applies to destination traffic for egress - rules. Valid values are INTERNET, NON_INTERNET and INTRA_VPC. Use empty - string to clear the field. + rules. Valid values are INTERNET and NON_INTERNET. Use empty string to + clear the field. --dest-region-codes=[DEST_REGION_CODES,...] Destination Region Code to match for this rule. Can only be specified diff --git a/gcloud/alpha/compute/network-firewall-policies/rules/update b/gcloud/alpha/compute/network-firewall-policies/rules/update index 722434cf9..a6355f777 100644 --- a/gcloud/alpha/compute/network-firewall-policies/rules/update +++ b/gcloud/alpha/compute/network-firewall-policies/rules/update @@ -70,8 +70,8 @@ OPTIONAL FLAGS --dest-network-scope=DEST_NETWORK_SCOPE Use this flag to indicate that the rule should match internet or non-internet traffic. It applies to destination traffic for egress - rules. Valid values are INTERNET, NON_INTERNET and INTRA_VPC. Use empty - string to clear the field. + rules. Valid values are INTERNET and NON_INTERNET. Use empty string to + clear the field. --dest-region-codes=[DEST_REGION_CODES,...] Destination Region Code to match for this rule. Can only be specified diff --git a/gcloud/alpha/compute/networks/create b/gcloud/alpha/compute/networks/create index c187155c4..a27d97199 100644 --- a/gcloud/alpha/compute/networks/create +++ b/gcloud/alpha/compute/networks/create @@ -108,8 +108,8 @@ FLAGS BGP Best Path Selection flags --bgp-best-path-selection-mode=BGP_BEST_PATH_SELECTION_MODE - The BGP best path selection algorithm to be employed. MODE can be - LEGACY or STANDARD. BGP_BEST_PATH_SELECTION_MODE must be one of: + The BGP best path selection algorithm to be employed. + BGP_BEST_PATH_SELECTION_MODE must be one of: LEGACY Dynamic routes are ranked based on the multiple @@ -121,7 +121,7 @@ FLAGS and MED BGP attributes. When global routing is enabled, region-to-region cost is used as a tiebreaker. This mode offers customizations to fine-tune BGP best path routing with additional - knobs like --bgp-bps-always-compare-med and + flags like --bgp-bps-always-compare-med and --bgp-bps-inter-region-cost --[no-]bgp-bps-always-compare-med diff --git a/gcloud/alpha/compute/networks/update b/gcloud/alpha/compute/networks/update index b67fe72f1..c3ab97061 100644 --- a/gcloud/alpha/compute/networks/update +++ b/gcloud/alpha/compute/networks/update @@ -60,8 +60,8 @@ FLAGS BGP Best Path Selection flags --bgp-best-path-selection-mode=BGP_BEST_PATH_SELECTION_MODE - The BGP best path selection algorithm to be employed. MODE can be - LEGACY or STANDARD. BGP_BEST_PATH_SELECTION_MODE must be one of: + The BGP best path selection algorithm to be employed. + BGP_BEST_PATH_SELECTION_MODE must be one of: LEGACY Dynamic routes are ranked based on the multiple @@ -73,7 +73,7 @@ FLAGS and MED BGP attributes. When global routing is enabled, region-to-region cost is used as a tiebreaker. This mode offers customizations to fine-tune BGP best path routing with additional - knobs like --bgp-bps-always-compare-med and + flags like --bgp-bps-always-compare-med and --bgp-bps-inter-region-cost --[no-]bgp-bps-always-compare-med diff --git a/gcloud/alpha/compute/org-security-policies/associations/create b/gcloud/alpha/compute/org-security-policies/associations/create index 41f0b36c3..79e9fb6af 100644 --- a/gcloud/alpha/compute/org-security-policies/associations/create +++ b/gcloud/alpha/compute/org-security-policies/associations/create @@ -5,9 +5,11 @@ NAME SYNOPSIS gcloud alpha compute org-security-policies associations create - --security-policy=SECURITY_POLICY [--folder=FOLDER] [--name=NAME] - [--organization=ORGANIZATION] [--replace-association-on-target] - [GCLOUD_WIDE_FLAG ...] + --security-policy=SECURITY_POLICY + [--excluded-folders=[EXCLUDED_FOLDERS,...]] + [--excluded-projects=[EXCLUDED_PROJECTS,...]] [--folder=FOLDER] + [--name=NAME] [--organization=ORGANIZATION] + [--replace-association-on-target] [GCLOUD_WIDE_FLAG ...] DESCRIPTION (ALPHA) gcloud alpha compute org-security-policies associations create is @@ -27,6 +29,14 @@ REQUIRED FLAGS Security policy ID of the association. OPTIONAL FLAGS + --excluded-folders=[EXCLUDED_FOLDERS,...] + List of folders to exclude from the application of this security + policy. Folders should be specified in the form "folders/123". + + --excluded-projects=[EXCLUDED_PROJECTS,...] + List of projects to exclude from the application of this security + policy. Projects should be specified in the form "projects/123". + --folder=FOLDER ID of the folder with which the association is created. @@ -36,7 +46,7 @@ OPTIONAL FLAGS --organization=ORGANIZATION ID of the organization in which the security policy is to be - associated. Must be set if SECURITY_POLICY is display name. + associated. Must be set if SECURITY_POLICY is short name. --replace-association-on-target By default, if you attempt to insert an association to an organization diff --git a/gcloud/alpha/compute/org-security-policies/associations/delete b/gcloud/alpha/compute/org-security-policies/associations/delete index fb5edfa81..19116dba2 100644 --- a/gcloud/alpha/compute/org-security-policies/associations/delete +++ b/gcloud/alpha/compute/org-security-policies/associations/delete @@ -24,12 +24,12 @@ POSITIONAL ARGUMENTS REQUIRED FLAGS --security-policy=SECURITY_POLICY - Display name or ID of the security policy ID of the association. + short name or ID of the security policy ID of the association. OPTIONAL FLAGS --organization=ORGANIZATION ID of the organization in which the security policy is to be detached. - Must be set if SECURITY_POLICY is display name. + Must be set if SECURITY_POLICY is short name. GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, diff --git a/gcloud/alpha/compute/org-security-policies/copy-rules b/gcloud/alpha/compute/org-security-policies/copy-rules index 010f87bb2..f2760f8de 100644 --- a/gcloud/alpha/compute/org-security-policies/copy-rules +++ b/gcloud/alpha/compute/org-security-policies/copy-rules @@ -15,15 +15,15 @@ DESCRIPTION resources. EXAMPLES - To copy the rules of an organization security policy with ID ``123456789", - from another organization security policy with ID ``987654321", run: + To copy the rules of an organization security policy with ID "123456789", + from another organization security policy with ID "987654321", run: $ gcloud alpha compute org-security-policies copy-rules copy-rules \ 123456789 --source-security-policy=987654321 POSITIONAL ARGUMENTS SECURITY_POLICY - Display name or ID of the security policy to copy the rules to. + Short name or ID of the security policy to copy the rules to. REQUIRED FLAGS --source-security-policy=SOURCE_SECURITY_POLICY @@ -32,7 +32,7 @@ REQUIRED FLAGS OPTIONAL FLAGS --organization=ORGANIZATION Organization in which the organization security policy to copy the - rules to. Must be set if security-policy is display name. + rules to. Must be set if security-policy is the short name. GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, diff --git a/gcloud/alpha/compute/org-security-policies/create b/gcloud/alpha/compute/org-security-policies/create index 17e41d21e..955e0aac7 100644 --- a/gcloud/alpha/compute/org-security-policies/create +++ b/gcloud/alpha/compute/org-security-policies/create @@ -6,6 +6,8 @@ SYNOPSIS gcloud alpha compute org-security-policies create (--folder=FOLDER | --organization=ORGANIZATION) [--description=DESCRIPTION] [--display-name=DISPLAY_NAME] + [--file-format=FILE_FORMAT] [--short-name=SHORT_NAME] + [--file-name=FILE_NAME | --type=SECURITY_POLICY_TYPE] [GCLOUD_WIDE_FLAG ...] DESCRIPTION @@ -14,11 +16,17 @@ DESCRIPTION rules that controls access to various resources. EXAMPLES - To create an organization security policy under folder with ID - ``123456789", run: + To create an organization security policy under folder with ID "123456789", + run: $ gcloud alpha compute org-security-policies create create \ - --folder=123456789 + --short-name=my-policy --folder=123456789 + + To create an organization security under organization with ID "12345" from + an input file, run: + + $ gcloud alpha compute org-security-policies create create \ + --file-name=my-file-name --organization=12345 REQUIRED FLAGS Exactly one of these must be specified: @@ -37,6 +45,27 @@ OPTIONAL FLAGS --display-name=DISPLAY_NAME A textual name of the security policy. + --file-format=FILE_FORMAT + The format of the file to create the organization security policy + config from. Specify either yaml or json. Defaults to yaml if not + specified. Will be ignored if --file-name is not specified. FILE_FORMAT + must be one of: json, yaml. + + --short-name=SHORT_NAME + A textual name of the security policy. + + Creation options. + + At most one of these can be specified: + + --file-name=FILE_NAME + The name of the JSON or YAML file to create a organization security + policy config from. + + --type=SECURITY_POLICY_TYPE + The type indicates the intended use of the organization security + policy. SECURITY_POLICY_TYPE must be one of: CLOUD_ARMOR, FIREWALL. + GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, diff --git a/gcloud/alpha/compute/org-security-policies/delete b/gcloud/alpha/compute/org-security-policies/delete index 7d105881d..6eba7d36f 100644 --- a/gcloud/alpha/compute/org-security-policies/delete +++ b/gcloud/alpha/compute/org-security-policies/delete @@ -12,18 +12,18 @@ DESCRIPTION rules that controls access to various resources. EXAMPLES - To delete an organization security policy with ID ``123456789", run: + To delete an organization security policy with ID "123456789", run: $ gcloud alpha compute org-security-policies delete delete 123456789 POSITIONAL ARGUMENTS SECURITY_POLICY - Display name or ID of the security policy to delete. + Short name or ID of the security policy to delete. FLAGS --organization=ORGANIZATION Organization in which the organization security policy is to be - deleted. Must be set if SECURITY_POLICY is display name. + deleted. Must be set if SECURITY_POLICY is short name. GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, diff --git a/gcloud/alpha/compute/org-security-policies/describe b/gcloud/alpha/compute/org-security-policies/describe index 848e9352d..ecc8412a7 100644 --- a/gcloud/alpha/compute/org-security-policies/describe +++ b/gcloud/alpha/compute/org-security-policies/describe @@ -12,18 +12,18 @@ DESCRIPTION a set of rules that controls access to various resources. EXAMPLES - To describe an organization security policy with ID ``123456789", run: + To describe an organization security policy with ID "123456789", run: $ gcloud alpha compute org-security-policies describe 123456789 POSITIONAL ARGUMENTS SECURITY_POLICY - Display name or ID of the security policy to describe. + Short name or ID of the security policy to describe. FLAGS --organization=ORGANIZATION Organization in which the organization security policy is to be - described. Must be set if SECURITY_POLICY is display name. + described. Must be set if SECURITY_POLICY is short name. GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, diff --git a/gcloud/alpha/compute/org-security-policies/list b/gcloud/alpha/compute/org-security-policies/list index b88f04a92..07e185cda 100644 --- a/gcloud/alpha/compute/org-security-policies/list +++ b/gcloud/alpha/compute/org-security-policies/list @@ -15,7 +15,7 @@ DESCRIPTION rules that controls access to various resources. EXAMPLES - To list organization security policies under folder with ID ``123456789", + To list organization security policies under folder with ID "123456789", run: $ gcloud alpha compute org-security-policies list list \ diff --git a/gcloud/alpha/compute/org-security-policies/list-rules b/gcloud/alpha/compute/org-security-policies/list-rules index 1e9e134de..7d893d86f 100644 --- a/gcloud/alpha/compute/org-security-policies/list-rules +++ b/gcloud/alpha/compute/org-security-policies/list-rules @@ -13,14 +13,14 @@ DESCRIPTION list the rules of an organization security policy. EXAMPLES - To list the rules of an organization security policy with ID ``123456789", + To list the rules of an organization security policy with ID "123456789", run: $ gcloud alpha compute org-security-policies list-rules list-rules \ 123456789 To list all the fields of the rules of an organization security policy with - ID ``123456789", run: + ID "123456789", run: $ gcloud alpha compute org-security-policies list-rules list-rules \ 123456789 --format="table( @@ -38,7 +38,7 @@ EXAMPLES POSITIONAL ARGUMENTS SECURITY_POLICY - Display name or ID of the security policy to list rules for. + Short name or ID of the security policy to list rules for. [NAME ...] (DEPRECATED) If provided, show details for the specified names and/or diff --git a/gcloud/alpha/compute/org-security-policies/move b/gcloud/alpha/compute/org-security-policies/move index 02e8596a7..ae3dca090 100644 --- a/gcloud/alpha/compute/org-security-policies/move +++ b/gcloud/alpha/compute/org-security-policies/move @@ -11,15 +11,15 @@ DESCRIPTION used to move organization security policies to new parent nodes. EXAMPLES - To move an organization security policy under folder with ID ``123456789" - to folder ``987654321", run: + To move an organization security policy under folder with ID "123456789" to + folder "987654321", run: $ gcloud alpha compute org-security-policies move move 123456789 \ --folder=987654321 POSITIONAL ARGUMENTS SECURITY_POLICY - Display name or ID of the security policy to move. + Short name or ID of the security policy to move. FLAGS --folder=FOLDER @@ -27,7 +27,7 @@ FLAGS --organization=ORGANIZATION Organization in which the organization security policy is to be moved. - Must be set if SECURITY_POLICY is display name. + Must be set if SECURITY_POLICY is the short name. GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, diff --git a/gcloud/alpha/compute/org-security-policies/rules/create b/gcloud/alpha/compute/org-security-policies/rules/create index b74dcbee1..ad60c4607 100644 --- a/gcloud/alpha/compute/org-security-policies/rules/create +++ b/gcloud/alpha/compute/org-security-policies/rules/create @@ -4,13 +4,14 @@ NAME SYNOPSIS gcloud alpha compute org-security-policies rules create PRIORITY - --action=ACTION --security-policy=SECURITY_POLICY + --action=ACTION --security-policy=SECURITY_POLICY [--cloud-armor] [--description=DESCRIPTION] [--dest-ip-ranges=[DEST_IP_RANGE,...]] [--dest-ports=[DEST_PORTS,...]] [--direction=DIRECTION] [--[no-]enable-logging] [--layer4-configs=[LAYER4_CONFIG,...]] - [--organization=ORGANIZATION] [--src-ip-ranges=[SRC_IP_RANGE,...]] + [--organization=ORGANIZATION] [--preview] [--target-resources=[TARGET_RESOURCES,...]] [--target-service-accounts=[TARGET_SERVICE_ACCOUNTS,...]] + [--expression=EXPRESSION | --src-ip-ranges=[SRC_IP_RANGE,...]] [GCLOUD_WIDE_FLAG ...] DESCRIPTION @@ -18,12 +19,12 @@ DESCRIPTION create organization security policy rules. EXAMPLES - To create a rule with priority ``10" in an organization security policy - with ID ``123456789", run: + To create a rule with priority "10" in an organization security policy with + ID "123456789", run: $ gcloud alpha compute org-security-policies rules create create \ 10 --security-policy=123456789 --action=allow \ - --description=example-rule + --description=example-rule --cloud-armor POSITIONAL ARGUMENTS PRIORITY @@ -32,13 +33,33 @@ POSITIONAL ARGUMENTS REQUIRED FLAGS --action=ACTION Action to take if the request matches the match condition. ACTION must - be one of: allow, deny, goto_next. + be one of: + + allow + Allows the request from HTTP(S) Load Balancing. + deny + (DEPRECATED) Only used for Hierarchical Firewalls. + deny-403 + Denies the request from HTTP(S) Load Balancing, with an HTTP + response status code of 403. + deny-404 + Denies the request from HTTP(S) Load Balancing, with an HTTP + response status code of 404. + deny-502 + Denies the request from HTTP(S) Load Balancing, with an HTTP + response status code of 502. + redirect + Redirects the request from HTTP(S) Load Balancing, based on + redirect options. --security-policy=SECURITY_POLICY - Display name of the security policy into which the rule should be + short name of the security policy into which the rule should be inserted. OPTIONAL FLAGS + --cloud-armor + Specified for Hierarchical Cloud Armor rules. + --description=DESCRIPTION An optional, textual description for the rule. @@ -65,11 +86,10 @@ OPTIONAL FLAGS --organization=ORGANIZATION Organization which the organization security policy belongs to. Must be - set if SECURITY_POLICY is display name. + set if SECURITY_POLICY is short name. - --src-ip-ranges=[SRC_IP_RANGE,...] - Source IP ranges to match for this rule. Can only be specified if - DIRECTION is ingress. + --preview + If specified, the action will not be enforced. --target-resources=[TARGET_RESOURCES,...] List of URLs of target resources to which the rule is applied. @@ -77,6 +97,17 @@ OPTIONAL FLAGS --target-service-accounts=[TARGET_SERVICE_ACCOUNTS,...] List of target service accounts for the rule. + Security policy rule matcher. + + At most one of these can be specified: + + --expression=EXPRESSION + The Cloud Armor rules language expression to match for this rule. + + --src-ip-ranges=[SRC_IP_RANGE,...] + The source IPs/IP ranges to match for this rule. To match all IPs + specify *. + GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, diff --git a/gcloud/alpha/compute/org-security-policies/rules/delete b/gcloud/alpha/compute/org-security-policies/rules/delete index 1f4de5143..1aa48b6d6 100644 --- a/gcloud/alpha/compute/org-security-policies/rules/delete +++ b/gcloud/alpha/compute/org-security-policies/rules/delete @@ -24,13 +24,13 @@ POSITIONAL ARGUMENTS REQUIRED FLAGS --security-policy=SECURITY_POLICY - Display name of the security policy into which the rule should be + short name of the security policy into which the rule should be deleted. OPTIONAL FLAGS --organization=ORGANIZATION Organization which the organization security policy belongs to. Must be - set if SECURITY_POLICY is display name. + set if SECURITY_POLICY is short name. GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, diff --git a/gcloud/alpha/compute/org-security-policies/rules/describe b/gcloud/alpha/compute/org-security-policies/rules/describe index 6e4d8883e..226e122a3 100644 --- a/gcloud/alpha/compute/org-security-policies/rules/describe +++ b/gcloud/alpha/compute/org-security-policies/rules/describe @@ -24,13 +24,13 @@ POSITIONAL ARGUMENTS REQUIRED FLAGS --security-policy=SECURITY_POLICY - Display name of the security policy into which the rule should be + short name of the security policy into which the rule should be described. OPTIONAL FLAGS --organization=ORGANIZATION Organization which the organization security policy belongs to. Must be - set if SECURITY_POLICY is display name. + set if SECURITY_POLICY is short name. GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, diff --git a/gcloud/alpha/compute/org-security-policies/rules/update b/gcloud/alpha/compute/org-security-policies/rules/update index 58a49b03e..8e6a1c854 100644 --- a/gcloud/alpha/compute/org-security-policies/rules/update +++ b/gcloud/alpha/compute/org-security-policies/rules/update @@ -4,14 +4,14 @@ NAME SYNOPSIS gcloud alpha compute org-security-policies rules update PRIORITY - --security-policy=SECURITY_POLICY [--action=ACTION] + --security-policy=SECURITY_POLICY [--action=ACTION] [--cloud-armor] [--description=DESCRIPTION] [--dest-ip-ranges=[DEST_IP_RANGE,...]] [--dest-ports=[DEST_PORTS,...]] [--direction=DIRECTION] [--[no-]enable-logging] [--layer4-configs=[LAYER4_CONFIG,...]] - [--new-priority=NEW_PRIORITY] [--organization=ORGANIZATION] - [--src-ip-ranges=[SRC_IP_RANGE,...]] + [--new-priority=NEW_PRIORITY] [--organization=ORGANIZATION] [--preview] [--target-resources=[TARGET_RESOURCES,...]] [--target-service-accounts=[TARGET_SERVICE_ACCOUNTS,...]] + [--expression=EXPRESSION | --src-ip-ranges=[SRC_IP_RANGE,...]] [GCLOUD_WIDE_FLAG ...] DESCRIPTION @@ -33,13 +33,33 @@ POSITIONAL ARGUMENTS REQUIRED FLAGS --security-policy=SECURITY_POLICY - Display name of the security policy into which the rule should be + short name of the security policy into which the rule should be updated. OPTIONAL FLAGS --action=ACTION Action to take if the request matches the match condition. ACTION must - be one of: allow, deny, goto_next. + be one of: + + allow + Allows the request from HTTP(S) Load Balancing. + deny + (DEPRECATED) Only used for Hierarchical Firewalls. + deny-403 + Denies the request from HTTP(S) Load Balancing, with an HTTP + response status code of 403. + deny-404 + Denies the request from HTTP(S) Load Balancing, with an HTTP + response status code of 404. + deny-502 + Denies the request from HTTP(S) Load Balancing, with an HTTP + response status code of 502. + redirect + Redirects the request from HTTP(S) Load Balancing, based on + redirect options. + + --cloud-armor + Specified for Hierarchical Cloud Armor rules. --description=DESCRIPTION An optional, textual description for the rule. @@ -70,11 +90,10 @@ OPTIONAL FLAGS --organization=ORGANIZATION Organization which the organization security policy belongs to. Must be - set if SECURITY_POLICY is display name. + set if SECURITY_POLICY is short name. - --src-ip-ranges=[SRC_IP_RANGE,...] - Source IP ranges to match for this rule. Can only be specified if - DIRECTION is ingress. + --preview + If specified, the action will not be enforced. --target-resources=[TARGET_RESOURCES,...] List of URLs of target resources to which the rule is applied. @@ -82,6 +101,17 @@ OPTIONAL FLAGS --target-service-accounts=[TARGET_SERVICE_ACCOUNTS,...] List of target service accounts for the rule. + Security policy rule matcher. + + At most one of these can be specified: + + --expression=EXPRESSION + The Cloud Armor rules language expression to match for this rule. + + --src-ip-ranges=[SRC_IP_RANGE,...] + The source IPs/IP ranges to match for this rule. To match all IPs + specify *. + GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, diff --git a/gcloud/alpha/compute/org-security-policies/update b/gcloud/alpha/compute/org-security-policies/update index eb6fd4bcc..0f324a612 100644 --- a/gcloud/alpha/compute/org-security-policies/update +++ b/gcloud/alpha/compute/org-security-policies/update @@ -4,7 +4,11 @@ NAME SYNOPSIS gcloud alpha compute org-security-policies update SECURITY_POLICY - [--description=DESCRIPTION] [--organization=ORGANIZATION] + [--description=DESCRIPTION] + [--json-custom-content-types=[CONTENT_TYPE,...]] + [--json-parsing=JSON_PARSING] [--log-level=LOG_LEVEL] + [--organization=ORGANIZATION] + [--user-ip-request-headers=[USER_IP_REQUEST_HEADER,...]] [GCLOUD_WIDE_FLAG ...] DESCRIPTION @@ -13,23 +17,43 @@ DESCRIPTION rules that controls access to various resources. EXAMPLES - To update an organization security policy with ID ``123456789" to change - the description to ``New description", run: + To update an organization security policy with ID "123456789" to change the + description to "New description", run: $ gcloud alpha compute org-security-policies update update \ 123456789 --description='New description' POSITIONAL ARGUMENTS SECURITY_POLICY - Display name or ID of the security policy to update. + Short name or ID of the security policy to update. FLAGS --description=DESCRIPTION An optional, textual description for the organization security policy. + --json-custom-content-types=[CONTENT_TYPE,...] + A comma-separated list of custom Content-Type header values to apply + JSON parsing for preconfigured WAF rules. Only applicable when JSON + parsing is enabled, like --json-parsing=STANDARD. When configuring a + Content-Type header value, only the type/subtype needs to be specified, + and the parameters should be excluded. + + --json-parsing=JSON_PARSING + The JSON parsing behavior for this rule. Must be one of the following + values: [DISABLED, STANDARD, STANDARD_WITH_GRAPHQL]. JSON_PARSING must + be one of: DISABLED, STANDARD, STANDARD_WITH_GRAPHQL. + + --log-level=LOG_LEVEL + The level of detail to display for WAF logging. LOG_LEVEL must be one + of: NORMAL, VERBOSE. + --organization=ORGANIZATION Organization in which the organization security policy is to be - updated. Must be set if SECURITY_POLICY is display name. + updated. Must be set if SECURITY_POLICY is the short name. + + --user-ip-request-headers=[USER_IP_REQUEST_HEADER,...] + A comma-separated list of request header names to use for resolving the + caller's user IP address. GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, diff --git a/gcloud/alpha/compute/reservations/blocks/describe b/gcloud/alpha/compute/reservations/blocks/describe index a8ef8e7fb..3e9b5877d 100644 --- a/gcloud/alpha/compute/reservations/blocks/describe +++ b/gcloud/alpha/compute/reservations/blocks/describe @@ -1,13 +1,13 @@ NAME gcloud alpha compute reservations blocks describe - describe a Compute - Engine image + Engine reservation block SYNOPSIS gcloud alpha compute reservations blocks describe RESERVATION --block-name=BLOCK_NAME [--zone=ZONE] [GCLOUD_WIDE_FLAG ...] DESCRIPTION - (ALPHA) Describe a Compute Engine image. + (ALPHA) Describe a Compute Engine reservation block. EXAMPLES To describe a reservation block in reservation exr1 in my-zone with block @@ -58,5 +58,7 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. + access allowlist. This variant is also available: + + $ gcloud beta compute reservations blocks describe diff --git a/gcloud/alpha/compute/reservations/blocks/help b/gcloud/alpha/compute/reservations/blocks/help index 63bd4ccce..cc8024c91 100644 --- a/gcloud/alpha/compute/reservations/blocks/help +++ b/gcloud/alpha/compute/reservations/blocks/help @@ -16,14 +16,19 @@ COMMANDS COMMAND is one of the following: describe - (ALPHA) Describe a Compute Engine image. + (ALPHA) Describe a Compute Engine reservation block. list (ALPHA) List Compute Engine reservation blocks. + perform-maintenance + (ALPHA) Perform maintenance on a reservation block. + NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. + access allowlist. This variant is also available: + + $ gcloud beta compute reservations blocks diff --git a/gcloud/alpha/compute/reservations/blocks/list b/gcloud/alpha/compute/reservations/blocks/list index f70754c36..fa5881c6f 100644 --- a/gcloud/alpha/compute/reservations/blocks/list +++ b/gcloud/alpha/compute/reservations/blocks/list @@ -94,5 +94,7 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. + access allowlist. This variant is also available: + + $ gcloud beta compute reservations blocks list diff --git a/gcloud/alpha/compute/reservations/blocks/perform-maintenance b/gcloud/alpha/compute/reservations/blocks/perform-maintenance new file mode 100644 index 000000000..a96335cf6 --- /dev/null +++ b/gcloud/alpha/compute/reservations/blocks/perform-maintenance @@ -0,0 +1,77 @@ +NAME + gcloud alpha compute reservations blocks perform-maintenance - perform + maintenance on a reservation block + +SYNOPSIS + gcloud alpha compute reservations blocks perform-maintenance RESERVATION + --block-name=BLOCK_NAME [--scope=SCOPE] [--zone=ZONE] + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (ALPHA) Perform maintenance on a reservation block. + +EXAMPLES + To perform maintenance on a reservation block in reservation exr1 in + my-zone with block name block1 with scope all, run: + + $ gcloud alpha compute reservations blocks perform-maintenance \ + exr1 --zone=my-zone --block-name=block1 --scope=all + +POSITIONAL ARGUMENTS + RESERVATION + Name of the reservation to perform-maintenance. + +REQUIRED FLAGS + --block-name=BLOCK_NAME + The name of the reservation block. + +OPTIONAL FLAGS + --scope=SCOPE + The maintenance scope to set for the reservation block. SCOPE must be + one of: + + all + Maintenance should be performed on all hosts in the reservation + block. + running + Maintenance should be performed only on the hosts in the + reservation block which have running VMs. + unused + Maintenance should be performed only on the hosts in the + reservation block which have no running VMs. + + --zone=ZONE + Zone of the reservation to perform-maintenance. If not specified and + the compute/zone property isn't set, you might be prompted to select a + zone (interactive mode only). + + To avoid prompting when this flag is omitted, you can set the + compute/zone property: + + $ gcloud config set compute/zone ZONE + + A list of zones can be fetched by running: + + $ gcloud compute zones list + + To unset the property, run: + + $ gcloud config unset compute/zone + + Alternatively, the zone can be stored in the environment variable + CLOUDSDK_COMPUTE_ZONE. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in alpha and might change without notice. If this + command fails with API permission errors despite specifying the correct + project, you might be trying to access an API with an invitation-only early + access allowlist. + diff --git a/gcloud/alpha/compute/reservations/help b/gcloud/alpha/compute/reservations/help index de4918e44..088c44b55 100644 --- a/gcloud/alpha/compute/reservations/help +++ b/gcloud/alpha/compute/reservations/help @@ -45,6 +45,9 @@ COMMANDS list (ALPHA) List Compute Engine reservations. + perform-maintenance + (ALPHA) Perform maintenance on a reservation. + remove-iam-policy-binding (ALPHA) Remove IAM policy binding from a Compute Engine reservation. diff --git a/gcloud/alpha/compute/reservations/perform-maintenance b/gcloud/alpha/compute/reservations/perform-maintenance new file mode 100644 index 000000000..f275999c8 --- /dev/null +++ b/gcloud/alpha/compute/reservations/perform-maintenance @@ -0,0 +1,69 @@ +NAME + gcloud alpha compute reservations perform-maintenance - perform maintenance + on a reservation + +SYNOPSIS + gcloud alpha compute reservations perform-maintenance RESERVATION + [--scope=SCOPE] [--zone=ZONE] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (ALPHA) Perform maintenance on a reservation. + +EXAMPLES + To perform maintenance on reservation exr1 in my-zone with scope all, run: + + $ gcloud alpha compute reservations perform-maintenance exr1 \ + --zone=my-zone --scope=all + +POSITIONAL ARGUMENTS + RESERVATION + Name of the reservation to perform-maintenance. + +FLAGS + --scope=SCOPE + The maintenance scope to set for the reservation. SCOPE must be one of: + + all + Maintenance should be performed on all hosts in the reservation. + running + Maintenance should be performed only on the hosts in the + reservation which have running VMs. + unused + Maintenance should be performed only on the hosts in the + reservation which have no running VMs. + + --zone=ZONE + Zone of the reservation to perform-maintenance. If not specified and + the compute/zone property isn't set, you might be prompted to select a + zone (interactive mode only). + + To avoid prompting when this flag is omitted, you can set the + compute/zone property: + + $ gcloud config set compute/zone ZONE + + A list of zones can be fetched by running: + + $ gcloud compute zones list + + To unset the property, run: + + $ gcloud config unset compute/zone + + Alternatively, the zone can be stored in the environment variable + CLOUDSDK_COMPUTE_ZONE. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in alpha and might change without notice. If this + command fails with API permission errors despite specifying the correct + project, you might be trying to access an API with an invitation-only early + access allowlist. + diff --git a/gcloud/alpha/config/get b/gcloud/alpha/config/get index 5b2521ff8..e54fa8cfe 100644 --- a/gcloud/alpha/config/get +++ b/gcloud/alpha/config/get @@ -346,6 +346,10 @@ AVAILABLE PROPERTIES Overrides API endpoint for gcloud deployment-manager command group. Defaults to https://deploymentmanager.googleapis.com/ + developerconnect + Overrides API endpoint for gcloud developer-connect command group. + Defaults to https://developerconnect.googleapis.com/ + dns Overrides API endpoint for gcloud dns command group. Defaults to https://dns.googleapis.com/dns/v1/ diff --git a/gcloud/alpha/config/help b/gcloud/alpha/config/help index 9fe61265c..4c71681cb 100644 --- a/gcloud/alpha/config/help +++ b/gcloud/alpha/config/help @@ -378,6 +378,10 @@ AVAILABLE PROPERTIES Overrides API endpoint for gcloud deployment-manager command group. Defaults to https://deploymentmanager.googleapis.com/ + developerconnect + Overrides API endpoint for gcloud developer-connect command group. + Defaults to https://developerconnect.googleapis.com/ + dns Overrides API endpoint for gcloud dns command group. Defaults to https://dns.googleapis.com/dns/v1/ diff --git a/gcloud/alpha/config/list b/gcloud/alpha/config/list index 71195a09a..4af461005 100644 --- a/gcloud/alpha/config/list +++ b/gcloud/alpha/config/list @@ -390,6 +390,10 @@ AVAILABLE PROPERTIES Overrides API endpoint for gcloud deployment-manager command group. Defaults to https://deploymentmanager.googleapis.com/ + developerconnect + Overrides API endpoint for gcloud developer-connect command group. + Defaults to https://developerconnect.googleapis.com/ + dns Overrides API endpoint for gcloud dns command group. Defaults to https://dns.googleapis.com/dns/v1/ diff --git a/gcloud/alpha/config/set b/gcloud/alpha/config/set index 933647ce1..5d72014b9 100644 --- a/gcloud/alpha/config/set +++ b/gcloud/alpha/config/set @@ -393,6 +393,10 @@ AVAILABLE PROPERTIES Overrides API endpoint for gcloud deployment-manager command group. Defaults to https://deploymentmanager.googleapis.com/ + developerconnect + Overrides API endpoint for gcloud developer-connect command group. + Defaults to https://developerconnect.googleapis.com/ + dns Overrides API endpoint for gcloud dns command group. Defaults to https://dns.googleapis.com/dns/v1/ diff --git a/gcloud/alpha/config/unset b/gcloud/alpha/config/unset index 0750bdf79..6ef8cedc3 100644 --- a/gcloud/alpha/config/unset +++ b/gcloud/alpha/config/unset @@ -354,6 +354,10 @@ AVAILABLE PROPERTIES Overrides API endpoint for gcloud deployment-manager command group. Defaults to https://deploymentmanager.googleapis.com/ + developerconnect + Overrides API endpoint for gcloud developer-connect command group. + Defaults to https://developerconnect.googleapis.com/ + dns Overrides API endpoint for gcloud dns command group. Defaults to https://dns.googleapis.com/dns/v1/ diff --git a/gcloud/alpha/container/clusters/create b/gcloud/alpha/container/clusters/create index 34fa6d535..f073318c9 100644 --- a/gcloud/alpha/container/clusters/create +++ b/gcloud/alpha/container/clusters/create @@ -84,6 +84,11 @@ SYNOPSIS [--workload-pool=WORKLOAD_POOL] [--workload-vulnerability-scanning=WORKLOAD_VULNERABILITY_SCANNING] [--additional-zones=ZONE,[ZONE,...] | --node-locations=ZONE,[ZONE,...]] + [--aggregation-ca=CA_POOL_PATH --cluster-ca=CA_POOL_PATH + --control-plane-disk-encryption-key=KEY --etcd-api-ca=CA_POOL_PATH + --etcd-peer-ca=CA_POOL_PATH --gkeops-etcd-backup-encryption-key=KEY + --service-account-signing-keys=KEY_VERSION,[KEY_VERSION,...] + --service-account-verification-keys=KEY_VERSION,[KEY_VERSION,...]] [--binauthz-policy-bindings=[name=BINAUTHZ_POLICY, enforcement-mode=ENFORCEMENT_MODE,...] --binauthz-evaluation-mode=BINAUTHZ_EVALUATION_MODE @@ -1504,6 +1509,40 @@ FLAGS --location us-central1-a \ --node-locations us-central1-a,us-central1-b + Control Plane Keys + + --aggregation-ca=CA_POOL_PATH + The Certificate Authority Service caPool that will back the + aggregation CA + + --cluster-ca=CA_POOL_PATH + The Certificate Authority Service caPool that will back the cluster + CA + + --control-plane-disk-encryption-key=KEY + The Cloud KMS symmetric encryption cryptoKey that will be used to + encrypt the control plane disks + + --etcd-api-ca=CA_POOL_PATH + The Certificate Authority Service caPool that will back the etcd API + CA + + --etcd-peer-ca=CA_POOL_PATH + The Certificate Authority Service caPool that will back the etcd peer + CA + + --gkeops-etcd-backup-encryption-key=KEY + The Cloud KMS symmetric encryption cryptoKey that will be used to + encrypt the disaster recovery etcd backups for the cluster + + --service-account-signing-keys=KEY_VERSION,[KEY_VERSION,...] + A Cloud KMS asymmetric signing cryptoKeyVersion that will be used to + sign service account tokens + + --service-account-verification-keys=KEY_VERSION,[KEY_VERSION,...] + A Cloud KMS asymmetric signing cryptoKeyVersion that will be used to + verify service account tokens. Maybe specified multiple times. + Flags for Binary Authorization: --binauthz-policy-bindings=[name=BINAUTHZ_POLICY,enforcement-mode=ENFORCEMENT_MODE,...] @@ -1563,8 +1602,6 @@ FLAGS vpc Configures the Cloud DNS zone to be private to the VPC Network. - ClusterDNS_AdditiveVPCScope_EnabledDisable - At most one of these can be specified: --additive-vpc-scope-dns-domain=ADDITIVE_VPC_SCOPE_DNS_DOMAIN diff --git a/gcloud/alpha/container/clusters/create-auto b/gcloud/alpha/container/clusters/create-auto index 5f317080d..05559668c 100644 --- a/gcloud/alpha/container/clusters/create-auto +++ b/gcloud/alpha/container/clusters/create-auto @@ -33,6 +33,11 @@ SYNOPSIS [--workload-vulnerability-scanning=WORKLOAD_VULNERABILITY_SCANNING] [--additive-vpc-scope-dns-domain=ADDITIVE_VPC_SCOPE_DNS_DOMAIN | --disable-additive-vpc-scope] + [--aggregation-ca=CA_POOL_PATH --cluster-ca=CA_POOL_PATH + --control-plane-disk-encryption-key=KEY --etcd-api-ca=CA_POOL_PATH + --etcd-peer-ca=CA_POOL_PATH --gkeops-etcd-backup-encryption-key=KEY + --service-account-signing-keys=KEY_VERSION,[KEY_VERSION,...] + --service-account-verification-keys=KEY_VERSION,[KEY_VERSION,...]] [--binauthz-evaluation-mode=BINAUTHZ_EVALUATION_MODE --binauthz-policy-bindings=[name=BINAUTHZ_POLICY, enforcement-mode=ENFORCEMENT_MODE,...]] @@ -488,8 +493,6 @@ FLAGS WORKLOAD_VULNERABILITY_SCANNING must be one of: disabled, standard, enterprise. - ClusterDNS_AdditiveVPCScope_EnabledDisable - At most one of these can be specified: --additive-vpc-scope-dns-domain=ADDITIVE_VPC_SCOPE_DNS_DOMAIN @@ -498,6 +501,40 @@ FLAGS --disable-additive-vpc-scope Disables Additive VPC Scope. + Control Plane Keys + + --aggregation-ca=CA_POOL_PATH + The Certificate Authority Service caPool that will back the + aggregation CA + + --cluster-ca=CA_POOL_PATH + The Certificate Authority Service caPool that will back the cluster + CA + + --control-plane-disk-encryption-key=KEY + The Cloud KMS symmetric encryption cryptoKey that will be used to + encrypt the control plane disks + + --etcd-api-ca=CA_POOL_PATH + The Certificate Authority Service caPool that will back the etcd API + CA + + --etcd-peer-ca=CA_POOL_PATH + The Certificate Authority Service caPool that will back the etcd peer + CA + + --gkeops-etcd-backup-encryption-key=KEY + The Cloud KMS symmetric encryption cryptoKey that will be used to + encrypt the disaster recovery etcd backups for the cluster + + --service-account-signing-keys=KEY_VERSION,[KEY_VERSION,...] + A Cloud KMS asymmetric signing cryptoKeyVersion that will be used to + sign service account tokens + + --service-account-verification-keys=KEY_VERSION,[KEY_VERSION,...] + A Cloud KMS asymmetric signing cryptoKeyVersion that will be used to + verify service account tokens. Maybe specified multiple times. + Flags for Binary Authorization: --binauthz-evaluation-mode=BINAUTHZ_EVALUATION_MODE diff --git a/gcloud/alpha/container/clusters/update b/gcloud/alpha/container/clusters/update index 7cedd95f1..00cea3100 100644 --- a/gcloud/alpha/container/clusters/update +++ b/gcloud/alpha/container/clusters/update @@ -1129,8 +1129,6 @@ REQUIRED FLAGS vpc Configures the Cloud DNS zone to be private to the VPC Network. - ClusterDNS_AdditiveVPCScope_EnabledDisable - At most one of these can be specified: --additive-vpc-scope-dns-domain=ADDITIVE_VPC_SCOPE_DNS_DOMAIN diff --git a/gcloud/alpha/container/fleet/packages/delete b/gcloud/alpha/container/fleet/packages/delete index c11d1f8c8..e53106322 100644 --- a/gcloud/alpha/container/fleet/packages/delete +++ b/gcloud/alpha/container/fleet/packages/delete @@ -49,8 +49,8 @@ POSITIONAL ARGUMENTS FLAGS --force - Force deletion of the Fleet Package and Releases of its Resource - Bundle. + If true, force deletion of any child resources. Otherwise, attempting + to delete a Fleet Package with children will fail. GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, diff --git a/gcloud/alpha/container/fleet/packages/resource-bundles/delete b/gcloud/alpha/container/fleet/packages/resource-bundles/delete index 8105f5ba1..b70cca8bb 100644 --- a/gcloud/alpha/container/fleet/packages/resource-bundles/delete +++ b/gcloud/alpha/container/fleet/packages/resource-bundles/delete @@ -21,9 +21,8 @@ POSITIONAL ARGUMENTS FLAGS --force - If set to true, any releases of this Resource Bundle will also be - deleted. (Otherwise, the request will only work if the Resource Bundle - has no releases.) + If true, force deletion of any child resources. Otherwise, attempting + to delete a Resource Bundle with children will fail. --location=LOCATION Google Cloud zone or region. diff --git a/gcloud/alpha/container/fleet/packages/resource-bundles/releases/delete b/gcloud/alpha/container/fleet/packages/resource-bundles/releases/delete index 7f614b6b4..fbcf6b7f2 100644 --- a/gcloud/alpha/container/fleet/packages/resource-bundles/releases/delete +++ b/gcloud/alpha/container/fleet/packages/resource-bundles/releases/delete @@ -4,8 +4,8 @@ NAME SYNOPSIS gcloud alpha container fleet packages resource-bundles releases delete - RELEASE --resource-bundle=RESOURCE_BUNDLE [--location=LOCATION] - [GCLOUD_WIDE_FLAG ...] + RELEASE --resource-bundle=RESOURCE_BUNDLE [--force] + [--location=LOCATION] [GCLOUD_WIDE_FLAG ...] DESCRIPTION (ALPHA) Delete Package Rollouts Release. @@ -26,6 +26,10 @@ REQUIRED FLAGS Resource Bundle name. OPTIONAL FLAGS + --force + If true, force deletion of any child resources. Otherwise, attempting + to delete a Release with children will fail. + --location=LOCATION Google Cloud zone or region. diff --git a/gcloud/alpha/container/hub/packages/delete b/gcloud/alpha/container/hub/packages/delete index 8b9a40480..bf1a9c9d3 100644 --- a/gcloud/alpha/container/hub/packages/delete +++ b/gcloud/alpha/container/hub/packages/delete @@ -49,8 +49,8 @@ POSITIONAL ARGUMENTS FLAGS --force - Force deletion of the Fleet Package and Releases of its Resource - Bundle. + If true, force deletion of any child resources. Otherwise, attempting + to delete a Fleet Package with children will fail. GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, diff --git a/gcloud/alpha/container/hub/packages/resource-bundles/delete b/gcloud/alpha/container/hub/packages/resource-bundles/delete index 57062681b..06b7d6416 100644 --- a/gcloud/alpha/container/hub/packages/resource-bundles/delete +++ b/gcloud/alpha/container/hub/packages/resource-bundles/delete @@ -21,9 +21,8 @@ POSITIONAL ARGUMENTS FLAGS --force - If set to true, any releases of this Resource Bundle will also be - deleted. (Otherwise, the request will only work if the Resource Bundle - has no releases.) + If true, force deletion of any child resources. Otherwise, attempting + to delete a Resource Bundle with children will fail. --location=LOCATION Google Cloud zone or region. diff --git a/gcloud/alpha/container/hub/packages/resource-bundles/releases/delete b/gcloud/alpha/container/hub/packages/resource-bundles/releases/delete index aab7c2022..b8be6869c 100644 --- a/gcloud/alpha/container/hub/packages/resource-bundles/releases/delete +++ b/gcloud/alpha/container/hub/packages/resource-bundles/releases/delete @@ -4,8 +4,8 @@ NAME SYNOPSIS gcloud alpha container hub packages resource-bundles releases delete - RELEASE --resource-bundle=RESOURCE_BUNDLE [--location=LOCATION] - [GCLOUD_WIDE_FLAG ...] + RELEASE --resource-bundle=RESOURCE_BUNDLE [--force] + [--location=LOCATION] [GCLOUD_WIDE_FLAG ...] DESCRIPTION (ALPHA) Delete Package Rollouts Release. @@ -26,6 +26,10 @@ REQUIRED FLAGS Resource Bundle name. OPTIONAL FLAGS + --force + If true, force deletion of any child resources. Otherwise, attempting + to delete a Release with children will fail. + --location=LOCATION Google Cloud zone or region. diff --git a/gcloud/alpha/container/vmware/admin-clusters/update b/gcloud/alpha/container/vmware/admin-clusters/update index 62c418030..11adb2849 100644 --- a/gcloud/alpha/container/vmware/admin-clusters/update +++ b/gcloud/alpha/container/vmware/admin-clusters/update @@ -56,13 +56,14 @@ FLAGS complete. --required-platform-version=REQUIRED_PLATFORM_VERSION - Platform version required for upgrading a user cluster. If the current - platform version is lower than the required version, the platform - version will be updated to the required version. If it is not installed - in the platform, download the required version bundle. + Platform version required for upgrading an admin cluster or a user + cluster. If the current platform version is lower than the required + version, the platform version will be updated to the required version. + If it is not installed in the platform, download the required version + bundle. --version=VERSION - Anthos Cluster on VMware version for the user cluster resource + Anthos Cluster on VMware version for the cluster resource GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, diff --git a/gcloud/alpha/container/vmware/clusters/create b/gcloud/alpha/container/vmware/clusters/create index c3edcb86a..30ef5b6c9 100644 --- a/gcloud/alpha/container/vmware/clusters/create +++ b/gcloud/alpha/container/vmware/clusters/create @@ -85,7 +85,7 @@ POSITIONAL ARGUMENTS REQUIRED FLAGS --version=VERSION - Anthos Cluster on VMware version for the user cluster resource + Anthos Cluster on VMware version for the cluster resource Admin cluster membership resource - membership of the admin cluster. Membership name is the same as the admin cluster name. diff --git a/gcloud/alpha/container/vmware/clusters/update b/gcloud/alpha/container/vmware/clusters/update index 2ad5ece1e..2dbbfe8aa 100644 --- a/gcloud/alpha/container/vmware/clusters/update +++ b/gcloud/alpha/container/vmware/clusters/update @@ -174,7 +174,7 @@ FLAGS operation. --version=VERSION - Anthos Cluster on VMware version for the user cluster resource + Anthos Cluster on VMware version for the cluster resource At most one of these can be specified: diff --git a/gcloud/alpha/container/vmware/clusters/upgrade b/gcloud/alpha/container/vmware/clusters/upgrade index 3017b897d..bd1fb6146 100644 --- a/gcloud/alpha/container/vmware/clusters/upgrade +++ b/gcloud/alpha/container/vmware/clusters/upgrade @@ -50,7 +50,7 @@ POSITIONAL ARGUMENTS REQUIRED FLAGS --version=VERSION - Anthos Cluster on VMware version for the user cluster resource + Anthos Cluster on VMware version for the cluster resource GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, diff --git a/gcloud/alpha/developer-connect/connections/create b/gcloud/alpha/developer-connect/connections/create index f66dc6148..94a11b20c 100644 --- a/gcloud/alpha/developer-connect/connections/create +++ b/gcloud/alpha/developer-connect/connections/create @@ -5,13 +5,11 @@ NAME SYNOPSIS gcloud alpha developer-connect connections create CONNECTION [--annotations=[ANNOTATIONS,...]] [--async] [--disabled] [--etag=ETAG] - [--labels=[LABELS,...]] [--location=LOCATION] [--request-id=REQUEST_ID] - [--secret=SECRET] [--validate-only] + [--labels=[LABELS,...]] [--location=LOCATION] [--namespace=NAMESPACE] + [--request-id=REQUEST_ID] [--secret=SECRET] [--validate-only] + [--bitbucket-cloud-config-authorizer-credential-user-token-secret-version=BITBUCKET_CLOUD_CONFIG_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION --bitbucket-cloud-config-read-authorizer-credential-user-token-secret-version=BITBUCKET_CLOUD_CONFIG_READ_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION --bitbucket-cloud-config-webhook-secret-version=BITBUCKET_CLOUD_CONFIG_WEBHOOK_SECRET_VERSION --bitbucket-cloud-config-workspace=BITBUCKET_CLOUD_CONFIG_WORKSPACE | [--bitbucket-data-center-config-authorizer-credential-user-token-secret-version=BITBUCKET_DATA_CENTER_CONFIG_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION --bitbucket-data-center-config-host-uri=BITBUCKET_DATA_CENTER_CONFIG_HOST_URI --bitbucket-data-center-config-read-authorizer-credential-user-token-secret-version=BITBUCKET_DATA_CENTER_CONFIG_READ_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION --bitbucket-data-center-config-webhook-secret-version=BITBUCKET_DATA_CENTER_CONFIG_WEBHOOK_SECRET_VERSION : --bitbucket-data-center-config-service-directory=BITBUCKET_DATA_CENTER_CONFIG_SERVICE_DIRECTORY --bitbucket-data-center-config-ssl-ca-certificate=BITBUCKET_DATA_CENTER_CONFIG_SSL_CA_CERTIFICATE] | [--github-config-app=GITHUB_CONFIG_APP : --github-config-app-installation-id=GITHUB_CONFIG_APP_INSTALLATION_ID --github-config-authorizer-credential-oauth-token-secret-version=GITHUB_CONFIG_AUTHORIZER_CREDENTIAL_OAUTH_TOKEN_SECRET_VERSION] | [--github-enterprise-config-host-uri=GITHUB_ENTERPRISE_CONFIG_HOST_URI : --github-enterprise-config-app-id=GITHUB_ENTERPRISE_CONFIG_APP_ID --github-enterprise-config-app-installation-id=GITHUB_ENTERPRISE_CONFIG_APP_INSTALLATION_ID --github-enterprise-config-private-key-secret-version=GITHUB_ENTERPRISE_CONFIG_PRIVATE_KEY_SECRET_VERSION --github-enterprise-config-service-directory=GITHUB_ENTERPRISE_CONFIG_SERVICE_DIRECTORY --github-enterprise-config-ssl-ca-certificate=GITHUB_ENTERPRISE_CONFIG_SSL_CA_CERTIFICATE --github-enterprise-config-webhook-secret-version=GITHUB_ENTERPRISE_CONFIG_WEBHOOK_SECRET_VERSION] | --gitlab-config-authorizer-credential-user-token-secret-version=GITLAB_CONFIG_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION --gitlab-config-read-authorizer-credential-user-token-secret-version=GITLAB_CONFIG_READ_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION --gitlab-config-webhook-secret-version=GITLAB_CONFIG_WEBHOOK_SECRET_VERSION | [--gitlab-enterprise-config-authorizer-credential-user-token-secret-version=GITLAB_ENTERPRISE_CONFIG_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION --gitlab-enterprise-config-host-uri=GITLAB_ENTERPRISE_CONFIG_HOST_URI --gitlab-enterprise-config-read-authorizer-credential-user-token-secret-version=GITLAB_ENTERPRISE_CONFIG_READ_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION --gitlab-enterprise-config-webhook-secret-version=GITLAB_ENTERPRISE_CONFIG_WEBHOOK_SECRET_VERSION : --gitlab-enterprise-config-service-directory=GITLAB_ENTERPRISE_CONFIG_SERVICE_DIRECTORY --gitlab-enterprise-config-ssl-ca-certificate=GITLAB_ENTERPRISE_CONFIG_SSL_CA_CERTIFICATE]] [(--crypto-key-config-reference=CRYPTO_KEY_CONFIG_REFERENCE - : --key-ring=KEY_RING)] - [[--github-config-app=GITHUB_CONFIG_APP - : --github-config-app-installation-id=GITHUB_CONFIG_APP_INSTALLATION_ID --github-config-authorizer-credential-oauth-token-secret-version=GITHUB_CONFIG_AUTHORIZER_CREDENTIAL_OAUTH_TOKEN_SECRET_VERSION] | [--github-enterprise-config-host-uri=GITHUB_ENTERPRISE_CONFIG_HOST_URI : --github-enterprise-config-app-id=GITHUB_ENTERPRISE_CONFIG_APP_ID --github-enterprise-config-app-installation-id=GITHUB_ENTERPRISE_CONFIG_APP_INSTALLATION_ID --github-enterprise-config-private-key-secret-version=GITHUB_ENTERPRISE_CONFIG_PRIVATE_KEY_SECRET_VERSION --github-enterprise-config-service-directory=GITHUB_ENTERPRISE_CONFIG_SERVICE_DIRECTORY --github-enterprise-config-ssl-ca-certificate=GITHUB_ENTERPRISE_CONFIG_SSL_CA_CERTIFICATE --github-enterprise-config-webhook-secret-version=GITHUB_ENTERPRISE_CONFIG_WEBHOOK_SECRET_VERSION] | --gitlab-config-authorizer-credential-user-token-secret-version=GITLAB_CONFIG_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION --gitlab-config-read-authorizer-credential-user-token-secret-version=GITLAB_CONFIG_READ_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION --gitlab-config-webhook-secret-version=GITLAB_CONFIG_WEBHOOK_SECRET_VERSION | [--gitlab-enterprise-config-authorizer-credential-user-token-secret-version=GITLAB_ENTERPRISE_CONFIG_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION --gitlab-enterprise-config-host-uri=GITLAB_ENTERPRISE_CONFIG_HOST_URI --gitlab-enterprise-config-read-authorizer-credential-user-token-secret-version=GITLAB_ENTERPRISE_CONFIG_READ_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION --gitlab-enterprise-config-webhook-secret-version=GITLAB_ENTERPRISE_CONFIG_WEBHOOK_SECRET_VERSION : --gitlab-enterprise-config-service-directory=GITLAB_ENTERPRISE_CONFIG_SERVICE_DIRECTORY --gitlab-enterprise-config-ssl-ca-certificate=GITLAB_ENTERPRISE_CONFIG_SSL_CA_CERTIFICATE]] - [GCLOUD_WIDE_FLAG ...] + : --key-ring=KEY_RING)] [GCLOUD_WIDE_FLAG ...] DESCRIPTION (ALPHA) Create a connection resource. @@ -112,9 +110,14 @@ FLAGS --labels=path_to_file.(yaml|json) --location=LOCATION - For resources [connection, cryptoKey], provides fallback value for - resource location attribute. When the resource's full URI path is not - provided, location will fallback to this flag value. + For resources [connection, cryptoKey, service], provides fallback value + for resource location attribute. When the resource's full URI path is + not provided, location will fallback to this flag value. + + --namespace=NAMESPACE + For resources [service], provides fallback value for resource namespace + attribute. When the resource's full URI path is not provided, namespace + will fallback to this flag value. --request-id=REQUEST_ID An optional request ID to identify requests. Specify a unique request @@ -139,52 +142,263 @@ FLAGS --validate-only If set, validate the request, but do not actually post it. - The crypto key configuration. This field is used by the Customer-managed - encryption keys (CMEK) feature. - - CryptoKey resource - The name of the key which is used to - encrypt/decrypt customer data. For key in Cloud KMS, the key should be - in the format of projects/*/locations/*/keyRings/*/cryptoKeys/*. The - arguments in this group can be used to specify the attributes of this - resource. (NOTE) Some attributes are not given arguments in this group - but can be set in other ways. - - To set the project attribute: - ▸ provide the argument --crypto-key-config-reference on the command - line with a fully specified name; - ▸ provide the argument --project on the command line; - ▸ set the property core/project. - - To set the location attribute: - ▸ provide the argument --crypto-key-config-reference on the command - line with a fully specified name; - ▸ provide the argument --location on the command line. - - This must be specified. - - --crypto-key-config-reference=CRYPTO_KEY_CONFIG_REFERENCE - ID of the cryptoKey or fully qualified identifier for the - cryptoKey. - - To set the crypto-key attribute: - ▫ provide the argument --crypto-key-config-reference on the - command line. - - This flag argument must be specified if any of the other arguments - in this group are specified. - - --key-ring=KEY_RING - The keyRing id of the cryptoKey resource. - - To set the key-ring attribute: - ▫ provide the argument --crypto-key-config-reference on the - command line with a fully specified name; - ▫ provide the argument --key-ring on the command line. - Arguments for the connection config. At most one of these can be specified: + Configuration for connections to an instance of Bitbucket Cloud. + + Represents a personal access token that authorized the Connection, and + associated metadata. + + This must be specified. + + SecretVersion resource - A SecretManager resource containing the + user token that authorizes the Developer Connect connection. Format: + projects/*/secrets/*/versions/*. This represents a Cloud resource. + (NOTE) Some attributes are not given arguments in this group but can + be set in other ways. + + To set the project attribute: + ◇ provide the argument + --bitbucket-cloud-config-authorizer-credential-user-token-secret-version + on the command line with a fully specified name; + ◇ provide the argument --project on the command line; + ◇ set the property core/project. + + To set the secret attribute: + ◇ provide the argument + --bitbucket-cloud-config-authorizer-credential-user-token-secret-version + on the command line with a fully specified name; + ◇ provide the argument --secret on the command line. + + This must be specified. + + --bitbucket-cloud-config-authorizer-credential-user-token-secret-version=BITBUCKET_CLOUD_CONFIG_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION + ID of the secretVersion or fully qualified identifier for the + secretVersion. + + To set the secret-version attribute: + ▹ provide the argument + --bitbucket-cloud-config-authorizer-credential-user-token-secret-version + on the command line. + + Represents a personal access token that authorized the Connection, and + associated metadata. + + This must be specified. + + SecretVersion resource - A SecretManager resource containing the + user token that authorizes the Developer Connect connection. Format: + projects/*/secrets/*/versions/*. This represents a Cloud resource. + (NOTE) Some attributes are not given arguments in this group but can + be set in other ways. + + To set the project attribute: + ◇ provide the argument + --bitbucket-cloud-config-read-authorizer-credential-user-token-secret-version + on the command line with a fully specified name; + ◇ provide the argument --project on the command line; + ◇ set the property core/project. + + To set the secret attribute: + ◇ provide the argument + --bitbucket-cloud-config-read-authorizer-credential-user-token-secret-version + on the command line with a fully specified name; + ◇ provide the argument --secret on the command line. + + This must be specified. + + --bitbucket-cloud-config-read-authorizer-credential-user-token-secret-version=BITBUCKET_CLOUD_CONFIG_READ_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION + ID of the secretVersion or fully qualified identifier for the + secretVersion. + + To set the secret-version attribute: + ▹ provide the argument + --bitbucket-cloud-config-read-authorizer-credential-user-token-secret-version + on the command line. + + SecretVersion resource - SecretManager resource containing the webhook + secret used to verify webhook events, formatted as + projects/*/secrets/*/versions/*. This is used to validate and create + webhooks. This represents a Cloud resource. (NOTE) Some attributes are + not given arguments in this group but can be set in other ways. + + To set the project attribute: + ▫ provide the argument + --bitbucket-cloud-config-webhook-secret-version on the command line + with a fully specified name; + ▫ provide the argument --project on the command line; + ▫ set the property core/project. + + To set the secret attribute: + ▫ provide the argument + --bitbucket-cloud-config-webhook-secret-version on the command line + with a fully specified name; + ▫ provide the argument --secret on the command line. + + This must be specified. + + --bitbucket-cloud-config-webhook-secret-version=BITBUCKET_CLOUD_CONFIG_WEBHOOK_SECRET_VERSION + ID of the secretVersion or fully qualified identifier for the + secretVersion. + + To set the secret-version attribute: + ◇ provide the argument + --bitbucket-cloud-config-webhook-secret-version on the command + line. + + --bitbucket-cloud-config-workspace=BITBUCKET_CLOUD_CONFIG_WORKSPACE + The Bitbucket Cloud Workspace ID to be connected to Google Cloud + Platform. + + Configuration for connections to an instance of Bitbucket Data Center. + + Represents a personal access token that authorized the Connection, and + associated metadata. + + This must be specified. + + SecretVersion resource - A SecretManager resource containing the + user token that authorizes the Developer Connect connection. Format: + projects/*/secrets/*/versions/*. This represents a Cloud resource. + (NOTE) Some attributes are not given arguments in this group but can + be set in other ways. + + To set the project attribute: + ◇ provide the argument + --bitbucket-data-center-config-authorizer-credential-user-token-secret-version + on the command line with a fully specified name; + ◇ provide the argument --project on the command line; + ◇ set the property core/project. + + To set the secret attribute: + ◇ provide the argument + --bitbucket-data-center-config-authorizer-credential-user-token-secret-version + on the command line with a fully specified name; + ◇ provide the argument --secret on the command line. + + This must be specified. + + --bitbucket-data-center-config-authorizer-credential-user-token-secret-version=BITBUCKET_DATA_CENTER_CONFIG_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION + ID of the secretVersion or fully qualified identifier for the + secretVersion. + + To set the secret-version attribute: + ▹ provide the argument + --bitbucket-data-center-config-authorizer-credential-user-token-secret-version + on the command line. + + --bitbucket-data-center-config-host-uri=BITBUCKET_DATA_CENTER_CONFIG_HOST_URI + The URI of the Bitbucket Data Center host this connection is for. + + Represents a personal access token that authorized the Connection, and + associated metadata. + + This must be specified. + + SecretVersion resource - A SecretManager resource containing the + user token that authorizes the Developer Connect connection. Format: + projects/*/secrets/*/versions/*. This represents a Cloud resource. + (NOTE) Some attributes are not given arguments in this group but can + be set in other ways. + + To set the project attribute: + ◇ provide the argument + --bitbucket-data-center-config-read-authorizer-credential-user-token-secret-version + on the command line with a fully specified name; + ◇ provide the argument --project on the command line; + ◇ set the property core/project. + + To set the secret attribute: + ◇ provide the argument + --bitbucket-data-center-config-read-authorizer-credential-user-token-secret-version + on the command line with a fully specified name; + ◇ provide the argument --secret on the command line. + + This must be specified. + + --bitbucket-data-center-config-read-authorizer-credential-user-token-secret-version=BITBUCKET_DATA_CENTER_CONFIG_READ_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION + ID of the secretVersion or fully qualified identifier for the + secretVersion. + + To set the secret-version attribute: + ▹ provide the argument + --bitbucket-data-center-config-read-authorizer-credential-user-token-secret-version + on the command line. + + SecretVersion resource - SecretManager resource containing the webhook + secret used to verify webhook events, formatted as + projects/*/secrets/*/versions/*. This is used to validate webhooks. + This represents a Cloud resource. (NOTE) Some attributes are not given + arguments in this group but can be set in other ways. + + To set the project attribute: + ▫ provide the argument + --bitbucket-data-center-config-webhook-secret-version on the + command line with a fully specified name; + ▫ provide the argument --project on the command line; + ▫ set the property core/project. + + To set the secret attribute: + ▫ provide the argument + --bitbucket-data-center-config-webhook-secret-version on the + command line with a fully specified name; + ▫ provide the argument --secret on the command line. + + This must be specified. + + --bitbucket-data-center-config-webhook-secret-version=BITBUCKET_DATA_CENTER_CONFIG_WEBHOOK_SECRET_VERSION + ID of the secretVersion or fully qualified identifier for the + secretVersion. + + To set the secret-version attribute: + ◇ provide the argument + --bitbucket-data-center-config-webhook-secret-version on the + command line. + + ServiceDirectoryConfig represents Service Directory configuration for + a connection. + + Service resource - The Service Directory service name. Format: + projects/{project}/locations/{location}/namespaces/{namespace}/services/{service}. + This represents a Cloud resource. (NOTE) Some attributes are not + given arguments in this group but can be set in other ways. + + To set the project attribute: + ◇ provide the argument + --bitbucket-data-center-config-service-directory on the command + line with a fully specified name; + ◇ provide the argument --project on the command line; + ◇ set the property core/project. + + To set the location attribute: + ◇ provide the argument + --bitbucket-data-center-config-service-directory on the command + line with a fully specified name; + ◇ provide the argument --location on the command line. + + To set the namespace attribute: + ◇ provide the argument + --bitbucket-data-center-config-service-directory on the command + line with a fully specified name; + ◇ provide the argument --namespace on the command line. + + This must be specified. + + --bitbucket-data-center-config-service-directory=BITBUCKET_DATA_CENTER_CONFIG_SERVICE_DIRECTORY + ID of the service or fully qualified identifier for the + service. + + To set the service attribute: + ▹ provide the argument + --bitbucket-data-center-config-service-directory on the + command line. + + --bitbucket-data-center-config-ssl-ca-certificate=BITBUCKET_DATA_CENTER_CONFIG_SSL_CA_CERTIFICATE + SSL certificate authority to trust when making requests to + Bitbucket Data Center. + Configuration for connections to github.com. --github-config-app=GITHUB_CONFIG_APP @@ -279,9 +493,40 @@ FLAGS ServiceDirectoryConfig represents Service Directory configuration for a connection. - --github-enterprise-config-service-directory=GITHUB_ENTERPRISE_CONFIG_SERVICE_DIRECTORY - The Service Directory service name. Format: - projects/{project}/locations/{location}/namespaces/{namespace}/services/{service}. + Service resource - The Service Directory service name. Format: + projects/{project}/locations/{location}/namespaces/{namespace}/services/{service}. + This represents a Cloud resource. (NOTE) Some attributes are not + given arguments in this group but can be set in other ways. + + To set the project attribute: + ◇ provide the argument + --github-enterprise-config-service-directory on the command line + with a fully specified name; + ◇ provide the argument --project on the command line; + ◇ set the property core/project. + + To set the location attribute: + ◇ provide the argument + --github-enterprise-config-service-directory on the command line + with a fully specified name; + ◇ provide the argument --location on the command line. + + To set the namespace attribute: + ◇ provide the argument + --github-enterprise-config-service-directory on the command line + with a fully specified name; + ◇ provide the argument --namespace on the command line. + + This must be specified. + + --github-enterprise-config-service-directory=GITHUB_ENTERPRISE_CONFIG_SERVICE_DIRECTORY + ID of the service or fully qualified identifier for the + service. + + To set the service attribute: + ▹ provide the argument + --github-enterprise-config-service-directory on the command + line. --github-enterprise-config-ssl-ca-certificate=GITHUB_ENTERPRISE_CONFIG_SSL_CA_CERTIFICATE SSL certificate to use for requests to GitHub Enterprise. @@ -521,14 +766,87 @@ FLAGS ServiceDirectoryConfig represents Service Directory configuration for a connection. - --gitlab-enterprise-config-service-directory=GITLAB_ENTERPRISE_CONFIG_SERVICE_DIRECTORY - The Service Directory service name. Format: - projects/{project}/locations/{location}/namespaces/{namespace}/services/{service}. + Service resource - The Service Directory service name. Format: + projects/{project}/locations/{location}/namespaces/{namespace}/services/{service}. + This represents a Cloud resource. (NOTE) Some attributes are not + given arguments in this group but can be set in other ways. + + To set the project attribute: + ◇ provide the argument + --gitlab-enterprise-config-service-directory on the command line + with a fully specified name; + ◇ provide the argument --project on the command line; + ◇ set the property core/project. + + To set the location attribute: + ◇ provide the argument + --gitlab-enterprise-config-service-directory on the command line + with a fully specified name; + ◇ provide the argument --location on the command line. + + To set the namespace attribute: + ◇ provide the argument + --gitlab-enterprise-config-service-directory on the command line + with a fully specified name; + ◇ provide the argument --namespace on the command line. + + This must be specified. + + --gitlab-enterprise-config-service-directory=GITLAB_ENTERPRISE_CONFIG_SERVICE_DIRECTORY + ID of the service or fully qualified identifier for the + service. + + To set the service attribute: + ▹ provide the argument + --gitlab-enterprise-config-service-directory on the command + line. --gitlab-enterprise-config-ssl-ca-certificate=GITLAB_ENTERPRISE_CONFIG_SSL_CA_CERTIFICATE SSL Certificate Authority certificate to use for requests to GitLab Enterprise instance. + The crypto key configuration. This field is used by the Customer-managed + encryption keys (CMEK) feature. + + CryptoKey resource - The name of the key which is used to + encrypt/decrypt customer data. For key in Cloud KMS, the key should be + in the format of projects/*/locations/*/keyRings/*/cryptoKeys/*. The + arguments in this group can be used to specify the attributes of this + resource. (NOTE) Some attributes are not given arguments in this group + but can be set in other ways. + + To set the project attribute: + ▸ provide the argument --crypto-key-config-reference on the command + line with a fully specified name; + ▸ provide the argument --project on the command line; + ▸ set the property core/project. + + To set the location attribute: + ▸ provide the argument --crypto-key-config-reference on the command + line with a fully specified name; + ▸ provide the argument --location on the command line. + + This must be specified. + + --crypto-key-config-reference=CRYPTO_KEY_CONFIG_REFERENCE + ID of the cryptoKey or fully qualified identifier for the + cryptoKey. + + To set the crypto-key attribute: + ▫ provide the argument --crypto-key-config-reference on the + command line. + + This flag argument must be specified if any of the other arguments + in this group are specified. + + --key-ring=KEY_RING + The keyRing id of the cryptoKey resource. + + To set the key-ring attribute: + ▫ provide the argument --crypto-key-config-reference on the + command line with a fully specified name; + ▫ provide the argument --key-ring on the command line. + GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, @@ -546,7 +864,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud developer-connect connections create $ gcloud beta developer-connect connections create diff --git a/gcloud/alpha/developer-connect/connections/delete b/gcloud/alpha/developer-connect/connections/delete index 6c1698a3b..713a0bc29 100644 --- a/gcloud/alpha/developer-connect/connections/delete +++ b/gcloud/alpha/developer-connect/connections/delete @@ -92,7 +92,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud developer-connect connections delete $ gcloud beta developer-connect connections delete diff --git a/gcloud/alpha/developer-connect/connections/describe b/gcloud/alpha/developer-connect/connections/describe index 6d1159235..ecf114c73 100644 --- a/gcloud/alpha/developer-connect/connections/describe +++ b/gcloud/alpha/developer-connect/connections/describe @@ -64,7 +64,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud developer-connect connections describe $ gcloud beta developer-connect connections describe diff --git a/gcloud/alpha/developer-connect/connections/git-repository-links/create b/gcloud/alpha/developer-connect/connections/git-repository-links/create index ed1a550df..c06798ce7 100644 --- a/gcloud/alpha/developer-connect/connections/git-repository-links/create +++ b/gcloud/alpha/developer-connect/connections/git-repository-links/create @@ -162,7 +162,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud developer-connect connections git-repository-links create $ gcloud beta developer-connect connections git-repository-links \ create diff --git a/gcloud/alpha/developer-connect/connections/git-repository-links/delete b/gcloud/alpha/developer-connect/connections/git-repository-links/delete index 5e9c35b0e..1d2439818 100644 --- a/gcloud/alpha/developer-connect/connections/git-repository-links/delete +++ b/gcloud/alpha/developer-connect/connections/git-repository-links/delete @@ -103,7 +103,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud developer-connect connections git-repository-links delete $ gcloud beta developer-connect connections git-repository-links \ delete diff --git a/gcloud/alpha/developer-connect/connections/git-repository-links/describe b/gcloud/alpha/developer-connect/connections/git-repository-links/describe index d07660197..f7156c810 100644 --- a/gcloud/alpha/developer-connect/connections/git-repository-links/describe +++ b/gcloud/alpha/developer-connect/connections/git-repository-links/describe @@ -74,7 +74,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud developer-connect connections git-repository-links describe $ gcloud beta developer-connect connections git-repository-links \ describe diff --git a/gcloud/alpha/developer-connect/connections/git-repository-links/fetch-read-token b/gcloud/alpha/developer-connect/connections/git-repository-links/fetch-read-token index e1ff90334..39e1ad7c9 100644 --- a/gcloud/alpha/developer-connect/connections/git-repository-links/fetch-read-token +++ b/gcloud/alpha/developer-connect/connections/git-repository-links/fetch-read-token @@ -77,7 +77,10 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud developer-connect connections git-repository-links \ + fetch-read-token $ gcloud beta developer-connect connections git-repository-links \ fetch-read-token diff --git a/gcloud/alpha/developer-connect/connections/git-repository-links/fetch-read-write-token b/gcloud/alpha/developer-connect/connections/git-repository-links/fetch-read-write-token index eb65894f3..75299cff4 100644 --- a/gcloud/alpha/developer-connect/connections/git-repository-links/fetch-read-write-token +++ b/gcloud/alpha/developer-connect/connections/git-repository-links/fetch-read-write-token @@ -78,7 +78,10 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud developer-connect connections git-repository-links \ + fetch-read-write-token $ gcloud beta developer-connect connections git-repository-links \ fetch-read-write-token diff --git a/gcloud/alpha/developer-connect/connections/git-repository-links/help b/gcloud/alpha/developer-connect/connections/git-repository-links/help index 645d2c682..efdae8f80 100644 --- a/gcloud/alpha/developer-connect/connections/git-repository-links/help +++ b/gcloud/alpha/developer-connect/connections/git-repository-links/help @@ -39,7 +39,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud developer-connect connections git-repository-links $ gcloud beta developer-connect connections git-repository-links diff --git a/gcloud/alpha/developer-connect/connections/git-repository-links/list b/gcloud/alpha/developer-connect/connections/git-repository-links/list index 0adf09c0c..ef33d8580 100644 --- a/gcloud/alpha/developer-connect/connections/git-repository-links/list +++ b/gcloud/alpha/developer-connect/connections/git-repository-links/list @@ -98,7 +98,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud developer-connect connections git-repository-links list $ gcloud beta developer-connect connections git-repository-links list diff --git a/gcloud/alpha/developer-connect/connections/help b/gcloud/alpha/developer-connect/connections/help index fab899bbe..931f3ce83 100644 --- a/gcloud/alpha/developer-connect/connections/help +++ b/gcloud/alpha/developer-connect/connections/help @@ -41,7 +41,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud developer-connect connections $ gcloud beta developer-connect connections diff --git a/gcloud/alpha/developer-connect/connections/list b/gcloud/alpha/developer-connect/connections/list index 4fbd40b40..6f9fbf575 100644 --- a/gcloud/alpha/developer-connect/connections/list +++ b/gcloud/alpha/developer-connect/connections/list @@ -83,7 +83,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud developer-connect connections list $ gcloud beta developer-connect connections list diff --git a/gcloud/alpha/developer-connect/connections/update b/gcloud/alpha/developer-connect/connections/update index 6422b0369..4bdd9da77 100644 --- a/gcloud/alpha/developer-connect/connections/update +++ b/gcloud/alpha/developer-connect/connections/update @@ -5,15 +5,14 @@ NAME SYNOPSIS gcloud alpha developer-connect connections update CONNECTION [--[no-]allow-missing] [--async] [--[no-]disabled] [--etag=ETAG] - [--location=LOCATION] [--request-id=REQUEST_ID] [--secret=SECRET] - [--[no-]validate-only] + [--location=LOCATION] [--namespace=NAMESPACE] [--request-id=REQUEST_ID] + [--secret=SECRET] [--[no-]validate-only] [--annotations=[ANNOTATIONS,...] | --update-annotations=[UPDATE_ANNOTATIONS,...] --clear-annotations | --remove-annotations=[__REMOVE_ANNOTATIONS,...]] + [--bitbucket-cloud-config-authorizer-credential-user-token-secret-version=BITBUCKET_CLOUD_CONFIG_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION --bitbucket-cloud-config-read-authorizer-credential-user-token-secret-version=BITBUCKET_CLOUD_CONFIG_READ_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION --bitbucket-cloud-config-workspace=BITBUCKET_CLOUD_CONFIG_WORKSPACE | --bitbucket-data-center-config-authorizer-credential-user-token-secret-version=BITBUCKET_DATA_CENTER_CONFIG_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION --bitbucket-data-center-config-host-uri=BITBUCKET_DATA_CENTER_CONFIG_HOST_URI --bitbucket-data-center-config-read-authorizer-credential-user-token-secret-version=BITBUCKET_DATA_CENTER_CONFIG_READ_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION --bitbucket-data-center-config-service-directory=BITBUCKET_DATA_CENTER_CONFIG_SERVICE_DIRECTORY --bitbucket-data-center-config-ssl-ca-certificate=BITBUCKET_DATA_CENTER_CONFIG_SSL_CA_CERTIFICATE | --github-config-app-installation-id=GITHUB_CONFIG_APP_INSTALLATION_ID --github-config-authorizer-credential-oauth-token-secret-version=GITHUB_CONFIG_AUTHORIZER_CREDENTIAL_OAUTH_TOKEN_SECRET_VERSION | --github-enterprise-config-app-id=GITHUB_ENTERPRISE_CONFIG_APP_ID --github-enterprise-config-app-installation-id=GITHUB_ENTERPRISE_CONFIG_APP_INSTALLATION_ID --github-enterprise-config-host-uri=GITHUB_ENTERPRISE_CONFIG_HOST_URI --github-enterprise-config-service-directory=GITHUB_ENTERPRISE_CONFIG_SERVICE_DIRECTORY --github-enterprise-config-ssl-ca-certificate=GITHUB_ENTERPRISE_CONFIG_SSL_CA_CERTIFICATE --clear-github-enterprise-config-private-key-secret-version | --github-enterprise-config-private-key-secret-version=GITHUB_ENTERPRISE_CONFIG_PRIVATE_KEY_SECRET_VERSION --clear-github-enterprise-config-webhook-secret-version | --github-enterprise-config-webhook-secret-version=GITHUB_ENTERPRISE_CONFIG_WEBHOOK_SECRET_VERSION | --gitlab-config-authorizer-credential-user-token-secret-version=GITLAB_CONFIG_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION --gitlab-config-read-authorizer-credential-user-token-secret-version=GITLAB_CONFIG_READ_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION | --gitlab-enterprise-config-authorizer-credential-user-token-secret-version=GITLAB_ENTERPRISE_CONFIG_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION --gitlab-enterprise-config-host-uri=GITLAB_ENTERPRISE_CONFIG_HOST_URI --gitlab-enterprise-config-read-authorizer-credential-user-token-secret-version=GITLAB_ENTERPRISE_CONFIG_READ_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION --gitlab-enterprise-config-service-directory=GITLAB_ENTERPRISE_CONFIG_SERVICE_DIRECTORY --gitlab-enterprise-config-ssl-ca-certificate=GITLAB_ENTERPRISE_CONFIG_SSL_CA_CERTIFICATE] [--crypto-key-config-reference=CRYPTO_KEY_CONFIG_REFERENCE : --key-ring=KEY_RING] - [--github-config-app-installation-id=GITHUB_CONFIG_APP_INSTALLATION_ID - --github-config-authorizer-credential-oauth-token-secret-version=GITHUB_CONFIG_AUTHORIZER_CREDENTIAL_OAUTH_TOKEN_SECRET_VERSION | --github-enterprise-config-app-id=GITHUB_ENTERPRISE_CONFIG_APP_ID --github-enterprise-config-app-installation-id=GITHUB_ENTERPRISE_CONFIG_APP_INSTALLATION_ID --github-enterprise-config-host-uri=GITHUB_ENTERPRISE_CONFIG_HOST_URI --github-enterprise-config-service-directory=GITHUB_ENTERPRISE_CONFIG_SERVICE_DIRECTORY --github-enterprise-config-ssl-ca-certificate=GITHUB_ENTERPRISE_CONFIG_SSL_CA_CERTIFICATE --clear-github-enterprise-config-private-key-secret-version | --github-enterprise-config-private-key-secret-version=GITHUB_ENTERPRISE_CONFIG_PRIVATE_KEY_SECRET_VERSION --clear-github-enterprise-config-webhook-secret-version | --github-enterprise-config-webhook-secret-version=GITHUB_ENTERPRISE_CONFIG_WEBHOOK_SECRET_VERSION | --gitlab-config-authorizer-credential-user-token-secret-version=GITLAB_CONFIG_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION --gitlab-config-read-authorizer-credential-user-token-secret-version=GITLAB_CONFIG_READ_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION | --gitlab-enterprise-config-authorizer-credential-user-token-secret-version=GITLAB_ENTERPRISE_CONFIG_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION --gitlab-enterprise-config-host-uri=GITLAB_ENTERPRISE_CONFIG_HOST_URI --gitlab-enterprise-config-read-authorizer-credential-user-token-secret-version=GITLAB_ENTERPRISE_CONFIG_READ_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION --gitlab-enterprise-config-service-directory=GITLAB_ENTERPRISE_CONFIG_SERVICE_DIRECTORY --gitlab-enterprise-config-ssl-ca-certificate=GITLAB_ENTERPRISE_CONFIG_SSL_CA_CERTIFICATE] [--labels=[LABELS,...] | --update-labels=[UPDATE_LABELS,...] --clear-labels | --remove-labels=[__REMOVE_LABELS,...]] [GCLOUD_WIDE_FLAG ...] @@ -80,9 +79,14 @@ FLAGS client has an up-to-date value before proceeding. --location=LOCATION - For resources [connection, cryptoKey], provides fallback value for - resource location attribute. When the resource's full URI path is not - provided, location will fallback to this flag value. + For resources [connection, cryptoKey, service], provides fallback value + for resource location attribute. When the resource's full URI path is + not provided, location will fallback to this flag value. + + --namespace=NAMESPACE + For resources [service], provides fallback value for resource namespace + attribute. When the resource's full URI path is not provided, namespace + will fallback to this flag value. --request-id=REQUEST_ID An optional request ID to identify requests. Specify a unique request @@ -164,50 +168,185 @@ FLAGS --remove-annotations=[__REMOVE_ANNOTATIONS,...] Remove existing value from map annotations. - The crypto key configuration. This field is used by the Customer-managed - encryption keys (CMEK) feature. - - CryptoKey resource - The name of the key which is used to - encrypt/decrypt customer data. For key in Cloud KMS, the key should be - in the format of projects/*/locations/*/keyRings/*/cryptoKeys/*. The - arguments in this group can be used to specify the attributes of this - resource. (NOTE) Some attributes are not given arguments in this group - but can be set in other ways. - - To set the project attribute: - ▸ provide the argument --crypto-key-config-reference on the command - line with a fully specified name; - ▸ provide the argument --project on the command line; - ▸ set the property core/project. - - To set the location attribute: - ▸ provide the argument --crypto-key-config-reference on the command - line with a fully specified name; - ▸ provide the argument --location on the command line. - - --crypto-key-config-reference=CRYPTO_KEY_CONFIG_REFERENCE - ID of the cryptoKey or fully qualified identifier for the - cryptoKey. - - To set the crypto-key attribute: - ▫ provide the argument --crypto-key-config-reference on the - command line. - - This flag argument must be specified if any of the other arguments - in this group are specified. - - --key-ring=KEY_RING - The keyRing id of the cryptoKey resource. - - To set the key-ring attribute: - ▫ provide the argument --crypto-key-config-reference on the - command line with a fully specified name; - ▫ provide the argument --key-ring on the command line. - Arguments for the connection config. At most one of these can be specified: + Configuration for connections to an instance of Bitbucket Cloud. + + Represents a personal access token that authorized the Connection, and + associated metadata. + + SecretVersion resource - A SecretManager resource containing the + user token that authorizes the Developer Connect connection. Format: + projects/*/secrets/*/versions/*. This represents a Cloud resource. + (NOTE) Some attributes are not given arguments in this group but can + be set in other ways. + + To set the project attribute: + ◇ provide the argument + --bitbucket-cloud-config-authorizer-credential-user-token-secret-version + on the command line with a fully specified name; + ◇ provide the argument --project on the command line; + ◇ set the property core/project. + + To set the secret attribute: + ◇ provide the argument + --bitbucket-cloud-config-authorizer-credential-user-token-secret-version + on the command line with a fully specified name; + ◇ provide the argument --secret on the command line. + + --bitbucket-cloud-config-authorizer-credential-user-token-secret-version=BITBUCKET_CLOUD_CONFIG_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION + ID of the secretVersion or fully qualified identifier for the + secretVersion. + + To set the secret-version attribute: + ▹ provide the argument + --bitbucket-cloud-config-authorizer-credential-user-token-secret-version + on the command line. + + Represents a personal access token that authorized the Connection, and + associated metadata. + + SecretVersion resource - A SecretManager resource containing the + user token that authorizes the Developer Connect connection. Format: + projects/*/secrets/*/versions/*. This represents a Cloud resource. + (NOTE) Some attributes are not given arguments in this group but can + be set in other ways. + + To set the project attribute: + ◇ provide the argument + --bitbucket-cloud-config-read-authorizer-credential-user-token-secret-version + on the command line with a fully specified name; + ◇ provide the argument --project on the command line; + ◇ set the property core/project. + + To set the secret attribute: + ◇ provide the argument + --bitbucket-cloud-config-read-authorizer-credential-user-token-secret-version + on the command line with a fully specified name; + ◇ provide the argument --secret on the command line. + + --bitbucket-cloud-config-read-authorizer-credential-user-token-secret-version=BITBUCKET_CLOUD_CONFIG_READ_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION + ID of the secretVersion or fully qualified identifier for the + secretVersion. + + To set the secret-version attribute: + ▹ provide the argument + --bitbucket-cloud-config-read-authorizer-credential-user-token-secret-version + on the command line. + + --bitbucket-cloud-config-workspace=BITBUCKET_CLOUD_CONFIG_WORKSPACE + The Bitbucket Cloud Workspace ID to be connected to Google Cloud + Platform. + + Configuration for connections to an instance of Bitbucket Data Center. + + Represents a personal access token that authorized the Connection, and + associated metadata. + + SecretVersion resource - A SecretManager resource containing the + user token that authorizes the Developer Connect connection. Format: + projects/*/secrets/*/versions/*. This represents a Cloud resource. + (NOTE) Some attributes are not given arguments in this group but can + be set in other ways. + + To set the project attribute: + ◇ provide the argument + --bitbucket-data-center-config-authorizer-credential-user-token-secret-version + on the command line with a fully specified name; + ◇ provide the argument --project on the command line; + ◇ set the property core/project. + + To set the secret attribute: + ◇ provide the argument + --bitbucket-data-center-config-authorizer-credential-user-token-secret-version + on the command line with a fully specified name; + ◇ provide the argument --secret on the command line. + + --bitbucket-data-center-config-authorizer-credential-user-token-secret-version=BITBUCKET_DATA_CENTER_CONFIG_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION + ID of the secretVersion or fully qualified identifier for the + secretVersion. + + To set the secret-version attribute: + ▹ provide the argument + --bitbucket-data-center-config-authorizer-credential-user-token-secret-version + on the command line. + + --bitbucket-data-center-config-host-uri=BITBUCKET_DATA_CENTER_CONFIG_HOST_URI + The URI of the Bitbucket Data Center host this connection is for. + + Represents a personal access token that authorized the Connection, and + associated metadata. + + SecretVersion resource - A SecretManager resource containing the + user token that authorizes the Developer Connect connection. Format: + projects/*/secrets/*/versions/*. This represents a Cloud resource. + (NOTE) Some attributes are not given arguments in this group but can + be set in other ways. + + To set the project attribute: + ◇ provide the argument + --bitbucket-data-center-config-read-authorizer-credential-user-token-secret-version + on the command line with a fully specified name; + ◇ provide the argument --project on the command line; + ◇ set the property core/project. + + To set the secret attribute: + ◇ provide the argument + --bitbucket-data-center-config-read-authorizer-credential-user-token-secret-version + on the command line with a fully specified name; + ◇ provide the argument --secret on the command line. + + --bitbucket-data-center-config-read-authorizer-credential-user-token-secret-version=BITBUCKET_DATA_CENTER_CONFIG_READ_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION + ID of the secretVersion or fully qualified identifier for the + secretVersion. + + To set the secret-version attribute: + ▹ provide the argument + --bitbucket-data-center-config-read-authorizer-credential-user-token-secret-version + on the command line. + + ServiceDirectoryConfig represents Service Directory configuration for + a connection. + + Service resource - The Service Directory service name. Format: + projects/{project}/locations/{location}/namespaces/{namespace}/services/{service}. + This represents a Cloud resource. (NOTE) Some attributes are not + given arguments in this group but can be set in other ways. + + To set the project attribute: + ◇ provide the argument + --bitbucket-data-center-config-service-directory on the command + line with a fully specified name; + ◇ provide the argument --project on the command line; + ◇ set the property core/project. + + To set the location attribute: + ◇ provide the argument + --bitbucket-data-center-config-service-directory on the command + line with a fully specified name; + ◇ provide the argument --location on the command line. + + To set the namespace attribute: + ◇ provide the argument + --bitbucket-data-center-config-service-directory on the command + line with a fully specified name; + ◇ provide the argument --namespace on the command line. + + --bitbucket-data-center-config-service-directory=BITBUCKET_DATA_CENTER_CONFIG_SERVICE_DIRECTORY + ID of the service or fully qualified identifier for the + service. + + To set the service attribute: + ▹ provide the argument + --bitbucket-data-center-config-service-directory on the + command line. + + --bitbucket-data-center-config-ssl-ca-certificate=BITBUCKET_DATA_CENTER_CONFIG_SSL_CA_CERTIFICATE + SSL certificate authority to trust when making requests to + Bitbucket Data Center. + Configuration for connections to github.com. --github-config-app-installation-id=GITHUB_CONFIG_APP_INSTALLATION_ID @@ -258,9 +397,38 @@ FLAGS ServiceDirectoryConfig represents Service Directory configuration for a connection. - --github-enterprise-config-service-directory=GITHUB_ENTERPRISE_CONFIG_SERVICE_DIRECTORY - The Service Directory service name. Format: - projects/{project}/locations/{location}/namespaces/{namespace}/services/{service}. + Service resource - The Service Directory service name. Format: + projects/{project}/locations/{location}/namespaces/{namespace}/services/{service}. + This represents a Cloud resource. (NOTE) Some attributes are not + given arguments in this group but can be set in other ways. + + To set the project attribute: + ◇ provide the argument + --github-enterprise-config-service-directory on the command line + with a fully specified name; + ◇ provide the argument --project on the command line; + ◇ set the property core/project. + + To set the location attribute: + ◇ provide the argument + --github-enterprise-config-service-directory on the command line + with a fully specified name; + ◇ provide the argument --location on the command line. + + To set the namespace attribute: + ◇ provide the argument + --github-enterprise-config-service-directory on the command line + with a fully specified name; + ◇ provide the argument --namespace on the command line. + + --github-enterprise-config-service-directory=GITHUB_ENTERPRISE_CONFIG_SERVICE_DIRECTORY + ID of the service or fully qualified identifier for the + service. + + To set the service attribute: + ▹ provide the argument + --github-enterprise-config-service-directory on the command + line. --github-enterprise-config-ssl-ca-certificate=GITHUB_ENTERPRISE_CONFIG_SSL_CA_CERTIFICATE SSL certificate to use for requests to GitHub Enterprise. @@ -475,14 +643,83 @@ FLAGS ServiceDirectoryConfig represents Service Directory configuration for a connection. - --gitlab-enterprise-config-service-directory=GITLAB_ENTERPRISE_CONFIG_SERVICE_DIRECTORY - The Service Directory service name. Format: - projects/{project}/locations/{location}/namespaces/{namespace}/services/{service}. + Service resource - The Service Directory service name. Format: + projects/{project}/locations/{location}/namespaces/{namespace}/services/{service}. + This represents a Cloud resource. (NOTE) Some attributes are not + given arguments in this group but can be set in other ways. + + To set the project attribute: + ◇ provide the argument + --gitlab-enterprise-config-service-directory on the command line + with a fully specified name; + ◇ provide the argument --project on the command line; + ◇ set the property core/project. + + To set the location attribute: + ◇ provide the argument + --gitlab-enterprise-config-service-directory on the command line + with a fully specified name; + ◇ provide the argument --location on the command line. + + To set the namespace attribute: + ◇ provide the argument + --gitlab-enterprise-config-service-directory on the command line + with a fully specified name; + ◇ provide the argument --namespace on the command line. + + --gitlab-enterprise-config-service-directory=GITLAB_ENTERPRISE_CONFIG_SERVICE_DIRECTORY + ID of the service or fully qualified identifier for the + service. + + To set the service attribute: + ▹ provide the argument + --gitlab-enterprise-config-service-directory on the command + line. --gitlab-enterprise-config-ssl-ca-certificate=GITLAB_ENTERPRISE_CONFIG_SSL_CA_CERTIFICATE SSL Certificate Authority certificate to use for requests to GitLab Enterprise instance. + The crypto key configuration. This field is used by the Customer-managed + encryption keys (CMEK) feature. + + CryptoKey resource - The name of the key which is used to + encrypt/decrypt customer data. For key in Cloud KMS, the key should be + in the format of projects/*/locations/*/keyRings/*/cryptoKeys/*. The + arguments in this group can be used to specify the attributes of this + resource. (NOTE) Some attributes are not given arguments in this group + but can be set in other ways. + + To set the project attribute: + ▸ provide the argument --crypto-key-config-reference on the command + line with a fully specified name; + ▸ provide the argument --project on the command line; + ▸ set the property core/project. + + To set the location attribute: + ▸ provide the argument --crypto-key-config-reference on the command + line with a fully specified name; + ▸ provide the argument --location on the command line. + + --crypto-key-config-reference=CRYPTO_KEY_CONFIG_REFERENCE + ID of the cryptoKey or fully qualified identifier for the + cryptoKey. + + To set the crypto-key attribute: + ▫ provide the argument --crypto-key-config-reference on the + command line. + + This flag argument must be specified if any of the other arguments + in this group are specified. + + --key-ring=KEY_RING + The keyRing id of the cryptoKey resource. + + To set the key-ring attribute: + ▫ provide the argument --crypto-key-config-reference on the + command line with a fully specified name; + ▫ provide the argument --key-ring on the command line. + Update labels. At most one of these can be specified: @@ -558,7 +795,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud developer-connect connections update $ gcloud beta developer-connect connections update diff --git a/gcloud/alpha/developer-connect/help b/gcloud/alpha/developer-connect/help index 120d24f8a..d2aa1abb9 100644 --- a/gcloud/alpha/developer-connect/help +++ b/gcloud/alpha/developer-connect/help @@ -25,7 +25,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud developer-connect $ gcloud beta developer-connect diff --git a/gcloud/alpha/developer-connect/operations/cancel b/gcloud/alpha/developer-connect/operations/cancel index 44bee4529..a4827505c 100644 --- a/gcloud/alpha/developer-connect/operations/cancel +++ b/gcloud/alpha/developer-connect/operations/cancel @@ -61,7 +61,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud developer-connect operations cancel $ gcloud beta developer-connect operations cancel diff --git a/gcloud/alpha/developer-connect/operations/delete b/gcloud/alpha/developer-connect/operations/delete index 654a45ca5..a3848c590 100644 --- a/gcloud/alpha/developer-connect/operations/delete +++ b/gcloud/alpha/developer-connect/operations/delete @@ -61,7 +61,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud developer-connect operations delete $ gcloud beta developer-connect operations delete diff --git a/gcloud/alpha/developer-connect/operations/describe b/gcloud/alpha/developer-connect/operations/describe index dfe9b4a66..633ed37b3 100644 --- a/gcloud/alpha/developer-connect/operations/describe +++ b/gcloud/alpha/developer-connect/operations/describe @@ -61,7 +61,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud developer-connect operations describe $ gcloud beta developer-connect operations describe diff --git a/gcloud/alpha/developer-connect/operations/help b/gcloud/alpha/developer-connect/operations/help index 3ff257b66..176d16867 100644 --- a/gcloud/alpha/developer-connect/operations/help +++ b/gcloud/alpha/developer-connect/operations/help @@ -34,7 +34,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud developer-connect operations $ gcloud beta developer-connect operations diff --git a/gcloud/alpha/developer-connect/operations/list b/gcloud/alpha/developer-connect/operations/list index e09a1a127..6212a01f0 100644 --- a/gcloud/alpha/developer-connect/operations/list +++ b/gcloud/alpha/developer-connect/operations/list @@ -82,7 +82,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud developer-connect operations list $ gcloud beta developer-connect operations list diff --git a/gcloud/alpha/developer-connect/operations/wait b/gcloud/alpha/developer-connect/operations/wait index 3ffcbbe4c..42dd0d03e 100644 --- a/gcloud/alpha/developer-connect/operations/wait +++ b/gcloud/alpha/developer-connect/operations/wait @@ -61,7 +61,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud developer-connect operations wait $ gcloud beta developer-connect operations wait diff --git a/gcloud/alpha/functions/add-iam-policy-binding b/gcloud/alpha/functions/add-iam-policy-binding index 7f4767318..a919c60e1 100644 --- a/gcloud/alpha/functions/add-iam-policy-binding +++ b/gcloud/alpha/functions/add-iam-policy-binding @@ -17,7 +17,7 @@ EXAMPLES --member=MEMBER-1 --role=ROLE-1 POSITIONAL ARGUMENTS - Function resource - The Cloud function name to add IAM policy binding for. + Function resource - The Cloud Function name to add IAM policy binding for. The arguments in this group can be used to specify the attributes of this resource. (NOTE) Some attributes are not given arguments in this group but can be set in other ways. diff --git a/gcloud/alpha/functions/add-invoker-policy-binding b/gcloud/alpha/functions/add-invoker-policy-binding index 8b3805d2e..b86cd12cf 100644 --- a/gcloud/alpha/functions/add-invoker-policy-binding +++ b/gcloud/alpha/functions/add-invoker-policy-binding @@ -24,7 +24,7 @@ EXAMPLES --member=MEMBER-1 POSITIONAL ARGUMENTS - Function resource - The Cloud function name to add the invoker binding to. + Function resource - The Cloud Function name to add the invoker binding to. The arguments in this group can be used to specify the attributes of this resource. (NOTE) Some attributes are not given arguments in this group but can be set in other ways. diff --git a/gcloud/alpha/functions/call b/gcloud/alpha/functions/call index 81f9ef9cd..93dd7004d 100644 --- a/gcloud/alpha/functions/call +++ b/gcloud/alpha/functions/call @@ -23,7 +23,7 @@ EXAMPLES other HTTP methods, use a dedicated HTTP request tool such as cURL or wget. POSITIONAL ARGUMENTS - Function resource - The Cloud function name to execute. The arguments in + Function resource - The Cloud Function name to execute. The arguments in this group can be used to specify the attributes of this resource. (NOTE) Some attributes are not given arguments in this group but can be set in other ways. diff --git a/gcloud/alpha/functions/delete b/gcloud/alpha/functions/delete index 15d0a16b6..a6341c11c 100644 --- a/gcloud/alpha/functions/delete +++ b/gcloud/alpha/functions/delete @@ -9,7 +9,7 @@ DESCRIPTION (ALPHA) Delete a Google Cloud Function. POSITIONAL ARGUMENTS - Function resource - The Cloud function name to delete. The arguments in + Function resource - The Cloud Function name to delete. The arguments in this group can be used to specify the attributes of this resource. (NOTE) Some attributes are not given arguments in this group but can be set in other ways. diff --git a/gcloud/alpha/functions/deploy b/gcloud/alpha/functions/deploy index 867444eae..6231ff1da 100644 --- a/gcloud/alpha/functions/deploy +++ b/gcloud/alpha/functions/deploy @@ -69,7 +69,7 @@ EXAMPLES using other types of resource as triggers. POSITIONAL ARGUMENTS - Function resource - The Cloud function name to deploy. The arguments in + Function resource - The Cloud Function name to deploy. The arguments in this group can be used to specify the attributes of this resource. (NOTE) Some attributes are not given arguments in this group but can be set in other ways. diff --git a/gcloud/alpha/functions/describe b/gcloud/alpha/functions/describe index fd0010c12..86177f133 100644 --- a/gcloud/alpha/functions/describe +++ b/gcloud/alpha/functions/describe @@ -10,7 +10,7 @@ DESCRIPTION (ALPHA) Display details of a Google Cloud Function. POSITIONAL ARGUMENTS - Function resource - The Cloud function name to describe. The arguments in + Function resource - The Cloud Function name to describe. The arguments in this group can be used to specify the attributes of this resource. (NOTE) Some attributes are not given arguments in this group but can be set in other ways. diff --git a/gcloud/alpha/functions/get-iam-policy b/gcloud/alpha/functions/get-iam-policy index 5e1db8b47..84e4dc5ac 100644 --- a/gcloud/alpha/functions/get-iam-policy +++ b/gcloud/alpha/functions/get-iam-policy @@ -16,7 +16,7 @@ EXAMPLES $ gcloud alpha functions get-iam-policy FUNCTION-1 POSITIONAL ARGUMENTS - Function resource - The Cloud function name to get IAM policy for. The + Function resource - The Cloud Function name to get IAM policy for. The arguments in this group can be used to specify the attributes of this resource. (NOTE) Some attributes are not given arguments in this group but can be set in other ways. diff --git a/gcloud/alpha/functions/remove-iam-policy-binding b/gcloud/alpha/functions/remove-iam-policy-binding index 3251ab037..427b529ae 100644 --- a/gcloud/alpha/functions/remove-iam-policy-binding +++ b/gcloud/alpha/functions/remove-iam-policy-binding @@ -17,7 +17,7 @@ EXAMPLES --member=MEMBER-1 --role=ROLE-1 POSITIONAL ARGUMENTS - Function resource - The Cloud function name to remove IAM policy binding + Function resource - The Cloud Function name to remove IAM policy binding from. The arguments in this group can be used to specify the attributes of this resource. (NOTE) Some attributes are not given arguments in this group but can be set in other ways. diff --git a/gcloud/alpha/functions/remove-invoker-policy-binding b/gcloud/alpha/functions/remove-invoker-policy-binding index 22ee3fd0b..66d47387e 100644 --- a/gcloud/alpha/functions/remove-invoker-policy-binding +++ b/gcloud/alpha/functions/remove-invoker-policy-binding @@ -25,7 +25,7 @@ EXAMPLES --member=MEMBER-1 POSITIONAL ARGUMENTS - Function resource - The Cloud function name to remove the invoker binding + Function resource - The Cloud Function name to remove the invoker binding from. The arguments in this group can be used to specify the attributes of this resource. (NOTE) Some attributes are not given arguments in this group but can be set in other ways. diff --git a/gcloud/alpha/functions/set-iam-policy b/gcloud/alpha/functions/set-iam-policy index 1f9bf49fa..c641068a9 100644 --- a/gcloud/alpha/functions/set-iam-policy +++ b/gcloud/alpha/functions/set-iam-policy @@ -16,7 +16,7 @@ EXAMPLES $ gcloud alpha functions set-iam-policy FUNCTION-1 POLICY-FILE-1 POSITIONAL ARGUMENTS - Function resource - The Cloud function name to get IAM policy for. The + Function resource - The Cloud Function name to get IAM policy for. The arguments in this group can be used to specify the attributes of this resource. (NOTE) Some attributes are not given arguments in this group but can be set in other ways. diff --git a/gcloud/alpha/looker/instances/create b/gcloud/alpha/looker/instances/create index 530c936af..58b3324d4 100644 --- a/gcloud/alpha/looker/instances/create +++ b/gcloud/alpha/looker/instances/create @@ -97,6 +97,22 @@ REQUIRED FLAGS core-trial Trial edition of Looker. + nonprod-core-embed-annual + A non-production edition of Looker (Google Cloud core) product for + deploying and maintaining external analytics and custom + applications at scale. This can be purchased via an annual + contract. + + nonprod-core-enterprise-annual + A non-production edition of Looker (Google Cloud core) product with + enhanced security features for a wide variety of internal BI and + analytics use cases. This can be purchased via an annual contract. + + nonprod-core-standard-annual + A non-production edition of Looker (Google Cloud core) product for + small organizations or teams with fewer than 50 users. This can be + purchased via an annual contract. + --oauth-client-id=OAUTH_CLIENT_ID The client ID from an external OAuth application. diff --git a/gcloud/alpha/looker/instances/update b/gcloud/alpha/looker/instances/update index e333f2135..abd63b1f8 100644 --- a/gcloud/alpha/looker/instances/update +++ b/gcloud/alpha/looker/instances/update @@ -15,6 +15,8 @@ SYNOPSIS | --psc-service-attachment=[attachment=ATTACHMENT],[domain=DOMAIN]] [--deny-maintenance-period-end-date=DENY_MAINTENANCE_PERIOD_END_DATE --deny-maintenance-period-start-date=DENY_MAINTENANCE_PERIOD_START_DATE --deny-maintenance-period-time=DENY_MAINTENANCE_PERIOD_TIME] + [--gemini-enabled + --gemini-preview-tester-enabled --gemini-prompt-log-enabled] [--maintenance-window-day=MAINTENANCE_WINDOW_DAY --maintenance-window-time=MAINTENANCE_WINDOW_TIME] [--oauth-client-id=OAUTH_CLIENT_ID @@ -170,6 +172,32 @@ FLAGS This flag argument must be specified if any of the other arguments in this group are specified. + Gemini AI - Gemini AI is a powerful AI model that can be used to answer + questions, generate content, and perform a variety of other tasks. + + --gemini-enabled + This specifies whether Gemini AI is enabled on the Looker instance. + To disable Gemini AI, use the --no-gemini-enabled flag. + + This flag argument must be specified if any of the other arguments in + this group are specified. + + --gemini-preview-tester-enabled + This specifies whether user opts in for Gemini AI public preview for + the Looker instance. To disable Gemini AI public preview, use the + --no-gemini-preview-tester-enabled flag. + + This flag argument must be specified if any of the other arguments in + this group are specified. + + --gemini-prompt-log-enabled + This specifies whether user opts in for Gemini AI prompt logging for + the Looker instance. To disable Gemini AI prompt logging, use the + --no-gemini-prompt-log-enabled flag. + + This flag argument must be specified if any of the other arguments in + this group are specified. + Maintenance Window - Maintenance typically only takes place once every few months, and requires your instance to be restarted while updates are made, which disrupts service briefly. diff --git a/gcloud/alpha/memorystore/help b/gcloud/alpha/memorystore/help index 9e51c0082..d767138dd 100644 --- a/gcloud/alpha/memorystore/help +++ b/gcloud/alpha/memorystore/help @@ -25,7 +25,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud memorystore $ gcloud beta memorystore diff --git a/gcloud/alpha/memorystore/instances/create b/gcloud/alpha/memorystore/instances/create index c0c3a17bd..418dd930a 100644 --- a/gcloud/alpha/memorystore/instances/create +++ b/gcloud/alpha/memorystore/instances/create @@ -300,7 +300,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud memorystore instances create $ gcloud beta memorystore instances create diff --git a/gcloud/alpha/memorystore/instances/delete b/gcloud/alpha/memorystore/instances/delete index 745499aa0..4c141061f 100644 --- a/gcloud/alpha/memorystore/instances/delete +++ b/gcloud/alpha/memorystore/instances/delete @@ -83,7 +83,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud memorystore instances delete $ gcloud beta memorystore instances delete diff --git a/gcloud/alpha/memorystore/instances/describe b/gcloud/alpha/memorystore/instances/describe index bdcd0421c..a6e503ae6 100644 --- a/gcloud/alpha/memorystore/instances/describe +++ b/gcloud/alpha/memorystore/instances/describe @@ -64,7 +64,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud memorystore instances describe $ gcloud beta memorystore instances describe diff --git a/gcloud/alpha/memorystore/instances/get-certificate-authority b/gcloud/alpha/memorystore/instances/get-certificate-authority index 719234b0d..1b23037d0 100644 --- a/gcloud/alpha/memorystore/instances/get-certificate-authority +++ b/gcloud/alpha/memorystore/instances/get-certificate-authority @@ -64,7 +64,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud memorystore instances get-certificate-authority $ gcloud beta memorystore instances get-certificate-authority diff --git a/gcloud/alpha/memorystore/instances/help b/gcloud/alpha/memorystore/instances/help index 374d50367..e871d6ebe 100644 --- a/gcloud/alpha/memorystore/instances/help +++ b/gcloud/alpha/memorystore/instances/help @@ -38,7 +38,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud memorystore instances $ gcloud beta memorystore instances diff --git a/gcloud/alpha/memorystore/instances/list b/gcloud/alpha/memorystore/instances/list index 6882c26b2..a884cbba2 100644 --- a/gcloud/alpha/memorystore/instances/list +++ b/gcloud/alpha/memorystore/instances/list @@ -85,7 +85,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud memorystore instances list $ gcloud beta memorystore instances list diff --git a/gcloud/alpha/memorystore/instances/update b/gcloud/alpha/memorystore/instances/update index 1e3e66bf6..8007a6eef 100644 --- a/gcloud/alpha/memorystore/instances/update +++ b/gcloud/alpha/memorystore/instances/update @@ -283,7 +283,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud memorystore instances update $ gcloud beta memorystore instances update diff --git a/gcloud/alpha/memorystore/operations/cancel b/gcloud/alpha/memorystore/operations/cancel index 06eef19cc..e7861b033 100644 --- a/gcloud/alpha/memorystore/operations/cancel +++ b/gcloud/alpha/memorystore/operations/cancel @@ -62,7 +62,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud memorystore operations cancel $ gcloud beta memorystore operations cancel diff --git a/gcloud/alpha/memorystore/operations/delete b/gcloud/alpha/memorystore/operations/delete index 63195f37b..8b03a5e15 100644 --- a/gcloud/alpha/memorystore/operations/delete +++ b/gcloud/alpha/memorystore/operations/delete @@ -62,7 +62,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud memorystore operations delete $ gcloud beta memorystore operations delete diff --git a/gcloud/alpha/memorystore/operations/describe b/gcloud/alpha/memorystore/operations/describe index 2cc090f16..5901ae762 100644 --- a/gcloud/alpha/memorystore/operations/describe +++ b/gcloud/alpha/memorystore/operations/describe @@ -63,7 +63,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud memorystore operations describe $ gcloud beta memorystore operations describe diff --git a/gcloud/alpha/memorystore/operations/help b/gcloud/alpha/memorystore/operations/help index 80b6e5585..a1a546203 100644 --- a/gcloud/alpha/memorystore/operations/help +++ b/gcloud/alpha/memorystore/operations/help @@ -31,7 +31,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud memorystore operations $ gcloud beta memorystore operations diff --git a/gcloud/alpha/memorystore/operations/list b/gcloud/alpha/memorystore/operations/list index 68e89c8bf..3e4358495 100644 --- a/gcloud/alpha/memorystore/operations/list +++ b/gcloud/alpha/memorystore/operations/list @@ -83,7 +83,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud memorystore operations list $ gcloud beta memorystore operations list diff --git a/gcloud/alpha/network-security/help b/gcloud/alpha/network-security/help index ea1c613e0..0a2689ae1 100644 --- a/gcloud/alpha/network-security/help +++ b/gcloud/alpha/network-security/help @@ -33,6 +33,18 @@ GROUPS gateway-security-policies (ALPHA) Manage Network Security Gateway Security Policies. + intercept-deployment-groups + (ALPHA) Manage Intercept Deployment Group resources. + + intercept-deployments + (ALPHA) Manage Intercept Deployment resources. + + intercept-endpoint-group-associations + (ALPHA) Manage Intercept Endpoint Group Association resources. + + intercept-endpoint-groups + (ALPHA) Manage Intercept Endpoint Group resources. + mirroring-deployment-groups (ALPHA) Manage Mirroring Deployment Group resources. diff --git a/gcloud/alpha/network-security/intercept-deployment-groups/create b/gcloud/alpha/network-security/intercept-deployment-groups/create new file mode 100644 index 000000000..f8e54dc45 --- /dev/null +++ b/gcloud/alpha/network-security/intercept-deployment-groups/create @@ -0,0 +1,125 @@ +NAME + gcloud alpha network-security intercept-deployment-groups create - create + an Intercept Deployment Group + +SYNOPSIS + gcloud alpha network-security intercept-deployment-groups create + (INTERCEPT_DEPLOYMENT_GROUP : --location=LOCATION) --network=NETWORK + [--async] [--labels=[KEY=VALUE,...]] + [--max-wait=MAX_WAIT; default="20m"] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (ALPHA) Create an intercept deployment group. Successful creation of a + deployment group results in a deployment group in ACTIVE state. Check the + progress of deployment group creation by using gcloud network-security + intercept-deployment-groups list. + + For more examples, refer to the EXAMPLES section below. + +EXAMPLES + To create a intercept deployment group called my-deployment-group, in + project ID my-project, run: $ gcloud alpha network-security intercept-deployment-groups create \ + my-deployment-group --project=my-project --location=global \ + --network=my-network + + OR + + $ gcloud alpha network-security intercept-deployment-groups create \ + my-deployment-group --project=my-project --location=global \ + --network=projects/my-project/global/networks/my-network + + OR + + $ gcloud alpha network-security intercept-deployment-groups create \ + projects/my-project/locations/global/interceptDeploymentGroups/\ + my-deployment-group \ + --network=projects/my-project/global/networks/my-network + +POSITIONAL ARGUMENTS + Intercept deployment group resource - Intercept Deployment Group. The + arguments in this group can be used to specify the attributes of this + resource. (NOTE) Some attributes are not given arguments in this group but + can be set in other ways. + + To set the project attribute: + ◆ provide the argument INTERCEPT_DEPLOYMENT_GROUP on the command line + with a fully specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + INTERCEPT_DEPLOYMENT_GROUP + ID of the intercept deployment group or fully qualified identifier + for the intercept deployment group. + + To set the deployment-group-id attribute: + ▸ provide the argument INTERCEPT_DEPLOYMENT_GROUP on the command + line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + Location of the intercept deployment group. + + To set the location attribute: + ▸ provide the argument INTERCEPT_DEPLOYMENT_GROUP on the command + line with a fully specified name; + ▸ provide the argument --location on the command line. + +REQUIRED FLAGS + Network resource - Intercept Deployment Group. This represents a Cloud + resource. (NOTE) Some attributes are not given arguments in this group but + can be set in other ways. + + To set the project attribute: + ◆ provide the argument --network on the command line with a fully + specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + --network=NETWORK + ID of the network or fully qualified identifier for the network. + + To set the network-name attribute: + ▸ provide the argument --network on the command line. + +OPTIONAL FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. The default is True. Enabled by default, use --no-async to + disable. + + --labels=[KEY=VALUE,...] + List of label KEY=VALUE pairs to add. + + Keys must start with a lowercase character and contain only hyphens + (-), underscores (_), lowercase characters, and numbers. Values must + contain only hyphens (-), underscores (_), lowercase characters, and + numbers. + + --max-wait=MAX_WAIT; default="20m" + Time to synchronously wait for the operation to complete, after which + the operation continues asynchronously. Ignored if --no-async isn't + specified. See $ gcloud topic datetimes for information on time + formats. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in alpha and might change without notice. If this + command fails with API permission errors despite specifying the correct + project, you might be trying to access an API with an invitation-only early + access allowlist. This variant is also available: + + $ gcloud beta network-security intercept-deployment-groups create + diff --git a/gcloud/alpha/network-security/intercept-deployment-groups/delete b/gcloud/alpha/network-security/intercept-deployment-groups/delete new file mode 100644 index 000000000..26dc9acde --- /dev/null +++ b/gcloud/alpha/network-security/intercept-deployment-groups/delete @@ -0,0 +1,90 @@ +NAME + gcloud alpha network-security intercept-deployment-groups delete - delete + an Intercept Deployment Group + +SYNOPSIS + gcloud alpha network-security intercept-deployment-groups delete + (INTERCEPT_DEPLOYMENT_GROUP : --location=LOCATION) [--async] + [--max-wait=MAX_WAIT; default="20m"] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (ALPHA) Delete an intercept deployment group. Check the progress of + deployment group deletion by using gcloud network-security + intercept-deployment-groups list. + + For more examples, refer to the EXAMPLES section below. + +EXAMPLES + To delete an intercept deployment group called my-deployment-group, in + project ID my-project, run: + + $ gcloud alpha network-security intercept-deployment-groups delete \ + my-deployment-group --project=my-project --location=global + + OR + + $ gcloud alpha network-security intercept-deployment-groups delete \ + projects/my-project/locations/global/interceptDeploymentGroups/\ + my-deployment-group + +POSITIONAL ARGUMENTS + Intercept deployment group resource - Intercept Deployment Group. The + arguments in this group can be used to specify the attributes of this + resource. (NOTE) Some attributes are not given arguments in this group but + can be set in other ways. + + To set the project attribute: + ◆ provide the argument INTERCEPT_DEPLOYMENT_GROUP on the command line + with a fully specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + INTERCEPT_DEPLOYMENT_GROUP + ID of the intercept deployment group or fully qualified identifier + for the intercept deployment group. + + To set the deployment-group-id attribute: + ▸ provide the argument INTERCEPT_DEPLOYMENT_GROUP on the command + line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + Location of the intercept deployment group. + + To set the location attribute: + ▸ provide the argument INTERCEPT_DEPLOYMENT_GROUP on the command + line with a fully specified name; + ▸ provide the argument --location on the command line. + +FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. The default is True. Enabled by default, use --no-async to + disable. + + --max-wait=MAX_WAIT; default="20m" + Time to synchronously wait for the operation to complete, after which + the operation continues asynchronously. Ignored if --no-async isn't + specified. See $ gcloud topic datetimes for information on time + formats. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in alpha and might change without notice. If this + command fails with API permission errors despite specifying the correct + project, you might be trying to access an API with an invitation-only early + access allowlist. This variant is also available: + + $ gcloud beta network-security intercept-deployment-groups delete + diff --git a/gcloud/alpha/network-security/intercept-deployment-groups/describe b/gcloud/alpha/network-security/intercept-deployment-groups/describe new file mode 100644 index 000000000..06392ef37 --- /dev/null +++ b/gcloud/alpha/network-security/intercept-deployment-groups/describe @@ -0,0 +1,76 @@ +NAME + gcloud alpha network-security intercept-deployment-groups describe - + describe an Intercept Deployment Group + +SYNOPSIS + gcloud alpha network-security intercept-deployment-groups describe + (INTERCEPT_DEPLOYMENT_GROUP : --location=LOCATION) + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (ALPHA) Describe an intercept deployment group. + + For more examples, refer to the EXAMPLES section below. + +EXAMPLES + To get a description of an intercept deployment group called + my-deployment-group in project ID my-project, run: + + $ gcloud alpha network-security intercept-deployment-groups \ describe my-deployment-group --project=my-project \ + --location=global + + OR + + $ gcloud alpha network-security intercept-deployment-groups \ describe \ + projects/my-project/locations/global/interceptDeploymentGroups/\ + my-deployment-group + +POSITIONAL ARGUMENTS + Intercept deployment group resource - Intercept Deployment Group. The + arguments in this group can be used to specify the attributes of this + resource. (NOTE) Some attributes are not given arguments in this group but + can be set in other ways. + + To set the project attribute: + ◆ provide the argument INTERCEPT_DEPLOYMENT_GROUP on the command line + with a fully specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + INTERCEPT_DEPLOYMENT_GROUP + ID of the intercept deployment group or fully qualified identifier + for the intercept deployment group. + + To set the deployment-group-id attribute: + ▸ provide the argument INTERCEPT_DEPLOYMENT_GROUP on the command + line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + Location of the intercept deployment group. + + To set the location attribute: + ▸ provide the argument INTERCEPT_DEPLOYMENT_GROUP on the command + line with a fully specified name; + ▸ provide the argument --location on the command line. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in alpha and might change without notice. If this + command fails with API permission errors despite specifying the correct + project, you might be trying to access an API with an invitation-only early + access allowlist. This variant is also available: + + $ gcloud beta network-security intercept-deployment-groups describe + diff --git a/gcloud/alpha/network-security/intercept-deployment-groups/help b/gcloud/alpha/network-security/intercept-deployment-groups/help new file mode 100644 index 000000000..ebe2b1085 --- /dev/null +++ b/gcloud/alpha/network-security/intercept-deployment-groups/help @@ -0,0 +1,46 @@ +NAME + gcloud alpha network-security intercept-deployment-groups - manage + Intercept Deployment Group resources + +SYNOPSIS + gcloud alpha network-security intercept-deployment-groups COMMAND + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (ALPHA) This class provides commands for managing Intercept Deployment + Groups. + + Attributes: category (str): The category under which this command group + falls. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --help. + + Run $ gcloud help for details. + +COMMANDS + COMMAND is one of the following: + + create + (ALPHA) Create an Intercept Deployment Group. + + delete + (ALPHA) Delete an Intercept Deployment Group. + + describe + (ALPHA) Describe an Intercept Deployment Group. + + list + (ALPHA) List Intercept Deployment Groups. + + update + (ALPHA) Update an Intercept Deployment Group. + +NOTES + This command is currently in alpha and might change without notice. If this + command fails with API permission errors despite specifying the correct + project, you might be trying to access an API with an invitation-only early + access allowlist. This variant is also available: + + $ gcloud beta network-security intercept-deployment-groups + diff --git a/gcloud/alpha/network-security/intercept-deployment-groups/list b/gcloud/alpha/network-security/intercept-deployment-groups/list new file mode 100644 index 000000000..17bd42e8b --- /dev/null +++ b/gcloud/alpha/network-security/intercept-deployment-groups/list @@ -0,0 +1,94 @@ +NAME + gcloud alpha network-security intercept-deployment-groups list - list + Intercept Deployment Groups + +SYNOPSIS + gcloud alpha network-security intercept-deployment-groups list + [--location=LOCATION] [--filter=EXPRESSION] [--limit=LIMIT] + [--page-size=PAGE_SIZE] [--sort-by=[FIELD,...]] [--uri] + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (ALPHA) List intercept deployment groups. + + For more examples, refer to the EXAMPLES section below. + +EXAMPLES + To list intercept deployment groups in project ID my-project, run: + + $ gcloud alpha network-security intercept-deployment-groups list \ + --location=global --project=my-project + + OR + + $ gcloud alpha network-security intercept-deployment-groups list \ + --location=global + +FLAGS + Location resource - The location for a list operation This represents a + Cloud resource. (NOTE) Some attributes are not given arguments in this + group but can be set in other ways. + + To set the project attribute: + ◆ provide the argument --location on the command line with a fully + specified name; + ◆ Location of the Intercept Deployment Group. Defaults to global with a + fully specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + --location=LOCATION + ID of the location or fully qualified identifier for the location. + + To set the location attribute: + ▸ provide the argument --location on the command line; + ▸ Location of the Intercept Deployment Group. Defaults to global. + +LIST COMMAND FLAGS + --filter=EXPRESSION + Apply a Boolean filter EXPRESSION to each resource item to be listed. + If the expression evaluates True, then that item is listed. For more + details and examples of filter expressions, run $ gcloud topic filters. + This flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --limit=LIMIT + Maximum number of resources to list. The default is unlimited. This + flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --page-size=PAGE_SIZE + Some services group resource list output into pages. This flag + specifies the maximum number of resources per page. The default is + determined by the service if it supports paging, otherwise it is + unlimited (no paging). Paging may be applied before or after --filter + and --limit depending on the service. + + --sort-by=[FIELD,...] + Comma-separated list of resource field key names to sort by. The + default order is ascending. Prefix a field with ``~'' for descending + order on that field. This flag interacts with other flags that are + applied in this order: --flatten, --sort-by, --filter, --limit. + + --uri + Print a list of resource URIs instead of the default output, and change + the command output to a list of URIs. If this flag is used with + --format, the formatting is applied on this URI list. To display URIs + alongside other keys instead, use the uri() transform. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in alpha and might change without notice. If this + command fails with API permission errors despite specifying the correct + project, you might be trying to access an API with an invitation-only early + access allowlist. This variant is also available: + + $ gcloud beta network-security intercept-deployment-groups list + diff --git a/gcloud/alpha/network-security/intercept-deployment-groups/update b/gcloud/alpha/network-security/intercept-deployment-groups/update new file mode 100644 index 000000000..40517c0bc --- /dev/null +++ b/gcloud/alpha/network-security/intercept-deployment-groups/update @@ -0,0 +1,127 @@ +NAME + gcloud alpha network-security intercept-deployment-groups update - update + an Intercept Deployment Group + +SYNOPSIS + gcloud alpha network-security intercept-deployment-groups update + (INTERCEPT_DEPLOYMENT_GROUP : --location=LOCATION) [--async] + [--max-wait=MAX_WAIT; default="20m"] [--update-labels=[KEY=VALUE,...]] + [--clear-labels | --remove-labels=[KEY,...]] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (ALPHA) Update an intercept deployment group. Check the progress of + deployment group update by using gcloud network-security + intercept-deployment-groups list. + + For examples refer to the EXAMPLES section below. + +EXAMPLES + To update labels k1 and k2, run: + + $ gcloud alpha network-security intercept-deployment-groups update \ + my-deployment-group --project=my-project --location=global \ + --update-labels=k1=v1,k2=v2 + + To remove labels k3 and k4, run: + + $ gcloud alpha network-security intercept-deployment-groups update \ + my-deployment-group --project=my-project --location=global \ + --remove-labels=k3,k4 + + To clear all labels from the intercept deployment group, run: + + $ gcloud alpha network-security intercept-deployment-groups update \ + my-deployment-group --project=my-project --location=global \ + --clear-labels + +POSITIONAL ARGUMENTS + Intercept deployment group resource - Intercept Deployment Group. The + arguments in this group can be used to specify the attributes of this + resource. (NOTE) Some attributes are not given arguments in this group but + can be set in other ways. + + To set the project attribute: + ◆ provide the argument INTERCEPT_DEPLOYMENT_GROUP on the command line + with a fully specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + INTERCEPT_DEPLOYMENT_GROUP + ID of the intercept deployment group or fully qualified identifier + for the intercept deployment group. + + To set the deployment-group-id attribute: + ▸ provide the argument INTERCEPT_DEPLOYMENT_GROUP on the command + line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + Location of the intercept deployment group. + + To set the location attribute: + ▸ provide the argument INTERCEPT_DEPLOYMENT_GROUP on the command + line with a fully specified name; + ▸ provide the argument --location on the command line. + +FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. The default is True. Enabled by default, use --no-async to + disable. + + --max-wait=MAX_WAIT; default="20m" + Time to synchronously wait for the operation to complete, after which + the operation continues asynchronously. Ignored if --no-async isn't + specified. See $ gcloud topic datetimes for information on time + formats. + + --update-labels=[KEY=VALUE,...] + List of label KEY=VALUE pairs to update. If a label exists, its value + is modified. Otherwise, a new label is created. + + Keys must start with a lowercase character and contain only hyphens + (-), underscores (_), lowercase characters, and numbers. Values must + contain only hyphens (-), underscores (_), lowercase characters, and + numbers. + + At most one of these can be specified: + + --clear-labels + Remove all labels. If --update-labels is also specified then + --clear-labels is applied first. + + For example, to remove all labels: + + $ gcloud alpha network-security intercept-deployment-groups update \ + --clear-labels + + To remove all existing labels and create two new labels, foo and baz: + + $ gcloud alpha network-security intercept-deployment-groups update \ + --clear-labels --update-labels foo=bar,baz=qux + + --remove-labels=[KEY,...] + List of label keys to remove. If a label does not exist it is + silently ignored. If --update-labels is also specified then + --update-labels is applied first. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in alpha and might change without notice. If this + command fails with API permission errors despite specifying the correct + project, you might be trying to access an API with an invitation-only early + access allowlist. This variant is also available: + + $ gcloud beta network-security intercept-deployment-groups update + diff --git a/gcloud/alpha/network-security/intercept-deployments/create b/gcloud/alpha/network-security/intercept-deployments/create new file mode 100644 index 000000000..2630da387 --- /dev/null +++ b/gcloud/alpha/network-security/intercept-deployments/create @@ -0,0 +1,187 @@ +NAME + gcloud alpha network-security intercept-deployments create - create an + Intercept Deployment + +SYNOPSIS + gcloud alpha network-security intercept-deployments create + (INTERCEPT_DEPLOYMENT : --location=LOCATION) + (--forwarding-rule=FORWARDING_RULE + : --forwarding-rule-location=FORWARDING_RULE_LOCATION) + (--intercept-deployment-group=INTERCEPT_DEPLOYMENT_GROUP + : --intercept-deployment-group-location=INTERCEPT_DEPLOYMENT_GROUP_LOCATION) + [--async] [--labels=[KEY=VALUE,...]] + [--max-wait=MAX_WAIT; default="20m"] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (ALPHA) Create an intercept deployment. Successful creation of a deployment + results in a deployment in ACTIVE state. Check the progress of deployment + creation by using gcloud network-security intercept-deployments list. + + For more examples, refer to the EXAMPLES section below. + +EXAMPLES + To create an intercept deployment called my-deployment, in project ID + my-project and zone us-central1-a, run: $ gcloud alpha network-security intercept-deployments create \ + my-deployment --project=my-project --location=us-central1-a \ + --deployment-group-location=global \ + --forwarding-rule=my-forwarding-rule \ + --forwarding-rule-location=us-central1 \ + --intercept-deployment-group=my-deployment-group + + OR + + $ gcloud alpha network-security intercept-deployments create \ + my-deployment --project=my-project --location=us-central1-a \ + --forwarding-rule=projects/my-project/regions/us-central1/\ + forwardingRules/my-forwarding-rule \ + --intercept-deployment-group=projects/my-project/locations/\ + global/interceptDeploymentGroups/my-deployment-group + + OR + + $ gcloud alpha network-security intercept-deployments create \ + projects/my-project/locations/us-central1/interceptDeployments/\ + my-deployment \ + --forwarding-rule=projects/my-project/regions/us-central1/\ + forwardingRules/my-forwarding-rule \ + --intercept-deployment-group=projects/my-project/locations/\ + global/interceptDeploymentGroups/my-deployment-group + +POSITIONAL ARGUMENTS + Intercept deployment resource - Intercept Deployment. The arguments in + this group can be used to specify the attributes of this resource. (NOTE) + Some attributes are not given arguments in this group but can be set in + other ways. + + To set the project attribute: + ◆ provide the argument INTERCEPT_DEPLOYMENT on the command line with a + fully specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + INTERCEPT_DEPLOYMENT + ID of the intercept deployment or fully qualified identifier for the + intercept deployment. + + To set the deployment-id attribute: + ▸ provide the argument INTERCEPT_DEPLOYMENT on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + Location of the intercept deployment. + + To set the location attribute: + ▸ provide the argument INTERCEPT_DEPLOYMENT on the command line + with a fully specified name; + ▸ provide the argument --location on the command line. + +REQUIRED FLAGS + ForwardingRule resource - Intercept Deployment Forwarding Rule. The + arguments in this group can be used to specify the attributes of this + resource. (NOTE) Some attributes are not given arguments in this group but + can be set in other ways. + + To set the project attribute: + ◆ provide the argument --forwarding-rule on the command line with a + fully specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + --forwarding-rule=FORWARDING_RULE + ID of the forwardingRule or fully qualified identifier for the + forwardingRule. + + To set the forwarding-rule-id attribute: + ▸ provide the argument --forwarding-rule on the command line. + + This flag argument must be specified if any of the other arguments in + this group are specified. + + --forwarding-rule-location=FORWARDING_RULE_LOCATION + The Cloud region for the forwardingRule. + + To set the forwarding-rule-location attribute: + ▸ provide the argument --forwarding-rule on the command line with a + fully specified name; + ▸ provide the argument --forwarding-rule-location on the command + line. + + Intercept deployment group resource - Intercept Deployment Group. The + arguments in this group can be used to specify the attributes of this + resource. (NOTE) Some attributes are not given arguments in this group but + can be set in other ways. + + To set the project attribute: + ◆ provide the argument --intercept-deployment-group on the command line + with a fully specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + --intercept-deployment-group=INTERCEPT_DEPLOYMENT_GROUP + ID of the intercept deployment group or fully qualified identifier + for the intercept deployment group. + + To set the id attribute: + ▸ provide the argument --intercept-deployment-group on the command + line. + + This flag argument must be specified if any of the other arguments in + this group are specified. + + --intercept-deployment-group-location=INTERCEPT_DEPLOYMENT_GROUP_LOCATION + Location of the intercept deployment group. + + To set the location attribute: + ▸ provide the argument --intercept-deployment-group on the command + line with a fully specified name; + ▸ provide the argument --intercept-deployment-group-location on the + command line; + ▸ provide the argument --location on the command line; + ▸ provide the argument + networksecurity.projects.locations.interceptDeployments on the + command line with a fully specified name. + +OPTIONAL FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. The default is True. Enabled by default, use --no-async to + disable. + + --labels=[KEY=VALUE,...] + List of label KEY=VALUE pairs to add. + + Keys must start with a lowercase character and contain only hyphens + (-), underscores (_), lowercase characters, and numbers. Values must + contain only hyphens (-), underscores (_), lowercase characters, and + numbers. + + --max-wait=MAX_WAIT; default="20m" + Time to synchronously wait for the operation to complete, after which + the operation continues asynchronously. Ignored if --no-async isn't + specified. See $ gcloud topic datetimes for information on time + formats. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in alpha and might change without notice. If this + command fails with API permission errors despite specifying the correct + project, you might be trying to access an API with an invitation-only early + access allowlist. This variant is also available: + + $ gcloud beta network-security intercept-deployments create + diff --git a/gcloud/alpha/network-security/intercept-deployments/delete b/gcloud/alpha/network-security/intercept-deployments/delete new file mode 100644 index 000000000..0e42642bb --- /dev/null +++ b/gcloud/alpha/network-security/intercept-deployments/delete @@ -0,0 +1,82 @@ +NAME + gcloud alpha network-security intercept-deployments delete - delete an + Intercept Deployment + +SYNOPSIS + gcloud alpha network-security intercept-deployments delete + (INTERCEPT_DEPLOYMENT : --location=LOCATION) [--async] + [--max-wait=MAX_WAIT; default="20m"] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (ALPHA) Delete an intercept deployment. Check the progress of deployment + deletion by using gcloud network-security intercept-deployments list. + + For more examples, refer to the EXAMPLES section below. + +EXAMPLES + To delete an intercept deployment called my-deployment in location + us-central1, run: + + $ gcloud alpha network-security intercept-deployments delete \ + my-deployment --location=us-central1-a --project=my-project + +POSITIONAL ARGUMENTS + Intercept deployment resource - Intercept Deployment. The arguments in + this group can be used to specify the attributes of this resource. (NOTE) + Some attributes are not given arguments in this group but can be set in + other ways. + + To set the project attribute: + ◆ provide the argument INTERCEPT_DEPLOYMENT on the command line with a + fully specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + INTERCEPT_DEPLOYMENT + ID of the intercept deployment or fully qualified identifier for the + intercept deployment. + + To set the deployment-id attribute: + ▸ provide the argument INTERCEPT_DEPLOYMENT on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + Location of the intercept deployment. + + To set the location attribute: + ▸ provide the argument INTERCEPT_DEPLOYMENT on the command line + with a fully specified name; + ▸ provide the argument --location on the command line. + +FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. The default is True. Enabled by default, use --no-async to + disable. + + --max-wait=MAX_WAIT; default="20m" + Time to synchronously wait for the operation to complete, after which + the operation continues asynchronously. Ignored if --no-async isn't + specified. See $ gcloud topic datetimes for information on time + formats. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in alpha and might change without notice. If this + command fails with API permission errors despite specifying the correct + project, you might be trying to access an API with an invitation-only early + access allowlist. This variant is also available: + + $ gcloud beta network-security intercept-deployments delete + diff --git a/gcloud/alpha/network-security/intercept-deployments/describe b/gcloud/alpha/network-security/intercept-deployments/describe new file mode 100644 index 000000000..212222baf --- /dev/null +++ b/gcloud/alpha/network-security/intercept-deployments/describe @@ -0,0 +1,74 @@ +NAME + gcloud alpha network-security intercept-deployments describe - describe an + Intercept Deployment + +SYNOPSIS + gcloud alpha network-security intercept-deployments describe + (INTERCEPT_DEPLOYMENT : --location=LOCATION) [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (ALPHA) Describe an intercept deployment. + + For more examples, refer to the EXAMPLES section below. + +EXAMPLES + To get a description of an intercept deployment called my-deployment in + zone us-central1-a, run: + + $ gcloud alpha network-security intercept-deployments describe \ + my-deployment --location=us-central1-a --project=my-project + + OR + + $ gcloud alpha network-security intercept-deployments describe \ + projects/my-project/locations/us-central1-a/\ + interceptDeployments/my-deployment + +POSITIONAL ARGUMENTS + Intercept deployment resource - Intercept Deployment. The arguments in + this group can be used to specify the attributes of this resource. (NOTE) + Some attributes are not given arguments in this group but can be set in + other ways. + + To set the project attribute: + ◆ provide the argument INTERCEPT_DEPLOYMENT on the command line with a + fully specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + INTERCEPT_DEPLOYMENT + ID of the intercept deployment or fully qualified identifier for the + intercept deployment. + + To set the deployment-id attribute: + ▸ provide the argument INTERCEPT_DEPLOYMENT on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + Location of the intercept deployment. + + To set the location attribute: + ▸ provide the argument INTERCEPT_DEPLOYMENT on the command line + with a fully specified name; + ▸ provide the argument --location on the command line. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in alpha and might change without notice. If this + command fails with API permission errors despite specifying the correct + project, you might be trying to access an API with an invitation-only early + access allowlist. This variant is also available: + + $ gcloud beta network-security intercept-deployments describe + diff --git a/gcloud/alpha/network-security/intercept-deployments/help b/gcloud/alpha/network-security/intercept-deployments/help new file mode 100644 index 000000000..ac6ee28b9 --- /dev/null +++ b/gcloud/alpha/network-security/intercept-deployments/help @@ -0,0 +1,43 @@ +NAME + gcloud alpha network-security intercept-deployments - manage Intercept + Deployment resources + +SYNOPSIS + gcloud alpha network-security intercept-deployments COMMAND + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (ALPHA) The gcloud intercept-deployments command group lets you manage + zonal deployments for your Intercept Deployment Group. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --help. + + Run $ gcloud help for details. + +COMMANDS + COMMAND is one of the following: + + create + (ALPHA) Create an Intercept Deployment. + + delete + (ALPHA) Delete an Intercept Deployment. + + describe + (ALPHA) Describe an Intercept Deployment. + + list + (ALPHA) List Intercept Deployments. + + update + (ALPHA) Update an Intercept Deployment. + +NOTES + This command is currently in alpha and might change without notice. If this + command fails with API permission errors despite specifying the correct + project, you might be trying to access an API with an invitation-only early + access allowlist. This variant is also available: + + $ gcloud beta network-security intercept-deployments + diff --git a/gcloud/alpha/network-security/intercept-deployments/list b/gcloud/alpha/network-security/intercept-deployments/list new file mode 100644 index 000000000..6b3f3e153 --- /dev/null +++ b/gcloud/alpha/network-security/intercept-deployments/list @@ -0,0 +1,95 @@ +NAME + gcloud alpha network-security intercept-deployments list - list Intercept + Deployments + +SYNOPSIS + gcloud alpha network-security intercept-deployments list + [--location=LOCATION] [--filter=EXPRESSION] [--limit=LIMIT] + [--page-size=PAGE_SIZE] [--sort-by=[FIELD,...]] [--uri] + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (ALPHA) List intercept deployments. + + For more examples, refer to the EXAMPLES section below. + +EXAMPLES + To list intercept deployments in project my-project and zone us-central1-a, + run: + + $ gcloud alpha network-security intercept-deployments list \ + --project=my-project --location=us-central1-a + + To list intercept deployments from all zones, run: + + $ gcloud alpha network-security intercept-deployments list \ + --project=my-project --location=- + +FLAGS + Location resource - Zone of the deployment This represents a Cloud + resource. (NOTE) Some attributes are not given arguments in this group but + can be set in other ways. + + To set the project attribute: + ◆ provide the argument --location on the command line with a fully + specified name; + ◆ Location of the Intercept Deployment. Defaults to a wildcard with a + fully specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + --location=LOCATION + ID of the location or fully qualified identifier for the location. + + To set the location attribute: + ▸ provide the argument --location on the command line; + ▸ Location of the Intercept Deployment. Defaults to a wildcard. + +LIST COMMAND FLAGS + --filter=EXPRESSION + Apply a Boolean filter EXPRESSION to each resource item to be listed. + If the expression evaluates True, then that item is listed. For more + details and examples of filter expressions, run $ gcloud topic filters. + This flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --limit=LIMIT + Maximum number of resources to list. The default is unlimited. This + flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --page-size=PAGE_SIZE + Some services group resource list output into pages. This flag + specifies the maximum number of resources per page. The default is + determined by the service if it supports paging, otherwise it is + unlimited (no paging). Paging may be applied before or after --filter + and --limit depending on the service. + + --sort-by=[FIELD,...] + Comma-separated list of resource field key names to sort by. The + default order is ascending. Prefix a field with ``~'' for descending + order on that field. This flag interacts with other flags that are + applied in this order: --flatten, --sort-by, --filter, --limit. + + --uri + Print a list of resource URIs instead of the default output, and change + the command output to a list of URIs. If this flag is used with + --format, the formatting is applied on this URI list. To display URIs + alongside other keys instead, use the uri() transform. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in alpha and might change without notice. If this + command fails with API permission errors despite specifying the correct + project, you might be trying to access an API with an invitation-only early + access allowlist. This variant is also available: + + $ gcloud beta network-security intercept-deployments list + diff --git a/gcloud/alpha/network-security/intercept-deployments/update b/gcloud/alpha/network-security/intercept-deployments/update new file mode 100644 index 000000000..e9abcb8b9 --- /dev/null +++ b/gcloud/alpha/network-security/intercept-deployments/update @@ -0,0 +1,125 @@ +NAME + gcloud alpha network-security intercept-deployments update - update an + Intercept Deployment + +SYNOPSIS + gcloud alpha network-security intercept-deployments update + (INTERCEPT_DEPLOYMENT : --location=LOCATION) [--async] + [--max-wait=MAX_WAIT; default="20m"] [--update-labels=[KEY=VALUE,...]] + [--clear-labels | --remove-labels=[KEY,...]] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (ALPHA) Update an intercept deployment. Check the progress of deployment + update by using gcloud network-security intercept-deployments list. + + For examples refer to the EXAMPLES section below. + +EXAMPLES + To update labels k1 and k2, run: + + $ gcloud alpha network-security intercept-deployments update \ + my-deployment --project=my-project --location=us-central1-a \ + --update-labels=k1=v1,k2=v2 + + To remove labels k3 and k4, run: + + $ gcloud alpha network-security intercept-deployments update \ + my-deployment --project=my-project --location=us-central1-a \ + --remove-labels=k3,k4 + + To clear all labels from the intercept deployment, run: + + $ gcloud alpha network-security intercept-deployments update \ + my-deploymen --project=my-project --location=us-central1-a \ + --clear-labels + +POSITIONAL ARGUMENTS + Intercept deployment resource - Intercept Deployment. The arguments in + this group can be used to specify the attributes of this resource. (NOTE) + Some attributes are not given arguments in this group but can be set in + other ways. + + To set the project attribute: + ◆ provide the argument INTERCEPT_DEPLOYMENT on the command line with a + fully specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + INTERCEPT_DEPLOYMENT + ID of the intercept deployment or fully qualified identifier for the + intercept deployment. + + To set the deployment-id attribute: + ▸ provide the argument INTERCEPT_DEPLOYMENT on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + Location of the intercept deployment. + + To set the location attribute: + ▸ provide the argument INTERCEPT_DEPLOYMENT on the command line + with a fully specified name; + ▸ provide the argument --location on the command line. + +FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. The default is True. Enabled by default, use --no-async to + disable. + + --max-wait=MAX_WAIT; default="20m" + Time to synchronously wait for the operation to complete, after which + the operation continues asynchronously. Ignored if --no-async isn't + specified. See $ gcloud topic datetimes for information on time + formats. + + --update-labels=[KEY=VALUE,...] + List of label KEY=VALUE pairs to update. If a label exists, its value + is modified. Otherwise, a new label is created. + + Keys must start with a lowercase character and contain only hyphens + (-), underscores (_), lowercase characters, and numbers. Values must + contain only hyphens (-), underscores (_), lowercase characters, and + numbers. + + At most one of these can be specified: + + --clear-labels + Remove all labels. If --update-labels is also specified then + --clear-labels is applied first. + + For example, to remove all labels: + + $ gcloud alpha network-security intercept-deployments update \ + --clear-labels + + To remove all existing labels and create two new labels, foo and baz: + + $ gcloud alpha network-security intercept-deployments update \ + --clear-labels --update-labels foo=bar,baz=qux + + --remove-labels=[KEY,...] + List of label keys to remove. If a label does not exist it is + silently ignored. If --update-labels is also specified then + --update-labels is applied first. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in alpha and might change without notice. If this + command fails with API permission errors despite specifying the correct + project, you might be trying to access an API with an invitation-only early + access allowlist. This variant is also available: + + $ gcloud beta network-security intercept-deployments update + diff --git a/gcloud/alpha/network-security/intercept-endpoint-group-associations/create b/gcloud/alpha/network-security/intercept-endpoint-group-associations/create new file mode 100644 index 000000000..a05c1aed0 --- /dev/null +++ b/gcloud/alpha/network-security/intercept-endpoint-group-associations/create @@ -0,0 +1,172 @@ +NAME + gcloud alpha network-security intercept-endpoint-group-associations create + - create an Intercept Endpoint Group Association + +SYNOPSIS + gcloud alpha network-security intercept-endpoint-group-associations create + (INTERCEPT_ENDPOINT_GROUP_ASSOCIATION : --location=LOCATION) + --network=NETWORK + (--intercept-endpoint-group=INTERCEPT_ENDPOINT_GROUP + : --intercept-endpoint-group-location=INTERCEPT_ENDPOINT_GROUP_LOCATION) + [--async] [--labels=[KEY=VALUE,...]] + [--max-wait=MAX_WAIT; default="20m"] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (ALPHA) Create an intercept endpoint group association. Successful creation + of an association results in an association in ACTIVE state. Check the + progress of association creation by using gcloud network-security + intercept-endpoint-group-associations list. + + For more examples, refer to the EXAMPLES section below. + +EXAMPLES + To create an intercept endpoint group association called my-association, in + project ID my-project, run: + + $ gcloud alpha network-security \ intercept-endpoint-group-associations create my-association \ + --project=my-project --location=global \ + --intercept-endpoint-group=my-endpoint-group \ + --network=my-network + + OR + + $ gcloud alpha network-security \ intercept-endpoint-group-associations create my-association \ + --project=my-project --location=global \ + --intercept-endpoint-group=my-endpoint-group \ + --network=projects/my-project/global/networks/my-network + + OR + + $ gcloud alpha network-security \ intercept-endpoint-group-associations create \ + projects/my-project/locations/global/\ + interceptEndpointGroupAssociations/my-association \ + --intercept-endpoint-group=projects/my-project/locations/\ + global/interceptEndpointGroups/my-endpoint-group \ + --network=projects/my-project/global/networks/my-network + +POSITIONAL ARGUMENTS + Intercept endpoint group association resource - Intercept Endpoint Group + Association. The arguments in this group can be used to specify the + attributes of this resource. (NOTE) Some attributes are not given + arguments in this group but can be set in other ways. + + To set the project attribute: + ◆ provide the argument INTERCEPT_ENDPOINT_GROUP_ASSOCIATION on the + command line with a fully specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + INTERCEPT_ENDPOINT_GROUP_ASSOCIATION + ID of the intercept endpoint group association or fully qualified + identifier for the intercept endpoint group association. + + To set the endpoint-group-association-id attribute: + ▸ provide the argument INTERCEPT_ENDPOINT_GROUP_ASSOCIATION on the + command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + Location of the intercept endpoint group association. + + To set the location attribute: + ▸ provide the argument INTERCEPT_ENDPOINT_GROUP_ASSOCIATION on the + command line with a fully specified name; + ▸ provide the argument --location on the command line. + +REQUIRED FLAGS + Network resource - Intercept Endpoint Group Association. This represents a + Cloud resource. (NOTE) Some attributes are not given arguments in this + group but can be set in other ways. + + To set the project attribute: + ◆ provide the argument --network on the command line with a fully + specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + --network=NETWORK + ID of the network or fully qualified identifier for the network. + + To set the network-name attribute: + ▸ provide the argument --network on the command line. + + Intercept endpoint group resource - Intercept Endpoint Group. The + arguments in this group can be used to specify the attributes of this + resource. (NOTE) Some attributes are not given arguments in this group but + can be set in other ways. + + To set the project attribute: + ◆ provide the argument --intercept-endpoint-group on the command line + with a fully specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + --intercept-endpoint-group=INTERCEPT_ENDPOINT_GROUP + ID of the intercept endpoint group or fully qualified identifier for + the intercept endpoint group. + + To set the id attribute: + ▸ provide the argument --intercept-endpoint-group on the command + line. + + This flag argument must be specified if any of the other arguments in + this group are specified. + + --intercept-endpoint-group-location=INTERCEPT_ENDPOINT_GROUP_LOCATION + Location of the intercept endpoint group. + + To set the location attribute: + ▸ provide the argument --intercept-endpoint-group on the command + line with a fully specified name; + ▸ provide the argument --intercept-endpoint-group-location on the + command line; + ▸ provide the argument --location on the command line; + ▸ provide the argument + networksecurity.projects.locations.interceptEndpointGroupAssociations + on the command line with a fully specified name. + +OPTIONAL FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. The default is True. Enabled by default, use --no-async to + disable. + + --labels=[KEY=VALUE,...] + List of label KEY=VALUE pairs to add. + + Keys must start with a lowercase character and contain only hyphens + (-), underscores (_), lowercase characters, and numbers. Values must + contain only hyphens (-), underscores (_), lowercase characters, and + numbers. + + --max-wait=MAX_WAIT; default="20m" + Time to synchronously wait for the operation to complete, after which + the operation continues asynchronously. Ignored if --no-async isn't + specified. See $ gcloud topic datetimes for information on time + formats. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in alpha and might change without notice. If this + command fails with API permission errors despite specifying the correct + project, you might be trying to access an API with an invitation-only early + access allowlist. This variant is also available: + + $ gcloud beta network-security \ + intercept-endpoint-group-associations create + diff --git a/gcloud/alpha/network-security/intercept-endpoint-group-associations/delete b/gcloud/alpha/network-security/intercept-endpoint-group-associations/delete new file mode 100644 index 000000000..451738974 --- /dev/null +++ b/gcloud/alpha/network-security/intercept-endpoint-group-associations/delete @@ -0,0 +1,91 @@ +NAME + gcloud alpha network-security intercept-endpoint-group-associations delete + - delete an Intercept Endpoint Group Association + +SYNOPSIS + gcloud alpha network-security intercept-endpoint-group-associations delete + (INTERCEPT_ENDPOINT_GROUP_ASSOCIATION : --location=LOCATION) [--async] + [--max-wait=MAX_WAIT; default="20m"] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (ALPHA) Delete an intercept endpoint group association. Check the progress + of deletion by using gcloud network-security + intercept-endpoint-group-associations list. + + For more examples, refer to the EXAMPLES section below. + +EXAMPLES + To delete an intercept endpoint group association called my-association, in + project ID my-project, run: + + $ gcloud alpha network-security \ intercept-endpoint-group-associations delete my-association \ + --project=my-project --location=global + + OR + + $ gcloud alpha network-security \ intercept-endpoint-group-associations delete \ + projects/my-project/locations/global/\ + interceptEndpointGroupAssociations/my-association + +POSITIONAL ARGUMENTS + Intercept endpoint group association resource - Intercept Endpoint Group + Association. The arguments in this group can be used to specify the + attributes of this resource. (NOTE) Some attributes are not given + arguments in this group but can be set in other ways. + + To set the project attribute: + ◆ provide the argument INTERCEPT_ENDPOINT_GROUP_ASSOCIATION on the + command line with a fully specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + INTERCEPT_ENDPOINT_GROUP_ASSOCIATION + ID of the intercept endpoint group association or fully qualified + identifier for the intercept endpoint group association. + + To set the endpoint-group-association-id attribute: + ▸ provide the argument INTERCEPT_ENDPOINT_GROUP_ASSOCIATION on the + command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + Location of the intercept endpoint group association. + + To set the location attribute: + ▸ provide the argument INTERCEPT_ENDPOINT_GROUP_ASSOCIATION on the + command line with a fully specified name; + ▸ provide the argument --location on the command line. + +FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. The default is True. Enabled by default, use --no-async to + disable. + + --max-wait=MAX_WAIT; default="20m" + Time to synchronously wait for the operation to complete, after which + the operation continues asynchronously. Ignored if --no-async isn't + specified. See $ gcloud topic datetimes for information on time + formats. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in alpha and might change without notice. If this + command fails with API permission errors despite specifying the correct + project, you might be trying to access an API with an invitation-only early + access allowlist. This variant is also available: + + $ gcloud beta network-security \ + intercept-endpoint-group-associations delete + diff --git a/gcloud/alpha/network-security/intercept-endpoint-group-associations/describe b/gcloud/alpha/network-security/intercept-endpoint-group-associations/describe new file mode 100644 index 000000000..02788d6cd --- /dev/null +++ b/gcloud/alpha/network-security/intercept-endpoint-group-associations/describe @@ -0,0 +1,77 @@ +NAME + gcloud alpha network-security intercept-endpoint-group-associations + describe - describe an Intercept Endpoint Group Association + +SYNOPSIS + gcloud alpha network-security intercept-endpoint-group-associations + describe (INTERCEPT_ENDPOINT_GROUP_ASSOCIATION : --location=LOCATION) + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (ALPHA) Describe an intercept endpoint group association. + + For more examples, refer to the EXAMPLES section below. + +EXAMPLES + To get a description of an intercept endpoint group association called + my-association in project my-project and location global, run: + + $ gcloud alpha network-security \ intercept-endpoint-group-associations describe my-association \ + --project=my-project --location=global + + OR + + $ gcloud alpha network-security \ intercept-endpoint-group-associations describe \ + projects/my-project/locations/global/\ + interceptEndpointGroupAssociations/my-association + +POSITIONAL ARGUMENTS + Intercept endpoint group association resource - Intercept Endpoint Group + Association. The arguments in this group can be used to specify the + attributes of this resource. (NOTE) Some attributes are not given + arguments in this group but can be set in other ways. + + To set the project attribute: + ◆ provide the argument INTERCEPT_ENDPOINT_GROUP_ASSOCIATION on the + command line with a fully specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + INTERCEPT_ENDPOINT_GROUP_ASSOCIATION + ID of the intercept endpoint group association or fully qualified + identifier for the intercept endpoint group association. + + To set the endpoint-group-association-id attribute: + ▸ provide the argument INTERCEPT_ENDPOINT_GROUP_ASSOCIATION on the + command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + Location of the intercept endpoint group association. + + To set the location attribute: + ▸ provide the argument INTERCEPT_ENDPOINT_GROUP_ASSOCIATION on the + command line with a fully specified name; + ▸ provide the argument --location on the command line. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in alpha and might change without notice. If this + command fails with API permission errors despite specifying the correct + project, you might be trying to access an API with an invitation-only early + access allowlist. This variant is also available: + + $ gcloud beta network-security \ + intercept-endpoint-group-associations describe + diff --git a/gcloud/alpha/network-security/intercept-endpoint-group-associations/help b/gcloud/alpha/network-security/intercept-endpoint-group-associations/help new file mode 100644 index 000000000..daa35f2cd --- /dev/null +++ b/gcloud/alpha/network-security/intercept-endpoint-group-associations/help @@ -0,0 +1,43 @@ +NAME + gcloud alpha network-security intercept-endpoint-group-associations - + manage Intercept Endpoint Group Association resources + +SYNOPSIS + gcloud alpha network-security intercept-endpoint-group-associations COMMAND + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (ALPHA) The gcloud intercept-endpoint-group-associations command group lets + you associate and deassociate networks to your Intercept Endpoint Group. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --help. + + Run $ gcloud help for details. + +COMMANDS + COMMAND is one of the following: + + create + (ALPHA) Create an Intercept Endpoint Group Association. + + delete + (ALPHA) Delete an Intercept Endpoint Group Association. + + describe + (ALPHA) Describe an Intercept Endpoint Group Association. + + list + (ALPHA) List Intercept Endpoint Group Associations. + + update + (ALPHA) Update an Intercept Endpoint Group Association. + +NOTES + This command is currently in alpha and might change without notice. If this + command fails with API permission errors despite specifying the correct + project, you might be trying to access an API with an invitation-only early + access allowlist. This variant is also available: + + $ gcloud beta network-security intercept-endpoint-group-associations + diff --git a/gcloud/alpha/network-security/intercept-endpoint-group-associations/list b/gcloud/alpha/network-security/intercept-endpoint-group-associations/list new file mode 100644 index 000000000..0584ec030 --- /dev/null +++ b/gcloud/alpha/network-security/intercept-endpoint-group-associations/list @@ -0,0 +1,101 @@ +NAME + gcloud alpha network-security intercept-endpoint-group-associations list - + list Intercept Endpoint Group Associations + +SYNOPSIS + gcloud alpha network-security intercept-endpoint-group-associations list + [--location=LOCATION] [--filter=EXPRESSION] [--limit=LIMIT] + [--page-size=PAGE_SIZE] [--sort-by=[FIELD,...]] [--uri] + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (ALPHA) List intercept endpoint group associations. + + For more examples, refer to the EXAMPLES section below. + +EXAMPLES + To list intercept endpoint group associations in project my-project and + location global, run: + + $ gcloud alpha network-security \ intercept-endpoint-group-associations list \ + --project=my-project --location=global + + OR + + $ gcloud alpha network-security \ intercept-endpoint-group-associations list --location=global + + OR + + $ gcloud alpha network-security \ intercept-endpoint-group-associations list \ + --location=projects/my-project/locations/global + +FLAGS + Location resource - The location for a list operation This represents a + Cloud resource. (NOTE) Some attributes are not given arguments in this + group but can be set in other ways. + + To set the project attribute: + ◆ provide the argument --location on the command line with a fully + specified name; + ◆ Location of the Intercept Endpoint Group Association. Defaults to + global with a fully specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + --location=LOCATION + ID of the location or fully qualified identifier for the location. + + To set the location attribute: + ▸ provide the argument --location on the command line; + ▸ Location of the Intercept Endpoint Group Association. Defaults to + global. + +LIST COMMAND FLAGS + --filter=EXPRESSION + Apply a Boolean filter EXPRESSION to each resource item to be listed. + If the expression evaluates True, then that item is listed. For more + details and examples of filter expressions, run $ gcloud topic filters. + This flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --limit=LIMIT + Maximum number of resources to list. The default is unlimited. This + flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --page-size=PAGE_SIZE + Some services group resource list output into pages. This flag + specifies the maximum number of resources per page. The default is + determined by the service if it supports paging, otherwise it is + unlimited (no paging). Paging may be applied before or after --filter + and --limit depending on the service. + + --sort-by=[FIELD,...] + Comma-separated list of resource field key names to sort by. The + default order is ascending. Prefix a field with ``~'' for descending + order on that field. This flag interacts with other flags that are + applied in this order: --flatten, --sort-by, --filter, --limit. + + --uri + Print a list of resource URIs instead of the default output, and change + the command output to a list of URIs. If this flag is used with + --format, the formatting is applied on this URI list. To display URIs + alongside other keys instead, use the uri() transform. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in alpha and might change without notice. If this + command fails with API permission errors despite specifying the correct + project, you might be trying to access an API with an invitation-only early + access allowlist. This variant is also available: + + $ gcloud beta network-security \ + intercept-endpoint-group-associations list + diff --git a/gcloud/alpha/network-security/intercept-endpoint-group-associations/update b/gcloud/alpha/network-security/intercept-endpoint-group-associations/update new file mode 100644 index 000000000..1b129b2db --- /dev/null +++ b/gcloud/alpha/network-security/intercept-endpoint-group-associations/update @@ -0,0 +1,127 @@ +NAME + gcloud alpha network-security intercept-endpoint-group-associations update + - update an Intercept Endpoint Group Association + +SYNOPSIS + gcloud alpha network-security intercept-endpoint-group-associations update + (INTERCEPT_ENDPOINT_GROUP_ASSOCIATION : --location=LOCATION) [--async] + [--max-wait=MAX_WAIT; default="20m"] [--update-labels=[KEY=VALUE,...]] + [--clear-labels | --remove-labels=[KEY,...]] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (ALPHA) Update an intercept endpoint group association. Check the progress + of association update by using gcloud network-security + intercept-endpoint-group-associations list. + + For examples refer to the EXAMPLES section below. + +EXAMPLES + To update labels k1 and k2, run: + + $ gcloud alpha network-security \ intercept-endpoint-group-associations update my-association \ + --project=my-project --location=global \ + --update-labels=k1=v1,k2=v2 + + To remove labels k3 and k4, run: + + $ gcloud alpha network-security \ intercept-endpoint-group-associations update my-association \ + --project=my-project --location=global --remove-labels=k3,k4 + + To clear all labels from the intercept endpoint group association, run: + + $ gcloud alpha network-security \ intercept-endpoint-group-associations update my-association \ + --project=my-project --location=global --clear-labels + +POSITIONAL ARGUMENTS + Intercept endpoint group association resource - Intercept Endpoint Group + Association. The arguments in this group can be used to specify the + attributes of this resource. (NOTE) Some attributes are not given + arguments in this group but can be set in other ways. + + To set the project attribute: + ◆ provide the argument INTERCEPT_ENDPOINT_GROUP_ASSOCIATION on the + command line with a fully specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + INTERCEPT_ENDPOINT_GROUP_ASSOCIATION + ID of the intercept endpoint group association or fully qualified + identifier for the intercept endpoint group association. + + To set the endpoint-group-association-id attribute: + ▸ provide the argument INTERCEPT_ENDPOINT_GROUP_ASSOCIATION on the + command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + Location of the intercept endpoint group association. + + To set the location attribute: + ▸ provide the argument INTERCEPT_ENDPOINT_GROUP_ASSOCIATION on the + command line with a fully specified name; + ▸ provide the argument --location on the command line. + +FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. The default is True. Enabled by default, use --no-async to + disable. + + --max-wait=MAX_WAIT; default="20m" + Time to synchronously wait for the operation to complete, after which + the operation continues asynchronously. Ignored if --no-async isn't + specified. See $ gcloud topic datetimes for information on time + formats. + + --update-labels=[KEY=VALUE,...] + List of label KEY=VALUE pairs to update. If a label exists, its value + is modified. Otherwise, a new label is created. + + Keys must start with a lowercase character and contain only hyphens + (-), underscores (_), lowercase characters, and numbers. Values must + contain only hyphens (-), underscores (_), lowercase characters, and + numbers. + + At most one of these can be specified: + + --clear-labels + Remove all labels. If --update-labels is also specified then + --clear-labels is applied first. + + For example, to remove all labels: + + $ gcloud alpha network-security \ + intercept-endpoint-group-associations update --clear-labels + + To remove all existing labels and create two new labels, foo and baz: + + $ gcloud alpha network-security \ + intercept-endpoint-group-associations update --clear-labels \ + --update-labels foo=bar,baz=qux + + --remove-labels=[KEY,...] + List of label keys to remove. If a label does not exist it is + silently ignored. If --update-labels is also specified then + --update-labels is applied first. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in alpha and might change without notice. If this + command fails with API permission errors despite specifying the correct + project, you might be trying to access an API with an invitation-only early + access allowlist. This variant is also available: + + $ gcloud beta network-security \ + intercept-endpoint-group-associations update + diff --git a/gcloud/alpha/network-security/intercept-endpoint-groups/create b/gcloud/alpha/network-security/intercept-endpoint-groups/create new file mode 100644 index 000000000..ca558d28b --- /dev/null +++ b/gcloud/alpha/network-security/intercept-endpoint-groups/create @@ -0,0 +1,147 @@ +NAME + gcloud alpha network-security intercept-endpoint-groups create - create a + Intercept Endpoint Group + +SYNOPSIS + gcloud alpha network-security intercept-endpoint-groups create + (INTERCEPT_ENDPOINT_GROUP : --location=LOCATION) + (--intercept-deployment-group=INTERCEPT_DEPLOYMENT_GROUP + : --intercept-deployment-group-location=INTERCEPT_DEPLOYMENT_GROUP_LOCATION) + [--async] [--labels=[KEY=VALUE,...]] + [--max-wait=MAX_WAIT; default="20m"] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (ALPHA) Create a intercept endpoint group. Successful creation of an + endpoint group results in an endpoint group in ACTIVE state. Check the + progress of endpoint group creation by using gcloud network-security + intercept-endpoint-groups list. + + For more examples, refer to the EXAMPLES section below. + +EXAMPLES + To create a intercept endpoint group called my-endpoint-group, in project + ID my-project, run: $ gcloud alpha network-security intercept-endpoint-groups create \ + my-endpoint-group --project=my-project --location=global \ + --intercept-deployment-group=my-deployment-group + + OR + + $ gcloud alpha network-security intercept-endpoint-groups create \ + my-endpoint-group --project=my-project --location=global \ + --intercept-deployment-group=projects/my-project/locations/\ + global/interceptDeploymentGroups/my-deployment-group + + OR + + $ gcloud alpha network-security intercept-endpoint-groups create \ + projects/my-project/locations/global/interceptEndpointGroups/\ + my-endpoint-group \ + --intercept-deployment-group=projects/my-project/locations/\ + global/interceptDeploymentGroups/my-deployment-group + +POSITIONAL ARGUMENTS + Intercept endpoint group resource - Intercept Endpoint Group. The + arguments in this group can be used to specify the attributes of this + resource. (NOTE) Some attributes are not given arguments in this group but + can be set in other ways. + + To set the project attribute: + ◆ provide the argument INTERCEPT_ENDPOINT_GROUP on the command line + with a fully specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + INTERCEPT_ENDPOINT_GROUP + ID of the intercept endpoint group or fully qualified identifier for + the intercept endpoint group. + + To set the endpoint-group-id attribute: + ▸ provide the argument INTERCEPT_ENDPOINT_GROUP on the command + line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + Location of the intercept endpoint group. + + To set the location attribute: + ▸ provide the argument INTERCEPT_ENDPOINT_GROUP on the command line + with a fully specified name; + ▸ provide the argument --location on the command line. + +REQUIRED FLAGS + Intercept deployment group resource - Intercept Deployment Group. The + arguments in this group can be used to specify the attributes of this + resource. (NOTE) Some attributes are not given arguments in this group but + can be set in other ways. + + To set the project attribute: + ◆ provide the argument --intercept-deployment-group on the command line + with a fully specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + --intercept-deployment-group=INTERCEPT_DEPLOYMENT_GROUP + ID of the intercept deployment group or fully qualified identifier + for the intercept deployment group. + + To set the id attribute: + ▸ provide the argument --intercept-deployment-group on the command + line. + + This flag argument must be specified if any of the other arguments in + this group are specified. + + --intercept-deployment-group-location=INTERCEPT_DEPLOYMENT_GROUP_LOCATION + Location of the intercept deployment group. + + To set the location attribute: + ▸ provide the argument --intercept-deployment-group on the command + line with a fully specified name; + ▸ provide the argument --intercept-deployment-group-location on the + command line; + ▸ provide the argument --location on the command line; + ▸ provide the argument INTERCEPT_ENDPOINT_GROUP on the command line + with a fully specified name. + +OPTIONAL FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. The default is True. Enabled by default, use --no-async to + disable. + + --labels=[KEY=VALUE,...] + List of label KEY=VALUE pairs to add. + + Keys must start with a lowercase character and contain only hyphens + (-), underscores (_), lowercase characters, and numbers. Values must + contain only hyphens (-), underscores (_), lowercase characters, and + numbers. + + --max-wait=MAX_WAIT; default="20m" + Time to synchronously wait for the operation to complete, after which + the operation continues asynchronously. Ignored if --no-async isn't + specified. See $ gcloud topic datetimes for information on time + formats. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in alpha and might change without notice. If this + command fails with API permission errors despite specifying the correct + project, you might be trying to access an API with an invitation-only early + access allowlist. This variant is also available: + + $ gcloud beta network-security intercept-endpoint-groups create + diff --git a/gcloud/alpha/network-security/intercept-endpoint-groups/delete b/gcloud/alpha/network-security/intercept-endpoint-groups/delete new file mode 100644 index 000000000..f1f4843de --- /dev/null +++ b/gcloud/alpha/network-security/intercept-endpoint-groups/delete @@ -0,0 +1,88 @@ +NAME + gcloud alpha network-security intercept-endpoint-groups delete - delete a + Intercept Endpoint Group + +SYNOPSIS + gcloud alpha network-security intercept-endpoint-groups delete + (INTERCEPT_ENDPOINT_GROUP : --location=LOCATION) [--async] + [--max-wait=MAX_WAIT; default="20m"] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (ALPHA) Delete a intercept endpoint group. Check the progress of endpoint + group deletion by using gcloud network-security intercept-endpoint-groups + list. + + For more examples, refer to the EXAMPLES section below. + +EXAMPLES + To delete a intercept endpoint group called my-endpoint-group, in project + ID my-project, run: $ gcloud alpha network-security intercept-endpoint-groups delete \ + my-endpoint-group --project=my-project --location=global + + OR + + $ gcloud alpha network-security intercept-endpoint-groups delete \ + projects/my-project/locations/global/interceptEndpointGroups/\ + my-endpoint-group + +POSITIONAL ARGUMENTS + Intercept endpoint group resource - Intercept Endpoint Group. The + arguments in this group can be used to specify the attributes of this + resource. (NOTE) Some attributes are not given arguments in this group but + can be set in other ways. + + To set the project attribute: + ◆ provide the argument INTERCEPT_ENDPOINT_GROUP on the command line + with a fully specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + INTERCEPT_ENDPOINT_GROUP + ID of the intercept endpoint group or fully qualified identifier for + the intercept endpoint group. + + To set the endpoint-group-id attribute: + ▸ provide the argument INTERCEPT_ENDPOINT_GROUP on the command + line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + Location of the intercept endpoint group. + + To set the location attribute: + ▸ provide the argument INTERCEPT_ENDPOINT_GROUP on the command line + with a fully specified name; + ▸ provide the argument --location on the command line. + +FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. The default is True. Enabled by default, use --no-async to + disable. + + --max-wait=MAX_WAIT; default="20m" + Time to synchronously wait for the operation to complete, after which + the operation continues asynchronously. Ignored if --no-async isn't + specified. See $ gcloud topic datetimes for information on time + formats. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in alpha and might change without notice. If this + command fails with API permission errors despite specifying the correct + project, you might be trying to access an API with an invitation-only early + access allowlist. This variant is also available: + + $ gcloud beta network-security intercept-endpoint-groups delete + diff --git a/gcloud/alpha/network-security/intercept-endpoint-groups/describe b/gcloud/alpha/network-security/intercept-endpoint-groups/describe new file mode 100644 index 000000000..1540a6c81 --- /dev/null +++ b/gcloud/alpha/network-security/intercept-endpoint-groups/describe @@ -0,0 +1,73 @@ +NAME + gcloud alpha network-security intercept-endpoint-groups describe - describe + a Intercept Endpoint Group + +SYNOPSIS + gcloud alpha network-security intercept-endpoint-groups describe + (INTERCEPT_ENDPOINT_GROUP : --location=LOCATION) [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (ALPHA) Describe a intercept endpoint group. + + For more examples, refer to the EXAMPLES section below. + +EXAMPLES + To get a description of a intercept endpoint group called my-endpoint-group + in project ID my-project, run: $ gcloud alpha network-security intercept-endpoint-groups describe \ + my-endpoint-group --project=my-project --location=global + + OR + + $ gcloud alpha network-security intercept-endpoint-groups describe \ + projects/my-project/locations/global/interceptEndpointGroups/\ + my-endpoint-group + +POSITIONAL ARGUMENTS + Intercept endpoint group resource - Intercept Endpoint Group. The + arguments in this group can be used to specify the attributes of this + resource. (NOTE) Some attributes are not given arguments in this group but + can be set in other ways. + + To set the project attribute: + ◆ provide the argument INTERCEPT_ENDPOINT_GROUP on the command line + with a fully specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + INTERCEPT_ENDPOINT_GROUP + ID of the intercept endpoint group or fully qualified identifier for + the intercept endpoint group. + + To set the endpoint-group-id attribute: + ▸ provide the argument INTERCEPT_ENDPOINT_GROUP on the command + line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + Location of the intercept endpoint group. + + To set the location attribute: + ▸ provide the argument INTERCEPT_ENDPOINT_GROUP on the command line + with a fully specified name; + ▸ provide the argument --location on the command line. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in alpha and might change without notice. If this + command fails with API permission errors despite specifying the correct + project, you might be trying to access an API with an invitation-only early + access allowlist. This variant is also available: + + $ gcloud beta network-security intercept-endpoint-groups describe + diff --git a/gcloud/alpha/network-security/intercept-endpoint-groups/help b/gcloud/alpha/network-security/intercept-endpoint-groups/help new file mode 100644 index 000000000..0045d108f --- /dev/null +++ b/gcloud/alpha/network-security/intercept-endpoint-groups/help @@ -0,0 +1,43 @@ +NAME + gcloud alpha network-security intercept-endpoint-groups - manage Intercept + Endpoint Group resources + +SYNOPSIS + gcloud alpha network-security intercept-endpoint-groups COMMAND + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (ALPHA) The gcloud intercept-endpoint-groups command group lets you create, + delete and manage endpoint groups. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --help. + + Run $ gcloud help for details. + +COMMANDS + COMMAND is one of the following: + + create + (ALPHA) Create a Intercept Endpoint Group. + + delete + (ALPHA) Delete a Intercept Endpoint Group. + + describe + (ALPHA) Describe a Intercept Endpoint Group. + + list + (ALPHA) List Intercept Endpoint Groups. + + update + (ALPHA) Update a Intercept Endpoint Group. + +NOTES + This command is currently in alpha and might change without notice. If this + command fails with API permission errors despite specifying the correct + project, you might be trying to access an API with an invitation-only early + access allowlist. This variant is also available: + + $ gcloud beta network-security intercept-endpoint-groups + diff --git a/gcloud/alpha/network-security/intercept-endpoint-groups/list b/gcloud/alpha/network-security/intercept-endpoint-groups/list new file mode 100644 index 000000000..293e2f29c --- /dev/null +++ b/gcloud/alpha/network-security/intercept-endpoint-groups/list @@ -0,0 +1,102 @@ +NAME + gcloud alpha network-security intercept-endpoint-groups list - list + Intercept Endpoint Groups + +SYNOPSIS + gcloud alpha network-security intercept-endpoint-groups list + [--location=LOCATION] [--filter=EXPRESSION] [--limit=LIMIT] + [--page-size=PAGE_SIZE] [--sort-by=[FIELD,...]] [--uri] + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (ALPHA) List intercept endpoint groups. + + For more examples, refer to the EXAMPLES section below. + +EXAMPLES + To list intercept endpoint groups in project ID my-project, run: $ gcloud alpha network-security intercept-endpoint-groups list \ + --project=my-project --location=global + + OR + + $ gcloud alpha network-security intercept-endpoint-groups list \ + --location=global + + OR + + $ gcloud alpha network-security intercept-endpoint-groups list \ + --location=projects/my-project/locations/global + + OR + + $ gcloud alpha network-security intercept-endpoint-groups list \ + projects/my-project/locations/global/interceptEndpointGroups + +FLAGS + Location resource - The location for a list operation This represents a + Cloud resource. (NOTE) Some attributes are not given arguments in this + group but can be set in other ways. + + To set the project attribute: + ◆ provide the argument --location on the command line with a fully + specified name; + ◆ Location of the Intercept Endpoint Group. Defaults to global with a + fully specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + --location=LOCATION + ID of the location or fully qualified identifier for the location. + + To set the location attribute: + ▸ provide the argument --location on the command line; + ▸ Location of the Intercept Endpoint Group. Defaults to global. + +LIST COMMAND FLAGS + --filter=EXPRESSION + Apply a Boolean filter EXPRESSION to each resource item to be listed. + If the expression evaluates True, then that item is listed. For more + details and examples of filter expressions, run $ gcloud topic filters. + This flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --limit=LIMIT + Maximum number of resources to list. The default is unlimited. This + flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --page-size=PAGE_SIZE + Some services group resource list output into pages. This flag + specifies the maximum number of resources per page. The default is + determined by the service if it supports paging, otherwise it is + unlimited (no paging). Paging may be applied before or after --filter + and --limit depending on the service. + + --sort-by=[FIELD,...] + Comma-separated list of resource field key names to sort by. The + default order is ascending. Prefix a field with ``~'' for descending + order on that field. This flag interacts with other flags that are + applied in this order: --flatten, --sort-by, --filter, --limit. + + --uri + Print a list of resource URIs instead of the default output, and change + the command output to a list of URIs. If this flag is used with + --format, the formatting is applied on this URI list. To display URIs + alongside other keys instead, use the uri() transform. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in alpha and might change without notice. If this + command fails with API permission errors despite specifying the correct + project, you might be trying to access an API with an invitation-only early + access allowlist. This variant is also available: + + $ gcloud beta network-security intercept-endpoint-groups list + diff --git a/gcloud/alpha/network-security/intercept-endpoint-groups/update b/gcloud/alpha/network-security/intercept-endpoint-groups/update new file mode 100644 index 000000000..de09c2b33 --- /dev/null +++ b/gcloud/alpha/network-security/intercept-endpoint-groups/update @@ -0,0 +1,127 @@ +NAME + gcloud alpha network-security intercept-endpoint-groups update - update a + Intercept Endpoint Group + +SYNOPSIS + gcloud alpha network-security intercept-endpoint-groups update + (INTERCEPT_ENDPOINT_GROUP : --location=LOCATION) [--async] + [--max-wait=MAX_WAIT; default="20m"] [--update-labels=[KEY=VALUE,...]] + [--clear-labels | --remove-labels=[KEY,...]] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (ALPHA) Update a intercept endpoint groups. Check the progress of endpoint + group update by using gcloud network-security intercept-endpoint-groups + list. + + For examples refer to the EXAMPLES section below. + +EXAMPLES + To update labels k1 and k2, run: + + $ gcloud alpha network-security intercept-endpoint-groups update \ + my-endpoint-group --project=my-project \ + --location=us-central1-a --update-labels=k1=v1,k2=v2 + + To remove labels k3 and k4, run: + + $ gcloud alpha network-security intercept-endpoint-groups update \ + my-endpoint-group --project=my-project \ + --location=us-central1-a --remove-labels=k3,k4 + + To clear all labels from the intercept endpoint group, run: + + $ gcloud alpha network-security intercept-endpoint-groups update \ + my-endpoint-group --project=my-project \ + --location=us-central1-a --clear-labels + +POSITIONAL ARGUMENTS + Intercept endpoint group resource - Intercept Endpoint Group. The + arguments in this group can be used to specify the attributes of this + resource. (NOTE) Some attributes are not given arguments in this group but + can be set in other ways. + + To set the project attribute: + ◆ provide the argument INTERCEPT_ENDPOINT_GROUP on the command line + with a fully specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + INTERCEPT_ENDPOINT_GROUP + ID of the intercept endpoint group or fully qualified identifier for + the intercept endpoint group. + + To set the endpoint-group-id attribute: + ▸ provide the argument INTERCEPT_ENDPOINT_GROUP on the command + line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + Location of the intercept endpoint group. + + To set the location attribute: + ▸ provide the argument INTERCEPT_ENDPOINT_GROUP on the command line + with a fully specified name; + ▸ provide the argument --location on the command line. + +FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. The default is True. Enabled by default, use --no-async to + disable. + + --max-wait=MAX_WAIT; default="20m" + Time to synchronously wait for the operation to complete, after which + the operation continues asynchronously. Ignored if --no-async isn't + specified. See $ gcloud topic datetimes for information on time + formats. + + --update-labels=[KEY=VALUE,...] + List of label KEY=VALUE pairs to update. If a label exists, its value + is modified. Otherwise, a new label is created. + + Keys must start with a lowercase character and contain only hyphens + (-), underscores (_), lowercase characters, and numbers. Values must + contain only hyphens (-), underscores (_), lowercase characters, and + numbers. + + At most one of these can be specified: + + --clear-labels + Remove all labels. If --update-labels is also specified then + --clear-labels is applied first. + + For example, to remove all labels: + + $ gcloud alpha network-security intercept-endpoint-groups update \ + --clear-labels + + To remove all existing labels and create two new labels, foo and baz: + + $ gcloud alpha network-security intercept-endpoint-groups update \ + --clear-labels --update-labels foo=bar,baz=qux + + --remove-labels=[KEY,...] + List of label keys to remove. If a label does not exist it is + silently ignored. If --update-labels is also specified then + --update-labels is applied first. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in alpha and might change without notice. If this + command fails with API permission errors despite specifying the correct + project, you might be trying to access an API with an invitation-only early + access allowlist. This variant is also available: + + $ gcloud beta network-security intercept-endpoint-groups update + diff --git a/gcloud/alpha/network-security/security-profiles/describe b/gcloud/alpha/network-security/security-profiles/describe new file mode 100644 index 000000000..01033500a --- /dev/null +++ b/gcloud/alpha/network-security/security-profiles/describe @@ -0,0 +1,70 @@ +NAME + gcloud alpha network-security security-profiles describe - describe a + Security Profile + +SYNOPSIS + gcloud alpha network-security security-profiles describe + (SECURITY_PROFILE : --location=LOCATION --organization=ORGANIZATION) + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (ALPHA) Show details of a Security Profile. + +EXAMPLES + To show details of a Security Profile named my-security-profile run: + + $ gcloud alpha network-security security-profiles describe \ + my-security-profile --organization=1234 --location=global + +POSITIONAL ARGUMENTS + Security profile resource - Name of the Security Profile to be described. + The arguments in this group can be used to specify the attributes of this + resource. + + This must be specified. + + SECURITY_PROFILE + ID of the security_profile or fully qualified identifier for the + security_profile. + + To set the security_profile attribute: + ▸ provide the argument security_profile on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + Location ID of the resource. + + To set the location attribute: + ▸ provide the argument security_profile on the command line with a + fully specified name; + ▸ provide the argument --location on the command line; + ▸ use default global location . + + --organization=ORGANIZATION + Organization number. + + To set the organization attribute: + ▸ provide the argument security_profile on the command line with a + fully specified name; + ▸ provide the argument --organization on the command line. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +API REFERENCE + This command uses the networksecurity/v1alpha1 API. The full documentation + for this API can be found at: https://cloud.google.com/networking + +NOTES + This command is currently in alpha and might change without notice. If this + command fails with API permission errors despite specifying the correct + project, you might be trying to access an API with an invitation-only early + access allowlist. + diff --git a/gcloud/alpha/network-security/security-profiles/help b/gcloud/alpha/network-security/security-profiles/help index 513e0b277..5a326d749 100644 --- a/gcloud/alpha/network-security/security-profiles/help +++ b/gcloud/alpha/network-security/security-profiles/help @@ -3,7 +3,7 @@ NAME Security Profiles SYNOPSIS - gcloud alpha network-security security-profiles GROUP + gcloud alpha network-security security-profiles GROUP | COMMAND [GCLOUD_WIDE_FLAG ...] DESCRIPTION @@ -23,6 +23,12 @@ GROUPS threat-prevention (ALPHA) Manage Security Profiles - Threat Prevention Profile. +COMMANDS + COMMAND is one of the following: + + describe + (ALPHA) Describe a Security Profile. + NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct diff --git a/gcloud/alpha/redis/clusters/backups/list b/gcloud/alpha/redis/clusters/backups/list index dc08e9966..d51cbca5d 100644 --- a/gcloud/alpha/redis/clusters/backups/list +++ b/gcloud/alpha/redis/clusters/backups/list @@ -4,7 +4,7 @@ NAME SYNOPSIS gcloud alpha redis clusters backups list - (--backup_collection=BACKUP_COLLECTION : --region=REGION) + (--backup-collection=BACKUP_COLLECTION : --region=REGION) [--filter=EXPRESSION] [--limit=LIMIT] [--page-size=PAGE_SIZE] [--sort-by=[FIELD,...]] [--uri] [GCLOUD_WIDE_FLAG ...] @@ -17,7 +17,7 @@ EXAMPLES To list up to 5 backups in the us-central1 region, run: $ gcloud alpha redis clusters backups list \ - --backup_collection=my-collection --region=us-central1 --limit=5 + --backup-collection=my-collection --region=us-central1 --limit=5 REQUIRED FLAGS Backup collection resource - The backup collection of the backups to @@ -26,19 +26,19 @@ REQUIRED FLAGS group but can be set in other ways. To set the project attribute: - ◆ provide the argument --backup_collection on the command line with a + ◆ provide the argument --backup-collection on the command line with a fully specified name; ◆ provide the argument --project on the command line; ◆ set the property core/project. This must be specified. - --backup_collection=BACKUP_COLLECTION + --backup-collection=BACKUP_COLLECTION ID of the backup collection or fully qualified identifier for the backup collection. - To set the backup_collection attribute: - ▸ provide the argument --backup_collection on the command line. + To set the backup-collection attribute: + ▸ provide the argument --backup-collection on the command line. This flag argument must be specified if any of the other arguments in this group are specified. @@ -48,7 +48,7 @@ REQUIRED FLAGS default redis/region property value for this command invocation. To set the region attribute: - ▸ provide the argument --backup_collection on the command line with + ▸ provide the argument --backup-collection on the command line with a fully specified name; ▸ provide the argument --region on the command line; ▸ set the property redis/region. diff --git a/gcloud/alpha/redis/clusters/create b/gcloud/alpha/redis/clusters/create index 617160676..54bf0dbcd 100644 --- a/gcloud/alpha/redis/clusters/create +++ b/gcloud/alpha/redis/clusters/create @@ -5,6 +5,9 @@ NAME SYNOPSIS gcloud alpha redis clusters create (CLUSTER : --region=REGION) [--aof-append-fsync=AOF_APPEND_FSYNC] [--async] [--auth-mode=AUTH_MODE] + [--automated-backup-mode=AUTOMATED_BACKUP_MODE] + [--automated-backup-start-time=AUTOMATED_BACKUP_START_TIME] + [--automated-backup-ttl=AUTOMATED_BACKUP_TTL] [--cross-cluster-replication-role=CROSS_CLUSTER_REPLICATION_ROLE] [--deletion-protection] [--maintenance-window-day=MAINTENANCE_WINDOW_DAY] @@ -111,6 +114,25 @@ FLAGS iam-auth IAM basic authorization is enabled for the cluster. + --automated-backup-mode=AUTOMATED_BACKUP_MODE + Automated backup mode. AUTOMATED_BACKUP_MODE must be one of: + + disabled + (default) Automated backup is disabled. + + enabled + Automated backup is enabled. + + --automated-backup-start-time=AUTOMATED_BACKUP_START_TIME + One-hour window when you want automated-backup operations to start. + Specify the time in the format HH:00 on a 24-hour cycle in UTC time. + + --automated-backup-ttl=AUTOMATED_BACKUP_TTL + Time to live for automated backups. A backup will be deleted + automatically after the TTL is reached. It ranges from 1 day to 365 + days. For example, "10d" for 10 days. If not specified, the default + value is 35 days. + --cross-cluster-replication-role=CROSS_CLUSTER_REPLICATION_ROLE The role of the cluster in cross cluster replication. CROSS_CLUSTER_REPLICATION_ROLE must be (only one value is supported): @@ -219,11 +241,11 @@ FLAGS At most one of these can be specified: --import-gcs-object-uris=[IMPORT_GCS_OBJECT_URIS,...] - The URIs of Google Cloud Storage objects to import from. For example, + URIs of Google Cloud Storage objects to import from. For example, gs://bucket/folder/file1.rdb,gs://bucket/folder/file2.rdb. --import-managed-backup=IMPORT_MANAGED_BACKUP - The managed backup to import from. For example, + Managed backup to import from. For example, projects/PROJECT_ID/locations/REGION/backupCollections/BACKUP_COLLECTION_ID/backups/BACKUP_ID. GCLOUD WIDE FLAGS diff --git a/gcloud/alpha/redis/clusters/update b/gcloud/alpha/redis/clusters/update index a1e619e83..ad6f5e5aa 100644 --- a/gcloud/alpha/redis/clusters/update +++ b/gcloud/alpha/redis/clusters/update @@ -4,7 +4,10 @@ NAME SYNOPSIS gcloud alpha redis clusters update (CLUSTER : --region=REGION) - [--aof-append-fsync=AOF_APPEND_FSYNC] [--async] [--deletion-protection] + [--aof-append-fsync=AOF_APPEND_FSYNC] [--async] + [--automated-backup-mode=AUTOMATED_BACKUP_MODE] + [--automated-backup-start-time=AUTOMATED_BACKUP_START_TIME] + [--automated-backup-ttl=AUTOMATED_BACKUP_TTL] [--deletion-protection] [--persistence-mode=PERSISTENCE_MODE] [--rdb-snapshot-period=RDB_SNAPSHOT_PERIOD] [--rdb-snapshot-start-time=RDB_SNAPSHOT_START_TIME] @@ -80,6 +83,25 @@ FLAGS Return immediately, without waiting for the operation in progress to complete. + --automated-backup-mode=AUTOMATED_BACKUP_MODE + Automated backup mode. AUTOMATED_BACKUP_MODE must be one of: + + disabled + (default) Automated backup is disabled. + + enabled + Automated backup is enabled. + + --automated-backup-start-time=AUTOMATED_BACKUP_START_TIME + One-hour window when you want automated-backup operations to start. + Specify the time in the format HH:00 on a 24-hour cycle in UTC time. + + --automated-backup-ttl=AUTOMATED_BACKUP_TTL + Time to live for automated backups. A backup will be deleted + automatically after the TTL is reached. It ranges from 1 day to 365 + days. For example, "10d" for 10 days. If not specified, the default + value is 35 days. + --deletion-protection Enable deletion protection for the Redis Cluster. Use --deletion-protection/--no-deletion-protection to enable/disable it. diff --git a/gcloud/alpha/resource-manager/tags/keys/create b/gcloud/alpha/resource-manager/tags/keys/create index 247676809..c27272ee6 100644 --- a/gcloud/alpha/resource-manager/tags/keys/create +++ b/gcloud/alpha/resource-manager/tags/keys/create @@ -5,7 +5,8 @@ NAME SYNOPSIS gcloud alpha resource-manager tags keys create (SHORT_NAME --parent=PARENT) [--async] [--description=DESCRIPTION] [--purpose=PURPOSE] - [--purpose-data=[network=NETWORK]] [GCLOUD_WIDE_FLAG ...] + [--purpose-data=[organization],[network=NETWORK]] + [GCLOUD_WIDE_FLAG ...] EXAMPLES To create a TagKey with the name env under 'organizations/123' with @@ -49,7 +50,7 @@ FLAGS that corresponds to the purpose. PURPOSE must be one of: GCE_FIREWALL, DATA_GOVERNANCE. - --purpose-data=[network=NETWORK] + --purpose-data=[organization],[network=NETWORK] Purpose data of the TagKey that can only be set on creation. This data is validated by the policy system that corresponds to the purpose. diff --git a/gcloud/alpha/run/deploy b/gcloud/alpha/run/deploy index b2a92c71d..ddc2818f6 100644 --- a/gcloud/alpha/run/deploy +++ b/gcloud/alpha/run/deploy @@ -3,24 +3,21 @@ NAME SYNOPSIS gcloud alpha run deploy [[SERVICE] --namespace=NAMESPACE] - [--[no-]allow-unauthenticated] [--async] [--breakglass=JUSTIFICATION] - [--clear-vpc-connector] [--concurrency=CONCURRENCY] - [--container=CONTAINER] [--[no-]cpu-boost] [--[no-]cpu-throttling] - [--[no-]default-url] [--delegate-builds] [--[no-]deploy-health-check] - [--description=DESCRIPTION] + [--[no-]allow-unauthenticated] [--[no-]allow-unencrypted-build] + [--async] [--breakglass=JUSTIFICATION] [--clear-vpc-connector] + [--concurrency=CONCURRENCY] [--container=CONTAINER] [--[no-]cpu-boost] + [--[no-]cpu-throttling] [--[no-]default-url] [--delegate-builds] + [--[no-]deploy-health-check] [--description=DESCRIPTION] [--execution-environment=EXECUTION_ENVIRONMENT] [--ingress=INGRESS; default="all"] [--[no-]invoker-iam-check] - [--max-instances=MAX_INSTANCES] [--max-surge=MAX_SURGE] - [--max-unavailable=MAX_UNAVAILABLE] [--mesh=MESH] + [--max=MAX] [--max-instances=MAX_INSTANCES] [--max-surge=MAX_SURGE] + [--max-unavailable=MAX_UNAVAILABLE] [--mesh=MESH] [--min=MIN] [--min-instances=MIN_INSTANCES] [--region=REGION] [--remove-containers=[CONTAINER,...]] [--revision-suffix=REVISION_SUFFIX] [--scaling=SCALING] - [--service-account=SERVICE_ACCOUNT] - [--service-max-instances=SERVICE_MAX_INSTANCES] - [--service-min-instances=SERVICE_MIN_INSTANCES] - [--[no-]session-affinity] [--tag=TAG] [--timeout=TIMEOUT] - [--no-traffic] [--vpc-connector=VPC_CONNECTOR] - [--vpc-egress=VPC_EGRESS] + [--service-account=SERVICE_ACCOUNT] [--[no-]session-affinity] + [--tag=TAG] [--timeout=TIMEOUT] [--no-traffic] + [--vpc-connector=VPC_CONNECTOR] [--vpc-egress=VPC_EGRESS] [--add-cloudsql-instances=[CLOUDSQL-INSTANCES,...] | --clear-cloudsql-instances | --remove-cloudsql-instances=[CLOUDSQL-INSTANCES,...] @@ -119,6 +116,12 @@ FLAGS may take a few moments to take effect. Use --allow-unauthenticated to enable and --no-allow-unauthenticated to disable. + --[no-]allow-unencrypted-build + Whether to allow customer-managed encryption key (CMEK) deployments + without encrypting the build process. This means that only the deployed + container will be encrypted. Use --allow-unencrypted-build to enable + and --no-allow-unencrypted-build to disable. + --async Return immediately, without waiting for the operation in progress to complete. @@ -209,6 +212,12 @@ FLAGS Use --invoker-iam-check to enable and --no-invoker-iam-check to disable. + --max=MAX + The maximum number of container instances for this Service to run. This + instance limit will be divided among all Revisions receiving a + percentage of traffic. Once service-max-instances is enabled for a + service, it cannot be disabled. + --max-instances=MAX_INSTANCES The maximum number of container instances of the Service to run. Use 'default' to unset the limit and use the platform default. @@ -228,6 +237,11 @@ FLAGS resource name must be in the format of projects/PROJECT/locations/global/meshes/MESH_NAME. + --min=MIN + The minimum number of container instances for this Service to run or + 'default' to remove any minimum. These instances will be divided among + all Revisions receiving a percentage of traffic. + --min-instances=MIN_INSTANCES The minimum number of container instances for this Revision of the Service to run or 'default' to remove any minimum. @@ -256,17 +270,6 @@ FLAGS revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. - --service-max-instances=SERVICE_MAX_INSTANCES - The maximum number of container instances for this Service to run. This - instance limit will be divided among all Revisions receiving a - percentage of traffic. Once service-max-instances is enabled for a - service, it cannot be disabled. - - --service-min-instances=SERVICE_MIN_INSTANCES - The minimum number of container instances for this Service to run or - 'default' to remove any minimum. These instances will be divided among - all Revisions receiving a percentage of traffic. - --[no-]session-affinity Whether to enable session affinity for connections to the service. Use --session-affinity to enable and --no-session-affinity to disable. diff --git a/gcloud/alpha/run/jobs/execute b/gcloud/alpha/run/jobs/execute index bbc0f9b5a..c448a50f2 100644 --- a/gcloud/alpha/run/jobs/execute +++ b/gcloud/alpha/run/jobs/execute @@ -2,9 +2,9 @@ NAME gcloud alpha run jobs execute - execute a job SYNOPSIS - gcloud alpha run jobs execute [JOB] [--args=[ARG,...]] [--region=REGION] - [--task-timeout=TASK_TIMEOUT] [--tasks=TASKS] - [--update-env-vars=[KEY=VALUE,...]] [--async | --wait] + gcloud alpha run jobs execute [JOB] [--container=CONTAINER] + [--region=REGION] [--task-timeout=TASK_TIMEOUT] [--tasks=TASKS] + [--args=[ARG,...] --update-env-vars=[KEY=VALUE,...]] [--async | --wait] [GCLOUD_WIDE_FLAG ...] DESCRIPTION @@ -36,10 +36,9 @@ POSITIONAL ARGUMENTS ▸ specify the job name from an interactive prompt. FLAGS - --args=[ARG,...] - Comma-separated arguments passed to the command run by the container - image. If provided, an execution will be created with the input values. - Otherwise, the existing arguments of the job are used. + --container=CONTAINER + Specifies a container by name. Flags following --container will apply + to the specified container. --region=REGION Region in which the resource can be found. Alternatively, set the @@ -60,12 +59,23 @@ FLAGS considered done. If provided, an execution will be created with this value. Otherwise the existing task count of the job is used. - --update-env-vars=[KEY=VALUE,...] - List of key-value pairs to set as environment variables overrides for - an execution of a job. If provided, an execution will be created with - the merge result of the input values and the existing environment - variables. New value overrides existing value if they have the same - key. If not provided, existing environment variables are used. + Container Flags + + If the --container is specified the following arguments may only be specified after a --container flag. + + --args=[ARG,...] + Comma-separated arguments passed to the command run by the + container image. If provided, an execution will be created with the + input values. Otherwise, the existing arguments of the job are + used. + + --update-env-vars=[KEY=VALUE,...] + List of key-value pairs to set as environment variables overrides + for an execution of a job. If provided, an execution will be + created with the merge result of the input values and the existing + environment variables. New value overrides existing value if they + have the same key. If not provided, existing environment variables + are used. At most one of these can be specified: diff --git a/gcloud/alpha/run/multi-region-services/update b/gcloud/alpha/run/multi-region-services/update index f8b7f8dd0..762eabbb4 100644 --- a/gcloud/alpha/run/multi-region-services/update +++ b/gcloud/alpha/run/multi-region-services/update @@ -12,17 +12,14 @@ SYNOPSIS [--[no-]deploy-health-check] [--description=DESCRIPTION] [--execution-environment=EXECUTION_ENVIRONMENT] [--ingress=INGRESS; default="all"] [--[no-]invoker-iam-check] - [--max-instances=MAX_INSTANCES] [--max-surge=MAX_SURGE] - [--max-unavailable=MAX_UNAVAILABLE] [--mesh=MESH] + [--max=MAX] [--max-instances=MAX_INSTANCES] [--max-surge=MAX_SURGE] + [--max-unavailable=MAX_UNAVAILABLE] [--mesh=MESH] [--min=MIN] [--min-instances=MIN_INSTANCES] [--region=REGION] [--remove-containers=[CONTAINER,...]] [--revision-suffix=REVISION_SUFFIX] [--scaling=SCALING] - [--service-account=SERVICE_ACCOUNT] - [--service-max-instances=SERVICE_MAX_INSTANCES] - [--service-min-instances=SERVICE_MIN_INSTANCES] - [--[no-]session-affinity] [--tag=TAG] [--timeout=TIMEOUT] - [--no-traffic] [--vpc-connector=VPC_CONNECTOR] - [--vpc-egress=VPC_EGRESS] + [--service-account=SERVICE_ACCOUNT] [--[no-]session-affinity] + [--tag=TAG] [--timeout=TIMEOUT] [--no-traffic] + [--vpc-connector=VPC_CONNECTOR] [--vpc-egress=VPC_EGRESS] [--add-cloudsql-instances=[CLOUDSQL-INSTANCES,...] | --clear-cloudsql-instances | --remove-cloudsql-instances=[CLOUDSQL-INSTANCES,...] @@ -182,6 +179,12 @@ FLAGS Use --invoker-iam-check to enable and --no-invoker-iam-check to disable. + --max=MAX + The maximum number of container instances for this Service to run. This + instance limit will be divided among all Revisions receiving a + percentage of traffic. Once service-max-instances is enabled for a + service, it cannot be disabled. + --max-instances=MAX_INSTANCES The maximum number of container instances of the Service to run. Use 'default' to unset the limit and use the platform default. @@ -201,6 +204,11 @@ FLAGS resource name must be in the format of projects/PROJECT/locations/global/meshes/MESH_NAME. + --min=MIN + The minimum number of container instances for this Service to run or + 'default' to remove any minimum. These instances will be divided among + all Revisions receiving a percentage of traffic. + --min-instances=MIN_INSTANCES The minimum number of container instances for this Revision of the Service to run or 'default' to remove any minimum. @@ -229,17 +237,6 @@ FLAGS revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. - --service-max-instances=SERVICE_MAX_INSTANCES - The maximum number of container instances for this Service to run. This - instance limit will be divided among all Revisions receiving a - percentage of traffic. Once service-max-instances is enabled for a - service, it cannot be disabled. - - --service-min-instances=SERVICE_MIN_INSTANCES - The minimum number of container instances for this Service to run or - 'default' to remove any minimum. These instances will be divided among - all Revisions receiving a percentage of traffic. - --[no-]session-affinity Whether to enable session affinity for connections to the service. Use --session-affinity to enable and --no-session-affinity to disable. diff --git a/gcloud/alpha/run/services/update b/gcloud/alpha/run/services/update index 211a19adf..0c428558d 100644 --- a/gcloud/alpha/run/services/update +++ b/gcloud/alpha/run/services/update @@ -10,17 +10,14 @@ SYNOPSIS [--[no-]deploy-health-check] [--description=DESCRIPTION] [--execution-environment=EXECUTION_ENVIRONMENT] [--ingress=INGRESS; default="all"] [--[no-]invoker-iam-check] - [--max-instances=MAX_INSTANCES] [--max-surge=MAX_SURGE] - [--max-unavailable=MAX_UNAVAILABLE] [--mesh=MESH] + [--max=MAX] [--max-instances=MAX_INSTANCES] [--max-surge=MAX_SURGE] + [--max-unavailable=MAX_UNAVAILABLE] [--mesh=MESH] [--min=MIN] [--min-instances=MIN_INSTANCES] [--region=REGION] [--remove-containers=[CONTAINER,...]] [--revision-suffix=REVISION_SUFFIX] [--scaling=SCALING] - [--service-account=SERVICE_ACCOUNT] - [--service-max-instances=SERVICE_MAX_INSTANCES] - [--service-min-instances=SERVICE_MIN_INSTANCES] - [--[no-]session-affinity] [--tag=TAG] [--timeout=TIMEOUT] - [--no-traffic] [--vpc-connector=VPC_CONNECTOR] - [--vpc-egress=VPC_EGRESS] + [--service-account=SERVICE_ACCOUNT] [--[no-]session-affinity] + [--tag=TAG] [--timeout=TIMEOUT] [--no-traffic] + [--vpc-connector=VPC_CONNECTOR] [--vpc-egress=VPC_EGRESS] [--add-cloudsql-instances=[CLOUDSQL-INSTANCES,...] | --clear-cloudsql-instances | --remove-cloudsql-instances=[CLOUDSQL-INSTANCES,...] @@ -183,6 +180,12 @@ FLAGS Use --invoker-iam-check to enable and --no-invoker-iam-check to disable. + --max=MAX + The maximum number of container instances for this Service to run. This + instance limit will be divided among all Revisions receiving a + percentage of traffic. Once service-max-instances is enabled for a + service, it cannot be disabled. + --max-instances=MAX_INSTANCES The maximum number of container instances of the Service to run. Use 'default' to unset the limit and use the platform default. @@ -202,6 +205,11 @@ FLAGS resource name must be in the format of projects/PROJECT/locations/global/meshes/MESH_NAME. + --min=MIN + The minimum number of container instances for this Service to run or + 'default' to remove any minimum. These instances will be divided among + all Revisions receiving a percentage of traffic. + --min-instances=MIN_INSTANCES The minimum number of container instances for this Revision of the Service to run or 'default' to remove any minimum. @@ -230,17 +238,6 @@ FLAGS revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. - --service-max-instances=SERVICE_MAX_INSTANCES - The maximum number of container instances for this Service to run. This - instance limit will be divided among all Revisions receiving a - percentage of traffic. Once service-max-instances is enabled for a - service, it cannot be disabled. - - --service-min-instances=SERVICE_MIN_INSTANCES - The minimum number of container instances for this Service to run or - 'default' to remove any minimum. These instances will be divided among - all Revisions receiving a percentage of traffic. - --[no-]session-affinity Whether to enable session affinity for connections to the service. Use --session-affinity to enable and --no-session-affinity to disable. diff --git a/gcloud/alpha/source-manager/instances/create b/gcloud/alpha/source-manager/instances/create index 73470dd87..c8a55e245 100644 --- a/gcloud/alpha/source-manager/instances/create +++ b/gcloud/alpha/source-manager/instances/create @@ -4,8 +4,9 @@ NAME SYNOPSIS gcloud alpha source-manager instances create (INSTANCE : --region=REGION) - [--async] [--ca-pool=CA_POOL] [--is-private] [--kms-key=KMS_KEY] - [--max-wait=MAX_WAIT; default="60m"] [GCLOUD_WIDE_FLAG ...] + [--async] [--ca-pool=CA_POOL] [--enable-workforce-identity-federation] + [--is-private] [--kms-key=KMS_KEY] [--max-wait=MAX_WAIT; default="60m"] + [GCLOUD_WIDE_FLAG ...] DESCRIPTION (ALPHA) Create a Secure Source Manager instance. @@ -64,6 +65,9 @@ FLAGS --ca-pool=CA_POOL CA Pool path for private instance. + --enable-workforce-identity-federation + Bool indicator for workforce identity federation instance. + --is-private Bool indicator for private instance. diff --git a/gcloud/alpha/sql/instances/create b/gcloud/alpha/sql/instances/create index 1a9b9a9f1..98a50febe 100644 --- a/gcloud/alpha/sql/instances/create +++ b/gcloud/alpha/sql/instances/create @@ -48,7 +48,8 @@ SYNOPSIS [--require-ssl] [--retained-backups-count=RETAINED_BACKUPS_COUNT] [--retained-transaction-log-days=RETAINED_TRANSACTION_LOG_DAYS] [--root-password=ROOT_PASSWORD] [--server-ca-mode=SERVER_CA_MODE] - [--ssl-mode=SSL_MODE] [--[no-]storage-auto-increase] + [--server-ca-pool=SERVER_CA_POOL] [--ssl-mode=SSL_MODE] + [--[no-]storage-auto-increase] [--storage-auto-increase-limit=STORAGE_AUTO_INCREASE_LIMIT] [--storage-size=STORAGE_SIZE] [--storage-type=STORAGE_TYPE] [--threads-per-core=THREADS_PER_CORE] [--tier=TIER, -t TIER] @@ -465,6 +466,9 @@ FLAGS GOOGLE_MANAGED_INTERNAL_CA Google-managed self-signed internal CA. + --server-ca-pool=SERVER_CA_POOL + Set the server CA pool of the instance. + --ssl-mode=SSL_MODE Set the SSL mode of the instance. SSL_MODE must be one of: diff --git a/gcloud/alpha/sql/ssl/server-certs/create b/gcloud/alpha/sql/ssl/server-certs/create index e8d1ec618..7a748cb91 100644 --- a/gcloud/alpha/sql/ssl/server-certs/create +++ b/gcloud/alpha/sql/ssl/server-certs/create @@ -30,7 +30,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud sql ssl server-certs create $ gcloud beta sql ssl server-certs create diff --git a/gcloud/alpha/sql/ssl/server-certs/help b/gcloud/alpha/sql/ssl/server-certs/help index d0022b1b7..377a2bf4b 100644 --- a/gcloud/alpha/sql/ssl/server-certs/help +++ b/gcloud/alpha/sql/ssl/server-certs/help @@ -36,7 +36,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud sql ssl server-certs $ gcloud beta sql ssl server-certs diff --git a/gcloud/alpha/sql/ssl/server-certs/list b/gcloud/alpha/sql/ssl/server-certs/list index ead86e39b..ec35521f2 100644 --- a/gcloud/alpha/sql/ssl/server-certs/list +++ b/gcloud/alpha/sql/ssl/server-certs/list @@ -58,7 +58,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud sql ssl server-certs list $ gcloud beta sql ssl server-certs list diff --git a/gcloud/alpha/sql/ssl/server-certs/rollback b/gcloud/alpha/sql/ssl/server-certs/rollback index 2def75318..3820993b5 100644 --- a/gcloud/alpha/sql/ssl/server-certs/rollback +++ b/gcloud/alpha/sql/ssl/server-certs/rollback @@ -31,7 +31,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud sql ssl server-certs rollback $ gcloud beta sql ssl server-certs rollback diff --git a/gcloud/alpha/sql/ssl/server-certs/rotate b/gcloud/alpha/sql/ssl/server-certs/rotate index a4ca08d47..748a937a4 100644 --- a/gcloud/alpha/sql/ssl/server-certs/rotate +++ b/gcloud/alpha/sql/ssl/server-certs/rotate @@ -30,7 +30,9 @@ NOTES This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early - access allowlist. This variant is also available: + access allowlist. These variants are also available: + + $ gcloud sql ssl server-certs rotate $ gcloud beta sql ssl server-certs rotate diff --git a/gcloud/alpha/storage/buckets/create b/gcloud/alpha/storage/buckets/create index ad93a9074..08449b0f5 100644 --- a/gcloud/alpha/storage/buckets/create +++ b/gcloud/alpha/storage/buckets/create @@ -96,7 +96,7 @@ FLAGS to disable. --placement=[REGION,...] - A comma-separated list of regions that form the custom [dual-region] + A comma-separated list of regions that form the custom dual-region (https://cloud.google.com/storage/docs/locations#location-dr). Only regions within the same continent are or will ever be valid. Invalid location pairs (such as mixed-continent, or with unsupported regions) diff --git a/gcloud/alpha/storage/buckets/relocate b/gcloud/alpha/storage/buckets/relocate index 042eeeaee..d8f3554d8 100644 --- a/gcloud/alpha/storage/buckets/relocate +++ b/gcloud/alpha/storage/buckets/relocate @@ -15,25 +15,25 @@ EXAMPLES To move a bucket (gs://my-bucket) to the us-central1 location, use the following command: - $ gcloud storage buckets relocate gs://my-bucket \ + $ gcloud alpha storage buckets relocate gs://my-bucket \ --location=us-central1 - To move a bucket to a custom Dual-region, use the following command: + To move a bucket to a custom dual-region, use the following command: - $ gcloud storage buckets relocate gs://my-bucket --location=us \ - --placement=us-central1,us-east1 + $ gcloud alpha storage buckets relocate gs://my-bucket \ + --location=us --placement=us-central1,us-east1 To validate the operation without actually moving the bucket, use the following command: - $ gcloud storage buckets relocate gs://my-bucket \ + $ gcloud alpha storage buckets relocate gs://my-bucket \ --location=us-central1 --dry-run To schedule a write lock for the move, with ttl for reverting the write lock after 7h, if the relocation has not succeeded, use the following command: - $ gcloud storage buckets relocate \ + $ gcloud alpha storage buckets relocate \ --operation=projects/_/buckets/my-bucket/operations/C894F35J \ --finalize --ttl=7h @@ -49,7 +49,7 @@ POSITIONAL ARGUMENTS arguments in this group are specified. --location=LOCATION - The final [location] + The final location (https://cloud.google.com/storage/docs/locations) where the bucket will be relocated to. If no location is provided, Cloud Storage will use the default location, which is us. @@ -58,8 +58,7 @@ POSITIONAL ARGUMENTS in this group are specified. --placement=[REGION,...] - A comma-separated list of regions that form the custom - [dual-region] + A comma-separated list of regions that form the custom dual-region (https://cloud.google.com/storage/docs/locations#location-dr). Only regions within the same continent are or will ever be valid. Invalid location pairs (such as mixed-continent, or with diff --git a/gcloud/artifacts/docker/upgrade/migrate b/gcloud/artifacts/docker/upgrade/migrate index ee489d1ce..ff137eae1 100644 --- a/gcloud/artifacts/docker/upgrade/migrate +++ b/gcloud/artifacts/docker/upgrade/migrate @@ -6,7 +6,8 @@ SYNOPSIS gcloud artifacts docker upgrade migrate [--canary-reads=PERCENT] [--copy-only] [--from-gcr=GCR_HOST/PROJECT_ID] [--last-uploaded-versions=N] [--max-threads=MAX_THREADS; default=8] - [--projects=PROJECTS] [--recent-images=NUM_DAYS] [--skip-iam-update] + [--pkg-dev-location=PKG_DEV_LOCATION] [--projects=PROJECTS] + [--recent-images=NUM_DAYS] [--skip-iam-update] [--to-pkg-dev=PROJECT_ID/REPOSITORY_ID] [GCLOUD_WIDE_FLAG ...] DESCRIPTION @@ -48,6 +49,12 @@ FLAGS Max number of images to copy simultaneously. Consider quota usage when increasing this + --pkg-dev-location=PKG_DEV_LOCATION + The location of the pkg-dev repository you are migrating to. If not + specified, migration is always done to the same multi-region as GCR. + Setting this flag can cause cross-regional copying and lead to billing + charges. + --projects=PROJECTS Comma seperated list of Container Registry projects to migrate to Artifact Registry gcr.io repositories. diff --git a/gcloud/artifacts/packages/delete b/gcloud/artifacts/packages/delete index 7c9f0eb40..7228236c3 100644 --- a/gcloud/artifacts/packages/delete +++ b/gcloud/artifacts/packages/delete @@ -17,7 +17,7 @@ EXAMPLES To delete a package named my-pkg under the current project, repository, and location, run: - $ gcloud artifacts packages delete my-repo + $ gcloud artifacts packages delete my-pkg POSITIONAL ARGUMENTS Package resource - The Artifact Registry package to delete. The arguments diff --git a/gcloud/beta/access-context-manager/perimeters/dry-run/update b/gcloud/beta/access-context-manager/perimeters/dry-run/update index 6e6914606..42830de62 100644 --- a/gcloud/beta/access-context-manager/perimeters/dry-run/update +++ b/gcloud/beta/access-context-manager/perimeters/dry-run/update @@ -4,7 +4,7 @@ NAME SYNOPSIS gcloud beta access-context-manager perimeters dry-run update - (PERIMETER : --policy=POLICY) [--async] + (PERIMETER : --policy=POLICY) [--async] [--etag=etag] [--add-access-levels=[ACCESS-LEVELS,...] | --clear-access-levels | --remove-access-levels=[ACCESS-LEVELS,...]] [--add-resources=[RESOURCES,...] | --clear-resources @@ -72,6 +72,14 @@ FLAGS Return immediately, without waiting for the operation in progress to complete. + --etag=etag + The etag for the version of the Access Policy that this operation is to + be performed on. If, at the time of the operation, the etag for the + Access Policy stored in Access Context Manager is different from the + specified etag, then the commit operation will not be performed and the + call will fail. If etag is not provided, the operation will be + performed as if a valid etag is provided. + These flags modify the member Access Level of this Service Perimeter. At most one of these can be specified: diff --git a/gcloud/beta/access-context-manager/perimeters/update b/gcloud/beta/access-context-manager/perimeters/update index 841090bbc..9f5ec494a 100644 --- a/gcloud/beta/access-context-manager/perimeters/update +++ b/gcloud/beta/access-context-manager/perimeters/update @@ -4,7 +4,7 @@ NAME SYNOPSIS gcloud beta access-context-manager perimeters update - (PERIMETER : --policy=POLICY) [--description=DESCRIPTION] + (PERIMETER : --policy=POLICY) [--description=DESCRIPTION] [--etag=etag] [--title=TITLE] [--type=TYPE] [--add-access-levels=[LEVEL,...] | --clear-access-levels | --remove-access-levels=[LEVEL,...] @@ -64,6 +64,14 @@ FLAGS --description=DESCRIPTION Long-form description of service perimeter. + --etag=etag + The etag for the version of the Access Policy that this operation is to + be performed on. If, at the time of the operation, the etag for the + Access Policy stored in Access Context Manager is different from the + specified etag, then the commit operation will not be performed and the + call will fail. If etag is not provided, the operation will be + performed as if a valid etag is provided. + --title=TITLE Short human-readable title of the service perimeter. diff --git a/gcloud/beta/alloydb/clusters/create-secondary b/gcloud/beta/alloydb/clusters/create-secondary index 0bd4c2b82..65b45a33a 100644 --- a/gcloud/beta/alloydb/clusters/create-secondary +++ b/gcloud/beta/alloydb/clusters/create-secondary @@ -6,6 +6,7 @@ SYNOPSIS gcloud beta alloydb clusters create-secondary CLUSTER --primary-cluster=PRIMARY_CLUSTER --region=REGION [--allocated-ip-range-name=ALLOCATED_IP_RANGE_NAME] [--async] + [--tags=[KEY=VALUE,...]] [--automated-backup-days-of-week=[DAYS_OF_WEEK,...] --automated-backup-start-times=[START_TIMES,...] --automated-backup-window=TIMEOUT_PERIOD --enable-automated-backup @@ -55,6 +56,12 @@ OPTIONAL FLAGS Return immediately, without waiting for the operation in progress to complete. + --tags=[KEY=VALUE,...] + List of tags KEY=VALUE pairs to bind. Each item must be expressed as + =. + + Example: 123/environment=production,123/costCenter=marketing + Automated backup policy. If unspecified, automated backups are copied from the associated primary cluster. diff --git a/gcloud/beta/alloydb/clusters/restore b/gcloud/beta/alloydb/clusters/restore index b77dbcf97..1be3f8efd 100644 --- a/gcloud/beta/alloydb/clusters/restore +++ b/gcloud/beta/alloydb/clusters/restore @@ -8,6 +8,7 @@ SYNOPSIS | --point-in-time=POINT_IN_TIME --source-cluster=SOURCE_CLUSTER) [--allocated-ip-range-name=ALLOCATED_IP_RANGE_NAME] [--async] [--enable-private-service-connect] [--network=NETWORK] + [--tags=[KEY=VALUE,...]] [--kms-key=KMS_KEY : --kms-keyring=KMS_KEYRING --kms-location=KMS_LOCATION --kms-project=KMS_PROJECT] [GCLOUD_WIDE_FLAG ...] @@ -91,6 +92,12 @@ OPTIONAL FLAGS testsharednetwork, this would be of the form:--network=projects/testproject/global/networks/testsharednetwork + --tags=[KEY=VALUE,...] + List of tags KEY=VALUE pairs to bind. Each item must be expressed as + =. + + Example: 123/environment=production,123/costCenter=marketing + Key resource - The Cloud KMS (Key Management Service) cryptokey that will be used to protect the cluster. The 'AlloyDB Service Agent' service account must hold permission 'Cloud KMS CryptoKey Encrypter/Decrypter'. diff --git a/gcloud/beta/artifacts/packages/delete b/gcloud/beta/artifacts/packages/delete index 8299945d4..c9fe5f00b 100644 --- a/gcloud/beta/artifacts/packages/delete +++ b/gcloud/beta/artifacts/packages/delete @@ -17,7 +17,7 @@ EXAMPLES To delete a package named my-pkg under the current project, repository, and location, run: - $ gcloud beta artifacts packages delete my-repo + $ gcloud beta artifacts packages delete my-pkg POSITIONAL ARGUMENTS Package resource - The Artifact Registry package to delete. The arguments diff --git a/gcloud/beta/bigtable/app-profiles/create b/gcloud/beta/bigtable/app-profiles/create index 87cc572eb..9c357f05f 100644 --- a/gcloud/beta/bigtable/app-profiles/create +++ b/gcloud/beta/bigtable/app-profiles/create @@ -5,7 +5,7 @@ NAME SYNOPSIS gcloud beta bigtable app-profiles create (APP_PROFILE : --instance=INSTANCE) - ([--route-any : --restrict-to=[RESTRICT_TO,...]] + ([--route-any : --restrict-to=[RESTRICT_TO,...] --row-affinity] | [--route-to=ROUTE_TO : --transactional-writes]) [--description=DESCRIPTION] [--force] [--data-boost @@ -46,6 +46,11 @@ EXAMPLES --instance=my-instance-id --data-boost \ --data-boost-compute-billing-owner=HOST_PAYS + To create an app profile with row-affinity routing enabled, run: + + $ gcloud beta bigtable app-profiles create my-app-profile-id \ + --instance=my-instance-id --route-any --row-affinity + POSITIONAL ARGUMENTS App profile resource - The app profile to create. The arguments in this group can be used to specify the attributes of this resource. (NOTE) Some @@ -93,6 +98,9 @@ REQUIRED FLAGS Cluster IDs to route to using the Multi Cluster Routing Policy. If unset, all clusters in the instance are eligible. + --row-affinity + Use row-affinity routing for this app profile. + Single Cluster Routing Policy --route-to=ROUTE_TO diff --git a/gcloud/beta/bigtable/app-profiles/update b/gcloud/beta/bigtable/app-profiles/update index fd0a6e906..89e0eb7fd 100644 --- a/gcloud/beta/bigtable/app-profiles/update +++ b/gcloud/beta/bigtable/app-profiles/update @@ -8,7 +8,7 @@ SYNOPSIS [--data-boost --data-boost-compute-billing-owner=DATA_BOOST_COMPUTE_BILLING_OWNER | [--priority=PRIORITY : --standard]] - [[--route-any : --restrict-to=[RESTRICT_TO,...]] + [[--route-any : --restrict-to=[RESTRICT_TO,...] --row-affinity] | [--route-to=ROUTE_TO : --transactional-writes]] [GCLOUD_WIDE_FLAG ...] @@ -45,6 +45,11 @@ EXAMPLES --instance=my-instance-id --data-boost \ --data-boost-compute-billing-owner=HOST_PAYS + To update an app profile to enable row-affinity routing, run: + + $ gcloud beta bigtable app-profiles update my-app-profile-id \ + --instance=my-instance-id --route-any --row-affinity + POSITIONAL ARGUMENTS App profile resource - The app profile to update. The arguments in this group can be used to specify the attributes of this resource. (NOTE) Some @@ -154,6 +159,9 @@ FLAGS Cluster IDs to route to using the Multi Cluster Routing Policy. If unset, all clusters in the instance are eligible. + --row-affinity + Use row-affinity routing for this app profile. + Single Cluster Routing Policy --route-to=ROUTE_TO diff --git a/gcloud/beta/bigtable/clusters/create b/gcloud/beta/bigtable/clusters/create index 8e7d152c6..8e6535ce1 100644 --- a/gcloud/beta/bigtable/clusters/create +++ b/gcloud/beta/bigtable/clusters/create @@ -4,6 +4,8 @@ NAME SYNOPSIS gcloud beta bigtable clusters create (CLUSTER : --instance=INSTANCE) --zone=ZONE [--async] + [--node-scaling-factor=NODE_SCALING_FACTOR; + default="node-scaling-factor-1x"] [--kms-key=KMS_KEY : --kms-keyring=KMS_KEYRING --kms-location=KMS_LOCATION --kms-project=KMS_PROJECT] [--num-nodes=NUM_NODES; default=3 @@ -69,6 +71,10 @@ OPTIONAL FLAGS Return immediately, without waiting for the operation in progress to complete. + --node-scaling-factor=NODE_SCALING_FACTOR; default="node-scaling-factor-1x" + Node scaling factor for the cluster. NODE_SCALING_FACTOR must be one + of: node-scaling-factor-1x, node-scaling-factor-2x. + Key resource - The Cloud KMS (Key Management Service) cryptokey that will be used to protect the cluster. The arguments in this group can be used to specify the attributes of this resource. diff --git a/gcloud/beta/bigtable/instances/create b/gcloud/beta/bigtable/instances/create index 50bf25a1c..927e98fc8 100644 --- a/gcloud/beta/bigtable/instances/create +++ b/gcloud/beta/bigtable/instances/create @@ -4,11 +4,12 @@ NAME SYNOPSIS gcloud beta bigtable instances create INSTANCE --display-name=DISPLAY_NAME [--async] [--cluster=CLUSTER] - [--cluster-config=[id=ID,zone=ZONE,nodes=NODES,kms-key=KMS_KEY, - autoscaling-min-nodes=AUTOSCALING_MIN_NODES, + [--cluster-config=[id=ID,zone=ZONE,[nodes=NODES], + [node-scaling-factor=NODE_SCALING_FACTOR],[kms-key=KMS_KEY], + [autoscaling-min-nodes=AUTOSCALING_MIN_NODES, autoscaling-max-nodes=AUTOSCALING_MAX_NODES, autoscaling-cpu-target=AUTOSCALING_CPU_TARGET, - autoscaling-storage-target=AUTOSCALING_STORAGE_TARGET,...]] + autoscaling-storage-target=AUTOSCALING_STORAGE_TARGET],...]] [--cluster-num-nodes=CLUSTER_NUM_NODES] [--cluster-storage-type=CLUSTER_STORAGE_TYPE; default="ssd"] [--cluster-zone=CLUSTER_ZONE] @@ -72,7 +73,7 @@ OPTIONAL FLAGS The --cluster argument is deprecated; use --cluster-config instead. - --cluster-config=[id=ID,zone=ZONE,nodes=NODES,kms-key=KMS_KEY,autoscaling-min-nodes=AUTOSCALING_MIN_NODES,autoscaling-max-nodes=AUTOSCALING_MAX_NODES,autoscaling-cpu-target=AUTOSCALING_CPU_TARGET,autoscaling-storage-target=AUTOSCALING_STORAGE_TARGET,...] + --cluster-config=[id=ID,zone=ZONE,[nodes=NODES],[node-scaling-factor=NODE_SCALING_FACTOR],[kms-key=KMS_KEY],[autoscaling-min-nodes=AUTOSCALING_MIN_NODES,autoscaling-max-nodes=AUTOSCALING_MAX_NODES,autoscaling-cpu-target=AUTOSCALING_CPU_TARGET,autoscaling-storage-target=AUTOSCALING_STORAGE_TARGET],...] Repeatable. Specify cluster config as a key-value dictionary. This is the recommended argument for specifying cluster configurations. @@ -85,6 +86,8 @@ OPTIONAL FLAGS *nodes*: The number of nodes in the cluster. Default=1. + *node-scaling-factor*: The node scaling factor for the cluster. Default=node-scaling-factor-1x. NODE_SCALING_FACTOR must be one of: node-scaling-factor-1x, node-scaling-factor-2x. + *kms-key*: The Cloud KMS (Key Management Service) cryptokey that will be used to protect the cluster. *autoscaling-min-nodes*: The minimum number of nodes for autoscaling. diff --git a/gcloud/beta/colab/runtimes/assign b/gcloud/beta/colab/runtimes/assign deleted file mode 100644 index f562dcc54..000000000 --- a/gcloud/beta/colab/runtimes/assign +++ /dev/null @@ -1,111 +0,0 @@ -NAME - gcloud beta colab runtimes assign - assign a notebook runtime - -SYNOPSIS - gcloud beta colab runtimes assign --display-name=DISPLAY_NAME - --runtime-template=RUNTIME_TEMPLATE [--async] - [--description=DESCRIPTION] [--labels=[KEY=VALUE,...]] - [--region=REGION] [--runtime-id=RUNTIME_ID] - [--runtime-user=RUNTIME_USER] [GCLOUD_WIDE_FLAG ...] - -DESCRIPTION - (BETA) (DEPRECATED) This command is deprecated. Please use gcloud beta - colab runtimes create instead. - - Assign a notebook runtime to run code from your notebook (IPYNB file). - -EXAMPLES - To create a runtime in region 'us-central1' with the display name - 'my-runtime' and template with id 'my-template', run: - - $ gcloud beta colab runtimes assign --region=us-central1 \ - --display-name=my-runtime --runtime-template=my-template - - To create a runtime for user 'USER@DOMAIN.COM', run: - - $ gcloud beta colab runtimes assign --runtime-user=USER@DOMAIN.COM \ - --region=us-central1 --display-name=my-runtime \ - --runtime-template=my-template - -REQUIRED FLAGS - --display-name=DISPLAY_NAME - The display name of the runtime to create. - - Runtime template resource - Unique name of the runtime template to - configure the runtime with. This was optionally provided by setting - --runtime-template-id in the create runtime-template command, or was - system-generated if unspecified. This represents a Cloud resource. (NOTE) - Some attributes are not given arguments in this group but can be set in - other ways. - - To set the project attribute: - ◆ provide the argument --runtime-template on the command line with a - fully specified name; - ◆ provide the argument --project on the command line; - ◆ set the property core/project. - - To set the region attribute: - ◆ provide the argument --runtime-template on the command line with a - fully specified name; - ◆ provide the argument --region on the command line; - ◆ set the property colab/region. - - This must be specified. - - --runtime-template=RUNTIME_TEMPLATE - ID of the runtime template or fully qualified identifier for the - runtime template. - - To set the name attribute: - ▸ provide the argument --runtime-template on the command line. - -OPTIONAL FLAGS - --async - Return immediately, without waiting for the operation in progress to - complete. - - --description=DESCRIPTION - The description - - --labels=[KEY=VALUE,...] - Add labels to identify and group the runtime template. - - Region resource - Cloud region to create runtime. Please see - https://cloud.google.com/colab/docs/locations for a list of supported - regions. This represents a Cloud resource. (NOTE) Some attributes are not - given arguments in this group but can be set in other ways. - - To set the project attribute: - ◆ provide the argument --region on the command line with a fully - specified name; - ◆ set the property colab/region with a fully specified name; - ◆ provide the argument --project on the command line; - ◆ set the property core/project. - - --region=REGION - ID of the region or fully qualified identifier for the region. - - To set the region attribute: - ▸ provide the argument --region on the command line; - ▸ set the property colab/region. - - --runtime-id=RUNTIME_ID - The id of the runtime to create. If not specified, a random id will be - generated. - - --runtime-user=RUNTIME_USER - User email for the runtime owner. Runtimes can only be used by the - owner. If a user is not provided, the gcloud user will be assumed to be - the owner. The user cannot be a service account. - -GCLOUD WIDE FLAGS - These flags are available to all commands: --access-token-file, --account, - --billing-project, --configuration, --flags-file, --flatten, --format, - --help, --impersonate-service-account, --log-http, --project, --quiet, - --trace-token, --user-output-enabled, --verbosity. - - Run $ gcloud help for details. - -NOTES - This command is currently in beta and might change without notice. - diff --git a/gcloud/beta/colab/runtimes/help b/gcloud/beta/colab/runtimes/help index 9c690032a..0abe2cb93 100644 --- a/gcloud/beta/colab/runtimes/help +++ b/gcloud/beta/colab/runtimes/help @@ -16,9 +16,6 @@ GCLOUD WIDE FLAGS COMMANDS COMMAND is one of the following: - assign - (BETA) (DEPRECATED) Assign a notebook runtime. - create (BETA) Create a notebook runtime. @@ -34,6 +31,9 @@ COMMANDS start (BETA) Start a stopped runtime. + stop + (BETA) Stop a runtime. + upgrade (BETA) Upgrade a runtime. diff --git a/gcloud/beta/colab/runtimes/stop b/gcloud/beta/colab/runtimes/stop new file mode 100644 index 000000000..5f70cad06 --- /dev/null +++ b/gcloud/beta/colab/runtimes/stop @@ -0,0 +1,67 @@ +NAME + gcloud beta colab runtimes stop - stop a runtime + +SYNOPSIS + gcloud beta colab runtimes stop (RUNTIME : --region=REGION) [--async] + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) Stop a Colab Enterprise notebook runtime. + +EXAMPLES + To stop a runtime with id my-runtime in region us-central1, run: + + $ gcloud beta colab runtimes stop my-runtime --region=us-central1 + +POSITIONAL ARGUMENTS + Runtime resource - Unique name of the runtime to stop. This was optionally + provided by setting --runtime-id in the create runtime command, or was + system-generated if unspecified. The arguments in this group can be used + to specify the attributes of this resource. (NOTE) Some attributes are not + given arguments in this group but can be set in other ways. + + To set the project attribute: + ◆ provide the argument runtime on the command line with a fully + specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + RUNTIME + ID of the runtime or fully qualified identifier for the runtime. + + To set the name attribute: + ▸ provide the argument runtime on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --region=REGION + Cloud region for the runtime. + + To set the region attribute: + ▸ provide the argument runtime on the command line with a fully + specified name; + ▸ provide the argument --region on the command line; + ▸ set the property colab/region. + +FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud colab runtimes stop + diff --git a/gcloud/beta/composer/environments/create b/gcloud/beta/composer/environments/create index f78c13f47..62564d385 100644 --- a/gcloud/beta/composer/environments/create +++ b/gcloud/beta/composer/environments/create @@ -319,6 +319,9 @@ FLAGS If not specified, cluster nodes will be assigned public IP addresses. + When used with Composer 3, disable internet connection from any + Composer component. + When used with Composer 1.x, cannot be specified unless --enable-ip-alias is also specified. @@ -440,7 +443,7 @@ FLAGS --disable-private-builds-only Builds performed during operations that install Python packages have - an access to the internet supported in Composer 3 or greater. + an access to the internet, supported in Composer 3 or greater. --enable-private-builds-only Builds performed during operations that install Python packages have @@ -643,7 +646,7 @@ FLAGS this group are specified. --subnetwork=SUBNETWORK - The Compute Engine subnetwork + The Compute Engine Subnetwork (https://cloud.google.com/compute/docs/subnetworks) to which the environment will be connected. diff --git a/gcloud/beta/composer/environments/list-workloads b/gcloud/beta/composer/environments/list-workloads index 9e42c2b3f..3780aea13 100644 --- a/gcloud/beta/composer/environments/list-workloads +++ b/gcloud/beta/composer/environments/list-workloads @@ -56,8 +56,10 @@ GCLOUD WIDE FLAGS Run $ gcloud help for details. NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud composer environments list-workloads $ gcloud alpha composer environments list-workloads diff --git a/gcloud/beta/composer/environments/update b/gcloud/beta/composer/environments/update index 62f2dcf42..9e2666a15 100644 --- a/gcloud/beta/composer/environments/update +++ b/gcloud/beta/composer/environments/update @@ -263,7 +263,7 @@ REQUIRED FLAGS --disable-private-builds-only Builds performed during operations that install Python packages - have an access to the internet supported in Composer 3 or greater. + have an access to the internet, supported in Composer 3 or greater. --enable-private-builds-only Builds performed during operations that install Python packages @@ -335,7 +335,7 @@ REQUIRED FLAGS arguments in this group are specified. --subnetwork=SUBNETWORK - The Compute Engine subnetwork + The Compute Engine Subnetwork (https://cloud.google.com/compute/docs/subnetworks) to which the environment will be connected. diff --git a/gcloud/beta/composer/environments/user-workloads-config-maps/create b/gcloud/beta/composer/environments/user-workloads-config-maps/create index 101c6c991..08465ac78 100644 --- a/gcloud/beta/composer/environments/user-workloads-config-maps/create +++ b/gcloud/beta/composer/environments/user-workloads-config-maps/create @@ -64,8 +64,10 @@ GCLOUD WIDE FLAGS Run $ gcloud help for details. NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud composer environments user-workloads-config-maps create $ gcloud alpha composer environments user-workloads-config-maps \ create diff --git a/gcloud/beta/composer/environments/user-workloads-config-maps/delete b/gcloud/beta/composer/environments/user-workloads-config-maps/delete index 0c970f5db..3d0260429 100644 --- a/gcloud/beta/composer/environments/user-workloads-config-maps/delete +++ b/gcloud/beta/composer/environments/user-workloads-config-maps/delete @@ -63,8 +63,10 @@ GCLOUD WIDE FLAGS Run $ gcloud help for details. NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud composer environments user-workloads-config-maps delete $ gcloud alpha composer environments user-workloads-config-maps \ delete diff --git a/gcloud/beta/composer/environments/user-workloads-config-maps/describe b/gcloud/beta/composer/environments/user-workloads-config-maps/describe index 1c660fe5e..eeee75dda 100644 --- a/gcloud/beta/composer/environments/user-workloads-config-maps/describe +++ b/gcloud/beta/composer/environments/user-workloads-config-maps/describe @@ -64,8 +64,10 @@ GCLOUD WIDE FLAGS Run $ gcloud help for details. NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud composer environments user-workloads-config-maps describe $ gcloud alpha composer environments user-workloads-config-maps \ describe diff --git a/gcloud/beta/composer/environments/user-workloads-config-maps/help b/gcloud/beta/composer/environments/user-workloads-config-maps/help index b3dcf0b25..b1c53bac4 100644 --- a/gcloud/beta/composer/environments/user-workloads-config-maps/help +++ b/gcloud/beta/composer/environments/user-workloads-config-maps/help @@ -35,8 +35,10 @@ COMMANDS (BETA) Update a user workloads ConfigMap. NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud composer environments user-workloads-config-maps $ gcloud alpha composer environments user-workloads-config-maps diff --git a/gcloud/beta/composer/environments/user-workloads-config-maps/list b/gcloud/beta/composer/environments/user-workloads-config-maps/list index e01c5f617..e90e288ac 100644 --- a/gcloud/beta/composer/environments/user-workloads-config-maps/list +++ b/gcloud/beta/composer/environments/user-workloads-config-maps/list @@ -59,8 +59,10 @@ GCLOUD WIDE FLAGS Run $ gcloud help for details. NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud composer environments user-workloads-config-maps list $ gcloud alpha composer environments user-workloads-config-maps list diff --git a/gcloud/beta/composer/environments/user-workloads-config-maps/update b/gcloud/beta/composer/environments/user-workloads-config-maps/update index c355eff2c..ebb1135d1 100644 --- a/gcloud/beta/composer/environments/user-workloads-config-maps/update +++ b/gcloud/beta/composer/environments/user-workloads-config-maps/update @@ -64,8 +64,10 @@ GCLOUD WIDE FLAGS Run $ gcloud help for details. NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud composer environments user-workloads-config-maps update $ gcloud alpha composer environments user-workloads-config-maps \ update diff --git a/gcloud/beta/composer/environments/user-workloads-secrets/create b/gcloud/beta/composer/environments/user-workloads-secrets/create index 2515dee2a..7609a9c55 100644 --- a/gcloud/beta/composer/environments/user-workloads-secrets/create +++ b/gcloud/beta/composer/environments/user-workloads-secrets/create @@ -63,8 +63,10 @@ GCLOUD WIDE FLAGS Run $ gcloud help for details. NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud composer environments user-workloads-secrets create $ gcloud alpha composer environments user-workloads-secrets create diff --git a/gcloud/beta/composer/environments/user-workloads-secrets/delete b/gcloud/beta/composer/environments/user-workloads-secrets/delete index 2225eaa65..d7cdab3d8 100644 --- a/gcloud/beta/composer/environments/user-workloads-secrets/delete +++ b/gcloud/beta/composer/environments/user-workloads-secrets/delete @@ -63,8 +63,10 @@ GCLOUD WIDE FLAGS Run $ gcloud help for details. NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud composer environments user-workloads-secrets delete $ gcloud alpha composer environments user-workloads-secrets delete diff --git a/gcloud/beta/composer/environments/user-workloads-secrets/describe b/gcloud/beta/composer/environments/user-workloads-secrets/describe index 39cc78783..e7ae85076 100644 --- a/gcloud/beta/composer/environments/user-workloads-secrets/describe +++ b/gcloud/beta/composer/environments/user-workloads-secrets/describe @@ -64,8 +64,10 @@ GCLOUD WIDE FLAGS Run $ gcloud help for details. NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud composer environments user-workloads-secrets describe $ gcloud alpha composer environments user-workloads-secrets describe diff --git a/gcloud/beta/composer/environments/user-workloads-secrets/help b/gcloud/beta/composer/environments/user-workloads-secrets/help index 15ba6a529..8132bb076 100644 --- a/gcloud/beta/composer/environments/user-workloads-secrets/help +++ b/gcloud/beta/composer/environments/user-workloads-secrets/help @@ -34,8 +34,10 @@ COMMANDS (BETA) Update a user workloads Secret. NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud composer environments user-workloads-secrets $ gcloud alpha composer environments user-workloads-secrets diff --git a/gcloud/beta/composer/environments/user-workloads-secrets/list b/gcloud/beta/composer/environments/user-workloads-secrets/list index 944d1c815..76d7001f9 100644 --- a/gcloud/beta/composer/environments/user-workloads-secrets/list +++ b/gcloud/beta/composer/environments/user-workloads-secrets/list @@ -59,8 +59,10 @@ GCLOUD WIDE FLAGS Run $ gcloud help for details. NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud composer environments user-workloads-secrets list $ gcloud alpha composer environments user-workloads-secrets list diff --git a/gcloud/beta/composer/environments/user-workloads-secrets/update b/gcloud/beta/composer/environments/user-workloads-secrets/update index 0cb00136c..3b325efed 100644 --- a/gcloud/beta/composer/environments/user-workloads-secrets/update +++ b/gcloud/beta/composer/environments/user-workloads-secrets/update @@ -63,8 +63,10 @@ GCLOUD WIDE FLAGS Run $ gcloud help for details. NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud composer environments user-workloads-secrets update $ gcloud alpha composer environments user-workloads-secrets update diff --git a/gcloud/beta/compute/backend-services/get-effective-security-policies b/gcloud/beta/compute/backend-services/get-effective-security-policies new file mode 100644 index 000000000..bbe5f893d --- /dev/null +++ b/gcloud/beta/compute/backend-services/get-effective-security-policies @@ -0,0 +1,106 @@ +NAME + gcloud beta compute backend-services get-effective-security-policies - get + the effective security policies of a Compute Engine backend service + +SYNOPSIS + gcloud beta compute backend-services get-effective-security-policies + BACKEND_SERVICE_NAME [NAME ...] [--regexp=REGEXP, -r REGEXP] + [--filter=EXPRESSION] [--limit=LIMIT] [--page-size=PAGE_SIZE] + [--sort-by=[FIELD,...]] [--uri] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) gcloud beta compute backend-services get-effective-security-policies + is used to get the effective security policies applied to the backend + service. + +EXAMPLES + To get the effective security policies of backend_service with name + example-backend_service, run: + + $ gcloud beta compute backend-services \ + get-effective-security-policies example-backend_service + + To show all fields of the security policy, please show in JSON format with + option --format=json + + To list more the fields of the effective security policy rules in table + format, run: + + $ gcloud beta compute backend-services \ + get-effective-security-policies example-backend_service \ + --format="table( + type, + security_policy_name, + priority, + description, + action, + preview, + expression, + src_ip_ranges.list():label=SRC_RANGES)" + +POSITIONAL ARGUMENTS + BACKEND_SERVICE_NAME + Name of the backend service to get effective security policies. + + [NAME ...] + (DEPRECATED) If provided, show details for the specified names and/or + URIs of resources. + + Argument NAME is deprecated. Use --filter="name=( 'NAME' ... )" + instead. + +FLAGS + --regexp=REGEXP, -r REGEXP + (DEPRECATED) Regular expression to filter the names of the results on. + Any names that do not match the entire regular expression will be + filtered out. + + Flag --regexp is deprecated. Use --filter="name~'REGEXP'" instead. + +LIST COMMAND FLAGS + --filter=EXPRESSION + Apply a Boolean filter EXPRESSION to each resource item to be listed. + If the expression evaluates True, then that item is listed. For more + details and examples of filter expressions, run $ gcloud topic filters. + This flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --limit=LIMIT + Maximum number of resources to list. The default is unlimited. This + flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --page-size=PAGE_SIZE + Some services group resource list output into pages. This flag + specifies the maximum number of resources per page. The default is + determined by the service if it supports paging, otherwise it is + unlimited (no paging). Paging may be applied before or after --filter + and --limit depending on the service. + + --sort-by=[FIELD,...] + Comma-separated list of resource field key names to sort by. The + default order is ascending. Prefix a field with ``~'' for descending + order on that field. This flag interacts with other flags that are + applied in this order: --flatten, --sort-by, --filter, --limit. + + --uri + Print a list of resource URIs instead of the default output, and change + the command output to a list of URIs. If this flag is used with + --format, the formatting is applied on this URI list. To display URIs + alongside other keys instead, use the uri() transform. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud alpha compute backend-services \ + get-effective-security-policies + diff --git a/gcloud/beta/compute/backend-services/help b/gcloud/beta/compute/backend-services/help index 5113c8105..3340b1bd3 100644 --- a/gcloud/beta/compute/backend-services/help +++ b/gcloud/beta/compute/backend-services/help @@ -55,6 +55,10 @@ COMMANDS export (BETA) Export a backend service. + get-effective-security-policies + (BETA) Get the effective security policies of a Compute Engine backend + service. + get-health (BETA) Get backend health statuses from a backend service. diff --git a/gcloud/beta/compute/commitments/create b/gcloud/beta/compute/commitments/create index 25ed9ae39..a82af3c17 100644 --- a/gcloud/beta/compute/commitments/create +++ b/gcloud/beta/compute/commitments/create @@ -112,7 +112,9 @@ OPTIONAL FLAGS general-purpose-c4, general-purpose-c4a, general-purpose-e2, general-purpose-n2, general-purpose-n2d, general-purpose-n4, general-purpose-t2d, graphics-optimized, memory-optimized, - memory-optimized-m3, storage-optimized-z3. + memory-optimized-m3, memory-optimized-x4-16tb, + memory-optimized-x4-24tb, memory-optimized-x4-32tb, + storage-optimized-z3. Manage the reservations to be created with the commitment. diff --git a/gcloud/beta/compute/firewall-policies/export-rules b/gcloud/beta/compute/firewall-policies/export-rules new file mode 100644 index 000000000..ced875221 --- /dev/null +++ b/gcloud/beta/compute/firewall-policies/export-rules @@ -0,0 +1,48 @@ +NAME + gcloud beta compute firewall-policies export-rules - export Compute Engine + organization firewall policy rules + +SYNOPSIS + gcloud beta compute firewall-policies export-rules FIREWALL_POLICY + [--destination=DESTINATION] [--organization=ORGANIZATION] + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) Exports Firewall Policy rules configuration to a file. + +EXAMPLES + Firewall Policy rules can be exported by running: + + $ gcloud beta compute firewall-policies export-rules \ + FIREWALL_POLICY --destination= \ + --organization= + +POSITIONAL ARGUMENTS + FIREWALL_POLICY + Short name or ID of the firewall policy to export rules from. + +FLAGS + --destination=DESTINATION + Path to a YAML file where the configuration will be exported. + Alternatively, you may omit this flag to write to standard output. For + a schema describing the export/import format, see: + $CLOUDSDKROOT/lib/googlecloudsdk/schemas/compute/beta/FirewallPolicy.yaml. + + --organization=ORGANIZATION + Organization in which the organization firewall policy rules export + from. Must be set if FIREWALL_POLICY is short name. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud alpha compute firewall-policies export-rules + diff --git a/gcloud/beta/compute/firewall-policies/help b/gcloud/beta/compute/firewall-policies/help index 10b5c1b25..0fc05876b 100644 --- a/gcloud/beta/compute/firewall-policies/help +++ b/gcloud/beta/compute/firewall-policies/help @@ -46,6 +46,12 @@ COMMANDS describe (BETA) Describe a Compute Engine organization firewall policy. + export-rules + (BETA) Export Compute Engine organization firewall policy rules. + + import-rules + (BETA) Import Compute Engine organization firewall policy rules. + list (BETA) List Compute Engine organization firewall policies. diff --git a/gcloud/beta/compute/firewall-policies/import-rules b/gcloud/beta/compute/firewall-policies/import-rules new file mode 100644 index 000000000..ea9caae00 --- /dev/null +++ b/gcloud/beta/compute/firewall-policies/import-rules @@ -0,0 +1,49 @@ +NAME + gcloud beta compute firewall-policies import-rules - import Compute Engine + organization firewall policy rules + +SYNOPSIS + gcloud beta compute firewall-policies import-rules FIREWALL_POLICY + [--organization=ORGANIZATION] [--source=SOURCE] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) Imports Firewall Policy rules configuration from a file. + +EXAMPLES + Firewall Policy rules can be imported by running: + + $ gcloud beta compute firewall-policies import-rules \ + FIREWALL_POLICY --source= \ + --organization= + +POSITIONAL ARGUMENTS + FIREWALL_POLICY + Short name or ID of the firewall policy to imports rules to. + +FLAGS + --organization=ORGANIZATION + Organization in which the organization firewall policy rules import to. + Must be set if FIREWALL_POLICY is short name. + + --source=SOURCE + Path to a YAML file containing configuration export data. + Alternatively, you may omit this flag to read from standard input.For a + schema describing the export/import format, see: + $CLOUDSDKROOT/lib/googlecloudsdk/schemas/compute/beta/FirewallPolicy.yaml. + + Note: $CLOUDSDKROOT represents the Google Cloud CLI's installation directory. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud alpha compute firewall-policies import-rules + diff --git a/gcloud/beta/compute/firewall-policies/rules/create b/gcloud/beta/compute/firewall-policies/rules/create index 3a66d1614..e04684007 100644 --- a/gcloud/beta/compute/firewall-policies/rules/create +++ b/gcloud/beta/compute/firewall-policies/rules/create @@ -66,8 +66,8 @@ OPTIONAL FLAGS --dest-network-scope=DEST_NETWORK_SCOPE Use this flag to indicate that the rule should match internet or non-internet traffic. It applies to destination traffic for egress - rules. Valid values are INTERNET, NON_INTERNET and INTRA_VPC. Use empty - string to clear the field. + rules. Valid values are INTERNET and NON_INTERNET. Use empty string to + clear the field. --dest-region-codes=[DEST_REGION_CODES,...] Destination Region Code to match for this rule. Can only be specified diff --git a/gcloud/beta/compute/firewall-policies/rules/update b/gcloud/beta/compute/firewall-policies/rules/update index 62b67aa0e..024affabe 100644 --- a/gcloud/beta/compute/firewall-policies/rules/update +++ b/gcloud/beta/compute/firewall-policies/rules/update @@ -69,8 +69,8 @@ OPTIONAL FLAGS --dest-network-scope=DEST_NETWORK_SCOPE Use this flag to indicate that the rule should match internet or non-internet traffic. It applies to destination traffic for egress - rules. Valid values are INTERNET, NON_INTERNET and INTRA_VPC. Use empty - string to clear the field. + rules. Valid values are INTERNET and NON_INTERNET. Use empty string to + clear the field. --dest-region-codes=[DEST_REGION_CODES,...] Destination Region Code to match for this rule. Can only be specified diff --git a/gcloud/beta/compute/instance-groups/managed/resize-requests/create b/gcloud/beta/compute/instance-groups/managed/resize-requests/create index e6127ab26..7fc7e4e9e 100644 --- a/gcloud/beta/compute/instance-groups/managed/resize-requests/create +++ b/gcloud/beta/compute/instance-groups/managed/resize-requests/create @@ -4,9 +4,9 @@ NAME SYNOPSIS gcloud beta compute instance-groups managed resize-requests create NAME - --requested-run-duration=REQUESTED_RUN_DURATION --resize-by=RESIZE_BY - --resize-request=RESIZE_REQUEST_NAME [--region=REGION | --zone=ZONE] - [GCLOUD_WIDE_FLAG ...] + --resize-by=RESIZE_BY --resize-request=RESIZE_REQUEST_NAME + [--requested-run-duration=REQUESTED_RUN_DURATION] + [--region=REGION | --zone=ZONE] [GCLOUD_WIDE_FLAG ...] DESCRIPTION (BETA) Create a Compute Engine managed instance group resize request. @@ -24,6 +24,13 @@ POSITIONAL ARGUMENTS Name of the managed instance group to operate on. REQUIRED FLAGS + --resize-by=RESIZE_BY + The number of VMs to resize managed instance group by. + + --resize-request=RESIZE_REQUEST_NAME + The name of the resize request to create. + +OPTIONAL FLAGS --requested-run-duration=REQUESTED_RUN_DURATION The time you need the requested VMs to run before being automatically deleted. The value must be formatted as the number of days, hours, @@ -32,13 +39,9 @@ REQUIRED FLAGS day, 2 hours, 3 minutes, and 4 seconds. The value must be between 10m (10 minutes) and 7d (7 days). - --resize-by=RESIZE_BY - The number of VMs to resize managed instance group by. + If you want the managed instance group to consume a reservation, then + this flag is optional. Otherwise, it's required. - --resize-request=RESIZE_REQUEST_NAME - The name of the resize request to create. - -OPTIONAL FLAGS At most one of these can be specified: --region=REGION diff --git a/gcloud/beta/compute/instance-templates/create b/gcloud/beta/compute/instance-templates/create index f685762c9..903e66624 100644 --- a/gcloud/beta/compute/instance-templates/create +++ b/gcloud/beta/compute/instance-templates/create @@ -18,6 +18,8 @@ SYNOPSIS [--[no-]enable-nested-virtualization] [--[no-]enable-uefi-networking] [--external-ipv6-address=EXTERNAL_IPV6_ADDRESS] [--external-ipv6-prefix-length=EXTERNAL_IPV6_PREFIX_LENGTH] + [--graceful-shutdown] + [--graceful-shutdown-max-duration=GRACEFUL_SHUTDOWN_MAX_DURATION] [--host-error-timeout-seconds=HOST_ERROR_TIMEOUT_SECONDS] [--instance-template-region=INSTANCE_TEMPLATE_REGION] [--instance-termination-action=INSTANCE_TERMINATION_ACTION] @@ -437,6 +439,17 @@ FLAGS be used together with --external-ipv6-address. Only the /96 IP address range is supported, and the default value is 96. + --graceful-shutdown + Enables graceful shutdown for the instance. + + --graceful-shutdown-max-duration=GRACEFUL_SHUTDOWN_MAX_DURATION + Specifies the maximum time for the graceful shutdown. After this time, + the instance is set to STOPPING even if tasks are still running. + Specify the time as the number of hours, minutes, or seconds followed + by h, m, and s respectively. For example, specify 30m for 30 minutes or + 20m10s for 20 minutes and 10 seconds. The value must be between 1 + second and 1 hour. + --host-error-timeout-seconds=HOST_ERROR_TIMEOUT_SECONDS The timeout in seconds for host error detection. The value must be set with 30 second increments, with a range of 90 to 330 seconds. If unset, diff --git a/gcloud/beta/compute/instances/create b/gcloud/beta/compute/instances/create index a32d6a8ce..081215580 100644 --- a/gcloud/beta/compute/instances/create +++ b/gcloud/beta/compute/instances/create @@ -23,6 +23,8 @@ SYNOPSIS [--[no-]enable-uefi-networking] [--erase-windows-vss-signature] [--external-ipv6-address=EXTERNAL_IPV6_ADDRESS] [--external-ipv6-prefix-length=EXTERNAL_IPV6_PREFIX_LENGTH] + [--graceful-shutdown] + [--graceful-shutdown-max-duration=GRACEFUL_SHUTDOWN_MAX_DURATION] [--host-error-timeout-seconds=HOST_ERROR_TIMEOUT_SECONDS] [--hostname=HOSTNAME] [--instance-termination-action=INSTANCE_TERMINATION_ACTION] @@ -511,6 +513,17 @@ FLAGS be used together with --external-ipv6-address. Only the /96 IP address range is supported, and the default value is 96. + --graceful-shutdown + Enables graceful shutdown for the instance. + + --graceful-shutdown-max-duration=GRACEFUL_SHUTDOWN_MAX_DURATION + Specifies the maximum time for the graceful shutdown. After this time, + the instance is set to STOPPING even if tasks are still running. + Specify the time as the number of hours, minutes, or seconds followed + by h, m, and s respectively. For example, specify 30m for 30 minutes or + 20m10s for 20 minutes and 10 seconds. The value must be between 1 + second and 1 hour. + --host-error-timeout-seconds=HOST_ERROR_TIMEOUT_SECONDS The timeout in seconds for host error detection. The value must be set with 30 second increments, with a range of 90 to 330 seconds. If unset, diff --git a/gcloud/beta/compute/instances/delete b/gcloud/beta/compute/instances/delete index 8b2ec87ea..3b43001f4 100644 --- a/gcloud/beta/compute/instances/delete +++ b/gcloud/beta/compute/instances/delete @@ -4,7 +4,8 @@ NAME SYNOPSIS gcloud beta compute instances delete INSTANCE_NAMES [INSTANCE_NAMES ...] - [--zone=ZONE] [--delete-disks=DISK_TYPE | --keep-disks=DISK_TYPE] + [--no-graceful-shutdown] [--zone=ZONE] + [--delete-disks=DISK_TYPE | --keep-disks=DISK_TYPE] [GCLOUD_WIDE_FLAG ...] DESCRIPTION @@ -25,6 +26,11 @@ POSITIONAL ARGUMENTS https://cloud.google.com/compute/docs/reference/rest/v1/instances FLAGS + --no-graceful-shutdown + Deletes the instance immediately without gracefully shutting it down. + If a graceful shutdown is in progress, then the instance is forcefully + stopped and deleted. + --zone=ZONE Zone of the instances to delete. If not specified, you might be prompted to select a zone (interactive mode only). gcloud attempts to diff --git a/gcloud/beta/compute/instances/ops-agents/policies/create b/gcloud/beta/compute/instances/ops-agents/policies/create index 13b286c9d..367ce2b6a 100644 --- a/gcloud/beta/compute/instances/ops-agents/policies/create +++ b/gcloud/beta/compute/instances/ops-agents/policies/create @@ -249,6 +249,7 @@ REQUIRED FLAGS ubuntu 23.04 ubuntu 23.10 ubuntu 24.04 + ubuntu 24.10 windows 10.* windows 6.* diff --git a/gcloud/beta/compute/instances/ops-agents/policies/update b/gcloud/beta/compute/instances/ops-agents/policies/update index 80ffed0d9..5fb22ce7d 100644 --- a/gcloud/beta/compute/instances/ops-agents/policies/update +++ b/gcloud/beta/compute/instances/ops-agents/policies/update @@ -286,6 +286,7 @@ FLAGS ubuntu 23.04 ubuntu 23.10 ubuntu 24.04 + ubuntu 24.10 windows 10.* windows 6.* diff --git a/gcloud/beta/compute/instances/set-scheduling b/gcloud/beta/compute/instances/set-scheduling index 5c4f54d57..ccb6cd6ad 100644 --- a/gcloud/beta/compute/instances/set-scheduling +++ b/gcloud/beta/compute/instances/set-scheduling @@ -4,7 +4,8 @@ NAME SYNOPSIS gcloud beta compute instances set-scheduling INSTANCE_NAME - [--clear-min-node-cpu] + [--clear-min-node-cpu] [--[no-]graceful-shutdown] + [--graceful-shutdown-max-duration=GRACEFUL_SHUTDOWN_MAX_DURATION] [--host-error-timeout-seconds=HOST_ERROR_TIMEOUT_SECONDS] [--local-ssd-recovery-timeout=LOCAL_SSD_RECOVERY_TIMEOUT] [--maintenance-policy=MAINTENANCE_POLICY] [--min-node-cpu=MIN_NODE_CPU] @@ -43,6 +44,18 @@ FLAGS instance min-node-cpu will be cleared. The instance will not be overcommitted and utilize the full CPU count assigned. + --[no-]graceful-shutdown + Enables or disables graceful shutdown for the instance. Use + --graceful-shutdown to enable and --no-graceful-shutdown to disable. + + --graceful-shutdown-max-duration=GRACEFUL_SHUTDOWN_MAX_DURATION + Specifies the maximum time for the graceful shutdown. After this time, + the instance is set to STOPPING even if tasks are still running. + Specify the time as the number of hours, minutes, or seconds followed + by h, m, and s respectively. For example, specify 30m for 30 minutes or + 20m10s for 20 minutes and 10 seconds. The value must be between 1 + second and 1 hour. + --host-error-timeout-seconds=HOST_ERROR_TIMEOUT_SECONDS The timeout in seconds for host error detection. The value must be set with 30 second increments, with a range of 90 to 330 seconds. If unset, diff --git a/gcloud/beta/compute/instances/stop b/gcloud/beta/compute/instances/stop index e60d177f1..3703bf262 100644 --- a/gcloud/beta/compute/instances/stop +++ b/gcloud/beta/compute/instances/stop @@ -3,8 +3,8 @@ NAME SYNOPSIS gcloud beta compute instances stop INSTANCE_NAMES [INSTANCE_NAMES ...] - [--async] [--discard-local-ssd[=DISCARD_LOCAL_SSD]] [--zone=ZONE] - [GCLOUD_WIDE_FLAG ...] + [--async] [--discard-local-ssd[=DISCARD_LOCAL_SSD]] + [--no-graceful-shutdown] [--zone=ZONE] [GCLOUD_WIDE_FLAG ...] DESCRIPTION (BETA) gcloud beta compute instances stop is used to stop a Compute Engine @@ -52,6 +52,11 @@ FLAGS --discard-local-ssd[=DISCARD_LOCAL_SSD] If set to true, local SSD data is discarded. + --no-graceful-shutdown + Stops the instance immediately without gracefully shutting it down. If + a graceful shutdown is in progress, then the instance is forcefully + stopped. + --zone=ZONE Zone of the instances to operate on. If not specified, you might be prompted to select a zone (interactive mode only). gcloud attempts to diff --git a/gcloud/beta/compute/instances/update b/gcloud/beta/compute/instances/update index 5a6eda3c0..b34c1086b 100644 --- a/gcloud/beta/compute/instances/update +++ b/gcloud/beta/compute/instances/update @@ -5,6 +5,8 @@ NAME SYNOPSIS gcloud beta compute instances update INSTANCE_NAME [--[no-]deletion-protection] [--[no-]enable-display-device] + [--[no-]graceful-shutdown] + [--graceful-shutdown-max-duration=GRACEFUL_SHUTDOWN_MAX_DURATION] [--min-cpu-platform=PLATFORM] [--partner-metadata=[NAMESPACE/KEY=VALUE,...]] [--partner-metadata-from-file=LOCAL_FILE_PATH] @@ -55,6 +57,18 @@ FLAGS Enable a display device on VM instances. Use --enable-display-device to enable and --no-enable-display-device to disable. + --[no-]graceful-shutdown + Enables or disables graceful shutdown for the instance. Use + --graceful-shutdown to enable and --no-graceful-shutdown to disable. + + --graceful-shutdown-max-duration=GRACEFUL_SHUTDOWN_MAX_DURATION + Specifies the maximum time for the graceful shutdown. After this time, + the instance is set to STOPPING even if tasks are still running. + Specify the time as the number of hours, minutes, or seconds followed + by h, m, and s respectively. For example, specify 30m for 30 minutes or + 20m10s for 20 minutes and 10 seconds. The value must be between 1 + second and 1 hour. + --min-cpu-platform=PLATFORM When specified, the VM will be scheduled on host with specified CPU architecture or a newer one. To list available CPU platforms in given diff --git a/gcloud/beta/compute/network-firewall-policies/export-rules b/gcloud/beta/compute/network-firewall-policies/export-rules new file mode 100644 index 000000000..b04209dd8 --- /dev/null +++ b/gcloud/beta/compute/network-firewall-policies/export-rules @@ -0,0 +1,52 @@ +NAME + gcloud beta compute network-firewall-policies export-rules - export Compute + Engine network firewall policy rules + +SYNOPSIS + gcloud beta compute network-firewall-policies export-rules FIREWALL_POLICY + [--destination=DESTINATION] [--global | --region=REGION] + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) Exports Firewall Policy rules configuration to a file. + +EXAMPLES + Firewall Policy rules can be exported by running: + + $ gcloud beta compute network-firewall-policies export-rules \ + FIREWALL_POLICY --destination= --global + +POSITIONAL ARGUMENTS + FIREWALL_POLICY + name of the network firewall policy to export rules from. + +FLAGS + --destination=DESTINATION + Path to a YAML file where the configuration will be exported. + Alternatively, you may omit this flag to write to standard output. For + a schema describing the export/import format, see: + $CLOUDSDKROOT/lib/googlecloudsdk/schemas/compute/beta/FirewallPolicy.yaml. + + At most one of these can be specified: + + --global + If set, the firewall policy is global. + + --region=REGION + Region of the firewall policy to export-rules. Overrides the default + compute/region property value for this command invocation. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud alpha compute network-firewall-policies export-rules + diff --git a/gcloud/beta/compute/network-firewall-policies/help b/gcloud/beta/compute/network-firewall-policies/help index 5ece759ff..108216420 100644 --- a/gcloud/beta/compute/network-firewall-policies/help +++ b/gcloud/beta/compute/network-firewall-policies/help @@ -46,9 +46,15 @@ COMMANDS describe (BETA) Describe a Compute Engine network firewall policy. + export-rules + (BETA) Export Compute Engine network firewall policy rules. + get-effective-firewalls (BETA) Get the effective firewalls for a network. + import-rules + (BETA) Import a Compute Engine network firewall policy rules. + list (BETA) List Compute Engine network firewall policies. diff --git a/gcloud/beta/compute/network-firewall-policies/import-rules b/gcloud/beta/compute/network-firewall-policies/import-rules new file mode 100644 index 000000000..01f9a42be --- /dev/null +++ b/gcloud/beta/compute/network-firewall-policies/import-rules @@ -0,0 +1,53 @@ +NAME + gcloud beta compute network-firewall-policies import-rules - import a + Compute Engine network firewall policy rules + +SYNOPSIS + gcloud beta compute network-firewall-policies import-rules FIREWALL_POLICY + [--source=SOURCE] [--global | --region=REGION] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) Imports Firewall Policy rules configuration from a file. + +EXAMPLES + Firewall Policy rules can be imported by running: + + $ gcloud beta compute network-firewall-policies import-rules \ + FIREWALL_POLICY --source= --global + +POSITIONAL ARGUMENTS + FIREWALL_POLICY + name of the network firewall policy to import rules to. + +FLAGS + --source=SOURCE + Path to a YAML file containing configuration export data. + Alternatively, you may omit this flag to read from standard input.For a + schema describing the export/import format, see: + $CLOUDSDKROOT/lib/googlecloudsdk/schemas/compute/beta/FirewallPolicy.yaml. + + Note: $CLOUDSDKROOT represents the Google Cloud CLI's installation directory. + + At most one of these can be specified: + + --global + If set, the firewall policy is global. + + --region=REGION + Region of the firewall policy to import-rules. Overrides the default + compute/region property value for this command invocation. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud alpha compute network-firewall-policies import-rules + diff --git a/gcloud/beta/compute/network-firewall-policies/rules/create b/gcloud/beta/compute/network-firewall-policies/rules/create index 51bf7422a..15dce7fc6 100644 --- a/gcloud/beta/compute/network-firewall-policies/rules/create +++ b/gcloud/beta/compute/network-firewall-policies/rules/create @@ -77,8 +77,8 @@ OPTIONAL FLAGS --dest-network-scope=DEST_NETWORK_SCOPE Use this flag to indicate that the rule should match internet or non-internet traffic. It applies to destination traffic for egress - rules. Valid values are INTERNET, NON_INTERNET and INTRA_VPC. Use empty - string to clear the field. + rules. Valid values are INTERNET and NON_INTERNET. Use empty string to + clear the field. --dest-region-codes=[DEST_REGION_CODES,...] Destination Region Code to match for this rule. Can only be specified diff --git a/gcloud/beta/compute/network-firewall-policies/rules/update b/gcloud/beta/compute/network-firewall-policies/rules/update index 1c29ee8a9..5a7f6532f 100644 --- a/gcloud/beta/compute/network-firewall-policies/rules/update +++ b/gcloud/beta/compute/network-firewall-policies/rules/update @@ -70,8 +70,8 @@ OPTIONAL FLAGS --dest-network-scope=DEST_NETWORK_SCOPE Use this flag to indicate that the rule should match internet or non-internet traffic. It applies to destination traffic for egress - rules. Valid values are INTERNET, NON_INTERNET and INTRA_VPC. Use empty - string to clear the field. + rules. Valid values are INTERNET and NON_INTERNET. Use empty string to + clear the field. --dest-region-codes=[DEST_REGION_CODES,...] Destination Region Code to match for this rule. Can only be specified diff --git a/gcloud/beta/compute/networks/create b/gcloud/beta/compute/networks/create index 45c8b8f73..7c933a5b5 100644 --- a/gcloud/beta/compute/networks/create +++ b/gcloud/beta/compute/networks/create @@ -120,8 +120,8 @@ FLAGS BGP Best Path Selection flags --bgp-best-path-selection-mode=BGP_BEST_PATH_SELECTION_MODE - The BGP best path selection algorithm to be employed. MODE can be - LEGACY or STANDARD. BGP_BEST_PATH_SELECTION_MODE must be one of: + The BGP best path selection algorithm to be employed. + BGP_BEST_PATH_SELECTION_MODE must be one of: LEGACY Dynamic routes are ranked based on the multiple @@ -133,7 +133,7 @@ FLAGS and MED BGP attributes. When global routing is enabled, region-to-region cost is used as a tiebreaker. This mode offers customizations to fine-tune BGP best path routing with additional - knobs like --bgp-bps-always-compare-med and + flags like --bgp-bps-always-compare-med and --bgp-bps-inter-region-cost --[no-]bgp-bps-always-compare-med diff --git a/gcloud/beta/compute/networks/subnets/create b/gcloud/beta/compute/networks/subnets/create index e5fcdd5ab..7a456b495 100644 --- a/gcloud/beta/compute/networks/subnets/create +++ b/gcloud/beta/compute/networks/subnets/create @@ -105,6 +105,8 @@ OPTIONAL FLAGS Reserved for Global Envoy-based Load Balancing. INTERNAL_HTTPS_LOAD_BALANCER Reserved for Internal HTTP(S) Load Balancing. + PEER_MIGRATION + Reserved for subnet migration between peered VPCs. PRIVATE Regular user created or automatically created subnet. PRIVATE_NAT diff --git a/gcloud/beta/compute/networks/update b/gcloud/beta/compute/networks/update index 87d9e2111..635385f0b 100644 --- a/gcloud/beta/compute/networks/update +++ b/gcloud/beta/compute/networks/update @@ -72,8 +72,8 @@ FLAGS BGP Best Path Selection flags --bgp-best-path-selection-mode=BGP_BEST_PATH_SELECTION_MODE - The BGP best path selection algorithm to be employed. MODE can be - LEGACY or STANDARD. BGP_BEST_PATH_SELECTION_MODE must be one of: + The BGP best path selection algorithm to be employed. + BGP_BEST_PATH_SELECTION_MODE must be one of: LEGACY Dynamic routes are ranked based on the multiple @@ -85,7 +85,7 @@ FLAGS and MED BGP attributes. When global routing is enabled, region-to-region cost is used as a tiebreaker. This mode offers customizations to fine-tune BGP best path routing with additional - knobs like --bgp-bps-always-compare-med and + flags like --bgp-bps-always-compare-med and --bgp-bps-inter-region-cost --[no-]bgp-bps-always-compare-med diff --git a/gcloud/beta/compute/org-security-policies/associations/create b/gcloud/beta/compute/org-security-policies/associations/create index c13d75810..ec69d90d0 100644 --- a/gcloud/beta/compute/org-security-policies/associations/create +++ b/gcloud/beta/compute/org-security-policies/associations/create @@ -5,9 +5,11 @@ NAME SYNOPSIS gcloud beta compute org-security-policies associations create - --security-policy=SECURITY_POLICY [--folder=FOLDER] [--name=NAME] - [--organization=ORGANIZATION] [--replace-association-on-target] - [GCLOUD_WIDE_FLAG ...] + --security-policy=SECURITY_POLICY + [--excluded-folders=[EXCLUDED_FOLDERS,...]] + [--excluded-projects=[EXCLUDED_PROJECTS,...]] [--folder=FOLDER] + [--name=NAME] [--organization=ORGANIZATION] + [--replace-association-on-target] [GCLOUD_WIDE_FLAG ...] DESCRIPTION (BETA) gcloud beta compute org-security-policies associations create is @@ -27,6 +29,14 @@ REQUIRED FLAGS Security policy ID of the association. OPTIONAL FLAGS + --excluded-folders=[EXCLUDED_FOLDERS,...] + List of folders to exclude from the application of this security + policy. Folders should be specified in the form "folders/123". + + --excluded-projects=[EXCLUDED_PROJECTS,...] + List of projects to exclude from the application of this security + policy. Projects should be specified in the form "projects/123". + --folder=FOLDER ID of the folder with which the association is created. @@ -36,7 +46,7 @@ OPTIONAL FLAGS --organization=ORGANIZATION ID of the organization in which the security policy is to be - associated. Must be set if SECURITY_POLICY is display name. + associated. Must be set if SECURITY_POLICY is short name. --replace-association-on-target By default, if you attempt to insert an association to an organization diff --git a/gcloud/beta/compute/org-security-policies/associations/delete b/gcloud/beta/compute/org-security-policies/associations/delete index d51be31e9..c985ba1a9 100644 --- a/gcloud/beta/compute/org-security-policies/associations/delete +++ b/gcloud/beta/compute/org-security-policies/associations/delete @@ -24,12 +24,12 @@ POSITIONAL ARGUMENTS REQUIRED FLAGS --security-policy=SECURITY_POLICY - Display name or ID of the security policy ID of the association. + short name or ID of the security policy ID of the association. OPTIONAL FLAGS --organization=ORGANIZATION ID of the organization in which the security policy is to be detached. - Must be set if SECURITY_POLICY is display name. + Must be set if SECURITY_POLICY is short name. GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, diff --git a/gcloud/beta/compute/org-security-policies/copy-rules b/gcloud/beta/compute/org-security-policies/copy-rules index 27c5d491c..8761d95cb 100644 --- a/gcloud/beta/compute/org-security-policies/copy-rules +++ b/gcloud/beta/compute/org-security-policies/copy-rules @@ -15,15 +15,15 @@ DESCRIPTION resources. EXAMPLES - To copy the rules of an organization security policy with ID ``123456789", - from another organization security policy with ID ``987654321", run: + To copy the rules of an organization security policy with ID "123456789", + from another organization security policy with ID "987654321", run: $ gcloud beta compute org-security-policies copy-rules copy-rules \ 123456789 --source-security-policy=987654321 POSITIONAL ARGUMENTS SECURITY_POLICY - Display name or ID of the security policy to copy the rules to. + Short name or ID of the security policy to copy the rules to. REQUIRED FLAGS --source-security-policy=SOURCE_SECURITY_POLICY @@ -32,7 +32,7 @@ REQUIRED FLAGS OPTIONAL FLAGS --organization=ORGANIZATION Organization in which the organization security policy to copy the - rules to. Must be set if security-policy is display name. + rules to. Must be set if security-policy is the short name. GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, diff --git a/gcloud/beta/compute/org-security-policies/create b/gcloud/beta/compute/org-security-policies/create index c326212b3..2e1630554 100644 --- a/gcloud/beta/compute/org-security-policies/create +++ b/gcloud/beta/compute/org-security-policies/create @@ -6,6 +6,8 @@ SYNOPSIS gcloud beta compute org-security-policies create (--folder=FOLDER | --organization=ORGANIZATION) [--description=DESCRIPTION] [--display-name=DISPLAY_NAME] + [--file-format=FILE_FORMAT] [--short-name=SHORT_NAME] + [--file-name=FILE_NAME | --type=SECURITY_POLICY_TYPE] [GCLOUD_WIDE_FLAG ...] DESCRIPTION @@ -14,11 +16,17 @@ DESCRIPTION rules that controls access to various resources. EXAMPLES - To create an organization security policy under folder with ID - ``123456789", run: + To create an organization security policy under folder with ID "123456789", + run: $ gcloud beta compute org-security-policies create create \ - --folder=123456789 + --short-name=my-policy --folder=123456789 + + To create an organization security under organization with ID "12345" from + an input file, run: + + $ gcloud beta compute org-security-policies create create \ + --file-name=my-file-name --organization=12345 REQUIRED FLAGS Exactly one of these must be specified: @@ -37,6 +45,27 @@ OPTIONAL FLAGS --display-name=DISPLAY_NAME A textual name of the security policy. + --file-format=FILE_FORMAT + The format of the file to create the organization security policy + config from. Specify either yaml or json. Defaults to yaml if not + specified. Will be ignored if --file-name is not specified. FILE_FORMAT + must be one of: json, yaml. + + --short-name=SHORT_NAME + A textual name of the security policy. + + Creation options. + + At most one of these can be specified: + + --file-name=FILE_NAME + The name of the JSON or YAML file to create a organization security + policy config from. + + --type=SECURITY_POLICY_TYPE + The type indicates the intended use of the organization security + policy. SECURITY_POLICY_TYPE must be one of: CLOUD_ARMOR, FIREWALL. + GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, diff --git a/gcloud/beta/compute/org-security-policies/delete b/gcloud/beta/compute/org-security-policies/delete index 3552bca8e..d2e6d843f 100644 --- a/gcloud/beta/compute/org-security-policies/delete +++ b/gcloud/beta/compute/org-security-policies/delete @@ -12,18 +12,18 @@ DESCRIPTION rules that controls access to various resources. EXAMPLES - To delete an organization security policy with ID ``123456789", run: + To delete an organization security policy with ID "123456789", run: $ gcloud beta compute org-security-policies delete delete 123456789 POSITIONAL ARGUMENTS SECURITY_POLICY - Display name or ID of the security policy to delete. + Short name or ID of the security policy to delete. FLAGS --organization=ORGANIZATION Organization in which the organization security policy is to be - deleted. Must be set if SECURITY_POLICY is display name. + deleted. Must be set if SECURITY_POLICY is short name. GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, diff --git a/gcloud/beta/compute/org-security-policies/describe b/gcloud/beta/compute/org-security-policies/describe index c4eb4af25..cc1d9f788 100644 --- a/gcloud/beta/compute/org-security-policies/describe +++ b/gcloud/beta/compute/org-security-policies/describe @@ -12,18 +12,18 @@ DESCRIPTION a set of rules that controls access to various resources. EXAMPLES - To describe an organization security policy with ID ``123456789", run: + To describe an organization security policy with ID "123456789", run: $ gcloud beta compute org-security-policies describe 123456789 POSITIONAL ARGUMENTS SECURITY_POLICY - Display name or ID of the security policy to describe. + Short name or ID of the security policy to describe. FLAGS --organization=ORGANIZATION Organization in which the organization security policy is to be - described. Must be set if SECURITY_POLICY is display name. + described. Must be set if SECURITY_POLICY is short name. GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, diff --git a/gcloud/beta/compute/org-security-policies/list b/gcloud/beta/compute/org-security-policies/list index be312ef99..a2f98c1c1 100644 --- a/gcloud/beta/compute/org-security-policies/list +++ b/gcloud/beta/compute/org-security-policies/list @@ -15,7 +15,7 @@ DESCRIPTION rules that controls access to various resources. EXAMPLES - To list organization security policies under folder with ID ``123456789", + To list organization security policies under folder with ID "123456789", run: $ gcloud beta compute org-security-policies list list \ diff --git a/gcloud/beta/compute/org-security-policies/list-rules b/gcloud/beta/compute/org-security-policies/list-rules index 4e57bd9bc..042ececfb 100644 --- a/gcloud/beta/compute/org-security-policies/list-rules +++ b/gcloud/beta/compute/org-security-policies/list-rules @@ -13,14 +13,14 @@ DESCRIPTION the rules of an organization security policy. EXAMPLES - To list the rules of an organization security policy with ID ``123456789", + To list the rules of an organization security policy with ID "123456789", run: $ gcloud beta compute org-security-policies list-rules list-rules \ 123456789 To list all the fields of the rules of an organization security policy with - ID ``123456789", run: + ID "123456789", run: $ gcloud beta compute org-security-policies list-rules list-rules \ 123456789 --format="table( @@ -38,7 +38,7 @@ EXAMPLES POSITIONAL ARGUMENTS SECURITY_POLICY - Display name or ID of the security policy to list rules for. + Short name or ID of the security policy to list rules for. [NAME ...] (DEPRECATED) If provided, show details for the specified names and/or diff --git a/gcloud/beta/compute/org-security-policies/move b/gcloud/beta/compute/org-security-policies/move index aecf98505..6a7ebdbcc 100644 --- a/gcloud/beta/compute/org-security-policies/move +++ b/gcloud/beta/compute/org-security-policies/move @@ -11,15 +11,15 @@ DESCRIPTION used to move organization security policies to new parent nodes. EXAMPLES - To move an organization security policy under folder with ID ``123456789" - to folder ``987654321", run: + To move an organization security policy under folder with ID "123456789" to + folder "987654321", run: $ gcloud beta compute org-security-policies move move 123456789 \ --folder=987654321 POSITIONAL ARGUMENTS SECURITY_POLICY - Display name or ID of the security policy to move. + Short name or ID of the security policy to move. FLAGS --folder=FOLDER @@ -27,7 +27,7 @@ FLAGS --organization=ORGANIZATION Organization in which the organization security policy is to be moved. - Must be set if SECURITY_POLICY is display name. + Must be set if SECURITY_POLICY is the short name. GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, diff --git a/gcloud/beta/compute/org-security-policies/rules/create b/gcloud/beta/compute/org-security-policies/rules/create index a3e25273d..a52edc805 100644 --- a/gcloud/beta/compute/org-security-policies/rules/create +++ b/gcloud/beta/compute/org-security-policies/rules/create @@ -1,16 +1,16 @@ NAME gcloud beta compute org-security-policies rules create - create a Compute - Engine security policy rule + Engine organizationsecurity policy rule SYNOPSIS gcloud beta compute org-security-policies rules create PRIORITY - --action=ACTION --security-policy=SECURITY_POLICY + --action=ACTION --security-policy=SECURITY_POLICY [--cloud-armor] [--description=DESCRIPTION] [--dest-ip-ranges=[DEST_IP_RANGE,...]] [--direction=DIRECTION] [--[no-]enable-logging] [--layer4-configs=[LAYER4_CONFIG,...]] [--organization=ORGANIZATION] - [--src-ip-ranges=[SRC_IP_RANGE,...]] - [--target-resources=[TARGET_RESOURCES,...]] + [--preview] [--target-resources=[TARGET_RESOURCES,...]] [--target-service-accounts=[TARGET_SERVICE_ACCOUNTS,...]] + [--expression=EXPRESSION | --src-ip-ranges=[SRC_IP_RANGE,...]] [GCLOUD_WIDE_FLAG ...] DESCRIPTION @@ -18,12 +18,12 @@ DESCRIPTION create organization security policy rules. EXAMPLES - To create a rule with priority ``10" in an organization security policy - with ID ``123456789", run: + To create a rule with priority "10" in an organization security policy with + ID "123456789", run: $ gcloud beta compute org-security-policies rules create create 10 \ --security-policy=123456789 --action=allow \ - --description=example-rule + --description=example-rule --cloud-armor POSITIONAL ARGUMENTS PRIORITY @@ -32,13 +32,33 @@ POSITIONAL ARGUMENTS REQUIRED FLAGS --action=ACTION Action to take if the request matches the match condition. ACTION must - be one of: allow, deny, goto_next. + be one of: + + allow + Allows the request from HTTP(S) Load Balancing. + deny + (DEPRECATED) Only used for Hierarchical Firewalls. + deny-403 + Denies the request from HTTP(S) Load Balancing, with an HTTP + response status code of 403. + deny-404 + Denies the request from HTTP(S) Load Balancing, with an HTTP + response status code of 404. + deny-502 + Denies the request from HTTP(S) Load Balancing, with an HTTP + response status code of 502. + redirect + Redirects the request from HTTP(S) Load Balancing, based on + redirect options. --security-policy=SECURITY_POLICY - Display name of the security policy into which the rule should be + short name of the security policy into which the rule should be inserted. OPTIONAL FLAGS + --cloud-armor + Specified for Hierarchical Cloud Armor rules. + --description=DESCRIPTION An optional, textual description for the rule. @@ -61,11 +81,10 @@ OPTIONAL FLAGS --organization=ORGANIZATION Organization which the organization security policy belongs to. Must be - set if SECURITY_POLICY is display name. + set if SECURITY_POLICY is short name. - --src-ip-ranges=[SRC_IP_RANGE,...] - Source IP ranges to match for this rule. Can only be specified if - DIRECTION is ingress. + --preview + If specified, the action will not be enforced. --target-resources=[TARGET_RESOURCES,...] List of URLs of target resources to which the rule is applied. @@ -73,6 +92,17 @@ OPTIONAL FLAGS --target-service-accounts=[TARGET_SERVICE_ACCOUNTS,...] List of target service accounts for the rule. + Security policy rule matcher. + + At most one of these can be specified: + + --expression=EXPRESSION + The Cloud Armor rules language expression to match for this rule. + + --src-ip-ranges=[SRC_IP_RANGE,...] + The source IPs/IP ranges to match for this rule. To match all IPs + specify *. + GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, diff --git a/gcloud/beta/compute/org-security-policies/rules/delete b/gcloud/beta/compute/org-security-policies/rules/delete index 8f6991de6..6b3fb5faa 100644 --- a/gcloud/beta/compute/org-security-policies/rules/delete +++ b/gcloud/beta/compute/org-security-policies/rules/delete @@ -24,13 +24,13 @@ POSITIONAL ARGUMENTS REQUIRED FLAGS --security-policy=SECURITY_POLICY - Display name of the security policy into which the rule should be + short name of the security policy into which the rule should be deleted. OPTIONAL FLAGS --organization=ORGANIZATION Organization which the organization security policy belongs to. Must be - set if SECURITY_POLICY is display name. + set if SECURITY_POLICY is short name. GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, diff --git a/gcloud/beta/compute/org-security-policies/rules/describe b/gcloud/beta/compute/org-security-policies/rules/describe index feedf69bd..414b9fb07 100644 --- a/gcloud/beta/compute/org-security-policies/rules/describe +++ b/gcloud/beta/compute/org-security-policies/rules/describe @@ -24,13 +24,13 @@ POSITIONAL ARGUMENTS REQUIRED FLAGS --security-policy=SECURITY_POLICY - Display name of the security policy into which the rule should be + short name of the security policy into which the rule should be described. OPTIONAL FLAGS --organization=ORGANIZATION Organization which the organization security policy belongs to. Must be - set if SECURITY_POLICY is display name. + set if SECURITY_POLICY is short name. GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, diff --git a/gcloud/beta/compute/org-security-policies/rules/help b/gcloud/beta/compute/org-security-policies/rules/help index b3968a034..14fe3a40c 100644 --- a/gcloud/beta/compute/org-security-policies/rules/help +++ b/gcloud/beta/compute/org-security-policies/rules/help @@ -19,7 +19,7 @@ COMMANDS COMMAND is one of the following: create - (BETA) Create a Compute Engine security policy rule. + (BETA) Create a Compute Engine organizationsecurity policy rule. delete (BETA) Delete a Compute Engine organization security policy rule. diff --git a/gcloud/beta/compute/org-security-policies/rules/update b/gcloud/beta/compute/org-security-policies/rules/update index 2d7e1926e..ee61c7609 100644 --- a/gcloud/beta/compute/org-security-policies/rules/update +++ b/gcloud/beta/compute/org-security-policies/rules/update @@ -4,13 +4,14 @@ NAME SYNOPSIS gcloud beta compute org-security-policies rules update PRIORITY - --security-policy=SECURITY_POLICY [--action=ACTION] + --security-policy=SECURITY_POLICY [--action=ACTION] [--cloud-armor] [--description=DESCRIPTION] [--dest-ip-ranges=[DEST_IP_RANGE,...]] [--direction=DIRECTION] [--[no-]enable-logging] [--layer4-configs=[LAYER4_CONFIG,...]] [--new-priority=NEW_PRIORITY] - [--organization=ORGANIZATION] [--src-ip-ranges=[SRC_IP_RANGE,...]] + [--organization=ORGANIZATION] [--preview] [--target-resources=[TARGET_RESOURCES,...]] [--target-service-accounts=[TARGET_SERVICE_ACCOUNTS,...]] + [--expression=EXPRESSION | --src-ip-ranges=[SRC_IP_RANGE,...]] [GCLOUD_WIDE_FLAG ...] DESCRIPTION @@ -32,13 +33,33 @@ POSITIONAL ARGUMENTS REQUIRED FLAGS --security-policy=SECURITY_POLICY - Display name of the security policy into which the rule should be + short name of the security policy into which the rule should be updated. OPTIONAL FLAGS --action=ACTION Action to take if the request matches the match condition. ACTION must - be one of: allow, deny, goto_next. + be one of: + + allow + Allows the request from HTTP(S) Load Balancing. + deny + (DEPRECATED) Only used for Hierarchical Firewalls. + deny-403 + Denies the request from HTTP(S) Load Balancing, with an HTTP + response status code of 403. + deny-404 + Denies the request from HTTP(S) Load Balancing, with an HTTP + response status code of 404. + deny-502 + Denies the request from HTTP(S) Load Balancing, with an HTTP + response status code of 502. + redirect + Redirects the request from HTTP(S) Load Balancing, based on + redirect options. + + --cloud-armor + Specified for Hierarchical Cloud Armor rules. --description=DESCRIPTION An optional, textual description for the rule. @@ -65,11 +86,10 @@ OPTIONAL FLAGS --organization=ORGANIZATION Organization which the organization security policy belongs to. Must be - set if SECURITY_POLICY is display name. + set if SECURITY_POLICY is short name. - --src-ip-ranges=[SRC_IP_RANGE,...] - Source IP ranges to match for this rule. Can only be specified if - DIRECTION is ingress. + --preview + If specified, the action will not be enforced. --target-resources=[TARGET_RESOURCES,...] List of URLs of target resources to which the rule is applied. @@ -77,6 +97,17 @@ OPTIONAL FLAGS --target-service-accounts=[TARGET_SERVICE_ACCOUNTS,...] List of target service accounts for the rule. + Security policy rule matcher. + + At most one of these can be specified: + + --expression=EXPRESSION + The Cloud Armor rules language expression to match for this rule. + + --src-ip-ranges=[SRC_IP_RANGE,...] + The source IPs/IP ranges to match for this rule. To match all IPs + specify *. + GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, diff --git a/gcloud/beta/compute/org-security-policies/update b/gcloud/beta/compute/org-security-policies/update index 7a0c42488..1180f2d22 100644 --- a/gcloud/beta/compute/org-security-policies/update +++ b/gcloud/beta/compute/org-security-policies/update @@ -4,7 +4,11 @@ NAME SYNOPSIS gcloud beta compute org-security-policies update SECURITY_POLICY - [--description=DESCRIPTION] [--organization=ORGANIZATION] + [--description=DESCRIPTION] + [--json-custom-content-types=[CONTENT_TYPE,...]] + [--json-parsing=JSON_PARSING] [--log-level=LOG_LEVEL] + [--organization=ORGANIZATION] + [--user-ip-request-headers=[USER_IP_REQUEST_HEADER,...]] [GCLOUD_WIDE_FLAG ...] DESCRIPTION @@ -13,23 +17,43 @@ DESCRIPTION rules that controls access to various resources. EXAMPLES - To update an organization security policy with ID ``123456789" to change - the description to ``New description", run: + To update an organization security policy with ID "123456789" to change the + description to "New description", run: $ gcloud beta compute org-security-policies update update \ 123456789 --description='New description' POSITIONAL ARGUMENTS SECURITY_POLICY - Display name or ID of the security policy to update. + Short name or ID of the security policy to update. FLAGS --description=DESCRIPTION An optional, textual description for the organization security policy. + --json-custom-content-types=[CONTENT_TYPE,...] + A comma-separated list of custom Content-Type header values to apply + JSON parsing for preconfigured WAF rules. Only applicable when JSON + parsing is enabled, like --json-parsing=STANDARD. When configuring a + Content-Type header value, only the type/subtype needs to be specified, + and the parameters should be excluded. + + --json-parsing=JSON_PARSING + The JSON parsing behavior for this rule. Must be one of the following + values: [DISABLED, STANDARD, STANDARD_WITH_GRAPHQL]. JSON_PARSING must + be one of: DISABLED, STANDARD, STANDARD_WITH_GRAPHQL. + + --log-level=LOG_LEVEL + The level of detail to display for WAF logging. LOG_LEVEL must be one + of: NORMAL, VERBOSE. + --organization=ORGANIZATION Organization in which the organization security policy is to be - updated. Must be set if SECURITY_POLICY is display name. + updated. Must be set if SECURITY_POLICY is the short name. + + --user-ip-request-headers=[USER_IP_REQUEST_HEADER,...] + A comma-separated list of request header names to use for resolving the + caller's user IP address. GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, diff --git a/gcloud/beta/compute/reservations/blocks/describe b/gcloud/beta/compute/reservations/blocks/describe new file mode 100644 index 000000000..79641089d --- /dev/null +++ b/gcloud/beta/compute/reservations/blocks/describe @@ -0,0 +1,62 @@ +NAME + gcloud beta compute reservations blocks describe - describe a Compute + Engine reservation block + +SYNOPSIS + gcloud beta compute reservations blocks describe RESERVATION + --block-name=BLOCK_NAME [--zone=ZONE] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) Describe a Compute Engine reservation block. + +EXAMPLES + To describe a reservation block in reservation exr1 in my-zone with block + name block1, run: + + $ gcloud beta compute reservations blocks describe exr1 \ + --zone=my-zone --block-name=block1 + +POSITIONAL ARGUMENTS + RESERVATION + Name of the reservation to describe. + +REQUIRED FLAGS + --block-name=BLOCK_NAME + The name of the reservation block. + +OPTIONAL FLAGS + --zone=ZONE + Zone of the reservation to describe. If not specified and the + compute/zone property isn't set, you might be prompted to select a zone + (interactive mode only). + + To avoid prompting when this flag is omitted, you can set the + compute/zone property: + + $ gcloud config set compute/zone ZONE + + A list of zones can be fetched by running: + + $ gcloud compute zones list + + To unset the property, run: + + $ gcloud config unset compute/zone + + Alternatively, the zone can be stored in the environment variable + CLOUDSDK_COMPUTE_ZONE. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud alpha compute reservations blocks describe + diff --git a/gcloud/beta/compute/reservations/blocks/help b/gcloud/beta/compute/reservations/blocks/help new file mode 100644 index 000000000..ab9b7585e --- /dev/null +++ b/gcloud/beta/compute/reservations/blocks/help @@ -0,0 +1,29 @@ +NAME + gcloud beta compute reservations blocks - + +SYNOPSIS + gcloud beta compute reservations blocks COMMAND [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) Manage Compute Engine reservation blocks. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --help. + + Run $ gcloud help for details. + +COMMANDS + COMMAND is one of the following: + + describe + (BETA) Describe a Compute Engine reservation block. + + list + (BETA) List Compute Engine reservation blocks. + +NOTES + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud alpha compute reservations blocks + diff --git a/gcloud/beta/compute/reservations/blocks/list b/gcloud/beta/compute/reservations/blocks/list new file mode 100644 index 000000000..dbadf3ee3 --- /dev/null +++ b/gcloud/beta/compute/reservations/blocks/list @@ -0,0 +1,98 @@ +NAME + gcloud beta compute reservations blocks list - list Compute Engine + reservation blocks + +SYNOPSIS + gcloud beta compute reservations blocks list RESERVATION [--zone=ZONE] + [--filter=EXPRESSION] [--limit=LIMIT] [--page-size=PAGE_SIZE] + [--sort-by=[FIELD,...]] [--uri] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) gcloud beta compute reservations blocks list displays all Compute + Engine reservation blocks in an extended reservation. + +EXAMPLES + To list all reservation blocks in an extended reservation in table form, + run: + + $ gcloud beta compute reservations blocks list \ + extended-reservation --zone=us-central1-a --project=my-project + + To list the URIs of all reservation blocks in an extended reservation, run: + + $ gcloud beta compute reservations blocks list \ + extended-reservation --zone=us-central1-a --project=my-project \ + --uri + +POSITIONAL ARGUMENTS + RESERVATION + Name of the reservation to operate on. + +FLAGS + --zone=ZONE + Zone of the reservation to operate on. If not specified and the + compute/zone property isn't set, you might be prompted to select a zone + (interactive mode only). + + To avoid prompting when this flag is omitted, you can set the + compute/zone property: + + $ gcloud config set compute/zone ZONE + + A list of zones can be fetched by running: + + $ gcloud compute zones list + + To unset the property, run: + + $ gcloud config unset compute/zone + + Alternatively, the zone can be stored in the environment variable + CLOUDSDK_COMPUTE_ZONE. + +LIST COMMAND FLAGS + --filter=EXPRESSION + Apply a Boolean filter EXPRESSION to each resource item to be listed. + If the expression evaluates True, then that item is listed. For more + details and examples of filter expressions, run $ gcloud topic filters. + This flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --limit=LIMIT + Maximum number of resources to list. The default is unlimited. This + flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --page-size=PAGE_SIZE + Some services group resource list output into pages. This flag + specifies the maximum number of resources per page. The default is + determined by the service if it supports paging, otherwise it is + unlimited (no paging). Paging may be applied before or after --filter + and --limit depending on the service. + + --sort-by=[FIELD,...] + Comma-separated list of resource field key names to sort by. The + default order is ascending. Prefix a field with ``~'' for descending + order on that field. This flag interacts with other flags that are + applied in this order: --flatten, --sort-by, --filter, --limit. + + --uri + Print a list of resource URIs instead of the default output, and change + the command output to a list of URIs. If this flag is used with + --format, the formatting is applied on this URI list. To display URIs + alongside other keys instead, use the uri() transform. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud alpha compute reservations blocks list + diff --git a/gcloud/beta/compute/reservations/help b/gcloud/beta/compute/reservations/help index c72c5ba5b..03928c424 100644 --- a/gcloud/beta/compute/reservations/help +++ b/gcloud/beta/compute/reservations/help @@ -2,7 +2,7 @@ NAME gcloud beta compute reservations - manage Compute Engine reservations SYNOPSIS - gcloud beta compute reservations COMMAND [GCLOUD_WIDE_FLAG ...] + gcloud beta compute reservations GROUP | COMMAND [GCLOUD_WIDE_FLAG ...] DESCRIPTION (BETA) Manage Compute Engine reservations. @@ -18,6 +18,12 @@ GCLOUD WIDE FLAGS Run $ gcloud help for details. +GROUPS + GROUP is one of the following: + + blocks + (BETA) + COMMANDS COMMAND is one of the following: diff --git a/gcloud/beta/config/get b/gcloud/beta/config/get index de581aa87..32092eb77 100644 --- a/gcloud/beta/config/get +++ b/gcloud/beta/config/get @@ -346,6 +346,10 @@ AVAILABLE PROPERTIES Overrides API endpoint for gcloud deployment-manager command group. Defaults to https://deploymentmanager.googleapis.com/ + developerconnect + Overrides API endpoint for gcloud developer-connect command group. + Defaults to https://developerconnect.googleapis.com/ + dns Overrides API endpoint for gcloud dns command group. Defaults to https://dns.googleapis.com/dns/v1/ diff --git a/gcloud/beta/config/help b/gcloud/beta/config/help index c31c6fb22..47e862b5f 100644 --- a/gcloud/beta/config/help +++ b/gcloud/beta/config/help @@ -378,6 +378,10 @@ AVAILABLE PROPERTIES Overrides API endpoint for gcloud deployment-manager command group. Defaults to https://deploymentmanager.googleapis.com/ + developerconnect + Overrides API endpoint for gcloud developer-connect command group. + Defaults to https://developerconnect.googleapis.com/ + dns Overrides API endpoint for gcloud dns command group. Defaults to https://dns.googleapis.com/dns/v1/ diff --git a/gcloud/beta/config/list b/gcloud/beta/config/list index 3fa08b1d5..0b8a75a68 100644 --- a/gcloud/beta/config/list +++ b/gcloud/beta/config/list @@ -390,6 +390,10 @@ AVAILABLE PROPERTIES Overrides API endpoint for gcloud deployment-manager command group. Defaults to https://deploymentmanager.googleapis.com/ + developerconnect + Overrides API endpoint for gcloud developer-connect command group. + Defaults to https://developerconnect.googleapis.com/ + dns Overrides API endpoint for gcloud dns command group. Defaults to https://dns.googleapis.com/dns/v1/ diff --git a/gcloud/beta/config/set b/gcloud/beta/config/set index 3d7bb605a..4fc9fec48 100644 --- a/gcloud/beta/config/set +++ b/gcloud/beta/config/set @@ -393,6 +393,10 @@ AVAILABLE PROPERTIES Overrides API endpoint for gcloud deployment-manager command group. Defaults to https://deploymentmanager.googleapis.com/ + developerconnect + Overrides API endpoint for gcloud developer-connect command group. + Defaults to https://developerconnect.googleapis.com/ + dns Overrides API endpoint for gcloud dns command group. Defaults to https://dns.googleapis.com/dns/v1/ diff --git a/gcloud/beta/config/unset b/gcloud/beta/config/unset index ea3c142a4..528d420b4 100644 --- a/gcloud/beta/config/unset +++ b/gcloud/beta/config/unset @@ -354,6 +354,10 @@ AVAILABLE PROPERTIES Overrides API endpoint for gcloud deployment-manager command group. Defaults to https://deploymentmanager.googleapis.com/ + developerconnect + Overrides API endpoint for gcloud developer-connect command group. + Defaults to https://developerconnect.googleapis.com/ + dns Overrides API endpoint for gcloud dns command group. Defaults to https://dns.googleapis.com/dns/v1/ diff --git a/gcloud/beta/container/clusters/create b/gcloud/beta/container/clusters/create index a70476184..9d31200e4 100644 --- a/gcloud/beta/container/clusters/create +++ b/gcloud/beta/container/clusters/create @@ -83,6 +83,11 @@ SYNOPSIS [--workload-pool=WORKLOAD_POOL] [--workload-vulnerability-scanning=WORKLOAD_VULNERABILITY_SCANNING] [--additional-zones=ZONE,[ZONE,...] | --node-locations=ZONE,[ZONE,...]] + [--aggregation-ca=CA_POOL_PATH --cluster-ca=CA_POOL_PATH + --control-plane-disk-encryption-key=KEY --etcd-api-ca=CA_POOL_PATH + --etcd-peer-ca=CA_POOL_PATH --gkeops-etcd-backup-encryption-key=KEY + --service-account-signing-keys=KEY_VERSION,[KEY_VERSION,...] + --service-account-verification-keys=KEY_VERSION,[KEY_VERSION,...]] [--binauthz-policy-bindings=[name=BINAUTHZ_POLICY] --binauthz-evaluation-mode=BINAUTHZ_EVALUATION_MODE | --enable-binauthz] @@ -1469,6 +1474,40 @@ FLAGS --location us-central1-a \ --node-locations us-central1-a,us-central1-b + Control Plane Keys + + --aggregation-ca=CA_POOL_PATH + The Certificate Authority Service caPool that will back the + aggregation CA + + --cluster-ca=CA_POOL_PATH + The Certificate Authority Service caPool that will back the cluster + CA + + --control-plane-disk-encryption-key=KEY + The Cloud KMS symmetric encryption cryptoKey that will be used to + encrypt the control plane disks + + --etcd-api-ca=CA_POOL_PATH + The Certificate Authority Service caPool that will back the etcd API + CA + + --etcd-peer-ca=CA_POOL_PATH + The Certificate Authority Service caPool that will back the etcd peer + CA + + --gkeops-etcd-backup-encryption-key=KEY + The Cloud KMS symmetric encryption cryptoKey that will be used to + encrypt the disaster recovery etcd backups for the cluster + + --service-account-signing-keys=KEY_VERSION,[KEY_VERSION,...] + A Cloud KMS asymmetric signing cryptoKeyVersion that will be used to + sign service account tokens + + --service-account-verification-keys=KEY_VERSION,[KEY_VERSION,...] + A Cloud KMS asymmetric signing cryptoKeyVersion that will be used to + verify service account tokens. Maybe specified multiple times. + Flags for Binary Authorization: --binauthz-policy-bindings=[name=BINAUTHZ_POLICY] @@ -1519,8 +1558,6 @@ FLAGS vpc Configures the Cloud DNS zone to be private to the VPC Network. - ClusterDNS_AdditiveVPCScope_EnabledDisable - At most one of these can be specified: --additive-vpc-scope-dns-domain=ADDITIVE_VPC_SCOPE_DNS_DOMAIN diff --git a/gcloud/beta/container/clusters/create-auto b/gcloud/beta/container/clusters/create-auto index 2ac6c2162..0932ff6ed 100644 --- a/gcloud/beta/container/clusters/create-auto +++ b/gcloud/beta/container/clusters/create-auto @@ -33,6 +33,11 @@ SYNOPSIS [--workload-vulnerability-scanning=WORKLOAD_VULNERABILITY_SCANNING] [--additive-vpc-scope-dns-domain=ADDITIVE_VPC_SCOPE_DNS_DOMAIN | --disable-additive-vpc-scope] + [--aggregation-ca=CA_POOL_PATH --cluster-ca=CA_POOL_PATH + --control-plane-disk-encryption-key=KEY --etcd-api-ca=CA_POOL_PATH + --etcd-peer-ca=CA_POOL_PATH --gkeops-etcd-backup-encryption-key=KEY + --service-account-signing-keys=KEY_VERSION,[KEY_VERSION,...] + --service-account-verification-keys=KEY_VERSION,[KEY_VERSION,...]] [--binauthz-evaluation-mode=BINAUTHZ_EVALUATION_MODE --binauthz-policy-bindings=[name=BINAUTHZ_POLICY]] [--dataplane-v2-observability-mode=DATAPLANE_V2_OBSERVABILITY_MODE @@ -487,8 +492,6 @@ FLAGS WORKLOAD_VULNERABILITY_SCANNING must be one of: disabled, standard, enterprise. - ClusterDNS_AdditiveVPCScope_EnabledDisable - At most one of these can be specified: --additive-vpc-scope-dns-domain=ADDITIVE_VPC_SCOPE_DNS_DOMAIN @@ -497,6 +500,40 @@ FLAGS --disable-additive-vpc-scope Disables Additive VPC Scope. + Control Plane Keys + + --aggregation-ca=CA_POOL_PATH + The Certificate Authority Service caPool that will back the + aggregation CA + + --cluster-ca=CA_POOL_PATH + The Certificate Authority Service caPool that will back the cluster + CA + + --control-plane-disk-encryption-key=KEY + The Cloud KMS symmetric encryption cryptoKey that will be used to + encrypt the control plane disks + + --etcd-api-ca=CA_POOL_PATH + The Certificate Authority Service caPool that will back the etcd API + CA + + --etcd-peer-ca=CA_POOL_PATH + The Certificate Authority Service caPool that will back the etcd peer + CA + + --gkeops-etcd-backup-encryption-key=KEY + The Cloud KMS symmetric encryption cryptoKey that will be used to + encrypt the disaster recovery etcd backups for the cluster + + --service-account-signing-keys=KEY_VERSION,[KEY_VERSION,...] + A Cloud KMS asymmetric signing cryptoKeyVersion that will be used to + sign service account tokens + + --service-account-verification-keys=KEY_VERSION,[KEY_VERSION,...] + A Cloud KMS asymmetric signing cryptoKeyVersion that will be used to + verify service account tokens. Maybe specified multiple times. + Flags for Binary Authorization: --binauthz-evaluation-mode=BINAUTHZ_EVALUATION_MODE diff --git a/gcloud/beta/container/clusters/update b/gcloud/beta/container/clusters/update index ef2da6f4a..0d693a279 100644 --- a/gcloud/beta/container/clusters/update +++ b/gcloud/beta/container/clusters/update @@ -1108,8 +1108,6 @@ REQUIRED FLAGS vpc Configures the Cloud DNS zone to be private to the VPC Network. - ClusterDNS_AdditiveVPCScope_EnabledDisable - At most one of these can be specified: --additive-vpc-scope-dns-domain=ADDITIVE_VPC_SCOPE_DNS_DOMAIN diff --git a/gcloud/beta/container/vmware/admin-clusters/update b/gcloud/beta/container/vmware/admin-clusters/update index f528420a3..a474fb6d1 100644 --- a/gcloud/beta/container/vmware/admin-clusters/update +++ b/gcloud/beta/container/vmware/admin-clusters/update @@ -56,13 +56,14 @@ FLAGS complete. --required-platform-version=REQUIRED_PLATFORM_VERSION - Platform version required for upgrading a user cluster. If the current - platform version is lower than the required version, the platform - version will be updated to the required version. If it is not installed - in the platform, download the required version bundle. + Platform version required for upgrading an admin cluster or a user + cluster. If the current platform version is lower than the required + version, the platform version will be updated to the required version. + If it is not installed in the platform, download the required version + bundle. --version=VERSION - Anthos Cluster on VMware version for the user cluster resource + Anthos Cluster on VMware version for the cluster resource GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, diff --git a/gcloud/beta/container/vmware/clusters/create b/gcloud/beta/container/vmware/clusters/create index 37b18e4c8..125431ec0 100644 --- a/gcloud/beta/container/vmware/clusters/create +++ b/gcloud/beta/container/vmware/clusters/create @@ -85,7 +85,7 @@ POSITIONAL ARGUMENTS REQUIRED FLAGS --version=VERSION - Anthos Cluster on VMware version for the user cluster resource + Anthos Cluster on VMware version for the cluster resource Admin cluster membership resource - membership of the admin cluster. Membership name is the same as the admin cluster name. diff --git a/gcloud/beta/container/vmware/clusters/update b/gcloud/beta/container/vmware/clusters/update index 25b518aac..2bb31a26b 100644 --- a/gcloud/beta/container/vmware/clusters/update +++ b/gcloud/beta/container/vmware/clusters/update @@ -174,7 +174,7 @@ FLAGS operation. --version=VERSION - Anthos Cluster on VMware version for the user cluster resource + Anthos Cluster on VMware version for the cluster resource At most one of these can be specified: diff --git a/gcloud/beta/container/vmware/clusters/upgrade b/gcloud/beta/container/vmware/clusters/upgrade index a9dd0edc9..b5a3b1e9e 100644 --- a/gcloud/beta/container/vmware/clusters/upgrade +++ b/gcloud/beta/container/vmware/clusters/upgrade @@ -50,7 +50,7 @@ POSITIONAL ARGUMENTS REQUIRED FLAGS --version=VERSION - Anthos Cluster on VMware version for the user cluster resource + Anthos Cluster on VMware version for the cluster resource GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, diff --git a/gcloud/beta/developer-connect/connections/create b/gcloud/beta/developer-connect/connections/create index 6f7e415d4..641dce5b9 100644 --- a/gcloud/beta/developer-connect/connections/create +++ b/gcloud/beta/developer-connect/connections/create @@ -5,13 +5,11 @@ NAME SYNOPSIS gcloud beta developer-connect connections create CONNECTION [--annotations=[ANNOTATIONS,...]] [--async] [--disabled] [--etag=ETAG] - [--labels=[LABELS,...]] [--location=LOCATION] [--request-id=REQUEST_ID] - [--secret=SECRET] [--validate-only] + [--labels=[LABELS,...]] [--location=LOCATION] [--namespace=NAMESPACE] + [--request-id=REQUEST_ID] [--secret=SECRET] [--validate-only] + [--bitbucket-cloud-config-authorizer-credential-user-token-secret-version=BITBUCKET_CLOUD_CONFIG_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION --bitbucket-cloud-config-read-authorizer-credential-user-token-secret-version=BITBUCKET_CLOUD_CONFIG_READ_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION --bitbucket-cloud-config-webhook-secret-version=BITBUCKET_CLOUD_CONFIG_WEBHOOK_SECRET_VERSION --bitbucket-cloud-config-workspace=BITBUCKET_CLOUD_CONFIG_WORKSPACE | [--bitbucket-data-center-config-authorizer-credential-user-token-secret-version=BITBUCKET_DATA_CENTER_CONFIG_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION --bitbucket-data-center-config-host-uri=BITBUCKET_DATA_CENTER_CONFIG_HOST_URI --bitbucket-data-center-config-read-authorizer-credential-user-token-secret-version=BITBUCKET_DATA_CENTER_CONFIG_READ_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION --bitbucket-data-center-config-webhook-secret-version=BITBUCKET_DATA_CENTER_CONFIG_WEBHOOK_SECRET_VERSION : --bitbucket-data-center-config-service-directory=BITBUCKET_DATA_CENTER_CONFIG_SERVICE_DIRECTORY --bitbucket-data-center-config-ssl-ca-certificate=BITBUCKET_DATA_CENTER_CONFIG_SSL_CA_CERTIFICATE] | [--github-config-app=GITHUB_CONFIG_APP : --github-config-app-installation-id=GITHUB_CONFIG_APP_INSTALLATION_ID --github-config-authorizer-credential-oauth-token-secret-version=GITHUB_CONFIG_AUTHORIZER_CREDENTIAL_OAUTH_TOKEN_SECRET_VERSION] | [--github-enterprise-config-host-uri=GITHUB_ENTERPRISE_CONFIG_HOST_URI : --github-enterprise-config-app-id=GITHUB_ENTERPRISE_CONFIG_APP_ID --github-enterprise-config-app-installation-id=GITHUB_ENTERPRISE_CONFIG_APP_INSTALLATION_ID --github-enterprise-config-private-key-secret-version=GITHUB_ENTERPRISE_CONFIG_PRIVATE_KEY_SECRET_VERSION --github-enterprise-config-service-directory=GITHUB_ENTERPRISE_CONFIG_SERVICE_DIRECTORY --github-enterprise-config-ssl-ca-certificate=GITHUB_ENTERPRISE_CONFIG_SSL_CA_CERTIFICATE --github-enterprise-config-webhook-secret-version=GITHUB_ENTERPRISE_CONFIG_WEBHOOK_SECRET_VERSION] | --gitlab-config-authorizer-credential-user-token-secret-version=GITLAB_CONFIG_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION --gitlab-config-read-authorizer-credential-user-token-secret-version=GITLAB_CONFIG_READ_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION --gitlab-config-webhook-secret-version=GITLAB_CONFIG_WEBHOOK_SECRET_VERSION | [--gitlab-enterprise-config-authorizer-credential-user-token-secret-version=GITLAB_ENTERPRISE_CONFIG_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION --gitlab-enterprise-config-host-uri=GITLAB_ENTERPRISE_CONFIG_HOST_URI --gitlab-enterprise-config-read-authorizer-credential-user-token-secret-version=GITLAB_ENTERPRISE_CONFIG_READ_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION --gitlab-enterprise-config-webhook-secret-version=GITLAB_ENTERPRISE_CONFIG_WEBHOOK_SECRET_VERSION : --gitlab-enterprise-config-service-directory=GITLAB_ENTERPRISE_CONFIG_SERVICE_DIRECTORY --gitlab-enterprise-config-ssl-ca-certificate=GITLAB_ENTERPRISE_CONFIG_SSL_CA_CERTIFICATE]] [(--crypto-key-config-reference=CRYPTO_KEY_CONFIG_REFERENCE - : --key-ring=KEY_RING)] - [[--github-config-app=GITHUB_CONFIG_APP - : --github-config-app-installation-id=GITHUB_CONFIG_APP_INSTALLATION_ID --github-config-authorizer-credential-oauth-token-secret-version=GITHUB_CONFIG_AUTHORIZER_CREDENTIAL_OAUTH_TOKEN_SECRET_VERSION] | [--github-enterprise-config-host-uri=GITHUB_ENTERPRISE_CONFIG_HOST_URI : --github-enterprise-config-app-id=GITHUB_ENTERPRISE_CONFIG_APP_ID --github-enterprise-config-app-installation-id=GITHUB_ENTERPRISE_CONFIG_APP_INSTALLATION_ID --github-enterprise-config-private-key-secret-version=GITHUB_ENTERPRISE_CONFIG_PRIVATE_KEY_SECRET_VERSION --github-enterprise-config-service-directory=GITHUB_ENTERPRISE_CONFIG_SERVICE_DIRECTORY --github-enterprise-config-ssl-ca-certificate=GITHUB_ENTERPRISE_CONFIG_SSL_CA_CERTIFICATE --github-enterprise-config-webhook-secret-version=GITHUB_ENTERPRISE_CONFIG_WEBHOOK_SECRET_VERSION] | --gitlab-config-authorizer-credential-user-token-secret-version=GITLAB_CONFIG_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION --gitlab-config-read-authorizer-credential-user-token-secret-version=GITLAB_CONFIG_READ_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION --gitlab-config-webhook-secret-version=GITLAB_CONFIG_WEBHOOK_SECRET_VERSION | [--gitlab-enterprise-config-authorizer-credential-user-token-secret-version=GITLAB_ENTERPRISE_CONFIG_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION --gitlab-enterprise-config-host-uri=GITLAB_ENTERPRISE_CONFIG_HOST_URI --gitlab-enterprise-config-read-authorizer-credential-user-token-secret-version=GITLAB_ENTERPRISE_CONFIG_READ_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION --gitlab-enterprise-config-webhook-secret-version=GITLAB_ENTERPRISE_CONFIG_WEBHOOK_SECRET_VERSION : --gitlab-enterprise-config-service-directory=GITLAB_ENTERPRISE_CONFIG_SERVICE_DIRECTORY --gitlab-enterprise-config-ssl-ca-certificate=GITLAB_ENTERPRISE_CONFIG_SSL_CA_CERTIFICATE]] - [GCLOUD_WIDE_FLAG ...] + : --key-ring=KEY_RING)] [GCLOUD_WIDE_FLAG ...] DESCRIPTION (BETA) Create a connection resource. @@ -112,9 +110,14 @@ FLAGS --labels=path_to_file.(yaml|json) --location=LOCATION - For resources [connection, cryptoKey], provides fallback value for - resource location attribute. When the resource's full URI path is not - provided, location will fallback to this flag value. + For resources [connection, cryptoKey, service], provides fallback value + for resource location attribute. When the resource's full URI path is + not provided, location will fallback to this flag value. + + --namespace=NAMESPACE + For resources [service], provides fallback value for resource namespace + attribute. When the resource's full URI path is not provided, namespace + will fallback to this flag value. --request-id=REQUEST_ID An optional request ID to identify requests. Specify a unique request @@ -139,52 +142,263 @@ FLAGS --validate-only If set, validate the request, but do not actually post it. - The crypto key configuration. This field is used by the Customer-managed - encryption keys (CMEK) feature. - - CryptoKey resource - The name of the key which is used to - encrypt/decrypt customer data. For key in Cloud KMS, the key should be - in the format of projects/*/locations/*/keyRings/*/cryptoKeys/*. The - arguments in this group can be used to specify the attributes of this - resource. (NOTE) Some attributes are not given arguments in this group - but can be set in other ways. - - To set the project attribute: - ▸ provide the argument --crypto-key-config-reference on the command - line with a fully specified name; - ▸ provide the argument --project on the command line; - ▸ set the property core/project. - - To set the location attribute: - ▸ provide the argument --crypto-key-config-reference on the command - line with a fully specified name; - ▸ provide the argument --location on the command line. - - This must be specified. - - --crypto-key-config-reference=CRYPTO_KEY_CONFIG_REFERENCE - ID of the cryptoKey or fully qualified identifier for the - cryptoKey. - - To set the crypto-key attribute: - ▫ provide the argument --crypto-key-config-reference on the - command line. - - This flag argument must be specified if any of the other arguments - in this group are specified. - - --key-ring=KEY_RING - The keyRing id of the cryptoKey resource. - - To set the key-ring attribute: - ▫ provide the argument --crypto-key-config-reference on the - command line with a fully specified name; - ▫ provide the argument --key-ring on the command line. - Arguments for the connection config. At most one of these can be specified: + Configuration for connections to an instance of Bitbucket Cloud. + + Represents a personal access token that authorized the Connection, and + associated metadata. + + This must be specified. + + SecretVersion resource - A SecretManager resource containing the + user token that authorizes the Developer Connect connection. Format: + projects/*/secrets/*/versions/*. This represents a Cloud resource. + (NOTE) Some attributes are not given arguments in this group but can + be set in other ways. + + To set the project attribute: + ◇ provide the argument + --bitbucket-cloud-config-authorizer-credential-user-token-secret-version + on the command line with a fully specified name; + ◇ provide the argument --project on the command line; + ◇ set the property core/project. + + To set the secret attribute: + ◇ provide the argument + --bitbucket-cloud-config-authorizer-credential-user-token-secret-version + on the command line with a fully specified name; + ◇ provide the argument --secret on the command line. + + This must be specified. + + --bitbucket-cloud-config-authorizer-credential-user-token-secret-version=BITBUCKET_CLOUD_CONFIG_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION + ID of the secretVersion or fully qualified identifier for the + secretVersion. + + To set the secret-version attribute: + ▹ provide the argument + --bitbucket-cloud-config-authorizer-credential-user-token-secret-version + on the command line. + + Represents a personal access token that authorized the Connection, and + associated metadata. + + This must be specified. + + SecretVersion resource - A SecretManager resource containing the + user token that authorizes the Developer Connect connection. Format: + projects/*/secrets/*/versions/*. This represents a Cloud resource. + (NOTE) Some attributes are not given arguments in this group but can + be set in other ways. + + To set the project attribute: + ◇ provide the argument + --bitbucket-cloud-config-read-authorizer-credential-user-token-secret-version + on the command line with a fully specified name; + ◇ provide the argument --project on the command line; + ◇ set the property core/project. + + To set the secret attribute: + ◇ provide the argument + --bitbucket-cloud-config-read-authorizer-credential-user-token-secret-version + on the command line with a fully specified name; + ◇ provide the argument --secret on the command line. + + This must be specified. + + --bitbucket-cloud-config-read-authorizer-credential-user-token-secret-version=BITBUCKET_CLOUD_CONFIG_READ_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION + ID of the secretVersion or fully qualified identifier for the + secretVersion. + + To set the secret-version attribute: + ▹ provide the argument + --bitbucket-cloud-config-read-authorizer-credential-user-token-secret-version + on the command line. + + SecretVersion resource - SecretManager resource containing the webhook + secret used to verify webhook events, formatted as + projects/*/secrets/*/versions/*. This is used to validate and create + webhooks. This represents a Cloud resource. (NOTE) Some attributes are + not given arguments in this group but can be set in other ways. + + To set the project attribute: + ▫ provide the argument + --bitbucket-cloud-config-webhook-secret-version on the command line + with a fully specified name; + ▫ provide the argument --project on the command line; + ▫ set the property core/project. + + To set the secret attribute: + ▫ provide the argument + --bitbucket-cloud-config-webhook-secret-version on the command line + with a fully specified name; + ▫ provide the argument --secret on the command line. + + This must be specified. + + --bitbucket-cloud-config-webhook-secret-version=BITBUCKET_CLOUD_CONFIG_WEBHOOK_SECRET_VERSION + ID of the secretVersion or fully qualified identifier for the + secretVersion. + + To set the secret-version attribute: + ◇ provide the argument + --bitbucket-cloud-config-webhook-secret-version on the command + line. + + --bitbucket-cloud-config-workspace=BITBUCKET_CLOUD_CONFIG_WORKSPACE + The Bitbucket Cloud Workspace ID to be connected to Google Cloud + Platform. + + Configuration for connections to an instance of Bitbucket Data Center. + + Represents a personal access token that authorized the Connection, and + associated metadata. + + This must be specified. + + SecretVersion resource - A SecretManager resource containing the + user token that authorizes the Developer Connect connection. Format: + projects/*/secrets/*/versions/*. This represents a Cloud resource. + (NOTE) Some attributes are not given arguments in this group but can + be set in other ways. + + To set the project attribute: + ◇ provide the argument + --bitbucket-data-center-config-authorizer-credential-user-token-secret-version + on the command line with a fully specified name; + ◇ provide the argument --project on the command line; + ◇ set the property core/project. + + To set the secret attribute: + ◇ provide the argument + --bitbucket-data-center-config-authorizer-credential-user-token-secret-version + on the command line with a fully specified name; + ◇ provide the argument --secret on the command line. + + This must be specified. + + --bitbucket-data-center-config-authorizer-credential-user-token-secret-version=BITBUCKET_DATA_CENTER_CONFIG_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION + ID of the secretVersion or fully qualified identifier for the + secretVersion. + + To set the secret-version attribute: + ▹ provide the argument + --bitbucket-data-center-config-authorizer-credential-user-token-secret-version + on the command line. + + --bitbucket-data-center-config-host-uri=BITBUCKET_DATA_CENTER_CONFIG_HOST_URI + The URI of the Bitbucket Data Center host this connection is for. + + Represents a personal access token that authorized the Connection, and + associated metadata. + + This must be specified. + + SecretVersion resource - A SecretManager resource containing the + user token that authorizes the Developer Connect connection. Format: + projects/*/secrets/*/versions/*. This represents a Cloud resource. + (NOTE) Some attributes are not given arguments in this group but can + be set in other ways. + + To set the project attribute: + ◇ provide the argument + --bitbucket-data-center-config-read-authorizer-credential-user-token-secret-version + on the command line with a fully specified name; + ◇ provide the argument --project on the command line; + ◇ set the property core/project. + + To set the secret attribute: + ◇ provide the argument + --bitbucket-data-center-config-read-authorizer-credential-user-token-secret-version + on the command line with a fully specified name; + ◇ provide the argument --secret on the command line. + + This must be specified. + + --bitbucket-data-center-config-read-authorizer-credential-user-token-secret-version=BITBUCKET_DATA_CENTER_CONFIG_READ_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION + ID of the secretVersion or fully qualified identifier for the + secretVersion. + + To set the secret-version attribute: + ▹ provide the argument + --bitbucket-data-center-config-read-authorizer-credential-user-token-secret-version + on the command line. + + SecretVersion resource - SecretManager resource containing the webhook + secret used to verify webhook events, formatted as + projects/*/secrets/*/versions/*. This is used to validate webhooks. + This represents a Cloud resource. (NOTE) Some attributes are not given + arguments in this group but can be set in other ways. + + To set the project attribute: + ▫ provide the argument + --bitbucket-data-center-config-webhook-secret-version on the + command line with a fully specified name; + ▫ provide the argument --project on the command line; + ▫ set the property core/project. + + To set the secret attribute: + ▫ provide the argument + --bitbucket-data-center-config-webhook-secret-version on the + command line with a fully specified name; + ▫ provide the argument --secret on the command line. + + This must be specified. + + --bitbucket-data-center-config-webhook-secret-version=BITBUCKET_DATA_CENTER_CONFIG_WEBHOOK_SECRET_VERSION + ID of the secretVersion or fully qualified identifier for the + secretVersion. + + To set the secret-version attribute: + ◇ provide the argument + --bitbucket-data-center-config-webhook-secret-version on the + command line. + + ServiceDirectoryConfig represents Service Directory configuration for + a connection. + + Service resource - The Service Directory service name. Format: + projects/{project}/locations/{location}/namespaces/{namespace}/services/{service}. + This represents a Cloud resource. (NOTE) Some attributes are not + given arguments in this group but can be set in other ways. + + To set the project attribute: + ◇ provide the argument + --bitbucket-data-center-config-service-directory on the command + line with a fully specified name; + ◇ provide the argument --project on the command line; + ◇ set the property core/project. + + To set the location attribute: + ◇ provide the argument + --bitbucket-data-center-config-service-directory on the command + line with a fully specified name; + ◇ provide the argument --location on the command line. + + To set the namespace attribute: + ◇ provide the argument + --bitbucket-data-center-config-service-directory on the command + line with a fully specified name; + ◇ provide the argument --namespace on the command line. + + This must be specified. + + --bitbucket-data-center-config-service-directory=BITBUCKET_DATA_CENTER_CONFIG_SERVICE_DIRECTORY + ID of the service or fully qualified identifier for the + service. + + To set the service attribute: + ▹ provide the argument + --bitbucket-data-center-config-service-directory on the + command line. + + --bitbucket-data-center-config-ssl-ca-certificate=BITBUCKET_DATA_CENTER_CONFIG_SSL_CA_CERTIFICATE + SSL certificate authority to trust when making requests to + Bitbucket Data Center. + Configuration for connections to github.com. --github-config-app=GITHUB_CONFIG_APP @@ -279,9 +493,40 @@ FLAGS ServiceDirectoryConfig represents Service Directory configuration for a connection. - --github-enterprise-config-service-directory=GITHUB_ENTERPRISE_CONFIG_SERVICE_DIRECTORY - The Service Directory service name. Format: - projects/{project}/locations/{location}/namespaces/{namespace}/services/{service}. + Service resource - The Service Directory service name. Format: + projects/{project}/locations/{location}/namespaces/{namespace}/services/{service}. + This represents a Cloud resource. (NOTE) Some attributes are not + given arguments in this group but can be set in other ways. + + To set the project attribute: + ◇ provide the argument + --github-enterprise-config-service-directory on the command line + with a fully specified name; + ◇ provide the argument --project on the command line; + ◇ set the property core/project. + + To set the location attribute: + ◇ provide the argument + --github-enterprise-config-service-directory on the command line + with a fully specified name; + ◇ provide the argument --location on the command line. + + To set the namespace attribute: + ◇ provide the argument + --github-enterprise-config-service-directory on the command line + with a fully specified name; + ◇ provide the argument --namespace on the command line. + + This must be specified. + + --github-enterprise-config-service-directory=GITHUB_ENTERPRISE_CONFIG_SERVICE_DIRECTORY + ID of the service or fully qualified identifier for the + service. + + To set the service attribute: + ▹ provide the argument + --github-enterprise-config-service-directory on the command + line. --github-enterprise-config-ssl-ca-certificate=GITHUB_ENTERPRISE_CONFIG_SSL_CA_CERTIFICATE SSL certificate to use for requests to GitHub Enterprise. @@ -521,14 +766,87 @@ FLAGS ServiceDirectoryConfig represents Service Directory configuration for a connection. - --gitlab-enterprise-config-service-directory=GITLAB_ENTERPRISE_CONFIG_SERVICE_DIRECTORY - The Service Directory service name. Format: - projects/{project}/locations/{location}/namespaces/{namespace}/services/{service}. + Service resource - The Service Directory service name. Format: + projects/{project}/locations/{location}/namespaces/{namespace}/services/{service}. + This represents a Cloud resource. (NOTE) Some attributes are not + given arguments in this group but can be set in other ways. + + To set the project attribute: + ◇ provide the argument + --gitlab-enterprise-config-service-directory on the command line + with a fully specified name; + ◇ provide the argument --project on the command line; + ◇ set the property core/project. + + To set the location attribute: + ◇ provide the argument + --gitlab-enterprise-config-service-directory on the command line + with a fully specified name; + ◇ provide the argument --location on the command line. + + To set the namespace attribute: + ◇ provide the argument + --gitlab-enterprise-config-service-directory on the command line + with a fully specified name; + ◇ provide the argument --namespace on the command line. + + This must be specified. + + --gitlab-enterprise-config-service-directory=GITLAB_ENTERPRISE_CONFIG_SERVICE_DIRECTORY + ID of the service or fully qualified identifier for the + service. + + To set the service attribute: + ▹ provide the argument + --gitlab-enterprise-config-service-directory on the command + line. --gitlab-enterprise-config-ssl-ca-certificate=GITLAB_ENTERPRISE_CONFIG_SSL_CA_CERTIFICATE SSL Certificate Authority certificate to use for requests to GitLab Enterprise instance. + The crypto key configuration. This field is used by the Customer-managed + encryption keys (CMEK) feature. + + CryptoKey resource - The name of the key which is used to + encrypt/decrypt customer data. For key in Cloud KMS, the key should be + in the format of projects/*/locations/*/keyRings/*/cryptoKeys/*. The + arguments in this group can be used to specify the attributes of this + resource. (NOTE) Some attributes are not given arguments in this group + but can be set in other ways. + + To set the project attribute: + ▸ provide the argument --crypto-key-config-reference on the command + line with a fully specified name; + ▸ provide the argument --project on the command line; + ▸ set the property core/project. + + To set the location attribute: + ▸ provide the argument --crypto-key-config-reference on the command + line with a fully specified name; + ▸ provide the argument --location on the command line. + + This must be specified. + + --crypto-key-config-reference=CRYPTO_KEY_CONFIG_REFERENCE + ID of the cryptoKey or fully qualified identifier for the + cryptoKey. + + To set the crypto-key attribute: + ▫ provide the argument --crypto-key-config-reference on the + command line. + + This flag argument must be specified if any of the other arguments + in this group are specified. + + --key-ring=KEY_RING + The keyRing id of the cryptoKey resource. + + To set the key-ring attribute: + ▫ provide the argument --crypto-key-config-reference on the + command line with a fully specified name; + ▫ provide the argument --key-ring on the command line. + GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, @@ -543,8 +861,10 @@ API REFERENCE http://cloud.google.com/developer-connect/docs/overview NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud developer-connect connections create $ gcloud alpha developer-connect connections create diff --git a/gcloud/beta/developer-connect/connections/delete b/gcloud/beta/developer-connect/connections/delete index aaef86f60..871043517 100644 --- a/gcloud/beta/developer-connect/connections/delete +++ b/gcloud/beta/developer-connect/connections/delete @@ -89,8 +89,10 @@ API REFERENCE http://cloud.google.com/developer-connect/docs/overview NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud developer-connect connections delete $ gcloud alpha developer-connect connections delete diff --git a/gcloud/beta/developer-connect/connections/describe b/gcloud/beta/developer-connect/connections/describe index 4f48e2b90..0e6ef003d 100644 --- a/gcloud/beta/developer-connect/connections/describe +++ b/gcloud/beta/developer-connect/connections/describe @@ -61,8 +61,10 @@ API REFERENCE http://cloud.google.com/developer-connect/docs/overview NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud developer-connect connections describe $ gcloud alpha developer-connect connections describe diff --git a/gcloud/beta/developer-connect/connections/git-repository-links/create b/gcloud/beta/developer-connect/connections/git-repository-links/create index 8488a3cb8..bd2009dd5 100644 --- a/gcloud/beta/developer-connect/connections/git-repository-links/create +++ b/gcloud/beta/developer-connect/connections/git-repository-links/create @@ -159,8 +159,10 @@ API REFERENCE http://cloud.google.com/developer-connect/docs/overview NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud developer-connect connections git-repository-links create $ gcloud alpha developer-connect connections git-repository-links \ create diff --git a/gcloud/beta/developer-connect/connections/git-repository-links/delete b/gcloud/beta/developer-connect/connections/git-repository-links/delete index 5364c14c8..d2cec11dc 100644 --- a/gcloud/beta/developer-connect/connections/git-repository-links/delete +++ b/gcloud/beta/developer-connect/connections/git-repository-links/delete @@ -100,8 +100,10 @@ API REFERENCE http://cloud.google.com/developer-connect/docs/overview NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud developer-connect connections git-repository-links delete $ gcloud alpha developer-connect connections git-repository-links \ delete diff --git a/gcloud/beta/developer-connect/connections/git-repository-links/describe b/gcloud/beta/developer-connect/connections/git-repository-links/describe index b2c5710d7..dc5e20dd4 100644 --- a/gcloud/beta/developer-connect/connections/git-repository-links/describe +++ b/gcloud/beta/developer-connect/connections/git-repository-links/describe @@ -71,8 +71,10 @@ API REFERENCE http://cloud.google.com/developer-connect/docs/overview NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud developer-connect connections git-repository-links describe $ gcloud alpha developer-connect connections git-repository-links \ describe diff --git a/gcloud/beta/developer-connect/connections/git-repository-links/fetch-read-token b/gcloud/beta/developer-connect/connections/git-repository-links/fetch-read-token index 4f1219167..cfc4a8e81 100644 --- a/gcloud/beta/developer-connect/connections/git-repository-links/fetch-read-token +++ b/gcloud/beta/developer-connect/connections/git-repository-links/fetch-read-token @@ -74,8 +74,11 @@ API REFERENCE http://cloud.google.com/developer-connect/docs/overview NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud developer-connect connections git-repository-links \ + fetch-read-token $ gcloud alpha developer-connect connections git-repository-links \ fetch-read-token diff --git a/gcloud/beta/developer-connect/connections/git-repository-links/fetch-read-write-token b/gcloud/beta/developer-connect/connections/git-repository-links/fetch-read-write-token index e5aac424b..8a7af5890 100644 --- a/gcloud/beta/developer-connect/connections/git-repository-links/fetch-read-write-token +++ b/gcloud/beta/developer-connect/connections/git-repository-links/fetch-read-write-token @@ -75,8 +75,11 @@ API REFERENCE http://cloud.google.com/developer-connect/docs/overview NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud developer-connect connections git-repository-links \ + fetch-read-write-token $ gcloud alpha developer-connect connections git-repository-links \ fetch-read-write-token diff --git a/gcloud/beta/developer-connect/connections/git-repository-links/help b/gcloud/beta/developer-connect/connections/git-repository-links/help index b164c3a89..a345cba7b 100644 --- a/gcloud/beta/developer-connect/connections/git-repository-links/help +++ b/gcloud/beta/developer-connect/connections/git-repository-links/help @@ -36,8 +36,10 @@ COMMANDS (BETA) List all git repository links in a connection. NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud developer-connect connections git-repository-links $ gcloud alpha developer-connect connections git-repository-links diff --git a/gcloud/beta/developer-connect/connections/git-repository-links/list b/gcloud/beta/developer-connect/connections/git-repository-links/list index b1b0f9736..4b11c93a4 100644 --- a/gcloud/beta/developer-connect/connections/git-repository-links/list +++ b/gcloud/beta/developer-connect/connections/git-repository-links/list @@ -95,8 +95,10 @@ API REFERENCE http://cloud.google.com/developer-connect/docs/overview NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud developer-connect connections git-repository-links list $ gcloud alpha developer-connect connections git-repository-links \ list diff --git a/gcloud/beta/developer-connect/connections/help b/gcloud/beta/developer-connect/connections/help index 2a6cc83c0..2ab3df3e8 100644 --- a/gcloud/beta/developer-connect/connections/help +++ b/gcloud/beta/developer-connect/connections/help @@ -38,8 +38,10 @@ COMMANDS (BETA) Update the parameters of a single connection. NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud developer-connect connections $ gcloud alpha developer-connect connections diff --git a/gcloud/beta/developer-connect/connections/list b/gcloud/beta/developer-connect/connections/list index 5cd2457f5..b06fcad65 100644 --- a/gcloud/beta/developer-connect/connections/list +++ b/gcloud/beta/developer-connect/connections/list @@ -80,8 +80,10 @@ API REFERENCE http://cloud.google.com/developer-connect/docs/overview NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud developer-connect connections list $ gcloud alpha developer-connect connections list diff --git a/gcloud/beta/developer-connect/connections/update b/gcloud/beta/developer-connect/connections/update index 6d19dcc45..7d44bdd17 100644 --- a/gcloud/beta/developer-connect/connections/update +++ b/gcloud/beta/developer-connect/connections/update @@ -5,15 +5,14 @@ NAME SYNOPSIS gcloud beta developer-connect connections update CONNECTION [--[no-]allow-missing] [--async] [--[no-]disabled] [--etag=ETAG] - [--location=LOCATION] [--request-id=REQUEST_ID] [--secret=SECRET] - [--[no-]validate-only] + [--location=LOCATION] [--namespace=NAMESPACE] [--request-id=REQUEST_ID] + [--secret=SECRET] [--[no-]validate-only] [--annotations=[ANNOTATIONS,...] | --update-annotations=[UPDATE_ANNOTATIONS,...] --clear-annotations | --remove-annotations=[__REMOVE_ANNOTATIONS,...]] + [--bitbucket-cloud-config-authorizer-credential-user-token-secret-version=BITBUCKET_CLOUD_CONFIG_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION --bitbucket-cloud-config-read-authorizer-credential-user-token-secret-version=BITBUCKET_CLOUD_CONFIG_READ_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION --bitbucket-cloud-config-workspace=BITBUCKET_CLOUD_CONFIG_WORKSPACE | --bitbucket-data-center-config-authorizer-credential-user-token-secret-version=BITBUCKET_DATA_CENTER_CONFIG_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION --bitbucket-data-center-config-host-uri=BITBUCKET_DATA_CENTER_CONFIG_HOST_URI --bitbucket-data-center-config-read-authorizer-credential-user-token-secret-version=BITBUCKET_DATA_CENTER_CONFIG_READ_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION --bitbucket-data-center-config-service-directory=BITBUCKET_DATA_CENTER_CONFIG_SERVICE_DIRECTORY --bitbucket-data-center-config-ssl-ca-certificate=BITBUCKET_DATA_CENTER_CONFIG_SSL_CA_CERTIFICATE | --github-config-app-installation-id=GITHUB_CONFIG_APP_INSTALLATION_ID --github-config-authorizer-credential-oauth-token-secret-version=GITHUB_CONFIG_AUTHORIZER_CREDENTIAL_OAUTH_TOKEN_SECRET_VERSION | --github-enterprise-config-app-id=GITHUB_ENTERPRISE_CONFIG_APP_ID --github-enterprise-config-app-installation-id=GITHUB_ENTERPRISE_CONFIG_APP_INSTALLATION_ID --github-enterprise-config-host-uri=GITHUB_ENTERPRISE_CONFIG_HOST_URI --github-enterprise-config-service-directory=GITHUB_ENTERPRISE_CONFIG_SERVICE_DIRECTORY --github-enterprise-config-ssl-ca-certificate=GITHUB_ENTERPRISE_CONFIG_SSL_CA_CERTIFICATE --clear-github-enterprise-config-private-key-secret-version | --github-enterprise-config-private-key-secret-version=GITHUB_ENTERPRISE_CONFIG_PRIVATE_KEY_SECRET_VERSION --clear-github-enterprise-config-webhook-secret-version | --github-enterprise-config-webhook-secret-version=GITHUB_ENTERPRISE_CONFIG_WEBHOOK_SECRET_VERSION | --gitlab-config-authorizer-credential-user-token-secret-version=GITLAB_CONFIG_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION --gitlab-config-read-authorizer-credential-user-token-secret-version=GITLAB_CONFIG_READ_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION | --gitlab-enterprise-config-authorizer-credential-user-token-secret-version=GITLAB_ENTERPRISE_CONFIG_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION --gitlab-enterprise-config-host-uri=GITLAB_ENTERPRISE_CONFIG_HOST_URI --gitlab-enterprise-config-read-authorizer-credential-user-token-secret-version=GITLAB_ENTERPRISE_CONFIG_READ_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION --gitlab-enterprise-config-service-directory=GITLAB_ENTERPRISE_CONFIG_SERVICE_DIRECTORY --gitlab-enterprise-config-ssl-ca-certificate=GITLAB_ENTERPRISE_CONFIG_SSL_CA_CERTIFICATE] [--crypto-key-config-reference=CRYPTO_KEY_CONFIG_REFERENCE : --key-ring=KEY_RING] - [--github-config-app-installation-id=GITHUB_CONFIG_APP_INSTALLATION_ID - --github-config-authorizer-credential-oauth-token-secret-version=GITHUB_CONFIG_AUTHORIZER_CREDENTIAL_OAUTH_TOKEN_SECRET_VERSION | --github-enterprise-config-app-id=GITHUB_ENTERPRISE_CONFIG_APP_ID --github-enterprise-config-app-installation-id=GITHUB_ENTERPRISE_CONFIG_APP_INSTALLATION_ID --github-enterprise-config-host-uri=GITHUB_ENTERPRISE_CONFIG_HOST_URI --github-enterprise-config-service-directory=GITHUB_ENTERPRISE_CONFIG_SERVICE_DIRECTORY --github-enterprise-config-ssl-ca-certificate=GITHUB_ENTERPRISE_CONFIG_SSL_CA_CERTIFICATE --clear-github-enterprise-config-private-key-secret-version | --github-enterprise-config-private-key-secret-version=GITHUB_ENTERPRISE_CONFIG_PRIVATE_KEY_SECRET_VERSION --clear-github-enterprise-config-webhook-secret-version | --github-enterprise-config-webhook-secret-version=GITHUB_ENTERPRISE_CONFIG_WEBHOOK_SECRET_VERSION | --gitlab-config-authorizer-credential-user-token-secret-version=GITLAB_CONFIG_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION --gitlab-config-read-authorizer-credential-user-token-secret-version=GITLAB_CONFIG_READ_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION | --gitlab-enterprise-config-authorizer-credential-user-token-secret-version=GITLAB_ENTERPRISE_CONFIG_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION --gitlab-enterprise-config-host-uri=GITLAB_ENTERPRISE_CONFIG_HOST_URI --gitlab-enterprise-config-read-authorizer-credential-user-token-secret-version=GITLAB_ENTERPRISE_CONFIG_READ_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION --gitlab-enterprise-config-service-directory=GITLAB_ENTERPRISE_CONFIG_SERVICE_DIRECTORY --gitlab-enterprise-config-ssl-ca-certificate=GITLAB_ENTERPRISE_CONFIG_SSL_CA_CERTIFICATE] [--labels=[LABELS,...] | --update-labels=[UPDATE_LABELS,...] --clear-labels | --remove-labels=[__REMOVE_LABELS,...]] [GCLOUD_WIDE_FLAG ...] @@ -80,9 +79,14 @@ FLAGS client has an up-to-date value before proceeding. --location=LOCATION - For resources [connection, cryptoKey], provides fallback value for - resource location attribute. When the resource's full URI path is not - provided, location will fallback to this flag value. + For resources [connection, cryptoKey, service], provides fallback value + for resource location attribute. When the resource's full URI path is + not provided, location will fallback to this flag value. + + --namespace=NAMESPACE + For resources [service], provides fallback value for resource namespace + attribute. When the resource's full URI path is not provided, namespace + will fallback to this flag value. --request-id=REQUEST_ID An optional request ID to identify requests. Specify a unique request @@ -164,50 +168,185 @@ FLAGS --remove-annotations=[__REMOVE_ANNOTATIONS,...] Remove existing value from map annotations. - The crypto key configuration. This field is used by the Customer-managed - encryption keys (CMEK) feature. - - CryptoKey resource - The name of the key which is used to - encrypt/decrypt customer data. For key in Cloud KMS, the key should be - in the format of projects/*/locations/*/keyRings/*/cryptoKeys/*. The - arguments in this group can be used to specify the attributes of this - resource. (NOTE) Some attributes are not given arguments in this group - but can be set in other ways. - - To set the project attribute: - ▸ provide the argument --crypto-key-config-reference on the command - line with a fully specified name; - ▸ provide the argument --project on the command line; - ▸ set the property core/project. - - To set the location attribute: - ▸ provide the argument --crypto-key-config-reference on the command - line with a fully specified name; - ▸ provide the argument --location on the command line. - - --crypto-key-config-reference=CRYPTO_KEY_CONFIG_REFERENCE - ID of the cryptoKey or fully qualified identifier for the - cryptoKey. - - To set the crypto-key attribute: - ▫ provide the argument --crypto-key-config-reference on the - command line. - - This flag argument must be specified if any of the other arguments - in this group are specified. - - --key-ring=KEY_RING - The keyRing id of the cryptoKey resource. - - To set the key-ring attribute: - ▫ provide the argument --crypto-key-config-reference on the - command line with a fully specified name; - ▫ provide the argument --key-ring on the command line. - Arguments for the connection config. At most one of these can be specified: + Configuration for connections to an instance of Bitbucket Cloud. + + Represents a personal access token that authorized the Connection, and + associated metadata. + + SecretVersion resource - A SecretManager resource containing the + user token that authorizes the Developer Connect connection. Format: + projects/*/secrets/*/versions/*. This represents a Cloud resource. + (NOTE) Some attributes are not given arguments in this group but can + be set in other ways. + + To set the project attribute: + ◇ provide the argument + --bitbucket-cloud-config-authorizer-credential-user-token-secret-version + on the command line with a fully specified name; + ◇ provide the argument --project on the command line; + ◇ set the property core/project. + + To set the secret attribute: + ◇ provide the argument + --bitbucket-cloud-config-authorizer-credential-user-token-secret-version + on the command line with a fully specified name; + ◇ provide the argument --secret on the command line. + + --bitbucket-cloud-config-authorizer-credential-user-token-secret-version=BITBUCKET_CLOUD_CONFIG_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION + ID of the secretVersion or fully qualified identifier for the + secretVersion. + + To set the secret-version attribute: + ▹ provide the argument + --bitbucket-cloud-config-authorizer-credential-user-token-secret-version + on the command line. + + Represents a personal access token that authorized the Connection, and + associated metadata. + + SecretVersion resource - A SecretManager resource containing the + user token that authorizes the Developer Connect connection. Format: + projects/*/secrets/*/versions/*. This represents a Cloud resource. + (NOTE) Some attributes are not given arguments in this group but can + be set in other ways. + + To set the project attribute: + ◇ provide the argument + --bitbucket-cloud-config-read-authorizer-credential-user-token-secret-version + on the command line with a fully specified name; + ◇ provide the argument --project on the command line; + ◇ set the property core/project. + + To set the secret attribute: + ◇ provide the argument + --bitbucket-cloud-config-read-authorizer-credential-user-token-secret-version + on the command line with a fully specified name; + ◇ provide the argument --secret on the command line. + + --bitbucket-cloud-config-read-authorizer-credential-user-token-secret-version=BITBUCKET_CLOUD_CONFIG_READ_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION + ID of the secretVersion or fully qualified identifier for the + secretVersion. + + To set the secret-version attribute: + ▹ provide the argument + --bitbucket-cloud-config-read-authorizer-credential-user-token-secret-version + on the command line. + + --bitbucket-cloud-config-workspace=BITBUCKET_CLOUD_CONFIG_WORKSPACE + The Bitbucket Cloud Workspace ID to be connected to Google Cloud + Platform. + + Configuration for connections to an instance of Bitbucket Data Center. + + Represents a personal access token that authorized the Connection, and + associated metadata. + + SecretVersion resource - A SecretManager resource containing the + user token that authorizes the Developer Connect connection. Format: + projects/*/secrets/*/versions/*. This represents a Cloud resource. + (NOTE) Some attributes are not given arguments in this group but can + be set in other ways. + + To set the project attribute: + ◇ provide the argument + --bitbucket-data-center-config-authorizer-credential-user-token-secret-version + on the command line with a fully specified name; + ◇ provide the argument --project on the command line; + ◇ set the property core/project. + + To set the secret attribute: + ◇ provide the argument + --bitbucket-data-center-config-authorizer-credential-user-token-secret-version + on the command line with a fully specified name; + ◇ provide the argument --secret on the command line. + + --bitbucket-data-center-config-authorizer-credential-user-token-secret-version=BITBUCKET_DATA_CENTER_CONFIG_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION + ID of the secretVersion or fully qualified identifier for the + secretVersion. + + To set the secret-version attribute: + ▹ provide the argument + --bitbucket-data-center-config-authorizer-credential-user-token-secret-version + on the command line. + + --bitbucket-data-center-config-host-uri=BITBUCKET_DATA_CENTER_CONFIG_HOST_URI + The URI of the Bitbucket Data Center host this connection is for. + + Represents a personal access token that authorized the Connection, and + associated metadata. + + SecretVersion resource - A SecretManager resource containing the + user token that authorizes the Developer Connect connection. Format: + projects/*/secrets/*/versions/*. This represents a Cloud resource. + (NOTE) Some attributes are not given arguments in this group but can + be set in other ways. + + To set the project attribute: + ◇ provide the argument + --bitbucket-data-center-config-read-authorizer-credential-user-token-secret-version + on the command line with a fully specified name; + ◇ provide the argument --project on the command line; + ◇ set the property core/project. + + To set the secret attribute: + ◇ provide the argument + --bitbucket-data-center-config-read-authorizer-credential-user-token-secret-version + on the command line with a fully specified name; + ◇ provide the argument --secret on the command line. + + --bitbucket-data-center-config-read-authorizer-credential-user-token-secret-version=BITBUCKET_DATA_CENTER_CONFIG_READ_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION + ID of the secretVersion or fully qualified identifier for the + secretVersion. + + To set the secret-version attribute: + ▹ provide the argument + --bitbucket-data-center-config-read-authorizer-credential-user-token-secret-version + on the command line. + + ServiceDirectoryConfig represents Service Directory configuration for + a connection. + + Service resource - The Service Directory service name. Format: + projects/{project}/locations/{location}/namespaces/{namespace}/services/{service}. + This represents a Cloud resource. (NOTE) Some attributes are not + given arguments in this group but can be set in other ways. + + To set the project attribute: + ◇ provide the argument + --bitbucket-data-center-config-service-directory on the command + line with a fully specified name; + ◇ provide the argument --project on the command line; + ◇ set the property core/project. + + To set the location attribute: + ◇ provide the argument + --bitbucket-data-center-config-service-directory on the command + line with a fully specified name; + ◇ provide the argument --location on the command line. + + To set the namespace attribute: + ◇ provide the argument + --bitbucket-data-center-config-service-directory on the command + line with a fully specified name; + ◇ provide the argument --namespace on the command line. + + --bitbucket-data-center-config-service-directory=BITBUCKET_DATA_CENTER_CONFIG_SERVICE_DIRECTORY + ID of the service or fully qualified identifier for the + service. + + To set the service attribute: + ▹ provide the argument + --bitbucket-data-center-config-service-directory on the + command line. + + --bitbucket-data-center-config-ssl-ca-certificate=BITBUCKET_DATA_CENTER_CONFIG_SSL_CA_CERTIFICATE + SSL certificate authority to trust when making requests to + Bitbucket Data Center. + Configuration for connections to github.com. --github-config-app-installation-id=GITHUB_CONFIG_APP_INSTALLATION_ID @@ -258,9 +397,38 @@ FLAGS ServiceDirectoryConfig represents Service Directory configuration for a connection. - --github-enterprise-config-service-directory=GITHUB_ENTERPRISE_CONFIG_SERVICE_DIRECTORY - The Service Directory service name. Format: - projects/{project}/locations/{location}/namespaces/{namespace}/services/{service}. + Service resource - The Service Directory service name. Format: + projects/{project}/locations/{location}/namespaces/{namespace}/services/{service}. + This represents a Cloud resource. (NOTE) Some attributes are not + given arguments in this group but can be set in other ways. + + To set the project attribute: + ◇ provide the argument + --github-enterprise-config-service-directory on the command line + with a fully specified name; + ◇ provide the argument --project on the command line; + ◇ set the property core/project. + + To set the location attribute: + ◇ provide the argument + --github-enterprise-config-service-directory on the command line + with a fully specified name; + ◇ provide the argument --location on the command line. + + To set the namespace attribute: + ◇ provide the argument + --github-enterprise-config-service-directory on the command line + with a fully specified name; + ◇ provide the argument --namespace on the command line. + + --github-enterprise-config-service-directory=GITHUB_ENTERPRISE_CONFIG_SERVICE_DIRECTORY + ID of the service or fully qualified identifier for the + service. + + To set the service attribute: + ▹ provide the argument + --github-enterprise-config-service-directory on the command + line. --github-enterprise-config-ssl-ca-certificate=GITHUB_ENTERPRISE_CONFIG_SSL_CA_CERTIFICATE SSL certificate to use for requests to GitHub Enterprise. @@ -475,14 +643,83 @@ FLAGS ServiceDirectoryConfig represents Service Directory configuration for a connection. - --gitlab-enterprise-config-service-directory=GITLAB_ENTERPRISE_CONFIG_SERVICE_DIRECTORY - The Service Directory service name. Format: - projects/{project}/locations/{location}/namespaces/{namespace}/services/{service}. + Service resource - The Service Directory service name. Format: + projects/{project}/locations/{location}/namespaces/{namespace}/services/{service}. + This represents a Cloud resource. (NOTE) Some attributes are not + given arguments in this group but can be set in other ways. + + To set the project attribute: + ◇ provide the argument + --gitlab-enterprise-config-service-directory on the command line + with a fully specified name; + ◇ provide the argument --project on the command line; + ◇ set the property core/project. + + To set the location attribute: + ◇ provide the argument + --gitlab-enterprise-config-service-directory on the command line + with a fully specified name; + ◇ provide the argument --location on the command line. + + To set the namespace attribute: + ◇ provide the argument + --gitlab-enterprise-config-service-directory on the command line + with a fully specified name; + ◇ provide the argument --namespace on the command line. + + --gitlab-enterprise-config-service-directory=GITLAB_ENTERPRISE_CONFIG_SERVICE_DIRECTORY + ID of the service or fully qualified identifier for the + service. + + To set the service attribute: + ▹ provide the argument + --gitlab-enterprise-config-service-directory on the command + line. --gitlab-enterprise-config-ssl-ca-certificate=GITLAB_ENTERPRISE_CONFIG_SSL_CA_CERTIFICATE SSL Certificate Authority certificate to use for requests to GitLab Enterprise instance. + The crypto key configuration. This field is used by the Customer-managed + encryption keys (CMEK) feature. + + CryptoKey resource - The name of the key which is used to + encrypt/decrypt customer data. For key in Cloud KMS, the key should be + in the format of projects/*/locations/*/keyRings/*/cryptoKeys/*. The + arguments in this group can be used to specify the attributes of this + resource. (NOTE) Some attributes are not given arguments in this group + but can be set in other ways. + + To set the project attribute: + ▸ provide the argument --crypto-key-config-reference on the command + line with a fully specified name; + ▸ provide the argument --project on the command line; + ▸ set the property core/project. + + To set the location attribute: + ▸ provide the argument --crypto-key-config-reference on the command + line with a fully specified name; + ▸ provide the argument --location on the command line. + + --crypto-key-config-reference=CRYPTO_KEY_CONFIG_REFERENCE + ID of the cryptoKey or fully qualified identifier for the + cryptoKey. + + To set the crypto-key attribute: + ▫ provide the argument --crypto-key-config-reference on the + command line. + + This flag argument must be specified if any of the other arguments + in this group are specified. + + --key-ring=KEY_RING + The keyRing id of the cryptoKey resource. + + To set the key-ring attribute: + ▫ provide the argument --crypto-key-config-reference on the + command line with a fully specified name; + ▫ provide the argument --key-ring on the command line. + Update labels. At most one of these can be specified: @@ -555,8 +792,10 @@ API REFERENCE http://cloud.google.com/developer-connect/docs/overview NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud developer-connect connections update $ gcloud alpha developer-connect connections update diff --git a/gcloud/beta/developer-connect/help b/gcloud/beta/developer-connect/help index 4d3b435c0..5a9067191 100644 --- a/gcloud/beta/developer-connect/help +++ b/gcloud/beta/developer-connect/help @@ -22,8 +22,10 @@ GROUPS (BETA) Manage Operation resources. NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud developer-connect $ gcloud alpha developer-connect diff --git a/gcloud/beta/developer-connect/operations/cancel b/gcloud/beta/developer-connect/operations/cancel index 224f880ba..d887d26c3 100644 --- a/gcloud/beta/developer-connect/operations/cancel +++ b/gcloud/beta/developer-connect/operations/cancel @@ -58,8 +58,10 @@ API REFERENCE http://cloud.google.com/developer-connect/docs/overview NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud developer-connect operations cancel $ gcloud alpha developer-connect operations cancel diff --git a/gcloud/beta/developer-connect/operations/delete b/gcloud/beta/developer-connect/operations/delete index ecacac69e..7cacd9ac5 100644 --- a/gcloud/beta/developer-connect/operations/delete +++ b/gcloud/beta/developer-connect/operations/delete @@ -58,8 +58,10 @@ API REFERENCE http://cloud.google.com/developer-connect/docs/overview NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud developer-connect operations delete $ gcloud alpha developer-connect operations delete diff --git a/gcloud/beta/developer-connect/operations/describe b/gcloud/beta/developer-connect/operations/describe index 4e62c089c..3c31ad7ac 100644 --- a/gcloud/beta/developer-connect/operations/describe +++ b/gcloud/beta/developer-connect/operations/describe @@ -58,8 +58,10 @@ API REFERENCE http://cloud.google.com/developer-connect/docs/overview NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud developer-connect operations describe $ gcloud alpha developer-connect operations describe diff --git a/gcloud/beta/developer-connect/operations/help b/gcloud/beta/developer-connect/operations/help index d24b61d6d..62c64de57 100644 --- a/gcloud/beta/developer-connect/operations/help +++ b/gcloud/beta/developer-connect/operations/help @@ -31,8 +31,10 @@ COMMANDS (BETA) Wait operations. NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud developer-connect operations $ gcloud alpha developer-connect operations diff --git a/gcloud/beta/developer-connect/operations/list b/gcloud/beta/developer-connect/operations/list index 749a71d14..f11aae8c4 100644 --- a/gcloud/beta/developer-connect/operations/list +++ b/gcloud/beta/developer-connect/operations/list @@ -79,8 +79,10 @@ API REFERENCE http://cloud.google.com/developer-connect/docs/overview NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud developer-connect operations list $ gcloud alpha developer-connect operations list diff --git a/gcloud/beta/developer-connect/operations/wait b/gcloud/beta/developer-connect/operations/wait index 6fd562a59..24dba3bd4 100644 --- a/gcloud/beta/developer-connect/operations/wait +++ b/gcloud/beta/developer-connect/operations/wait @@ -58,8 +58,10 @@ API REFERENCE http://cloud.google.com/developer-connect/docs/overview NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud developer-connect operations wait $ gcloud alpha developer-connect operations wait diff --git a/gcloud/beta/eventarc/enrollments/create b/gcloud/beta/eventarc/enrollments/create index 547f69a7a..e6d916207 100644 --- a/gcloud/beta/eventarc/enrollments/create +++ b/gcloud/beta/eventarc/enrollments/create @@ -5,7 +5,7 @@ SYNOPSIS gcloud beta eventarc enrollments create (ENROLLMENT : --location=LOCATION) --cel-match=CEL_MATCH --destination-pipeline=DESTINATION_PIPELINE (--message-bus=MESSAGE_BUS : --message-bus-project=MESSAGE_BUS_PROJECT) - [--async] [GCLOUD_WIDE_FLAG ...] + [--async] [--labels=[KEY=VALUE,...]] [GCLOUD_WIDE_FLAG ...] DESCRIPTION (BETA) Create an Eventarc enrollment. @@ -106,6 +106,14 @@ OPTIONAL FLAGS Return immediately, without waiting for the operation in progress to complete. + --labels=[KEY=VALUE,...] + List of label KEY=VALUE pairs to add. + + Keys must start with a lowercase character and contain only hyphens + (-), underscores (_), lowercase characters, and numbers. Values must + contain only hyphens (-), underscores (_), lowercase characters, and + numbers. + GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, diff --git a/gcloud/beta/eventarc/enrollments/update b/gcloud/beta/eventarc/enrollments/update index fb42a6b69..e158bd892 100644 --- a/gcloud/beta/eventarc/enrollments/update +++ b/gcloud/beta/eventarc/enrollments/update @@ -4,7 +4,9 @@ NAME SYNOPSIS gcloud beta eventarc enrollments update (ENROLLMENT : --location=LOCATION) [--async] [--cel-match=CEL_MATCH] - [--destination-pipeline=DESTINATION_PIPELINE] [GCLOUD_WIDE_FLAG ...] + [--destination-pipeline=DESTINATION_PIPELINE] + [--update-labels=[KEY=VALUE,...]] + [--clear-labels | --remove-labels=[KEY,...]] [GCLOUD_WIDE_FLAG ...] DESCRIPTION (BETA) Update an Eventarc enrollment. @@ -67,6 +69,35 @@ FLAGS To set the pipeline attribute: ◆ provide the argument --destination-pipeline on the command line. + --update-labels=[KEY=VALUE,...] + List of label KEY=VALUE pairs to update. If a label exists, its value + is modified. Otherwise, a new label is created. + + Keys must start with a lowercase character and contain only hyphens + (-), underscores (_), lowercase characters, and numbers. Values must + contain only hyphens (-), underscores (_), lowercase characters, and + numbers. + + At most one of these can be specified: + + --clear-labels + Remove all labels. If --update-labels is also specified then + --clear-labels is applied first. + + For example, to remove all labels: + + $ gcloud beta eventarc enrollments update --clear-labels + + To remove all existing labels and create two new labels, foo and baz: + + $ gcloud beta eventarc enrollments update --clear-labels \ + --update-labels foo=bar,baz=qux + + --remove-labels=[KEY,...] + List of label keys to remove. If a label does not exist it is + silently ignored. If --update-labels is also specified then + --update-labels is applied first. + GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, diff --git a/gcloud/beta/eventarc/google-api-sources/create b/gcloud/beta/eventarc/google-api-sources/create index dc9208ab1..afe70b494 100644 --- a/gcloud/beta/eventarc/google-api-sources/create +++ b/gcloud/beta/eventarc/google-api-sources/create @@ -103,7 +103,12 @@ OPTIONAL FLAGS for encryption. --labels=[KEY=VALUE,...] - Labels to apply to the Google API source. + List of label KEY=VALUE pairs to add. + + Keys must start with a lowercase character and contain only hyphens + (-), underscores (_), lowercase characters, and numbers. Values must + contain only hyphens (-), underscores (_), lowercase characters, and + numbers. --logging-config=LOGGING_CONFIG The logging config for the Google API source. LOGGING_CONFIG must be diff --git a/gcloud/beta/eventarc/google-api-sources/update b/gcloud/beta/eventarc/google-api-sources/update index 8a44b4cd9..6afe034a1 100644 --- a/gcloud/beta/eventarc/google-api-sources/update +++ b/gcloud/beta/eventarc/google-api-sources/update @@ -5,8 +5,9 @@ NAME SYNOPSIS gcloud beta eventarc google-api-sources update (GOOGLE_API_SOURCE : --location=LOCATION) [--async] - [--labels=[KEY=VALUE,...]] [--logging-config=LOGGING_CONFIG] + [--logging-config=LOGGING_CONFIG] [--update-labels=[KEY=VALUE,...]] [--clear-crypto-key | --crypto-key=CRYPTO_KEY] + [--clear-labels | --remove-labels=[KEY,...]] [--destination-message-bus=DESTINATION_MESSAGE_BUS : --destination-message-bus-project=DESTINATION_MESSAGE_BUS_PROJECT] [GCLOUD_WIDE_FLAG ...] @@ -77,14 +78,20 @@ FLAGS Return immediately, without waiting for the operation in progress to complete. - --labels=[KEY=VALUE,...] - Labels to apply to the Google API source. - --logging-config=LOGGING_CONFIG The logging config of the Google API source. LOGGING_CONFIG must be one of: NONE, DEBUG, INFO, NOTICE, WARNING, ERROR, CRITICAL, ALERT, EMERGENCY. + --update-labels=[KEY=VALUE,...] + List of label KEY=VALUE pairs to update. If a label exists, its value + is modified. Otherwise, a new label is created. + + Keys must start with a lowercase character and contain only hyphens + (-), underscores (_), lowercase characters, and numbers. Values must + contain only hyphens (-), underscores (_), lowercase characters, and + numbers. + At most one of these can be specified: --clear-crypto-key @@ -96,6 +103,26 @@ FLAGS encryption. If this is unspecified, Google-managed keys will be used for encryption. + At most one of these can be specified: + + --clear-labels + Remove all labels. If --update-labels is also specified then + --clear-labels is applied first. + + For example, to remove all labels: + + $ gcloud beta eventarc google-api-sources update --clear-labels + + To remove all existing labels and create two new labels, foo and baz: + + $ gcloud beta eventarc google-api-sources update --clear-labels \ + --update-labels foo=bar,baz=qux + + --remove-labels=[KEY,...] + List of label keys to remove. If a label does not exist it is + silently ignored. If --update-labels is also specified then + --update-labels is applied first. + Message bus resource - The destination message bus of the Google API source. The arguments in this group can be used to specify the attributes of this resource. (NOTE) Some attributes are not given arguments in this diff --git a/gcloud/beta/eventarc/message-buses/create b/gcloud/beta/eventarc/message-buses/create index 4cb66b1ec..3f2af516c 100644 --- a/gcloud/beta/eventarc/message-buses/create +++ b/gcloud/beta/eventarc/message-buses/create @@ -62,7 +62,12 @@ FLAGS for encryption. --labels=[KEY=VALUE,...] - Labels to apply to the message bus. + List of label KEY=VALUE pairs to add. + + Keys must start with a lowercase character and contain only hyphens + (-), underscores (_), lowercase characters, and numbers. Values must + contain only hyphens (-), underscores (_), lowercase characters, and + numbers. --logging-config=LOGGING_CONFIG The logging config of the message bus. LOGGING_CONFIG must be one of: diff --git a/gcloud/beta/eventarc/message-buses/update b/gcloud/beta/eventarc/message-buses/update index 8dcd6b39e..cb2ecf8cf 100644 --- a/gcloud/beta/eventarc/message-buses/update +++ b/gcloud/beta/eventarc/message-buses/update @@ -4,8 +4,9 @@ NAME SYNOPSIS gcloud beta eventarc message-buses update (MESSAGE_BUS : --location=LOCATION) [--async] - [--labels=[KEY=VALUE,...]] [--logging-config=LOGGING_CONFIG] - [--clear-crypto-key | --crypto-key=CRYPTO_KEY] [GCLOUD_WIDE_FLAG ...] + [--logging-config=LOGGING_CONFIG] [--update-labels=[KEY=VALUE,...]] + [--clear-crypto-key | --crypto-key=CRYPTO_KEY] + [--clear-labels | --remove-labels=[KEY,...]] [GCLOUD_WIDE_FLAG ...] DESCRIPTION (BETA) Update an Eventarc message bus. @@ -64,13 +65,19 @@ FLAGS Return immediately, without waiting for the operation in progress to complete. - --labels=[KEY=VALUE,...] - Labels to apply to the message bus. - --logging-config=LOGGING_CONFIG The logging config of the message bus. LOGGING_CONFIG must be one of: NONE, DEBUG, INFO, NOTICE, WARNING, ERROR, CRITICAL, ALERT, EMERGENCY. + --update-labels=[KEY=VALUE,...] + List of label KEY=VALUE pairs to update. If a label exists, its value + is modified. Otherwise, a new label is created. + + Keys must start with a lowercase character and contain only hyphens + (-), underscores (_), lowercase characters, and numbers. Values must + contain only hyphens (-), underscores (_), lowercase characters, and + numbers. + At most one of these can be specified: --clear-crypto-key @@ -82,6 +89,26 @@ FLAGS encryption. If this is unspecified, Google-managed keys will be used for encryption. + At most one of these can be specified: + + --clear-labels + Remove all labels. If --update-labels is also specified then + --clear-labels is applied first. + + For example, to remove all labels: + + $ gcloud beta eventarc message-buses update --clear-labels + + To remove all existing labels and create two new labels, foo and baz: + + $ gcloud beta eventarc message-buses update --clear-labels \ + --update-labels foo=bar,baz=qux + + --remove-labels=[KEY,...] + List of label keys to remove. If a label does not exist it is + silently ignored. If --update-labels is also specified then + --update-labels is applied first. + GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, diff --git a/gcloud/beta/eventarc/pipelines/create b/gcloud/beta/eventarc/pipelines/create index 5fa3c9029..b2f5bbda4 100644 --- a/gcloud/beta/eventarc/pipelines/create +++ b/gcloud/beta/eventarc/pipelines/create @@ -15,7 +15,8 @@ SYNOPSIS [output_payload_format_json=OUTPUT_PAYLOAD_FORMAT_JSON], [output_payload_format_avro_schema_definition=OUTPUT_PAYLOAD_FORMAT_AVRO_SCHEMA_DEFINITION], [output_payload_format_protobuf_schema_definition=OUTPUT_PAYLOAD_FORMAT_PROTOBUF_SCHEMA_DEFINITION]|[...] - [--async] [--crypto-key=CRYPTO_KEY] [--logging-config=LOGGING_CONFIG] + [--async] [--crypto-key=CRYPTO_KEY] [--labels=[KEY=VALUE,...]] + [--logging-config=LOGGING_CONFIG] [--mediations=[transformation_template=TRANSFORMATION_TEMPLATE|...]] [--input-payload-format-avro-schema-definition=INPUT_PAYLOAD_FORMAT_AVRO_SCHEMA_DEFINITION | --input-payload-format-json=INPUT_PAYLOAD_FORMAT_JSON | --input-payload-format-protobuf-schema-definition=INPUT_PAYLOAD_FORMAT_PROTOBUF_SCHEMA_DEFINITION] [--max-retry-attempts=MAX_RETRY_ATTEMPTS @@ -249,281 +250,304 @@ REQUIRED FLAGS --destinations=[http_endpoint_uri=URI],[http_endpoint_message_binding_template=HTTP_ENDPOINT_MESSAGE_BINDING_TEMPLATE],[workflow=WORKFLOW],[message_bus=MESSAGE_BUS],[pubsub_topic=PUBSUB_TOPIC],[project=PROJECT],[location=LOCATION],[network_attachment=NETWORK_ATTACHMENT],[google_oidc_authentication_service_account=GOOGLE_OIDC_AUTHENTICATION_SERVICE_ACCOUNT],[google_oidc_authentication_audience=GOOGLE_OIDC_AUTHENTICATION_AUDIENCE],[oauth_token_authentication_service_account=OAUTH_TOKEN_AUTHENTICATION_SERVICE_ACCOUNT],[oauth_token_authentication_scope=OAUTH_TOKEN_AUTHENTICATION_SCOPE],[output_payload_format_json=OUTPUT_PAYLOAD_FORMAT_JSON],[output_payload_format_avro_schema_definition=OUTPUT_PAYLOAD_FORMAT_AVRO_SCHEMA_DEFINITION],[output_payload_format_protobuf_schema_definition=OUTPUT_PAYLOAD_FORMAT_PROTOBUF_SCHEMA_DEFINITION]|[...] The pipeline's destinations. This flag can be repeated to add more destinations to the list. Currently, only one destination is supported - per pipeline. + per pipeline. A destination is specified in a dict format. For more + information, see Create an enrollment to receive events + (https://cloud.google.com/eventarc/advanced/docs/receive-events/create-enrollment). - A destination is specified in a dict format. The valid choices of keys - are - ◆ http_endpoint_uri - ◆ http_endpoint_message_binding_template - ◆ workflow - ◆ message_bus - ◆ pubsub_topic - ◆ project - ◆ location - ◆ network_attachment - ◆ google_oidc_authentication_service_account - ◆ google_oidc_authentication_audience - ◆ oauth_token_authentication_service_account - ◆ oauth_token_authentication_scope - ◆ output_payload_format_json - ◆ output_payload_format_avro_schema_definition - ◆ output_payload_format_protobuf_schema_definition + Note: Exactly one of the http_endpoint_uri, workflow, message_bus, or + pubsub_topic keys must be set. - The detailed explanations for each key are as follows: + Valid keys are: - 1.http_endpoint_uri: the URI of the HTTP endpoint. + http_endpoint_uri + The URI of the HTTP endpoint. The value must be a RFC2396 URI + string. Only HTTPS protocol is supported. The host can be either a + static IP addressable from the VPC specified by the network config, + or an internal DNS hostname of the service resolvable via Cloud + DNS. For example: - The value must be a RFC2396 URI string. Only HTTPS protocol is supported. - The host can be either a static IP addressable from the VPC specified by the network config, or an internal DNS hostname of the service resolvable via Cloud DNS. + $ gcloud eventarc pipelines create example-pipeline \ + --destinations=http_endpoint_uri='https://example.com',\ + network_attachment=example-network-attachment - Examples: + http_endpoint_message_binding_template + The CEL expression used to construct a new HTTP request to be sent + to the final destination. It can be optionally specified alongside + with http_endpoint_uri. It represents a configuration used to bind + a message to the final HTTP request that will be sent to the + destination. If a binding is not specified, by default the message + is treated as a CloudEvent and is mapped to the HTTP request + according to the CloudEvent HTTP Protocol Binding Binary Content + Mode. The pipeline converts the data field of the message to the + format provided in output_payload_format and maps it to the body + field of the result. It also sets the corresponding Content-Type + header to the output_payload_format type. If the + output_payload_format is unspecified, then the pipeline will treat + the data field of the message as opaque binary data and attach it + to the request body as bytes. In this case, the Content-Type header + will be set to the value of the datacontenttype attribute set on + the incoming CloudEvent message if present, or the + application/octet-stream MIME type otherwise. The pipeline expects + that the content of the message will adhere to the standard + CloudEvent format. If not then the outgoing message request may + fail with a persistent error. - $ gcloud eventarc pipelines create example-pipeline \ - --destinations=http_endpoint_uri='https://example.com',\ - network_attachment=example-network-attachment + Note: When http_endpoint_uri is not set, + http_endpoint_message_binding_template can't be set. - 2.http_endpoint_message_binding_template: the CEL expression used to - construct a new HTTP request to be sent to the final destination. + The result of the CEL expression must be a map of key-value pairs + such that: - It can be optionally specified alongside with `http_endpoint_uri`. - It represents a configuration used to bind a message to the final HTTP request that will be sent to the destination. - If a binding is not specified, by default the message is treated as a CloudEvent and is mapped to the HTTP request according to the CloudEvent HTTP Protocol Binding Binary Content Mode. - The Pipeline converts the data field of the message to the format provided in `output_payload_format` and maps it to the body field of the result. - It also sets the corresponding Content-Type header to the `output_payload_format` type. - If the `output_payload_format` is unspecified, then the Pipeline will treat the data field of the message as opaque binary data and attach it to the request body as bytes. - In this case, the Content-Type header will be set to the value of the datacontenttype attribute set on the incoming CloudEvent message if present, or the `application/octet-stream` MIME type otherwise. - The Pipeline expects that the content of the message will adhere to the standard CloudEvent format. If not then the outgoing message request may fail with a persistent error. + 1. If a map named headers exists on the result of the expression, + then its key-value pairs are directly mapped to the HTTP request + headers. The headers values are constructed from the corresponding + value type's canonical representation. If the headers field does + not exist, then the resulting HTTP request will not contain + headers. - The result of the CEL expression must be a map of key-value pairs such that: - 1. If a map named `headers` exists on the result of the expression, then its key-value pairs are directly mapped to the HTTP request headers. - The headers values are constructed from the corresponding value type's canonical representation. - If the `headers` field does not exist, then the resulting HTTP request will not contain headers. - 2. If a field named `body` exists on the result of the expression, then its value is directly mapped to the body of the request. - If the value of the `body` field is of type bytes or string, then it is used as the HTTP request body as-is withouth any conversion. - If the `body` field is of any other type, then it is converted to a JSON string. - If the `body` field does not exist, then the resulting HTTP request will not contain a body. - 3. Any other fields in the resulting expression will be ignored. + 2. If a field named body exists on the result of the expression, + then its value is directly mapped to the body of the request. If + the value of the body field is of type bytes or string, then it is + used as the HTTP request body as-is withouth any conversion. If the + body field is of any other type, then it is converted to a JSON + string. If the body field does not exist, then the resulting HTTP + request will not contain a body. - The CEL expression may access the incoming CloudEvent message in its definition, as follows: - 1. The `data` field of the incoming CloudEvent message can be accessed using the `message.data` value. - 2. Each attribute of the incoming CloudEvent message can be accessed using the `message.` value, where is the name of the attribute. + 3. Any other fields in the resulting expression will be ignored. - Headers added to the request by previous filters in the chain can be accessed in the CEL expression using the `headers` variable. - The `headers` variable defines a map of key-value pairs corresponding to the HTTP headers added by previous mediation steps and not the headers present on the original incoming request. - For example, the following CEL expression can be used to construct a headers-only HTTP request by adding an additional header to the headers added by previous mediations in the Pipeline: + The CEL expression may access the incoming CloudEvent message in + its definition, as follows: - {"headers": headers.merge({"new-header-key": "new-header-value"})} + 1. The data field of the incoming CloudEvent message can be + accessed using the message.data value. - Additionally, the following CEL extension functions can be used in this CEL expression: - 1. toBase64Url: - map.toBase64Url() -> string - Converts a CelValue to a base64url encoded string. - 2. toJsonString: - map.toJsonString() -> string - Converts a CelValue to a JSON string. - 3. merge: - map1.merge(map2) -> map3 - Merges the passed CEL map with the existing CEL map the function is applied to. - If the same key exists in both maps, or if the key's value is type map, then both maps are merged; Otherwise, the value from the passed map is used. - 4. toMap: - list(map).toMap() -> map - Converts a CEL list of CEL maps to a single CEL map. - 5. toDestinationPayloadFormat: - message.data.toDestinationPayloadFormat() -> string or bytes - Converts the message data to the destination payload format specified in `output_payload_format`. - This function is meant to be applied to the message.data field. - If the destination payload format is not set, the function will return the message data unchanged. - 6. toCloudEventJsonWithPayloadFormat: - message.toCloudEventJsonWithPayloadFormat() -> map - Converts a message to the corresponding structure of JSON format for CloudEvents. - This function applies toDestinationPayloadFormat() to the message data. - It also sets the corresponding datacontenttype of the CloudEvent, as indicated by the `output_payload_format` field. - If `output_payload_format` is not set, it will use the existing datacontenttype on the CloudEvent if present; Otherwise, it leaves the datacontenttype unset. - This function expects that the content of the message will adhere to the standard CloudEvent format. If it doesn't then this function will fail. - The result is a CEL map that corresponds to the JSON representation of the CloudEvent. To convert that data to a JSON string it can be chained with the toJsonString() function. + 2. Each attribute of the incoming CloudEvent message can be + accessed using the message. value, where is the name of + the attribute. - Note that `http_endpoint_message_binding_template` cannot be set when `http_endpoint_uri` is not set. + Headers added to the request by previous filters in the chain can + be accessed in the CEL expression using the headers variable. The + headers variable defines a map of key-value pairs corresponding to + the HTTP headers added by previous mediation steps and not the + headers present on the original incoming request. For example, the + following CEL expression can be used to construct a headers-only + HTTP request by adding an additional header to the headers added by + previous mediations in the pipeline: - Examples: + {"headers": headers.merge({"new-header-key": "new-header-value"})} - $ gcloud eventarc pipelines create example-pipeline \ - --destinations=http_endpoint_uri='https://example.com',\ - http_endpoint_message_binding_template='{"headers": - {"new-header-key": - "new-header-value"}}',network_attachment=example-network-attachment + Additionally, the following CEL extension functions can be used in + this CEL expression: - 3.workflow: the destination Workflow ID. + ▸ toBase64Url: map.toBase64Url() -> string + ▫ Converts a CelValue to a base64url encoded string. - Examples: + ▸ toJsonString: map.toJsonString() -> string + ▫ Converts a CelValue to a JSON string. - $ gcloud eventarc pipelines create example-pipeline \ - --destinations=workflow=my-workflow,\ - network_attachment=example-network-attachment + ▸ merge: map1.merge(map2) -> map3 + ▫ Merges the passed CEL map with the existing CEL map the + function is applied to. If the same key exists in both maps, or + if the key's value is type map, then both maps are merged; + Otherwise, the value from the passed map is used. - 4.message_bus: the destination Message Bus ID. + ▸ toMap: list(map).toMap() -> map + ▫ Converts a CEL list of CEL maps to a single CEL map. - Examples: + ▸ toDestinationPayloadFormat: + message.data.toDestinationPayloadFormat() -> string or bytes + ▫ Converts the message data to the destination payload format + specified in output_payload_format. This function is meant to + be applied to the message.data field. If the destination + payload format is not set, the function will return the message + data unchanged. - $ gcloud eventarc pipelines create example-pipeline \ - --destinations=message_bus=my-message-bus,\ - network_attachment=example-network-attachment + ▸ toCloudEventJsonWithPayloadFormat: + message.toCloudEventJsonWithPayloadFormat() -> map + ▫ Converts a message to the corresponding structure of JSON + format for CloudEvents. This function applies + toDestinationPayloadFormat() to the message data. It also sets + the corresponding datacontenttype of the CloudEvent, as + indicated by the output_payload_format field. If + output_payload_format is not set, it will use the existing + datacontenttype on the CloudEvent if present; Otherwise, it + leaves the datacontenttype unset. This function expects that + the content of the message will adhere to the standard + CloudEvent format. If it doesn't then this function will fail. + The result is a CEL map that corresponds to the JSON + representation of the CloudEvent. To convert that data to a + JSON string it can be chained with the toJsonString() function. - 5.pubsub_topic: the destination Pub/Sub topic ID. + For example: - Examples: + $ gcloud eventarc pipelines create example-pipeline \ + --destinations=http_endpoint_uri='https://example.com',\ + http_endpoint_message_binding_template='{"headers": + {"new-header-key": + "new-header-value"}}',network_attachment=example-network-attachment - $ gcloud eventarc pipelines create example-pipeline \ - --destinations=pubsub_topic=my-topic,\ - network_attachment=example-network-attachment + workflow + The destination Workflow ID. For example: - NOTE: Exactly one of the http_endpoint_uri, workflow, message_bus, or - pubsub_topic key must be set. + $ gcloud eventarc pipelines create example-pipeline \ + --destinations=workflow=my-workflow,\ + network_attachment=example-network-attachment - 6.project: the project ID of the destination resource. If project is - not set, then the project ID of the Pipeline will be used. NOTE: - project cannot be set when http_endpoint_uri is set. + message_bus + The destination Message Bus ID. For example: - Examples: + $ gcloud eventarc pipelines create example-pipeline \ + --destinations=message_bus=my-message-bus,\ + network_attachment=example-network-attachment - $ gcloud eventarc pipelines create example-pipeline \ - --destinations=project=example-project,workflow=my-workflow,\ - network_attachment=example-network-attachment + pubsub_topic + The destination Pub/Sub topic ID. For example: - 7.location: the location of the destination resource. If location is - not set, then the location of the Pipeline will be used. NOTE: location - cannot be set when http_endpoint_uri is set. + $ gcloud eventarc pipelines create example-pipeline \ + --destinations=pubsub_topic=my-topic,\ + network_attachment=example-network-attachment - Examples: + project + The project ID of the destination resource. If project is not set, + then the project ID of the pipeline is used. For example: - $ gcloud eventarc pipelines create example-pipeline \ - --destinations=location=us-east1,workflow=my-workflow,\ - network_attachment=example-network-attachment + $ gcloud eventarc pipelines create example-pipeline \ + --destinations=project=example-project,workflow=my-workflow,\ + network_attachment=example-network-attachment - 8.network_attachment: the ID of the Network Attachment that allows - access to the consumer VPC. + Note: When http_endpoint_uri is set, project can't be set. - Examples: + location + The location of the destination resource. If location is not set, + then the location of the pipeline is used. For example: - $ gcloud eventarc pipelines create example-pipeline \ - --destinations=network_attachment=my-network-attachment,\ - http_endpoint_uri='https://example.com' + $ gcloud eventarc pipelines create example-pipeline \ + --destinations=location=us-east1,workflow=my-workflow,\ + network_attachment=example-network-attachment - NOTE: network_attachment must be specified for a Pipeline. + Note: When http_endpoint_uri is set, location can't be set. - 9.google_oidc_authentication_service_account: the service account email - used to generate the OIDC token. The token can be used to invoke Cloud - Run and Cloud Function destinations or HTTP endpoints that support - Google OIDC. Note that the principal who calls this API must have - iam.serviceAccounts.actAs permission in the service account. See - https://cloud.google.com/iam/docs/understanding-service-accounts?hl=en#sa_common - for more information. + network_attachment + The ID of the network attachment that allows access to the consumer + VPC. For example: - Examples: + $ gcloud eventarc pipelines create example-pipeline \ + --destinations=network_attachment=my-network-attachment,\ + http_endpoint_uri='https://example.com' - $ gcloud eventarc pipelines create example-pipeline \ - --destinations=http_endpoint_uri='https://example.com',\ - network_attachment=example-network-attachment,\ - google_oidc_authentication_service_account=example-service-account@e\ - xample-project.gserviceaccount.iam.com + Note: A network attachment must be specified for a pipeline. - 10.google_oidc_authentication_audience: the audience claim which - identifies the recipient that the JWT is intended for. If unspecified, - the destination URI will be used. NOTE: - google_oidc_authentication_audience can only be set if - google_oidc_authentication_service_account is set. + google_oidc_authentication_service_account + The service account email used to generate the OIDC token. The + token can be used to invoke Cloud Run and Cloud Run functions + destinations or HTTP endpoints that support Google OIDC. Note that + the principal who calls this API must have + iam.serviceAccounts.actAs permission on the service account. For + more information, see Service accounts overview + (https://cloud.google.com/iam/docs/understanding-service-accounts). + For example: - Examples: + $ gcloud eventarc pipelines create example-pipeline \ + --destinations=http_endpoint_uri='https://example.com',\ + network_attachment=example-network-attachment,\ + google_oidc_authentication_service_account=example-service-account@e\ + xample-project.gserviceaccount.iam.com - $ gcloud eventarc pipelines create example-pipeline \ - --destinations=http_endpoint_uri='https://example.com',\ - network_attachment=example-network-attachment,\ - google_oidc_authentication_service_account=example-service-account@e\ - xample-project.gserviceaccount.iam.com,\ - google_oidc_authentication_audience='https://example.com' + google_oidc_authentication_audience + The audience claim which identifies the recipient that the JWT is + intended for. If unspecified, the destination URI will be used. For + example: - 11.oauth_token_authentication_service_account: the service account - email used to generate the OAuth token. OAuth authorization should - generally only be used when calling Google APIs hosted on - *.googleapis.com. Note that the principal who calls this API must have - iam.serviceAccounts.actAs permission in the service account. See - https://cloud.google.com/iam/docs/understanding-service-accounts?hl=en#sa_common - for more information. + $ gcloud eventarc pipelines create example-pipeline \ + --destinations=http_endpoint_uri='https://example.com',\ + network_attachment=example-network-attachment,\ + google_oidc_authentication_service_account=example-service-account@e\ + xample-project.gserviceaccount.iam.com,\ + google_oidc_authentication_audience='https://example.com' - Examples: + Note: google_oidc_authentication_audience can only be set if + google_oidc_authentication_service_account is set. - $ gcloud eventarc pipelines create example-pipeline \ - --destinations=http_endpoint_uri='https://example.com',\ - network_attachment=example-network-attachment,\ - oauth_token_authentication_service_account=example-service-account@e\ - xample-project.gserviceaccount.iam.com + oauth_token_authentication_service_account + The service account email used to generate the OAuth token. OAuth + authorization should generally only be used when calling Google + APIs hosted on *.googleapis.com. Note that the principal who calls + this API must have iam.serviceAccounts.actAs permission in the + service account. For more information, see Service accounts + overview + (https://cloud.google.com/iam/docs/understanding-service-accounts). + For example: - 12.oauth_token_authentication_scope: the scope used to generate the - OAuth token. If unspecified, - "https://www.googleapis.com/auth/cloud-platform" will be used. NOTE: - oauth_token_authentication_scope can only be set if - oauth_token_authentication_service_account is set. + $ gcloud eventarc pipelines create example-pipeline \ + --destinations=http_endpoint_uri='https://example.com',\ + network_attachment=example-network-attachment,\ + oauth_token_authentication_service_account=example-service-account@e\ + xample-project.gserviceaccount.iam.com - Examples: + oauth_token_authentication_scope + The scope used to generate the OAuth token. If unspecified, + "https://www.googleapis.com/auth/cloud-platform" will be used. For + example: - $ gcloud eventarc pipelines create example-pipeline \ - --destinations=http_endpoint_uri='https://example.com',\ - network_attachment=example-network-attachment,\ - oauth_token_authentication_service_account=example-service-account@e\ - xample-project.gserviceaccount.iam.com,\ - oauth_token_authentication_scope=https://www.googleapis.com/auth/\ - cloud-platform + $ gcloud eventarc pipelines create example-pipeline \ + --destinations=http_endpoint_uri='https://example.com',\ + network_attachment=example-network-attachment,\ + oauth_token_authentication_service_account=example-service-account@e\ + xample-project.gserviceaccount.iam.com,\ + oauth_token_authentication_scope=https://www.googleapis.com/auth/\ + cloud-platform - NOTE: At most one of google_oidc_authentication_service_account or - oauth_token_authentication_service_account can be set. + Note: At most one of google_oidc_authentication_service_account or + oauth_token_authentication_service_account can be set; and + oauth_token_authentication_scope can only be set if + oauth_token_authentication_service_account is set. - 13.output_payload_format_json: indicates that the output payload format - is JSON. NOTE: JSON schema is not supported currently. Any value - specified by this key will be ignored. + output_payload_format_json + Indicates that the output payload format is JSON. For example: - Examples: + $ gcloud eventarc pipelines create example-pipeline \ + --destinations=http_endpoint_uri='https://example.com',\ + network_attachment=example-network-attachment,\ + output_payload_format_json= --input-payload-format-json= - $ gcloud eventarc pipelines create example-pipeline \ - --destinations=http_endpoint_uri='https://example.com',\ - network_attachment=example-network-attachment,\ - output_payload_format_json= --input-payload-format-json= + Note: JSON schemas are not supported. Any value specified by this + key is ignored. - 14.output_payload_format_avro_schema_definition: the schema definition - of the Avro output payload format. + output_payload_format_avro_schema_definition + The schema definition of the Avro output payload format. For + example: - Examples: + $ gcloud eventarc pipelines create example-pipeline \ + --destinations=http_endpoint_uri='https://example.com',\ + network_attachment=example-network-attachment,\ + output_payload_format_avro_schema_definition='{"type": "record", + "name": "my_record", "fields": [{"name": "field1", "type": + "string"}]}' \ + --input-payload-format-avro-schema-definition='{"type": + "record", "name": "my_record", "fields": [{"name": "field1", + "type": "string"}]}' - $ gcloud eventarc pipelines create example-pipeline \ - --destinations=http_endpoint_uri='https://example.com',\ - network_attachment=example-network-attachment,\ - output_payload_format_avro_schema_definition='{"type": "record", - "name": "my_record", "fields": [{"name": "field1", "type": - "string"}]}' \ - --input-payload-format-avro-schema-definition='{"type": - "record", "name": "my_record", "fields": [{"name": "field1", - "type": "string"}]}' + output_payload_format_protobuf_schema_definition + The schema definition of the Protobuf output payload format. For + example: - 15.output_payload_format_protobuf_schema_definition: the schema - definition of the Protobuf output payload format. + $ gcloud eventarc pipelines create example-pipeline \ + --destinations=http_endpoint_uri='https://example.com',\ + network_attachment=example-network-attachment,\ + output_payload_format_protobuf_schema_definition='syntax = + "proto3"; message Location { string home_address = 1; }' \ + --input-payload-format-protobuf-schema-definition='syntax = + "proto3"; message Location { string home_address = 1; }' - Examples: - - $ gcloud eventarc pipelines create example-pipeline \ - --destinations=http_endpoint_uri='https://example.com',\ - network_attachment=example-network-attachment,\ - output_payload_format_protobuf_schema_definition='syntax = - "proto3"; message Location { string home_address = 1; }' \ - --input-payload-format-protobuf-schema-definition='syntax = - "proto3"; message Location { string home_address = 1; }' - - NOTE: If none of the input_payload_format_json, - input_payload_format_avro_schema_definition, or - input_payload_format_protobuf_schema_definition is set, then the - message data will be treated as an opaque binary and no output format - can be set on the Pipeline through the output_payload_format_json, - output_payload_format_avro_schema_definition, or - output_payload_format_protobuf_schema_definition field. Any Mediations - on the Pipeline that involve access to the data field will fail as - persistent errors. + Note: If none of the input_payload_format_json, + input_payload_format_avro_schema_definition, or + input_payload_format_protobuf_schema_definition is set, then the + message data is treated as an opaque binary and no output format + can be set on the pipeline through the output_payload_format_json, + output_payload_format_avro_schema_definition, or + output_payload_format_protobuf_schema_definition field. Any + mediations on the pipeline that involve access to the data field + will fail as persistent errors. OPTIONAL FLAGS --async @@ -535,12 +559,20 @@ OPTIONAL FLAGS encryption. If this is unspecified, Google-managed keys will be used for encryption. + --labels=[KEY=VALUE,...] + List of label KEY=VALUE pairs to add. + + Keys must start with a lowercase character and contain only hyphens + (-), underscores (_), lowercase characters, and numbers. Values must + contain only hyphens (-), underscores (_), lowercase characters, and + numbers. + --logging-config=LOGGING_CONFIG The logging config of the pipeline. LOGGING_CONFIG must be one of: NONE, DEBUG, INFO, NOTICE, WARNING, ERROR, CRITICAL, ALERT, EMERGENCY. --mediations=[transformation_template=TRANSFORMATION_TEMPLATE|...] - The different ways to modify the Pipeline. Currently, only one + The different ways to modify the pipeline. Currently, only one mediation is supported per pipeline. A mediation is specified in a dict format. Currently, the only valid @@ -576,7 +608,7 @@ OPTIONAL FLAGS set, then any messages not matching this format will be treated as persistent errors. - The retry policy configuration for the Pipeline. The pipeline exponentially + The retry policy configuration for the pipeline. The pipeline exponentially backs off if the destination is non-responsive or returns a retryable error code. The backoff starts with a 1 second delay and doubles the delay after each failed attempt. The delay is capped at 60 seconds. If the diff --git a/gcloud/beta/eventarc/pipelines/update b/gcloud/beta/eventarc/pipelines/update index b74d9b676..ae0628ac2 100644 --- a/gcloud/beta/eventarc/pipelines/update +++ b/gcloud/beta/eventarc/pipelines/update @@ -18,7 +18,9 @@ SYNOPSIS [output_payload_format_protobuf_schema_definition=OUTPUT_PAYLOAD_FORMAT_PROTOBUF_SCHEMA_DEFINITION]|[...]] [--logging-config=LOGGING_CONFIG] [--mediations=[transformation_template=TRANSFORMATION_TEMPLATE|...]] + [--update-labels=[KEY=VALUE,...]] [--clear-crypto-key | --crypto-key=CRYPTO_KEY] + [--clear-labels | --remove-labels=[KEY,...]] [--input-payload-format-avro-schema-definition=INPUT_PAYLOAD_FORMAT_AVRO_SCHEMA_DEFINITION | --input-payload-format-json=INPUT_PAYLOAD_FORMAT_JSON | --input-payload-format-protobuf-schema-definition=INPUT_PAYLOAD_FORMAT_PROTOBUF_SCHEMA_DEFINITION] [--max-retry-attempts=MAX_RETRY_ATTEMPTS --max-retry-delay=MAX_RETRY_DELAY --min-retry-delay=MIN_RETRY_DELAY] @@ -79,288 +81,311 @@ FLAGS --destinations=[http_endpoint_uri=URI],[http_endpoint_message_binding_template=HTTP_ENDPOINT_MESSAGE_BINDING_TEMPLATE],[workflow=WORKFLOW],[message_bus=MESSAGE_BUS],[pubsub_topic=PUBSUB_TOPIC],[project=PROJECT],[location=LOCATION],[network_attachment=NETWORK_ATTACHMENT],[google_oidc_authentication_service_account=GOOGLE_OIDC_AUTHENTICATION_SERVICE_ACCOUNT],[google_oidc_authentication_audience=GOOGLE_OIDC_AUTHENTICATION_AUDIENCE],[oauth_token_authentication_service_account=OAUTH_TOKEN_AUTHENTICATION_SERVICE_ACCOUNT],[oauth_token_authentication_scope=OAUTH_TOKEN_AUTHENTICATION_SCOPE],[output_payload_format_json=OUTPUT_PAYLOAD_FORMAT_JSON],[output_payload_format_avro_schema_definition=OUTPUT_PAYLOAD_FORMAT_AVRO_SCHEMA_DEFINITION],[output_payload_format_protobuf_schema_definition=OUTPUT_PAYLOAD_FORMAT_PROTOBUF_SCHEMA_DEFINITION]|[...] The pipeline's destinations. This flag can be repeated to add more destinations to the list. Currently, only one destination is supported - per pipeline. + per pipeline. A destination is specified in a dict format. For more + information, see Create an enrollment to receive events + (https://cloud.google.com/eventarc/advanced/docs/receive-events/create-enrollment). - A destination is specified in a dict format. The valid choices of keys - are - ◆ http_endpoint_uri - ◆ http_endpoint_message_binding_template - ◆ workflow - ◆ message_bus - ◆ pubsub_topic - ◆ project - ◆ location - ◆ network_attachment - ◆ google_oidc_authentication_service_account - ◆ google_oidc_authentication_audience - ◆ oauth_token_authentication_service_account - ◆ oauth_token_authentication_scope - ◆ output_payload_format_json - ◆ output_payload_format_avro_schema_definition - ◆ output_payload_format_protobuf_schema_definition + Note: Exactly one of the http_endpoint_uri, workflow, message_bus, or + pubsub_topic keys must be set. - The detailed explanations for each key are as follows: + Valid keys are: - 1.http_endpoint_uri: the URI of the HTTP endpoint. + http_endpoint_uri + The URI of the HTTP endpoint. The value must be a RFC2396 URI + string. Only HTTPS protocol is supported. The host can be either a + static IP addressable from the VPC specified by the network config, + or an internal DNS hostname of the service resolvable via Cloud + DNS. For example: - The value must be a RFC2396 URI string. Only HTTPS protocol is supported. - The host can be either a static IP addressable from the VPC specified by the network config, or an internal DNS hostname of the service resolvable via Cloud DNS. + $ gcloud eventarc pipelines create example-pipeline \ + --destinations=http_endpoint_uri='https://example.com',\ + network_attachment=example-network-attachment - Examples: + http_endpoint_message_binding_template + The CEL expression used to construct a new HTTP request to be sent + to the final destination. It can be optionally specified alongside + with http_endpoint_uri. It represents a configuration used to bind + a message to the final HTTP request that will be sent to the + destination. If a binding is not specified, by default the message + is treated as a CloudEvent and is mapped to the HTTP request + according to the CloudEvent HTTP Protocol Binding Binary Content + Mode. The pipeline converts the data field of the message to the + format provided in output_payload_format and maps it to the body + field of the result. It also sets the corresponding Content-Type + header to the output_payload_format type. If the + output_payload_format is unspecified, then the pipeline will treat + the data field of the message as opaque binary data and attach it + to the request body as bytes. In this case, the Content-Type header + will be set to the value of the datacontenttype attribute set on + the incoming CloudEvent message if present, or the + application/octet-stream MIME type otherwise. The pipeline expects + that the content of the message will adhere to the standard + CloudEvent format. If not then the outgoing message request may + fail with a persistent error. - $ gcloud eventarc pipelines create example-pipeline \ - --destinations=http_endpoint_uri='https://example.com',\ - network_attachment=example-network-attachment + Note: When http_endpoint_uri is not set, + http_endpoint_message_binding_template can't be set. - 2.http_endpoint_message_binding_template: the CEL expression used to - construct a new HTTP request to be sent to the final destination. + The result of the CEL expression must be a map of key-value pairs + such that: - It can be optionally specified alongside with `http_endpoint_uri`. - It represents a configuration used to bind a message to the final HTTP request that will be sent to the destination. - If a binding is not specified, by default the message is treated as a CloudEvent and is mapped to the HTTP request according to the CloudEvent HTTP Protocol Binding Binary Content Mode. - The Pipeline converts the data field of the message to the format provided in `output_payload_format` and maps it to the body field of the result. - It also sets the corresponding Content-Type header to the `output_payload_format` type. - If the `output_payload_format` is unspecified, then the Pipeline will treat the data field of the message as opaque binary data and attach it to the request body as bytes. - In this case, the Content-Type header will be set to the value of the datacontenttype attribute set on the incoming CloudEvent message if present, or the `application/octet-stream` MIME type otherwise. - The Pipeline expects that the content of the message will adhere to the standard CloudEvent format. If not then the outgoing message request may fail with a persistent error. + 1. If a map named headers exists on the result of the expression, + then its key-value pairs are directly mapped to the HTTP request + headers. The headers values are constructed from the corresponding + value type's canonical representation. If the headers field does + not exist, then the resulting HTTP request will not contain + headers. - The result of the CEL expression must be a map of key-value pairs such that: - 1. If a map named `headers` exists on the result of the expression, then its key-value pairs are directly mapped to the HTTP request headers. - The headers values are constructed from the corresponding value type's canonical representation. - If the `headers` field does not exist, then the resulting HTTP request will not contain headers. - 2. If a field named `body` exists on the result of the expression, then its value is directly mapped to the body of the request. - If the value of the `body` field is of type bytes or string, then it is used as the HTTP request body as-is withouth any conversion. - If the `body` field is of any other type, then it is converted to a JSON string. - If the `body` field does not exist, then the resulting HTTP request will not contain a body. - 3. Any other fields in the resulting expression will be ignored. + 2. If a field named body exists on the result of the expression, + then its value is directly mapped to the body of the request. If + the value of the body field is of type bytes or string, then it is + used as the HTTP request body as-is withouth any conversion. If the + body field is of any other type, then it is converted to a JSON + string. If the body field does not exist, then the resulting HTTP + request will not contain a body. - The CEL expression may access the incoming CloudEvent message in its definition, as follows: - 1. The `data` field of the incoming CloudEvent message can be accessed using the `message.data` value. - 2. Each attribute of the incoming CloudEvent message can be accessed using the `message.` value, where is the name of the attribute. + 3. Any other fields in the resulting expression will be ignored. - Headers added to the request by previous filters in the chain can be accessed in the CEL expression using the `headers` variable. - The `headers` variable defines a map of key-value pairs corresponding to the HTTP headers added by previous mediation steps and not the headers present on the original incoming request. - For example, the following CEL expression can be used to construct a headers-only HTTP request by adding an additional header to the headers added by previous mediations in the Pipeline: + The CEL expression may access the incoming CloudEvent message in + its definition, as follows: - {"headers": headers.merge({"new-header-key": "new-header-value"})} + 1. The data field of the incoming CloudEvent message can be + accessed using the message.data value. - Additionally, the following CEL extension functions can be used in this CEL expression: - 1. toBase64Url: - map.toBase64Url() -> string - Converts a CelValue to a base64url encoded string. - 2. toJsonString: - map.toJsonString() -> string - Converts a CelValue to a JSON string. - 3. merge: - map1.merge(map2) -> map3 - Merges the passed CEL map with the existing CEL map the function is applied to. - If the same key exists in both maps, or if the key's value is type map, then both maps are merged; Otherwise, the value from the passed map is used. - 4. toMap: - list(map).toMap() -> map - Converts a CEL list of CEL maps to a single CEL map. - 5. toDestinationPayloadFormat: - message.data.toDestinationPayloadFormat() -> string or bytes - Converts the message data to the destination payload format specified in `output_payload_format`. - This function is meant to be applied to the message.data field. - If the destination payload format is not set, the function will return the message data unchanged. - 6. toCloudEventJsonWithPayloadFormat: - message.toCloudEventJsonWithPayloadFormat() -> map - Converts a message to the corresponding structure of JSON format for CloudEvents. - This function applies toDestinationPayloadFormat() to the message data. - It also sets the corresponding datacontenttype of the CloudEvent, as indicated by the `output_payload_format` field. - If `output_payload_format` is not set, it will use the existing datacontenttype on the CloudEvent if present; Otherwise, it leaves the datacontenttype unset. - This function expects that the content of the message will adhere to the standard CloudEvent format. If it doesn't then this function will fail. - The result is a CEL map that corresponds to the JSON representation of the CloudEvent. To convert that data to a JSON string it can be chained with the toJsonString() function. + 2. Each attribute of the incoming CloudEvent message can be + accessed using the message. value, where is the name of + the attribute. - Note that `http_endpoint_message_binding_template` cannot be set when `http_endpoint_uri` is not set. + Headers added to the request by previous filters in the chain can + be accessed in the CEL expression using the headers variable. The + headers variable defines a map of key-value pairs corresponding to + the HTTP headers added by previous mediation steps and not the + headers present on the original incoming request. For example, the + following CEL expression can be used to construct a headers-only + HTTP request by adding an additional header to the headers added by + previous mediations in the pipeline: - Examples: + {"headers": headers.merge({"new-header-key": "new-header-value"})} - $ gcloud eventarc pipelines create example-pipeline \ - --destinations=http_endpoint_uri='https://example.com',\ - http_endpoint_message_binding_template='{"headers": - {"new-header-key": - "new-header-value"}}',network_attachment=example-network-attachment + Additionally, the following CEL extension functions can be used in + this CEL expression: - 3.workflow: the destination Workflow ID. + ▸ toBase64Url: map.toBase64Url() -> string + ▫ Converts a CelValue to a base64url encoded string. - Examples: + ▸ toJsonString: map.toJsonString() -> string + ▫ Converts a CelValue to a JSON string. - $ gcloud eventarc pipelines create example-pipeline \ - --destinations=workflow=my-workflow,\ - network_attachment=example-network-attachment + ▸ merge: map1.merge(map2) -> map3 + ▫ Merges the passed CEL map with the existing CEL map the + function is applied to. If the same key exists in both maps, or + if the key's value is type map, then both maps are merged; + Otherwise, the value from the passed map is used. - 4.message_bus: the destination Message Bus ID. + ▸ toMap: list(map).toMap() -> map + ▫ Converts a CEL list of CEL maps to a single CEL map. - Examples: + ▸ toDestinationPayloadFormat: + message.data.toDestinationPayloadFormat() -> string or bytes + ▫ Converts the message data to the destination payload format + specified in output_payload_format. This function is meant to + be applied to the message.data field. If the destination + payload format is not set, the function will return the message + data unchanged. - $ gcloud eventarc pipelines create example-pipeline \ - --destinations=message_bus=my-message-bus,\ - network_attachment=example-network-attachment + ▸ toCloudEventJsonWithPayloadFormat: + message.toCloudEventJsonWithPayloadFormat() -> map + ▫ Converts a message to the corresponding structure of JSON + format for CloudEvents. This function applies + toDestinationPayloadFormat() to the message data. It also sets + the corresponding datacontenttype of the CloudEvent, as + indicated by the output_payload_format field. If + output_payload_format is not set, it will use the existing + datacontenttype on the CloudEvent if present; Otherwise, it + leaves the datacontenttype unset. This function expects that + the content of the message will adhere to the standard + CloudEvent format. If it doesn't then this function will fail. + The result is a CEL map that corresponds to the JSON + representation of the CloudEvent. To convert that data to a + JSON string it can be chained with the toJsonString() function. - 5.pubsub_topic: the destination Pub/Sub topic ID. + For example: - Examples: + $ gcloud eventarc pipelines create example-pipeline \ + --destinations=http_endpoint_uri='https://example.com',\ + http_endpoint_message_binding_template='{"headers": + {"new-header-key": + "new-header-value"}}',network_attachment=example-network-attachment - $ gcloud eventarc pipelines create example-pipeline \ - --destinations=pubsub_topic=my-topic,\ - network_attachment=example-network-attachment + workflow + The destination Workflow ID. For example: - NOTE: Exactly one of the http_endpoint_uri, workflow, message_bus, or - pubsub_topic key must be set. + $ gcloud eventarc pipelines create example-pipeline \ + --destinations=workflow=my-workflow,\ + network_attachment=example-network-attachment - 6.project: the project ID of the destination resource. If project is - not set, then the project ID of the Pipeline will be used. NOTE: - project cannot be set when http_endpoint_uri is set. + message_bus + The destination Message Bus ID. For example: - Examples: + $ gcloud eventarc pipelines create example-pipeline \ + --destinations=message_bus=my-message-bus,\ + network_attachment=example-network-attachment - $ gcloud eventarc pipelines create example-pipeline \ - --destinations=project=example-project,workflow=my-workflow,\ - network_attachment=example-network-attachment + pubsub_topic + The destination Pub/Sub topic ID. For example: - 7.location: the location of the destination resource. If location is - not set, then the location of the Pipeline will be used. NOTE: location - cannot be set when http_endpoint_uri is set. + $ gcloud eventarc pipelines create example-pipeline \ + --destinations=pubsub_topic=my-topic,\ + network_attachment=example-network-attachment - Examples: + project + The project ID of the destination resource. If project is not set, + then the project ID of the pipeline is used. For example: - $ gcloud eventarc pipelines create example-pipeline \ - --destinations=location=us-east1,workflow=my-workflow,\ - network_attachment=example-network-attachment + $ gcloud eventarc pipelines create example-pipeline \ + --destinations=project=example-project,workflow=my-workflow,\ + network_attachment=example-network-attachment - 8.network_attachment: the ID of the Network Attachment that allows - access to the consumer VPC. + Note: When http_endpoint_uri is set, project can't be set. - Examples: + location + The location of the destination resource. If location is not set, + then the location of the pipeline is used. For example: - $ gcloud eventarc pipelines create example-pipeline \ - --destinations=network_attachment=my-network-attachment,\ - http_endpoint_uri='https://example.com' + $ gcloud eventarc pipelines create example-pipeline \ + --destinations=location=us-east1,workflow=my-workflow,\ + network_attachment=example-network-attachment - NOTE: network_attachment must be specified for a Pipeline. + Note: When http_endpoint_uri is set, location can't be set. - 9.google_oidc_authentication_service_account: the service account email - used to generate the OIDC token. The token can be used to invoke Cloud - Run and Cloud Function destinations or HTTP endpoints that support - Google OIDC. Note that the principal who calls this API must have - iam.serviceAccounts.actAs permission in the service account. See - https://cloud.google.com/iam/docs/understanding-service-accounts?hl=en#sa_common - for more information. + network_attachment + The ID of the network attachment that allows access to the consumer + VPC. For example: - Examples: + $ gcloud eventarc pipelines create example-pipeline \ + --destinations=network_attachment=my-network-attachment,\ + http_endpoint_uri='https://example.com' - $ gcloud eventarc pipelines create example-pipeline \ - --destinations=http_endpoint_uri='https://example.com',\ - network_attachment=example-network-attachment,\ - google_oidc_authentication_service_account=example-service-account@e\ - xample-project.gserviceaccount.iam.com + Note: A network attachment must be specified for a pipeline. - 10.google_oidc_authentication_audience: the audience claim which - identifies the recipient that the JWT is intended for. If unspecified, - the destination URI will be used. NOTE: - google_oidc_authentication_audience can only be set if - google_oidc_authentication_service_account is set. + google_oidc_authentication_service_account + The service account email used to generate the OIDC token. The + token can be used to invoke Cloud Run and Cloud Run functions + destinations or HTTP endpoints that support Google OIDC. Note that + the principal who calls this API must have + iam.serviceAccounts.actAs permission on the service account. For + more information, see Service accounts overview + (https://cloud.google.com/iam/docs/understanding-service-accounts). + For example: - Examples: + $ gcloud eventarc pipelines create example-pipeline \ + --destinations=http_endpoint_uri='https://example.com',\ + network_attachment=example-network-attachment,\ + google_oidc_authentication_service_account=example-service-account@e\ + xample-project.gserviceaccount.iam.com - $ gcloud eventarc pipelines create example-pipeline \ - --destinations=http_endpoint_uri='https://example.com',\ - network_attachment=example-network-attachment,\ - google_oidc_authentication_service_account=example-service-account@e\ - xample-project.gserviceaccount.iam.com,\ - google_oidc_authentication_audience='https://example.com' + google_oidc_authentication_audience + The audience claim which identifies the recipient that the JWT is + intended for. If unspecified, the destination URI will be used. For + example: - 11.oauth_token_authentication_service_account: the service account - email used to generate the OAuth token. OAuth authorization should - generally only be used when calling Google APIs hosted on - *.googleapis.com. Note that the principal who calls this API must have - iam.serviceAccounts.actAs permission in the service account. See - https://cloud.google.com/iam/docs/understanding-service-accounts?hl=en#sa_common - for more information. + $ gcloud eventarc pipelines create example-pipeline \ + --destinations=http_endpoint_uri='https://example.com',\ + network_attachment=example-network-attachment,\ + google_oidc_authentication_service_account=example-service-account@e\ + xample-project.gserviceaccount.iam.com,\ + google_oidc_authentication_audience='https://example.com' - Examples: + Note: google_oidc_authentication_audience can only be set if + google_oidc_authentication_service_account is set. - $ gcloud eventarc pipelines create example-pipeline \ - --destinations=http_endpoint_uri='https://example.com',\ - network_attachment=example-network-attachment,\ - oauth_token_authentication_service_account=example-service-account@e\ - xample-project.gserviceaccount.iam.com + oauth_token_authentication_service_account + The service account email used to generate the OAuth token. OAuth + authorization should generally only be used when calling Google + APIs hosted on *.googleapis.com. Note that the principal who calls + this API must have iam.serviceAccounts.actAs permission in the + service account. For more information, see Service accounts + overview + (https://cloud.google.com/iam/docs/understanding-service-accounts). + For example: - 12.oauth_token_authentication_scope: the scope used to generate the - OAuth token. If unspecified, - "https://www.googleapis.com/auth/cloud-platform" will be used. NOTE: - oauth_token_authentication_scope can only be set if - oauth_token_authentication_service_account is set. + $ gcloud eventarc pipelines create example-pipeline \ + --destinations=http_endpoint_uri='https://example.com',\ + network_attachment=example-network-attachment,\ + oauth_token_authentication_service_account=example-service-account@e\ + xample-project.gserviceaccount.iam.com - Examples: + oauth_token_authentication_scope + The scope used to generate the OAuth token. If unspecified, + "https://www.googleapis.com/auth/cloud-platform" will be used. For + example: - $ gcloud eventarc pipelines create example-pipeline \ - --destinations=http_endpoint_uri='https://example.com',\ - network_attachment=example-network-attachment,\ - oauth_token_authentication_service_account=example-service-account@e\ - xample-project.gserviceaccount.iam.com,\ - oauth_token_authentication_scope=https://www.googleapis.com/auth/\ - cloud-platform + $ gcloud eventarc pipelines create example-pipeline \ + --destinations=http_endpoint_uri='https://example.com',\ + network_attachment=example-network-attachment,\ + oauth_token_authentication_service_account=example-service-account@e\ + xample-project.gserviceaccount.iam.com,\ + oauth_token_authentication_scope=https://www.googleapis.com/auth/\ + cloud-platform - NOTE: At most one of google_oidc_authentication_service_account or - oauth_token_authentication_service_account can be set. + Note: At most one of google_oidc_authentication_service_account or + oauth_token_authentication_service_account can be set; and + oauth_token_authentication_scope can only be set if + oauth_token_authentication_service_account is set. - 13.output_payload_format_json: indicates that the output payload format - is JSON. NOTE: JSON schema is not supported currently. Any value - specified by this key will be ignored. + output_payload_format_json + Indicates that the output payload format is JSON. For example: - Examples: + $ gcloud eventarc pipelines create example-pipeline \ + --destinations=http_endpoint_uri='https://example.com',\ + network_attachment=example-network-attachment,\ + output_payload_format_json= --input-payload-format-json= - $ gcloud eventarc pipelines create example-pipeline \ - --destinations=http_endpoint_uri='https://example.com',\ - network_attachment=example-network-attachment,\ - output_payload_format_json= --input-payload-format-json= + Note: JSON schemas are not supported. Any value specified by this + key is ignored. - 14.output_payload_format_avro_schema_definition: the schema definition - of the Avro output payload format. + output_payload_format_avro_schema_definition + The schema definition of the Avro output payload format. For + example: - Examples: + $ gcloud eventarc pipelines create example-pipeline \ + --destinations=http_endpoint_uri='https://example.com',\ + network_attachment=example-network-attachment,\ + output_payload_format_avro_schema_definition='{"type": "record", + "name": "my_record", "fields": [{"name": "field1", "type": + "string"}]}' \ + --input-payload-format-avro-schema-definition='{"type": + "record", "name": "my_record", "fields": [{"name": "field1", + "type": "string"}]}' - $ gcloud eventarc pipelines create example-pipeline \ - --destinations=http_endpoint_uri='https://example.com',\ - network_attachment=example-network-attachment,\ - output_payload_format_avro_schema_definition='{"type": "record", - "name": "my_record", "fields": [{"name": "field1", "type": - "string"}]}' \ - --input-payload-format-avro-schema-definition='{"type": - "record", "name": "my_record", "fields": [{"name": "field1", - "type": "string"}]}' + output_payload_format_protobuf_schema_definition + The schema definition of the Protobuf output payload format. For + example: - 15.output_payload_format_protobuf_schema_definition: the schema - definition of the Protobuf output payload format. + $ gcloud eventarc pipelines create example-pipeline \ + --destinations=http_endpoint_uri='https://example.com',\ + network_attachment=example-network-attachment,\ + output_payload_format_protobuf_schema_definition='syntax = + "proto3"; message Location { string home_address = 1; }' \ + --input-payload-format-protobuf-schema-definition='syntax = + "proto3"; message Location { string home_address = 1; }' - Examples: - - $ gcloud eventarc pipelines create example-pipeline \ - --destinations=http_endpoint_uri='https://example.com',\ - network_attachment=example-network-attachment,\ - output_payload_format_protobuf_schema_definition='syntax = - "proto3"; message Location { string home_address = 1; }' \ - --input-payload-format-protobuf-schema-definition='syntax = - "proto3"; message Location { string home_address = 1; }' - - NOTE: If none of the input_payload_format_json, - input_payload_format_avro_schema_definition, or - input_payload_format_protobuf_schema_definition is set, then the - message data will be treated as an opaque binary and no output format - can be set on the Pipeline through the output_payload_format_json, - output_payload_format_avro_schema_definition, or - output_payload_format_protobuf_schema_definition field. Any Mediations - on the Pipeline that involve access to the data field will fail as - persistent errors. + Note: If none of the input_payload_format_json, + input_payload_format_avro_schema_definition, or + input_payload_format_protobuf_schema_definition is set, then the + message data is treated as an opaque binary and no output format + can be set on the pipeline through the output_payload_format_json, + output_payload_format_avro_schema_definition, or + output_payload_format_protobuf_schema_definition field. Any + mediations on the pipeline that involve access to the data field + will fail as persistent errors. --logging-config=LOGGING_CONFIG The logging config of the pipeline. LOGGING_CONFIG must be one of: NONE, DEBUG, INFO, NOTICE, WARNING, ERROR, CRITICAL, ALERT, EMERGENCY. --mediations=[transformation_template=TRANSFORMATION_TEMPLATE|...] - The different ways to modify the Pipeline. Currently, only one + The different ways to modify the pipeline. Currently, only one mediation is supported per pipeline. A mediation is specified in a dict format. Currently, the only valid @@ -379,6 +404,15 @@ FLAGS --mediations=transformation_template='message.removeFields(["dat\ a.credit_card_number","data.ssn"])' + --update-labels=[KEY=VALUE,...] + List of label KEY=VALUE pairs to update. If a label exists, its value + is modified. Otherwise, a new label is created. + + Keys must start with a lowercase character and contain only hyphens + (-), underscores (_), lowercase characters, and numbers. Values must + contain only hyphens (-), underscores (_), lowercase characters, and + numbers. + At most one of these can be specified: --clear-crypto-key @@ -390,6 +424,26 @@ FLAGS encryption. If this is unspecified, Google-managed keys will be used for encryption. + At most one of these can be specified: + + --clear-labels + Remove all labels. If --update-labels is also specified then + --clear-labels is applied first. + + For example, to remove all labels: + + $ gcloud beta eventarc pipelines update --clear-labels + + To remove all existing labels and create two new labels, foo and baz: + + $ gcloud beta eventarc pipelines update --clear-labels \ + --update-labels foo=bar,baz=qux + + --remove-labels=[KEY,...] + List of label keys to remove. If a label does not exist it is + silently ignored. If --update-labels is also specified then + --update-labels is applied first. + At most one of these can be specified: --input-payload-format-avro-schema-definition=INPUT_PAYLOAD_FORMAT_AVRO_SCHEMA_DEFINITION @@ -407,7 +461,7 @@ FLAGS set, then any messages not matching this format will be treated as persistent errors. - The retry policy configuration for the Pipeline. The pipeline exponentially + The retry policy configuration for the pipeline. The pipeline exponentially backs off if the destination is non-responsive or returns a retryable error code. The backoff starts with a 1 second delay and doubles the delay after each failed attempt. The delay is capped at 60 seconds. If the diff --git a/gcloud/beta/filestore/backups/create b/gcloud/beta/filestore/backups/create index 1e3775bda..152ada1ec 100644 --- a/gcloud/beta/filestore/backups/create +++ b/gcloud/beta/filestore/backups/create @@ -6,7 +6,8 @@ SYNOPSIS --instance=INSTANCE --region=REGION (--instance-location=INSTANCE_LOCATION | --instance-zone=INSTANCE_ZONE) [--async] [--description=DESCRIPTION] [--kms-key=KMS_KEY] - [--labels=[KEY=VALUE,...]] [GCLOUD_WIDE_FLAG ...] + [--labels=[KEY=VALUE,...]] [--tags=[KEY=VALUE,...]] + [GCLOUD_WIDE_FLAG ...] DESCRIPTION (BETA) Create a Filestore backup of an instance file share. @@ -64,6 +65,9 @@ OPTIONAL FLAGS --labels=[KEY=VALUE,...] List of label KEY=VALUE pairs to add. + --tags=[KEY=VALUE,...] + List of tag KEY=VALUE pairs to add. + GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, diff --git a/gcloud/beta/filestore/instances/create b/gcloud/beta/filestore/instances/create index 4233f1552..15baae476 100644 --- a/gcloud/beta/filestore/instances/create +++ b/gcloud/beta/filestore/instances/create @@ -12,7 +12,8 @@ SYNOPSIS [--location=LOCATION] [--managed-ad=[computer=COMPUTER],[domain=DOMAIN]] [--protocol=PROTOCOL; default="NFS_V3"] [--region=REGION] - [--source-instance=SOURCE_INSTANCE] [--tier=TIER; default="BASIC_HDD"] + [--source-instance=SOURCE_INSTANCE] [--tags=[KEY=VALUE,...]] + [--tier=TIER; default="BASIC_HDD"] [--deletion-protection : --deletion-protection-reason=DELETION_PROTECTION_REASON] [--kms-key=KMS_KEY : --kms-keyring=KMS_KEYRING @@ -258,6 +259,12 @@ OPTIONAL FLAGS --source-instance=SOURCE_INSTANCE The replication source instance of the Cloud Filestore instance. + --tags=[KEY=VALUE,...] + List of tags KEY=VALUE pairs to bind. Each item must be expressed as + =. + + Example: 123/environment=production,123/costCenter=marketing + --tier=TIER; default="BASIC_HDD" The service tier for the Cloud Filestore instance. For more details, see: https://cloud.google.com/filestore/docs/instance-tiers diff --git a/gcloud/beta/functions/add-iam-policy-binding b/gcloud/beta/functions/add-iam-policy-binding index 19a192140..23dda2d0e 100644 --- a/gcloud/beta/functions/add-iam-policy-binding +++ b/gcloud/beta/functions/add-iam-policy-binding @@ -17,7 +17,7 @@ EXAMPLES --member=MEMBER-1 --role=ROLE-1 POSITIONAL ARGUMENTS - Function resource - The Cloud function name to add IAM policy binding for. + Function resource - The Cloud Function name to add IAM policy binding for. The arguments in this group can be used to specify the attributes of this resource. (NOTE) Some attributes are not given arguments in this group but can be set in other ways. diff --git a/gcloud/beta/functions/add-invoker-policy-binding b/gcloud/beta/functions/add-invoker-policy-binding index db6fb0a92..124d57cc6 100644 --- a/gcloud/beta/functions/add-invoker-policy-binding +++ b/gcloud/beta/functions/add-invoker-policy-binding @@ -24,7 +24,7 @@ EXAMPLES --member=MEMBER-1 POSITIONAL ARGUMENTS - Function resource - The Cloud function name to add the invoker binding to. + Function resource - The Cloud Function name to add the invoker binding to. The arguments in this group can be used to specify the attributes of this resource. (NOTE) Some attributes are not given arguments in this group but can be set in other ways. diff --git a/gcloud/beta/functions/call b/gcloud/beta/functions/call index 7caee0152..ac97167c7 100644 --- a/gcloud/beta/functions/call +++ b/gcloud/beta/functions/call @@ -23,7 +23,7 @@ EXAMPLES other HTTP methods, use a dedicated HTTP request tool such as cURL or wget. POSITIONAL ARGUMENTS - Function resource - The Cloud function name to execute. The arguments in + Function resource - The Cloud Function name to execute. The arguments in this group can be used to specify the attributes of this resource. (NOTE) Some attributes are not given arguments in this group but can be set in other ways. diff --git a/gcloud/beta/functions/delete b/gcloud/beta/functions/delete index 9089249ce..4541e56a9 100644 --- a/gcloud/beta/functions/delete +++ b/gcloud/beta/functions/delete @@ -9,7 +9,7 @@ DESCRIPTION (BETA) Delete a Google Cloud Function. POSITIONAL ARGUMENTS - Function resource - The Cloud function name to delete. The arguments in + Function resource - The Cloud Function name to delete. The arguments in this group can be used to specify the attributes of this resource. (NOTE) Some attributes are not given arguments in this group but can be set in other ways. diff --git a/gcloud/beta/functions/deploy b/gcloud/beta/functions/deploy index 68d2a558e..814362d29 100644 --- a/gcloud/beta/functions/deploy +++ b/gcloud/beta/functions/deploy @@ -68,7 +68,7 @@ EXAMPLES using other types of resource as triggers. POSITIONAL ARGUMENTS - Function resource - The Cloud function name to deploy. The arguments in + Function resource - The Cloud Function name to deploy. The arguments in this group can be used to specify the attributes of this resource. (NOTE) Some attributes are not given arguments in this group but can be set in other ways. diff --git a/gcloud/beta/functions/describe b/gcloud/beta/functions/describe index 7ec9c0eca..327fa3de1 100644 --- a/gcloud/beta/functions/describe +++ b/gcloud/beta/functions/describe @@ -9,7 +9,7 @@ DESCRIPTION (BETA) Display details of a Google Cloud Function. POSITIONAL ARGUMENTS - Function resource - The Cloud function name to describe. The arguments in + Function resource - The Cloud Function name to describe. The arguments in this group can be used to specify the attributes of this resource. (NOTE) Some attributes are not given arguments in this group but can be set in other ways. diff --git a/gcloud/beta/functions/get-iam-policy b/gcloud/beta/functions/get-iam-policy index 7a1504641..c8429f7e6 100644 --- a/gcloud/beta/functions/get-iam-policy +++ b/gcloud/beta/functions/get-iam-policy @@ -16,7 +16,7 @@ EXAMPLES $ gcloud beta functions get-iam-policy FUNCTION-1 POSITIONAL ARGUMENTS - Function resource - The Cloud function name to get IAM policy for. The + Function resource - The Cloud Function name to get IAM policy for. The arguments in this group can be used to specify the attributes of this resource. (NOTE) Some attributes are not given arguments in this group but can be set in other ways. diff --git a/gcloud/beta/functions/remove-iam-policy-binding b/gcloud/beta/functions/remove-iam-policy-binding index 02db20bcb..9a7772a21 100644 --- a/gcloud/beta/functions/remove-iam-policy-binding +++ b/gcloud/beta/functions/remove-iam-policy-binding @@ -17,7 +17,7 @@ EXAMPLES --member=MEMBER-1 --role=ROLE-1 POSITIONAL ARGUMENTS - Function resource - The Cloud function name to remove IAM policy binding + Function resource - The Cloud Function name to remove IAM policy binding from. The arguments in this group can be used to specify the attributes of this resource. (NOTE) Some attributes are not given arguments in this group but can be set in other ways. diff --git a/gcloud/beta/functions/remove-invoker-policy-binding b/gcloud/beta/functions/remove-invoker-policy-binding index 8e403e921..d37ebdaa7 100644 --- a/gcloud/beta/functions/remove-invoker-policy-binding +++ b/gcloud/beta/functions/remove-invoker-policy-binding @@ -25,7 +25,7 @@ EXAMPLES --member=MEMBER-1 POSITIONAL ARGUMENTS - Function resource - The Cloud function name to remove the invoker binding + Function resource - The Cloud Function name to remove the invoker binding from. The arguments in this group can be used to specify the attributes of this resource. (NOTE) Some attributes are not given arguments in this group but can be set in other ways. diff --git a/gcloud/beta/functions/set-iam-policy b/gcloud/beta/functions/set-iam-policy index 44d7202b4..02b4c0ae1 100644 --- a/gcloud/beta/functions/set-iam-policy +++ b/gcloud/beta/functions/set-iam-policy @@ -16,7 +16,7 @@ EXAMPLES $ gcloud beta functions set-iam-policy FUNCTION-1 POLICY-FILE-1 POSITIONAL ARGUMENTS - Function resource - The Cloud function name to get IAM policy for. The + Function resource - The Cloud Function name to get IAM policy for. The arguments in this group can be used to specify the attributes of this resource. (NOTE) Some attributes are not given arguments in this group but can be set in other ways. diff --git a/gcloud/beta/iam/policy-bindings/create b/gcloud/beta/iam/policy-bindings/create index f3032dbd6..31c3cdd69 100644 --- a/gcloud/beta/iam/policy-bindings/create +++ b/gcloud/beta/iam/policy-bindings/create @@ -230,5 +230,8 @@ API REFERENCE can be found at: https://cloud.google.com/iam/ NOTES - This command is currently in beta and might change without notice. + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud iam policy-bindings create diff --git a/gcloud/beta/iam/policy-bindings/delete b/gcloud/beta/iam/policy-bindings/delete index ce53325ed..60c911ce0 100644 --- a/gcloud/beta/iam/policy-bindings/delete +++ b/gcloud/beta/iam/policy-bindings/delete @@ -100,5 +100,8 @@ API REFERENCE can be found at: https://cloud.google.com/iam/ NOTES - This command is currently in beta and might change without notice. + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud iam policy-bindings delete diff --git a/gcloud/beta/iam/policy-bindings/describe b/gcloud/beta/iam/policy-bindings/describe index 518373d61..3769c06fb 100644 --- a/gcloud/beta/iam/policy-bindings/describe +++ b/gcloud/beta/iam/policy-bindings/describe @@ -92,5 +92,8 @@ API REFERENCE can be found at: https://cloud.google.com/iam/ NOTES - This command is currently in beta and might change without notice. + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud iam policy-bindings describe diff --git a/gcloud/beta/iam/policy-bindings/help b/gcloud/beta/iam/policy-bindings/help index c754c3a28..7adea4389 100644 --- a/gcloud/beta/iam/policy-bindings/help +++ b/gcloud/beta/iam/policy-bindings/help @@ -34,5 +34,8 @@ COMMANDS (BETA) Update PolicyBinding instance. NOTES - This command is currently in beta and might change without notice. + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud iam policy-bindings diff --git a/gcloud/beta/iam/policy-bindings/list b/gcloud/beta/iam/policy-bindings/list index 5a261cd4e..c969bd9aa 100644 --- a/gcloud/beta/iam/policy-bindings/list +++ b/gcloud/beta/iam/policy-bindings/list @@ -112,5 +112,8 @@ API REFERENCE can be found at: https://cloud.google.com/iam/ NOTES - This command is currently in beta and might change without notice. + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud iam policy-bindings list diff --git a/gcloud/beta/iam/policy-bindings/search-target-policy-bindings b/gcloud/beta/iam/policy-bindings/search-target-policy-bindings index ca36a3acf..b21d7ea17 100644 --- a/gcloud/beta/iam/policy-bindings/search-target-policy-bindings +++ b/gcloud/beta/iam/policy-bindings/search-target-policy-bindings @@ -122,5 +122,8 @@ API REFERENCE can be found at: https://cloud.google.com/iam/ NOTES - This command is currently in beta and might change without notice. + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud iam policy-bindings search-target-policy-bindings diff --git a/gcloud/beta/iam/policy-bindings/update b/gcloud/beta/iam/policy-bindings/update index 6366626fa..081b5fb55 100644 --- a/gcloud/beta/iam/policy-bindings/update +++ b/gcloud/beta/iam/policy-bindings/update @@ -222,5 +222,8 @@ API REFERENCE can be found at: https://cloud.google.com/iam/ NOTES - This command is currently in beta and might change without notice. + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud iam policy-bindings update diff --git a/gcloud/beta/iam/principal-access-boundary-policies/create b/gcloud/beta/iam/principal-access-boundary-policies/create index 14011fab2..dd32ef10b 100644 --- a/gcloud/beta/iam/principal-access-boundary-policies/create +++ b/gcloud/beta/iam/principal-access-boundary-policies/create @@ -158,5 +158,8 @@ API REFERENCE can be found at: https://cloud.google.com/iam/ NOTES - This command is currently in beta and might change without notice. + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud iam principal-access-boundary-policies create diff --git a/gcloud/beta/iam/principal-access-boundary-policies/delete b/gcloud/beta/iam/principal-access-boundary-policies/delete index 2f8e81826..8a2b23a71 100644 --- a/gcloud/beta/iam/principal-access-boundary-policies/delete +++ b/gcloud/beta/iam/principal-access-boundary-policies/delete @@ -81,5 +81,8 @@ API REFERENCE can be found at: https://cloud.google.com/iam/ NOTES - This command is currently in beta and might change without notice. + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud iam principal-access-boundary-policies delete diff --git a/gcloud/beta/iam/principal-access-boundary-policies/describe b/gcloud/beta/iam/principal-access-boundary-policies/describe index 79ca651e1..6ef14ab31 100644 --- a/gcloud/beta/iam/principal-access-boundary-policies/describe +++ b/gcloud/beta/iam/principal-access-boundary-policies/describe @@ -68,5 +68,8 @@ API REFERENCE can be found at: https://cloud.google.com/iam/ NOTES - This command is currently in beta and might change without notice. + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud iam principal-access-boundary-policies describe diff --git a/gcloud/beta/iam/principal-access-boundary-policies/help b/gcloud/beta/iam/principal-access-boundary-policies/help index 67eaaa473..28d761f60 100644 --- a/gcloud/beta/iam/principal-access-boundary-policies/help +++ b/gcloud/beta/iam/principal-access-boundary-policies/help @@ -36,5 +36,8 @@ COMMANDS (BETA) Update PrincipalAccessBoundaryPolicy instance. NOTES - This command is currently in beta and might change without notice. + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud iam principal-access-boundary-policies diff --git a/gcloud/beta/iam/principal-access-boundary-policies/list b/gcloud/beta/iam/principal-access-boundary-policies/list index 1fc2ec029..e68605d16 100644 --- a/gcloud/beta/iam/principal-access-boundary-policies/list +++ b/gcloud/beta/iam/principal-access-boundary-policies/list @@ -88,5 +88,8 @@ API REFERENCE can be found at: https://cloud.google.com/iam/ NOTES - This command is currently in beta and might change without notice. + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud iam principal-access-boundary-policies list diff --git a/gcloud/beta/iam/principal-access-boundary-policies/search-policy-bindings b/gcloud/beta/iam/principal-access-boundary-policies/search-policy-bindings index f2fcb8cfc..3e5f9656d 100644 --- a/gcloud/beta/iam/principal-access-boundary-policies/search-policy-bindings +++ b/gcloud/beta/iam/principal-access-boundary-policies/search-policy-bindings @@ -95,5 +95,9 @@ API REFERENCE can be found at: https://cloud.google.com/iam/ NOTES - This command is currently in beta and might change without notice. + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud iam principal-access-boundary-policies \ + search-policy-bindings diff --git a/gcloud/beta/iam/principal-access-boundary-policies/update b/gcloud/beta/iam/principal-access-boundary-policies/update index 52fa0ebb1..086dbbb2d 100644 --- a/gcloud/beta/iam/principal-access-boundary-policies/update +++ b/gcloud/beta/iam/principal-access-boundary-policies/update @@ -286,5 +286,8 @@ API REFERENCE can be found at: https://cloud.google.com/iam/ NOTES - This command is currently in beta and might change without notice. + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud iam principal-access-boundary-policies update diff --git a/gcloud/beta/memorystore/help b/gcloud/beta/memorystore/help index 8983e5bc3..bd661f19a 100644 --- a/gcloud/beta/memorystore/help +++ b/gcloud/beta/memorystore/help @@ -22,8 +22,10 @@ GROUPS (BETA) Manage Memorystore operations. NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud memorystore $ gcloud alpha memorystore diff --git a/gcloud/beta/memorystore/instances/create b/gcloud/beta/memorystore/instances/create index 9d264896e..5aa4e8a5a 100644 --- a/gcloud/beta/memorystore/instances/create +++ b/gcloud/beta/memorystore/instances/create @@ -297,8 +297,10 @@ API REFERENCE this API can be found at: https://cloud.google.com/memorystore/ NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud memorystore instances create $ gcloud alpha memorystore instances create diff --git a/gcloud/beta/memorystore/instances/delete b/gcloud/beta/memorystore/instances/delete index b62c213fa..fe1117076 100644 --- a/gcloud/beta/memorystore/instances/delete +++ b/gcloud/beta/memorystore/instances/delete @@ -80,8 +80,10 @@ API REFERENCE this API can be found at: https://cloud.google.com/memorystore/ NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud memorystore instances delete $ gcloud alpha memorystore instances delete diff --git a/gcloud/beta/memorystore/instances/describe b/gcloud/beta/memorystore/instances/describe index eacfa0093..c413aceb7 100644 --- a/gcloud/beta/memorystore/instances/describe +++ b/gcloud/beta/memorystore/instances/describe @@ -61,8 +61,10 @@ API REFERENCE this API can be found at: https://cloud.google.com/memorystore/ NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud memorystore instances describe $ gcloud alpha memorystore instances describe diff --git a/gcloud/beta/memorystore/instances/get-certificate-authority b/gcloud/beta/memorystore/instances/get-certificate-authority index 9e6e5d666..5b1eaf3b7 100644 --- a/gcloud/beta/memorystore/instances/get-certificate-authority +++ b/gcloud/beta/memorystore/instances/get-certificate-authority @@ -61,8 +61,10 @@ API REFERENCE this API can be found at: https://cloud.google.com/memorystore/ NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud memorystore instances get-certificate-authority $ gcloud alpha memorystore instances get-certificate-authority diff --git a/gcloud/beta/memorystore/instances/help b/gcloud/beta/memorystore/instances/help index f9e3bc3ec..3512899ee 100644 --- a/gcloud/beta/memorystore/instances/help +++ b/gcloud/beta/memorystore/instances/help @@ -35,8 +35,10 @@ COMMANDS (BETA) Update the configuration of a Memorystore instance. NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud memorystore instances $ gcloud alpha memorystore instances diff --git a/gcloud/beta/memorystore/instances/list b/gcloud/beta/memorystore/instances/list index 0ad7d314f..60b627fbb 100644 --- a/gcloud/beta/memorystore/instances/list +++ b/gcloud/beta/memorystore/instances/list @@ -82,8 +82,10 @@ API REFERENCE this API can be found at: https://cloud.google.com/memorystore/ NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud memorystore instances list $ gcloud alpha memorystore instances list diff --git a/gcloud/beta/memorystore/instances/update b/gcloud/beta/memorystore/instances/update index cc0de3c45..11850b68a 100644 --- a/gcloud/beta/memorystore/instances/update +++ b/gcloud/beta/memorystore/instances/update @@ -280,8 +280,10 @@ API REFERENCE this API can be found at: https://cloud.google.com/memorystore/ NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud memorystore instances update $ gcloud alpha memorystore instances update diff --git a/gcloud/beta/memorystore/operations/cancel b/gcloud/beta/memorystore/operations/cancel index ebe5dfdca..0497f3846 100644 --- a/gcloud/beta/memorystore/operations/cancel +++ b/gcloud/beta/memorystore/operations/cancel @@ -59,8 +59,10 @@ API REFERENCE this API can be found at: https://cloud.google.com/memorystore/ NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud memorystore operations cancel $ gcloud alpha memorystore operations cancel diff --git a/gcloud/beta/memorystore/operations/delete b/gcloud/beta/memorystore/operations/delete index ffd49caba..b19c67250 100644 --- a/gcloud/beta/memorystore/operations/delete +++ b/gcloud/beta/memorystore/operations/delete @@ -59,8 +59,10 @@ API REFERENCE this API can be found at: https://cloud.google.com/memorystore/ NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud memorystore operations delete $ gcloud alpha memorystore operations delete diff --git a/gcloud/beta/memorystore/operations/describe b/gcloud/beta/memorystore/operations/describe index 0d2d03235..4d8876080 100644 --- a/gcloud/beta/memorystore/operations/describe +++ b/gcloud/beta/memorystore/operations/describe @@ -60,8 +60,10 @@ API REFERENCE this API can be found at: https://cloud.google.com/memorystore/ NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud memorystore operations describe $ gcloud alpha memorystore operations describe diff --git a/gcloud/beta/memorystore/operations/help b/gcloud/beta/memorystore/operations/help index 6675cc402..90b5cbceb 100644 --- a/gcloud/beta/memorystore/operations/help +++ b/gcloud/beta/memorystore/operations/help @@ -28,8 +28,10 @@ COMMANDS (BETA) List Memorystore operations. NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud memorystore operations $ gcloud alpha memorystore operations diff --git a/gcloud/beta/memorystore/operations/list b/gcloud/beta/memorystore/operations/list index a868e0332..2b9118cad 100644 --- a/gcloud/beta/memorystore/operations/list +++ b/gcloud/beta/memorystore/operations/list @@ -80,8 +80,10 @@ API REFERENCE this API can be found at: https://cloud.google.com/memorystore/ NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud memorystore operations list $ gcloud alpha memorystore operations list diff --git a/gcloud/beta/network-security/help b/gcloud/beta/network-security/help index 2203180fd..10f2f4719 100644 --- a/gcloud/beta/network-security/help +++ b/gcloud/beta/network-security/help @@ -36,6 +36,18 @@ GROUPS gateway-security-policies (BETA) Manage Network Security Gateway Security Policies. + intercept-deployment-groups + (BETA) Manage Intercept Deployment Group resources. + + intercept-deployments + (BETA) Manage Intercept Deployment resources. + + intercept-endpoint-group-associations + (BETA) Manage Intercept Endpoint Group Association resources. + + intercept-endpoint-groups + (BETA) Manage Intercept Endpoint Group resources. + mirroring-deployment-groups (BETA) Manage Mirroring Deployment Group resources. diff --git a/gcloud/beta/network-security/intercept-deployment-groups/create b/gcloud/beta/network-security/intercept-deployment-groups/create new file mode 100644 index 000000000..e2c41bf13 --- /dev/null +++ b/gcloud/beta/network-security/intercept-deployment-groups/create @@ -0,0 +1,123 @@ +NAME + gcloud beta network-security intercept-deployment-groups create - create an + Intercept Deployment Group + +SYNOPSIS + gcloud beta network-security intercept-deployment-groups create + (INTERCEPT_DEPLOYMENT_GROUP : --location=LOCATION) --network=NETWORK + [--async] [--labels=[KEY=VALUE,...]] + [--max-wait=MAX_WAIT; default="20m"] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) Create an intercept deployment group. Successful creation of a + deployment group results in a deployment group in ACTIVE state. Check the + progress of deployment group creation by using gcloud network-security + intercept-deployment-groups list. + + For more examples, refer to the EXAMPLES section below. + +EXAMPLES + To create a intercept deployment group called my-deployment-group, in + project ID my-project, run: $ gcloud beta network-security intercept-deployment-groups create \ + my-deployment-group --project=my-project --location=global \ + --network=my-network + + OR + + $ gcloud beta network-security intercept-deployment-groups create \ + my-deployment-group --project=my-project --location=global \ + --network=projects/my-project/global/networks/my-network + + OR + + $ gcloud beta network-security intercept-deployment-groups create \ + projects/my-project/locations/global/interceptDeploymentGroups/\ + my-deployment-group \ + --network=projects/my-project/global/networks/my-network + +POSITIONAL ARGUMENTS + Intercept deployment group resource - Intercept Deployment Group. The + arguments in this group can be used to specify the attributes of this + resource. (NOTE) Some attributes are not given arguments in this group but + can be set in other ways. + + To set the project attribute: + ◆ provide the argument INTERCEPT_DEPLOYMENT_GROUP on the command line + with a fully specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + INTERCEPT_DEPLOYMENT_GROUP + ID of the intercept deployment group or fully qualified identifier + for the intercept deployment group. + + To set the deployment-group-id attribute: + ▸ provide the argument INTERCEPT_DEPLOYMENT_GROUP on the command + line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + Location of the intercept deployment group. + + To set the location attribute: + ▸ provide the argument INTERCEPT_DEPLOYMENT_GROUP on the command + line with a fully specified name; + ▸ provide the argument --location on the command line. + +REQUIRED FLAGS + Network resource - Intercept Deployment Group. This represents a Cloud + resource. (NOTE) Some attributes are not given arguments in this group but + can be set in other ways. + + To set the project attribute: + ◆ provide the argument --network on the command line with a fully + specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + --network=NETWORK + ID of the network or fully qualified identifier for the network. + + To set the network-name attribute: + ▸ provide the argument --network on the command line. + +OPTIONAL FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. The default is True. Enabled by default, use --no-async to + disable. + + --labels=[KEY=VALUE,...] + List of label KEY=VALUE pairs to add. + + Keys must start with a lowercase character and contain only hyphens + (-), underscores (_), lowercase characters, and numbers. Values must + contain only hyphens (-), underscores (_), lowercase characters, and + numbers. + + --max-wait=MAX_WAIT; default="20m" + Time to synchronously wait for the operation to complete, after which + the operation continues asynchronously. Ignored if --no-async isn't + specified. See $ gcloud topic datetimes for information on time + formats. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud alpha network-security intercept-deployment-groups create + diff --git a/gcloud/beta/network-security/intercept-deployment-groups/delete b/gcloud/beta/network-security/intercept-deployment-groups/delete new file mode 100644 index 000000000..398c10382 --- /dev/null +++ b/gcloud/beta/network-security/intercept-deployment-groups/delete @@ -0,0 +1,88 @@ +NAME + gcloud beta network-security intercept-deployment-groups delete - delete an + Intercept Deployment Group + +SYNOPSIS + gcloud beta network-security intercept-deployment-groups delete + (INTERCEPT_DEPLOYMENT_GROUP : --location=LOCATION) [--async] + [--max-wait=MAX_WAIT; default="20m"] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) Delete an intercept deployment group. Check the progress of + deployment group deletion by using gcloud network-security + intercept-deployment-groups list. + + For more examples, refer to the EXAMPLES section below. + +EXAMPLES + To delete an intercept deployment group called my-deployment-group, in + project ID my-project, run: + + $ gcloud beta network-security intercept-deployment-groups delete \ + my-deployment-group --project=my-project --location=global + + OR + + $ gcloud beta network-security intercept-deployment-groups delete \ + projects/my-project/locations/global/interceptDeploymentGroups/\ + my-deployment-group + +POSITIONAL ARGUMENTS + Intercept deployment group resource - Intercept Deployment Group. The + arguments in this group can be used to specify the attributes of this + resource. (NOTE) Some attributes are not given arguments in this group but + can be set in other ways. + + To set the project attribute: + ◆ provide the argument INTERCEPT_DEPLOYMENT_GROUP on the command line + with a fully specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + INTERCEPT_DEPLOYMENT_GROUP + ID of the intercept deployment group or fully qualified identifier + for the intercept deployment group. + + To set the deployment-group-id attribute: + ▸ provide the argument INTERCEPT_DEPLOYMENT_GROUP on the command + line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + Location of the intercept deployment group. + + To set the location attribute: + ▸ provide the argument INTERCEPT_DEPLOYMENT_GROUP on the command + line with a fully specified name; + ▸ provide the argument --location on the command line. + +FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. The default is True. Enabled by default, use --no-async to + disable. + + --max-wait=MAX_WAIT; default="20m" + Time to synchronously wait for the operation to complete, after which + the operation continues asynchronously. Ignored if --no-async isn't + specified. See $ gcloud topic datetimes for information on time + formats. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud alpha network-security intercept-deployment-groups delete + diff --git a/gcloud/beta/network-security/intercept-deployment-groups/describe b/gcloud/beta/network-security/intercept-deployment-groups/describe new file mode 100644 index 000000000..293255aa0 --- /dev/null +++ b/gcloud/beta/network-security/intercept-deployment-groups/describe @@ -0,0 +1,74 @@ +NAME + gcloud beta network-security intercept-deployment-groups describe - + describe an Intercept Deployment Group + +SYNOPSIS + gcloud beta network-security intercept-deployment-groups describe + (INTERCEPT_DEPLOYMENT_GROUP : --location=LOCATION) + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) Describe an intercept deployment group. + + For more examples, refer to the EXAMPLES section below. + +EXAMPLES + To get a description of an intercept deployment group called + my-deployment-group in project ID my-project, run: + + $ gcloud beta network-security intercept-deployment-groups \ describe my-deployment-group --project=my-project \ + --location=global + + OR + + $ gcloud beta network-security intercept-deployment-groups \ describe \ + projects/my-project/locations/global/interceptDeploymentGroups/\ + my-deployment-group + +POSITIONAL ARGUMENTS + Intercept deployment group resource - Intercept Deployment Group. The + arguments in this group can be used to specify the attributes of this + resource. (NOTE) Some attributes are not given arguments in this group but + can be set in other ways. + + To set the project attribute: + ◆ provide the argument INTERCEPT_DEPLOYMENT_GROUP on the command line + with a fully specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + INTERCEPT_DEPLOYMENT_GROUP + ID of the intercept deployment group or fully qualified identifier + for the intercept deployment group. + + To set the deployment-group-id attribute: + ▸ provide the argument INTERCEPT_DEPLOYMENT_GROUP on the command + line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + Location of the intercept deployment group. + + To set the location attribute: + ▸ provide the argument INTERCEPT_DEPLOYMENT_GROUP on the command + line with a fully specified name; + ▸ provide the argument --location on the command line. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud alpha network-security intercept-deployment-groups describe + diff --git a/gcloud/beta/network-security/intercept-deployment-groups/help b/gcloud/beta/network-security/intercept-deployment-groups/help new file mode 100644 index 000000000..a3cbbc439 --- /dev/null +++ b/gcloud/beta/network-security/intercept-deployment-groups/help @@ -0,0 +1,44 @@ +NAME + gcloud beta network-security intercept-deployment-groups - manage Intercept + Deployment Group resources + +SYNOPSIS + gcloud beta network-security intercept-deployment-groups COMMAND + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) This class provides commands for managing Intercept Deployment + Groups. + + Attributes: category (str): The category under which this command group + falls. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --help. + + Run $ gcloud help for details. + +COMMANDS + COMMAND is one of the following: + + create + (BETA) Create an Intercept Deployment Group. + + delete + (BETA) Delete an Intercept Deployment Group. + + describe + (BETA) Describe an Intercept Deployment Group. + + list + (BETA) List Intercept Deployment Groups. + + update + (BETA) Update an Intercept Deployment Group. + +NOTES + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud alpha network-security intercept-deployment-groups + diff --git a/gcloud/beta/network-security/intercept-deployment-groups/list b/gcloud/beta/network-security/intercept-deployment-groups/list new file mode 100644 index 000000000..b4fcf3799 --- /dev/null +++ b/gcloud/beta/network-security/intercept-deployment-groups/list @@ -0,0 +1,92 @@ +NAME + gcloud beta network-security intercept-deployment-groups list - list + Intercept Deployment Groups + +SYNOPSIS + gcloud beta network-security intercept-deployment-groups list + [--location=LOCATION] [--filter=EXPRESSION] [--limit=LIMIT] + [--page-size=PAGE_SIZE] [--sort-by=[FIELD,...]] [--uri] + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) List intercept deployment groups. + + For more examples, refer to the EXAMPLES section below. + +EXAMPLES + To list intercept deployment groups in project ID my-project, run: + + $ gcloud beta network-security intercept-deployment-groups list \ + --location=global --project=my-project + + OR + + $ gcloud beta network-security intercept-deployment-groups list \ + --location=global + +FLAGS + Location resource - The location for a list operation This represents a + Cloud resource. (NOTE) Some attributes are not given arguments in this + group but can be set in other ways. + + To set the project attribute: + ◆ provide the argument --location on the command line with a fully + specified name; + ◆ Location of the Intercept Deployment Group. Defaults to global with a + fully specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + --location=LOCATION + ID of the location or fully qualified identifier for the location. + + To set the location attribute: + ▸ provide the argument --location on the command line; + ▸ Location of the Intercept Deployment Group. Defaults to global. + +LIST COMMAND FLAGS + --filter=EXPRESSION + Apply a Boolean filter EXPRESSION to each resource item to be listed. + If the expression evaluates True, then that item is listed. For more + details and examples of filter expressions, run $ gcloud topic filters. + This flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --limit=LIMIT + Maximum number of resources to list. The default is unlimited. This + flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --page-size=PAGE_SIZE + Some services group resource list output into pages. This flag + specifies the maximum number of resources per page. The default is + determined by the service if it supports paging, otherwise it is + unlimited (no paging). Paging may be applied before or after --filter + and --limit depending on the service. + + --sort-by=[FIELD,...] + Comma-separated list of resource field key names to sort by. The + default order is ascending. Prefix a field with ``~'' for descending + order on that field. This flag interacts with other flags that are + applied in this order: --flatten, --sort-by, --filter, --limit. + + --uri + Print a list of resource URIs instead of the default output, and change + the command output to a list of URIs. If this flag is used with + --format, the formatting is applied on this URI list. To display URIs + alongside other keys instead, use the uri() transform. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud alpha network-security intercept-deployment-groups list + diff --git a/gcloud/beta/network-security/intercept-deployment-groups/update b/gcloud/beta/network-security/intercept-deployment-groups/update new file mode 100644 index 000000000..a2817e9ab --- /dev/null +++ b/gcloud/beta/network-security/intercept-deployment-groups/update @@ -0,0 +1,125 @@ +NAME + gcloud beta network-security intercept-deployment-groups update - update an + Intercept Deployment Group + +SYNOPSIS + gcloud beta network-security intercept-deployment-groups update + (INTERCEPT_DEPLOYMENT_GROUP : --location=LOCATION) [--async] + [--max-wait=MAX_WAIT; default="20m"] [--update-labels=[KEY=VALUE,...]] + [--clear-labels | --remove-labels=[KEY,...]] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) Update an intercept deployment group. Check the progress of + deployment group update by using gcloud network-security + intercept-deployment-groups list. + + For examples refer to the EXAMPLES section below. + +EXAMPLES + To update labels k1 and k2, run: + + $ gcloud beta network-security intercept-deployment-groups update \ + my-deployment-group --project=my-project --location=global \ + --update-labels=k1=v1,k2=v2 + + To remove labels k3 and k4, run: + + $ gcloud beta network-security intercept-deployment-groups update \ + my-deployment-group --project=my-project --location=global \ + --remove-labels=k3,k4 + + To clear all labels from the intercept deployment group, run: + + $ gcloud beta network-security intercept-deployment-groups update \ + my-deployment-group --project=my-project --location=global \ + --clear-labels + +POSITIONAL ARGUMENTS + Intercept deployment group resource - Intercept Deployment Group. The + arguments in this group can be used to specify the attributes of this + resource. (NOTE) Some attributes are not given arguments in this group but + can be set in other ways. + + To set the project attribute: + ◆ provide the argument INTERCEPT_DEPLOYMENT_GROUP on the command line + with a fully specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + INTERCEPT_DEPLOYMENT_GROUP + ID of the intercept deployment group or fully qualified identifier + for the intercept deployment group. + + To set the deployment-group-id attribute: + ▸ provide the argument INTERCEPT_DEPLOYMENT_GROUP on the command + line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + Location of the intercept deployment group. + + To set the location attribute: + ▸ provide the argument INTERCEPT_DEPLOYMENT_GROUP on the command + line with a fully specified name; + ▸ provide the argument --location on the command line. + +FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. The default is True. Enabled by default, use --no-async to + disable. + + --max-wait=MAX_WAIT; default="20m" + Time to synchronously wait for the operation to complete, after which + the operation continues asynchronously. Ignored if --no-async isn't + specified. See $ gcloud topic datetimes for information on time + formats. + + --update-labels=[KEY=VALUE,...] + List of label KEY=VALUE pairs to update. If a label exists, its value + is modified. Otherwise, a new label is created. + + Keys must start with a lowercase character and contain only hyphens + (-), underscores (_), lowercase characters, and numbers. Values must + contain only hyphens (-), underscores (_), lowercase characters, and + numbers. + + At most one of these can be specified: + + --clear-labels + Remove all labels. If --update-labels is also specified then + --clear-labels is applied first. + + For example, to remove all labels: + + $ gcloud beta network-security intercept-deployment-groups update \ + --clear-labels + + To remove all existing labels and create two new labels, foo and baz: + + $ gcloud beta network-security intercept-deployment-groups update \ + --clear-labels --update-labels foo=bar,baz=qux + + --remove-labels=[KEY,...] + List of label keys to remove. If a label does not exist it is + silently ignored. If --update-labels is also specified then + --update-labels is applied first. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud alpha network-security intercept-deployment-groups update + diff --git a/gcloud/beta/network-security/intercept-deployments/create b/gcloud/beta/network-security/intercept-deployments/create new file mode 100644 index 000000000..9bbde4087 --- /dev/null +++ b/gcloud/beta/network-security/intercept-deployments/create @@ -0,0 +1,185 @@ +NAME + gcloud beta network-security intercept-deployments create - create an + Intercept Deployment + +SYNOPSIS + gcloud beta network-security intercept-deployments create + (INTERCEPT_DEPLOYMENT : --location=LOCATION) + (--forwarding-rule=FORWARDING_RULE + : --forwarding-rule-location=FORWARDING_RULE_LOCATION) + (--intercept-deployment-group=INTERCEPT_DEPLOYMENT_GROUP + : --intercept-deployment-group-location=INTERCEPT_DEPLOYMENT_GROUP_LOCATION) + [--async] [--labels=[KEY=VALUE,...]] + [--max-wait=MAX_WAIT; default="20m"] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) Create an intercept deployment. Successful creation of a deployment + results in a deployment in ACTIVE state. Check the progress of deployment + creation by using gcloud network-security intercept-deployments list. + + For more examples, refer to the EXAMPLES section below. + +EXAMPLES + To create an intercept deployment called my-deployment, in project ID + my-project and zone us-central1-a, run: $ gcloud beta network-security intercept-deployments create \ + my-deployment --project=my-project --location=us-central1-a \ + --deployment-group-location=global \ + --forwarding-rule=my-forwarding-rule \ + --forwarding-rule-location=us-central1 \ + --intercept-deployment-group=my-deployment-group + + OR + + $ gcloud beta network-security intercept-deployments create \ + my-deployment --project=my-project --location=us-central1-a \ + --forwarding-rule=projects/my-project/regions/us-central1/\ + forwardingRules/my-forwarding-rule \ + --intercept-deployment-group=projects/my-project/locations/\ + global/interceptDeploymentGroups/my-deployment-group + + OR + + $ gcloud beta network-security intercept-deployments create \ + projects/my-project/locations/us-central1/interceptDeployments/\ + my-deployment \ + --forwarding-rule=projects/my-project/regions/us-central1/\ + forwardingRules/my-forwarding-rule \ + --intercept-deployment-group=projects/my-project/locations/\ + global/interceptDeploymentGroups/my-deployment-group + +POSITIONAL ARGUMENTS + Intercept deployment resource - Intercept Deployment. The arguments in + this group can be used to specify the attributes of this resource. (NOTE) + Some attributes are not given arguments in this group but can be set in + other ways. + + To set the project attribute: + ◆ provide the argument INTERCEPT_DEPLOYMENT on the command line with a + fully specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + INTERCEPT_DEPLOYMENT + ID of the intercept deployment or fully qualified identifier for the + intercept deployment. + + To set the deployment-id attribute: + ▸ provide the argument INTERCEPT_DEPLOYMENT on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + Location of the intercept deployment. + + To set the location attribute: + ▸ provide the argument INTERCEPT_DEPLOYMENT on the command line + with a fully specified name; + ▸ provide the argument --location on the command line. + +REQUIRED FLAGS + ForwardingRule resource - Intercept Deployment Forwarding Rule. The + arguments in this group can be used to specify the attributes of this + resource. (NOTE) Some attributes are not given arguments in this group but + can be set in other ways. + + To set the project attribute: + ◆ provide the argument --forwarding-rule on the command line with a + fully specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + --forwarding-rule=FORWARDING_RULE + ID of the forwardingRule or fully qualified identifier for the + forwardingRule. + + To set the forwarding-rule-id attribute: + ▸ provide the argument --forwarding-rule on the command line. + + This flag argument must be specified if any of the other arguments in + this group are specified. + + --forwarding-rule-location=FORWARDING_RULE_LOCATION + The Cloud region for the forwardingRule. + + To set the forwarding-rule-location attribute: + ▸ provide the argument --forwarding-rule on the command line with a + fully specified name; + ▸ provide the argument --forwarding-rule-location on the command + line. + + Intercept deployment group resource - Intercept Deployment Group. The + arguments in this group can be used to specify the attributes of this + resource. (NOTE) Some attributes are not given arguments in this group but + can be set in other ways. + + To set the project attribute: + ◆ provide the argument --intercept-deployment-group on the command line + with a fully specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + --intercept-deployment-group=INTERCEPT_DEPLOYMENT_GROUP + ID of the intercept deployment group or fully qualified identifier + for the intercept deployment group. + + To set the id attribute: + ▸ provide the argument --intercept-deployment-group on the command + line. + + This flag argument must be specified if any of the other arguments in + this group are specified. + + --intercept-deployment-group-location=INTERCEPT_DEPLOYMENT_GROUP_LOCATION + Location of the intercept deployment group. + + To set the location attribute: + ▸ provide the argument --intercept-deployment-group on the command + line with a fully specified name; + ▸ provide the argument --intercept-deployment-group-location on the + command line; + ▸ provide the argument --location on the command line; + ▸ provide the argument + networksecurity.projects.locations.interceptDeployments on the + command line with a fully specified name. + +OPTIONAL FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. The default is True. Enabled by default, use --no-async to + disable. + + --labels=[KEY=VALUE,...] + List of label KEY=VALUE pairs to add. + + Keys must start with a lowercase character and contain only hyphens + (-), underscores (_), lowercase characters, and numbers. Values must + contain only hyphens (-), underscores (_), lowercase characters, and + numbers. + + --max-wait=MAX_WAIT; default="20m" + Time to synchronously wait for the operation to complete, after which + the operation continues asynchronously. Ignored if --no-async isn't + specified. See $ gcloud topic datetimes for information on time + formats. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud alpha network-security intercept-deployments create + diff --git a/gcloud/beta/network-security/intercept-deployments/delete b/gcloud/beta/network-security/intercept-deployments/delete new file mode 100644 index 000000000..8a33c6632 --- /dev/null +++ b/gcloud/beta/network-security/intercept-deployments/delete @@ -0,0 +1,80 @@ +NAME + gcloud beta network-security intercept-deployments delete - delete an + Intercept Deployment + +SYNOPSIS + gcloud beta network-security intercept-deployments delete + (INTERCEPT_DEPLOYMENT : --location=LOCATION) [--async] + [--max-wait=MAX_WAIT; default="20m"] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) Delete an intercept deployment. Check the progress of deployment + deletion by using gcloud network-security intercept-deployments list. + + For more examples, refer to the EXAMPLES section below. + +EXAMPLES + To delete an intercept deployment called my-deployment in location + us-central1, run: + + $ gcloud beta network-security intercept-deployments delete \ + my-deployment --location=us-central1-a --project=my-project + +POSITIONAL ARGUMENTS + Intercept deployment resource - Intercept Deployment. The arguments in + this group can be used to specify the attributes of this resource. (NOTE) + Some attributes are not given arguments in this group but can be set in + other ways. + + To set the project attribute: + ◆ provide the argument INTERCEPT_DEPLOYMENT on the command line with a + fully specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + INTERCEPT_DEPLOYMENT + ID of the intercept deployment or fully qualified identifier for the + intercept deployment. + + To set the deployment-id attribute: + ▸ provide the argument INTERCEPT_DEPLOYMENT on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + Location of the intercept deployment. + + To set the location attribute: + ▸ provide the argument INTERCEPT_DEPLOYMENT on the command line + with a fully specified name; + ▸ provide the argument --location on the command line. + +FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. The default is True. Enabled by default, use --no-async to + disable. + + --max-wait=MAX_WAIT; default="20m" + Time to synchronously wait for the operation to complete, after which + the operation continues asynchronously. Ignored if --no-async isn't + specified. See $ gcloud topic datetimes for information on time + formats. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud alpha network-security intercept-deployments delete + diff --git a/gcloud/beta/network-security/intercept-deployments/describe b/gcloud/beta/network-security/intercept-deployments/describe new file mode 100644 index 000000000..4ee9673ac --- /dev/null +++ b/gcloud/beta/network-security/intercept-deployments/describe @@ -0,0 +1,72 @@ +NAME + gcloud beta network-security intercept-deployments describe - describe an + Intercept Deployment + +SYNOPSIS + gcloud beta network-security intercept-deployments describe + (INTERCEPT_DEPLOYMENT : --location=LOCATION) [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) Describe an intercept deployment. + + For more examples, refer to the EXAMPLES section below. + +EXAMPLES + To get a description of an intercept deployment called my-deployment in + zone us-central1-a, run: + + $ gcloud beta network-security intercept-deployments describe \ + my-deployment --location=us-central1-a --project=my-project + + OR + + $ gcloud beta network-security intercept-deployments describe \ + projects/my-project/locations/us-central1-a/\ + interceptDeployments/my-deployment + +POSITIONAL ARGUMENTS + Intercept deployment resource - Intercept Deployment. The arguments in + this group can be used to specify the attributes of this resource. (NOTE) + Some attributes are not given arguments in this group but can be set in + other ways. + + To set the project attribute: + ◆ provide the argument INTERCEPT_DEPLOYMENT on the command line with a + fully specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + INTERCEPT_DEPLOYMENT + ID of the intercept deployment or fully qualified identifier for the + intercept deployment. + + To set the deployment-id attribute: + ▸ provide the argument INTERCEPT_DEPLOYMENT on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + Location of the intercept deployment. + + To set the location attribute: + ▸ provide the argument INTERCEPT_DEPLOYMENT on the command line + with a fully specified name; + ▸ provide the argument --location on the command line. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud alpha network-security intercept-deployments describe + diff --git a/gcloud/beta/network-security/intercept-deployments/help b/gcloud/beta/network-security/intercept-deployments/help new file mode 100644 index 000000000..80c25bdb3 --- /dev/null +++ b/gcloud/beta/network-security/intercept-deployments/help @@ -0,0 +1,41 @@ +NAME + gcloud beta network-security intercept-deployments - manage Intercept + Deployment resources + +SYNOPSIS + gcloud beta network-security intercept-deployments COMMAND + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) The gcloud intercept-deployments command group lets you manage zonal + deployments for your Intercept Deployment Group. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --help. + + Run $ gcloud help for details. + +COMMANDS + COMMAND is one of the following: + + create + (BETA) Create an Intercept Deployment. + + delete + (BETA) Delete an Intercept Deployment. + + describe + (BETA) Describe an Intercept Deployment. + + list + (BETA) List Intercept Deployments. + + update + (BETA) Update an Intercept Deployment. + +NOTES + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud alpha network-security intercept-deployments + diff --git a/gcloud/beta/network-security/intercept-deployments/list b/gcloud/beta/network-security/intercept-deployments/list new file mode 100644 index 000000000..ce67069e4 --- /dev/null +++ b/gcloud/beta/network-security/intercept-deployments/list @@ -0,0 +1,93 @@ +NAME + gcloud beta network-security intercept-deployments list - list Intercept + Deployments + +SYNOPSIS + gcloud beta network-security intercept-deployments list + [--location=LOCATION] [--filter=EXPRESSION] [--limit=LIMIT] + [--page-size=PAGE_SIZE] [--sort-by=[FIELD,...]] [--uri] + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) List intercept deployments. + + For more examples, refer to the EXAMPLES section below. + +EXAMPLES + To list intercept deployments in project my-project and zone us-central1-a, + run: + + $ gcloud beta network-security intercept-deployments list \ + --project=my-project --location=us-central1-a + + To list intercept deployments from all zones, run: + + $ gcloud beta network-security intercept-deployments list \ + --project=my-project --location=- + +FLAGS + Location resource - Zone of the deployment This represents a Cloud + resource. (NOTE) Some attributes are not given arguments in this group but + can be set in other ways. + + To set the project attribute: + ◆ provide the argument --location on the command line with a fully + specified name; + ◆ Location of the Intercept Deployment. Defaults to a wildcard with a + fully specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + --location=LOCATION + ID of the location or fully qualified identifier for the location. + + To set the location attribute: + ▸ provide the argument --location on the command line; + ▸ Location of the Intercept Deployment. Defaults to a wildcard. + +LIST COMMAND FLAGS + --filter=EXPRESSION + Apply a Boolean filter EXPRESSION to each resource item to be listed. + If the expression evaluates True, then that item is listed. For more + details and examples of filter expressions, run $ gcloud topic filters. + This flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --limit=LIMIT + Maximum number of resources to list. The default is unlimited. This + flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --page-size=PAGE_SIZE + Some services group resource list output into pages. This flag + specifies the maximum number of resources per page. The default is + determined by the service if it supports paging, otherwise it is + unlimited (no paging). Paging may be applied before or after --filter + and --limit depending on the service. + + --sort-by=[FIELD,...] + Comma-separated list of resource field key names to sort by. The + default order is ascending. Prefix a field with ``~'' for descending + order on that field. This flag interacts with other flags that are + applied in this order: --flatten, --sort-by, --filter, --limit. + + --uri + Print a list of resource URIs instead of the default output, and change + the command output to a list of URIs. If this flag is used with + --format, the formatting is applied on this URI list. To display URIs + alongside other keys instead, use the uri() transform. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud alpha network-security intercept-deployments list + diff --git a/gcloud/beta/network-security/intercept-deployments/update b/gcloud/beta/network-security/intercept-deployments/update new file mode 100644 index 000000000..5cfac0a43 --- /dev/null +++ b/gcloud/beta/network-security/intercept-deployments/update @@ -0,0 +1,123 @@ +NAME + gcloud beta network-security intercept-deployments update - update an + Intercept Deployment + +SYNOPSIS + gcloud beta network-security intercept-deployments update + (INTERCEPT_DEPLOYMENT : --location=LOCATION) [--async] + [--max-wait=MAX_WAIT; default="20m"] [--update-labels=[KEY=VALUE,...]] + [--clear-labels | --remove-labels=[KEY,...]] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) Update an intercept deployment. Check the progress of deployment + update by using gcloud network-security intercept-deployments list. + + For examples refer to the EXAMPLES section below. + +EXAMPLES + To update labels k1 and k2, run: + + $ gcloud beta network-security intercept-deployments update \ + my-deployment --project=my-project --location=us-central1-a \ + --update-labels=k1=v1,k2=v2 + + To remove labels k3 and k4, run: + + $ gcloud beta network-security intercept-deployments update \ + my-deployment --project=my-project --location=us-central1-a \ + --remove-labels=k3,k4 + + To clear all labels from the intercept deployment, run: + + $ gcloud beta network-security intercept-deployments update \ + my-deploymen --project=my-project --location=us-central1-a \ + --clear-labels + +POSITIONAL ARGUMENTS + Intercept deployment resource - Intercept Deployment. The arguments in + this group can be used to specify the attributes of this resource. (NOTE) + Some attributes are not given arguments in this group but can be set in + other ways. + + To set the project attribute: + ◆ provide the argument INTERCEPT_DEPLOYMENT on the command line with a + fully specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + INTERCEPT_DEPLOYMENT + ID of the intercept deployment or fully qualified identifier for the + intercept deployment. + + To set the deployment-id attribute: + ▸ provide the argument INTERCEPT_DEPLOYMENT on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + Location of the intercept deployment. + + To set the location attribute: + ▸ provide the argument INTERCEPT_DEPLOYMENT on the command line + with a fully specified name; + ▸ provide the argument --location on the command line. + +FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. The default is True. Enabled by default, use --no-async to + disable. + + --max-wait=MAX_WAIT; default="20m" + Time to synchronously wait for the operation to complete, after which + the operation continues asynchronously. Ignored if --no-async isn't + specified. See $ gcloud topic datetimes for information on time + formats. + + --update-labels=[KEY=VALUE,...] + List of label KEY=VALUE pairs to update. If a label exists, its value + is modified. Otherwise, a new label is created. + + Keys must start with a lowercase character and contain only hyphens + (-), underscores (_), lowercase characters, and numbers. Values must + contain only hyphens (-), underscores (_), lowercase characters, and + numbers. + + At most one of these can be specified: + + --clear-labels + Remove all labels. If --update-labels is also specified then + --clear-labels is applied first. + + For example, to remove all labels: + + $ gcloud beta network-security intercept-deployments update \ + --clear-labels + + To remove all existing labels and create two new labels, foo and baz: + + $ gcloud beta network-security intercept-deployments update \ + --clear-labels --update-labels foo=bar,baz=qux + + --remove-labels=[KEY,...] + List of label keys to remove. If a label does not exist it is + silently ignored. If --update-labels is also specified then + --update-labels is applied first. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud alpha network-security intercept-deployments update + diff --git a/gcloud/beta/network-security/intercept-endpoint-group-associations/create b/gcloud/beta/network-security/intercept-endpoint-group-associations/create new file mode 100644 index 000000000..66ce6ef65 --- /dev/null +++ b/gcloud/beta/network-security/intercept-endpoint-group-associations/create @@ -0,0 +1,170 @@ +NAME + gcloud beta network-security intercept-endpoint-group-associations create - + create an Intercept Endpoint Group Association + +SYNOPSIS + gcloud beta network-security intercept-endpoint-group-associations create + (INTERCEPT_ENDPOINT_GROUP_ASSOCIATION : --location=LOCATION) + --network=NETWORK + (--intercept-endpoint-group=INTERCEPT_ENDPOINT_GROUP + : --intercept-endpoint-group-location=INTERCEPT_ENDPOINT_GROUP_LOCATION) + [--async] [--labels=[KEY=VALUE,...]] + [--max-wait=MAX_WAIT; default="20m"] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) Create an intercept endpoint group association. Successful creation + of an association results in an association in ACTIVE state. Check the + progress of association creation by using gcloud network-security + intercept-endpoint-group-associations list. + + For more examples, refer to the EXAMPLES section below. + +EXAMPLES + To create an intercept endpoint group association called my-association, in + project ID my-project, run: + + $ gcloud beta network-security \ intercept-endpoint-group-associations create my-association \ + --project=my-project --location=global \ + --intercept-endpoint-group=my-endpoint-group \ + --network=my-network + + OR + + $ gcloud beta network-security \ intercept-endpoint-group-associations create my-association \ + --project=my-project --location=global \ + --intercept-endpoint-group=my-endpoint-group \ + --network=projects/my-project/global/networks/my-network + + OR + + $ gcloud beta network-security \ intercept-endpoint-group-associations create \ + projects/my-project/locations/global/\ + interceptEndpointGroupAssociations/my-association \ + --intercept-endpoint-group=projects/my-project/locations/\ + global/interceptEndpointGroups/my-endpoint-group \ + --network=projects/my-project/global/networks/my-network + +POSITIONAL ARGUMENTS + Intercept endpoint group association resource - Intercept Endpoint Group + Association. The arguments in this group can be used to specify the + attributes of this resource. (NOTE) Some attributes are not given + arguments in this group but can be set in other ways. + + To set the project attribute: + ◆ provide the argument INTERCEPT_ENDPOINT_GROUP_ASSOCIATION on the + command line with a fully specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + INTERCEPT_ENDPOINT_GROUP_ASSOCIATION + ID of the intercept endpoint group association or fully qualified + identifier for the intercept endpoint group association. + + To set the endpoint-group-association-id attribute: + ▸ provide the argument INTERCEPT_ENDPOINT_GROUP_ASSOCIATION on the + command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + Location of the intercept endpoint group association. + + To set the location attribute: + ▸ provide the argument INTERCEPT_ENDPOINT_GROUP_ASSOCIATION on the + command line with a fully specified name; + ▸ provide the argument --location on the command line. + +REQUIRED FLAGS + Network resource - Intercept Endpoint Group Association. This represents a + Cloud resource. (NOTE) Some attributes are not given arguments in this + group but can be set in other ways. + + To set the project attribute: + ◆ provide the argument --network on the command line with a fully + specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + --network=NETWORK + ID of the network or fully qualified identifier for the network. + + To set the network-name attribute: + ▸ provide the argument --network on the command line. + + Intercept endpoint group resource - Intercept Endpoint Group. The + arguments in this group can be used to specify the attributes of this + resource. (NOTE) Some attributes are not given arguments in this group but + can be set in other ways. + + To set the project attribute: + ◆ provide the argument --intercept-endpoint-group on the command line + with a fully specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + --intercept-endpoint-group=INTERCEPT_ENDPOINT_GROUP + ID of the intercept endpoint group or fully qualified identifier for + the intercept endpoint group. + + To set the id attribute: + ▸ provide the argument --intercept-endpoint-group on the command + line. + + This flag argument must be specified if any of the other arguments in + this group are specified. + + --intercept-endpoint-group-location=INTERCEPT_ENDPOINT_GROUP_LOCATION + Location of the intercept endpoint group. + + To set the location attribute: + ▸ provide the argument --intercept-endpoint-group on the command + line with a fully specified name; + ▸ provide the argument --intercept-endpoint-group-location on the + command line; + ▸ provide the argument --location on the command line; + ▸ provide the argument + networksecurity.projects.locations.interceptEndpointGroupAssociations + on the command line with a fully specified name. + +OPTIONAL FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. The default is True. Enabled by default, use --no-async to + disable. + + --labels=[KEY=VALUE,...] + List of label KEY=VALUE pairs to add. + + Keys must start with a lowercase character and contain only hyphens + (-), underscores (_), lowercase characters, and numbers. Values must + contain only hyphens (-), underscores (_), lowercase characters, and + numbers. + + --max-wait=MAX_WAIT; default="20m" + Time to synchronously wait for the operation to complete, after which + the operation continues asynchronously. Ignored if --no-async isn't + specified. See $ gcloud topic datetimes for information on time + formats. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud alpha network-security \ + intercept-endpoint-group-associations create + diff --git a/gcloud/beta/network-security/intercept-endpoint-group-associations/delete b/gcloud/beta/network-security/intercept-endpoint-group-associations/delete new file mode 100644 index 000000000..bdd7f3e6f --- /dev/null +++ b/gcloud/beta/network-security/intercept-endpoint-group-associations/delete @@ -0,0 +1,89 @@ +NAME + gcloud beta network-security intercept-endpoint-group-associations delete - + delete an Intercept Endpoint Group Association + +SYNOPSIS + gcloud beta network-security intercept-endpoint-group-associations delete + (INTERCEPT_ENDPOINT_GROUP_ASSOCIATION : --location=LOCATION) [--async] + [--max-wait=MAX_WAIT; default="20m"] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) Delete an intercept endpoint group association. Check the progress + of deletion by using gcloud network-security + intercept-endpoint-group-associations list. + + For more examples, refer to the EXAMPLES section below. + +EXAMPLES + To delete an intercept endpoint group association called my-association, in + project ID my-project, run: + + $ gcloud beta network-security \ intercept-endpoint-group-associations delete my-association \ + --project=my-project --location=global + + OR + + $ gcloud beta network-security \ intercept-endpoint-group-associations delete \ + projects/my-project/locations/global/\ + interceptEndpointGroupAssociations/my-association + +POSITIONAL ARGUMENTS + Intercept endpoint group association resource - Intercept Endpoint Group + Association. The arguments in this group can be used to specify the + attributes of this resource. (NOTE) Some attributes are not given + arguments in this group but can be set in other ways. + + To set the project attribute: + ◆ provide the argument INTERCEPT_ENDPOINT_GROUP_ASSOCIATION on the + command line with a fully specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + INTERCEPT_ENDPOINT_GROUP_ASSOCIATION + ID of the intercept endpoint group association or fully qualified + identifier for the intercept endpoint group association. + + To set the endpoint-group-association-id attribute: + ▸ provide the argument INTERCEPT_ENDPOINT_GROUP_ASSOCIATION on the + command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + Location of the intercept endpoint group association. + + To set the location attribute: + ▸ provide the argument INTERCEPT_ENDPOINT_GROUP_ASSOCIATION on the + command line with a fully specified name; + ▸ provide the argument --location on the command line. + +FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. The default is True. Enabled by default, use --no-async to + disable. + + --max-wait=MAX_WAIT; default="20m" + Time to synchronously wait for the operation to complete, after which + the operation continues asynchronously. Ignored if --no-async isn't + specified. See $ gcloud topic datetimes for information on time + formats. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud alpha network-security \ + intercept-endpoint-group-associations delete + diff --git a/gcloud/beta/network-security/intercept-endpoint-group-associations/describe b/gcloud/beta/network-security/intercept-endpoint-group-associations/describe new file mode 100644 index 000000000..5a17d8a5a --- /dev/null +++ b/gcloud/beta/network-security/intercept-endpoint-group-associations/describe @@ -0,0 +1,75 @@ +NAME + gcloud beta network-security intercept-endpoint-group-associations describe + - describe an Intercept Endpoint Group Association + +SYNOPSIS + gcloud beta network-security intercept-endpoint-group-associations describe + (INTERCEPT_ENDPOINT_GROUP_ASSOCIATION : --location=LOCATION) + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) Describe an intercept endpoint group association. + + For more examples, refer to the EXAMPLES section below. + +EXAMPLES + To get a description of an intercept endpoint group association called + my-association in project my-project and location global, run: + + $ gcloud beta network-security \ intercept-endpoint-group-associations describe my-association \ + --project=my-project --location=global + + OR + + $ gcloud beta network-security \ intercept-endpoint-group-associations describe \ + projects/my-project/locations/global/\ + interceptEndpointGroupAssociations/my-association + +POSITIONAL ARGUMENTS + Intercept endpoint group association resource - Intercept Endpoint Group + Association. The arguments in this group can be used to specify the + attributes of this resource. (NOTE) Some attributes are not given + arguments in this group but can be set in other ways. + + To set the project attribute: + ◆ provide the argument INTERCEPT_ENDPOINT_GROUP_ASSOCIATION on the + command line with a fully specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + INTERCEPT_ENDPOINT_GROUP_ASSOCIATION + ID of the intercept endpoint group association or fully qualified + identifier for the intercept endpoint group association. + + To set the endpoint-group-association-id attribute: + ▸ provide the argument INTERCEPT_ENDPOINT_GROUP_ASSOCIATION on the + command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + Location of the intercept endpoint group association. + + To set the location attribute: + ▸ provide the argument INTERCEPT_ENDPOINT_GROUP_ASSOCIATION on the + command line with a fully specified name; + ▸ provide the argument --location on the command line. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud alpha network-security \ + intercept-endpoint-group-associations describe + diff --git a/gcloud/beta/network-security/intercept-endpoint-group-associations/help b/gcloud/beta/network-security/intercept-endpoint-group-associations/help new file mode 100644 index 000000000..1078cf525 --- /dev/null +++ b/gcloud/beta/network-security/intercept-endpoint-group-associations/help @@ -0,0 +1,41 @@ +NAME + gcloud beta network-security intercept-endpoint-group-associations - manage + Intercept Endpoint Group Association resources + +SYNOPSIS + gcloud beta network-security intercept-endpoint-group-associations COMMAND + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) The gcloud intercept-endpoint-group-associations command group lets + you associate and deassociate networks to your Intercept Endpoint Group. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --help. + + Run $ gcloud help for details. + +COMMANDS + COMMAND is one of the following: + + create + (BETA) Create an Intercept Endpoint Group Association. + + delete + (BETA) Delete an Intercept Endpoint Group Association. + + describe + (BETA) Describe an Intercept Endpoint Group Association. + + list + (BETA) List Intercept Endpoint Group Associations. + + update + (BETA) Update an Intercept Endpoint Group Association. + +NOTES + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud alpha network-security intercept-endpoint-group-associations + diff --git a/gcloud/beta/network-security/intercept-endpoint-group-associations/list b/gcloud/beta/network-security/intercept-endpoint-group-associations/list new file mode 100644 index 000000000..e7b9bdebc --- /dev/null +++ b/gcloud/beta/network-security/intercept-endpoint-group-associations/list @@ -0,0 +1,99 @@ +NAME + gcloud beta network-security intercept-endpoint-group-associations list - + list Intercept Endpoint Group Associations + +SYNOPSIS + gcloud beta network-security intercept-endpoint-group-associations list + [--location=LOCATION] [--filter=EXPRESSION] [--limit=LIMIT] + [--page-size=PAGE_SIZE] [--sort-by=[FIELD,...]] [--uri] + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) List intercept endpoint group associations. + + For more examples, refer to the EXAMPLES section below. + +EXAMPLES + To list intercept endpoint group associations in project my-project and + location global, run: + + $ gcloud beta network-security \ intercept-endpoint-group-associations list \ + --project=my-project --location=global + + OR + + $ gcloud beta network-security \ intercept-endpoint-group-associations list --location=global + + OR + + $ gcloud beta network-security \ intercept-endpoint-group-associations list \ + --location=projects/my-project/locations/global + +FLAGS + Location resource - The location for a list operation This represents a + Cloud resource. (NOTE) Some attributes are not given arguments in this + group but can be set in other ways. + + To set the project attribute: + ◆ provide the argument --location on the command line with a fully + specified name; + ◆ Location of the Intercept Endpoint Group Association. Defaults to + global with a fully specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + --location=LOCATION + ID of the location or fully qualified identifier for the location. + + To set the location attribute: + ▸ provide the argument --location on the command line; + ▸ Location of the Intercept Endpoint Group Association. Defaults to + global. + +LIST COMMAND FLAGS + --filter=EXPRESSION + Apply a Boolean filter EXPRESSION to each resource item to be listed. + If the expression evaluates True, then that item is listed. For more + details and examples of filter expressions, run $ gcloud topic filters. + This flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --limit=LIMIT + Maximum number of resources to list. The default is unlimited. This + flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --page-size=PAGE_SIZE + Some services group resource list output into pages. This flag + specifies the maximum number of resources per page. The default is + determined by the service if it supports paging, otherwise it is + unlimited (no paging). Paging may be applied before or after --filter + and --limit depending on the service. + + --sort-by=[FIELD,...] + Comma-separated list of resource field key names to sort by. The + default order is ascending. Prefix a field with ``~'' for descending + order on that field. This flag interacts with other flags that are + applied in this order: --flatten, --sort-by, --filter, --limit. + + --uri + Print a list of resource URIs instead of the default output, and change + the command output to a list of URIs. If this flag is used with + --format, the formatting is applied on this URI list. To display URIs + alongside other keys instead, use the uri() transform. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud alpha network-security \ + intercept-endpoint-group-associations list + diff --git a/gcloud/beta/network-security/intercept-endpoint-group-associations/update b/gcloud/beta/network-security/intercept-endpoint-group-associations/update new file mode 100644 index 000000000..8e84497d8 --- /dev/null +++ b/gcloud/beta/network-security/intercept-endpoint-group-associations/update @@ -0,0 +1,125 @@ +NAME + gcloud beta network-security intercept-endpoint-group-associations update - + update an Intercept Endpoint Group Association + +SYNOPSIS + gcloud beta network-security intercept-endpoint-group-associations update + (INTERCEPT_ENDPOINT_GROUP_ASSOCIATION : --location=LOCATION) [--async] + [--max-wait=MAX_WAIT; default="20m"] [--update-labels=[KEY=VALUE,...]] + [--clear-labels | --remove-labels=[KEY,...]] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) Update an intercept endpoint group association. Check the progress + of association update by using gcloud network-security + intercept-endpoint-group-associations list. + + For examples refer to the EXAMPLES section below. + +EXAMPLES + To update labels k1 and k2, run: + + $ gcloud beta network-security \ intercept-endpoint-group-associations update my-association \ + --project=my-project --location=global \ + --update-labels=k1=v1,k2=v2 + + To remove labels k3 and k4, run: + + $ gcloud beta network-security \ intercept-endpoint-group-associations update my-association \ + --project=my-project --location=global --remove-labels=k3,k4 + + To clear all labels from the intercept endpoint group association, run: + + $ gcloud beta network-security \ intercept-endpoint-group-associations update my-association \ + --project=my-project --location=global --clear-labels + +POSITIONAL ARGUMENTS + Intercept endpoint group association resource - Intercept Endpoint Group + Association. The arguments in this group can be used to specify the + attributes of this resource. (NOTE) Some attributes are not given + arguments in this group but can be set in other ways. + + To set the project attribute: + ◆ provide the argument INTERCEPT_ENDPOINT_GROUP_ASSOCIATION on the + command line with a fully specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + INTERCEPT_ENDPOINT_GROUP_ASSOCIATION + ID of the intercept endpoint group association or fully qualified + identifier for the intercept endpoint group association. + + To set the endpoint-group-association-id attribute: + ▸ provide the argument INTERCEPT_ENDPOINT_GROUP_ASSOCIATION on the + command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + Location of the intercept endpoint group association. + + To set the location attribute: + ▸ provide the argument INTERCEPT_ENDPOINT_GROUP_ASSOCIATION on the + command line with a fully specified name; + ▸ provide the argument --location on the command line. + +FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. The default is True. Enabled by default, use --no-async to + disable. + + --max-wait=MAX_WAIT; default="20m" + Time to synchronously wait for the operation to complete, after which + the operation continues asynchronously. Ignored if --no-async isn't + specified. See $ gcloud topic datetimes for information on time + formats. + + --update-labels=[KEY=VALUE,...] + List of label KEY=VALUE pairs to update. If a label exists, its value + is modified. Otherwise, a new label is created. + + Keys must start with a lowercase character and contain only hyphens + (-), underscores (_), lowercase characters, and numbers. Values must + contain only hyphens (-), underscores (_), lowercase characters, and + numbers. + + At most one of these can be specified: + + --clear-labels + Remove all labels. If --update-labels is also specified then + --clear-labels is applied first. + + For example, to remove all labels: + + $ gcloud beta network-security \ + intercept-endpoint-group-associations update --clear-labels + + To remove all existing labels and create two new labels, foo and baz: + + $ gcloud beta network-security \ + intercept-endpoint-group-associations update --clear-labels \ + --update-labels foo=bar,baz=qux + + --remove-labels=[KEY,...] + List of label keys to remove. If a label does not exist it is + silently ignored. If --update-labels is also specified then + --update-labels is applied first. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud alpha network-security \ + intercept-endpoint-group-associations update + diff --git a/gcloud/beta/network-security/intercept-endpoint-groups/create b/gcloud/beta/network-security/intercept-endpoint-groups/create new file mode 100644 index 000000000..9e40818ad --- /dev/null +++ b/gcloud/beta/network-security/intercept-endpoint-groups/create @@ -0,0 +1,145 @@ +NAME + gcloud beta network-security intercept-endpoint-groups create - create a + Intercept Endpoint Group + +SYNOPSIS + gcloud beta network-security intercept-endpoint-groups create + (INTERCEPT_ENDPOINT_GROUP : --location=LOCATION) + (--intercept-deployment-group=INTERCEPT_DEPLOYMENT_GROUP + : --intercept-deployment-group-location=INTERCEPT_DEPLOYMENT_GROUP_LOCATION) + [--async] [--labels=[KEY=VALUE,...]] + [--max-wait=MAX_WAIT; default="20m"] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) Create a intercept endpoint group. Successful creation of an + endpoint group results in an endpoint group in ACTIVE state. Check the + progress of endpoint group creation by using gcloud network-security + intercept-endpoint-groups list. + + For more examples, refer to the EXAMPLES section below. + +EXAMPLES + To create a intercept endpoint group called my-endpoint-group, in project + ID my-project, run: $ gcloud beta network-security intercept-endpoint-groups create \ + my-endpoint-group --project=my-project --location=global \ + --intercept-deployment-group=my-deployment-group + + OR + + $ gcloud beta network-security intercept-endpoint-groups create \ + my-endpoint-group --project=my-project --location=global \ + --intercept-deployment-group=projects/my-project/locations/\ + global/interceptDeploymentGroups/my-deployment-group + + OR + + $ gcloud beta network-security intercept-endpoint-groups create \ + projects/my-project/locations/global/interceptEndpointGroups/\ + my-endpoint-group \ + --intercept-deployment-group=projects/my-project/locations/\ + global/interceptDeploymentGroups/my-deployment-group + +POSITIONAL ARGUMENTS + Intercept endpoint group resource - Intercept Endpoint Group. The + arguments in this group can be used to specify the attributes of this + resource. (NOTE) Some attributes are not given arguments in this group but + can be set in other ways. + + To set the project attribute: + ◆ provide the argument INTERCEPT_ENDPOINT_GROUP on the command line + with a fully specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + INTERCEPT_ENDPOINT_GROUP + ID of the intercept endpoint group or fully qualified identifier for + the intercept endpoint group. + + To set the endpoint-group-id attribute: + ▸ provide the argument INTERCEPT_ENDPOINT_GROUP on the command + line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + Location of the intercept endpoint group. + + To set the location attribute: + ▸ provide the argument INTERCEPT_ENDPOINT_GROUP on the command line + with a fully specified name; + ▸ provide the argument --location on the command line. + +REQUIRED FLAGS + Intercept deployment group resource - Intercept Deployment Group. The + arguments in this group can be used to specify the attributes of this + resource. (NOTE) Some attributes are not given arguments in this group but + can be set in other ways. + + To set the project attribute: + ◆ provide the argument --intercept-deployment-group on the command line + with a fully specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + --intercept-deployment-group=INTERCEPT_DEPLOYMENT_GROUP + ID of the intercept deployment group or fully qualified identifier + for the intercept deployment group. + + To set the id attribute: + ▸ provide the argument --intercept-deployment-group on the command + line. + + This flag argument must be specified if any of the other arguments in + this group are specified. + + --intercept-deployment-group-location=INTERCEPT_DEPLOYMENT_GROUP_LOCATION + Location of the intercept deployment group. + + To set the location attribute: + ▸ provide the argument --intercept-deployment-group on the command + line with a fully specified name; + ▸ provide the argument --intercept-deployment-group-location on the + command line; + ▸ provide the argument --location on the command line; + ▸ provide the argument INTERCEPT_ENDPOINT_GROUP on the command line + with a fully specified name. + +OPTIONAL FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. The default is True. Enabled by default, use --no-async to + disable. + + --labels=[KEY=VALUE,...] + List of label KEY=VALUE pairs to add. + + Keys must start with a lowercase character and contain only hyphens + (-), underscores (_), lowercase characters, and numbers. Values must + contain only hyphens (-), underscores (_), lowercase characters, and + numbers. + + --max-wait=MAX_WAIT; default="20m" + Time to synchronously wait for the operation to complete, after which + the operation continues asynchronously. Ignored if --no-async isn't + specified. See $ gcloud topic datetimes for information on time + formats. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud alpha network-security intercept-endpoint-groups create + diff --git a/gcloud/beta/network-security/intercept-endpoint-groups/delete b/gcloud/beta/network-security/intercept-endpoint-groups/delete new file mode 100644 index 000000000..de763b72b --- /dev/null +++ b/gcloud/beta/network-security/intercept-endpoint-groups/delete @@ -0,0 +1,86 @@ +NAME + gcloud beta network-security intercept-endpoint-groups delete - delete a + Intercept Endpoint Group + +SYNOPSIS + gcloud beta network-security intercept-endpoint-groups delete + (INTERCEPT_ENDPOINT_GROUP : --location=LOCATION) [--async] + [--max-wait=MAX_WAIT; default="20m"] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) Delete a intercept endpoint group. Check the progress of endpoint + group deletion by using gcloud network-security intercept-endpoint-groups + list. + + For more examples, refer to the EXAMPLES section below. + +EXAMPLES + To delete a intercept endpoint group called my-endpoint-group, in project + ID my-project, run: $ gcloud beta network-security intercept-endpoint-groups delete \ + my-endpoint-group --project=my-project --location=global + + OR + + $ gcloud beta network-security intercept-endpoint-groups delete \ + projects/my-project/locations/global/interceptEndpointGroups/\ + my-endpoint-group + +POSITIONAL ARGUMENTS + Intercept endpoint group resource - Intercept Endpoint Group. The + arguments in this group can be used to specify the attributes of this + resource. (NOTE) Some attributes are not given arguments in this group but + can be set in other ways. + + To set the project attribute: + ◆ provide the argument INTERCEPT_ENDPOINT_GROUP on the command line + with a fully specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + INTERCEPT_ENDPOINT_GROUP + ID of the intercept endpoint group or fully qualified identifier for + the intercept endpoint group. + + To set the endpoint-group-id attribute: + ▸ provide the argument INTERCEPT_ENDPOINT_GROUP on the command + line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + Location of the intercept endpoint group. + + To set the location attribute: + ▸ provide the argument INTERCEPT_ENDPOINT_GROUP on the command line + with a fully specified name; + ▸ provide the argument --location on the command line. + +FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. The default is True. Enabled by default, use --no-async to + disable. + + --max-wait=MAX_WAIT; default="20m" + Time to synchronously wait for the operation to complete, after which + the operation continues asynchronously. Ignored if --no-async isn't + specified. See $ gcloud topic datetimes for information on time + formats. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud alpha network-security intercept-endpoint-groups delete + diff --git a/gcloud/beta/network-security/intercept-endpoint-groups/describe b/gcloud/beta/network-security/intercept-endpoint-groups/describe new file mode 100644 index 000000000..81b38b31b --- /dev/null +++ b/gcloud/beta/network-security/intercept-endpoint-groups/describe @@ -0,0 +1,71 @@ +NAME + gcloud beta network-security intercept-endpoint-groups describe - describe + a Intercept Endpoint Group + +SYNOPSIS + gcloud beta network-security intercept-endpoint-groups describe + (INTERCEPT_ENDPOINT_GROUP : --location=LOCATION) [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) Describe a intercept endpoint group. + + For more examples, refer to the EXAMPLES section below. + +EXAMPLES + To get a description of a intercept endpoint group called my-endpoint-group + in project ID my-project, run: $ gcloud beta network-security intercept-endpoint-groups describe \ + my-endpoint-group --project=my-project --location=global + + OR + + $ gcloud beta network-security intercept-endpoint-groups describe \ + projects/my-project/locations/global/interceptEndpointGroups/\ + my-endpoint-group + +POSITIONAL ARGUMENTS + Intercept endpoint group resource - Intercept Endpoint Group. The + arguments in this group can be used to specify the attributes of this + resource. (NOTE) Some attributes are not given arguments in this group but + can be set in other ways. + + To set the project attribute: + ◆ provide the argument INTERCEPT_ENDPOINT_GROUP on the command line + with a fully specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + INTERCEPT_ENDPOINT_GROUP + ID of the intercept endpoint group or fully qualified identifier for + the intercept endpoint group. + + To set the endpoint-group-id attribute: + ▸ provide the argument INTERCEPT_ENDPOINT_GROUP on the command + line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + Location of the intercept endpoint group. + + To set the location attribute: + ▸ provide the argument INTERCEPT_ENDPOINT_GROUP on the command line + with a fully specified name; + ▸ provide the argument --location on the command line. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud alpha network-security intercept-endpoint-groups describe + diff --git a/gcloud/beta/network-security/intercept-endpoint-groups/help b/gcloud/beta/network-security/intercept-endpoint-groups/help new file mode 100644 index 000000000..b78f213ba --- /dev/null +++ b/gcloud/beta/network-security/intercept-endpoint-groups/help @@ -0,0 +1,41 @@ +NAME + gcloud beta network-security intercept-endpoint-groups - manage Intercept + Endpoint Group resources + +SYNOPSIS + gcloud beta network-security intercept-endpoint-groups COMMAND + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) The gcloud intercept-endpoint-groups command group lets you create, + delete and manage endpoint groups. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --help. + + Run $ gcloud help for details. + +COMMANDS + COMMAND is one of the following: + + create + (BETA) Create a Intercept Endpoint Group. + + delete + (BETA) Delete a Intercept Endpoint Group. + + describe + (BETA) Describe a Intercept Endpoint Group. + + list + (BETA) List Intercept Endpoint Groups. + + update + (BETA) Update a Intercept Endpoint Group. + +NOTES + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud alpha network-security intercept-endpoint-groups + diff --git a/gcloud/beta/network-security/intercept-endpoint-groups/list b/gcloud/beta/network-security/intercept-endpoint-groups/list new file mode 100644 index 000000000..ba055deb3 --- /dev/null +++ b/gcloud/beta/network-security/intercept-endpoint-groups/list @@ -0,0 +1,100 @@ +NAME + gcloud beta network-security intercept-endpoint-groups list - list + Intercept Endpoint Groups + +SYNOPSIS + gcloud beta network-security intercept-endpoint-groups list + [--location=LOCATION] [--filter=EXPRESSION] [--limit=LIMIT] + [--page-size=PAGE_SIZE] [--sort-by=[FIELD,...]] [--uri] + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) List intercept endpoint groups. + + For more examples, refer to the EXAMPLES section below. + +EXAMPLES + To list intercept endpoint groups in project ID my-project, run: $ gcloud beta network-security intercept-endpoint-groups list \ + --project=my-project --location=global + + OR + + $ gcloud beta network-security intercept-endpoint-groups list \ + --location=global + + OR + + $ gcloud beta network-security intercept-endpoint-groups list \ + --location=projects/my-project/locations/global + + OR + + $ gcloud beta network-security intercept-endpoint-groups list \ + projects/my-project/locations/global/interceptEndpointGroups + +FLAGS + Location resource - The location for a list operation This represents a + Cloud resource. (NOTE) Some attributes are not given arguments in this + group but can be set in other ways. + + To set the project attribute: + ◆ provide the argument --location on the command line with a fully + specified name; + ◆ Location of the Intercept Endpoint Group. Defaults to global with a + fully specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + --location=LOCATION + ID of the location or fully qualified identifier for the location. + + To set the location attribute: + ▸ provide the argument --location on the command line; + ▸ Location of the Intercept Endpoint Group. Defaults to global. + +LIST COMMAND FLAGS + --filter=EXPRESSION + Apply a Boolean filter EXPRESSION to each resource item to be listed. + If the expression evaluates True, then that item is listed. For more + details and examples of filter expressions, run $ gcloud topic filters. + This flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --limit=LIMIT + Maximum number of resources to list. The default is unlimited. This + flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --page-size=PAGE_SIZE + Some services group resource list output into pages. This flag + specifies the maximum number of resources per page. The default is + determined by the service if it supports paging, otherwise it is + unlimited (no paging). Paging may be applied before or after --filter + and --limit depending on the service. + + --sort-by=[FIELD,...] + Comma-separated list of resource field key names to sort by. The + default order is ascending. Prefix a field with ``~'' for descending + order on that field. This flag interacts with other flags that are + applied in this order: --flatten, --sort-by, --filter, --limit. + + --uri + Print a list of resource URIs instead of the default output, and change + the command output to a list of URIs. If this flag is used with + --format, the formatting is applied on this URI list. To display URIs + alongside other keys instead, use the uri() transform. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud alpha network-security intercept-endpoint-groups list + diff --git a/gcloud/beta/network-security/intercept-endpoint-groups/update b/gcloud/beta/network-security/intercept-endpoint-groups/update new file mode 100644 index 000000000..043124cc9 --- /dev/null +++ b/gcloud/beta/network-security/intercept-endpoint-groups/update @@ -0,0 +1,125 @@ +NAME + gcloud beta network-security intercept-endpoint-groups update - update a + Intercept Endpoint Group + +SYNOPSIS + gcloud beta network-security intercept-endpoint-groups update + (INTERCEPT_ENDPOINT_GROUP : --location=LOCATION) [--async] + [--max-wait=MAX_WAIT; default="20m"] [--update-labels=[KEY=VALUE,...]] + [--clear-labels | --remove-labels=[KEY,...]] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + (BETA) Update a intercept endpoint groups. Check the progress of endpoint + group update by using gcloud network-security intercept-endpoint-groups + list. + + For examples refer to the EXAMPLES section below. + +EXAMPLES + To update labels k1 and k2, run: + + $ gcloud beta network-security intercept-endpoint-groups update \ + my-endpoint-group --project=my-project \ + --location=us-central1-a --update-labels=k1=v1,k2=v2 + + To remove labels k3 and k4, run: + + $ gcloud beta network-security intercept-endpoint-groups update \ + my-endpoint-group --project=my-project \ + --location=us-central1-a --remove-labels=k3,k4 + + To clear all labels from the intercept endpoint group, run: + + $ gcloud beta network-security intercept-endpoint-groups update \ + my-endpoint-group --project=my-project \ + --location=us-central1-a --clear-labels + +POSITIONAL ARGUMENTS + Intercept endpoint group resource - Intercept Endpoint Group. The + arguments in this group can be used to specify the attributes of this + resource. (NOTE) Some attributes are not given arguments in this group but + can be set in other ways. + + To set the project attribute: + ◆ provide the argument INTERCEPT_ENDPOINT_GROUP on the command line + with a fully specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + INTERCEPT_ENDPOINT_GROUP + ID of the intercept endpoint group or fully qualified identifier for + the intercept endpoint group. + + To set the endpoint-group-id attribute: + ▸ provide the argument INTERCEPT_ENDPOINT_GROUP on the command + line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + Location of the intercept endpoint group. + + To set the location attribute: + ▸ provide the argument INTERCEPT_ENDPOINT_GROUP on the command line + with a fully specified name; + ▸ provide the argument --location on the command line. + +FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. The default is True. Enabled by default, use --no-async to + disable. + + --max-wait=MAX_WAIT; default="20m" + Time to synchronously wait for the operation to complete, after which + the operation continues asynchronously. Ignored if --no-async isn't + specified. See $ gcloud topic datetimes for information on time + formats. + + --update-labels=[KEY=VALUE,...] + List of label KEY=VALUE pairs to update. If a label exists, its value + is modified. Otherwise, a new label is created. + + Keys must start with a lowercase character and contain only hyphens + (-), underscores (_), lowercase characters, and numbers. Values must + contain only hyphens (-), underscores (_), lowercase characters, and + numbers. + + At most one of these can be specified: + + --clear-labels + Remove all labels. If --update-labels is also specified then + --clear-labels is applied first. + + For example, to remove all labels: + + $ gcloud beta network-security intercept-endpoint-groups update \ + --clear-labels + + To remove all existing labels and create two new labels, foo and baz: + + $ gcloud beta network-security intercept-endpoint-groups update \ + --clear-labels --update-labels foo=bar,baz=qux + + --remove-labels=[KEY,...] + List of label keys to remove. If a label does not exist it is + silently ignored. If --update-labels is also specified then + --update-labels is applied first. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This command is currently in beta and might change without notice. This + variant is also available: + + $ gcloud alpha network-security intercept-endpoint-groups update + diff --git a/gcloud/beta/redis/clusters/backups/list b/gcloud/beta/redis/clusters/backups/list index 5955f09b7..3c1a18e7a 100644 --- a/gcloud/beta/redis/clusters/backups/list +++ b/gcloud/beta/redis/clusters/backups/list @@ -4,7 +4,7 @@ NAME SYNOPSIS gcloud beta redis clusters backups list - (--backup_collection=BACKUP_COLLECTION : --region=REGION) + (--backup-collection=BACKUP_COLLECTION : --region=REGION) [--filter=EXPRESSION] [--limit=LIMIT] [--page-size=PAGE_SIZE] [--sort-by=[FIELD,...]] [--uri] [GCLOUD_WIDE_FLAG ...] @@ -17,7 +17,7 @@ EXAMPLES To list up to 5 backups in the us-central1 region, run: $ gcloud beta redis clusters backups list \ - --backup_collection=my-collection --region=us-central1 --limit=5 + --backup-collection=my-collection --region=us-central1 --limit=5 REQUIRED FLAGS Backup collection resource - The backup collection of the backups to @@ -26,19 +26,19 @@ REQUIRED FLAGS group but can be set in other ways. To set the project attribute: - ◆ provide the argument --backup_collection on the command line with a + ◆ provide the argument --backup-collection on the command line with a fully specified name; ◆ provide the argument --project on the command line; ◆ set the property core/project. This must be specified. - --backup_collection=BACKUP_COLLECTION + --backup-collection=BACKUP_COLLECTION ID of the backup collection or fully qualified identifier for the backup collection. - To set the backup_collection attribute: - ▸ provide the argument --backup_collection on the command line. + To set the backup-collection attribute: + ▸ provide the argument --backup-collection on the command line. This flag argument must be specified if any of the other arguments in this group are specified. @@ -48,7 +48,7 @@ REQUIRED FLAGS default redis/region property value for this command invocation. To set the region attribute: - ▸ provide the argument --backup_collection on the command line with + ▸ provide the argument --backup-collection on the command line with a fully specified name; ▸ provide the argument --region on the command line; ▸ set the property redis/region. diff --git a/gcloud/beta/redis/clusters/create b/gcloud/beta/redis/clusters/create index 710832984..338b04429 100644 --- a/gcloud/beta/redis/clusters/create +++ b/gcloud/beta/redis/clusters/create @@ -5,6 +5,9 @@ NAME SYNOPSIS gcloud beta redis clusters create (CLUSTER : --region=REGION) [--aof-append-fsync=AOF_APPEND_FSYNC] [--async] [--auth-mode=AUTH_MODE] + [--automated-backup-mode=AUTOMATED_BACKUP_MODE] + [--automated-backup-start-time=AUTOMATED_BACKUP_START_TIME] + [--automated-backup-ttl=AUTOMATED_BACKUP_TTL] [--cross-cluster-replication-role=CROSS_CLUSTER_REPLICATION_ROLE] [--deletion-protection] [--maintenance-window-day=MAINTENANCE_WINDOW_DAY] @@ -111,6 +114,25 @@ FLAGS iam-auth IAM basic authorization is enabled for the cluster. + --automated-backup-mode=AUTOMATED_BACKUP_MODE + Automated backup mode. AUTOMATED_BACKUP_MODE must be one of: + + disabled + (default) Automated backup is disabled. + + enabled + Automated backup is enabled. + + --automated-backup-start-time=AUTOMATED_BACKUP_START_TIME + One-hour window when you want automated-backup operations to start. + Specify the time in the format HH:00 on a 24-hour cycle in UTC time. + + --automated-backup-ttl=AUTOMATED_BACKUP_TTL + Time to live for automated backups. A backup will be deleted + automatically after the TTL is reached. It ranges from 1 day to 365 + days. For example, "10d" for 10 days. If not specified, the default + value is 35 days. + --cross-cluster-replication-role=CROSS_CLUSTER_REPLICATION_ROLE The role of the cluster in cross cluster replication. CROSS_CLUSTER_REPLICATION_ROLE must be (only one value is supported): @@ -219,11 +241,11 @@ FLAGS At most one of these can be specified: --import-gcs-object-uris=[IMPORT_GCS_OBJECT_URIS,...] - The URIs of Google Cloud Storage objects to import from. For example, + URIs of Google Cloud Storage objects to import from. For example, gs://bucket/folder/file1.rdb,gs://bucket/folder/file2.rdb. --import-managed-backup=IMPORT_MANAGED_BACKUP - The managed backup to import from. For example, + Managed backup to import from. For example, projects/PROJECT_ID/locations/REGION/backupCollections/BACKUP_COLLECTION_ID/backups/BACKUP_ID. GCLOUD WIDE FLAGS diff --git a/gcloud/beta/redis/clusters/update b/gcloud/beta/redis/clusters/update index 9cbe22bc3..824543c3a 100644 --- a/gcloud/beta/redis/clusters/update +++ b/gcloud/beta/redis/clusters/update @@ -4,7 +4,10 @@ NAME SYNOPSIS gcloud beta redis clusters update (CLUSTER : --region=REGION) - [--aof-append-fsync=AOF_APPEND_FSYNC] [--async] [--deletion-protection] + [--aof-append-fsync=AOF_APPEND_FSYNC] [--async] + [--automated-backup-mode=AUTOMATED_BACKUP_MODE] + [--automated-backup-start-time=AUTOMATED_BACKUP_START_TIME] + [--automated-backup-ttl=AUTOMATED_BACKUP_TTL] [--deletion-protection] [--persistence-mode=PERSISTENCE_MODE] [--rdb-snapshot-period=RDB_SNAPSHOT_PERIOD] [--rdb-snapshot-start-time=RDB_SNAPSHOT_START_TIME] @@ -80,6 +83,25 @@ FLAGS Return immediately, without waiting for the operation in progress to complete. + --automated-backup-mode=AUTOMATED_BACKUP_MODE + Automated backup mode. AUTOMATED_BACKUP_MODE must be one of: + + disabled + (default) Automated backup is disabled. + + enabled + Automated backup is enabled. + + --automated-backup-start-time=AUTOMATED_BACKUP_START_TIME + One-hour window when you want automated-backup operations to start. + Specify the time in the format HH:00 on a 24-hour cycle in UTC time. + + --automated-backup-ttl=AUTOMATED_BACKUP_TTL + Time to live for automated backups. A backup will be deleted + automatically after the TTL is reached. It ranges from 1 day to 365 + days. For example, "10d" for 10 days. If not specified, the default + value is 35 days. + --deletion-protection Enable deletion protection for the Redis Cluster. Use --deletion-protection/--no-deletion-protection to enable/disable it. diff --git a/gcloud/beta/resource-manager/tags/keys/create b/gcloud/beta/resource-manager/tags/keys/create index d02579033..3d1dfdee8 100644 --- a/gcloud/beta/resource-manager/tags/keys/create +++ b/gcloud/beta/resource-manager/tags/keys/create @@ -5,7 +5,8 @@ NAME SYNOPSIS gcloud beta resource-manager tags keys create (SHORT_NAME --parent=PARENT) [--async] [--description=DESCRIPTION] [--purpose=PURPOSE] - [--purpose-data=[network=NETWORK]] [GCLOUD_WIDE_FLAG ...] + [--purpose-data=[organization],[network=NETWORK]] + [GCLOUD_WIDE_FLAG ...] EXAMPLES To create a TagKey with the name env under 'organizations/123' with @@ -49,7 +50,7 @@ FLAGS that corresponds to the purpose. PURPOSE must be one of: GCE_FIREWALL, DATA_GOVERNANCE. - --purpose-data=[network=NETWORK] + --purpose-data=[organization],[network=NETWORK] Purpose data of the TagKey that can only be set on creation. This data is validated by the policy system that corresponds to the purpose. diff --git a/gcloud/beta/run/deploy b/gcloud/beta/run/deploy index e7df8c2e8..1d2abe3c3 100644 --- a/gcloud/beta/run/deploy +++ b/gcloud/beta/run/deploy @@ -3,18 +3,17 @@ NAME SYNOPSIS gcloud beta run deploy [[SERVICE] --namespace=NAMESPACE] - [--[no-]allow-unauthenticated] [--async] [--breakglass=JUSTIFICATION] - [--clear-vpc-connector] [--concurrency=CONCURRENCY] - [--container=CONTAINER] [--[no-]cpu-boost] [--[no-]cpu-throttling] - [--[no-]default-url] [--[no-]deploy-health-check] - [--description=DESCRIPTION] + [--[no-]allow-unauthenticated] [--[no-]allow-unencrypted-build] + [--async] [--breakglass=JUSTIFICATION] [--clear-vpc-connector] + [--concurrency=CONCURRENCY] [--container=CONTAINER] [--[no-]cpu-boost] + [--[no-]cpu-throttling] [--[no-]default-url] + [--[no-]deploy-health-check] [--description=DESCRIPTION] [--execution-environment=EXECUTION_ENVIRONMENT] [--gpu-type=GPU_TYPE] [--ingress=INGRESS; default="all"] [--[no-]invoker-iam-check] - [--max-instances=MAX_INSTANCES] [--mesh=MESH] + [--max-instances=MAX_INSTANCES] [--mesh=MESH] [--min=MIN] [--min-instances=MIN_INSTANCES] [--region=REGION] [--remove-containers=[CONTAINER,...]] [--revision-suffix=REVISION_SUFFIX] [--service-account=SERVICE_ACCOUNT] - [--service-min-instances=SERVICE_MIN_INSTANCES] [--[no-]session-affinity] [--tag=TAG] [--timeout=TIMEOUT] [--no-traffic] [--vpc-connector=VPC_CONNECTOR] [--vpc-egress=VPC_EGRESS] @@ -116,6 +115,12 @@ FLAGS may take a few moments to take effect. Use --allow-unauthenticated to enable and --no-allow-unauthenticated to disable. + --[no-]allow-unencrypted-build + Whether to allow customer-managed encryption key (CMEK) deployments + without encrypting the build process. This means that only the deployed + container will be encrypted. Use --allow-unencrypted-build to enable + and --no-allow-unencrypted-build to disable. + --async Return immediately, without waiting for the operation in progress to complete. @@ -214,6 +219,11 @@ FLAGS resource name must be in the format of projects/PROJECT/locations/global/meshes/MESH_NAME. + --min=MIN + The minimum number of container instances for this Service to run or + 'default' to remove any minimum. These instances will be divided among + all Revisions receiving a percentage of traffic. + --min-instances=MIN_INSTANCES The minimum number of container instances for this Revision of the Service to run or 'default' to remove any minimum. @@ -237,11 +247,6 @@ FLAGS revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. - --service-min-instances=SERVICE_MIN_INSTANCES - The minimum number of container instances for this Service to run or - 'default' to remove any minimum. These instances will be divided among - all Revisions receiving a percentage of traffic. - --[no-]session-affinity Whether to enable session affinity for connections to the service. Use --session-affinity to enable and --no-session-affinity to disable. diff --git a/gcloud/beta/run/jobs/create b/gcloud/beta/run/jobs/create index 68234d455..bc539f6d5 100644 --- a/gcloud/beta/run/jobs/create +++ b/gcloud/beta/run/jobs/create @@ -2,22 +2,26 @@ NAME gcloud beta run jobs create - create a Cloud Run job SYNOPSIS - gcloud beta run jobs create [JOB] --image=IMAGE [--args=[ARG,...]] - [--binary-authorization=POLICY] [--breakglass=JUSTIFICATION] - [--command=[COMMAND,...]] [--cpu=CPU] [--key=KEY] + gcloud beta run jobs create [JOB] [--binary-authorization=POLICY] + [--breakglass=JUSTIFICATION] [--container=CONTAINER] [--key=KEY] [--labels=[KEY=VALUE,...]] [--max-retries=MAX_RETRIES] - [--memory=MEMORY] [--parallelism=PARALLELISM] [--region=REGION] + [--parallelism=PARALLELISM] [--region=REGION] [--service-account=SERVICE_ACCOUNT] [--set-cloudsql-instances=[CLOUDSQL-INSTANCES,...]] - [--set-secrets=[KEY=SECRET_NAME:SECRET_VERSION,...]] [--task-timeout=TASK_TIMEOUT] [--tasks=TASKS; default=1] [--vpc-connector=VPC_CONNECTOR] [--vpc-egress=VPC_EGRESS] [--add-volume=[KEY=VALUE,...] --clear-volumes --remove-volume=[VOLUME,...]] [--add-volume-mount=[volume=NAME,mount-path=MOUNT_PATH,...] - --clear-volume-mounts --remove-volume-mount=[MOUNT_PATH,...]] + --args=[ARG,...] --clear-volume-mounts --command=[COMMAND,...] + --cpu=CPU --depends-on=[CONTAINER,...] --image=IMAGE --memory=MEMORY + --remove-volume-mount=[MOUNT_PATH,...] --clear-env-vars + | --env-vars-file=FILE_PATH | --set-env-vars=[KEY=VALUE,...] + | --remove-env-vars=[KEY,...] + --update-env-vars=[KEY=VALUE,...] --clear-secrets + | --set-secrets=[KEY=VALUE,...] + | --remove-secrets=[KEY,...] --update-secrets=[KEY=VALUE,...]] [--async | --execute-now --wait] - [--env-vars-file=FILE_PATH | --set-env-vars=[KEY=VALUE,...]] [--network=NETWORK --network-tags=[TAG,...] --subnet=SUBNET] [GCLOUD_WIDE_FLAG ...] @@ -55,18 +59,7 @@ POSITIONAL ARGUMENTS ▸ provide the argument JOB on the command line; ▸ specify the job name from an interactive prompt. -REQUIRED FLAGS - --image=IMAGE - Name of the container image to deploy (e.g. - us-docker.pkg.dev/cloudrun/container/job:latest). - -OPTIONAL FLAGS - --args=[ARG,...] - Comma-separated arguments passed to the command run by the container - image. If not specified and no '--command' is provided, the container - image's default Cmd is used. Otherwise, if not specified, no arguments - are passed. To reset this field to its default, pass an empty string. - +FLAGS --binary-authorization=POLICY Binary Authorization policy to check against. This must be set to "default". @@ -78,16 +71,9 @@ OPTIONAL FLAGS more information. Next update or deploy command will automatically clear existing breakglass justification. - --command=[COMMAND,...] - Entrypoint for the container image. If not specified, the container - image's default Entrypoint is run. To reset this field to its default, - pass an empty string. - - --cpu=CPU - Set a CPU limit in Kubernetes cpu units. - - Cloud Run supports values fractional values below 1, 1, 2, 4, and 8. - Some CPU values requires a minimum Memory --memory value. + --container=CONTAINER + Specifies a container by name. Flags following --container will apply + to the specified container. --key=KEY CMEK key reference to encrypt the container with. @@ -100,9 +86,6 @@ OPTIONAL FLAGS being failed permanently. This applies per-task, not per-job. If set to 0, tasks will only run once and never be retried on failure. - --memory=MEMORY - Set a memory limit. Ex: 1024Mi, 4Gi. - --parallelism=PARALLELISM Number of tasks that may run concurrently. Must be less than or equal to the number of tasks. Set to 0 to unset. @@ -121,13 +104,6 @@ OPTIONAL FLAGS project and region as your Cloud Run resource; otherwise specify :: for the instance. - --set-secrets=[KEY=SECRET_NAME:SECRET_VERSION,...] - Specify secrets to provide as environment variables. For example: - '--set-secrets=ENV=mysecret:latest,OTHER_ENV=othersecret:1' will create - an environment variable named ENV whose value is the latest version of - secret 'mysecret' and an environment variable OTHER_ENV whose value is - version of 1 of secret 'othersecret'. - --task-timeout=TASK_TIMEOUT Set the maximum time (deadline) a job task attempt can run for. In the case of retries, this deadline applies to each attempt of a task. If @@ -208,18 +184,104 @@ OPTIONAL FLAGS --remove-volume=[VOLUME,...] Removes volumes from the Cloud Run resource. - --add-volume-mount=[volume=NAME,mount-path=MOUNT_PATH,...] - Adds a mount to the current container. Must contain the keys - volume=NAME and mount-path=/PATH where NAME is the name of a volume on - this resource and PATH is the path within the container's filesystem to - mount this volume. + Container Flags - --clear-volume-mounts - Remove all existing mounts from the current container. + If the --container is specified the following arguments may only be specified after a --container flag. - --remove-volume-mount=[MOUNT_PATH,...] - Removes the volume mounted at the specified path from the current - container. + --add-volume-mount=[volume=NAME,mount-path=MOUNT_PATH,...] + Adds a mount to the current container. Must contain the keys + volume=NAME and mount-path=/PATH where NAME is the name of a volume + on this resource and PATH is the path within the container's + filesystem to mount this volume. + + --args=[ARG,...] + Comma-separated arguments passed to the command run by the + container image. If not specified and no '--command' is provided, + the container image's default Cmd is used. Otherwise, if not + specified, no arguments are passed. To reset this field to its + default, pass an empty string. + + --clear-volume-mounts + Remove all existing mounts from the current container. + + --command=[COMMAND,...] + Entrypoint for the container image. If not specified, the container + image's default Entrypoint is run. To reset this field to its + default, pass an empty string. + + --cpu=CPU + Set a CPU limit in Kubernetes cpu units. + + Cloud Run supports values fractional values below 1, 1, 2, 4, and + 8. Some CPU values requires a minimum Memory --memory value. + + --depends-on=[CONTAINER,...] + List of container dependencies to add to the current container. + + --image=IMAGE + Name of the container image to deploy (e.g. + us-docker.pkg.dev/cloudrun/container/job:latest). + + --memory=MEMORY + Set a memory limit. Ex: 1024Mi, 4Gi. + + --remove-volume-mount=[MOUNT_PATH,...] + Removes the volume mounted at the specified path from the current + container. + + At most one of these can be specified: + + --clear-env-vars + Remove all environment variables. + + --env-vars-file=FILE_PATH + Path to a local YAML file with definitions for all environment + variables. All existing environment variables will be removed + before the new environment variables are added. Example YAML + content: + + KEY_1: "value1" + KEY_2: "value 2" + + --set-env-vars=[KEY=VALUE,...] + List of key-value pairs to set as environment variables. All + existing environment variables will be removed first. + + Only --update-env-vars and --remove-env-vars can be used together. + If both are specified, --remove-env-vars will be applied first. + + --remove-env-vars=[KEY,...] + List of environment variables to be removed. + + --update-env-vars=[KEY=VALUE,...] + List of key-value pairs to set as environment variables. + + Specify secrets to mount or provide as environment variables. Keys + starting with a forward slash '/' are mount paths. All other keys + correspond to environment variables. Values should be in the form + SECRET_NAME:SECRET_VERSION. For example: + '--update-secrets=/secrets/api/key=mysecret:latest,ENV=othersecret:1' + will mount a volume at '/secrets/api' containing a file 'key' with the + latest version of secret 'mysecret'. An environment variable named ENV + will also be created whose value is version 1 of secret 'othersecret'. + + At most one of these can be specified: + + --clear-secrets + Remove all secrets. + + --set-secrets=[KEY=VALUE,...] + List of key-value pairs to set as secrets. All existing secrets + will be removed first. + + Only --update-secrets and --remove-secrets can be used together. If + both are specified, --remove-secrets will be applied first. + + --remove-secrets=[KEY,...] + List of secrets to be removed. + + --update-secrets=[KEY=VALUE,...] + List of key-value pairs to set as secrets. At most one of these can be specified: @@ -239,18 +301,6 @@ OPTIONAL FLAGS not set, gcloud exits successfully when the execution has started. Implies --execute-now. - At most one of these can be specified: - - --env-vars-file=FILE_PATH - Path to a local YAML file with definitions for all environment - variables. Example YAML content: - - KEY_1: "value1" - KEY_2: "value 2" - - --set-env-vars=[KEY=VALUE,...] - List of key-value pairs to set as environment variables. - Direct VPC egress setting flags group. --network=NETWORK diff --git a/gcloud/beta/run/jobs/deploy b/gcloud/beta/run/jobs/deploy index e2b55e7ee..5ff81815a 100644 --- a/gcloud/beta/run/jobs/deploy +++ b/gcloud/beta/run/jobs/deploy @@ -2,28 +2,30 @@ NAME gcloud beta run jobs deploy - create or update a Cloud Run job SYNOPSIS - gcloud beta run jobs deploy [JOB] [--args=[ARG,...]] - [--binary-authorization=POLICY] [--breakglass=JUSTIFICATION] - [--command=[COMMAND,...]] [--cpu=CPU] [--key=KEY] + gcloud beta run jobs deploy [JOB] [--binary-authorization=POLICY] + [--breakglass=JUSTIFICATION] [--container=CONTAINER] [--key=KEY] [--labels=[KEY=VALUE,...]] [--max-retries=MAX_RETRIES] - [--memory=MEMORY] [--parallelism=PARALLELISM] [--region=REGION] + [--parallelism=PARALLELISM] [--region=REGION] + [--remove-containers=[CONTAINER,...]] [--service-account=SERVICE_ACCOUNT] [--set-cloudsql-instances=[CLOUDSQL-INSTANCES,...]] - [--set-secrets=[KEY=SECRET_NAME:SECRET_VERSION,...]] [--task-timeout=TASK_TIMEOUT] [--tasks=TASKS; default=1] [--vpc-connector=VPC_CONNECTOR] [--vpc-egress=VPC_EGRESS] [--add-volume=[KEY=VALUE,...] --clear-volumes --remove-volume=[VOLUME,...]] [--add-volume-mount=[volume=NAME,mount-path=MOUNT_PATH,...] - --clear-volume-mounts --remove-volume-mount=[MOUNT_PATH,...]] + --args=[ARG,...] --clear-volume-mounts --command=[COMMAND,...] + --cpu=CPU --depends-on=[CONTAINER,...] --memory=MEMORY + --remove-volume-mount=[MOUNT_PATH,...] --clear-env-vars + | --env-vars-file=FILE_PATH | --set-env-vars=[KEY=VALUE,...] + | --remove-env-vars=[KEY,...] + --update-env-vars=[KEY=VALUE,...] --clear-secrets + | --set-secrets=[KEY=VALUE,...] | --remove-secrets=[KEY,...] + --update-secrets=[KEY=VALUE,...] --image=IMAGE | --source=SOURCE] [--async | --execute-now --wait] - [--clear-env-vars | --env-vars-file=FILE_PATH - | --set-env-vars=[KEY=VALUE,...] - | --remove-env-vars=[KEY,...] --update-env-vars=[KEY=VALUE,...]] [--clear-network | --network=NETWORK --subnet=SUBNET --clear-network-tags - | --network-tags=[TAG,...]] [--image=IMAGE | --source=SOURCE] - [GCLOUD_WIDE_FLAG ...] + | --network-tags=[TAG,...]] [GCLOUD_WIDE_FLAG ...] DESCRIPTION (BETA) Creates or updates a Cloud Run job. @@ -60,12 +62,6 @@ POSITIONAL ARGUMENTS ▸ specify the job name from an interactive prompt. FLAGS - --args=[ARG,...] - Comma-separated arguments passed to the command run by the container - image. If not specified and no '--command' is provided, the container - image's default Cmd is used. Otherwise, if not specified, no arguments - are passed. To reset this field to its default, pass an empty string. - --binary-authorization=POLICY Binary Authorization policy to check against. This must be set to "default". @@ -77,16 +73,9 @@ FLAGS more information. Next update or deploy command will automatically clear existing breakglass justification. - --command=[COMMAND,...] - Entrypoint for the container image. If not specified, the container - image's default Entrypoint is run. To reset this field to its default, - pass an empty string. - - --cpu=CPU - Set a CPU limit in Kubernetes cpu units. - - Cloud Run supports values fractional values below 1, 1, 2, 4, and 8. - Some CPU values requires a minimum Memory --memory value. + --container=CONTAINER + Specifies a container by name. Flags following --container will apply + to the specified container. --key=KEY CMEK key reference to encrypt the container with. @@ -99,9 +88,6 @@ FLAGS being failed permanently. This applies per-task, not per-job. If set to 0, tasks will only run once and never be retried on failure. - --memory=MEMORY - Set a memory limit. Ex: 1024Mi, 4Gi. - --parallelism=PARALLELISM Number of tasks that may run concurrently. Must be less than or equal to the number of tasks. Set to 0 to unset. @@ -110,6 +96,9 @@ FLAGS Region in which the resource can be found. Alternatively, set the property [run/region]. + --remove-containers=[CONTAINER,...] + List of containers to remove. + --service-account=SERVICE_ACCOUNT the email address of an IAM service account associated with the revision of the service. The service account represents the identity of @@ -120,13 +109,6 @@ FLAGS project and region as your Cloud Run resource; otherwise specify :: for the instance. - --set-secrets=[KEY=SECRET_NAME:SECRET_VERSION,...] - Specify secrets to provide as environment variables. For example: - '--set-secrets=ENV=mysecret:latest,OTHER_ENV=othersecret:1' will create - an environment variable named ENV whose value is the latest version of - secret 'mysecret' and an environment variable OTHER_ENV whose value is - version of 1 of secret 'othersecret'. - --task-timeout=TASK_TIMEOUT Set the maximum time (deadline) a job task attempt can run for. In the case of retries, this deadline applies to each attempt of a task. If @@ -207,18 +189,123 @@ FLAGS --remove-volume=[VOLUME,...] Removes volumes from the Cloud Run resource. - --add-volume-mount=[volume=NAME,mount-path=MOUNT_PATH,...] - Adds a mount to the current container. Must contain the keys - volume=NAME and mount-path=/PATH where NAME is the name of a volume on - this resource and PATH is the path within the container's filesystem to - mount this volume. + Container Flags - --clear-volume-mounts - Remove all existing mounts from the current container. + If the --container or --remove-containers flag is specified the following + arguments may only be specified after a --container flag. - --remove-volume-mount=[MOUNT_PATH,...] - Removes the volume mounted at the specified path from the current - container. + --add-volume-mount=[volume=NAME,mount-path=MOUNT_PATH,...] + Adds a mount to the current container. Must contain the keys + volume=NAME and mount-path=/PATH where NAME is the name of a volume + on this resource and PATH is the path within the container's + filesystem to mount this volume. + + --args=[ARG,...] + Comma-separated arguments passed to the command run by the + container image. If not specified and no '--command' is provided, + the container image's default Cmd is used. Otherwise, if not + specified, no arguments are passed. To reset this field to its + default, pass an empty string. + + --clear-volume-mounts + Remove all existing mounts from the current container. + + --command=[COMMAND,...] + Entrypoint for the container image. If not specified, the container + image's default Entrypoint is run. To reset this field to its + default, pass an empty string. + + --cpu=CPU + Set a CPU limit in Kubernetes cpu units. + + Cloud Run supports values fractional values below 1, 1, 2, 4, and + 8. Some CPU values requires a minimum Memory --memory value. + + --depends-on=[CONTAINER,...] + List of container dependencies to add to the current container. + + --memory=MEMORY + Set a memory limit. Ex: 1024Mi, 4Gi. + + --remove-volume-mount=[MOUNT_PATH,...] + Removes the volume mounted at the specified path from the current + container. + + At most one of these can be specified: + + --clear-env-vars + Remove all environment variables. + + --env-vars-file=FILE_PATH + Path to a local YAML file with definitions for all environment + variables. All existing environment variables will be removed + before the new environment variables are added. Example YAML + content: + + KEY_1: "value1" + KEY_2: "value 2" + + --set-env-vars=[KEY=VALUE,...] + List of key-value pairs to set as environment variables. All + existing environment variables will be removed first. + + Only --update-env-vars and --remove-env-vars can be used together. + If both are specified, --remove-env-vars will be applied first. + + --remove-env-vars=[KEY,...] + List of environment variables to be removed. + + --update-env-vars=[KEY=VALUE,...] + List of key-value pairs to set as environment variables. + + Specify secrets to mount or provide as environment variables. Keys + starting with a forward slash '/' are mount paths. All other keys + correspond to environment variables. Values should be in the form + SECRET_NAME:SECRET_VERSION. For example: + '--update-secrets=/secrets/api/key=mysecret:latest,ENV=othersecret:1' + will mount a volume at '/secrets/api' containing a file 'key' with the + latest version of secret 'mysecret'. An environment variable named ENV + will also be created whose value is version 1 of secret 'othersecret'. + + At most one of these can be specified: + + --clear-secrets + Remove all secrets. + + --set-secrets=[KEY=VALUE,...] + List of key-value pairs to set as secrets. All existing secrets + will be removed first. + + Only --update-secrets and --remove-secrets can be used together. If + both are specified, --remove-secrets will be applied first. + + --remove-secrets=[KEY,...] + List of secrets to be removed. + + --update-secrets=[KEY=VALUE,...] + List of key-value pairs to set as secrets. + + At most one of these can be specified: + + --image=IMAGE + Name of the container image to deploy (e.g. + us-docker.pkg.dev/cloudrun/container/job:latest). + + --source=SOURCE + The location of the source to build. If a Dockerfile is present + in the source code directory, it will be built using that + Dockerfile, otherwise it will use Google Cloud buildpacks. See + https://cloud.google.com/run/docs/deploying-source-code for more + details. The location can be a directory on a local disk or a + gzipped archive file (.tar.gz) in Google Cloud Storage. If the + source is a local directory, this command skips the files + specified in the --ignore-file. If --ignore-file is not + specified, use .gcloudignore file. If a .gcloudignore file is + absent and a .gitignore file is present in the local source + directory, gcloud will use a generated Git-compatible + .gcloudignore file that respects your .gitignored files. The + global .gitignore is not respected. For more information on + .gcloudignore, see gcloud topic gcloudignore. At most one of these can be specified: @@ -238,32 +325,6 @@ FLAGS not set, gcloud exits successfully when the execution has started. Implies --execute-now. - At most one of these can be specified: - - --clear-env-vars - Remove all environment variables. - - --env-vars-file=FILE_PATH - Path to a local YAML file with definitions for all environment - variables. All existing environment variables will be removed before - the new environment variables are added. Example YAML content: - - KEY_1: "value1" - KEY_2: "value 2" - - --set-env-vars=[KEY=VALUE,...] - List of key-value pairs to set as environment variables. All existing - environment variables will be removed first. - - Only --update-env-vars and --remove-env-vars can be used together. If - both are specified, --remove-env-vars will be applied first. - - --remove-env-vars=[KEY,...] - List of environment variables to be removed. - - --update-env-vars=[KEY=VALUE,...] - List of key-value pairs to set as environment variables. - At most one of these can be specified: --clear-network @@ -295,27 +356,6 @@ FLAGS Applies the given Compute Engine tags (comma separated) to the Cloud Run job. To clear existing tags, use --clear-network-tags. - At most one of these can be specified: - - --image=IMAGE - Name of the container image to deploy (e.g. - us-docker.pkg.dev/cloudrun/container/job:latest). - - --source=SOURCE - The location of the source to build. If a Dockerfile is present in - the source code directory, it will be built using that Dockerfile, - otherwise it will use Google Cloud buildpacks. See - https://cloud.google.com/run/docs/deploying-source-code for more - details. The location can be a directory on a local disk or a gzipped - archive file (.tar.gz) in Google Cloud Storage. If the source is a - local directory, this command skips the files specified in the - --ignore-file. If --ignore-file is not specified, use .gcloudignore - file. If a .gcloudignore file is absent and a .gitignore file is - present in the local source directory, gcloud will use a generated - Git-compatible .gcloudignore file that respects your .gitignored - files. The global .gitignore is not respected. For more information - on .gcloudignore, see gcloud topic gcloudignore. - GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, diff --git a/gcloud/beta/run/jobs/execute b/gcloud/beta/run/jobs/execute index 7e9583b3a..2aad0c541 100644 --- a/gcloud/beta/run/jobs/execute +++ b/gcloud/beta/run/jobs/execute @@ -2,9 +2,9 @@ NAME gcloud beta run jobs execute - execute a job SYNOPSIS - gcloud beta run jobs execute [JOB] [--args=[ARG,...]] [--region=REGION] - [--task-timeout=TASK_TIMEOUT] [--tasks=TASKS] - [--update-env-vars=[KEY=VALUE,...]] [--async | --wait] + gcloud beta run jobs execute [JOB] [--container=CONTAINER] + [--region=REGION] [--task-timeout=TASK_TIMEOUT] [--tasks=TASKS] + [--args=[ARG,...] --update-env-vars=[KEY=VALUE,...]] [--async | --wait] [GCLOUD_WIDE_FLAG ...] DESCRIPTION @@ -36,10 +36,9 @@ POSITIONAL ARGUMENTS ▸ specify the job name from an interactive prompt. FLAGS - --args=[ARG,...] - Comma-separated arguments passed to the command run by the container - image. If provided, an execution will be created with the input values. - Otherwise, the existing arguments of the job are used. + --container=CONTAINER + Specifies a container by name. Flags following --container will apply + to the specified container. --region=REGION Region in which the resource can be found. Alternatively, set the @@ -60,12 +59,23 @@ FLAGS considered done. If provided, an execution will be created with this value. Otherwise the existing task count of the job is used. - --update-env-vars=[KEY=VALUE,...] - List of key-value pairs to set as environment variables overrides for - an execution of a job. If provided, an execution will be created with - the merge result of the input values and the existing environment - variables. New value overrides existing value if they have the same - key. If not provided, existing environment variables are used. + Container Flags + + If the --container is specified the following arguments may only be specified after a --container flag. + + --args=[ARG,...] + Comma-separated arguments passed to the command run by the + container image. If provided, an execution will be created with the + input values. Otherwise, the existing arguments of the job are + used. + + --update-env-vars=[KEY=VALUE,...] + List of key-value pairs to set as environment variables overrides + for an execution of a job. If provided, an execution will be + created with the merge result of the input values and the existing + environment variables. New value overrides existing value if they + have the same key. If not provided, existing environment variables + are used. At most one of these can be specified: diff --git a/gcloud/beta/run/jobs/update b/gcloud/beta/run/jobs/update index 1d24ddec7..434ef2fe5 100644 --- a/gcloud/beta/run/jobs/update +++ b/gcloud/beta/run/jobs/update @@ -2,11 +2,10 @@ NAME gcloud beta run jobs update - update a Cloud Run Job SYNOPSIS - gcloud beta run jobs update [JOB] [--args=[ARG,...]] - [--breakglass=JUSTIFICATION] [--clear-vpc-connector] - [--command=[COMMAND,...]] [--cpu=CPU] [--image=IMAGE] [--key=KEY] - [--max-retries=MAX_RETRIES] [--memory=MEMORY] - [--parallelism=PARALLELISM] [--region=REGION] + gcloud beta run jobs update [JOB] [--breakglass=JUSTIFICATION] + [--clear-vpc-connector] [--container=CONTAINER] [--key=KEY] + [--max-retries=MAX_RETRIES] [--parallelism=PARALLELISM] + [--region=REGION] [--remove-containers=[CONTAINER,...]] [--service-account=SERVICE_ACCOUNT] [--task-timeout=TASK_TIMEOUT] [--tasks=TASKS; default=1] [--vpc-connector=VPC_CONNECTOR] [--vpc-egress=VPC_EGRESS] @@ -17,20 +16,21 @@ SYNOPSIS [--add-volume=[KEY=VALUE,...] --clear-volumes --remove-volume=[VOLUME,...]] [--add-volume-mount=[volume=NAME,mount-path=MOUNT_PATH,...] - --clear-volume-mounts --remove-volume-mount=[MOUNT_PATH,...]] + --args=[ARG,...] --clear-volume-mounts --command=[COMMAND,...] + --cpu=CPU --depends-on=[CONTAINER,...] --image=IMAGE --memory=MEMORY + --remove-volume-mount=[MOUNT_PATH,...] --clear-env-vars + | --env-vars-file=FILE_PATH | --set-env-vars=[KEY=VALUE,...] + | --remove-env-vars=[KEY,...] + --update-env-vars=[KEY=VALUE,...] --clear-secrets + | --set-secrets=[KEY=VALUE,...] + | --remove-secrets=[KEY,...] --update-secrets=[KEY=VALUE,...]] [--async | --execute-now --wait] [--binary-authorization=POLICY | --clear-binary-authorization] - [--clear-env-vars | --env-vars-file=FILE_PATH - | --set-env-vars=[KEY=VALUE,...] - | --remove-env-vars=[KEY,...] --update-env-vars=[KEY=VALUE,...]] [--clear-labels | --remove-labels=[KEY,...] --labels=[KEY=VALUE,...] | --update-labels=[KEY=VALUE,...]] [--clear-network | --network=NETWORK --subnet=SUBNET --clear-network-tags - | --network-tags=[TAG,...]] - [--clear-secrets | --set-secrets=[KEY=VALUE,...] - | --remove-secrets=[KEY,...] --update-secrets=[KEY=VALUE,...]] - [GCLOUD_WIDE_FLAG ...] + | --network-tags=[TAG,...]] [GCLOUD_WIDE_FLAG ...] DESCRIPTION (BETA) Updates a Cloud Run job. @@ -62,12 +62,6 @@ POSITIONAL ARGUMENTS ▸ specify the job name from an interactive prompt. FLAGS - --args=[ARG,...] - Comma-separated arguments passed to the command run by the container - image. If not specified and no '--command' is provided, the container - image's default Cmd is used. Otherwise, if not specified, no arguments - are passed. To reset this field to its default, pass an empty string. - --breakglass=JUSTIFICATION Justification to bypass Binary Authorization policy constraints and allow the operation. See @@ -78,20 +72,9 @@ FLAGS --clear-vpc-connector Remove the VPC connector for this resource. - --command=[COMMAND,...] - Entrypoint for the container image. If not specified, the container - image's default Entrypoint is run. To reset this field to its default, - pass an empty string. - - --cpu=CPU - Set a CPU limit in Kubernetes cpu units. - - Cloud Run supports values fractional values below 1, 1, 2, 4, and 8. - Some CPU values requires a minimum Memory --memory value. - - --image=IMAGE - Name of the container image to deploy (e.g. - us-docker.pkg.dev/cloudrun/container/job:latest). + --container=CONTAINER + Specifies a container by name. Flags following --container will apply + to the specified container. --key=KEY CMEK key reference to encrypt the container with. @@ -101,9 +84,6 @@ FLAGS being failed permanently. This applies per-task, not per-job. If set to 0, tasks will only run once and never be retried on failure. - --memory=MEMORY - Set a memory limit. Ex: 1024Mi, 4Gi. - --parallelism=PARALLELISM Number of tasks that may run concurrently. Must be less than or equal to the number of tasks. Set to 0 to unset. @@ -112,6 +92,9 @@ FLAGS Region in which the resource can be found. Alternatively, set the property [run/region]. + --remove-containers=[CONTAINER,...] + List of containers to remove. + --service-account=SERVICE_ACCOUNT the email address of an IAM service account associated with the revision of the service. The service account represents the identity of @@ -217,18 +200,105 @@ FLAGS --remove-volume=[VOLUME,...] Removes volumes from the Cloud Run resource. - --add-volume-mount=[volume=NAME,mount-path=MOUNT_PATH,...] - Adds a mount to the current container. Must contain the keys - volume=NAME and mount-path=/PATH where NAME is the name of a volume on - this resource and PATH is the path within the container's filesystem to - mount this volume. + Container Flags - --clear-volume-mounts - Remove all existing mounts from the current container. + If the --container or --remove-containers flag is specified the following + arguments may only be specified after a --container flag. - --remove-volume-mount=[MOUNT_PATH,...] - Removes the volume mounted at the specified path from the current - container. + --add-volume-mount=[volume=NAME,mount-path=MOUNT_PATH,...] + Adds a mount to the current container. Must contain the keys + volume=NAME and mount-path=/PATH where NAME is the name of a volume + on this resource and PATH is the path within the container's + filesystem to mount this volume. + + --args=[ARG,...] + Comma-separated arguments passed to the command run by the + container image. If not specified and no '--command' is provided, + the container image's default Cmd is used. Otherwise, if not + specified, no arguments are passed. To reset this field to its + default, pass an empty string. + + --clear-volume-mounts + Remove all existing mounts from the current container. + + --command=[COMMAND,...] + Entrypoint for the container image. If not specified, the container + image's default Entrypoint is run. To reset this field to its + default, pass an empty string. + + --cpu=CPU + Set a CPU limit in Kubernetes cpu units. + + Cloud Run supports values fractional values below 1, 1, 2, 4, and + 8. Some CPU values requires a minimum Memory --memory value. + + --depends-on=[CONTAINER,...] + List of container dependencies to add to the current container. + + --image=IMAGE + Name of the container image to deploy (e.g. + us-docker.pkg.dev/cloudrun/container/job:latest). + + --memory=MEMORY + Set a memory limit. Ex: 1024Mi, 4Gi. + + --remove-volume-mount=[MOUNT_PATH,...] + Removes the volume mounted at the specified path from the current + container. + + At most one of these can be specified: + + --clear-env-vars + Remove all environment variables. + + --env-vars-file=FILE_PATH + Path to a local YAML file with definitions for all environment + variables. All existing environment variables will be removed + before the new environment variables are added. Example YAML + content: + + KEY_1: "value1" + KEY_2: "value 2" + + --set-env-vars=[KEY=VALUE,...] + List of key-value pairs to set as environment variables. All + existing environment variables will be removed first. + + Only --update-env-vars and --remove-env-vars can be used together. + If both are specified, --remove-env-vars will be applied first. + + --remove-env-vars=[KEY,...] + List of environment variables to be removed. + + --update-env-vars=[KEY=VALUE,...] + List of key-value pairs to set as environment variables. + + Specify secrets to mount or provide as environment variables. Keys + starting with a forward slash '/' are mount paths. All other keys + correspond to environment variables. Values should be in the form + SECRET_NAME:SECRET_VERSION. For example: + '--update-secrets=/secrets/api/key=mysecret:latest,ENV=othersecret:1' + will mount a volume at '/secrets/api' containing a file 'key' with the + latest version of secret 'mysecret'. An environment variable named ENV + will also be created whose value is version 1 of secret 'othersecret'. + + At most one of these can be specified: + + --clear-secrets + Remove all secrets. + + --set-secrets=[KEY=VALUE,...] + List of key-value pairs to set as secrets. All existing secrets + will be removed first. + + Only --update-secrets and --remove-secrets can be used together. If + both are specified, --remove-secrets will be applied first. + + --remove-secrets=[KEY,...] + List of secrets to be removed. + + --update-secrets=[KEY=VALUE,...] + List of key-value pairs to set as secrets. At most one of these can be specified: @@ -257,32 +327,6 @@ FLAGS --clear-binary-authorization Remove any previously set Binary Authorization policy. - At most one of these can be specified: - - --clear-env-vars - Remove all environment variables. - - --env-vars-file=FILE_PATH - Path to a local YAML file with definitions for all environment - variables. All existing environment variables will be removed before - the new environment variables are added. Example YAML content: - - KEY_1: "value1" - KEY_2: "value 2" - - --set-env-vars=[KEY=VALUE,...] - List of key-value pairs to set as environment variables. All existing - environment variables will be removed first. - - Only --update-env-vars and --remove-env-vars can be used together. If - both are specified, --remove-env-vars will be applied first. - - --remove-env-vars=[KEY,...] - List of environment variables to be removed. - - --update-env-vars=[KEY=VALUE,...] - List of key-value pairs to set as environment variables. - At most one of these can be specified: --clear-labels @@ -345,33 +389,6 @@ FLAGS Applies the given Compute Engine tags (comma separated) to the Cloud Run job. To clear existing tags, use --clear-network-tags. - Specify secrets to mount or provide as environment variables. Keys - starting with a forward slash '/' are mount paths. All other keys - correspond to environment variables. Values should be in the form - SECRET_NAME:SECRET_VERSION. For example: - '--update-secrets=/secrets/api/key=mysecret:latest,ENV=othersecret:1' will - mount a volume at '/secrets/api' containing a file 'key' with the latest - version of secret 'mysecret'. An environment variable named ENV will also - be created whose value is version 1 of secret 'othersecret'. - - At most one of these can be specified: - - --clear-secrets - Remove all secrets. - - --set-secrets=[KEY=VALUE,...] - List of key-value pairs to set as secrets. All existing secrets will - be removed first. - - Only --update-secrets and --remove-secrets can be used together. If both - are specified, --remove-secrets will be applied first. - - --remove-secrets=[KEY,...] - List of secrets to be removed. - - --update-secrets=[KEY=VALUE,...] - List of key-value pairs to set as secrets. - GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, diff --git a/gcloud/beta/run/multi-region-services/update b/gcloud/beta/run/multi-region-services/update index 7f9dde501..100009de8 100644 --- a/gcloud/beta/run/multi-region-services/update +++ b/gcloud/beta/run/multi-region-services/update @@ -12,11 +12,10 @@ SYNOPSIS [--[no-]deploy-health-check] [--execution-environment=EXECUTION_ENVIRONMENT] [--gpu-type=GPU_TYPE] [--ingress=INGRESS; default="all"] [--[no-]invoker-iam-check] - [--max-instances=MAX_INSTANCES] [--mesh=MESH] + [--max-instances=MAX_INSTANCES] [--mesh=MESH] [--min=MIN] [--min-instances=MIN_INSTANCES] [--region=REGION] [--remove-containers=[CONTAINER,...]] [--revision-suffix=REVISION_SUFFIX] [--service-account=SERVICE_ACCOUNT] - [--service-min-instances=SERVICE_MIN_INSTANCES] [--[no-]session-affinity] [--tag=TAG] [--timeout=TIMEOUT] [--no-traffic] [--vpc-connector=VPC_CONNECTOR] [--vpc-egress=VPC_EGRESS] @@ -188,6 +187,11 @@ FLAGS resource name must be in the format of projects/PROJECT/locations/global/meshes/MESH_NAME. + --min=MIN + The minimum number of container instances for this Service to run or + 'default' to remove any minimum. These instances will be divided among + all Revisions receiving a percentage of traffic. + --min-instances=MIN_INSTANCES The minimum number of container instances for this Revision of the Service to run or 'default' to remove any minimum. @@ -211,11 +215,6 @@ FLAGS revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. - --service-min-instances=SERVICE_MIN_INSTANCES - The minimum number of container instances for this Service to run or - 'default' to remove any minimum. These instances will be divided among - all Revisions receiving a percentage of traffic. - --[no-]session-affinity Whether to enable session affinity for connections to the service. Use --session-affinity to enable and --no-session-affinity to disable. diff --git a/gcloud/beta/run/services/update b/gcloud/beta/run/services/update index b4e0e9dd5..5ba24aec3 100644 --- a/gcloud/beta/run/services/update +++ b/gcloud/beta/run/services/update @@ -10,11 +10,10 @@ SYNOPSIS [--[no-]deploy-health-check] [--execution-environment=EXECUTION_ENVIRONMENT] [--gpu-type=GPU_TYPE] [--ingress=INGRESS; default="all"] [--[no-]invoker-iam-check] - [--max-instances=MAX_INSTANCES] [--mesh=MESH] + [--max-instances=MAX_INSTANCES] [--mesh=MESH] [--min=MIN] [--min-instances=MIN_INSTANCES] [--region=REGION] [--remove-containers=[CONTAINER,...]] [--revision-suffix=REVISION_SUFFIX] [--service-account=SERVICE_ACCOUNT] - [--service-min-instances=SERVICE_MIN_INSTANCES] [--[no-]session-affinity] [--tag=TAG] [--timeout=TIMEOUT] [--no-traffic] [--vpc-connector=VPC_CONNECTOR] [--vpc-egress=VPC_EGRESS] @@ -188,6 +187,11 @@ FLAGS resource name must be in the format of projects/PROJECT/locations/global/meshes/MESH_NAME. + --min=MIN + The minimum number of container instances for this Service to run or + 'default' to remove any minimum. These instances will be divided among + all Revisions receiving a percentage of traffic. + --min-instances=MIN_INSTANCES The minimum number of container instances for this Revision of the Service to run or 'default' to remove any minimum. @@ -211,11 +215,6 @@ FLAGS revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. - --service-min-instances=SERVICE_MIN_INSTANCES - The minimum number of container instances for this Service to run or - 'default' to remove any minimum. These instances will be divided among - all Revisions receiving a percentage of traffic. - --[no-]session-affinity Whether to enable session affinity for connections to the service. Use --session-affinity to enable and --no-session-affinity to disable. diff --git a/gcloud/beta/source-manager/instances/create b/gcloud/beta/source-manager/instances/create index 533989e8e..4fdcad492 100644 --- a/gcloud/beta/source-manager/instances/create +++ b/gcloud/beta/source-manager/instances/create @@ -4,8 +4,9 @@ NAME SYNOPSIS gcloud beta source-manager instances create (INSTANCE : --region=REGION) - [--async] [--ca-pool=CA_POOL] [--is-private] [--kms-key=KMS_KEY] - [--max-wait=MAX_WAIT; default="60m"] [GCLOUD_WIDE_FLAG ...] + [--async] [--ca-pool=CA_POOL] [--enable-workforce-identity-federation] + [--is-private] [--kms-key=KMS_KEY] [--max-wait=MAX_WAIT; default="60m"] + [GCLOUD_WIDE_FLAG ...] DESCRIPTION (BETA) Create a Secure Source Manager instance. @@ -64,6 +65,9 @@ FLAGS --ca-pool=CA_POOL CA Pool path for private instance. + --enable-workforce-identity-federation + Bool indicator for workforce identity federation instance. + --is-private Bool indicator for private instance. diff --git a/gcloud/beta/sql/instances/create b/gcloud/beta/sql/instances/create index 9b11f4344..fa7f6d972 100644 --- a/gcloud/beta/sql/instances/create +++ b/gcloud/beta/sql/instances/create @@ -48,7 +48,8 @@ SYNOPSIS [--require-ssl] [--retained-backups-count=RETAINED_BACKUPS_COUNT] [--retained-transaction-log-days=RETAINED_TRANSACTION_LOG_DAYS] [--root-password=ROOT_PASSWORD] [--server-ca-mode=SERVER_CA_MODE] - [--ssl-mode=SSL_MODE] [--[no-]storage-auto-increase] + [--server-ca-pool=SERVER_CA_POOL] [--ssl-mode=SSL_MODE] + [--[no-]storage-auto-increase] [--storage-auto-increase-limit=STORAGE_AUTO_INCREASE_LIMIT] [--storage-size=STORAGE_SIZE] [--storage-type=STORAGE_TYPE] [--threads-per-core=THREADS_PER_CORE] [--tier=TIER, -t TIER] @@ -465,6 +466,9 @@ FLAGS GOOGLE_MANAGED_INTERNAL_CA Google-managed self-signed internal CA. + --server-ca-pool=SERVER_CA_POOL + Set the server CA pool of the instance. + --ssl-mode=SSL_MODE Set the SSL mode of the instance. SSL_MODE must be one of: diff --git a/gcloud/beta/sql/ssl/server-certs/create b/gcloud/beta/sql/ssl/server-certs/create index 46e41f93b..6b58a790c 100644 --- a/gcloud/beta/sql/ssl/server-certs/create +++ b/gcloud/beta/sql/ssl/server-certs/create @@ -27,8 +27,10 @@ GCLOUD WIDE FLAGS Run $ gcloud help for details. NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud sql ssl server-certs create $ gcloud alpha sql ssl server-certs create diff --git a/gcloud/beta/sql/ssl/server-certs/help b/gcloud/beta/sql/ssl/server-certs/help index ede490354..8f54fa9c8 100644 --- a/gcloud/beta/sql/ssl/server-certs/help +++ b/gcloud/beta/sql/ssl/server-certs/help @@ -33,8 +33,10 @@ COMMANDS instance. NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud sql ssl server-certs $ gcloud alpha sql ssl server-certs diff --git a/gcloud/beta/sql/ssl/server-certs/list b/gcloud/beta/sql/ssl/server-certs/list index 4a47f9781..5f6918225 100644 --- a/gcloud/beta/sql/ssl/server-certs/list +++ b/gcloud/beta/sql/ssl/server-certs/list @@ -55,8 +55,10 @@ GCLOUD WIDE FLAGS Run $ gcloud help for details. NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud sql ssl server-certs list $ gcloud alpha sql ssl server-certs list diff --git a/gcloud/beta/sql/ssl/server-certs/rollback b/gcloud/beta/sql/ssl/server-certs/rollback index 4787ad580..4befc25d9 100644 --- a/gcloud/beta/sql/ssl/server-certs/rollback +++ b/gcloud/beta/sql/ssl/server-certs/rollback @@ -28,8 +28,10 @@ GCLOUD WIDE FLAGS Run $ gcloud help for details. NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud sql ssl server-certs rollback $ gcloud alpha sql ssl server-certs rollback diff --git a/gcloud/beta/sql/ssl/server-certs/rotate b/gcloud/beta/sql/ssl/server-certs/rotate index 1e95fef9e..9e04c97d6 100644 --- a/gcloud/beta/sql/ssl/server-certs/rotate +++ b/gcloud/beta/sql/ssl/server-certs/rotate @@ -27,8 +27,10 @@ GCLOUD WIDE FLAGS Run $ gcloud help for details. NOTES - This command is currently in beta and might change without notice. This - variant is also available: + This command is currently in beta and might change without notice. These + variants are also available: + + $ gcloud sql ssl server-certs rotate $ gcloud alpha sql ssl server-certs rotate diff --git a/gcloud/bigtable/app-profiles/create b/gcloud/bigtable/app-profiles/create index 8a93cc7b3..ed5a30f8b 100644 --- a/gcloud/bigtable/app-profiles/create +++ b/gcloud/bigtable/app-profiles/create @@ -3,7 +3,7 @@ NAME SYNOPSIS gcloud bigtable app-profiles create (APP_PROFILE : --instance=INSTANCE) - ([--route-any : --restrict-to=[RESTRICT_TO,...]] + ([--route-any : --restrict-to=[RESTRICT_TO,...] --row-affinity] | [--route-to=ROUTE_TO : --transactional-writes]) [--description=DESCRIPTION] [--force] [--priority=PRIORITY] [GCLOUD_WIDE_FLAG ...] @@ -35,6 +35,11 @@ EXAMPLES $ gcloud bigtable app-profiles create my-app-profile-id \ --instance=my-instance-id --route-any --priority=PRIORITY_MEDIUM + To create an app profile with row-affinity routing enabled, run: + + $ gcloud bigtable app-profiles create my-app-profile-id \ + --instance=my-instance-id --route-any --row-affinity + POSITIONAL ARGUMENTS App profile resource - The app profile to create. The arguments in this group can be used to specify the attributes of this resource. (NOTE) Some @@ -82,6 +87,9 @@ REQUIRED FLAGS Cluster IDs to route to using the Multi Cluster Routing Policy. If unset, all clusters in the instance are eligible. + --row-affinity + Use row-affinity routing for this app profile. + Single Cluster Routing Policy --route-to=ROUTE_TO diff --git a/gcloud/bigtable/app-profiles/update b/gcloud/bigtable/app-profiles/update index ec80cb461..ab5dc3bcb 100644 --- a/gcloud/bigtable/app-profiles/update +++ b/gcloud/bigtable/app-profiles/update @@ -4,7 +4,7 @@ NAME SYNOPSIS gcloud bigtable app-profiles update (APP_PROFILE : --instance=INSTANCE) [--async] [--description=DESCRIPTION] [--force] [--priority=PRIORITY] - [[--route-any : --restrict-to=[RESTRICT_TO,...]] + [[--route-any : --restrict-to=[RESTRICT_TO,...] --row-affinity] | [--route-to=ROUTE_TO : --transactional-writes]] [GCLOUD_WIDE_FLAG ...] @@ -34,6 +34,11 @@ EXAMPLES $ gcloud bigtable app-profiles update my-app-profile-id \ --instance=my-instance-id --priority=PRIORITY_LOW + To update an app profile to enable row-affinity routing, run: + + $ gcloud bigtable app-profiles update my-app-profile-id \ + --instance=my-instance-id --route-any --row-affinity + POSITIONAL ARGUMENTS App profile resource - The app profile to update. The arguments in this group can be used to specify the attributes of this resource. (NOTE) Some @@ -102,6 +107,9 @@ FLAGS Cluster IDs to route to using the Multi Cluster Routing Policy. If unset, all clusters in the instance are eligible. + --row-affinity + Use row-affinity routing for this app profile. + Single Cluster Routing Policy --route-to=ROUTE_TO diff --git a/gcloud/bigtable/clusters/create b/gcloud/bigtable/clusters/create index 56e03e757..09de7a142 100644 --- a/gcloud/bigtable/clusters/create +++ b/gcloud/bigtable/clusters/create @@ -4,6 +4,8 @@ NAME SYNOPSIS gcloud bigtable clusters create (CLUSTER : --instance=INSTANCE) --zone=ZONE [--async] + [--node-scaling-factor=NODE_SCALING_FACTOR; + default="node-scaling-factor-1x"] [--kms-key=KMS_KEY : --kms-keyring=KMS_KEYRING --kms-location=KMS_LOCATION --kms-project=KMS_PROJECT] [--num-nodes=NUM_NODES; default=3 @@ -69,6 +71,10 @@ OPTIONAL FLAGS Return immediately, without waiting for the operation in progress to complete. + --node-scaling-factor=NODE_SCALING_FACTOR; default="node-scaling-factor-1x" + Node scaling factor for the cluster. NODE_SCALING_FACTOR must be one + of: node-scaling-factor-1x, node-scaling-factor-2x. + Key resource - The Cloud KMS (Key Management Service) cryptokey that will be used to protect the cluster. The arguments in this group can be used to specify the attributes of this resource. diff --git a/gcloud/bigtable/instances/create b/gcloud/bigtable/instances/create index 25563b063..8f70736aa 100644 --- a/gcloud/bigtable/instances/create +++ b/gcloud/bigtable/instances/create @@ -4,11 +4,12 @@ NAME SYNOPSIS gcloud bigtable instances create INSTANCE --display-name=DISPLAY_NAME [--async] [--cluster=CLUSTER] - [--cluster-config=[id=ID,zone=ZONE,nodes=NODES,kms-key=KMS_KEY, - autoscaling-min-nodes=AUTOSCALING_MIN_NODES, + [--cluster-config=[id=ID,zone=ZONE,[nodes=NODES], + [node-scaling-factor=NODE_SCALING_FACTOR],[kms-key=KMS_KEY], + [autoscaling-min-nodes=AUTOSCALING_MIN_NODES, autoscaling-max-nodes=AUTOSCALING_MAX_NODES, autoscaling-cpu-target=AUTOSCALING_CPU_TARGET, - autoscaling-storage-target=AUTOSCALING_STORAGE_TARGET,...]] + autoscaling-storage-target=AUTOSCALING_STORAGE_TARGET],...]] [--cluster-num-nodes=CLUSTER_NUM_NODES] [--cluster-storage-type=CLUSTER_STORAGE_TYPE; default="ssd"] [--cluster-zone=CLUSTER_ZONE] @@ -72,7 +73,7 @@ OPTIONAL FLAGS The --cluster argument is deprecated; use --cluster-config instead. - --cluster-config=[id=ID,zone=ZONE,nodes=NODES,kms-key=KMS_KEY,autoscaling-min-nodes=AUTOSCALING_MIN_NODES,autoscaling-max-nodes=AUTOSCALING_MAX_NODES,autoscaling-cpu-target=AUTOSCALING_CPU_TARGET,autoscaling-storage-target=AUTOSCALING_STORAGE_TARGET,...] + --cluster-config=[id=ID,zone=ZONE,[nodes=NODES],[node-scaling-factor=NODE_SCALING_FACTOR],[kms-key=KMS_KEY],[autoscaling-min-nodes=AUTOSCALING_MIN_NODES,autoscaling-max-nodes=AUTOSCALING_MAX_NODES,autoscaling-cpu-target=AUTOSCALING_CPU_TARGET,autoscaling-storage-target=AUTOSCALING_STORAGE_TARGET],...] Repeatable. Specify cluster config as a key-value dictionary. This is the recommended argument for specifying cluster configurations. @@ -85,6 +86,8 @@ OPTIONAL FLAGS *nodes*: The number of nodes in the cluster. Default=1. + *node-scaling-factor*: The node scaling factor for the cluster. Default=node-scaling-factor-1x. NODE_SCALING_FACTOR must be one of: node-scaling-factor-1x, node-scaling-factor-2x. + *kms-key*: The Cloud KMS (Key Management Service) cryptokey that will be used to protect the cluster. *autoscaling-min-nodes*: The minimum number of nodes for autoscaling. diff --git a/gcloud/colab/runtimes/help b/gcloud/colab/runtimes/help index 947a22175..1a5b46749 100644 --- a/gcloud/colab/runtimes/help +++ b/gcloud/colab/runtimes/help @@ -31,6 +31,9 @@ COMMANDS start Start a stopped runtime. + stop + Stop a runtime. + upgrade Upgrade a runtime. diff --git a/gcloud/colab/runtimes/stop b/gcloud/colab/runtimes/stop new file mode 100644 index 000000000..f8e4dc747 --- /dev/null +++ b/gcloud/colab/runtimes/stop @@ -0,0 +1,66 @@ +NAME + gcloud colab runtimes stop - stop a runtime + +SYNOPSIS + gcloud colab runtimes stop (RUNTIME : --region=REGION) [--async] + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Stop a Colab Enterprise notebook runtime. + +EXAMPLES + To stop a runtime with id my-runtime in region us-central1, run: + + $ gcloud colab runtimes stop my-runtime --region=us-central1 + +POSITIONAL ARGUMENTS + Runtime resource - Unique name of the runtime to stop. This was optionally + provided by setting --runtime-id in the create runtime command, or was + system-generated if unspecified. The arguments in this group can be used + to specify the attributes of this resource. (NOTE) Some attributes are not + given arguments in this group but can be set in other ways. + + To set the project attribute: + ◆ provide the argument runtime on the command line with a fully + specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + RUNTIME + ID of the runtime or fully qualified identifier for the runtime. + + To set the name attribute: + ▸ provide the argument runtime on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --region=REGION + Cloud region for the runtime. + + To set the region attribute: + ▸ provide the argument runtime on the command line with a fully + specified name; + ▸ provide the argument --region on the command line; + ▸ set the property colab/region. + +FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + This variant is also available: + + $ gcloud beta colab runtimes stop + diff --git a/gcloud/composer/environments/create b/gcloud/composer/environments/create index 09f9acd8c..502e11b94 100644 --- a/gcloud/composer/environments/create +++ b/gcloud/composer/environments/create @@ -7,13 +7,15 @@ SYNOPSIS [--airflow-configs=[KEY=VALUE,...]] [--async] [--cloud-sql-machine-type=CLOUD_SQL_MACHINE_TYPE] [--cloud-sql-preferred-zone=CLOUD_SQL_PREFERRED_ZONE] + [--composer-internal-ipv4-cidr-block=COMPOSER_INTERNAL_IPV4_CIDR_BLOCK] [--disable-logs-in-cloud-logging-only] [--disk-size=DISK_SIZE] [--enable-high-resilience] [--enable-logs-in-cloud-logging-only] [--env-variables=[NAME=VALUE,...]] [--environment-size=ENVIRONMENT_SIZE] [--labels=[KEY=VALUE,...]] - [--machine-type=MACHINE_TYPE] [--node-count=NODE_COUNT] - [--oauth-scopes=[SCOPE,...]] [--python-version=PYTHON_VERSION] - [--service-account=SERVICE_ACCOUNT] [--storage-bucket=STORAGE_BUCKET] + [--machine-type=MACHINE_TYPE] [--network-attachment=NETWORK_ATTACHMENT] + [--node-count=NODE_COUNT] [--oauth-scopes=[SCOPE,...]] + [--python-version=PYTHON_VERSION] [--service-account=SERVICE_ACCOUNT] + [--storage-bucket=STORAGE_BUCKET] [--support-web-server-plugins] [--tags=[TAG,...]] [--web-server-machine-type=WEB_SERVER_MACHINE_TYPE] [--zone=ZONE] [--airflow-version=AIRFLOW_VERSION | --image-version=IMAGE_VERSION] @@ -29,8 +31,13 @@ SYNOPSIS --enable-ip-alias --enable-ip-masq-agent --services-ipv4-cidr=SERVICES_IPV4_CIDR --services-secondary-range-name=SERVICES_SECONDARY_RANGE_NAME] + [--dag-processor-count=DAG_PROCESSOR_COUNT + --dag-processor-cpu=DAG_PROCESSOR_CPU + --dag-processor-memory=DAG_PROCESSOR_MEMORY + --dag-processor-storage=DAG_PROCESSOR_STORAGE] [--disable-cloud-data-lineage-integration | --enable-cloud-data-lineage-integration] + [--disable-private-builds-only | --enable-private-builds-only] [--enable-master-authorized-networks --master-authorized-networks=[NETWORK,...]] [--enable-scheduled-snapshot-creation @@ -126,6 +133,11 @@ FLAGS --cloud-sql-preferred-zone=CLOUD_SQL_PREFERRED_ZONE Select cloud sql preferred zone, supported for Composer 2 Environments. + --composer-internal-ipv4-cidr-block=COMPOSER_INTERNAL_IPV4_CIDR_BLOCK + The IP range in CIDR notation to use internally by Cloud Composer. This + should have a netmask length of 20. Can be specified for Composer 3 or + greater. + --disable-logs-in-cloud-logging-only Disable logs in cloud logging only, supported for Composer 2 Environments. @@ -169,6 +181,10 @@ FLAGS (https://cloud.google.com/compute/docs/machine-types) to use for nodes. For example --machine-type=n1-standard-1. + --network-attachment=NETWORK_ATTACHMENT + Cloud Composer Network Attachment, which provides connectivity with a + user's VPC network, supported in Composer 3 environments or greater. + --node-count=NODE_COUNT The number of nodes to create to run the environment. @@ -196,6 +212,10 @@ FLAGS Name of an exisiting Cloud Storage bucket to be used by the environment. Supported only for Composer 2.4.X and above. + --support-web-server-plugins + Enable the support for web server plugins, supported in Composer 3 or + greater. + --tags=[TAG,...] The set of instance tags applied to all node VMs. Tags are used to identify valid sources or targets for network firewalls. Each tag @@ -297,6 +317,9 @@ FLAGS If not specified, cluster nodes will be assigned public IP addresses. + When used with Composer 3, disable internet connection from any + Composer component. + When used with Composer 1.x, cannot be specified unless --enable-ip-alias is also specified. @@ -376,6 +399,27 @@ FLAGS When used with Composer 1.x, cannot be specified unless --enable-ip-alias is also specified. + Group of arguments for setting dag processor settings in Composer 3 or + greater. + + --dag-processor-count=DAG_PROCESSOR_COUNT + Number of dag processors, supported in Composer 3 environments or + greater. + + --dag-processor-cpu=DAG_PROCESSOR_CPU + CPU allocated to Airflow dag processor, supported in Composer 3 + environments or greater. + + --dag-processor-memory=DAG_PROCESSOR_MEMORY + Memory allocated to Airflow dag processor, ex. 1GB, 3GB, 2. If units + are not provided, defaults to GB, supported in Composer 3 + environments or greater. + + --dag-processor-storage=DAG_PROCESSOR_STORAGE + Storage allocated to Airflow dag processor, ex. 600MB, 3GB, 2. If + units are not provided, defaults to GB, supported in Composer 3 + environments or greater. + At most one of these can be specified: --disable-cloud-data-lineage-integration @@ -386,6 +430,17 @@ FLAGS Enable Cloud Data Lineage integration, supported for Composer 2 Environments. + At most one of these can be specified: + + --disable-private-builds-only + Builds performed during operations that install Python packages have + an access to the internet, supported in Composer 3 or greater. + + --enable-private-builds-only + Builds performed during operations that install Python packages have + only private connectivity to Google services, supported in Composer 3 + or greater. + Master Authorized Networks configuration --enable-master-authorized-networks @@ -582,7 +637,7 @@ FLAGS this group are specified. --subnetwork=SUBNETWORK - The Compute Engine subnetwork + The Compute Engine Subnetwork (https://cloud.google.com/compute/docs/subnetworks) to which the environment will be connected. diff --git a/gcloud/composer/environments/help b/gcloud/composer/environments/help index 63fe686c1..14c2a35c5 100644 --- a/gcloud/composer/environments/help +++ b/gcloud/composer/environments/help @@ -28,6 +28,12 @@ GROUPS Manage Cloud Storage objects stored as part of Cloud Composer environments. + user-workloads-config-maps + Create and manage user workloads ConfigMaps of environment. + + user-workloads-secrets + Create and manage user workloads Secrets of environment. + COMMANDS COMMAND is one of the following: @@ -60,6 +66,10 @@ COMMANDS List the Cloud Composer image version upgrades for a specific environment. + list-workloads + List Composer workloads, supported in Composer 3 environments or + greater. + run Run an Airflow sub-command remotely in a Cloud Composer environment. diff --git a/gcloud/composer/environments/list-workloads b/gcloud/composer/environments/list-workloads new file mode 100644 index 000000000..dbf3b0d79 --- /dev/null +++ b/gcloud/composer/environments/list-workloads @@ -0,0 +1,63 @@ +NAME + gcloud composer environments list-workloads - list Composer workloads, + supported in Composer 3 environments or greater + +SYNOPSIS + gcloud composer environments list-workloads + (ENVIRONMENT : --location=LOCATION) [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + List Composer workloads, supported in Composer 3 environments or greater. + +EXAMPLES + To display Composer workloads for the environment named environment-1, run: $ gcloud composer environments list-workloads environment-1 + +POSITIONAL ARGUMENTS + Environment resource - The environment for which to display workloads. The + arguments in this group can be used to specify the attributes of this + resource. (NOTE) Some attributes are not given arguments in this group but + can be set in other ways. + + To set the project attribute: + ◆ provide the argument environment on the command line with a fully + specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + ENVIRONMENT + ID of the environment or fully qualified identifier for the + environment. + + To set the environment attribute: + ▸ provide the argument environment on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + Region where Composer environment runs or in which to create the + environment. + + To set the location attribute: + ▸ provide the argument environment on the command line with a fully + specified name; + ▸ provide the argument --location on the command line; + ▸ set the property composer/location. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + These variants are also available: + + $ gcloud alpha composer environments list-workloads + + $ gcloud beta composer environments list-workloads + diff --git a/gcloud/composer/environments/update b/gcloud/composer/environments/update index 52fa6f263..698b9e5f6 100644 --- a/gcloud/composer/environments/update +++ b/gcloud/composer/environments/update @@ -6,9 +6,10 @@ SYNOPSIS gcloud composer environments update (ENVIRONMENT : --location=LOCATION) (--cloud-sql-machine-type=CLOUD_SQL_MACHINE_TYPE | --disable-high-resilience | --disable-logs-in-cloud-logging-only - | --enable-high-resilience | --enable-logs-in-cloud-logging-only + | --disable-private-environment | --enable-high-resilience + | --enable-logs-in-cloud-logging-only | --enable-private-environment | --environment-size=ENVIRONMENT_SIZE | --image-version=IMAGE_VERSION - | --node-count=NODE_COUNT + | --node-count=NODE_COUNT | --support-web-server-plugins | --web-server-machine-type=WEB_SERVER_MACHINE_TYPE | --clear-maintenance-window | --maintenance-window-end=MAINTENANCE_WINDOW_END @@ -19,19 +20,26 @@ SYNOPSIS | --disable-master-authorized-networks --enable-master-authorized-networks --master-authorized-networks=[NETWORK,...] + | --disable-private-builds-only | --enable-private-builds-only | --disable-scheduled-snapshot-creation | --enable-scheduled-snapshot-creation --snapshot-creation-schedule=SNAPSHOT_CREATION_SCHEDULE --snapshot-location=SNAPSHOT_LOCATION --snapshot-schedule-timezone=SNAPSHOT_SCHEDULE_TIMEZONE + | --disable-vpc-connectivity + | --network-attachment=NETWORK_ATTACHMENT + | [--network=NETWORK : --subnetwork=SUBNETWORK] | --max-workers=MAX_WORKERS --min-workers=MIN_WORKERS --scheduler-count=SCHEDULER_COUNT --scheduler-cpu=SCHEDULER_CPU --scheduler-memory=SCHEDULER_MEMORY --scheduler-storage=SCHEDULER_STORAGE --web-server-cpu=WEB_SERVER_CPU --web-server-memory=WEB_SERVER_MEMORY --web-server-storage=WEB_SERVER_STORAGE --worker-cpu=WORKER_CPU - --worker-memory=WORKER_MEMORY - --worker-storage=WORKER_STORAGE --disable-triggerer + --worker-memory=WORKER_MEMORY --worker-storage=WORKER_STORAGE + --dag-processor-count=DAG_PROCESSOR_COUNT + --dag-processor-cpu=DAG_PROCESSOR_CPU + --dag-processor-memory=DAG_PROCESSOR_MEMORY + --dag-processor-storage=DAG_PROCESSOR_STORAGE --disable-triggerer | --enable-triggerer --triggerer-count=TRIGGERER_COUNT --triggerer-cpu=TRIGGERER_CPU --triggerer-memory=TRIGGERER_MEMORY | --update-airflow-configs=[KEY=VALUE,...] --clear-airflow-configs @@ -108,6 +116,10 @@ REQUIRED FLAGS Disable logs in cloud logging only, supported for Composer 2 Environments. + --disable-private-environment + Enable internet connection from any Composer component, supported in + Composer 3 environments or greater. + --enable-high-resilience Enable high resilience, supported for Composer 2 Environments. @@ -115,6 +127,10 @@ REQUIRED FLAGS Enable logs in cloud logging only, supported for Composer 2 Environments. + --enable-private-environment + Disable internet connection from any Composer component, supported in + Composer 3 environments or greater. + --environment-size=ENVIRONMENT_SIZE Size of the environment. Unspecified means that the default option will be chosen. ENVIRONMENT_SIZE must be one of: large, medium, @@ -145,6 +161,10 @@ REQUIRED FLAGS --node-count=NODE_COUNT The new number of nodes running the environment. Must be >= 3. + --support-web-server-plugins + Enable the support for web server plugins, supported in Composer 3 or + greater. + --web-server-machine-type=WEB_SERVER_MACHINE_TYPE machine type used by the Airflow web server. The list of available machine types is available here: @@ -223,6 +243,17 @@ REQUIRED FLAGS Cannot be specified unless --enable-master-authorized-networks is also specified. + At most one of these can be specified: + + --disable-private-builds-only + Builds performed during operations that install Python packages + have an access to the internet, supported in Composer 3 or greater. + + --enable-private-builds-only + Builds performed during operations that install Python packages + have only private connectivity to Google services, supported in + Composer 3 or greater. + Group of arguments used during update of scheduled snapshots settings in Composer 2.0.32 or greater. @@ -266,6 +297,32 @@ REQUIRED FLAGS This flag argument must be specified if any of the other arguments in this group are specified. + At most one of these can be specified: + + --disable-vpc-connectivity + Disable connectivity with a user's VPC network, supported in + Composer 3 environments or greater. + + --network-attachment=NETWORK_ATTACHMENT + Cloud Composer Network Attachment, which provides connectivity with + a user's VPC network, supported in Composer 3 environments or + greater. + + Virtual Private Cloud networking + + --network=NETWORK + The Compute Engine Network to which the environment will be + connected. If a 'Custom Subnet Network' is provided, --subnetwork + must be specified as well. + + This flag argument must be specified if any of the other + arguments in this group are specified. + + --subnetwork=SUBNETWORK + The Compute Engine Subnetwork + (https://cloud.google.com/compute/docs/subnetworks) to which the + environment will be connected. + Group of arguments for setting workloads configuration in Composer 2.X or greater (--scheduler-count flag is available for Composer 1.X as well). @@ -313,6 +370,27 @@ REQUIRED FLAGS Storage allocated to Airflow worker, ex. 600MB, 3GB, 2. If units are not provided, defaults to GB. + Group of arguments for setting dag processor settings in Composer 3 or + greater. + + --dag-processor-count=DAG_PROCESSOR_COUNT + Number of dag processors, supported in Composer 3 environments or + greater. + + --dag-processor-cpu=DAG_PROCESSOR_CPU + CPU allocated to Airflow dag processor, supported in Composer 3 + environments or greater. + + --dag-processor-memory=DAG_PROCESSOR_MEMORY + Memory allocated to Airflow dag processor, ex. 1GB, 3GB, 2. If + units are not provided, defaults to GB, supported in Composer 3 + environments or greater. + + --dag-processor-storage=DAG_PROCESSOR_STORAGE + Storage allocated to Airflow dag processor, ex. 600MB, 3GB, 2. If + units are not provided, defaults to GB, supported in Composer 3 + environments or greater. + Group of arguments for setting triggerer settings in Composer 2.0.31 or greater. diff --git a/gcloud/composer/environments/user-workloads-config-maps/create b/gcloud/composer/environments/user-workloads-config-maps/create new file mode 100644 index 000000000..a40c9cdc4 --- /dev/null +++ b/gcloud/composer/environments/user-workloads-config-maps/create @@ -0,0 +1,72 @@ +NAME + gcloud composer environments user-workloads-config-maps create - create a + user workloads ConfigMap + +SYNOPSIS + gcloud composer environments user-workloads-config-maps create + --config-map-file-path=CONFIG_MAP_FILE_PATH + (--environment=ENVIRONMENT : --location=LOCATION) + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Create a user workloads ConfigMap. + +EXAMPLES + To create a user workloads ConfigMap of the environment named env-1, run: + + $ gcloud composer environments user-workloads-config-maps create \ + --environment=env-1 --config-map-file-path=config_map.yaml + +REQUIRED FLAGS + --config-map-file-path=CONFIG_MAP_FILE_PATH + Path to a local file with a single Kubernetes ConfigMap in YAML format. + + Environment resource - The environment where the user workloads ConfigMap + must be created. The arguments in this group can be used to specify the + attributes of this resource. (NOTE) Some attributes are not given + arguments in this group but can be set in other ways. + + To set the project attribute: + ◆ provide the argument --environment on the command line with a fully + specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + --environment=ENVIRONMENT + ID of the environment or fully qualified identifier for the + environment. + + To set the environment attribute: + ▸ provide the argument --environment on the command line. + + This flag argument must be specified if any of the other arguments in + this group are specified. + + --location=LOCATION + Region where Composer environment runs or in which to create the + environment. + + To set the location attribute: + ▸ provide the argument --environment on the command line with a + fully specified name; + ▸ provide the argument --location on the command line; + ▸ set the property composer/location. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + These variants are also available: + + $ gcloud alpha composer environments user-workloads-config-maps \ + create + + $ gcloud beta composer environments user-workloads-config-maps create + diff --git a/gcloud/composer/environments/user-workloads-config-maps/delete b/gcloud/composer/environments/user-workloads-config-maps/delete new file mode 100644 index 000000000..1a7e5788b --- /dev/null +++ b/gcloud/composer/environments/user-workloads-config-maps/delete @@ -0,0 +1,72 @@ +NAME + gcloud composer environments user-workloads-config-maps delete - delete a + user workloads ConfigMap + +SYNOPSIS + gcloud composer environments user-workloads-config-maps delete + [CONFIG_MAP_NAME] (--environment=ENVIRONMENT : --location=LOCATION) + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Delete a user workloads ConfigMap. + +EXAMPLES + To delete a user workloads ConfigMap of the environment named env-1, run: + + $ gcloud composer environments user-workloads-config-maps delete \ + config-map-1 --environment=env-1 + +POSITIONAL ARGUMENTS + [CONFIG_MAP_NAME] + Name of the ConfigMap. + +REQUIRED FLAGS + Environment resource - The environment of the config_map. The arguments in + this group can be used to specify the attributes of this resource. (NOTE) + Some attributes are not given arguments in this group but can be set in + other ways. + + To set the project attribute: + ◆ provide the argument --environment on the command line with a fully + specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + --environment=ENVIRONMENT + ID of the environment or fully qualified identifier for the + environment. + + To set the environment attribute: + ▸ provide the argument --environment on the command line. + + This flag argument must be specified if any of the other arguments in + this group are specified. + + --location=LOCATION + Region where Composer environment runs or in which to create the + environment. + + To set the location attribute: + ▸ provide the argument --environment on the command line with a + fully specified name; + ▸ provide the argument --location on the command line; + ▸ set the property composer/location. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + These variants are also available: + + $ gcloud alpha composer environments user-workloads-config-maps \ + delete + + $ gcloud beta composer environments user-workloads-config-maps delete + diff --git a/gcloud/composer/environments/user-workloads-config-maps/describe b/gcloud/composer/environments/user-workloads-config-maps/describe new file mode 100644 index 000000000..8d8015948 --- /dev/null +++ b/gcloud/composer/environments/user-workloads-config-maps/describe @@ -0,0 +1,74 @@ +NAME + gcloud composer environments user-workloads-config-maps describe - get + details about a user workloads ConfigMap + +SYNOPSIS + gcloud composer environments user-workloads-config-maps describe + [CONFIG_MAP_NAME] (--environment=ENVIRONMENT : --location=LOCATION) + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Get details about a user workloads ConfigMap. + +EXAMPLES + To get details about a user workloads ConfigMap of the environment named + env-1, run: + + $ gcloud composer environments user-workloads-config-maps describe \ + config-map-1 --environment=env-1 + +POSITIONAL ARGUMENTS + [CONFIG_MAP_NAME] + Name of the ConfigMap. + +REQUIRED FLAGS + Environment resource - The environment of the config_map. The arguments in + this group can be used to specify the attributes of this resource. (NOTE) + Some attributes are not given arguments in this group but can be set in + other ways. + + To set the project attribute: + ◆ provide the argument --environment on the command line with a fully + specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + --environment=ENVIRONMENT + ID of the environment or fully qualified identifier for the + environment. + + To set the environment attribute: + ▸ provide the argument --environment on the command line. + + This flag argument must be specified if any of the other arguments in + this group are specified. + + --location=LOCATION + Region where Composer environment runs or in which to create the + environment. + + To set the location attribute: + ▸ provide the argument --environment on the command line with a + fully specified name; + ▸ provide the argument --location on the command line; + ▸ set the property composer/location. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + These variants are also available: + + $ gcloud alpha composer environments user-workloads-config-maps \ + describe + + $ gcloud beta composer environments user-workloads-config-maps \ + describe + diff --git a/gcloud/composer/environments/user-workloads-config-maps/help b/gcloud/composer/environments/user-workloads-config-maps/help new file mode 100644 index 000000000..eeb116e1f --- /dev/null +++ b/gcloud/composer/environments/user-workloads-config-maps/help @@ -0,0 +1,42 @@ +NAME + gcloud composer environments user-workloads-config-maps - create and manage + user workloads ConfigMaps of environment + +SYNOPSIS + gcloud composer environments user-workloads-config-maps COMMAND + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + The gcloud composer environments user-workloads-config-maps command group + manages user workloads ConfigMaps of Cloud Composer environments. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --help. + + Run $ gcloud help for details. + +COMMANDS + COMMAND is one of the following: + + create + Create a user workloads ConfigMap. + + delete + Delete a user workloads ConfigMap. + + describe + Get details about a user workloads ConfigMap. + + list + List user workloads ConfigMaps. + + update + Update a user workloads ConfigMap. + +NOTES + These variants are also available: + + $ gcloud alpha composer environments user-workloads-config-maps + + $ gcloud beta composer environments user-workloads-config-maps + diff --git a/gcloud/composer/environments/user-workloads-config-maps/list b/gcloud/composer/environments/user-workloads-config-maps/list new file mode 100644 index 000000000..f9cc6aefb --- /dev/null +++ b/gcloud/composer/environments/user-workloads-config-maps/list @@ -0,0 +1,67 @@ +NAME + gcloud composer environments user-workloads-config-maps list - list user + workloads ConfigMaps + +SYNOPSIS + gcloud composer environments user-workloads-config-maps list + (--environment=ENVIRONMENT : --location=LOCATION) + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + List user workloads ConfigMaps. + +EXAMPLES + To list user workloads ConfigMaps of the environment named env-1, run: + + $ gcloud composer environments user-workloads-config-maps list \ + --environment=env-1 + +REQUIRED FLAGS + Environment resource - The environment to list user workloads ConfigMaps. + The arguments in this group can be used to specify the attributes of this + resource. (NOTE) Some attributes are not given arguments in this group but + can be set in other ways. + + To set the project attribute: + ◆ provide the argument --environment on the command line with a fully + specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + --environment=ENVIRONMENT + ID of the environment or fully qualified identifier for the + environment. + + To set the environment attribute: + ▸ provide the argument --environment on the command line. + + This flag argument must be specified if any of the other arguments in + this group are specified. + + --location=LOCATION + Region where Composer environment runs or in which to create the + environment. + + To set the location attribute: + ▸ provide the argument --environment on the command line with a + fully specified name; + ▸ provide the argument --location on the command line; + ▸ set the property composer/location. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + These variants are also available: + + $ gcloud alpha composer environments user-workloads-config-maps list + + $ gcloud beta composer environments user-workloads-config-maps list + diff --git a/gcloud/composer/environments/user-workloads-config-maps/update b/gcloud/composer/environments/user-workloads-config-maps/update new file mode 100644 index 000000000..76a5829f4 --- /dev/null +++ b/gcloud/composer/environments/user-workloads-config-maps/update @@ -0,0 +1,72 @@ +NAME + gcloud composer environments user-workloads-config-maps update - update a + user workloads ConfigMap + +SYNOPSIS + gcloud composer environments user-workloads-config-maps update + --config-map-file-path=CONFIG_MAP_FILE_PATH + (--environment=ENVIRONMENT : --location=LOCATION) + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Update a user workloads ConfigMap. + +EXAMPLES + To update a user workloads ConfigMap of the environment named env-1, run: + + $ gcloud composer environments user-workloads-config-maps update \ + --environment=env-1 --config-map-file-path=config_map.yaml + +REQUIRED FLAGS + --config-map-file-path=CONFIG_MAP_FILE_PATH + Path to a local file with a single Kubernetes ConfigMap in YAML format. + + Environment resource - The environment where the user workloads ConfigMap + must be updated. The arguments in this group can be used to specify the + attributes of this resource. (NOTE) Some attributes are not given + arguments in this group but can be set in other ways. + + To set the project attribute: + ◆ provide the argument --environment on the command line with a fully + specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + --environment=ENVIRONMENT + ID of the environment or fully qualified identifier for the + environment. + + To set the environment attribute: + ▸ provide the argument --environment on the command line. + + This flag argument must be specified if any of the other arguments in + this group are specified. + + --location=LOCATION + Region where Composer environment runs or in which to create the + environment. + + To set the location attribute: + ▸ provide the argument --environment on the command line with a + fully specified name; + ▸ provide the argument --location on the command line; + ▸ set the property composer/location. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + These variants are also available: + + $ gcloud alpha composer environments user-workloads-config-maps \ + update + + $ gcloud beta composer environments user-workloads-config-maps update + diff --git a/gcloud/composer/environments/user-workloads-secrets/create b/gcloud/composer/environments/user-workloads-secrets/create new file mode 100644 index 000000000..b98ccff5c --- /dev/null +++ b/gcloud/composer/environments/user-workloads-secrets/create @@ -0,0 +1,71 @@ +NAME + gcloud composer environments user-workloads-secrets create - create a user + workloads Secret + +SYNOPSIS + gcloud composer environments user-workloads-secrets create + --secret-file-path=SECRET_FILE_PATH + (--environment=ENVIRONMENT : --location=LOCATION) + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Create a user workloads Secret. + +EXAMPLES + To create a user workloads Secret of the environment named env-1, run: + + $ gcloud composer environments user-workloads-secrets create \ + --environment=env-1 --secret-file-path=secret.yaml + +REQUIRED FLAGS + --secret-file-path=SECRET_FILE_PATH + Path to a local file with a single Kubernetes Secret in YAML format. + + Environment resource - The environment where the user workloads Secret + must be created. The arguments in this group can be used to specify the + attributes of this resource. (NOTE) Some attributes are not given + arguments in this group but can be set in other ways. + + To set the project attribute: + ◆ provide the argument --environment on the command line with a fully + specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + --environment=ENVIRONMENT + ID of the environment or fully qualified identifier for the + environment. + + To set the environment attribute: + ▸ provide the argument --environment on the command line. + + This flag argument must be specified if any of the other arguments in + this group are specified. + + --location=LOCATION + Region where Composer environment runs or in which to create the + environment. + + To set the location attribute: + ▸ provide the argument --environment on the command line with a + fully specified name; + ▸ provide the argument --location on the command line; + ▸ set the property composer/location. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + These variants are also available: + + $ gcloud alpha composer environments user-workloads-secrets create + + $ gcloud beta composer environments user-workloads-secrets create + diff --git a/gcloud/composer/environments/user-workloads-secrets/delete b/gcloud/composer/environments/user-workloads-secrets/delete new file mode 100644 index 000000000..cb26cee90 --- /dev/null +++ b/gcloud/composer/environments/user-workloads-secrets/delete @@ -0,0 +1,71 @@ +NAME + gcloud composer environments user-workloads-secrets delete - delete a user + workloads Secret + +SYNOPSIS + gcloud composer environments user-workloads-secrets delete [SECRET_NAME] + (--environment=ENVIRONMENT : --location=LOCATION) + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Delete a user workloads Secret. + +EXAMPLES + To delete a user workloads Secret of the environment named env-1, run: + + $ gcloud composer environments user-workloads-secrets delete \ + secret-1 --environment=env-1 + +POSITIONAL ARGUMENTS + [SECRET_NAME] + Name of the Secret. + +REQUIRED FLAGS + Environment resource - The environment of the secret. The arguments in + this group can be used to specify the attributes of this resource. (NOTE) + Some attributes are not given arguments in this group but can be set in + other ways. + + To set the project attribute: + ◆ provide the argument --environment on the command line with a fully + specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + --environment=ENVIRONMENT + ID of the environment or fully qualified identifier for the + environment. + + To set the environment attribute: + ▸ provide the argument --environment on the command line. + + This flag argument must be specified if any of the other arguments in + this group are specified. + + --location=LOCATION + Region where Composer environment runs or in which to create the + environment. + + To set the location attribute: + ▸ provide the argument --environment on the command line with a + fully specified name; + ▸ provide the argument --location on the command line; + ▸ set the property composer/location. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + These variants are also available: + + $ gcloud alpha composer environments user-workloads-secrets delete + + $ gcloud beta composer environments user-workloads-secrets delete + diff --git a/gcloud/composer/environments/user-workloads-secrets/describe b/gcloud/composer/environments/user-workloads-secrets/describe new file mode 100644 index 000000000..60122b35a --- /dev/null +++ b/gcloud/composer/environments/user-workloads-secrets/describe @@ -0,0 +1,72 @@ +NAME + gcloud composer environments user-workloads-secrets describe - get details + about a user workloads Secret + +SYNOPSIS + gcloud composer environments user-workloads-secrets describe [SECRET_NAME] + (--environment=ENVIRONMENT : --location=LOCATION) + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Get details about a user workloads Secret. + +EXAMPLES + To get details about a user workloads Secret of the environment named + env-1, run: + + $ gcloud composer environments user-workloads-secrets describe \ + secret-1 --environment=env-1 + +POSITIONAL ARGUMENTS + [SECRET_NAME] + Name of the Secret. + +REQUIRED FLAGS + Environment resource - The environment of the secret. The arguments in + this group can be used to specify the attributes of this resource. (NOTE) + Some attributes are not given arguments in this group but can be set in + other ways. + + To set the project attribute: + ◆ provide the argument --environment on the command line with a fully + specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + --environment=ENVIRONMENT + ID of the environment or fully qualified identifier for the + environment. + + To set the environment attribute: + ▸ provide the argument --environment on the command line. + + This flag argument must be specified if any of the other arguments in + this group are specified. + + --location=LOCATION + Region where Composer environment runs or in which to create the + environment. + + To set the location attribute: + ▸ provide the argument --environment on the command line with a + fully specified name; + ▸ provide the argument --location on the command line; + ▸ set the property composer/location. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + These variants are also available: + + $ gcloud alpha composer environments user-workloads-secrets describe + + $ gcloud beta composer environments user-workloads-secrets describe + diff --git a/gcloud/composer/environments/user-workloads-secrets/help b/gcloud/composer/environments/user-workloads-secrets/help new file mode 100644 index 000000000..ab2659680 --- /dev/null +++ b/gcloud/composer/environments/user-workloads-secrets/help @@ -0,0 +1,42 @@ +NAME + gcloud composer environments user-workloads-secrets - create and manage + user workloads Secrets of environment + +SYNOPSIS + gcloud composer environments user-workloads-secrets COMMAND + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + The gcloud composer environments user-workloads-secrets command group + manages user workloads Secrets of Cloud Composer environments. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --help. + + Run $ gcloud help for details. + +COMMANDS + COMMAND is one of the following: + + create + Create a user workloads Secret. + + delete + Delete a user workloads Secret. + + describe + Get details about a user workloads Secret. + + list + List user workloads Secrets. + + update + Update a user workloads Secret. + +NOTES + These variants are also available: + + $ gcloud alpha composer environments user-workloads-secrets + + $ gcloud beta composer environments user-workloads-secrets + diff --git a/gcloud/composer/environments/user-workloads-secrets/list b/gcloud/composer/environments/user-workloads-secrets/list new file mode 100644 index 000000000..63cc1952c --- /dev/null +++ b/gcloud/composer/environments/user-workloads-secrets/list @@ -0,0 +1,67 @@ +NAME + gcloud composer environments user-workloads-secrets list - list user + workloads Secrets + +SYNOPSIS + gcloud composer environments user-workloads-secrets list + (--environment=ENVIRONMENT : --location=LOCATION) + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + List user workloads Secrets. + +EXAMPLES + To list user workloads Secrets of the environment named env-1, run: + + $ gcloud composer environments user-workloads-secrets list \ + --environment=env-1 + +REQUIRED FLAGS + Environment resource - The environment to list user workloads Secrets. The + arguments in this group can be used to specify the attributes of this + resource. (NOTE) Some attributes are not given arguments in this group but + can be set in other ways. + + To set the project attribute: + ◆ provide the argument --environment on the command line with a fully + specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + --environment=ENVIRONMENT + ID of the environment or fully qualified identifier for the + environment. + + To set the environment attribute: + ▸ provide the argument --environment on the command line. + + This flag argument must be specified if any of the other arguments in + this group are specified. + + --location=LOCATION + Region where Composer environment runs or in which to create the + environment. + + To set the location attribute: + ▸ provide the argument --environment on the command line with a + fully specified name; + ▸ provide the argument --location on the command line; + ▸ set the property composer/location. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + These variants are also available: + + $ gcloud alpha composer environments user-workloads-secrets list + + $ gcloud beta composer environments user-workloads-secrets list + diff --git a/gcloud/composer/environments/user-workloads-secrets/update b/gcloud/composer/environments/user-workloads-secrets/update new file mode 100644 index 000000000..4dbcb6aed --- /dev/null +++ b/gcloud/composer/environments/user-workloads-secrets/update @@ -0,0 +1,71 @@ +NAME + gcloud composer environments user-workloads-secrets update - update a user + workloads Secret + +SYNOPSIS + gcloud composer environments user-workloads-secrets update + --secret-file-path=SECRET_FILE_PATH + (--environment=ENVIRONMENT : --location=LOCATION) + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Update a user workloads Secret. + +EXAMPLES + To update a user workloads Secret of the environment named env-1, run: + + $ gcloud composer environments user-workloads-secrets update \ + --environment=env-1 --secret-file-path=secret.yaml + +REQUIRED FLAGS + --secret-file-path=SECRET_FILE_PATH + Path to a local file with a single Kubernetes Secret in YAML format. + + Environment resource - The environment where the user workloads Secret + must be updated. The arguments in this group can be used to specify the + attributes of this resource. (NOTE) Some attributes are not given + arguments in this group but can be set in other ways. + + To set the project attribute: + ◆ provide the argument --environment on the command line with a fully + specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + --environment=ENVIRONMENT + ID of the environment or fully qualified identifier for the + environment. + + To set the environment attribute: + ▸ provide the argument --environment on the command line. + + This flag argument must be specified if any of the other arguments in + this group are specified. + + --location=LOCATION + Region where Composer environment runs or in which to create the + environment. + + To set the location attribute: + ▸ provide the argument --environment on the command line with a + fully specified name; + ▸ provide the argument --location on the command line; + ▸ set the property composer/location. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + These variants are also available: + + $ gcloud alpha composer environments user-workloads-secrets update + + $ gcloud beta composer environments user-workloads-secrets update + diff --git a/gcloud/compute/commitments/create b/gcloud/compute/commitments/create index 35a2d8131..6aac066d4 100644 --- a/gcloud/compute/commitments/create +++ b/gcloud/compute/commitments/create @@ -108,7 +108,9 @@ OPTIONAL FLAGS general-purpose-c4, general-purpose-c4a, general-purpose-e2, general-purpose-n2, general-purpose-n2d, general-purpose-n4, general-purpose-t2d, graphics-optimized, memory-optimized, - memory-optimized-m3, storage-optimized-z3. + memory-optimized-m3, memory-optimized-x4-16tb, + memory-optimized-x4-24tb, memory-optimized-x4-32tb, + storage-optimized-z3. Manage the reservations to be created with the commitment. diff --git a/gcloud/compute/instance-groups/managed/resize-requests/create b/gcloud/compute/instance-groups/managed/resize-requests/create index 2d3335e88..36efca7ec 100644 --- a/gcloud/compute/instance-groups/managed/resize-requests/create +++ b/gcloud/compute/instance-groups/managed/resize-requests/create @@ -4,9 +4,10 @@ NAME SYNOPSIS gcloud compute instance-groups managed resize-requests create - INSTANCE_GROUP_MANAGER --requested-run-duration=REQUESTED_RUN_DURATION - --resize-by=RESIZE_BY --resize-request=RESIZE_REQUEST_NAME - [--zone=ZONE] [GCLOUD_WIDE_FLAG ...] + INSTANCE_GROUP_MANAGER --resize-by=RESIZE_BY + --resize-request=RESIZE_REQUEST_NAME + [--requested-run-duration=REQUESTED_RUN_DURATION] [--zone=ZONE] + [GCLOUD_WIDE_FLAG ...] DESCRIPTION Create a Compute Engine managed instance group resize request. @@ -24,6 +25,13 @@ POSITIONAL ARGUMENTS Name of the managed instance group to operate on. REQUIRED FLAGS + --resize-by=RESIZE_BY + The number of VMs to resize managed instance group by. + + --resize-request=RESIZE_REQUEST_NAME + The name of the resize request to create. + +OPTIONAL FLAGS --requested-run-duration=REQUESTED_RUN_DURATION The time you need the requested VMs to run before being automatically deleted. The value must be formatted as the number of days, hours, @@ -32,13 +40,9 @@ REQUIRED FLAGS day, 2 hours, 3 minutes, and 4 seconds. The value must be between 10m (10 minutes) and 7d (7 days). - --resize-by=RESIZE_BY - The number of VMs to resize managed instance group by. + If you want the managed instance group to consume a reservation, then + this flag is optional. Otherwise, it's required. - --resize-request=RESIZE_REQUEST_NAME - The name of the resize request to create. - -OPTIONAL FLAGS --zone=ZONE Zone of the managed instance group to operate on. If not specified and the compute/zone property isn't set, you might be prompted to select a diff --git a/gcloud/compute/network-endpoint-groups/create b/gcloud/compute/network-endpoint-groups/create index 3712aca7b..cc6e3950b 100644 --- a/gcloud/compute/network-endpoint-groups/create +++ b/gcloud/compute/network-endpoint-groups/create @@ -53,7 +53,7 @@ FLAGS This is only supported for NEGs with endpoint type gce-vm-ip-port, non-gcp-private-ip-port, gce-vm-ip, private-service-connect, - internet-ip-port, or internet-fqdn-port. + internet-ip-port, internet-fqdn-port, or gce-vm-ip-portmap. For Private Service Connect NEGs, you can optionally specify --network and --subnet if --psc-target-service points to a published service. If @@ -108,9 +108,15 @@ FLAGS optional. If unspecified, the primary NIC address is used. A port must not be specified. + gce-vm-ip-portmap + Endpoint IP address must be a primary IP of a VM's network + interface in Compute Engine. The --default-port must be specified + or every network endpoint in the network endpoint group must have a + port specified. + NETWORK_ENDPOINT_TYPE must be one of: gce-vm-ip-port, internet-ip-port, internet-fqdn-port, non-gcp-private-ip-port, - serverless, gce-vm-ip, private-service-connect. + serverless, gce-vm-ip, private-service-connect, gce-vm-ip-portmap. --producer-port=PRODUCER_PORT The producer port to use when a consumer PSC NEG connects to a @@ -134,9 +140,9 @@ FLAGS region where the network endpoint group is created. This is only supported for NEGs with endpoint type gce-vm-ip-port, - gce-vm-ip, or private-service-connect. For Private Service Connect - NEGs, you can optionally specify --network and --subnet if - --psc-target-service points to a published service. If + gce-vm-ip, private-service-connect, or gce-vm-ip-portmap. For Private + Service Connect NEGs, you can optionally specify --network and --subnet + if --psc-target-service points to a published service. If --psc-target-service points to the regional service endpoint of a Google API, do not specify --network or --subnet. diff --git a/gcloud/compute/network-endpoint-groups/update b/gcloud/compute/network-endpoint-groups/update index 929314c65..ec5707eed 100644 --- a/gcloud/compute/network-endpoint-groups/update +++ b/gcloud/compute/network-endpoint-groups/update @@ -4,10 +4,10 @@ NAME SYNOPSIS gcloud compute network-endpoint-groups update NAME - (--add-endpoint=[fqdn=FQDN], - [instance=INSTANCE],[ip=IP],[ipv6=IPV6],[port=PORT] - | --remove-endpoint=[fqdn=FQDN], - [instance=INSTANCE],[ip=IP],[ipv6=IPV6],[port=PORT]) + (--add-endpoint=[client-destination-port=CLIENT-DESTINATION-PORT], + [fqdn=FQDN],[instance=INSTANCE],[ip=IP],[ipv6=IPV6],[port=PORT] + | --remove-endpoint=[client-destination-port=CLIENT-DESTINATION-PORT], + [fqdn=FQDN],[instance=INSTANCE],[ip=IP],[ipv6=IPV6],[port=PORT]) [--global | --region=REGION | --zone=ZONE] [GCLOUD_WIDE_FLAG ...] DESCRIPTION @@ -38,7 +38,7 @@ REQUIRED FLAGS Exactly one of these must be specified: - --add-endpoint=[fqdn=FQDN],[instance=INSTANCE],[ip=IP],[ipv6=IPV6],[port=PORT] + --add-endpoint=[client-destination-port=CLIENT-DESTINATION-PORT],[fqdn=FQDN],[instance=INSTANCE],[ip=IP],[ipv6=IPV6],[port=PORT] The network endpoint to add to the network endpoint group. Keys used depend on the endpoint type of the NEG. @@ -65,6 +65,9 @@ REQUIRED FLAGS *port* - Required endpoint port unless NEG default port is set. + *client-destination-port* - Required endpoint client destination port only for the port + mapping NEG. + internet-ip-port *ip* - Required IPv4 address of the endpoint to attach. Must be @@ -112,7 +115,7 @@ REQUIRED FLAGS IP address must be the VM's network interface address. If not specified, the primary NIC address is used. - --remove-endpoint=[fqdn=FQDN],[instance=INSTANCE],[ip=IP],[ipv6=IPV6],[port=PORT] + --remove-endpoint=[client-destination-port=CLIENT-DESTINATION-PORT],[fqdn=FQDN],[instance=INSTANCE],[ip=IP],[ipv6=IPV6],[port=PORT] The network endpoint to detach from the network endpoint group. Keys used depend on the endpoint type of the NEG. @@ -130,6 +133,8 @@ REQUIRED FLAGS *port* - Optional port of the network endpoint to detach. + *client-destination-port* - Optional client destination port, only for port mapping NEGs. + internet-ip-port *ip* - Required IPv4 address of the network endpoint to detach. diff --git a/gcloud/compute/networks/create b/gcloud/compute/networks/create index 442251db0..f4bb41b1a 100644 --- a/gcloud/compute/networks/create +++ b/gcloud/compute/networks/create @@ -7,7 +7,11 @@ SYNOPSIS [--description=DESCRIPTION] [--[no-]enable-ula-internal-ipv6] [--internal-ipv6-range=INTERNAL_IPV6_RANGE] [--mtu=MTU] [--network-firewall-policy-enforcement-order=NETWORK_FIREWALL_POLICY_ENFORCEMENT_ORDER] - [--range=RANGE] [--subnet-mode=MODE] [GCLOUD_WIDE_FLAG ...] + [--range=RANGE] [--subnet-mode=MODE] + [--bgp-best-path-selection-mode=BGP_BEST_PATH_SELECTION_MODE + --[no-]bgp-bps-always-compare-med + --bgp-bps-inter-region-cost=BGP_BPS_INTER_REGION_COST] + [GCLOUD_WIDE_FLAG ...] DESCRIPTION gcloud compute networks create is used to create virtual networks. A @@ -109,6 +113,47 @@ FLAGS [Deprecated] Create an old style network that has a range and cannot have subnets. This is not recommended for new networks. + BGP Best Path Selection flags + + --bgp-best-path-selection-mode=BGP_BEST_PATH_SELECTION_MODE + The BGP best path selection algorithm to be employed. + BGP_BEST_PATH_SELECTION_MODE must be one of: + + LEGACY + Dynamic routes are ranked based on the multiple + exit-discriminator (MED) BGP attribute. When global routing is + enabled, the MED of the routes received from other regions is the + original MED plus the region-to-region cost. + STANDARD + Dynamic routes are ranked based on AS Path, Origin, Neighbor ASN + and MED BGP attributes. When global routing is enabled, + region-to-region cost is used as a tiebreaker. This mode offers + customizations to fine-tune BGP best path routing with additional + flags like --bgp-bps-always-compare-med and + --bgp-bps-inter-region-cost + + --[no-]bgp-bps-always-compare-med + Enables/disables the comparison of MED across routes with different + Neighbor ASNs. This value can only be set if the + --bgp-best-path-selection-mode is STANDARD. Use + --bgp-bps-always-compare-med to enable and + --no-bgp-bps-always-compare-med to disable. + + --bgp-bps-inter-region-cost=BGP_BPS_INTER_REGION_COST + Defines the preferred approach for handling inter-region cost in the + selection process. This value can only be set if the + --bgp-best-path-selection-mode is STANDARD. BGP_BPS_INTER_REGION_COST + must be one of: + + ADD_COST_TO_MED + Adds inter-region cost to the MED before comparing the MED value. + When multiple routes have the same value after the + Add-cost-to-med comparison, the route selection continues and + prefers the route with lowest cost. + DEFAULT + MED is compared as originally received from peers. When multiple + routes have the same MED, cost is evaluated as the next step. + GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, diff --git a/gcloud/compute/networks/subnets/create b/gcloud/compute/networks/subnets/create index 54f9cb7ed..96868374c 100644 --- a/gcloud/compute/networks/subnets/create +++ b/gcloud/compute/networks/subnets/create @@ -105,6 +105,8 @@ OPTIONAL FLAGS Reserved for Global Envoy-based Load Balancing. INTERNAL_HTTPS_LOAD_BALANCER Reserved for Internal HTTP(S) Load Balancing. + PEER_MIGRATION + Reserved for subnet migration between peered VPCs. PRIVATE Regular user created or automatically created subnet. PRIVATE_NAT diff --git a/gcloud/compute/networks/update b/gcloud/compute/networks/update index b0fcb4c83..79247948b 100644 --- a/gcloud/compute/networks/update +++ b/gcloud/compute/networks/update @@ -6,6 +6,9 @@ SYNOPSIS [--[no-]enable-ula-internal-ipv6] [--internal-ipv6-range=INTERNAL_IPV6_RANGE] [--mtu=MTU] [--network-firewall-policy-enforcement-order=NETWORK_FIREWALL_POLICY_ENFORCEMENT_ORDER] + [--bgp-best-path-selection-mode=BGP_BEST_PATH_SELECTION_MODE + --[no-]bgp-bps-always-compare-med + --bgp-bps-inter-region-cost=BGP_BPS_INTER_REGION_COST] [--bgp-routing-mode=MODE | --switch-to-custom-subnet-mode] [GCLOUD_WIDE_FLAG ...] @@ -65,6 +68,47 @@ FLAGS BEFORE_CLASSIC_FIREWALL Network Firewall Policy is enforced before classic firewall. + BGP Best Path Selection flags + + --bgp-best-path-selection-mode=BGP_BEST_PATH_SELECTION_MODE + The BGP best path selection algorithm to be employed. + BGP_BEST_PATH_SELECTION_MODE must be one of: + + LEGACY + Dynamic routes are ranked based on the multiple + exit-discriminator (MED) BGP attribute. When global routing is + enabled, the MED of the routes received from other regions is the + original MED plus the region-to-region cost. + STANDARD + Dynamic routes are ranked based on AS Path, Origin, Neighbor ASN + and MED BGP attributes. When global routing is enabled, + region-to-region cost is used as a tiebreaker. This mode offers + customizations to fine-tune BGP best path routing with additional + flags like --bgp-bps-always-compare-med and + --bgp-bps-inter-region-cost + + --[no-]bgp-bps-always-compare-med + Enables/disables the comparison of MED across routes with different + Neighbor ASNs. This value can only be set if the + --bgp-best-path-selection-mode is STANDARD. Use + --bgp-bps-always-compare-med to enable and + --no-bgp-bps-always-compare-med to disable. + + --bgp-bps-inter-region-cost=BGP_BPS_INTER_REGION_COST + Defines the preferred approach for handling inter-region cost in the + selection process. This value can only be set if the + --bgp-best-path-selection-mode is STANDARD. BGP_BPS_INTER_REGION_COST + must be one of: + + ADD_COST_TO_MED + Adds inter-region cost to the MED before comparing the MED value. + When multiple routes have the same value after the + Add-cost-to-med comparison, the route selection continues and + prefers the route with lowest cost. + DEFAULT + MED is compared as originally received from peers. When multiple + routes have the same MED, cost is evaluated as the next step. + At most one of these can be specified: --bgp-routing-mode=MODE diff --git a/gcloud/config/get b/gcloud/config/get index 956e8448e..6fdce94c3 100644 --- a/gcloud/config/get +++ b/gcloud/config/get @@ -346,6 +346,10 @@ AVAILABLE PROPERTIES Overrides API endpoint for gcloud deployment-manager command group. Defaults to https://deploymentmanager.googleapis.com/ + developerconnect + Overrides API endpoint for gcloud developer-connect command group. + Defaults to https://developerconnect.googleapis.com/ + dns Overrides API endpoint for gcloud dns command group. Defaults to https://dns.googleapis.com/dns/v1/ diff --git a/gcloud/config/help b/gcloud/config/help index 33d917f03..f780b7a55 100644 --- a/gcloud/config/help +++ b/gcloud/config/help @@ -378,6 +378,10 @@ AVAILABLE PROPERTIES Overrides API endpoint for gcloud deployment-manager command group. Defaults to https://deploymentmanager.googleapis.com/ + developerconnect + Overrides API endpoint for gcloud developer-connect command group. + Defaults to https://developerconnect.googleapis.com/ + dns Overrides API endpoint for gcloud dns command group. Defaults to https://dns.googleapis.com/dns/v1/ diff --git a/gcloud/config/list b/gcloud/config/list index 3d6f5a703..6c11a5e7f 100644 --- a/gcloud/config/list +++ b/gcloud/config/list @@ -390,6 +390,10 @@ AVAILABLE PROPERTIES Overrides API endpoint for gcloud deployment-manager command group. Defaults to https://deploymentmanager.googleapis.com/ + developerconnect + Overrides API endpoint for gcloud developer-connect command group. + Defaults to https://developerconnect.googleapis.com/ + dns Overrides API endpoint for gcloud dns command group. Defaults to https://dns.googleapis.com/dns/v1/ diff --git a/gcloud/config/set b/gcloud/config/set index f30e1215e..fb78658a6 100644 --- a/gcloud/config/set +++ b/gcloud/config/set @@ -393,6 +393,10 @@ AVAILABLE PROPERTIES Overrides API endpoint for gcloud deployment-manager command group. Defaults to https://deploymentmanager.googleapis.com/ + developerconnect + Overrides API endpoint for gcloud developer-connect command group. + Defaults to https://developerconnect.googleapis.com/ + dns Overrides API endpoint for gcloud dns command group. Defaults to https://dns.googleapis.com/dns/v1/ diff --git a/gcloud/config/unset b/gcloud/config/unset index b2c7fb6ad..04df149f9 100644 --- a/gcloud/config/unset +++ b/gcloud/config/unset @@ -354,6 +354,10 @@ AVAILABLE PROPERTIES Overrides API endpoint for gcloud deployment-manager command group. Defaults to https://deploymentmanager.googleapis.com/ + developerconnect + Overrides API endpoint for gcloud developer-connect command group. + Defaults to https://developerconnect.googleapis.com/ + dns Overrides API endpoint for gcloud dns command group. Defaults to https://dns.googleapis.com/dns/v1/ diff --git a/gcloud/container/clusters/create b/gcloud/container/clusters/create index d601b9518..b89633c13 100644 --- a/gcloud/container/clusters/create +++ b/gcloud/container/clusters/create @@ -77,10 +77,17 @@ SYNOPSIS [--tier=TIER] [--workload-metadata=WORKLOAD_METADATA] [--workload-pool=WORKLOAD_POOL] [--workload-vulnerability-scanning=WORKLOAD_VULNERABILITY_SCANNING] + [--aggregation-ca=CA_POOL_PATH --cluster-ca=CA_POOL_PATH + --control-plane-disk-encryption-key=KEY --etcd-api-ca=CA_POOL_PATH + --etcd-peer-ca=CA_POOL_PATH --gkeops-etcd-backup-encryption-key=KEY + --service-account-signing-keys=KEY_VERSION,[KEY_VERSION,...] + --service-account-verification-keys=KEY_VERSION,[KEY_VERSION,...]] [--binauthz-evaluation-mode=BINAUTHZ_EVALUATION_MODE | --enable-binauthz] [--cluster-dns=CLUSTER_DNS --cluster-dns-domain=CLUSTER_DNS_DOMAIN - --cluster-dns-scope=CLUSTER_DNS_SCOPE] + --cluster-dns-scope=CLUSTER_DNS_SCOPE + --additive-vpc-scope-dns-domain=ADDITIVE_VPC_SCOPE_DNS_DOMAIN + | --disable-additive-vpc-scope] [--dataplane-v2-observability-mode=DATAPLANE_V2_OBSERVABILITY_MODE | --disable-dataplane-v2-flow-observability | --enable-dataplane-v2-flow-observability] @@ -1349,6 +1356,40 @@ FLAGS WORKLOAD_VULNERABILITY_SCANNING must be one of: disabled, standard, enterprise. + Control Plane Keys + + --aggregation-ca=CA_POOL_PATH + The Certificate Authority Service caPool that will back the + aggregation CA + + --cluster-ca=CA_POOL_PATH + The Certificate Authority Service caPool that will back the cluster + CA + + --control-plane-disk-encryption-key=KEY + The Cloud KMS symmetric encryption cryptoKey that will be used to + encrypt the control plane disks + + --etcd-api-ca=CA_POOL_PATH + The Certificate Authority Service caPool that will back the etcd API + CA + + --etcd-peer-ca=CA_POOL_PATH + The Certificate Authority Service caPool that will back the etcd peer + CA + + --gkeops-etcd-backup-encryption-key=KEY + The Cloud KMS symmetric encryption cryptoKey that will be used to + encrypt the disaster recovery etcd backups for the cluster + + --service-account-signing-keys=KEY_VERSION,[KEY_VERSION,...] + A Cloud KMS asymmetric signing cryptoKeyVersion that will be used to + sign service account tokens + + --service-account-verification-keys=KEY_VERSION,[KEY_VERSION,...] + A Cloud KMS asymmetric signing cryptoKeyVersion that will be used to + verify service account tokens. Maybe specified multiple times. + Flags for Binary Authorization: At most one of these can be specified: @@ -1393,6 +1434,15 @@ FLAGS vpc Configures the Cloud DNS zone to be private to the VPC Network. + At most one of these can be specified: + + --additive-vpc-scope-dns-domain=ADDITIVE_VPC_SCOPE_DNS_DOMAIN + The domain used in Additive VPC scope. Only works with Cluster + Scope. + + --disable-additive-vpc-scope + Disables Additive VPC Scope. + At most one of these can be specified: --dataplane-v2-observability-mode=DATAPLANE_V2_OBSERVABILITY_MODE diff --git a/gcloud/container/clusters/create-auto b/gcloud/container/clusters/create-auto index d403d2d57..0b64d26fb 100644 --- a/gcloud/container/clusters/create-auto +++ b/gcloud/container/clusters/create-auto @@ -30,6 +30,13 @@ SYNOPSIS [--services-secondary-range-name=NAME] [--subnetwork=SUBNETWORK] [--tier=TIER] [--workload-policies=WORKLOAD_POLICIES] [--workload-vulnerability-scanning=WORKLOAD_VULNERABILITY_SCANNING] + [--additive-vpc-scope-dns-domain=ADDITIVE_VPC_SCOPE_DNS_DOMAIN + | --disable-additive-vpc-scope] + [--aggregation-ca=CA_POOL_PATH --cluster-ca=CA_POOL_PATH + --control-plane-disk-encryption-key=KEY --etcd-api-ca=CA_POOL_PATH + --etcd-peer-ca=CA_POOL_PATH --gkeops-etcd-backup-encryption-key=KEY + --service-account-signing-keys=KEY_VERSION,[KEY_VERSION,...] + --service-account-verification-keys=KEY_VERSION,[KEY_VERSION,...]] [--dataplane-v2-observability-mode=DATAPLANE_V2_OBSERVABILITY_MODE | --disable-dataplane-v2-flow-observability | --enable-dataplane-v2-flow-observability] @@ -478,6 +485,48 @@ FLAGS WORKLOAD_VULNERABILITY_SCANNING must be one of: disabled, standard, enterprise. + At most one of these can be specified: + + --additive-vpc-scope-dns-domain=ADDITIVE_VPC_SCOPE_DNS_DOMAIN + The domain used in Additive VPC scope. Only works with Cluster Scope. + + --disable-additive-vpc-scope + Disables Additive VPC Scope. + + Control Plane Keys + + --aggregation-ca=CA_POOL_PATH + The Certificate Authority Service caPool that will back the + aggregation CA + + --cluster-ca=CA_POOL_PATH + The Certificate Authority Service caPool that will back the cluster + CA + + --control-plane-disk-encryption-key=KEY + The Cloud KMS symmetric encryption cryptoKey that will be used to + encrypt the control plane disks + + --etcd-api-ca=CA_POOL_PATH + The Certificate Authority Service caPool that will back the etcd API + CA + + --etcd-peer-ca=CA_POOL_PATH + The Certificate Authority Service caPool that will back the etcd peer + CA + + --gkeops-etcd-backup-encryption-key=KEY + The Cloud KMS symmetric encryption cryptoKey that will be used to + encrypt the disaster recovery etcd backups for the cluster + + --service-account-signing-keys=KEY_VERSION,[KEY_VERSION,...] + A Cloud KMS asymmetric signing cryptoKeyVersion that will be used to + sign service account tokens + + --service-account-verification-keys=KEY_VERSION,[KEY_VERSION,...] + A Cloud KMS asymmetric signing cryptoKeyVersion that will be used to + verify service account tokens. Maybe specified multiple times. + At most one of these can be specified: --dataplane-v2-observability-mode=DATAPLANE_V2_OBSERVABILITY_MODE diff --git a/gcloud/container/clusters/update b/gcloud/container/clusters/update index 1e1882ddb..ca24c26fb 100644 --- a/gcloud/container/clusters/update +++ b/gcloud/container/clusters/update @@ -66,6 +66,8 @@ SYNOPSIS --resource-usage-bigquery-dataset=RESOURCE_USAGE_BIGQUERY_DATASET | --cluster-dns=CLUSTER_DNS --cluster-dns-domain=CLUSTER_DNS_DOMAIN --cluster-dns-scope=CLUSTER_DNS_SCOPE + --additive-vpc-scope-dns-domain=ADDITIVE_VPC_SCOPE_DNS_DOMAIN + | --disable-additive-vpc-scope | --dataplane-v2-observability-mode=DATAPLANE_V2_OBSERVABILITY_MODE | --disable-dataplane-v2-flow-observability | --enable-dataplane-v2-flow-observability @@ -1015,6 +1017,15 @@ REQUIRED FLAGS vpc Configures the Cloud DNS zone to be private to the VPC Network. + At most one of these can be specified: + + --additive-vpc-scope-dns-domain=ADDITIVE_VPC_SCOPE_DNS_DOMAIN + The domain used in Additive VPC scope. Only works with Cluster + Scope. + + --disable-additive-vpc-scope + Disables Additive VPC Scope. + At most one of these can be specified: --dataplane-v2-observability-mode=DATAPLANE_V2_OBSERVABILITY_MODE diff --git a/gcloud/container/vmware/admin-clusters/update b/gcloud/container/vmware/admin-clusters/update index 6e8889ac6..435892327 100644 --- a/gcloud/container/vmware/admin-clusters/update +++ b/gcloud/container/vmware/admin-clusters/update @@ -56,13 +56,14 @@ FLAGS complete. --required-platform-version=REQUIRED_PLATFORM_VERSION - Platform version required for upgrading a user cluster. If the current - platform version is lower than the required version, the platform - version will be updated to the required version. If it is not installed - in the platform, download the required version bundle. + Platform version required for upgrading an admin cluster or a user + cluster. If the current platform version is lower than the required + version, the platform version will be updated to the required version. + If it is not installed in the platform, download the required version + bundle. --version=VERSION - Anthos Cluster on VMware version for the user cluster resource + Anthos Cluster on VMware version for the cluster resource GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, diff --git a/gcloud/container/vmware/clusters/create b/gcloud/container/vmware/clusters/create index c0740bba8..a66437497 100644 --- a/gcloud/container/vmware/clusters/create +++ b/gcloud/container/vmware/clusters/create @@ -85,7 +85,7 @@ POSITIONAL ARGUMENTS REQUIRED FLAGS --version=VERSION - Anthos Cluster on VMware version for the user cluster resource + Anthos Cluster on VMware version for the cluster resource Admin cluster membership resource - membership of the admin cluster. Membership name is the same as the admin cluster name. diff --git a/gcloud/container/vmware/clusters/update b/gcloud/container/vmware/clusters/update index bbcb278a2..7b29bc78f 100644 --- a/gcloud/container/vmware/clusters/update +++ b/gcloud/container/vmware/clusters/update @@ -171,7 +171,7 @@ FLAGS operation. --version=VERSION - Anthos Cluster on VMware version for the user cluster resource + Anthos Cluster on VMware version for the cluster resource At most one of these can be specified: diff --git a/gcloud/container/vmware/clusters/upgrade b/gcloud/container/vmware/clusters/upgrade index d1fe5f1a9..4bde6731f 100644 --- a/gcloud/container/vmware/clusters/upgrade +++ b/gcloud/container/vmware/clusters/upgrade @@ -49,7 +49,7 @@ POSITIONAL ARGUMENTS REQUIRED FLAGS --version=VERSION - Anthos Cluster on VMware version for the user cluster resource + Anthos Cluster on VMware version for the cluster resource GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, diff --git a/gcloud/database-migration/migration-jobs/create b/gcloud/database-migration/migration-jobs/create index ea7f2e237..818f37b51 100644 --- a/gcloud/database-migration/migration-jobs/create +++ b/gcloud/database-migration/migration-jobs/create @@ -311,10 +311,13 @@ OPTIONAL FLAGS --sqlserver-encrypted-databases=SQLSERVER_ENCRYPTED_DATABASES A JSON/YAML file describing the encryption settings per database for - all encrytped databases. An example of a JSON request: [{ "database": - "db1", "encryptionOptions": { "certPath": "Path to certificate 1", - "pvkPath": "Path to certificate private key 1", "pvkPassword": - "Private key password 1" } }, { "database": "db2", + all encrytped databases. Note: Path to the Certificate (.cer) and + Private Key (.pvk) in Cloud Storage, should be in the form of + gs://bucketName/fileName. The instance must have write permissions to + the bucket and read access to the file. An example of a JSON request: + [{ "database": "db1", "encryptionOptions": { "certPath": "Path to + certificate 1", "pvkPath": "Path to certificate private key 1", + "pvkPassword": "Private key password 1" } }, { "database": "db2", "encryptionOptions": { "certPath": "Path to certificate 2", "pvkPath": "Path to certificate private key 2", "pvkPassword": "Private key password 2" } }] diff --git a/gcloud/database-migration/migration-jobs/update b/gcloud/database-migration/migration-jobs/update index 3f92a0e45..5f73f5f36 100644 --- a/gcloud/database-migration/migration-jobs/update +++ b/gcloud/database-migration/migration-jobs/update @@ -222,10 +222,13 @@ FLAGS --sqlserver-encrypted-databases=SQLSERVER_ENCRYPTED_DATABASES A JSON/YAML file describing the encryption settings per database for - all encrytped databases. An example of a JSON request: [{ "database": - "db1", "encryptionOptions": { "certPath": "Path to certificate 1", - "pvkPath": "Path to certificate private key 1", "pvkPassword": - "Private key password 1" } }, { "database": "db2", + all encrytped databases. Note: Path to the Certificate (.cer) and + Private Key (.pvk) in Cloud Storage, should be in the form of + gs://bucketName/fileName. The instance must have write permissions to + the bucket and read access to the file. An example of a JSON request: + [{ "database": "db1", "encryptionOptions": { "certPath": "Path to + certificate 1", "pvkPath": "Path to certificate private key 1", + "pvkPassword": "Private key password 1" } }, { "database": "db2", "encryptionOptions": { "certPath": "Path to certificate 2", "pvkPath": "Path to certificate private key 2", "pvkPassword": "Private key password 2" } }] diff --git a/gcloud/developer-connect/connections/create b/gcloud/developer-connect/connections/create new file mode 100644 index 000000000..1c2438454 --- /dev/null +++ b/gcloud/developer-connect/connections/create @@ -0,0 +1,868 @@ +NAME + gcloud developer-connect connections create - create a connection resource + +SYNOPSIS + gcloud developer-connect connections create CONNECTION + [--annotations=[ANNOTATIONS,...]] [--async] [--disabled] [--etag=ETAG] + [--labels=[LABELS,...]] [--location=LOCATION] [--namespace=NAMESPACE] + [--request-id=REQUEST_ID] [--secret=SECRET] [--validate-only] + [--bitbucket-cloud-config-authorizer-credential-user-token-secret-version=BITBUCKET_CLOUD_CONFIG_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION --bitbucket-cloud-config-read-authorizer-credential-user-token-secret-version=BITBUCKET_CLOUD_CONFIG_READ_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION --bitbucket-cloud-config-webhook-secret-version=BITBUCKET_CLOUD_CONFIG_WEBHOOK_SECRET_VERSION --bitbucket-cloud-config-workspace=BITBUCKET_CLOUD_CONFIG_WORKSPACE | [--bitbucket-data-center-config-authorizer-credential-user-token-secret-version=BITBUCKET_DATA_CENTER_CONFIG_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION --bitbucket-data-center-config-host-uri=BITBUCKET_DATA_CENTER_CONFIG_HOST_URI --bitbucket-data-center-config-read-authorizer-credential-user-token-secret-version=BITBUCKET_DATA_CENTER_CONFIG_READ_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION --bitbucket-data-center-config-webhook-secret-version=BITBUCKET_DATA_CENTER_CONFIG_WEBHOOK_SECRET_VERSION : --bitbucket-data-center-config-service-directory=BITBUCKET_DATA_CENTER_CONFIG_SERVICE_DIRECTORY --bitbucket-data-center-config-ssl-ca-certificate=BITBUCKET_DATA_CENTER_CONFIG_SSL_CA_CERTIFICATE] | [--github-config-app=GITHUB_CONFIG_APP : --github-config-app-installation-id=GITHUB_CONFIG_APP_INSTALLATION_ID --github-config-authorizer-credential-oauth-token-secret-version=GITHUB_CONFIG_AUTHORIZER_CREDENTIAL_OAUTH_TOKEN_SECRET_VERSION] | [--github-enterprise-config-host-uri=GITHUB_ENTERPRISE_CONFIG_HOST_URI : --github-enterprise-config-app-id=GITHUB_ENTERPRISE_CONFIG_APP_ID --github-enterprise-config-app-installation-id=GITHUB_ENTERPRISE_CONFIG_APP_INSTALLATION_ID --github-enterprise-config-private-key-secret-version=GITHUB_ENTERPRISE_CONFIG_PRIVATE_KEY_SECRET_VERSION --github-enterprise-config-service-directory=GITHUB_ENTERPRISE_CONFIG_SERVICE_DIRECTORY --github-enterprise-config-ssl-ca-certificate=GITHUB_ENTERPRISE_CONFIG_SSL_CA_CERTIFICATE --github-enterprise-config-webhook-secret-version=GITHUB_ENTERPRISE_CONFIG_WEBHOOK_SECRET_VERSION] | --gitlab-config-authorizer-credential-user-token-secret-version=GITLAB_CONFIG_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION --gitlab-config-read-authorizer-credential-user-token-secret-version=GITLAB_CONFIG_READ_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION --gitlab-config-webhook-secret-version=GITLAB_CONFIG_WEBHOOK_SECRET_VERSION | [--gitlab-enterprise-config-authorizer-credential-user-token-secret-version=GITLAB_ENTERPRISE_CONFIG_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION --gitlab-enterprise-config-host-uri=GITLAB_ENTERPRISE_CONFIG_HOST_URI --gitlab-enterprise-config-read-authorizer-credential-user-token-secret-version=GITLAB_ENTERPRISE_CONFIG_READ_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION --gitlab-enterprise-config-webhook-secret-version=GITLAB_ENTERPRISE_CONFIG_WEBHOOK_SECRET_VERSION : --gitlab-enterprise-config-service-directory=GITLAB_ENTERPRISE_CONFIG_SERVICE_DIRECTORY --gitlab-enterprise-config-ssl-ca-certificate=GITLAB_ENTERPRISE_CONFIG_SSL_CA_CERTIFICATE]] + [(--crypto-key-config-reference=CRYPTO_KEY_CONFIG_REFERENCE + : --key-ring=KEY_RING)] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Create a connection resource. + +EXAMPLES + To create a GitHub connection named my-connection in us-central1 run: + + $ gcloud developer-connect connections create my-connection \ + --github-config-app=developer-connect \ + --github-config-authorizer-credential-oauth-token-secret-version\ + =projects/my-project/secrets/my-oauth-token/versions/1 \ + --github-config-app-installation-id=12345 --location=us-central1 + +POSITIONAL ARGUMENTS + Connection resource - Identifier. The resource name of the connection, in + the format + projects/{project}/locations/{location}/connections/{connection_id}. This + represents a Cloud resource. (NOTE) Some attributes are not given + arguments in this group but can be set in other ways. + + To set the project attribute: + ◆ provide the argument connection on the command line with a fully + specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + To set the location attribute: + ◆ provide the argument connection on the command line with a fully + specified name; + ◆ provide the argument --location on the command line. + + This must be specified. + + CONNECTION + ID of the connection or fully qualified identifier for the + connection. + + To set the connection attribute: + ▸ provide the argument connection on the command line. + +FLAGS + --annotations=[ANNOTATIONS,...] + Allows clients to store small amounts of arbitrary data. + + KEY + Sets KEY value. + + VALUE + Sets VALUE value. + + Shorthand Example: + + --annotations=string=string + + JSON Example: + + --annotations='{"string": "string"}' + + File Example: + + --annotations=path_to_file.(yaml|json) + + --async + Return immediately, without waiting for the operation in progress to + complete. + + --disabled + If disabled is set to true, functionality is disabled for this + connection. Repository based API methods and webhooks processing for + repositories in this connection will be disabled. + + --etag=ETAG + This checksum is computed by the server based on the value of other + fields, and may be sent on update and delete requests to ensure the + client has an up-to-date value before proceeding. + + --labels=[LABELS,...] + Labels as key value pairs. + + KEY + Keys must start with a lowercase character and contain only hyphens + (-), underscores (_), lowercase characters, and numbers. + + VALUE + Values must contain only hyphens (-), underscores (_), lowercase + characters, and numbers. + + Shorthand Example: + + --labels=string=string + + JSON Example: + + --labels='{"string": "string"}' + + File Example: + + --labels=path_to_file.(yaml|json) + + --location=LOCATION + For resources [connection, cryptoKey, service], provides fallback value + for resource location attribute. When the resource's full URI path is + not provided, location will fallback to this flag value. + + --namespace=NAMESPACE + For resources [service], provides fallback value for resource namespace + attribute. When the resource's full URI path is not provided, namespace + will fallback to this flag value. + + --request-id=REQUEST_ID + An optional request ID to identify requests. Specify a unique request + ID so that if you must retry your request, the server will know to + ignore the request if it has already been completed. The server will + guarantee that for at least 60 minutes since the first request. + + For example, consider a situation where you make an initial request and + the request times out. If you make the request again with the same + request ID, the server can check if original operation with the same + request ID was received, and if so, will ignore the second request. + This prevents clients from accidentally creating duplicate commitments. + + The request ID must be a valid UUID with the exception that zero UUID + is not supported (00000000-0000-0000-0000-000000000000). + + --secret=SECRET + For resources [secretVersion], provides fallback value for resource + secret attribute. When the resource's full URI path is not provided, + secret will fallback to this flag value. + + --validate-only + If set, validate the request, but do not actually post it. + + Arguments for the connection config. + + At most one of these can be specified: + + Configuration for connections to an instance of Bitbucket Cloud. + + Represents a personal access token that authorized the Connection, and + associated metadata. + + This must be specified. + + SecretVersion resource - A SecretManager resource containing the + user token that authorizes the Developer Connect connection. Format: + projects/*/secrets/*/versions/*. This represents a Cloud resource. + (NOTE) Some attributes are not given arguments in this group but can + be set in other ways. + + To set the project attribute: + ◇ provide the argument + --bitbucket-cloud-config-authorizer-credential-user-token-secret-version + on the command line with a fully specified name; + ◇ provide the argument --project on the command line; + ◇ set the property core/project. + + To set the secret attribute: + ◇ provide the argument + --bitbucket-cloud-config-authorizer-credential-user-token-secret-version + on the command line with a fully specified name; + ◇ provide the argument --secret on the command line. + + This must be specified. + + --bitbucket-cloud-config-authorizer-credential-user-token-secret-version=BITBUCKET_CLOUD_CONFIG_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION + ID of the secretVersion or fully qualified identifier for the + secretVersion. + + To set the secret-version attribute: + ▹ provide the argument + --bitbucket-cloud-config-authorizer-credential-user-token-secret-version + on the command line. + + Represents a personal access token that authorized the Connection, and + associated metadata. + + This must be specified. + + SecretVersion resource - A SecretManager resource containing the + user token that authorizes the Developer Connect connection. Format: + projects/*/secrets/*/versions/*. This represents a Cloud resource. + (NOTE) Some attributes are not given arguments in this group but can + be set in other ways. + + To set the project attribute: + ◇ provide the argument + --bitbucket-cloud-config-read-authorizer-credential-user-token-secret-version + on the command line with a fully specified name; + ◇ provide the argument --project on the command line; + ◇ set the property core/project. + + To set the secret attribute: + ◇ provide the argument + --bitbucket-cloud-config-read-authorizer-credential-user-token-secret-version + on the command line with a fully specified name; + ◇ provide the argument --secret on the command line. + + This must be specified. + + --bitbucket-cloud-config-read-authorizer-credential-user-token-secret-version=BITBUCKET_CLOUD_CONFIG_READ_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION + ID of the secretVersion or fully qualified identifier for the + secretVersion. + + To set the secret-version attribute: + ▹ provide the argument + --bitbucket-cloud-config-read-authorizer-credential-user-token-secret-version + on the command line. + + SecretVersion resource - SecretManager resource containing the webhook + secret used to verify webhook events, formatted as + projects/*/secrets/*/versions/*. This is used to validate and create + webhooks. This represents a Cloud resource. (NOTE) Some attributes are + not given arguments in this group but can be set in other ways. + + To set the project attribute: + ▫ provide the argument + --bitbucket-cloud-config-webhook-secret-version on the command line + with a fully specified name; + ▫ provide the argument --project on the command line; + ▫ set the property core/project. + + To set the secret attribute: + ▫ provide the argument + --bitbucket-cloud-config-webhook-secret-version on the command line + with a fully specified name; + ▫ provide the argument --secret on the command line. + + This must be specified. + + --bitbucket-cloud-config-webhook-secret-version=BITBUCKET_CLOUD_CONFIG_WEBHOOK_SECRET_VERSION + ID of the secretVersion or fully qualified identifier for the + secretVersion. + + To set the secret-version attribute: + ◇ provide the argument + --bitbucket-cloud-config-webhook-secret-version on the command + line. + + --bitbucket-cloud-config-workspace=BITBUCKET_CLOUD_CONFIG_WORKSPACE + The Bitbucket Cloud Workspace ID to be connected to Google Cloud + Platform. + + Configuration for connections to an instance of Bitbucket Data Center. + + Represents a personal access token that authorized the Connection, and + associated metadata. + + This must be specified. + + SecretVersion resource - A SecretManager resource containing the + user token that authorizes the Developer Connect connection. Format: + projects/*/secrets/*/versions/*. This represents a Cloud resource. + (NOTE) Some attributes are not given arguments in this group but can + be set in other ways. + + To set the project attribute: + ◇ provide the argument + --bitbucket-data-center-config-authorizer-credential-user-token-secret-version + on the command line with a fully specified name; + ◇ provide the argument --project on the command line; + ◇ set the property core/project. + + To set the secret attribute: + ◇ provide the argument + --bitbucket-data-center-config-authorizer-credential-user-token-secret-version + on the command line with a fully specified name; + ◇ provide the argument --secret on the command line. + + This must be specified. + + --bitbucket-data-center-config-authorizer-credential-user-token-secret-version=BITBUCKET_DATA_CENTER_CONFIG_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION + ID of the secretVersion or fully qualified identifier for the + secretVersion. + + To set the secret-version attribute: + ▹ provide the argument + --bitbucket-data-center-config-authorizer-credential-user-token-secret-version + on the command line. + + --bitbucket-data-center-config-host-uri=BITBUCKET_DATA_CENTER_CONFIG_HOST_URI + The URI of the Bitbucket Data Center host this connection is for. + + Represents a personal access token that authorized the Connection, and + associated metadata. + + This must be specified. + + SecretVersion resource - A SecretManager resource containing the + user token that authorizes the Developer Connect connection. Format: + projects/*/secrets/*/versions/*. This represents a Cloud resource. + (NOTE) Some attributes are not given arguments in this group but can + be set in other ways. + + To set the project attribute: + ◇ provide the argument + --bitbucket-data-center-config-read-authorizer-credential-user-token-secret-version + on the command line with a fully specified name; + ◇ provide the argument --project on the command line; + ◇ set the property core/project. + + To set the secret attribute: + ◇ provide the argument + --bitbucket-data-center-config-read-authorizer-credential-user-token-secret-version + on the command line with a fully specified name; + ◇ provide the argument --secret on the command line. + + This must be specified. + + --bitbucket-data-center-config-read-authorizer-credential-user-token-secret-version=BITBUCKET_DATA_CENTER_CONFIG_READ_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION + ID of the secretVersion or fully qualified identifier for the + secretVersion. + + To set the secret-version attribute: + ▹ provide the argument + --bitbucket-data-center-config-read-authorizer-credential-user-token-secret-version + on the command line. + + SecretVersion resource - SecretManager resource containing the webhook + secret used to verify webhook events, formatted as + projects/*/secrets/*/versions/*. This is used to validate webhooks. + This represents a Cloud resource. (NOTE) Some attributes are not given + arguments in this group but can be set in other ways. + + To set the project attribute: + ▫ provide the argument + --bitbucket-data-center-config-webhook-secret-version on the + command line with a fully specified name; + ▫ provide the argument --project on the command line; + ▫ set the property core/project. + + To set the secret attribute: + ▫ provide the argument + --bitbucket-data-center-config-webhook-secret-version on the + command line with a fully specified name; + ▫ provide the argument --secret on the command line. + + This must be specified. + + --bitbucket-data-center-config-webhook-secret-version=BITBUCKET_DATA_CENTER_CONFIG_WEBHOOK_SECRET_VERSION + ID of the secretVersion or fully qualified identifier for the + secretVersion. + + To set the secret-version attribute: + ◇ provide the argument + --bitbucket-data-center-config-webhook-secret-version on the + command line. + + ServiceDirectoryConfig represents Service Directory configuration for + a connection. + + Service resource - The Service Directory service name. Format: + projects/{project}/locations/{location}/namespaces/{namespace}/services/{service}. + This represents a Cloud resource. (NOTE) Some attributes are not + given arguments in this group but can be set in other ways. + + To set the project attribute: + ◇ provide the argument + --bitbucket-data-center-config-service-directory on the command + line with a fully specified name; + ◇ provide the argument --project on the command line; + ◇ set the property core/project. + + To set the location attribute: + ◇ provide the argument + --bitbucket-data-center-config-service-directory on the command + line with a fully specified name; + ◇ provide the argument --location on the command line. + + To set the namespace attribute: + ◇ provide the argument + --bitbucket-data-center-config-service-directory on the command + line with a fully specified name; + ◇ provide the argument --namespace on the command line. + + This must be specified. + + --bitbucket-data-center-config-service-directory=BITBUCKET_DATA_CENTER_CONFIG_SERVICE_DIRECTORY + ID of the service or fully qualified identifier for the + service. + + To set the service attribute: + ▹ provide the argument + --bitbucket-data-center-config-service-directory on the + command line. + + --bitbucket-data-center-config-ssl-ca-certificate=BITBUCKET_DATA_CENTER_CONFIG_SSL_CA_CERTIFICATE + SSL certificate authority to trust when making requests to + Bitbucket Data Center. + + Configuration for connections to github.com. + + --github-config-app=GITHUB_CONFIG_APP + The GitHub Application that was installed to the GitHub user or + organization. GITHUB_CONFIG_APP must be one of: + + developer-connect + The Developer Connect GitHub Application. + firebase + The Firebase GitHub Application. + + This flag argument must be specified if any of the other arguments + in this group are specified. + + --github-config-app-installation-id=GITHUB_CONFIG_APP_INSTALLATION_ID + GitHub App installation id. + + Represents an OAuth token of the account that authorized the + Connection, and associated metadata. + + SecretVersion resource - A SecretManager resource containing the + OAuth token that authorizes the connection. Format: + projects/*/secrets/*/versions/*. This represents a Cloud resource. + (NOTE) Some attributes are not given arguments in this group but can + be set in other ways. + + To set the project attribute: + ◇ provide the argument + --github-config-authorizer-credential-oauth-token-secret-version + on the command line with a fully specified name; + ◇ provide the argument --project on the command line; + ◇ set the property core/project. + + To set the secret attribute: + ◇ provide the argument + --github-config-authorizer-credential-oauth-token-secret-version + on the command line with a fully specified name; + ◇ provide the argument --secret on the command line. + + This must be specified. + + --github-config-authorizer-credential-oauth-token-secret-version=GITHUB_CONFIG_AUTHORIZER_CREDENTIAL_OAUTH_TOKEN_SECRET_VERSION + ID of the secretVersion or fully qualified identifier for the + secretVersion. + + To set the secret-version attribute: + ▹ provide the argument + --github-config-authorizer-credential-oauth-token-secret-version + on the command line. + + Configuration for connections to an instance of GitHub Enterprise. + + --github-enterprise-config-host-uri=GITHUB_ENTERPRISE_CONFIG_HOST_URI + The URI of the GitHub Enterprise host this connection is for. + + This flag argument must be specified if any of the other arguments + in this group are specified. + + --github-enterprise-config-app-id=GITHUB_ENTERPRISE_CONFIG_APP_ID + ID of the GitHub App created from the manifest. + + --github-enterprise-config-app-installation-id=GITHUB_ENTERPRISE_CONFIG_APP_INSTALLATION_ID + ID of the installation of the GitHub App. + + SecretVersion resource - SecretManager resource containing the private + key of the GitHub App, formatted as projects/*/secrets/*/versions/*. + This represents a Cloud resource. (NOTE) Some attributes are not given + arguments in this group but can be set in other ways. + + To set the project attribute: + ▫ provide the argument + --github-enterprise-config-private-key-secret-version on the + command line with a fully specified name; + ▫ provide the argument --project on the command line; + ▫ set the property core/project. + + To set the secret attribute: + ▫ provide the argument + --github-enterprise-config-private-key-secret-version on the + command line with a fully specified name; + ▫ provide the argument --secret on the command line. + + --github-enterprise-config-private-key-secret-version=GITHUB_ENTERPRISE_CONFIG_PRIVATE_KEY_SECRET_VERSION + ID of the secretVersion or fully qualified identifier for the + secretVersion. + + To set the secret-version attribute: + ◇ provide the argument + --github-enterprise-config-private-key-secret-version on the + command line. + + ServiceDirectoryConfig represents Service Directory configuration for + a connection. + + Service resource - The Service Directory service name. Format: + projects/{project}/locations/{location}/namespaces/{namespace}/services/{service}. + This represents a Cloud resource. (NOTE) Some attributes are not + given arguments in this group but can be set in other ways. + + To set the project attribute: + ◇ provide the argument + --github-enterprise-config-service-directory on the command line + with a fully specified name; + ◇ provide the argument --project on the command line; + ◇ set the property core/project. + + To set the location attribute: + ◇ provide the argument + --github-enterprise-config-service-directory on the command line + with a fully specified name; + ◇ provide the argument --location on the command line. + + To set the namespace attribute: + ◇ provide the argument + --github-enterprise-config-service-directory on the command line + with a fully specified name; + ◇ provide the argument --namespace on the command line. + + This must be specified. + + --github-enterprise-config-service-directory=GITHUB_ENTERPRISE_CONFIG_SERVICE_DIRECTORY + ID of the service or fully qualified identifier for the + service. + + To set the service attribute: + ▹ provide the argument + --github-enterprise-config-service-directory on the command + line. + + --github-enterprise-config-ssl-ca-certificate=GITHUB_ENTERPRISE_CONFIG_SSL_CA_CERTIFICATE + SSL certificate to use for requests to GitHub Enterprise. + + SecretVersion resource - SecretManager resource containing the webhook + secret of the GitHub App, formatted as + projects/*/secrets/*/versions/*. This represents a Cloud resource. + (NOTE) Some attributes are not given arguments in this group but can + be set in other ways. + + To set the project attribute: + ▫ provide the argument + --github-enterprise-config-webhook-secret-version on the command + line with a fully specified name; + ▫ provide the argument --project on the command line; + ▫ set the property core/project. + + To set the secret attribute: + ▫ provide the argument + --github-enterprise-config-webhook-secret-version on the command + line with a fully specified name; + ▫ provide the argument --secret on the command line. + + --github-enterprise-config-webhook-secret-version=GITHUB_ENTERPRISE_CONFIG_WEBHOOK_SECRET_VERSION + ID of the secretVersion or fully qualified identifier for the + secretVersion. + + To set the secret-version attribute: + ◇ provide the argument + --github-enterprise-config-webhook-secret-version on the + command line. + + Configuration for connections to gitlab.com. + + Represents a personal access token that authorized the Connection, and + associated metadata. + + This must be specified. + + SecretVersion resource - A SecretManager resource containing the + user token that authorizes the Developer Connect connection. Format: + projects/*/secrets/*/versions/*. This represents a Cloud resource. + (NOTE) Some attributes are not given arguments in this group but can + be set in other ways. + + To set the project attribute: + ◇ provide the argument + --gitlab-config-authorizer-credential-user-token-secret-version + on the command line with a fully specified name; + ◇ provide the argument --project on the command line; + ◇ set the property core/project. + + To set the secret attribute: + ◇ provide the argument + --gitlab-config-authorizer-credential-user-token-secret-version + on the command line with a fully specified name; + ◇ provide the argument --secret on the command line. + + This must be specified. + + --gitlab-config-authorizer-credential-user-token-secret-version=GITLAB_CONFIG_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION + ID of the secretVersion or fully qualified identifier for the + secretVersion. + + To set the secret-version attribute: + ▹ provide the argument + --gitlab-config-authorizer-credential-user-token-secret-version + on the command line. + + Represents a personal access token that authorized the Connection, and + associated metadata. + + This must be specified. + + SecretVersion resource - A SecretManager resource containing the + user token that authorizes the Developer Connect connection. Format: + projects/*/secrets/*/versions/*. This represents a Cloud resource. + (NOTE) Some attributes are not given arguments in this group but can + be set in other ways. + + To set the project attribute: + ◇ provide the argument + --gitlab-config-read-authorizer-credential-user-token-secret-version + on the command line with a fully specified name; + ◇ provide the argument --project on the command line; + ◇ set the property core/project. + + To set the secret attribute: + ◇ provide the argument + --gitlab-config-read-authorizer-credential-user-token-secret-version + on the command line with a fully specified name; + ◇ provide the argument --secret on the command line. + + This must be specified. + + --gitlab-config-read-authorizer-credential-user-token-secret-version=GITLAB_CONFIG_READ_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION + ID of the secretVersion or fully qualified identifier for the + secretVersion. + + To set the secret-version attribute: + ▹ provide the argument + --gitlab-config-read-authorizer-credential-user-token-secret-version + on the command line. + + SecretVersion resource - SecretManager resource containing the webhook + secret of a GitLab project, formatted as + projects/*/secrets/*/versions/*. This is used to validate webhooks. + This represents a Cloud resource. (NOTE) Some attributes are not given + arguments in this group but can be set in other ways. + + To set the project attribute: + ▫ provide the argument --gitlab-config-webhook-secret-version on + the command line with a fully specified name; + ▫ provide the argument --project on the command line; + ▫ set the property core/project. + + To set the secret attribute: + ▫ provide the argument --gitlab-config-webhook-secret-version on + the command line with a fully specified name; + ▫ provide the argument --secret on the command line. + + This must be specified. + + --gitlab-config-webhook-secret-version=GITLAB_CONFIG_WEBHOOK_SECRET_VERSION + ID of the secretVersion or fully qualified identifier for the + secretVersion. + + To set the secret-version attribute: + ◇ provide the argument --gitlab-config-webhook-secret-version + on the command line. + + Configuration for connections to an instance of GitLab Enterprise. + + Represents a personal access token that authorized the Connection, and + associated metadata. + + This must be specified. + + SecretVersion resource - A SecretManager resource containing the + user token that authorizes the Developer Connect connection. Format: + projects/*/secrets/*/versions/*. This represents a Cloud resource. + (NOTE) Some attributes are not given arguments in this group but can + be set in other ways. + + To set the project attribute: + ◇ provide the argument + --gitlab-enterprise-config-authorizer-credential-user-token-secret-version + on the command line with a fully specified name; + ◇ provide the argument --project on the command line; + ◇ set the property core/project. + + To set the secret attribute: + ◇ provide the argument + --gitlab-enterprise-config-authorizer-credential-user-token-secret-version + on the command line with a fully specified name; + ◇ provide the argument --secret on the command line. + + This must be specified. + + --gitlab-enterprise-config-authorizer-credential-user-token-secret-version=GITLAB_ENTERPRISE_CONFIG_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION + ID of the secretVersion or fully qualified identifier for the + secretVersion. + + To set the secret-version attribute: + ▹ provide the argument + --gitlab-enterprise-config-authorizer-credential-user-token-secret-version + on the command line. + + --gitlab-enterprise-config-host-uri=GITLAB_ENTERPRISE_CONFIG_HOST_URI + The URI of the GitLab Enterprise host this connection is for. + + Represents a personal access token that authorized the Connection, and + associated metadata. + + This must be specified. + + SecretVersion resource - A SecretManager resource containing the + user token that authorizes the Developer Connect connection. Format: + projects/*/secrets/*/versions/*. This represents a Cloud resource. + (NOTE) Some attributes are not given arguments in this group but can + be set in other ways. + + To set the project attribute: + ◇ provide the argument + --gitlab-enterprise-config-read-authorizer-credential-user-token-secret-version + on the command line with a fully specified name; + ◇ provide the argument --project on the command line; + ◇ set the property core/project. + + To set the secret attribute: + ◇ provide the argument + --gitlab-enterprise-config-read-authorizer-credential-user-token-secret-version + on the command line with a fully specified name; + ◇ provide the argument --secret on the command line. + + This must be specified. + + --gitlab-enterprise-config-read-authorizer-credential-user-token-secret-version=GITLAB_ENTERPRISE_CONFIG_READ_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION + ID of the secretVersion or fully qualified identifier for the + secretVersion. + + To set the secret-version attribute: + ▹ provide the argument + --gitlab-enterprise-config-read-authorizer-credential-user-token-secret-version + on the command line. + + SecretVersion resource - SecretManager resource containing the webhook + secret of a GitLab project, formatted as + projects/*/secrets/*/versions/*. This is used to validate webhooks. + This represents a Cloud resource. (NOTE) Some attributes are not given + arguments in this group but can be set in other ways. + + To set the project attribute: + ▫ provide the argument + --gitlab-enterprise-config-webhook-secret-version on the command + line with a fully specified name; + ▫ provide the argument --project on the command line; + ▫ set the property core/project. + + To set the secret attribute: + ▫ provide the argument + --gitlab-enterprise-config-webhook-secret-version on the command + line with a fully specified name; + ▫ provide the argument --secret on the command line. + + This must be specified. + + --gitlab-enterprise-config-webhook-secret-version=GITLAB_ENTERPRISE_CONFIG_WEBHOOK_SECRET_VERSION + ID of the secretVersion or fully qualified identifier for the + secretVersion. + + To set the secret-version attribute: + ◇ provide the argument + --gitlab-enterprise-config-webhook-secret-version on the + command line. + + ServiceDirectoryConfig represents Service Directory configuration for + a connection. + + Service resource - The Service Directory service name. Format: + projects/{project}/locations/{location}/namespaces/{namespace}/services/{service}. + This represents a Cloud resource. (NOTE) Some attributes are not + given arguments in this group but can be set in other ways. + + To set the project attribute: + ◇ provide the argument + --gitlab-enterprise-config-service-directory on the command line + with a fully specified name; + ◇ provide the argument --project on the command line; + ◇ set the property core/project. + + To set the location attribute: + ◇ provide the argument + --gitlab-enterprise-config-service-directory on the command line + with a fully specified name; + ◇ provide the argument --location on the command line. + + To set the namespace attribute: + ◇ provide the argument + --gitlab-enterprise-config-service-directory on the command line + with a fully specified name; + ◇ provide the argument --namespace on the command line. + + This must be specified. + + --gitlab-enterprise-config-service-directory=GITLAB_ENTERPRISE_CONFIG_SERVICE_DIRECTORY + ID of the service or fully qualified identifier for the + service. + + To set the service attribute: + ▹ provide the argument + --gitlab-enterprise-config-service-directory on the command + line. + + --gitlab-enterprise-config-ssl-ca-certificate=GITLAB_ENTERPRISE_CONFIG_SSL_CA_CERTIFICATE + SSL Certificate Authority certificate to use for requests to GitLab + Enterprise instance. + + The crypto key configuration. This field is used by the Customer-managed + encryption keys (CMEK) feature. + + CryptoKey resource - The name of the key which is used to + encrypt/decrypt customer data. For key in Cloud KMS, the key should be + in the format of projects/*/locations/*/keyRings/*/cryptoKeys/*. The + arguments in this group can be used to specify the attributes of this + resource. (NOTE) Some attributes are not given arguments in this group + but can be set in other ways. + + To set the project attribute: + ▸ provide the argument --crypto-key-config-reference on the command + line with a fully specified name; + ▸ provide the argument --project on the command line; + ▸ set the property core/project. + + To set the location attribute: + ▸ provide the argument --crypto-key-config-reference on the command + line with a fully specified name; + ▸ provide the argument --location on the command line. + + This must be specified. + + --crypto-key-config-reference=CRYPTO_KEY_CONFIG_REFERENCE + ID of the cryptoKey or fully qualified identifier for the + cryptoKey. + + To set the crypto-key attribute: + ▫ provide the argument --crypto-key-config-reference on the + command line. + + This flag argument must be specified if any of the other arguments + in this group are specified. + + --key-ring=KEY_RING + The keyRing id of the cryptoKey resource. + + To set the key-ring attribute: + ▫ provide the argument --crypto-key-config-reference on the + command line with a fully specified name; + ▫ provide the argument --key-ring on the command line. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +API REFERENCE + This command uses the developerconnect/v1 API. The full documentation for + this API can be found at: + http://cloud.google.com/developer-connect/docs/overview + +NOTES + These variants are also available: + + $ gcloud alpha developer-connect connections create + + $ gcloud beta developer-connect connections create + diff --git a/gcloud/developer-connect/connections/delete b/gcloud/developer-connect/connections/delete new file mode 100644 index 000000000..6ee04985d --- /dev/null +++ b/gcloud/developer-connect/connections/delete @@ -0,0 +1,96 @@ +NAME + gcloud developer-connect connections delete - delete a single connection + +SYNOPSIS + gcloud developer-connect connections delete + (CONNECTION : --location=LOCATION) [--async] [--etag=ETAG] + [--request-id=REQUEST_ID] [--validate-only] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Delete a single connection. + +EXAMPLES + To delete a connection my-comection in location us-central1 run: + + $ gcloud developer-connect connections delete my-connection \ + --location=us-central1 + +POSITIONAL ARGUMENTS + Connection resource - Name of the resource The arguments in this group can + be used to specify the attributes of this resource. (NOTE) Some attributes + are not given arguments in this group but can be set in other ways. + + To set the project attribute: + ◆ provide the argument connection on the command line with a fully + specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + CONNECTION + ID of the connection or fully qualified identifier for the + connection. + + To set the connection attribute: + ▸ provide the argument connection on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + The location id of the connection resource. + + To set the location attribute: + ▸ provide the argument connection on the command line with a fully + specified name; + ▸ provide the argument --location on the command line. + +FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. + + --etag=ETAG + The current etag of the Connection. If an etag is provided and does not + match the current etag of the Connection, deletion will be blocked and + an ABORTED error will be returned. + + --request-id=REQUEST_ID + An optional request ID to identify requests. Specify a unique request + ID so that if you must retry your request, the server will know to + ignore the request if it has already been completed. The server will + guarantee that for at least 60 minutes after the first request. + + For example, consider a situation where you make an initial request and + the request times out. If you make the request again with the same + request ID, the server can check if original operation with the same + request ID was received, and if so, will ignore the second request. + This prevents clients from accidentally creating duplicate commitments. + + The request ID must be a valid UUID with the exception that zero UUID + is not supported (00000000-0000-0000-0000-000000000000). + + --validate-only + If set, validate the request, but do not actually post it. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +API REFERENCE + This command uses the developerconnect/v1 API. The full documentation for + this API can be found at: + http://cloud.google.com/developer-connect/docs/overview + +NOTES + These variants are also available: + + $ gcloud alpha developer-connect connections delete + + $ gcloud beta developer-connect connections delete + diff --git a/gcloud/developer-connect/connections/describe b/gcloud/developer-connect/connections/describe new file mode 100644 index 000000000..f6302cf85 --- /dev/null +++ b/gcloud/developer-connect/connections/describe @@ -0,0 +1,69 @@ +NAME + gcloud developer-connect connections describe - get details of a single + connection resource + +SYNOPSIS + gcloud developer-connect connections describe + (CONNECTION : --location=LOCATION) [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Get details of a single connection resource. + +EXAMPLES + To get the details of a single conenction my-connection in location + us-central1 run: + + $ gcloud developer-connect connections describe my-connection \ + --location=us-central1 + +POSITIONAL ARGUMENTS + Connection resource - Name of the resource The arguments in this group can + be used to specify the attributes of this resource. (NOTE) Some attributes + are not given arguments in this group but can be set in other ways. + + To set the project attribute: + ◆ provide the argument connection on the command line with a fully + specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + CONNECTION + ID of the connection or fully qualified identifier for the + connection. + + To set the connection attribute: + ▸ provide the argument connection on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + The location id of the connection resource. + + To set the location attribute: + ▸ provide the argument connection on the command line with a fully + specified name; + ▸ provide the argument --location on the command line. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +API REFERENCE + This command uses the developerconnect/v1 API. The full documentation for + this API can be found at: + http://cloud.google.com/developer-connect/docs/overview + +NOTES + These variants are also available: + + $ gcloud alpha developer-connect connections describe + + $ gcloud beta developer-connect connections describe + diff --git a/gcloud/developer-connect/connections/git-repository-links/create b/gcloud/developer-connect/connections/git-repository-links/create new file mode 100644 index 000000000..fdfb21d4d --- /dev/null +++ b/gcloud/developer-connect/connections/git-repository-links/create @@ -0,0 +1,170 @@ +NAME + gcloud developer-connect connections git-repository-links create - create a + git repository link + +SYNOPSIS + gcloud developer-connect connections git-repository-links create + (GIT_REPOSITORY_LINK : --connection=CONNECTION --location=LOCATION) + --clone-uri=CLONE_URI [--annotations=[ANNOTATIONS,...]] [--async] + [--etag=ETAG] [--labels=[LABELS,...]] [--request-id=REQUEST_ID] + [--validate-only] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Create a git repository link. + +EXAMPLES + To create a git repository link 'my-git-repository-link' in a connection + my-connection in us-central1 run: + + $ gcloud developer-connect connections git-repository-links create \ + my-git-repository-link \ + --clone-uri=https://github.com/my-org/my-repo.git \ + --connection=my-connection --location=us-central1 + + Or run: + + $ gcloud developer-connect connections git-repository-links create \ + projects/my-project/locations/us-central1/connections/\ + my-connection/gitRepositoryLinks/my-git-repository-link \ + --clone-uri=https://github.com/my-org/my-repo.git \ + --location=us-central1 + +POSITIONAL ARGUMENTS + GitRepositoryLink resource - Identifier. Resource name of the repository, + in the format projects/*/locations/*/connections/*/gitRepositoryLinks/*. + The arguments in this group can be used to specify the attributes of this + resource. (NOTE) Some attributes are not given arguments in this group but + can be set in other ways. + + To set the project attribute: + ◆ provide the argument git_repository_link on the command line with a + fully specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + GIT_REPOSITORY_LINK + ID of the gitRepositoryLink or fully qualified identifier for the + gitRepositoryLink. + + To set the git_repository_link attribute: + ▸ provide the argument git_repository_link on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --connection=CONNECTION + The connection id of the gitRepositoryLink resource. + + To set the connection attribute: + ▸ provide the argument git_repository_link on the command line with + a fully specified name; + ▸ provide the argument --connection on the command line. + + --location=LOCATION + The location id of the gitRepositoryLink resource. + + To set the location attribute: + ▸ provide the argument git_repository_link on the command line with + a fully specified name; + ▸ provide the argument --location on the command line. + +REQUIRED FLAGS + --clone-uri=CLONE_URI + Git Clone URI. + +OPTIONAL FLAGS + --annotations=[ANNOTATIONS,...] + Allows clients to store small amounts of arbitrary data. + + KEY + Sets KEY value. + + VALUE + Sets VALUE value. + + Shorthand Example: + + --annotations=string=string + + JSON Example: + + --annotations='{"string": "string"}' + + File Example: + + --annotations=path_to_file.(yaml|json) + + --async + Return immediately, without waiting for the operation in progress to + complete. + + --etag=ETAG + This checksum is computed by the server based on the value of other + fields, and may be sent on update and delete requests to ensure the + client has an up-to-date value before proceeding. + + --labels=[LABELS,...] + Labels as key value pairs. + + KEY + Keys must start with a lowercase character and contain only hyphens + (-), underscores (_), lowercase characters, and numbers. + + VALUE + Values must contain only hyphens (-), underscores (_), lowercase + characters, and numbers. + + Shorthand Example: + + --labels=string=string + + JSON Example: + + --labels='{"string": "string"}' + + File Example: + + --labels=path_to_file.(yaml|json) + + --request-id=REQUEST_ID + An optional request ID to identify requests. Specify a unique request + ID so that if you must retry your request, the server will know to + ignore the request if it has already been completed. The server will + guarantee that for at least 60 minutes since the first request. + + For example, consider a situation where you make an initial request and + the request times out. If you make the request again with the same + request ID, the server can check if original operation with the same + request ID was received, and if so, will ignore the second request. + This prevents clients from accidentally creating duplicate commitments. + + The request ID must be a valid UUID with the exception that zero UUID + is not supported (00000000-0000-0000-0000-000000000000). + + --validate-only + If set, validate the request, but do not actually post it. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +API REFERENCE + This command uses the developerconnect/v1 API. The full documentation for + this API can be found at: + http://cloud.google.com/developer-connect/docs/overview + +NOTES + These variants are also available: + + $ gcloud alpha developer-connect connections git-repository-links \ + create + + $ gcloud beta developer-connect connections git-repository-links \ + create + diff --git a/gcloud/developer-connect/connections/git-repository-links/delete b/gcloud/developer-connect/connections/git-repository-links/delete new file mode 100644 index 000000000..27134e12f --- /dev/null +++ b/gcloud/developer-connect/connections/git-repository-links/delete @@ -0,0 +1,111 @@ +NAME + gcloud developer-connect connections git-repository-links delete - delete a + single git repository link + +SYNOPSIS + gcloud developer-connect connections git-repository-links delete + (GIT_REPOSITORY_LINK : --connection=CONNECTION --location=LOCATION) + [--async] [--etag=ETAG] [--request-id=REQUEST_ID] [--validate-only] + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Delete a single git repository link. + +EXAMPLES + To delete a git repository link my-git-repository-link in a connection + my-comection in location us-central1 run: + + $ gcloud developer-connect connections git-repository-links delete \ + my-git-repository-link --connection=my-connection \ + --location=us-central1 + +POSITIONAL ARGUMENTS + GitRepositoryLink resource - Name of the resource The arguments in this + group can be used to specify the attributes of this resource. (NOTE) Some + attributes are not given arguments in this group but can be set in other + ways. + + To set the project attribute: + ◆ provide the argument git_repository_link on the command line with a + fully specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + GIT_REPOSITORY_LINK + ID of the gitRepositoryLink or fully qualified identifier for the + gitRepositoryLink. + + To set the git_repository_link attribute: + ▸ provide the argument git_repository_link on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --connection=CONNECTION + The connection id of the gitRepositoryLink resource. + + To set the connection attribute: + ▸ provide the argument git_repository_link on the command line with + a fully specified name; + ▸ provide the argument --connection on the command line. + + --location=LOCATION + The location id of the gitRepositoryLink resource. + + To set the location attribute: + ▸ provide the argument git_repository_link on the command line with + a fully specified name; + ▸ provide the argument --location on the command line. + +FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. + + --etag=ETAG + This checksum is computed by the server based on the value of other + fields, and may be sent on update and delete requests to ensure the + client has an up-to-date value before proceeding. + + --request-id=REQUEST_ID + An optional request ID to identify requests. Specify a unique request + ID so that if you must retry your request, the server will know to + ignore the request if it has already been completed. The server will + guarantee that for at least 60 minutes after the first request. + + For example, consider a situation where you make an initial request and + the request times out. If you make the request again with the same + request ID, the server can check if original operation with the same + request ID was received, and if so, will ignore the second request. + This prevents clients from accidentally creating duplicate commitments. + + The request ID must be a valid UUID with the exception that zero UUID + is not supported (00000000-0000-0000-0000-000000000000). + + --validate-only + If set, validate the request, but do not actually post it. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +API REFERENCE + This command uses the developerconnect/v1 API. The full documentation for + this API can be found at: + http://cloud.google.com/developer-connect/docs/overview + +NOTES + These variants are also available: + + $ gcloud alpha developer-connect connections git-repository-links \ + delete + + $ gcloud beta developer-connect connections git-repository-links \ + delete + diff --git a/gcloud/developer-connect/connections/git-repository-links/describe b/gcloud/developer-connect/connections/git-repository-links/describe new file mode 100644 index 000000000..264c9f429 --- /dev/null +++ b/gcloud/developer-connect/connections/git-repository-links/describe @@ -0,0 +1,81 @@ +NAME + gcloud developer-connect connections git-repository-links describe - get + details of a single git repository link + +SYNOPSIS + gcloud developer-connect connections git-repository-links describe + (GIT_REPOSITORY_LINK : --connection=CONNECTION --location=LOCATION) + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Get details of a single git repository link. + +EXAMPLES + To get the details of a single git repository link my-git-repository-link + in a conenction my-connection in location us-central1 run: + + $ gcloud developer-connect connections git-repository-links \ describe my-git-repository-link --connection=my-connection \ + --location=us-central1-a + +POSITIONAL ARGUMENTS + GitRepositoryLink resource - Name of the resource The arguments in this + group can be used to specify the attributes of this resource. (NOTE) Some + attributes are not given arguments in this group but can be set in other + ways. + + To set the project attribute: + ◆ provide the argument git_repository_link on the command line with a + fully specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + GIT_REPOSITORY_LINK + ID of the gitRepositoryLink or fully qualified identifier for the + gitRepositoryLink. + + To set the git_repository_link attribute: + ▸ provide the argument git_repository_link on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --connection=CONNECTION + The connection id of the gitRepositoryLink resource. + + To set the connection attribute: + ▸ provide the argument git_repository_link on the command line with + a fully specified name; + ▸ provide the argument --connection on the command line. + + --location=LOCATION + The location id of the gitRepositoryLink resource. + + To set the location attribute: + ▸ provide the argument git_repository_link on the command line with + a fully specified name; + ▸ provide the argument --location on the command line. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +API REFERENCE + This command uses the developerconnect/v1 API. The full documentation for + this API can be found at: + http://cloud.google.com/developer-connect/docs/overview + +NOTES + These variants are also available: + + $ gcloud alpha developer-connect connections git-repository-links \ + describe + + $ gcloud beta developer-connect connections git-repository-links \ + describe + diff --git a/gcloud/developer-connect/connections/git-repository-links/fetch-read-token b/gcloud/developer-connect/connections/git-repository-links/fetch-read-token new file mode 100644 index 000000000..22559f8c6 --- /dev/null +++ b/gcloud/developer-connect/connections/git-repository-links/fetch-read-token @@ -0,0 +1,83 @@ +NAME + gcloud developer-connect connections git-repository-links fetch-read-token + - fetch the read token of a given gitRepositoryLink + +SYNOPSIS + gcloud developer-connect connections git-repository-links fetch-read-token + (GIT_REPOSITORY_LINK : --connection=CONNECTION --location=LOCATION) + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Fetch the read token of a given gitRepositoryLink. + +EXAMPLES + To get the read token of a GitRepositoryLink named "my-git-repository-link" + in a Connection named "my-connection" in location "us-central1": + + $ gcloud developer-connect connections git-repository-links \ + fetch-read-token fetch-read-token my-git-repository-link \ + --connection=my-connection --location=us-central1 \ + --project=my-project + +POSITIONAL ARGUMENTS + GitRepositoryLink resource - Developer Connect GitRepositoryLink from + which to fetch the read token. The arguments in this group can be used to + specify the attributes of this resource. (NOTE) Some attributes are not + given arguments in this group but can be set in other ways. + + To set the project attribute: + ◆ provide the argument git_repository_link on the command line with a + fully specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + GIT_REPOSITORY_LINK + ID of the gitRepositoryLink or fully qualified identifier for the + gitRepositoryLink. + + To set the git_repository_link attribute: + ▸ provide the argument git_repository_link on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --connection=CONNECTION + The connection id of the gitRepositoryLink resource. + + To set the connection attribute: + ▸ provide the argument git_repository_link on the command line with + a fully specified name; + ▸ provide the argument --connection on the command line. + + --location=LOCATION + The location id of the gitRepositoryLink resource. + + To set the location attribute: + ▸ provide the argument git_repository_link on the command line with + a fully specified name; + ▸ provide the argument --location on the command line. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +API REFERENCE + This command uses the developerconnect/v1 API. The full documentation for + this API can be found at: + http://cloud.google.com/developer-connect/docs/overview + +NOTES + These variants are also available: + + $ gcloud alpha developer-connect connections git-repository-links \ + fetch-read-token + + $ gcloud beta developer-connect connections git-repository-links \ + fetch-read-token + diff --git a/gcloud/developer-connect/connections/git-repository-links/fetch-read-write-token b/gcloud/developer-connect/connections/git-repository-links/fetch-read-write-token new file mode 100644 index 000000000..421bb6081 --- /dev/null +++ b/gcloud/developer-connect/connections/git-repository-links/fetch-read-write-token @@ -0,0 +1,85 @@ +NAME + gcloud developer-connect connections git-repository-links + fetch-read-write-token - fetch the read/write token of a given + gitRepositoryLink + +SYNOPSIS + gcloud developer-connect connections git-repository-links + fetch-read-write-token + (GIT_REPOSITORY_LINK : --connection=CONNECTION --location=LOCATION) + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Fetch the read/write token of a given gitRepositoryLink. + +EXAMPLES + To get the read/write token of a GitRepositoryLink named + "my-git-repository-link" in a Connection named "my-connection": + + $ gcloud developer-connect connections git-repository-links \ + fetch-read-write-token fetch-read-write-token \ + my-git-repository-link --connection=my-connection \ + --location=us-central1 --project=my-project + +POSITIONAL ARGUMENTS + GitRepositoryLink resource - Developer Connect GitRepositoryLink from + which to fetch the read/write token. The arguments in this group can be + used to specify the attributes of this resource. (NOTE) Some attributes + are not given arguments in this group but can be set in other ways. + + To set the project attribute: + ◆ provide the argument git_repository_link on the command line with a + fully specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + GIT_REPOSITORY_LINK + ID of the gitRepositoryLink or fully qualified identifier for the + gitRepositoryLink. + + To set the git_repository_link attribute: + ▸ provide the argument git_repository_link on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --connection=CONNECTION + The connection id of the gitRepositoryLink resource. + + To set the connection attribute: + ▸ provide the argument git_repository_link on the command line with + a fully specified name; + ▸ provide the argument --connection on the command line. + + --location=LOCATION + The location id of the gitRepositoryLink resource. + + To set the location attribute: + ▸ provide the argument git_repository_link on the command line with + a fully specified name; + ▸ provide the argument --location on the command line. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +API REFERENCE + This command uses the developerconnect/v1 API. The full documentation for + this API can be found at: + http://cloud.google.com/developer-connect/docs/overview + +NOTES + These variants are also available: + + $ gcloud alpha developer-connect connections git-repository-links \ + fetch-read-write-token + + $ gcloud beta developer-connect connections git-repository-links \ + fetch-read-write-token + diff --git a/gcloud/developer-connect/connections/git-repository-links/help b/gcloud/developer-connect/connections/git-repository-links/help new file mode 100644 index 000000000..f5cba4e38 --- /dev/null +++ b/gcloud/developer-connect/connections/git-repository-links/help @@ -0,0 +1,44 @@ +NAME + gcloud developer-connect connections git-repository-links - manage git + repository link resources + +SYNOPSIS + gcloud developer-connect connections git-repository-links COMMAND + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Manage git repository link resources. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --help. + + Run $ gcloud help for details. + +COMMANDS + COMMAND is one of the following: + + create + Create a git repository link. + + delete + Delete a single git repository link. + + describe + Get details of a single git repository link. + + fetch-read-token + Fetch the read token of a given gitRepositoryLink. + + fetch-read-write-token + Fetch the read/write token of a given gitRepositoryLink. + + list + List all git repository links in a connection. + +NOTES + These variants are also available: + + $ gcloud alpha developer-connect connections git-repository-links + + $ gcloud beta developer-connect connections git-repository-links + diff --git a/gcloud/developer-connect/connections/git-repository-links/list b/gcloud/developer-connect/connections/git-repository-links/list new file mode 100644 index 000000000..73f3ec7c6 --- /dev/null +++ b/gcloud/developer-connect/connections/git-repository-links/list @@ -0,0 +1,105 @@ +NAME + gcloud developer-connect connections git-repository-links list - list all + git repository links in a connection + +SYNOPSIS + gcloud developer-connect connections git-repository-links list + (--connection=CONNECTION : --location=LOCATION) [--filter=EXPRESSION] + [--limit=LIMIT] [--page-size=PAGE_SIZE] [--sort-by=[FIELD,...]] [--uri] + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + List all git repository links in a connection. + +EXAMPLES + To list all git repository links in a connection my-connection in location + us-central1 run: + + $ gcloud developer-connect connections git-repository-links list \ + --connection=my-connection --location=us-central1 + +REQUIRED FLAGS + Connection resource - Parent value for ListGitRepositoryLinksRequest The + arguments in this group can be used to specify the attributes of this + resource. (NOTE) Some attributes are not given arguments in this group but + can be set in other ways. + + To set the project attribute: + ◆ provide the argument --connection on the command line with a fully + specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + --connection=CONNECTION + ID of the connection or fully qualified identifier for the + connection. + + To set the connection attribute: + ▸ provide the argument --connection on the command line. + + This flag argument must be specified if any of the other arguments in + this group are specified. + + --location=LOCATION + The location id of the connection resource. + + To set the location attribute: + ▸ provide the argument --connection on the command line with a + fully specified name; + ▸ provide the argument --location on the command line. + +LIST COMMAND FLAGS + --filter=EXPRESSION + Apply a Boolean filter EXPRESSION to each resource item to be listed. + If the expression evaluates True, then that item is listed. For more + details and examples of filter expressions, run $ gcloud topic filters. + This flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --limit=LIMIT + Maximum number of resources to list. The default is unlimited. This + flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --page-size=PAGE_SIZE + Some services group resource list output into pages. This flag + specifies the maximum number of resources per page. The default is + determined by the service if it supports paging, otherwise it is + unlimited (no paging). Paging may be applied before or after --filter + and --limit depending on the service. + + --sort-by=[FIELD,...] + Comma-separated list of resource field key names to sort by. The + default order is ascending. Prefix a field with ``~'' for descending + order on that field. This flag interacts with other flags that are + applied in this order: --flatten, --sort-by, --filter, --limit. + + --uri + Print a list of resource URIs instead of the default output, and change + the command output to a list of URIs. If this flag is used with + --format, the formatting is applied on this URI list. To display URIs + alongside other keys instead, use the uri() transform. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +API REFERENCE + This command uses the developerconnect/v1 API. The full documentation for + this API can be found at: + http://cloud.google.com/developer-connect/docs/overview + +NOTES + These variants are also available: + + $ gcloud alpha developer-connect connections git-repository-links \ + list + + $ gcloud beta developer-connect connections git-repository-links list + diff --git a/gcloud/developer-connect/connections/help b/gcloud/developer-connect/connections/help new file mode 100644 index 000000000..fe57352ed --- /dev/null +++ b/gcloud/developer-connect/connections/help @@ -0,0 +1,45 @@ +NAME + gcloud developer-connect connections - manage connection resources + +SYNOPSIS + gcloud developer-connect connections GROUP | COMMAND [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Manage connection resources. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --help. + + Run $ gcloud help for details. + +GROUPS + GROUP is one of the following: + + git-repository-links + Manage git repository link resources. + +COMMANDS + COMMAND is one of the following: + + create + Create a connection resource. + + delete + Delete a single connection. + + describe + Get details of a single connection resource. + + list + List connections. + + update + Update the parameters of a single connection. + +NOTES + These variants are also available: + + $ gcloud alpha developer-connect connections + + $ gcloud beta developer-connect connections + diff --git a/gcloud/developer-connect/connections/list b/gcloud/developer-connect/connections/list new file mode 100644 index 000000000..6b4d79d03 --- /dev/null +++ b/gcloud/developer-connect/connections/list @@ -0,0 +1,87 @@ +NAME + gcloud developer-connect connections list - list connections + +SYNOPSIS + gcloud developer-connect connections list --location=LOCATION + [--filter=EXPRESSION] [--limit=LIMIT] [--page-size=PAGE_SIZE] + [--sort-by=[FIELD,...]] [--uri] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + List connections. + +EXAMPLES + To list all connections in location us-central1 run: + + $ gcloud developer-connect connections list --location=us-central1 + +REQUIRED FLAGS + Location resource - Parent value for ListConnectionsRequest This + represents a Cloud resource. (NOTE) Some attributes are not given + arguments in this group but can be set in other ways. + + To set the project attribute: + ◆ provide the argument --location on the command line with a fully + specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + --location=LOCATION + ID of the location or fully qualified identifier for the location. + + To set the location attribute: + ▸ provide the argument --location on the command line. + +LIST COMMAND FLAGS + --filter=EXPRESSION + Apply a Boolean filter EXPRESSION to each resource item to be listed. + If the expression evaluates True, then that item is listed. For more + details and examples of filter expressions, run $ gcloud topic filters. + This flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --limit=LIMIT + Maximum number of resources to list. The default is unlimited. This + flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --page-size=PAGE_SIZE + Some services group resource list output into pages. This flag + specifies the maximum number of resources per page. The default is + determined by the service if it supports paging, otherwise it is + unlimited (no paging). Paging may be applied before or after --filter + and --limit depending on the service. + + --sort-by=[FIELD,...] + Comma-separated list of resource field key names to sort by. The + default order is ascending. Prefix a field with ``~'' for descending + order on that field. This flag interacts with other flags that are + applied in this order: --flatten, --sort-by, --filter, --limit. + + --uri + Print a list of resource URIs instead of the default output, and change + the command output to a list of URIs. If this flag is used with + --format, the formatting is applied on this URI list. To display URIs + alongside other keys instead, use the uri() transform. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +API REFERENCE + This command uses the developerconnect/v1 API. The full documentation for + this API can be found at: + http://cloud.google.com/developer-connect/docs/overview + +NOTES + These variants are also available: + + $ gcloud alpha developer-connect connections list + + $ gcloud beta developer-connect connections list + diff --git a/gcloud/developer-connect/connections/update b/gcloud/developer-connect/connections/update new file mode 100644 index 000000000..aab84d1ae --- /dev/null +++ b/gcloud/developer-connect/connections/update @@ -0,0 +1,800 @@ +NAME + gcloud developer-connect connections update - update the parameters of a + single connection + +SYNOPSIS + gcloud developer-connect connections update CONNECTION + [--[no-]allow-missing] [--async] [--[no-]disabled] [--etag=ETAG] + [--location=LOCATION] [--namespace=NAMESPACE] [--request-id=REQUEST_ID] + [--secret=SECRET] [--[no-]validate-only] + [--annotations=[ANNOTATIONS,...] + | --update-annotations=[UPDATE_ANNOTATIONS,...] --clear-annotations + | --remove-annotations=[__REMOVE_ANNOTATIONS,...]] + [--bitbucket-cloud-config-authorizer-credential-user-token-secret-version=BITBUCKET_CLOUD_CONFIG_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION --bitbucket-cloud-config-read-authorizer-credential-user-token-secret-version=BITBUCKET_CLOUD_CONFIG_READ_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION --bitbucket-cloud-config-workspace=BITBUCKET_CLOUD_CONFIG_WORKSPACE | --bitbucket-data-center-config-authorizer-credential-user-token-secret-version=BITBUCKET_DATA_CENTER_CONFIG_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION --bitbucket-data-center-config-host-uri=BITBUCKET_DATA_CENTER_CONFIG_HOST_URI --bitbucket-data-center-config-read-authorizer-credential-user-token-secret-version=BITBUCKET_DATA_CENTER_CONFIG_READ_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION --bitbucket-data-center-config-service-directory=BITBUCKET_DATA_CENTER_CONFIG_SERVICE_DIRECTORY --bitbucket-data-center-config-ssl-ca-certificate=BITBUCKET_DATA_CENTER_CONFIG_SSL_CA_CERTIFICATE | --github-config-app-installation-id=GITHUB_CONFIG_APP_INSTALLATION_ID --github-config-authorizer-credential-oauth-token-secret-version=GITHUB_CONFIG_AUTHORIZER_CREDENTIAL_OAUTH_TOKEN_SECRET_VERSION | --github-enterprise-config-app-id=GITHUB_ENTERPRISE_CONFIG_APP_ID --github-enterprise-config-app-installation-id=GITHUB_ENTERPRISE_CONFIG_APP_INSTALLATION_ID --github-enterprise-config-host-uri=GITHUB_ENTERPRISE_CONFIG_HOST_URI --github-enterprise-config-service-directory=GITHUB_ENTERPRISE_CONFIG_SERVICE_DIRECTORY --github-enterprise-config-ssl-ca-certificate=GITHUB_ENTERPRISE_CONFIG_SSL_CA_CERTIFICATE --clear-github-enterprise-config-private-key-secret-version | --github-enterprise-config-private-key-secret-version=GITHUB_ENTERPRISE_CONFIG_PRIVATE_KEY_SECRET_VERSION --clear-github-enterprise-config-webhook-secret-version | --github-enterprise-config-webhook-secret-version=GITHUB_ENTERPRISE_CONFIG_WEBHOOK_SECRET_VERSION | --gitlab-config-authorizer-credential-user-token-secret-version=GITLAB_CONFIG_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION --gitlab-config-read-authorizer-credential-user-token-secret-version=GITLAB_CONFIG_READ_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION | --gitlab-enterprise-config-authorizer-credential-user-token-secret-version=GITLAB_ENTERPRISE_CONFIG_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION --gitlab-enterprise-config-host-uri=GITLAB_ENTERPRISE_CONFIG_HOST_URI --gitlab-enterprise-config-read-authorizer-credential-user-token-secret-version=GITLAB_ENTERPRISE_CONFIG_READ_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION --gitlab-enterprise-config-service-directory=GITLAB_ENTERPRISE_CONFIG_SERVICE_DIRECTORY --gitlab-enterprise-config-ssl-ca-certificate=GITLAB_ENTERPRISE_CONFIG_SSL_CA_CERTIFICATE] + [--crypto-key-config-reference=CRYPTO_KEY_CONFIG_REFERENCE + : --key-ring=KEY_RING] + [--labels=[LABELS,...] + | --update-labels=[UPDATE_LABELS,...] --clear-labels + | --remove-labels=[__REMOVE_LABELS,...]] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Update a connection. + +EXAMPLES + To update the labels of a connection my-connection in location us-central1 + run: + + $ gcloud developer-connect connections update my-connection \ + --labels=key1=value1 --location=us-central1 + +POSITIONAL ARGUMENTS + Connection resource - Identifier. The resource name of the connection, in + the format + projects/{project}/locations/{location}/connections/{connection_id}. This + represents a Cloud resource. (NOTE) Some attributes are not given + arguments in this group but can be set in other ways. + + To set the project attribute: + ◆ provide the argument connection on the command line with a fully + specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + To set the location attribute: + ◆ provide the argument connection on the command line with a fully + specified name; + ◆ provide the argument --location on the command line. + + This must be specified. + + CONNECTION + ID of the connection or fully qualified identifier for the + connection. + + To set the connection attribute: + ▸ provide the argument connection on the command line. + +FLAGS + --[no-]allow-missing + If set to true, and the connection is not found a new connection will + be created. In this situation update_mask is ignored. The creation will + succeed only if the input connection has all the necessary information + (e.g a github_config with both user_oauth_token and installation_id + properties). Use --allow-missing to enable and --no-allow-missing to + disable. + + --async + Return immediately, without waiting for the operation in progress to + complete. + + --[no-]disabled + If disabled is set to true, functionality is disabled for this + connection. Repository based API methods and webhooks processing for + repositories in this connection will be disabled. Use --disabled to + enable and --no-disabled to disable. + + --etag=ETAG + This checksum is computed by the server based on the value of other + fields, and may be sent on update and delete requests to ensure the + client has an up-to-date value before proceeding. + + --location=LOCATION + For resources [connection, cryptoKey, service], provides fallback value + for resource location attribute. When the resource's full URI path is + not provided, location will fallback to this flag value. + + --namespace=NAMESPACE + For resources [service], provides fallback value for resource namespace + attribute. When the resource's full URI path is not provided, namespace + will fallback to this flag value. + + --request-id=REQUEST_ID + An optional request ID to identify requests. Specify a unique request + ID so that if you must retry your request, the server will know to + ignore the request if it has already been completed. The server will + guarantee that for at least 60 minutes since the first request. + + For example, consider a situation where you make an initial request and + the request times out. If you make the request again with the same + request ID, the server can check if original operation with the same + request ID was received, and if so, will ignore the second request. + This prevents clients from accidentally creating duplicate commitments. + + The request ID must be a valid UUID with the exception that zero UUID + is not supported (00000000-0000-0000-0000-000000000000). + + --secret=SECRET + For resources [secretVersion], provides fallback value for resource + secret attribute. When the resource's full URI path is not provided, + secret will fallback to this flag value. + + --[no-]validate-only + If set, validate the request, but do not actually post it. Use + --validate-only to enable and --no-validate-only to disable. + + Update annotations. + + At most one of these can be specified: + + --annotations=[ANNOTATIONS,...] + Set annotations to new value. Allows clients to store small amounts + of arbitrary data. + + KEY + Sets KEY value. + + VALUE + Sets VALUE value. + + Shorthand Example: + + --annotations=string=string + + JSON Example: + + --annotations='{"string": "string"}' + + File Example: + + --annotations=path_to_file.(yaml|json) + + --update-annotations=[UPDATE_ANNOTATIONS,...] + Update annotations value or add key value pair. Allows clients to + store small amounts of arbitrary data. + + KEY + Sets KEY value. + + VALUE + Sets VALUE value. + + Shorthand Example: + + --update-annotations=string=string + + JSON Example: + + --update-annotations='{"string": "string"}' + + File Example: + + --update-annotations=path_to_file.(yaml|json) + + At most one of these can be specified: + + --clear-annotations + Clear annotations value and set to empty map. + + --remove-annotations=[__REMOVE_ANNOTATIONS,...] + Remove existing value from map annotations. + + Arguments for the connection config. + + At most one of these can be specified: + + Configuration for connections to an instance of Bitbucket Cloud. + + Represents a personal access token that authorized the Connection, and + associated metadata. + + SecretVersion resource - A SecretManager resource containing the + user token that authorizes the Developer Connect connection. Format: + projects/*/secrets/*/versions/*. This represents a Cloud resource. + (NOTE) Some attributes are not given arguments in this group but can + be set in other ways. + + To set the project attribute: + ◇ provide the argument + --bitbucket-cloud-config-authorizer-credential-user-token-secret-version + on the command line with a fully specified name; + ◇ provide the argument --project on the command line; + ◇ set the property core/project. + + To set the secret attribute: + ◇ provide the argument + --bitbucket-cloud-config-authorizer-credential-user-token-secret-version + on the command line with a fully specified name; + ◇ provide the argument --secret on the command line. + + --bitbucket-cloud-config-authorizer-credential-user-token-secret-version=BITBUCKET_CLOUD_CONFIG_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION + ID of the secretVersion or fully qualified identifier for the + secretVersion. + + To set the secret-version attribute: + ▹ provide the argument + --bitbucket-cloud-config-authorizer-credential-user-token-secret-version + on the command line. + + Represents a personal access token that authorized the Connection, and + associated metadata. + + SecretVersion resource - A SecretManager resource containing the + user token that authorizes the Developer Connect connection. Format: + projects/*/secrets/*/versions/*. This represents a Cloud resource. + (NOTE) Some attributes are not given arguments in this group but can + be set in other ways. + + To set the project attribute: + ◇ provide the argument + --bitbucket-cloud-config-read-authorizer-credential-user-token-secret-version + on the command line with a fully specified name; + ◇ provide the argument --project on the command line; + ◇ set the property core/project. + + To set the secret attribute: + ◇ provide the argument + --bitbucket-cloud-config-read-authorizer-credential-user-token-secret-version + on the command line with a fully specified name; + ◇ provide the argument --secret on the command line. + + --bitbucket-cloud-config-read-authorizer-credential-user-token-secret-version=BITBUCKET_CLOUD_CONFIG_READ_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION + ID of the secretVersion or fully qualified identifier for the + secretVersion. + + To set the secret-version attribute: + ▹ provide the argument + --bitbucket-cloud-config-read-authorizer-credential-user-token-secret-version + on the command line. + + --bitbucket-cloud-config-workspace=BITBUCKET_CLOUD_CONFIG_WORKSPACE + The Bitbucket Cloud Workspace ID to be connected to Google Cloud + Platform. + + Configuration for connections to an instance of Bitbucket Data Center. + + Represents a personal access token that authorized the Connection, and + associated metadata. + + SecretVersion resource - A SecretManager resource containing the + user token that authorizes the Developer Connect connection. Format: + projects/*/secrets/*/versions/*. This represents a Cloud resource. + (NOTE) Some attributes are not given arguments in this group but can + be set in other ways. + + To set the project attribute: + ◇ provide the argument + --bitbucket-data-center-config-authorizer-credential-user-token-secret-version + on the command line with a fully specified name; + ◇ provide the argument --project on the command line; + ◇ set the property core/project. + + To set the secret attribute: + ◇ provide the argument + --bitbucket-data-center-config-authorizer-credential-user-token-secret-version + on the command line with a fully specified name; + ◇ provide the argument --secret on the command line. + + --bitbucket-data-center-config-authorizer-credential-user-token-secret-version=BITBUCKET_DATA_CENTER_CONFIG_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION + ID of the secretVersion or fully qualified identifier for the + secretVersion. + + To set the secret-version attribute: + ▹ provide the argument + --bitbucket-data-center-config-authorizer-credential-user-token-secret-version + on the command line. + + --bitbucket-data-center-config-host-uri=BITBUCKET_DATA_CENTER_CONFIG_HOST_URI + The URI of the Bitbucket Data Center host this connection is for. + + Represents a personal access token that authorized the Connection, and + associated metadata. + + SecretVersion resource - A SecretManager resource containing the + user token that authorizes the Developer Connect connection. Format: + projects/*/secrets/*/versions/*. This represents a Cloud resource. + (NOTE) Some attributes are not given arguments in this group but can + be set in other ways. + + To set the project attribute: + ◇ provide the argument + --bitbucket-data-center-config-read-authorizer-credential-user-token-secret-version + on the command line with a fully specified name; + ◇ provide the argument --project on the command line; + ◇ set the property core/project. + + To set the secret attribute: + ◇ provide the argument + --bitbucket-data-center-config-read-authorizer-credential-user-token-secret-version + on the command line with a fully specified name; + ◇ provide the argument --secret on the command line. + + --bitbucket-data-center-config-read-authorizer-credential-user-token-secret-version=BITBUCKET_DATA_CENTER_CONFIG_READ_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION + ID of the secretVersion or fully qualified identifier for the + secretVersion. + + To set the secret-version attribute: + ▹ provide the argument + --bitbucket-data-center-config-read-authorizer-credential-user-token-secret-version + on the command line. + + ServiceDirectoryConfig represents Service Directory configuration for + a connection. + + Service resource - The Service Directory service name. Format: + projects/{project}/locations/{location}/namespaces/{namespace}/services/{service}. + This represents a Cloud resource. (NOTE) Some attributes are not + given arguments in this group but can be set in other ways. + + To set the project attribute: + ◇ provide the argument + --bitbucket-data-center-config-service-directory on the command + line with a fully specified name; + ◇ provide the argument --project on the command line; + ◇ set the property core/project. + + To set the location attribute: + ◇ provide the argument + --bitbucket-data-center-config-service-directory on the command + line with a fully specified name; + ◇ provide the argument --location on the command line. + + To set the namespace attribute: + ◇ provide the argument + --bitbucket-data-center-config-service-directory on the command + line with a fully specified name; + ◇ provide the argument --namespace on the command line. + + --bitbucket-data-center-config-service-directory=BITBUCKET_DATA_CENTER_CONFIG_SERVICE_DIRECTORY + ID of the service or fully qualified identifier for the + service. + + To set the service attribute: + ▹ provide the argument + --bitbucket-data-center-config-service-directory on the + command line. + + --bitbucket-data-center-config-ssl-ca-certificate=BITBUCKET_DATA_CENTER_CONFIG_SSL_CA_CERTIFICATE + SSL certificate authority to trust when making requests to + Bitbucket Data Center. + + Configuration for connections to github.com. + + --github-config-app-installation-id=GITHUB_CONFIG_APP_INSTALLATION_ID + GitHub App installation id. + + Represents an OAuth token of the account that authorized the + Connection, and associated metadata. + + SecretVersion resource - A SecretManager resource containing the + OAuth token that authorizes the connection. Format: + projects/*/secrets/*/versions/*. This represents a Cloud resource. + (NOTE) Some attributes are not given arguments in this group but can + be set in other ways. + + To set the project attribute: + ◇ provide the argument + --github-config-authorizer-credential-oauth-token-secret-version + on the command line with a fully specified name; + ◇ provide the argument --project on the command line; + ◇ set the property core/project. + + To set the secret attribute: + ◇ provide the argument + --github-config-authorizer-credential-oauth-token-secret-version + on the command line with a fully specified name; + ◇ provide the argument --secret on the command line. + + --github-config-authorizer-credential-oauth-token-secret-version=GITHUB_CONFIG_AUTHORIZER_CREDENTIAL_OAUTH_TOKEN_SECRET_VERSION + ID of the secretVersion or fully qualified identifier for the + secretVersion. + + To set the secret-version attribute: + ▹ provide the argument + --github-config-authorizer-credential-oauth-token-secret-version + on the command line. + + Configuration for connections to an instance of GitHub Enterprise. + + --github-enterprise-config-app-id=GITHUB_ENTERPRISE_CONFIG_APP_ID + ID of the GitHub App created from the manifest. + + --github-enterprise-config-app-installation-id=GITHUB_ENTERPRISE_CONFIG_APP_INSTALLATION_ID + ID of the installation of the GitHub App. + + --github-enterprise-config-host-uri=GITHUB_ENTERPRISE_CONFIG_HOST_URI + The URI of the GitHub Enterprise host this connection is for. + + ServiceDirectoryConfig represents Service Directory configuration for + a connection. + + Service resource - The Service Directory service name. Format: + projects/{project}/locations/{location}/namespaces/{namespace}/services/{service}. + This represents a Cloud resource. (NOTE) Some attributes are not + given arguments in this group but can be set in other ways. + + To set the project attribute: + ◇ provide the argument + --github-enterprise-config-service-directory on the command line + with a fully specified name; + ◇ provide the argument --project on the command line; + ◇ set the property core/project. + + To set the location attribute: + ◇ provide the argument + --github-enterprise-config-service-directory on the command line + with a fully specified name; + ◇ provide the argument --location on the command line. + + To set the namespace attribute: + ◇ provide the argument + --github-enterprise-config-service-directory on the command line + with a fully specified name; + ◇ provide the argument --namespace on the command line. + + --github-enterprise-config-service-directory=GITHUB_ENTERPRISE_CONFIG_SERVICE_DIRECTORY + ID of the service or fully qualified identifier for the + service. + + To set the service attribute: + ▹ provide the argument + --github-enterprise-config-service-directory on the command + line. + + --github-enterprise-config-ssl-ca-certificate=GITHUB_ENTERPRISE_CONFIG_SSL_CA_CERTIFICATE + SSL certificate to use for requests to GitHub Enterprise. + + Update github_enterprise_config_private_key_secret_version. + + At most one of these can be specified: + + --clear-github-enterprise-config-private-key-secret-version + Clear github_enterprise_config_private_key_secret_version value + and set to null. + + SecretVersion resource - Set + github_enterprise_config_private_key_secret_version to new value. + + SecretManager resource containing the private key of the GitHub App, + formatted as projects/*/secrets/*/versions/*. This represents a + Cloud resource. (NOTE) Some attributes are not given arguments in + this group but can be set in other ways. + + To set the project attribute: + ◇ provide the argument + --github-enterprise-config-private-key-secret-version on the + command line with a fully specified name; + ◇ provide the argument --project on the command line; + ◇ set the property core/project. + + To set the secret attribute: + ◇ provide the argument + --github-enterprise-config-private-key-secret-version on the + command line with a fully specified name; + ◇ provide the argument --secret on the command line. + + --github-enterprise-config-private-key-secret-version=GITHUB_ENTERPRISE_CONFIG_PRIVATE_KEY_SECRET_VERSION + ID of the secretVersion or fully qualified identifier for the + secretVersion. + + To set the secret-version attribute: + ▹ provide the argument + --github-enterprise-config-private-key-secret-version on the + command line. + + Update github_enterprise_config_webhook_secret_version. + + At most one of these can be specified: + + --clear-github-enterprise-config-webhook-secret-version + Clear github_enterprise_config_webhook_secret_version value and + set to null. + + SecretVersion resource - Set + github_enterprise_config_webhook_secret_version to new value. + + SecretManager resource containing the webhook secret of the GitHub + App, formatted as projects/*/secrets/*/versions/*. This represents a + Cloud resource. (NOTE) Some attributes are not given arguments in + this group but can be set in other ways. + + To set the project attribute: + ◇ provide the argument + --github-enterprise-config-webhook-secret-version on the command + line with a fully specified name; + ◇ provide the argument --project on the command line; + ◇ set the property core/project. + + To set the secret attribute: + ◇ provide the argument + --github-enterprise-config-webhook-secret-version on the command + line with a fully specified name; + ◇ provide the argument --secret on the command line. + + --github-enterprise-config-webhook-secret-version=GITHUB_ENTERPRISE_CONFIG_WEBHOOK_SECRET_VERSION + ID of the secretVersion or fully qualified identifier for the + secretVersion. + + To set the secret-version attribute: + ▹ provide the argument + --github-enterprise-config-webhook-secret-version on the + command line. + + Configuration for connections to gitlab.com. + + Represents a personal access token that authorized the Connection, and + associated metadata. + + SecretVersion resource - A SecretManager resource containing the + user token that authorizes the Developer Connect connection. Format: + projects/*/secrets/*/versions/*. This represents a Cloud resource. + (NOTE) Some attributes are not given arguments in this group but can + be set in other ways. + + To set the project attribute: + ◇ provide the argument + --gitlab-config-authorizer-credential-user-token-secret-version + on the command line with a fully specified name; + ◇ provide the argument --project on the command line; + ◇ set the property core/project. + + To set the secret attribute: + ◇ provide the argument + --gitlab-config-authorizer-credential-user-token-secret-version + on the command line with a fully specified name; + ◇ provide the argument --secret on the command line. + + --gitlab-config-authorizer-credential-user-token-secret-version=GITLAB_CONFIG_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION + ID of the secretVersion or fully qualified identifier for the + secretVersion. + + To set the secret-version attribute: + ▹ provide the argument + --gitlab-config-authorizer-credential-user-token-secret-version + on the command line. + + Represents a personal access token that authorized the Connection, and + associated metadata. + + SecretVersion resource - A SecretManager resource containing the + user token that authorizes the Developer Connect connection. Format: + projects/*/secrets/*/versions/*. This represents a Cloud resource. + (NOTE) Some attributes are not given arguments in this group but can + be set in other ways. + + To set the project attribute: + ◇ provide the argument + --gitlab-config-read-authorizer-credential-user-token-secret-version + on the command line with a fully specified name; + ◇ provide the argument --project on the command line; + ◇ set the property core/project. + + To set the secret attribute: + ◇ provide the argument + --gitlab-config-read-authorizer-credential-user-token-secret-version + on the command line with a fully specified name; + ◇ provide the argument --secret on the command line. + + --gitlab-config-read-authorizer-credential-user-token-secret-version=GITLAB_CONFIG_READ_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION + ID of the secretVersion or fully qualified identifier for the + secretVersion. + + To set the secret-version attribute: + ▹ provide the argument + --gitlab-config-read-authorizer-credential-user-token-secret-version + on the command line. + + Configuration for connections to an instance of GitLab Enterprise. + + Represents a personal access token that authorized the Connection, and + associated metadata. + + SecretVersion resource - A SecretManager resource containing the + user token that authorizes the Developer Connect connection. Format: + projects/*/secrets/*/versions/*. This represents a Cloud resource. + (NOTE) Some attributes are not given arguments in this group but can + be set in other ways. + + To set the project attribute: + ◇ provide the argument + --gitlab-enterprise-config-authorizer-credential-user-token-secret-version + on the command line with a fully specified name; + ◇ provide the argument --project on the command line; + ◇ set the property core/project. + + To set the secret attribute: + ◇ provide the argument + --gitlab-enterprise-config-authorizer-credential-user-token-secret-version + on the command line with a fully specified name; + ◇ provide the argument --secret on the command line. + + --gitlab-enterprise-config-authorizer-credential-user-token-secret-version=GITLAB_ENTERPRISE_CONFIG_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION + ID of the secretVersion or fully qualified identifier for the + secretVersion. + + To set the secret-version attribute: + ▹ provide the argument + --gitlab-enterprise-config-authorizer-credential-user-token-secret-version + on the command line. + + --gitlab-enterprise-config-host-uri=GITLAB_ENTERPRISE_CONFIG_HOST_URI + The URI of the GitLab Enterprise host this connection is for. + + Represents a personal access token that authorized the Connection, and + associated metadata. + + SecretVersion resource - A SecretManager resource containing the + user token that authorizes the Developer Connect connection. Format: + projects/*/secrets/*/versions/*. This represents a Cloud resource. + (NOTE) Some attributes are not given arguments in this group but can + be set in other ways. + + To set the project attribute: + ◇ provide the argument + --gitlab-enterprise-config-read-authorizer-credential-user-token-secret-version + on the command line with a fully specified name; + ◇ provide the argument --project on the command line; + ◇ set the property core/project. + + To set the secret attribute: + ◇ provide the argument + --gitlab-enterprise-config-read-authorizer-credential-user-token-secret-version + on the command line with a fully specified name; + ◇ provide the argument --secret on the command line. + + --gitlab-enterprise-config-read-authorizer-credential-user-token-secret-version=GITLAB_ENTERPRISE_CONFIG_READ_AUTHORIZER_CREDENTIAL_USER_TOKEN_SECRET_VERSION + ID of the secretVersion or fully qualified identifier for the + secretVersion. + + To set the secret-version attribute: + ▹ provide the argument + --gitlab-enterprise-config-read-authorizer-credential-user-token-secret-version + on the command line. + + ServiceDirectoryConfig represents Service Directory configuration for + a connection. + + Service resource - The Service Directory service name. Format: + projects/{project}/locations/{location}/namespaces/{namespace}/services/{service}. + This represents a Cloud resource. (NOTE) Some attributes are not + given arguments in this group but can be set in other ways. + + To set the project attribute: + ◇ provide the argument + --gitlab-enterprise-config-service-directory on the command line + with a fully specified name; + ◇ provide the argument --project on the command line; + ◇ set the property core/project. + + To set the location attribute: + ◇ provide the argument + --gitlab-enterprise-config-service-directory on the command line + with a fully specified name; + ◇ provide the argument --location on the command line. + + To set the namespace attribute: + ◇ provide the argument + --gitlab-enterprise-config-service-directory on the command line + with a fully specified name; + ◇ provide the argument --namespace on the command line. + + --gitlab-enterprise-config-service-directory=GITLAB_ENTERPRISE_CONFIG_SERVICE_DIRECTORY + ID of the service or fully qualified identifier for the + service. + + To set the service attribute: + ▹ provide the argument + --gitlab-enterprise-config-service-directory on the command + line. + + --gitlab-enterprise-config-ssl-ca-certificate=GITLAB_ENTERPRISE_CONFIG_SSL_CA_CERTIFICATE + SSL Certificate Authority certificate to use for requests to GitLab + Enterprise instance. + + The crypto key configuration. This field is used by the Customer-managed + encryption keys (CMEK) feature. + + CryptoKey resource - The name of the key which is used to + encrypt/decrypt customer data. For key in Cloud KMS, the key should be + in the format of projects/*/locations/*/keyRings/*/cryptoKeys/*. The + arguments in this group can be used to specify the attributes of this + resource. (NOTE) Some attributes are not given arguments in this group + but can be set in other ways. + + To set the project attribute: + ▸ provide the argument --crypto-key-config-reference on the command + line with a fully specified name; + ▸ provide the argument --project on the command line; + ▸ set the property core/project. + + To set the location attribute: + ▸ provide the argument --crypto-key-config-reference on the command + line with a fully specified name; + ▸ provide the argument --location on the command line. + + --crypto-key-config-reference=CRYPTO_KEY_CONFIG_REFERENCE + ID of the cryptoKey or fully qualified identifier for the + cryptoKey. + + To set the crypto-key attribute: + ▫ provide the argument --crypto-key-config-reference on the + command line. + + This flag argument must be specified if any of the other arguments + in this group are specified. + + --key-ring=KEY_RING + The keyRing id of the cryptoKey resource. + + To set the key-ring attribute: + ▫ provide the argument --crypto-key-config-reference on the + command line with a fully specified name; + ▫ provide the argument --key-ring on the command line. + + Update labels. + + At most one of these can be specified: + + --labels=[LABELS,...] + Set labels to new value. Labels as key value pairs. + + KEY + Keys must start with a lowercase character and contain only + hyphens (-), underscores (_), lowercase characters, and numbers. + + VALUE + Values must contain only hyphens (-), underscores (_), lowercase + characters, and numbers. + + Shorthand Example: + + --labels=string=string + + JSON Example: + + --labels='{"string": "string"}' + + File Example: + + --labels=path_to_file.(yaml|json) + + --update-labels=[UPDATE_LABELS,...] + Update labels value or add key value pair. Labels as key value pairs. + + KEY + Keys must start with a lowercase character and contain only + hyphens (-), underscores (_), lowercase characters, and numbers. + + VALUE + Values must contain only hyphens (-), underscores (_), lowercase + characters, and numbers. + + Shorthand Example: + + --update-labels=string=string + + JSON Example: + + --update-labels='{"string": "string"}' + + File Example: + + --update-labels=path_to_file.(yaml|json) + + At most one of these can be specified: + + --clear-labels + Clear labels value and set to empty map. + + --remove-labels=[__REMOVE_LABELS,...] + Remove existing value from map labels. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +API REFERENCE + This command uses the developerconnect/v1 API. The full documentation for + this API can be found at: + http://cloud.google.com/developer-connect/docs/overview + +NOTES + These variants are also available: + + $ gcloud alpha developer-connect connections update + + $ gcloud beta developer-connect connections update + diff --git a/gcloud/developer-connect/help b/gcloud/developer-connect/help new file mode 100644 index 000000000..c62f546d4 --- /dev/null +++ b/gcloud/developer-connect/help @@ -0,0 +1,30 @@ +NAME + gcloud developer-connect - manage Developer Connect resources + +SYNOPSIS + gcloud developer-connect GROUP [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Manage Developer Connect resources. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --help. + + Run $ gcloud help for details. + +GROUPS + GROUP is one of the following: + + connections + Manage connection resources. + + operations + Manage Operation resources. + +NOTES + These variants are also available: + + $ gcloud alpha developer-connect + + $ gcloud beta developer-connect + diff --git a/gcloud/developer-connect/operations/cancel b/gcloud/developer-connect/operations/cancel new file mode 100644 index 000000000..3714a4d8b --- /dev/null +++ b/gcloud/developer-connect/operations/cancel @@ -0,0 +1,66 @@ +NAME + gcloud developer-connect operations cancel - cancel operations + +SYNOPSIS + gcloud developer-connect operations cancel + (OPERATION : --location=LOCATION) [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Cancel an operation + +EXAMPLES + To cancel the operation, run: + + $ gcloud developer-connect operations cancel + +POSITIONAL ARGUMENTS + Operation resource - The name of the operation resource to be cancelled. + The arguments in this group can be used to specify the attributes of this + resource. (NOTE) Some attributes are not given arguments in this group but + can be set in other ways. + + To set the project attribute: + ◆ provide the argument operation on the command line with a fully + specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + OPERATION + ID of the operation or fully qualified identifier for the operation. + + To set the operation attribute: + ▸ provide the argument operation on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + The location id of the operation resource. + + To set the location attribute: + ▸ provide the argument operation on the command line with a fully + specified name; + ▸ provide the argument --location on the command line. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +API REFERENCE + This command uses the developerconnect/v1 API. The full documentation for + this API can be found at: + http://cloud.google.com/developer-connect/docs/overview + +NOTES + These variants are also available: + + $ gcloud alpha developer-connect operations cancel + + $ gcloud beta developer-connect operations cancel + diff --git a/gcloud/developer-connect/operations/delete b/gcloud/developer-connect/operations/delete new file mode 100644 index 000000000..2640583ae --- /dev/null +++ b/gcloud/developer-connect/operations/delete @@ -0,0 +1,66 @@ +NAME + gcloud developer-connect operations delete - delete operations + +SYNOPSIS + gcloud developer-connect operations delete + (OPERATION : --location=LOCATION) [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Delete an operation + +EXAMPLES + To delete the operation, run: + + $ gcloud developer-connect operations delete + +POSITIONAL ARGUMENTS + Operation resource - The name of the operation resource to be deleted. The + arguments in this group can be used to specify the attributes of this + resource. (NOTE) Some attributes are not given arguments in this group but + can be set in other ways. + + To set the project attribute: + ◆ provide the argument operation on the command line with a fully + specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + OPERATION + ID of the operation or fully qualified identifier for the operation. + + To set the operation attribute: + ▸ provide the argument operation on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + The location id of the operation resource. + + To set the location attribute: + ▸ provide the argument operation on the command line with a fully + specified name; + ▸ provide the argument --location on the command line. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +API REFERENCE + This command uses the developerconnect/v1 API. The full documentation for + this API can be found at: + http://cloud.google.com/developer-connect/docs/overview + +NOTES + These variants are also available: + + $ gcloud alpha developer-connect operations delete + + $ gcloud beta developer-connect operations delete + diff --git a/gcloud/developer-connect/operations/describe b/gcloud/developer-connect/operations/describe new file mode 100644 index 000000000..455003ce0 --- /dev/null +++ b/gcloud/developer-connect/operations/describe @@ -0,0 +1,66 @@ +NAME + gcloud developer-connect operations describe - describe operations + +SYNOPSIS + gcloud developer-connect operations describe + (OPERATION : --location=LOCATION) [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Describe an operation + +EXAMPLES + To describe the operation, run: + + $ gcloud developer-connect operations describe + +POSITIONAL ARGUMENTS + Operation resource - The name of the operation resource. The arguments in + this group can be used to specify the attributes of this resource. (NOTE) + Some attributes are not given arguments in this group but can be set in + other ways. + + To set the project attribute: + ◆ provide the argument operation on the command line with a fully + specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + OPERATION + ID of the operation or fully qualified identifier for the operation. + + To set the operation attribute: + ▸ provide the argument operation on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + The location id of the operation resource. + + To set the location attribute: + ▸ provide the argument operation on the command line with a fully + specified name; + ▸ provide the argument --location on the command line. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +API REFERENCE + This command uses the developerconnect/v1 API. The full documentation for + this API can be found at: + http://cloud.google.com/developer-connect/docs/overview + +NOTES + These variants are also available: + + $ gcloud alpha developer-connect operations describe + + $ gcloud beta developer-connect operations describe + diff --git a/gcloud/developer-connect/operations/help b/gcloud/developer-connect/operations/help new file mode 100644 index 000000000..b4cbc6ce8 --- /dev/null +++ b/gcloud/developer-connect/operations/help @@ -0,0 +1,39 @@ +NAME + gcloud developer-connect operations - manage Operation resources + +SYNOPSIS + gcloud developer-connect operations COMMAND [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Manage Operation resources. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --help. + + Run $ gcloud help for details. + +COMMANDS + COMMAND is one of the following: + + cancel + Cancel operations. + + delete + Delete operations. + + describe + Describe operations. + + list + List operations. + + wait + Wait operations. + +NOTES + These variants are also available: + + $ gcloud alpha developer-connect operations + + $ gcloud beta developer-connect operations + diff --git a/gcloud/developer-connect/operations/list b/gcloud/developer-connect/operations/list new file mode 100644 index 000000000..75eabbcff --- /dev/null +++ b/gcloud/developer-connect/operations/list @@ -0,0 +1,87 @@ +NAME + gcloud developer-connect operations list - list operations + +SYNOPSIS + gcloud developer-connect operations list --location=LOCATION + [--filter=EXPRESSION] [--limit=LIMIT] [--page-size=PAGE_SIZE] + [--sort-by=[FIELD,...]] [--uri] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + List operations + +EXAMPLES + To list all operations, run: + + $ gcloud developer-connect operations list + +REQUIRED FLAGS + Location resource - The name of the operation's parent resource. This + represents a Cloud resource. (NOTE) Some attributes are not given + arguments in this group but can be set in other ways. + + To set the project attribute: + ◆ provide the argument --location on the command line with a fully + specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + --location=LOCATION + ID of the location or fully qualified identifier for the location. + + To set the location attribute: + ▸ provide the argument --location on the command line. + +LIST COMMAND FLAGS + --filter=EXPRESSION + Apply a Boolean filter EXPRESSION to each resource item to be listed. + If the expression evaluates True, then that item is listed. For more + details and examples of filter expressions, run $ gcloud topic filters. + This flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --limit=LIMIT + Maximum number of resources to list. The default is unlimited. This + flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --page-size=PAGE_SIZE + Some services group resource list output into pages. This flag + specifies the maximum number of resources per page. The default is + determined by the service if it supports paging, otherwise it is + unlimited (no paging). Paging may be applied before or after --filter + and --limit depending on the service. + + --sort-by=[FIELD,...] + Comma-separated list of resource field key names to sort by. The + default order is ascending. Prefix a field with ``~'' for descending + order on that field. This flag interacts with other flags that are + applied in this order: --flatten, --sort-by, --filter, --limit. + + --uri + Print a list of resource URIs instead of the default output, and change + the command output to a list of URIs. If this flag is used with + --format, the formatting is applied on this URI list. To display URIs + alongside other keys instead, use the uri() transform. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +API REFERENCE + This command uses the developerconnect/v1 API. The full documentation for + this API can be found at: + http://cloud.google.com/developer-connect/docs/overview + +NOTES + These variants are also available: + + $ gcloud alpha developer-connect operations list + + $ gcloud beta developer-connect operations list + diff --git a/gcloud/developer-connect/operations/wait b/gcloud/developer-connect/operations/wait new file mode 100644 index 000000000..7e06922dc --- /dev/null +++ b/gcloud/developer-connect/operations/wait @@ -0,0 +1,66 @@ +NAME + gcloud developer-connect operations wait - wait operations + +SYNOPSIS + gcloud developer-connect operations wait (OPERATION : --location=LOCATION) + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Wait an operation + +EXAMPLES + To wait the operation, run: + + $ gcloud developer-connect operations wait + +POSITIONAL ARGUMENTS + Operation resource - The name of the operation resource to wait on. The + arguments in this group can be used to specify the attributes of this + resource. (NOTE) Some attributes are not given arguments in this group but + can be set in other ways. + + To set the project attribute: + ◆ provide the argument operation on the command line with a fully + specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + OPERATION + ID of the operation or fully qualified identifier for the operation. + + To set the operation attribute: + ▸ provide the argument operation on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + The location id of the operation resource. + + To set the location attribute: + ▸ provide the argument operation on the command line with a fully + specified name; + ▸ provide the argument --location on the command line. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +API REFERENCE + This command uses the developerconnect/v1 API. The full documentation for + this API can be found at: + http://cloud.google.com/developer-connect/docs/overview + +NOTES + These variants are also available: + + $ gcloud alpha developer-connect operations wait + + $ gcloud beta developer-connect operations wait + diff --git a/gcloud/edge-cloud/container/clusters/create b/gcloud/edge-cloud/container/clusters/create index 4562355d5..be9b24bd7 100644 --- a/gcloud/edge-cloud/container/clusters/create +++ b/gcloud/edge-cloud/container/clusters/create @@ -24,7 +24,7 @@ SYNOPSIS default="RELEASE_CHANNEL_UNSPECIFIED"] [--services-ipv4-cidr=SERVICES_IPV4_CIDR; default="10.96.0.0/12"] [--system-addons-config=SYSTEM_ADDONS_CONFIG] [--version=VERSION] - [GCLOUD_WIDE_FLAG ...] + [--zone-storage-kms-key=ZONE_STORAGE_KMS_KEY] [GCLOUD_WIDE_FLAG ...] DESCRIPTION Create an Edge Container cluster. @@ -192,6 +192,15 @@ FLAGS --version=VERSION Target cluster version. For example: "1.5.0". + --zone-storage-kms-key=ZONE_STORAGE_KMS_KEY + Google Cloud KMS key that will be used to encrypt and decrypt the root + key for zone storage encryption. The zone storage KMS key is only + applicable to the storage infra cluster. The Edge Container service + account for this project must have + roles/cloudkms.cryptoKeyEncrypterDecrypter on the key. + + If not provided, a Google-managed key will be used by default. + GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, diff --git a/gcloud/edge-cloud/container/clusters/update b/gcloud/edge-cloud/container/clusters/update index a3bd48876..81a50be5f 100644 --- a/gcloud/edge-cloud/container/clusters/update +++ b/gcloud/edge-cloud/container/clusters/update @@ -8,7 +8,8 @@ SYNOPSIS [--release-channel=RELEASE_CHANNEL] [--clear-maintenance-window | --remove-maintenance-exclusion-window=REMOVE_MAINTENANCE_EXCLUSION_WINDOW | --add-maintenance-exclusion-end=ADD_MAINTENANCE_EXCLUSION_END --add-maintenance-exclusion-name=ADD_MAINTENANCE_EXCLUSION_NAME --add-maintenance-exclusion-start=ADD_MAINTENANCE_EXCLUSION_START | --maintenance-window-end=MAINTENANCE_WINDOW_END --maintenance-window-recurrence=MAINTENANCE_WINDOW_RECURRENCE --maintenance-window-start=MAINTENANCE_WINDOW_START] - [GCLOUD_WIDE_FLAG ...] + [--use-google-managed-zone-key + | --zone-storage-kms-key=ZONE_STORAGE_KMS_KEY] [GCLOUD_WIDE_FLAG ...] DESCRIPTION Update an Edge Container cluster. @@ -122,6 +123,14 @@ FLAGS 3339 (https://www.ietf.org/rfc/rfc3339.txt) format. E.g. "2021-01-01T00:00:00Z" or "2021-01-01T00:00:00-05:00" + At most one of these can be specified: + + --use-google-managed-zone-key + If set, use Google managed key for zone storage encryption. + + --zone-storage-kms-key=ZONE_STORAGE_KMS_KEY + If set, use the specified KMS key for zone storage encryption. + GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, diff --git a/gcloud/eventarc/channel-connections/create b/gcloud/eventarc/channel-connections/create index 1c2e188b2..7d84aac66 100644 --- a/gcloud/eventarc/channel-connections/create +++ b/gcloud/eventarc/channel-connections/create @@ -6,7 +6,7 @@ SYNOPSIS gcloud eventarc channel-connections create (CHANNEL_CONNECTION : --location=LOCATION) --activation-token=ACTIVATION_TOKEN --channel=CHANNEL [--async] - [GCLOUD_WIDE_FLAG ...] + [--labels=[KEY=VALUE,...]] [GCLOUD_WIDE_FLAG ...] DESCRIPTION Create an Eventarc channel connection. @@ -67,6 +67,9 @@ OPTIONAL FLAGS Return immediately, without waiting for the operation in progress to complete. + --labels=[KEY=VALUE,...] + Labels to apply to the channel connection. + GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, diff --git a/gcloud/eventarc/channels/create b/gcloud/eventarc/channels/create index b2ee65b79..59206a584 100644 --- a/gcloud/eventarc/channels/create +++ b/gcloud/eventarc/channels/create @@ -3,7 +3,8 @@ NAME SYNOPSIS gcloud eventarc channels create (CHANNEL : --location=LOCATION) [--async] - [--crypto-key=CRYPTO_KEY] [--provider=PROVIDER] [GCLOUD_WIDE_FLAG ...] + [--crypto-key=CRYPTO_KEY] [--labels=[KEY=VALUE,...]] + [--provider=PROVIDER] [GCLOUD_WIDE_FLAG ...] DESCRIPTION Create an Eventarc channel. @@ -64,6 +65,14 @@ FLAGS encryption. If this is unspecified, Google-managed keys will be used for encryption. + --labels=[KEY=VALUE,...] + List of label KEY=VALUE pairs to add. + + Keys must start with a lowercase character and contain only hyphens + (-), underscores (_), lowercase characters, and numbers. Values must + contain only hyphens (-), underscores (_), lowercase characters, and + numbers. + Provider resource - Provider to use for the channel. This represents a Cloud resource. (NOTE) Some attributes are not given arguments in this group but can be set in other ways. diff --git a/gcloud/eventarc/channels/update b/gcloud/eventarc/channels/update index de9ec8c75..1659a6c91 100644 --- a/gcloud/eventarc/channels/update +++ b/gcloud/eventarc/channels/update @@ -3,7 +3,9 @@ NAME SYNOPSIS gcloud eventarc channels update (CHANNEL : --location=LOCATION) [--async] - [--clear-crypto-key | --crypto-key=CRYPTO_KEY] [GCLOUD_WIDE_FLAG ...] + [--update-labels=[KEY=VALUE,...]] + [--clear-crypto-key | --crypto-key=CRYPTO_KEY] + [--clear-labels | --remove-labels=[KEY,...]] [GCLOUD_WIDE_FLAG ...] DESCRIPTION Update an Eventarc channel. @@ -59,6 +61,15 @@ FLAGS Return immediately, without waiting for the operation in progress to complete. + --update-labels=[KEY=VALUE,...] + List of label KEY=VALUE pairs to update. If a label exists, its value + is modified. Otherwise, a new label is created. + + Keys must start with a lowercase character and contain only hyphens + (-), underscores (_), lowercase characters, and numbers. Values must + contain only hyphens (-), underscores (_), lowercase characters, and + numbers. + At most one of these can be specified: --clear-crypto-key @@ -70,6 +81,26 @@ FLAGS encryption. If this is unspecified, Google-managed keys will be used for encryption. + At most one of these can be specified: + + --clear-labels + Remove all labels. If --update-labels is also specified then + --clear-labels is applied first. + + For example, to remove all labels: + + $ gcloud eventarc channels update --clear-labels + + To remove all existing labels and create two new labels, foo and baz: + + $ gcloud eventarc channels update --clear-labels \ + --update-labels foo=bar,baz=qux + + --remove-labels=[KEY,...] + List of label keys to remove. If a label does not exist it is + silently ignored. If --update-labels is also specified then + --update-labels is applied first. + GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, diff --git a/gcloud/eventarc/triggers/create b/gcloud/eventarc/triggers/create index ae0074f5f..82d7ecce8 100644 --- a/gcloud/eventarc/triggers/create +++ b/gcloud/eventarc/triggers/create @@ -184,7 +184,12 @@ OPTIONAL FLAGS resourceName attribute for Cloud Audit Log events. --labels=[KEY=VALUE,...] - Labels to apply to the trigger. + List of label KEY=VALUE pairs to add. + + Keys must start with a lowercase character and contain only hyphens + (-), underscores (_), lowercase characters, and numbers. Values must + contain only hyphens (-), underscores (_), lowercase characters, and + numbers. --service-account=SERVICE_ACCOUNT The IAM service account email associated with the trigger. diff --git a/gcloud/eventarc/triggers/update b/gcloud/eventarc/triggers/update index f0450b7a1..0f40bd904 100644 --- a/gcloud/eventarc/triggers/update +++ b/gcloud/eventarc/triggers/update @@ -6,7 +6,8 @@ SYNOPSIS [--event-data-content-type=EVENT_DATA_CONTENT_TYPE] [--event-filters=[ATTRIBUTE=VALUE,...]] [--event-filters-path-pattern=[ATTRIBUTE=PATH_PATTERN,...]] - [--labels=[KEY=VALUE,...]] + [--update-labels=[KEY=VALUE,...]] + [--clear-labels | --remove-labels=[KEY,...]] [--clear-service-account | --service-account=SERVICE_ACCOUNT] [--destination-gke-namespace=DESTINATION_GKE_NAMESPACE --destination-gke-service=DESTINATION_GKE_SERVICE @@ -87,8 +88,34 @@ FLAGS destination. Currently, path pattern format is only available for the resourceName attribute for Cloud Audit Log events. - --labels=[KEY=VALUE,...] - Labels to apply to the trigger. + --update-labels=[KEY=VALUE,...] + List of label KEY=VALUE pairs to update. If a label exists, its value + is modified. Otherwise, a new label is created. + + Keys must start with a lowercase character and contain only hyphens + (-), underscores (_), lowercase characters, and numbers. Values must + contain only hyphens (-), underscores (_), lowercase characters, and + numbers. + + At most one of these can be specified: + + --clear-labels + Remove all labels. If --update-labels is also specified then + --clear-labels is applied first. + + For example, to remove all labels: + + $ gcloud eventarc triggers update --clear-labels + + To remove all existing labels and create two new labels, foo and baz: + + $ gcloud eventarc triggers update --clear-labels \ + --update-labels foo=bar,baz=qux + + --remove-labels=[KEY,...] + List of label keys to remove. If a label does not exist it is + silently ignored. If --update-labels is also specified then + --update-labels is applied first. At most one of these can be specified: diff --git a/gcloud/filestore/backups/create b/gcloud/filestore/backups/create index 3b6a89806..9d17a059b 100644 --- a/gcloud/filestore/backups/create +++ b/gcloud/filestore/backups/create @@ -6,7 +6,8 @@ SYNOPSIS --instance=INSTANCE --region=REGION (--instance-location=INSTANCE_LOCATION | --instance-zone=INSTANCE_ZONE) [--async] [--description=DESCRIPTION] [--kms-key=KMS_KEY] - [--labels=[KEY=VALUE,...]] [GCLOUD_WIDE_FLAG ...] + [--labels=[KEY=VALUE,...]] [--tags=[KEY=VALUE,...]] + [GCLOUD_WIDE_FLAG ...] DESCRIPTION Create a Filestore backup of an instance file share. @@ -63,6 +64,9 @@ OPTIONAL FLAGS --labels=[KEY=VALUE,...] List of label KEY=VALUE pairs to add. + --tags=[KEY=VALUE,...] + List of tag KEY=VALUE pairs to add. + GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, diff --git a/gcloud/filestore/instances/create b/gcloud/filestore/instances/create index 68ce57e5b..2aa603e3d 100644 --- a/gcloud/filestore/instances/create +++ b/gcloud/filestore/instances/create @@ -10,7 +10,8 @@ SYNOPSIS [name=NAME],[reserved-ip-range=RESERVED-IP-RANGE] [--async] [--description=DESCRIPTION] [--labels=[KEY=VALUE,...]] [--location=LOCATION] [--region=REGION] - [--source-instance=SOURCE_INSTANCE] [--tier=TIER; default="BASIC_HDD"] + [--source-instance=SOURCE_INSTANCE] [--tags=[KEY=VALUE,...]] + [--tier=TIER; default="BASIC_HDD"] [--deletion-protection : --deletion-protection-reason=DELETION_PROTECTION_REASON] [--kms-key=KMS_KEY : --kms-keyring=KMS_KEYRING @@ -214,6 +215,12 @@ OPTIONAL FLAGS --source-instance=SOURCE_INSTANCE The replication source instance of the Cloud Filestore instance. + --tags=[KEY=VALUE,...] + List of tags KEY=VALUE pairs to bind. Each item must be expressed as + =. + + Example: 123/environment=production,123/costCenter=marketing + --tier=TIER; default="BASIC_HDD" The service tier for the Cloud Filestore instance. For more details, see: https://cloud.google.com/filestore/docs/instance-tiers diff --git a/gcloud/functions/add-iam-policy-binding b/gcloud/functions/add-iam-policy-binding index 89e23e0b0..d1d433f15 100644 --- a/gcloud/functions/add-iam-policy-binding +++ b/gcloud/functions/add-iam-policy-binding @@ -17,7 +17,7 @@ EXAMPLES --member=MEMBER-1 --role=ROLE-1 POSITIONAL ARGUMENTS - Function resource - The Cloud function name to add IAM policy binding for. + Function resource - The Cloud Function name to add IAM policy binding for. The arguments in this group can be used to specify the attributes of this resource. (NOTE) Some attributes are not given arguments in this group but can be set in other ways. diff --git a/gcloud/functions/add-invoker-policy-binding b/gcloud/functions/add-invoker-policy-binding index f5688a0e9..972924e23 100644 --- a/gcloud/functions/add-invoker-policy-binding +++ b/gcloud/functions/add-invoker-policy-binding @@ -24,7 +24,7 @@ EXAMPLES --member=MEMBER-1 POSITIONAL ARGUMENTS - Function resource - The Cloud function name to add the invoker binding to. + Function resource - The Cloud Function name to add the invoker binding to. The arguments in this group can be used to specify the attributes of this resource. (NOTE) Some attributes are not given arguments in this group but can be set in other ways. diff --git a/gcloud/functions/call b/gcloud/functions/call index 625c94147..54013472f 100644 --- a/gcloud/functions/call +++ b/gcloud/functions/call @@ -23,7 +23,7 @@ EXAMPLES other HTTP methods, use a dedicated HTTP request tool such as cURL or wget. POSITIONAL ARGUMENTS - Function resource - The Cloud function name to execute. The arguments in + Function resource - The Cloud Function name to execute. The arguments in this group can be used to specify the attributes of this resource. (NOTE) Some attributes are not given arguments in this group but can be set in other ways. diff --git a/gcloud/functions/delete b/gcloud/functions/delete index 6fb9f7dfb..d3e109a03 100644 --- a/gcloud/functions/delete +++ b/gcloud/functions/delete @@ -8,7 +8,7 @@ DESCRIPTION Delete a Google Cloud Function. POSITIONAL ARGUMENTS - Function resource - The Cloud function name to delete. The arguments in + Function resource - The Cloud Function name to delete. The arguments in this group can be used to specify the attributes of this resource. (NOTE) Some attributes are not given arguments in this group but can be set in other ways. diff --git a/gcloud/functions/deploy b/gcloud/functions/deploy index 13697ec9a..1bac37f9d 100644 --- a/gcloud/functions/deploy +++ b/gcloud/functions/deploy @@ -68,7 +68,7 @@ EXAMPLES using other types of resource as triggers. POSITIONAL ARGUMENTS - Function resource - The Cloud function name to deploy. The arguments in + Function resource - The Cloud Function name to deploy. The arguments in this group can be used to specify the attributes of this resource. (NOTE) Some attributes are not given arguments in this group but can be set in other ways. diff --git a/gcloud/functions/describe b/gcloud/functions/describe index 30aed37da..c4dcd3ac4 100644 --- a/gcloud/functions/describe +++ b/gcloud/functions/describe @@ -9,7 +9,7 @@ DESCRIPTION Display details of a Google Cloud Function. POSITIONAL ARGUMENTS - Function resource - The Cloud function name to describe. The arguments in + Function resource - The Cloud Function name to describe. The arguments in this group can be used to specify the attributes of this resource. (NOTE) Some attributes are not given arguments in this group but can be set in other ways. diff --git a/gcloud/functions/get-iam-policy b/gcloud/functions/get-iam-policy index c1b1a78c0..c4aed78cc 100644 --- a/gcloud/functions/get-iam-policy +++ b/gcloud/functions/get-iam-policy @@ -16,7 +16,7 @@ EXAMPLES $ gcloud functions get-iam-policy FUNCTION-1 POSITIONAL ARGUMENTS - Function resource - The Cloud function name to get IAM policy for. The + Function resource - The Cloud Function name to get IAM policy for. The arguments in this group can be used to specify the attributes of this resource. (NOTE) Some attributes are not given arguments in this group but can be set in other ways. diff --git a/gcloud/functions/remove-iam-policy-binding b/gcloud/functions/remove-iam-policy-binding index 81e31a96c..023016c35 100644 --- a/gcloud/functions/remove-iam-policy-binding +++ b/gcloud/functions/remove-iam-policy-binding @@ -17,7 +17,7 @@ EXAMPLES --member=MEMBER-1 --role=ROLE-1 POSITIONAL ARGUMENTS - Function resource - The Cloud function name to remove IAM policy binding + Function resource - The Cloud Function name to remove IAM policy binding from. The arguments in this group can be used to specify the attributes of this resource. (NOTE) Some attributes are not given arguments in this group but can be set in other ways. diff --git a/gcloud/functions/remove-invoker-policy-binding b/gcloud/functions/remove-invoker-policy-binding index 6e47e8059..1eea057d0 100644 --- a/gcloud/functions/remove-invoker-policy-binding +++ b/gcloud/functions/remove-invoker-policy-binding @@ -25,7 +25,7 @@ EXAMPLES --member=MEMBER-1 POSITIONAL ARGUMENTS - Function resource - The Cloud function name to remove the invoker binding + Function resource - The Cloud Function name to remove the invoker binding from. The arguments in this group can be used to specify the attributes of this resource. (NOTE) Some attributes are not given arguments in this group but can be set in other ways. diff --git a/gcloud/functions/set-iam-policy b/gcloud/functions/set-iam-policy index bf1fc748f..8b834992c 100644 --- a/gcloud/functions/set-iam-policy +++ b/gcloud/functions/set-iam-policy @@ -16,7 +16,7 @@ EXAMPLES $ gcloud functions set-iam-policy FUNCTION-1 POLICY-FILE-1 POSITIONAL ARGUMENTS - Function resource - The Cloud function name to get IAM policy for. The + Function resource - The Cloud Function name to get IAM policy for. The arguments in this group can be used to specify the attributes of this resource. (NOTE) Some attributes are not given arguments in this group but can be set in other ways. diff --git a/gcloud/iam/help b/gcloud/iam/help index 4a621872d..83a31f209 100644 --- a/gcloud/iam/help +++ b/gcloud/iam/help @@ -33,6 +33,12 @@ GROUPS policies Manage IAM deny policies. + policy-bindings + Manage policy bindings. + + principal-access-boundary-policies + Manage principal access boundary policies. + roles Create and manipulate roles. diff --git a/gcloud/iam/policy-bindings/create b/gcloud/iam/policy-bindings/create new file mode 100644 index 000000000..9a4f39f1e --- /dev/null +++ b/gcloud/iam/policy-bindings/create @@ -0,0 +1,236 @@ +NAME + gcloud iam policy-bindings create - create PolicyBinding instance + +SYNOPSIS + gcloud iam policy-bindings create + (POLICY_BINDING + : --folder=FOLDER --location=LOCATION --organization=ORGANIZATION) + --policy=POLICY --target-principal-set=TARGET_PRINCIPAL_SET + [--annotations=[ANNOTATIONS,...]] [--async] + [--display-name=DISPLAY_NAME] [--etag=ETAG] [--policy-kind=POLICY_KIND] + [--condition-description=CONDITION_DESCRIPTION + --condition-expression=CONDITION_EXPRESSION + --condition-location=CONDITION_LOCATION + --condition-title=CONDITION_TITLE] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Create PolicyBinding instance. + +EXAMPLES + To create a policy binding instance called my-binding that references a + principal access boundary policy run: + + $ gcloud iam policy-bindings create my-binding --organization=123 \ + --location=global \ + --policy=organizations/123/locations/global/\ + principalAccessBoundaryPolicies/my-policy \ + --target-principal-set=//cloudresourcemanager.googleapis.com/\ + organizations/123 + +POSITIONAL ARGUMENTS + PolicyBinding resource - Identifier. The name of the policy binding, in + the format + {binding_parent/locations/{location}/policyBindings/{policy_binding_id}. + The binding parent is the closest Resource Manager resource (i.e., + Project, Folder or Organization) to the binding target. + + Format: + + ◆ projects/{project_id}/locations/{location}/policyBindings/{policy_binding_id} + ◆ projects/{project_number}/locations/{location}/policyBindings/{policy_binding_id} + ◆ folders/{folder_id}/locations/{location}/policyBindings/{policy_binding_id} + ◆ organizations/{organization_id}/locations/{location}/policyBindings/{policy_binding_id} + The arguments in this group can be used to specify the attributes of + this resource. (NOTE) Some attributes are not given arguments in this + group but can be set in other ways. + + To set the project attribute: + ◆ provide the argument policy_binding on the command line with a fully + specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. This resource can be one of the + following types: [iam.folders.locations.policyBindings, + iam.organizations.locations.policyBindings, + iam.projects.locations.policyBindings]. + + This must be specified. + + POLICY_BINDING + ID of the policyBinding or fully qualified identifier for the + policyBinding. + + To set the policy_binding attribute: + ▸ provide the argument policy_binding on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --folder=FOLDER + The folder id of the policyBinding resource. + + To set the folder attribute: + ▸ provide the argument policy_binding on the command line with a + fully specified name; + ▸ provide the argument --folder on the command line. Must be + specified for resource of type + [iam.folders.locations.policyBindings]. + + --location=LOCATION + The location id of the policyBinding resource. + + To set the location attribute: + ▸ provide the argument policy_binding on the command line with a + fully specified name; + ▸ provide the argument --location on the command line. + + --organization=ORGANIZATION + The organization id of the policyBinding resource. + + To set the organization attribute: + ▸ provide the argument policy_binding on the command line with a + fully specified name; + ▸ provide the argument --organization on the command line. Must be + specified for resource of type + [iam.organizations.locations.policyBindings]. + +REQUIRED FLAGS + --policy=POLICY + The resource name of the policy to be bound. The binding parent and + policy must belong to the same Organization (or Project). + + Target is the full resource name of the resource to which the policy will + be bound. Immutable once set. + + This must be specified. + + Arguments for the target. + + --target-principal-set=TARGET_PRINCIPAL_SET + Full Resource Name used for principal access boundary policy + bindings Examples: + + ▫ Organization: + //cloudresourcemanager.googleapis.com/organizations/ORGANIZATION_ID + ▫ Folder: //cloudresourcemanager.googleapis.com/folders/FOLDER_ID + ▫ Project: + ◇ //cloudresourcemanager.googleapis.com/projects/PROJECT_NUMBER + ◇ //cloudresourcemanager.googleapis.com/projects/PROJECT_ID + ▫ Workload Identity Pool: + //iam.googleapis.com/projects/PROJECT_NUMBER/locations/LOCATION/workloadIdentityPools/WORKLOAD_POOL_ID + ▫ Workforce Identity: + //iam.googleapis.com/locations/global/workforcePools/WORKFORCE_POOL_ID + ▫ Workspace Identity: + //iam.googleapis.com/locations/global/workspace/WORKSPACE_ID + +OPTIONAL FLAGS + --annotations=[ANNOTATIONS,...] + User defined annotations. See https://google.aip.dev/148#annotations + for more details such as format and size limitations. + + KEY + Sets KEY value. + + VALUE + Sets VALUE value. + + Shorthand Example: + + --annotations=string=string + + JSON Example: + + --annotations='{"string": "string"}' + + File Example: + + --annotations=path_to_file.(yaml|json) + + --async + Return immediately, without waiting for the operation in progress to + complete. + + --display-name=DISPLAY_NAME + The description of the policy binding. Must be less than or equal to 63 + characters. + + --etag=ETAG + The etag for the policy binding. If this is provided on update, it must + match the server's etag. + + --policy-kind=POLICY_KIND + The kind of the policy to attach in this binding. This field must be + one of the following: + + ◆ Left empty (will be automatically set to the policy kind) + ◆ The input policy kind. + + POLICY_KIND must be (only one value is supported): + + principal-access-boundary + Principal access boundary policy kind + + Represents a textual expression in the Common Expression Language (CEL) + syntax. CEL is a C-like expression language. The syntax and semantics of + CEL are documented at https://github.com/google/cel-spec. + + Example (Comparison): + + title: "Summary size limit" + description: "Determines if a summary is less than 100 chars" + expression: "document.summary.size() < 100" + + Example (Equality): + + title: "Requestor is owner" + description: "Determines if requestor is the document owner" + expression: "document.owner == request.auth.claims.email" + + Example (Logic): + + title: "Public documents" + description: "Determine whether the document should be publicly visible" + expression: "document.type != 'private' && document.type != 'internal'" + + Example (Data Manipulation): + + title: "Notification string" + description: "Create a notification string with a timestamp." + expression: "'New message received at ' + string(document.create_time)" + + The exact variables and functions that may be referenced within an + expression are determined by the service that evaluates it. See the + service documentation for additional information. + + --condition-description=CONDITION_DESCRIPTION + Description of the expression. This is a longer text which describes + the expression, e.g. when hovered over it in a UI. + + --condition-expression=CONDITION_EXPRESSION + Textual representation of an expression in Common Expression Language + syntax. + + --condition-location=CONDITION_LOCATION + String indicating the location of the expression for error reporting, + e.g. a file name and a position in the file. + + --condition-title=CONDITION_TITLE + Title for the expression, i.e. a short string describing its purpose. + This can be used e.g. in UIs which allow to enter the expression. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +API REFERENCE + This command uses the iam/v3 API. The full documentation for this API can + be found at: https://cloud.google.com/iam/ + +NOTES + This variant is also available: + + $ gcloud beta iam policy-bindings create + diff --git a/gcloud/iam/policy-bindings/delete b/gcloud/iam/policy-bindings/delete new file mode 100644 index 000000000..df37fd8b2 --- /dev/null +++ b/gcloud/iam/policy-bindings/delete @@ -0,0 +1,106 @@ +NAME + gcloud iam policy-bindings delete - delete PolicyBinding instance + +SYNOPSIS + gcloud iam policy-bindings delete + (POLICY_BINDING + : --folder=FOLDER --location=LOCATION --organization=ORGANIZATION) + [--async] [--etag=ETAG] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Delete PolicyBinding instance. + +EXAMPLES + To delete my-binding instance in organization 123 run: + + $ gcloud iam policy-bindings delete my-binding --organization=123 \ + --location=global + +POSITIONAL ARGUMENTS + PolicyBinding resource - The name of the policy binding to delete. + + Format: + + ◆ projects/{project_id}/locations/{location}/policyBindings/{policy_binding_id} + ◆ projects/{project_number}/locations/{location}/policyBindings/{policy_binding_id} + ◆ folders/{folder_id}/locations/{location}/policyBindings/{policy_binding_id} + ◆ organizations/{organization_id}/locations/{location}/policyBindings/{policy_binding_id} + The arguments in this group can be used to specify the attributes of + this resource. (NOTE) Some attributes are not given arguments in this + group but can be set in other ways. + + To set the project attribute: + ◆ provide the argument policy_binding on the command line with a fully + specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. This resource can be one of the + following types: [iam.folders.locations.policyBindings, + iam.organizations.locations.policyBindings, + iam.projects.locations.policyBindings]. + + This must be specified. + + POLICY_BINDING + ID of the policyBinding or fully qualified identifier for the + policyBinding. + + To set the policy_binding attribute: + ▸ provide the argument policy_binding on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --folder=FOLDER + The folder id of the policyBinding resource. + + To set the folder attribute: + ▸ provide the argument policy_binding on the command line with a + fully specified name; + ▸ provide the argument --folder on the command line. Must be + specified for resource of type + [iam.folders.locations.policyBindings]. + + --location=LOCATION + The location id of the policyBinding resource. + + To set the location attribute: + ▸ provide the argument policy_binding on the command line with a + fully specified name; + ▸ provide the argument --location on the command line. + + --organization=ORGANIZATION + The organization id of the policyBinding resource. + + To set the organization attribute: + ▸ provide the argument policy_binding on the command line with a + fully specified name; + ▸ provide the argument --organization on the command line. Must be + specified for resource of type + [iam.organizations.locations.policyBindings]. + +FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. + + --etag=ETAG + The etag of the policy binding. If this is provided, it must match the + server's etag. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +API REFERENCE + This command uses the iam/v3 API. The full documentation for this API can + be found at: https://cloud.google.com/iam/ + +NOTES + This variant is also available: + + $ gcloud beta iam policy-bindings delete + diff --git a/gcloud/iam/policy-bindings/describe b/gcloud/iam/policy-bindings/describe new file mode 100644 index 000000000..b3f692953 --- /dev/null +++ b/gcloud/iam/policy-bindings/describe @@ -0,0 +1,98 @@ +NAME + gcloud iam policy-bindings describe - get PolicyBinding instance + +SYNOPSIS + gcloud iam policy-bindings describe + (POLICY_BINDING + : --folder=FOLDER --location=LOCATION --organization=ORGANIZATION) + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Get PolicyBinding instance. + +EXAMPLES + To get the details of a single policy binding my-binding in organization + 123 run: + + $ gcloud iam policy-bindings describe my-binding \ + --organization=123 --location=global + +POSITIONAL ARGUMENTS + PolicyBinding resource - The name of the policy binding to retrieve. + + Format: + + ◆ projects/{project_id}/locations/{location}/policyBindings/{policy_binding_id} + ◆ projects/{project_number}/locations/{location}/policyBindings/{policy_binding_id} + ◆ folders/{folder_id}/locations/{location}/policyBindings/{policy_binding_id} + ◆ organizations/{organization_id}/locations/{location}/policyBindings/{policy_binding_id} + The arguments in this group can be used to specify the attributes of + this resource. (NOTE) Some attributes are not given arguments in this + group but can be set in other ways. + + To set the project attribute: + ◆ provide the argument policy_binding on the command line with a fully + specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. This resource can be one of the + following types: [iam.folders.locations.policyBindings, + iam.organizations.locations.policyBindings, + iam.projects.locations.policyBindings]. + + This must be specified. + + POLICY_BINDING + ID of the policyBinding or fully qualified identifier for the + policyBinding. + + To set the policy_binding attribute: + ▸ provide the argument policy_binding on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --folder=FOLDER + The folder id of the policyBinding resource. + + To set the folder attribute: + ▸ provide the argument policy_binding on the command line with a + fully specified name; + ▸ provide the argument --folder on the command line. Must be + specified for resource of type + [iam.folders.locations.policyBindings]. + + --location=LOCATION + The location id of the policyBinding resource. + + To set the location attribute: + ▸ provide the argument policy_binding on the command line with a + fully specified name; + ▸ provide the argument --location on the command line. + + --organization=ORGANIZATION + The organization id of the policyBinding resource. + + To set the organization attribute: + ▸ provide the argument policy_binding on the command line with a + fully specified name; + ▸ provide the argument --organization on the command line. Must be + specified for resource of type + [iam.organizations.locations.policyBindings]. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +API REFERENCE + This command uses the iam/v3 API. The full documentation for this API can + be found at: https://cloud.google.com/iam/ + +NOTES + This variant is also available: + + $ gcloud beta iam policy-bindings describe + diff --git a/gcloud/iam/policy-bindings/help b/gcloud/iam/policy-bindings/help new file mode 100644 index 000000000..316eeeb15 --- /dev/null +++ b/gcloud/iam/policy-bindings/help @@ -0,0 +1,40 @@ +NAME + gcloud iam policy-bindings - manage policy bindings + +SYNOPSIS + gcloud iam policy-bindings COMMAND [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Manage policy bindings. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --help. + + Run $ gcloud help for details. + +COMMANDS + COMMAND is one of the following: + + create + Create PolicyBinding instance. + + delete + Delete PolicyBinding instance. + + describe + Get PolicyBinding instance. + + list + List PolicyBinding instances. + + search-target-policy-bindings + Search policy bindings by target. + + update + Update PolicyBinding instance. + +NOTES + This variant is also available: + + $ gcloud beta iam policy-bindings + diff --git a/gcloud/iam/policy-bindings/list b/gcloud/iam/policy-bindings/list new file mode 100644 index 000000000..70f3dedb5 --- /dev/null +++ b/gcloud/iam/policy-bindings/list @@ -0,0 +1,118 @@ +NAME + gcloud iam policy-bindings list - list PolicyBinding instances + +SYNOPSIS + gcloud iam policy-bindings list + (--location=LOCATION : --folder=FOLDER --organization=ORGANIZATION) + [--filter=EXPRESSION] [--limit=LIMIT] [--page-size=PAGE_SIZE] + [--sort-by=[FIELD,...]] [--uri] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + List PolicyBinding instances. + +EXAMPLES + To list all policy binding instances in project my-project run: + + $ gcloud iam policy-bindings list --project=my-project \ + --location=global + +REQUIRED FLAGS + Location resource - The parent resource, which owns the collection of + policy bindings. + + Format: + + ◆ projects/{project_id}/locations/{location} + ◆ projects/{project_number}/locations/{location} + ◆ folders/{folder_id}/locations/{location} + ◆ organizations/{organization_id}/locations/{location} The arguments in + this group can be used to specify the attributes of this resource. + (NOTE) Some attributes are not given arguments in this group but can be + set in other ways. + + To set the project attribute: + ◆ provide the argument --location on the command line with a fully + specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. This resource can be one of the + following types: [iam.folders.locations, iam.organizations.locations, + iam.projects.locations]. + + This must be specified. + + --location=LOCATION + ID of the location or fully qualified identifier for the location. + + To set the location attribute: + ▸ provide the argument --location on the command line. + + This flag argument must be specified if any of the other arguments in + this group are specified. + + --folder=FOLDER + The folder id of the location resource. + + To set the folder attribute: + ▸ provide the argument --location on the command line with a fully + specified name; + ▸ provide the argument --folder on the command line. Must be + specified for resource of type [iam.folders.locations]. + + --organization=ORGANIZATION + The organization id of the location resource. + + To set the organization attribute: + ▸ provide the argument --location on the command line with a fully + specified name; + ▸ provide the argument --organization on the command line. Must be + specified for resource of type [iam.organizations.locations]. + +LIST COMMAND FLAGS + --filter=EXPRESSION + Apply a Boolean filter EXPRESSION to each resource item to be listed. + If the expression evaluates True, then that item is listed. For more + details and examples of filter expressions, run $ gcloud topic filters. + This flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --limit=LIMIT + Maximum number of resources to list. The default is unlimited. This + flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --page-size=PAGE_SIZE + Some services group resource list output into pages. This flag + specifies the maximum number of resources per page. The default is + determined by the service if it supports paging, otherwise it is + unlimited (no paging). Paging may be applied before or after --filter + and --limit depending on the service. + + --sort-by=[FIELD,...] + Comma-separated list of resource field key names to sort by. The + default order is ascending. Prefix a field with ``~'' for descending + order on that field. This flag interacts with other flags that are + applied in this order: --flatten, --sort-by, --filter, --limit. + + --uri + Print a list of resource URIs instead of the default output, and change + the command output to a list of URIs. If this flag is used with + --format, the formatting is applied on this URI list. To display URIs + alongside other keys instead, use the uri() transform. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +API REFERENCE + This command uses the iam/v3 API. The full documentation for this API can + be found at: https://cloud.google.com/iam/ + +NOTES + This variant is also available: + + $ gcloud beta iam policy-bindings list + diff --git a/gcloud/iam/policy-bindings/search-target-policy-bindings b/gcloud/iam/policy-bindings/search-target-policy-bindings new file mode 100644 index 000000000..c04709e31 --- /dev/null +++ b/gcloud/iam/policy-bindings/search-target-policy-bindings @@ -0,0 +1,127 @@ +NAME + gcloud iam policy-bindings search-target-policy-bindings - search policy + bindings by target + +SYNOPSIS + gcloud iam policy-bindings search-target-policy-bindings --target=TARGET + (--location=LOCATION : --folder=FOLDER --organization=ORGANIZATION) + [--filter=EXPRESSION] [--limit=LIMIT] [--page-size=PAGE_SIZE] + [--sort-by=[FIELD,...]] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Search policy bindings by target. + +EXAMPLES + To search for policy bindings with target, run: + + $ gcloud iam policy-bindings search-target-policy-bindings \ + --organization=123 --location=global \ + --target=//cloudresourcemanager.googleapis.com/organizations/123 + +REQUIRED FLAGS + --target=TARGET + The target resource, which is bound to the policy in the binding. + + Format: + + ◆ //iam.googleapis.com/locations/global/workforcePools/POOL_ID + ◆ //iam.googleapis.com/projects/PROJECT_NUMBER/locations/global/workloadIdentityPools/POOL_ID + ◆ //iam.googleapis.com/locations/global/workspace/WORKSPACE_ID + ◆ //cloudresourcemanager.googleapis.com/projects/{project_number} + ◆ //cloudresourcemanager.googleapis.com/folders/{folder_id} + ◆ //cloudresourcemanager.googleapis.com/organizations/{organization_id} + + Location resource - The parent resource where this search will be + performed. This should be the nearest Resource Manager resource (project, + folder, or organization) to the target. + + Format: + + ◆ projects/{project_id}/locations/{location} + ◆ projects/{project_number}/locations/{location} + ◆ folders/{folder_id}/locations/{location} + ◆ organizations/{organization_id}/locations/{location} The arguments in + this group can be used to specify the attributes of this resource. + (NOTE) Some attributes are not given arguments in this group but can be + set in other ways. + + To set the project attribute: + ◆ provide the argument --location on the command line with a fully + specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. This resource can be one of the + following types: [iam.folders.locations, iam.organizations.locations, + iam.projects.locations]. + + This must be specified. + + --location=LOCATION + ID of the location or fully qualified identifier for the location. + + To set the location attribute: + ▸ provide the argument --location on the command line. + + This flag argument must be specified if any of the other arguments in + this group are specified. + + --folder=FOLDER + The folder id of the location resource. + + To set the folder attribute: + ▸ provide the argument --location on the command line with a fully + specified name; + ▸ provide the argument --folder on the command line. Must be + specified for resource of type [iam.folders.locations]. + + --organization=ORGANIZATION + The organization id of the location resource. + + To set the organization attribute: + ▸ provide the argument --location on the command line with a fully + specified name; + ▸ provide the argument --organization on the command line. Must be + specified for resource of type [iam.organizations.locations]. + +LIST COMMAND FLAGS + --filter=EXPRESSION + Apply a Boolean filter EXPRESSION to each resource item to be listed. + If the expression evaluates True, then that item is listed. For more + details and examples of filter expressions, run $ gcloud topic filters. + This flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --limit=LIMIT + Maximum number of resources to list. The default is unlimited. This + flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --page-size=PAGE_SIZE + Some services group resource list output into pages. This flag + specifies the maximum number of resources per page. The default is + determined by the service if it supports paging, otherwise it is + unlimited (no paging). Paging may be applied before or after --filter + and --limit depending on the service. + + --sort-by=[FIELD,...] + Comma-separated list of resource field key names to sort by. The + default order is ascending. Prefix a field with ``~'' for descending + order on that field. This flag interacts with other flags that are + applied in this order: --flatten, --sort-by, --filter, --limit. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +API REFERENCE + This command uses the iam/v3 API. The full documentation for this API can + be found at: https://cloud.google.com/iam/ + +NOTES + This variant is also available: + + $ gcloud beta iam policy-bindings search-target-policy-bindings + diff --git a/gcloud/iam/policy-bindings/update b/gcloud/iam/policy-bindings/update new file mode 100644 index 000000000..b4386189d --- /dev/null +++ b/gcloud/iam/policy-bindings/update @@ -0,0 +1,227 @@ +NAME + gcloud iam policy-bindings update - update PolicyBinding instance + +SYNOPSIS + gcloud iam policy-bindings update + (POLICY_BINDING + : --folder=FOLDER --location=LOCATION --organization=ORGANIZATION) + [--async] [--display-name=DISPLAY_NAME] [--etag=ETAG] + [--annotations=[ANNOTATIONS,...] + | --update-annotations=[UPDATE_ANNOTATIONS,...] --clear-annotations + | --remove-annotations=[__REMOVE_ANNOTATIONS,...]] + [--condition-description=CONDITION_DESCRIPTION + --condition-expression=CONDITION_EXPRESSION + --condition-location=CONDITION_LOCATION + --condition-title=CONDITION_TITLE] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Update PolicyBinding instance. + +EXAMPLES + To update display name of my-binding in organization 123 run: + + $ gcloud iam policy-bindings update my-binding --organization=123 \ + --location=global --display-name=new-display-name + +POSITIONAL ARGUMENTS + PolicyBinding resource - Identifier. The name of the policy binding, in + the format + {binding_parent/locations/{location}/policyBindings/{policy_binding_id}. + The binding parent is the closest Resource Manager resource (i.e., + Project, Folder or Organization) to the binding target. + + Format: + + ◆ projects/{project_id}/locations/{location}/policyBindings/{policy_binding_id} + ◆ projects/{project_number}/locations/{location}/policyBindings/{policy_binding_id} + ◆ folders/{folder_id}/locations/{location}/policyBindings/{policy_binding_id} + ◆ organizations/{organization_id}/locations/{location}/policyBindings/{policy_binding_id} + The arguments in this group can be used to specify the attributes of + this resource. (NOTE) Some attributes are not given arguments in this + group but can be set in other ways. + + To set the project attribute: + ◆ provide the argument policy_binding on the command line with a fully + specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. This resource can be one of the + following types: [iam.folders.locations.policyBindings, + iam.organizations.locations.policyBindings, + iam.projects.locations.policyBindings]. + + This must be specified. + + POLICY_BINDING + ID of the policyBinding or fully qualified identifier for the + policyBinding. + + To set the policy_binding attribute: + ▸ provide the argument policy_binding on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --folder=FOLDER + The folder id of the policyBinding resource. + + To set the folder attribute: + ▸ provide the argument policy_binding on the command line with a + fully specified name; + ▸ provide the argument --folder on the command line. Must be + specified for resource of type + [iam.folders.locations.policyBindings]. + + --location=LOCATION + The location id of the policyBinding resource. + + To set the location attribute: + ▸ provide the argument policy_binding on the command line with a + fully specified name; + ▸ provide the argument --location on the command line. + + --organization=ORGANIZATION + The organization id of the policyBinding resource. + + To set the organization attribute: + ▸ provide the argument policy_binding on the command line with a + fully specified name; + ▸ provide the argument --organization on the command line. Must be + specified for resource of type + [iam.organizations.locations.policyBindings]. + +FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. + + --display-name=DISPLAY_NAME + The description of the policy binding. Must be less than or equal to 63 + characters. + + --etag=ETAG + The etag for the policy binding. If this is provided on update, it must + match the server's etag. + + Update annotations. + + At most one of these can be specified: + + --annotations=[ANNOTATIONS,...] + Set annotations to new value. User defined annotations. See + https://google.aip.dev/148#annotations for more details such as + format and size limitations. + + KEY + Sets KEY value. + + VALUE + Sets VALUE value. + + Shorthand Example: + + --annotations=string=string + + JSON Example: + + --annotations='{"string": "string"}' + + File Example: + + --annotations=path_to_file.(yaml|json) + + --update-annotations=[UPDATE_ANNOTATIONS,...] + Update annotations value or add key value pair. User defined + annotations. See https://google.aip.dev/148#annotations for more + details such as format and size limitations. + + KEY + Sets KEY value. + + VALUE + Sets VALUE value. + + Shorthand Example: + + --update-annotations=string=string + + JSON Example: + + --update-annotations='{"string": "string"}' + + File Example: + + --update-annotations=path_to_file.(yaml|json) + + At most one of these can be specified: + + --clear-annotations + Clear annotations value and set to empty map. + + --remove-annotations=[__REMOVE_ANNOTATIONS,...] + Remove existing value from map annotations. + + Represents a textual expression in the Common Expression Language (CEL) + syntax. CEL is a C-like expression language. The syntax and semantics of + CEL are documented at https://github.com/google/cel-spec. + + Example (Comparison): + + title: "Summary size limit" + description: "Determines if a summary is less than 100 chars" + expression: "document.summary.size() < 100" + + Example (Equality): + + title: "Requestor is owner" + description: "Determines if requestor is the document owner" + expression: "document.owner == request.auth.claims.email" + + Example (Logic): + + title: "Public documents" + description: "Determine whether the document should be publicly visible" + expression: "document.type != 'private' && document.type != 'internal'" + + Example (Data Manipulation): + + title: "Notification string" + description: "Create a notification string with a timestamp." + expression: "'New message received at ' + string(document.create_time)" + + The exact variables and functions that may be referenced within an + expression are determined by the service that evaluates it. See the + service documentation for additional information. + + --condition-description=CONDITION_DESCRIPTION + Description of the expression. This is a longer text which describes + the expression, e.g. when hovered over it in a UI. + + --condition-expression=CONDITION_EXPRESSION + Textual representation of an expression in Common Expression Language + syntax. + + --condition-location=CONDITION_LOCATION + String indicating the location of the expression for error reporting, + e.g. a file name and a position in the file. + + --condition-title=CONDITION_TITLE + Title for the expression, i.e. a short string describing its purpose. + This can be used e.g. in UIs which allow to enter the expression. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +API REFERENCE + This command uses the iam/v3 API. The full documentation for this API can + be found at: https://cloud.google.com/iam/ + +NOTES + This variant is also available: + + $ gcloud beta iam policy-bindings update + diff --git a/gcloud/iam/principal-access-boundary-policies/create b/gcloud/iam/principal-access-boundary-policies/create new file mode 100644 index 000000000..2d10b4d70 --- /dev/null +++ b/gcloud/iam/principal-access-boundary-policies/create @@ -0,0 +1,164 @@ +NAME + gcloud iam principal-access-boundary-policies create - create + PrincipalAccessBoundaryPolicy instance + +SYNOPSIS + gcloud iam principal-access-boundary-policies create + (PRINCIPAL_ACCESS_BOUNDARY_POLICY + : --location=LOCATION --organization=ORGANIZATION) + [--annotations=[ANNOTATIONS,...]] [--async] + [--display-name=DISPLAY_NAME] [--etag=ETAG] + [[--details-rules=[description=DESCRIPTION], + [effect=EFFECT],[resources=RESOURCES] + : --details-enforcement-version=DETAILS_ENFORCEMENT_VERSION]] + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Create PrincipalAccessBoundaryPolicy instance. + +EXAMPLES + To create a policy instance called my-policy, run: + + $ gcloud iam principal-access-boundary-policies create my-policy \ + --organization=123 --location=global + +POSITIONAL ARGUMENTS + PrincipalAccessBoundaryPolicy resource - Identifier. The resource name of + the principal access boundary policy. + + The following format is supported: + organizations/{organization_id}/locations/{location}/principalAccessBoundaryPolicies/{policy_id} + The arguments in this group can be used to specify the attributes of this + resource. + + This must be specified. + + PRINCIPAL_ACCESS_BOUNDARY_POLICY + ID of the principalAccessBoundaryPolicy or fully qualified identifier + for the principalAccessBoundaryPolicy. + + To set the principal_access_boundary_policy attribute: + ▸ provide the argument principal_access_boundary_policy on the + command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + The location id of the principalAccessBoundaryPolicy resource. + + To set the location attribute: + ▸ provide the argument principal_access_boundary_policy on the + command line with a fully specified name; + ▸ provide the argument --location on the command line. + + --organization=ORGANIZATION + The organization id of the principalAccessBoundaryPolicy resource. + + To set the organization attribute: + ▸ provide the argument principal_access_boundary_policy on the + command line with a fully specified name; + ▸ provide the argument --organization on the command line. + +FLAGS + --annotations=[ANNOTATIONS,...] + User defined annotations. See https://google.aip.dev/148#annotations + for more details such as format and size limitations. + + KEY + Sets KEY value. + + VALUE + Sets VALUE value. + + Shorthand Example: + + --annotations=string=string + + JSON Example: + + --annotations='{"string": "string"}' + + File Example: + + --annotations=path_to_file.(yaml|json) + + --async + Return immediately, without waiting for the operation in progress to + complete. + + --display-name=DISPLAY_NAME + The description of the principal access boundary policy. Must be less + than or equal to 63 characters. + + --etag=ETAG + The etag for the principal access boundary. If this is provided on + update, it must match the server's etag. + + Principal access boundary policy details + + --details-rules=[description=DESCRIPTION],[effect=EFFECT],[resources=RESOURCES] + Required, A list of principal access boundary policy rules. The + number of rules in a policy is limited to 500. + + description + The description of the principal access boundary policy rule. + Must be less than or equal to 256 characters. + + effect + The access relationship of principals to the resources in this + rule. + + resources + A list of Cloud Resource Manager resources. The resource and all + the descendants are included. The number of resources in a policy + is limited to 500 across all rules. + + The following resource types are supported: + + ▫ Organizations, such as + //cloudresourcemanager.googleapis.com/organizations/123. + ▫ Folders, such as + //cloudresourcemanager.googleapis.com/folders/123. + ▫ Projects, such as + //cloudresourcemanager.googleapis.com/projects/123 or + //cloudresourcemanager.googleapis.com/projects/my-project-id. + + Shorthand Example: + + --details-rules=description=string,effect=string,resources=["string"] --details-rules=description=string,effect=string,resources=["string"] + + JSON Example: + + --details-rules='[{"description": "string", "effect": "string", "resources": ["string"]}]' + + File Example: + + --details-rules=path_to_file.(yaml|json) + + This flag argument must be specified if any of the other arguments in + this group are specified. + + --details-enforcement-version=DETAILS_ENFORCEMENT_VERSION + The version number that indicates which Google Cloud services are + included in the enforcement (e.g. "latest", "1", ...). If empty, the + PAB policy version will be set to the current latest version, and + this version won't get updated when new versions are released. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +API REFERENCE + This command uses the iam/v3 API. The full documentation for this API can + be found at: https://cloud.google.com/iam/ + +NOTES + This variant is also available: + + $ gcloud beta iam principal-access-boundary-policies create + diff --git a/gcloud/iam/principal-access-boundary-policies/delete b/gcloud/iam/principal-access-boundary-policies/delete new file mode 100644 index 000000000..c4eda2dd6 --- /dev/null +++ b/gcloud/iam/principal-access-boundary-policies/delete @@ -0,0 +1,87 @@ +NAME + gcloud iam principal-access-boundary-policies delete - delete + PrincipalAccessBoundaryPolicy instance + +SYNOPSIS + gcloud iam principal-access-boundary-policies delete + (PRINCIPAL_ACCESS_BOUNDARY_POLICY + : --location=LOCATION --organization=ORGANIZATION) [--async] + [--etag=ETAG] [--force] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Delete PrincipalAccessBoundaryPolicy instance. + +EXAMPLES + To delete my-policy instance in organization 123, run: + + $ gcloud iam principal-access-boundary-policies delete my-policy \ + --organization=123 --location=global + +POSITIONAL ARGUMENTS + PrincipalAccessBoundaryPolicy resource - The name of the principal access + boundary policy to delete. + + Format: + organizations/{organization_id}/locations/{location}/principalAccessBoundaryPolicies/{principal_access_boundary_policy_id} + The arguments in this group can be used to specify the attributes of this + resource. + + This must be specified. + + PRINCIPAL_ACCESS_BOUNDARY_POLICY + ID of the principalAccessBoundaryPolicy or fully qualified identifier + for the principalAccessBoundaryPolicy. + + To set the principal_access_boundary_policy attribute: + ▸ provide the argument principal_access_boundary_policy on the + command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + The location id of the principalAccessBoundaryPolicy resource. + + To set the location attribute: + ▸ provide the argument principal_access_boundary_policy on the + command line with a fully specified name; + ▸ provide the argument --location on the command line. + + --organization=ORGANIZATION + The organization id of the principalAccessBoundaryPolicy resource. + + To set the organization attribute: + ▸ provide the argument principal_access_boundary_policy on the + command line with a fully specified name; + ▸ provide the argument --organization on the command line. + +FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. + + --etag=ETAG + The etag of the principal access boundary policy. If this is provided, + it must match the server's etag. + + --force + If set to true, the request will force the deletion of the Policy even + if the Policy references PolicyBindings. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +API REFERENCE + This command uses the iam/v3 API. The full documentation for this API can + be found at: https://cloud.google.com/iam/ + +NOTES + This variant is also available: + + $ gcloud beta iam principal-access-boundary-policies delete + diff --git a/gcloud/iam/principal-access-boundary-policies/describe b/gcloud/iam/principal-access-boundary-policies/describe new file mode 100644 index 000000000..c91ff091c --- /dev/null +++ b/gcloud/iam/principal-access-boundary-policies/describe @@ -0,0 +1,74 @@ +NAME + gcloud iam principal-access-boundary-policies describe - get + PrincipalAccessBoundaryPolicy instance + +SYNOPSIS + gcloud iam principal-access-boundary-policies describe + (PRINCIPAL_ACCESS_BOUNDARY_POLICY + : --location=LOCATION --organization=ORGANIZATION) + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Get PrincipalAccessBoundaryPolicy instance. + +EXAMPLES + To get the details of a single policy my-policy in organization 123, run: + + $ gcloud iam principal-access-boundary-policies describe my-policy \ + --organization=123 --location=global + +POSITIONAL ARGUMENTS + PrincipalAccessBoundaryPolicy resource - The name of the principal access + boundary policy to retrieve. + + Format: + organizations/{organization_id}/locations/{location}/principalAccessBoundaryPolicies/{principal_access_boundary_policy_id} + The arguments in this group can be used to specify the attributes of this + resource. + + This must be specified. + + PRINCIPAL_ACCESS_BOUNDARY_POLICY + ID of the principalAccessBoundaryPolicy or fully qualified identifier + for the principalAccessBoundaryPolicy. + + To set the principal_access_boundary_policy attribute: + ▸ provide the argument principal_access_boundary_policy on the + command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + The location id of the principalAccessBoundaryPolicy resource. + + To set the location attribute: + ▸ provide the argument principal_access_boundary_policy on the + command line with a fully specified name; + ▸ provide the argument --location on the command line. + + --organization=ORGANIZATION + The organization id of the principalAccessBoundaryPolicy resource. + + To set the organization attribute: + ▸ provide the argument principal_access_boundary_policy on the + command line with a fully specified name; + ▸ provide the argument --organization on the command line. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +API REFERENCE + This command uses the iam/v3 API. The full documentation for this API can + be found at: https://cloud.google.com/iam/ + +NOTES + This variant is also available: + + $ gcloud beta iam principal-access-boundary-policies describe + diff --git a/gcloud/iam/principal-access-boundary-policies/help b/gcloud/iam/principal-access-boundary-policies/help new file mode 100644 index 000000000..303d4b659 --- /dev/null +++ b/gcloud/iam/principal-access-boundary-policies/help @@ -0,0 +1,42 @@ +NAME + gcloud iam principal-access-boundary-policies - manage principal access + boundary policies + +SYNOPSIS + gcloud iam principal-access-boundary-policies COMMAND + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Manage principal access boundary policies. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --help. + + Run $ gcloud help for details. + +COMMANDS + COMMAND is one of the following: + + create + Create PrincipalAccessBoundaryPolicy instance. + + delete + Delete PrincipalAccessBoundaryPolicy instance. + + describe + Get PrincipalAccessBoundaryPolicy instance. + + list + List PrincipalAccessBoundaryPolicy instances. + + search-policy-bindings + Search Principal Access Boundary Policy Bindings. + + update + Update PrincipalAccessBoundaryPolicy instance. + +NOTES + This variant is also available: + + $ gcloud beta iam principal-access-boundary-policies + diff --git a/gcloud/iam/principal-access-boundary-policies/list b/gcloud/iam/principal-access-boundary-policies/list new file mode 100644 index 000000000..aaa5746ff --- /dev/null +++ b/gcloud/iam/principal-access-boundary-policies/list @@ -0,0 +1,94 @@ +NAME + gcloud iam principal-access-boundary-policies list - list + PrincipalAccessBoundaryPolicy instances + +SYNOPSIS + gcloud iam principal-access-boundary-policies list + (--location=LOCATION : --organization=ORGANIZATION) + [--filter=EXPRESSION] [--limit=LIMIT] [--page-size=PAGE_SIZE] + [--sort-by=[FIELD,...]] [--uri] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + List PrincipalAccessBoundaryPolicy instances. + +EXAMPLES + To list all policy instances in organization 123, run: + + $ gcloud iam principal-access-boundary-policies list \ + --organization=123 --location=global + +REQUIRED FLAGS + Location resource - The parent resource, which owns the collection of + principal access boundary policies. + + Format: organizations/{organization_id}/locations/{location} The arguments + in this group can be used to specify the attributes of this resource. + + This must be specified. + + --location=LOCATION + ID of the location or fully qualified identifier for the location. + + To set the location attribute: + ▸ provide the argument --location on the command line. + + This flag argument must be specified if any of the other arguments in + this group are specified. + + --organization=ORGANIZATION + The organization id of the location resource. + + To set the organization attribute: + ▸ provide the argument --location on the command line with a fully + specified name; + ▸ provide the argument --organization on the command line. + +LIST COMMAND FLAGS + --filter=EXPRESSION + Apply a Boolean filter EXPRESSION to each resource item to be listed. + If the expression evaluates True, then that item is listed. For more + details and examples of filter expressions, run $ gcloud topic filters. + This flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --limit=LIMIT + Maximum number of resources to list. The default is unlimited. This + flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --page-size=PAGE_SIZE + Some services group resource list output into pages. This flag + specifies the maximum number of resources per page. The default is + determined by the service if it supports paging, otherwise it is + unlimited (no paging). Paging may be applied before or after --filter + and --limit depending on the service. + + --sort-by=[FIELD,...] + Comma-separated list of resource field key names to sort by. The + default order is ascending. Prefix a field with ``~'' for descending + order on that field. This flag interacts with other flags that are + applied in this order: --flatten, --sort-by, --filter, --limit. + + --uri + Print a list of resource URIs instead of the default output, and change + the command output to a list of URIs. If this flag is used with + --format, the formatting is applied on this URI list. To display URIs + alongside other keys instead, use the uri() transform. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +API REFERENCE + This command uses the iam/v3 API. The full documentation for this API can + be found at: https://cloud.google.com/iam/ + +NOTES + This variant is also available: + + $ gcloud beta iam principal-access-boundary-policies list + diff --git a/gcloud/iam/principal-access-boundary-policies/search-policy-bindings b/gcloud/iam/principal-access-boundary-policies/search-policy-bindings new file mode 100644 index 000000000..5184707cf --- /dev/null +++ b/gcloud/iam/principal-access-boundary-policies/search-policy-bindings @@ -0,0 +1,102 @@ +NAME + gcloud iam principal-access-boundary-policies search-policy-bindings - + search Principal Access Boundary Policy Bindings + +SYNOPSIS + gcloud iam principal-access-boundary-policies search-policy-bindings + (PRINCIPAL_ACCESS_BOUNDARY_POLICY + : --location=LOCATION --organization=ORGANIZATION) + [--filter=EXPRESSION] [--limit=LIMIT] [--page-size=PAGE_SIZE] + [--sort-by=[FIELD,...]] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Search all policy bindings that bind a specific policy if a user has + searchPolicyBindings permission on that policy. + +EXAMPLES + To search policy bindings associated with Principal Access Boundary Policy, + run: + + $ gcloud iam principal-access-boundary-policies \ search-policy-bindings my-policy --organization=123 \ + --location=global + +POSITIONAL ARGUMENTS + PrincipalAccessBoundaryPolicy resource - The name of the principal access + boundary policy. Format: + organizations/{organization_id}/locations/{location}/principalAccessBoundaryPolicies/{principal_access_boundary_policy_id} + The arguments in this group can be used to specify the attributes of this + resource. + + This must be specified. + + PRINCIPAL_ACCESS_BOUNDARY_POLICY + ID of the principalAccessBoundaryPolicy or fully qualified identifier + for the principalAccessBoundaryPolicy. + + To set the principal_access_boundary_policy attribute: + ▸ provide the argument principal_access_boundary_policy on the + command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + The location id of the principalAccessBoundaryPolicy resource. + + To set the location attribute: + ▸ provide the argument principal_access_boundary_policy on the + command line with a fully specified name; + ▸ provide the argument --location on the command line. + + --organization=ORGANIZATION + The organization id of the principalAccessBoundaryPolicy resource. + + To set the organization attribute: + ▸ provide the argument principal_access_boundary_policy on the + command line with a fully specified name; + ▸ provide the argument --organization on the command line. + +LIST COMMAND FLAGS + --filter=EXPRESSION + Apply a Boolean filter EXPRESSION to each resource item to be listed. + If the expression evaluates True, then that item is listed. For more + details and examples of filter expressions, run $ gcloud topic filters. + This flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --limit=LIMIT + Maximum number of resources to list. The default is unlimited. This + flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --page-size=PAGE_SIZE + Some services group resource list output into pages. This flag + specifies the maximum number of resources per page. The default is + determined by the service if it supports paging, otherwise it is + unlimited (no paging). Paging may be applied before or after --filter + and --limit depending on the service. + + --sort-by=[FIELD,...] + Comma-separated list of resource field key names to sort by. The + default order is ascending. Prefix a field with ``~'' for descending + order on that field. This flag interacts with other flags that are + applied in this order: --flatten, --sort-by, --filter, --limit. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +API REFERENCE + This command uses the iam/v3 API. The full documentation for this API can + be found at: https://cloud.google.com/iam/ + +NOTES + This variant is also available: + + $ gcloud beta iam principal-access-boundary-policies \ + search-policy-bindings + diff --git a/gcloud/iam/principal-access-boundary-policies/update b/gcloud/iam/principal-access-boundary-policies/update new file mode 100644 index 000000000..82b98108a --- /dev/null +++ b/gcloud/iam/principal-access-boundary-policies/update @@ -0,0 +1,292 @@ +NAME + gcloud iam principal-access-boundary-policies update - update + PrincipalAccessBoundaryPolicy instance + +SYNOPSIS + gcloud iam principal-access-boundary-policies update + (PRINCIPAL_ACCESS_BOUNDARY_POLICY + : --location=LOCATION --organization=ORGANIZATION) [--async] + [--display-name=DISPLAY_NAME] [--etag=ETAG] + [--annotations=[ANNOTATIONS,...] + | --update-annotations=[UPDATE_ANNOTATIONS,...] --clear-annotations + | --remove-annotations=[__REMOVE_ANNOTATIONS,...]] + [--details-enforcement-version=DETAILS_ENFORCEMENT_VERSION + --details-rules=[description=DESCRIPTION], + [effect=EFFECT],[resources=RESOURCES] + | --add-details-rules=[description=DESCRIPTION], + [effect=EFFECT],[resources=RESOURCES] --clear-details-rules + | --remove-details-rules=[description=DESCRIPTION], + [effect=EFFECT],[resources=RESOURCES]] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Update PrincipalAccessBoundaryPolicy instance. + +EXAMPLES + To update display name of my-policy in organization 123, run: + + $ gcloud iam principal-access-boundary-policies update my-policy \ + --organization=123 --location=global \ + --display-name=new-display-name + +POSITIONAL ARGUMENTS + PrincipalAccessBoundaryPolicy resource - Identifier. The resource name of + the principal access boundary policy. + + The following format is supported: + organizations/{organization_id}/locations/{location}/principalAccessBoundaryPolicies/{policy_id} + The arguments in this group can be used to specify the attributes of this + resource. + + This must be specified. + + PRINCIPAL_ACCESS_BOUNDARY_POLICY + ID of the principalAccessBoundaryPolicy or fully qualified identifier + for the principalAccessBoundaryPolicy. + + To set the principal_access_boundary_policy attribute: + ▸ provide the argument principal_access_boundary_policy on the + command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + The location id of the principalAccessBoundaryPolicy resource. + + To set the location attribute: + ▸ provide the argument principal_access_boundary_policy on the + command line with a fully specified name; + ▸ provide the argument --location on the command line. + + --organization=ORGANIZATION + The organization id of the principalAccessBoundaryPolicy resource. + + To set the organization attribute: + ▸ provide the argument principal_access_boundary_policy on the + command line with a fully specified name; + ▸ provide the argument --organization on the command line. + +FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. + + --display-name=DISPLAY_NAME + The description of the principal access boundary policy. Must be less + than or equal to 63 characters. + + --etag=ETAG + The etag for the principal access boundary. If this is provided on + update, it must match the server's etag. + + Update annotations. + + At most one of these can be specified: + + --annotations=[ANNOTATIONS,...] + Set annotations to new value. User defined annotations. See + https://google.aip.dev/148#annotations for more details such as + format and size limitations. + + KEY + Sets KEY value. + + VALUE + Sets VALUE value. + + Shorthand Example: + + --annotations=string=string + + JSON Example: + + --annotations='{"string": "string"}' + + File Example: + + --annotations=path_to_file.(yaml|json) + + --update-annotations=[UPDATE_ANNOTATIONS,...] + Update annotations value or add key value pair. User defined + annotations. See https://google.aip.dev/148#annotations for more + details such as format and size limitations. + + KEY + Sets KEY value. + + VALUE + Sets VALUE value. + + Shorthand Example: + + --update-annotations=string=string + + JSON Example: + + --update-annotations='{"string": "string"}' + + File Example: + + --update-annotations=path_to_file.(yaml|json) + + At most one of these can be specified: + + --clear-annotations + Clear annotations value and set to empty map. + + --remove-annotations=[__REMOVE_ANNOTATIONS,...] + Remove existing value from map annotations. + + Principal access boundary policy details + + --details-enforcement-version=DETAILS_ENFORCEMENT_VERSION + The version number that indicates which Google Cloud services are + included in the enforcement (e.g. "latest", "1", ...). If empty, the + PAB policy version will be set to the current latest version, and + this version won't get updated when new versions are released. + + Update details_rules. + + At most one of these can be specified: + + --details-rules=[description=DESCRIPTION],[effect=EFFECT],[resources=RESOURCES] + Set details_rules to new value. A list of principal access boundary + policy rules. The number of rules in a policy is limited to 500. + + description + The description of the principal access boundary policy rule. + Must be less than or equal to 256 characters. + + effect + The access relationship of principals to the resources in this + rule. + + resources + A list of Cloud Resource Manager resources. The resource and + all the descendants are included. The number of resources in a + policy is limited to 500 across all rules. + + The following resource types are supported: + + ◇ Organizations, such as + //cloudresourcemanager.googleapis.com/organizations/123. + ◇ Folders, such as + //cloudresourcemanager.googleapis.com/folders/123. + ◇ Projects, such as + //cloudresourcemanager.googleapis.com/projects/123 or + //cloudresourcemanager.googleapis.com/projects/my-project-id. + + Shorthand Example: + + --details-rules=description=string,effect=string,resources=["string"] --details-rules=description=string,effect=string,resources=["string"] + + JSON Example: + + --details-rules='[{"description": "string", "effect": "string", "resources": ["string"]}]' + + File Example: + + --details-rules=path_to_file.(yaml|json) + + --add-details-rules=[description=DESCRIPTION],[effect=EFFECT],[resources=RESOURCES] + Add new value to details_rules list. A list of principal access + boundary policy rules. The number of rules in a policy is limited + to 500. + + description + The description of the principal access boundary policy rule. + Must be less than or equal to 256 characters. + + effect + The access relationship of principals to the resources in this + rule. + + resources + A list of Cloud Resource Manager resources. The resource and + all the descendants are included. The number of resources in a + policy is limited to 500 across all rules. + + The following resource types are supported: + + ◇ Organizations, such as + //cloudresourcemanager.googleapis.com/organizations/123. + ◇ Folders, such as + //cloudresourcemanager.googleapis.com/folders/123. + ◇ Projects, such as + //cloudresourcemanager.googleapis.com/projects/123 or + //cloudresourcemanager.googleapis.com/projects/my-project-id. + + Shorthand Example: + + --add-details-rules=description=string,effect=string,resources=["string"] --add-details-rules=description=string,effect=string,resources=["string"] + + JSON Example: + + --add-details-rules='[{"description": "string", "effect": "string", "resources": ["string"]}]' + + File Example: + + --add-details-rules=path_to_file.(yaml|json) + + At most one of these can be specified: + + --clear-details-rules + Clear details_rules value and set to empty list. + + --remove-details-rules=[description=DESCRIPTION],[effect=EFFECT],[resources=RESOURCES] + Remove existing value from details_rules list. A list of + principal access boundary policy rules. The number of rules in a + policy is limited to 500. + + description + The description of the principal access boundary policy rule. + Must be less than or equal to 256 characters. + + effect + The access relationship of principals to the resources in + this rule. + + resources + A list of Cloud Resource Manager resources. The resource and + all the descendants are included. The number of resources in + a policy is limited to 500 across all rules. + + The following resource types are supported: + + ▹ Organizations, such as + //cloudresourcemanager.googleapis.com/organizations/123. + ▹ Folders, such as + //cloudresourcemanager.googleapis.com/folders/123. + ▹ Projects, such as + //cloudresourcemanager.googleapis.com/projects/123 or + //cloudresourcemanager.googleapis.com/projects/my-project-id. + + Shorthand Example: + + --remove-details-rules=description=string,effect=string,resources=["string"] --remove-details-rules=description=string,effect=string,resources=["string"] + + JSON Example: + + --remove-details-rules='[{"description": "string", "effect": "string", "resources": ["string"]}]' + + File Example: + + --remove-details-rules=path_to_file.(yaml|json) + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +API REFERENCE + This command uses the iam/v3 API. The full documentation for this API can + be found at: https://cloud.google.com/iam/ + +NOTES + This variant is also available: + + $ gcloud beta iam principal-access-boundary-policies update + diff --git a/gcloud/looker/instances/create b/gcloud/looker/instances/create index 8a3b53237..65d476871 100644 --- a/gcloud/looker/instances/create +++ b/gcloud/looker/instances/create @@ -95,6 +95,22 @@ REQUIRED FLAGS core-trial Trial edition of Looker. + nonprod-core-embed-annual + A non-production edition of Looker (Google Cloud core) product for + deploying and maintaining external analytics and custom + applications at scale. This can be purchased via an annual + contract. + + nonprod-core-enterprise-annual + A non-production edition of Looker (Google Cloud core) product with + enhanced security features for a wide variety of internal BI and + analytics use cases. This can be purchased via an annual contract. + + nonprod-core-standard-annual + A non-production edition of Looker (Google Cloud core) product for + small organizations or teams with fewer than 50 users. This can be + purchased via an annual contract. + --oauth-client-id=OAUTH_CLIENT_ID The client ID from an external OAuth application. diff --git a/gcloud/memorystore/help b/gcloud/memorystore/help new file mode 100644 index 000000000..eeb939d7c --- /dev/null +++ b/gcloud/memorystore/help @@ -0,0 +1,30 @@ +NAME + gcloud memorystore - manage Memorystore resources + +SYNOPSIS + gcloud memorystore GROUP [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Manage Memorystore resources. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --help. + + Run $ gcloud help for details. + +GROUPS + GROUP is one of the following: + + instances + Manage Instance resources. + + operations + Manage Memorystore operations. + +NOTES + These variants are also available: + + $ gcloud alpha memorystore + + $ gcloud beta memorystore + diff --git a/gcloud/memorystore/instances/create b/gcloud/memorystore/instances/create new file mode 100644 index 000000000..0db4ff035 --- /dev/null +++ b/gcloud/memorystore/instances/create @@ -0,0 +1,305 @@ +NAME + gcloud memorystore instances create - create a Memorystore instance + +SYNOPSIS + gcloud memorystore instances create (INSTANCE : --location=LOCATION) + --psc-auto-connections=[network=NETWORK],[projectId=PROJECTID] + [--async] [--authorization-mode=AUTHORIZATION_MODE] + [--deletion-protection-enabled] [--engine-configs=[ENGINE_CONFIGS,...]] + [--engine-version=ENGINE_VERSION] [--labels=[LABELS,...]] [--mode=MODE] + [--node-type=NODE_TYPE] [--replica-count=REPLICA_COUNT] + [--request-id=REQUEST_ID] [--shard-count=SHARD_COUNT] + [--transit-encryption-mode=TRANSIT_ENCRYPTION_MODE] + [--aof-config-append-fsync=AOF_CONFIG_APPEND_FSYNC + --persistence-config-mode=PERSISTENCE_CONFIG_MODE + --rdb-config-snapshot-period=RDB_CONFIG_SNAPSHOT_PERIOD + --rdb-config-snapshot-start-time=RDB_CONFIG_SNAPSHOT_START_TIME] + [--zone-distribution-config=ZONE_DISTRIBUTION_CONFIG + --zone-distribution-config-mode=ZONE_DISTRIBUTION_CONFIG_MODE] + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Create a Memorystore instance. + + A service connection policy for service class gcp-memorystore must already + exist for the location and network. Refer to creation prerequisites + (https://cloud.google.com/memorystore/docs/valkey/networking#prerequisites_required_before_creating_an_instance) + for more details. + +EXAMPLES + To create a three shard Memorystore instance my-instance in project + my-project and location us-central1, run: + + $ gcloud memorystore instances create my-instance \ + --project=my-project --location=us-central1 --shard-count=3 \ + --psc-auto-connections="network=NETWORK,projectId=PROJECT_ID" + + To create a three shard Memorystore instance my-instance in project + my-project, location us-central1, with one replica per shard, and TLS + enabled, run: + + $ gcloud memorystore instances create my-instance \ + --project=my-project --location=us-central1 --shard-count=3 \ + --psc-auto-connections="network=NETWORK,projectId=PROJECT_ID" \ + --transit-encryption-mode=server-authentication \ + --replica-count=1 + +POSITIONAL ARGUMENTS + Instance resource - Identifier. Unique name of the instance. Format: + projects/{project}/locations/{location}/instances/{instance} The arguments + in this group can be used to specify the attributes of this resource. + (NOTE) Some attributes are not given arguments in this group but can be + set in other ways. + + To set the project attribute: + ◆ provide the argument instance on the command line with a fully + specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + INSTANCE + ID of the instance or fully qualified identifier for the instance. + + To set the instance attribute: + ▸ provide the argument instance on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + The location id of the instance resource. + + To set the location attribute: + ▸ provide the argument instance on the command line with a fully + specified name; + ▸ provide the argument --location on the command line. + +REQUIRED FLAGS + --psc-auto-connections=[network=NETWORK],[projectId=PROJECTID] + Required, User inputs and resource details of the auto-created PSC + connections. + + network + The consumer network where the IP address resides, in the form of + projects/{project_id}/global/networks/{network_id}. + + projectId + The consumer project_id where the forwarding rule is created from. + + Shorthand Example: + + --psc-auto-connections=network=string,projectId=string --psc-auto-connections=network=string,projectId=string + + JSON Example: + + --psc-auto-connections='[{"network": "string", "projectId": "string"}]' + + File Example: + + --psc-auto-connections=path_to_file.(yaml|json) + +OPTIONAL FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. + + --authorization-mode=AUTHORIZATION_MODE + Authorization mode of the instance. AUTHORIZATION_MODE must be one of: + + auth-disabled + Authorization disabled. + iam-auth + IAM basic authorization. + + Arguments for the deletion protection enabled. + + --deletion-protection-enabled + If set to true deletion of the instance will fail. + + --engine-configs=[ENGINE_CONFIGS,...] + User-provided engine configurations for the instance. + + KEY + Sets KEY value. + + VALUE + Sets VALUE value. + + Shorthand Example: + + --engine-configs=string=string + + JSON Example: + + --engine-configs='{"string": "string"}' + + File Example: + + --engine-configs=path_to_file.(yaml|json) + + --engine-version=ENGINE_VERSION + Engine version of the instance. + + --labels=[LABELS,...] + Labels to represent user-provided metadata. + + KEY + Keys must start with a lowercase character and contain only hyphens + (-), underscores (_), lowercase characters, and numbers. + + VALUE + Values must contain only hyphens (-), underscores (_), lowercase + characters, and numbers. + + Shorthand Example: + + --labels=string=string + + JSON Example: + + --labels='{"string": "string"}' + + File Example: + + --labels=path_to_file.(yaml|json) + + --mode=MODE + The mode config for the instance. MODE must be one of: + + cluster + Instance is in cluster mode. + standalone + Instance is in standalone mode. + + --node-type=NODE_TYPE + Machine type for individual nodes of the instance. NODE_TYPE must be + one of: + + highmem-medium + High memory medium. + highmem-xlarge + High memory extra large. + shared-core-nano + Shared core nano. + standard-small + Standard small. + + Arguments for the replica count. + + --replica-count=REPLICA_COUNT + Number of replica nodes per shard. If omitted the default is 0 + replicas. + + --request-id=REQUEST_ID + An optional request ID to identify requests. Specify a unique request + ID so that if you must retry your request, the server will know to + ignore the request if it has already been completed. The server will + guarantee that for at least 60 minutes since the first request. + + For example, consider a situation where you make an initial request and + the request times out. If you make the request again with the same + request ID, the server can check if original operation with the same + request ID was received, and if so, will ignore the second request. + This prevents clients from accidentally creating duplicate commitments. + + The request ID must be a valid UUID with the exception that zero UUID + is not supported (00000000-0000-0000-0000-000000000000). + + --shard-count=SHARD_COUNT + Number of shards for the instance. + + --transit-encryption-mode=TRANSIT_ENCRYPTION_MODE + In-transit encryption mode of the instance. TRANSIT_ENCRYPTION_MODE + must be one of: + + server-authentication + Server-managed encryption is used for in-transit encryption. + transit-encryption-disabled + In-transit encryption is disabled. + + Represents persistence configuration for a instance. + + Configuration for AOF based persistence. + + --aof-config-append-fsync=AOF_CONFIG_APPEND_FSYNC + The fsync mode. AOF_CONFIG_APPEND_FSYNC must be one of: + + always + Fsync every time new write commands are appended to the AOF. + The best data loss protection at the cost of performance. + every-sec + Fsync every second. You may lose 1 second of data if there is a + disaster. + never + Never fsync. Normally Linux will flush data every 30 seconds + with this configuration, but it's up to the kernel's exact + tuning. + + --persistence-config-mode=PERSISTENCE_CONFIG_MODE + Current persistence mode. PERSISTENCE_CONFIG_MODE must be one of: + + aof + AOF based persistence is enabled. + disabled + Persistence is disabled, and any snapshot data is deleted. + rdb + RDB based persistence is enabled. + + Configuration for RDB based persistence. + + --rdb-config-snapshot-period=RDB_CONFIG_SNAPSHOT_PERIOD + Period between RDB snapshots. RDB_CONFIG_SNAPSHOT_PERIOD must be + one of: + + one-hour + One hour. + six-hours + Six hours. + twelve-hours + Twelve hours. + twenty-four-hours + Twenty four hours. + + --rdb-config-snapshot-start-time=RDB_CONFIG_SNAPSHOT_START_TIME + Time that the first snapshot was/will be attempted, and to which + future snapshots will be aligned. If not provided, the current time + will be used. + + Zone distribution configuration for allocation of instance resources. + + --zone-distribution-config=ZONE_DISTRIBUTION_CONFIG + Defines zone where all resources will be allocated with SINGLE_ZONE + mode. Ignored for MULTI_ZONE mode. + + --zone-distribution-config-mode=ZONE_DISTRIBUTION_CONFIG_MODE + Current zone distribution mode. Defaults to MULTI_ZONE. + ZONE_DISTRIBUTION_CONFIG_MODE must be one of: + + multi-zone + Distribute resources across 3 zones picked at random within the + region. + single-zone + Provision resources in a single zone. Zone field must be + specified. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +API REFERENCE + This command uses the memorystore/v1 API. The full documentation for this + API can be found at: https://cloud.google.com/memorystore/ + +NOTES + These variants are also available: + + $ gcloud alpha memorystore instances create + + $ gcloud beta memorystore instances create + diff --git a/gcloud/memorystore/instances/delete b/gcloud/memorystore/instances/delete new file mode 100644 index 000000000..196127dc6 --- /dev/null +++ b/gcloud/memorystore/instances/delete @@ -0,0 +1,88 @@ +NAME + gcloud memorystore instances delete - delete a Memorystore instance + +SYNOPSIS + gcloud memorystore instances delete (INSTANCE : --location=LOCATION) + [--async] [--request-id=REQUEST_ID] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Delete a Memorystore instance. + +EXAMPLES + To delete Memorystore instance my-instance in project my-project and + location us-central1, run: + + $ gcloud memorystore instances delete my-instance \ + --project=my-project --location=us-central1 + +POSITIONAL ARGUMENTS + Instance resource - The name of the instance to delete. Format: + projects/{project}/locations/{location}/instances/{instance} The arguments + in this group can be used to specify the attributes of this resource. + (NOTE) Some attributes are not given arguments in this group but can be + set in other ways. + + To set the project attribute: + ◆ provide the argument instance on the command line with a fully + specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + INSTANCE + ID of the instance or fully qualified identifier for the instance. + + To set the instance attribute: + ▸ provide the argument instance on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + The location id of the instance resource. + + To set the location attribute: + ▸ provide the argument instance on the command line with a fully + specified name; + ▸ provide the argument --location on the command line. + +FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. + + --request-id=REQUEST_ID + An optional request ID to identify requests. Specify a unique request + ID so that if you must retry your request, the server will know to + ignore the request if it has already been completed. The server will + guarantee that for at least 60 minutes after the first request. + + For example, consider a situation where you make an initial request and + the request times out. If you make the request again with the same + request ID, the server can check if original operation with the same + request ID was received, and if so, will ignore the second request. + This prevents clients from accidentally creating duplicate commitments. + + The request ID must be a valid UUID with the exception that zero UUID + is not supported (00000000-0000-0000-0000-000000000000). + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +API REFERENCE + This command uses the memorystore/v1 API. The full documentation for this + API can be found at: https://cloud.google.com/memorystore/ + +NOTES + These variants are also available: + + $ gcloud alpha memorystore instances delete + + $ gcloud beta memorystore instances delete + diff --git a/gcloud/memorystore/instances/describe b/gcloud/memorystore/instances/describe new file mode 100644 index 000000000..c7ca58e74 --- /dev/null +++ b/gcloud/memorystore/instances/describe @@ -0,0 +1,69 @@ +NAME + gcloud memorystore instances describe - get details of a Memorystore + instance + +SYNOPSIS + gcloud memorystore instances describe (INSTANCE : --location=LOCATION) + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Get details of a Memorystore instance. + +EXAMPLES + To get the details of Memorystore instance my-instance in project + my-project and location us-central, run: + + $ gcloud memorystore instances describe my-instance \ + --project=my-project --location=us-central1 + +POSITIONAL ARGUMENTS + Instance resource - The name of the instance to retrieve. Format: + projects/{project}/locations/{location}/instances/{instance} The arguments + in this group can be used to specify the attributes of this resource. + (NOTE) Some attributes are not given arguments in this group but can be + set in other ways. + + To set the project attribute: + ◆ provide the argument instance on the command line with a fully + specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + INSTANCE + ID of the instance or fully qualified identifier for the instance. + + To set the instance attribute: + ▸ provide the argument instance on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + The location id of the instance resource. + + To set the location attribute: + ▸ provide the argument instance on the command line with a fully + specified name; + ▸ provide the argument --location on the command line. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +API REFERENCE + This command uses the memorystore/v1 API. The full documentation for this + API can be found at: https://cloud.google.com/memorystore/ + +NOTES + These variants are also available: + + $ gcloud alpha memorystore instances describe + + $ gcloud beta memorystore instances describe + diff --git a/gcloud/memorystore/instances/get-certificate-authority b/gcloud/memorystore/instances/get-certificate-authority new file mode 100644 index 000000000..0cdacef11 --- /dev/null +++ b/gcloud/memorystore/instances/get-certificate-authority @@ -0,0 +1,69 @@ +NAME + gcloud memorystore instances get-certificate-authority - get certificate + authority details of a Memorystore instance + +SYNOPSIS + gcloud memorystore instances get-certificate-authority + (INSTANCE : --location=LOCATION) [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Get certificate authority details of a Memorystore instance. + +EXAMPLES + To get the certificate authority for instance my-instance in project + my-project and location us-central1, run: + + $ gcloud memorystore instances get-certificate-authority \ + my-instance --project=my-project --location=us-central1 + +POSITIONAL ARGUMENTS + Instance resource - The name of the Memorystore instance. Format: + projects/{project}/locations/{location}/instances/{instance} The arguments + in this group can be used to specify the attributes of this resource. + (NOTE) Some attributes are not given arguments in this group but can be + set in other ways. + + To set the project attribute: + ◆ provide the argument instance on the command line with a fully + specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + INSTANCE + ID of the instance or fully qualified identifier for the instance. + + To set the instance attribute: + ▸ provide the argument instance on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + The location ID of the instance resource. + + To set the location attribute: + ▸ provide the argument instance on the command line with a fully + specified name; + ▸ provide the argument --location on the command line. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +API REFERENCE + This command uses the memorystore/v1 API. The full documentation for this + API can be found at: https://cloud.google.com/memorystore/ + +NOTES + These variants are also available: + + $ gcloud alpha memorystore instances get-certificate-authority + + $ gcloud beta memorystore instances get-certificate-authority + diff --git a/gcloud/memorystore/instances/help b/gcloud/memorystore/instances/help new file mode 100644 index 000000000..bf1c97393 --- /dev/null +++ b/gcloud/memorystore/instances/help @@ -0,0 +1,42 @@ +NAME + gcloud memorystore instances - manage Instance resources + +SYNOPSIS + gcloud memorystore instances COMMAND [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Manage Instance resources. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --help. + + Run $ gcloud help for details. + +COMMANDS + COMMAND is one of the following: + + create + Create a Memorystore instance. + + delete + Delete a Memorystore instance. + + describe + Get details of a Memorystore instance. + + get-certificate-authority + Get certificate authority details of a Memorystore instance. + + list + List all Memorystore instances in a specified project and location. + + update + Update the configuration of a Memorystore instance. + +NOTES + These variants are also available: + + $ gcloud alpha memorystore instances + + $ gcloud beta memorystore instances + diff --git a/gcloud/memorystore/instances/list b/gcloud/memorystore/instances/list new file mode 100644 index 000000000..ea1c68291 --- /dev/null +++ b/gcloud/memorystore/instances/list @@ -0,0 +1,90 @@ +NAME + gcloud memorystore instances list - list all Memorystore instances in a + specified project and location + +SYNOPSIS + gcloud memorystore instances list --location=LOCATION [--filter=EXPRESSION] + [--limit=LIMIT] [--page-size=PAGE_SIZE] [--sort-by=[FIELD,...]] [--uri] + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + List all Memorystore instances in a specified project and location. + +EXAMPLES + To list all Memorystore instances in project my-project and location + us-central, run: + + $ gcloud memorystore instances list --project=my-project \ + --location=us-central1 + +REQUIRED FLAGS + Location resource - The parent to list instances from. Format: + projects/{project}/locations/{location} This represents a Cloud resource. + (NOTE) Some attributes are not given arguments in this group but can be + set in other ways. + + To set the project attribute: + ◆ provide the argument --location on the command line with a fully + specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + --location=LOCATION + ID of the location or fully qualified identifier for the location. + + To set the location attribute: + ▸ provide the argument --location on the command line. + +LIST COMMAND FLAGS + --filter=EXPRESSION + Apply a Boolean filter EXPRESSION to each resource item to be listed. + If the expression evaluates True, then that item is listed. For more + details and examples of filter expressions, run $ gcloud topic filters. + This flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --limit=LIMIT + Maximum number of resources to list. The default is unlimited. This + flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --page-size=PAGE_SIZE + Some services group resource list output into pages. This flag + specifies the maximum number of resources per page. The default is + determined by the service if it supports paging, otherwise it is + unlimited (no paging). Paging may be applied before or after --filter + and --limit depending on the service. + + --sort-by=[FIELD,...] + Comma-separated list of resource field key names to sort by. The + default order is ascending. Prefix a field with ``~'' for descending + order on that field. This flag interacts with other flags that are + applied in this order: --flatten, --sort-by, --filter, --limit. + + --uri + Print a list of resource URIs instead of the default output, and change + the command output to a list of URIs. If this flag is used with + --format, the formatting is applied on this URI list. To display URIs + alongside other keys instead, use the uri() transform. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +API REFERENCE + This command uses the memorystore/v1 API. The full documentation for this + API can be found at: https://cloud.google.com/memorystore/ + +NOTES + These variants are also available: + + $ gcloud alpha memorystore instances list + + $ gcloud beta memorystore instances list + diff --git a/gcloud/memorystore/instances/update b/gcloud/memorystore/instances/update new file mode 100644 index 000000000..19f47ec4b --- /dev/null +++ b/gcloud/memorystore/instances/update @@ -0,0 +1,288 @@ +NAME + gcloud memorystore instances update - update the configuration of a + Memorystore instance + +SYNOPSIS + gcloud memorystore instances update (INSTANCE : --location=LOCATION) + [--async] [--[no-]deletion-protection-enabled] + [--replica-count=REPLICA_COUNT] [--request-id=REQUEST_ID] + [--shard-count=SHARD_COUNT] + [--aof-config-append-fsync=AOF_CONFIG_APPEND_FSYNC + --persistence-config-mode=PERSISTENCE_CONFIG_MODE + --rdb-config-snapshot-period=RDB_CONFIG_SNAPSHOT_PERIOD + --rdb-config-snapshot-start-time=RDB_CONFIG_SNAPSHOT_START_TIME] + [--engine-configs=[ENGINE_CONFIGS,...] + | --update-engine-configs=[UPDATE_ENGINE_CONFIGS,...] + --clear-engine-configs + | --remove-engine-configs=[__REMOVE_ENGINE_CONFIGS,...]] + [--labels=[LABELS,...] + | --update-labels=[UPDATE_LABELS,...] --clear-labels + | --remove-labels=[__REMOVE_LABELS,...]] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Update the configuration of a Memorystore instance. + +EXAMPLES + To update Memorystore instance my-instance in project my-project and + location us-central1 to six shards, run: + + $ gcloud memorystore instances update `my-instance` \ + --project=my-project --location=us-central1 --shard-count=6 + + To update Memorystore instance my-instance in project my-project and + location us-central1 to use a maxmemory-policy of allkeys-lru, run: + + $ gcloud memorystore instances update `my-instance` \ + --project=my-project --location=us-central1 \ + --update-engine-configs=maxmemory-policy=allkeys-lru + +POSITIONAL ARGUMENTS + Instance resource - Identifier. Unique name of the instance. Format: + projects/{project}/locations/{location}/instances/{instance} The arguments + in this group can be used to specify the attributes of this resource. + (NOTE) Some attributes are not given arguments in this group but can be + set in other ways. + + To set the project attribute: + ◆ provide the argument instance on the command line with a fully + specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + INSTANCE + ID of the instance or fully qualified identifier for the instance. + + To set the instance attribute: + ▸ provide the argument instance on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + The location id of the instance resource. + + To set the location attribute: + ▸ provide the argument instance on the command line with a fully + specified name; + ▸ provide the argument --location on the command line. + +FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. + + Arguments for the deletion protection enabled. + + --[no-]deletion-protection-enabled + If set to true deletion of the instance will fail. Use + --deletion-protection-enabled to enable and + --no-deletion-protection-enabled to disable. + + Arguments for the replica count. + + --replica-count=REPLICA_COUNT + Number of replica nodes per shard. If omitted the default is 0 + replicas. + + --request-id=REQUEST_ID + An optional request ID to identify requests. Specify a unique request + ID so that if you must retry your request, the server will know to + ignore the request if it has already been completed. The server will + guarantee that for at least 60 minutes since the first request. + + For example, consider a situation where you make an initial request and + the request times out. If you make the request again with the same + request ID, the server can check if original operation with the same + request ID was received, and if so, will ignore the second request. + This prevents clients from accidentally creating duplicate commitments. + + The request ID must be a valid UUID with the exception that zero UUID + is not supported (00000000-0000-0000-0000-000000000000). + + --shard-count=SHARD_COUNT + Number of shards for the instance. + + Represents persistence configuration for a instance. + + Configuration for AOF based persistence. + + --aof-config-append-fsync=AOF_CONFIG_APPEND_FSYNC + The fsync mode. AOF_CONFIG_APPEND_FSYNC must be one of: + + always + Fsync every time new write commands are appended to the AOF. + The best data loss protection at the cost of performance. + every-sec + Fsync every second. You may lose 1 second of data if there is a + disaster. + never + Never fsync. Normally Linux will flush data every 30 seconds + with this configuration, but it's up to the kernel's exact + tuning. + + --persistence-config-mode=PERSISTENCE_CONFIG_MODE + Current persistence mode. PERSISTENCE_CONFIG_MODE must be one of: + + aof + AOF based persistence is enabled. + disabled + Persistence is disabled, and any snapshot data is deleted. + rdb + RDB based persistence is enabled. + + Configuration for RDB based persistence. + + --rdb-config-snapshot-period=RDB_CONFIG_SNAPSHOT_PERIOD + Period between RDB snapshots. RDB_CONFIG_SNAPSHOT_PERIOD must be + one of: + + one-hour + One hour. + six-hours + Six hours. + twelve-hours + Twelve hours. + twenty-four-hours + Twenty four hours. + + --rdb-config-snapshot-start-time=RDB_CONFIG_SNAPSHOT_START_TIME + Time that the first snapshot was/will be attempted, and to which + future snapshots will be aligned. If not provided, the current time + will be used. + + Update engine_configs. + + At most one of these can be specified: + + --engine-configs=[ENGINE_CONFIGS,...] + Set engine_configs to new value. User-provided engine configurations + for the instance. + + KEY + Sets KEY value. + + VALUE + Sets VALUE value. + + Shorthand Example: + + --engine-configs=string=string + + JSON Example: + + --engine-configs='{"string": "string"}' + + File Example: + + --engine-configs=path_to_file.(yaml|json) + + --update-engine-configs=[UPDATE_ENGINE_CONFIGS,...] + Update engine_configs value or add key value pair. User-provided + engine configurations for the instance. + + KEY + Sets KEY value. + + VALUE + Sets VALUE value. + + Shorthand Example: + + --update-engine-configs=string=string + + JSON Example: + + --update-engine-configs='{"string": "string"}' + + File Example: + + --update-engine-configs=path_to_file.(yaml|json) + + At most one of these can be specified: + + --clear-engine-configs + Clear engine_configs value and set to empty map. + + --remove-engine-configs=[__REMOVE_ENGINE_CONFIGS,...] + Remove existing value from map engine_configs. + + Update labels. + + At most one of these can be specified: + + --labels=[LABELS,...] + Set labels to new value. Labels to represent user-provided metadata. + + KEY + Keys must start with a lowercase character and contain only + hyphens (-), underscores (_), lowercase characters, and numbers. + + VALUE + Values must contain only hyphens (-), underscores (_), lowercase + characters, and numbers. + + Shorthand Example: + + --labels=string=string + + JSON Example: + + --labels='{"string": "string"}' + + File Example: + + --labels=path_to_file.(yaml|json) + + --update-labels=[UPDATE_LABELS,...] + Update labels value or add key value pair. Labels to represent + user-provided metadata. + + KEY + Keys must start with a lowercase character and contain only + hyphens (-), underscores (_), lowercase characters, and numbers. + + VALUE + Values must contain only hyphens (-), underscores (_), lowercase + characters, and numbers. + + Shorthand Example: + + --update-labels=string=string + + JSON Example: + + --update-labels='{"string": "string"}' + + File Example: + + --update-labels=path_to_file.(yaml|json) + + At most one of these can be specified: + + --clear-labels + Clear labels value and set to empty map. + + --remove-labels=[__REMOVE_LABELS,...] + Remove existing value from map labels. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +API REFERENCE + This command uses the memorystore/v1 API. The full documentation for this + API can be found at: https://cloud.google.com/memorystore/ + +NOTES + These variants are also available: + + $ gcloud alpha memorystore instances update + + $ gcloud beta memorystore instances update + diff --git a/gcloud/memorystore/operations/cancel b/gcloud/memorystore/operations/cancel new file mode 100644 index 000000000..a56e2fd11 --- /dev/null +++ b/gcloud/memorystore/operations/cancel @@ -0,0 +1,67 @@ +NAME + gcloud memorystore operations cancel - cancel a Memorystore operation + +SYNOPSIS + gcloud memorystore operations cancel (OPERATION : --location=LOCATION) + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Cancel a Memorystore operation. + +EXAMPLES + To cancel operation my-operation in project my-project and location + us-central1, run: + + $ gcloud memorystore operations cancel my-operation \ + --project=my-project --location=us-central1 + +POSITIONAL ARGUMENTS + Operation resource - The Memorystore operation to cancel. The arguments in + this group can be used to specify the attributes of this resource. (NOTE) + Some attributes are not given arguments in this group but can be set in + other ways. + + To set the project attribute: + ◆ provide the argument operation on the command line with a fully + specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + OPERATION + ID of the operation or fully qualified identifier for the operation. + + To set the operation attribute: + ▸ provide the argument operation on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + The location ID of the operation resource. + + To set the location attribute: + ▸ provide the argument operation on the command line with a fully + specified name; + ▸ provide the argument --location on the command line. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +API REFERENCE + This command uses the memorystore/v1 API. The full documentation for this + API can be found at: https://cloud.google.com/memorystore/ + +NOTES + These variants are also available: + + $ gcloud alpha memorystore operations cancel + + $ gcloud beta memorystore operations cancel + diff --git a/gcloud/memorystore/operations/delete b/gcloud/memorystore/operations/delete new file mode 100644 index 000000000..a6b3c6198 --- /dev/null +++ b/gcloud/memorystore/operations/delete @@ -0,0 +1,67 @@ +NAME + gcloud memorystore operations delete - delete a Memorystore operation + +SYNOPSIS + gcloud memorystore operations delete (OPERATION : --location=LOCATION) + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Delete a Memorystore operation. + +EXAMPLES + To delete operation my-operation in project my-project and location + us-central1, run: + + $ gcloud memorystore operations delete my-operation \ + --project=my-project --location=us-central1 + +POSITIONAL ARGUMENTS + Operation resource - The Memorystore operation to delete. The arguments in + this group can be used to specify the attributes of this resource. (NOTE) + Some attributes are not given arguments in this group but can be set in + other ways. + + To set the project attribute: + ◆ provide the argument operation on the command line with a fully + specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + OPERATION + ID of the operation or fully qualified identifier for the operation. + + To set the operation attribute: + ▸ provide the argument operation on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + The location ID of the operation resource. + + To set the location attribute: + ▸ provide the argument operation on the command line with a fully + specified name; + ▸ provide the argument --location on the command line. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +API REFERENCE + This command uses the memorystore/v1 API. The full documentation for this + API can be found at: https://cloud.google.com/memorystore/ + +NOTES + These variants are also available: + + $ gcloud alpha memorystore operations delete + + $ gcloud beta memorystore operations delete + diff --git a/gcloud/memorystore/operations/describe b/gcloud/memorystore/operations/describe new file mode 100644 index 000000000..48a6507f4 --- /dev/null +++ b/gcloud/memorystore/operations/describe @@ -0,0 +1,67 @@ +NAME + gcloud memorystore operations describe - describe a Memorystore operation + +SYNOPSIS + gcloud memorystore operations describe (OPERATION : --location=LOCATION) + [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Describe a Memorystore operation. + +EXAMPLES + To describe operation my-operation in project my-project and location + us-central1, run: + + $ gcloud memorystore operations describe my-operation \ + --project=my-project --location=us-central1 + +POSITIONAL ARGUMENTS + Operation resource - The Memorystore operation to describe. The arguments + in this group can be used to specify the attributes of this resource. + (NOTE) Some attributes are not given arguments in this group but can be + set in other ways. + + To set the project attribute: + ◆ provide the argument operation on the command line with a fully + specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + OPERATION + ID of the operation or fully qualified identifier for the operation. + + To set the operation attribute: + ▸ provide the argument operation on the command line. + + This positional argument must be specified if any of the other + arguments in this group are specified. + + --location=LOCATION + The location ID of the operation resource. + + To set the location attribute: + ▸ provide the argument operation on the command line with a fully + specified name; + ▸ provide the argument --location on the command line. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +API REFERENCE + This command uses the memorystore/v1 API. The full documentation for this + API can be found at: https://cloud.google.com/memorystore/ + +NOTES + These variants are also available: + + $ gcloud alpha memorystore operations describe + + $ gcloud beta memorystore operations describe + diff --git a/gcloud/memorystore/operations/help b/gcloud/memorystore/operations/help new file mode 100644 index 000000000..86937d5f3 --- /dev/null +++ b/gcloud/memorystore/operations/help @@ -0,0 +1,36 @@ +NAME + gcloud memorystore operations - manage Memorystore operations + +SYNOPSIS + gcloud memorystore operations COMMAND [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Manage Memorystore operations. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --help. + + Run $ gcloud help for details. + +COMMANDS + COMMAND is one of the following: + + cancel + Cancel a Memorystore operation. + + delete + Delete a Memorystore operation. + + describe + Describe a Memorystore operation. + + list + List Memorystore operations. + +NOTES + These variants are also available: + + $ gcloud alpha memorystore operations + + $ gcloud beta memorystore operations + diff --git a/gcloud/memorystore/operations/list b/gcloud/memorystore/operations/list new file mode 100644 index 000000000..eaf89de50 --- /dev/null +++ b/gcloud/memorystore/operations/list @@ -0,0 +1,88 @@ +NAME + gcloud memorystore operations list - list Memorystore operations + +SYNOPSIS + gcloud memorystore operations list --location=LOCATION + [--filter=EXPRESSION] [--limit=LIMIT] [--page-size=PAGE_SIZE] + [--sort-by=[FIELD,...]] [--uri] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + List Memorystore operations. + +EXAMPLES + To list Memorystore operations in project my-project and location + us-central1, run: + + $ gcloud memorystore operations list --project=my-project \ + --location=us-central1 + +REQUIRED FLAGS + Location resource - The parent collection of the Memorystore operations. + This represents a Cloud resource. (NOTE) Some attributes are not given + arguments in this group but can be set in other ways. + + To set the project attribute: + ◆ provide the argument --location on the command line with a fully + specified name; + ◆ provide the argument --project on the command line; + ◆ set the property core/project. + + This must be specified. + + --location=LOCATION + ID of the location or fully qualified identifier for the location. + + To set the location attribute: + ▸ provide the argument --location on the command line. + +LIST COMMAND FLAGS + --filter=EXPRESSION + Apply a Boolean filter EXPRESSION to each resource item to be listed. + If the expression evaluates True, then that item is listed. For more + details and examples of filter expressions, run $ gcloud topic filters. + This flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --limit=LIMIT + Maximum number of resources to list. The default is unlimited. This + flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --page-size=PAGE_SIZE + Some services group resource list output into pages. This flag + specifies the maximum number of resources per page. The default is + determined by the service if it supports paging, otherwise it is + unlimited (no paging). Paging may be applied before or after --filter + and --limit depending on the service. + + --sort-by=[FIELD,...] + Comma-separated list of resource field key names to sort by. The + default order is ascending. Prefix a field with ``~'' for descending + order on that field. This flag interacts with other flags that are + applied in this order: --flatten, --sort-by, --filter, --limit. + + --uri + Print a list of resource URIs instead of the default output, and change + the command output to a list of URIs. If this flag is used with + --format, the formatting is applied on this URI list. To display URIs + alongside other keys instead, use the uri() transform. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +API REFERENCE + This command uses the memorystore/v1 API. The full documentation for this + API can be found at: https://cloud.google.com/memorystore/ + +NOTES + These variants are also available: + + $ gcloud alpha memorystore operations list + + $ gcloud beta memorystore operations list + diff --git a/gcloud/resource-manager/tags/keys/create b/gcloud/resource-manager/tags/keys/create index caa200d62..58f24d4b8 100644 --- a/gcloud/resource-manager/tags/keys/create +++ b/gcloud/resource-manager/tags/keys/create @@ -5,7 +5,8 @@ NAME SYNOPSIS gcloud resource-manager tags keys create (SHORT_NAME --parent=PARENT) [--async] [--description=DESCRIPTION] [--purpose=PURPOSE] - [--purpose-data=[network=NETWORK]] [GCLOUD_WIDE_FLAG ...] + [--purpose-data=[organization],[network=NETWORK]] + [GCLOUD_WIDE_FLAG ...] EXAMPLES To create a TagKey with the name env under 'organizations/123' with @@ -49,7 +50,7 @@ FLAGS that corresponds to the purpose. PURPOSE must be one of: GCE_FIREWALL, DATA_GOVERNANCE. - --purpose-data=[network=NETWORK] + --purpose-data=[organization],[network=NETWORK] Purpose data of the TagKey that can only be set on creation. This data is validated by the policy system that corresponds to the purpose. diff --git a/gcloud/run/deploy b/gcloud/run/deploy index 90ef80582..438876ccf 100644 --- a/gcloud/run/deploy +++ b/gcloud/run/deploy @@ -3,16 +3,16 @@ NAME SYNOPSIS gcloud run deploy [[SERVICE] --namespace=NAMESPACE] - [--[no-]allow-unauthenticated] [--async] [--breakglass=JUSTIFICATION] - [--clear-vpc-connector] [--concurrency=CONCURRENCY] - [--container=CONTAINER] [--[no-]cpu-boost] [--[no-]cpu-throttling] - [--description=DESCRIPTION] + [--[no-]allow-unauthenticated] [--[no-]allow-unencrypted-build] + [--async] [--breakglass=JUSTIFICATION] [--clear-vpc-connector] + [--concurrency=CONCURRENCY] [--container=CONTAINER] [--[no-]cpu-boost] + [--[no-]cpu-throttling] [--description=DESCRIPTION] [--execution-environment=EXECUTION_ENVIRONMENT] [--ingress=INGRESS; default="all"] [--[no-]invoker-iam-check] - [--max-instances=MAX_INSTANCES] [--min-instances=MIN_INSTANCES] - [--region=REGION] [--remove-containers=[CONTAINER,...]] + [--max-instances=MAX_INSTANCES] [--min=MIN] + [--min-instances=MIN_INSTANCES] [--region=REGION] + [--remove-containers=[CONTAINER,...]] [--revision-suffix=REVISION_SUFFIX] [--service-account=SERVICE_ACCOUNT] - [--service-min-instances=SERVICE_MIN_INSTANCES] [--[no-]session-affinity] [--tag=TAG] [--timeout=TIMEOUT] [--no-traffic] [--vpc-connector=VPC_CONNECTOR] [--vpc-egress=VPC_EGRESS] @@ -103,6 +103,12 @@ FLAGS may take a few moments to take effect. Use --allow-unauthenticated to enable and --no-allow-unauthenticated to disable. + --[no-]allow-unencrypted-build + Whether to allow customer-managed encryption key (CMEK) deployments + without encrypting the build process. This means that only the deployed + container will be encrypted. Use --allow-unencrypted-build to enable + and --no-allow-unencrypted-build to disable. + --async Return immediately, without waiting for the operation in progress to complete. @@ -180,6 +186,11 @@ FLAGS The maximum number of container instances of the Service to run. Use 'default' to unset the limit and use the platform default. + --min=MIN + The minimum number of container instances for this Service to run or + 'default' to remove any minimum. These instances will be divided among + all Revisions receiving a percentage of traffic. + --min-instances=MIN_INSTANCES The minimum number of container instances for this Revision of the Service to run or 'default' to remove any minimum. @@ -203,11 +214,6 @@ FLAGS revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. - --service-min-instances=SERVICE_MIN_INSTANCES - The minimum number of container instances for this Service to run or - 'default' to remove any minimum. These instances will be divided among - all Revisions receiving a percentage of traffic. - --[no-]session-affinity Whether to enable session affinity for connections to the service. Use --session-affinity to enable and --no-session-affinity to disable. diff --git a/gcloud/run/services/update b/gcloud/run/services/update index 6a75dde54..8cffbbd0e 100644 --- a/gcloud/run/services/update +++ b/gcloud/run/services/update @@ -8,10 +8,10 @@ SYNOPSIS [--concurrency=CONCURRENCY] [--container=CONTAINER] [--[no-]cpu-boost] [--[no-]cpu-throttling] [--execution-environment=EXECUTION_ENVIRONMENT] [--ingress=INGRESS; default="all"] [--[no-]invoker-iam-check] - [--max-instances=MAX_INSTANCES] [--min-instances=MIN_INSTANCES] - [--region=REGION] [--remove-containers=[CONTAINER,...]] + [--max-instances=MAX_INSTANCES] [--min=MIN] + [--min-instances=MIN_INSTANCES] [--region=REGION] + [--remove-containers=[CONTAINER,...]] [--revision-suffix=REVISION_SUFFIX] [--service-account=SERVICE_ACCOUNT] - [--service-min-instances=SERVICE_MIN_INSTANCES] [--[no-]session-affinity] [--tag=TAG] [--timeout=TIMEOUT] [--no-traffic] [--vpc-connector=VPC_CONNECTOR] [--vpc-egress=VPC_EGRESS] @@ -161,6 +161,11 @@ FLAGS The maximum number of container instances of the Service to run. Use 'default' to unset the limit and use the platform default. + --min=MIN + The minimum number of container instances for this Service to run or + 'default' to remove any minimum. These instances will be divided among + all Revisions receiving a percentage of traffic. + --min-instances=MIN_INSTANCES The minimum number of container instances for this Revision of the Service to run or 'default' to remove any minimum. @@ -184,11 +189,6 @@ FLAGS revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. - --service-min-instances=SERVICE_MIN_INSTANCES - The minimum number of container instances for this Service to run or - 'default' to remove any minimum. These instances will be divided among - all Revisions receiving a percentage of traffic. - --[no-]session-affinity Whether to enable session affinity for connections to the service. Use --session-affinity to enable and --no-session-affinity to disable. diff --git a/gcloud/sql/instances/create b/gcloud/sql/instances/create index dceaec50c..3dfa4ea4d 100644 --- a/gcloud/sql/instances/create +++ b/gcloud/sql/instances/create @@ -44,11 +44,11 @@ SYNOPSIS [--replica-type=REPLICA_TYPE] [--replication=REPLICATION] [--require-ssl] [--retained-backups-count=RETAINED_BACKUPS_COUNT] [--retained-transaction-log-days=RETAINED_TRANSACTION_LOG_DAYS] - [--root-password=ROOT_PASSWORD] [--ssl-mode=SSL_MODE] - [--[no-]storage-auto-increase] [--storage-size=STORAGE_SIZE] - [--storage-type=STORAGE_TYPE] [--threads-per-core=THREADS_PER_CORE] - [--tier=TIER, -t TIER] [--time-zone=TIME_ZONE] - [--timeout=TIMEOUT; default=3600] + [--root-password=ROOT_PASSWORD] [--server-ca-mode=SERVER_CA_MODE] + [--ssl-mode=SSL_MODE] [--[no-]storage-auto-increase] + [--storage-size=STORAGE_SIZE] [--storage-type=STORAGE_TYPE] + [--threads-per-core=THREADS_PER_CORE] [--tier=TIER, -t TIER] + [--time-zone=TIME_ZONE] [--timeout=TIMEOUT; default=3600] [--allowed-psc-projects=PROJECT,[PROJECT,...] --enable-private-service-connect] [--disk-encryption-key=DISK_ENCRYPTION_KEY @@ -430,6 +430,18 @@ FLAGS --root-password=ROOT_PASSWORD Root Cloud SQL user's password. + --server-ca-mode=SERVER_CA_MODE + Set the server CA mode of the instance. SERVER_CA_MODE must be one of: + + CUSTOMER_MANAGED_CAS_CA + Customer-managed CA hosted on Google Cloud's Certificate Authority + Service (CAS). + GOOGLE_MANAGED_CAS_CA + Google-managed regional CA part of root CA hierarchy hosted on + Google Cloud's Certificate Authority Service (CAS). + GOOGLE_MANAGED_INTERNAL_CA + Google-managed self-signed internal CA. + --ssl-mode=SSL_MODE Set the SSL mode of the instance. SSL_MODE must be one of: diff --git a/gcloud/sql/ssl/help b/gcloud/sql/ssl/help index a73cef0af..e9f72877e 100644 --- a/gcloud/sql/ssl/help +++ b/gcloud/sql/ssl/help @@ -24,6 +24,10 @@ GROUPS server-ca-certs Provide commands for managing server CA certs of Cloud SQL instances. + server-certs + Provide commands for managing server certificates of Cloud SQL + instances. + NOTES These variants are also available: diff --git a/gcloud/sql/ssl/server-certs/create b/gcloud/sql/ssl/server-certs/create new file mode 100644 index 000000000..75df9746f --- /dev/null +++ b/gcloud/sql/ssl/server-certs/create @@ -0,0 +1,35 @@ +NAME + gcloud sql ssl server-certs create - create a server certificate for a + Cloud SQL instance + +SYNOPSIS + gcloud sql ssl server-certs create --instance=INSTANCE, -i INSTANCE + [--async] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Create a server certificate for a Cloud SQL instance. + +REQUIRED FLAGS + --instance=INSTANCE, -i INSTANCE + Cloud SQL instance ID. + +OPTIONAL FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + These variants are also available: + + $ gcloud alpha sql ssl server-certs create + + $ gcloud beta sql ssl server-certs create + diff --git a/gcloud/sql/ssl/server-certs/help b/gcloud/sql/ssl/server-certs/help new file mode 100644 index 000000000..aa19def38 --- /dev/null +++ b/gcloud/sql/ssl/server-certs/help @@ -0,0 +1,38 @@ +NAME + gcloud sql ssl server-certs - provide commands for managing server + certificates of Cloud SQL instances + +SYNOPSIS + gcloud sql ssl server-certs COMMAND [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Provide commands for managing server certificates of Cloud SQL instances, + including creating, listing, rotating in, and rolling back certificates. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --help. + + Run $ gcloud help for details. + +COMMANDS + COMMAND is one of the following: + + create + Create a server certificate for a Cloud SQL instance. + + list + List all server certificates for a Cloud SQL instance. + + rollback + Roll back to the previous server certificate for a Cloud SQL instance. + + rotate + Rotate in the upcoming server certificate for a Cloud SQL instance. + +NOTES + These variants are also available: + + $ gcloud alpha sql ssl server-certs + + $ gcloud beta sql ssl server-certs + diff --git a/gcloud/sql/ssl/server-certs/list b/gcloud/sql/ssl/server-certs/list new file mode 100644 index 000000000..2aed580db --- /dev/null +++ b/gcloud/sql/ssl/server-certs/list @@ -0,0 +1,63 @@ +NAME + gcloud sql ssl server-certs list - list all server certificates for a Cloud + SQL instance + +SYNOPSIS + gcloud sql ssl server-certs list --instance=INSTANCE, -i INSTANCE + [--filter=EXPRESSION] [--limit=LIMIT] [--page-size=PAGE_SIZE] + [--sort-by=[FIELD,...]] [--uri] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + List all server certificates for a Cloud SQL instance. + +REQUIRED FLAGS + --instance=INSTANCE, -i INSTANCE + Cloud SQL instance ID. + +LIST COMMAND FLAGS + --filter=EXPRESSION + Apply a Boolean filter EXPRESSION to each resource item to be listed. + If the expression evaluates True, then that item is listed. For more + details and examples of filter expressions, run $ gcloud topic filters. + This flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --limit=LIMIT + Maximum number of resources to list. The default is unlimited. This + flag interacts with other flags that are applied in this order: + --flatten, --sort-by, --filter, --limit. + + --page-size=PAGE_SIZE + Some services group resource list output into pages. This flag + specifies the maximum number of resources per page. The default is + determined by the service if it supports paging, otherwise it is + unlimited (no paging). Paging may be applied before or after --filter + and --limit depending on the service. + + --sort-by=[FIELD,...] + Comma-separated list of resource field key names to sort by. The + default order is ascending. Prefix a field with ``~'' for descending + order on that field. This flag interacts with other flags that are + applied in this order: --flatten, --sort-by, --filter, --limit. + + --uri + Print a list of resource URIs instead of the default output, and change + the command output to a list of URIs. If this flag is used with + --format, the formatting is applied on this URI list. To display URIs + alongside other keys instead, use the uri() transform. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + These variants are also available: + + $ gcloud alpha sql ssl server-certs list + + $ gcloud beta sql ssl server-certs list + diff --git a/gcloud/sql/ssl/server-certs/rollback b/gcloud/sql/ssl/server-certs/rollback new file mode 100644 index 000000000..10e1caed0 --- /dev/null +++ b/gcloud/sql/ssl/server-certs/rollback @@ -0,0 +1,35 @@ +NAME + gcloud sql ssl server-certs rollback - roll back to the previous server + certificate for a Cloud SQL instance + +SYNOPSIS + gcloud sql ssl server-certs rollback --instance=INSTANCE, -i INSTANCE + [--async] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Roll back to the previous server certificate for a Cloud SQL instance. + +REQUIRED FLAGS + --instance=INSTANCE, -i INSTANCE + Cloud SQL instance ID. + +OPTIONAL FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + These variants are also available: + + $ gcloud alpha sql ssl server-certs rollback + + $ gcloud beta sql ssl server-certs rollback + diff --git a/gcloud/sql/ssl/server-certs/rotate b/gcloud/sql/ssl/server-certs/rotate new file mode 100644 index 000000000..9807238f1 --- /dev/null +++ b/gcloud/sql/ssl/server-certs/rotate @@ -0,0 +1,35 @@ +NAME + gcloud sql ssl server-certs rotate - rotate in the upcoming server + certificate for a Cloud SQL instance + +SYNOPSIS + gcloud sql ssl server-certs rotate --instance=INSTANCE, -i INSTANCE + [--async] [GCLOUD_WIDE_FLAG ...] + +DESCRIPTION + Rotate in the upcoming server certificate for a Cloud SQL instance. + +REQUIRED FLAGS + --instance=INSTANCE, -i INSTANCE + Cloud SQL instance ID. + +OPTIONAL FLAGS + --async + Return immediately, without waiting for the operation in progress to + complete. + +GCLOUD WIDE FLAGS + These flags are available to all commands: --access-token-file, --account, + --billing-project, --configuration, --flags-file, --flatten, --format, + --help, --impersonate-service-account, --log-http, --project, --quiet, + --trace-token, --user-output-enabled, --verbosity. + + Run $ gcloud help for details. + +NOTES + These variants are also available: + + $ gcloud alpha sql ssl server-certs rotate + + $ gcloud beta sql ssl server-certs rotate + diff --git a/gcloud/storage/buckets/create b/gcloud/storage/buckets/create index 79aaeab2f..4ed6ebc81 100644 --- a/gcloud/storage/buckets/create +++ b/gcloud/storage/buckets/create @@ -78,7 +78,7 @@ FLAGS to disable. --placement=[REGION,...] - A comma-separated list of regions that form the custom [dual-region] + A comma-separated list of regions that form the custom dual-region (https://cloud.google.com/storage/docs/locations#location-dr). Only regions within the same continent are or will ever be valid. Invalid location pairs (such as mixed-continent, or with unsupported regions)