- NAME
-
- gcloud alpha compute machine-images create - create a Compute Engine machine image
- SYNOPSIS
-
-
gcloud alpha compute machine-images create
IMAGE
--source-instance
=SOURCE_INSTANCE
[--csek-key-file
=FILE
] [--description
=DESCRIPTION
] [--guest-flush
] [--no-require-csek-key-create
] [--source-disk-csek-key
=[PROPERTY
=VALUE
,…]] [--source-instance-zone
=SOURCE_INSTANCE_ZONE
] [--storage-location
=LOCATION
] [--kms-key
=KMS_KEY
:--kms-keyring
=KMS_KEYRING
--kms-location
=KMS_LOCATION
--kms-project
=KMS_PROJECT
] [GCLOUD_WIDE_FLAG …
]
-
- DESCRIPTION
-
(ALPHA)
Create a Compute Engine machine image. - EXAMPLES
-
To create a machine image, run:
gcloud alpha compute machine-images create my-machine-image --source-instance=example-source --source-instance-zone=us-central1-a
- POSITIONAL ARGUMENTS
-
IMAGE
- Name of the machineImage to create.
- REQUIRED FLAGS
-
--source-instance
=SOURCE_INSTANCE
- The source instance to create a machine image from.
- OPTIONAL FLAGS
-
--csek-key-file
=FILE
-
Path to a Customer-Supplied Encryption Key (CSEK) key file that maps Compute
Engine machine images to user managed keys to be used when creating, mounting,
or taking snapshots of disks.
If you pass
-
as value of the flag, the CSEK is read from stdin. See https://cloud.google.com/compute/docs/disks/customer-supplied-encryption for more details. --description
=DESCRIPTION
- Specifies a text description of the machine image.
--guest-flush
- Create an application-consistent machine image by informing the OS to prepare for the snapshot process.
--require-csek-key-create
-
Refuse to create machine images not protected by a user managed key in the key
file when --csek-key-file is given. This behavior is enabled by default to
prevent incorrect gcloud invocations from accidentally creating machine images
with no user managed key. Disabling the check allows creation of some machine
images without a matching Customer-Supplied Encryption Key in the supplied
--csek-key-file. See https://cloud.google.com/compute/docs/disks/customer-supplied-encryption
for more details. Enabled by default, use
--no-require-csek-key-create
to disable. --source-disk-csek-key
=[PROPERTY
=VALUE
,…]-
Customer-supplied encryption key of the disk attached to the source instance.
Required if the source disk is protected by a customer-supplied encryption key.
This flag can be repeated to specify multiple attached disks.
disk
- URL of the disk attached to the source instance. This can be a full or valid partial URL
csek-key-file
- path to customer-supplied encryption key.
--source-instance-zone
=SOURCE_INSTANCE_ZONE
-
Zone of the instance to operate on. If not specified and the
property isn't set, you might be prompted to select a zone (interactive mode only).compute/zone
To avoid prompting when this flag is omitted, you can set the
property:compute/zone
gcloud config set compute/zone ZONE
A list of zones can be fetched by running:
gcloud compute zones list
To unset the property, run:
gcloud config unset compute/zone
Alternatively, the zone can be stored in the environment variable
.CLOUDSDK_COMPUTE_ZONE
--storage-location
=LOCATION
- Google Cloud Storage location, either regional or multi-regional, where machine image's content is to be stored. If absent, a nearby regional or multi-regional location is chosen automatically.
-
Key resource - The Cloud KMS (Key Management Service) cryptokey that will be
used to protect the machine image. The 'Compute Engine Service Agent' service
account must hold permission 'Cloud KMS CryptoKey Encrypter/Decrypter'. The
arguments in this group can be used to specify the attributes of this resource.
--kms-key
=KMS_KEY
-
ID of the key or fully qualified identifier for the key.
To set the
kms-key
attribute:-
provide the argument
--kms-key
on the command line.
This flag argument must be specified if any of the other arguments in this group are specified.
-
provide the argument
--kms-keyring
=KMS_KEYRING
-
The KMS keyring of the key.
To set the
kms-keyring
attribute:-
provide the argument
--kms-key
on the command line with a fully specified name; -
provide the argument
--kms-keyring
on the command line.
-
provide the argument
--kms-location
=KMS_LOCATION
-
The Google Cloud location for the key.
To set the
kms-location
attribute:-
provide the argument
--kms-key
on the command line with a fully specified name; -
provide the argument
--kms-location
on the command line.
-
provide the argument
--kms-project
=KMS_PROJECT
-
The Google Cloud project for the key.
To set the
kms-project
attribute:-
provide the argument
--kms-key
on the command line with a fully specified name; -
provide the argument
--kms-project
on the command line; -
set the property
core/project
.
-
provide the argument
- GCLOUD WIDE FLAGS
-
These flags are available to all commands:
--access-token-file
,--account
,--billing-project
,--configuration
,--flags-file
,--flatten
,--format
,--help
,--impersonate-service-account
,--log-http
,--project
,--quiet
,--trace-token
,--user-output-enabled
,--verbosity
.Run
$ gcloud help
for details. - NOTES
-
This command is currently in alpha and might change without notice. If this
command fails with API permission errors despite specifying the correct project,
you might be trying to access an API with an invitation-only early access
allowlist. These variants are also available:
gcloud compute machine-images create
gcloud beta compute machine-images create
Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2024-05-29 UTC.