- NAME
-
- gcloud alpha network-security firewall-endpoint-associations create - create a Firewall Plus endpoint association
- SYNOPSIS
-
-
gcloud alpha network-security firewall-endpoint-associations create
[ASSOCIATION_ID
]--network
=NETWORK
--zone
=ZONE
(--endpoint
=ENDPOINT
:--endpoint-zone
=ENDPOINT_ZONE
--organization
=ORGANIZATION
) [--async
] [--labels
=[KEY
=VALUE
,…]] [--max-wait
=MAX_WAIT
; default="60m"] [--tls-inspection-policy
=TLS_INSPECTION_POLICY
:--tls-inspection-policy-project
=TLS_INSPECTION_POLICY_PROJECT
--tls-inspection-policy-region
=TLS_INSPECTION_POLICY_REGION
] [GCLOUD_WIDE_FLAG …
]
-
- DESCRIPTION
-
(ALPHA)
Associate the specified network with the firewall endpoint. Successful creation of a firewall endpoint association results in an association in READY state. Check the progress of association creation by usinggcloud network-security firewall-endpoint-associations list
.For more examples, refer to the EXAMPLES section below.
- EXAMPLES
-
To associate a network with a firewall endpoint, run:
gcloud alpha network-security firewall-endpoint-associations create --network=projects/my-project/networks/global/myNetwork --endpoint=organizations/1234/locations/us-central1-a/firewallEndpoints/my-endpoint --zone=us-central1-a --project=my-project
- POSITIONAL ARGUMENTS
-
- [
ASSOCIATION_ID
] - Name to give the association. If not specified, an auto-generated UUID will be used.
- [
- REQUIRED FLAGS
-
-
Network resource - Firewall Plus. This represents a Cloud resource. (NOTE) Some
attributes are not given arguments in this group but can be set in other ways.
To set the
project
attribute:-
provide the argument
--network
on the command line with a fully specified name; -
provide the argument
--project
on the command line; -
set the property
core/project
.
This must be specified.
--network
=NETWORK
-
ID of the network or fully qualified identifier for the network.
To set the
network-name
attribute:-
provide the argument
--network
on the command line.
-
provide the argument
-
provide the argument
--zone
=ZONE
- Zone of a firewall endpoint association
-
Firewall endpoint resource - Firewall Plus. The arguments in this group can be
used to specify the attributes of this resource.
This must be specified.
--endpoint
=ENDPOINT
-
ID of the firewall endpoint or fully qualified identifier for the firewall
endpoint.
To set the
endpoint-name
attribute:-
provide the argument
--endpoint
on the command line.
This flag argument must be specified if any of the other arguments in this group are specified.
-
provide the argument
--endpoint-zone
=ENDPOINT_ZONE
-
Zone of the firewall endpoint.
To set the
endpoint-zone
attribute:-
provide the argument
--endpoint
on the command line with a fully specified name; -
provide the argument
--endpoint-zone
on the command line; -
provide the argument
--zone
on the command line; -
provide the argument
FIREWALL_ENDPOINT_ASSOCIATION
on the command line with a fully specified name.
-
provide the argument
--organization
=ORGANIZATION
-
Organization ID to which the changes should apply.
To set the
organization
attribute:-
provide the argument
--endpoint
on the command line with a fully specified name; -
provide the argument
--organization
on the command line.
-
provide the argument
-
Network resource - Firewall Plus. This represents a Cloud resource. (NOTE) Some
attributes are not given arguments in this group but can be set in other ways.
- OPTIONAL FLAGS
-
--async
-
Return immediately, without waiting for the operation in progress to complete.
The default is
True
. Enabled by default, use--no-async
to disable. --labels
=[KEY
=VALUE
,…]-
List of label KEY=VALUE pairs to add.
Keys must start with a lowercase character and contain only hyphens (
-
), underscores (_
), lowercase characters, and numbers. Values must contain only hyphens (-
), underscores (_
), lowercase characters, and numbers. --max-wait
=MAX_WAIT
; default="60m"- Time to synchronously wait for the operation to complete, after which the operation continues asynchronously. Ignored if --no-async isn't specified. See $ gcloud topic datetimes for information on time formats.
-
TLS Inspection Policy resource - Path to TLS Inspection Policy configuration to
use for intercepting TLS-encrypted traffic in this network. The arguments in
this group can be used to specify the attributes of this resource.
--tls-inspection-policy
=TLS_INSPECTION_POLICY
-
ID of the TLS Inspection Policy or fully qualified identifier for the TLS
Inspection Policy.
To set the
tls_inspection_policy
attribute:-
provide the argument
--tls-inspection-policy
on the command line.
This flag argument must be specified if any of the other arguments in this group are specified.
-
provide the argument
--tls-inspection-policy-project
=TLS_INSPECTION_POLICY_PROJECT
-
Project of the TLS Inspection Policy.
To set the
tls-inspection-policy-project
attribute:-
provide the argument
--tls-inspection-policy
on the command line with a fully specified name; -
provide the argument
--tls-inspection-policy-project
on the command line; -
provide the argument
--project
on the command line; -
provide the argument
FIREWALL_ENDPOINT_ASSOCIATION
on the command line with a fully specified name.
-
provide the argument
--tls-inspection-policy-region
=TLS_INSPECTION_POLICY_REGION
-
Region of the TLS Inspection Policy. NOTE: TLS Inspection Policy needs to be in
the same region as Firewall Plus endpoint resource.
To set the
tls-inspection-policy-region
attribute:-
provide the argument
--tls-inspection-policy
on the command line with a fully specified name; -
provide the argument
--tls-inspection-policy-region
on the command line.
-
provide the argument
- GCLOUD WIDE FLAGS
-
These flags are available to all commands:
--access-token-file
,--account
,--billing-project
,--configuration
,--flags-file
,--flatten
,--format
,--help
,--impersonate-service-account
,--log-http
,--project
,--quiet
,--trace-token
,--user-output-enabled
,--verbosity
.Run
$ gcloud help
for details. - NOTES
-
This command is currently in alpha and might change without notice. If this
command fails with API permission errors despite specifying the correct project,
you might be trying to access an API with an invitation-only early access
allowlist. These variants are also available:
gcloud network-security firewall-endpoint-associations create
gcloud beta network-security firewall-endpoint-associations create
Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2024-03-19 UTC.