gcloud workbench instances create

NAME
gcloud workbench instances create - creates a workbench instance
SYNOPSIS
gcloud workbench instances create (INSTANCE : --location=LOCATION) [--async] [--disable-proxy-access] [--enable-third-party-identity] [--instance-owners=INSTANCE_OWNERS] [--labels=[KEY=VALUE,…]] [--disable-public-ip --enable-ip-forwarding --machine-type=MACHINE_TYPE; default="n1-standard-4" --metadata=[KEY=VALUE,…] --min-cpu-platform=MIN_CPU_PLATFORM --service-account-email=SERVICE_ACCOUNT_EMAIL --tags=[TAGS,…] --accelerator-core-count=ACCELERATOR_CORE_COUNT --accelerator-type=ACCELERATOR_TYPE --boot-disk-encryption=BOOT_DISK_ENCRYPTION --boot-disk-size=BOOT_DISK_SIZE --boot-disk-type=BOOT_DISK_TYPE [--boot-disk-kms-key=BOOT_DISK_KMS_KEY : --boot-disk-encryption-key-keyring=BOOT_DISK_ENCRYPTION_KEY_KEYRING --boot-disk-encryption-key-location=BOOT_DISK_ENCRYPTION_KEY_LOCATION --boot-disk-encryption-key-project=BOOT_DISK_ENCRYPTION_KEY_PROJECT] [--container-repository=CONTAINER_REPOSITORY : --container-tag=CONTAINER_TAG]     | [(--vm-image-family=VM_IMAGE_FAMILY | --vm-image-name=VM_IMAGE_NAME) : --vm-image-project=VM_IMAGE_PROJECT; default="deeplearning-platform-release"] --custom-gpu-driver-path=CUSTOM_GPU_DRIVER_PATH --install-gpu-driver --data-disk-encryption=DATA_DISK_ENCRYPTION --data-disk-size=DATA_DISK_SIZE --data-disk-type=DATA_DISK_TYPE [--data-disk-kms-key=DATA_DISK_KMS_KEY : --data-disk-encryption-key-keyring=DATA_DISK_ENCRYPTION_KEY_KEYRING --data-disk-encryption-key-location=DATA_DISK_ENCRYPTION_KEY_LOCATION --data-disk-encryption-key-project=DATA_DISK_ENCRYPTION_KEY_PROJECT] --network=NETWORK --nic-type=NIC_TYPE [--subnet=SUBNET : --subnet-region=SUBNET_REGION] --shielded-integrity-monitoring=SHIELDED_INTEGRITY_MONITORING --shielded-secure-boot=SHIELDED_SECURE_BOOT --shielded-vtpm=SHIELDED_VTPM] [GCLOUD_WIDE_FLAG]
DESCRIPTION
Creates a workbench instance.
EXAMPLES
To create an instance from a VmImage family, run:
gcloud workbench instances create example-instance --vm-image-project=cloud-notebooks-managed --vm-image-family=workbench-instances --machine-type=n1-standard-4 --location=us-central1-b

To create an instance from a VmImage name, run:

gcloud workbench instances create example-instance --vm-image-project=cloud-notebooks-managed --vm-image-name=workbench-instances-v20230925-debian-11-py310 --machine-type=n1-standard-4 --location=us-central1-b

To create an instance from a Container Repository, run:

gcloud workbench instances create example-instance --container-repository=gcr.io/deeplearning-platform-release/base-cpu --container-tag=latest --machine-type=n1-standard-4 --location=us-central1-b

To create an instance with shielded-secure-boot, shielded-vtpm and shielded-integrity-monitoring disabled, run:

gcloud workbench instances create example-instance --shielded-integrity-monitoring=false --shielded-secure-boot=false --shielded-vtpm=false --location=us-central1-b
POSITIONAL ARGUMENTS
Instance resource - User-defined unique name of this instance. The instance name must be 1 to 63 characters long and contain only lowercase letters, numeric characters, and dashes. The first character must be a lowercase letter and the last character cannot be a dash. The arguments in this group can be used to specify the attributes of this resource. (NOTE) Some attributes are not given arguments in this group but can be set in other ways.

To set the project attribute:

  • provide the argument instance on the command line with a fully specified name;
  • provide the argument --project on the command line;
  • set the property core/project.

This must be specified.

INSTANCE
ID of the instance or fully qualified identifier for the instance.

To set the instance attribute:

  • provide the argument instance on the command line.

This positional argument must be specified if any of the other arguments in this group are specified.

--location=LOCATION
Google Cloud location of this environment https://cloud.google.com/compute/docs/regions-zones/#locations.

To set the location attribute:

  • provide the argument instance on the command line with a fully specified name;
  • provide the argument --location on the command line;
  • set the property notebooks/location.
FLAGS
--async
Return immediately, without waiting for the operation in progress to complete.
--disable-proxy-access
If true, the notebook instance will not register with the proxy.
--enable-third-party-identity
If true, the notebook instance provide a proxy endpoint which allows for third party identity.
--instance-owners=INSTANCE_OWNERS
The owners of this instance after creation. Format: alias@example.com. Currently supports one owner only. If not specified, all of the service account users of the VM instance's service account can use the instance.
--labels=[KEY=VALUE,…]
Labels to apply to this instance. These can be later modified by the setLabels method.
Gce Setup for the instance
--disable-public-ip
If specified, no public IP will be assigned to this instance.
--enable-ip-forwarding
If specified, IP forwarding will be enabled for this instance.
--machine-type=MACHINE_TYPE; default="n1-standard-4"
The Compute Engine machine type of this instance.
--metadata=[KEY=VALUE,…]
Custom metadata to apply to this instance.
--min-cpu-platform=MIN_CPU_PLATFORM
The minimum CPU platform to use for this instance. The list of valid values can be found in https://cloud.google.com/compute/docs/instances/specify-min-cpu-platform#availablezones
The service account on this instance, giving access to other Google Cloud services. You can use any service account within the same project, but you must grant the service account user permission to use the instance. If not specified, the Compute Engine default service account is used.
--service-account-email=SERVICE_ACCOUNT_EMAIL
The service account on this instance, giving access to other Google Cloud services. You can use any service account within the same project, but you must grant the service account user permission to use the instance. If not specified, the Compute Engine default service account is used.
--tags=[TAGS,…]
Tags to apply to this instance.
The hardware accelerator used on this instance. If you use accelerators, make sure that your configuration has enough vCPUs and memory to support the `machine_type` you have selected.
--accelerator-core-count=ACCELERATOR_CORE_COUNT
Count of cores of this accelerator.
--accelerator-type=ACCELERATOR_TYPE
Type of this accelerator. ACCELERATOR_TYPE must be one of: NVIDIA_TESLA_K80, NVIDIA_TESLA_P100, NVIDIA_TESLA_V100, NVIDIA_TESLA_P4, NVIDIA_TESLA_T4, NVIDIA_TESLA_A100, NVIDIA_A100_80GB, NVIDIA_TESLA_T4_VWS, NVIDIA_TESLA_P100_VWS, NVIDIA_TESLA_P4_VWS, NVIDIA_L4, NVIDIA_H100_80GB, NVIDIA_H100_MEGA_80GB.
Boot disk configurations.
--boot-disk-encryption=BOOT_DISK_ENCRYPTION
Disk encryption method used on the boot disk, defaults to GMEK. BOOT_DISK_ENCRYPTION must be one of: GMEK, CMEK.
--boot-disk-size=BOOT_DISK_SIZE
Size of boot disk in GB attached to this instance, up to a maximum of 64000 GB (64 TB). The minimum recommended value is 100 GB. If not specified, this defaults to 100.
--boot-disk-type=BOOT_DISK_TYPE
Type of boot disk attached to this instance, defaults to standard persistent disk (PD_STANDARD). BOOT_DISK_TYPE must be one of: PD_STANDARD, PD_SSD, PD_BALANCED, PD_EXTREME.
Key resource - The Cloud KMS (Key Management Service) cryptokey that will be used to protect the boot_disk. The 'Compute Engine Service Agent' service account must hold permission 'Cloud KMS CryptoKey Encrypter/Decrypter'. The arguments in this group can be used to specify the attributes of this resource.
--boot-disk-kms-key=BOOT_DISK_KMS_KEY
ID of the key or fully qualified identifier for the key.

To set the kms-key attribute:

  • provide the argument --boot-disk-kms-key on the command line.

This flag argument must be specified if any of the other arguments in this group are specified.

--boot-disk-encryption-key-keyring=BOOT_DISK_ENCRYPTION_KEY_KEYRING
The KMS keyring of the key.

To set the kms-keyring attribute:

  • provide the argument --boot-disk-kms-key on the command line with a fully specified name;
  • provide the argument --boot-disk-encryption-key-keyring on the command line.
--boot-disk-encryption-key-location=BOOT_DISK_ENCRYPTION_KEY_LOCATION
The Google Cloud location for the key.

To set the kms-location attribute:

  • provide the argument --boot-disk-kms-key on the command line with a fully specified name;
  • provide the argument --boot-disk-encryption-key-location on the command line.
--boot-disk-encryption-key-project=BOOT_DISK_ENCRYPTION_KEY_PROJECT
The Google Cloud project for the key.

To set the kms-project attribute:

  • provide the argument --boot-disk-kms-key on the command line with a fully specified name;
  • provide the argument --boot-disk-encryption-key-project on the command line;
  • set the property core/project.
At most one of these can be specified:
--container-repository=CONTAINER_REPOSITORY
The path to the container image repository. For example: gcr.io/{project_id}/{image_name}.

This flag argument must be specified if any of the other arguments in this group are specified.

--container-tag=CONTAINER_TAG
The tag of the container image. If not specified, this defaults to the latest tag.
--vm-image-project=VM_IMAGE_PROJECT; default="deeplearning-platform-release"
The ID of the Google Cloud project that this VM image belongs to. Format: projects/{project_id}.
Exactly one of these must be specified:
--vm-image-family=VM_IMAGE_FAMILY
Use this VM image family to find the image; the newest image in this family will be used.
--vm-image-name=VM_IMAGE_NAME
Use this VM image name to find the image.
GPU driver configurations.
--custom-gpu-driver-path=CUSTOM_GPU_DRIVER_PATH
Specify a custom Cloud Storage path where the GPU driver is stored. If not specified, we'll automatically choose from official GPU drivers.
--install-gpu-driver
Whether the end user authorizes Google Cloud to install a GPU driver on this instance. If this field is empty or set to false, the GPU driver won't be installed. Only applicable to instances with GPUs.
Data disk configurations.
--data-disk-encryption=DATA_DISK_ENCRYPTION
Disk encryption method used on the data disk, defaults to GMEK. DATA_DISK_ENCRYPTION must be one of: GMEK, CMEK.
--data-disk-size=DATA_DISK_SIZE
Size of data disk in GB attached to this instance, up to a maximum of 64000 GB (64 TB). The minimum recommended value is 100 GB. If not specified, this defaults to 100.
--data-disk-type=DATA_DISK_TYPE
Type of data disk attached to this instance, defaults to standard persistent disk (PD_STANDARD). DATA_DISK_TYPE must be one of: PD_STANDARD, PD_SSD, PD_BALANCED, PD_EXTREME.
Key resource - The Cloud KMS (Key Management Service) cryptokey that will be used to protect the data_disk. The 'Compute Engine Service Agent' service account must hold permission 'Cloud KMS CryptoKey Encrypter/Decrypter'. The arguments in this group can be used to specify the attributes of this resource.
--data-disk-kms-key=DATA_DISK_KMS_KEY
ID of the key or fully qualified identifier for the key.

To set the kms-key attribute:

  • provide the argument --data-disk-kms-key on the command line.

This flag argument must be specified if any of the other arguments in this group are specified.

--data-disk-encryption-key-keyring=DATA_DISK_ENCRYPTION_KEY_KEYRING
The KMS keyring of the key.

To set the kms-keyring attribute:

  • provide the argument --data-disk-kms-key on the command line with a fully specified name;
  • provide the argument --data-disk-encryption-key-keyring on the command line.
--data-disk-encryption-key-location=DATA_DISK_ENCRYPTION_KEY_LOCATION
The Google Cloud location for the key.

To set the kms-location attribute:

  • provide the argument --data-disk-kms-key on the command line with a fully specified name;
  • provide the argument --data-disk-encryption-key-location on the command line.
--data-disk-encryption-key-project=DATA_DISK_ENCRYPTION_KEY_PROJECT
The Google Cloud project for the key.

To set the kms-project attribute:

  • provide the argument --data-disk-kms-key on the command line with a fully specified name;
  • provide the argument --data-disk-encryption-key-project on the command line;
  • set the property core/project.
Network configs.
Network resource - The name of the VPC that this instance is in. Format: projects/{project_id}/global/networks/{network_id}. This represents a Cloud resource. (NOTE) Some attributes are not given arguments in this group but can be set in other ways.

To set the project attribute:

  • provide the argument --network on the command line with a fully specified name;
  • provide the argument --project on the command line;
  • set the property core/project.
--network=NETWORK
ID of the network or fully qualified identifier for the network.

To set the network attribute:

  • provide the argument --network on the command line.
--nic-type=NIC_TYPE
Type of the network interface card. NIC_TYPE must be one of: VIRTIGO_NET, GVNIC.
Subnetwork resource - The name of the subnet that this instance is in. Format: projects/{project_id}/regions/{region}/subnetworks/{subnetwork_id}. The arguments in this group can be used to specify the attributes of this resource. (NOTE) Some attributes are not given arguments in this group but can be set in other ways.

To set the project attribute:

  • provide the argument --subnet on the command line with a fully specified name;
  • provide the argument --project on the command line;
  • set the property core/project.
--subnet=SUBNET
ID of the subnetwork or fully qualified identifier for the subnetwork.

To set the subnet attribute:

  • provide the argument --subnet on the command line.

This flag argument must be specified if any of the other arguments in this group are specified.

--subnet-region=SUBNET_REGION
Google Cloud region of this subnetwork https://cloud.google.com/compute/docs/regions-zones/#locations.

To set the subnet-region attribute:

  • provide the argument --subnet on the command line with a fully specified name;
  • provide the argument --subnet-region on the command line.
Shielded VM configurations.
--shielded-integrity-monitoring=SHIELDED_INTEGRITY_MONITORING
Boolean. Enable monitoring of the boot integrity of the instance. Supported values: true, false.
--shielded-secure-boot=SHIELDED_SECURE_BOOT
Boolean. Boot instance with secure boot enabled. Supported values: true, false.
--shielded-vtpm=SHIELDED_VTPM
Boolean. Boot instance with TPM (Trusted Platform Module) enabled. Supported values: true, false.
GCLOUD WIDE FLAGS
These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, --help, --impersonate-service-account, --log-http, --project, --quiet, --trace-token, --user-output-enabled, --verbosity.

Run $ gcloud help for details.