- NAME
-
- gcloud - manage Google Cloud resources and developer workflow
- SYNOPSIS
-
-
gcloud
GROUP
|COMMAND
[--account
=ACCOUNT
] [--billing-project
=BILLING_PROJECT
] [--configuration
=CONFIGURATION
] [--flags-file
=YAML_FILE
] [--flatten
=[KEY
,…]] [--format
=FORMAT
] [--help
] [--project
=PROJECT_ID
] [--quiet
,-q
] [--verbosity
=VERBOSITY
; default="warning"] [--version
,-v
] [-h
] [--access-token-file
=ACCESS_TOKEN_FILE
] [--impersonate-service-account
=SERVICE_ACCOUNT_EMAILS
] [--log-http
] [--trace-token
=TRACE_TOKEN
] [--no-user-output-enabled
]
-
- DESCRIPTION
-
The
gcloud
CLI manages authentication, local configuration, developer workflow, and interactions with the Google Cloud APIs.For a quick introduction to the
gcloud
CLI, a list of commonly used commands, and a look at how these commands are structured, rungcloud cheat-sheet
or see the `gcloud` CLI cheat sheet. - GLOBAL FLAGS
-
--account
=ACCOUNT
-
Google Cloud user account to use for invocation. Overrides the default
core/account
property value for this command invocation. --billing-project
=BILLING_PROJECT
-
The Google Cloud project that will be charged quota for operations performed in
gcloud
. If you need to operate on one project, but need quota against a different project, you can use this flag to specify the billing project. If bothbilling/quota_project
and--billing-project
are specified,--billing-project
takes precedence. Run$ gcloud config set --help
to see more information aboutbilling/quota_project
. --configuration
=CONFIGURATION
-
File name of the configuration to use for this command invocation. For more
information on how to use configurations, run:
gcloud topic configurations
. You can also use the CLOUDSDK_ACTIVE_CONFIG_NAME environment variable to set the equivalent of this flag for a terminal session. --flags-file
=YAML_FILE
-
A YAML or JSON file that specifies a
--flag
:value
dictionary. Useful for specifying complex flag values with special characters that work with any command interpreter. Additionally, each--flags-file
arg is replaced by its constituent flags. See $ gcloud topic flags-file for more information. --flatten
=[KEY
,…]-
Flatten
name
[] output resource slices inKEY
into separate records for each item in each slice. Multiple keys and slices may be specified. This also flattens keys for--format
and--filter
. For example,--flatten=abc.def
flattensabc.def[].ghi
references toabc.def.ghi
. A resource record containingabc.def[]
with N elements will expand to N records in the flattened output. This allows us to specify whatresource-key
thefilter
will operate on. This flag interacts with other flags that are applied in this order:--flatten
,--sort-by
,--filter
,--limit
. --format
=FORMAT
-
Sets the format for printing command output resources. The default is a
command-specific human-friendly output format. If both
core/format
and--format
are specified,--format
takes precedence.--format
andcore/format
both take precedence overcore/default_format
. The supported formats are limited to:config
,csv
,default
,diff
,disable
,flattened
,get
,json
,list
,multi
,none
,object
,table
,text
,value
,yaml
. For more details run $ gcloud topic formats. Run$ gcloud config set --help
to see more information aboutcore/format
--help
- Display detailed help.
--project
=PROJECT_ID
-
The Google Cloud project ID to use for this invocation. If omitted, then the
current project is assumed; the current project can be listed using
gcloud config list --format='text(core.project)'
and can be set usinggcloud config set project PROJECTID
.--project
and its fallbackcore/project
property play two roles in the invocation. It specifies the project of the resource to operate on. It also specifies the project for API enablement check, quota, and billing. To specify a different project for quota and billing, use--billing-project
orbilling/quota_project
property. --quiet
,-q
-
Disable all interactive prompts when running
gcloud
commands. If input is required, defaults will be used, or an error will be raised.Overrides the default core/disable_prompts property value for this command invocation. This is equivalent to setting the environment variable
CLOUDSDK_CORE_DISABLE_PROMPTS
to 1. --verbosity
=VERBOSITY
; default="warning"-
Override the default verbosity for this command. Overrides the default
core/verbosity
property value for this command invocation.VERBOSITY
must be one of:debug
,info
,warning
,error
,critical
,none
. --version
,-v
- Print version information and exit. This flag is only available at the global level.
-h
- Print a summary help and exit.
- OTHER FLAGS
-
--access-token-file
=ACCESS_TOKEN_FILE
-
A file path to read the access token. Use this flag to authenticate
gcloud
with an access token. The credentials of the active account (if exists) will be ignored. The file should only contain an access token with no other information. Overrides the defaultauth/access_token_file
property value for this command invocation. --impersonate-service-account
=SERVICE_ACCOUNT_EMAILS
-
For this
gcloud
invocation, all API requests will be made as the given service account or target service account in an impersonation delegation chain instead of the currently selected account. You can specify either a single service account as the impersonator, or a comma-separated list of service accounts to create an impersonation delegation chain. The impersonation is done without needing to create, download, and activate a key for the service account or accounts.In order to make API requests as a service account, your currently selected account must have an IAM role that includes the
iam.serviceAccounts.getAccessToken
permission for the service account or accounts.The
roles/iam.serviceAccountTokenCreator
role has theiam.serviceAccounts.getAccessToken permission
. You can also create a custom role.You can specify a list of service accounts, separated with commas. This creates an impersonation delegation chain in which each service account delegates its permissions to the next service account in the chain. Each service account in the list must have the
roles/iam.serviceAccountTokenCreator
role on the next service account in the list. For example, when--impersonate-service-account=
,SERVICE_ACCOUNT_1
, the active account must have theSERVICE_ACCOUNT_2
roles/iam.serviceAccountTokenCreator
role on
, which must have theSERVICE_ACCOUNT_1
roles/iam.serviceAccountTokenCreator
role on
.SERVICE_ACCOUNT_2
is the impersonated service account andSERVICE_ACCOUNT_1
is the delegate.SERVICE_ACCOUNT_2
Overrides the default
auth/impersonate_service_account
property value for this command invocation. --log-http
-
Log all HTTP server requests and responses to stderr. Overrides the default
core/log_http
property value for this command invocation. --trace-token
=TRACE_TOKEN
-
Token used to route traces of service requests for investigation of issues.
Overrides the default
core/trace_token
property value for this command invocation. --user-output-enabled
-
(DEPRECATED) Print user intended output to the console.
The
--user-output-enabled
flag will no longer support the explicit use of thetrue/false
optional value in an upcoming release.
- GROUPS
-
is one of the following:GROUP
access-approval
- Manage Access Approval requests and settings.
access-context-manager
- Manage Access Context Manager resources.
active-directory
- Manage Managed Microsoft AD resources.
ai
- Manage entities in Vertex AI.
ai-platform
- Manage AI Platform jobs and models.
alloydb
- Create and manage AlloyDB databases.
alpha
-
(ALPHA)
Alpha versions of gcloud commands. anthos
- Anthos command Group.
api-gateway
- Manage Cloud API Gateway resources.
apigee
- Manage Apigee resources.
app
- Manage your App Engine deployments.
apphub
- Manage App Hub resources.
artifacts
- Manage Artifact Registry resources.
asset
- Manage the Cloud Asset Inventory.
assured
- Read and manipulate Assured Workloads data controls.
audit-manager
- Enroll resources, audit workloads and generate reports.
auth
- Manage oauth2 credentials for the Google Cloud CLI.
backup-dr
- Manage Backup and DR resources.
batch
- Manage Batch resources.
beta
-
(BETA)
Beta versions of gcloud commands. bigtable
- Manage your Cloud Bigtable storage.
billing
- Manage billing accounts and associate them with projects.
bms
- Manage Bare Metal Solution resources.
builds
- Create and manage builds for Google Cloud Build.
certificate-manager
- Manage SSL certificates for your Google Cloud projects.
cloud-shell
- Manage Google Cloud Shell.
colab
- Manage Colab Enterprise resources.
components
- List, install, update, or remove Google Cloud CLI components.
composer
- Create and manage Cloud Composer Environments.
compute
- Create and manipulate Compute Engine resources.
config
- View and edit Google Cloud CLI properties.
container
- Deploy and manage clusters of machines for running containers.
data-catalog
- Manage Data Catalog resources.
database-migration
- Manage Database Migration Service resources.
dataflow
- Manage Google Cloud Dataflow resources.
dataplex
- Manage Dataplex resources.
dataproc
- Create and manage Google Cloud Dataproc clusters and jobs.
datastore
- Manage your Cloud Datastore resources.
datastream
- Manage Cloud Datastream resources.
deploy
- Create and manage Cloud Deploy resources.
deployment-manager
- Manage deployments of cloud resources.
dns
- Manage your Cloud DNS managed-zones and record-sets.
domains
- Manage domains for your Google Cloud projects.
edge-cache
- Manage Media CDN resources.
edge-cloud
- Manage edge-cloud resources.
emulators
- Set up your local development environment using emulators.
endpoints
- Create, enable and manage API services.
essential-contacts
- Manage Essential Contacts.
eventarc
- Manage Eventarc resources.
filestore
- Create and manipulate Filestore resources.
firebase
- Work with Google Firebase.
firestore
- Manage your Cloud Firestore resources.
functions
- Manage Google Cloud Functions.
gemini
- Manage code repository index resources.
healthcare
- Manage Cloud Healthcare resources.
iam
- Manage IAM service accounts and keys.
iap
- Manage IAP policies.
identity
- Manage Cloud Identity Groups and Memberships resources.
ids
- Manage Cloud IDS.
immersive-stream
- Manage Immersive Stream resources.
infra-manager
- Manage Infra Manager resources.
kms
- Manage cryptographic keys in the cloud.
logging
- Manage Cloud Logging.
looker
- Manage Looker resources.
managed-kafka
- Administer Managed Service for Apache Kafka clusters, topics, and consumer groups.
memcache
- Manage Cloud Memorystore Memcached resources.
metastore
- Manage Dataproc Metastore resources.
migration
- The root group for various Cloud Migration teams.
ml
- Use Google Cloud machine learning capabilities.
ml-engine
- Manage AI Platform jobs and models.
monitoring
- Manage Cloud Monitoring dashboards.
netapp
- Create and manipulate Cloud NetApp Files resources.
network-connectivity
- Manage Network Connectivity Center resources.
network-management
- Manage Network Management resources.
network-security
- Manage Network Security resources.
network-services
- Manage Network Services resources.
notebooks
- Notebooks Command Group.
oracle-database
- Manage Oracle Database resources.
org-policies
- Create and manage Organization Policies.
organizations
- Create and manage Google Cloud Platform Organizations.
pam
- Manage Privileged Access Manager (PAM) entitlements and grants.
policy-intelligence
- A platform to help better understand, use, and manage policies at scale.
policy-troubleshoot
- Troubleshoot Google Cloud Platform policies.
preview
-
(PREVIEW)
Preview versions of gcloud commands. privateca
- Manage private Certificate Authorities on Google Cloud.
projects
- Create and manage project access policies.
publicca
- Manage accounts for Google Trust Services' Certificate Authority.
pubsub
- Manage Cloud Pub/Sub topics, subscriptions, and snapshots.
recaptcha
- Manage reCAPTCHA Enterprise Keys.
recommender
- Manage Cloud recommendations and recommendation rules.
redis
- Manage Cloud Memorystore Redis resources.
resource-manager
- Manage Cloud Resources.
run
- Manage your Cloud Run applications.
scc
- Manage Cloud SCC resources.
scheduler
- Manage Cloud Scheduler jobs and schedules.
secrets
- Manage secrets on Google Cloud.
service-directory
- Command groups for Service Directory.
service-extensions
- Manage Service Extensions resources.
services
- List, enable and disable APIs and services.
source
- Cloud git repository commands.
spanner
- Command groups for Cloud Spanner.
sql
- Create and manage Google Cloud SQL databases.
storage
- Create and manage Cloud Storage buckets and objects.
tasks
- Manage Cloud Tasks queues and tasks.
telco-automation
- Manage Telco Automation resources.
topic
- gcloud supplementary help.
transcoder
- Manage Transcoder jobs and job templates.
transfer
- Manage Transfer Service jobs, operations, and agents.
vmware
- Manage Google Cloud VMware Engine resources.
workbench
- Workbench Command Group.
workflows
- Manage your Cloud Workflows resources.
workspace-add-ons
- Manage Google Workspace Add-ons resources.
workstations
- Manage Cloud Workstations resources.
- COMMANDS
-
is one of the following:COMMAND
cheat-sheet
- Display gcloud cheat sheet.
docker
-
(DEPRECATED)
Enable Docker CLI access to Google Container Registry. feedback
- Provide feedback to the Google Cloud CLI team.
help
- Search gcloud help text.
info
- Display information about the current gcloud environment.
init
- Initialize or reinitialize gcloud.
survey
- Invoke a customer satisfaction survey for Google Cloud CLI.
version
- Print version information for Google Cloud CLI components.
Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2024-11-19 UTC.