man-page

GCLOUD(1)
GCLOUD(1)

NAME

gcloud - manage Google Cloud resources and developer workflow

gcloud GROUP | COMMAND [--account=ACCOUNT] [--billing-project=BILLING_PROJECT] [--configuration=CONFIGURATION] [--flags-file=YAML_FILE] [--flatten=[KEY,...]] [--format=FORMAT] [--help] [--project=PROJECT_ID] [--quiet, -q] [--verbosity=VERBOSITY; default="warning"] [--version, -v] [-h] [--access-token-file=ACCESS_TOKEN_FILE] [--impersonate-service-account=SERVICE_ACCOUNT_EMAILS] [--log-http] [--trace-token=TRACE_TOKEN] [--no-user-output-enabled]

DESCRIPTION

The gcloud CLI manages authentication, local configuration, developer workflow, and interactions with the Google Cloud APIs.

For a quick introduction to the gcloud CLI, a list of commonly used commands, and a look at how these commands are structured, run gcloud cheat-sheet or see the `gcloud` CLI cheat sheet https://cloud.google.com/sdk/docs/cheatsheet.

GLOBAL FLAGS

--account=ACCOUNT

Google Cloud user account to use for invocation. Overrides the default core/account property value for this command invocation.

--billing-project=BILLING_PROJECT

The Google Cloud project that will be charged quota for operations performed in gcloud. If you need to operate on one project, but need quota against a different project, you can use this flag to specify the billing project. If both billing/quota_project and --billing-project are specified, --billing-project takes precedence. Run $ gcloud config set --help to see more information about billing/quota_project.

--configuration=CONFIGURATION

The configuration to use for this command invocation. For more information on how to use configurations, run: gcloud topic configurations. You can also use the CLOUDSDK_ACTIVE_CONFIG_NAME environment variable to set the equivalent of this flag for a terminal session.

--flags-file=YAML_FILE

A YAML or JSON file that specifies a --flag:value dictionary. Useful for specifying complex flag values with special characters that work with any command interpreter. Additionally, each --flags-file arg is replaced by its constituent flags. See $ gcloud topic flags-file for more information.

--flatten=[KEY,...]

Flatten name[] output resource slices in KEY into separate records for each item in each slice. Multiple keys and slices may be specified. This also flattens keys for --format and --filter. For example, --flatten=abc.def flattens abc.def[].ghi references to abc.def.ghi. A resource record containing abc.def[] with N elements will expand to N records in the flattened output. This allows us to specify what resource-key the filter will operate on. This flag interacts with other flags that are applied in this order: --flatten, --sort-by, --filter, --limit.

--format=FORMAT

Sets the format for printing command output resources. The default is a command-specific human-friendly output format. If both core/format and --format are specified, --format takes precedence. --format and core/format both take precedence over core/default_format. The supported formats are limited to: config, csv, default, diff, disable, flattened, get, json, list, multi, none, object, table, text, value, yaml. For more details run $ gcloud topic formats. Run $ gcloud config set --help to see more information about core/format

--help

Display detailed help.

--project=PROJECT_ID

The Google Cloud project ID to use for this invocation. If omitted, then the current project is assumed; the current project can be listed using gcloud config list --format='text(core.project)' and can be set using gcloud config set project PROJECTID.

--project and its fallback core/project property play two roles in the invocation. It specifies the project of the resource to operate on. It also specifies the project for API enablement check, quota, and billing. To specify a different project for quota and billing, use --billing-project or billing/quota_project property.

--quiet, -q

Disable all interactive prompts when running gcloud commands. If input is required, defaults will be used, or an error will be raised.

Overrides the default core/disable_prompts property value for this command invocation. This is equivalent to setting the environment variable CLOUDSDK_CORE_DISABLE_PROMPTS to 1.

--verbosity=VERBOSITY; default="warning"

Override the default verbosity for this command. Overrides the default core/verbosity property value for this command invocation. VERBOSITY must be one of: debug, info, warning, error, critical, none.

--version, -v

Print version information and exit. This flag is only available at the global level.

-h

Print a summary help and exit.

OTHER FLAGS

--access-token-file=ACCESS_TOKEN_FILE

A file path to read the access token. Use this flag to authenticate gcloud with an access token. The credentials of the active account (if exists) will be ignored. The file should only contain an access token with no other information. Overrides the default auth/access_token_file property value for this command invocation.

--impersonate-service-account=SERVICE_ACCOUNT_EMAILS

For this gcloud invocation, all API requests will be made as the given service account or target service account in an impersonation delegation chain instead of the currently selected account. You can specify either a single service account as the impersonator, or a comma-separated list of service accounts to create an impersonation delegation chain. The impersonation is done without needing to create, download, and activate a key for the service account or accounts.

In order to make API requests as a service account, your currently selected account must have an IAM role that includes the iam.serviceAccounts.getAccessToken permission for the service account or accounts.

The roles/iam.serviceAccountTokenCreator role has the iam.serviceAccounts.getAccessToken permission. You can also create a custom role.

You can specify a list of service accounts, separated with commas. This creates an impersonation delegation chain in which each service account delegates its permissions to the next service account in the chain. Each service account in the list must have the roles/iam.serviceAccountTokenCreator role on the next service account in the list. For example, when --impersonate-service-account= SERVICE_ACCOUNT_1,SERVICE_ACCOUNT_2, the active account must have the roles/iam.serviceAccountTokenCreator role on SERVICE_ACCOUNT_1, which must have the roles/iam.serviceAccountTokenCreator role on SERVICE_ACCOUNT_2. SERVICE_ACCOUNT_1 is the impersonated service account and SERVICE_ACCOUNT_2 is the delegate.

Overrides the default auth/impersonate_service_account property value for this command invocation.

--log-http

Log all HTTP server requests and responses to stderr. Overrides the default core/log_http property value for this command invocation.

--trace-token=TRACE_TOKEN

Token used to route traces of service requests for investigation of issues. Overrides the default core/trace_token property value for this command invocation.

--user-output-enabled

Print user intended output to the console. Overrides the default core/user_output_enabled property value for this command invocation. Use --no-user-output-enabled to disable.

GROUPS

GROUP is one of the following:

access-approval

Manage Access Approval requests and settings.

access-context-manager

Manage Access Context Manager resources.

active-directory

Manage Managed Microsoft AD resources.

ai

Manage entities in Vertex AI.

ai-platform

Manage AI Platform jobs and models.

alloydb

Create and manage AlloyDB databases.

alpha

(ALPHA) Alpha versions of gcloud commands.

anthos

Anthos command Group.

api-gateway

Manage Cloud API Gateway resources.

apigee

Manage Apigee resources.

app

Manage your App Engine deployments.

artifacts

Manage Artifact Registry resources.

asset

Manage the Cloud Asset Inventory.

assured

Read and manipulate Assured Workloads data controls.

auth

Manage oauth2 credentials for the Google Cloud CLI.

batch

Manage Batch resources.

beta

(BETA) Beta versions of gcloud commands.

bigtable

Manage your Cloud Bigtable storage.

billing

Manage billing accounts and associate them with projects.

bms

Manage Bare Metal Solution resources.

builds

Create and manage builds for Google Cloud Build.

certificate-manager

Manage SSL certificates for your Google Cloud projects.

cloud-shell

Manage Google Cloud Shell.

components

List, install, update, or remove Google Cloud CLI components.

composer

Create and manage Cloud Composer Environments.

compute

Create and manipulate Compute Engine resources.

config

View and edit Google Cloud CLI properties.

container

Deploy and manage clusters of machines for running containers.

data-catalog

Manage Data Catalog resources.

database-migration

Manage Database Migration Service resources.

dataflow

Manage Google Cloud Dataflow resources.

dataplex

Manage Dataplex resources.

dataproc

Create and manage Google Cloud Dataproc clusters and jobs.

datastore

Manage your Cloud Datastore resources.

datastream

Manage Cloud Datastream resources.

debug

Commands for interacting with the Cloud Debugger.

deploy

Create and manage Google Cloud Deploy resources.

deployment-manager

Manage deployments of cloud resources.

dns

Manage your Cloud DNS managed-zones and record-sets.

domains

Manage domains for your Google Cloud projects.

edge-cache

Manage Media CDN resources.

edge-cloud

Manage edge-cloud resources.

emulators

Set up your local development environment using emulators.

endpoints

Create, enable and manage API services.

essential-contacts

Manage Essential Contacts.

eventarc

Manage Eventarc resources.

filestore

Create and manipulate Filestore resources.

firebase

Work with Google Firebase.

firestore

Manage your Cloud Firestore resources.

functions

Manage Google Cloud Functions.

game

Managed Cloud Game Services.

healthcare

Manage Cloud Healthcare resources.

iam

Manage IAM service accounts and keys.

iap

Manage IAP policies.

identity

Manage Cloud Identity Groups and Memberships resources.

ids

Manage Cloud IDS.

iot

Manage Cloud IoT resources.

kms

Manage cryptographic keys in the cloud.

logging

Manage Cloud Logging.

memcache

Manage Cloud Memorystore Memcached resources.

metastore

Manage Dataproc Metastore resources.

ml

Use Google Cloud machine learning capabilities.

ml-engine

Manage AI Platform jobs and models.

monitoring

Manage Cloud Monitoring dashboards.

network-connectivity

Manage Network Connectivity Center resources.

network-management

Manage Network Management resources.

network-security

Manage Network Security resources.

network-services

Manage Network Services resources.

notebooks

Notebooks Command Group.

org-policies

Create and manage Organization Policies.

organizations

Create and manage Google Cloud Platform Organizations.

policy-intelligence

A platform to help better understand, use and manage policies at scale.

policy-troubleshoot

Troubleshoot Google Cloud Platform policies.

privateca

Manage private Certificate Authorities on Google Cloud.

projects

Create and manage project access policies.

pubsub

Manage Cloud Pub/Sub topics, subscriptions, and snapshots.

recaptcha

Manage reCAPTCHA Enterprise Keys.

recommender

Manage Cloud recommendations and recommendation rules.

redis

Manage Cloud Memorystore Redis resources.

resource-manager

Manage Cloud Resources.

resource-settings

Create and manage Resource Settings.

run

Manage your Cloud Run applications.

scc

Manage Cloud SCC resources.

scheduler

Manage Cloud Scheduler jobs and schedules.

secrets

Manage secrets on Google Cloud.

service-directory

Command groups for Service Directory.

services

List, enable and disable APIs and services.

source

Cloud git repository commands.

spanner

Command groups for Cloud Spanner.

sql

Create and manage Google Cloud SQL databases.

storage

Create and manage Cloud Storage buckets and objects.

tasks

Manage Cloud Tasks queues and tasks.

topic

gcloud supplementary help.

transcoder

Manage Transcoder jobs and job templates.

transfer

Manage Transfer Service jobs, operations, and agents.

vmware

Manage Google Cloud VMware Engine resources.

workflows

Manage your Cloud Workflows resources.

workspace-add-ons

Manage Google Workspace Add-ons resources.

COMMANDS

COMMAND is one of the following: