gcloud alpha apigee products create - create an Apigee API product
gcloud alpha apigee products create [INTERNAL_NAME : --organization=ORGANIZATION] [--attributes=[NAME=VALUE,...]] [--description=DESCRIPTION] [--display-name=DISPLAY_NAME] [--manual-approval] [--oauth-scopes=[SCOPE,...]] [--all-environments | --environments=ENVIRONMENT,[ENVIRONMENT,...]] [--all-proxies | --apis=[API,...] --resources=RESOURCE#[RESOURCE#...]] [--internal-access | --private-access | --public-access] [--quota=QUOTA --quota-interval=QUOTA_INTERVAL --quota-unit=QUOTA_UNIT] [GCLOUD_WIDE_FLAG ...]
(ALPHA) Create an Apigee API product.
gcloud alpha apigee products create publishes a collection of API proxy resources as an API product.
API products combine their underlying API proxies with quota settings and metadata, to deliver customized and productized API bundles to the developer community.
API products enable the repackaging of APIs on-the-fly, without having to do any additional coding or configuration. Apigee recommends starting with a simple API product including only required elements, and then provisioning credentials to apps to enable them to start testing those APIs.
At minimum, a new API product requires an internal name, access policy, and declaration of what environments and API proxies to include in the product. If these aren't provided, interactive calls will prompt for the missing values, and non-interactive calls will fail.
To create a basic API product in the active Cloud Platform project by answering interactive prompts, run:
$ gcloud alpha apigee products create
To create an API product that publicly exposes all API proxies deployed to the prod environment, run:
$ gcloud alpha apigee products create kitchen-sink \ --environments=prod --all-proxies --public-access
To require manual approval of developers before they can access the new API product, run:
$ gcloud alpha apigee products create kitchen-sink \ --environments=prod --all-proxies --public-access \ --manual-approval
To hide the new API product while still making it accessible to developers, run:
$ gcloud alpha apigee products create kitchen-sink \ --environments=prod --all-proxies --private-access
To restrict the new API product to internal users only, run:
$ gcloud alpha apigee products create kitchen-sink \ --environments=prod --all-proxies --internal-access
To expose all API proxies that are deployed to a URI fragment beginning with /v1 or /v0, run:
$ gcloud alpha apigee products create legacy --all-environments \ --resources="/v0/**#/v1/**" --public-access
To expose a few specific API proxies on all URI paths where they're deployed, run:
$ gcloud alpha apigee products create consumer --environments=prod \ --apis=menu,cart,delivery-tracker --public-access
To expose only those API calls that match both a set of API proxies and a set of API resources, run:
$ gcloud alpha apigee products create legacy-consumer \ --environments=prod --apis=menu,cart,delivery-tracker \ --resources="/v0/**#/v1/**" --public-access
To impose a quota of 50 calls per half-hour on a new all-inclusive API product, and output the new API product as a JSON object, run:
$ gcloud alpha apigee products create kitchen-sink \ --environments=prod --all-proxies --public-access --quota=50 \ --quota-interval=30 --quota-unit=minute --format=json
To specify a human-friendly display name and description for the product, run:
$ gcloud alpha apigee products create consumer --environments=prod \ --apis=menu,cart,delivery-tracker --public-access \ --display-name="Consumer APIs" \ --description="APIs for the consumer side of the delivery \ network: ordering food and tracking deliveries."
- API product resource - API product to be created. Characters in a product's
internal name are restricted to: A-Za-z0-9._-$ %. The arguments in this group can be used to specify the attributes of this resource.
- INTERNAL_NAME
ID of the API product or fully qualified identifier for the API product. To set the product attribute:
provide the argument INTERNAL_NAME on the command line.
This positional argument must be specified if any of the other arguments in this group are specified.
- --organization=ORGANIZATION
Apigee organization containing the API product. If unspecified, the Cloud Platform project's associated organization will be used. To set the organization attribute:
provide the argument INTERNAL_NAME on the command line with a fully specified name;
provide the argument --organization on the command line.
- --attributes=[NAME=VALUE,...]
Key-value attribute pairs that may be used to extend the default API product profile with customer-specific metadata. Up to 17 attributes can be specified.
- --description=DESCRIPTION
Overview of the API product. Include key information about the API product that is not captured by other fields.
- --display-name=DISPLAY_NAME
Name to be displayed in the UI or developer portal to developers registering for API access.
- --manual-approval
Require manual approval of developer requests to access this API product before their consumer keys can be used. If unset, the consumer key is generated in an "approved" state and can be used immediately.
- --oauth-scopes=[SCOPE,...]
Comma-separated list of OAuth scopes that are validated at runtime. Apigee validates that the scopes in any access token presented match the scopes defined in the OAuth policy assoicated with the API product.
- At most one of these can be specified:
- --all-environments
Make all environments accessible through this API product.
- --environments=ENVIRONMENT,[ENVIRONMENT,...]
Environments to which the API product is bound. Requests to environments that are not listed are rejected, preventing developers from accessing those resources through API Proxies deployed in another environment.
For example, this can prevent resources associated with API proxies in a prod environment from also granting access to matching API proxies deployed in a test environment.
To get a list of available environments, run:
$ gcloud alpha apigee environments list
- Arguments specifying which API proxies and resources to expose.
At most one of these can be specified:
- --all-proxies
Expose all available API proxies and their resources. Must be explicitly specified if neither --apis nor --resources is provided.
- Arguments that restrict exposed API proxies. One or both of these may be
specified if --all-proxies is not:
- --apis=[API,...]
Comma-separated names of API proxies to which this API product is bound. Only those API proxies will be accessible through the new API product.
If not provided, all deployed API proxies will be included in the product, so long as they match the other parameters.
The API proxy names must already be deployed to the bound environments, or creation of the API product will fail. To get a list of deployed API proxies, run:
$ gcloud alpha apigee deployments list
To deploy an API proxy, run:
$ gcloud alpha apigee apis deploy
- --resources=RESOURCE#[RESOURCE#...]
API resources to be bundled in the API product, separated by # signs.
By default, the resource paths are mapped from the proxy.pathsuffix variable.
The proxy path suffix is defined as the URI fragment following the ProxyEndpoint base path. For example, if /forecastrss is given as an element of this list, and the base path defined for the API proxy is /weather, then only requests to /weather/forecastrss are permitted by the API product.
Proxy paths can use asterisks as wildcards; /** indicates that all sub-URIs are included, whereas a single asterisk indicates that only URIs one level down are included.
By default, / supports the same resources as /** as well as the base path defined by the API proxy.
For example, if the base path of the API proxy is /v1/weatherapikey, then the API product supports requests to /v1/weatherapikey and to any sub-URIs, such as /v1/weatherapikey/forecastrss, /v1/weatherapikey/region/CA, and so on.
If not provided, all deployed API resources will be included in the product, so long as they match the other parameters.
The API proxy resources must already be deployed to the bound environments, or creation of the API product will fail.
- At most one of these can be specified:
- --internal-access
Prevent external access to this API product.
- --private-access
Hide this API product in the developer portal but make it accessible by external developers.
- --public-access
Make this API product visible to developers in the Apigee developer portal.
- To impose a quota limit on calls to the API product, specify all of the
following:
- --quota=QUOTA
Number of request messages permitted per app by this API product for the specified --quota-interval and --quota-unit.
For example, to create an API product that allows 50 requests every twelve hours to every deployed API proxy, run:
$ gcloud alpha apigee products create PRODUCT --all-environments \ --all-proxies --public-access --quota=50 --quota-interval=12 \ --quota-unit=hour
If specified, --quota-interval and --quota-unit must be specified too.
- --quota-interval=QUOTA_INTERVAL
Time interval over which the number of request messages is calculated.
If specified, --quota and --quota-unit must be specified too.
- --quota-unit=QUOTA_UNIT
Time unit for --quota-interval.
If specified, --quota and --quota-interval must be specified too.
QUOTA_UNIT must be one of: minute, hour, day, month.
These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, --help, --impersonate-service-account, --log-http, --project, --quiet, --trace-token, --user-output-enabled, --verbosity.
Run $ gcloud help for details.
This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early access allowlist. These variants are also available:
$ gcloud apigee products create
$ gcloud beta apigee products create