gcloud alpha compute networks subnets update - updates properties of an existing Compute Engine subnetwork
gcloud alpha compute networks subnets update NAME [--add-secondary-ranges-with-reserved-internal-range=RANGE_NAME=INTERNAL_RANGE_URL,[...]] [--aggregation-interval=AGGREGATION_INTERVAL] [--drain-timeout=DRAIN_TIMEOUT; default="0s"] [--flow-sampling=FLOW_SAMPLING] [--ipv6-access-type=IPV6_ACCESS_TYPE] [--logging-aggregation-interval=LOGGING_AGGREGATION_INTERVAL] [--logging-filter-expr=LOGGING_FILTER_EXPR] [--logging-flow-sampling=LOGGING_FLOW_SAMPLING] [--logging-metadata=LOGGING_METADATA] [--logging-metadata-fields=[METADATA_FIELD,...]] [--metadata=METADATA] [--region=REGION] [--stack-type=STACK_TYPE] [--add-secondary-ranges=PROPERTY=VALUE,[...] | --[no-]enable-flow-logs | --[no-]enable-private-ip-google-access | --private-ipv6-google-access-type=PRIVATE_IPV6_GOOGLE_ACCESS_TYPE | --purpose=PURPOSE | --remove-secondary-ranges=PROPERTY=VALUE,[...] | --role=ROLE] [GCLOUD_WIDE_FLAG ...]
(ALPHA) gcloud alpha compute networks subnets update is used to update properties of an existing Compute Engine subnetwork.
To enable external IPv6 addresses on the subnetwork example-subnet-1 in network-1, run
$ gcloud alpha compute networks subnets update example-subnet-1 \ --stack-type=IPV4_IPV6 --ipv6-access-type=EXTERNAL \ --region=REGION
- NAME
Name of the subnetwork to update.
- --add-secondary-ranges-with-reserved-internal-range=RANGE_NAME=INTERNAL_RANGE_URL,[...]
Adds secondary IP ranges that are associated with InternalRange resources.
For example, --add-secondary-ranges-with-reserved-internal-range range1=//networkconnectivity.googleapis.com/projects/PROJECT/locations/global/internalRanges/RANGE adds a secondary range with the reserved internal range resource.
- —
RANGE_NAME - Name of the secondary range.
- —
INTERNAL_RANGE_URL - URL of an InternalRange resource.
- --aggregation-interval=AGGREGATION_INTERVAL
Can only be specified if VPC Flow Logs for this subnetwork is enabled. Toggles the aggregation interval for collecting flow logs. Increasing the interval time will reduce the amount of generated flow logs for long lasting connections. Default is an interval of 5 seconds per connection. AGGREGATION_INTERVAL must be one of: interval-10-min, interval-15-min, interval-1-min, interval-30-sec, interval-5-min, interval-5-sec.
- --drain-timeout=DRAIN_TIMEOUT; default="0s"
The time period for draining traffic from Internal HTTP(S) Load Balancer proxies that are assigned addresses in the current ACTIVE subnetwork. For example, 1h, 60m and 3600s each specify a duration of 1 hour for draining the traffic. Longer times reduce the number of proxies that are draining traffic at any one time, and so improve the availability of proxies for load balancing. The drain timeout is only applicable when the [--role=ACTIVE] flag is being used.
- --flow-sampling=FLOW_SAMPLING
Can only be specified if VPC Flow Logs for this subnetwork is enabled. The value of the field must be in [0, 1]. Set the sampling rate of VPC Flow Logs within the subnetwork where 1.0 means all collected logs are reported and 0.0 means no logs are reported. Default is 0.5 which means half of all collected logs are reported.
- --ipv6-access-type=IPV6_ACCESS_TYPE
IPv6 access type can be specified only when the subnet is created, or when the subnet is first updated to have a stack type of IPV4_IPV6. Once set, the access type is immutable. IPV6_ACCESS_TYPE must be one of:
- EXTERNAL
VMs in this subnet can have external IPv6.
- INTERNAL
VMs in this subnet can have internal IPv6.
- --logging-aggregation-interval=LOGGING_AGGREGATION_INTERVAL
Can only be specified if VPC Flow Logs for this subnetwork is enabled. Toggles the aggregation interval for collecting flow logs. Increasing the interval time will reduce the amount of generated flow logs for long lasting connections. Default is an interval of 5 seconds per connection. LOGGING_AGGREGATION_INTERVAL must be one of: interval-10-min, interval-15-min, interval-1-min, interval-30-sec, interval-5-min, interval-5-sec.
- --logging-filter-expr=LOGGING_FILTER_EXPR
Can only be specified if VPC Flow Logs for this subnetwork is enabled. Export filter used to define which logs should be generated.
- --logging-flow-sampling=LOGGING_FLOW_SAMPLING
Can only be specified if VPC Flow logs for this subnetwork is enabled. The value of the field must be in [0, 1]. Set the sampling rate of VPC flow logs within the subnetwork where 1.0 means all collected logs are reported and 0.0 means no logs are reported. Default is 0.5 which means half of all collected logs are reported.
- --logging-metadata=LOGGING_METADATA
Can only be specified if VPC Flow Logs for this subnetwork is enabled. Configures whether metadata fields should be added to the reported logs. Default is to exclude all metadata. LOGGING_METADATA must be one of: custom, exclude-all, include-all.
- --logging-metadata-fields=[METADATA_FIELD,...]
Can only be specified if VPC Flow Logs for this subnetwork is enabled and "metadata" is set to CUSTOM_METADATA. The comma-separated list of metadata fields that should be added to reported logs.
- --metadata=METADATA
Can only be specified if VPC Flow Logs for this subnetwork is enabled. Configures whether metadata fields should be added to the reported logs. Default is to exclude all metadata. METADATA must be one of: exclude-all-metadata, include-all-metadata.
- --region=REGION
Region of the subnetwork to update. If not specified, you might be prompted to select a region (interactive mode only).
To avoid prompting when this flag is omitted, you can set the compute/region property:
$ gcloud config set compute/region REGION
A list of regions can be fetched by running:
$ gcloud compute regions list
To unset the property, run:
$ gcloud config unset compute/region
Alternatively, the region can be stored in the environment variable CLOUDSDK_COMPUTE_REGION.
- --stack-type=STACK_TYPE
The stack type for this subnet. Determines if IPv6 is enabled on the subnet. STACK_TYPE must be one of:
- IPV4_IPV6
New VMs in this subnet can have both IPv4 and IPv6 addresses
- IPV4_ONLY
New VMs in this subnet will only be assigned IPv4 addresses
- At most one of these can be specified:
- --add-secondary-ranges=PROPERTY=VALUE,[...]
Adds secondary IP ranges to the subnetwork for use in IP aliasing.
For example, --add-secondary-ranges range1=192.168.64.0/24 adds a secondary range 192.168.64.0/24 with name range1.
RANGE_NAME - Name of the secondary range.
RANGE - IP range in CIDR format.
- --[no-]enable-flow-logs
Enable/disable VPC Flow Logs for this subnet. If the subnet does not support VPC Flow Logs, this flag has no effect. For more information, see https://cloud.google.com/vpc/docs/using-flow-logs. Use --enable-flow-logs to enable and --no-enable-flow-logs to disable.
- --[no-]enable-private-ip-google-access
Enable/disable access to Google Cloud APIs from this subnet for instances without a public ip address. Use --enable-private-ip-google-access to enable and --no-enable-private-ip-google-access to disable.
- --private-ipv6-google-access-type=PRIVATE_IPV6_GOOGLE_ACCESS_TYPE
The private IPv6 google access type for the VMs in this subnet. PRIVATE_IPV6_GOOGLE_ACCESS_TYPE must be one of: disable, enable-bidirectional-access, enable-outbound-vm-access.
- --purpose=PURPOSE
The purpose of the subnetwork is set to REGIONAL_MANAGED_PROXY to migrate from the INTERNAL_HTTPS_LOAD_BALANCER purpose. PURPOSE must be (currently only one value is supported):
- REGIONAL_MANAGED_PROXY
The proxy-only subnet for regional HTTP(S) load balancers.
- --remove-secondary-ranges=PROPERTY=VALUE,[...]
Removes secondary ranges from the subnetwork.
For example, --remove-secondary-ranges range2,range3 removes the secondary ranges with names range2 and range3.
- --role=ROLE
The role is set to ACTIVE to update a BACKUP reserved address range to be the new ACTIVE address range. Note that the only supported value for this flag is ACTIVE since setting an address range to BACKUP is not supported.
This field is only valid when updating a reserved IP address range used for the purpose of Internal HTTP(S) Load Balancer.
ROLE must be (currently only one value is supported):
- ACTIVE
The ACTIVE subnet that is currently used.
These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, --help, --impersonate-service-account, --log-http, --project, --quiet, --trace-token, --user-output-enabled, --verbosity.
Run $ gcloud help for details.
This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early access allowlist. These variants are also available:
$ gcloud compute networks subnets update
$ gcloud beta compute networks subnets update