gcloud alpha compute target-https-proxies create - create a target HTTPS proxy
gcloud alpha compute target-https-proxies create NAME --url-map=URL_MAP --certificate-map=CERTIFICATE_MAP [--description=DESCRIPTION] [--proxy-bind] [--quic-override=QUIC_OVERRIDE; default="NONE"] [--ssl-certificates=SSL_CERTIFICATE,[...]] [--ssl-policy=SSL_POLICY] [--global | --region=REGION] [--global-ssl-certificates | --ssl-certificates-region=SSL_CERTIFICATES_REGION] [--global-ssl-policy | --ssl-policy-region=SSL_POLICY_REGION] [--global-url-map | --url-map-region=URL_MAP_REGION] [GCLOUD_WIDE_FLAG ...]
(ALPHA) gcloud alpha compute target-https-proxies create is used to create target HTTPS proxies. A target HTTPS proxy is referenced by one or more forwarding rules which specify the network traffic that the proxy is responsible for routing. The target HTTPS proxy points to a URL map that defines the rules for routing the requests. The URL map's job is to map URLs to backend services which handle the actual requests. The target HTTPS proxy also points to at most 15 SSL certificates used for server-side authentication. The target HTTPS proxy can be associated with at most one SSL policy.
If there is an already-created URL map with the name URL_MAP and a SSL certificate named SSL_CERTIFICATE, create a global target HTTPS proxy pointing to this map by running:
$ gcloud alpha compute target-https-proxies create PROXY_NAME \ --url-map=URL_MAP --ssl-certificates=SSL_CERTIFICATE
Create a regional target HTTPS proxy by running:
$ gcloud alpha compute target-https-proxies create PROXY_NAME \ --url-map=URL_MAP --ssl-certificates=SSL_CERTIFICATE \ --region=REGION_NAME
- NAME
Name of the target HTTPS proxy to create.
- --url-map=URL_MAP
A reference to a URL map resource. A URL map defines the mapping of URLs to backend services. Before you can refer to a URL map, you must create the URL map. To delete a URL map that a target proxy is referring to, you must first delete the target HTTPS proxy.
- Certificate map resource - The certificate map to attach. This represents a
Cloud resource. (NOTE) Some attributes are not given arguments in this group but can be set in other ways. To set the project attribute:
- —
provide the argument --certificate-map on the command line with a fully specified name;
- —
provide the argument --project on the command line;
- —
set the property core/project. To set the location attribute:
- —
provide the argument --certificate-map on the command line with a fully specified name;
- —
default value of location is [global].
- --certificate-map=CERTIFICATE_MAP
ID of the certificate map or fully qualified identifier for the certificate map. To set the map attribute:
provide the argument --certificate-map on the command line.
- --description=DESCRIPTION
An optional, textual description for the target HTTPS proxy.
- --proxy-bind
This flag applies when the load_balancing_scheme of the associated backend service is INTERNAL_SELF_MANAGED. When specified, the envoy binds to the forwarding rule's IP address and port. By default, this flag is off.
- --quic-override=QUIC_OVERRIDE; default="NONE"
Controls whether load balancer may negotiate QUIC with clients. QUIC is a new transport which reduces latency compared to that of TCP. See https://www.chromium.org/quic for more details. QUIC_OVERRIDE must be one of:
- DISABLE
Disallows load balancer to negotiate QUIC with clients.
- ENABLE
Allows load balancer to negotiate QUIC with clients.
- NONE
Allows Google to control when QUIC is rolled out.
- --ssl-certificates=SSL_CERTIFICATE,[...]
References to at most 15 SSL certificate resources that are used for server-side authentication. The first SSL certificate in this list is considered the primary SSL certificate associated with the load balancer. The SSL certificates must exist and cannot be deleted while referenced by a target HTTPS proxy.
- --ssl-policy=SSL_POLICY
A reference to an SSL policy resource that defines the server-side support for SSL features and affects the connections between clients and the HTTPS proxy load balancer. The SSL policy must exist and cannot be deleted while referenced by a target HTTPS proxy.
- At most one of these can be specified:
- --global
If set, the target HTTPS proxy is global.
- --region=REGION
Region of the target HTTPS proxy to create. If not specified, you might be prompted to select a region (interactive mode only).
To avoid prompting when this flag is omitted, you can set the compute/region property:
$ gcloud config set compute/region REGION
A list of regions can be fetched by running:
$ gcloud compute regions list
To unset the property, run:
$ gcloud config unset compute/region
Alternatively, the region can be stored in the environment variable CLOUDSDK_COMPUTE_REGION.
- At most one of these can be specified:
- --global-ssl-certificates
If set, the ssl certificates are global.
- --ssl-certificates-region=SSL_CERTIFICATES_REGION
Region of the ssl certificates to operate on. If not specified, you might be prompted to select a region (interactive mode only).
To avoid prompting when this flag is omitted, you can set the compute/region property:
$ gcloud config set compute/region REGION
A list of regions can be fetched by running:
$ gcloud compute regions list
To unset the property, run:
$ gcloud config unset compute/region
Alternatively, the region can be stored in the environment variable CLOUDSDK_COMPUTE_REGION.
- At most one of these can be specified:
- --global-ssl-policy
If set, the SSL policy is global.
- --ssl-policy-region=SSL_POLICY_REGION
Region of the SSL policy to operate on. Overrides the default compute/region property value for this command invocation.
- At most one of these can be specified:
- --global-url-map
If set, the URL map is global.
- --url-map-region=URL_MAP_REGION
Region of the URL map to operate on. Overrides the default compute/region property value for this command invocation.
These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, --help, --impersonate-service-account, --log-http, --project, --quiet, --trace-token, --user-output-enabled, --verbosity.
Run $ gcloud help for details.
This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early access allowlist. These variants are also available:
$ gcloud compute target-https-proxies create
$ gcloud beta compute target-https-proxies create