gcloud alpha services vpc-peerings enable-vpc-service-controls - enable VPC Service Controls for the peering connection
gcloud alpha services vpc-peerings enable-vpc-service-controls --network=NETWORK [--async] [--service=SERVICE; default="servicenetworking.googleapis.com"] [GCLOUD_WIDE_FLAG ...]
(ALPHA) This command enables VPC Service Controls for the peering connection.
The local default route (destination 0.0.0.0/0, next hop default internet gateway) is deleted in the service producer VPC network. After deletion, the service producer VPC network can import a custom default route from the peering connection to the customer VPC network. This requires that the customer VPC network be configured to export custom routes. The custom default route cannot have an associated network tag.
To enable VPC Service Controls for a connection peering a network called my-network on the current project to a service called your-service, run:
$ gcloud alpha services vpc-peerings enable-vpc-service-controls \ --network=my-network --service=your-service
To run the same command asynchronously (non-blocking), run:
$ gcloud alpha services vpc-peerings enable-vpc-service-controls \ --network=my-network --service=your-service --async
- --network=NETWORK
The network in the current project that is peered with the service.
- --async
Return immediately, without waiting for the operation in progress to complete.
- --service=SERVICE; default="servicenetworking.googleapis.com"
The service to enable VPC service controls for.
These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, --help, --impersonate-service-account, --log-http, --project, --quiet, --trace-token, --user-output-enabled, --verbosity.
Run $ gcloud help for details.
This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early access allowlist. These variants are also available:
$ gcloud services vpc-peerings enable-vpc-service-controls
$ gcloud beta services vpc-peerings enable-vpc-service-controls