NAME

gcloud compute ssl-policies create - create a new Compute Engine SSL policy

SYNOPSIS

gcloud compute ssl-policies create SSL_POLICY [--custom-features=[CUSTOM_FEATURES,...]] [--description=DESCRIPTION] [--min-tls-version=MIN_TLS_VERSION; default="1.0"] [--profile=PROFILE; default="COMPATIBLE"] [--global | --region=REGION] [GCLOUD_WIDE_FLAG ...]

DESCRIPTION

gcloud compute ssl-policies create creates a new SSL policy.

An SSL policy specifies the server-side support for SSL features. An SSL policy can be attached to a TargetHttpsProxy or a TargetSslProxy. This affects connections between clients and the HTTPS or SSL proxy load balancer. SSL policies do not affect the connection between the load balancers and the backends.

POSITIONAL ARGUMENTS

SSL_POLICY

Name of the SSL policy to create.

FLAGS

--custom-features=[CUSTOM_FEATURES,...]

A comma-separated list of custom features, required when the profile being used is CUSTOM.

Using CUSTOM profile allows customization of the features that are part of the SSL policy. This flag allows specifying those custom features.

The list of all supported custom features can be obtained using:

gcloud compute ssl-policies list-available-features

--description=DESCRIPTION

An optional, textual description for the SSL policy.

--min-tls-version=MIN_TLS_VERSION; default="1.0"

Minimum TLS version. MIN_TLS_VERSION must be one of:

1.0

TLS 1.0.

1.1

TLS 1.1.

1.2

TLS 1.2.

--profile=PROFILE; default="COMPATIBLE"

SSL policy profile. Changing profile from CUSTOM to COMPATIBLE|MODERN|RESTRICTED will clear the custom-features field. PROFILE must be one of:

COMPATIBLE

Compatible profile. Allows the broadest set of clients, even those which support only out-of-date SSL features, to negotiate SSL with the load balancer.

CUSTOM

Custom profile. Allows customization by selecting only the features which are required. The list of all available features can be obtained using:

gcloud compute ssl-policies list-available-features

MODERN

Modern profile. Supports a wide set of SSL features, allowing modern clients to negotiate SSL.

RESTRICTED

Restricted profile. Supports a reduced set of SSL features, intended to meet stricter compliance requirements.

At most one of these can be specified:
--global

If set, the SSL policy is global.

--region=REGION

Region of the SSL policy to create. Overrides the default compute/region property value for this command invocation.

GCLOUD WIDE FLAGS

These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, --help, --impersonate-service-account, --log-http, --project, --quiet, --trace-token, --user-output-enabled, --verbosity.

Run $ gcloud help for details.

NOTES

These variants are also available:

$ gcloud alpha compute ssl-policies create

$ gcloud beta compute ssl-policies create