gcloud vmware network-policies create - create a VMware Engine network policy
gcloud vmware network-policies create (NETWORK_POLICY : --location=LOCATION) --edge-services-cidr=EDGE_SERVICES_CIDR --vmware-engine-network=VMWARE_ENGINE_NETWORK [--async] [--description=DESCRIPTION] [--external-ip-access] [--internet-access] [GCLOUD_WIDE_FLAG ...]
Create a VMware Engine network policy. Only one network policy applies to a VMware Engine network per region. Check the progress of a network policy creation using gcloud vmware network-policies list.
To create a network policy called my-network-policy which connects to the VMware Engine network my-vmware-engine-network using the edge services address range 192.168.0.0/26 with the internet access service enabled and the external IP access service disabled, run:
$ gcloud vmware network-policies create my-network-policy \ --location=us-west2 --project=my-project \ --vmware-engine-network=my-vmware-engine-network \ --edge-services-cidr=192.168.0.0/26 --internet-access \ --no-external-ip-access
Or:
$ gcloud vmware network-policies create my-network-policy \ --vmware-engine-network=my-vmware-engine-network \ --edge-services-cidr=192.168.0.0/26 --internet-access
In the second example, the project and the location are taken from gcloud properties core/project and compute/region respectively. If the --external-ip-access flag is not specified, it is taken as False.
- VMware Engine Network Policy resource - network_policy. The arguments in this
group can be used to specify the attributes of this resource. (NOTE) Some attributes are not given arguments in this group but can be set in other ways. To set the project attribute:
- —
provide the argument network_policy on the command line with a fully specified name;
- —
set the property core/project;
- —
provide the argument --project on the command line.
This must be specified.
- NETWORK_POLICY
ID of the VMware Engine Network Policy or fully qualified identifier for the VMware Engine Network Policy. To set the network-policy attribute:
provide the argument network_policy on the command line.
This positional argument must be specified if any of the other arguments in this group are specified.
- --location=LOCATION
The resource name of the location. To set the location attribute:
provide the argument network_policy on the command line with a fully specified name;
provide the argument --location on the command line;
set the property compute/region.
- --edge-services-cidr=EDGE_SERVICES_CIDR
IP address range to use for internet access and external IP access gateways, in CIDR notation. An RFC 1918 CIDR block with a "/26" prefix is required.
- --vmware-engine-network=VMWARE_ENGINE_NETWORK
Resource ID of the VMware Engine network to attach the new policy to.
- --async
Return immediately, without waiting for the operation in progress to complete. The default is True. Enabled by default, use --no-async to disable.
- --description=DESCRIPTION
User-provided description of the network policy.
- --external-ip-access
Enable or disable network service that allows external IP addresses to be assigned to VMware workloads. To enable this service, internet-access must also be enabled. Use --no-external-ip-access to disable. If the flag is not provided, access to VMware workloads through external IP addresses is disabled.
- --internet-access
Enable or disable network service that allows VMware workloads to access the internet. Use --no-internet-access to disable. If the flag is not provided, internet access is disabled.
These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, --help, --impersonate-service-account, --log-http, --project, --quiet, --trace-token, --user-output-enabled, --verbosity.
Run $ gcloud help for details.