gcloud compute forwarding-rules create <NAME>

Create a forwarding rule to direct network traffic to a load balancer

Arguments

NameDescription
NAMEName of the forwarding rule to create

Options

NameDescription
--account <ACCOUNT>Google Cloud Platform user account to use for invocation. Overrides the default *core/account* property value for this command invocation
--address <ADDRESS>IP address that the forwarding rule serves. When a client sends traffic to this IP address, the forwarding rule directs the traffic to the target that you specify in the forwarding rule. + If you don't specify a reserved IP address, an ephemeral IP address is assigned. You can specify the IP address as a literal IP address or a reference to an existing Address resource. The following examples are all valid: - 100.1.2.3 - https://compute.googleapis.com/compute/v1/projects/project-1/regions/us-central1/addresses/address-1 - projects/project-1/regions/us-central1/addresses/address-1 - regions/us-central1/addresses/address-1 - global/addresses/address-1 - address-1 + The load-balancing-scheme ((EXTERNAL, INTERNAL, INTERNAL_MANAGED, INTERNAL_MANAGED)) and the forwarding rule's target determine the type of IP address that you can use. The address type must be external for load-balancing-scheme EXTERNAL, and for the other load-balancing-schemes the address must be internal. For detailed information, refer to https://cloud.google.com/load-balancing/docs/forwarding-rule-concepts#ip_address_specifications
--address-region <ADDRESS_REGION>Region of the address to operate on. If not specified, you may be prompted to select a region. + To avoid prompting when this flag is omitted, you can set the ``compute/region'' property: + $ gcloud config set compute/region REGION + A list of regions can be fetched by running: + $ gcloud compute regions list + To unset the property, run: + $ gcloud config unset compute/region + Alternatively, the region can be stored in the environment variable ``CLOUDSDK_COMPUTE_REGION''
--allow-global-accessIf True, then clients from all regions can access this internal forwarding rule. This can only be specified for forwarding rules with the LOAD_BALANCING_SCHEME set to INTERNAL and the target must be either a backend service or a target instance
--backend-service <BACKEND_SERVICE>Target backend service that receives the traffic
--backend-service-region <BACKEND_SERVICE_REGION>Region of the backend service to operate on. If not specified, the region is set to the region of the forwarding rule. Overrides the default *compute/region* property value for this command invocation
--billing-project <BILLING_PROJECT>The Google Cloud Platform project that will be charged quota for operations performed in gcloud. If you need to operate on one project, but need quota against a different project, you can use this flag to specify the billing project. If both `billing/quota_project` and `--billing-project` are specified, `--billing-project` takes precedence. Run `$ gcloud config set --help` to see more information about `billing/quota_project`
--configuration <CONFIGURATION>The configuration to use for this command invocation. For more information on how to use configurations, run: `gcloud topic configurations`. You can also use the CLOUDSDK_ACTIVE_CONFIG_NAME environment variable to set the equivalent of this flag for a terminal session
--description <DESCRIPTION>Optional textual description for the forwarding rule
--flags-file <YAML_FILE>A YAML or JSON file that specifies a *--flag*:*value* dictionary. Useful for specifying complex flag values with special characters that work with any command interpreter. Additionally, each *--flags-file* arg is replaced by its constituent flags. See $ gcloud topic flags-file for more information
--flatten <KEY>Flatten _name_[] output resource slices in _KEY_ into separate records for each item in each slice. Multiple keys and slices may be specified. This also flattens keys for *--format* and *--filter*. For example, *--flatten=abc.def* flattens *abc.def[].ghi* references to *abc.def.ghi*. A resource record containing *abc.def[]* with N elements will expand to N records in the flattened output. This flag interacts with other flags that are applied in this order: *--flatten*, *--sort-by*, *--filter*, *--limit*
--format <FORMAT>Set the format for printing command output resources. The default is a command-specific human-friendly output format. The supported formats are: `config`, `csv`, `default`, `diff`, `disable`, `flattened`, `get`, `json`, `list`, `multi`, `none`, `object`, `table`, `text`, `value`, `yaml`. For more details run $ gcloud topic formats
--globalIf set, the forwarding rule is global
--global-addressIf set, the address is global
--global-backend-serviceIf set, the backend service is global
--global-target-http-proxyIf set, the http proxy is global
--global-target-https-proxyIf set, the https proxy is global
--helpDisplay detailed help
--impersonate-service-account <SERVICE_ACCOUNT_EMAIL>For this gcloud invocation, all API requests will be made as the given service account instead of the currently selected account. This is done without needing to create, download, and activate a key for the account. In order to perform operations as the service account, your currently selected account must have an IAM role that includes the iam.serviceAccounts.getAccessToken permission for the service account. The roles/iam.serviceAccountTokenCreator role has this permission or you may create a custom role. Overrides the default *auth/impersonate_service_account* property value for this command invocation
--ip-protocol <IP_PROTOCOL>IP protocol that the rule will serve. The default is `TCP`. + Note that if the load-balancing scheme is `INTERNAL`, the protocol must be one of: `TCP`, `UDP`. + For a load-balancing scheme that is `EXTERNAL`, all IP_PROTOCOL options are valid. + _IP_PROTOCOL_ must be one of: *AH*, *ESP*, *ICMP*, *SCTP*, *TCP*, *UDP*
--ip-version <IP_VERSION>Version of the IP address to be allocated if no --address is given. The default is IPv4. _IP_VERSION_ must be one of: *IPV4*, *IPV6*
--is-mirroring-collectorIf set, this forwarding rule can be used as a collector for packet mirroring. This can only be specified for forwarding rules with the LOAD_BALANCING_SCHEME set to INTERNAL
--load-balancing-scheme <LOAD_BALANCING_SCHEME>This defines the forwarding rule's load balancing scheme. _LOAD_BALANCING_SCHEME_ must be one of: + *EXTERNAL*::: External load balancing or forwarding, used with one of --target-http-proxy, --target-https-proxy, --target-tcp-proxy, --target-ssl-proxy, --target-pool, --target-vpn-gateway, --target-instance. *INTERNAL*::: Internal load balancing or forwarding, used with --backend-service. *INTERNAL_MANAGED*::: Internal HTTP(S) Load Balancing, used with --target-http-proxy, --target-https-proxy. *INTERNAL_SELF_MANAGED*::: Traffic director load balancing or forwarding, used with --target-http-proxy, --target-https-proxy, --target-grpc-proxy. ::: +
--log-httpLog all HTTP server requests and responses to stderr. Overrides the default *core/log_http* property value for this command invocation
--network <NETWORK>(Only for --load-balancing-scheme=INTERNAL or --load-balancing-scheme=INTERNAL_SELF_MANAGED or --load-balancing-scheme=INTERNAL_MANAGED) Network that this forwarding rule applies to. If this field is not specified, the default network is used. In the absence of the default network, this field must be specified
--network-tier <NETWORK_TIER>Network tier to assign to the forwarding rules. ``NETWORK_TIER'' must be one of: `PREMIUM`, `STANDARD`. The default value is `PREMIUM`
--port-range <[PORT | START_PORT-END_PORT]>DEPRECATED, use --ports. If specified, only packets addressed to ports in the specified range are forwarded. For more information, refer to https://cloud.google.com/load-balancing/docs/forwarding-rule-concepts#port_specifications
--ports <ALL | [PORT | START_PORT-END_PORT],[...]>List of comma-separated ports. The forwarding rule forwards packets with matching destination ports. Port specification requirements vary depending on the load-balancing scheme and target. For more information, refer to https://cloud.google.com/load-balancing/docs/forwarding-rule-concepts#port_specifications
--project <PROJECT_ID>The Google Cloud Platform project ID to use for this invocation. If omitted, then the current project is assumed; the current project can be listed using `gcloud config list --format='text(core.project)'` and can be set using `gcloud config set project PROJECTID`. + `--project` and its fallback `core/project` property play two roles in the invocation. It specifies the project of the resource to operate on. It also specifies the project for API enablement check, quota, and billing. To specify a different project for quota and billing, use `--billing-project` or `billing/quota_project` property
--quietDisable all interactive prompts when running gcloud commands. If input is required, defaults will be used, or an error will be raised. Overrides the default core/disable_prompts property value for this command invocation. This is equivalent to setting the environment variable `CLOUDSDK_CORE_DISABLE_PROMPTS` to 1
--region <REGION>Region of the forwarding rule to create. If not specified, you may be prompted to select a region. + To avoid prompting when this flag is omitted, you can set the ``compute/region'' property: + $ gcloud config set compute/region REGION + A list of regions can be fetched by running: + $ gcloud compute regions list + To unset the property, run: + $ gcloud config unset compute/region + Alternatively, the region can be stored in the environment variable ``CLOUDSDK_COMPUTE_REGION''
--service-label <SERVICE_LABEL>(Only for Internal Load Balancing): https://cloud.google.com/load-balancing/docs/dns-names/ The DNS label to use as the prefix of the fully qualified domain name for this forwarding rule. The full name will be internally generated and output as dnsName. If this field is not specified, no DNS record will be generated and no DNS name will be output. You cannot use the `--service-label` flag if the forwarding rule references an internal IP address that has the `--purpose=SHARED_LOADBALANCER_VIP` flag set
--subnet <SUBNET>(Only for --load-balancing-scheme=INTERNAL and --load-balancing-scheme=INTERNAL_MANAGED) Subnetwork that this forwarding rule applies to. If the network is auto mode, this flag is optional. If the network is custom mode, this flag is required
--subnet-region <SUBNET_REGION>Region of the subnetwork to operate on. If not specified, the region is set to the region of the forwarding rule. Overrides the default *compute/region* property value for this command invocation
--target-grpc-proxy <TARGET_GRPC_PROXY>Target gRPC proxy that receives the traffic
--target-http-proxy <TARGET_HTTP_PROXY>Target HTTP proxy that receives the traffic. Acceptable values for --ports flag are: 80, 8080
--target-http-proxy-region <TARGET_HTTP_PROXY_REGION>Region of the http proxy to operate on. If not specified, you may be prompted to select a region. + To avoid prompting when this flag is omitted, you can set the ``compute/region'' property: + $ gcloud config set compute/region REGION + A list of regions can be fetched by running: + $ gcloud compute regions list + To unset the property, run: + $ gcloud config unset compute/region + Alternatively, the region can be stored in the environment variable ``CLOUDSDK_COMPUTE_REGION''
--target-https-proxy <TARGET_HTTPS_PROXY>Target HTTPS proxy that receives the traffic. Acceptable values for --ports flag are: 443
--target-https-proxy-region <TARGET_HTTPS_PROXY_REGION>Region of the https proxy to operate on. If not specified, you may be prompted to select a region. + To avoid prompting when this flag is omitted, you can set the ``compute/region'' property: + $ gcloud config set compute/region REGION + A list of regions can be fetched by running: + $ gcloud compute regions list + To unset the property, run: + $ gcloud config unset compute/region + Alternatively, the region can be stored in the environment variable ``CLOUDSDK_COMPUTE_REGION''
--target-instance <TARGET_INSTANCE>Name of the target instance that receives the traffic. The target instance must be in a zone in the forwarding rule's region. Global forwarding rules cannot direct traffic to target instances. If not specified and the ``compute/zone'' property isn't set, you may be prompted to select a zone. + To avoid prompting when this flag is omitted, you can set the ``compute/zone'' property: + $ gcloud config set compute/zone ZONE + A list of zones can be fetched by running: + $ gcloud compute zones list + To unset the property, run: + $ gcloud config unset compute/zone + Alternatively, the zone can be stored in the environment variable ``CLOUDSDK_COMPUTE_ZONE''
--target-instance-zone <TARGET_INSTANCE_ZONE>Zone of the target instance to operate on. Overrides the default *compute/zone* property value for this command invocation
--target-pool <TARGET_POOL>Target pool that receives the traffic. The target pool must be in the same region as the forwarding rule. Global forwarding rules cannot direct traffic to target pools
--target-pool-region <TARGET_POOL_REGION>Region of the target pool to operate on. If not specified, the region is set to the region of the forwarding rule. Overrides the default *compute/region* property value for this command invocation
--target-ssl-proxy <TARGET_SSL_PROXY>Target SSL proxy that receives the traffic. Acceptable values for --ports flag are: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1883, 5222
--target-tcp-proxy <TARGET_TCP_PROXY>Target TCP proxy that receives the traffic. Acceptable values for --ports flag are: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1883, 5222
--target-vpn-gateway <TARGET_VPN_GATEWAY>Target VPN gateway (Cloud VPN Classic gateway) that receives forwardedtraffic. Acceptable values for --ports flag are: 500, 4500
--target-vpn-gateway-region <TARGET_VPN_GATEWAY_REGION>Region of the VPN gateway to operate on. If not specified, the region is set to the region of the forwarding rule. Overrides the default *compute/region* property value for this command invocation
--trace-token <TRACE_TOKEN>Token used to route traces of service requests for investigation of issues. Overrides the default *core/trace_token* property value for this command invocation
--user-output-enabledPrint user intended output to the console. Overrides the default *core/user_output_enabled* property value for this command invocation. Use *--no-user-output-enabled* to disable
--verbosity <VERBOSITY>Override the default verbosity for this command. Overrides the default *core/verbosity* property value for this command invocation. _VERBOSITY_ must be one of: *debug*, *info*, *warning*, *error*, *critical*, *none*