- INFORMATION
- 
gcloud network-security firewall-endpoint-associations createis not available in universe domainuniverse.
- NAME
- 
- gcloud network-security firewall-endpoint-associations create - create a Firewall Plus endpoint association
 
- SYNOPSIS
- 
- 
gcloud network-security firewall-endpoint-associations create[ASSOCIATION_ID]--network=NETWORK--zone=ZONE(--endpoint=ENDPOINT:--endpoint-zone=ENDPOINT_ZONE--organization=ORGANIZATION) [--async] [--labels=[KEY=VALUE,…]] [--max-wait=MAX_WAIT; default="60m"] [--tls-inspection-policy=TLS_INSPECTION_POLICY:--tls-inspection-policy-project=TLS_INSPECTION_POLICY_PROJECT--tls-inspection-policy-region=TLS_INSPECTION_POLICY_REGION] [GCLOUD_WIDE_FLAG …]
 
- 
- DESCRIPTION
- 
Associate the specified network with the firewall endpoint. Successful creation
of a firewall endpoint association results in an association in READY state.
Check the progress of association creation by using gcloud network-security firewall-endpoint-associations list.For more examples, refer to the EXAMPLES section below. 
- EXAMPLES
- 
To associate a network with a firewall endpoint, run:
gcloud network-security firewall-endpoint-associations create --network=projects/my-project/networks/global/myNetwork --endpoint=organizations/1234/locations/us-central1-a/firewallEndpoints/my-endpoint --zone=us-central1-a --project=my-project
- POSITIONAL ARGUMENTS
- 
- [ASSOCIATION_ID]
- Name to give the association. If not specified, an auto-generated UUID will be used.
 
- [
- REQUIRED FLAGS
- 
- 
Network resource - Firewall Plus. This represents a Cloud resource. (NOTE) Some
attributes are not given arguments in this group but can be set in other ways.
To set the projectattribute:- 
provide the argument --networkon the command line with a fully specified name;
- 
provide the argument --projecton the command line;
- 
set the property core/project.
 This must be specified. - --network=- NETWORK
- 
ID of the network or fully qualified identifier for the network.
To set the network-nameattribute:- 
provide the argument --networkon the command line.
 
- 
provide the argument 
 
- 
provide the argument 
- --zone=- ZONE
- Zone of a firewall endpoint association
- 
Firewall endpoint resource - Firewall Plus. The arguments in this group can be
used to specify the attributes of this resource.
This must be specified. - --endpoint=- ENDPOINT
- 
ID of the firewall endpoint or fully qualified identifier for the firewall
endpoint.
To set the endpoint-nameattribute:- 
provide the argument --endpointon the command line.
 This flag argument must be specified if any of the other arguments in this group are specified. 
- 
provide the argument 
- --endpoint-zone=- ENDPOINT_ZONE
- 
Zone of the firewall endpoint.
To set the endpoint-zoneattribute:- 
provide the argument --endpointon the command line with a fully specified name;
- 
provide the argument --endpoint-zoneon the command line;
- 
provide the argument --zoneon the command line;
- 
provide the argument FIREWALL_ENDPOINT_ASSOCIATIONon the command line with a fully specified name.
 
- 
provide the argument 
- --organization=- ORGANIZATION
- 
Organization ID to which the changes should apply.
To set the organizationattribute:- 
provide the argument --endpointon the command line with a fully specified name;
- 
provide the argument --organizationon the command line.
 
- 
provide the argument 
 
 
- 
Network resource - Firewall Plus. This represents a Cloud resource. (NOTE) Some
attributes are not given arguments in this group but can be set in other ways.
- OPTIONAL FLAGS
- 
- --async
- 
Return immediately, without waiting for the operation in progress to complete.
The default is True. Enabled by default, use--no-asyncto disable.
- --labels=[- KEY=- VALUE,…]
- 
List of label KEY=VALUE pairs to add.
Keys must start with a lowercase character and contain only hyphens ( -), underscores (_), lowercase characters, and numbers. Values must contain only hyphens (-), underscores (_), lowercase characters, and numbers.
- --max-wait=- MAX_WAIT; default="60m"
- Time to synchronously wait for the operation to complete, after which the operation continues asynchronously. Ignored if --no-async isn't specified. See $ gcloud topic datetimes for information on time formats.
- 
TLS Inspection Policy resource - Path to TLS Inspection Policy configuration to
use for intercepting TLS-encrypted traffic in this network. The arguments in
this group can be used to specify the attributes of this resource.
- --tls-inspection-policy=- TLS_INSPECTION_POLICY
- 
ID of the TLS Inspection Policy or fully qualified identifier for the TLS
Inspection Policy.
To set the tls_inspection_policyattribute:- 
provide the argument --tls-inspection-policyon the command line.
 This flag argument must be specified if any of the other arguments in this group are specified. 
- 
provide the argument 
- --tls-inspection-policy-project=- TLS_INSPECTION_POLICY_PROJECT
- 
Project of the TLS Inspection Policy.
To set the tls-inspection-policy-projectattribute:- 
provide the argument --tls-inspection-policyon the command line with a fully specified name;
- 
provide the argument --tls-inspection-policy-projecton the command line;
- 
provide the argument --projecton the command line;
- 
provide the argument FIREWALL_ENDPOINT_ASSOCIATIONon the command line with a fully specified name.
 
- 
provide the argument 
- --tls-inspection-policy-region=- TLS_INSPECTION_POLICY_REGION
- 
Region of the TLS Inspection Policy. NOTE: TLS Inspection Policy needs to be in
the same region as Firewall Plus endpoint resource.
To set the tls-inspection-policy-regionattribute:- 
provide the argument --tls-inspection-policyon the command line with a fully specified name;
- 
provide the argument --tls-inspection-policy-regionon the command line.
 
- 
provide the argument 
 
 
- GCLOUD WIDE FLAGS
- 
These flags are available to all commands: --access-token-file,--account,--billing-project,--configuration,--flags-file,--flatten,--format,--help,--impersonate-service-account,--log-http,--project,--quiet,--trace-token,--user-output-enabled,--verbosity.Run $ gcloud helpfor details.
- NOTES
- 
These variants are also available:
gcloud alpha network-security firewall-endpoint-associations creategcloud beta network-security firewall-endpoint-associations create
      gcloud network-security firewall-endpoint-associations create
  
  
  Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2025-05-07 UTC.
  
  
    
      [[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Missing the information I need","missingTheInformationINeed","thumb-down"],["Too complicated / too many steps","tooComplicatedTooManySteps","thumb-down"],["Out of date","outOfDate","thumb-down"],["Samples / code issue","samplesCodeIssue","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-05-07 UTC."],[],[]]