Creates a new Connection in a given project and location.

Scopes

You will need authorization for the https://www.googleapis.com/auth/cloud-platform scope to make a valid call.

If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform. You can set the scope for this method like this: connectors1 --scope <scope> projects locations-connections-create ...

Required Scalar Argument

  • <parent> (string)
    • Required. Parent resource of the Connection, of the form: projects/*/locations/*

Required Request Value

The request value is a data-structure with various fields. Each field may be a simple scalar or another data-structure. In the latter case it is advised to set the field-cursor to the data-structure's field to specify values more concisely.

For example, a structure like this:

Connection:
  auth-config:
    auth-key: string
    auth-type: string
    oauth2-auth-code-flow:
      auth-code: string
      auth-uri: string
      client-id: string
      client-secret:
        secret-version: string
      enable-pkce: boolean
      pkce-verifier: string
      redirect-uri: string
      scopes: [string]
    oauth2-client-credentials:
      client-id: string
      client-secret:
        secret-version: string
    oauth2-jwt-bearer:
      client-key:
        secret-version: string
      jwt-claims:
        audience: string
        issuer: string
        subject: string
    ssh-public-key:
      cert-type: string
      ssh-client-cert:
        secret-version: string
      ssh-client-cert-pass:
        secret-version: string
      username: string
    user-password:
      password:
        secret-version: string
      username: string
  connection-revision: string
  connector-version: string
  connector-version-infra-config:
    connection-ratelimit-window-seconds: string
    deployment-model: string
    hpa-config:
      cpu-utilization-threshold: string
      memory-utilization-threshold: string
    internalclient-ratelimit-threshold: string
    ratelimit-threshold: string
    resource-limits:
      cpu: string
      memory: string
    resource-requests:
      cpu: string
      memory: string
    shared-deployment: string
  connector-version-launch-stage: string
  create-time: string
  description: string
  envoy-image-location: string
  eventing-config:
    auth-config:
      auth-key: string
      auth-type: string
      oauth2-auth-code-flow:
        auth-code: string
        auth-uri: string
        client-id: string
        client-secret:
          secret-version: string
        enable-pkce: boolean
        pkce-verifier: string
        redirect-uri: string
        scopes: [string]
      oauth2-client-credentials:
        client-id: string
        client-secret:
          secret-version: string
      oauth2-jwt-bearer:
        client-key:
          secret-version: string
        jwt-claims:
          audience: string
          issuer: string
          subject: string
      ssh-public-key:
        cert-type: string
        ssh-client-cert:
          secret-version: string
        ssh-client-cert-pass:
          secret-version: string
        username: string
      user-password:
        password:
          secret-version: string
        username: string
    dead-letter-config:
      project-id: string
      topic: string
    enrichment-enabled: boolean
    events-listener-ingress-endpoint: string
    listener-auth-config:
      auth-key: string
      auth-type: string
      oauth2-auth-code-flow:
        auth-code: string
        auth-uri: string
        client-id: string
        client-secret:
          secret-version: string
        enable-pkce: boolean
        pkce-verifier: string
        redirect-uri: string
        scopes: [string]
      oauth2-client-credentials:
        client-id: string
        client-secret:
          secret-version: string
      oauth2-jwt-bearer:
        client-key:
          secret-version: string
        jwt-claims:
          audience: string
          issuer: string
          subject: string
      ssh-public-key:
        cert-type: string
        ssh-client-cert:
          secret-version: string
        ssh-client-cert-pass:
          secret-version: string
        username: string
      user-password:
        password:
          secret-version: string
        username: string
    private-connectivity-enabled: boolean
    proxy-destination-config:
      key: string
    registration-destination-config:
      key: string
  eventing-enablement-type: string
  eventing-runtime-data:
    events-listener-endpoint: string
    events-listener-psc-sa: string
    status:
      description: string
      state: string
  image-location: string
  is-trusted-tester: boolean
  labels: { string: string }
  lock-config:
    locked: boolean
    reason: string
  log-config:
    enabled: boolean
  name: string
  node-config:
    max-node-count: integer
    min-node-count: integer
  service-account: string
  service-directory: string
  ssl-config:
    client-cert-type: string
    client-certificate:
      secret-version: string
    client-private-key:
      secret-version: string
    client-private-key-pass:
      secret-version: string
    private-server-certificate:
      secret-version: string
    server-cert-type: string
    trust-model: string
    type: string
    use-ssl: boolean
  status:
    description: string
    state: string
    status: string
  subscription-type: string
  suspended: boolean
  update-time: string

can be set completely with the following arguments which are assumed to be executed in the given order. Note how the cursor position is adjusted to the respective structures, allowing simple field names to be used most of the time.

  • -r .auth-config auth-key=et
    • Identifier key for auth config
  • auth-type=magna
    • The type of authentication configured.
  • oauth2-auth-code-flow auth-code=no
    • Authorization code to be exchanged for access and refresh tokens.
  • auth-uri=ipsum
    • Auth URL for Authorization Code Flow
  • client-id=voluptua.
    • Client ID for user-provided OAuth app.
  • client-secret secret-version=at

    • The resource name of the secret version in the format, format as: projects/*/secrets/*/versions/*.
  • .. enable-pkce=false

    • Whether to enable PKCE when the user performs the auth code flow.
  • pkce-verifier=amet.
    • PKCE verifier to be used during the auth code exchange.
  • redirect-uri=takimata
    • Redirect URI to be provided during the auth code exchange.
  • scopes=amet.

    • Scopes the connection will request when the user performs the auth code flow.
    • Each invocation of this argument appends the given value to the array.
  • ..oauth2-client-credentials client-id=duo

    • The client identifier.
  • client-secret secret-version=ipsum

    • The resource name of the secret version in the format, format as: projects/*/secrets/*/versions/*.
  • ...oauth2-jwt-bearer.client-key secret-version=gubergren

    • The resource name of the secret version in the format, format as: projects/*/secrets/*/versions/*.
  • ..jwt-claims audience=lorem

    • Value for the "aud" claim.
  • issuer=gubergren
    • Value for the "iss" claim.
  • subject=eos

    • Value for the "sub" claim.
  • ...ssh-public-key cert-type=dolor

    • Format of SSH Client cert.
  • ssh-client-cert secret-version=ea

    • The resource name of the secret version in the format, format as: projects/*/secrets/*/versions/*.
  • ..ssh-client-cert-pass secret-version=ipsum

    • The resource name of the secret version in the format, format as: projects/*/secrets/*/versions/*.
  • .. username=invidunt

    • The user account used to authenticate.
  • ..user-password.password secret-version=amet

    • The resource name of the secret version in the format, format as: projects/*/secrets/*/versions/*.
  • .. username=duo

    • Username.
  • ... connection-revision=ipsum

    • Output only. Connection revision. This field is only updated when the connection is created or updated by User.
  • connector-version=sed
    • Required. Connector version on which the connection is created. The format is: projects//locations//providers//connectors//versions/* Only global location is supported for ConnectorVersion resource.
  • connector-version-infra-config connection-ratelimit-window-seconds=ut
    • Output only. The window used for ratelimiting runtime requests to connections.
  • deployment-model=gubergren
    • Optional. Indicates whether connector is deployed on GKE/CloudRun
  • hpa-config cpu-utilization-threshold=rebum.
    • Output only. Percent CPU utilization where HPA triggers autoscaling.
  • memory-utilization-threshold=est

    • Output only. Percent Memory utilization where HPA triggers autoscaling.
  • .. internalclient-ratelimit-threshold=ipsum

    • Output only. Max QPS supported for internal requests originating from Connd.
  • ratelimit-threshold=ipsum
    • Output only. Max QPS supported by the connector version before throttling of requests.
  • resource-limits cpu=est
    • Output only. CPU limit.
  • memory=gubergren

    • Output only. Memory limit.
  • ..resource-requests cpu=ea

    • Output only. CPU request.
  • memory=dolor

    • Output only. Memory request.
  • .. shared-deployment=lorem

    • Output only. The name of shared connector deployment.
  • .. connector-version-launch-stage=eos

    • Output only. Flag to mark the version indicating the launch stage.
  • create-time=labore
    • Output only. Created time.
  • description=sed
    • Optional. Description of the resource.
  • envoy-image-location=duo
    • Output only. GCR location where the envoy image is stored. formatted like: gcr.io/{bucketName}/{imageName}
  • eventing-config.auth-config auth-key=sed
    • Identifier key for auth config
  • auth-type=no
    • The type of authentication configured.
  • oauth2-auth-code-flow auth-code=stet
    • Authorization code to be exchanged for access and refresh tokens.
  • auth-uri=kasd
    • Auth URL for Authorization Code Flow
  • client-id=et
    • Client ID for user-provided OAuth app.
  • client-secret secret-version=sed

    • The resource name of the secret version in the format, format as: projects/*/secrets/*/versions/*.
  • .. enable-pkce=true

    • Whether to enable PKCE when the user performs the auth code flow.
  • pkce-verifier=vero
    • PKCE verifier to be used during the auth code exchange.
  • redirect-uri=erat
    • Redirect URI to be provided during the auth code exchange.
  • scopes=sed

    • Scopes the connection will request when the user performs the auth code flow.
    • Each invocation of this argument appends the given value to the array.
  • ..oauth2-client-credentials client-id=duo

    • The client identifier.
  • client-secret secret-version=dolore

    • The resource name of the secret version in the format, format as: projects/*/secrets/*/versions/*.
  • ...oauth2-jwt-bearer.client-key secret-version=et

    • The resource name of the secret version in the format, format as: projects/*/secrets/*/versions/*.
  • ..jwt-claims audience=voluptua.

    • Value for the "aud" claim.
  • issuer=amet.
    • Value for the "iss" claim.
  • subject=consetetur

    • Value for the "sub" claim.
  • ...ssh-public-key cert-type=diam

    • Format of SSH Client cert.
  • ssh-client-cert secret-version=dolor

    • The resource name of the secret version in the format, format as: projects/*/secrets/*/versions/*.
  • ..ssh-client-cert-pass secret-version=et

    • The resource name of the secret version in the format, format as: projects/*/secrets/*/versions/*.
  • .. username=et

    • The user account used to authenticate.
  • ..user-password.password secret-version=sadipscing

    • The resource name of the secret version in the format, format as: projects/*/secrets/*/versions/*.
  • .. username=stet

    • Username.
  • ...dead-letter-config project-id=dolor

    • Optional. Project which has the topic given.
  • topic=duo

    • Optional. Topic to push events which couldn't be processed.
  • .. enrichment-enabled=false

    • Enrichment Enabled.
  • events-listener-ingress-endpoint=vero
    • Optional. Ingress endpoint of the event listener. This is used only when private connectivity is enabled.
  • listener-auth-config auth-key=invidunt
    • Identifier key for auth config
  • auth-type=stet
    • The type of authentication configured.
  • oauth2-auth-code-flow auth-code=vero
    • Authorization code to be exchanged for access and refresh tokens.
  • auth-uri=elitr
    • Auth URL for Authorization Code Flow
  • client-id=lorem
    • Client ID for user-provided OAuth app.
  • client-secret secret-version=diam

    • The resource name of the secret version in the format, format as: projects/*/secrets/*/versions/*.
  • .. enable-pkce=true

    • Whether to enable PKCE when the user performs the auth code flow.
  • pkce-verifier=ipsum
    • PKCE verifier to be used during the auth code exchange.
  • redirect-uri=accusam
    • Redirect URI to be provided during the auth code exchange.
  • scopes=takimata

    • Scopes the connection will request when the user performs the auth code flow.
    • Each invocation of this argument appends the given value to the array.
  • ..oauth2-client-credentials client-id=consetetur

    • The client identifier.
  • client-secret secret-version=voluptua.

    • The resource name of the secret version in the format, format as: projects/*/secrets/*/versions/*.
  • ...oauth2-jwt-bearer.client-key secret-version=et

    • The resource name of the secret version in the format, format as: projects/*/secrets/*/versions/*.
  • ..jwt-claims audience=erat

    • Value for the "aud" claim.
  • issuer=consetetur
    • Value for the "iss" claim.
  • subject=amet.

    • Value for the "sub" claim.
  • ...ssh-public-key cert-type=sed

    • Format of SSH Client cert.
  • ssh-client-cert secret-version=takimata

    • The resource name of the secret version in the format, format as: projects/*/secrets/*/versions/*.
  • ..ssh-client-cert-pass secret-version=dolores

    • The resource name of the secret version in the format, format as: projects/*/secrets/*/versions/*.
  • .. username=gubergren

    • The user account used to authenticate.
  • ..user-password.password secret-version=et

    • The resource name of the secret version in the format, format as: projects/*/secrets/*/versions/*.
  • .. username=accusam

    • Username.
  • ... private-connectivity-enabled=false

    • Optional. Private Connectivity Enabled.
  • proxy-destination-config key=dolore

    • The key is the destination identifier that is supported by the Connector.
  • ..registration-destination-config key=dolore

    • The key is the destination identifier that is supported by the Connector.
  • ... eventing-enablement-type=dolore

    • Optional. Eventing enablement type. Will be nil if eventing is not enabled.
  • eventing-runtime-data events-listener-endpoint=voluptua.
    • Output only. Events listener endpoint. The value will populated after provisioning the events listener.
  • events-listener-psc-sa=amet.
    • Output only. Events listener PSC Service attachment. The value will be populated after provisioning the events listener with private connectivity enabled.
  • status description=ea
    • Output only. Description of error if State is set to "ERROR".
  • state=sadipscing

    • Output only. State.
  • ... image-location=lorem

    • Output only. GCR location where the runtime image is stored. formatted like: gcr.io/{bucketName}/{imageName}
  • is-trusted-tester=true
    • Output only. Is trusted tester program enabled for the project.
  • labels=key=no
    • Optional. Resource labels to represent user-provided metadata. Refer to cloud documentation on labels for more details. https://cloud.google.com/compute/docs/labeling-resources
    • the value will be associated with the given key
  • lock-config locked=true
    • Indicates whether or not the connection is locked.
  • reason=sit

    • Describes why a connection is locked.
  • ..log-config enabled=true

    • Enabled represents whether logging is enabled or not for a connection.
  • .. name=aliquyam

    • Output only. Resource name of the Connection. Format: projects/{project}/locations/{location}/connections/{connection}
  • node-config max-node-count=96
    • Maximum number of nodes in the runtime nodes.
  • min-node-count=83

    • Minimum number of nodes in the runtime nodes.
  • .. service-account=sanctus

    • Optional. Service account needed for runtime plane to access Google Cloud resources.
  • service-directory=lorem
    • Output only. The name of the Service Directory service name. Used for Private Harpoon to resolve the ILB address. e.g. "projects/cloud-connectors-e2e-testing/locations/us-central1/namespaces/istio-system/services/istio-ingressgateway-connectors"
  • ssl-config client-cert-type=est
    • Type of Client Cert (PEM/JKS/.. etc.)
  • client-certificate secret-version=sed

    • The resource name of the secret version in the format, format as: projects/*/secrets/*/versions/*.
  • ..client-private-key secret-version=diam

    • The resource name of the secret version in the format, format as: projects/*/secrets/*/versions/*.
  • ..client-private-key-pass secret-version=dolores

    • The resource name of the secret version in the format, format as: projects/*/secrets/*/versions/*.
  • ..private-server-certificate secret-version=dolores

    • The resource name of the secret version in the format, format as: projects/*/secrets/*/versions/*.
  • .. server-cert-type=et

    • Type of Server Cert (PEM/JKS/.. etc.)
  • trust-model=sed
    • Trust Model of the SSL connection
  • type=no
    • Controls the ssl type for the given connector version.
  • use-ssl=false

    • Bool for enabling SSL
  • ..status description=elitr

    • Description.
  • state=sed
    • State.
  • status=no

    • Status provides detailed information for the state.
  • .. subscription-type=nonumy

    • Output only. This subscription type enum states the subscription type of the project.
  • suspended=false
    • Optional. Suspended indicates if a user has suspended a connection or not.
  • update-time=sadipscing
    • Output only. Updated time.

About Cursors

The cursor position is key to comfortably set complex nested structures. The following rules apply:

  • The cursor position is always set relative to the current one, unless the field name starts with the . character. Fields can be nested such as in -r f.s.o .
  • The cursor position is set relative to the top-level structure if it starts with ., e.g. -r .s.s
  • You can also set nested fields without setting the cursor explicitly. For example, to set a value relative to the current cursor position, you would specify -r struct.sub_struct=bar.
  • You can move the cursor one level up by using ... Each additional . moves it up one additional level. E.g. ... would go three levels up.

Optional Output Flags

The method's return value a JSON encoded structure, which will be written to standard output by default.

  • -o out
    • out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output.

Optional Method Properties

You may set the following properties to further configure the call. Please note that -p is followed by one or more key-value-pairs, and is called like this -p k1=v1 k2=v2 even though the listing below repeats the -p for completeness.

  • -p connection-id=string
    • Required. Identifier to assign to the Connection. Must be unique within scope of the parent resource.

Optional General Properties

The following properties can configure any call, and are not specific to this method.

  • -p $-xgafv=string

    • V1 error format.
  • -p access-token=string

    • OAuth access token.
  • -p alt=string

    • Data format for response.
  • -p callback=string

    • JSONP
  • -p fields=string

    • Selector specifying which fields to include in a partial response.
  • -p key=string

    • API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token.
  • -p oauth-token=string

    • OAuth 2.0 token for the current user.
  • -p pretty-print=boolean

    • Returns response with indentations and line breaks.
  • -p quota-user=string

    • Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.
  • -p upload-type=string

    • Legacy upload protocol for media (e.g. "media", "multipart").
  • -p upload-protocol=string

    • Upload protocol for media (e.g. "raw", "multipart").