gcloud alpha builds worker-pools create

NAME
gcloud alpha builds worker-pools create - create a private pool for use by Cloud Build
SYNOPSIS
gcloud alpha builds worker-pools createWORKER_POOL[--generation=GENERATION; default=1][--region=REGION][--config-from-file=CONFIG_FROM_FILE    |--disable-public-ip-address--network-attachment=NETWORK_ATTACHMENT--route-all-traffic    |--peered-network=PEERED_NETWORK--peered-network-ip-range=PEERED_NETWORK_IP_RANGE--no-public-egress--worker-disk-size=WORKER_DISK_SIZE--worker-machine-type=WORKER_MACHINE_TYPE][GCLOUD_WIDE_FLAG]
DESCRIPTION
(ALPHA) Create a private pool for use by Cloud Build.
EXAMPLES
  • Private pools

To create a private pool namedpwp1 in regionus-central1, run:

gcloudalphabuildsworker-poolscreatepwp1--region=us-central1

To create a private pool in projectp1 in regionus-central1 where workers are of machine typee2-standard-2 and are peered to the VPC networkprojects/123/global/networks/default within the IP range192.168.0.0/28 and have a disk size of 64GB, run:

gcloudalphabuildsworker-poolscreatepwp1--project=p1--region=us-central1--peered-network=projects/123/global/networks/default--peered-network-ip-range=192.168.0.0/28--worker-machine-type=e2-standard-2--worker-disk-size=64GB

To create a private pool in projectp1 in regionus-central1 where workers are of machine typee2-standard-2 and are peered to the network attachmentprojects/p1/regions/us-central1/networkAttachments/na. The workersdon't have public IP address and all the traffic is routed to the networkattachment.

gcloudalphabuildsworker-poolscreatepwp1--project=p1--region=us-central1--network-attachment=projects/p1/regions/us-central1/networkAttachments/na--route-all-traffic--disable-public-ip-address--worker-machine-type=e2-standard-2
POSITIONAL ARGUMENTS
WORKER_POOL
Unique identifier for the worker pool to create. This value should be 1-63characters, and valid characters are [a-z][0-9]-
FLAGS
--generation=GENERATION; default=1
Generation of the worker pool.
--region=REGION
Cloud region where the worker pool is created. Seehttps://cloud.google.com/build/docs/locationsfor available locations.
At most one of these can be specified:
--config-from-file=CONFIG_FROM_FILE
File that contains the configuration for the worker pool to be created.

Private pool options:

https://cloud.google.com/build/docs/private-pools/worker-pool-config-file-schema
Or at least one of these can be specified:
Command-line flags to configure the private pool:
At most one of these can be specified:
Network configuration for Private Service Connect interface:
--disable-public-ip-address
If set, workers in the worker pool are created without an external IP address.

If the worker pool is within a VPC Service Control perimeter, use this flag.

--network-attachment=NETWORK_ATTACHMENT
The network attachment that the worker network interface is peered to. Thenetwork attachment is specified in resource URL formatprojects/{project}/regions/{region}/networkAttachments/{name}. The region ofnetwork attachment must be the same as the worker pool. Seehttps://cloud.google.com/vpc/docs/about-network-attachmentsfor details.
--route-all-traffic
Route all traffic through PSC interface. Enable this if you want full control oftraffic in the private pool. Configure Cloud NAT for the subnet of networkattachment if you need to access public Internet.

If unset, Only route private IPs, e.g. 10.0.0.0/8, 172.16.0.0/12, and192.168.0.0/16 through PSC interface.

Network configuration for Service Networking:
--peered-network=PEERED_NETWORK
Existing network to which workers are peered. The network is specified inresource URL format projects/{network_project}/global/networks/{network_name}.

If not specified, the workers are not peered to any network.

--peered-network-ip-range=PEERED_NETWORK_IP_RANGE
An IP range for your peered network. Specify the IP range using ClasslessInter-Domain Routing (CIDR) notation with a slash and the subnet prefix size,such as/29.

Your subnet prefix size must be between 1 and 29. Optional: you can specify anIP address before the subnet prefix value - for example192.168.0.0/24.

If no IP address is specified, your VPC automatically determines the starting IPfor the range. If no IP range is specified, Cloud Build uses/24 asthe default network IP range.

--no-public-egress
If set, workers in the worker pool are created without an external IP address.

If the worker pool is within a VPC Service Control perimeter, use this flag.

Configuration to be used for creating workers in the worker pool:
--worker-disk-size=WORKER_DISK_SIZE
Size of the disk attached to the worker.

If unspecified, Cloud Build uses a standard disk size.

--worker-machine-type=WORKER_MACHINE_TYPE
Compute Engine machine type for a worker pool.

If unspecified, Cloud Build uses a standard machine type.

GCLOUD WIDE FLAGS
These flags are available to all commands:--access-token-file,--account,--billing-project,--configuration,--flags-file,--flatten,--format,--help,--impersonate-service-account,--log-http,--project,--quiet,--trace-token,--user-output-enabled,--verbosity.

Run$gcloud help for details.

NOTES
This command is currently in alpha and might change without notice. If thiscommand fails with API permission errors despite specifying the correct project,you might be trying to access an API with an invitation-only early accessallowlist. These variants are also available:
gcloudbuildsworker-poolscreate
gcloudbetabuildsworker-poolscreate

Except as otherwise noted, the content of this page is licensed under theCreative Commons Attribution 4.0 License, and code samples are licensed under theApache 2.0 License. For details, see theGoogle Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.

Last updated 2026-01-21 UTC.