gcloud alpha compute ssl-policies create
- NAME
- gcloud alpha compute ssl-policies create - create a new Compute Engine SSL policy
- SYNOPSIS
gcloud alpha compute ssl-policies createSSL_POLICY[--custom-features=[CUSTOM_FEATURES,…]][--description=DESCRIPTION][--min-tls-version=MIN_TLS_VERSION; default="1.0"][--profile=PROFILE; default="COMPATIBLE"][--global|--region=REGION][GCLOUD_WIDE_FLAG …]
- DESCRIPTION
(ALPHA)gcloud alpha compute ssl-policies createcreates a new SSL policy.An SSL policy specifies the server-side support for SSL features. An SSL policycan be attached to a TargetHttpsProxy or a TargetSslProxy. This affectsconnections between clients and the load balancer. SSL policies do not affectthe connection between the load balancers and the backends. SSL policies areused by Application Load Balancers and proxy Network Load Balancers.
- POSITIONAL ARGUMENTS
SSL_POLICY- Name of the SSL policy to create.
- FLAGS
--custom-features=[CUSTOM_FEATURES,…]- A comma-separated list of custom features, required when the profile being usedis CUSTOM.
Using CUSTOM profile allows customization of the features that are part of theSSL policy. This flag allows specifying those custom features.
The list of all supported custom features can be obtained using:
gcloudcomputessl-policieslist-available-features
--description=DESCRIPTION- An optional, textual description for the SSL policy.
--min-tls-version=MIN_TLS_VERSION; default="1.0"- Minimum TLS version.
MIN_TLS_VERSIONmust be one of:1.0- TLS 1.0.
1.1- TLS 1.1.
1.2- TLS 1.2.
1.3- TLS 1.3.
--profile=PROFILE; default="COMPATIBLE"- SSL policy profile. Changing profile from CUSTOM toCOMPATIBLE|MODERN|RESTRICTED|FIPS_202205 will clear the custom-features field.
PROFILEmust be one of:COMPATIBLE- Compatible profile. Allows the broadest set of clients, even those which supportonly out-of-date SSL features, to negotiate SSL with the load balancer.
CUSTOM- Custom profile. Allows customization by selecting only the features which arerequired. The list of all available features can be obtained using:
gcloudcomputessl-policieslist-available-features
FIPS_202205- FIPS_202205 profile. Supports a reduced set of SSL features, intended to meetstricter compliance requirements.
MODERN- Modern profile. Supports a wide set of SSL features, allowing modern clients tonegotiate SSL.
RESTRICTED- Restricted profile. Supports a reduced set of SSL features, intended to meetstricter compliance requirements.
- At most one of these can be specified:
--global- If set, the SSL policy is global.
--region=REGION- Region of the SSL policy to create. Overrides the default
compute/regionproperty value for this command invocation.
- GCLOUD WIDE FLAGS
- These flags are available to all commands:
--access-token-file,--account,--billing-project,--configuration,--flags-file,--flatten,--format,--help,--impersonate-service-account,--log-http,--project,--quiet,--trace-token,--user-output-enabled,--verbosity.Run
$gcloud helpfor details. - NOTES
- This command is currently in alpha and might change without notice. If thiscommand fails with API permission errors despite specifying the correct project,you might be trying to access an API with an invitation-only early accessallowlist. These variants are also available:
gcloudcomputessl-policiescreategcloudbetacomputessl-policiescreate
Except as otherwise noted, the content of this page is licensed under theCreative Commons Attribution 4.0 License, and code samples are licensed under theApache 2.0 License. For details, see theGoogle Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2025-10-28 UTC.