dZddlmZddlmZddlmZddlmZddlmZddlm Z ddl m Z dd l m Z d d d Ze je j j"Gd de j$Zy)z.'vmware external-access-rules create' command.)absolute_import)division)unicode_literals)ExternalAccessRulesClient) arg_parsers)base)flags)logz Create a VMware Engine external access firewall rule. Check the progress of a VMware Engine external access firewall rule creation using `{parent_command} list`. a~ To create an external access firewall rule called `my-external-access-rule` associated with the network policy `my-network-policy` in the `us-west2` region, run: $ {command} my-external-access-rule --network-policy=my-network-policy --priority=1000 --ip-protocol=TCP --source-ranges=34.148.30.114/32 --destination-ranges=projects/sample-project/locations/us-west2-a/privateClouds/my-private-cloud/externalAddresses/my-external-address --source-ports=22,10000-11000 --destination-ports=22 --action=ALLOW --location=us-west2 --project=sample-project Or: $ {command} my-external-access-rule --network-policy=my-network-policy --priority=1000 --ip-protocol=TCP --source-ranges=34.148.30.114/32 --destination-ranges=projects/sample-project/locations/us-west2-a/privateClouds/my-private-cloud/externalAddresses/my-external-address --source-ports=22,10000-11000 --destination-ports=22 In the second example, the project and the location are taken from gcloud properties core/project and compute/region respectively. The `--action` field also isn't specified, so its value defaults to `ALLOW`. ) DESCRIPTIONEXAMPLESc*eZdZdZeZedZdZy)Createz5Create a VMware Engine external access firewall rule.ctj|dtjj |tjj |d|j jd|jdd|jddtjdd d |jd dgd d|jddtjddd|jddtjddd|jdtjddd|jdtjddd|jd d!d"gd!d#$y%)&z Register flags for this command.T) positionalyamlz --descriptionzG User-provided description of the external access rule. )helpz --prioritydiz Priority of this external access rule. Valid values are numbers between 100 and 4096, with 100 being the highest priority. Firewall rules are processed from highest to lowest priority. )requiredtyperz --ip-protocol)TCPUDPICMPz\ Internet protocol covered by the rule. Valid values are TCP, UDP, and ICMP. )rchoicesrz--source-ranges) min_lengthSOURCE_IP_RANGESz A list of source IP addresses that the rule applies to. Each entry in the list can be a CIDR notation or a single IP address. When the value is set to `0.0.0.0/0`, all IP addresses are allowed. )rrmetavarrz--destination-rangesDESTINATION_IP_RANGESz A list of destination IP addresses that the rule applies to. Each entry in the list can be an ExternalAddress resource name or `0.0.0.0/0`. When the value is set to `0.0.0.0/0`, all IP addresses are allowed. z--source-ports SOURCE_PORTSz_ List of allowed source ports. Each entry must be either an integer or a range. )rrrz--destination-portsDESTINATION_PORTSzd List of allowed destination ports. Each entry must be either an integer or a range. z--actionALLOWDENYz Whether the firewall rule allows or denies traffic based on a successful rule match. By default, the action is ALLOW. )rdefaultrN) r AddExternalAccessRuleToParserr ASYNC_FLAG AddToParser SetDefault display_info AddFormat add_argumentr BoundedIntArgList)parsers Clib/surface/vmware/network_policies/external_access_rules/create.pyArgsz Create.Args4s ''4@OO'OOvt, !!&)      # #C .   &     A ."     A .'     A .     A .#   &!  c `|jjj}t}|j}|j ||j |j|j|j|j|j|j|j }|r#tj|j ddy|j#|j%|dj'|j)}tj|j)d|S)N)priority ip_protocol source_rangesdestination_ranges source_portsdestination_ports descriptionactionz"VMware Engine external access ruleT)kindis_asyncz3waiting for external access rule [{}] to be created) operation_refmessage)r:)CONCEPTSexternal_access_ruleParserasync_rr2r3r4r5r6r7r8r9r CreatedResourcenameWaitForOperationGetOperationRefformat RelativeName)selfargsr?clientr; operationresources r.Runz Create.Runts====CCE & (F{{H $$((22&&00$${{ I  ..3 &&,,Y7ELL - - / 'H ))+ 1 Or0N) __name__ __module__ __qualname____doc__ DETAILED_HELP detailed_help staticmethodr/rMr0r.rr/s"=-= = ~ r0rN)rQ __future__rrr1googlecloudsdk.api_lib.vmware.externalaccessrulesrgooglecloudsdk.callioperr2googlecloudsdk.command_lib.vmware.network_policiesr googlecloudsdk.corer rR ReleaseTracks ReleaseTrackGA CreateCommandrrUr0r.r_sp5&'W/(D#    (D%%(()dT  d*dr0