create

The cldkctl guard create command creates a new Guard in your project. A Guard defines network access control rules (ingress and egress) for your workloads. This command allows you to interactively configure Guard properties such as name, namespace, endpoint selector, and traffic rules.

Usage

cldkctl guard create [flags]

Aliases

create, add

Steps

Follow the steps below to run and view the result of this command:

Run the following command in your terminal:

./cldkctl guard create

Enter the Guard Name to identify the configuration.
Select the Namespace where the Guard will be created. Choose from the available namespaces.

Define the Endpoint Selector to specify which workloads this Guard applies to.
When prompted, choose whether to add an ingress rule (for incoming traffic). Select Yes to define inbound rules, or No to skip.

Next, choose whether to add an egress rule (for outgoing traffic). Select Yes to define outbound rules, or No to skip.

Decide whether to deny all other ingress traffic. Choose Yes, deny to block unspecified inbound traffic, or No, allow to permit it.
Decide whether to deny all other egress traffic. Choose Yes, deny to block unspecified outbound traffic, or No, allow to permit it.
Review your configuration, then select Confirm & Create to finalize the Guard.

Once completed successfully, a message will appear in your terminal.

Flags

This command supports global flags. Refer to the Global Flags section for details

Flag

Description

-e, --endpoint-selector string

Specify endpoint selector.

-f, --file string

Specify a YAML file for creating Guard.

-h, --help

Help for the guard create command.

-n, --name string

Specify Guard name.

-s, --namespace string

Specify namespace.

--yaml

Create a Guard with YAML.

Previouscldkctl guard Nextcreate-egress

Last updated 1 month ago