# create

The cldkctl guard create command creates a new Guard in your project. A Guard defines network access control rules (ingress and egress) for your workloads. This command allows you to interactively configure Guard properties such as name, namespace, endpoint selector, and traffic rules.

## Usage 

```
cldkctl guard create [flags]
```

## Aliases

```
create, add
```

## Steps

Follow the steps below to run and view the result of this command:

1. Run the following command in your terminal:

```
cldkctl guard create
```

<figure><img src="/files/pVGyq4RuyQlRBjJoSZ2B" alt=""><figcaption></figcaption></figure>

2. Enter the Guard Name to identify the configuration.
3. Select the Namespace where the Guard will be created. Choose from the available namespaces.

<figure><img src="/files/E8OW9miQkYdcz5iNLfHJ" alt=""><figcaption></figcaption></figure>

4. Define the Endpoint Selector to specify which workloads this Guard applies to.
5. When prompted, choose whether to add an ingress rule (for incoming traffic). Select Yes to define inbound rules, or No to skip.

<figure><img src="/files/R411rRiBO9OciZluqDUO" alt=""><figcaption></figcaption></figure>

6. Next, choose whether to add an egress rule (for outgoing traffic). Select Yes to define outbound rules, or No to skip.

<figure><img src="/files/xmVCPojYBQCda4tS6Cok" alt=""><figcaption></figcaption></figure>

7. Decide whether to deny all other ingress traffic. Choose Yes, deny to block unspecified inbound traffic, or No, allow to permit it.
8. Decide whether to deny all other egress traffic. Choose Yes, deny to block unspecified outbound traffic, or No, allow to permit it.
9. Review your configuration, then select Confirm & Create to finalize the Guard.

<figure><img src="/files/JD7mTvOolWIqqqoHPnRC" alt=""><figcaption></figcaption></figure>

10. Once completed successfully, a message will appear in your terminal.

## Flags

{% hint style="info" %}
This command supports global flags. Refer to the Global Flags section for details
{% endhint %}

| Flag                           | Description                             |
| ------------------------------ | --------------------------------------- |
| -e, --endpoint-selector string | Specify endpoint selector.              |
| -f, --file string              | Specify a YAML file for creating Guard. |
| -h, --help                     | Help for the guard create command.      |
| -n, --name string              | Specify Guard name.                     |
| -s, --namespace string         | Specify namespace.                      |
| --yaml                         | Create a Guard with YAML.               |


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.cloudeka.ai/cloudeka-api-list/command-reference/cldkctl-guard/create.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.