# create The cldkctl guard create command creates a new Guard in your project. A Guard defines network access control rules (ingress and egress) for your workloads. This command allows you to interactively configure Guard properties such as name, namespace, endpoint selector, and traffic rules. ## Usage ``` cldkctl guard create [flags] ``` ## Aliases ``` create, add ``` ## Steps Follow the steps below to run and view the result of this command: 1. Run the following command in your terminal: ``` ./cldkctl guard create ```

2. Enter the Guard Name to identify the configuration. 3. Select the Namespace where the Guard will be created. Choose from the available namespaces.

4. Define the Endpoint Selector to specify which workloads this Guard applies to. 5. When prompted, choose whether to add an ingress rule (for incoming traffic). Select Yes to define inbound rules, or No to skip.

6. Next, choose whether to add an egress rule (for outgoing traffic). Select Yes to define outbound rules, or No to skip.

7. Decide whether to deny all other ingress traffic. Choose Yes, deny to block unspecified inbound traffic, or No, allow to permit it. 8. Decide whether to deny all other egress traffic. Choose Yes, deny to block unspecified outbound traffic, or No, allow to permit it. 9. Review your configuration, then select Confirm & Create to finalize the Guard.

10. Once completed successfully, a message will appear in your terminal. ## Flags {% hint style="info" %} This command supports global flags. Refer to the Global Flags section for details {% endhint %} | Flag | Description | | ------------------------------ | --------------------------------------- | | -e, --endpoint-selector string | Specify endpoint selector. | | -f, --file string | Specify a YAML file for creating Guard. | | -h, --help | Help for the guard create command. | | -n, --name string | Specify Guard name. | | -s, --namespace string | Specify namespace. | | --yaml | Create a Guard with YAML. |