USrSSKJr SSKJr SSKJr SSKrSSKrSSKJr SSK J r SSK J r SS K J r SS K Jr SS KJr SS KJr SS KJr SS KJr SS KJr SS KJr SS KJr SSKrS r\R<"SS9r\R@"5r!"SS\RD5r#Sr$\ RJ"\ RLRN5\ RP"SS\ RR555r*\ RJ"\ RLRV5"SS\*55r,\ RJ"\ RLRZ5"SS\,55r.g)z!Command for creating VPN tunnels.)absolute_import)division)unicode_literalsN) base_classes)vpn_tunnels_utils) arg_parsers)base) exceptions)flags)resource_manager_tags_utilsz[ -~]+Frequiredc(^\rSrSrU4SjrSrU=r$)DeprecatedArgumentException-cJ>[[U] SRX55 g)Nz{0} is deprecated. {1})superr__init__format)selfargmsg __class__s )lib/surface/compute/vpn_tunnels/create.pyr$DeprecatedArgumentException.__init__/s! %t5 ''13)__name__ __module__ __qualname____firstlineno__r__static_attributes__ __classcell__)rs@rrr-s 33rrcU(d[R"S5e[R"[U5(aU$[R"S5e)a?ValidateSimpleSharedSecret checks its argument is a vpn shared secret. ValidateSimpleSharedSecret(v) returns v iff v matches [ -~]+. Args: possible_secret: str, The data to validate as a shared secret. Returns: The argument, if valid. Raises: ArgumentTypeError: The argument is not a valid vpn shared secret. z.--shared-secret requires a non-empty argument.zQThe argument to --shared-secret is not valid it contains non-printable charcters.)argparseArgumentTypeErrorrematch_PRINTABLE_CHARS_PATTERN)possible_secrets rValidateSimpleSharedSecretr+4sO   $ $8 ::XX&88 ""! ""rc\rSrSrSr\R "SS9r\R"SS9r \ R"SS9r \R"SS9rSrSr\S5r\S5r\S5rS rS rS rS rS rSrSrSrg)CreateGAOACreate a VPN tunnel. *{command}* is used to create a Classic VPN tunnel between a target VPN gateway in Google Cloud Platform and a peer address; or create Highly Available VPN tunnel between HA VPN gateway and another HA VPN gateway, or Highly Available VPN tunnel between HA VPN gateway and an external VPN gateway. Fr Tc[RU5 URSSS9 URSSS/[SS9 URS [S S [ -S 9 URS [ R"SS9S SS9 g)Nz --descriptionz4An optional, textual description for the VPN tunnel.)helpz --ike-versionzr?s r_AddCipherSuiteFlagsCreateGA._AddCipherSuiteFlagss3 - ,(00A>=? , ,(00A><>  8(00A>>@  ((00A>=? - ,(00A>=? , ,(00A><>  ,(00A>KMrcURR[R5 [R USS9 UR SS9nURR U5 URR U5 UR SS9nURR U5 URR U5 URSSSS9 URU5 URS [R"S S 9S S S9 URS[R"S S 9S SS9 URSSS /[SSS9 URS/SQ[SSS9 UR (aUR#U5 UR$(a%URS[R&"5SSS9 URR)[R*5 g)z&Adds arguments to the supplied parser.create)operation_typeTr --peer-addressFzValid IPV4 address representing the remote tunnel endpoint, the peer address must be specified when creating Classic VPN tunnels from Classic Target VPN gateway)rr1--local-traffic-selectorr2r7CIDRa Traffic selector is an agreement between IKE peers to permit traffic through a tunnel if the traffic matches a specified pair of local and remote addresses. --local-traffic-selector allows to configure the local addresses that are permitted. The value should be a comma separated list of CIDR formatted strings. Example: 192.168.0.0/16,10.0.0.0/24. Local traffic selector must be specified only for VPN tunnels that do not use dynamic routing with a Cloud Router. Omit this flag when creating a tunnel using dynamic routing, including a tunnel for a Highly Available VPN gateway.)r5rFr1--remote-traffic-selectora Traffic selector is an agreement between IKE peers to permit traffic through a tunnel if the traffic matches a specified pair of local and remote addresses. --remote-traffic-selector allows to configure the remote addresses that are permitted. The value should be a comma separated list of CIDR formatted strings. Example: 192.168.0.0/16,10.0.0.0/24. Remote traffic selector must be specified for VPN tunnels that do not use dynamic routing with a Cloud Router. Omit this flag when creating a tunnel using dynamic routing, including a tunnel for a Highly Available VPN gateway. --interfacerao Numeric interface ID of the VPN gateway with which this VPN tunnel is associated. This flag is required if the tunnel is being attached to a Highly Available VPN gateway. This option is only available for use with Highly Available VPN gateway and must be omitted if the tunnel is going to be connected to a Classic VPN gateway.)r4r5rr1!--peer-external-gateway-interface)rr2r3z Interface ID of the external VPN gateway to which this VPN tunnel is connected to. This flag is required if the tunnel is being created from a Highly Available VPN gateway to an External Vpn Gateway.z--resource-manager-tagsz KEY=VALUEz` A comma-separated list of Resource Manager tags to apply to the VPN tunnel. N) display_info AddFormatr HA_VPN_LIST_FORMAT_VPN_TUNNEL_ARGr;add_mutually_exclusive_group_TARGET_VPN_GATEWAY_ARG_VPN_GATEWAY_ARG_EXTERNAL_VPN_GATEWAY_ARG_PEER_GCP_GATEWAY_ARGr<rBrr>r=_support_cipher_suiterH_support_tagging_at_creationArgDictAddCacheUpdaterVpnTunnelsCompleter)r@rAvpn_gateway_group_parserpeer_vpn_gateway_group_parsers rArgs CreateGA.Argss !!%":":;x@%BB C ++,DE$$%=>$*$G$G%H%!!!--.KL))*GH!..2/3 "  A . ) +$ #  A . ) +$ A E  F + F  G    v& ''  #""$  ''(A(ABrcURS5(GahURS5(d[R"SS5eURS5(d[R"SS5eURS5(d-URS 5(d[R"S S 5eURS 5(a-URS 5(d[R"S S5eURS5(a[R"SS5eURS5(a[R"SS5eURS5(a[R"SS5egg)N vpn_gateway interfacerQzsWhen creating Highly Available VPN tunnels, the VPN gateway interface must be specified using the --interface flag.router--routerzeWhen creating Highly Available VPN tunnels, a Cloud Router must be specified using the --router flag.peer_gcp_gatewaypeer_external_gatewayz--peer-gcp-gatewayzsWhen creating Highly Available VPN tunnels, either --peer-gcp-gateway or --peer-external-gateway must be specified.peer_external_gateway_interfacerRz`The flag --peer-external-gateway-interface must be specified along with --peer-external-gateway.local_traffic_selectorrNzHCannot specify local traffic selector with Highly Available VPN tunnels.remote_traffic_selectorrPzICannot specify remote traffic selector with Highly Available VPN tunnels. peer_addressrMzGCannot specify the flag peer address with Highly Available VPN tunnels. IsSpecifiedr InvalidArgumentExceptionrargss r _ValidateHighAvailabilityVpnArgs)CreateGA._ValidateHighAvailabilityVpnArgs s  &&   k * *11  FG G  h ' '11  9: :  0 1 1$:J:J !;#;#11  OP P   1 2 24;K;K +<-<-11 / -. .   2 3 311 &     3 4 411 '     . ) )11    *C'rcURS5(a[URS5(d[R"SS5eURS5(a[R"SS5egg)Ntarget_vpn_gatewayrprMzFWhen creating Classic VPN tunnels, the peer address must be specified.rirjz/Cannot specify router with Classic VPN tunnels.rqrts r_ValidateClassicVpnArgs CreateGA._ValidateClassicVpnArgs2sv ,--   n - -11  !" "   ( # #11  =   $ .rcURS5(a+URRX!5R5nU$g)Nrk)rrr\ResolveAsResourceSelfLink)rapi_resource_registryrurks r_GetPeerGcpGatewayCreateGA._GetPeerGcpGateway?s@ *++33EE ''/xz  rcURS5(a+URRX!5R5nU$g)Nrl)rrr[r}r~)rrrurls r_GetPeerExternalGateway CreateGA._GetPeerExternalGatewayFs@ /00"<<NN ''/xz "" rc [R"UR55nURn[R "U5nUR b [SS5e[RUUR[R"U5S9nSnURS5(a@URUl[ RXR5nUR#5nSn Sn Sn Sn Sn SnSnU(aURS5(aUR%U5 URUlUR(RXR5R#5n UR*n UR-URU5n UR.n UR1URU5nOUUR3U5 URUlUR6RXR5R#5n UR8(a3UR:b&UR=UR>UR:5nU (GaUR@(Ga2URCURDURFURHURJS9nURMURNURPURRS9nUR>RU5nU(aUUl+U(aUUl,URV(dURX(dSnUR[UR]5UR^UR`URbURdU URfURhUUUR8S9 nGOURkUR]5UR^UR`URbURdU URfURhUUR8S 9 nGOUR@(Ga URCURDURFURHURJS9nURMURNURPURRS9nUR>RU5nU(aUUl+U(aUUl,URV(dURX(dSnURmUR]5UR^UR`URbURdU U UU U UUUUR8S 9nO[URoUR]5UR^UR`URbURdU U UU U UUUR8S 9 nURqUU5nURsUUS 5$) Nr6z0It has been renamed to --local-traffic-selector.) scope_listerrirg)phase1_encryptionphase1_integrity phase1_dh phase1_prf)phase2_encryptionphase2_integrity phase2_pfs) name description ike_versionpeer_ip shared_secretryrnro cipher_suiteparamssupport_tagging_at_creation) rrrrrryrnrorr)rrrrrrgvpn_gateway_interfacerirlrmrkrrr) rrrrrrgrrirlrmrkrrzCreating VPN tunnel):rComputeApiHolder ReleaseTrackclientrVpnTunnelHelper ike_networksrrWr} resources compute_flagsGetDefaultScopeListerrrregion router_regionr:r~rvvpn_gateway_regionrZrhrrmrrztarget_vpn_gateway_regionrYr^resource_manager_tags_CreateVpnTunnelParamsmessagesr]GetVpnTunnelPhase1AlgorithmsrrrrGetVpnTunnelPhase2AlgorithmsrrrVpnTunnelCipherSuitephase1phase2+GetClassicVpnTunnelForInsertWithCipherSuiteNamerrrprrnroGetClassicVpnTunnelForInsert4GetHighAvailabilityVpnTunnelForInsertWithCipherSuite%GetHighAvailabilityVpnTunnelForInsertCreateWaitForOperation)rruis_vpn_gateway_supportedholderrhelpervpn_tunnel_ref router_link router_refryrgrrlrmrkr phase1_algo phase2_algorvpn_tunnel_to_insert operation_refs r_Run CreateGA._RunMs\  * *4+<+<+> ?F ]]F  . .v 6F $ '  < >>%66 "88@7BN K !!)00d007G7GHj'')kK  &*# D$4$4]$C$C ++D1 . 5 5d));;    #nn"::   D)-(L(L%001A1A4H ""4('5'<'+>,  > >#((* ,, ,,))"00#5'+'B'B(,(D(D),,0,M,M ?   &BB$$&((((%%,,1#'#>#>$($@$@((,(I(I C   # # #99"44!22nn : 99"44!22: ;;=  +,   +, ""<+>+>,  G G#((* ,, ,,))"00'&;"&;0O!1),,0,M,M H  & &KK$$&((((%%,,#"7"7,K-((,(I(I! L &MM.2FGM  " ">=#8 ::rc"URUSS9$)z-Issues API requests to construct VPN Tunnels.T)r)rrts rRun CreateGA.Runs 99TD9 99rc  [R"U5nURn[[R "U55VVs/sHupVUR RXVS9PM nnnU"UR US9S9$s snnf)N)keyvalue)additionalProperties)resourceManagerTags)r GetResourceManagerTagsVpnTunnelParamssortedsix iteritemsResourceManagerTagsValueAdditionalProperty)rrrresource_manager_tags_maprrradditional_propertiess rrCreateGA._CreateVpnTunnelParamss#:: !   % %F!/H!IJJJC ''::s:PJ ";;!6<   s%BrN)rrr r!__doc__target_vpn_gateway_flags$TargetVpnGatewayArgumentForVpnTunnelrYvpn_gateway_flags%GetVpnGatewayArgumentForOtherResourcerZexternal_vpn_gateway_flags&ExternalVpnGatewayArgumentForVpnTunnelr[)GetPeerVpnGatewayArgumentForOtherResourcer\r]r^ classmethodrBrHrdrvrzrrrrrr"rrrr-r-OsCC==uM!GG AA!&//6MM<`C`CD&P  c:J:rr-c \rSrSrSrSrSrSrg) CreateBetair/TFrNrrr r!rr]r^r"rrrrrs!&rrc \rSrSrSrSrSrSrg) CreateAlphair/TrNrrrrrrs!%rr)/r __future__rrrr%r'googlecloudsdk.api_lib.computer*googlecloudsdk.api_lib.compute.vpn_tunnelsrgooglecloudsdk.callioperr r "googlecloudsdk.command_lib.computer rr 8googlecloudsdk.command_lib.compute.external_vpn_gatewaysr*googlecloudsdk.command_lib.compute.routers router_flags6googlecloudsdk.command_lib.compute.target_vpn_gatewaysr/googlecloudsdk.command_lib.compute.vpn_gatewaysr.googlecloudsdk.command_lib.compute.vpn_tunnelsrr)RouterArgumentForVpnTunnelr:VpnTunnelArgumentrW ToolExceptionrr+ ReleaseTracksrGAUniverseCompatible CreateCommandr-BETArALPHArrrrrs+(&' 7H/(.EJhLdV@ %55uE ))+3*":":3"6D%%(()tt!!t*tn D%%**+ ' ', 'D%%++, &* &- &r