gcloud compliance-manager framework-deployments create

NAME
gcloud compliance-manager framework-deployments create - create a framework deployment
SYNOPSIS
gcloud compliance-manager framework-deployments create (FRAMEWORK_DEPLOYMENT : --location=LOCATION --organization=ORGANIZATION) --cloud-control-metadata=[cloudControlDetails=CLOUDCONTROLDETAILS],[enforcementMode=ENFORCEMENTMODE] (--framework=FRAMEWORK : --framework-major-revision-id=FRAMEWORK_MAJOR_REVISION_ID) (--target-resource-config-existing=TARGET_RESOURCE_CONFIG_EXISTING     | --target-resource-creation-config-folder-display-name=TARGET_RESOURCE_CREATION_CONFIG_FOLDER_DISPLAY_NAME --target-resource-creation-config-folder-parent=TARGET_RESOURCE_CREATION_CONFIG_FOLDER_PARENT     | --target-resource-creation-config-project-billing-account-id=TARGET_RESOURCE_CREATION_CONFIG_PROJECT_BILLING_ACCOUNT_ID --target-resource-creation-config-project-display-name=TARGET_RESOURCE_CREATION_CONFIG_PROJECT_DISPLAY_NAME --target-resource-creation-config-project-parent=TARGET_RESOURCE_CREATION_CONFIG_PROJECT_PARENT) [--async] [--description=DESCRIPTION] [--etag=ETAG] [GCLOUD_WIDE_FLAG]
DESCRIPTION
Create a framework deployment for a given organization and location.
EXAMPLES
To create a framework deployment my-framework-deployment-id in organization my-organization-id and location global, targeting folders/my-folder-id and using framework my-framework-name, run: 
gcloud compliance-manager framework-deployments create my-framework-deployment-id --organization=my-organization-id --location=global --target-resource-config-existing=folders/my-folder-id --framework='organizations/my-organization-id/locations/global/frameworks/my-framework-name' --framework-major-revision-id='1' --cloud-control-metadata='[{"cloudControlDetails": {"name":
 "organizations/my-organization-id/locations/global/cloudControls/my\
-control-1", "majorRevisionId": "1", "parameters": []},
 "enforcementMode": "DETECTIVE"}]'
POSITIONAL ARGUMENTS
FrameworkDeployment resource - Identifier. The name of the framework deployment, in the format organizations/{organization}/locations/{location}/frameworkDeployments/{framework_deployment_id}. The only supported location is global. The arguments in this group can be used to specify the attributes of this resource.

This must be specified.

FRAMEWORK_DEPLOYMENT
ID of the frameworkDeployment or fully qualified identifier for the frameworkDeployment.

To set the framework_deployment attribute:

  • provide the argument framework_deployment on the command line.

This positional argument must be specified if any of the other arguments in this group are specified.

--location=LOCATION
The location id of the frameworkDeployment resource.

To set the location attribute:

  • provide the argument framework_deployment on the command line with a fully specified name;
  • provide the argument --location on the command line.
--organization=ORGANIZATION
The organization id of the frameworkDeployment resource.

To set the organization attribute:

  • provide the argument framework_deployment on the command line with a fully specified name;
  • provide the argument --organization on the command line.
REQUIRED FLAGS
--cloud-control-metadata=[cloudControlDetails=CLOUDCONTROLDETAILS],[enforcementMode=ENFORCEMENTMODE]
Required, The deployment mode and parameters for each of the cloud controls in the framework. Every cloud control in the framework includes metadata.
cloudControlDetails
The cloud control name and parameters.
majorRevisionId
The major version of the cloud control.
name
The name of the cloud control, in the format organizations/{organization}/locations/{location}/cloudControls/{cloud-control}. The only supported location is global.
parameters
Parameters are key-value pairs that let you provide your custom location requirements, environment requirements, or other settings that are relevant to the cloud control. An example parameter is {"name": "location","value": "us-west-1"}.
name
The name or key of the parameter.
enforcementMode
The enforcement mode of the cloud control.
Shorthand Example: 
--cloud-control-metadata=cloudControlDetails={majorRevisionId=int,name=string,parameters=[{name=string}]},enforcementMode=string --cloud-control-metadata=cloudControlDetails={majorRevisionId=int,name=string,parameters=[{name=string}]},enforcementMode=string

JSON Example: 

--cloud-control-metadata='[{"cloudControlDetails": {"majorRevisionId": int, "name": "string", "parameters": [{"name": "string"}]}, "enforcementMode": "string"}]'

File Example: 

--cloud-control-metadata=path_to_file.(yaml|json)
The reference of a framework, in the format organizations/{organization}/locations/{location}/frameworks/{framework}. The only supported location is global.

This must be specified.

--framework=FRAMEWORK
The major version of the framework. If not specified, the version corresponds to the latest version of the framework.

This flag argument must be specified if any of the other arguments in this group are specified.

Arguments for the major revision id.
--framework-major-revision-id=FRAMEWORK_MAJOR_REVISION_ID
The major version of the framework. If not specified, the version corresponds to the latest version of the framework.
The name of the target resource or the configuration that's required to create a new target resource.

This must be specified.

Arguments for the resource config.

At most one of these can be specified:

--target-resource-config-existing=TARGET_RESOURCE_CONFIG_EXISTING
The resource hierarchy node, in one of the following formats:
  • organizations/{organizationID}
  • folders/{folderID}
  • projects/{projectID}
The configuration that's required to create a target resource.
Arguments for the resource creation config.

At most one of these can be specified:

The configuration that's required to create a folder to be used as the target resource for a deployment.
--target-resource-creation-config-folder-display-name=TARGET_RESOURCE_CREATION_CONFIG_FOLDER_DISPLAY_NAME
The display name of the folder.

This flag argument must be specified if any of the other arguments in this group are specified.

--target-resource-creation-config-folder-parent=TARGET_RESOURCE_CREATION_CONFIG_FOLDER_PARENT
The parent of the folder, in the format organizations/{organizationID} or folders/{folderID}.

This flag argument must be specified if any of the other arguments in this group are specified.

The configuration that's required to create a project to be used as the target resource of a deployment.
--target-resource-creation-config-project-billing-account-id=TARGET_RESOURCE_CREATION_CONFIG_PROJECT_BILLING_ACCOUNT_ID
The billing account ID for the project.

This flag argument must be specified if any of the other arguments in this group are specified.

--target-resource-creation-config-project-display-name=TARGET_RESOURCE_CREATION_CONFIG_PROJECT_DISPLAY_NAME
The display name of the project.

This flag argument must be specified if any of the other arguments in this group are specified.

--target-resource-creation-config-project-parent=TARGET_RESOURCE_CREATION_CONFIG_PROJECT_PARENT
The parent of the project, in the format organizations/{organizationID} or folders/{folderID}.

This flag argument must be specified if any of the other arguments in this group are specified.

OPTIONAL FLAGS
--async
Return immediately, without waiting for the operation in progress to complete.
--description=DESCRIPTION
A user-provided description of the framework deployment.
--etag=ETAG
To prevent concurrent updates from overwriting each other, always provide the etag when you update a framework deployment. You can also provide the etag when you delete a framework deployment, to help ensure that you're deleting the intended version of the framework deployment.
GCLOUD WIDE FLAGS
These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, --help, --impersonate-service-account, --log-http, --project, --quiet, --trace-token, --user-output-enabled, --verbosity.

Run $ gcloud help for details.

API REFERENCE
This command uses the cloudsecuritycompliance/v1 API. The full documentation for this API can be found at: https://cloud.google.com/security-command-center#compliance-management