- NAME
-
- gcloud network-connectivity policy-based-routes create - create a new policy-based route
- SYNOPSIS
-
-
gcloud network-connectivity policy-based-routes createPOLICY_BASED_ROUTE--network=NETWORK[--async] [--description=DESCRIPTION] [--destination-range=DESTINATION_RANGE] [--ip-protocol=IP_PROTOCOL] [--labels=[KEY=VALUE, …]] [--priority=PRIORITY] [--protocol-version=PROTOCOL_VERSION; default="IPV4"] [--source-range=SOURCE_RANGE] [--interconnect-attachment-region=INTERCONNECT_ATTACHMENT_REGION|--tags=[TAGS, …]] [--next-hop-ilb-ip=NEXT_HOP_ILB_IP|--next-hop-other-routes=NEXT_HOP_OTHER_ROUTES] [GCLOUD_WIDE_FLAG …]
-
- DESCRIPTION
- Create a new policy-based route with the given name.
- EXAMPLES
- To create a policy-based route with the name
my-pbrdefaultgcloud network-connectivity policy-based-routes create my-pbr --network = "projects/my-project/global/networks/default" --next-hop-ilb-ip = 10 .0.0.1 - POSITIONAL ARGUMENTS
-
- Policy based route resource - Name of the policy-based route to be created. This
represents a Cloud resource. (NOTE) Some attributes are not given arguments in
this group but can be set in other ways.
To set the
projectattribute:- provide the argument
policy_based_routeon the command line with a fully specified name; - provide the argument
--projecton the command line; - set the property
core/project.
This must be specified.
-
POLICY_BASED_ROUTE - ID of the policy based route or fully qualified identifier for the policy based
route.
To set the
policy_based_routeattribute:- provide the argument
policy_based_routeon the command line.
- provide the argument
- provide the argument
- Policy based route resource - Name of the policy-based route to be created. This
represents a Cloud resource. (NOTE) Some attributes are not given arguments in
this group but can be set in other ways.
- REQUIRED FLAGS
-
-
--network=NETWORK - Fully-qualified URL of the network that this route applies to. E.g.
projects/my-project/global/networks/my-network
-
- OPTIONAL FLAGS
-
-
--async - Return immediately, without waiting for the operation in progress to complete.
-
--description=DESCRIPTION - Optional description of this resource. Provide this field when you create the resource.
-
--destination-range=DESTINATION_RANGE - Destination IP range of outgoing packets that this policy-based route applies to.
-
--ip-protocol=IP_PROTOCOL - IP protocol that this policy-based route applies to. Valid values are
TCP,UDP, andALL. Default isALL. -
--labels=[KEY=VALUE,…] - List of label KEY=VALUE pairs to add.
Keys must start with a lowercase character and contain only hyphens (
-), underscores (_), lowercase characters, and numbers. Values must contain only hyphens (-), underscores (_), lowercase characters, and numbers. -
--priority=PRIORITY - Priority of this policy-based route. Priority is used to break ties in cases where there are more than one matching policy-based routes found. In cases where multiple policy-based routes are matched, the one with the lowest-numbered priority value wins. The default value is 1000. The priority value must be from 1 to 65535, inclusive. Note the priority of policy-based route is always higher than other types of route (e.g. static routes/advanced routes)
-
--protocol-version=PROTOCOL_VERSION; default="IPV4" - Internet protocol versions that this policy-based route applies to. For this
version, only
IPV4is supported.PROTOCOL_VERSIONmust be one of:ipv4,ipv6,protocol-version-unspecified. -
--source-range=SOURCE_RANGE - Source IP range of outgoing packets that this policy-based route applies to.
- At most one of these can be specified:
- Cloud region to install this policy-based route on interconnect attachment. Use
allto install it on all interconnect attachments. Note if both--tagsand--interconnect-attachment-regionare not set, then the policy-based route will be installed in all network endpoints, including VMs, VPNs, and Interconnect attachements, in the network. - List of VM instance tags that this route applies to. VM instances that have ANY
of tags specified here installs this route. Note if both
--tagsand--interconnect-attachment-regionare not set, then the policy-based route will be installed in all endpoints, including VMs, VPNs, and Interconnect attachements, in the network.
- Cloud region to install this policy-based route on interconnect attachment. Use
- At most one of these can be specified:
- IP of a global access enabled L4 ILB that should be the next hop to handle packets.
- Next hop should be other routes that handle packets. This effectively excludes
matching packets being applied on other policy-based routes with a lower
priority.
NEXT_HOP_OTHER_ROUTESmust be one of:default-routing,other-routes-unspecified.
-
- GCLOUD WIDE FLAGS
- These flags are available to all commands:
--access-token-file,--account,--billing-project,--configuration,--flags-file,--flatten,--format,--help,--impersonate-service-account,--log-http,--project,--quiet,--trace-token,--user-output-enabled,--verbosity.Run
$ gcloud helpfor details. - API REFERENCE
- This command uses the
networkconnectivity/v1API. The full documentation for this API can be found at: https://cloud.google.com/network-connectivity/docs/reference/networkconnectivity/rest - NOTES
- These variants are also available:
gcloud alpha network-connectivity policy-based-routes creategcloud beta network-connectivity policy-based-routes create
gcloud network-connectivity policy-based-routes create
Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License , and code samples are licensed under the Apache 2.0 License . For details, see the Google Developers Site Policies . Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2026-05-27 UTC.
