- NAME
-
- gcloud alpha managed-kafka clusters create - create a Managed Service for Apache Kafka cluster
- SYNOPSIS
-
-
gcloud alpha managed-kafka clusters create
(CLUSTER
:--location
=LOCATION
)--cpu
=CPU
--memory
=MEMORY
--subnets
=[SUBNETS
,…] [--async
] [--no-auto-rebalance
] [--encryption-key
=ENCRYPTION_KEY
] [--labels
=[KEY
=VALUE
,…]] [--mtls-ca-pools
=[MTLS_CA_POOLS
,…]] [--ssl-principal-mapping-rules
=SSL_PRINCIPAL_MAPPING_RULES
] [GCLOUD_WIDE_FLAG …
]
-
- DESCRIPTION
-
(ALPHA)
Create a Managed Service for Apache Kafka cluster. - EXAMPLES
-
To create a cluster, run the following:
gcloud alpha managed-kafka clusters create mycluster --location=us-central1 --cpu=3 --memory=3GiB --subnets=projects/PROJECT_ID/regions/us-central1/subnetworks/default
- POSITIONAL ARGUMENTS
-
-
Cluster resource - Identifies the cluster for which the command runs. The
arguments in this group can be used to specify the attributes of this resource.
(NOTE) Some attributes are not given arguments in this group but can be set in
other ways.
To set the
project
attribute:-
provide the argument
cluster
on the command line with a fully specified name; -
provide the argument
--project
on the command line; -
set the property
core/project
.
This must be specified.
CLUSTER
-
ID of the cluster or fully qualified identifier for the cluster.
To set the
cluster
attribute:-
provide the argument
cluster
on the command line.
This positional argument must be specified if any of the other arguments in this group are specified.
-
provide the argument
--location
=LOCATION
-
ID of the location of the Managed Service for Apache Kafka resource. See https://cloud.google.com/managed-service-for-apache-kafka/docs/locations
for a list of supported locations.
To set the
location
attribute:-
provide the argument
cluster
on the command line with a fully specified name; -
provide the argument
--location
on the command line.
-
provide the argument
-
provide the argument
-
Cluster resource - Identifies the cluster for which the command runs. The
arguments in this group can be used to specify the attributes of this resource.
(NOTE) Some attributes are not given arguments in this group but can be set in
other ways.
- REQUIRED FLAGS
-
--cpu
=CPU
- The number of vCPUs to provision for the cluster. The minimum is 3.
--memory
=MEMORY
- The memory to provision for the cluster in bytes. The value must be between 1 GiB and 8 GiB per vCPU. Ex. 1024Mi, 4Gi.
--subnets
=[SUBNETS
,…]-
A comma-separated list of VPC subnets from which the cluster is accessible. Both
broker and bootstrap server IP addresses and DNS entries are automatically
created in each subnet. Only one subnet per network is allowed, and the subnet
must be located in the same region as the cluster. The project may differ. A
minimum of 1 subnet is required. A maximum of 10 subnets can be specified. Use
commas to separate multiple subnets. The name of the subnet must be in the
format
projects/
/regions/PROJECT_ID
/subnetworks/REGION
.SUBNET
- OPTIONAL FLAGS
-
--async
- Return immediately, without waiting for the operation in progress to complete.
--auto-rebalance
-
Whether the automatic rebalancing is enabled. If automatic rebalancing is
enabled, topic partitions are rebalanced among brokers when the number of CPUs
in the cluster changes. Automatic rebalancing is enabled by default. Use
--no-auto-rebalance to disable this flag. Enabled by default, use
--no-auto-rebalance
to disable. --encryption-key
=ENCRYPTION_KEY
-
The relative resource path of the Cloud KMS key to use for encryption in the
form:
projects/
/locations/PROJECT_ID
/keyRings/LOCATION
/cryptoKeys/KEY_RING
. The key must be located in the same region as the cluster. The key cannot be changed once set.KEY
--labels
=[KEY
=VALUE
,…]-
List of label KEY=VALUE pairs to add. Keys must start with a lowercase character
and contain only hyphens (
-
), underscores (_
), lowercase characters, and numbers. Values must contain only hyphens (-
), underscores (_
), lowercase characters, and numbers. --mtls-ca-pools
=[MTLS_CA_POOLS
,…]-
A comma-separated list of CA pools from the Google Cloud Certificate Authority
Service. The root certificates of these CA pools will be installed in the
truststore of each broker in the cluster for use with mTLS. A maximum of 10 CA
pools can be specified. CA pools can be in a different project and region than
the cluster. Each CA pool must be in the format
projects/
/locations/PROJECT_ID
/caPools/LOCATION
.CA_POOL
--ssl-principal-mapping-rules
=SSL_PRINCIPAL_MAPPING_RULES
-
The rules for mapping mTLS certificate Distinguished Names (DNs) to shortened
principal names for Kafka ACLs. This flag corresponds exactly to the
ssl.principal.mapping.rules
broker config and matches the format and syntax defined in the Apache Kafka documentation. Setting or modifying this field will trigger a rolling restart of the Kafka brokers to apply the change. An empty string means that the default Kafka behavior is used. Example: "RULE:^CN=(.?),OU=ServiceUsers.
$/$1@example.com/,DEFAULT"
- GCLOUD WIDE FLAGS
-
These flags are available to all commands:
--access-token-file
,--account
,--billing-project
,--configuration
,--flags-file
,--flatten
,--format
,--help
,--impersonate-service-account
,--log-http
,--project
,--quiet
,--trace-token
,--user-output-enabled
,--verbosity
.Run
$ gcloud help
for details. - API REFERENCE
-
This command uses the
managedkafka/v1
API. The full documentation for this API can be found at: https://cloud.google.com/managed-service-for-apache-kafka/docs - NOTES
-
This command is currently in alpha and might change without notice. If this
command fails with API permission errors despite specifying the correct project,
you might be trying to access an API with an invitation-only early access
allowlist. These variants are also available:
gcloud managed-kafka clusters create
gcloud beta managed-kafka clusters create
gcloud alpha managed-kafka clusters create
Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2025-06-03 UTC.