File: //snap/google-cloud-cli/current/lib/surface/recaptcha/keys/create.yaml
- release_tracks: [ALPHA, GA]
help_text:
brief: Create a Key.
description: Create a reCAPTCHA Key.
examples: |
To create a new reCAPTCHA key for websites showing no CAPTCHA challenge, run:
$ {command} --display-name=test-key-name --web --allow-all-domains --integration-type=score
request:
collection: recaptchaenterprise.projects.keys
modify_request_hooks:
- googlecloudsdk.command_lib.recaptcha.hooks:SanitizePlatformSettings
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.recaptcha.resources:project
is_parent_resource: true
help_text: |
The reCAPTCHA Key to create.
params:
- arg_name: display-name
required: true
api_field: googleCloudRecaptchaenterpriseV1Key.displayName
help_text: |
A human-readable name for the key. Typically a site or app name.
- arg_name: testing-score
api_field: googleCloudRecaptchaenterpriseV1Key.testingOptions.testingScore
help_text: |
If set, all assessments for this key will return this score. Must be between 0
(likely not legitimate) and 1 (likely legitimate) inclusive.
- group:
help_text: |
Options for the creation of a WAF-enabled key. For more information, please refer to
https://cloud.google.com/recaptcha-enterprise/docs/integration-overview.
params:
- arg_name: waf-service
required: true
api_field: googleCloudRecaptchaenterpriseV1Key.wafSettings.wafService
help_text: |
The WAF service provider to use.
choices:
- enum_value: CA
arg_value: ca
help_text: |
Cloud Armor
- enum_value: FASTLY
arg_value: fastly
help_text: |
Fastly
- enum_value: CLOUDFLARE
arg_value: cloudflare
help_text: |
Cloudflare
- enum_value: AKAMAI
arg_value: akamai
help_text: |
Akamai
- arg_name: waf-feature
required: false
api_field: googleCloudRecaptchaenterpriseV1Key.wafSettings.wafFeature
help_text: |
The WAF feature to use. For more information, see
https://cloud.google.com/recaptcha-enterprise/docs/usecase#comparison_of_features.
choices:
- enum_value: CHALLENGE_PAGE
arg_value: challenge-page
help_text: |
Redirects suspicious traffic to reCAPTCHA challenge page.
- enum_value: ACTION_TOKEN
arg_value: action-token
help_text: |
Use reCAPTCHA action-tokens to protect user actions.
- enum_value: SESSION_TOKEN
arg_value: session-token
help_text: |
Use reCAPTCHA session-tokens to protect the whole user session on the
site's domain.
- enum_value: EXPRESS
arg_value: express
help_text: |
Assesses requests without tokens or frontend integration. This option is deprecated, use --express instead.
- group:
mutex: true
required: true
params:
- group:
help_text: |
Options for the creation of a site key for web.
params:
- arg_name: web
required: true
type: bool
help_text: |
Creates a Key configured for websites.
- arg_name: allow-amp-traffic
api_field: googleCloudRecaptchaenterpriseV1Key.webSettings.allowAmpTraffic
help_text: |
Whether this key can be used on AMP (Accelerated Mobile Pages) websites.
- group:
mutex: true
required: true
params:
- arg_name: allow-all-domains
api_field: googleCloudRecaptchaenterpriseV1Key.webSettings.allowAllDomains
help_text: |
If set, domain name enforcement will NOT be enabled on this key.
- arg_name: domains
api_field: googleCloudRecaptchaenterpriseV1Key.webSettings.allowedDomains
help_text: |
Domains or subdomains of websites allowed to use the key. All subdomains of an
allowed domain are automatically allowed. A valid domain requires a host and must
not include any path, port, query or fragment.
Examples of valid domains:
'example.com'
'subdomain.example.com'
- arg_name: integration-type
api_field: googleCloudRecaptchaenterpriseV1Key.webSettings.integrationType
help_text: |
Configures how reCAPTCHA will operate on your site. This only applies to 'web'
platform.
choices:
- enum_value: SCORE
arg_value: score
help_text: |
Shows no CAPTCHA challenge on the page
- enum_value: CHECKBOX
arg_value: checkbox
help_text: |
Renders the classic "I'm not a robot" checkbox, and a captcha challenge
for low scoring events
- enum_value: INVISIBLE
arg_value: invisible
help_text: |
Does not display the "I'm not a robot" checkbox, but may show CAPTCHA
challenges after risk analysis
- enum_value: POLICY_BASED_CHALLENGE
arg_value: policy-based-challenge
help_text: |
Conditionally displays a challenge based on the score
- arg_name: security-preference
api_field: googleCloudRecaptchaenterpriseV1Key.webSettings.challengeSecurityPreference
help_text: |
Represents the possible challenge frequency and difficulty configurations for a web
key.
usability: show fewer and easier challenges.
balance: show balanced (in amount and difficulty) challenges.
security: show more and harder challenges.
- group:
help_text: |
Configure if you want to use the POLICY_BASED_CHALLENGE option.
required: false
params:
- arg_name: default-score-threshold
type: float
required: true
api_field: googleCloudRecaptchaenterpriseV1Key.webSettings.challengeSettings.defaultSettings.scoreThreshold
help_text: |
The global threshold to be used for POLICY_BASED_CHALLENGE if no action specific one exists.
- arg_name: action-score-thresholds
api_field: googleCloudRecaptchaenterpriseV1Key.webSettings.challengeSettings.actionSettings
help_text: |
The action to score threshold used for POLICY_BASED_CHALLENGE. For example:
--action-score-thresholds=login='{"scoreThreshold": "0.3"}',signup='{"scoreThreshold": "0.1"}'
or --action-score-thresholds=file_path.(json|yaml)
required: false
repeated: true
type: arg_object
- arg_name: testing-challenge
api_field: googleCloudRecaptchaenterpriseV1Key.testingOptions.testingChallenge
help_text: |
For CHECKBOX and INVISIBLE Keys only, this option configures
whether challenges will be issued for execute requests.
choices:
- enum_value: NOCAPTCHA
arg_value: nocaptcha
help_text: |
Execute requests for this key will always return nocaptcha.
- enum_value: UNSOLVABLE_CHALLENGE
arg_value: challenge
help_text: |
Execute requests for this key will always return an unsolvable
challenge consisting of a message about this testing key.
- group:
help_text: |
Options for the creation of a site key for iOS.
params:
- arg_name: ios
required: true
type: bool
help_text: |
Creates a Key configured for iOS devices.
- group:
mutex: true
required: true
params:
- arg_name: allow-all-bundle-ids
api_field: googleCloudRecaptchaenterpriseV1Key.iosSettings.allowAllBundleIds
help_text: |
If set, bundle id enforcement will NOT be enabled on this key.
- arg_name: bundle-ids
api_field: googleCloudRecaptchaenterpriseV1Key.iosSettings.allowedBundleIds
help_text: |
iOS bundle ids of apps allowed to use the key.
Example of a valid bundle id:
'com.companyname.productname.appname'
- group:
required: false
help_text: |
Fields that are required to perform Apple-specific integrity checks (recommended
for iOS keys).
params:
- arg_name: private-key-file
api_field: googleCloudRecaptchaenterpriseV1Key.iosSettings.appleDeveloperId.privateKey
required: true
type: "googlecloudsdk.calliope.arg_parsers:FileContents:"
help_text: |
File path to a private key (downloaded as a text file with a .p8 file extension)
generated for your Apple Developer account. Ensure that DeviceCheck is
enabled for the private key.
- arg_name: key-id
api_field: googleCloudRecaptchaenterpriseV1Key.iosSettings.appleDeveloperId.keyId
required: true
help_text: The Apple developer key ID (10-character string).
- arg_name: team-id
api_field: googleCloudRecaptchaenterpriseV1Key.iosSettings.appleDeveloperId.teamId
required: true
help_text: |
The Apple team ID (10-character string) owning the provisioning profile
used to build your application.
- group:
help_text: |
Options for the creation of a site key for Android.
params:
- arg_name: android
required: true
type: bool
help_text: |
Creates a Key configured for Android devices.
- arg_name: support-non-google-app-store-distribution
api_field:
googleCloudRecaptchaenterpriseV1Key.androidSettings.supportNonGoogleAppStoreDistribution
help_text: |
If set, this key can be used in an Android application that is
available for download in app stores other than the Google Play Store.
This setting allows your key to accept traffic from devices without Google
Mobile Services (GMS) installed.
- group:
mutex: true
required: true
params:
- arg_name: allow-all-package-names
api_field: googleCloudRecaptchaenterpriseV1Key.androidSettings.allowAllPackageNames
help_text: |
If set, package name enforcement will NOT be enabled on this key.
- arg_name: package-names
api_field: googleCloudRecaptchaenterpriseV1Key.androidSettings.allowedPackageNames
help_text: |
Android package names of apps allowed to use the key.
Example of a valid package name:
'com.companyname.appname'
- group:
help_text: |
Options for the creation of a site key for Express.
params:
- arg_name: express
required: true
type: bool
help_text: |
Creates a Key configured for Express assessments.
labels:
api_field: googleCloudRecaptchaenterpriseV1Key.labels