aherman
/
boundary
mirror of https://github.com/hashicorp/boundary
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'e504988fd8'
${ noResults }
boundary/website/content/docs/commands/targets/create.mdx

193 lines
8.3 KiB
Raw Blame History

---
layout: docs
page_title: targets create - Command
description: >-
The "targets create" command creates a new target resource.
---
⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️
> [!IMPORTANT]
> **Documentation Update:** Product documentation previously located in `/website` has moved to the [`hashicorp/web-unified-docs`](https://github.com/hashicorp/web-unified-docs) repository, where all product documentation is now centralized. Please make contributions directly to `web-unified-docs`, since changes to `/website` in this repository will not appear on developer.hashicorp.com.
⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️
# targets create
Command: `targets create`
The `targets create` command lets you create a new target.
## Example
This example creates a TCP target with the name `prodops` and the description `For ProdOps usage`:
```shell-session
$ boundary targets create tcp -name prodops -description "For ProdOps usage"
```
## Usage
<CodeBlockConfig hideClipboard>
```shell-session
$ boundary targets create [type] [sub command] [options] [args]
Please see the typed subcommand help for detailed usage information.
Subcommands:
rdp Create an rdp-type target (HCP & Boundary Enterprise only)
ssh Create a ssh-type target (HCP & Boundary Enterprise only)
tcp Create a tcp-type target
```
</CodeBlockConfig>
### Usages by type
You can create RDP, SSH, or TCP targets.
<Tabs>
<Tab heading="RDP">
The `targets create rdp` command lets you create RDP targets.
#### Example
This example creates an RDP target with the name `admindc` and the description `RDP target for Admin Domain Controller`:
```shell-session
$ boundary targets create rdp -name admindc -description "RDP target for Admin Domain Controller"
```
#### Usage
<CodeBlockConfig hideClipboard>
```shell-session
$ boundary targets create rdp [options] [args]
```
</CodeBlockConfig>
#### RDP target options
- `-address=<string>` - An optional valid network address for the target to connect to.
You cannot use an address alongside host sources.
If you set a target address for RDP targets that use Kerberos authentication, use the target's hostname and append the domain to it, for example `target-hostname.mydomain.com`. For RDP targets that use NTLM authentication, set the target address to the target's IP address.
- `-default-client-port=<string>` - The default client port on the target.
- `-default-port=<string>` - The default port on the target.
Due to a port conflict on modern Windows operating systems (Windows 11+, Windows Server 2025), transparent sessions cannot use the default RDP port `3389`.
You must configure a custom port to use transparent sessions with RDP targets.
Refer to [Using transparent sessions with RDP on Windows](/boundary/docs/credentials/rdp-testing-and-compatibility-matrix#using-transparent-sessions-with-rdp-on-windows) for more information about configuring a custom port for transparent sessions.
- `-egress-worker-filter=<string>` - A Boolean expression that filters which egress workers can process sessions for the target.
- `-ingress-worker-filter=<string>` - A Boolean expression that filters which ingress workers can process sessions for the target.
- `-session-connection-limit=<string>` - The maximum number of connections allowed for a session.
A value of `-1` means the connections are unlimited.
- `-session-max-seconds=<string>` - The maximum lifetime of the session, including all connections.
You can specify an integer number of seconds or a duration string.
If you do not specfiy a maximum duration, Boundary uses the default value of 8 hours (28800 seconds).
- `-with-alias-authorize-session-host-id=<string>` - The host ID that an alias uses to authorize sessions for the target.
- `-with-alias-scope-id=<string>` - The scope ID that you want to create the target and alias in.
The default is `global`.
At this time, aliases are only supported for the global scope.
- `-with-alias-value=<string>` - The value of the alias that you want to use to represent the target.
Use this parameter to create the alias and target, and associate them with each other, at the same time.
</Tab>
<Tab heading="SSH">
The `targets create ssh` command lets you create SSH targets.
#### Example
This example creates an SSH target with the name `prodops` and the description `SSH target for ProdOps`:
```shell-session
$ boundary targets create ssh -name prodops -description "SSH target for ProdOps"
```
#### Usage
<CodeBlockConfig hideClipboard>
```shell-session
$ boundary targets create ssh [options] [args]
```
</CodeBlockConfig>
#### SSH target options
- `-address=<string>` - An optional valid network address for the target to connect to.
You cannot use an address alongside host sources.
- `-default-client-port=<string>` - The default client port on the target.
- `-default-port=<string>` - The default port on the target.
If you do not specify a default port, Boundary uses port 22.
- `-egress-worker-filter=<string>` - A Boolean expression that filters which egress workers can process sessions for the target.
- `-enable-session-recording=<string>` - A Boolean expression you can use to enable session recording for the target.
- `-ingress-worker-filter=<string>` - A Boolean expression that filters which ingress workers can process sessions for the target.
- `-session-connection-limit=<string>` - The maximum number of connections allowed for a session.
A value of `-1` means the connections are unlimited.
- `-session-max-seconds=<string>` - The maximum lifetime of the session, including all connections.
You can specify an integer number of seconds or a duration string.
If you do not specfiy a maximum duration, Boundary uses the default value of 8 hours (28800 seconds).
- `-storage-bucket-id=<string>` - The public ID of the storage bucket to associate with the target.
- `-with-alias-authorize-session-host-id=<string>` - The host ID that an alias uses to authorize sessions for the target.
- `-with-alias-scope-id=<string>` - The scope ID that you want to create the target and alias in.
The default is `global`.
At this time, aliases are only supported for the global scope.
- `-with-alias-value=<string>` - The value of the alias that you want to use to represent the target.
Use this parameter to create the alias and target, and associate them with each other, at the same time.
</Tab>
<Tab heading="TCP">
The `targets create tcp` command lets you create TCP targets.
#### Example
This example creates a TCP target with the name `prodops` and the description `TCP target for ProdOps`:
```shell-session
$ boundary targets create tcp -name prodops -description "TCP target for ProdOps"
```
#### Usage
<CodeBlockConfig hideClipboard>
```shell-session
$ boundary targets create tcp [options] [args]
```
</CodeBlockConfig>
#### TCP target options
- `-address=<string>` - An optional valid network address for the target to connect to.
You cannot use an address alongside host sources.
- `-default-client-port=<string>` - The default client port on the target.
- `-default-port=<string>` - The default port on the target.
If you do not specify a default port, Boundary uses port 22.
- `-egress-worker-filter=<string>` - A Boolean expression that filters which egress workers can process sessions for the target.
- `-ingress-worker-filter=<string>` - A Boolean expression that filters which ingress workers can process sessions for the target.
- `-session-connection-limit=<string>` - The maximum number of connections allowed for a session.
A value of `-1` means the connections are unlimited.
- `-session-max-seconds=<string>` - The maximum lifetime of the session, including all connections.
You can specify an integer number of seconds or a duration string.
If you do not specfiy a maximum duration, Boundary uses the default value of 8 hours (28800 seconds).
- `-with-alias-authorize-session-host-id=<string>` - The host ID that an alias uses to authorize sessions for the target.
- `-with-alias-scope-id=<string>` - The scope ID that you want to create the alias in at target creation time.
The default is `global`.
At this time, aliases are only supported for the global scope.
- `-with-alias-value=<string>` - The value of the alias that you want to use to represent the target.
Use this parameter to create the alias and target, and associate them with each other, at the same time.
</Tab>
</Tabs>
@include 'cmd-option-note.mdx'
Reference in new issue View Git Blame Copy Permalink