Command unexpose

Usage: juju unexpose [options] <application name>


Removes public availability over the network for an application.


-B, --no-browser-login (= false)

Do not use web browser for authentication

-m, --model (= "")

Model to operate in. Accepts [<controller name>:]<model name>

--endpoints (= "")

Unexpose only the ports that charms have opened in this comma-delimited list of endpoints


Adjusts the firewall rules and any relevant security mechanisms of the cloud to deny public access to the application.

Applications are unexposed by default when they get created. If exposed via the “juju expose” command, they can be unexposed by running the "juju unexpose"command.

If no additional options are specified, the command will un-expose the application (if exposed). For example, to un-expose the apache2 application, you can run:

juju unexpose apache2

The following option is available since Juju 2.9

The --endpoints option may be used to restrict the effect of this command to the list of ports opened for a comma-delimited list of endpoints. For instance, to only un-expose the ports opened by apache2 for the www endpoint, you can run:

juju unexpose apache2 --endpoints www

Note that when the --endpoints option is provided, the application will still remain exposed if any other of its endpoints are still exposed. However, if none of its endpoints remain exposed, the application will be instead un-exposed.

See also:


Last updated 1 year, 8 months ago.