gdcloud network project-network-policies create

gdcloud network project-network-policies create POLICY_NAME [flags]

To create a new ingress project network policy that targets all user workloads allowing only UDP traffic on Port 53 and 54, run:

    gdcloud network project-network-policies create example-policy \
      --policyType Ingress \
      --layer4-configs 'udp:53, udp:54'

    To create a new egress project network policy that sends UDP traffic to only project 'example-proj-2' on port 53, run:

    gdcloud network project-network-policies create example-policy \
      --policyType Egress \
      --destination-projects example-proj-2 \
      --layer4-configs 'udp:53'

      --destination-cidrs string         CIDR block to allow traffic to. Can only be specified if policy-type is Egress.
      --destination-projects string      Name of the destination project in the organization to allow traffic to. If not specified or empty, traffic to all project workloads will be allowed. Can only be specified if policy-type is Egress.
      --layer4-configs strings           List of comma-separated protocol and port combinations (protocol:port) to which the policy applies. Set to "protocol" if you want to allow all ports for a specific protocol. Set to "all" to make the policy applicable to all ports and protocols. Cannot be specified if 'target-managed-services' is not empty.'
      --policy-type string               Direction of the traffic for which you want to specify the policy. Supported values are "Ingress" and "Egress". Defaults to "Ingress" if not specified.
      --source-cidrs string              CIDR block to allow traffic from. Can only be specified if policy-type is Ingress.
      --source-projects string           Name of the source project in the organization to allow traffic from. If not specified or empty, traffic from all project workloads will be allowed. Can only be specified if policy-type is Ingress.
      --target-managed-services string   Name of the managed service to apply this policy on. Omit this field if you want to target all user workloads within the project. Defaults to all user workloads if not specified.