To update the source project of an existing ingress PNP from project1 to project2, run:
gdcloud network project-network-policies update example-policy \
--policyType Ingress \
--source-projects project2
To update the source project of an existing ingress rule from project1 to all projects, run:
gdcloud network project-network-policies update example-policy \
--policyType Ingress \
--source-projects ""
To change the policy of a rule from ingress to egress, run:
gdcloud network project-network-policy update example-policy \
--policyType Egress \
--destination-projects project2 \
--layer4-configs "tcp:80, tcp:81"
可选标志
--destination-cidrs string CIDR block to allow traffic to. Can only be specified if policy-type is Egress. (default "unetDef@123")
--destination-projects string Name of the destination project in the organization to allow traffic to. If not specified or empty, traffic to all project workloads will be allowed. Can only be specified if policy-type is Egress. (default "unetDef@123")
--layer4-configs strings List of comma-separated protocol and port combinations (protocol:port) to which the policy applies. Set to "protocol" if you want to allow all ports for a specific protocol. Set to "all" to make the policy applicable to all ports and protocols. Cannot be specified if 'target-managed-services' is not empty.'
--policyType string Direction of the traffic for which you want to specify the policy. Supported values are "Ingress" and "Egress". Defaults to "Ingress" if not specified. (default "unetDef@123")
--source-cidrs string CIDR block to allow traffic from. Can only be specified if policy-type is Ingress. (default "unetDef@123")
--source-projects string Name of the source project in the organization to allow traffic from. If not specified or empty, traffic from all project workloads will be allowed. Can only be specified if policy-type is Ingress. (default "unetDef@123")
--target-managed-services string Name of the managed service to apply this policy on. Omit this field if you want to target all user workloads within the project. Defaults to all user workloads if not specified. (default "unetDef@123")
[[["易于理解","easyToUnderstand","thumb-up"],["解决了我的问题","solvedMyProblem","thumb-up"],["其他","otherUp","thumb-up"]],[["很难理解","hardToUnderstand","thumb-down"],["信息或示例代码不正确","incorrectInformationOrSampleCode","thumb-down"],["没有我需要的信息/示例","missingTheInformationSamplesINeed","thumb-down"],["翻译问题","translationIssue","thumb-down"],["其他","otherDown","thumb-down"]],["最后更新时间 (UTC):2025-09-04。"],[[["\u003cp\u003eThe \u003ccode\u003egdcloud network project-network-policies update\u003c/code\u003e command modifies existing project network policies, which are rules that control traffic flow.\u003c/p\u003e\n"],["\u003cp\u003eYou can update the direction of traffic with the \u003ccode\u003e--policyType\u003c/code\u003e flag, specifying either "Ingress" for incoming traffic or "Egress" for outgoing traffic.\u003c/p\u003e\n"],["\u003cp\u003eFor ingress traffic, the \u003ccode\u003e--source-projects\u003c/code\u003e or \u003ccode\u003e--source-cidrs\u003c/code\u003e flags can be used to define allowed source projects or CIDR blocks.\u003c/p\u003e\n"],["\u003cp\u003eFor egress traffic, the \u003ccode\u003e--destination-projects\u003c/code\u003e or \u003ccode\u003e--destination-cidrs\u003c/code\u003e flags are used to specify allowed destination projects or CIDR blocks.\u003c/p\u003e\n"],["\u003cp\u003eThe \u003ccode\u003e--layer4-configs\u003c/code\u003e flag allows for the configuration of specific protocols and ports to which the policy applies, or the use of "all" for all ports and protocols.\u003c/p\u003e\n"]]],[],null,["# gdcloud network project-network-policies update\n\nNAME\n----\n\ngdcloud network project-network-policies update - Update project network policies.\n\nSYNOPSIS\n--------\n\n gdcloud network project-network-policies update POLICY_NAME [flags]\n\n### EXAMPLES\n\n To update the source project of an existing ingress PNP from project1 to project2, run:\n\n gdcloud network project-network-policies update example-policy \\\n --policyType Ingress \\\n --source-projects project2\n\n To update the source project of an existing ingress rule from project1 to all projects, run:\n\n gdcloud network project-network-policies update example-policy \\\n --policyType Ingress \\\n --source-projects \"\"\n\n To change the policy of a rule from ingress to egress, run:\n\n gdcloud network project-network-policy update example-policy \\\n --policyType Egress \\\n --destination-projects project2 \\\n --layer4-configs \"tcp:80, tcp:81\"\n\n### OPTIONAL FLAGS\n\n --destination-cidrs string CIDR block to allow traffic to. Can only be specified if policy-type is Egress. (default \"unetDef@123\")\n --destination-projects string Name of the destination project in the organization to allow traffic to. If not specified or empty, traffic to all project workloads will be allowed. Can only be specified if policy-type is Egress. (default \"unetDef@123\")\n --layer4-configs strings List of comma-separated protocol and port combinations (protocol:port) to which the policy applies. Set to \"protocol\" if you want to allow all ports for a specific protocol. Set to \"all\" to make the policy applicable to all ports and protocols. Cannot be specified if 'target-managed-services' is not empty.'\n --policyType string Direction of the traffic for which you want to specify the policy. Supported values are \"Ingress\" and \"Egress\". Defaults to \"Ingress\" if not specified. (default \"unetDef@123\")\n --source-cidrs string CIDR block to allow traffic from. Can only be specified if policy-type is Ingress. (default \"unetDef@123\")\n --source-projects string Name of the source project in the organization to allow traffic from. If not specified or empty, traffic from all project workloads will be allowed. Can only be specified if policy-type is Ingress. (default \"unetDef@123\")\n --target-managed-services string Name of the managed service to apply this policy on. Omit this field if you want to target all user workloads within the project. Defaults to all user workloads if not specified. (default \"unetDef@123\")\n\n### GDCLOUD WIDE FLAGS\n\nThese flags are available to all commands: `--configuration`, `--format`, `--help`, `--project`, `--quiet`.\n\nFor more information, see the [gdcloud CLI reference overview](/distributed-cloud/hosted/docs/latest/gdch/resources/gdcloud-reference/gdcloud) page."]]
