gcloud alpha access-context-manager perimeters update-dry-run-config

NAME
gcloud alpha access-context-manager perimeters update-dry-run-config - update the dry-run config for an existing Service Perimeter
SYNOPSIS
gcloud alpha access-context-manager perimeters update-dry-run-config (PERIMETER : --policy=POLICY) [--clear     | --add-access-levels=[LEVEL,…]     | --clear-access-levels     | --remove-access-levels=[LEVEL,…] --add-resources=[RESOURCES,…]     | --clear-resources     | --remove-resources=[RESOURCES,…] --add-restricted-services=[SERVICE,…]     | --clear-restricted-services     | --remove-restricted-services=[SERVICE,…] --enable-vpc-accessible-services --add-vpc-allowed-services=[VPC_SERVICE,…]     | --clear-vpc-allowed-services     | --remove-vpc-allowed-services=[VPC_SERVICE,…]] [GCLOUD_WIDE_FLAG]
DESCRIPTION
(ALPHA) gcloud alpha access-context-manager perimeters update-dry-run-config updates the dry run config (spec) on the service perimeter resource. The dry run config will not be enforced, but will be dry run. This allows for testing the config before rolling it out.

Note: The dry_run field will be set to true unless the --clear flag is specified, in which case all dry run config values will be removed.

For more information, see: https://cloud.google.com/access-context-manager/docs/reference/rest/v1alpha/accessPolicies.servicePerimeters

POSITIONAL ARGUMENTS
Perimeter resource - The service perimeter to update. The arguments in this group can be used to specify the attributes of this resource. This must be specified.
PERIMETER
ID of the perimeter or fully qualified identifier for the perimeter. This positional must be specified if any of the other arguments in this group are specified.
--policy=POLICY
The ID of the access policy.
FLAGS
At most one of these may be specified:
--clear
If set, clear all dry run config values on the perimeter and set dry_run to false.
These flags modify the member access levels of this perimeter. An intra-perimeter request must satisfy these access levels (for example, MY_LEVEL; must be in the same access policy as this perimeter) to be allowed. At most one of these may be specified:
--add-access-levels=[LEVEL,…]
Append the given values to the current access levels.
--clear-access-levels
Empty the current access levels.
--remove-access-levels=[LEVEL,…]
Remove the given values from the current access levels.
These flags modify the member resources of this perimeter. Resources must be projects, in the form projects/<projectnumber>. At most one of these may be specified:
--add-resources=[RESOURCES,…]
Append the given values to the current resources.
--clear-resources
Empty the current resources.
--remove-resources=[RESOURCES,…]
Remove the given values from the current resources.
These flags modify the member restricted services of this perimeter. The perimeter boundary DOES apply to these services (for example, storage.googleapis.com). At most one of these may be specified:
--add-restricted-services=[SERVICE,…]
Append the given values to the current restricted services.
--clear-restricted-services
Empty the current restricted services.
--remove-restricted-services=[SERVICE,…]
Remove the given values from the current restricted services.
--enable-vpc-accessible-services
When specified restrict API calls within the Service Perimeter to the set of vpc allowed services. To disable use '--no-enable-vpc-accessible-services'.
These flags modify the member vpc allowed services of this perimeter. Services allowed to be called within the Perimeter when VPC Accessible Services is enabled At most one of these may be specified:
--add-vpc-allowed-services=[VPC_SERVICE,…]
Append the given values to the current vpc allowed services.
--clear-vpc-allowed-services
Empty the current vpc allowed services.
--remove-vpc-allowed-services=[VPC_SERVICE,…]
Remove the given values from the current vpc allowed services.
GCLOUD WIDE FLAGS
These flags are available to all commands: --account, --billing-project, --configuration, --flags-file, --flatten, --format, --help, --impersonate-service-account, --log-http, --project, --quiet, --trace-token, --user-output-enabled, --verbosity.

Run $ gcloud help for details.

NOTES
This command is currently in ALPHA and may change without notice. If this command fails with API permission errors despite specifying the right project, you may be trying to access an API with an invitation-only early access whitelist.