gcloud alpha compute instances network-interfaces get-effective-firewalls

NAME
gcloud alpha compute instances network-interfaces get-effective-firewalls - get the effective firewalls on a Compute Engine virtual machine network interface
SYNOPSIS
gcloud alpha compute instances network-interfaces get-effective-firewalls INSTANCE_NAME [NAME …] [--network-interface=NETWORK_INTERFACE; default="nic0"] [--regexp=REGEXP, -r REGEXP] [--zone=ZONE] [--filter=EXPRESSION] [--limit=LIMIT] [--page-size=PAGE_SIZE] [--sort-by=[FIELD,…]] [--uri] [GCLOUD_WIDE_FLAG]
DESCRIPTION
(ALPHA) gcloud alpha compute instances network-interfaces get-effective-firewalls Get the effective firewalls applied on the network interfaces of a Compute Engine virtual machine. For example:
gcloud alpha compute instances network-interfaces  get-effective-firewalls example-instance --zone us-central1-a

gets the effective firewalls applied on the default network interface of a Compute Engine virtual machine "example-instance" in zone us-central1-a

POSITIONAL ARGUMENTS
INSTANCE_NAME
Name of the instance to operate on. For details on valid instance names, refer to the criteria documented under the field 'name' at: https://cloud.google.com/compute/docs/reference/rest/v1/instances
[NAME …]
(DEPRECATED) If provided, show details for the specified names and/or URIs of resources.

Argument NAME is deprecated. Use --filter="name=( 'NAME' … )" instead.

FLAGS
--network-interface=NETWORK_INTERFACE; default="nic0"
The name of the network interface to get the effective firewalls.
--regexp=REGEXP, -r REGEXP
(DEPRECATED) Regular expression to filter the names of the results on. Any names that do not match the entire regular expression will be filtered out.

Flag --regexp is deprecated. Use --filter="name~'REGEXP'" instead.

--zone=ZONE
Zone of the instance to operate on. If not specified, the user may be prompted to select a zone. gcloud will attempt to identify the zone by searching for resources in the user's project. If the zone cannot be determined, the user will then be prompted with all Google Cloud Platform zones.

To avoid prompting when this flag is omitted, the user can set the compute/zone property:

gcloud config set compute/zone ZONE

A list of zones can be fetched by running:

gcloud compute zones list

To unset the property, run:

gcloud config unset compute/zone

Alternatively, the zone can be stored in the environment variable CLOUDSDK_COMPUTE_ZONE.

LIST COMMAND FLAGS
--filter=EXPRESSION
Apply a Boolean filter EXPRESSION to each resource item to be listed. If the expression evaluates True, then that item is listed. For more details and examples of filter expressions, run $ gcloud topic filters. This flag interacts with other flags that are applied in this order: --flatten, --sort-by, --filter, --limit.
--limit=LIMIT
Maximum number of resources to list. The default is unlimited. This flag interacts with other flags that are applied in this order: --flatten, --sort-by, --filter, --limit.
--page-size=PAGE_SIZE
Some services group resource list output into pages. This flag specifies the maximum number of resources per page. The default is determined by the service if it supports paging, otherwise it is unlimited (no paging). Paging may be applied before or after --filter and --limit depending on the service.
--sort-by=[FIELD,…]
Comma-separated list of resource field key names to sort by. The default order is ascending. Prefix a field with ``~´´ for descending order on that field. This flag interacts with other flags that are applied in this order: --flatten, --sort-by, --filter, --limit.
--uri
Print a list of resource URIs instead of the default output.
GCLOUD WIDE FLAGS
These flags are available to all commands: --account, --billing-project, --configuration, --flags-file, --flatten, --format, --help, --impersonate-service-account, --log-http, --project, --quiet, --trace-token, --user-output-enabled, --verbosity.

Run $ gcloud help for details.

EXAMPLES
To get the effective firewalls of instance with name example-instance, run:
gcloud alpha compute instances network-interfaces  get-effective-firewalls example-instance,

To show all fields of the firewall rules, please show in JSON format with option --format=json

To see more firewall rule fields in table format, run the following for "example-instance":

gcloud alpha compute instances network-interfaces  get-effective-firewalls example-instance --format="table(
    type,
    security_policy_id,
    priority,
    action,
    direction,
    ip_ranges.list():label=IP_RANGES,
    target_svc_acct,
    enableLogging,
    description,
    name,
    disabled,
    target_tags,
    src_svc_acct,
    src_tags,
    ruleTupleCount,
    targetResources:label=TARGET_RESOURCES)"
NOTES
This command is currently in ALPHA and may change without notice. If this command fails with API permission errors despite specifying the right project, you may be trying to access an API with an invitation-only early access allowlist. This variant is also available:
gcloud beta compute instances network-interfaces  get-effective-firewalls