- NAME
-
- gcloud alpha compute org-security-policies rules update - update a Compute Engine security policy rule
- SYNOPSIS
-
-
gcloud alpha compute org-security-policies rules updatePRIORITY--security-policy=SECURITY_POLICY[--action=ACTION] [--description=DESCRIPTION] [--dest-ip-ranges=[DEST_IP_RANGE,…]] [--dest-ports=[DEST_PORTS,…]] [--direction=DIRECTION] [--[no-]enable-logging] [--layer4-configs=[LAYER4_CONFIG,…]] [--new-priority=NEW_PRIORITY] [--organization=ORGANIZATION] [--src-ip-ranges=[SRC_IP_RANGE,…]] [--target-resources=[TARGET_RESOURCES,…]] [--target-service-accounts=[TARGET_SERVICE_ACCOUNTS,…]] [GCLOUD_WIDE_FLAG …]
-
- DESCRIPTION
-
(ALPHA)gcloud alpha compute org-security-policies rules updateis used to update organization security policy rules. - EXAMPLES
-
To update a rule with priority ``10" in an organization security policy with ID
``123456789" to change the action to ``allow" and description to
``new-example-rule", run:
gcloud alpha compute org-security-policies rules update create 10 --security-policy=123456789 --action=allow --description=new-example-rule - POSITIONAL ARGUMENTS
-
PRIORITY- Priority of the security policy rule to update.
- REQUIRED FLAGS
-
--security-policy=SECURITY_POLICY- Display name of the security policy into which the rule should be updated.
- OPTIONAL FLAGS
-
--action=ACTION-
Action to take if the request matches the match condition.
ACTIONmust be one of:allow,deny,goto_next. --description=DESCRIPTION- An optional, textual description for the rule.
--dest-ip-ranges=[DEST_IP_RANGE,…]- Destination IP ranges to match for this rule. Can only be specified if DIRECTION is egress.
--dest-ports=[DEST_PORTS,…]- A list of destination protocols and ports to which the firewall rule will apply.
--direction=DIRECTION-
Direction of the traffic the rule is applied. The default is to apply on
incoming traffic.
DIRECTIONmust be one of:INGRESS,EGRESS. --[no-]enable-logging-
Use this flag to enable logging of connections that allowed or denied by this
rule. Use
--enable-loggingto enable and--no-enable-loggingto disable. --layer4-configs=[LAYER4_CONFIG,…]- A list of destination protocols and ports to which the firewall rule will apply.
--new-priority=NEW_PRIORITY- New priority for the rule to update. Valid in [0, 65535].
--organization=ORGANIZATION- Organization which the organization security policy belongs to. Must be set if SECURITY_POLICY is display name.
--src-ip-ranges=[SRC_IP_RANGE,…]- Source IP ranges to match for this rule. Can only be specified if DIRECTION is ingress.
--target-resources=[TARGET_RESOURCES,…]- List of URLs of target resources to which the rule is applied.
--target-service-accounts=[TARGET_SERVICE_ACCOUNTS,…]- List of target service accounts for the rule.
- GCLOUD WIDE FLAGS
-
These flags are available to all commands:
--access-token-file,--account,--billing-project,--configuration,--flags-file,--flatten,--format,--help,--impersonate-service-account,--log-http,--project,--quiet,--trace-token,--user-output-enabled,--verbosity.Run
$ gcloud helpfor details. - NOTES
-
This command is currently in alpha and might change without notice. If this
command fails with API permission errors despite specifying the correct project,
you might be trying to access an API with an invitation-only early access
allowlist. This variant is also available:
gcloud beta compute org-security-policies rules update
Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2024-04-23 UTC.