- NAME
-
- gcloud alpha compute security-policies update - update a Compute Engine security policy
- SYNOPSIS
-
-
gcloud alpha compute security-policies updateNAME[--ddos-protection=DDOS_PROTECTION] [--description=DESCRIPTION] [--enable-layer7-ddos-defense] [--enable-ml] [--json-custom-content-types=[CONTENT_TYPE,…]] [--json-parsing=JSON_PARSING] [--layer7-ddos-defense-auto-deploy-confidence-threshold=LAYER7_DDOS_DEFENSE_AUTO_DEPLOY_CONFIDENCE_THRESHOLD] [--layer7-ddos-defense-auto-deploy-expiration-sec=LAYER7_DDOS_DEFENSE_AUTO_DEPLOY_EXPIRATION_SEC] [--layer7-ddos-defense-auto-deploy-impacted-baseline-threshold=LAYER7_DDOS_DEFENSE_AUTO_DEPLOY_IMPACTED_BASELINE_THRESHOLD] [--layer7-ddos-defense-auto-deploy-load-threshold=LAYER7_DDOS_DEFENSE_AUTO_DEPLOY_LOAD_THRESHOLD] [--layer7-ddos-defense-rule-visibility=VISIBILITY_TYPE] [--log-level=LOG_LEVEL] [--network-ddos-protection=NETWORK_DDOS_PROTECTION] [--recaptcha-redirect-site-key=RECAPTCHA_REDIRECT_SITE_KEY] [--user-ip-request-headers=[USER_IP_REQUEST_HEADER,…]] [--global|--region=REGION] [GCLOUD_WIDE_FLAG …]
-
- DESCRIPTION
-
(ALPHA)gcloud alpha compute security-policies updateis used to update security policies. - EXAMPLES
-
To update the description run this:
gcloud alpha compute security-policies update SECURITY_POLICY --description='new description' - POSITIONAL ARGUMENTS
-
NAME- Name of the security policy to update.
- FLAGS
-
--ddos-protection=DDOS_PROTECTION-
The DDoS protection level for network load balancing and instances with external
IPs.
DDOS_PROTECTIONmust be one of:STANDARD,ADVANCED,ADVANCED_PREVIEW. --description=DESCRIPTION- An optional, textual description for the security policy.
--enable-layer7-ddos-defense- Whether to enable Cloud Armor Layer 7 DDoS Defense Adaptive Protection.
--enable-ml- Whether to enable Cloud Armor Adaptive Protection
--json-custom-content-types=[CONTENT_TYPE,…]-
A comma-separated list of custom Content-Type header values to apply JSON
parsing for preconfigured WAF rules. Only applicable when JSON parsing is
enabled, like
--json-parsing=STANDARD --json-parsing=JSON_PARSING-
The JSON parsing behavior for this rule. Must be one of the following values:
[DISABLED, STANDARD, STANDARD_WITH_GRAPHQL].
JSON_PARSINGmust be one of:DISABLED,STANDARD,STANDARD_WITH_GRAPHQL. --layer7-ddos-defense-auto-deploy-confidence-threshold=LAYER7_DDOS_DEFENSE_AUTO_DEPLOY_CONFIDENCE_THRESHOLD- Confidence threshold above which Adaptive Protection's auto-deploy takes actions
--layer7-ddos-defense-auto-deploy-expiration-sec=LAYER7_DDOS_DEFENSE_AUTO_DEPLOY_EXPIRATION_SEC- Duration over which Adaptive Protection's auto-deployed actions last
--layer7-ddos-defense-auto-deploy-impacted-baseline-threshold=LAYER7_DDOS_DEFENSE_AUTO_DEPLOY_IMPACTED_BASELINE_THRESHOLD- Impacted baseline threshold below which Adaptive Protection's auto-deploy takes actions
--layer7-ddos-defense-auto-deploy-load-threshold=LAYER7_DDOS_DEFENSE_AUTO_DEPLOY_LOAD_THRESHOLD- Load threshold above which Adaptive Protection's auto-deploy takes actions
--layer7-ddos-defense-rule-visibility=VISIBILITY_TYPE-
The visibility type indicates whether the rules are opaque or transparent.
VISIBILITY_TYPEmust be one of:STANDARD,PREMIUM. --log-level=LOG_LEVEL-
The level of detail to display for WAF logging.
LOG_LEVELmust be one of:NORMAL,VERBOSE. --network-ddos-protection=NETWORK_DDOS_PROTECTION-
The DDoS protection level for network load balancing and instances with external
IPs.
NETWORK_DDOS_PROTECTIONmust be one of:STANDARD,ADVANCED,ADVANCED_PREVIEW. --recaptcha-redirect-site-key=RECAPTCHA_REDIRECT_SITE_KEY-
The reCAPTCHA site key to be used for rules using the
redirectgoogle-recaptcha --user-ip-request-headers=[USER_IP_REQUEST_HEADER,…]- A comma-separated list of request header names to use for resolving the caller's user IP address.
-
At most one of these can be specified:
--global- If set, the security policy is global.
--region=REGION-
Region of the security policy to update. Overrides the default
compute/regionproperty value for this command invocation.
- GCLOUD WIDE FLAGS
-
These flags are available to all commands:
--access-token-file,--account,--billing-project,--configuration,--flags-file,--flatten,--format,--help,--impersonate-service-account,--log-http,--project,--quiet,--trace-token,--user-output-enabled,--verbosity.Run
$ gcloud helpfor details. - NOTES
-
This command is currently in alpha and might change without notice. If this
command fails with API permission errors despite specifying the correct project,
you might be trying to access an API with an invitation-only early access
allowlist. These variants are also available:
gcloud compute security-policies updategcloud beta compute security-policies update
Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2024-06-04 UTC.