gcloud network-security firewall-endpoint-associations update

gcloud network-security firewall-endpoint-associations update - update a Firewall Plus endpoint association

gcloud network-security firewall-endpoint-associations update (FIREWALL_ENDPOINT_ASSOCIATION : --zone=ZONE) [--async] [--max-wait=MAX_WAIT; default="60m"] [--disabled     | --update-labels=[KEY=VALUE,…] --clear-labels     | --remove-labels=[KEY,…] --no-tls-inspection-policy     | [--tls-inspection-policy=TLS_INSPECTION_POLICY : --tls-inspection-policy-project=TLS_INSPECTION_POLICY_PROJECT --tls-inspection-policy-region=TLS_INSPECTION_POLICY_REGION]] [GCLOUD_WIDE_FLAG …]

For more examples, refer to the EXAMPLES section below.

gcloud network-security firewall-endpoint-associations update my-assoc --zone=us-central1-a --project=my-proj --update-labels=k1=v1,k2=v2

To remove labels k3 and k4, run:

gcloud network-security firewall-endpoint-associations update my-assoc --zone=us-central1-a --project=my-proj --remove-labels=k3,k4

To clear all labels from the firewall endpoint association, run:

gcloud network-security firewall-endpoint-associations update my-assoc --zone=us-central1-a --project=my-proj --clear-labels

Firewall endpoint association resource - Firewall Plus. The arguments in this group can be used to specify the attributes of this resource. (NOTE) Some attributes are not given arguments in this group but can be set in other ways.

To set the project attribute:

• provide the argument FIREWALL_ENDPOINT_ASSOCIATION on the command line with a fully specified name;
• provide the argument --project on the command line;
• set the property core/project.

This must be specified.

FIREWALL_ENDPOINT_ASSOCIATION

ID of the firewall endpoint association or fully qualified identifier for the firewall endpoint association.

To set the association-name attribute:

• provide the argument FIREWALL_ENDPOINT_ASSOCIATION on the command line.

This positional argument must be specified if any of the other arguments in this group are specified.

--zone=ZONE

Zone of the firewall endpoint association.

To set the zone attribute:

• provide the argument FIREWALL_ENDPOINT_ASSOCIATION on the command line with a fully specified name;
• provide the argument --zone on the command line.

--async

Return immediately, without waiting for the operation in progress to complete. The default is True. Enabled by default, use --no-async to disable.

--max-wait=MAX_WAIT; default="60m"

Time to synchronously wait for the operation to complete, after which the operation continues asynchronously. Ignored if --no-async isn't specified. See $ gcloud topic datetimes for information on time formats.

At most one of these can be specified:

--disabled

Disable a firewall endpoint association. To enable a disabled association, use:

gcloud network-security firewall-endpoint-associations update MY-ASSOCIATION --no-disabled

--update-labels=[KEY=VALUE,…]

List of label KEY=VALUE pairs to update. If a label exists, its value is modified. Otherwise, a new label is created.

Keys must start with a lowercase character and contain only hyphens (-), underscores (_), lowercase characters, and numbers. Values must contain only hyphens (-), underscores (_), lowercase characters, and numbers.

At most one of these can be specified:

--clear-labels

Remove all labels. If --update-labels is also specified then --clear-labels is applied first.

For example, to remove all labels:

gcloud network-security firewall-endpoint-associations update --clear-labels

To remove all existing labels and create two new labels, foo and baz:

gcloud network-security firewall-endpoint-associations update --clear-labels --update-labels foo=bar,baz=qux

--remove-labels=[KEY,…]

List of label keys to remove. If a label does not exist it is silently ignored. If --update-labels is also specified then --update-labels is applied first.

At most one of these can be specified:

--no-tls-inspection-policy

Remove TLS inspection policy from this association.

TLS Inspection Policy resource - Path to TLS Inspection Policy configuration to use for intercepting TLS-encrypted traffic in this network. The arguments in this group can be used to specify the attributes of this resource.

--tls-inspection-policy=TLS_INSPECTION_POLICY

ID of the TLS Inspection Policy or fully qualified identifier for the TLS Inspection Policy.

To set the tls_inspection_policy attribute:

• provide the argument --tls-inspection-policy on the command line.

This flag argument must be specified if any of the other arguments in this group are specified.

--tls-inspection-policy-project=TLS_INSPECTION_POLICY_PROJECT

Project of the TLS Inspection Policy.

To set the tls-inspection-policy-project attribute:

• provide the argument --tls-inspection-policy on the command line with a fully specified name;
• provide the argument --tls-inspection-policy-project on the command line;
• provide the argument --project on the command line;
• provide the argument FIREWALL_ENDPOINT_ASSOCIATION on the command line with a fully specified name.

--tls-inspection-policy-region=TLS_INSPECTION_POLICY_REGION

Region of the TLS Inspection Policy. NOTE: TLS Inspection Policy needs to be in the same region as Firewall Plus endpoint resource. To set the tls-inspection-policy-region attribute:

• provide the argument --tls-inspection-policy on the command line with a fully specified name;
• provide the argument --tls-inspection-policy-region on the command line.

Run $ gcloud help for details.

gcloud alpha network-security firewall-endpoint-associations update

gcloud beta network-security firewall-endpoint-associations update