gcloud network-security security-profiles threat-prevention add-override

gcloud network-security security-profiles threat-prevention add-override - add overrides to Threat Prevention Profile

gcloud network-security security-profiles threat-prevention add-override (SECURITY_PROFILE : --location=LOCATION --organization=ORGANIZATION) --action=ACTION (--severities=[SEVERITY_LEVEL,…]     | --threat-ids=[THREAT-ID,…]) [--async] [--update-labels=[KEY=VALUE,…]] [--clear-labels     | --remove-labels=[KEY,…]] [GCLOUD_WIDE_FLAG …]

For more examples, refer to the EXAMPLES section below.

gcloud network-security security-profiles threat-prevention add-override my-security-profile --severities=MEDIUM --action=ALLOW

my-security-profile is the name of the Security Profile in the format organizations/{organizationID}/locations/{location}/securityProfiles/ {security_profile_id} where organizationID is the organization ID to which the changes should apply, location - global specified and security_profile_id the Security Profile Identifier

Security profile resource - Security Profile Name. The arguments in this group can be used to specify the attributes of this resource.

This must be specified.

SECURITY_PROFILE

ID of the security_profile or fully qualified identifier for the security_profile.

To set the security_profile attribute:

• provide the argument security_profile on the command line.

This positional argument must be specified if any of the other arguments in this group are specified.

--location=LOCATION

location of the security_profile - Global.

To set the location attribute:

• provide the argument security_profile on the command line with a fully specified name;
• provide the argument --location on the command line.

--organization=ORGANIZATION

Organization ID to which the changes should apply.

To set the organization attribute:

• provide the argument security_profile on the command line with a fully specified name;
• provide the argument --organization on the command line.

--action=ACTION

Action associated with severity or threat-id. ACTION must be one of: DEFAULT, ALLOW, ALERT, DENY.

Exactly one of these must be specified:

--severities=[SEVERITY_LEVEL,…]

List of comma-separated severities where each value in the list indicates the severity of the threat.

--threat-ids=[THREAT-ID,…]

List of comma-separated threat identifiers where each identifier in the list is a vendor-specified Signature ID representing a threat type.

--async

Return immediately, without waiting for the operation in progress to complete. The default is False.

--update-labels=[KEY=VALUE,…]

List of label KEY=VALUE pairs to update. If a label exists, its value is modified. Otherwise, a new label is created.

Keys must start with a lowercase character and contain only hyphens (-), underscores (_), lowercase characters, and numbers. Values must contain only hyphens (-), underscores (_), lowercase characters, and numbers.

At most one of these can be specified:

--clear-labels

Remove all labels. If --update-labels is also specified then --clear-labels is applied first.

For example, to remove all labels:

gcloud network-security security-profiles threat-prevention add-override --clear-labels

To remove all existing labels and create two new labels, foo and baz:

gcloud network-security security-profiles threat-prevention add-override --clear-labels --update-labels foo=bar,baz=qux

--remove-labels=[KEY,…]

List of label keys to remove. If a label does not exist it is silently ignored. If --update-labels is also specified then --update-labels is applied first.

Run $ gcloud help for details.