gcloud network-security security-profiles threat-prevention add-override

NAME
gcloud network-security security-profiles threat-prevention add-override - add overrides to Threat Prevention Profile
SYNOPSIS
gcloud network-security security-profiles threat-prevention add-override (SECURITY_PROFILE : --location=LOCATION --organization=ORGANIZATION) --action=ACTION (--severities=[SEVERITY_LEVEL,…]     | --threat-ids=[THREAT-ID,…]) [--async] [--update-labels=[KEY=VALUE,…]] [--clear-labels     | --remove-labels=[KEY,…]] [GCLOUD_WIDE_FLAG]
DESCRIPTION
Add severities or threat-ids to existing threat prevention profile with intended action on each specified. Check the updates of add-override command by using gcloud network-security security-profiles threat-prevention list-override my-security-profile.

For more examples, refer to the EXAMPLES section below.

EXAMPLES
To add an override, run:
gcloud network-security security-profiles threat-prevention add-override my-security-profile --severities=MEDIUM --action=ALLOW

my-security-profile is the name of the Security Profile in the format organizations/{organizationID}/locations/{location}/securityProfiles/ {security_profile_id} where organizationID is the organization ID to which the changes should apply, location - global specified and security_profile_id the Security Profile Identifier

POSITIONAL ARGUMENTS
Security profile resource - Security Profile Name. The arguments in this group can be used to specify the attributes of this resource.

This must be specified.

SECURITY_PROFILE
ID of the security_profile or fully qualified identifier for the security_profile.

To set the security_profile attribute:

  • provide the argument security_profile on the command line.

This positional argument must be specified if any of the other arguments in this group are specified.

--location=LOCATION
location of the security_profile - Global.

To set the location attribute:

  • provide the argument security_profile on the command line with a fully specified name;
  • provide the argument --location on the command line.
--organization=ORGANIZATION
Organization ID to which the changes should apply.

To set the organization attribute:

  • provide the argument security_profile on the command line with a fully specified name;
  • provide the argument --organization on the command line.
REQUIRED FLAGS
--action=ACTION
Action associated with severity or threat-id. ACTION must be one of: DEFAULT_ACTION, ALLOW, ALERT, DENY.
Exactly one of these must be specified:
--severities=[SEVERITY_LEVEL,…]
List of comma-separated severities where each value in the list indicates the severity of the threat.
--threat-ids=[THREAT-ID,…]
List of comma-separated threat identifiers where each identifier in the list is a vendor-specified Signature ID representing a threat type.
OPTIONAL FLAGS
--async
Return immediately, without waiting for the operation in progress to complete. The default is False.
--update-labels=[KEY=VALUE,…]
List of label KEY=VALUE pairs to update. If a label exists, its value is modified. Otherwise, a new label is created.

Keys must start with a lowercase character and contain only hyphens (-), underscores (_), lowercase characters, and numbers. Values must contain only hyphens (-), underscores (_), lowercase characters, and numbers.

At most one of these can be specified:
--clear-labels
Remove all labels. If --update-labels is also specified then --clear-labels is applied first.

For example, to remove all labels:

gcloud network-security security-profiles threat-prevention add-override --clear-labels

To remove all existing labels and create two new labels, foo and baz:

gcloud network-security security-profiles threat-prevention add-override --clear-labels --update-labels foo=bar,baz=qux
--remove-labels=[KEY,…]
List of label keys to remove. If a label does not exist it is silently ignored. If --update-labels is also specified then --update-labels is applied first.
GCLOUD WIDE FLAGS
These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, --help, --impersonate-service-account, --log-http, --project, --quiet, --trace-token, --user-output-enabled, --verbosity.

Run $ gcloud help for details.

NOTES
These variants are also available:
gcloud alpha network-security security-profiles threat-prevention add-override
gcloud beta network-security security-profiles threat-prevention add-override