- NAME
-
- gcloud network-security security-profiles threat-prevention update-override - update Overrides of Threat Prevention Profile
- SYNOPSIS
-
-
gcloud network-security security-profiles threat-prevention update-override
(SECURITY_PROFILE
:--location
=LOCATION
--organization
=ORGANIZATION
)--action
=ACTION
(--severities
=[SEVERITY_LEVEL
,…] |--threat-ids
=[THREAT-ID
,…]) [--async
] [--update-labels
=[KEY
=VALUE
,…]] [--clear-labels
|--remove-labels
=[KEY
,…]] [GCLOUD_WIDE_FLAG …
]
-
- DESCRIPTION
-
To update existing severities or threat-ids of threat prevention profile with
intended action on each specified. Check the updates of update-override command
by using
gcloud network-security security-profiles threat-prevention list-override my-security-profile
.For more examples, refer to the EXAMPLES section below.
- EXAMPLES
-
To update an override, run:
gcloud network-security security-profiles threat-prevention update-override my-security-profile --severities=MEDIUM --action=ALLOW
my-security-profile
is the name of the Security Profile in the format organizations/{organizationID}/locations/{location}/securityProfiles/ {security_profile_id} where organizationID is the organization ID to which the changes should apply, location -global
specified and security_profile_id the Security Profile Identifier - POSITIONAL ARGUMENTS
-
-
Security profile resource - Security Profile Name. The arguments in this group
can be used to specify the attributes of this resource.
This must be specified.
SECURITY_PROFILE
-
ID of the security_profile or fully qualified identifier for the
security_profile.
To set the
security_profile
attribute:-
provide the argument
security_profile
on the command line.
This positional argument must be specified if any of the other arguments in this group are specified.
-
provide the argument
--location
=LOCATION
-
location of the security_profile - Global.
To set the
location
attribute:-
provide the argument
security_profile
on the command line with a fully specified name; -
provide the argument
--location
on the command line.
-
provide the argument
--organization
=ORGANIZATION
-
Organization ID to which the changes should apply.
To set the
organization
attribute:-
provide the argument
security_profile
on the command line with a fully specified name; -
provide the argument
--organization
on the command line.
-
provide the argument
-
Security profile resource - Security Profile Name. The arguments in this group
can be used to specify the attributes of this resource.
- REQUIRED FLAGS
-
--action
=ACTION
-
Action associated with severity or threat-id.
ACTION
must be one of:DEFAULT_ACTION
,ALLOW
,ALERT
,DENY
. -
Exactly one of these must be specified:
--severities
=[SEVERITY_LEVEL
,…]- List of comma-separated severities where each value in the list indicates the severity of the threat.
--threat-ids
=[THREAT-ID
,…]- List of comma-separated threat identifiers where each identifier in the list is a vendor-specified Signature ID representing a threat type.
- OPTIONAL FLAGS
-
--async
-
Return immediately, without waiting for the operation in progress to complete.
The default is
False
. --update-labels
=[KEY
=VALUE
,…]-
List of label KEY=VALUE pairs to update. If a label exists, its value is
modified. Otherwise, a new label is created.
Keys must start with a lowercase character and contain only hyphens (
-
), underscores (_
), lowercase characters, and numbers. Values must contain only hyphens (-
), underscores (_
), lowercase characters, and numbers. -
At most one of these can be specified:
--clear-labels
-
Remove all labels. If
--update-labels
is also specified then--clear-labels
is applied first.For example, to remove all labels:
gcloud network-security security-profiles threat-prevention update-override --clear-labels
To remove all existing labels and create two new labels,
andfoo
:baz
gcloud network-security security-profiles threat-prevention update-override --clear-labels --update-labels foo=bar,baz=qux
--remove-labels
=[KEY
,…]-
List of label keys to remove. If a label does not exist it is silently ignored.
If
--update-labels
is also specified then--update-labels
is applied first.
- GCLOUD WIDE FLAGS
-
These flags are available to all commands:
--access-token-file
,--account
,--billing-project
,--configuration
,--flags-file
,--flatten
,--format
,--help
,--impersonate-service-account
,--log-http
,--project
,--quiet
,--trace-token
,--user-output-enabled
,--verbosity
.Run
$ gcloud help
for details. - NOTES
-
These variants are also available:
gcloud alpha network-security security-profiles threat-prevention update-override
gcloud beta network-security security-profiles threat-prevention update-override
Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2024-11-12 UTC.