NAME
    gcloud alpha compute firewall-policies rules update - updates a Compute
        Engine firewall policy rule

SYNOPSIS
    gcloud alpha compute firewall-policies rules update PRIORITY
        --firewall-policy=FIREWALL_POLICY [--action=ACTION]
        [--description=DESCRIPTION]
        [--dest-address-groups=[DEST_ADDRESS_GROUPS,...]]
        [--dest-fqdns=[DEST_FQDNS,...]] [--dest-ip-ranges=[DEST_IP_RANGE,...]]
        [--dest-region-codes=[DEST_REGION_CODES,...]]
        [--dest-threat-intelligence=[DEST_THREAT_INTELLIGENCE_LISTS,...]]
        [--direction=DIRECTION] [--[no-]disabled] [--[no-]enable-logging]
        [--layer4-configs=[LAYER4_CONFIG,...]] [--new-priority=NEW_PRIORITY]
        [--organization=ORGANIZATION]
        [--src-address-groups=[SOURCE_ADDRESS_GROUPS,...]]
        [--src-fqdns=[SOURCE_FQDNS,...]] [--src-ip-ranges=[SRC_IP_RANGE,...]]
        [--src-region-codes=[SOURCE_REGION_CODES,...]]
        [--src-threat-intelligence=[SOURCE_THREAT_INTELLIGENCE_LISTS,...]]
        [--target-resources=[TARGET_RESOURCES,...]]
        [--target-service-accounts=[TARGET_SERVICE_ACCOUNTS,...]]
        [GCLOUD_WIDE_FLAG ...]

DESCRIPTION
    (ALPHA) gcloud alpha compute firewall-policies rules update is used to
    update organization firewall policy rules.

EXAMPLES
    To update a rule with priority ``10" in an organization firewall policy
    with ID ``123456789" to change the action to ``allow" and description to
    ``new-example-rule", run:

        $ gcloud alpha compute firewall-policies rules update 10 \
            --firewall-policy=123456789 --action=allow \
            --description=new-example-rule

POSITIONAL ARGUMENTS
     PRIORITY
        Priority of the firewall policy rule to update.

REQUIRED FLAGS
     --firewall-policy=FIREWALL_POLICY
        Short name of the firewall policy into which the rule should be
        updated.

OPTIONAL FLAGS
     --action=ACTION
        Action to take if the request matches the match condition. ACTION must
        be one of: allow, deny, goto_next, apply_security_profile_group.

     --description=DESCRIPTION
        An optional, textual description for the rule.

     --dest-address-groups=[DEST_ADDRESS_GROUPS,...]
        Dest address groups to match for this rule. Can only be specified if
        DIRECTION is egress.

     --dest-fqdns=[DEST_FQDNS,...]
        Dest FQDNs to match for this rule. Can only be specified if DIRECTION
        is egress.

     --dest-ip-ranges=[DEST_IP_RANGE,...]
        Destination IP ranges to match for this rule.

     --dest-region-codes=[DEST_REGION_CODES,...]
        Dest Region Code to match for this rule. Can only be specified if
        DIRECTION is egress.

     --dest-threat-intelligence=[DEST_THREAT_INTELLIGENCE_LISTS,...]
        Destination Threat Intelligence lists to match for this rule. Can only
        be specified if DIRECTION is egress. The available lists can be found
        here:
        https://cloud.google.com/vpc/docs/firewall-policies-rule-details#threat-intelligence-fw-policy.

     --direction=DIRECTION
        Direction of the traffic the rule is applied. The default is to apply
        on incoming traffic. DIRECTION must be one of: INGRESS, EGRESS.

     --[no-]disabled
        Use this flag to disable the rule. Disabled rules will not affect
        traffic. Use --disabled to enable and --no-disabled to disable.

     --[no-]enable-logging
        Use this flag to enable logging of connections that allowed or denied
        by this rule. Use --enable-logging to enable and --no-enable-logging to
        disable.

     --layer4-configs=[LAYER4_CONFIG,...]
        A list of destination protocols and ports to which the firewall rule
        will apply.

     --new-priority=NEW_PRIORITY
        New priority for the rule to update. Valid in [0, 65535].

     --organization=ORGANIZATION
        Organization which the organization firewall policy belongs to. Must be
        set if FIREWALL_POLICY is short name.

     --src-address-groups=[SOURCE_ADDRESS_GROUPS,...]
        Source address groups to match for this rule. Can only be specified if
        DIRECTION is ingress.

     --src-fqdns=[SOURCE_FQDNS,...]
        Source FQDNs to match for this rule. Can only be specified if DIRECTION
        is ingress.

     --src-ip-ranges=[SRC_IP_RANGE,...]
        Source IP ranges to match for this rule.

     --src-region-codes=[SOURCE_REGION_CODES,...]
        Source Region Code to match for this rule. Can only be specified if
        DIRECTION is ingress.

     --src-threat-intelligence=[SOURCE_THREAT_INTELLIGENCE_LISTS,...]
        Source Threat Intelligence lists to match for this rule. Can only be
        specified if DIRECTION is ingress. The available lists can be found
        here:
        https://cloud.google.com/vpc/docs/firewall-policies-rule-details#threat-intelligence-fw-policy.

     --target-resources=[TARGET_RESOURCES,...]
        List of URLs of target resources to which the rule is applied.

     --target-service-accounts=[TARGET_SERVICE_ACCOUNTS,...]
        List of target service accounts for the rule.

GCLOUD WIDE FLAGS
    These flags are available to all commands: --access-token-file, --account,
    --billing-project, --configuration, --flags-file, --flatten, --format,
    --help, --impersonate-service-account, --log-http, --project, --quiet,
    --trace-token, --user-output-enabled, --verbosity.

    Run $ gcloud help for details.

NOTES
    This command is currently in alpha and might change without notice. If this
    command fails with API permission errors despite specifying the correct
    project, you might be trying to access an API with an invitation-only early
    access allowlist. These variants are also available:

        $ gcloud compute firewall-policies rules update

        $ gcloud beta compute firewall-policies rules update

