NAME
    gcloud beta compute firewall-policies list-rules - list the rules of a
        Compute Engine organization firewall policy

SYNOPSIS
    gcloud beta compute firewall-policies list-rules FIREWALL_POLICY [NAME ...]
        [--organization=ORGANIZATION] [--regexp=REGEXP, -r REGEXP]
        [--filter=EXPRESSION] [--limit=LIMIT] [--page-size=PAGE_SIZE]
        [--sort-by=[FIELD,...]] [--uri] [GCLOUD_WIDE_FLAG ...]

DESCRIPTION
    (BETA) gcloud beta compute firewall-policies list-rules is used to list the
    rules of an organization firewall policy.

EXAMPLES
    To list the rules of an organization firewall policy with ID ``123456789",
    run:

        $ gcloud beta compute firewall-policies list-rules 123456789

    To list all the fields of the rules of an organization firewall policy with
    ID ``123456789", run:

        $ gcloud beta compute firewall-policies list-rules 123456789 \
            --format="table(
          priority,
          action,
          direction,
          match.srcIpRanges.list():label=SRC_RANGES,
          match.destIpRanges.list():label=DEST_RANGES,
          match.layer4Configs.map().org_firewall_rule().list():label=PORT_RANGES,
          targetServiceAccounts.list():label=TARGET_SVC_ACCT,
          targetResources:label=TARGET_RESOURCES,
          ruleTupleCount,
          enableLogging,
          description)"

POSITIONAL ARGUMENTS
     FIREWALL_POLICY
        Short name or ID of the firewall policy to list rules for.

     [NAME ...]
        (DEPRECATED) If provided, show details for the specified names and/or
        URIs of resources.

        Argument NAME is deprecated. Use --filter="name=( 'NAME' ... )"
        instead.

FLAGS
     --organization=ORGANIZATION
        Organization which the organization firewall policy belongs to. Must be
        set if FIREWALL_POLICY is short name.

     --regexp=REGEXP, -r REGEXP
        (DEPRECATED) Regular expression to filter the names of the results on.
        Any names that do not match the entire regular expression will be
        filtered out.

        Flag --regexp is deprecated. Use --filter="name~'REGEXP'" instead.

LIST COMMAND FLAGS
     --filter=EXPRESSION
        Apply a Boolean filter EXPRESSION to each resource item to be listed.
        If the expression evaluates True, then that item is listed. For more
        details and examples of filter expressions, run $ gcloud topic filters.
        This flag interacts with other flags that are applied in this order:
        --flatten, --sort-by, --filter, --limit.

     --limit=LIMIT
        Maximum number of resources to list. The default is unlimited. This
        flag interacts with other flags that are applied in this order:
        --flatten, --sort-by, --filter, --limit.

     --page-size=PAGE_SIZE
        Some services group resource list output into pages. This flag
        specifies the maximum number of resources per page. The default is
        determined by the service if it supports paging, otherwise it is
        unlimited (no paging). Paging may be applied before or after --filter
        and --limit depending on the service.

     --sort-by=[FIELD,...]
        Comma-separated list of resource field key names to sort by. The
        default order is ascending. Prefix a field with ``~'' for descending
        order on that field. This flag interacts with other flags that are
        applied in this order: --flatten, --sort-by, --filter, --limit.

     --uri
        Print a list of resource URIs instead of the default output, and change
        the command output to a list of URIs. If this flag is used with
        --format, the formatting is applied on this URI list. To display URIs
        alongside other keys instead, use the uri() transform.

GCLOUD WIDE FLAGS
    These flags are available to all commands: --access-token-file, --account,
    --billing-project, --configuration, --flags-file, --flatten, --format,
    --help, --impersonate-service-account, --log-http, --project, --quiet,
    --trace-token, --user-output-enabled, --verbosity.

    Run $ gcloud help for details.

IAM PERMISSIONS
    To list rules of a firewall policy, the user must have the following
    permission: compute.firewallPolicies.get.

    To find predefined roles that contain those permissions, see the Compute
    Engine IAM roles (https://cloud.google.com/compute/docs/access/iam).

NOTES
    This command is currently in beta and might change without notice. These
    variants are also available:

        $ gcloud compute firewall-policies list-rules

        $ gcloud alpha compute firewall-policies list-rules

