1
0
Fork 0
mirror of https://github.com/imjasonh/gcloud-help synced 2026-07-18 23:08:48 +00:00

gcloud: Wed Jul 26 10:48:49 UTC 2023

This commit is contained in:
Automated 2023-07-26 10:48:49 +00:00
parent 64e67b443c
commit 4558a00e48
204 changed files with 2787 additions and 1591 deletions

View file

@ -12,6 +12,7 @@ SYNOPSIS
[--dest-threat-intelligence=[DEST_THREAT_INTELLIGENCE_LISTS,...]]
[--direction=DIRECTION] [--[no-]disabled] [--[no-]enable-logging]
[--layer4-configs=[LAYER4_CONFIG,...]]
[--security-profile-group=SECURITY_PROFILE_GROUP]
[--src-address-groups=[SOURCE_ADDRESS_GROUPS,...]]
[--src-fqdns=[SOURCE_FQDNS,...]] [--src-ip-ranges=[SRC_IP_RANGE,...]]
[--src-region-codes=[SOURCE_REGION_CODES,...]]
@ -19,6 +20,7 @@ SYNOPSIS
[--src-threat-intelligence=[SOURCE_THREAT_INTELLIGENCE_LISTS,...]]
[--target-secure-tags=[TARGET_SECURE_TAGS,...]]
[--target-service-accounts=[TARGET_SERVICE_ACCOUNTS,...]]
[--[no-]tls-inspect]
[--firewall-policy-region=FIREWALL_POLICY_REGION
| --global-firewall-policy] [GCLOUD_WIDE_FLAG ...]
@ -49,7 +51,7 @@ POSITIONAL ARGUMENTS
REQUIRED FLAGS
--action=ACTION
Action to take if the request matches the match condition. ACTION must
be one of: allow, deny, goto_next.
be one of: allow, deny, goto_next, apply_security_profile_group.
--firewall-policy=FIREWALL_POLICY
Firewall policy ID with which to create rule.
@ -96,6 +98,10 @@ OPTIONAL FLAGS
A list of destination protocols and ports to which the firewall rule
will apply.
--security-profile-group=SECURITY_PROFILE_GROUP
A security profile group to be used with apply_security_profile_group
action.
--src-address-groups=[SOURCE_ADDRESS_GROUPS,...]
Source address groups to match for this rule. Can only be specified if
DIRECTION is ingress.
@ -143,6 +149,12 @@ OPTIONAL FLAGS
--target-service-accounts=[TARGET_SERVICE_ACCOUNTS,...]
List of target service accounts for the rule.
--[no-]tls-inspect
Use this flag to indicate whether TLS traffic should be inspected using
the TLS inspection policy when the security profile group is applied.
Default: no TLS inspection. Use --tls-inspect to enable and
--no-tls-inspect to disable.
At most one of these can be specified:
--firewall-policy-region=FIREWALL_POLICY_REGION

View file

@ -12,6 +12,7 @@ SYNOPSIS
[--dest-threat-intelligence=[DEST_THREAT_INTELLIGENCE_LISTS,...]]
[--direction=DIRECTION] [--[no-]disabled] [--[no-]enable-logging]
[--layer4-configs=[LAYER4_CONFIG,...]] [--new-priority=NEW_PRIORITY]
[--security-profile-group=SECURITY_PROFILE_GROUP]
[--src-address-groups=[SOURCE_ADDRESS_GROUPS,...]]
[--src-fqdns=[SOURCE_FQDNS,...]] [--src-ip-ranges=[SRC_IP_RANGE,...]]
[--src-region-codes=[SOURCE_REGION_CODES,...]]
@ -19,6 +20,7 @@ SYNOPSIS
[--src-threat-intelligence=[SOURCE_THREAT_INTELLIGENCE_LISTS,...]]
[--target-secure-tags=[TARGET_SECURE_TAGS,...]]
[--target-service-accounts=[TARGET_SERVICE_ACCOUNTS,...]]
[--[no-]tls-inspect]
[--firewall-policy-region=FIREWALL_POLICY_REGION
| --global-firewall-policy] [GCLOUD_WIDE_FLAG ...]
@ -46,7 +48,7 @@ REQUIRED FLAGS
OPTIONAL FLAGS
--action=ACTION
Action to take if the request matches the match condition. ACTION must
be one of: allow, deny, goto_next.
be one of: allow, deny, goto_next, apply_security_profile_group.
--description=DESCRIPTION
An optional, textual description for the rule.
@ -92,6 +94,10 @@ OPTIONAL FLAGS
--new-priority=NEW_PRIORITY
New priority for the rule to update. Valid in [0, 65535].
--security-profile-group=SECURITY_PROFILE_GROUP
A security profile group to be used with apply_security_profile_group
action.
--src-address-groups=[SOURCE_ADDRESS_GROUPS,...]
Source address groups to match for this rule. Can only be specified if
DIRECTION is ingress.
@ -139,6 +145,12 @@ OPTIONAL FLAGS
--target-service-accounts=[TARGET_SERVICE_ACCOUNTS,...]
List of target service accounts for the rule.
--[no-]tls-inspect
Use this flag to indicate whether TLS traffic should be inspected using
the TLS inspection policy when the security profile group is applied.
Default: no TLS inspection. Use --tls-inspect to enable and
--no-tls-inspect to disable.
At most one of these can be specified:
--firewall-policy-region=FIREWALL_POLICY_REGION