NAME gcloud beta compute firewall-policies rules create - creates a Compute Engine firewall policy rule SYNOPSIS gcloud beta compute firewall-policies rules create PRIORITY --action=ACTION --firewall-policy=FIREWALL_POLICY [--description=DESCRIPTION] [--dest-ip-ranges=[DEST_IP_RANGE,...]] [--direction=DIRECTION] [--[no-]disabled] [--[no-]enable-logging] [--layer4-configs=[LAYER4_CONFIG,...]] [--organization=ORGANIZATION] [--src-ip-ranges=[SRC_IP_RANGE,...]] [--target-resources=[TARGET_RESOURCES,...]] [--target-service-accounts=[TARGET_SERVICE_ACCOUNTS,...]] [GCLOUD_WIDE_FLAG ...] DESCRIPTION (BETA) gcloud beta compute firewall-policies rules create is used to create organization firewall policy rules. EXAMPLES To create a rule with priority ``10" in an organization firewall policy with ID ``123456789", run: $ gcloud beta compute firewall-policies rules create 10 \ --firewall-policy=123456789 --action=allow \ --description=example-rule POSITIONAL ARGUMENTS PRIORITY Priority of the firewall policy rule to create. REQUIRED FLAGS --action=ACTION Action to take if the request matches the match condition. ACTION must be one of: allow, deny, goto_next. --firewall-policy=FIREWALL_POLICY Short name of the firewall policy into which the rule should be inserted. OPTIONAL FLAGS --description=DESCRIPTION An optional, textual description for the rule. --dest-ip-ranges=[DEST_IP_RANGE,...] Destination IP ranges to match for this rule. Can only be specified if DIRECTION is egress. --direction=DIRECTION Direction of the traffic the rule is applied. The default is to apply on incoming traffic. DIRECTION must be one of: INGRESS, EGRESS. --[no-]disabled Use this flag to disable the rule. Disabled rules will not affect traffic. Use --disabled to enable and --no-disabled to disable. --[no-]enable-logging Use this flag to enable logging of connections that allowed or denied by this rule. Use --enable-logging to enable and --no-enable-logging to disable. --layer4-configs=[LAYER4_CONFIG,...] A list of destination protocols and ports to which the firewall rule will apply. --organization=ORGANIZATION Organization which the organization firewall policy belongs to. Must be set if FIREWALL_POLICY is short name. --src-ip-ranges=[SRC_IP_RANGE,...] Source IP ranges to match for this rule. Can only be specified if DIRECTION is ingress. --target-resources=[TARGET_RESOURCES,...] List of URLs of target resources to which the rule is applied. --target-service-accounts=[TARGET_SERVICE_ACCOUNTS,...] List of target service accounts for the rule. GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, --help, --impersonate-service-account, --log-http, --project, --quiet, --trace-token, --user-output-enabled, --verbosity. Run $ gcloud help for details. NOTES This command is currently in beta and might change without notice. These variants are also available: $ gcloud compute firewall-policies rules create $ gcloud alpha compute firewall-policies rules create