1
0
Fork 0
mirror of https://github.com/imjasonh/gcloud-help synced 2026-07-11 15:39:42 +00:00
gcloud-help/gcloud/beta/compute/security-policies/update
2024-12-18 10:08:20 +00:00

119 lines
5.1 KiB
Text

NAME
gcloud beta compute security-policies update - update a Compute Engine
security policy
SYNOPSIS
gcloud beta compute security-policies update NAME
[--description=DESCRIPTION] [--enable-layer7-ddos-defense]
[--json-custom-content-types=[CONTENT_TYPE,...]]
[--json-parsing=JSON_PARSING]
[--layer7-ddos-defense-auto-deploy-confidence-threshold=LAYER7_DDOS_DEFENSE_AUTO_DEPLOY_CONFIDENCE_THRESHOLD]
[--layer7-ddos-defense-auto-deploy-expiration-sec=LAYER7_DDOS_DEFENSE_AUTO_DEPLOY_EXPIRATION_SEC]
[--layer7-ddos-defense-auto-deploy-impacted-baseline-threshold=LAYER7_DDOS_DEFENSE_AUTO_DEPLOY_IMPACTED_BASELINE_THRESHOLD]
[--layer7-ddos-defense-auto-deploy-load-threshold=LAYER7_DDOS_DEFENSE_AUTO_DEPLOY_LOAD_THRESHOLD]
[--layer7-ddos-defense-rule-visibility=VISIBILITY_TYPE]
[--log-level=LOG_LEVEL]
[--network-ddos-protection=NETWORK_DDOS_PROTECTION]
[--recaptcha-redirect-site-key=RECAPTCHA_REDIRECT_SITE_KEY]
[--request-body-inspection-size=REQUEST_BODY_INSPECTION_SIZE]
[--user-ip-request-headers=[USER_IP_REQUEST_HEADER,...]]
[--global | --region=REGION] [GCLOUD_WIDE_FLAG ...]
DESCRIPTION
(BETA) gcloud beta compute security-policies update is used to update
security policies.
EXAMPLES
To update the description run this:
$ gcloud beta compute security-policies update SECURITY_POLICY \
--description='new description'
POSITIONAL ARGUMENTS
NAME
Name of the security policy to update.
FLAGS
--description=DESCRIPTION
An optional, textual description for the security policy.
--enable-layer7-ddos-defense
Whether to enable Cloud Armor Layer 7 DDoS Defense Adaptive Protection.
--json-custom-content-types=[CONTENT_TYPE,...]
A comma-separated list of custom Content-Type header values to apply
JSON parsing for preconfigured WAF rules. Only applicable when JSON
parsing is enabled, like --json-parsing=STANDARD. When configuring a
Content-Type header value, only the type/subtype needs to be specified,
and the parameters should be excluded.
--json-parsing=JSON_PARSING
The JSON parsing behavior for this rule. Must be one of the following
values: [DISABLED, STANDARD, STANDARD_WITH_GRAPHQL]. JSON_PARSING must
be one of: DISABLED, STANDARD, STANDARD_WITH_GRAPHQL.
--layer7-ddos-defense-auto-deploy-confidence-threshold=LAYER7_DDOS_DEFENSE_AUTO_DEPLOY_CONFIDENCE_THRESHOLD
Confidence threshold above which Adaptive Protection's auto-deploy
takes actions
--layer7-ddos-defense-auto-deploy-expiration-sec=LAYER7_DDOS_DEFENSE_AUTO_DEPLOY_EXPIRATION_SEC
Duration over which Adaptive Protection's auto-deployed actions last
--layer7-ddos-defense-auto-deploy-impacted-baseline-threshold=LAYER7_DDOS_DEFENSE_AUTO_DEPLOY_IMPACTED_BASELINE_THRESHOLD
Impacted baseline threshold below which Adaptive Protection's
auto-deploy takes actions
--layer7-ddos-defense-auto-deploy-load-threshold=LAYER7_DDOS_DEFENSE_AUTO_DEPLOY_LOAD_THRESHOLD
Load threshold above which Adaptive Protection's auto-deploy takes
actions
--layer7-ddos-defense-rule-visibility=VISIBILITY_TYPE
The visibility type indicates whether the rules are opaque or
transparent. VISIBILITY_TYPE must be one of: STANDARD, PREMIUM.
--log-level=LOG_LEVEL
The level of detail to display for WAF logging. LOG_LEVEL must be one
of: NORMAL, VERBOSE.
--network-ddos-protection=NETWORK_DDOS_PROTECTION
The DDoS protection level for network load balancing and instances with
external IPs. NETWORK_DDOS_PROTECTION must be one of: STANDARD,
ADVANCED, ADVANCED_PREVIEW.
--recaptcha-redirect-site-key=RECAPTCHA_REDIRECT_SITE_KEY
The reCAPTCHA site key to be used for rules using the redirect action
and the google-recaptcha redirect type under the security policy.
--request-body-inspection-size=REQUEST_BODY_INSPECTION_SIZE
Maximum request body inspection size. REQUEST_BODY_INSPECTION_SIZE must
be one of: 8KB, 128KB.
--user-ip-request-headers=[USER_IP_REQUEST_HEADER,...]
A comma-separated list of request header names to use for resolving the
caller's user IP address.
At most one of these can be specified:
--global
If set, the security policy is global.
--region=REGION
Region of the security policy to update. Overrides the default
compute/region property value for this command invocation.
GCLOUD WIDE FLAGS
These flags are available to all commands: --access-token-file, --account,
--billing-project, --configuration, --flags-file, --flatten, --format,
--help, --impersonate-service-account, --log-http, --project, --quiet,
--trace-token, --user-output-enabled, --verbosity.
Run $ gcloud help for details.
NOTES
This command is currently in beta and might change without notice. These
variants are also available:
$ gcloud compute security-policies update
$ gcloud alpha compute security-policies update