1
0
Fork 0
mirror of https://github.com/imjasonh/gcloud-help synced 2026-07-16 12:22:03 +00:00
gcloud-help/gcloud/beta/network-security/security-profiles/threat-prevention/add-override
2023-08-09 11:23:49 +00:00

132 lines
5 KiB
Text

NAME
gcloud beta network-security security-profiles threat-prevention
add-override - add overrides to Threat Prevention Profile
SYNOPSIS
gcloud beta network-security security-profiles threat-prevention
add-override
(SECURITY_PROFILE : --location=LOCATION --organization=ORGANIZATION)
--action=ACTION
(--severities=[SEVERITY_LEVEL,...] | --threat-ids=[THREAT-ID,...])
[--async] [--update-labels=[KEY=VALUE,...]]
[--clear-labels | --remove-labels=[KEY,...]] [GCLOUD_WIDE_FLAG ...]
DESCRIPTION
(BETA) Add severities or threat-ids to existing threat prevention profile
with intended action on each specified. Check the updates of add-override
command by using gcloud network-security security-profiles
threat-prevention list-override my-security-profile.
For more examples, refer to the EXAMPLES section below.
EXAMPLES
To add an override, run:
$ gcloud beta network-security security-profiles threat-prevention \
add-override my-security-profile --severities=MEDIUM \
--action=ALLOW
my-security-profile is the name of the Security Profile in the format
organizations/{organizationID}/locations/{location}/securityProfiles/
{security_profile_id} where organizationID is the organization ID to which
the changes should apply, location - global specified and
security_profile_id the Security Profile Identifier
POSITIONAL ARGUMENTS
Security profile resource - Security Profile Name. The arguments in this
group can be used to specify the attributes of this resource.
This must be specified.
SECURITY_PROFILE
ID of the security_profile or fully qualified identifier for the
security_profile.
To set the security_profile attribute:
▸ provide the argument security_profile on the command line.
This positional argument must be specified if any of the other
arguments in this group are specified.
--location=LOCATION
location of the security_profile - Global.
To set the location attribute:
▸ provide the argument security_profile on the command line with a
fully specified name;
▸ provide the argument --location on the command line.
--organization=ORGANIZATION
Organization ID to which the changes should apply.
To set the organization attribute:
▸ provide the argument security_profile on the command line with a
fully specified name;
▸ provide the argument --organization on the command line.
REQUIRED FLAGS
--action=ACTION
Action associated with severity or threat-id. ACTION must be one of:
DEFAULT, ALLOW, ALERT, DENY.
Exactly one of these must be specified:
--severities=[SEVERITY_LEVEL,...]
List of comma-separated severities where each value in the list
indicates the severity of the threat.
--threat-ids=[THREAT-ID,...]
List of comma-separated threat identifiers where each identifier in
the list is a vendor-specified Signature ID representing a threat
type.
OPTIONAL FLAGS
--async
Return immediately, without waiting for the operation in progress to
complete. The default is False.
--update-labels=[KEY=VALUE,...]
List of label KEY=VALUE pairs to update. If a label exists, its value
is modified. Otherwise, a new label is created.
Keys must start with a lowercase character and contain only hyphens
(-), underscores (_), lowercase characters, and numbers. Values must
contain only hyphens (-), underscores (_), lowercase characters, and
numbers.
At most one of these can be specified:
--clear-labels
Remove all labels. If --update-labels is also specified then
--clear-labels is applied first.
For example, to remove all labels:
$ gcloud beta network-security security-profiles threat-prevention \
add-override --clear-labels
To remove all existing labels and create two new labels, foo and baz:
$ gcloud beta network-security security-profiles threat-prevention \
add-override --clear-labels --update-labels foo=bar,baz=qux
--remove-labels=[KEY,...]
List of label keys to remove. If a label does not exist it is
silently ignored. If --update-labels is also specified then
--update-labels is applied first.
GCLOUD WIDE FLAGS
These flags are available to all commands: --access-token-file, --account,
--billing-project, --configuration, --flags-file, --flatten, --format,
--help, --impersonate-service-account, --log-http, --project, --quiet,
--trace-token, --user-output-enabled, --verbosity.
Run $ gcloud help for details.
NOTES
This command is currently in beta and might change without notice. This
variant is also available:
$ gcloud alpha network-security security-profiles \
threat-prevention add-override