1
0
Fork 0
mirror of https://github.com/imjasonh/gcloud-help synced 2026-07-12 16:08:31 +00:00
gcloud-help/gcloud/vmware/network-policies/external-access-rules/update
2023-11-15 11:42:54 +00:00

123 lines
4.9 KiB
Text

NAME
gcloud vmware network-policies external-access-rules update - update a
VMware Engine network policy
SYNOPSIS
gcloud vmware network-policies external-access-rules update
(EXTERNAL_ACCESS_RULE
: --location=LOCATION --network-policy=NETWORK_POLICY)
[--action=ACTION] [--async] [--description=DESCRIPTION]
[--destination-ports=DESTINATION_PORTS,[...]]
[--destination-ranges=DESTINATION_IP_RANGES,[...]]
[--ip-protocol=IP_PROTOCOL] [--priority=PRIORITY]
[--source-ports=SOURCE_PORTS,[...]]
[--source-ranges=SOURCE_IP_RANGES,[...]] [GCLOUD_WIDE_FLAG ...]
DESCRIPTION
Update a VMware Engine external access firewall rule.
EXAMPLES
To update an external access firewall rule named my-external-access-rule so
that it denies the traffic for that rule, run:
$ gcloud vmware network-policies external-access-rules update \
my-external-access-rule --network-policy=my-network-policy \
--action=DENY --location=us-west2 --project=my-project
Or:
$ gcloud vmware network-policies external-access-rules update \
my-external-access-rule --network-policy=my-network-policy \
--action=DENY
In the second example, the project and the location are taken from gcloud
properties core/project and compute/regions respectively.
POSITIONAL ARGUMENTS
VMware Engine External Access Rule resource - external_access_rule. The
arguments in this group can be used to specify the attributes of this
resource. (NOTE) Some attributes are not given arguments in this group but
can be set in other ways.
To set the project attribute:
◆ provide the argument external_access_rule on the command line with a
fully specified name;
◆ set the property core/project;
◆ provide the argument --project on the command line.
This must be specified.
EXTERNAL_ACCESS_RULE
ID of the VMware Engine External Access Rule or fully qualified
identifier for the VMware Engine External Access Rule.
To set the external-access-rule attribute:
▸ provide the argument external_access_rule on the command line.
This positional argument must be specified if any of the other
arguments in this group are specified.
--location=LOCATION
The resource name of the location.
To set the location attribute:
▸ provide the argument external_access_rule on the command line
with a fully specified name;
▸ provide the argument --location on the command line;
▸ set the property compute/region.
--network-policy=NETWORK_POLICY
VMware Engine network policy
To set the network-policy attribute:
▸ provide the argument external_access_rule on the command line
with a fully specified name;
▸ provide the argument --network-policy on the command line.
FLAGS
--action=ACTION
Whether the firewall rule allows or denies traffic based on a
successful rule match. ACTION must be one of: ALLOW, DENY.
--async
Return immediately, without waiting for the operation in progress to
complete. The default is True. Enabled by default, use --no-async to
disable.
--description=DESCRIPTION
User-provided description of the external access rule.
--destination-ports=DESTINATION_PORTS,[...]
List of allowed destination ports. Each entry must be either an integer
or a range.
--destination-ranges=DESTINATION_IP_RANGES,[...]
A list of destination IP addresses that the rule applies to. Each entry
in the list be an ExternalAddress resource name or 0.0.0.0/0. When the
value is set to 0.0.0.0/0, all IP addresses are allowed.
--ip-protocol=IP_PROTOCOL
Internet protocol covered by the rule. Valid values are TCP, UDP, and
ICMP. IP_PROTOCOL must be one of: TCP, UDP, ICMP.
--priority=PRIORITY
Priority of this external access rule. Valid values are numbers between
100 and 4096, with 100 being the highest priority. Firewall rules are
processed from highest to lowest priority.
--source-ports=SOURCE_PORTS,[...]
List of allowed source ports. Each entry must be either an integer or a
range.
--source-ranges=SOURCE_IP_RANGES,[...]
A list of source IP addresses that the rule applies to. Each entry in
the list can be a CIDR notation or a single IP address. When the value
is set to 0.0.0.0/0, all IP addresses are allowed.
GCLOUD WIDE FLAGS
These flags are available to all commands: --access-token-file, --account,
--billing-project, --configuration, --flags-file, --flatten, --format,
--help, --impersonate-service-account, --log-http, --project, --quiet,
--trace-token, --user-output-enabled, --verbosity.
Run $ gcloud help for details.