mirror of
https://github.com/imjasonh/gcloud-help
synced 2026-07-11 15:39:42 +00:00
99 lines
3.6 KiB
Text
99 lines
3.6 KiB
Text
NAME
|
|
gcloud beta compute firewall-policies rules update - updates a Compute
|
|
Engine firewall policy rule
|
|
|
|
SYNOPSIS
|
|
gcloud beta compute firewall-policies rules update PRIORITY
|
|
--firewall-policy=FIREWALL_POLICY [--action=ACTION]
|
|
[--description=DESCRIPTION] [--dest-ip-ranges=[DEST_IP_RANGE,...]]
|
|
[--direction=DIRECTION] [--[no-]disabled] [--[no-]enable-logging]
|
|
[--layer4-configs=[LAYER4_CONFIG,...]] [--new-priority=NEW_PRIORITY]
|
|
[--organization=ORGANIZATION] [--src-ip-ranges=[SRC_IP_RANGE,...]]
|
|
[--target-resources=[TARGET_RESOURCES,...]]
|
|
[--target-service-accounts=[TARGET_SERVICE_ACCOUNTS,...]]
|
|
[GCLOUD_WIDE_FLAG ...]
|
|
|
|
DESCRIPTION
|
|
(BETA) gcloud beta compute firewall-policies rules update is used to update
|
|
organization firewall policy rules.
|
|
|
|
EXAMPLES
|
|
To update a rule with priority ``10" in an organization firewall policy
|
|
with ID ``123456789" to change the action to ``allow" and description to
|
|
``new-example-rule", run:
|
|
|
|
$ gcloud beta compute firewall-policies rules update 10 \
|
|
--firewall-policy=123456789 --action=allow \
|
|
--description=new-example-rule
|
|
|
|
POSITIONAL ARGUMENTS
|
|
PRIORITY
|
|
Priority of the firewall policy rule to update.
|
|
|
|
REQUIRED FLAGS
|
|
--firewall-policy=FIREWALL_POLICY
|
|
Short name of the firewall policy into which the rule should be
|
|
updated.
|
|
|
|
OPTIONAL FLAGS
|
|
--action=ACTION
|
|
Action to take if the request matches the match condition. ACTION must
|
|
be one of: allow, deny, goto_next.
|
|
|
|
--description=DESCRIPTION
|
|
An optional, textual description for the rule.
|
|
|
|
--dest-ip-ranges=[DEST_IP_RANGE,...]
|
|
Destination IP ranges to match for this rule. Can only be specified if
|
|
DIRECTION is egress.
|
|
|
|
--direction=DIRECTION
|
|
Direction of the traffic the rule is applied. The default is to apply
|
|
on incoming traffic. DIRECTION must be one of: INGRESS, EGRESS.
|
|
|
|
--[no-]disabled
|
|
Use this flag to disable the rule. Disabled rules will not affect
|
|
traffic. Use --disabled to enable and --no-disabled to disable.
|
|
|
|
--[no-]enable-logging
|
|
Use this flag to enable logging of connections that allowed or denied
|
|
by this rule. Use --enable-logging to enable and --no-enable-logging to
|
|
disable.
|
|
|
|
--layer4-configs=[LAYER4_CONFIG,...]
|
|
A list of destination protocols and ports to which the firewall rule
|
|
will apply.
|
|
|
|
--new-priority=NEW_PRIORITY
|
|
New priority for the rule to update. Valid in [0, 65535].
|
|
|
|
--organization=ORGANIZATION
|
|
Organization which the organization firewall policy belongs to. Must be
|
|
set if FIREWALL_POLICY is short name.
|
|
|
|
--src-ip-ranges=[SRC_IP_RANGE,...]
|
|
Source IP ranges to match for this rule. Can only be specified if
|
|
DIRECTION is ingress.
|
|
|
|
--target-resources=[TARGET_RESOURCES,...]
|
|
List of URLs of target resources to which the rule is applied.
|
|
|
|
--target-service-accounts=[TARGET_SERVICE_ACCOUNTS,...]
|
|
List of target service accounts for the rule.
|
|
|
|
GCLOUD WIDE FLAGS
|
|
These flags are available to all commands: --access-token-file, --account,
|
|
--billing-project, --configuration, --flags-file, --flatten, --format,
|
|
--help, --impersonate-service-account, --log-http, --project, --quiet,
|
|
--trace-token, --user-output-enabled, --verbosity.
|
|
|
|
Run $ gcloud help for details.
|
|
|
|
NOTES
|
|
This command is currently in beta and might change without notice. These
|
|
variants are also available:
|
|
|
|
$ gcloud compute firewall-policies rules update
|
|
|
|
$ gcloud alpha compute firewall-policies rules update
|
|
|