Some or all of the information on this page might not apply to Cloud de Confiance by S3NS. See Differences from Google Cloud for more details.

gcloud preview compute security-policies update

INFORMATION: gcloud preview compute security-policies update is not available in universe domain universe.
NAME: gcloud preview compute security-policies update - update a Compute Engine security policy
SYNOPSIS: gcloud preview compute security-policies update NAME [--description=DESCRIPTION] [--enable-layer7-ddos-defense] [--json-custom-content-types=[CONTENT_TYPE,…]] [--json-parsing=JSON_PARSING] [--layer7-ddos-defense-rule-visibility=VISIBILITY_TYPE] [--log-level=LOG_LEVEL] [--network-ddos-protection=NETWORK_DDOS_PROTECTION] [--recaptcha-redirect-site-key=RECAPTCHA_REDIRECT_SITE_KEY] [--user-ip-request-headers=[USER_IP_REQUEST_HEADER,…]] [--global | --region=REGION] [GCLOUD_WIDE_FLAG …]
DESCRIPTION: (PREVIEW) gcloud preview compute security-policies update is used to update security policies.
EXAMPLES: To update the description run this:
gcloud preview compute security-policies update SECURITY_POLICY --description='new description'
POSITIONAL ARGUMENTS: NAME

Name of the security policy to update.
FLAGS: --description=DESCRIPTION

An optional, textual description for the security policy.

--enable-layer7-ddos-defense

Whether to enable Cloud Armor Layer 7 DDoS Defense Adaptive Protection.

--json-custom-content-types=[CONTENT_TYPE,…]

A comma-separated list of custom Content-Type header values to apply JSON parsing for preconfigured WAF rules. Only applicable when JSON parsing is enabled, like --json-parsing=STANDARD. When configuring a Content-Type header value, only the type/subtype needs to be specified, and the parameters should be excluded.

--json-parsing=JSON_PARSING

The JSON parsing behavior for this rule. Must be one of the following values: [DISABLED, STANDARD, STANDARD_WITH_GRAPHQL]. JSON_PARSING must be one of: DISABLED, STANDARD, STANDARD_WITH_GRAPHQL.

--layer7-ddos-defense-rule-visibility=VISIBILITY_TYPE

The visibility type indicates whether the rules are opaque or transparent. VISIBILITY_TYPE must be one of: STANDARD, PREMIUM.

--log-level=LOG_LEVEL

The level of detail to display for WAF logging. LOG_LEVEL must be one of: NORMAL, VERBOSE.

--network-ddos-protection=NETWORK_DDOS_PROTECTION

The DDoS protection level for network load balancing and instances with external IPs. NETWORK_DDOS_PROTECTION must be one of: STANDARD, ADVANCED, ADVANCED_PREVIEW.

--recaptcha-redirect-site-key=RECAPTCHA_REDIRECT_SITE_KEY

The reCAPTCHA site key to be used for rules using the redirect action and the google-recaptcha redirect type under the security policy.

--user-ip-request-headers=[USER_IP_REQUEST_HEADER,…]

A comma-separated list of request header names to use for resolving the caller's user IP address.

At most one of these can be specified:

--global

If set, the security policy is global.

--region=REGION

Region of the security policy to update. Overrides the default compute/region property value for this command invocation.
GCLOUD WIDE FLAGS: These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, --help, --impersonate-service-account, --log-http, --project, --quiet, --trace-token, --user-output-enabled, --verbosity.
Run $ gcloud help for details.
NOTES: This command is currently in DEVELOPER PREVIEW and may change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early access allowlist. These variants are also available:
gcloud compute security-policies update

gcloud alpha compute security-policies update

gcloud beta compute security-policies update