gcloud access-context-manager perimeters dry-run - enable management of dry-run mode configuration for Service Perimeters
gcloud access-context-manager perimeters dry-run COMMAND [GCLOUD_WIDE_FLAG ...]
A Service Perimeter describes a set of Google Cloud Platform resources which can freely import and export data amongst themselves, but not externally, by default.
A dry-run mode configuration (also known as the Service Perimeter `spec`) makes it possible to understand the impact of any changes to a VPC Service Controls policy change before committing the change to the enforcement mode configuration.
Note: For Service Perimeters without an explicit dry-run mode configuration, the enforcement mode configuration is used as the dry-run mode configuration, resulting in no audit logs being generated.
These flags are available to all commands: --help.
Run $ gcloud help for details.
COMMAND is one of the following:
- create
Create a dry-run mode configuration for a new or existing Service Perimeter.
- delete
Mark the Service Perimeter as deleted in the dry-run mode.
- describe
Display the dry-run mode configuration for a Service Perimeter.
- drop
Reset the dry-run mode configuration of a Service Perimeter.
- enforce
Enforces a Service Perimeter's dry-run configuration.
- enforce-all
Enforces the dry-run mode configuration for all Service Perimeters.
- list
List the effective dry-run configuration across all Service Perimeters.
- update
Update the dry-run mode configuration for a Service Perimeter.
These variants are also available:
$ gcloud alpha access-context-manager perimeters dry-run
$ gcloud beta access-context-manager perimeters dry-run