NAME

gcloud access-context-manager perimeters dry-run - enable management of dry-run mode configuration for Service Perimeters

SYNOPSIS

gcloud access-context-manager perimeters dry-run COMMAND [GCLOUD_WIDE_FLAG ...]

DESCRIPTION

A Service Perimeter describes a set of Google Cloud Platform resources which can freely import and export data amongst themselves, but not externally, by default.

A dry-run mode configuration (also known as the Service Perimeter `spec`) makes it possible to understand the impact of any changes to a VPC Service Controls policy change before committing the change to the enforcement mode configuration.

Note: For Service Perimeters without an explicit dry-run mode configuration, the enforcement mode configuration is used as the dry-run mode configuration, resulting in no audit logs being generated.

GCLOUD WIDE FLAGS

These flags are available to all commands: --help.

Run $ gcloud help for details.

COMMANDS

COMMAND is one of the following:

create

Create a dry-run mode configuration for a new or existing Service Perimeter.

delete

Mark the Service Perimeter as deleted in the dry-run mode.

describe

Display the dry-run mode configuration for a Service Perimeter.

drop

Reset the dry-run mode configuration of a Service Perimeter.

enforce

Enforces a Service Perimeter's dry-run configuration.

enforce-all

Enforces the dry-run mode configuration for all Service Perimeters.

list

List the effective dry-run configuration across all Service Perimeters.

update

Update the dry-run mode configuration for a Service Perimeter.

NOTES

These variants are also available:

$ gcloud alpha access-context-manager perimeters dry-run

$ gcloud beta access-context-manager perimeters dry-run