gcloud alpha compute packet-mirrorings update - update a Compute Engine packet mirroring policy
gcloud alpha compute packet-mirrorings update NAME [--async] [--collector-ilb=COLLECTOR_ILB] [--description=DESCRIPTION] [--enable] [--filter-direction=DIRECTION] [--region=REGION] [--add-filter-cidr-ranges=[CIDR_RANGE,...] | --clear-filter-cidr-ranges | --remove-filter-cidr-ranges=[CIDR_RANGE,...] | --set-filter-cidr-ranges=[CIDR_RANGE,...]] [--add-filter-protocols=[PROTOCOL,...] | --clear-filter-protocols | --remove-filter-protocols=[PROTOCOL,...] | --set-filter-protocols=[PROTOCOL,...]] [--add-mirrored-instances=[INSTANCE,...] | --clear-mirrored-instances | --remove-mirrored-instances=[INSTANCE,...] | --set-mirrored-instances=[INSTANCE,...]] [--add-mirrored-subnets=[SUBNET,...] | --clear-mirrored-subnets | --remove-mirrored-subnets=[SUBNET,...] | --set-mirrored-subnets=[SUBNET,...]] [--add-mirrored-tags=[TAG,...] | --clear-mirrored-tags | --remove-mirrored-tags=[TAG,...] | --set-mirrored-tags=[TAG,...]] [GCLOUD_WIDE_FLAG ...]
(ALPHA) Update a Compute Engine packet mirroring policy.
Stop mirroring by tags, add subnet-1 as a mirrored subnet.
$ gcloud alpha compute packet-mirrorings update my-pm \ --region us-central1 --clear-mirrored-tags \ --add-mirrored-subnets subnet-1
Change the load-balancer to send mirrored traffic to.
$ gcloud alpha compute packet-mirrorings update my-pm \ --region us-central1 --collector-ilb new-forwarding-rule
Disable a Packet Mirroring policy.
$ gcloud alpha compute packet-mirrorings update my-pm \ --region us-central1 --no-enable
Re-enable a disabled Packet Mirroring policy.
$ gcloud alpha compute packet-mirrorings update my-pm \ --region us-central1 --enable
- NAME
Name of the packet mirroring to update.
- --async
Return immediately, without waiting for the operation in progress to complete.
- --collector-ilb=COLLECTOR_ILB
Forwarding rule configured as collector. This must be a regional forwarding rule (in the same region) with load balancing scheme INTERNAL and isMirroringCollector set to true.
You can provide this as the full URL to the forwarding rule, partial URL, or name. For example, the following are valid values:
- —
https://compute.googleapis.com/compute/v1/projects/myproject/ regions/us-central1/forwardingRules/fr-1
- —
projects/myproject/regions/us-central1/forwardingRules/fr-1
- —
fr-1
- --description=DESCRIPTION
Optional, textual description for the packet mirroring.
- --enable
Enable or disable the packet-mirroring.
- --filter-direction=DIRECTION
- —
For ingress, only ingress traffic is mirrored.
- —
For egress, only egress traffic is mirrored.
- —
For both (default), both directions are mirrored. DIRECTION must be one of: both, egress, ingress.
- --region=REGION
Region of the packet mirroring to update. Overrides the default compute/region property value for this command invocation.
- Update the filter CIDR ranges of this packet mirroring.
At most one of these can be specified:
- --add-filter-cidr-ranges=[CIDR_RANGE,...]
List of filter CIDR ranges to add to the packet mirroring.
- --clear-filter-cidr-ranges
If specified, clear the existing filter CIDR ranges from the packet mirroring.
- --remove-filter-cidr-ranges=[CIDR_RANGE,...]
List of filter CIDR ranges to remove from the packet mirroring.
- --set-filter-cidr-ranges=[CIDR_RANGE,...]
List of filter CIDR ranges to be mirrored on the packet mirroring.
- Update the filter protocols of this packet mirroring.
At most one of these can be specified:
- --add-filter-protocols=[PROTOCOL,...]
List of filter IP protocols to add to the packet mirroring. PROTOCOL can be one of tcp, udp, icmp, esp, ah, ipip, sctp, or an IANA protocol number.
- --clear-filter-protocols
If specified, clear the existing filter IP protocols from the packet mirroring.
- --remove-filter-protocols=[PROTOCOL,...]
List of filter IP protocols to remove from the packet mirroring. PROTOCOL can be one of tcp, udp, icmp, esp, ah, ipip, sctp, or an IANA protocol number.
- --set-filter-protocols=[PROTOCOL,...]
List of filter IP protocols to be mirrored on the packet mirroring. PROTOCOL can be one of tcp, udp, icmp, esp, ah, ipip, sctp, or an IANA protocol number.
- Update the mirrored instances of this packet mirroring.
At most one of these can be specified:
- --add-mirrored-instances=[INSTANCE,...]
List of instances to add to the packet mirroring.
- --clear-mirrored-instances
If specified, clear the existing instances from the packet mirroring.
- --remove-mirrored-instances=[INSTANCE,...]
List of instances to remove from the packet mirroring.
- --set-mirrored-instances=[INSTANCE,...]
List of instances to be mirrored on the packet mirroring.
- Update the mirrored subnets of this packet mirroring.
At most one of these can be specified:
- --add-mirrored-subnets=[SUBNET,...]
List of subnets to add to the packet mirroring.
- --clear-mirrored-subnets
If specified, clear the existing subnets from the packet mirroring.
- --remove-mirrored-subnets=[SUBNET,...]
List of subnets to remove from the packet mirroring.
- --set-mirrored-subnets=[SUBNET,...]
List of subnets to be mirrored on the packet mirroring.
- Update the mirrored tags of this packet mirroring.
To read more about configuring network tags, read this guide: https://cloud.google.com/vpc/docs/add-remove-network-tags
The virtual machines with the provided tags must live in zones contained in the same region as this packet mirroring.
At most one of these can be specified:
- --add-mirrored-tags=[TAG,...]
List of tags to add to the packet mirroring.
- --clear-mirrored-tags
If specified, clear the existing tags from the packet mirroring.
- --remove-mirrored-tags=[TAG,...]
List of tags to remove from the packet mirroring.
- --set-mirrored-tags=[TAG,...]
List of tags to be mirrored on the packet mirroring.
These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, --help, --impersonate-service-account, --log-http, --project, --quiet, --trace-token, --user-output-enabled, --verbosity.
Run $ gcloud help for details.
This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early access allowlist. These variants are also available:
$ gcloud compute packet-mirrorings update
$ gcloud beta compute packet-mirrorings update