gcloud beta access-context-manager perimeters dry-run - enable management of dry-run mode configuration for Service Perimeters
gcloud beta access-context-manager perimeters dry-run COMMAND [GCLOUD_WIDE_FLAG ...]
(BETA) A Service Perimeter describes a set of Google Cloud Platform resources which can freely import and export data amongst themselves, but not externally, by default.
A dry-run mode configuration (also known as the Service Perimeter `spec`) makes it possible to understand the impact of any changes to a VPC Service Controls policy change before committing the change to the enforcement mode configuration.
Note: For Service Perimeters without an explicit dry-run mode configuration, the enforcement mode configuration is used as the dry-run mode configuration, resulting in no audit logs being generated.
These flags are available to all commands: --help.
Run $ gcloud help for details.
COMMAND is one of the following:
- create
(BETA) Create a dry-run mode configuration for a new or existing Service Perimeter.
- delete
(BETA) Mark the Service Perimeter as deleted in the dry-run mode.
- describe
(BETA) Display the dry-run mode configuration for a Service Perimeter.
- drop
(BETA) Reset the dry-run mode configuration of a Service Perimeter.
- enforce
(BETA) Enforces a Service Perimeter's dry-run configuration.
- enforce-all
(BETA) Enforces the dry-run mode configuration for all Service Perimeters.
- list
(BETA) List the effective dry-run configuration across all Service Perimeters.
- update
(BETA) Update the dry-run mode configuration for a Service Perimeter.
This command is currently in beta and might change without notice. These variants are also available:
$ gcloud access-context-manager perimeters dry-run
$ gcloud alpha access-context-manager perimeters dry-run