NAME

gcloud beta compute security-policies update - update a Compute Engine security policy

SYNOPSIS

gcloud beta compute security-policies update NAME [--description=DESCRIPTION] [--enable-layer7-ddos-defense] [--json-custom-content-types=[CONTENT_TYPE,...]] [--json-parsing=JSON_PARSING] [--layer7-ddos-defense-auto-deploy-confidence-threshold=LAYER7_DDOS_DEFENSE_AUTO_DEPLOY_CONFIDENCE_THRESHOLD] [--layer7-ddos-defense-auto-deploy-expiration-sec=LAYER7_DDOS_DEFENSE_AUTO_DEPLOY_EXPIRATION_SEC] [--layer7-ddos-defense-auto-deploy-impacted-baseline-threshold=LAYER7_DDOS_DEFENSE_AUTO_DEPLOY_IMPACTED_BASELINE_THRESHOLD] [--layer7-ddos-defense-auto-deploy-load-threshold=LAYER7_DDOS_DEFENSE_AUTO_DEPLOY_LOAD_THRESHOLD] [--layer7-ddos-defense-rule-visibility=VISIBILITY_TYPE] [--log-level=LOG_LEVEL] [--network-ddos-protection=NETWORK_DDOS_PROTECTION] [--recaptcha-redirect-site-key=RECAPTCHA_REDIRECT_SITE_KEY] [--global | --region=REGION] [GCLOUD_WIDE_FLAG ...]

DESCRIPTION

(BETA) gcloud beta compute security-policies update is used to update security policies.

EXAMPLES

To update the description run this:

$ gcloud beta compute security-policies update SECURITY_POLICY \ --description='new description'

POSITIONAL ARGUMENTS

NAME

Name of the security policy to update.

FLAGS

--description=DESCRIPTION

An optional, textual description for the security policy.

--enable-layer7-ddos-defense

Whether to enable Cloud Armor Layer 7 DDoS Defense Adaptive Protection.

--json-custom-content-types=[CONTENT_TYPE,...]

A comma-separated list of custom Content-Type header values to apply JSON parsing for preconfigured WAF rules. Only applicable when JSON parsing is enabled, like --json-parsing=STANDARD. When configuring a Content-Type header value, only the type/subtype needs to be specified, and the parameters should be excluded.

--json-parsing=JSON_PARSING

The JSON parsing behavior for this rule. Must be one of the following values: [DISABLED, STANDARD]. JSON_PARSING must be one of: DISABLED, STANDARD.

--layer7-ddos-defense-auto-deploy-confidence-threshold=LAYER7_DDOS_DEFENSE_AUTO_DEPLOY_CONFIDENCE_THRESHOLD

Confidence threshold above which Adaptive Protection's auto-deploy takes actions

--layer7-ddos-defense-auto-deploy-expiration-sec=LAYER7_DDOS_DEFENSE_AUTO_DEPLOY_EXPIRATION_SEC

Duration over which Adaptive Protection's auto-deployed actions last

--layer7-ddos-defense-auto-deploy-impacted-baseline-threshold=LAYER7_DDOS_DEFENSE_AUTO_DEPLOY_IMPACTED_BASELINE_THRESHOLD

Impacted baseline threshold below which Adaptive Protection's auto-deploy takes actions

--layer7-ddos-defense-auto-deploy-load-threshold=LAYER7_DDOS_DEFENSE_AUTO_DEPLOY_LOAD_THRESHOLD

Load threshold above which Adaptive Protection's auto-deploy takes actions

--layer7-ddos-defense-rule-visibility=VISIBILITY_TYPE

The visibility type indicates whether the rules are opaque or transparent. VISIBILITY_TYPE must be one of: STANDARD, PREMIUM.

--log-level=LOG_LEVEL

The level of detail to display for WAF logging. LOG_LEVEL must be one of: NORMAL, VERBOSE.

--network-ddos-protection=NETWORK_DDOS_PROTECTION

The DDoS protection level for network load balancing and instances with external IPs. NETWORK_DDOS_PROTECTION must be one of: STANDARD, ADVANCED.

--recaptcha-redirect-site-key=RECAPTCHA_REDIRECT_SITE_KEY

The reCAPTCHA site key to be used for rules using the redirect action and the google-recaptcha redirect type under the security policy.

At most one of these can be specified:
--global

If set, the security policy is global.

--region=REGION

Region of the security policy to update. Overrides the default compute/region property value for this command invocation.

GCLOUD WIDE FLAGS

These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, --help, --impersonate-service-account, --log-http, --project, --quiet, --trace-token, --user-output-enabled, --verbosity.

Run $ gcloud help for details.

NOTES

This command is currently in beta and might change without notice. These variants are also available:

$ gcloud compute security-policies update

$ gcloud alpha compute security-policies update