gcloud compute instances network-interfaces get-effective-firewalls - get the effective firewalls for a Compute Engine virtual machine network interface
gcloud compute instances network-interfaces get-effective-firewalls INSTANCE_NAME [NAME ...] [--network-interface=NETWORK_INTERFACE; default="nic0"] [--regexp=REGEXP, -r REGEXP] [--zone=ZONE] [--filter=EXPRESSION] [--limit=LIMIT] [--page-size=PAGE_SIZE] [--sort-by=[FIELD,...]] [--uri] [GCLOUD_WIDE_FLAG ...]
gcloud compute instances network-interfaces get-effective-firewalls is used to get the effective firewalls applied to the network interfaces of a Compute Engine virtual machine.
To get the effective firewalls of instance with name example-instance, run:
$ gcloud compute instances network-interfaces \ get-effective-firewalls example-instance
To show all fields of the firewall rules, please show in JSON format with option --format=json
To see more firewall rule fields in table format, run the following for "example-instance":
$ gcloud compute instances network-interfaces \ get-effective-firewalls example-instance --format="table( type, firewall_policy_name, priority, action, direction, ip_ranges.list():label=IP_RANGES, target_svc_acct, enableLogging, description, name, disabled, target_tags, src_svc_acct, src_tags, ruleTupleCount, targetResources:label=TARGET_RESOURCES)"
- INSTANCE_NAME
Name of the instance to operate on. For details on valid instance names, refer to the criteria documented under the field 'name' at: https://cloud.google.com/compute/docs/reference/rest/v1/instances
- [NAME ...]
(DEPRECATED) If provided, show details for the specified names and/or URIs of resources.
Argument NAME is deprecated. Use --filter="name=( 'NAME' ... )" instead.
- --network-interface=NETWORK_INTERFACE; default="nic0"
The name of the network interface to get the effective firewalls for.
- --regexp=REGEXP, -r REGEXP
(DEPRECATED) Regular expression to filter the names of the results on. Any names that do not match the entire regular expression will be filtered out.
Flag --regexp is deprecated. Use --filter="name~'REGEXP'" instead.
- --zone=ZONE
Zone of the instance to operate on. If not specified, you might be prompted to select a zone (interactive mode only). gcloud attempts to identify the appropriate zone by searching for resources in your currently active project. If the zone cannot be determined, gcloud prompts you for a selection with all available Google Cloud Platform zones.
To avoid prompting when this flag is omitted, the user can set the compute/zone property:
$ gcloud config set compute/zone ZONE
A list of zones can be fetched by running:
$ gcloud compute zones list
To unset the property, run:
$ gcloud config unset compute/zone
Alternatively, the zone can be stored in the environment variable CLOUDSDK_COMPUTE_ZONE.
- --filter=EXPRESSION
Apply a Boolean filter EXPRESSION to each resource item to be listed. If the expression evaluates True, then that item is listed. For more details and examples of filter expressions, run $ gcloud topic filters. This flag interacts with other flags that are applied in this order: --flatten, --sort-by, --filter, --limit.
- --limit=LIMIT
Maximum number of resources to list. The default is unlimited. This flag interacts with other flags that are applied in this order: --flatten, --sort-by, --filter, --limit.
- --page-size=PAGE_SIZE
Some services group resource list output into pages. This flag specifies the maximum number of resources per page. The default is determined by the service if it supports paging, otherwise it is unlimited (no paging). Paging may be applied before or after --filter and --limit depending on the service.
- --sort-by=[FIELD,...]
Comma-separated list of resource field key names to sort by. The default order is ascending. Prefix a field with ``~'' for descending order on that field. This flag interacts with other flags that are applied in this order: --flatten, --sort-by, --filter, --limit.
- --uri
Print a list of resource URIs instead of the default output, and change the command output to a list of URIs. If this flag is used with --format, the formatting is applied on this URI list. To display URIs alongside other keys instead, use the uri() transform.
These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, --help, --impersonate-service-account, --log-http, --project, --quiet, --trace-token, --user-output-enabled, --verbosity.
Run $ gcloud help for details.
These variants are also available:
$ gcloud alpha compute instances network-interfaces \ get-effective-firewalls
$ gcloud beta compute instances network-interfaces \ get-effective-firewalls