File: //snap/google-cloud-cli/396/help/man/man1/gcloud_compute_security-policies_update.1
.TH "GCLOUD_COMPUTE_SECURITY\-POLICIES_UPDATE" 1
.SH "NAME"
.HP
gcloud compute security\-policies update \- update a Compute Engine security policy
.SH "SYNOPSIS"
.HP
\f5gcloud compute security\-policies update\fR \fINAME\fR [\fB\-\-description\fR=\fIDESCRIPTION\fR] [\fB\-\-enable\-layer7\-ddos\-defense\fR] [\fB\-\-json\-custom\-content\-types\fR=[\fICONTENT_TYPE\fR,...]] [\fB\-\-json\-parsing\fR=\fIJSON_PARSING\fR] [\fB\-\-layer7\-ddos\-defense\-rule\-visibility\fR=\fIVISIBILITY_TYPE\fR] [\fB\-\-log\-level\fR=\fILOG_LEVEL\fR] [\fB\-\-network\-ddos\-protection\fR=\fINETWORK_DDOS_PROTECTION\fR] [\fB\-\-recaptcha\-redirect\-site\-key\fR=\fIRECAPTCHA_REDIRECT_SITE_KEY\fR] [\fB\-\-user\-ip\-request\-headers\fR=[\fIUSER_IP_REQUEST_HEADER\fR,...]] [\fB\-\-global\fR\ |\ \fB\-\-region\fR=\fIREGION\fR] [\fIGCLOUD_WIDE_FLAG\ ...\fR]
.SH "DESCRIPTION"
\fBgcloud compute security\-policies update\fR is used to update security
policies.
.SH "EXAMPLES"
To update the description run this:
.RS 2m
$ gcloud compute security\-policies update SECURITY_POLICY \e
\-\-description='new description'
.RE
.SH "POSITIONAL ARGUMENTS"
.RS 2m
.TP 2m
\fINAME\fR
Name of the security policy to update.
.RE
.sp
.SH "FLAGS"
.RS 2m
.TP 2m
\fB\-\-description\fR=\fIDESCRIPTION\fR
An optional, textual description for the security policy.
.TP 2m
\fB\-\-enable\-layer7\-ddos\-defense\fR
Whether to enable Cloud Armor Layer 7 DDoS Defense Adaptive Protection.
.TP 2m
\fB\-\-json\-custom\-content\-types\fR=[\fICONTENT_TYPE\fR,...]
A comma\-separated list of custom Content\-Type header values to apply JSON
parsing for preconfigured WAF rules. Only applicable when JSON parsing is
enabled, like \f5\fI\-\-json\-parsing=STANDARD\fR\fR. When configuring a
Content\-Type header value, only the type/subtype needs to be specified, and the
parameters should be excluded.
.TP 2m
\fB\-\-json\-parsing\fR=\fIJSON_PARSING\fR
The JSON parsing behavior for this rule. Must be one of the following values:
[DISABLED, STANDARD, STANDARD_WITH_GRAPHQL]. \fIJSON_PARSING\fR must be one of:
\fBDISABLED\fR, \fBSTANDARD\fR, \fBSTANDARD_WITH_GRAPHQL\fR.
.TP 2m
\fB\-\-layer7\-ddos\-defense\-rule\-visibility\fR=\fIVISIBILITY_TYPE\fR
The visibility type indicates whether the rules are opaque or transparent.
\fIVISIBILITY_TYPE\fR must be one of: \fBSTANDARD\fR, \fBPREMIUM\fR.
.TP 2m
\fB\-\-log\-level\fR=\fILOG_LEVEL\fR
The level of detail to display for WAF logging. \fILOG_LEVEL\fR must be one of:
\fBNORMAL\fR, \fBVERBOSE\fR.
.TP 2m
\fB\-\-network\-ddos\-protection\fR=\fINETWORK_DDOS_PROTECTION\fR
The DDoS protection level for network load balancing and instances with external
IPs. \fINETWORK_DDOS_PROTECTION\fR must be one of: \fBSTANDARD\fR,
\fBADVANCED\fR, \fBADVANCED_PREVIEW\fR.
.TP 2m
\fB\-\-recaptcha\-redirect\-site\-key\fR=\fIRECAPTCHA_REDIRECT_SITE_KEY\fR
The reCAPTCHA site key to be used for rules using the \f5\fIredirect\fR\fR
action and the \f5\fIgoogle\-recaptcha\fR\fR redirect type under the security
policy.
.TP 2m
\fB\-\-user\-ip\-request\-headers\fR=[\fIUSER_IP_REQUEST_HEADER\fR,...]
A comma\-separated list of request header names to use for resolving the
caller's user IP address.
.TP 2m
At most one of these can be specified:
.RS 2m
.TP 2m
\fB\-\-global\fR
If set, the security policy is global.
.TP 2m
\fB\-\-region\fR=\fIREGION\fR
Region of the security policy to update. Overrides the default
\fBcompute/region\fR property value for this command invocation.
.RE
.RE
.sp
.SH "GCLOUD WIDE FLAGS"
These flags are available to all commands: \-\-access\-token\-file, \-\-account,
\-\-billing\-project, \-\-configuration, \-\-flags\-file, \-\-flatten,
\-\-format, \-\-help, \-\-impersonate\-service\-account, \-\-log\-http,
\-\-project, \-\-quiet, \-\-trace\-token, \-\-user\-output\-enabled,
\-\-verbosity.
Run \fB$ gcloud help\fR for details.
.SH "NOTES"
These variants are also available:
.RS 2m
$ gcloud alpha compute security\-policies update
.RE
.RS 2m
$ gcloud beta compute security\-policies update
.RE