gcloud compute security-policies update

NAME
gcloud compute security-policies update - update a Compute Engine security policy
SYNOPSIS
gcloud compute security-policies updateNAME[--description=DESCRIPTION][--enable-layer7-ddos-defense][--json-custom-content-types=[CONTENT_TYPE,…]][--json-parsing=JSON_PARSING][--layer7-ddos-defense-rule-visibility=VISIBILITY_TYPE][--log-level=LOG_LEVEL][--network-ddos-protection=NETWORK_DDOS_PROTECTION][--recaptcha-redirect-site-key=RECAPTCHA_REDIRECT_SITE_KEY][--user-ip-request-headers=[USER_IP_REQUEST_HEADER,…]][--global    |--region=REGION][GCLOUD_WIDE_FLAG]
DESCRIPTION
gcloud compute security-policies update is used to update securitypolicies.
EXAMPLES
To update the description run this:
gcloudcomputesecurity-policiesupdateSECURITY_POLICY--description='new description'
POSITIONAL ARGUMENTS
NAME
Name of the security policy to update.
FLAGS
--description=DESCRIPTION
An optional, textual description for the security policy.
--enable-layer7-ddos-defense
Whether to enable Cloud Armor Layer 7 DDoS Defense Adaptive Protection.
--json-custom-content-types=[CONTENT_TYPE,…]
A comma-separated list of custom Content-Type header values to apply JSONparsing for preconfigured WAF rules. Only applicable when JSON parsing isenabled, like--json-parsing=STANDARD. Whenconfiguring a Content-Type header value, only the type/subtype needs to bespecified, and the parameters should be excluded.
--json-parsing=JSON_PARSING
The JSON parsing behavior for this rule. Must be one of the following values:[DISABLED, STANDARD, STANDARD_WITH_GRAPHQL].JSON_PARSING must be one of:DISABLED,STANDARD,STANDARD_WITH_GRAPHQL.
--layer7-ddos-defense-rule-visibility=VISIBILITY_TYPE
The visibility type indicates whether the rules are opaque or transparent.VISIBILITY_TYPE must be one of:STANDARD,PREMIUM.
--log-level=LOG_LEVEL
The level of detail to display for WAF logging.LOG_LEVEL must be one of:NORMAL,VERBOSE.
--network-ddos-protection=NETWORK_DDOS_PROTECTION
The DDoS protection level for network load balancing and instances with externalIPs.NETWORK_DDOS_PROTECTION must be one of:STANDARD,ADVANCED,ADVANCED_PREVIEW.
--recaptcha-redirect-site-key=RECAPTCHA_REDIRECT_SITE_KEY
The reCAPTCHA site key to be used for rules using theredirect action and thegoogle-recaptcha redirect type under thesecurity policy.
--user-ip-request-headers=[USER_IP_REQUEST_HEADER,…]
A comma-separated list of request header names to use for resolving the caller'suser IP address.
At most one of these can be specified:
--global
If set, the security policy is global.
--region=REGION
Region of the security policy to update. Overrides the defaultcompute/region property value for this command invocation.
GCLOUD WIDE FLAGS
These flags are available to all commands:--access-token-file,--account,--billing-project,--configuration,--flags-file,--flatten,--format,--help,--impersonate-service-account,--log-http,--project,--quiet,--trace-token,--user-output-enabled,--verbosity.

Run$gcloud help for details.

NOTES
These variants are also available:
gcloudalphacomputesecurity-policiesupdate
gcloudbetacomputesecurity-policiesupdate

Except as otherwise noted, the content of this page is licensed under theCreative Commons Attribution 4.0 License, and code samples are licensed under theApache 2.0 License. For details, see theGoogle Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.

Last updated 2025-05-07 UTC.