gcloud alpha network-security security-profiles threat-prevention add-override

NAME
gcloud alpha network-security security-profiles threat-prevention add-override - add overrides to Threat Prevention Profile
SYNOPSIS
gcloud alpha network-security security-profiles threat-prevention add-override (SECURITY_PROFILE : --location=LOCATION --organization=ORGANIZATION) --action=ACTION (--severities=[SEVERITY_LEVEL,…]     | --threat-ids=[THREAT-ID,…]) [--async] [--update-labels=[KEY=VALUE,…]] [--clear-labels     | --remove-labels=[KEY,…]] [GCLOUD_WIDE_FLAG]
DESCRIPTION
(ALPHA) Add severities or threat-ids to existing threat prevention profile with intended action on each specified. Check the updates of add-override command by using gcloud network-security security-profiles threat-prevention list-override my-security-profile.

For more examples, refer to the EXAMPLES section below.

EXAMPLES
To add an override, run:
gcloud alpha network-security security-profiles threat-prevention add-override my-security-profile --severities=MEDIUM --action=ALLOW

my-security-profile is the name of the Security Profile in the format organizations/{organizationID}/locations/{location}/securityProfiles/ {security_profile_id} where organizationID is the organization ID to which the changes should apply, location - global specified and security_profile_id the Security Profile Identifier

POSITIONAL ARGUMENTS
Security profile resource - Security Profile Name. The arguments in this group can be used to specify the attributes of this resource.

This must be specified.

SECURITY_PROFILE
ID of the security_profile or fully qualified identifier for the security_profile.

To set the security_profile attribute:

  • provide the argument security_profile on the command line.

This positional argument must be specified if any of the other arguments in this group are specified.

--location=LOCATION
location of the security_profile - Global.

To set the location attribute:

  • provide the argument security_profile on the command line with a fully specified name;
  • provide the argument --location on the command line.
--organization=ORGANIZATION
Organization ID to which the changes should apply.

To set the organization attribute:

  • provide the argument security_profile on the command line with a fully specified name;
  • provide the argument --organization on the command line.
REQUIRED FLAGS
--action=ACTION
Action associated with severity or threat-id. ACTION must be one of: DEFAULT_ACTION, ALLOW, ALERT, DENY.
Exactly one of these must be specified:
--severities=[SEVERITY_LEVEL,…]
List of comma-separated severities where each value in the list indicates the severity of the threat.
--threat-ids=[THREAT-ID,…]
List of comma-separated threat identifiers where each identifier in the list is a vendor-specified Signature ID representing a threat type.
OPTIONAL FLAGS
--async
Return immediately, without waiting for the operation in progress to complete. The default is False.
--update-labels=[KEY=VALUE,…]
List of label KEY=VALUE pairs to update. If a label exists, its value is modified. Otherwise, a new label is created.

Keys must start with a lowercase character and contain only hyphens (-), underscores (_), lowercase characters, and numbers. Values must contain only hyphens (-), underscores (_), lowercase characters, and numbers.

At most one of these can be specified:
--clear-labels
Remove all labels. If --update-labels is also specified then --clear-labels is applied first.

For example, to remove all labels:

gcloud alpha network-security security-profiles threat-prevention add-override --clear-labels

To remove all existing labels and create two new labels, foo and baz:

gcloud alpha network-security security-profiles threat-prevention add-override --clear-labels --update-labels foo=bar,baz=qux
--remove-labels=[KEY,…]
List of label keys to remove. If a label does not exist it is silently ignored. If --update-labels is also specified then --update-labels is applied first.
GCLOUD WIDE FLAGS
These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, --help, --impersonate-service-account, --log-http, --project, --quiet, --trace-token, --user-output-enabled, --verbosity.

Run $ gcloud help for details.

NOTES
This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early access allowlist. These variants are also available:
gcloud network-security security-profiles threat-prevention add-override
gcloud beta network-security security-profiles threat-prevention add-override