gcloud beta compute firewall-policies mirroring-rules create

NAME
gcloud beta compute firewall-policies mirroring-rules create - creates a Compute Engine firewall policy packet mirroring rule
SYNOPSIS
gcloud beta compute firewall-policies mirroring-rules create PRIORITY --action=ACTION --firewall-policy=FIREWALL_POLICY [--description=DESCRIPTION] [--dest-ip-ranges=[DEST_IP_RANGE,…]] [--direction=DIRECTION] [--[no-]disabled] [--layer4-configs=[LAYER4_CONFIG,…]] [--organization=ORGANIZATION] [--security-profile-group=SECURITY_PROFILE_GROUP] [--src-ip-ranges=[SRC_IP_RANGE,…]] [--target-resources=[TARGET_RESOURCES,…]] [GCLOUD_WIDE_FLAG]
DESCRIPTION
(BETA) gcloud beta compute firewall-policies mirroring-rules create is used to create organization firewall policy packet mirroring rules.
EXAMPLES
To create a packet mirroring rule with priority ``10" in an organization firewall policy with ID ``123456789", run:
gcloud beta compute firewall-policies mirroring-rules create 10 --firewall-policy=123456789 --action=mirror --security-profile-group=organizations/123/locations/global/securityProfileGroups/custom-security-profile-group --description=example-rule
POSITIONAL ARGUMENTS
PRIORITY
Priority of the firewall policy rule to create.
REQUIRED FLAGS
--action=ACTION
Action to take if the request matches the match condition. ACTION must be one of: mirror, do_not_mirror, goto_next.
--firewall-policy=FIREWALL_POLICY
Short name of the firewall policy into which the rule should be inserted.
OPTIONAL FLAGS
--description=DESCRIPTION
An optional, textual description for the rule.
--dest-ip-ranges=[DEST_IP_RANGE,…]
Destination IP ranges to match for this rule.
--direction=DIRECTION
Direction of the traffic the rule is applied. The default is to apply on incoming traffic. DIRECTION must be one of: INGRESS, EGRESS.
--[no-]disabled
Use this flag to disable the rule. Disabled rules will not affect traffic. Use --disabled to enable and --no-disabled to disable.
--layer4-configs=[LAYER4_CONFIG,…]
A list of destination protocols and ports to which the firewall rule will apply.
--organization=ORGANIZATION
Organization which the organization firewall policy belongs to. Must be set if FIREWALL_POLICY is short name.
--security-profile-group=SECURITY_PROFILE_GROUP
An org-based security profile group to be used with mirror action. Allowed formats are: a) http(s)://<namespace>/<api>/organizations/<org_id>/locations/global/securityProfileGroups/<profile> b) (//)<namespace>/organizations/<org_id>/locations/global/securityProfileGroups/<profile> c) <profile>. In case "c" gCloud CLI will create a reference matching format "a", but to make it work CLOUDSDK_API_ENDPOINT_OVERRIDES_NETWORKSECURITY property must be set. In order to set this property, please run the command gcloud config set api_endpoint_overrides/networksecurity https://<namespace>/.
--src-ip-ranges=[SRC_IP_RANGE,…]
Source IP ranges to match for this rule.
--target-resources=[TARGET_RESOURCES,…]
List of URLs of target resources to which the rule is applied.
GCLOUD WIDE FLAGS
These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, --help, --impersonate-service-account, --log-http, --project, --quiet, --trace-token, --user-output-enabled, --verbosity.

Run $ gcloud help for details.

NOTES
This command is currently in beta and might change without notice. This variant is also available:
gcloud alpha compute firewall-policies mirroring-rules create