DragonFly On-Line Manual Pages
GCLOUD COMPUTE FIREWALL-RULES UPDATE(1)
NAME
gcloud_compute_firewall-rules_update - update a firewall rule
SYNOPSIS
gcloud compute firewall-rules update NAME [--allow
[PROTOCOL[:_PORT_[-PORT]] ...]] [--description DESCRIPTION]
[--format FORMAT] [--help] [--project PROJECT_ID] [--quiet, -q]
[--source-ranges [CIDR_RANGE ...]] [--source-tags [TAG ...]]
[--target-tags [TAG ...]] [-h]
DESCRIPTION
gcloud compute firewall-rules update is used to update firewall rules
that allow incoming traffic to a network. Only arguments passed in will
be updated on the firewall rule. Other attributes will remain
unaffected.
POSITIONAL ARGUMENTS
NAME
The name of the firewall rule to update.
FLAGS
--allow [PROTOCOL[:PORT[-PORT]] ...]
A list of protocols and ports whose traffic will be allowed.
Setting this will override the current values.
PROTOCOL is the IP protocol whose traffic will be allowed.
PROTOCOL can be either the name of a well-known protocol (e.g., tcp
or icmp) or the IP protocol number. A list of IP protocols can be
found at
http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml.
A port or port range can be specified after PROTOCOL to allow
traffic through specific ports. If no port or port range is
specified, connections through all ranges are allowed. For example,
the following will create a rule that allows TCP traffic through
port 80 and allows ICMP traffic:
$ gcloud compute firewall-rules update MY-RULE --allow tcp:80 icmp
TCP and UDP rules must include a port or port range.
--description DESCRIPTION
A textual description for the firewall rule. Set to an empty string
to clear existing description.
--source-ranges [CIDR_RANGE ...]
A list of IP address blocks that are allowed to make inbound
connections that match the firewall rule to the instances on the
network. The IP address blocks must be specified in CIDR format:
http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing.
Setting this will override the existing source ranges for the
firewall. The following will clear the existing source ranges:
$ gcloud compute firewall-rules update MY-RULE --source-ranges
--source-tags [TAG ...]
A list of instance tags indicating the set of instances on the
network which may accept inbound connections that match the
firewall rule. If omitted, all instances on the network can receive
inbound connections that match the rule.
Tags can be assigned to instances during instance creation. Setting
this will override the existing source tags for the firewall. The
following will clear the existing source tags:
$ gcloud compute firewall-rules update MY-RULE --source-tags
--target-tags [TAG ...]
A list of instance tags indicating the set of instances on the
network which may make network connections that match the firewall
rule. If omitted, all instances on the network can make connections
that match the rule.
Tags can be assigned to instances during instance creation. Setting
this will override the existing target tags for the firewall. The
following will clear the existing target tags:
$ gcloud compute firewall-rules update MY-RULE --target-tags
GLOBAL FLAGS
--format FORMAT
Specify a format for printed output. By default, a command-specific
human-friendly output format is used. Setting this flag to one of
the available options will serialize the result of the command in
the chosen format and print it to stdout. Supported formats are:
json, text, yaml.
--help
Display detailed help.
--project PROJECT_ID
The Google Cloud Platform project name to use for this invocation.
If omitted then the current project is assumed.
--quiet, -q
Disable all interactive prompts when running gcloud commands. If
input is required, defaults will be used, or an error will be
raised.
-h
Print a summary help and exit.
NOTES
This command is in the Google Cloud SDK compute component. See
installing components if it is not installed.
GCLOUD COMPUTE FIREWALL-RULES UPDATE(1)