gcloud alpha compute org-security-policies rules remove-preconfig-waf-exclusion

gcloud alpha compute org-security-policies rules remove-preconfig-waf-exclusion -

gcloud alpha compute org-security-policies rules remove-preconfig-waf-exclusion PRIORITY --security-policy=SECURITY_POLICY --target-rule-set=TARGET_RULE_SET [--organization=ORGANIZATION] [--request-body-to-exclude=[op=OP],[val=VAL]] [--request-cookie-to-exclude=[op=OP],[val=VAL]] [--request-header-to-exclude=[op=OP],[val=VAL]] [--request-query-param-to-exclude=[op=OP],[val=VAL]] [--request-uri-to-exclude=[op=OP],[val=VAL]] [--target-rule-ids=[RULE_ID,…]] [GCLOUD_WIDE_FLAG …]

PRIORITY

Priority of the security policy rule to remove preconfig WAF exclusion.

--security-policy=SECURITY_POLICY

short name of the security policy into which the rule should be updated.

--target-rule-set=TARGET_RULE_SET

Target WAF rule set from where to remove the request field exclusions.

This, together with the target rule IDs (if given), determines the target for associating request field exclusions. See --target-rule-ids.

Note that the removal of request field exclusions is restricted to those associated with a matching target. Set this flag to * if you want to remove request field exclusions regardless of the target.

--organization=ORGANIZATION

Organization which the organization security policy belongs to. Must be set if SECURITY_POLICY is short name.

--request-body-to-exclude=[op=OP],[val=VAL]

Removes a request body from the existing request field exclusions associated with the rule set and rule IDs (if provided).

For syntax, see --request-cookie-to-exclude.

You can repeat this flag to specify multiple request bodies.

--request-cookie-to-exclude=[op=OP],[val=VAL]

Removes a request cookie from the existing request field exclusions associated with the rule set and rule IDs (if given).

You can specify an exact match or a partial match by using a field operator and a field value. Available field operators are:

• EQUALS: the operator matches if the field value equals the specified value.
• STARTS_WITH: the operator matches if the field value starts with the specified value.
• ENDS_WITH: the operator matches if the field value ends with the specified value.
• CONTAINS: the operator matches if the field value contains the specified value.
• EQUALS_ANY: the operator matches if the field value is any value.

A field value must be given if the field operator is not EQUALS_ANY, and cannot be given if the field operator is EQUALS_ANY. For example, --request-header-to-exclude op=EQUALS,val=abc or --request-header-to-exclude op=EQUALS_ANY.

This flag can be repeated to specify multiple request headers to exclude. For example, --request-header-to-exclude op=EQUALS,val=abc --request-header-to-exclude op=STARTS_WITH,val=xyz.

--request-header-to-exclude=[op=OP],[val=VAL]

Removes a request header from the existing request field exclusions associated with the rule set and rule IDs (if given).

Refer to the syntax under --request-cookie-to-exclude.

This flag can be repeated to specify multiple request headers.

--request-query-param-to-exclude=[op=OP],[val=VAL]

Removes a request query parameter from the existing request field exclusions associated with the rule set and rule IDs (if given).

Refer to the syntax under --request-cookie-to-exclude.

This flag can be repeated to specify multiple request query parameters.

--request-uri-to-exclude=[op=OP],[val=VAL]

Removes a request URI from the existing request field exclusions associated with the rule set and rule IDs (if given).

Refer to the syntax under --request-cookie-to-exclude.

This flag can be repeated to specify multiple request URIs.

--target-rule-ids=[RULE_ID,…]

A comma-separated list of target rule IDs under the WAF rule set from where to remove the request field exclusions. If omitted, the removal of request field exclusions is restricted to those associated with the rule set only, without specific rule IDs.

Run $ gcloud help for details.