SrSSKJr SSKJr SSKJr SSKJr SSKJr SSKJr SSK J r SS K J r SS K Jr SS K Jr SS KJr SS KrSrSr\ R*"SS\ R,\ R.55rSSS.\lg )z@Command for listing the rules of organization firewall policies.)absolute_import)division)unicode_literals) base_classes)firewalls_utils)lister)client)base)firewall_policies_utils)flags)logNzTo show all fields of the firewall, please show in JSON format: --format=json To show more fields in table format, please see the examples in --help. z table( priority, direction, action, match.srcIpRanges.list():label=SRC_RANGES, match.destIpRanges.list():label=DEST_RANGES, match.layer4Configs.map().org_firewall_rule().list():label=PORT_RANGES )c8\rSrSrSrSr\S5rSrSr Sr g) ListRules/zList the rules of a Compute Engine organization firewall policy. *{command}* is used to list the rules of an organization firewall policy. Nc[R"SSS9UlURRUSS9 UR SSS9 UR R [5 [R"U5 g) NTzlist rules for)required operationget)operation_typez--organizationzmOrganization which the organization firewall policy belongs to. Must be set if FIREWALL_POLICY is short name.)help) r FirewallPolicyArgumentFIREWALL_POLICY_ARG AddArgument add_argument display_info AddFormatDEFAULT_LIST_FORMATrAddBaseListerArgs)clsparsers 3lib/surface/compute/firewall_policies/list_rules.pyArgsListRules.Args:su#::!13C''u'E >@ !!"56 V$c .[R"UR55nURR XR SS9n[ R"UUR UR [R"UR55R5S9n[R"XCR5URS9nURUSS9nU(dg[ R""UR USR$5$)NF) with_project)refcompute_client resourcesversion) organization)fp_idonly_generate_requestr)rComputeApiHolder ReleaseTrackrResolveAsResourcer)r OrgFirewallPolicysix text_typelowerr GetFirewallPolicyIdNamer+DescriberSortFirewallPolicyRulesrules)selfargsholderr'org_firewall_policyr,responses r!Run ListRules.RunFs  * *4+<+<+> ?F  " " 4 4 U 5 4C 22 }}"" d//1288: < $ 7 7XXZd6G6G IE"++5,2H    2 26==3;A;3D3D FFr$cRA[RRS[-5 g)N )r statusPrint LIST_NOTICE)r:resources_were_displayeds r!EpilogListRules.EpilogXs JJTK'(r$) __name__ __module__ __qualname____firstlineno____doc__r classmethodr"r?rG__static_attributes__rIr$r!rr/s,  % %F$)r$ra To list the rules of an organization firewall policy with ID ``123456789", run: $ {command} 123456789 To list all the fields of the rules of an organization firewall policy with ID ``123456789", run: $ {command} 123456789 --format="table( priority, action, direction, match.srcIpRanges.list():label=SRC_RANGES, match.destIpRanges.list():label=DEST_RANGES, match.layer4Configs.map().org_firewall_rule().list():label=PORT_RANGES, targetServiceAccounts.list():label=TARGET_SVC_ACCT, targetResources:label=TARGET_RESOURCES, ruleTupleCount, enableLogging, description)" a To list rules of a firewall policy, the user must have the following permission: *`compute.firewallPolicies.get`. To find predefined roles that contain those permissions, see the [Compute Engine IAM roles](https://cloud.google.com/compute/docs/access/iam). )EXAMPLESzIAM PERMISSIONS)rN __future__rrrgooglecloudsdk.api_lib.computerrr0googlecloudsdk.api_lib.compute.firewall_policiesr googlecloudsdk.callioper 4googlecloudsdk.command_lib.compute.firewall_policiesr r googlecloudsdk.corer r2rErDefaultUniverseOnlyDescribeCommand ListCommandr detailed_helprIr$r!r\sG&'7:1C(XF#  ()$$d&6&6()()Z ,1 r$