KSrSSKJr SSKJr SSKJr SSKJr SSKJr SSK J r SSK J r SS K J r SS KJr SS KJr SS KJr "S S \5r\ R."\ R0R25"SS\ R455r\ R."\ R0R85"SS\55r\ R."\ R0R<5"SS\55rg)zaCommand for removing exclusions for preconfigured WAF rule evaluation from security policy rules.)absolute_import)division)unicode_literals) base_classes)client)base) exceptions)scope)flags) propertiesc\rSrSrSr\S5r\S Sj5r\S5r\S5r \S Sj5r \S 5r \S 5r S r g)!RemovePreconfigWafExclusionHelperRemove an exclusion configuration for preconfigured WAF evaluation from a security policy rule. *{command}* is used to remove an exclusion configuration for preconfigured WAF evaluation from a security policy rule. Note that request field exclusions are associated with a target, which can be a single rule set, or a rule set plus a list of rule IDs under the rule set. It is possible to remove request field exclusions at 3 levels: - Remove specific request field exclusions that are associated with a matching target. - Remove all the request field exclusions that are associated with a matching target. - Remove all the request field exclusions that are configured under the security policy rule, regardless of the target. ## EXAMPLES To remove specific request field exclusions that are associated with the target of 'sqli-stable': ['owasp-crs-v030001-id942110-sqli', 'owasp-crs-v030001-id942120-sqli'], run: $ {command} 1000 \ --security-policy=my-policy \ --target-rule-set=sqli-stable \ --target-rule-ids=owasp-crs-v030001-id942110-sqli,owasp-crs-v030001-id942120-sqli \ --request-header-to-exclude=op=EQUALS,val=abc \ --request-header-to-exclude=op=STARTS_WITH,val=xyz \ --request-uri-to-exclude=op=EQUALS_ANY To remove all the request field exclusions that are associated with the target of 'sqli-stable': ['owasp-crs-v030001-id942110-sqli', 'owasp-crs-v030001-id942120-sqli'], run: $ {command} 1000 \ --security-policy=my-policy \ --target-rule-set=sqli-stable \ --target-rule-ids=owasp-crs-v030001-id942110-sqli,owasp-crs-v030001-id942120-sqli To remove all the request field exclusions that are associated with the target of 'sqli-stable': [], run: $ {command} 1000 \ --security-policy=my-policy \ --target-rule-set=sqli-stable To remove all the request field exclusions that are configured under the security policy rule, regardless of the target, run: $ {command} 1000 \ --security-policy=my-policy \ --target-rule-set=* c[R"S5UlURRUSSS9 [R"US5 [ R "5UlURRU5 [R"USS9 [R"USS9 [R"USS9 [R"USS9 [R"USS9 [R"USS9 g)z@Generates the flagset for a RemovePreconfigWafExclusion command.zCremove the exclusion configuration for preconfigured WAF evaluationPRIORITY)operation_type cust_metavarF)parseris_addN)r PriorityArgumentNAME_ARG AddArgument AddRegionFlagsecurity_policy_flags(SecurityPolicyMultiScopeArgumentForRulesSECURITY_POLICY_ARGAddTargetRuleSetAddTargetRuleIdsAddRequestHeaderAddRequestCookieAddRequestQueryParam AddRequestUriclsrs Mlib/surface/compute/security_policies/rules/remove_preconfig_waf_exclusion.pyArgs&RemovePreconfigWafExclusionHelper.ArgsWs))MCLLL   MO FFH''/ &7 &7 &7 &7 fU; ve4NcnX!R:H=(a! [U5[UR5:H$N) targetRuleSetset targetRuleIds)r%existing_exclusiontarget_rule_settarget_rule_idss r&_IsIdenticalTarget4RemovePreconfigWafExclusionHelper._IsIdenticalTargetrs= >> > B3D 2 @ @ADBBr)cURR5nURS5=(d SnU(a*URRRU5UlURS5=(d SnU(aXSlU$)zConverts RequestFieldToAdd.opval)messagesr5holderr<refsecurity_policy_refsecurity_policy_rulerjrls r&Run%RemovePreconfigWafExclusionHelper.Runs s"   , - -   6 7 7   6 7 7   ; < <   3 4 411  -. . &&,"d.L.L/  D / / 52 ##)r *-   t $ *R  3323 3 *  * *= 9F]]N C11CC m.E.E.L.LDN"Hd3?    " " ))8#**//77AA+22 $ 4 4  # c    " " ))2#**//77AA $ 4 4  # c"44 ,(113A6M"<<t -  % %5 & 77r)r+)NNNN)__name__ __module__ __qualname____firstlineno____doc__ classmethodr'r2r?rGr^ror__static_attributes__rr)r&rrs5n554*.BB&(,'+,0$( 55n $ $D;7;7r)rc6\rSrSrSrSrSr\S5rSr Sr g)RemovePreconfigWafExclusionGAi1rNc.[RU5 gr+)rr'r$s r&r'"RemovePreconfigWafExclusionGA.Argsms%**r)cJ[RUR5U5$r+)rr ReleaseTrack)selfrks r&r!RemovePreconfigWafExclusionGA.Runss$ , 0 0   r)r) rrrrrrrrr'rrrr)r&rr1s,5n ( r)rc\rSrSrSrSrg)RemovePreconfigWafExclusionBetaizrrNrrrrrrrr)r&rrz5r)rc\rSrSrSrSrg) RemovePreconfigWafExclusionAlphairrNrrr)r&rrrr)rN) r __future__rrrgooglecloudsdk.api_lib.computer0googlecloudsdk.api_lib.compute.security_policiesrgooglecloudsdk.callioperr "googlecloudsdk.command_lib.computer r4googlecloudsdk.command_lib.compute.security_policiesr r:googlecloudsdk.command_lib.compute.security_policies.rulesgooglecloudsdk.corer objectr ReleaseTracksrGA UpdateCommandrBETArALPHArrr)r&rsh&'7C(.E_L*O7O7dD%%(()ED$6$6E*EPD%%**+6&C6,6rD%%++,6'F6-6r)