Retrieves the list of all SecurityPolicy resources, regional and global, available to the specified project. To prevent failure, Google recommends that you set the returnPartialSuccess parameter to true.


You will need authorization for at least one of the following scopes to make a valid call:


If unset, the scope for this method defaults to You can set the scope for this method like this: compute1 --scope <scope> security-policies aggregated-list ...

Required Scalar Argument

  • <project> (string)
    • Name of the project scoping this request.

Optional Output Flags

The method's return value a JSON encoded structure, which will be written to standard output by default.

  • -o out
    • out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output.

Optional Method Properties

You may set the following properties to further configure the call. Please note that -p is followed by one or more key-value-pairs, and is called like this -p k1=v1 k2=v2 even though the listing below repeats the -p for completeness.

  • -p filter=string

    • A filter expression that filters resources listed in the response. Most Compute resources support two types of filter expressions: expressions that support regular expressions and expressions that follow API improvement proposal AIP-160. These two types of filter expressions cannot be mixed in one request. If you want to use AIP-160, your expression must specify the field name, an operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The operator must be either =, !=, &gt;, &lt;, &lt;=, &gt;= or :. For example, if you are filtering Compute Engine instances, you can exclude instances named example-instance by specifying name != example-instance. The :* comparison can be used to test whether a key has been defined. For example, to find all objects with owner label use: labels.owner:* You can also filter nested fields. For example, you could specify scheduling.automaticRestart = false to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: (scheduling.automaticRestart = true) (cpuPlatform = &#34;Intel Skylake&#34;) By default, each expression is an AND expression. However, you can include AND and OR expressions explicitly. For example: (cpuPlatform = &#34;Intel Skylake&#34;) OR (cpuPlatform = &#34;Intel Broadwell&#34;) AND (scheduling.automaticRestart = true) If you want to use a regular expression, use the eq (equal) or ne (not equal) operator against a single un-parenthesized expression with or without quotes or against multiple parenthesized expressions. Examples: fieldname eq unquoted literal fieldname eq &#39;single quoted literal&#39; fieldname eq &#34;double quoted literal&#34; (fieldname1 eq literal) (fieldname2 ne &#34;literal&#34;) The literal value is interpreted as a regular expression using Google RE2 library syntax. The literal value must match the entire field. For example, to filter for instances that do not end with name "instance", you would use name ne .*instance. You cannot combine constraints on multiple fields using regular expressions.
  • -p include-all-scopes=boolean

    • Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
  • -p max-results=integer

    • The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)
  • -p order-by=string

    • Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using orderBy=&#34;creationTimestamp desc&#34;. This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by name or creationTimestamp desc is supported.
  • -p page-token=string

    • Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.
  • -p return-partial-success=boolean

    • Opt-in for partial success behavior which provides partial results in case of failure. The default value is false. For example, when partial success behavior is enabled, aggregatedList for a single zone scope either returns all resources in the zone or no resources, with an error code.
  • -p service-project-number=string

    • The Shared VPC service project id or service project number for which aggregated list request is invoked for subnetworks list-usable api.

Optional General Properties

The following properties can configure any call, and are not specific to this method.

  • -p $-xgafv=string

    • V1 error format.
  • -p access-token=string

    • OAuth access token.
  • -p alt=string

    • Data format for response.
  • -p callback=string

    • JSONP
  • -p fields=string

    • Selector specifying which fields to include in a partial response.
  • -p key=string

    • API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token.
  • -p oauth-token=string

    • OAuth 2.0 token for the current user.
  • -p pretty-print=boolean

    • Returns response with indentations and line breaks.
  • -p quota-user=string

    • Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.
  • -p upload-type=string

    • Legacy upload protocol for media (e.g. "media", "multipart").
  • -p upload-protocol=string

    • Upload protocol for media (e.g. "raw", "multipart").
  • -p user-ip=string

    • Legacy name for parameter that has been superseded by quotaUser.