NAME
    gcloud alpha container fleet policycontroller update - updates the
        configuration of Policy Controller Feature

SYNOPSIS
    gcloud alpha container fleet policycontroller update
        [--all-memberships | [--memberships=[MEMBERSHIPS,...]
          : --location=LOCATION] --origin=ORIGIN
          | --audit-interval=AUDIT_INTERVAL
          --constraint-violation-limit=CONSTRAINT_VIOLATION_LIMIT
          --version=VERSION --clear-exemptable-namespaces
          | --exemptable-namespaces=EXEMPTABLE_NAMESPACES --log-denies
          | --no-log-denies --monitoring=MONITORING
          | --no-monitoring --mutation | --no-mutation --referential-rules
          | --no-referential-rules] [GCLOUD_WIDE_FLAG ...]

DESCRIPTION
    (ALPHA) Updates the configuration of the Policy Controller installation

EXAMPLES
    To change the installed version, run:

        $ gcloud alpha container fleet policycontroller update \
            --version=VERSION

    To modify the audit interval to 120 seconds, run:

        $ gcloud alpha container fleet policycontroller update \
            --audit-interval=120

FLAGS
     Membership flags.

     At most one of these can be specified:

       --all-memberships
          If supplied, apply to all Policy Controllers memberships in the
          fleet.

       Or at least one of these can be specified:

         Membership resource - The group of arguments defining one or more
         memberships. The arguments in this group can be used to specify the
         attributes of this resource. (NOTE) Some attributes are not given
         arguments in this group but can be set in other ways.

         To set the project attribute:
          ▫ provide the argument --memberships on the command line with a
            fully specified name;
          ▫ provide the argument --project on the command line;
          ▫ set the property core/project.

         --memberships=[MEMBERSHIPS,...]
            IDs of the memberships or fully qualified identifiers for the
            memberships.

            To set the memberships attribute:
            ▫ provide the argument --memberships on the command line.

            This flag argument must be specified if any of the other arguments
            in this group are specified.

         --location=LOCATION
            Location for the memberships.

            To set the location attribute:
            ▫ provide the argument --memberships on the command line with a
              fully specified name;
            ▫ provide the argument --location on the command line;
            ▫ set the property gkehub/location.

     At most one of these can be specified:

       --origin=ORIGIN
          If --origin=FLEET will set the configuration of the membership to the
          fleet default.

          ORIGIN must be (only one value is supported): FLEET.

       Or at least one of these can be specified:

         --audit-interval=AUDIT_INTERVAL
            How often Policy Controller will audit resources, in seconds.

         --constraint-violation-limit=CONSTRAINT_VIOLATION_LIMIT
            The number of violations stored on the constraint resource. Must be
            greater than 0.

         --version=VERSION
            The version of Policy Controller to install; defaults to latest
            version.

         Exemptable Namespace flags.

         At most one of these can be specified:

           --clear-exemptable-namespaces
              Removes any namespace exemptions, enabling Policy Controller on
              all namespaces. Setting this flag will overwrite currently
              exempted namespaces, not append.

           --exemptable-namespaces=EXEMPTABLE_NAMESPACES
              Namespaces that Policy Controller should ignore, separated by
              commas if multiple are supplied.

         Log Denies flags.

         At most one of these can be specified:

           --log-denies
              If set, log all denies and dry run failures. (To disable, use
              --no-log-denies)

           --no-log-denies
              If set, disable all log denies.

         Monitoring flags.

         At most one of these can be specified:

           --monitoring=MONITORING
              Monitoring backend options Policy Controller should export
              metrics to, separated by commas if multiple are supplied. Setting
              this flag will overwrite currently enabled backends, not append.
              Options: prometheus, cloudmonitoring

           --no-monitoring
              Include this flag to disable the monitoring configuration of
              Policy Controller.

         Mutation flags.

         At most one of these can be specified:

           --mutation
              If set, enable support for mutation. (To disable, use
              --no-mutation)

           --no-mutation
              Disables mutation support.

         Referential Rules flags.

         At most one of these can be specified:

           --referential-rules
              If set, enable support for referential constraints. (To disable,
              use --no-referential-rules)

           --no-referential-rules
              Disables referential rules support.

GCLOUD WIDE FLAGS
    These flags are available to all commands: --access-token-file, --account,
    --billing-project, --configuration, --flags-file, --flatten, --format,
    --help, --impersonate-service-account, --log-http, --project, --quiet,
    --trace-token, --user-output-enabled, --verbosity.

    Run $ gcloud help for details.

NOTES
    This command is currently in alpha and might change without notice. If this
    command fails with API permission errors despite specifying the correct
    project, you might be trying to access an API with an invitation-only early
    access allowlist. These variants are also available:

        $ gcloud container fleet policycontroller update

        $ gcloud beta container fleet policycontroller update

