NAME
    gcloud container aws clusters update - update an Anthos cluster on AWS

SYNOPSIS
    gcloud container aws clusters update (CLUSTER : --location=LOCATION)
        [--admin-groups=[GROUP,...]] [--admin-users=USER,[USER,...]] [--async]
        [--binauthz-evaluation-mode=BINAUTHZ_EVALUATION_MODE]
        [--cluster-version=CLUSTER_VERSION]
        [--config-encryption-kms-key-arn=CONFIG_ENCRYPTION_KMS_KEY_ARN]
        [--iam-instance-profile=IAM_INSTANCE_PROFILE]
        [--instance-type=INSTANCE_TYPE] [--logging=COMPONENT,[COMPONENT,...]]
        [--role-arn=ROLE_ARN] [--role-session-name=ROLE_SESSION_NAME]
        [--root-volume-iops=ROOT_VOLUME_IOPS]
        [--root-volume-kms-key-arn=ROOT_VOLUME_KMS_KEY_ARN]
        [--root-volume-size=ROOT_VOLUME_SIZE]
        [--root-volume-throughput=ROOT_VOLUME_THROUGHPUT]
        [--root-volume-type=ROOT_VOLUME_TYPE] [--validate-only]
        [--annotations=ANNOTATION,[ANNOTATION,...] | --clear-annotations]
        [--clear-description | --description=DESCRIPTION]
        [--clear-proxy-config | --proxy-secret-arn=PROXY_SECRET_ARN
          --proxy-secret-version-id=PROXY_SECRET_VERSION_ID]
        [--clear-security-group-ids
          | --security-group-ids=[SECURITY_GROUP_ID,...]]
        [--clear-ssh-ec2-key-pair | --ssh-ec2-key-pair=SSH_EC2_KEY_PAIR]
        [--clear-tags | --tags=TAG,[TAG,...]]
        [--disable-managed-prometheus | --enable-managed-prometheus]
        [--disable-per-node-pool-sg-rules | --enable-per-node-pool-sg-rules]
        [GCLOUD_WIDE_FLAG ...]

DESCRIPTION
    (DEPRECATED) Update an Anthos cluster on AWS.

    This command is deprecated. See
    https://cloud.google.com/kubernetes-engine/multi-cloud/docs/aws/deprecations/deprecation-announcement
    for more details.

EXAMPLES
    To update a cluster named my-cluster managed in location us-west1, run:

        $ gcloud container aws clusters update my-cluster \
            --location=us-west1 --cluster-version=CLUSTER_VERSION

POSITIONAL ARGUMENTS
     Cluster resource - cluster to update. The arguments in this group can be
     used to specify the attributes of this resource. (NOTE) Some attributes
     are not given arguments in this group but can be set in other ways.

     To set the project attribute:
      ◆ provide the argument cluster on the command line with a fully
        specified name;
      ◆ provide the argument --project on the command line;
      ◆ set the property core/project.

     This must be specified.

       CLUSTER
          ID of the cluster or fully qualified identifier for the cluster.

          To set the cluster attribute:
          ▸ provide the argument cluster on the command line.

          This positional argument must be specified if any of the other
          arguments in this group are specified.

       --location=LOCATION
          Google Cloud location for the cluster.

          To set the location attribute:
          ▸ provide the argument cluster on the command line with a fully
            specified name;
          ▸ provide the argument --location on the command line;
          ▸ set the property container_aws/location.

FLAGS
     --admin-groups=[GROUP,...]
        Groups of users that can perform operations as a cluster administrator.

     --admin-users=USER,[USER,...]
        Users that can perform operations as a cluster administrator.

     --async
        Return immediately, without waiting for the operation in progress to
        complete.

     --binauthz-evaluation-mode=BINAUTHZ_EVALUATION_MODE
        Set Binary Authorization evaluation mode for this cluster.
        BINAUTHZ_EVALUATION_MODE must be one of: DISABLED,
        PROJECT_SINGLETON_POLICY_ENFORCE.

     --cluster-version=CLUSTER_VERSION
        Kubernetes version to use for the cluster.

     --config-encryption-kms-key-arn=CONFIG_ENCRYPTION_KMS_KEY_ARN
        Amazon Resource Name (ARN) of the AWS KMS key to encrypt the user data.

     --iam-instance-profile=IAM_INSTANCE_PROFILE
        Name or ARN of the IAM instance profile associated with the cluster.

     --instance-type=INSTANCE_TYPE
        AWS EC2 instance type for the control plane's nodes.

     --logging=COMPONENT,[COMPONENT,...]
        Set the components that have logging enabled.

        Examples:

            $ gcloud container aws clusters update --logging=SYSTEM
            $ gcloud container aws clusters update --logging=SYSTEM,WORKLOAD

        COMPONENT must be one of: SYSTEM, WORKLOAD.

     --role-arn=ROLE_ARN
        Amazon Resource Name (ARN) of the IAM role to assume when managing AWS
        resources.

     --role-session-name=ROLE_SESSION_NAME
        Identifier for the assumed role session.

     --root-volume-iops=ROOT_VOLUME_IOPS
        Number of I/O operations per second (IOPS) to provision for the root
        volume.

     --root-volume-kms-key-arn=ROOT_VOLUME_KMS_KEY_ARN
        Amazon Resource Name (ARN) of the AWS KMS key to encrypt the root
        volume.

     --root-volume-size=ROOT_VOLUME_SIZE
        Size of the root volume. The value must be a whole number followed by a
        size unit of GB for gigabyte, or TB for terabyte. If no size unit is
        specified, GB is assumed.

     --root-volume-throughput=ROOT_VOLUME_THROUGHPUT
        Throughput to provision for the root volume, in MiB/s. Only valid if
        the volume type is GP3. If volume type is GP3 and throughput is not
        provided, it defaults to 125.

     --root-volume-type=ROOT_VOLUME_TYPE
        Type of the root volume. ROOT_VOLUME_TYPE must be one of: gp2, gp3.

     --validate-only
        Validate the update of the cluster, but don't actually perform it.

     Annotations

     At most one of these can be specified:

       --annotations=ANNOTATION,[ANNOTATION,...]
          Annotations for the cluster.

       --clear-annotations
          Clear the annotations for the cluster.

     Description

     At most one of these can be specified:

       --clear-description
          Clear the description for the cluster.

       --description=DESCRIPTION
          Description for the cluster.

     Proxy config

     At most one of these can be specified:

       --clear-proxy-config
          Clear the proxy configuration associated with the control plane.

       Or at least one of these can be specified:

         Update existing proxy config parameters

         --proxy-secret-arn=PROXY_SECRET_ARN
            ARN of the AWS Secrets Manager secret that contains a proxy
            configuration.

         --proxy-secret-version-id=PROXY_SECRET_VERSION_ID
            Version ID string of the AWS Secrets Manager secret that contains a
            proxy configuration.

     Security groups

     At most one of these can be specified:

       --clear-security-group-ids
          Clear any additional security groups associated with the control
          plane's nodes. This does not remove the default security groups.

       --security-group-ids=[SECURITY_GROUP_ID,...]
          IDs of additional security groups to add to the control plane's
          nodes.

     SSH config

     At most one of these can be specified:

       --clear-ssh-ec2-key-pair
          Clear the EC2 key pair authorized to login to the control plane's
          nodes.

       --ssh-ec2-key-pair=SSH_EC2_KEY_PAIR
          Name of the EC2 key pair authorized to login to the control plane's
          nodes.

     Tags

     At most one of these can be specified:

       --clear-tags
          Clear any tags associated with the control plane's nodes.

       --tags=TAG,[TAG,...]
          Applies the given tags (comma separated) on the control plane.
          Example:

              $ gcloud container aws clusters update EXAMPLE_CONTROL_PLANE \
                  --tags=tag1=one,tag2=two

     Monitoring Config

     At most one of these can be specified:

       --disable-managed-prometheus
          Disable managed collection for Managed Service for Prometheus.

       --enable-managed-prometheus
          Enable managed collection for Managed Service for Prometheus.

     Default per node pool security group rules

     At most one of these can be specified:

       --disable-per-node-pool-sg-rules
          Disable the default per node pool subnet security group rules on the
          control plane security group. When disabled, at least one security
          group that allows node pools to send traffic to the control plane on
          ports TCP/443 and TCP/8132 must be provided.

       --enable-per-node-pool-sg-rules
          Enable the default per node pool subnet security group rules on the
          control plane security group.

GCLOUD WIDE FLAGS
    These flags are available to all commands: --access-token-file, --account,
    --billing-project, --configuration, --flags-file, --flatten, --format,
    --help, --impersonate-service-account, --log-http, --project, --quiet,
    --trace-token, --user-output-enabled, --verbosity.

    Run $ gcloud help for details.

NOTES
    This variant is also available:

        $ gcloud alpha container aws clusters update

