mirror of
https://github.com/imjasonh/gcloud-help
synced 2026-07-19 07:15:23 +00:00
gcloud: Thu Jan 19 00:56:33 UTC 2023
This commit is contained in:
parent
348d9760ee
commit
1248f773ec
1462 changed files with 51835 additions and 5402 deletions
111
gcloud/alpha/storage/buckets/add-iam-policy-binding
Normal file
111
gcloud/alpha/storage/buckets/add-iam-policy-binding
Normal file
|
|
@ -0,0 +1,111 @@
|
|||
NAME
|
||||
gcloud alpha storage buckets add-iam-policy-binding - add an IAM policy
|
||||
binding to a bucket
|
||||
|
||||
SYNOPSIS
|
||||
gcloud alpha storage buckets add-iam-policy-binding URL --member=PRINCIPAL
|
||||
--role=ROLE
|
||||
[--condition=[KEY=VALUE,...]
|
||||
| --condition-from-file=CONDITION_FROM_FILE] [GCLOUD_WIDE_FLAG ...]
|
||||
|
||||
DESCRIPTION
|
||||
(ALPHA) Add an IAM policy binding to a bucket. For more information, see
|
||||
Cloud Identity and Access Management
|
||||
(https://cloud.google.com/storage/docs/access-control/iam).
|
||||
|
||||
EXAMPLES
|
||||
To grant a single role to a single principal for BUCKET:
|
||||
|
||||
$ gcloud alpha storage buckets add-iam-policy-binding gs://BUCKET \
|
||||
--member=user:john.doe@example.com \
|
||||
--role=roles/storage.objectCreator
|
||||
|
||||
To make objects in BUCKET publicly readable:
|
||||
|
||||
$ gcloud alpha storage buckets add-iam-policy-binding gs://BUCKET \
|
||||
--member=AllUsers --role=roles/storage.objectViewer
|
||||
|
||||
To specify a custom role for a principal on BUCKET:
|
||||
|
||||
$ gcloud alpha storage buckets add-iam-policy-binding gs://BUCKET \
|
||||
--member=user:john.doe@example.com --role=roles/customRoleName
|
||||
|
||||
POSITIONAL ARGUMENTS
|
||||
URL
|
||||
URL of bucket to add IAM policy binding to.
|
||||
|
||||
REQUIRED FLAGS
|
||||
--member=PRINCIPAL
|
||||
The principal to add the binding for. Should be of the form
|
||||
user|group|serviceAccount:email or domain:domain.
|
||||
|
||||
Examples: user:test-user@gmail.com, group:admins@example.com,
|
||||
serviceAccount:test123@example.domain.com, or
|
||||
domain:example.domain.com.
|
||||
|
||||
Some resources also accept the following special values:
|
||||
◆ allUsers - Special identifier that represents anyone who is on the
|
||||
internet, with or without a Google account.
|
||||
◆ allAuthenticatedUsers - Special identifier that represents anyone
|
||||
who is authenticated with a Google account or a service account.
|
||||
|
||||
--role=ROLE
|
||||
Role name to assign to the principal. The role name is the complete
|
||||
path of a predefined role, such as roles/logging.viewer, or the role ID
|
||||
for a custom role, such as
|
||||
organizations/{ORGANIZATION_ID}/roles/logging.viewer.
|
||||
|
||||
OPTIONAL FLAGS
|
||||
At most one of these can be specified:
|
||||
|
||||
--condition=[KEY=VALUE,...]
|
||||
A condition to include in the binding. When the condition is
|
||||
explicitly specified as None (--condition=None), a binding without a
|
||||
condition is added. When the condition is specified and is not None,
|
||||
--role cannot be a basic role. Basic roles are roles/editor,
|
||||
roles/owner, and roles/viewer. For more on conditions, refer to the
|
||||
conditions overview guide:
|
||||
https://cloud.google.com/iam/docs/conditions-overview
|
||||
|
||||
When using the --condition flag, include the following key-value
|
||||
pairs:
|
||||
|
||||
expression
|
||||
(Required) Condition expression that evaluates to True or False.
|
||||
This uses a subset of Common Expression Language syntax.
|
||||
|
||||
If the condition expression includes a comma, use a different
|
||||
delimiter to separate the key-value pairs. Specify the delimiter
|
||||
before listing the key-value pairs. For example, to specify a
|
||||
colon (:) as the delimiter, do the following:
|
||||
--condition=^:^title=TITLE:expression=EXPRESSION. For more
|
||||
information, see
|
||||
https://cloud.google.com/sdk/gcloud/reference/topic/escaping.
|
||||
|
||||
title
|
||||
(Required) A short string describing the purpose of the
|
||||
expression.
|
||||
|
||||
description
|
||||
(Optional) Additional description for the expression.
|
||||
|
||||
--condition-from-file=CONDITION_FROM_FILE
|
||||
Path to a local JSON or YAML file that defines the condition. To see
|
||||
available fields, see the help for --condition.
|
||||
|
||||
GCLOUD WIDE FLAGS
|
||||
These flags are available to all commands: --access-token-file, --account,
|
||||
--billing-project, --configuration, --flags-file, --flatten, --format,
|
||||
--help, --impersonate-service-account, --log-http, --project, --quiet,
|
||||
--trace-token, --user-output-enabled, --verbosity.
|
||||
|
||||
Run $ gcloud help for details.
|
||||
|
||||
NOTES
|
||||
This command is currently in alpha and might change without notice. If this
|
||||
command fails with API permission errors despite specifying the correct
|
||||
project, you might be trying to access an API with an invitation-only early
|
||||
access allowlist. This variant is also available:
|
||||
|
||||
$ gcloud storage buckets add-iam-policy-binding
|
||||
|
||||
|
|
@ -2,13 +2,15 @@ NAME
|
|||
gcloud alpha storage buckets create - create buckets for storing objects
|
||||
|
||||
SYNOPSIS
|
||||
gcloud alpha storage buckets create URL
|
||||
gcloud alpha storage buckets create URL [--additional-headers=HEADER=VALUE]
|
||||
[--default-encryption-key=DEFAULT_ENCRYPTION_KEY,
|
||||
-k DEFAULT_ENCRYPTION_KEY]
|
||||
[--default-storage-class=DEFAULT_STORAGE_CLASS,
|
||||
-c DEFAULT_STORAGE_CLASS, -s DEFAULT_STORAGE_CLASS]
|
||||
[--location=LOCATION, -l LOCATION]
|
||||
[--[no-]enable-autoclass] [--location=LOCATION, -l LOCATION]
|
||||
[--[no-]pap, --[no-]public-access-prevention]
|
||||
[--placement=REGION,REGION]
|
||||
[--recovery-point-objective=SETTING, --rpo=SETTING]
|
||||
[--retention-period=RETENTION_PERIOD]
|
||||
[--[no-]uniform-bucket-level-access, -b] [GCLOUD_WIDE_FLAG ...]
|
||||
|
||||
|
|
@ -32,6 +34,12 @@ POSITIONAL ARGUMENTS
|
|||
The URL of the bucket to create.
|
||||
|
||||
FLAGS
|
||||
--additional-headers=HEADER=VALUE
|
||||
Includes arbitrary headers in storage API calls. Accepts a comma
|
||||
separated list of key=value pairs, e.g. header1=value1,header2=value2.
|
||||
Overrides the default storage/additional_headers property value for
|
||||
this command invocation.
|
||||
|
||||
--default-encryption-key=DEFAULT_ENCRYPTION_KEY, -k DEFAULT_ENCRYPTION_KEY
|
||||
Set the default KMS key using the full path to the key, which has the
|
||||
following form:
|
||||
|
|
@ -43,6 +51,11 @@ FLAGS
|
|||
If not specified, the default storage class used by Cloud Storage is
|
||||
"Standard".
|
||||
|
||||
--[no-]enable-autoclass
|
||||
The Autoclass feature automatically selects the best storage class for
|
||||
objects based on access patterns. Use --enable-autoclass to enable and
|
||||
--no-enable-autoclass to disable.
|
||||
|
||||
--location=LOCATION, -l LOCATION
|
||||
Location (https://cloud.google.com/storage/docs/locations) for the
|
||||
bucket. If not specified, the location used by Cloud Storage is us. A
|
||||
|
|
@ -51,10 +64,28 @@ FLAGS
|
|||
--[no-]pap, --[no-]public-access-prevention
|
||||
Sets public access prevention to "enforced". For details on how exactly
|
||||
public access is blocked, see:
|
||||
http://cloud/storage/docs/public-access-prevention. Use
|
||||
http://cloud.google.com/storage/docs/public-access-prevention. Use
|
||||
--public-access-prevention to enable and --no-public-access-prevention
|
||||
to disable.
|
||||
|
||||
--placement=REGION,REGION
|
||||
A comma-separated list of exactly 2 regions that form the custom
|
||||
dual-region. Only regions within the same continent are or will ever be
|
||||
valid. Invalid location pairs (such as mixed-continent, or with
|
||||
unsupported regions) will return an error.
|
||||
|
||||
--recovery-point-objective=SETTING, --rpo=SETTING
|
||||
Sets the recovery point objective
|
||||
(https://cloud.google.com/architecture/dr-scenarios-planning-guide#basics_of_dr_planning)
|
||||
of a bucket. This flag can only be used with multi-region and
|
||||
dual-region buckets. DEFAULT option is valid for multi-region and
|
||||
dual-regions buckets. ASYNC_TURBO option is only valid for dual-region
|
||||
buckets. If unspecified when the bucket is created, it defaults to
|
||||
DEFAULT for dual-region and multi-region buckets. For more information,
|
||||
see Turbo Replication
|
||||
(https://cloud.google.com/storage/docs/turbo-replication). SETTING must
|
||||
be one of: ASYNC_TURBO, DEFAULT.
|
||||
|
||||
--retention-period=RETENTION_PERIOD
|
||||
Minimum retention period
|
||||
(https://cloud.google.com/storage/docs/bucket-lock#retention-periods)
|
||||
|
|
|
|||
|
|
@ -3,7 +3,8 @@ NAME
|
|||
|
||||
SYNOPSIS
|
||||
gcloud alpha storage buckets delete URLS [URLS ...]
|
||||
[--continue-on-error, -c] [GCLOUD_WIDE_FLAG ...]
|
||||
[--additional-headers=HEADER=VALUE] [--continue-on-error, -c]
|
||||
[GCLOUD_WIDE_FLAG ...]
|
||||
|
||||
DESCRIPTION
|
||||
(ALPHA) Deletes one or more Cloud Storage buckets.
|
||||
|
|
@ -23,6 +24,12 @@ POSITIONAL ARGUMENTS
|
|||
Specifies the URLs of the buckets to delete.
|
||||
|
||||
FLAGS
|
||||
--additional-headers=HEADER=VALUE
|
||||
Includes arbitrary headers in storage API calls. Accepts a comma
|
||||
separated list of key=value pairs, e.g. header1=value1,header2=value2.
|
||||
Overrides the default storage/additional_headers property value for
|
||||
this command invocation.
|
||||
|
||||
--continue-on-error, -c
|
||||
If any operations are unsuccessful, the command will exit with a
|
||||
non-zero exit status after completing the remaining operations. This
|
||||
|
|
|
|||
|
|
@ -2,7 +2,8 @@ NAME
|
|||
gcloud alpha storage buckets describe - describes Cloud Storage buckets
|
||||
|
||||
SYNOPSIS
|
||||
gcloud alpha storage buckets describe URL [GCLOUD_WIDE_FLAG ...]
|
||||
gcloud alpha storage buckets describe URL
|
||||
[--additional-headers=HEADER=VALUE] [GCLOUD_WIDE_FLAG ...]
|
||||
|
||||
DESCRIPTION
|
||||
(ALPHA) Describe a Cloud Storage bucket.
|
||||
|
|
@ -21,6 +22,13 @@ POSITIONAL ARGUMENTS
|
|||
URL
|
||||
Specifies URL of bucket to describe.
|
||||
|
||||
FLAGS
|
||||
--additional-headers=HEADER=VALUE
|
||||
Includes arbitrary headers in storage API calls. Accepts a comma
|
||||
separated list of key=value pairs, e.g. header1=value1,header2=value2.
|
||||
Overrides the default storage/additional_headers property value for
|
||||
this command invocation.
|
||||
|
||||
GCLOUD WIDE FLAGS
|
||||
These flags are available to all commands: --access-token-file, --account,
|
||||
--billing-project, --configuration, --flags-file, --flatten, --format,
|
||||
|
|
|
|||
42
gcloud/alpha/storage/buckets/get-iam-policy
Normal file
42
gcloud/alpha/storage/buckets/get-iam-policy
Normal file
|
|
@ -0,0 +1,42 @@
|
|||
NAME
|
||||
gcloud alpha storage buckets get-iam-policy - get the IAM policy for a
|
||||
bucket
|
||||
|
||||
SYNOPSIS
|
||||
gcloud alpha storage buckets get-iam-policy URL [GCLOUD_WIDE_FLAG ...]
|
||||
|
||||
DESCRIPTION
|
||||
(ALPHA) Get the IAM policy for a bucket. For more information, see Cloud
|
||||
Identity and Access Management
|
||||
(https://cloud.google.com/storage/docs/access-control/iam).
|
||||
|
||||
EXAMPLES
|
||||
To get the IAM policy for BUCKET:
|
||||
|
||||
$ gcloud alpha storage buckets get-iam-policy gs://BUCKET
|
||||
|
||||
To output the IAM policy for BUCKET to a file:
|
||||
|
||||
$ gcloud alpha storage buckets get-iam-policy gs://BUCKET > \
|
||||
policy.txt
|
||||
|
||||
POSITIONAL ARGUMENTS
|
||||
URL
|
||||
Request IAM policy for this bucket.
|
||||
|
||||
GCLOUD WIDE FLAGS
|
||||
These flags are available to all commands: --access-token-file, --account,
|
||||
--billing-project, --configuration, --flags-file, --flatten, --format,
|
||||
--help, --impersonate-service-account, --log-http, --project, --quiet,
|
||||
--trace-token, --user-output-enabled, --verbosity.
|
||||
|
||||
Run $ gcloud help for details.
|
||||
|
||||
NOTES
|
||||
This command is currently in alpha and might change without notice. If this
|
||||
command fails with API permission errors despite specifying the correct
|
||||
project, you might be trying to access an API with an invitation-only early
|
||||
access allowlist. This variant is also available:
|
||||
|
||||
$ gcloud storage buckets get-iam-policy
|
||||
|
||||
|
|
@ -21,6 +21,9 @@ GROUPS
|
|||
COMMANDS
|
||||
COMMAND is one of the following:
|
||||
|
||||
add-iam-policy-binding
|
||||
(ALPHA) Add an IAM policy binding to a bucket.
|
||||
|
||||
create
|
||||
(ALPHA) Create buckets for storing objects.
|
||||
|
||||
|
|
@ -30,9 +33,18 @@ COMMANDS
|
|||
describe
|
||||
(ALPHA) Describes Cloud Storage buckets.
|
||||
|
||||
get-iam-policy
|
||||
(ALPHA) Get the IAM policy for a bucket.
|
||||
|
||||
list
|
||||
(ALPHA) Lists Cloud Storage buckets.
|
||||
|
||||
remove-iam-policy-binding
|
||||
(ALPHA) Remove an IAM policy binding from a bucket.
|
||||
|
||||
set-iam-policy
|
||||
(ALPHA) Set the IAM policy for a bucket.
|
||||
|
||||
update
|
||||
(ALPHA) Update bucket settings.
|
||||
|
||||
|
|
|
|||
|
|
@ -2,7 +2,8 @@ NAME
|
|||
gcloud alpha storage buckets list - lists Cloud Storage buckets
|
||||
|
||||
SYNOPSIS
|
||||
gcloud alpha storage buckets list [URLS ...] [--filter=EXPRESSION]
|
||||
gcloud alpha storage buckets list [URLS ...]
|
||||
[--additional-headers=HEADER=VALUE] [--filter=EXPRESSION]
|
||||
[--limit=LIMIT] [--page-size=PAGE_SIZE] [--sort-by=[FIELD,...]] [--uri]
|
||||
[GCLOUD_WIDE_FLAG ...]
|
||||
|
||||
|
|
@ -26,6 +27,13 @@ POSITIONAL ARGUMENTS
|
|||
[URLS ...]
|
||||
Specifies URL of buckets to List.
|
||||
|
||||
FLAGS
|
||||
--additional-headers=HEADER=VALUE
|
||||
Includes arbitrary headers in storage API calls. Accepts a comma
|
||||
separated list of key=value pairs, e.g. header1=value1,header2=value2.
|
||||
Overrides the default storage/additional_headers property value for
|
||||
this command invocation.
|
||||
|
||||
LIST COMMAND FLAGS
|
||||
--filter=EXPRESSION
|
||||
Apply a Boolean filter EXPRESSION to each resource item to be listed.
|
||||
|
|
|
|||
|
|
@ -28,8 +28,8 @@ DESCRIPTION
|
|||
the create command uses the Cloud Pub/Sub topic
|
||||
projects/default-project/topics/example-bucket.
|
||||
|
||||
In order to enable notifications, your project's [Cloud Storage service
|
||||
agent] (https://cloud.google.com/storage/docs/projects#service-accounts)
|
||||
In order to enable notifications, your project's Cloud Storage service
|
||||
agent (https://cloud.google.com/storage/docs/projects#service-accounts)
|
||||
must have the IAM permission "pubsub.topics.publish". This command checks
|
||||
to see if the destination Cloud Pub/Sub topic grants the service agent this
|
||||
permission. If not, the create command attempts to grant it.
|
||||
|
|
|
|||
108
gcloud/alpha/storage/buckets/remove-iam-policy-binding
Normal file
108
gcloud/alpha/storage/buckets/remove-iam-policy-binding
Normal file
|
|
@ -0,0 +1,108 @@
|
|||
NAME
|
||||
gcloud alpha storage buckets remove-iam-policy-binding - remove an IAM
|
||||
policy binding from a bucket
|
||||
|
||||
SYNOPSIS
|
||||
gcloud alpha storage buckets remove-iam-policy-binding URL
|
||||
--member=PRINCIPAL --role=ROLE
|
||||
[--all | --condition=[KEY=VALUE,...]
|
||||
| --condition-from-file=CONDITION_FROM_FILE] [GCLOUD_WIDE_FLAG ...]
|
||||
|
||||
DESCRIPTION
|
||||
(ALPHA) Removes a policy binding from the IAM policy of a bucket, given a
|
||||
bucket URL and the binding. For more information, see Cloud Identity and
|
||||
Access Management
|
||||
(https://cloud.google.com/storage/docs/access-control/iam).
|
||||
|
||||
EXAMPLES
|
||||
To remove an IAM policy binding from the role of
|
||||
roles/storage.objectCreator for the user john.doe@example.com on BUCKET:
|
||||
|
||||
$ gcloud alpha storage buckets remove-iam-policy-binding \
|
||||
gs://BUCKET --member=user:john.doe@example.com \
|
||||
--role=roles/storage.objectCreator
|
||||
|
||||
POSITIONAL ARGUMENTS
|
||||
URL
|
||||
URL of bucket to remove IAM policy binding from.
|
||||
|
||||
REQUIRED FLAGS
|
||||
--member=PRINCIPAL
|
||||
The principal to remove the binding for. Should be of the form
|
||||
user|group|serviceAccount:email or domain:domain.
|
||||
|
||||
Examples: user:test-user@gmail.com, group:admins@example.com,
|
||||
serviceAccount:test123@example.domain.com, or
|
||||
domain:example.domain.com.
|
||||
|
||||
Deleted principals have an additional deleted: prefix and a ?uid=UID
|
||||
suffix, where UID is a unique identifier for the principal. Example:
|
||||
deleted:user:test-user@gmail.com?uid=123456789012345678901.
|
||||
|
||||
Some resources also accept the following special values:
|
||||
◆ allUsers - Special identifier that represents anyone who is on the
|
||||
internet, with or without a Google account.
|
||||
◆ allAuthenticatedUsers - Special identifier that represents anyone
|
||||
who is authenticated with a Google account or a service account.
|
||||
|
||||
--role=ROLE
|
||||
The role to remove the principal from.
|
||||
|
||||
OPTIONAL FLAGS
|
||||
At most one of these can be specified:
|
||||
|
||||
--all
|
||||
Remove all bindings with this role and principal, irrespective of any
|
||||
conditions.
|
||||
|
||||
--condition=[KEY=VALUE,...]
|
||||
The condition of the binding that you want to remove. When the
|
||||
condition is explicitly specified as None (--condition=None), a
|
||||
binding without a condition is removed. Otherwise, only a binding
|
||||
with a condition that exactly matches the specified condition
|
||||
(including the optional description) is removed. For more on
|
||||
conditions, refer to the conditions overview guide:
|
||||
https://cloud.google.com/iam/docs/conditions-overview
|
||||
|
||||
When using the --condition flag, include the following key-value
|
||||
pairs:
|
||||
|
||||
expression
|
||||
(Required) Condition expression that evaluates to True or False.
|
||||
This uses a subset of Common Expression Language syntax.
|
||||
|
||||
If the condition expression includes a comma, use a different
|
||||
delimiter to separate the key-value pairs. Specify the delimiter
|
||||
before listing the key-value pairs. For example, to specify a
|
||||
colon (:) as the delimiter, do the following:
|
||||
--condition=^:^title=TITLE:expression=EXPRESSION. For more
|
||||
information, see
|
||||
https://cloud.google.com/sdk/gcloud/reference/topic/escaping.
|
||||
|
||||
title
|
||||
(Required) A short string describing the purpose of the
|
||||
expression.
|
||||
|
||||
description
|
||||
(Optional) Additional description for the expression.
|
||||
|
||||
--condition-from-file=CONDITION_FROM_FILE
|
||||
Path to a local JSON or YAML file that defines the condition. To see
|
||||
available fields, see the help for --condition.
|
||||
|
||||
GCLOUD WIDE FLAGS
|
||||
These flags are available to all commands: --access-token-file, --account,
|
||||
--billing-project, --configuration, --flags-file, --flatten, --format,
|
||||
--help, --impersonate-service-account, --log-http, --project, --quiet,
|
||||
--trace-token, --user-output-enabled, --verbosity.
|
||||
|
||||
Run $ gcloud help for details.
|
||||
|
||||
NOTES
|
||||
This command is currently in alpha and might change without notice. If this
|
||||
command fails with API permission errors despite specifying the correct
|
||||
project, you might be trying to access an API with an invitation-only early
|
||||
access allowlist. This variant is also available:
|
||||
|
||||
$ gcloud storage buckets remove-iam-policy-binding
|
||||
|
||||
61
gcloud/alpha/storage/buckets/set-iam-policy
Normal file
61
gcloud/alpha/storage/buckets/set-iam-policy
Normal file
|
|
@ -0,0 +1,61 @@
|
|||
NAME
|
||||
gcloud alpha storage buckets set-iam-policy - set the IAM policy for a
|
||||
bucket
|
||||
|
||||
SYNOPSIS
|
||||
gcloud alpha storage buckets set-iam-policy URLS [URLS ...] POLICY_FILE
|
||||
[--continue-on-error, -c] [--etag=ETAG, -e ETAG] [GCLOUD_WIDE_FLAG ...]
|
||||
|
||||
DESCRIPTION
|
||||
(ALPHA) Set the IAM policy for a bucket. For more information, see Cloud
|
||||
Identity and Access Management
|
||||
(https://cloud.google.com/storage/docs/access-control/iam).
|
||||
|
||||
EXAMPLES
|
||||
To set the IAM policy in POLICY-FILE on BUCKET:
|
||||
|
||||
$ gcloud alpha storage buckets set-iam-policy gs://BUCKET POLICY-FILE
|
||||
|
||||
To set the IAM policy in POLICY-FILE on all buckets beginning with "b":
|
||||
|
||||
$ gcloud alpha storage buckets set-iam-policy gs://b* POLICY-FILE
|
||||
|
||||
POSITIONAL ARGUMENTS
|
||||
URLS [URLS ...]
|
||||
URLs for buckets to apply the IAM policy to. Can include wildcards.
|
||||
|
||||
POLICY_FILE
|
||||
Path to a local JSON or YAML formatted file containing a valid policy.
|
||||
|
||||
The output of the get-iam-policy command is a valid file, as is any
|
||||
JSON or YAML file conforming to the structure of a Policy
|
||||
(https://cloud.google.com/iam/reference/rest/v1/Policy).
|
||||
|
||||
FLAGS
|
||||
--continue-on-error, -c
|
||||
If any operations are unsuccessful, the command will exit with a
|
||||
non-zero exit status after completing the remaining operations. This
|
||||
flag takes effect only in sequential execution mode (i.e. processor and
|
||||
thread count are set to 1). Parallelism is default.
|
||||
|
||||
--etag=ETAG, -e ETAG
|
||||
Custom etag to set on IAM policy. API will reject etags that do not
|
||||
match this value, making it useful as a precondition during concurrent
|
||||
operations.
|
||||
|
||||
GCLOUD WIDE FLAGS
|
||||
These flags are available to all commands: --access-token-file, --account,
|
||||
--billing-project, --configuration, --flags-file, --flatten, --format,
|
||||
--help, --impersonate-service-account, --log-http, --project, --quiet,
|
||||
--trace-token, --user-output-enabled, --verbosity.
|
||||
|
||||
Run $ gcloud help for details.
|
||||
|
||||
NOTES
|
||||
This command is currently in alpha and might change without notice. If this
|
||||
command fails with API permission errors despite specifying the correct
|
||||
project, you might be trying to access an API with an invitation-only early
|
||||
access allowlist. This variant is also available:
|
||||
|
||||
$ gcloud storage buckets set-iam-policy
|
||||
|
||||
|
|
@ -3,12 +3,19 @@ NAME
|
|||
|
||||
SYNOPSIS
|
||||
gcloud alpha storage buckets update URL [URL ...]
|
||||
[--canned-acl=PREDEFINED_ACL,
|
||||
--predefined-acl=PREDEFINED_ACL, -a PREDEFINED_ACL]
|
||||
[--continue-on-error, -c] [--[no-]default-event-based-hold]
|
||||
[--default-storage-class=DEFAULT_STORAGE_CLASS]
|
||||
[--[no-]lock-retention-period] [--[no-]requester-pays]
|
||||
[--[no-]uniform-bucket-level-access] [--[no-]versioning]
|
||||
[--additional-headers=HEADER=VALUE] [--continue-on-error, -c]
|
||||
[--[no-]default-event-based-hold] [--[no-]enable-autoclass]
|
||||
[--lock-retention-period]
|
||||
[--recovery-point-objective=SETTING, --rpo=SETTING]
|
||||
[--[no-]requester-pays] [--[no-]uniform-bucket-level-access]
|
||||
[--[no-]versioning]
|
||||
[--acl-file=ACL_FILE --add-acl-grant=[ACL_GRANT,...]
|
||||
--canned-acl=PREDEFINED_ACL, --predefined-acl=PREDEFINED_ACL,
|
||||
-a PREDEFINED_ACL --remove-acl-grant=REMOVE_ACL_GRANT]
|
||||
[--add-default-object-acl-grant=[DEFAULT_OBJECT_ACL_GRANT,...]
|
||||
--default-object-acl-file=DEFAULT_OBJECT_ACL_FILE
|
||||
--predefined-default-object-acl=PREDEFINED_DEFAULT_OBJECT_ACL
|
||||
--remove-default-object-acl-grant=REMOVE_DEFAULT_OBJECT_ACL_GRANT]
|
||||
[--clear-cors | --cors-file=CORS_FILE]
|
||||
[--clear-default-encryption-key
|
||||
| --default-encryption-key=DEFAULT_ENCRYPTION_KEY]
|
||||
|
|
@ -45,10 +52,11 @@ POSITIONAL ARGUMENTS
|
|||
URLs of the buckets to update.
|
||||
|
||||
FLAGS
|
||||
--canned-acl=PREDEFINED_ACL, --predefined-acl=PREDEFINED_ACL, -a PREDEFINED_ACL
|
||||
Applies predefined, or "canned," ACLs to a resource. See docs for a
|
||||
list of predefined ACL constants:
|
||||
https://cloud.google.com/storage/docs/access-control/lists#predefined-acl
|
||||
--additional-headers=HEADER=VALUE
|
||||
Includes arbitrary headers in storage API calls. Accepts a comma
|
||||
separated list of key=value pairs, e.g. header1=value1,header2=value2.
|
||||
Overrides the default storage/additional_headers property value for
|
||||
this command invocation.
|
||||
|
||||
--continue-on-error, -c
|
||||
If any operations are unsuccessful, the command will exit with a
|
||||
|
|
@ -63,15 +71,28 @@ FLAGS
|
|||
retroactively). Use --default-event-based-hold to enable and
|
||||
--no-default-event-based-hold to disable.
|
||||
|
||||
--default-storage-class=DEFAULT_STORAGE_CLASS
|
||||
Sets the default storage class for the bucket.
|
||||
--[no-]enable-autoclass
|
||||
The Autoclass feature automatically selects the best storage class for
|
||||
objects based on access patterns. Use --enable-autoclass to enable and
|
||||
--no-enable-autoclass to disable.
|
||||
|
||||
--[no-]lock-retention-period
|
||||
--lock-retention-period
|
||||
Locks an unlocked retention policy on the buckets. Caution: A locked
|
||||
retention policy cannot be removed from a bucket or reduced in
|
||||
duration. Once locked, deleting the bucket is the only way to "remove"
|
||||
a retention policy. Use --lock-retention-period to enable and
|
||||
--no-lock-retention-period to disable.
|
||||
a retention policy.
|
||||
|
||||
--recovery-point-objective=SETTING, --rpo=SETTING
|
||||
Sets the recovery point objective
|
||||
(https://cloud.google.com/architecture/dr-scenarios-planning-guide#basics_of_dr_planning)
|
||||
of a bucket. This flag can only be used with multi-region and
|
||||
dual-region buckets. DEFAULT option is valid for multi-region and
|
||||
dual-regions buckets. ASYNC_TURBO option is only valid for dual-region
|
||||
buckets. If unspecified when the bucket is created, it defaults to
|
||||
DEFAULT for dual-region and multi-region buckets. For more information,
|
||||
see Turbo Replication
|
||||
(https://cloud.google.com/storage/docs/turbo-replication). SETTING must
|
||||
be one of: ASYNC_TURBO, DEFAULT.
|
||||
|
||||
--[no-]requester-pays
|
||||
Allows you to configure a Cloud Storage bucket so that the requester
|
||||
|
|
@ -88,6 +109,42 @@ FLAGS
|
|||
Allows you to configure a Cloud Storage bucket to keep old versions of
|
||||
objects. Use --versioning to enable and --no-versioning to disable.
|
||||
|
||||
--acl-file=ACL_FILE
|
||||
Path to a local JSON or YAML formatted file containing a valid policy.
|
||||
The output of gcloud storage [buckets|objects] describe
|
||||
--format="multi(acl:format=json)" is a valid file and can be edited for
|
||||
more fine-grained control.
|
||||
|
||||
--add-acl-grant=[ACL_GRANT,...]
|
||||
Key-value pairs mirroring the JSON accepted by your cloud provider. For
|
||||
example, for Google Cloud
|
||||
Storage,--add-acl-grant=entity=user-tim@gmail.com,role=OWNER
|
||||
|
||||
--canned-acl=PREDEFINED_ACL, --predefined-acl=PREDEFINED_ACL, -a PREDEFINED_ACL
|
||||
Applies predefined, or "canned," ACLs to a resource. See docs for a
|
||||
list of predefined ACL constants:
|
||||
https://cloud.google.com/storage/docs/access-control/lists#predefined-acl
|
||||
|
||||
--remove-acl-grant=REMOVE_ACL_GRANT
|
||||
Key-value pairs mirroring the JSON accepted by your cloud provider. For
|
||||
example, for Google Cloud Storage, --remove-acl-grant=ENTITY, where
|
||||
ENTITY has a valid ACL entity format, such as user-tim@gmail.com,
|
||||
group-admins, allUsers, etc.
|
||||
|
||||
--add-default-object-acl-grant=[DEFAULT_OBJECT_ACL_GRANT,...]
|
||||
Adds default object ACL grant. See --add-acl-grant help text for more
|
||||
details.
|
||||
|
||||
--default-object-acl-file=DEFAULT_OBJECT_ACL_FILE
|
||||
Sets the default object ACL from file for the bucket.
|
||||
|
||||
--predefined-default-object-acl=PREDEFINED_DEFAULT_OBJECT_ACL
|
||||
Apply a predefined set of default object access controls tobuckets
|
||||
|
||||
--remove-default-object-acl-grant=REMOVE_DEFAULT_OBJECT_ACL_GRANT
|
||||
Removes default object ACL grant. See --remove-acl-grant help text for
|
||||
more details.
|
||||
|
||||
At most one of these can be specified:
|
||||
|
||||
--clear-cors
|
||||
|
|
@ -192,7 +249,7 @@ FLAGS
|
|||
If True, sets public access prevention to "enforced". If False, sets
|
||||
public access prevention to "inherited". For details on how exactly
|
||||
public access is blocked, see:
|
||||
http://cloud/storage/docs/public-access-prevention. Use
|
||||
http://cloud.google.com/storage/docs/public-access-prevention. Use
|
||||
--public-access-prevention to enable and
|
||||
--no-public-access-prevention to disable.
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue