mirror of
https://github.com/imjasonh/gcloud-help
synced 2026-07-08 02:25:19 +00:00
gcloud: Thu Sep 7 10:42:28 UTC 2023
This commit is contained in:
parent
f9edf67fe5
commit
6c8d2eb024
307 changed files with 4053 additions and 1615 deletions
|
|
@ -3,10 +3,7 @@ NAME
|
|||
|
||||
SYNOPSIS
|
||||
gcloud container fleet create [--async] [--display-name=DISPLAY_NAME]
|
||||
[--labels=[KEY=VALUE,...]]
|
||||
[--security-posture=SECURITY_POSTURE
|
||||
--workload-vulnerability-scanning=WORKLOAD_VULNERABILITY_SCANNING]
|
||||
[GCLOUD_WIDE_FLAG ...]
|
||||
[--labels=[KEY=VALUE,...]] [GCLOUD_WIDE_FLAG ...]
|
||||
|
||||
DESCRIPTION
|
||||
This command can fail for the following reasons:
|
||||
|
|
@ -39,26 +36,6 @@ FLAGS
|
|||
contain only hyphens (-), underscores (_), lowercase characters, and
|
||||
numbers.
|
||||
|
||||
Default cluster configurations to apply across the fleet.
|
||||
|
||||
Security posture config.
|
||||
|
||||
--security-posture=SECURITY_POSTURE
|
||||
To apply basic security posture to the clusters of the fleet,
|
||||
|
||||
$ gcloud container fleet create --security-posture=basic
|
||||
|
||||
SECURITY_POSTURE must be one of: disabled, basic, enterprise.
|
||||
|
||||
--workload-vulnerability-scanning=WORKLOAD_VULNERABILITY_SCANNING
|
||||
To apply basic vulnerability scanning to the clusters of the fleet,
|
||||
|
||||
$ gcloud container fleet create \
|
||||
--workload-vulnerability-scanning=disabled
|
||||
|
||||
WORKLOAD_VULNERABILITY_SCANNING must be one of: disabled, basic,
|
||||
enterprise.
|
||||
|
||||
GCLOUD WIDE FLAGS
|
||||
These flags are available to all commands: --access-token-file, --account,
|
||||
--billing-project, --configuration, --flags-file, --flatten, --format,
|
||||
|
|
|
|||
|
|
@ -3,10 +3,11 @@ NAME
|
|||
policy files for connected clusters by the user
|
||||
|
||||
SYNOPSIS
|
||||
gcloud container fleet memberships generate-gateway-rbac [--anthos-support]
|
||||
[--apply] [--context=CONTEXT] [--kubeconfig=KUBECONFIG]
|
||||
[--membership=MEMBERSHIP] [--rbac-output-file=RBAC_OUTPUT_FILE]
|
||||
[--revoke] [--role=ROLE] [--users=USERS] [GCLOUD_WIDE_FLAG ...]
|
||||
gcloud container fleet memberships generate-gateway-rbac
|
||||
(--anthos-support | --groups=GROUPS | --users=USERS) [--apply]
|
||||
[--context=CONTEXT] [--kubeconfig=KUBECONFIG] [--membership=MEMBERSHIP]
|
||||
[--rbac-output-file=RBAC_OUTPUT_FILE] [--revoke] [--role=ROLE]
|
||||
[GCLOUD_WIDE_FLAG ...]
|
||||
|
||||
DESCRIPTION
|
||||
gcloud container fleet memberships generate-gateway-rbac generates RBAC
|
||||
|
|
@ -84,11 +85,31 @@ EXAMPLES
|
|||
--role=clusterrole/cluster-admin --context=my-cluster-context \
|
||||
--kubeconfig=/home/user/custom_kubeconfig --apply
|
||||
|
||||
FLAGS
|
||||
--anthos-support
|
||||
If specified, this command will generate RBAC policy file for anthos
|
||||
support.
|
||||
The groups can be provided as a Google identity (only email) or an external
|
||||
identity (starting with "principalSet://iam.googleapis.com"):
|
||||
|
||||
$ gcloud container fleet memberships generate-gateway-rbac \
|
||||
--membership=my-cluster \
|
||||
--groups=group@example.com,principalSet://iam.googleapis.com/\
|
||||
locations/global/workforcePools/pool/group/ExampleGroup \
|
||||
--role=clusterrole/cluster-admin --context=my-cluster-context \
|
||||
--kubeconfig=/home/user/custom_kubeconfig --apply
|
||||
|
||||
REQUIRED FLAGS
|
||||
Exactly one of these must be specified:
|
||||
|
||||
--anthos-support
|
||||
If specified, this command will generate RBAC policy file for anthos
|
||||
support.
|
||||
|
||||
--groups=GROUPS
|
||||
Group email address or third-party IAM group principal.
|
||||
|
||||
--users=USERS
|
||||
User's email address, service account email address, or third-party
|
||||
IAM subject principal.
|
||||
|
||||
OPTIONAL FLAGS
|
||||
--apply
|
||||
If specified, this command will generate RBAC policy and apply to the
|
||||
specified cluster.
|
||||
|
|
@ -119,9 +140,6 @@ FLAGS
|
|||
--role=ROLE
|
||||
Namespace scoped role or cluster role.
|
||||
|
||||
--users=USERS
|
||||
User's email address or service account email address.
|
||||
|
||||
GCLOUD WIDE FLAGS
|
||||
These flags are available to all commands: --access-token-file, --account,
|
||||
--billing-project, --configuration, --flags-file, --flatten, --format,
|
||||
|
|
|
|||
|
|
@ -4,10 +4,7 @@ NAME
|
|||
SYNOPSIS
|
||||
gcloud container fleet update [--async] [--display-name=DISPLAY_NAME]
|
||||
[--update-labels=[KEY=VALUE,...]]
|
||||
[--clear-labels | --remove-labels=[KEY,...]]
|
||||
[--security-posture=SECURITY_POSTURE
|
||||
--workload-vulnerability-scanning=WORKLOAD_VULNERABILITY_SCANNING]
|
||||
[GCLOUD_WIDE_FLAG ...]
|
||||
[--clear-labels | --remove-labels=[KEY,...]] [GCLOUD_WIDE_FLAG ...]
|
||||
|
||||
DESCRIPTION
|
||||
This command can fail for the following reasons:
|
||||
|
|
@ -61,26 +58,6 @@ FLAGS
|
|||
silently ignored. If --update-labels is also specified then
|
||||
--update-labels is applied first.
|
||||
|
||||
Default cluster configurations to apply across the fleet.
|
||||
|
||||
Security posture config.
|
||||
|
||||
--security-posture=SECURITY_POSTURE
|
||||
To apply basic security posture to the clusters of the fleet,
|
||||
|
||||
$ gcloud container fleet update --security-posture=basic
|
||||
|
||||
SECURITY_POSTURE must be one of: disabled, basic, enterprise.
|
||||
|
||||
--workload-vulnerability-scanning=WORKLOAD_VULNERABILITY_SCANNING
|
||||
To apply basic vulnerability scanning to the clusters of the fleet,
|
||||
|
||||
$ gcloud container fleet update \
|
||||
--workload-vulnerability-scanning=disabled
|
||||
|
||||
WORKLOAD_VULNERABILITY_SCANNING must be one of: disabled, basic,
|
||||
enterprise.
|
||||
|
||||
GCLOUD WIDE FLAGS
|
||||
These flags are available to all commands: --access-token-file, --account,
|
||||
--billing-project, --configuration, --flags-file, --flatten, --format,
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue