gcloud alpha container fleet identity-service apply - update an Identity Service Feature Spec
gcloud alpha container fleet identity-service apply --config=CONFIG [--membership=MEMBERSHIP : --location=LOCATION] [GCLOUD_WIDE_FLAG ...]
(ALPHA) Applies the authentication configuration to the Identity Service feature spec for this membership. This configuration is now the "source of truth" for the cluster and can only be updated by using this command or the Cloud Console. Any local authentication configuration on the cluster is overwritten by this configuration, including any local updates made after you run this command.
To apply an Identity Service configuration for a membership, run:
$ gcloud alpha container fleet identity-service apply \ --membership=MEMBERSHIP_NAME \ --config=/path/to/identity-service.yaml
- --config=CONFIG
The path to the identity-service.yaml config file.
- Membership resource - The group of arguments defining a membership. The
arguments in this group can be used to specify the attributes of this resource. (NOTE) Some attributes are not given arguments in this group but can be set in other ways. To set the project attribute:
- —
provide the argument --membership on the command line with a fully specified name;
- —
provide the argument --project on the command line;
- —
set the property core/project.
- --membership=MEMBERSHIP
ID of the membership or fully qualified identifier for the membership. To set the membership attribute:
provide the argument --membership on the command line.
This flag argument must be specified if any of the other arguments in this group are specified.
- --location=LOCATION
Location for the membership. To set the location attribute:
provide the argument --membership on the command line with a fully specified name;
provide the argument --location on the command line;
set the property gkehub/location.
These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, --help, --impersonate-service-account, --log-http, --project, --quiet, --trace-token, --user-output-enabled, --verbosity.
Run $ gcloud help for details.
This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early access allowlist. These variants are also available:
$ gcloud container fleet identity-service apply
$ gcloud beta container fleet identity-service apply