gcloud container aws clusters update

NAME
gcloud container aws clusters update - update an Anthos cluster on AWS
SYNOPSIS
gcloud container aws clusters update (CLUSTER : --location=LOCATION) [--admin-groups=[GROUP,…]] [--admin-users=USER,[USER,…]] [--async] [--binauthz-evaluation-mode=BINAUTHZ_EVALUATION_MODE] [--cluster-version=CLUSTER_VERSION] [--config-encryption-kms-key-arn=CONFIG_ENCRYPTION_KMS_KEY_ARN] [--iam-instance-profile=IAM_INSTANCE_PROFILE] [--instance-type=INSTANCE_TYPE] [--logging=COMPONENT,[COMPONENT,…]] [--role-arn=ROLE_ARN] [--role-session-name=ROLE_SESSION_NAME] [--root-volume-iops=ROOT_VOLUME_IOPS] [--root-volume-kms-key-arn=ROOT_VOLUME_KMS_KEY_ARN] [--root-volume-size=ROOT_VOLUME_SIZE] [--root-volume-throughput=ROOT_VOLUME_THROUGHPUT] [--root-volume-type=ROOT_VOLUME_TYPE] [--validate-only] [--annotations=ANNOTATION,[ANNOTATION,…]     | --clear-annotations] [--clear-description     | --description=DESCRIPTION] [--clear-proxy-config     | --proxy-secret-arn=PROXY_SECRET_ARN --proxy-secret-version-id=PROXY_SECRET_VERSION_ID] [--clear-security-group-ids     | --security-group-ids=[SECURITY_GROUP_ID,…]] [--clear-ssh-ec2-key-pair     | --ssh-ec2-key-pair=SSH_EC2_KEY_PAIR] [--clear-tags     | --tags=TAG,[TAG,…]] [--disable-managed-prometheus     | --enable-managed-prometheus] [--disable-per-node-pool-sg-rules     | --enable-per-node-pool-sg-rules] [GCLOUD_WIDE_FLAG]
DESCRIPTION
Update an Anthos cluster on AWS.
EXAMPLES
To update a cluster named my-cluster managed in location us-west1, run:
gcloud container aws clusters update my-cluster --location=us-west1 --cluster-version=CLUSTER_VERSION
POSITIONAL ARGUMENTS
Cluster resource - cluster to update. The arguments in this group can be used to specify the attributes of this resource. (NOTE) Some attributes are not given arguments in this group but can be set in other ways.

To set the project attribute:

  • provide the argument cluster on the command line with a fully specified name;
  • provide the argument --project on the command line;
  • set the property core/project.

This must be specified.

CLUSTER
ID of the cluster or fully qualified identifier for the cluster.

To set the cluster attribute:

  • provide the argument cluster on the command line.

This positional argument must be specified if any of the other arguments in this group are specified.

--location=LOCATION
Google Cloud location for the cluster.

To set the location attribute:

  • provide the argument cluster on the command line with a fully specified name;
  • provide the argument --location on the command line;
  • set the property container_aws/location.
FLAGS
--admin-groups=[GROUP,…]
Groups of users that can perform operations as a cluster administrator.
--admin-users=USER,[USER,…]
Users that can perform operations as a cluster administrator.
--async
Return immediately, without waiting for the operation in progress to complete.
--binauthz-evaluation-mode=BINAUTHZ_EVALUATION_MODE
Set Binary Authorization evaluation mode for this cluster. BINAUTHZ_EVALUATION_MODE must be one of: DISABLED, PROJECT_SINGLETON_POLICY_ENFORCE.
--cluster-version=CLUSTER_VERSION
Kubernetes version to use for the cluster.
--config-encryption-kms-key-arn=CONFIG_ENCRYPTION_KMS_KEY_ARN
Amazon Resource Name (ARN) of the AWS KMS key to encrypt the user data.
--iam-instance-profile=IAM_INSTANCE_PROFILE
Name or ARN of the IAM instance profile associated with the cluster.
--instance-type=INSTANCE_TYPE
AWS EC2 instance type for the control plane's nodes.
--logging=COMPONENT,[COMPONENT,…]
Set the components that have logging enabled.

Examples:

gcloud container aws clusters update --logging=SYSTEM
gcloud container aws clusters update --logging=SYSTEM,WORKLOAD

COMPONENT must be one of: SYSTEM, WORKLOAD.

--role-arn=ROLE_ARN
Amazon Resource Name (ARN) of the IAM role to assume when managing AWS resources.
--role-session-name=ROLE_SESSION_NAME
Identifier for the assumed role session.
--root-volume-iops=ROOT_VOLUME_IOPS
Number of I/O operations per second (IOPS) to provision for the root volume.
--root-volume-kms-key-arn=ROOT_VOLUME_KMS_KEY_ARN
Amazon Resource Name (ARN) of the AWS KMS key to encrypt the root volume.
--root-volume-size=ROOT_VOLUME_SIZE
Size of the root volume. The value must be a whole number followed by a size unit of GB for gigabyte, or TB for terabyte. If no size unit is specified, GB is assumed.
--root-volume-throughput=ROOT_VOLUME_THROUGHPUT
Throughput to provision for the root volume, in MiB/s. Only valid if the volume type is GP3. If volume type is GP3 and throughput is not provided, it defaults to 125.
--root-volume-type=ROOT_VOLUME_TYPE
Type of the root volume. ROOT_VOLUME_TYPE must be one of: gp2, gp3.
--validate-only
Validate the update of the cluster, but don't actually perform it.
Annotations

At most one of these can be specified:

--annotations=ANNOTATION,[ANNOTATION,…]
Annotations for the cluster.
--clear-annotations
Clear the annotations for the cluster.
Description

At most one of these can be specified:

--clear-description
Clear the description for the cluster.
--description=DESCRIPTION
Description for the cluster.
Proxy config

At most one of these can be specified:

--clear-proxy-config
Clear the proxy configuration associated with the control plane.
Update existing proxy config parameters
--proxy-secret-arn=PROXY_SECRET_ARN
ARN of the AWS Secrets Manager secret that contains a proxy configuration.
--proxy-secret-version-id=PROXY_SECRET_VERSION_ID
Version ID string of the AWS Secrets Manager secret that contains a proxy configuration.
Security groups

At most one of these can be specified:

--clear-security-group-ids
Clear any additional security groups associated with the control plane's nodes. This does not remove the default security groups.
--security-group-ids=[SECURITY_GROUP_ID,…]
IDs of additional security groups to add to the control plane's nodes.
SSH config

At most one of these can be specified:

--clear-ssh-ec2-key-pair
Clear the EC2 key pair authorized to login to the control plane's nodes.
--ssh-ec2-key-pair=SSH_EC2_KEY_PAIR
Name of the EC2 key pair authorized to login to the control plane's nodes.
Tags

At most one of these can be specified:

--clear-tags
Clear any tags associated with the control plane's nodes.
--tags=TAG,[TAG,…]
Applies the given tags (comma separated) on the control plane. Example:
gcloud container aws clusters update EXAMPLE_CONTROL_PLANE --tags=tag1=one,tag2=two
Monitoring Config

At most one of these can be specified:

--disable-managed-prometheus
Disable managed collection for Managed Service for Prometheus.
--enable-managed-prometheus
Enable managed collection for Managed Service for Prometheus.
Default per node pool security group rules

At most one of these can be specified:

--disable-per-node-pool-sg-rules
Disable the default per node pool subnet security group rules on the control plane security group. When disabled, at least one security group that allows node pools to send traffic to the control plane on ports TCP/443 and TCP/8132 must be provided.
--enable-per-node-pool-sg-rules
Enable the default per node pool subnet security group rules on the control plane security group.
GCLOUD WIDE FLAGS
These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, --help, --impersonate-service-account, --log-http, --project, --quiet, --trace-token, --user-output-enabled, --verbosity.

Run $ gcloud help for details.

NOTES
This variant is also available:
gcloud alpha container aws clusters update