HEX
Server: Apache/2.4.65 (Ubuntu)
System: Linux ielts-store-v2 6.8.0-1036-gcp #38~22.04.1-Ubuntu SMP Thu Aug 14 01:19:18 UTC 2025 x86_64
User: root (0)
PHP: 7.2.34-54+ubuntu20.04.1+deb.sury.org+1
Disabled: pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,
$ pwd: /snap/google-cloud-cli/current/help/man/man1/
Upload Files
File: //snap/google-cloud-cli/current/help/man/man1/gcloud_alpha_container_hub_update.1
.TH "GCLOUD_ALPHA_CONTAINER_HUB_UPDATE" 1



.SH "NAME"
.HP
gcloud alpha container hub update \- update a fleet



.SH "SYNOPSIS"
.HP
\f5gcloud alpha container hub update\fR [\fB\-\-async\fR] [\fB\-\-display\-name\fR=\fIDISPLAY_NAME\fR] [\fB\-\-update\-labels\fR=[\fIKEY\fR=\fIVALUE\fR,...]] [\fB\-\-binauthz\-evaluation\-mode\fR=\fIBINAUTHZ_EVALUATION_MODE\fR\ \fB\-\-binauthz\-policy\-bindings\fR=[\fIname\fR=\fIBINAUTHZ_POLICY\fR]\ \fB\-\-security\-posture\fR=\fISECURITY_POSTURE\fR\ \fB\-\-workload\-vulnerability\-scanning\fR=\fIWORKLOAD_VULNERABILITY_SCANNING\fR] [\fB\-\-clear\-labels\fR\ |\ \fB\-\-remove\-labels\fR=[\fIKEY\fR,...]] [\fIGCLOUD_WIDE_FLAG\ ...\fR]



.SH "DESCRIPTION"

\fB(ALPHA)\fR This command can fail for the following reasons:
.RS 2m
.IP "\(bu" 2m
The project specified does not exist.
.IP "\(bu" 2m
The project specified already has a fleet.
.IP "\(bu" 2m
The active account does not have permission to access the given project.
.RE
.sp



.SH "EXAMPLES"

To update the display name of the fleet in project \f5example\-foo\-bar\-1\fR to
\f5updated\-name\fR, run:

.RS 2m
$ gcloud alpha container hub update \-\-display\-name=updated\-name \e
    \-\-project=example\-foo\-bar\-1
.RE



.SH "FLAGS"

.RS 2m
.TP 2m
\fB\-\-async\fR

Return immediately, without waiting for the operation in progress to complete.

.TP 2m
\fB\-\-display\-name\fR=\fIDISPLAY_NAME\fR

Display name of the fleet to be created (optional). 4\-30 characters,
alphanumeric and [ '"!\-] only.

.TP 2m
\fB\-\-update\-labels\fR=[\fIKEY\fR=\fIVALUE\fR,...]

List of label KEY=VALUE pairs to update. If a label exists, its value is
modified. Otherwise, a new label is created.

Keys must start with a lowercase character and contain only hyphens (\f5\-\fR),
underscores (\f5_\fR), lowercase characters, and numbers. Values must contain
only hyphens (\f5\-\fR), underscores (\f5_\fR), lowercase characters, and
numbers.

.TP 2m

Default cluster configurations to apply across the fleet.


.RS 2m
.TP 2m

Binary Authorization config.


.RS 2m
.TP 2m
\fB\-\-binauthz\-evaluation\-mode\fR=\fIBINAUTHZ_EVALUATION_MODE\fR

Configure binary authorization mode for clusters to onboard the fleet,

.RS 2m
$ gcloud alpha container hub update \e
    \-\-binauthz\-evaluation\-mode=policy\-bindings
.RE

\fIBINAUTHZ_EVALUATION_MODE\fR must be one of: \fBdisabled\fR,
\fBpolicy\-bindings\fR.

.TP 2m
\fB\-\-binauthz\-policy\-bindings\fR=[\fIname\fR=\fIBINAUTHZ_POLICY\fR]

The relative resource name of the Binary Authorization policy to audit and/or
enforce. GKE policies have the following format:
\f5projects/{project_number}/platforms/gke/policies/{policy_id}\fR.

.RE
.sp
.TP 2m

Security posture config.


.RS 2m
.TP 2m
\fB\-\-security\-posture\fR=\fISECURITY_POSTURE\fR

To apply standard security posture to clusters in the fleet,

.RS 2m
$ gcloud alpha container hub update \-\-security\-posture=standard
.RE

\fISECURITY_POSTURE\fR must be one of: \fBdisabled\fR, \fBstandard\fR,
\fBenterprise\fR.

.TP 2m
\fB\-\-workload\-vulnerability\-scanning\fR=\fIWORKLOAD_VULNERABILITY_SCANNING\fR

To apply standard vulnerability scanning to clusters in the fleet,

.RS 2m
$ gcloud alpha container hub update \e
    \-\-workload\-vulnerability\-scanning=standard
.RE

\fIWORKLOAD_VULNERABILITY_SCANNING\fR must be one of: \fBdisabled\fR,
\fBstandard\fR, \fBenterprise\fR.

.RE
.RE
.sp
.TP 2m

At most one of these can be specified:


.RS 2m
.TP 2m
\fB\-\-clear\-labels\fR

Remove all labels. If \f5\-\-update\-labels\fR is also specified then
\f5\-\-clear\-labels\fR is applied first.

For example, to remove all labels:

.RS 2m
$ gcloud alpha container hub update \-\-clear\-labels
.RE

To remove all existing labels and create two new labels, \f5\fIfoo\fR\fR and
\f5\fIbaz\fR\fR:

.RS 2m
$ gcloud alpha container hub update \-\-clear\-labels \e
  \-\-update\-labels foo=bar,baz=qux
.RE

.TP 2m
\fB\-\-remove\-labels\fR=[\fIKEY\fR,...]

List of label keys to remove. If a label does not exist it is silently ignored.
If \f5\-\-update\-labels\fR is also specified then \f5\-\-update\-labels\fR is
applied first.


.RE
.RE
.sp

.SH "GCLOUD WIDE FLAGS"

These flags are available to all commands: \-\-access\-token\-file, \-\-account,
\-\-billing\-project, \-\-configuration, \-\-flags\-file, \-\-flatten,
\-\-format, \-\-help, \-\-impersonate\-service\-account, \-\-log\-http,
\-\-project, \-\-quiet, \-\-trace\-token, \-\-user\-output\-enabled,
\-\-verbosity.

Run \fB$ gcloud help\fR for details.



.SH "NOTES"

This command is currently in alpha and might change without notice. If this
command fails with API permission errors despite specifying the correct project,
you might be trying to access an API with an invitation\-only early access
allowlist. These variants are also available:

.RS 2m
$ gcloud container hub update
.RE

.RS 2m
$ gcloud beta container hub update
.RE
@ Telegram