Work with fleet clusters from the command line
Google Cloud provides several options for authenticating to fleet clusters from the command line. These let developers and other cluster users connect to and run commands against registered clusters in a simple, consistent, and secured way, whether the clusters are on Google Cloud, other public clouds, or on premises.
For details of how to work with fleet clusters from the Google Cloud console, seeLogging in to a cluster from the Google Cloud console.
Authenticate with Google Cloud
All GKE clusters on Google Cloud are configured to accept Google Cloud user and service account identities. If your fleet contains clusters in multiple environments, you can configure theConnect gateway so that users and service accounts can also authenticate to any registered cluster using their Google Cloud ID.
Learn more in the following guides:
- Configuring cluster access for
kubectl - Connecting to registered clusters with the Connect gateway
- Using the Connect gateway.
Authenticate with third-party providers
If you want to use your existing third-party identity provider to authenticate to your fleet clusters, GKE Identity Service is an authentication service that lets you bring your existing identity solutions to multiple Anthos environments. It supports allOpenID Connect (OIDC) providers such as Okta and Microsoft AD FS, as well as preview support for LDAP providers in some environments. If configured, you can also use some third-party providers with theConnect gateway.
Learn more in the following guides:
- Introducing GKE Identity Service
- Accessing clusters with GKE Identity Service
- Connecting to registered clusters with the Connect gateway
- Using the Connect gateway
Except as otherwise noted, the content of this page is licensed under theCreative Commons Attribution 4.0 License, and code samples are licensed under theApache 2.0 License. For details, see theGoogle Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2026-02-19 UTC.