gcloud beta workstations configs update - updates a workstation configuration

gcloud beta workstations configs update(CONFIG :--cluster=CLUSTER--region=REGION)[--allowed-ports=[ALLOWED_PORTS,…]][--async][--boost-config=[BOOST_CONFIG,…]][--boot-disk-size=BOOT_DISK_SIZE][--container-args=[CONTAINER_ARGS,…]][--container-command=[CONTAINER_COMMAND,…]][--container-env=[CONTAINER_ENV,…]][--container-run-as-user=CONTAINER_RUN_AS_USER][--container-working-dir=CONTAINER_WORKING_DIR][--disable-public-ip-addresses][--enable-audit-agent][--enable-confidential-compute][--enable-nested-virtualization][--grant-workstation-admin-role-on-create][--idle-timeout=IDLE_TIMEOUT][--instance-metadata=[INSTANCE_METADATA,…]][--labels=[LABELS,…]][--machine-type=MACHINE_TYPE][--max-usable-workstations-count=MAX_USABLE_WORKSTATIONS_COUNT][--network-tags=[NETWORK_TAGS,…]][--pool-size=POOL_SIZE][--reservation-affinity=[RESERVATION_AFFINITY,…]][--running-timeout=RUNNING_TIMEOUT][--service-account=SERVICE_ACCOUNT][--service-account-scopes=[SERVICE_ACCOUNT_SCOPES,…]][--shielded-integrity-monitoring][--shielded-secure-boot][--shielded-vtpm][--startup-script-uri=STARTUP_SCRIPT_URI][--vm-tags=[VM_TAGS,…]][--accelerator-count=ACCELERATOR_COUNT :--accelerator-type=ACCELERATOR_TYPE][--allow-unauthenticated-cors-preflight-requests    |--disallow-unauthenticated-cors-preflight-requests][--container-custom-image=CONTAINER_CUSTOM_IMAGE    |--container-predefined-image=CONTAINER_PREDEFINED_IMAGE][--disable-localhost-replacement    |--enable-localhost-replacement][--disable-ssh-to-vm    |--enable-ssh-to-vm][--disable-tcp-connections    |--enable-tcp-connections][--disk-source-snapshot=DISK_SOURCE_SNAPSHOT    |--pd-source-snapshot=PD_SOURCE_SNAPSHOT    |--disk-size=DISK_SIZE--disk-type=DISK_TYPE    |--pd-disk-size=PD_DISK_SIZE--pd-disk-type=PD_DISK_TYPE; default="pd-standard"][GCLOUD_WIDE_FLAG …]

gcloudbetaworkstationsconfigsupdateCONFIG--machine-type=e2-standard-8--container-predefined-image=intellij

To update a configuration to disable Secure Boot, virtual trusted platformmodule (vTPM) and integrity monitoring, run:

gcloudbetaworkstationsconfigsupdateCONFIG--no-shielded-secure-boot--no-shielded-vtpm--no-shielded-integrity-monitoring

Config resource - The group of arguments defining a config The arguments in thisgroup can be used to specify the attributes of this resource. (NOTE) Someattributes are not given arguments in this group but can be set in other ways.

To set theproject attribute:

• provide the argumentconfig on the command line with a fullyspecified name;
• provide the argument--project on the command line;
• set the propertycore/project.

This must be specified.

CONFIG

ID of the config or fully qualified identifier for the config.

To set theconfig attribute:

• provide the argumentconfig on the command line.

This positional argument must be specified if any of the other arguments in thisgroup are specified.

--cluster=CLUSTER

The cluster for the config.

To set thecluster attribute:

• provide the argumentconfig on the command line with a fullyspecified name;
• provide the argument--cluster on the command line;
• set the propertyworkstations/cluster.

--region=REGION

The region for the config.

To set theregion attribute:

• provide the argumentconfig on the command line with a fullyspecified name;
• provide the argument--region on the command line;
• set the propertyworkstations/region.

--allowed-ports=[ALLOWED_PORTS,…]

A Single or Range of ports externally accessible in the workstation. If notspecified defaults to ports 22, 80 and ports 1024-65535.

To specify a single port, both first and last should be same.

Example:

gcloudbetaworkstationsconfigsupdate--allowed-ports=first=9000,last=9090gcloudbetaworkstationsconfigsupdate--allowed-ports=first=80,last=80

Setsallowed_ports value.

first

Required, setsfirst value.

last

Required, setslast value.

Shorthand Example:

--allowed-ports=first=int,last=int

JSON Example:

--allowed-ports='{"first": int, "last": int}'

File Example:

--allowed-ports=path_to_file.(yaml|json)

--async

Return immediately, without waiting for the operation in progress to complete.

--boost-config=[BOOST_CONFIG,…]

Boost Configuration(s) that workstations running with this configuration canboost up to. This includes id (required), machine-type, accelerator-type,accelerator-count, pool-size, boot-disk-size, and enable-nested-virtualization.

Example:

gcloudbetaworkstationsconfigsupdate--boost-config=id=boost1,machine-type=n1-standard-4,accelerator-type=nvidia-tesla-t4,accelerator-count=1

Setsboost_config value.

accelerator-count

Setsaccelerator-count value.

accelerator-type

Setsaccelerator-type value.

boot-disk-size

Setsboot-disk-size value.

enable-nested-virtualization

Setsenable-nested-virtualization value.

id

Required, setsid value.

machine-type

Setsmachine-type value.

pool-size

Setspool-size value.

reservation-affinity

Setsreservation-affinity value.

consume-reservation-type

Setsconsume-reservation-type value.

key

Setskey value.

values

Setsvalues value.

Shorthand Example:

--boost-config=accelerator-count=int,accelerator-type=string,boot-disk-size=int,enable-nested-virtualization=boolean,id=string,machine-type=string,pool-size=int,reservation-affinity={consume-reservation-type=string,key=string,values}

JSON Example:

--boost-config='{"accelerator-count": int, "accelerator-type": "string", "boot-disk-size": int, "enable-nested-virtualization": boolean, "id": "string", "machine-type": "string", "pool-size": int, "reservation-affinity": {"consume-reservation-type": "string", "key": "string", "values"}}'

File Example:

--boost-config=path_to_file.(yaml|json)

--boot-disk-size=BOOT_DISK_SIZE

Size of the boot disk in GB.

--container-args=[CONTAINER_ARGS,…]

Arguments passed to the entrypoint.

Example:

gcloudbetaworkstationsconfigsupdate--container-args=arg_1,arg_2

--container-command=[CONTAINER_COMMAND,…]

If set, overrides the default ENTRYPOINT specified by the image.

Example:

gcloudbetaworkstationsconfigsupdate--container-command=executable,parameter_1,parameter_2

--container-env=[CONTAINER_ENV,…]

Environment variables passed to the container.

Example:

gcloudbetaworkstationsconfigsupdate--container-env=key1=value1,key2=value2

--container-run-as-user=CONTAINER_RUN_AS_USER

If set, overrides the USER specified in the image with the given uid.

--container-working-dir=CONTAINER_WORKING_DIR

If set, overrides the default DIR specified by the image.

--disable-public-ip-addresses

Default value is false. If set, instances will have no public IP address.

--enable-audit-agent

Whether to enable Linuxauditd logging on the workstation. Whenenabled, a service account must also be specified that haslogging.buckets.write permission on the project.

--enable-confidential-compute

Default value is false. If set, instances will have confidential computeenabled.

--enable-nested-virtualization

Default value is false. If set, instances will have nested virtualizationenabled.

--grant-workstation-admin-role-on-create

Default value is false. If set, creator of a workstation will getroles/workstations.policyAdmin role along withroles/workstations.user role on the workstation created by them.

--idle-timeout=IDLE_TIMEOUT

How long (in seconds) to wait before automatically stopping an instance thathasn't received any user traffic. A value of 0 indicates that this instanceshould never time out due to idleness.

--instance-metadata=[INSTANCE_METADATA,…]

Custom metadata to apply to Compute Engine instances.

Example:

gcloudbetaworkstationsconfigsupdate--instance-metadata=key1=value1,key2=value2

--labels=[LABELS,…]

Labels that are applied to the configuration and propagated to the underlyingCompute Engine resources.

Example:

gcloudbetaworkstationsconfigsupdate--labels=label1=value1,label2=value2

--machine-type=MACHINE_TYPE

Machine type determines the specifications of the Compute Engine machines thatthe workstations created under this configuration will run on.

--max-usable-workstations-count=MAX_USABLE_WORKSTATIONS_COUNT

Maximum number of workstations under this configuration a user can haveworkstations.workstation.use permission on.

If not specified, defaults to0, which indicates a user can haveunlimited number of workstations under this configuration.

--network-tags=[NETWORK_TAGS,…]

Network tags to add to the Google Compute Engine machines backing theWorkstations.

Example:

gcloudbetaworkstationsconfigsupdate--network-tags=tag_1,tag_2

--pool-size=POOL_SIZE

Number of instances to pool for faster Workstation startup.

--reservation-affinity=[RESERVATION_AFFINITY,…]

Reservation Affinity for the VM. This includes key, values, andconsumeReservationType.

Example: $ gcloud beta workstations configs update \--reservation-affinity=key=compute.googleapis.com/\reservation-name,consumeReservationType=SPECIFIC_RESERVATION,\values=my-reservation

Setsreservation_affinity value.

consume-reservation-type

Setsconsume-reservation-type value.

key

Setskey value.

values

Setsvalues value.

Shorthand Example:

--reservation-affinity=consume-reservation-type=string,key=string,values

JSON Example:

--reservation-affinity='{"consume-reservation-type": "string", "key": "string", "values"}'

File Example:

--reservation-affinity=path_to_file.(yaml|json)

--running-timeout=RUNNING_TIMEOUT

How long (in seconds) to wait before automatically stopping a workstation afterit started. A value of 0 indicates that workstations using this config shouldnever time out.

--service-account=SERVICE_ACCOUNT

Email address of the service account that will be used on VM instances used tosupport this config. This service account must have permission to pull thespecified container image. If not set, VMs will run without a service account,in which case the image must be publicly accessible.

--service-account-scopes=[SERVICE_ACCOUNT_SCOPES,…]

Scopes to grant to the service_account. Various scopes are automatically addedbased on feature usage. When specified, users of workstations under thisconfiguration must have iam.serviceAccounts.actAs on the service account.

--shielded-integrity-monitoring

Default value is false. If set, instances will have integrity monitoringenabled.

--shielded-secure-boot

Default value is false. If set, instances will have Secure Boot enabled.

--shielded-vtpm

Default value is false. If set, instances will have vTPM enabled.

--startup-script-uri=STARTUP_SCRIPT_URI

Link to the startup script stored in Cloud Storage. The script is executed onthe workstation VM after it is booted.

Example:

gcloudbetaworkstationsconfigsupdate--startup-script-uri=gs://{bucket-name}/{object-name}

--vm-tags=[VM_TAGS,…]

Resource manager tags to be bound to the instance. Tag keys and values have thesame definition ashttps://cloud.google.com/resource-manager/docs/tags/tags-overview

Example:

gcloudbetaworkstationsconfigsupdate--vm-tags=tagKeys/key1=tagValues/value1,tagKeys/key2=tagValues/value2

Accelerator settings

--accelerator-count=ACCELERATOR_COUNT

The number of accelerator cards exposed to the instance.

This flag argument must be specified if any of the other arguments in this groupare specified.

--accelerator-type=ACCELERATOR_TYPE

The type of accelerator resource to attach to the instance, for example,"nvidia-tesla-p100".

At most one of these can be specified:

--allow-unauthenticated-cors-preflight-requests

By default, the workstations service makes sure that all requests to theworkstation are authenticated. CORS preflight requests do not include cookies orcustom headers, and so are considered unauthenticated and blocked by theworkstations service. Enabling this option allows these unauthenticated CORSpreflight requests through to the workstation, where it becomes theresponsibility of the destination server in the workstation to validate therequest

--disallow-unauthenticated-cors-preflight-requests

If set, requires that all requests to the workstation are authenticated.

At most one of these can be specified:

--container-custom-image=CONTAINER_CUSTOM_IMAGE

A docker image for the workstation. This image must be accessible by the serviceaccount configured in this configuration (--service-account). If no serviceaccount is defined, this image must be public.

--container-predefined-image=CONTAINER_PREDEFINED_IMAGE

Code editor on base images.CONTAINER_PREDEFINED_IMAGEmust be one of:

base-image

Base image - no IDE

clion

CLion

codeoss

Code OSS

codeoss-cuda

Code OSS + CUDA toolkit

goland

GoLand

intellij

IntelliJ IDEA Ultimate

phpstorm

PhpStorm

pycharm

PyCharm Professional

rider

Rider

rubymine

RubyMine

webstorm

WebStorm

At most one of these can be specified:

--disable-localhost-replacement

By default, the workstations service replaces references to localhost,127.0.0.1, and 0.0.0.0 with the workstation's hostname in http responses fromthe workstation so that applications under development run properly on theworkstation. This may intefere with some applications, and so this option allowsthat behavior to be disabled.

--enable-localhost-replacement

If set, requires that all requests to the workstation are authenticated.

At most one of these can be specified:

--disable-ssh-to-vm

If set, workstations disable SSH connections to the root VM.

--enable-ssh-to-vm

If set, workstations enable SSH connections to the root VM.

At most one of these can be specified:

--disable-tcp-connections

If set, workstations don't allow plain TCP connections.

--enable-tcp-connections

If set, workstations allow plain TCP connections.

At most one of these can be specified:

--disk-source-snapshot=DISK_SOURCE_SNAPSHOT

Name of the snapshot to use as the source for the home disk.

--pd-source-snapshot=PD_SOURCE_SNAPSHOT

Name of the snapshot to use as the source for the persistent directory.

Or at least one of these can be specified:

--disk-size=DISK_SIZE

Size of the persistent directory in GB.DISK_SIZE mustbe one of:10,50,100,200,500,1000.

--disk-type=DISK_TYPE

Type of the persistent directory.DISK_TYPE must be oneof:pd-standard,pd-balanced,pd-ssd,hyperdisk-balanced-ha.

Or at least one of these can be specified:

--pd-disk-size=PD_DISK_SIZE

Size of the persistent directory in GB.PD_DISK_SIZEmust be one of:10,50,100,200,500,1000.

--pd-disk-type=PD_DISK_TYPE; default="pd-standard"

Type of the persistent directory.PD_DISK_TYPE must beone of:pd-standard,pd-balanced,pd-ssd.

Run$gcloud help for details.