gcloud alpha managed-kafka acls update

gcloud alpha managed-kafka acls update - update a Managed Service for Apache Kafka acl

gcloud alpha managed-kafka acls update (ACL : --cluster=CLUSTER --location=LOCATION) --etag=ETAG (--acl-entries-from-file=PATH_TO_FILE     | --acl-entry=[host=HOST],[operation=OPERATION],[permission-type=PERMISSION-TYPE],[principal=PRINCIPAL]) [GCLOUD_WIDE_FLAG …]

NOTE: update performs a FULL REPLACEMENT of acl entries. For incremental updates, use add-acl-entry and remove-acl-entry commands.

Acl resource - Identifies the name of the acl that this command updates. The arguments in this group can be used to specify the attributes of this resource. (NOTE) Some attributes are not given arguments in this group but can be set in other ways.

To set the project attribute:

• provide the argument acl on the command line with a fully specified name;
• provide the argument --project on the command line;
• set the property core/project.

This must be specified.

ACL

ID of the acl or fully qualified identifier for the acl.

To set the acl attribute:

• provide the argument acl on the command line.

This positional argument must be specified if any of the other arguments in this group are specified.

--cluster=CLUSTER

The cluster name. To set the cluster attribute:

• provide the argument acl on the command line with a fully specified name;
• provide the argument --cluster on the command line.

--location=LOCATION

ID of the location of the Managed Service for Apache Kafka resource. See https://cloud.google.com/managed-service-for-apache-kafka/docs/locations for a list of supported locations. To set the location attribute:

• provide the argument acl on the command line with a fully specified name;
• provide the argument --location on the command line.

--etag=ETAG

etag returned in the response to a previous create or describe command. The etag is used for concurrency control, to ensure that the client and server agree on the current set of acl entries in the Kafka cluster, before full replacement in the update command.

Exactly one of these must be specified:

--acl-entries-from-file=PATH_TO_FILE

Path to a JSON or YAML file containing the acl entries to use in the acl. Use a full or relative path to a local file containing the value of acl_entries.

--acl-entry=[host=HOST],[operation=OPERATION],[permission-type=PERMISSION-TYPE],[principal=PRINCIPAL]

An acl entry that configures access for a principal, for a specific operation on the acl's resource pattern. This flag can be repeated.

PRINCIPAL is the principal. Specified as Google Cloud account, with the Kafka StandardAuthorizer prefix "User:". For example: "User:admin@project.iam.gserviceaccount.com". Can be the wildcard "User:*" to refer to all users.

OPERATION is the operation type. Allowed values are: ALL, READ, WRITE, CREATE, DELETE, ALTER, DESCRIBE, CLUSTER_ACTION, DESCRIBE_CONFIGS, ALTER_CONFIGS, IDEMPOTENT_WRITE.

PERMISSION-TYPE is the permission type. Allowed values are: ALLOW, DENY.

HOST is the host. Must be set to "*" for Managed Service for Apache Kafka.

Example acl-entry: "principal=User:admin@project.iam.gserviceaccount.com,operation=ALL,permission-type=ALLOW,host=*"

Run $ gcloud help for details.