- NAME
-
- gcloud alpha workstations configs update - updates a workstation configuration
- SYNOPSIS
-
-
gcloud alpha workstations configs update
(CONFIG
:--cluster
=CLUSTER
--region
=REGION
) [--allowed-ports
=[ALLOWED_PORTS
,…]] [--async
] [--boost-config
=[BOOST_CONFIG
,…]] [--boot-disk-size
=BOOT_DISK_SIZE
] [--container-args
=[CONTAINER_ARGS
,…]] [--container-command
=[CONTAINER_COMMAND
,…]] [--container-env
=[CONTAINER_ENV
,…]] [--container-run-as-user
=CONTAINER_RUN_AS_USER
] [--container-working-dir
=CONTAINER_WORKING_DIR
] [--disable-public-ip-addresses
] [--enable-audit-agent
] [--enable-confidential-compute
] [--enable-nested-virtualization
] [--grant-workstation-admin-role-on-create
] [--idle-timeout
=IDLE_TIMEOUT
] [--labels
=[LABELS
,…]] [--machine-type
=MACHINE_TYPE
] [--max-usable-workstations-count
=MAX_USABLE_WORKSTATIONS_COUNT
] [--network-tags
=[NETWORK_TAGS
,…]] [--pd-source-snapshot
=PD_SOURCE_SNAPSHOT
] [--pool-size
=POOL_SIZE
] [--running-timeout
=RUNNING_TIMEOUT
] [--service-account
=SERVICE_ACCOUNT
] [--service-account-scopes
=[SERVICE_ACCOUNT_SCOPES
,…]] [--shielded-integrity-monitoring
] [--shielded-secure-boot
] [--shielded-vtpm
] [--vm-tags
=[VM_TAGS
,…]] [--accelerator-count
=ACCELERATOR_COUNT
:--accelerator-type
=ACCELERATOR_TYPE
] [--allow-unauthenticated-cors-preflight-requests
|--disallow-unauthenticated-cors-preflight-requests
] [--container-custom-image
=CONTAINER_CUSTOM_IMAGE
|--container-predefined-image
=CONTAINER_PREDEFINED_IMAGE
] [--disable-localhost-replacement
|--enable-localhost-replacement
] [--disable-ssh-to-vm
|--enable-ssh-to-vm
] [--disable-tcp-connections
|--enable-tcp-connections
] [GCLOUD_WIDE_FLAG …
]
-
- DESCRIPTION
-
(ALPHA)
Updates a workstation configuration. - EXAMPLES
-
To update a configuration with the 'e2-standard-8' machine type and a IntelliJ
image, run:
gcloud alpha workstations configs update CONFIG --machine-type=e2-standard-8 --container-predefined-image=intellij
To update a configuration to disable Secure Boot, virtual trusted platform module (vTPM) and integrity monitoring, run:
gcloud alpha workstations configs update CONFIG --no-shielded-secure-boot --no-shielded-vtpm --no-shielded-integrity-monitoring
- POSITIONAL ARGUMENTS
-
-
Config resource - The group of arguments defining a config The arguments in this
group can be used to specify the attributes of this resource. (NOTE) Some
attributes are not given arguments in this group but can be set in other ways.
To set the
project
attribute:-
provide the argument
config
on the command line with a fully specified name; -
provide the argument
--project
on the command line; -
set the property
core/project
.
This must be specified.
CONFIG
-
ID of the config or fully qualified identifier for the config.
To set the
config
attribute:-
provide the argument
config
on the command line.
This positional argument must be specified if any of the other arguments in this group are specified.
-
provide the argument
--cluster
=CLUSTER
-
The cluster for the config.
To set the
cluster
attribute:-
provide the argument
config
on the command line with a fully specified name; -
provide the argument
--cluster
on the command line; -
set the property
workstations/cluster
.
-
provide the argument
--region
=REGION
-
The region for the config.
To set the
region
attribute:-
provide the argument
config
on the command line with a fully specified name; -
provide the argument
--region
on the command line; -
set the property
workstations/region
.
-
provide the argument
-
provide the argument
-
Config resource - The group of arguments defining a config The arguments in this
group can be used to specify the attributes of this resource. (NOTE) Some
attributes are not given arguments in this group but can be set in other ways.
- FLAGS
-
--allowed-ports
=[ALLOWED_PORTS
,…]-
A Single or Range of ports externally accessible in the workstation. If not
specified defaults to ports 22, 80 and ports 1024-65535.
To specify a single port, both first and last should be same.
Example:
gcloud alpha workstations configs update --allowed-ports=first=9000,last=9090
gcloud alpha workstations configs update --allowed-ports=first=80,last=80
Sets
allowed_ports
value.first
-
Required, Sets
first
value. last
-
Required, Sets
last
value.
Shorthand Example:
--allowed-ports=first=int,last=int
JSON Example:
--allowed-ports='{"first": int, "last": int}'
File Example:
--allowed-ports=path_to_file.(yaml|json)
--async
- Return immediately, without waiting for the operation in progress to complete.
--boost-config
=[BOOST_CONFIG
,…]-
Boost Configuration(s) that workstations running with this configuration can
boost up to. This includes id (required), machine-type, accelerator-type,
accelerator-count, pool-size, boot-disk-size, and enable-nested-virtualization.
Example:
gcloud alpha workstations configs update --boost-config=id=boost1,machine-type=n1-standard-4,accelerator-type=nvidia-tesla-t4,accelerator-count=1
Sets
boost_config
value.accelerator-count
-
Sets
accelerator-count
value. accelerator-type
-
Sets
accelerator-type
value. boot-disk-size
-
Sets
boot-disk-size
value. enable-nested-virtualization
-
Sets
enable-nested-virtualization
value. id
-
Required, Sets
id
value. machine-type
-
Sets
machine-type
value. pool-size
-
Sets
pool-size
value.
Shorthand Example:
--boost-config=accelerator-count=int,accelerator-type=string,boot-disk-size=int,enable-nested-virtualization=boolean,id=string,machine-type=string,pool-size=int
JSON Example:
--boost-config='{"accelerator-count": int, "accelerator-type": "string", "boot-disk-size": int, "enable-nested-virtualization": boolean, "id": "string", "machine-type": "string", "pool-size": int}'
File Example:
--boost-config=path_to_file.(yaml|json)
--boot-disk-size
=BOOT_DISK_SIZE
- Size of the boot disk in GB.
--container-args
=[CONTAINER_ARGS
,…]-
Arguments passed to the entrypoint.
Example:
gcloud alpha workstations configs update --container-args=arg_1,arg_2
--container-command
=[CONTAINER_COMMAND
,…]-
If set, overrides the default ENTRYPOINT specified by the image.
Example:
gcloud alpha workstations configs update --container-command=executable,parameter_1,parameter_2
--container-env
=[CONTAINER_ENV
,…]-
Environment variables passed to the container.
Example:
gcloud alpha workstations configs update --container-env=key1=value1,key2=value2
--container-run-as-user
=CONTAINER_RUN_AS_USER
- If set, overrides the USER specified in the image with the given uid.
--container-working-dir
=CONTAINER_WORKING_DIR
- If set, overrides the default DIR specified by the image.
--disable-public-ip-addresses
- Default value is false. If set, instances will have no public IP address.
--enable-audit-agent
-
Whether to enable Linux
auditd
logging on the workstation. When enabled, a service account must also be specified that haslogging.buckets.write
permission on the project. --enable-confidential-compute
- Default value is false. If set, instances will have confidential compute enabled.
--enable-nested-virtualization
- Default value is false. If set, instances will have nested virtualization enabled.
--grant-workstation-admin-role-on-create
-
Default value is false. If set, creator of a workstation will get
roles/workstations.policyAdmin
role along withroles/workstations.user
role on the workstation created by them. --idle-timeout
=IDLE_TIMEOUT
- How long (in seconds) to wait before automatically stopping an instance that hasn't received any user traffic. A value of 0 indicates that this instance should never time out due to idleness.
--labels
=[LABELS
,…]-
Labels that are applied to the configuration and propagated to the underlying
Compute Engine resources.
Example:
gcloud alpha workstations configs update --labels=label1=value1,label2=value2
--machine-type
=MACHINE_TYPE
- Machine type determines the specifications of the Compute Engine machines that the workstations created under this configuration will run on.
--max-usable-workstations-count
=MAX_USABLE_WORKSTATIONS_COUNT
-
Maximum number of workstations under this configuration a user can have
workstations.workstation.use
permission on.If not specified, defaults to
0
, which indicates a user can have unlimited number of workstations under this configuration. -
Network tags to add to the Google Compute Engine machines backing the
Workstations.
Example:
gcloud alpha workstations configs update --network-tags=tag_1,tag_2
--pd-source-snapshot
=PD_SOURCE_SNAPSHOT
- Name of the snapshot to use as the source for the home disk.
--pool-size
=POOL_SIZE
- Number of instances to pool for faster Workstation startup.
--running-timeout
=RUNNING_TIMEOUT
- How long (in seconds) to wait before automatically stopping a workstation after it started. A value of 0 indicates that workstations using this config should never time out.
--service-account
=SERVICE_ACCOUNT
- Email address of the service account that will be used on VM instances used to support this config. This service account must have permission to pull the specified container image. If not set, VMs will run without a service account, in which case the image must be publicly accessible.
--service-account-scopes
=[SERVICE_ACCOUNT_SCOPES
,…]-
Scopes to grant to the service_account. Various scopes are automatically added
based on feature usage. When specified, users of workstations under this
configuration must have iam.serviceAccounts.actAs
on the service account.
--shielded-integrity-monitoring
- Default value is false. If set, instances will have integrity monitoring enabled.
--shielded-secure-boot
- Default value is false. If set, instances will have Secure Boot enabled.
--shielded-vtpm
- Default value is false. If set, instances will have vTPM enabled.
-
Resource manager tags to be bound to the instance. Tag keys and values have the
same definition as https://cloud.google.com/resource-manager/docs/tags/tags-overview
Example:
gcloud alpha workstations configs update --vm-tags=tagKeys/key1=tagValues/value1,tagKeys/key2=tagValues/value2
-
Accelerator settings
--accelerator-count
=ACCELERATOR_COUNT
-
The number of accelerator cards exposed to the instance.
This flag argument must be specified if any of the other arguments in this group are specified.
--accelerator-type
=ACCELERATOR_TYPE
- The type of accelerator resource to attach to the instance, for example, "nvidia-tesla-p100".
-
At most one of these can be specified:
--allow-unauthenticated-cors-preflight-requests
- By default, the workstations service makes sure that all requests to the workstation are authenticated. CORS preflight requests do not include cookies or custom headers, and so are considered unauthenticated and blocked by the workstations service. Enabling this option allows these unauthenticated CORS preflight requests through to the workstation, where it becomes the responsibility of the destination server in the workstation to validate the request
--disallow-unauthenticated-cors-preflight-requests
- If set, requires that all requests to the workstation are authenticated.
-
At most one of these can be specified:
--container-custom-image
=CONTAINER_CUSTOM_IMAGE
- A docker image for the workstation. This image must be accessible by the service account configured in this configuration (--service-account). If no service account is defined, this image must be public.
--container-predefined-image
=CONTAINER_PREDEFINED_IMAGE
-
Code editor on base images.
CONTAINER_PREDEFINED_IMAGE
must be one of:base-image
- Base image - no IDE
clion
- CLion
codeoss
- Code OSS
codeoss-cuda
- Code OSS + CUDA toolkit
goland
- GoLand
intellij
- IntelliJ IDEA Ultimate
phpstorm
- PhpStorm
pycharm
- PyCharm Professional
rider
- Rider
rubymine
- RubyMine
webstorm
- WebStorm
-
At most one of these can be specified:
--disable-localhost-replacement
- By default, the workstations service replaces references to localhost, 127.0.0.1, and 0.0.0.0 with the workstation's hostname in http responses from the workstation so that applications under development run properly on the workstation. This may intefere with some applications, and so this option allows that behavior to be disabled.
--enable-localhost-replacement
- If set, requires that all requests to the workstation are authenticated.
-
At most one of these can be specified:
--disable-ssh-to-vm
- If set, workstations disable SSH connections to the root VM.
--enable-ssh-to-vm
- If set, workstations enable SSH connections to the root VM.
-
At most one of these can be specified:
--disable-tcp-connections
- If set, workstations don't allow plain TCP connections.
--enable-tcp-connections
- If set, workstations allow plain TCP connections.
- GCLOUD WIDE FLAGS
-
These flags are available to all commands:
--access-token-file
,--account
,--billing-project
,--configuration
,--flags-file
,--flatten
,--format
,--help
,--impersonate-service-account
,--log-http
,--project
,--quiet
,--trace-token
,--user-output-enabled
,--verbosity
.Run
$ gcloud help
for details. - NOTES
-
This command is currently in alpha and might change without notice. If this
command fails with API permission errors despite specifying the correct project,
you might be trying to access an API with an invitation-only early access
allowlist. These variants are also available:
gcloud workstations configs update
gcloud beta workstations configs update
Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2025-01-14 UTC.