- NAME
-
- gcloud alpha container hub policycontroller deployment set - sets configuration of the Policy Controller components
- SYNOPSIS
-
-
gcloud alpha container hub policycontroller deployment setDEPLOYMENTPROPERTYVALUE[--effect=EFFECT] [--all-memberships| [--memberships=[MEMBERSHIPS, …] :--location=LOCATION]] [GCLOUD_WIDE_FLAG …]
-
- DESCRIPTION
-
(ALPHA)Customizes on-cluster components of Policy Controller. Supported properties may be set with this command, or removed with 'remove'. These components are managed as individual kubernetes deployments (e.g. 'admission') in the gatekeeper-system namespace.When setting cpu or memory limits and requests, Kubernetes-standard resource units are used.
All properties set using this command will overwrite previous properties, with the exception of tolerations which can only be added, and any number may be added. To edit a toleration, use 'remove' to first delete it, and then 'set' the desired toleration.
- EXAMPLES
- To set the replica count for a component:
gcloud alpha container hub policycontroller deployment set admission replica-count 3To set the replica count for a component across all fleet memberships:
gcloud alpha container hub policycontroller deployment set admission replica-count 3 --all-membershipsTo set a toleration with key 'my-key' on a component (which is an 'Exists' operator):
gcloud alpha container hub policycontroller deployment set admission toleration my-keyTo set a toleration with key 'my-key' and 'my-value' on a component (which is an 'Equal' operator):
gcloud alpha container hub policycontroller deployment set admission toleration my-key = my-valueTo set a toleration with key 'my-key' and 'my-value' on a component, along with the effect 'NoSchedule' (which is an 'Equal' operator):
gcloud alpha container hub policycontroller deployment set admission toleration my-key = my-value --effect = NoScheduleTo set a memory limit:
gcloud alpha container hub policycontroller deployment set audit memory-limit 4GiTo set a memory request:
gcloud alpha container hub policycontroller deployment set mutation memory-request 2GiTo set a cpu limit:
gcloud alpha container hub policycontroller deployment set admission cpu-limit 500mTo set a cpu request:
gcloud alpha container hub policycontroller deployment set audit cpu-request 250mTo set anti-affinity to achieve high availability on the mutation deployment:
gcloud alpha container hub policycontroller deployment set mutation pod-affinity anti - POSITIONAL ARGUMENTS
-
-
DEPLOYMENT - The PolicyController deployment component (e.g. "admission", "audit" or "mutation") upon which to set configuration.
-
PROPERTY - Property to be set.
-
VALUE - The value to set the property to. Valid input varies based on the property being set.
-
- FLAGS
-
-
--effect=EFFECT - Applies only to "toleration" property.
EFFECTmust be one of:NoSchedule,PreferNoSchedule,NoExecute. - Membership flags.
At most one of these can be specified:
-
--all-memberships - If supplied, apply to all Policy Controllers memberships in the fleet.
- Or at least one of these can be specified:
- Membership resource - The group of arguments defining one or more memberships.
The arguments in this group can be used to specify the attributes of this
resource. (NOTE) Some attributes are not given arguments in this group but can
be set in other ways.
To set the
projectattribute:- provide the argument
--membershipson the command line with a fully specified name; - provide the argument
--projecton the command line; - set the property
core/project.
- provide the argument
-
--memberships=[MEMBERSHIPS,…] - IDs of the memberships or fully qualified identifiers for the memberships.
To set the
membershipsattribute:- provide the argument
--membershipson the command line.
This flag argument must be specified if any of the other arguments in this group are specified.
- provide the argument
-
--location=LOCATION - Location for the memberships.
To set the
locationattribute:- provide the argument
--membershipson the command line with a fully specified name; - provide the argument
--locationon the command line; - set the property
gkehub/location.
- provide the argument
- Membership resource - The group of arguments defining one or more memberships.
The arguments in this group can be used to specify the attributes of this
resource. (NOTE) Some attributes are not given arguments in this group but can
be set in other ways.
-
-
- GCLOUD WIDE FLAGS
- These flags are available to all commands:
--access-token-file,--account,--billing-project,--configuration,--flags-file,--flatten,--format,--help,--impersonate-service-account,--log-http,--project,--quiet,--trace-token,--user-output-enabled,--verbosity.Run
$ gcloud helpfor details. - NOTES
- This command is currently in alpha and might change without notice. If this
command fails with API permission errors despite specifying the correct project,
you might be trying to access an API with an invitation-only early access
allowlist. These variants are also available:
gcloud container hub policycontroller deployment setgcloud beta container hub policycontroller deployment set
gcloud alpha container hub policycontroller deployment set
Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License , and code samples are licensed under the Apache 2.0 License . For details, see the Google Developers Site Policies . Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2026-05-27 UTC.
