Hi Robert, yes, I'm talking about scopes, the UI calls them permissions. I've noticed that we can use the "--scopes" flag to override the cluster's setting when using "gcloud container node-pools create", the UI however does not offer this option.
Still, the room to improve stays even when a workaround is available. ;-) I see no reason why the default scopes setting of a cluster needs to be set in stone. It is only used by the "gcloud container node-pools create" command when you don't specify the "--scopes" flag, so why no making it possible to change it via the "gcloud container clusters update" command? The benefit would be to avoid human error when creating a new node pool. Thanks, Richard 'Robert Bailey' via Containers at Google <[email protected]> schrieb am Fr., 15. Juli 2016 um 05:48 Uhr: > Hi Richard, > > By permissions do you mean the scopes that are on the service account > attached to each node? When you create a NodePool, you can pass in a > NodeConfig > object > <https://cloud.google.com/container-engine/reference/rest/v1/NodeConfig> > that allows you to customize the pool with a specified service account and > oauth scopes (and not all pools in your cluster must have the same scopes). > > Are you trying to create the new node pool using the CLI (gcloud) or the > UI (cloud console)? It's possible that this part of the API surface isn't > properly exposed with a friendly UX (or if so, maybe it just isn't very > discoverable). > > Robby > > > > On Thu, Jul 14, 2016 at 8:53 AM, Richard Musiol <[email protected]> > wrote: > >> Hi, >> >> would it be possible to add the option to modify the permissions of a >> cluster? As far as I can see they are only used as the default permission >> values when a new node pool is being created. We would like to change those >> defaults without having to create a new cluster. >> >> Thanks, >> Richard >> > -- >> You received this message because you are subscribed to the Google Groups >> "Containers at Google" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. > > >> To post to this group, send email to [email protected]. >> Visit this group at https://groups.google.com/group/google-containers. >> For more options, visit https://groups.google.com/d/optout. >> > -- > You received this message because you are subscribed to a topic in the > Google Groups "Containers at Google" group. > To unsubscribe from this topic, visit > https://groups.google.com/d/topic/google-containers/pjQUHm-No_4/unsubscribe > . > To unsubscribe from this group and all its topics, send an email to > [email protected]. > To post to this group, send email to [email protected]. > Visit this group at https://groups.google.com/group/google-containers. > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "Containers at Google" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/google-containers. For more options, visit https://groups.google.com/d/optout.
