gcloud iam workload-identity-pools managed-identities add-attestation-rule

NAME
gcloud iam workload-identity-pools managed-identities add-attestation-rule - add an attestation rule on a workload identity pool managed identity
SYNOPSIS
gcloud iam workload-identity-pools managed-identities add-attestation-rule (MANAGED_IDENTITY : --location=LOCATION --namespace=NAMESPACE --workload-identity-pool=WORKLOAD_IDENTITY_POOL) --google-cloud-resource=GOOGLE_CLOUD_RESOURCE [--async] [GCLOUD_WIDE_FLAG]
DESCRIPTION
Add an attestation rule on a workload identity pool managed identity.
EXAMPLES
The following command adds an attestation rule with a Google Cloud resource on a workload identity pool managed identity my-managed-identity. 
gcloud iam workload-identity-pools managed-identities add-attestation-rule my-managed-identity --namespace="my-namespace" --workload-identity-pool="my-workload-identity-pool" --location="global" --google-cloud-resource="//compute.googleapis.com/projects/123/type/Instance/attached_service_account.uid/12345"
POSITIONAL ARGUMENTS
Workload identity pool managed identity resource - The workload identity pool managed identity to add attestation rule on. The arguments in this group can be used to specify the attributes of this resource. (NOTE) Some attributes are not given arguments in this group but can be set in other ways.

To set the project attribute:

  • provide the argument managed_identity on the command line with a fully specified name;
  • provide the argument --project on the command line;
  • set the property core/project.

This must be specified.

MANAGED_IDENTITY
ID of the workload identity pool managed identity or fully qualified identifier for the workload identity pool managed identity.

To set the managed_identity attribute:

  • provide the argument managed_identity on the command line.

This positional argument must be specified if any of the other arguments in this group are specified.

--location=LOCATION
The location name.

To set the location attribute:

  • provide the argument managed_identity on the command line with a fully specified name;
  • provide the argument --location on the command line.
--namespace=NAMESPACE
The ID to use for the namespace. This value must be 2-63 characters, and may contain the characters [a-z0-9-]. The prefix gcp- is reserved for use by Google, and may not be specified. To set the namespace attribute:
  • provide the argument managed_identity on the command line with a fully specified name;
  • provide the argument --namespace on the command line.
--workload-identity-pool=WORKLOAD_IDENTITY_POOL
The ID to use for the pool, which becomes the final component of the resource name. This value should be 4-32 characters, and may contain the characters [a-z0-9-]. The prefix gcp- is reserved for use by Google, and may not be specified. To set the workload-identity-pool attribute:
  • provide the argument managed_identity on the command line with a fully specified name;
  • provide the argument --workload-identity-pool on the command line.
REQUIRED FLAGS
--google-cloud-resource=GOOGLE_CLOUD_RESOURCE
A single workload operating on Google Cloud. This will be set in the attestation rule to be added.
OPTIONAL FLAGS
--async
Return immediately, without waiting for the operation in progress to complete.
GCLOUD WIDE FLAGS
These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, --help, --impersonate-service-account, --log-http, --project, --quiet, --trace-token, --user-output-enabled, --verbosity.

Run $ gcloud help for details.