gcloud alpha container hub policycontroller content bundles set

NAME: gcloud alpha container hub policycontroller content bundles set - sets bundle installation for Policy Controller content
SYNOPSIS: gcloud alpha container hub policycontroller content bundles set BUNDLE_NAME [--all-memberships | [--memberships=[MEMBERSHIPS,…] : --location=LOCATION]] [--exempted-namespaces=EXEMPTED_NAMESPACES | --no-exempted-namespaces] [GCLOUD_WIDE_FLAG …]
DESCRIPTION: (ALPHA) Google-defined policy bundles of constraints can be installed onto Policy Controller installations.
The namespace exclusion flag (--exempted-namespaces) will specify a set of namespaces that the installed bundle will ignore. Subsequent calls with the same bundle name and this flag will overwrite what namespaces are being ignored. Using --no-exempted-namespaces or specifying no namespaces with --exempted-namespaces will remove all namespaces from the ignore list.
To uninstall a bundle, use the remove command.
EXAMPLES: To install a policy bundle:
gcloud alpha container hub policycontroller content bundles set cis-k8s-v1.5.1

To install a policy bundle, while ignoring (exempting) certain namespaces from being affected by the bundle:
gcloud alpha container hub policycontroller content bundles set cis-k8s-v1.5.1 --exempted-namespaces=kube-system,gatekeeper-system

To remove all exempted namespaces from a particular bundles ignore list:
gcloud alpha container hub policycontroller content bundles set cis-k8s-v1.5.1 --no-exempted-namespaces
POSITIONAL ARGUMENTS: BUNDLE_NAME

The constraint bundle to install in Policy Controller.
FLAGS: Membership flags.
At most one of these can be specified:

--all-memberships

If supplied, apply to all Policy Controllers memberships in the fleet.

Membership resource - The group of arguments defining one or more memberships. The arguments in this group can be used to specify the attributes of this resource. (NOTE) Some attributes are not given arguments in this group but can be set in other ways.
To set the project attribute:

provide the argument --memberships on the command line with a fully specified name;

provide the argument --project on the command line;

set the property core/project.

--memberships=[MEMBERSHIPS,…]

IDs of the memberships or fully qualified identifiers for the memberships.
To set the memberships attribute:

provide the argument --memberships on the command line.

This flag argument must be specified if any of the other arguments in this group are specified.

--location=LOCATION

Location for the memberships.
To set the location attribute:

provide the argument --memberships on the command line with a fully specified name;

provide the argument --location on the command line;

set the property gkehub/location.

Exempted Namespaces flags.
At most one of these can be specified:

--exempted-namespaces=EXEMPTED_NAMESPACES

Exempted namespaces are ignored by Policy Controller when applying constraints added by this bundle.

--no-exempted-namespaces

Removes all exempted namespaces from the specified bundle.
GCLOUD WIDE FLAGS: These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, --help, --impersonate-service-account, --log-http, --project, --quiet, --trace-token, --user-output-enabled, --verbosity.
Run $ gcloud help for details.
NOTES: This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early access allowlist. These variants are also available:
gcloud container hub policycontroller content bundles set

gcloud beta container hub policycontroller content bundles set