How to change API access scope for an existing GKE node pool?

12/17/2020

Is there a way to allow access to all APIs for an existing node pool in GKE? When creating a node pool, you can choose it, but I can’t find a way to change it.

-- pat
google-kubernetes-engine
kubernetes

1 Answer

12/18/2020

To change the API Access scope on a running GKE Cluster, you can create a new node pool with your desired scope, migrate the workload, and then delete the old node pool. In that way, the cluster will be available all the time.

https://cloud.google.com/compute/docs/access/create-enable-service-accounts-for-instances#changeserviceaccountandscopes

-- Hernan
Source: StackOverflow