Choose an access method to log in to clusters

This document is for developers and other GKE cluster users who need to log in to clusters from the command line using GKE Identity Service.

Before you begin

Log in from the command line

Logging in to clusters with GKE Identity Service from the command line requires running gcloud authentication commands. If you want to use one of the command line login options, do the following:
1. Ensure that you have the following command line tools installed:
  - The latest version of the Google Cloud CLI, which includes gcloud, the command line tool for interacting with Google Cloud. If you need to install the Google Cloud CLI, see the installation guide.
  - kubectl for running commands against Kubernetes clusters. If you need to install kubectl, see the installation guide.
2. Run the following commands to install or update the anthos-auth component:
```
gcloud components update
gcloud components install anthos-auth
```
3. Verify that the component was installed successfully by running the following command:
```
gcloud anthos auth version
```
  If a version is returned, your installation was successful.
Log in from the Google Cloud console

For OIDC and AzureAD providers only, you can also log in to clusters from the Google Cloud console without a configuration file or FQDN. For more information, see Work with clusters from the Google Cloud console.

To log in to your configured clusters, use one of the following access methods:

Log in from the command line with FQDN access: If you need to log in to your clusters using a fully qualified domain name, see FQDN access.
Log in from the command line with file-based access: If you need to log in to your clusters with a configuration file, see file-based access.