diff --git a/discovery/container-v1.json b/discovery/container-v1.json index 63a2a61873..fd4e247cc8 100644 --- a/discovery/container-v1.json +++ b/discovery/container-v1.json @@ -14,7 +14,7 @@ "canonicalName": "Container", "description": "Builds and manages container-based applications, powered by the open source Kubernetes technology.", "discoveryVersion": "v1", - "documentationLink": "https://cloud.google.com/container-engine/", + "documentationLink": "https://cloud.google.com/kubernetes-engine/docs/", "fullyEncodeReservedExpansion": true, "icons": { "x16": "http://www.google.com/images/icons/product/search-16.gif", @@ -2540,7 +2540,7 @@ } } }, - "revision": "20240806", + "revision": "20240912", "rootUrl": "https://container.googleapis.com/", "schemas": { "AcceleratorConfig": { @@ -2594,6 +2594,10 @@ "$ref": "MaxPodsConstraint", "description": "The maximum number of pods per node which use this pod network." }, + "networkAttachment": { + "description": "The name of the network attachment for pods to communicate to; cannot be specified along with subnetwork or secondary_pod_range.", + "type": "string" + }, "secondaryPodRange": { "description": "The name of the secondary range on the subnet which provides IP address for this pod range.", "type": "string" @@ -3147,6 +3151,10 @@ "description": "The IP address range of the container pods in this cluster, in [CIDR](http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) notation (e.g. `10.96.0.0/14`). Leave blank to have one automatically chosen or specify a `/14` block in `10.0.0.0/8`.", "type": "string" }, + "compliancePostureConfig": { + "$ref": "CompliancePostureConfig", + "description": "Enable/Disable Compliance Posture features for the cluster." + }, "conditions": { "description": "Which conditions caused the current cluster state.", "items": { @@ -3458,6 +3466,10 @@ "readOnly": true, "type": "string" }, + "userManagedKeysConfig": { + "$ref": "UserManagedKeysConfig", + "description": "The Custom keys configuration for the cluster." + }, "verticalPodAutoscaling": { "$ref": "VerticalPodAutoscaling", "description": "Cluster-level Vertical Pod Autoscaling configuration." @@ -3565,6 +3577,10 @@ "$ref": "ClusterAutoscaling", "description": "Cluster-level autoscaling configuration." }, + "desiredCompliancePostureConfig": { + "$ref": "CompliancePostureConfig", + "description": "Enable/Disable Compliance Posture features for the cluster." + }, "desiredContainerdConfig": { "$ref": "ContainerdConfig", "description": "The desired containerd config for the cluster." @@ -3821,6 +3837,10 @@ "removedAdditionalPodRangesConfig": { "$ref": "AdditionalPodRangesConfig", "description": "The additional pod ranges that are to be removed from the cluster. The pod ranges specified here must have been specified earlier in the 'additional_pod_ranges_config' argument." + }, + "userManagedKeysConfig": { + "$ref": "UserManagedKeysConfig", + "description": "The Custom keys configuration for the cluster." } }, "type": "object" @@ -3857,6 +3877,45 @@ "properties": {}, "type": "object" }, + "CompliancePostureConfig": { + "description": "CompliancePostureConfig defines the settings needed to enable/disable features for the Compliance Posture.", + "id": "CompliancePostureConfig", + "properties": { + "complianceStandards": { + "description": "List of enabled compliance standards.", + "items": { + "$ref": "ComplianceStandard" + }, + "type": "array" + }, + "mode": { + "description": "Defines the enablement mode for Compliance Posture.", + "enum": [ + "MODE_UNSPECIFIED", + "DISABLED", + "ENABLED" + ], + "enumDescriptions": [ + "Default value not specified.", + "Disables Compliance Posture features on the cluster.", + "Enables Compliance Posture features on the cluster." + ], + "type": "string" + } + }, + "type": "object" + }, + "ComplianceStandard": { + "description": "Defines the details of a compliance standard.", + "id": "ComplianceStandard", + "properties": { + "standard": { + "description": "Name of the compliance standard.", + "type": "string" + } + }, + "type": "object" + }, "ConfidentialNodes": { "description": "ConfidentialNodes is configuration for the confidential nodes feature, which makes nodes run on confidential VMs.", "id": "ConfidentialNodes", @@ -4351,7 +4410,7 @@ "properties": { "cacheHeader": { "$ref": "HttpCacheControlResponseHeader", - "description": "OnePlatform automatically extracts this field and uses it to set the HTTP Cache-Control header." + "description": "For HTTP requests, this field is automatically extracted into the Cache-Control HTTP header." }, "keys": { "description": "The public component of the keys used by the cluster to sign token requests.", @@ -4369,7 +4428,7 @@ "properties": { "cacheHeader": { "$ref": "HttpCacheControlResponseHeader", - "description": "OnePlatform automatically extracts this field and uses it to set the HTTP Cache-Control header." + "description": "For HTTP requests, this field is automatically extracted into the Cache-Control HTTP header." }, "claims_supported": { "description": "Supported claims.", @@ -4845,7 +4904,9 @@ "WORKLOADS", "APISERVER", "SCHEDULER", - "CONTROLLER_MANAGER" + "CONTROLLER_MANAGER", + "KCP_SSHD", + "KCP_CONNECTION" ], "enumDescriptions": [ "Default value. This shouldn't be used.", @@ -4853,7 +4914,9 @@ "workloads", "kube-apiserver", "kube-scheduler", - "kube-controller-manager" + "kube-controller-manager", + "kcp-sshd", + "kcp connection logs" ], "type": "string" }, @@ -5370,6 +5433,21 @@ "description": "Type of the disk attached to each node (e.g. 'pd-standard', 'pd-ssd' or 'pd-balanced') If unspecified, the default disk type is 'pd-standard'", "type": "string" }, + "effectiveCgroupMode": { + "description": "Output only. effective_cgroup_mode is the cgroup mode actually used by the node pool. It is determined by the cgroup mode specified in the LinuxNodeConfig or the default cgroup mode based on the cluster creation version.", + "enum": [ + "EFFECTIVE_CGROUP_MODE_UNSPECIFIED", + "EFFECTIVE_CGROUP_MODE_V1", + "EFFECTIVE_CGROUP_MODE_V2" + ], + "enumDescriptions": [ + "EFFECTIVE_CGROUP_MODE_UNSPECIFIED means the cgroup configuration for the node pool is unspecified, i.e. the node pool is a Windows node pool.", + "CGROUP_MODE_V1 means the node pool is configured to use cgroupv1 for the cgroup configuration.", + "CGROUP_MODE_V2 means the node pool is configured to use cgroupv2 for the cgroup configuration." + ], + "readOnly": true, + "type": "string" + }, "enableConfidentialStorage": { "description": "Optional. Reserved for future use.", "type": "boolean" @@ -7838,6 +7916,51 @@ }, "type": "object" }, + "UserManagedKeysConfig": { + "description": "UserManagedKeysConfig holds the resource address to Keys which are used for signing certs and token that are used for communication within cluster.", + "id": "UserManagedKeysConfig", + "properties": { + "aggregationCa": { + "description": "The Certificate Authority Service caPool to use for the aggregation CA in this cluster.", + "type": "string" + }, + "clusterCa": { + "description": "The Certificate Authority Service caPool to use for the cluster CA in this cluster.", + "type": "string" + }, + "controlPlaneDiskEncryptionKey": { + "description": "The Cloud KMS cryptoKey to use for Confidential Hyperdisk on the control plane nodes.", + "type": "string" + }, + "etcdApiCa": { + "description": "Resource path of the Certificate Authority Service caPool to use for the etcd API CA in this cluster.", + "type": "string" + }, + "etcdPeerCa": { + "description": "Resource path of the Certificate Authority Service caPool to use for the etcd peer CA in this cluster.", + "type": "string" + }, + "gkeopsEtcdBackupEncryptionKey": { + "description": "Resource path of the Cloud KMS cryptoKey to use for encryption of internal etcd backups.", + "type": "string" + }, + "serviceAccountSigningKeys": { + "description": "The Cloud KMS cryptoKeyVersions to use for signing service account JWTs issued by this cluster. Format: `projects/{project}/locations/{location}/keyRings/{keyring}/cryptoKeys/{cryptoKey}/cryptoKeyVersions/{cryptoKeyVersion}`", + "items": { + "type": "string" + }, + "type": "array" + }, + "serviceAccountVerificationKeys": { + "description": "The Cloud KMS cryptoKeyVersions to use for verifying service account JWTs issued by this cluster. Format: `projects/{project}/locations/{location}/keyRings/{keyring}/cryptoKeys/{cryptoKey}/cryptoKeyVersions/{cryptoKeyVersion}`", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, "VerticalPodAutoscaling": { "description": "VerticalPodAutoscaling contains global, per-cluster information required by Vertical Pod Autoscaler to automatically adjust the resources of pods controlled by it.", "id": "VerticalPodAutoscaling", diff --git a/discovery/container-v1beta1.json b/discovery/container-v1beta1.json index f4936d21bc..fbdb884a8f 100644 --- a/discovery/container-v1beta1.json +++ b/discovery/container-v1beta1.json @@ -14,7 +14,7 @@ "canonicalName": "Container", "description": "Builds and manages container-based applications, powered by the open source Kubernetes technology.", "discoveryVersion": "v1", - "documentationLink": "https://cloud.google.com/container-engine/", + "documentationLink": "https://cloud.google.com/kubernetes-engine/docs/", "fullyEncodeReservedExpansion": true, "icons": { "x16": "http://www.google.com/images/icons/product/search-16.gif", @@ -2565,7 +2565,7 @@ } } }, - "revision": "20240806", + "revision": "20240912", "rootUrl": "https://container.googleapis.com/", "schemas": { "AcceleratorConfig": { @@ -2625,6 +2625,10 @@ "$ref": "MaxPodsConstraint", "description": "The maximum number of pods per node which use this pod network." }, + "networkAttachment": { + "description": "The name of the network attachment for pods to communicate to; cannot be specified along with subnetwork or secondary_pod_range.", + "type": "string" + }, "secondaryPodRange": { "description": "The name of the secondary range on the subnet which provides IP address for this pod range.", "type": "string" @@ -3598,6 +3602,10 @@ "readOnly": true, "type": "string" }, + "userManagedKeysConfig": { + "$ref": "UserManagedKeysConfig", + "description": "The Custom keys configuration for the cluster." + }, "verticalPodAutoscaling": { "$ref": "VerticalPodAutoscaling", "description": "Cluster-level Vertical Pod Autoscaling configuration." @@ -3740,6 +3748,10 @@ "$ref": "ClusterTelemetry", "description": "The desired telemetry integration for the cluster." }, + "desiredCompliancePostureConfig": { + "$ref": "CompliancePostureConfig", + "description": "Enable/Disable Compliance Posture features for the cluster." + }, "desiredContainerdConfig": { "$ref": "ContainerdConfig", "description": "The desired containerd config for the cluster." @@ -4030,6 +4042,10 @@ "removedAdditionalPodRangesConfig": { "$ref": "AdditionalPodRangesConfig", "description": "The additional pod ranges that are to be removed from the cluster. The pod ranges specified here must have been specified earlier in the 'additional_pod_ranges_config' argument." + }, + "userManagedKeysConfig": { + "$ref": "UserManagedKeysConfig", + "description": "The Custom keys configuration for the cluster." } }, "type": "object" @@ -4633,7 +4649,7 @@ "properties": { "cacheHeader": { "$ref": "HttpCacheControlResponseHeader", - "description": "OnePlatform automatically extracts this field and uses it to set the HTTP Cache-Control header." + "description": "For HTTP requests, this field is automatically extracted into the Cache-Control HTTP header." }, "keys": { "description": "The public component of the keys used by the cluster to sign token requests.", @@ -4651,7 +4667,7 @@ "properties": { "cacheHeader": { "$ref": "HttpCacheControlResponseHeader", - "description": "OnePlatform automatically extracts this field and uses it to set the HTTP Cache-Control header." + "description": "For HTTP requests, this field is automatically extracted into the Cache-Control HTTP header." }, "claims_supported": { "description": "Supported claims.", @@ -5240,7 +5256,9 @@ "WORKLOADS", "APISERVER", "SCHEDULER", - "CONTROLLER_MANAGER" + "CONTROLLER_MANAGER", + "KCP_SSHD", + "KCP_CONNECTION" ], "enumDescriptions": [ "Default value. This shouldn't be used.", @@ -5248,7 +5266,9 @@ "workloads", "kube-apiserver", "kube-scheduler", - "kube-controller-manager" + "kube-controller-manager", + "kcp-sshd", + "kcp connection logs" ], "type": "string" }, @@ -5802,6 +5822,21 @@ "description": "Type of the disk attached to each node (e.g. 'pd-standard', 'pd-ssd' or 'pd-balanced') If unspecified, the default disk type is 'pd-standard'", "type": "string" }, + "effectiveCgroupMode": { + "description": "Output only. effective_cgroup_mode is the cgroup mode actually used by the node pool. It is determined by the cgroup mode specified in the LinuxNodeConfig or the default cgroup mode based on the cluster creation version.", + "enum": [ + "EFFECTIVE_CGROUP_MODE_UNSPECIFIED", + "EFFECTIVE_CGROUP_MODE_V1", + "EFFECTIVE_CGROUP_MODE_V2" + ], + "enumDescriptions": [ + "EFFECTIVE_CGROUP_MODE_UNSPECIFIED means the cgroup configuration for the node pool is unspecified, i.e. the node pool is a Windows node pool.", + "CGROUP_MODE_V1 means the node pool is configured to use cgroupv1 for the cgroup configuration.", + "CGROUP_MODE_V2 means the node pool is configured to use cgroupv2 for the cgroup configuration." + ], + "readOnly": true, + "type": "string" + }, "enableConfidentialStorage": { "description": "Optional. Reserved for future use.", "type": "boolean" @@ -8394,6 +8429,51 @@ }, "type": "object" }, + "UserManagedKeysConfig": { + "description": "UserManagedKeysConfig holds the resource address to Keys which are used for signing certs and token that are used for communication within cluster.", + "id": "UserManagedKeysConfig", + "properties": { + "aggregationCa": { + "description": "The Certificate Authority Service caPool to use for the aggregation CA in this cluster.", + "type": "string" + }, + "clusterCa": { + "description": "The Certificate Authority Service caPool to use for the cluster CA in this cluster.", + "type": "string" + }, + "controlPlaneDiskEncryptionKey": { + "description": "The Cloud KMS cryptoKey to use for Confidential Hyperdisk on the control plane nodes.", + "type": "string" + }, + "etcdApiCa": { + "description": "Resource path of the Certificate Authority Service caPool to use for the etcd API CA in this cluster.", + "type": "string" + }, + "etcdPeerCa": { + "description": "Resource path of the Certificate Authority Service caPool to use for the etcd peer CA in this cluster.", + "type": "string" + }, + "gkeopsEtcdBackupEncryptionKey": { + "description": "Resource path of the Cloud KMS cryptoKey to use for encryption of internal etcd backups.", + "type": "string" + }, + "serviceAccountSigningKeys": { + "description": "The Cloud KMS cryptoKeyVersions to use for signing service account JWTs issued by this cluster. Format: `projects/{project}/locations/{location}/keyRings/{keyring}/cryptoKeys/{cryptoKey}/cryptoKeyVersions/{cryptoKeyVersion}`", + "items": { + "type": "string" + }, + "type": "array" + }, + "serviceAccountVerificationKeys": { + "description": "The Cloud KMS cryptoKeyVersions to use for verifying service account JWTs issued by this cluster. Format: `projects/{project}/locations/{location}/keyRings/{keyring}/cryptoKeys/{cryptoKey}/cryptoKeyVersions/{cryptoKeyVersion}`", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, "VerticalPodAutoscaling": { "description": "VerticalPodAutoscaling contains global, per-cluster information required by Vertical Pod Autoscaler to automatically adjust the resources of pods controlled by it.", "id": "VerticalPodAutoscaling", diff --git a/src/apis/container/v1.ts b/src/apis/container/v1.ts index 791cf02f9d..5536d27c2a 100644 --- a/src/apis/container/v1.ts +++ b/src/apis/container/v1.ts @@ -170,6 +170,10 @@ export namespace container_v1 { * The maximum number of pods per node which use this pod network. */ maxPodsPerNode?: Schema$MaxPodsConstraint; + /** + * The name of the network attachment for pods to communicate to; cannot be specified along with subnetwork or secondary_pod_range. + */ + networkAttachment?: string | null; /** * The name of the secondary range on the subnet which provides IP address for this pod range. */ @@ -579,6 +583,10 @@ export namespace container_v1 { * The IP address range of the container pods in this cluster, in [CIDR](http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) notation (e.g. `10.96.0.0/14`). Leave blank to have one automatically chosen or specify a `/14` block in `10.0.0.0/8`. */ clusterIpv4Cidr?: string | null; + /** + * Enable/Disable Compliance Posture features for the cluster. + */ + compliancePostureConfig?: Schema$CompliancePostureConfig; /** * Which conditions caused the current cluster state. */ @@ -831,6 +839,10 @@ export namespace container_v1 { * Output only. The IP address range of the Cloud TPUs in this cluster, in [CIDR](http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) notation (e.g. `1.2.3.4/29`). */ tpuIpv4CidrBlock?: string | null; + /** + * The Custom keys configuration for the cluster. + */ + userManagedKeysConfig?: Schema$UserManagedKeysConfig; /** * Cluster-level Vertical Pod Autoscaling configuration. */ @@ -906,6 +918,10 @@ export namespace container_v1 { * Cluster-level autoscaling configuration. */ desiredClusterAutoscaling?: Schema$ClusterAutoscaling; + /** + * Enable/Disable Compliance Posture features for the cluster. + */ + desiredCompliancePostureConfig?: Schema$CompliancePostureConfig; /** * The desired containerd config for the cluster. */ @@ -1118,6 +1134,10 @@ export namespace container_v1 { * The additional pod ranges that are to be removed from the cluster. The pod ranges specified here must have been specified earlier in the 'additional_pod_ranges_config' argument. */ removedAdditionalPodRangesConfig?: Schema$AdditionalPodRangesConfig; + /** + * The Custom keys configuration for the cluster. + */ + userManagedKeysConfig?: Schema$UserManagedKeysConfig; } /** * CompleteIPRotationRequest moves the cluster master back into single-IP mode. @@ -1144,6 +1164,28 @@ export namespace container_v1 { * CompleteNodePoolUpgradeRequest sets the name of target node pool to complete upgrade. */ export interface Schema$CompleteNodePoolUpgradeRequest {} + /** + * CompliancePostureConfig defines the settings needed to enable/disable features for the Compliance Posture. + */ + export interface Schema$CompliancePostureConfig { + /** + * List of enabled compliance standards. + */ + complianceStandards?: Schema$ComplianceStandard[]; + /** + * Defines the enablement mode for Compliance Posture. + */ + mode?: string | null; + } + /** + * Defines the details of a compliance standard. + */ + export interface Schema$ComplianceStandard { + /** + * Name of the compliance standard. + */ + standard?: string | null; + } /** * ConfidentialNodes is configuration for the confidential nodes feature, which makes nodes run on confidential VMs. */ @@ -1428,7 +1470,7 @@ export namespace container_v1 { */ export interface Schema$GetJSONWebKeysResponse { /** - * OnePlatform automatically extracts this field and uses it to set the HTTP Cache-Control header. + * For HTTP requests, this field is automatically extracted into the Cache-Control HTTP header. */ cacheHeader?: Schema$HttpCacheControlResponseHeader; /** @@ -1441,7 +1483,7 @@ export namespace container_v1 { */ export interface Schema$GetOpenIDConfigResponse { /** - * OnePlatform automatically extracts this field and uses it to set the HTTP Cache-Control header. + * For HTTP requests, this field is automatically extracted into the Cache-Control HTTP header. */ cacheHeader?: Schema$HttpCacheControlResponseHeader; /** @@ -2146,6 +2188,10 @@ export namespace container_v1 { * Type of the disk attached to each node (e.g. 'pd-standard', 'pd-ssd' or 'pd-balanced') If unspecified, the default disk type is 'pd-standard' */ diskType?: string | null; + /** + * Output only. effective_cgroup_mode is the cgroup mode actually used by the node pool. It is determined by the cgroup mode specified in the LinuxNodeConfig or the default cgroup mode based on the cluster creation version. + */ + effectiveCgroupMode?: string | null; /** * Optional. Reserved for future use. */ @@ -3898,6 +3944,43 @@ export namespace container_v1 { */ status?: string | null; } + /** + * UserManagedKeysConfig holds the resource address to Keys which are used for signing certs and token that are used for communication within cluster. + */ + export interface Schema$UserManagedKeysConfig { + /** + * The Certificate Authority Service caPool to use for the aggregation CA in this cluster. + */ + aggregationCa?: string | null; + /** + * The Certificate Authority Service caPool to use for the cluster CA in this cluster. + */ + clusterCa?: string | null; + /** + * The Cloud KMS cryptoKey to use for Confidential Hyperdisk on the control plane nodes. + */ + controlPlaneDiskEncryptionKey?: string | null; + /** + * Resource path of the Certificate Authority Service caPool to use for the etcd API CA in this cluster. + */ + etcdApiCa?: string | null; + /** + * Resource path of the Certificate Authority Service caPool to use for the etcd peer CA in this cluster. + */ + etcdPeerCa?: string | null; + /** + * Resource path of the Cloud KMS cryptoKey to use for encryption of internal etcd backups. + */ + gkeopsEtcdBackupEncryptionKey?: string | null; + /** + * The Cloud KMS cryptoKeyVersions to use for signing service account JWTs issued by this cluster. Format: `projects/{project\}/locations/{location\}/keyRings/{keyring\}/cryptoKeys/{cryptoKey\}/cryptoKeyVersions/{cryptoKeyVersion\}` + */ + serviceAccountSigningKeys?: string[] | null; + /** + * The Cloud KMS cryptoKeyVersions to use for verifying service account JWTs issued by this cluster. Format: `projects/{project\}/locations/{location\}/keyRings/{keyring\}/cryptoKeys/{cryptoKey\}/cryptoKeyVersions/{cryptoKeyVersion\}` + */ + serviceAccountVerificationKeys?: string[] | null; + } /** * VerticalPodAutoscaling contains global, per-cluster information required by Vertical Pod Autoscaler to automatically adjust the resources of pods controlled by it. */ diff --git a/src/apis/container/v1beta1.ts b/src/apis/container/v1beta1.ts index 30d52f736f..923ed6a11b 100644 --- a/src/apis/container/v1beta1.ts +++ b/src/apis/container/v1beta1.ts @@ -174,6 +174,10 @@ export namespace container_v1beta1 { * The maximum number of pods per node which use this pod network. */ maxPodsPerNode?: Schema$MaxPodsConstraint; + /** + * The name of the network attachment for pods to communicate to; cannot be specified along with subnetwork or secondary_pod_range. + */ + networkAttachment?: string | null; /** * The name of the secondary range on the subnet which provides IP address for this pod range. */ @@ -913,6 +917,10 @@ export namespace container_v1beta1 { * Output only. The IP address range of the Cloud TPUs in this cluster, in [CIDR](http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) notation (e.g. `1.2.3.4/29`). */ tpuIpv4CidrBlock?: string | null; + /** + * The Custom keys configuration for the cluster. + */ + userManagedKeysConfig?: Schema$UserManagedKeysConfig; /** * Cluster-level Vertical Pod Autoscaling configuration. */ @@ -1009,6 +1017,10 @@ export namespace container_v1beta1 { * The desired telemetry integration for the cluster. */ desiredClusterTelemetry?: Schema$ClusterTelemetry; + /** + * Enable/Disable Compliance Posture features for the cluster. + */ + desiredCompliancePostureConfig?: Schema$CompliancePostureConfig; /** * The desired containerd config for the cluster. */ @@ -1253,6 +1265,10 @@ export namespace container_v1beta1 { * The additional pod ranges that are to be removed from the cluster. The pod ranges specified here must have been specified earlier in the 'additional_pod_ranges_config' argument. */ removedAdditionalPodRangesConfig?: Schema$AdditionalPodRangesConfig; + /** + * The Custom keys configuration for the cluster. + */ + userManagedKeysConfig?: Schema$UserManagedKeysConfig; } /** * CompleteIPRotationRequest moves the cluster master back into single-IP mode. @@ -1611,7 +1627,7 @@ export namespace container_v1beta1 { */ export interface Schema$GetJSONWebKeysResponse { /** - * OnePlatform automatically extracts this field and uses it to set the HTTP Cache-Control header. + * For HTTP requests, this field is automatically extracted into the Cache-Control HTTP header. */ cacheHeader?: Schema$HttpCacheControlResponseHeader; /** @@ -1624,7 +1640,7 @@ export namespace container_v1beta1 { */ export interface Schema$GetOpenIDConfigResponse { /** - * OnePlatform automatically extracts this field and uses it to set the HTTP Cache-Control header. + * For HTTP requests, this field is automatically extracted into the Cache-Control HTTP header. */ cacheHeader?: Schema$HttpCacheControlResponseHeader; /** @@ -2406,6 +2422,10 @@ export namespace container_v1beta1 { * Type of the disk attached to each node (e.g. 'pd-standard', 'pd-ssd' or 'pd-balanced') If unspecified, the default disk type is 'pd-standard' */ diskType?: string | null; + /** + * Output only. effective_cgroup_mode is the cgroup mode actually used by the node pool. It is determined by the cgroup mode specified in the LinuxNodeConfig or the default cgroup mode based on the cluster creation version. + */ + effectiveCgroupMode?: string | null; /** * Optional. Reserved for future use. */ @@ -4251,6 +4271,43 @@ export namespace container_v1beta1 { */ status?: string | null; } + /** + * UserManagedKeysConfig holds the resource address to Keys which are used for signing certs and token that are used for communication within cluster. + */ + export interface Schema$UserManagedKeysConfig { + /** + * The Certificate Authority Service caPool to use for the aggregation CA in this cluster. + */ + aggregationCa?: string | null; + /** + * The Certificate Authority Service caPool to use for the cluster CA in this cluster. + */ + clusterCa?: string | null; + /** + * The Cloud KMS cryptoKey to use for Confidential Hyperdisk on the control plane nodes. + */ + controlPlaneDiskEncryptionKey?: string | null; + /** + * Resource path of the Certificate Authority Service caPool to use for the etcd API CA in this cluster. + */ + etcdApiCa?: string | null; + /** + * Resource path of the Certificate Authority Service caPool to use for the etcd peer CA in this cluster. + */ + etcdPeerCa?: string | null; + /** + * Resource path of the Cloud KMS cryptoKey to use for encryption of internal etcd backups. + */ + gkeopsEtcdBackupEncryptionKey?: string | null; + /** + * The Cloud KMS cryptoKeyVersions to use for signing service account JWTs issued by this cluster. Format: `projects/{project\}/locations/{location\}/keyRings/{keyring\}/cryptoKeys/{cryptoKey\}/cryptoKeyVersions/{cryptoKeyVersion\}` + */ + serviceAccountSigningKeys?: string[] | null; + /** + * The Cloud KMS cryptoKeyVersions to use for verifying service account JWTs issued by this cluster. Format: `projects/{project\}/locations/{location\}/keyRings/{keyring\}/cryptoKeys/{cryptoKey\}/cryptoKeyVersions/{cryptoKeyVersion\}` + */ + serviceAccountVerificationKeys?: string[] | null; + } /** * VerticalPodAutoscaling contains global, per-cluster information required by Vertical Pod Autoscaler to automatically adjust the resources of pods controlled by it. */