1.103.0

• Fixed an issue in resource PrivateCACAPool to support setting maxIssuerPathLength field as 0.
• Added support for manual installation in GKE Autopilot.
• Fixed set blockOwnerDeletion failures for OwnerReferencesPermissionEnforcement enabled clusters #797
• Optimized ratelimiter for IAMPolicyMember controller to make sure new resources get reconciled timely.
• Resource ArtifactRegistryRepository(v1beta1):
  • Added spec.dockerConfig field.
• Resource BigQueryDataset(v1beta1):
  • Added spec.defaultCollation field.
  • Added spec.isCaseInsensitive field.
• Resource ComputeInstance(v1beta1):
  • Added spec.scratchDisk.items.size field.
• Resource ComputeInstanceTemplate(v1beta1):
  • Added status.selfLinkUnique field.
• Resource ComputeNetwork(v1beta1):
  • Added spec.networkFirewallPolicyEnforcementOrder field.
• Resource ComputeVPNGateway(v1beta1):
  • Added spec.stackType field.
• Resource ContainerCluster(v1beta1):
  • Added spec.ipAllocationPolicy.podCidrOverprovisionConfig field.
  • Added spec.ipAllocationPolicy.stackType field.
  • Added spec.nodeConfig.advancedMachineFeatures field.
  • Added spec.nodeConfig.ephemeralStorageLocalSsdConfig field.
  • Added spec.nodeConfig.localNvmeSsdBlockConfig field.
• Resource ContainerNodePool(v1beta1):
  • Added spec.networkConfig.podCidrOverprovisionConfig field.
  • Added spec.nodeConfig.advancedMachineFeatures field.
  • Added spec.nodeConfig.ephemeralStorageLocalSsdConfig field.
  • Added spec.nodeConfig.localNvmeSsdBlockConfig field.
• Resource PrivateCACAPool(v1beta1):
  • Added spec.issuancePolicy.baselineValues.caOptions.zeroMaxIssuerPathLength field.
• Resource PrivateCACertificateAuthority(v1beta1):
  • Added spec.config.x509Config.caOptions.zeroMaxIssuerPathLength field.
• Resource StorageTransferJob(v1beta1):
  • Added spec.transferSpec.objectConditions.lastModifiedBefore field.
  • Added spec.transferSpec.objectConditions.lastModifiedSince field.
• Added 136 v1alpha1 Google Cloud resource CRDs. See Install instructions for more information.

1.102.0

• Added support for IAMAccessBoundaryPolicy resource.
• Introduced configurable reconciliation interval feature.
• Switched prometheus-to-sd image from k8s.gcr.io to gke.gcr.io for private GKE cluster #789
• Fixed a bug causing diff detection on reservedIpRange in RedisInstance.
• Added mode, remoteRepositoryConfig, virtualRepositoryConfig fields to
  ArtifactRegistryRepository.
• Added scheduling.maintenanceInterval field to ComputeInstance.
• Added scheduling.maintenanceInterval field to ComputeInstanceTemplate.
• Added groupPlacementPolicy.maxDistance field to ComputeResourcePolicy.
• Added deletionPolicy field to ComputeSharedVPCServiceProject.
• Added protectConfig field to ContainerCluster.
• Added transferSpec.sinkAgentPoolName,
  transferSpec.sourceAgentPoolName fields to StorageTransferJob.
• Added spec.bitbucketServerTriggerConfig, spec.github.enterpriseConfigResourceNameRef fields to CloudBuildTrigger.
• Added spec.diskEncryptionKey.rsaEncryptedKey field to ComputeDisk.
• Added spec.rateLimitOptions.enforceOnKeyConfigs field to ComputeSecurityPolicy.
• Added spec.kubeletConfig.podPidsLimit field to ContainerCluster.
• Added spec.kubeletConfig.podPidsLimit field to ContainerNodePool.
• Added spec.instanceType field to SQLInstance.

1.101.0

• Disabled fast dependency reconciliation during resource deletion.
• Adjusted default reconciliation interval for the following resources:
  • BigtableInstance: 3600 seconds (1 hour)
  • BigtableTable: 3600 seconds (1 hour)
  • ServiceUsage: 3600 seconds (1 hour)
  • ComputeSslCertificate: 0 seconds (This resource does not support any updates, so reconciliation is not useful.)
• Graduated the following resources from alpha to stable: NetworkServicesGateway, NetworkServicesGRPCRoute, NetworkServicesHTTPRoute, NetworkServicesMesh, NetworkServicesTCPRoute, NetworkServicesTLSRoute.
• Removed GameServicesRealm resource.
• Added spec.externalDataConfiguration.referenceFileSchemaUri field to BigQueryTable.
• Added spec.gitFileSource.githubEnterpriseConfigRef, spec.repositoryEventConfig and spec.sourceToBuild.githubEnterpriseConfigRef fields to CloudBuildTrigger.
• Added spec.edgeSecurityPolicyRef and spec.localityLbPolicies fields to ComputeBackendService.
• Added spec.scheduling.maxRunDuration field to ComputeInstance.
• Added spec.resourcePolicies and spec.scheduling.maxRunDuration fields to ComputeInstanceTemplate.
• Added spec.shareSettings field to ComputeNodeGroup.
• Added spec.tcpTimeWaitTimeoutSec field to ComputeRouterNAT (#692).
• Added spec.adaptiveProtectionConfig.autoDeployConfig field to ComputeSecurityPolicy.
• Added spec.bindings.members.memberFrom.serviceIdentityRef field to IAMPartialPolicy (#722).
• Added spec.memberFrom.serviceIdentityRef field to IAMPolicyMember (#722).
• In SQLInstance:
  • spec.settings.diskType is now immutable.
  • Added spec.ipConfiguration.enablePrivatePathForGoogleCloudServices field.
• Fixed a bug that could cause controllers to become stuck on an outdated CRD version.
• Updated optional status fields in Config Connector Go client library to be consistent with optional spec fields. This updates some existing status fields to pointer types and is a breaking change to the Go client library users.

1.100.0

• Added support for BigQueryRoutine resource. This resource has been auto-generated and is in alpha stability (#739).
• Added support for TagsTagBinding resource. This resource has been auto-generated and is in alpha stability.
• Added support for PubSubLiteReservation resource.
• Added support for ServiceIdentity resource (#728).
• Added field status.generatedId in ComputeBackendService.
• Added field spec.imagedEncryptionKey in ComputeImage.
• Added fields spec.disk.sourceImageEncryptionKey, spec.disk.sourceSnapshotRef, and spec.disk.sourceSnapshotEncryptionKey in ComputeInstanceTemplate.
• Added field spec.routerApplianceInstanceRef in ComputeRouterPeer.
• Added field status.expireTime in ComputeSSLCertificate.
• In SQLInstance:
  • Added fields spec.settings.deletionProtectionEnabled and status.instanceType (#748).
  • Field spec.settings.sqlServerAuditConfig.bucketRef is no longer required.
• Supported IAMPolicy, IAMPartialPolicy and IAMPolicyMember for DNSManagedZone.
• abandon-on-uninstall webhook will now ignore non-Config Connector CRDs (#758).
• Extended event-driven reconciliation support to IAMPolicyMember.

1.99.0

• Added support for DataCatalogPolicyTag resource. This resource has been auto-generated and is in alpha stability.
• Added support for TagsTagKey resource. This resource has been auto-generated and is in alpha stability.
• Added support for TagsTagValue resource. This resource has been auto-generated and is in alpha stability.
• Fixed export error for IAMCustomRole in config-connector CLI with --resource-format=terraform.
• Added fields spec.configmanagement.oci and spec.mesh.controlPlane in GKEHubFeatureMembership.
• Added field spec.skipAwaitRollout in OSConfigOSPolicyAssignment.
• Removed field spec.authorizationPolicyRef in NetworkServicesGateway (Alpha).
• Added field spec.deletionPolicy in BigtableGCPolicy.
• Added field spec.deletionProtection in BigtableTable.
• Added field spec.cdnPolicy.cacheKeyPolicy.includeHttpHeaders in ComputeBackendService.
• Added fields spec.privateIpAddressRef, spec.redundantInterfaceRef, spec.subnetworkRef in ComputeRouterInterface.
• Added fields spec.recaptchaOptionsConfig, spec.rule.headerAction, spec.rule.preconfiguredWafConfig in ComputeSecurityPolicy.
• Added fields spec.clusterAutoscaling.autoProvisioningDefaults.management, spec.clusterAutoscaling.autoProvisioningDefaults.shieldedInstanceConfig spec.clusterAutoscaling.autoProvisioningDefaults.upgradeSettings, spec.gatewayApiConfig, spec.masterAuthorizedNetworksConfig.gcpPublicCidrsAccessEnabled, spec.nodeConfig.loggingVariant, spec.nodeConfig.resourceLabels, spec.nodePoolDefaults.nodeConfigDefaults.loggingVariant, spec.privateClusterConfig.privateEndpointSubnetworkRef in ContainerCluster.
• Added fields spec.networkConfig.enablePrivateNodes, spec.nodeConfig.loggingVariant, spec.nodeConfig.resourceLabels, spec.upgradeSettings.blueGreenSettings, spec.upgradeSettings.stategy in ContainerNodePool.
• Added field spec.privateVisibilityConfig.gkeClustersRef in DNSManagedZone.
• Added field spec.mesh.controlPlane in GKEHubFeatureMembership.
• Added field spec.deletionPolicy in SQLDatabase.
• Added fields spec.settings.connectorEnforcement, spec.settings.denyMaintenancePeriod, spec.settings.insightsConfig.queryPlansPerMinute in SQLInstance.
• Added field spec.autoclass in StorageBucket.
• Supported the regional spec.defaultRouteAction.requestMirrorPolicy.backendServiceRef, spec.defaultRouteAction.weightedBackendServices.backendServiceRef for the regional ComputeURLMap resources.
• Field spec.labels in CloudIdentityGroup has become mutable.
• Field spec.ipv6AccessType in ComputeSubnetwork has become mutable.
• Extended faster reconciliation of resources with dependencies to support IAMPartialPolicy.

1.98.0

• Added support for DataCatalogTaxonomy resource. This resource has been auto-generated and is in alpha stability.
• Added spec.maxTimeTravelHours field to BigQueryDataset.
• Added spec.build.step.script field to CloudBuildTrigger.
• Added spec.sourceDiskRef and status.sourceDiskId fields to ComputeDisk.
• Added spec.rules to ComputeRouterNAT.
• In ContainerCluster:
  • Added spec.clusterAutoscaling.autoProvisioningDefaults.diskSize field.
  • Fixed spec.datapathProvider field and it is now immutable.
  • Added mutation support to spec.nodeConfig.tags field.
• Added status.member field in IAMServiceAccount.
• Fixed spec.schemaSettings.encoding field in PubSubTopic and it is now immutable (#698).
• Added spec.settings.timeZone field in SQLInstance.

1.97.0

• Added spec.gcRules to BigtableGCPolicy (#624, #542, #482, #345, #300).
• Added spec.load.jsonExtension to BigQueryJob.
• Added spec.externalDataConfiguration.avroOptions to BigQueryTable.
• Added spec.compressionMode to ComputeBackendBucket.
• Added spec.compressionMode to ComputeBackendService.
• Added spec.advancedOptionsConfig.jsonCustomConfig to
  ComputeSecurityPolicy.
• Added spec.managementConfig.fullManagementConfig to ConfigControllerInstance.
• Added spec.nodeConfig.guestAccelerator[].gpuSharingConfig and
  spec.notificationConfig.pubsub.filter to ContainerCluster.
• Added spec.nodeConfig.guestAccelerator[].gpuSharingConfig to
  ContainerNodePool.
• Added spec.config.dataprocMetricConfig, spec.config.gceClusterConfig.confidentialInstanceConfig, spec.config.gceClusterConfig.shieldedInstanceConfig, spec.config.masterConfig.diskConfig.localSsdInterface, spec.config.metastoreConfig.dataprocMetastoreServiceRef, spec.config.secondaryWorkerConfig.diskConfig.localSsdInterface, spec.config.securityConfig, spec.config.workerConfig.diskConfig.localSsdInterface and spec.virtualClusterConfig to DataprocCluster.
• Added spec.cloudLoggingConfig to DNSManagedZone.
• Added spec.persistenceConfig to RedisInstance.
• Added status.version to SecretManagerSecretVersion.
• Added spec.maintenanceVersion and
  status.availableMaintenanceVersions to SQLInstance.
• Added spec.passwordPolicy to SQLUser.
• Added spec.customPlacementConfig to StorageBucket.
• Added spec.notificationConfig to StorageTransferJob (#303).
• Fixed: Moved SQLUser output-only field sqlServerUserDetails from
  spec to status.
• Added support for DLPJobTrigger resource.
• External contributors can now create a dev environment in which they can build and test a local copy of Config Connector. Instructions can be found here.

1.96.0

• Added support for "reconcile resource immediately once its dependency is ready" feature for all remaining resources.
• Added storageTarget to BigTableInstance (#729).
• Added location and BITBUCKET support to CloudBuildTrigger (#672).
• Added visibleCoreCount to ComputeInstance.
• Added visibleCoreCount to ComputeInstanceTemplate.
• Added snapshotProperties.chainName to ComputeResourcePolicies.
• Added chainName to ComputeSnapshot.
• Added certificateMapRef to ComputeTargetSSLProxy.
• Added costManagementConfig, nodePoolDefaults, serviceExternalIpsConfig to ContainerCluster.
• Added locationPolicy, totalMaxNodeCount, totalMinNodeCount to ContainerNodePool.
• Added channelRef and resourceConditions to EventarcTrigger.
• Added mesh to GKEHubFeatureMembership.
• Added forceDelete to MonitoringNotificationChannel.
• Removed labels from NetworkServicesGateway, NetworkServicesGRPCRoute, NetworkServicesHTTPRoute, NetworkServicesMesh, and NetworkServicesTCPRoute.
• Released new controller unmanaged-detector. Now if there is no Config Connector controller for a resource's namespace, that resource's status will show as "Unmanaged".
• Extended faster reconciliation of resources with dependencies to support IAMAuditConfig and IAMPolicy.
• Added support for DLPInspectTemplate resource.
• Fixed issue with DataprocCluster where resource creation was failing with error message Update call failed: error applying desired state: infeasible update: ({true }) would require recreation (#661).

1.95.0

• Added support for DLPDeidentifyTemplate resource.
• Added enableServiceLinks: false to all the pod configurations in Config Connecor installation bundle. This is to fix the issue users might encounter, standard_init_linux.go:228: exec user process caused: argument list too long, in Config Connector pods.

1.94.0

• Extended support for value absent in state-into-spec annotation to most Config Connector resources.
• Added spec.memberFrom.sqlInstanceRef field to IAMPolicyMember (#689).
• Added spec.bindings[].members[].memberFrom.sqlInstanceRef field to IAMPartialPolicy (#689).
• Removed the validation on spec.cluster.numNodes > 0 in BigtableInstance (#673).
• Added support for major version upgrades to SQLInstance (spec.databaseVersion is now mutable).
• Added spec.nodeConfig.reservationAffinity to ContainerCluster.
• Added spec.nodePoolAutoConfig to ContainerCluster.
• Added spec.nodeConfig.reservationAffinity to ContainerNodePool.
• Added spec.placement.managedCluster.config.gceClusterConfig.shieldedInstanceConfig to DataprocWorkflow.
• For NetworkServicesGateway (alpha):
  • Updated spec.authorizationPolicy to spec.authorizationPolicyRef.
  • Updated spec.serverTlsPolicy to spec.serverTlsPolicyRef.
• Removed spec.routers in NetworkServicsGRPCRoute (alpha) and NetworkServicsTCPRoute (alpha).
• Removed spec.routers and spec.rules.action.originalDestination in NetworkServicsHTTPRoute (alpha).