Releases: GoogleCloudPlatform/k8s-config-connector
1.38.1
Warning: Private GKE clusters are potentially impacted by a change included in this release of the node port the API server uses to communicate with the Config Connector webhooks from 443 (allowed by default) to 9443 (not allowed by default). Please ensure that 9443 is allowed by configuring your firewall rules according to the Adding firewall rules for specific use cases GKE private cluster documentation. This port will be reverted to 443 in future releases.
- Miscellaneous bug fixes
1.38.0
Warning: Private GKE clusters are potentially impacted by a change included in this release of the node port the API server uses to communicate with the Config Connector webhooks from 443 (allowed by default) to 9443 (not allowed by default). Please ensure that 9443 is allowed by configuring your firewall rules according to the Adding firewall rules for specific use cases GKE private cluster documentation. This port will be reverted to 443 in future releases.
- Added resourceID support to:
- ContainerCluster
- ContainerNodePool
- SourceRepoRepository
- AccessContextManager resources
- bug fix: enables 'config-connector bulk-export' to operate on LoggingLogSink resources
- Increased CPU and Memory limit for ConfigConnector Operator
1.37.0
Warning: Private GKE clusters are potentially impacted by a change included in this release of the node port the API server uses to communicate with the Config Connector webhooks from 443 (allowed by default) to 9443 (not allowed by default). Please ensure that 9443 is allowed by configuring your firewall rules according to the Adding firewall rules for specific use cases GKE private cluster documentation. This port will be reverted to 443 in future releases.
- Added a column
Status Age
showing the last transition time for the value inStatus
, and added the columnAge
back to the default output of kubectl get for all Config Connector resources. Improved the value atStatus
andReady
columns to match against the condition name. - Added
resourceID
support for:ArtifactRegistryRepository
Bigtable
resourcesDataflowJob
DNS
resourcesMonitoring
resourcesRedisInstance
ResourceManagerLien
SecretManagerSecret
Spanner
resourcesStorageTransferJob
- Fixed the issue with the legacy Common Name field on x509 certificate. Config Connector should be working on clusters of K8s 1.19+. (#335)
1.36.0
Warning: Private GKE clusters are potentially impacted by a change included in this release of the node port the API server uses to communicate with the Config Connector webhooks from 443 (allowed by default) to 9443 (not allowed by default). Please ensure that 9443 is allowed by configuring your firewall rules according to the Adding firewall rules for specific use cases GKE private cluster documentation. This port will be reverted to 443 in future releases.
- Added a column 'Ready' showing the value of the
.status.conditions[0]
(the ready condition), and associated Status to the default output ofkubectl get
for all Config Connector resources. - Added support for referencing an organization to
IAMCustomRole
. - Added a new sub-command to the CLI,
config-connector print-resources
which shows all config connector resources and their associated level ofexport
andbulk-export
support. - Reduce the memory usage of
deletiondefender
andcontroller-manager
in high-scale scenarios (1000+ resources under management). - Added
resourceID
support to theCompute
resources.
1.35.0
1.34.0
- Added support for IAM Member References. This allows users to create an
IAMPolicyMember
that references another resource as the IAM member (e.g.IAMServiceAccount
,LoggingLogSink
). For more information, see thememberFrom
field in the IAMPolicyMember reference documentation. Support for IAM Member References is added only toIAMPolicyMember
, notIAMPolicy
. Fixes #89. - Added support for the
GameServicesRealm
resource. - Added IAM support for
ComputeDisk
. - Added
cacheMode
,clientTtl
,defaultTtl
,maxTtl
,negativeCaching
,negativeCachingPolicy
,serveWhileStale
, andcustomResponseHeaders
fields toComputeBackendBucket
. - Added
customTimeBefore
,daysSinceCustomTime
,daysSinceNoncurrentTime
, andnoncurrentTimeBefore
fields toStorageBucket
. Fixes #309. - Allow for
IAMPolicy
,IAMPolicyMember
, andIAMAuditConfig
to reference resources in other namespaces. Fixes #320. - Added support for
UpdateFailed
,DeleteFailed
,DependencyNotFound
, andDependencyNotReady
events toIAMPolicy
,IAMPoicyMember
,IAMAuditConfig
. - Allow for
Project
andFolder
resources to be migrated across folders and organizations by updating thefolder-id
/organization-id
annotation. Only folder-to-folder or organization-to-organization migrations are allowed; folder-to-organization migrations or vice versa are not yet supported. Fixes #181. - Miscellaneous bug fixes.
1.33.0
- Added support for the
ComputeProjectMetadata
resource - Updated
ContainerCluster
samples to include a VPC-native scenario - Added
resourceID
field toServiceUsageService
andStorageNotification
- Added IAM support to
BigtableTable
DataflowJobs
can now be acquired by name- Added
computeResponseHeaders
field toComputeBackendService
- Added
maintenancePolicy.maintenanceExclusion
field toContainerCluster
- Added
description
anddisabled
fields toLoggingLogSink
- Miscellaneous bug fixes
1.32.0
- Add
resourceID
field toFolder
,BigQueryTable
,BigQueryJob
, andBigQueryDataset
. (#147, #128) - Add
customResponseHeaders
field toComputeBackendService
. - Add
maintenancePolicy.maintenanceExclusion
field toContainerCluster
. - Add
description
anddisabled
fields toLoggingLogSink
. - Add "ORC" as a new available value to the CRD description of
externalDataConfiguration.sourceFormat
field inBigQueryTable
. - Fix the bug that the actual Bigtable GC Policy can't be created via the Config Connector resource. (#300)
1.31.1
Miscellaneous fixes and improvements
1.31.0
- Added support for the
ComputeTargetGRPCProxy
resource - Added support for the
ResourceManagerLien
resource - Fixed issue where
IAMPolicyMember
andIAMPolicy
resources cannot be deleted if an invalid
configuration is applied (such as referencing a non-existent resource) - Fixed issue where notificationConfig.pubsub.topicRef was not usable