1.106.0

• Added support for customization on cnrm-webhook-manager, cnrm-controller-manager, cnrm-resource-stats-recorder and cnrm-deletiondefender pods resource requests/limits.
• Added support for RunJob resource.
• Optimized HPA rule for cnrm-webhook-manager with new memory targetAverageUtilization.
• Added support for KMS key deletion when being orphaned.
• Disabled abandon-on-uninstall webhook.
• Resource VPCAccessConnector(v1beta1):
  • Added status.selfLink field.
• Resource ComputeDisk(v1beta1):
  • Added spec.guestOsFeatures field.
  • Added spec.licenses field.
• Resource ComputeImage(v1beta1):
  • Added spec.storageLocations field.
• Resource DataflowFlexTemplateJob(v1beta1):
  • Added status.type field.
• Resource DatastreamStream(v1alpha1):
  • Added spec.sourceConfig.mysqlSourceConfig.maxConcurrentBackfillTasks field.
• Resource GKEHubFeature(v1beta1):
  • Added spec.spec.fleetobservability field.
• Resource MonitoringAlertPolicy(v1beta1):
  • Added spec.alertStrategy.notificationChannelStrategy field.
  • Added spec.conditions.items.conditionThreshold.forecastOptions field.
• Resource SQLInstance(v1beta1):
  • Added spec.settings.advancedMachineFeatures field.
• Resource StorageTransferJob(v1beta1):
  • Added spec.transferSpec.awsS3DataSource.path field.

1.105.0

• Resource AlloyDBBackup(v1alpha1):
  • Added spec.encryptionConfig field.
  • Added status.encryptionInfo field.
• Resource AlloyDBCluster(v1alpha1):
  • Added spec.encryptionConfig field.
  • Added spec.automatedBackupPolicy.encryptionConfig field.
  • Added status.encryptionInfo field.
• Resource BigQueryJob(v1beta1):
  • Added spec.load.parquetOptions field.
• Resource CertificateManagerCertificate(v1alpha1):
  • Added spec.location field.
• Resource CloudBuildTrigger(v1beta1):
  • Added spec.build.step.items.allowExitCodes field.
  • Added spec.build.step.items.allowFailure field.
  • Added spec.gitFileSource.repositoryRef field.
  • Added spec.sourceToBuild.repositoryRef field.
• Resource ComputeBackendService(v1beta1):
  • Added spec.cdnPolicy.bypassCacheOnRequestHeaders field.
• Resource ComputeDisk(v1beta1):
  • Added spec.asyncPrimaryDisk.diskRef field.
• Resource ComputeForwardingRule(v1beta1):
  • Added spec.allowPscGlobalAccess field.
  • Added spec.sourceIpRanges field.
  • Added status.baseForwardingRule field.
• Resource ComputeNetworkPeering(v1beta1):
  • Added spec.stackType field.
• Resource ComputeResourcePolicy(v1beta1):
  • Added spec.diskConsistencyGroupPolicy field.
• Resource ComputeRouterPeer(v1beta1):
  • Added spec.enableIpv6 field.
  • Added spec.ipv6NexthopAddress field.
  • Added spec.peerIpv6NexthopAddress field.
• Resource ContainerCluster(v1beta1):
  • Added spec.addonsConfig.gcsFuseCsiDriverConfig field.
• Resource VertexAIEndpoint(v1alpha1):
  • Added spec.region field.
• Resource WorkflowsWorkflow(v1alpha1):
  • Added spec.cryptoKeyName field.
• Resource WorkstationsWorkstationCluster(v1alpha1):
  • Added status.resourceConditions field.
  • Restructured status.conditions field to be consistent with status.conditions field of any Config Connector kind.
• Fixed the issue that the SecretManagerSecretVersion resource stuck in DeleteFailed state when it's deleted after the referenced SecretManagerSecret is deleted.

1.104.0

• Resource ComputeFirewallPolicyRule(v1beta1):
  • Added spec.match.destAddressGroups field.
  • Added spec.match.destFqdns field.
  • Added spec.match.destRegionCodes field.
  • Added spec.match.destThreatIntelligences field.
  • Added spec.match.srcAddressGroups field.
  • Added spec.match.srcFqdns field.
  • Added spec.match.srcRegionCodes field.
  • Added spec.match.srcThreatIntelligences field.
• Resource IAMWorkforcePoolProvider(v1beta1):
  • Added spec.oidc.webSsoConfig field.
• Config Connector CLI tool will now export cluster information for BigTableInstance.
• Resources with a reconcile period of 0 will no longer attempt to reconcile when pods are recreated (#795).

1.103.0

• Fixed an issue in resource PrivateCACAPool to support setting maxIssuerPathLength field as 0.
• Added support for manual installation in GKE Autopilot.
• Fixed set blockOwnerDeletion failures for OwnerReferencesPermissionEnforcement enabled clusters #797
• Optimized ratelimiter for IAMPolicyMember controller to make sure new resources get reconciled timely.
• Resource ArtifactRegistryRepository(v1beta1):
  • Added spec.dockerConfig field.
• Resource BigQueryDataset(v1beta1):
  • Added spec.defaultCollation field.
  • Added spec.isCaseInsensitive field.
• Resource ComputeInstance(v1beta1):
  • Added spec.scratchDisk.items.size field.
• Resource ComputeInstanceTemplate(v1beta1):
  • Added status.selfLinkUnique field.
• Resource ComputeNetwork(v1beta1):
  • Added spec.networkFirewallPolicyEnforcementOrder field.
• Resource ComputeVPNGateway(v1beta1):
  • Added spec.stackType field.
• Resource ContainerCluster(v1beta1):
  • Added spec.ipAllocationPolicy.podCidrOverprovisionConfig field.
  • Added spec.ipAllocationPolicy.stackType field.
  • Added spec.nodeConfig.advancedMachineFeatures field.
  • Added spec.nodeConfig.ephemeralStorageLocalSsdConfig field.
  • Added spec.nodeConfig.localNvmeSsdBlockConfig field.
• Resource ContainerNodePool(v1beta1):
  • Added spec.networkConfig.podCidrOverprovisionConfig field.
  • Added spec.nodeConfig.advancedMachineFeatures field.
  • Added spec.nodeConfig.ephemeralStorageLocalSsdConfig field.
  • Added spec.nodeConfig.localNvmeSsdBlockConfig field.
• Resource PrivateCACAPool(v1beta1):
  • Added spec.issuancePolicy.baselineValues.caOptions.zeroMaxIssuerPathLength field.
• Resource PrivateCACertificateAuthority(v1beta1):
  • Added spec.config.x509Config.caOptions.zeroMaxIssuerPathLength field.
• Resource StorageTransferJob(v1beta1):
  • Added spec.transferSpec.objectConditions.lastModifiedBefore field.
  • Added spec.transferSpec.objectConditions.lastModifiedSince field.
• Added 136 v1alpha1 Google Cloud resource CRDs. See Install instructions for more information.

1.102.0

• Added support for IAMAccessBoundaryPolicy resource.
• Introduced configurable reconciliation interval feature.
• Switched prometheus-to-sd image from k8s.gcr.io to gke.gcr.io for private GKE cluster #789
• Fixed a bug causing diff detection on reservedIpRange in RedisInstance.
• Added mode, remoteRepositoryConfig, virtualRepositoryConfig fields to
  ArtifactRegistryRepository.
• Added scheduling.maintenanceInterval field to ComputeInstance.
• Added scheduling.maintenanceInterval field to ComputeInstanceTemplate.
• Added groupPlacementPolicy.maxDistance field to ComputeResourcePolicy.
• Added deletionPolicy field to ComputeSharedVPCServiceProject.
• Added protectConfig field to ContainerCluster.
• Added transferSpec.sinkAgentPoolName,
  transferSpec.sourceAgentPoolName fields to StorageTransferJob.
• Added spec.bitbucketServerTriggerConfig, spec.github.enterpriseConfigResourceNameRef fields to CloudBuildTrigger.
• Added spec.diskEncryptionKey.rsaEncryptedKey field to ComputeDisk.
• Added spec.rateLimitOptions.enforceOnKeyConfigs field to ComputeSecurityPolicy.
• Added spec.kubeletConfig.podPidsLimit field to ContainerCluster.
• Added spec.kubeletConfig.podPidsLimit field to ContainerNodePool.
• Added spec.instanceType field to SQLInstance.

1.101.0

• Disabled fast dependency reconciliation during resource deletion.
• Adjusted default reconciliation interval for the following resources:
  • BigtableInstance: 3600 seconds (1 hour)
  • BigtableTable: 3600 seconds (1 hour)
  • ServiceUsage: 3600 seconds (1 hour)
  • ComputeSslCertificate: 0 seconds (This resource does not support any updates, so reconciliation is not useful.)
• Graduated the following resources from alpha to stable: NetworkServicesGateway, NetworkServicesGRPCRoute, NetworkServicesHTTPRoute, NetworkServicesMesh, NetworkServicesTCPRoute, NetworkServicesTLSRoute.
• Removed GameServicesRealm resource.
• Added spec.externalDataConfiguration.referenceFileSchemaUri field to BigQueryTable.
• Added spec.gitFileSource.githubEnterpriseConfigRef, spec.repositoryEventConfig and spec.sourceToBuild.githubEnterpriseConfigRef fields to CloudBuildTrigger.
• Added spec.edgeSecurityPolicyRef and spec.localityLbPolicies fields to ComputeBackendService.
• Added spec.scheduling.maxRunDuration field to ComputeInstance.
• Added spec.resourcePolicies and spec.scheduling.maxRunDuration fields to ComputeInstanceTemplate.
• Added spec.shareSettings field to ComputeNodeGroup.
• Added spec.tcpTimeWaitTimeoutSec field to ComputeRouterNAT (#692).
• Added spec.adaptiveProtectionConfig.autoDeployConfig field to ComputeSecurityPolicy.
• Added spec.bindings.members.memberFrom.serviceIdentityRef field to IAMPartialPolicy (#722).
• Added spec.memberFrom.serviceIdentityRef field to IAMPolicyMember (#722).
• In SQLInstance:
  • spec.settings.diskType is now immutable.
  • Added spec.ipConfiguration.enablePrivatePathForGoogleCloudServices field.
• Fixed a bug that could cause controllers to become stuck on an outdated CRD version.
• Updated optional status fields in Config Connector Go client library to be consistent with optional spec fields. This updates some existing status fields to pointer types and is a breaking change to the Go client library users.

1.100.0

• Added support for BigQueryRoutine resource. This resource has been auto-generated and is in alpha stability (#739).
• Added support for TagsTagBinding resource. This resource has been auto-generated and is in alpha stability.
• Added support for PubSubLiteReservation resource.
• Added support for ServiceIdentity resource (#728).
• Added field status.generatedId in ComputeBackendService.
• Added field spec.imagedEncryptionKey in ComputeImage.
• Added fields spec.disk.sourceImageEncryptionKey, spec.disk.sourceSnapshotRef, and spec.disk.sourceSnapshotEncryptionKey in ComputeInstanceTemplate.
• Added field spec.routerApplianceInstanceRef in ComputeRouterPeer.
• Added field status.expireTime in ComputeSSLCertificate.
• In SQLInstance:
  • Added fields spec.settings.deletionProtectionEnabled and status.instanceType (#748).
  • Field spec.settings.sqlServerAuditConfig.bucketRef is no longer required.
• Supported IAMPolicy, IAMPartialPolicy and IAMPolicyMember for DNSManagedZone.
• abandon-on-uninstall webhook will now ignore non-Config Connector CRDs (#758).
• Extended event-driven reconciliation support to IAMPolicyMember.

1.99.0

• Added support for DataCatalogPolicyTag resource. This resource has been auto-generated and is in alpha stability.
• Added support for TagsTagKey resource. This resource has been auto-generated and is in alpha stability.
• Added support for TagsTagValue resource. This resource has been auto-generated and is in alpha stability.
• Fixed export error for IAMCustomRole in config-connector CLI with --resource-format=terraform.
• Added fields spec.configmanagement.oci and spec.mesh.controlPlane in GKEHubFeatureMembership.
• Added field spec.skipAwaitRollout in OSConfigOSPolicyAssignment.
• Removed field spec.authorizationPolicyRef in NetworkServicesGateway (Alpha).
• Added field spec.deletionPolicy in BigtableGCPolicy.
• Added field spec.deletionProtection in BigtableTable.
• Added field spec.cdnPolicy.cacheKeyPolicy.includeHttpHeaders in ComputeBackendService.
• Added fields spec.privateIpAddressRef, spec.redundantInterfaceRef, spec.subnetworkRef in ComputeRouterInterface.
• Added fields spec.recaptchaOptionsConfig, spec.rule.headerAction, spec.rule.preconfiguredWafConfig in ComputeSecurityPolicy.
• Added fields spec.clusterAutoscaling.autoProvisioningDefaults.management, spec.clusterAutoscaling.autoProvisioningDefaults.shieldedInstanceConfig spec.clusterAutoscaling.autoProvisioningDefaults.upgradeSettings, spec.gatewayApiConfig, spec.masterAuthorizedNetworksConfig.gcpPublicCidrsAccessEnabled, spec.nodeConfig.loggingVariant, spec.nodeConfig.resourceLabels, spec.nodePoolDefaults.nodeConfigDefaults.loggingVariant, spec.privateClusterConfig.privateEndpointSubnetworkRef in ContainerCluster.
• Added fields spec.networkConfig.enablePrivateNodes, spec.nodeConfig.loggingVariant, spec.nodeConfig.resourceLabels, spec.upgradeSettings.blueGreenSettings, spec.upgradeSettings.stategy in ContainerNodePool.
• Added field spec.privateVisibilityConfig.gkeClustersRef in DNSManagedZone.
• Added field spec.mesh.controlPlane in GKEHubFeatureMembership.
• Added field spec.deletionPolicy in SQLDatabase.
• Added fields spec.settings.connectorEnforcement, spec.settings.denyMaintenancePeriod, spec.settings.insightsConfig.queryPlansPerMinute in SQLInstance.
• Added field spec.autoclass in StorageBucket.
• Supported the regional spec.defaultRouteAction.requestMirrorPolicy.backendServiceRef, spec.defaultRouteAction.weightedBackendServices.backendServiceRef for the regional ComputeURLMap resources.
• Field spec.labels in CloudIdentityGroup has become mutable.
• Field spec.ipv6AccessType in ComputeSubnetwork has become mutable.
• Extended faster reconciliation of resources with dependencies to support IAMPartialPolicy.

1.98.0

• Added support for DataCatalogTaxonomy resource. This resource has been auto-generated and is in alpha stability.
• Added spec.maxTimeTravelHours field to BigQueryDataset.
• Added spec.build.step.script field to CloudBuildTrigger.
• Added spec.sourceDiskRef and status.sourceDiskId fields to ComputeDisk.
• Added spec.rules to ComputeRouterNAT.
• In ContainerCluster:
  • Added spec.clusterAutoscaling.autoProvisioningDefaults.diskSize field.
  • Fixed spec.datapathProvider field and it is now immutable.
  • Added mutation support to spec.nodeConfig.tags field.
• Added status.member field in IAMServiceAccount.
• Fixed spec.schemaSettings.encoding field in PubSubTopic and it is now immutable (#698).
• Added spec.settings.timeZone field in SQLInstance.

1.97.0

• Added spec.gcRules to BigtableGCPolicy (#624, #542, #482, #345, #300).
• Added spec.load.jsonExtension to BigQueryJob.
• Added spec.externalDataConfiguration.avroOptions to BigQueryTable.
• Added spec.compressionMode to ComputeBackendBucket.
• Added spec.compressionMode to ComputeBackendService.
• Added spec.advancedOptionsConfig.jsonCustomConfig to
  ComputeSecurityPolicy.
• Added spec.managementConfig.fullManagementConfig to ConfigControllerInstance.
• Added spec.nodeConfig.guestAccelerator[].gpuSharingConfig and
  spec.notificationConfig.pubsub.filter to ContainerCluster.
• Added spec.nodeConfig.guestAccelerator[].gpuSharingConfig to
  ContainerNodePool.
• Added spec.config.dataprocMetricConfig, spec.config.gceClusterConfig.confidentialInstanceConfig, spec.config.gceClusterConfig.shieldedInstanceConfig, spec.config.masterConfig.diskConfig.localSsdInterface, spec.config.metastoreConfig.dataprocMetastoreServiceRef, spec.config.secondaryWorkerConfig.diskConfig.localSsdInterface, spec.config.securityConfig, spec.config.workerConfig.diskConfig.localSsdInterface and spec.virtualClusterConfig to DataprocCluster.
• Added spec.cloudLoggingConfig to DNSManagedZone.
• Added spec.persistenceConfig to RedisInstance.
• Added status.version to SecretManagerSecretVersion.
• Added spec.maintenanceVersion and
  status.availableMaintenanceVersions to SQLInstance.
• Added spec.passwordPolicy to SQLUser.
• Added spec.customPlacementConfig to StorageBucket.
• Added spec.notificationConfig to StorageTransferJob (#303).
• Fixed: Moved SQLUser output-only field sqlServerUserDetails from
  spec to status.
• Added support for DLPJobTrigger resource.
• External contributors can now create a dev environment in which they can build and test a local copy of Config Connector. Instructions can be found here.