- Add the
IAMAuditConfig
resource - The
webhook
anddeletiondefender
admission handlers now persist their generated certificates into a Secret and reload on startup - Added cloud log severity to log messages
- Improved the scalability of the
webhook
admission handler process- Added horizontal pod autoscaling at 60% CPU utilization to the
webhook
pod - Increased the
webhook
pod's CPU limit in namespaced mode from 40m to 100m - Removed the memory 'requests' of 32Mi so the pod is always at the 64Mi limit
- Added horizontal pod autoscaling at 60% CPU utilization to the
- Reduced the load on the API server when the
deletiondefender
is restarted - Added custom access level conditions to
AccessContextManagerAccessLevel
CloudBuildTrigger
- Added the ability to reference a
StorageBucket
for logs - Added the
queueTtl
,secret
,source
,substitutions
,invertRegex
andtags
fields
- Added the ability to reference a
ComputeBackendService
no longer requires thehealthChecks
field- Added the
logConfig
field toComputeFirewall
- Added the
grpcHealthCheck
field toComputeHealthCheck
ComputeImage
- Added the ability to reference a source
ComputeImage
- Added the ability to reference a
ComputeSnapshot
- Added the ability to reference a source
- Added the
confidentialInstanceConfig
field toComputeInstance
andComputeInstanceTemplate
- Added the
exportSubnetRoutesWithPublicIp
field toComputeNetworkPeering
- Added the
filterExpr
andmetadataFields
fields toComputeSubNetwork
- Added the
defaultRouteAction
field toComputeURLMap
- Added the
clusterTelemetry
,defaultSnatStatus
,networkingMode
,kubeletConfig
,linuxNodeConfig
, andmasterGlobalAccessConfig
fields toContainerCluster
- Added the
publicKeyData
field toIAMServiceAccountKey
- Added the
enableMessageOrdering
,filter
, andretryPolicy
fields toPubSubSubscription
- Added the
persistenceIamIdentity
flag toRedisInstance
- Added the
uniformBucketLevelAccess
field toStorageBucket
- Added the ability to reference a
KMSCryptoKey
toArtifactRegistryRepository
- Added the
schema
field toBigQueryTable