1.25.0

Warning: This release contains the issue described in #288 413 Request Entity Too Large. Please either uninstall and reinstall 1.23.0, or upgrade to 1.26.0, which contains a fix.

• Support export sub-command in the config-connector CLI (doc)
• Add support for the AccessContextManagerServicePerimeter resource
• Add support for Folder-level IAM Audit Configs
• Fix deadLetterTopicRef in the PubSubSubscription resource (Issue #281)

1.24.0

Warning: This release contains the issue described in #288 413 Request Entity Too Large. Please either uninstall and reinstall 1.23.0, or upgrade to 1.26.0, which contains a fix.

• Add support for the DataflowFlexTemplateJob resource
• Add the transformNameMapping field to DataflowJob
• Add the auditConfigs field to IAMPolicy
• Add the loadBalancerType, datapathProvider, and notificationConfig fields to ContainerCluster
• Add the artifacts and options fields to CloudBuildTrigger
• Add support for the GRPC protocol for ComputeBackendService
• Add logic to auto-trigger server-side apply metadata on resources on K8s clusters with server-side apply enabled (i.e. K8s 1.16+)
• Fix issue where kubectl get gcp did not include IAMPolicy, IAMPolicyMember, and IAMAuditConfig resources (Issue #286)

1.23.0

add iam support for ComputeImage
fix the issue that IAMPolicy cannot be deleted when externally referenced resource does not exist
Fix infinite diff on spec.minMasterVersion

1.22.0

• Fixed #269: license in ComputeImage image-from-url-raw sample is now valid
• Improved scalability for webhook in all modes
• Improved scalability for deletiondefender in namespaced mode
• Added selfLink field to ContainerCluster
• Added the ability to reference a ComputeNetwork to ComputeTargetInstance
• ComputeSnapshot:
  • Added the ability to reference a SnapshotEncryptionKey KMSCryptoKey
  • Added the ability to reference a SnapshotEncryptionKey's respective IAMServiceAccount
  • Added the ability to reference a SourceDiskEncrytpionKey's respective IAMServiceAccount
• ComputeDisk:
  • Added the ability to reference a DiskEncryptionKey's respective IAMServiceAccount
  • Added the ability to reference a SourceImageEncryptionKey's respective IAMServiceAccount
  • Added the ability to reference a SourceSnapshotEncryptionKey's respective IAMServiceAccount

1.21.1

• Fixed a bug which prevented Config Connector from starting in namespaced mode on 1.21.0

1.21.0

• Add the IAMAuditConfig resource
• The webhook and deletiondefender admission handlers now persist their generated certificates into a Secret and reload on startup
• Added cloud log severity to log messages
• Improved the scalability of the webhook admission handler process
  • Added horizontal pod autoscaling at 60% CPU utilization to the webhook pod
  • Increased the webhook pod's CPU limit in namespaced mode from 40m to 100m
  • Removed the memory 'requests' of 32Mi so the pod is always at the 64Mi limit
• Reduced the load on the API server when the deletiondefender is restarted
• Added custom access level conditions to AccessContextManagerAccessLevel
• CloudBuildTrigger
  • Added the ability to reference a StorageBucket for logs
  • Added the queueTtl, secret, source, substitutions, invertRegex and tags fields
• ComputeBackendService no longer requires the healthChecks field
• Added the logConfig field to ComputeFirewall
• Added the grpcHealthCheck field to ComputeHealthCheck
• ComputeImage
  • Added the ability to reference a source ComputeImage
  • Added the ability to reference a ComputeSnapshot
• Added the confidentialInstanceConfig field to ComputeInstance and ComputeInstanceTemplate
• Added the exportSubnetRoutesWithPublicIp field to ComputeNetworkPeering
• Added the filterExpr and metadataFields fields to ComputeSubNetwork
• Added the defaultRouteAction field to ComputeURLMap
• Added the clusterTelemetry, defaultSnatStatus, networkingMode, kubeletConfig, linuxNodeConfig , and masterGlobalAccessConfig fields to ContainerCluster
• Added the publicKeyData field to IAMServiceAccountKey
• Added the enableMessageOrdering, filter, and retryPolicy fields to PubSubSubscription
• Added the persistenceIamIdentity flag to RedisInstance
• Added the uniformBucketLevelAccess field to StorageBucket
• Added the ability to reference a KMSCryptoKey to ArtifactRegistryRepository
• Added the schema field to BigQueryTable

1.20.1

• fixes #254: Default description of DNSManagedZone is "Managed by Terraform"
• fixes #261: missing status for IAMPolicy after successful reconcile for exiting and up to date storage bucket policy

1.20.0

• Additional logging around a lock for the registration controller, to help enable performance diagnostics
• BigtableInstance: omitting numNodes is now allowed, which permanently sets the resource to unmanaged numNodes. This
  is useful in the case of having a different system manage the node count.

1.19.1

• Support referencing org-level IAM custom roles for IAMPolicy/IAMPolicyMember, fix issue [#78]
• Increase support for cross-project references, fix issue[#258]

1.19.0

• Add support for configuring Bigtable garbage collection policies with the BigtableGCPolicy resource
• Fix issue where SQLUser would constantly update despite there being no changes
• Fix issue where deletion defender would sometimes panic during uninstallation of Config Connector, thereby preventing uninstallation to complete
• Performance improvements