google-apis-container_v1 0.43.0 → 0.89.0

data/lib/google/apis/container_v1/classes.rb

@@ -37,6 +37,12 @@ module Google
         # @return [String]
         attr_accessor :accelerator_type
       
+        # GPUDriverInstallationConfig specifies the version of GPU driver to be auto
+        # installed.
+        # Corresponds to the JSON property `gpuDriverInstallationConfig`
+        # @return [Google::Apis::ContainerV1::GpuDriverInstallationConfig]
+        attr_accessor :gpu_driver_installation_config
+      
         # Size of partitions to create on the GPU. Valid values are described in the
         # NVIDIA [mig user guide](https://docs.nvidia.com/datacenter/tesla/mig-user-
         # guide/#partitioning).
@@ -58,11 +64,104 @@ module Google
         def update!(**args)
           @accelerator_count = args[:accelerator_count] if args.key?(:accelerator_count)
           @accelerator_type = args[:accelerator_type] if args.key?(:accelerator_type)
+          @gpu_driver_installation_config = args[:gpu_driver_installation_config] if args.key?(:gpu_driver_installation_config)
           @gpu_partition_size = args[:gpu_partition_size] if args.key?(:gpu_partition_size)
           @gpu_sharing_config = args[:gpu_sharing_config] if args.key?(:gpu_sharing_config)
         end
       end
       
+      # AdditionalNodeNetworkConfig is the configuration for additional node networks
+      # within the NodeNetworkConfig message
+      class AdditionalNodeNetworkConfig
+        include Google::Apis::Core::Hashable
+      
+        # Name of the VPC where the additional interface belongs
+        # Corresponds to the JSON property `network`
+        # @return [String]
+        attr_accessor :network
+      
+        # Name of the subnetwork where the additional interface belongs
+        # Corresponds to the JSON property `subnetwork`
+        # @return [String]
+        attr_accessor :subnetwork
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @network = args[:network] if args.key?(:network)
+          @subnetwork = args[:subnetwork] if args.key?(:subnetwork)
+        end
+      end
+      
+      # AdditionalPodNetworkConfig is the configuration for additional pod networks
+      # within the NodeNetworkConfig message
+      class AdditionalPodNetworkConfig
+        include Google::Apis::Core::Hashable
+      
+        # Constraints applied to pods.
+        # Corresponds to the JSON property `maxPodsPerNode`
+        # @return [Google::Apis::ContainerV1::MaxPodsConstraint]
+        attr_accessor :max_pods_per_node
+      
+        # The name of the network attachment for pods to communicate to; cannot be
+        # specified along with subnetwork or secondary_pod_range.
+        # Corresponds to the JSON property `networkAttachment`
+        # @return [String]
+        attr_accessor :network_attachment
+      
+        # The name of the secondary range on the subnet which provides IP address for
+        # this pod range.
+        # Corresponds to the JSON property `secondaryPodRange`
+        # @return [String]
+        attr_accessor :secondary_pod_range
+      
+        # Name of the subnetwork where the additional pod network belongs.
+        # Corresponds to the JSON property `subnetwork`
+        # @return [String]
+        attr_accessor :subnetwork
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @max_pods_per_node = args[:max_pods_per_node] if args.key?(:max_pods_per_node)
+          @network_attachment = args[:network_attachment] if args.key?(:network_attachment)
+          @secondary_pod_range = args[:secondary_pod_range] if args.key?(:secondary_pod_range)
+          @subnetwork = args[:subnetwork] if args.key?(:subnetwork)
+        end
+      end
+      
+      # AdditionalPodRangesConfig is the configuration for additional pod secondary
+      # ranges supporting the ClusterUpdate message.
+      class AdditionalPodRangesConfig
+        include Google::Apis::Core::Hashable
+      
+        # Output only. Information for additional pod range.
+        # Corresponds to the JSON property `podRangeInfo`
+        # @return [Array<Google::Apis::ContainerV1::RangeInfo>]
+        attr_accessor :pod_range_info
+      
+        # Name for pod secondary ipv4 range which has the actual range defined ahead.
+        # Corresponds to the JSON property `podRangeNames`
+        # @return [Array<String>]
+        attr_accessor :pod_range_names
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @pod_range_info = args[:pod_range_info] if args.key?(:pod_range_info)
+          @pod_range_names = args[:pod_range_names] if args.key?(:pod_range_names)
+        end
+      end
+      
       # Configuration for the addons that can be automatically spun up in the cluster,
       # enabling additional functionality.
       class AddonsConfig
@@ -93,6 +192,11 @@ module Google
         # @return [Google::Apis::ContainerV1::GcpFilestoreCsiDriverConfig]
         attr_accessor :gcp_filestore_csi_driver_config
       
+        # Configuration for the Cloud Storage Fuse CSI driver.
+        # Corresponds to the JSON property `gcsFuseCsiDriverConfig`
+        # @return [Google::Apis::ContainerV1::GcsFuseCsiDriverConfig]
+        attr_accessor :gcs_fuse_csi_driver_config
+      
         # Configuration for the Backup for GKE Agent.
         # Corresponds to the JSON property `gkeBackupAgentConfig`
         # @return [Google::Apis::ContainerV1::GkeBackupAgentConfig]
@@ -123,6 +227,21 @@ module Google
         # @return [Google::Apis::ContainerV1::NetworkPolicyConfig]
         attr_accessor :network_policy_config
       
+        # Configuration for the Cloud Storage Parallelstore CSI driver.
+        # Corresponds to the JSON property `parallelstoreCsiDriverConfig`
+        # @return [Google::Apis::ContainerV1::ParallelstoreCsiDriverConfig]
+        attr_accessor :parallelstore_csi_driver_config
+      
+        # Configuration options for the Ray Operator add-on.
+        # Corresponds to the JSON property `rayOperatorConfig`
+        # @return [Google::Apis::ContainerV1::RayOperatorConfig]
+        attr_accessor :ray_operator_config
+      
+        # Configuration for the Stateful HA add-on.
+        # Corresponds to the JSON property `statefulHaConfig`
+        # @return [Google::Apis::ContainerV1::StatefulHaConfig]
+        attr_accessor :stateful_ha_config
+      
         def initialize(**args)
            update!(**args)
         end
@@ -134,11 +253,49 @@ module Google
           @dns_cache_config = args[:dns_cache_config] if args.key?(:dns_cache_config)
           @gce_persistent_disk_csi_driver_config = args[:gce_persistent_disk_csi_driver_config] if args.key?(:gce_persistent_disk_csi_driver_config)
           @gcp_filestore_csi_driver_config = args[:gcp_filestore_csi_driver_config] if args.key?(:gcp_filestore_csi_driver_config)
+          @gcs_fuse_csi_driver_config = args[:gcs_fuse_csi_driver_config] if args.key?(:gcs_fuse_csi_driver_config)
           @gke_backup_agent_config = args[:gke_backup_agent_config] if args.key?(:gke_backup_agent_config)
           @horizontal_pod_autoscaling = args[:horizontal_pod_autoscaling] if args.key?(:horizontal_pod_autoscaling)
           @http_load_balancing = args[:http_load_balancing] if args.key?(:http_load_balancing)
           @kubernetes_dashboard = args[:kubernetes_dashboard] if args.key?(:kubernetes_dashboard)
           @network_policy_config = args[:network_policy_config] if args.key?(:network_policy_config)
+          @parallelstore_csi_driver_config = args[:parallelstore_csi_driver_config] if args.key?(:parallelstore_csi_driver_config)
+          @ray_operator_config = args[:ray_operator_config] if args.key?(:ray_operator_config)
+          @stateful_ha_config = args[:stateful_ha_config] if args.key?(:stateful_ha_config)
+        end
+      end
+      
+      # AdvancedDatapathObservabilityConfig specifies configuration of observability
+      # features of advanced datapath.
+      class AdvancedDatapathObservabilityConfig
+        include Google::Apis::Core::Hashable
+      
+        # Expose flow metrics on nodes
+        # Corresponds to the JSON property `enableMetrics`
+        # @return [Boolean]
+        attr_accessor :enable_metrics
+        alias_method :enable_metrics?, :enable_metrics
+      
+        # Enable Relay component
+        # Corresponds to the JSON property `enableRelay`
+        # @return [Boolean]
+        attr_accessor :enable_relay
+        alias_method :enable_relay?, :enable_relay
+      
+        # Method used to make Relay available
+        # Corresponds to the JSON property `relayMode`
+        # @return [String]
+        attr_accessor :relay_mode
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @enable_metrics = args[:enable_metrics] if args.key?(:enable_metrics)
+          @enable_relay = args[:enable_relay] if args.key?(:enable_relay)
+          @relay_mode = args[:relay_mode] if args.key?(:relay_mode)
         end
       end
       
@@ -146,6 +303,12 @@ module Google
       class AdvancedMachineFeatures
         include Google::Apis::Core::Hashable
       
+        # Whether or not to enable nested virtualization (defaults to false).
+        # Corresponds to the JSON property `enableNestedVirtualization`
+        # @return [Boolean]
+        attr_accessor :enable_nested_virtualization
+        alias_method :enable_nested_virtualization?, :enable_nested_virtualization
+      
         # The number of threads per physical core. To disable simultaneous
         # multithreading (SMT) set this to 1. If unset, the maximum number of threads
         # supported per core by the underlying processor is assumed.
@@ -159,6 +322,7 @@ module Google
       
         # Update properties of this object
         def update!(**args)
+          @enable_nested_virtualization = args[:enable_nested_virtualization] if args.key?(:enable_nested_virtualization)
           @threads_per_core = args[:threads_per_core] if args.key?(:threads_per_core)
         end
       end
@@ -196,14 +360,14 @@ module Google
       class AutoUpgradeOptions
         include Google::Apis::Core::Hashable
       
-        # [Output only] This field is set when upgrades are about to commence with the
+        # Output only. This field is set when upgrades are about to commence with the
         # approximate start time for the upgrades, in [RFC3339](https://www.ietf.org/rfc/
         # rfc3339.txt) text format.
         # Corresponds to the JSON property `autoUpgradeStartTime`
         # @return [String]
         attr_accessor :auto_upgrade_start_time
       
-        # [Output only] This field is set when upgrades are about to commence with the
+        # Output only. This field is set when upgrades are about to commence with the
         # description of the upgrade.
         # Corresponds to the JSON property `description`
         # @return [String]
@@ -230,6 +394,82 @@ module Google
         attr_accessor :enabled
         alias_method :enabled?, :enabled
       
+        # WorkloadPolicyConfig is the configuration related to GCW workload policy
+        # Corresponds to the JSON property `workloadPolicyConfig`
+        # @return [Google::Apis::ContainerV1::WorkloadPolicyConfig]
+        attr_accessor :workload_policy_config
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @enabled = args[:enabled] if args.key?(:enabled)
+          @workload_policy_config = args[:workload_policy_config] if args.key?(:workload_policy_config)
+        end
+      end
+      
+      # AutopilotCompatibilityIssue contains information about a specific
+      # compatibility issue with Autopilot mode.
+      class AutopilotCompatibilityIssue
+        include Google::Apis::Core::Hashable
+      
+        # The constraint type of the issue.
+        # Corresponds to the JSON property `constraintType`
+        # @return [String]
+        attr_accessor :constraint_type
+      
+        # The description of the issue.
+        # Corresponds to the JSON property `description`
+        # @return [String]
+        attr_accessor :description
+      
+        # A URL to a public documentation, which addresses resolving this issue.
+        # Corresponds to the JSON property `documentationUrl`
+        # @return [String]
+        attr_accessor :documentation_url
+      
+        # The incompatibility type of this issue.
+        # Corresponds to the JSON property `incompatibilityType`
+        # @return [String]
+        attr_accessor :incompatibility_type
+      
+        # The last time when this issue was observed.
+        # Corresponds to the JSON property `lastObservation`
+        # @return [String]
+        attr_accessor :last_observation
+      
+        # The name of the resources which are subject to this issue.
+        # Corresponds to the JSON property `subjects`
+        # @return [Array<String>]
+        attr_accessor :subjects
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @constraint_type = args[:constraint_type] if args.key?(:constraint_type)
+          @description = args[:description] if args.key?(:description)
+          @documentation_url = args[:documentation_url] if args.key?(:documentation_url)
+          @incompatibility_type = args[:incompatibility_type] if args.key?(:incompatibility_type)
+          @last_observation = args[:last_observation] if args.key?(:last_observation)
+          @subjects = args[:subjects] if args.key?(:subjects)
+        end
+      end
+      
+      # AutopilotConfig contains configuration of autopilot feature for this nodepool.
+      class AutopilotConfig
+        include Google::Apis::Core::Hashable
+      
+        # Denotes that nodes belonging to this node pool are Autopilot nodes.
+        # Corresponds to the JSON property `enabled`
+        # @return [Boolean]
+        attr_accessor :enabled
+        alias_method :enabled?, :enabled
+      
         def initialize(**args)
            update!(**args)
         end
@@ -266,11 +506,18 @@ module Google
         # @return [String]
         attr_accessor :disk_type
       
-        # The image type to use for NAP created node.
+        # The image type to use for NAP created node. Please see https://cloud.google.
+        # com/kubernetes-engine/docs/concepts/node-images for available image types.
         # Corresponds to the JSON property `imageType`
         # @return [String]
         attr_accessor :image_type
       
+        # Enable or disable Kubelet read only port.
+        # Corresponds to the JSON property `insecureKubeletReadonlyPortEnabled`
+        # @return [Boolean]
+        attr_accessor :insecure_kubelet_readonly_port_enabled
+        alias_method :insecure_kubelet_readonly_port_enabled?, :insecure_kubelet_readonly_port_enabled
+      
         # NodeManagement defines the set of node management services turned on for the
         # node pool.
         # Corresponds to the JSON property `management`
@@ -283,7 +530,7 @@ module Google
         # Haswell or minCpuPlatform: Intel Sandy Bridge. For more information, read [how
         # to specify min CPU platform](https://cloud.google.com/compute/docs/instances/
         # specify-min-cpu-platform). This field is deprecated, min_cpu_platform should
-        # be specified using https://cloud.google.com/requested-min-cpu-platform label
+        # be specified using `cloud.google.com/requested-min-cpu-platform` label
         # selector on the pod. To unset the min cpu platform field pass "automatic" as
         # field value.
         # Corresponds to the JSON property `minCpuPlatform`
@@ -350,6 +597,7 @@ module Google
           @disk_size_gb = args[:disk_size_gb] if args.key?(:disk_size_gb)
           @disk_type = args[:disk_type] if args.key?(:disk_type)
           @image_type = args[:image_type] if args.key?(:image_type)
+          @insecure_kubelet_readonly_port_enabled = args[:insecure_kubelet_readonly_port_enabled] if args.key?(:insecure_kubelet_readonly_port_enabled)
           @management = args[:management] if args.key?(:management)
           @min_cpu_platform = args[:min_cpu_platform] if args.key?(:min_cpu_platform)
           @oauth_scopes = args[:oauth_scopes] if args.key?(:oauth_scopes)
@@ -359,6 +607,36 @@ module Google
         end
       end
       
+      # Best effort provisioning.
+      class BestEffortProvisioning
+        include Google::Apis::Core::Hashable
+      
+        # When this is enabled, cluster/node pool creations will ignore non-fatal errors
+        # like stockout to best provision as many nodes as possible right now and
+        # eventually bring up all target number of nodes
+        # Corresponds to the JSON property `enabled`
+        # @return [Boolean]
+        attr_accessor :enabled
+        alias_method :enabled?, :enabled
+      
+        # Minimum number of nodes to be provisioned to be considered as succeeded, and
+        # the rest of nodes will be provisioned gradually and eventually when stockout
+        # issue has been resolved.
+        # Corresponds to the JSON property `minProvisionNodes`
+        # @return [Fixnum]
+        attr_accessor :min_provision_nodes
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @enabled = args[:enabled] if args.key?(:enabled)
+          @min_provision_nodes = args[:min_provision_nodes] if args.key?(:min_provision_nodes)
+        end
+      end
+      
       # Parameters for using BigQuery as the destination of resource usage export.
       class BigQueryDestination
         include Google::Apis::Core::Hashable
@@ -522,6 +800,59 @@ module Google
         end
       end
       
+      # CertificateAuthorityDomainConfig configures one or more fully qualified domain
+      # names (FQDN) to a specific certificate.
+      class CertificateAuthorityDomainConfig
+        include Google::Apis::Core::Hashable
+      
+        # List of fully qualified domain names (FQDN). Specifying port is supported.
+        # Wildcards are NOT supported. Examples: - my.customdomain.com - 10.0.1.2:5000
+        # Corresponds to the JSON property `fqdns`
+        # @return [Array<String>]
+        attr_accessor :fqdns
+      
+        # GCPSecretManagerCertificateConfig configures a secret from [Google Secret
+        # Manager](https://cloud.google.com/secret-manager).
+        # Corresponds to the JSON property `gcpSecretManagerCertificateConfig`
+        # @return [Google::Apis::ContainerV1::GcpSecretManagerCertificateConfig]
+        attr_accessor :gcp_secret_manager_certificate_config
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @fqdns = args[:fqdns] if args.key?(:fqdns)
+          @gcp_secret_manager_certificate_config = args[:gcp_secret_manager_certificate_config] if args.key?(:gcp_secret_manager_certificate_config)
+        end
+      end
+      
+      # CheckAutopilotCompatibilityResponse has a list of compatibility issues.
+      class CheckAutopilotCompatibilityResponse
+        include Google::Apis::Core::Hashable
+      
+        # The list of issues for the given operation.
+        # Corresponds to the JSON property `issues`
+        # @return [Array<Google::Apis::ContainerV1::AutopilotCompatibilityIssue>]
+        attr_accessor :issues
+      
+        # The summary of the autopilot compatibility response.
+        # Corresponds to the JSON property `summary`
+        # @return [String]
+        attr_accessor :summary
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @issues = args[:issues] if args.key?(:issues)
+          @summary = args[:summary] if args.key?(:summary)
+        end
+      end
+      
       # CidrBlock contains an optional name and one CIDR block.
       class CidrBlock
         include Google::Apis::Core::Hashable
@@ -633,6 +964,12 @@ module Google
         # @return [String]
         attr_accessor :cluster_ipv4_cidr
       
+        # CompliancePostureConfig defines the settings needed to enable/disable features
+        # for the Compliance Posture.
+        # Corresponds to the JSON property `compliancePostureConfig`
+        # @return [Google::Apis::ContainerV1::CompliancePostureConfig]
+        attr_accessor :compliance_posture_config
+      
         # Which conditions caused the current cluster state.
         # Corresponds to the JSON property `conditions`
         # @return [Array<Google::Apis::ContainerV1::StatusCondition>]
@@ -644,29 +981,34 @@ module Google
         # @return [Google::Apis::ContainerV1::ConfidentialNodes]
         attr_accessor :confidential_nodes
       
+        # Configuration for all of the cluster's control plane endpoints.
+        # Corresponds to the JSON property `controlPlaneEndpointsConfig`
+        # @return [Google::Apis::ContainerV1::ControlPlaneEndpointsConfig]
+        attr_accessor :control_plane_endpoints_config
+      
         # Configuration for fine-grained cost management feature.
         # Corresponds to the JSON property `costManagementConfig`
         # @return [Google::Apis::ContainerV1::CostManagementConfig]
         attr_accessor :cost_management_config
       
-        # [Output only] The time the cluster was created, in [RFC3339](https://www.ietf.
+        # Output only. The time the cluster was created, in [RFC3339](https://www.ietf.
         # org/rfc/rfc3339.txt) text format.
         # Corresponds to the JSON property `createTime`
         # @return [String]
         attr_accessor :create_time
       
-        # [Output only] The current software version of the master endpoint.
+        # Output only. The current software version of the master endpoint.
         # Corresponds to the JSON property `currentMasterVersion`
         # @return [String]
         attr_accessor :current_master_version
       
-        # [Output only] The number of nodes currently in the cluster. Deprecated. Call
+        # Output only. The number of nodes currently in the cluster. Deprecated. Call
         # Kubernetes API directly to retrieve node information.
         # Corresponds to the JSON property `currentNodeCount`
         # @return [Fixnum]
         attr_accessor :current_node_count
       
-        # [Output only] Deprecated, use [NodePools.version](https://cloud.google.com/
+        # Output only. Deprecated, use [NodePools.version](https://cloud.google.com/
         # kubernetes-engine/docs/reference/rest/v1/projects.locations.clusters.nodePools)
         # instead. The current version of the node software components. If they are
         # currently at multiple versions because they're in the process of being
@@ -690,6 +1032,11 @@ module Google
         # @return [String]
         attr_accessor :description
       
+        # K8sBetaAPIConfig , configuration for beta APIs
+        # Corresponds to the JSON property `enableK8sBetaApis`
+        # @return [Google::Apis::ContainerV1::K8sBetaApiConfig]
+        attr_accessor :enable_k8s_beta_apis
+      
         # Kubernetes alpha features are enabled on this cluster. This includes alpha API
         # groups (e.g. v1alpha1) and features that may not be production ready in the
         # kubernetes version of the master and nodes. The cluster has no SLA for uptime
@@ -700,13 +1047,15 @@ module Google
         attr_accessor :enable_kubernetes_alpha
         alias_method :enable_kubernetes_alpha?, :enable_kubernetes_alpha
       
-        # Enable the ability to use Cloud TPUs in this cluster.
+        # Enable the ability to use Cloud TPUs in this cluster. This field is deprecated
+        # due to the deprecation of 2VM TPU. The end of life date for 2VM TPU is 2025-04-
+        # 25.
         # Corresponds to the JSON property `enableTpu`
         # @return [Boolean]
         attr_accessor :enable_tpu
         alias_method :enable_tpu?, :enable_tpu
       
-        # [Output only] The IP address of this cluster's master endpoint. The endpoint
+        # Output only. The IP address of this cluster's master endpoint. The endpoint
         # can be accessed from the internet at `https://username:password@endpoint/`.
         # See the `masterAuth` property of this resource for username and password
         # information.
@@ -714,6 +1063,11 @@ module Google
         # @return [String]
         attr_accessor :endpoint
       
+        # EnterpriseConfig is the cluster enterprise configuration.
+        # Corresponds to the JSON property `enterpriseConfig`
+        # @return [Google::Apis::ContainerV1::EnterpriseConfig]
+        attr_accessor :enterprise_config
+      
         # This checksum is computed by the server based on the value of cluster fields,
         # and may be sent on update requests to ensure the client has an up-to-date
         # value before proceeding.
@@ -721,12 +1075,17 @@ module Google
         # @return [String]
         attr_accessor :etag
       
-        # [Output only] The time the cluster will be automatically deleted in [RFC3339](
+        # Output only. The time the cluster will be automatically deleted in [RFC3339](
         # https://www.ietf.org/rfc/rfc3339.txt) text format.
         # Corresponds to the JSON property `expireTime`
         # @return [String]
         attr_accessor :expire_time
       
+        # Fleet is the fleet configuration for the cluster.
+        # Corresponds to the JSON property `fleet`
+        # @return [Google::Apis::ContainerV1::Fleet]
+        attr_accessor :fleet
+      
         # Output only. Unique id for the cluster.
         # Corresponds to the JSON property `id`
         # @return [String]
@@ -763,7 +1122,7 @@ module Google
         # @return [Fixnum]
         attr_accessor :initial_node_count
       
-        # Deprecated. Use node_pools.instance_group_urls.
+        # Output only. Deprecated. Use node_pools.instance_group_urls.
         # Corresponds to the JSON property `instanceGroupUrls`
         # @return [Array<String>]
         attr_accessor :instance_group_urls
@@ -783,10 +1142,7 @@ module Google
         # @return [Google::Apis::ContainerV1::LegacyAbac]
         attr_accessor :legacy_abac
       
-        # [Output only] The name of the Google Compute Engine [zone](https://cloud.
-        # google.com/compute/docs/regions-zones/regions-zones#available) or [region](
-        # https://cloud.google.com/compute/docs/regions-zones/regions-zones#available)
-        # in which the cluster resides.
+        # 
         # Corresponds to the JSON property `location`
         # @return [String]
         attr_accessor :location
@@ -893,9 +1249,9 @@ module Google
         # @return [Google::Apis::ContainerV1::NodeConfig]
         attr_accessor :node_config
       
-        # [Output only] The size of the address space on each node for hosting
-        # containers. This is provisioned from within the `container_ipv4_cidr` range.
-        # This field will only be set when cluster is in route-based network mode.
+        # Output only. The size of the address space on each node for hosting containers.
+        # This is provisioned from within the `container_ipv4_cidr` range. This field
+        # will only be set when cluster is in route-based network mode.
         # Corresponds to the JSON property `nodeIpv4CidrSize`
         # @return [Fixnum]
         attr_accessor :node_ipv4_cidr_size
@@ -922,11 +1278,24 @@ module Google
         # @return [Google::Apis::ContainerV1::NotificationConfig]
         attr_accessor :notification_config
       
+        # ParentProductConfig is the configuration of the parent product of the cluster.
+        # This field is used by Google internal products that are built on top of a GKE
+        # cluster and take the ownership of the cluster.
+        # Corresponds to the JSON property `parentProductConfig`
+        # @return [Google::Apis::ContainerV1::ParentProductConfig]
+        attr_accessor :parent_product_config
+      
         # Configuration options for private clusters.
         # Corresponds to the JSON property `privateClusterConfig`
         # @return [Google::Apis::ContainerV1::PrivateClusterConfig]
         attr_accessor :private_cluster_config
       
+        # RBACBindingConfig allows user to restrict ClusterRoleBindings an RoleBindings
+        # that can be created.
+        # Corresponds to the JSON property `rbacBindingConfig`
+        # @return [Google::Apis::ContainerV1::RbacBindingConfig]
+        attr_accessor :rbac_binding_config
+      
         # ReleaseChannel indicates which release channel a cluster is subscribed to.
         # Release channels are arranged in order of risk. When a cluster is subscribed
         # to a release channel, Google maintains both the master version and the node
@@ -946,12 +1315,35 @@ module Google
         # @return [Google::Apis::ContainerV1::ResourceUsageExportConfig]
         attr_accessor :resource_usage_export_config
       
-        # [Output only] Server-defined URL for the resource.
+        # Output only. Reserved for future use.
+        # Corresponds to the JSON property `satisfiesPzi`
+        # @return [Boolean]
+        attr_accessor :satisfies_pzi
+        alias_method :satisfies_pzi?, :satisfies_pzi
+      
+        # Output only. Reserved for future use.
+        # Corresponds to the JSON property `satisfiesPzs`
+        # @return [Boolean]
+        attr_accessor :satisfies_pzs
+        alias_method :satisfies_pzs?, :satisfies_pzs
+      
+        # SecretManagerConfig is config for secret manager enablement.
+        # Corresponds to the JSON property `secretManagerConfig`
+        # @return [Google::Apis::ContainerV1::SecretManagerConfig]
+        attr_accessor :secret_manager_config
+      
+        # SecurityPostureConfig defines the flags needed to enable/disable features for
+        # the Security Posture API.
+        # Corresponds to the JSON property `securityPostureConfig`
+        # @return [Google::Apis::ContainerV1::SecurityPostureConfig]
+        attr_accessor :security_posture_config
+      
+        # Output only. Server-defined URL for the resource.
         # Corresponds to the JSON property `selfLink`
         # @return [String]
         attr_accessor :self_link
       
-        # [Output only] The IP address range of the Kubernetes services in this cluster,
+        # Output only. The IP address range of the Kubernetes services in this cluster,
         # in [CIDR](http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing)
         # notation (e.g. `1.2.3.4/29`). Service addresses are typically put in the last `
         # /16` from the container CIDR.
@@ -964,12 +1356,12 @@ module Google
         # @return [Google::Apis::ContainerV1::ShieldedNodes]
         attr_accessor :shielded_nodes
       
-        # [Output only] The current status of this cluster.
+        # Output only. The current status of this cluster.
         # Corresponds to the JSON property `status`
         # @return [String]
         attr_accessor :status
       
-        # [Output only] Deprecated. Use conditions instead. Additional information about
+        # Output only. Deprecated. Use conditions instead. Additional information about
         # the current status of this cluster, if available.
         # Corresponds to the JSON property `statusMessage`
         # @return [String]
@@ -981,13 +1373,20 @@ module Google
         # @return [String]
         attr_accessor :subnetwork
       
-        # [Output only] The IP address range of the Cloud TPUs in this cluster, in [CIDR]
-        # (http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) notation (e.g. `
-        # 1.2.3.4/29`).
+        # Output only. The IP address range of the Cloud TPUs in this cluster, in [CIDR](
+        # http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) notation (e.g. `1.
+        # 2.3.4/29`). This field is deprecated due to the deprecation of 2VM TPU. The
+        # end of life date for 2VM TPU is 2025-04-25.
         # Corresponds to the JSON property `tpuIpv4CidrBlock`
         # @return [String]
         attr_accessor :tpu_ipv4_cidr_block
       
+        # UserManagedKeysConfig holds the resource address to Keys which are used for
+        # signing certs and token that are used for communication within cluster.
+        # Corresponds to the JSON property `userManagedKeysConfig`
+        # @return [Google::Apis::ContainerV1::UserManagedKeysConfig]
+        attr_accessor :user_managed_keys_config
+      
         # VerticalPodAutoscaling contains global, per-cluster information required by
         # Vertical Pod Autoscaler to automatically adjust the resources of pods
         # controlled by it.
@@ -1000,9 +1399,9 @@ module Google
         # @return [Google::Apis::ContainerV1::WorkloadIdentityConfig]
         attr_accessor :workload_identity_config
       
-        # [Output only] The name of the Google Compute Engine [zone](https://cloud.
-        # google.com/compute/docs/zones#available) in which the cluster resides. This
-        # field is deprecated, use location instead.
+        # Output only. The name of the Google Compute Engine [zone](https://cloud.google.
+        # com/compute/docs/zones#available) in which the cluster resides. This field is
+        # deprecated, use location instead.
         # Corresponds to the JSON property `zone`
         # @return [String]
         attr_accessor :zone
@@ -1019,8 +1418,10 @@ module Google
           @autoscaling = args[:autoscaling] if args.key?(:autoscaling)
           @binary_authorization = args[:binary_authorization] if args.key?(:binary_authorization)
           @cluster_ipv4_cidr = args[:cluster_ipv4_cidr] if args.key?(:cluster_ipv4_cidr)
+          @compliance_posture_config = args[:compliance_posture_config] if args.key?(:compliance_posture_config)
           @conditions = args[:conditions] if args.key?(:conditions)
           @confidential_nodes = args[:confidential_nodes] if args.key?(:confidential_nodes)
+          @control_plane_endpoints_config = args[:control_plane_endpoints_config] if args.key?(:control_plane_endpoints_config)
           @cost_management_config = args[:cost_management_config] if args.key?(:cost_management_config)
           @create_time = args[:create_time] if args.key?(:create_time)
           @current_master_version = args[:current_master_version] if args.key?(:current_master_version)
@@ -1029,11 +1430,14 @@ module Google
           @database_encryption = args[:database_encryption] if args.key?(:database_encryption)
           @default_max_pods_constraint = args[:default_max_pods_constraint] if args.key?(:default_max_pods_constraint)
           @description = args[:description] if args.key?(:description)
+          @enable_k8s_beta_apis = args[:enable_k8s_beta_apis] if args.key?(:enable_k8s_beta_apis)
           @enable_kubernetes_alpha = args[:enable_kubernetes_alpha] if args.key?(:enable_kubernetes_alpha)
           @enable_tpu = args[:enable_tpu] if args.key?(:enable_tpu)
           @endpoint = args[:endpoint] if args.key?(:endpoint)
+          @enterprise_config = args[:enterprise_config] if args.key?(:enterprise_config)
           @etag = args[:etag] if args.key?(:etag)
           @expire_time = args[:expire_time] if args.key?(:expire_time)
+          @fleet = args[:fleet] if args.key?(:fleet)
           @id = args[:id] if args.key?(:id)
           @identity_service_config = args[:identity_service_config] if args.key?(:identity_service_config)
           @initial_cluster_version = args[:initial_cluster_version] if args.key?(:initial_cluster_version)
@@ -1062,10 +1466,16 @@ module Google
           @node_pool_defaults = args[:node_pool_defaults] if args.key?(:node_pool_defaults)
           @node_pools = args[:node_pools] if args.key?(:node_pools)
           @notification_config = args[:notification_config] if args.key?(:notification_config)
+          @parent_product_config = args[:parent_product_config] if args.key?(:parent_product_config)
           @private_cluster_config = args[:private_cluster_config] if args.key?(:private_cluster_config)
+          @rbac_binding_config = args[:rbac_binding_config] if args.key?(:rbac_binding_config)
           @release_channel = args[:release_channel] if args.key?(:release_channel)
           @resource_labels = args[:resource_labels] if args.key?(:resource_labels)
           @resource_usage_export_config = args[:resource_usage_export_config] if args.key?(:resource_usage_export_config)
+          @satisfies_pzi = args[:satisfies_pzi] if args.key?(:satisfies_pzi)
+          @satisfies_pzs = args[:satisfies_pzs] if args.key?(:satisfies_pzs)
+          @secret_manager_config = args[:secret_manager_config] if args.key?(:secret_manager_config)
+          @security_posture_config = args[:security_posture_config] if args.key?(:security_posture_config)
           @self_link = args[:self_link] if args.key?(:self_link)
           @services_ipv4_cidr = args[:services_ipv4_cidr] if args.key?(:services_ipv4_cidr)
           @shielded_nodes = args[:shielded_nodes] if args.key?(:shielded_nodes)
@@ -1073,6 +1483,7 @@ module Google
           @status_message = args[:status_message] if args.key?(:status_message)
           @subnetwork = args[:subnetwork] if args.key?(:subnetwork)
           @tpu_ipv4_cidr_block = args[:tpu_ipv4_cidr_block] if args.key?(:tpu_ipv4_cidr_block)
+          @user_managed_keys_config = args[:user_managed_keys_config] if args.key?(:user_managed_keys_config)
           @vertical_pod_autoscaling = args[:vertical_pod_autoscaling] if args.key?(:vertical_pod_autoscaling)
           @workload_identity_config = args[:workload_identity_config] if args.key?(:workload_identity_config)
           @zone = args[:zone] if args.key?(:zone)
@@ -1128,11 +1539,36 @@ module Google
         end
       end
       
+      # Configuration of network bandwidth tiers
+      class ClusterNetworkPerformanceConfig
+        include Google::Apis::Core::Hashable
+      
+        # Specifies the total network bandwidth tier for NodePools in the cluster.
+        # Corresponds to the JSON property `totalEgressBandwidthTier`
+        # @return [String]
+        attr_accessor :total_egress_bandwidth_tier
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @total_egress_bandwidth_tier = args[:total_egress_bandwidth_tier] if args.key?(:total_egress_bandwidth_tier)
+        end
+      end
+      
       # ClusterUpdate describes an update to the cluster. Exactly one update can be
       # applied to a cluster with each request, so at most one field can be provided.
       class ClusterUpdate
         include Google::Apis::Core::Hashable
       
+        # AdditionalPodRangesConfig is the configuration for additional pod secondary
+        # ranges supporting the ClusterUpdate message.
+        # Corresponds to the JSON property `additionalPodRangesConfig`
+        # @return [Google::Apis::ContainerV1::AdditionalPodRangesConfig]
+        attr_accessor :additional_pod_ranges_config
+      
         # Configuration for the addons that can be automatically spun up in the cluster,
         # enabling additional functionality.
         # Corresponds to the JSON property `desiredAddonsConfig`
@@ -1144,6 +1580,11 @@ module Google
         # @return [Google::Apis::ContainerV1::AuthenticatorGroupsConfig]
         attr_accessor :desired_authenticator_groups_config
       
+        # WorkloadPolicyConfig is the configuration related to GCW workload policy
+        # Corresponds to the JSON property `desiredAutopilotWorkloadPolicyConfig`
+        # @return [Google::Apis::ContainerV1::WorkloadPolicyConfig]
+        attr_accessor :desired_autopilot_workload_policy_config
+      
         # Configuration for Binary Authorization.
         # Corresponds to the JSON property `desiredBinaryAuthorization`
         # @return [Google::Apis::ContainerV1::BinaryAuthorization]
@@ -1156,6 +1597,22 @@ module Google
         # @return [Google::Apis::ContainerV1::ClusterAutoscaling]
         attr_accessor :desired_cluster_autoscaling
       
+        # CompliancePostureConfig defines the settings needed to enable/disable features
+        # for the Compliance Posture.
+        # Corresponds to the JSON property `desiredCompliancePostureConfig`
+        # @return [Google::Apis::ContainerV1::CompliancePostureConfig]
+        attr_accessor :desired_compliance_posture_config
+      
+        # ContainerdConfig contains configuration to customize containerd.
+        # Corresponds to the JSON property `desiredContainerdConfig`
+        # @return [Google::Apis::ContainerV1::ContainerdConfig]
+        attr_accessor :desired_containerd_config
+      
+        # Configuration for all of the cluster's control plane endpoints.
+        # Corresponds to the JSON property `desiredControlPlaneEndpointsConfig`
+        # @return [Google::Apis::ContainerV1::ControlPlaneEndpointsConfig]
+        attr_accessor :desired_control_plane_endpoints_config
+      
         # Configuration for fine-grained cost management feature.
         # Corresponds to the JSON property `desiredCostManagementConfig`
         # @return [Google::Apis::ContainerV1::CostManagementConfig]
@@ -1171,23 +1628,68 @@ module Google
         # @return [String]
         attr_accessor :desired_datapath_provider
       
+        # Override the default setting of whether future created nodes have private IP
+        # addresses only, namely NetworkConfig.default_enable_private_nodes
+        # Corresponds to the JSON property `desiredDefaultEnablePrivateNodes`
+        # @return [Boolean]
+        attr_accessor :desired_default_enable_private_nodes
+        alias_method :desired_default_enable_private_nodes?, :desired_default_enable_private_nodes
+      
         # DefaultSnatStatus contains the desired state of whether default sNAT should be
         # disabled on the cluster.
         # Corresponds to the JSON property `desiredDefaultSnatStatus`
         # @return [Google::Apis::ContainerV1::DefaultSnatStatus]
         attr_accessor :desired_default_snat_status
       
+        # Enable/Disable L4 LB VPC firewall reconciliation for the cluster.
+        # Corresponds to the JSON property `desiredDisableL4LbFirewallReconciliation`
+        # @return [Boolean]
+        attr_accessor :desired_disable_l4_lb_firewall_reconciliation
+        alias_method :desired_disable_l4_lb_firewall_reconciliation?, :desired_disable_l4_lb_firewall_reconciliation
+      
         # DNSConfig contains the desired set of options for configuring clusterDNS.
         # Corresponds to the JSON property `desiredDnsConfig`
         # @return [Google::Apis::ContainerV1::DnsConfig]
         attr_accessor :desired_dns_config
       
-        # Enable/Disable private endpoint for the cluster's master.
+        # Enable/Disable Cilium Clusterwide Network Policy for the cluster.
+        # Corresponds to the JSON property `desiredEnableCiliumClusterwideNetworkPolicy`
+        # @return [Boolean]
+        attr_accessor :desired_enable_cilium_clusterwide_network_policy
+        alias_method :desired_enable_cilium_clusterwide_network_policy?, :desired_enable_cilium_clusterwide_network_policy
+      
+        # Enable/Disable FQDN Network Policy for the cluster.
+        # Corresponds to the JSON property `desiredEnableFqdnNetworkPolicy`
+        # @return [Boolean]
+        attr_accessor :desired_enable_fqdn_network_policy
+        alias_method :desired_enable_fqdn_network_policy?, :desired_enable_fqdn_network_policy
+      
+        # Enable/Disable Multi-Networking for the cluster
+        # Corresponds to the JSON property `desiredEnableMultiNetworking`
+        # @return [Boolean]
+        attr_accessor :desired_enable_multi_networking
+        alias_method :desired_enable_multi_networking?, :desired_enable_multi_networking
+      
+        # Enable/Disable private endpoint for the cluster's master. Deprecated: Use
+        # desired_control_plane_endpoints_config.ip_endpoints_config.
+        # enable_public_endpoint instead. Note that the value of enable_public_endpoint
+        # is reversed: if enable_private_endpoint is false, then enable_public_endpoint
+        # will be true.
         # Corresponds to the JSON property `desiredEnablePrivateEndpoint`
         # @return [Boolean]
         attr_accessor :desired_enable_private_endpoint
         alias_method :desired_enable_private_endpoint?, :desired_enable_private_endpoint
       
+        # DesiredEnterpriseConfig is a wrapper used for updating enterprise_config.
+        # Corresponds to the JSON property `desiredEnterpriseConfig`
+        # @return [Google::Apis::ContainerV1::DesiredEnterpriseConfig]
+        attr_accessor :desired_enterprise_config
+      
+        # Fleet is the fleet configuration for the cluster.
+        # Corresponds to the JSON property `desiredFleet`
+        # @return [Google::Apis::ContainerV1::Fleet]
+        attr_accessor :desired_fleet
+      
         # GatewayAPIConfig contains the desired config of Gateway API on this cluster.
         # Corresponds to the JSON property `desiredGatewayApiConfig`
         # @return [Google::Apis::ContainerV1::GatewayApiConfig]
@@ -1211,12 +1713,22 @@ module Google
         # @return [String]
         attr_accessor :desired_image_type
       
+        # Specify the details of in-transit encryption.
+        # Corresponds to the JSON property `desiredInTransitEncryptionConfig`
+        # @return [String]
+        attr_accessor :desired_in_transit_encryption_config
+      
         # IntraNodeVisibilityConfig contains the desired config of the intra-node
         # visibility on this cluster.
         # Corresponds to the JSON property `desiredIntraNodeVisibilityConfig`
         # @return [Google::Apis::ContainerV1::IntraNodeVisibilityConfig]
         attr_accessor :desired_intra_node_visibility_config
       
+        # K8sBetaAPIConfig , configuration for beta APIs
+        # Corresponds to the JSON property `desiredK8sBetaApis`
+        # @return [Google::Apis::ContainerV1::K8sBetaApiConfig]
+        attr_accessor :desired_k8s_beta_apis
+      
         # ILBSubsettingConfig contains the desired config of L4 Internal LoadBalancer
         # subsetting on this cluster.
         # Corresponds to the JSON property `desiredL4ilbSubsettingConfig`
@@ -1288,12 +1800,41 @@ module Google
         # @return [String]
         attr_accessor :desired_monitoring_service
       
+        # Configuration of network bandwidth tiers
+        # Corresponds to the JSON property `desiredNetworkPerformanceConfig`
+        # @return [Google::Apis::ContainerV1::ClusterNetworkPerformanceConfig]
+        attr_accessor :desired_network_performance_config
+      
+        # Node kubelet configs.
+        # Corresponds to the JSON property `desiredNodeKubeletConfig`
+        # @return [Google::Apis::ContainerV1::NodeKubeletConfig]
+        attr_accessor :desired_node_kubelet_config
+      
+        # Node kubelet configs.
+        # Corresponds to the JSON property `desiredNodePoolAutoConfigKubeletConfig`
+        # @return [Google::Apis::ContainerV1::NodeKubeletConfig]
+        attr_accessor :desired_node_pool_auto_config_kubelet_config
+      
+        # Parameters that can be configured on Linux nodes.
+        # Corresponds to the JSON property `desiredNodePoolAutoConfigLinuxNodeConfig`
+        # @return [Google::Apis::ContainerV1::LinuxNodeConfig]
+        attr_accessor :desired_node_pool_auto_config_linux_node_config
+      
         # Collection of Compute Engine network tags that can be applied to a node's
         # underlying VM instance.
         # Corresponds to the JSON property `desiredNodePoolAutoConfigNetworkTags`
         # @return [Google::Apis::ContainerV1::NetworkTags]
         attr_accessor :desired_node_pool_auto_config_network_tags
       
+        # A map of resource manager tag keys and values to be attached to the nodes for
+        # managing Compute Engine firewalls using Network Firewall Policies. Tags must
+        # be according to specifications in https://cloud.google.com/vpc/docs/tags-
+        # firewalls-overview#specifications. A maximum of 5 tag key-value pairs can be
+        # specified. Existing tags will be replaced with new values.
+        # Corresponds to the JSON property `desiredNodePoolAutoConfigResourceManagerTags`
+        # @return [Google::Apis::ContainerV1::ResourceManagerTags]
+        attr_accessor :desired_node_pool_auto_config_resource_manager_tags
+      
         # NodePoolAutoscaling contains information required by cluster autoscaler to
         # adjust the size of the node pool to the current cluster usage.
         # Corresponds to the JSON property `desiredNodePoolAutoscaling`
@@ -1328,6 +1869,13 @@ module Google
         # @return [Google::Apis::ContainerV1::NotificationConfig]
         attr_accessor :desired_notification_config
       
+        # ParentProductConfig is the configuration of the parent product of the cluster.
+        # This field is used by Google internal products that are built on top of a GKE
+        # cluster and take the ownership of the cluster.
+        # Corresponds to the JSON property `desiredParentProductConfig`
+        # @return [Google::Apis::ContainerV1::ParentProductConfig]
+        attr_accessor :desired_parent_product_config
+      
         # Configuration options for private clusters.
         # Corresponds to the JSON property `desiredPrivateClusterConfig`
         # @return [Google::Apis::ContainerV1::PrivateClusterConfig]
@@ -1338,6 +1886,12 @@ module Google
         # @return [String]
         attr_accessor :desired_private_ipv6_google_access
       
+        # RBACBindingConfig allows user to restrict ClusterRoleBindings an RoleBindings
+        # that can be created.
+        # Corresponds to the JSON property `desiredRbacBindingConfig`
+        # @return [Google::Apis::ContainerV1::RbacBindingConfig]
+        attr_accessor :desired_rbac_binding_config
+      
         # ReleaseChannel indicates which release channel a cluster is subscribed to.
         # Release channels are arranged in order of risk. When a cluster is subscribed
         # to a release channel, Google maintains both the master version and the node
@@ -1351,6 +1905,17 @@ module Google
         # @return [Google::Apis::ContainerV1::ResourceUsageExportConfig]
         attr_accessor :desired_resource_usage_export_config
       
+        # SecretManagerConfig is config for secret manager enablement.
+        # Corresponds to the JSON property `desiredSecretManagerConfig`
+        # @return [Google::Apis::ContainerV1::SecretManagerConfig]
+        attr_accessor :desired_secret_manager_config
+      
+        # SecurityPostureConfig defines the flags needed to enable/disable features for
+        # the Security Posture API.
+        # Corresponds to the JSON property `desiredSecurityPostureConfig`
+        # @return [Google::Apis::ContainerV1::SecurityPostureConfig]
+        attr_accessor :desired_security_posture_config
+      
         # Config to block services with externalIPs field.
         # Corresponds to the JSON property `desiredServiceExternalIpsConfig`
         # @return [Google::Apis::ContainerV1::ServiceExternalIPsConfig]
@@ -1380,6 +1945,11 @@ module Google
         # @return [Google::Apis::ContainerV1::WorkloadIdentityConfig]
         attr_accessor :desired_workload_identity_config
       
+        # K8sBetaAPIConfig , configuration for beta APIs
+        # Corresponds to the JSON property `enableK8sBetaApis`
+        # @return [Google::Apis::ContainerV1::K8sBetaApiConfig]
+        attr_accessor :enable_k8s_beta_apis
+      
         # The current etag of the cluster. If an etag is provided and does not match the
         # current etag of the cluster, update will be blocked and an ABORTED error will
         # be returned.
@@ -1387,27 +1957,53 @@ module Google
         # @return [String]
         attr_accessor :etag
       
+        # AdditionalPodRangesConfig is the configuration for additional pod secondary
+        # ranges supporting the ClusterUpdate message.
+        # Corresponds to the JSON property `removedAdditionalPodRangesConfig`
+        # @return [Google::Apis::ContainerV1::AdditionalPodRangesConfig]
+        attr_accessor :removed_additional_pod_ranges_config
+      
+        # UserManagedKeysConfig holds the resource address to Keys which are used for
+        # signing certs and token that are used for communication within cluster.
+        # Corresponds to the JSON property `userManagedKeysConfig`
+        # @return [Google::Apis::ContainerV1::UserManagedKeysConfig]
+        attr_accessor :user_managed_keys_config
+      
         def initialize(**args)
            update!(**args)
         end
       
         # Update properties of this object
         def update!(**args)
+          @additional_pod_ranges_config = args[:additional_pod_ranges_config] if args.key?(:additional_pod_ranges_config)
           @desired_addons_config = args[:desired_addons_config] if args.key?(:desired_addons_config)
           @desired_authenticator_groups_config = args[:desired_authenticator_groups_config] if args.key?(:desired_authenticator_groups_config)
+          @desired_autopilot_workload_policy_config = args[:desired_autopilot_workload_policy_config] if args.key?(:desired_autopilot_workload_policy_config)
           @desired_binary_authorization = args[:desired_binary_authorization] if args.key?(:desired_binary_authorization)
           @desired_cluster_autoscaling = args[:desired_cluster_autoscaling] if args.key?(:desired_cluster_autoscaling)
+          @desired_compliance_posture_config = args[:desired_compliance_posture_config] if args.key?(:desired_compliance_posture_config)
+          @desired_containerd_config = args[:desired_containerd_config] if args.key?(:desired_containerd_config)
+          @desired_control_plane_endpoints_config = args[:desired_control_plane_endpoints_config] if args.key?(:desired_control_plane_endpoints_config)
           @desired_cost_management_config = args[:desired_cost_management_config] if args.key?(:desired_cost_management_config)
           @desired_database_encryption = args[:desired_database_encryption] if args.key?(:desired_database_encryption)
           @desired_datapath_provider = args[:desired_datapath_provider] if args.key?(:desired_datapath_provider)
+          @desired_default_enable_private_nodes = args[:desired_default_enable_private_nodes] if args.key?(:desired_default_enable_private_nodes)
           @desired_default_snat_status = args[:desired_default_snat_status] if args.key?(:desired_default_snat_status)
+          @desired_disable_l4_lb_firewall_reconciliation = args[:desired_disable_l4_lb_firewall_reconciliation] if args.key?(:desired_disable_l4_lb_firewall_reconciliation)
           @desired_dns_config = args[:desired_dns_config] if args.key?(:desired_dns_config)
+          @desired_enable_cilium_clusterwide_network_policy = args[:desired_enable_cilium_clusterwide_network_policy] if args.key?(:desired_enable_cilium_clusterwide_network_policy)
+          @desired_enable_fqdn_network_policy = args[:desired_enable_fqdn_network_policy] if args.key?(:desired_enable_fqdn_network_policy)
+          @desired_enable_multi_networking = args[:desired_enable_multi_networking] if args.key?(:desired_enable_multi_networking)
           @desired_enable_private_endpoint = args[:desired_enable_private_endpoint] if args.key?(:desired_enable_private_endpoint)
+          @desired_enterprise_config = args[:desired_enterprise_config] if args.key?(:desired_enterprise_config)
+          @desired_fleet = args[:desired_fleet] if args.key?(:desired_fleet)
           @desired_gateway_api_config = args[:desired_gateway_api_config] if args.key?(:desired_gateway_api_config)
           @desired_gcfs_config = args[:desired_gcfs_config] if args.key?(:desired_gcfs_config)
           @desired_identity_service_config = args[:desired_identity_service_config] if args.key?(:desired_identity_service_config)
           @desired_image_type = args[:desired_image_type] if args.key?(:desired_image_type)
+          @desired_in_transit_encryption_config = args[:desired_in_transit_encryption_config] if args.key?(:desired_in_transit_encryption_config)
           @desired_intra_node_visibility_config = args[:desired_intra_node_visibility_config] if args.key?(:desired_intra_node_visibility_config)
+          @desired_k8s_beta_apis = args[:desired_k8s_beta_apis] if args.key?(:desired_k8s_beta_apis)
           @desired_l4ilb_subsetting_config = args[:desired_l4ilb_subsetting_config] if args.key?(:desired_l4ilb_subsetting_config)
           @desired_locations = args[:desired_locations] if args.key?(:desired_locations)
           @desired_logging_config = args[:desired_logging_config] if args.key?(:desired_logging_config)
@@ -1417,22 +2013,34 @@ module Google
           @desired_mesh_certificates = args[:desired_mesh_certificates] if args.key?(:desired_mesh_certificates)
           @desired_monitoring_config = args[:desired_monitoring_config] if args.key?(:desired_monitoring_config)
           @desired_monitoring_service = args[:desired_monitoring_service] if args.key?(:desired_monitoring_service)
+          @desired_network_performance_config = args[:desired_network_performance_config] if args.key?(:desired_network_performance_config)
+          @desired_node_kubelet_config = args[:desired_node_kubelet_config] if args.key?(:desired_node_kubelet_config)
+          @desired_node_pool_auto_config_kubelet_config = args[:desired_node_pool_auto_config_kubelet_config] if args.key?(:desired_node_pool_auto_config_kubelet_config)
+          @desired_node_pool_auto_config_linux_node_config = args[:desired_node_pool_auto_config_linux_node_config] if args.key?(:desired_node_pool_auto_config_linux_node_config)
           @desired_node_pool_auto_config_network_tags = args[:desired_node_pool_auto_config_network_tags] if args.key?(:desired_node_pool_auto_config_network_tags)
+          @desired_node_pool_auto_config_resource_manager_tags = args[:desired_node_pool_auto_config_resource_manager_tags] if args.key?(:desired_node_pool_auto_config_resource_manager_tags)
           @desired_node_pool_autoscaling = args[:desired_node_pool_autoscaling] if args.key?(:desired_node_pool_autoscaling)
           @desired_node_pool_id = args[:desired_node_pool_id] if args.key?(:desired_node_pool_id)
           @desired_node_pool_logging_config = args[:desired_node_pool_logging_config] if args.key?(:desired_node_pool_logging_config)
           @desired_node_version = args[:desired_node_version] if args.key?(:desired_node_version)
           @desired_notification_config = args[:desired_notification_config] if args.key?(:desired_notification_config)
+          @desired_parent_product_config = args[:desired_parent_product_config] if args.key?(:desired_parent_product_config)
           @desired_private_cluster_config = args[:desired_private_cluster_config] if args.key?(:desired_private_cluster_config)
           @desired_private_ipv6_google_access = args[:desired_private_ipv6_google_access] if args.key?(:desired_private_ipv6_google_access)
+          @desired_rbac_binding_config = args[:desired_rbac_binding_config] if args.key?(:desired_rbac_binding_config)
           @desired_release_channel = args[:desired_release_channel] if args.key?(:desired_release_channel)
           @desired_resource_usage_export_config = args[:desired_resource_usage_export_config] if args.key?(:desired_resource_usage_export_config)
+          @desired_secret_manager_config = args[:desired_secret_manager_config] if args.key?(:desired_secret_manager_config)
+          @desired_security_posture_config = args[:desired_security_posture_config] if args.key?(:desired_security_posture_config)
           @desired_service_external_ips_config = args[:desired_service_external_ips_config] if args.key?(:desired_service_external_ips_config)
           @desired_shielded_nodes = args[:desired_shielded_nodes] if args.key?(:desired_shielded_nodes)
           @desired_stack_type = args[:desired_stack_type] if args.key?(:desired_stack_type)
           @desired_vertical_pod_autoscaling = args[:desired_vertical_pod_autoscaling] if args.key?(:desired_vertical_pod_autoscaling)
           @desired_workload_identity_config = args[:desired_workload_identity_config] if args.key?(:desired_workload_identity_config)
+          @enable_k8s_beta_apis = args[:enable_k8s_beta_apis] if args.key?(:enable_k8s_beta_apis)
           @etag = args[:etag] if args.key?(:etag)
+          @removed_additional_pod_ranges_config = args[:removed_additional_pod_ranges_config] if args.key?(:removed_additional_pod_ranges_config)
+          @user_managed_keys_config = args[:user_managed_keys_config] if args.key?(:user_managed_keys_config)
         end
       end
       
@@ -1493,18 +2101,63 @@ module Google
         end
       end
       
-      # ConfidentialNodes is configuration for the confidential nodes feature, which
-      # makes nodes run on confidential VMs.
-      class ConfidentialNodes
+      # CompliancePostureConfig defines the settings needed to enable/disable features
+      # for the Compliance Posture.
+      class CompliancePostureConfig
         include Google::Apis::Core::Hashable
       
-        # Whether Confidential Nodes feature is enabled.
-        # Corresponds to the JSON property `enabled`
-        # @return [Boolean]
-        attr_accessor :enabled
-        alias_method :enabled?, :enabled
+        # List of enabled compliance standards.
+        # Corresponds to the JSON property `complianceStandards`
+        # @return [Array<Google::Apis::ContainerV1::ComplianceStandard>]
+        attr_accessor :compliance_standards
       
-        def initialize(**args)
+        # Defines the enablement mode for Compliance Posture.
+        # Corresponds to the JSON property `mode`
+        # @return [String]
+        attr_accessor :mode
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @compliance_standards = args[:compliance_standards] if args.key?(:compliance_standards)
+          @mode = args[:mode] if args.key?(:mode)
+        end
+      end
+      
+      # Defines the details of a compliance standard.
+      class ComplianceStandard
+        include Google::Apis::Core::Hashable
+      
+        # Name of the compliance standard.
+        # Corresponds to the JSON property `standard`
+        # @return [String]
+        attr_accessor :standard
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @standard = args[:standard] if args.key?(:standard)
+        end
+      end
+      
+      # ConfidentialNodes is configuration for the confidential nodes feature, which
+      # makes nodes run on confidential VMs.
+      class ConfidentialNodes
+        include Google::Apis::Core::Hashable
+      
+        # Whether Confidential Nodes feature is enabled.
+        # Corresponds to the JSON property `enabled`
+        # @return [Boolean]
+        attr_accessor :enabled
+        alias_method :enabled?, :enabled
+      
+        def initialize(**args)
            update!(**args)
         end
       
@@ -1555,6 +2208,51 @@ module Google
         end
       end
       
+      # ContainerdConfig contains configuration to customize containerd.
+      class ContainerdConfig
+        include Google::Apis::Core::Hashable
+      
+        # PrivateRegistryAccessConfig contains access configuration for private
+        # container registries.
+        # Corresponds to the JSON property `privateRegistryAccessConfig`
+        # @return [Google::Apis::ContainerV1::PrivateRegistryAccessConfig]
+        attr_accessor :private_registry_access_config
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @private_registry_access_config = args[:private_registry_access_config] if args.key?(:private_registry_access_config)
+        end
+      end
+      
+      # Configuration for all of the cluster's control plane endpoints.
+      class ControlPlaneEndpointsConfig
+        include Google::Apis::Core::Hashable
+      
+        # Describes the configuration of a DNS endpoint.
+        # Corresponds to the JSON property `dnsEndpointConfig`
+        # @return [Google::Apis::ContainerV1::DnsEndpointConfig]
+        attr_accessor :dns_endpoint_config
+      
+        # IP endpoints configuration.
+        # Corresponds to the JSON property `ipEndpointsConfig`
+        # @return [Google::Apis::ContainerV1::IpEndpointsConfig]
+        attr_accessor :ip_endpoints_config
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @dns_endpoint_config = args[:dns_endpoint_config] if args.key?(:dns_endpoint_config)
+          @ip_endpoints_config = args[:ip_endpoints_config] if args.key?(:ip_endpoints_config)
+        end
+      end
+      
       # Configuration for fine-grained cost management feature.
       class CostManagementConfig
         include Google::Apis::Core::Hashable
@@ -1675,6 +2373,11 @@ module Google
       class DnsConfig
         include Google::Apis::Core::Hashable
       
+        # Optional. The domain used in Additive VPC scope.
+        # Corresponds to the JSON property `additiveVpcScopeDnsDomain`
+        # @return [String]
+        attr_accessor :additive_vpc_scope_dns_domain
+      
         # cluster_dns indicates which in-cluster DNS provider should be used.
         # Corresponds to the JSON property `clusterDns`
         # @return [String]
@@ -1696,17 +2399,48 @@ module Google
       
         # Update properties of this object
         def update!(**args)
+          @additive_vpc_scope_dns_domain = args[:additive_vpc_scope_dns_domain] if args.key?(:additive_vpc_scope_dns_domain)
           @cluster_dns = args[:cluster_dns] if args.key?(:cluster_dns)
           @cluster_dns_domain = args[:cluster_dns_domain] if args.key?(:cluster_dns_domain)
           @cluster_dns_scope = args[:cluster_dns_scope] if args.key?(:cluster_dns_scope)
         end
       end
       
+      # Describes the configuration of a DNS endpoint.
+      class DnsEndpointConfig
+        include Google::Apis::Core::Hashable
+      
+        # Controls whether user traffic is allowed over this endpoint. Note that GCP-
+        # managed services may still use the endpoint even if this is false.
+        # Corresponds to the JSON property `allowExternalTraffic`
+        # @return [Boolean]
+        attr_accessor :allow_external_traffic
+        alias_method :allow_external_traffic?, :allow_external_traffic
+      
+        # Output only. The cluster's DNS endpoint configuration. A DNS format address.
+        # This is accessible from the public internet. Ex: uid.us-central1.gke.goog.
+        # Always present, but the behavior may change according to the value of
+        # DNSEndpointConfig.allow_external_traffic.
+        # Corresponds to the JSON property `endpoint`
+        # @return [String]
+        attr_accessor :endpoint
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @allow_external_traffic = args[:allow_external_traffic] if args.key?(:allow_external_traffic)
+          @endpoint = args[:endpoint] if args.key?(:endpoint)
+        end
+      end
+      
       # Time window specified for daily maintenance operations.
       class DailyMaintenanceWindow
         include Google::Apis::Core::Hashable
       
-        # [Output only] Duration of the time window, automatically chosen to be smallest
+        # Output only. Duration of the time window, automatically chosen to be smallest
         # possible in the given scenario. Duration will be in [RFC3339](https://www.ietf.
         # org/rfc/rfc3339.txt) format "PTnHnMnS".
         # Corresponds to the JSON property `duration`
@@ -1735,13 +2469,29 @@ module Google
       class DatabaseEncryption
         include Google::Apis::Core::Hashable
       
+        # Output only. The current state of etcd encryption.
+        # Corresponds to the JSON property `currentState`
+        # @return [String]
+        attr_accessor :current_state
+      
+        # Output only. Keys in use by the cluster for decrypting existing objects, in
+        # addition to the key in `key_name`. Each item is a CloudKMS key resource.
+        # Corresponds to the JSON property `decryptionKeys`
+        # @return [Array<String>]
+        attr_accessor :decryption_keys
+      
         # Name of CloudKMS key to use for the encryption of secrets in etcd. Ex.
         # projects/my-project/locations/global/keyRings/my-ring/cryptoKeys/my-key
         # Corresponds to the JSON property `keyName`
         # @return [String]
         attr_accessor :key_name
       
-        # Denotes the state of etcd encryption.
+        # Output only. Records errors seen during DatabaseEncryption update operations.
+        # Corresponds to the JSON property `lastOperationErrors`
+        # @return [Array<Google::Apis::ContainerV1::OperationError>]
+        attr_accessor :last_operation_errors
+      
+        # The desired state of etcd encryption.
         # Corresponds to the JSON property `state`
         # @return [String]
         attr_accessor :state
@@ -1752,7 +2502,10 @@ module Google
       
         # Update properties of this object
         def update!(**args)
+          @current_state = args[:current_state] if args.key?(:current_state)
+          @decryption_keys = args[:decryption_keys] if args.key?(:decryption_keys)
           @key_name = args[:key_name] if args.key?(:key_name)
+          @last_operation_errors = args[:last_operation_errors] if args.key?(:last_operation_errors)
           @state = args[:state] if args.key?(:state)
         end
       end
@@ -1778,6 +2531,25 @@ module Google
         end
       end
       
+      # DesiredEnterpriseConfig is a wrapper used for updating enterprise_config.
+      class DesiredEnterpriseConfig
+        include Google::Apis::Core::Hashable
+      
+        # desired_tier specifies the desired tier of the cluster.
+        # Corresponds to the JSON property `desiredTier`
+        # @return [String]
+        attr_accessor :desired_tier
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @desired_tier = args[:desired_tier] if args.key?(:desired_tier)
+        end
+      end
+      
       # Configuration for NodeLocal DNSCache
       class DnsCacheConfig
         include Google::Apis::Core::Hashable
@@ -1814,16 +2586,48 @@ module Google
         end
       end
       
+      # EnterpriseConfig is the cluster enterprise configuration.
+      class EnterpriseConfig
+        include Google::Apis::Core::Hashable
+      
+        # Output only. cluster_tier indicates the effective tier of the cluster.
+        # Corresponds to the JSON property `clusterTier`
+        # @return [String]
+        attr_accessor :cluster_tier
+      
+        # desired_tier specifies the desired tier of the cluster.
+        # Corresponds to the JSON property `desiredTier`
+        # @return [String]
+        attr_accessor :desired_tier
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @cluster_tier = args[:cluster_tier] if args.key?(:cluster_tier)
+          @desired_tier = args[:desired_tier] if args.key?(:desired_tier)
+        end
+      end
+      
       # EphemeralStorageLocalSsdConfig contains configuration for the node ephemeral
-      # storage using Local SSD.
+      # storage using Local SSDs.
       class EphemeralStorageLocalSsdConfig
         include Google::Apis::Core::Hashable
       
-        # Number of local SSDs to use to back ephemeral storage. Uses NVMe interfaces.
-        # Each local SSD is 375 GB in size. If zero, it means to disable using local
-        # SSDs as ephemeral storage. The limit for this value is dependent upon the
-        # maximum number of disks available on a machine per zone. See: https://cloud.
-        # google.com/compute/docs/disks/local-ssd for more information.
+        # Number of local SSDs to use to back ephemeral storage. Uses NVMe interfaces. A
+        # zero (or unset) value has different meanings depending on machine type being
+        # used: 1. For pre-Gen3 machines, which support flexible numbers of local ssds,
+        # zero (or unset) means to disable using local SSDs as ephemeral storage. The
+        # limit for this value is dependent upon the maximum number of disk available on
+        # a machine per zone. See: https://cloud.google.com/compute/docs/disks/local-ssd
+        # for more information. 2. For Gen3 machines which dictate a specific number of
+        # local ssds, zero (or unset) means to use the default number of local ssds that
+        # goes with that machine type. For example, for a c3-standard-8-lssd machine, 2
+        # local ssds would be provisioned. For c3-standard-8 (which doesn't support
+        # local ssds), 0 will be provisioned. See https://cloud.google.com/compute/docs/
+        # disks/local-ssd#choose_number_local_ssds for more info.
         # Corresponds to the JSON property `localSsdCount`
         # @return [Fixnum]
         attr_accessor :local_ssd_count
@@ -1880,6 +2684,83 @@ module Google
         end
       end
       
+      # Fleet is the fleet configuration for the cluster.
+      class Fleet
+        include Google::Apis::Core::Hashable
+      
+        # Output only. The full resource name of the registered fleet membership of the
+        # cluster, in the format `//gkehub.googleapis.com/projects/*/locations/*/
+        # memberships/*`.
+        # Corresponds to the JSON property `membership`
+        # @return [String]
+        attr_accessor :membership
+      
+        # Output only. Whether the cluster has been registered through the fleet API.
+        # Corresponds to the JSON property `preRegistered`
+        # @return [Boolean]
+        attr_accessor :pre_registered
+        alias_method :pre_registered?, :pre_registered
+      
+        # The Fleet host project(project ID or project number) where this cluster will
+        # be registered to. This field cannot be changed after the cluster has been
+        # registered.
+        # Corresponds to the JSON property `project`
+        # @return [String]
+        attr_accessor :project
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @membership = args[:membership] if args.key?(:membership)
+          @pre_registered = args[:pre_registered] if args.key?(:pre_registered)
+          @project = args[:project] if args.key?(:project)
+        end
+      end
+      
+      # GCPSecretManagerCertificateConfig configures a secret from [Google Secret
+      # Manager](https://cloud.google.com/secret-manager).
+      class GcpSecretManagerCertificateConfig
+        include Google::Apis::Core::Hashable
+      
+        # Secret URI, in the form "projects/$PROJECT_ID/secrets/$SECRET_NAME/versions/$
+        # VERSION". Version can be fixed (e.g. "2") or "latest"
+        # Corresponds to the JSON property `secretUri`
+        # @return [String]
+        attr_accessor :secret_uri
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @secret_uri = args[:secret_uri] if args.key?(:secret_uri)
+        end
+      end
+      
+      # GPUDriverInstallationConfig specifies the version of GPU driver to be auto
+      # installed.
+      class GpuDriverInstallationConfig
+        include Google::Apis::Core::Hashable
+      
+        # Mode for how the GPU driver is installed.
+        # Corresponds to the JSON property `gpuDriverVersion`
+        # @return [String]
+        attr_accessor :gpu_driver_version
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @gpu_driver_version = args[:gpu_driver_version] if args.key?(:gpu_driver_version)
+        end
+      end
+      
       # GPUSharingConfig represents the GPU sharing configuration for Hardware
       # Accelerators.
       class GpuSharingConfig
@@ -1986,7 +2867,27 @@ module Google
         end
       end
       
-      # GetJSONWebKeysResponse is a valid JSON Web Key Set as specififed in rfc 7517
+      # Configuration for the Cloud Storage Fuse CSI driver.
+      class GcsFuseCsiDriverConfig
+        include Google::Apis::Core::Hashable
+      
+        # Whether the Cloud Storage Fuse CSI driver is enabled for this cluster.
+        # Corresponds to the JSON property `enabled`
+        # @return [Boolean]
+        attr_accessor :enabled
+        alias_method :enabled?, :enabled
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @enabled = args[:enabled] if args.key?(:enabled)
+        end
+      end
+      
+      # GetJSONWebKeysResponse is a valid JSON Web Key Set as specified in rfc 7517
       class GetJsonWebKeysResponse
         include Google::Apis::Core::Hashable
       
@@ -2169,6 +3070,31 @@ module Google
         end
       end
       
+      # Hugepages amount in both 2m and 1g size
+      class HugepagesConfig
+        include Google::Apis::Core::Hashable
+      
+        # Optional. Amount of 1G hugepages
+        # Corresponds to the JSON property `hugepageSize1g`
+        # @return [Fixnum]
+        attr_accessor :hugepage_size1g
+      
+        # Optional. Amount of 2M hugepages
+        # Corresponds to the JSON property `hugepageSize2m`
+        # @return [Fixnum]
+        attr_accessor :hugepage_size2m
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @hugepage_size1g = args[:hugepage_size1g] if args.key?(:hugepage_size1g)
+          @hugepage_size2m = args[:hugepage_size2m] if args.key?(:hugepage_size2m)
+        end
+      end
+      
       # ILBSubsettingConfig contains the desired config of L4 Internal LoadBalancer
       # subsetting on this cluster.
       class IlbSubsettingConfig
@@ -2194,6 +3120,12 @@ module Google
       class IpAllocationPolicy
         include Google::Apis::Core::Hashable
       
+        # AdditionalPodRangesConfig is the configuration for additional pod secondary
+        # ranges supporting the ClusterUpdate message.
+        # Corresponds to the JSON property `additionalPodRangesConfig`
+        # @return [Google::Apis::ContainerV1::AdditionalPodRangesConfig]
+        attr_accessor :additional_pod_ranges_config
+      
         # This field is deprecated, use cluster_ipv4_cidr_block.
         # Corresponds to the JSON property `clusterIpv4Cidr`
         # @return [String]
@@ -2226,6 +3158,13 @@ module Google
         attr_accessor :create_subnetwork
         alias_method :create_subnetwork?, :create_subnetwork
       
+        # Output only. The utilization of the cluster default IPv4 range for the pod.
+        # The ratio is Usage/[Total number of IPs in the secondary range], Usage=
+        # numNodes*numZones*podIPsPerNode.
+        # Corresponds to the JSON property `defaultPodIpv4RangeUtilization`
+        # @return [Float]
+        attr_accessor :default_pod_ipv4_range_utilization
+      
         # The ipv6 access type (internal or external) when create_subnetwork is true
         # Corresponds to the JSON property `ipv6AccessType`
         # @return [String]
@@ -2247,6 +3186,11 @@ module Google
         # @return [String]
         attr_accessor :node_ipv4_cidr_block
       
+        # [PRIVATE FIELD] Config for pod CIDR size overprovisioning.
+        # Corresponds to the JSON property `podCidrOverprovisionConfig`
+        # @return [Google::Apis::ContainerV1::PodCidrOverprovisionConfig]
+        attr_accessor :pod_cidr_overprovision_config
+      
         # This field is deprecated, use services_ipv4_cidr_block.
         # Corresponds to the JSON property `servicesIpv4Cidr`
         # @return [String]
@@ -2264,6 +3208,11 @@ module Google
         # @return [String]
         attr_accessor :services_ipv4_cidr_block
       
+        # Output only. The services IPv6 CIDR block for the cluster.
+        # Corresponds to the JSON property `servicesIpv6CidrBlock`
+        # @return [String]
+        attr_accessor :services_ipv6_cidr_block
+      
         # The name of the secondary range to be used as for the services CIDR block. The
         # secondary range will be used for service ClusterIPs. This must be an existing
         # secondary range associated with the cluster subnetwork. This field is only
@@ -2277,6 +3226,11 @@ module Google
         # @return [String]
         attr_accessor :stack_type
       
+        # Output only. The subnet's IPv6 CIDR block used by nodes and pods.
+        # Corresponds to the JSON property `subnetIpv6CidrBlock`
+        # @return [String]
+        attr_accessor :subnet_ipv6_cidr_block
+      
         # A custom subnetwork name to be used if `create_subnetwork` is true. If this
         # field is empty, then an automatic name will be chosen for the new subnetwork.
         # Corresponds to the JSON property `subnetworkName`
@@ -2290,7 +3244,8 @@ module Google
         # specific netmask. Set to a [CIDR](http://en.wikipedia.org/wiki/Classless_Inter-
         # Domain_Routing) notation (e.g. `10.96.0.0/14`) from the RFC-1918 private
         # networks (e.g. `10.0.0.0/8`, `172.16.0.0/12`, `192.168.0.0/16`) to pick a
-        # specific range to use.
+        # specific range to use. This field is deprecated due to the deprecation of 2VM
+        # TPU. The end of life date for 2VM TPU is 2025-04-25.
         # Corresponds to the JSON property `tpuIpv4CidrBlock`
         # @return [String]
         attr_accessor :tpu_ipv4_cidr_block
@@ -2319,17 +3274,22 @@ module Google
       
         # Update properties of this object
         def update!(**args)
+          @additional_pod_ranges_config = args[:additional_pod_ranges_config] if args.key?(:additional_pod_ranges_config)
           @cluster_ipv4_cidr = args[:cluster_ipv4_cidr] if args.key?(:cluster_ipv4_cidr)
           @cluster_ipv4_cidr_block = args[:cluster_ipv4_cidr_block] if args.key?(:cluster_ipv4_cidr_block)
           @cluster_secondary_range_name = args[:cluster_secondary_range_name] if args.key?(:cluster_secondary_range_name)
           @create_subnetwork = args[:create_subnetwork] if args.key?(:create_subnetwork)
+          @default_pod_ipv4_range_utilization = args[:default_pod_ipv4_range_utilization] if args.key?(:default_pod_ipv4_range_utilization)
           @ipv6_access_type = args[:ipv6_access_type] if args.key?(:ipv6_access_type)
           @node_ipv4_cidr = args[:node_ipv4_cidr] if args.key?(:node_ipv4_cidr)
           @node_ipv4_cidr_block = args[:node_ipv4_cidr_block] if args.key?(:node_ipv4_cidr_block)
+          @pod_cidr_overprovision_config = args[:pod_cidr_overprovision_config] if args.key?(:pod_cidr_overprovision_config)
           @services_ipv4_cidr = args[:services_ipv4_cidr] if args.key?(:services_ipv4_cidr)
           @services_ipv4_cidr_block = args[:services_ipv4_cidr_block] if args.key?(:services_ipv4_cidr_block)
+          @services_ipv6_cidr_block = args[:services_ipv6_cidr_block] if args.key?(:services_ipv6_cidr_block)
           @services_secondary_range_name = args[:services_secondary_range_name] if args.key?(:services_secondary_range_name)
           @stack_type = args[:stack_type] if args.key?(:stack_type)
+          @subnet_ipv6_cidr_block = args[:subnet_ipv6_cidr_block] if args.key?(:subnet_ipv6_cidr_block)
           @subnetwork_name = args[:subnetwork_name] if args.key?(:subnetwork_name)
           @tpu_ipv4_cidr_block = args[:tpu_ipv4_cidr_block] if args.key?(:tpu_ipv4_cidr_block)
           @use_ip_aliases = args[:use_ip_aliases] if args.key?(:use_ip_aliases)
@@ -2337,6 +3297,76 @@ module Google
         end
       end
       
+      # IP endpoints configuration.
+      class IpEndpointsConfig
+        include Google::Apis::Core::Hashable
+      
+        # Configuration options for the master authorized networks feature. Enabled
+        # master authorized networks will disallow all external traffic to access
+        # Kubernetes master through HTTPS except traffic from the given CIDR blocks,
+        # Google Compute Engine Public IPs and Google Prod IPs.
+        # Corresponds to the JSON property `authorizedNetworksConfig`
+        # @return [Google::Apis::ContainerV1::MasterAuthorizedNetworksConfig]
+        attr_accessor :authorized_networks_config
+      
+        # Controls whether the control plane allows access through a public IP. It is
+        # invalid to specify both PrivateClusterConfig.enablePrivateEndpoint and this
+        # field at the same time.
+        # Corresponds to the JSON property `enablePublicEndpoint`
+        # @return [Boolean]
+        attr_accessor :enable_public_endpoint
+        alias_method :enable_public_endpoint?, :enable_public_endpoint
+      
+        # Controls whether to allow direct IP access.
+        # Corresponds to the JSON property `enabled`
+        # @return [Boolean]
+        attr_accessor :enabled
+        alias_method :enabled?, :enabled
+      
+        # Controls whether the control plane's private endpoint is accessible from
+        # sources in other regions. It is invalid to specify both
+        # PrivateClusterMasterGlobalAccessConfig.enabled and this field at the same time.
+        # Corresponds to the JSON property `globalAccess`
+        # @return [Boolean]
+        attr_accessor :global_access
+        alias_method :global_access?, :global_access
+      
+        # Output only. The internal IP address of this cluster's control plane. Only
+        # populated if enabled.
+        # Corresponds to the JSON property `privateEndpoint`
+        # @return [String]
+        attr_accessor :private_endpoint
+      
+        # Subnet to provision the master's private endpoint during cluster creation.
+        # Specified in projects/*/regions/*/subnetworks/* format. It is invalid to
+        # specify both PrivateClusterConfig.privateEndpointSubnetwork and this field at
+        # the same time.
+        # Corresponds to the JSON property `privateEndpointSubnetwork`
+        # @return [String]
+        attr_accessor :private_endpoint_subnetwork
+      
+        # Output only. The external IP address of this cluster's control plane. Only
+        # populated if enabled.
+        # Corresponds to the JSON property `publicEndpoint`
+        # @return [String]
+        attr_accessor :public_endpoint
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @authorized_networks_config = args[:authorized_networks_config] if args.key?(:authorized_networks_config)
+          @enable_public_endpoint = args[:enable_public_endpoint] if args.key?(:enable_public_endpoint)
+          @enabled = args[:enabled] if args.key?(:enabled)
+          @global_access = args[:global_access] if args.key?(:global_access)
+          @private_endpoint = args[:private_endpoint] if args.key?(:private_endpoint)
+          @private_endpoint_subnetwork = args[:private_endpoint_subnetwork] if args.key?(:private_endpoint_subnetwork)
+          @public_endpoint = args[:public_endpoint] if args.key?(:public_endpoint)
+        end
+      end
+      
       # IdentityServiceConfig is configuration for Identity Service which allows
       # customers to use external identity providers with the K8S API
       class IdentityServiceConfig
@@ -2446,6 +3476,25 @@ module Google
         end
       end
       
+      # K8sBetaAPIConfig , configuration for beta APIs
+      class K8sBetaApiConfig
+        include Google::Apis::Core::Hashable
+      
+        # Enabled k8s beta APIs.
+        # Corresponds to the JSON property `enabledApis`
+        # @return [Array<String>]
+        attr_accessor :enabled_apis
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @enabled_apis = args[:enabled_apis] if args.key?(:enabled_apis)
+        end
+      end
+      
       # Configuration for the Kubernetes Dashboard.
       class KubernetesDashboard
         include Google::Apis::Core::Hashable
@@ -2498,11 +3547,21 @@ module Google
         # @return [String]
         attr_accessor :cgroup_mode
       
+        # Hugepages amount in both 2m and 1g size
+        # Corresponds to the JSON property `hugepages`
+        # @return [Google::Apis::ContainerV1::HugepagesConfig]
+        attr_accessor :hugepages
+      
         # The Linux kernel parameters to be applied to the nodes and all pods running on
         # the nodes. The following parameters are supported. net.core.busy_poll net.core.
-        # busy_read net.core.netdev_max_backlog net.core.rmem_max net.core.wmem_default
-        # net.core.wmem_max net.core.optmem_max net.core.somaxconn net.ipv4.tcp_rmem net.
-        # ipv4.tcp_wmem net.ipv4.tcp_tw_reuse
+        # busy_read net.core.netdev_max_backlog net.core.rmem_max net.core.rmem_default
+        # net.core.wmem_default net.core.wmem_max net.core.optmem_max net.core.somaxconn
+        # net.ipv4.tcp_rmem net.ipv4.tcp_wmem net.ipv4.tcp_tw_reuse net.netfilter.
+        # nf_conntrack_max net.netfilter.nf_conntrack_buckets net.netfilter.
+        # nf_conntrack_tcp_timeout_close_wait net.netfilter.
+        # nf_conntrack_tcp_timeout_time_wait net.netfilter.
+        # nf_conntrack_tcp_timeout_established net.netfilter.nf_conntrack_acct kernel.
+        # shmmni kernel.shmmax kernel.shmall vm.max_map_count
         # Corresponds to the JSON property `sysctls`
         # @return [Hash<String,String>]
         attr_accessor :sysctls
@@ -2514,6 +3573,7 @@ module Google
         # Update properties of this object
         def update!(**args)
           @cgroup_mode = args[:cgroup_mode] if args.key?(:cgroup_mode)
+          @hugepages = args[:hugepages] if args.key?(:hugepages)
           @sysctls = args[:sysctls] if args.key?(:sysctls)
         end
       end
@@ -2618,15 +3678,22 @@ module Google
       end
       
       # LocalNvmeSsdBlockConfig contains configuration for using raw-block local NVMe
-      # SSD.
+      # SSDs
       class LocalNvmeSsdBlockConfig
         include Google::Apis::Core::Hashable
       
-        # The number of raw-block local NVMe SSD disks to be attached to the node. Each
-        # local SSD is 375 GB in size. If zero, it means no raw-block local NVMe SSD
-        # disks to be attached to the node. The limit for this value is dependent upon
-        # the maximum number of disks available on a machine per zone. See: https://
-        # cloud.google.com/compute/docs/disks/local-ssd for more information.
+        # Number of local NVMe SSDs to use. The limit for this value is dependent upon
+        # the maximum number of disk available on a machine per zone. See: https://cloud.
+        # google.com/compute/docs/disks/local-ssd for more information. A zero (or unset)
+        # value has different meanings depending on machine type being used: 1. For pre-
+        # Gen3 machines, which support flexible numbers of local ssds, zero (or unset)
+        # means to disable using local SSDs as ephemeral storage. 2. For Gen3 machines
+        # which dictate a specific number of local ssds, zero (or unset) means to use
+        # the default number of local ssds that goes with that machine type. For example,
+        # for a c3-standard-8-lssd machine, 2 local ssds would be provisioned. For c3-
+        # standard-8 (which doesn't support local ssds), 0 will be provisioned. See
+        # https://cloud.google.com/compute/docs/disks/local-ssd#choose_number_local_ssds
+        # for more info.
         # Corresponds to the JSON property `localSsdCount`
         # @return [Fixnum]
         attr_accessor :local_ssd_count
@@ -2804,8 +3871,8 @@ module Google
       class MasterAuth
         include Google::Apis::Core::Hashable
       
-        # [Output only] Base64-encoded public certificate used by clients to
-        # authenticate to the cluster endpoint.
+        # Output only. Base64-encoded public certificate used by clients to authenticate
+        # to the cluster endpoint. Issued only if client_certificate_config is set.
         # Corresponds to the JSON property `clientCertificate`
         # @return [String]
         attr_accessor :client_certificate
@@ -2815,13 +3882,13 @@ module Google
         # @return [Google::Apis::ContainerV1::ClientCertificateConfig]
         attr_accessor :client_certificate_config
       
-        # [Output only] Base64-encoded private key used by clients to authenticate to
-        # the cluster endpoint.
+        # Output only. Base64-encoded private key used by clients to authenticate to the
+        # cluster endpoint.
         # Corresponds to the JSON property `clientKey`
         # @return [String]
         attr_accessor :client_key
       
-        # [Output only] Base64-encoded public certificate that is the root of trust for
+        # Output only. Base64-encoded public certificate that is the root of trust for
         # the cluster.
         # Corresponds to the JSON property `clusterCaCertificate`
         # @return [String]
@@ -2883,12 +3950,18 @@ module Google
         attr_accessor :enabled
         alias_method :enabled?, :enabled
       
-        # Whether master is accessbile via Google Compute Engine Public IP addresses.
+        # Whether master is accessible via Google Compute Engine Public IP addresses.
         # Corresponds to the JSON property `gcpPublicCidrsAccessEnabled`
         # @return [Boolean]
         attr_accessor :gcp_public_cidrs_access_enabled
         alias_method :gcp_public_cidrs_access_enabled?, :gcp_public_cidrs_access_enabled
       
+        # Whether master authorized networks is enforced on private endpoint or not.
+        # Corresponds to the JSON property `privateEndpointEnforcementEnabled`
+        # @return [Boolean]
+        attr_accessor :private_endpoint_enforcement_enabled
+        alias_method :private_endpoint_enforcement_enabled?, :private_endpoint_enforcement_enabled
+      
         def initialize(**args)
            update!(**args)
         end
@@ -2898,6 +3971,7 @@ module Google
           @cidr_blocks = args[:cidr_blocks] if args.key?(:cidr_blocks)
           @enabled = args[:enabled] if args.key?(:enabled)
           @gcp_public_cidrs_access_enabled = args[:gcp_public_cidrs_access_enabled] if args.key?(:gcp_public_cidrs_access_enabled)
+          @private_endpoint_enforcement_enabled = args[:private_endpoint_enforcement_enabled] if args.key?(:private_endpoint_enforcement_enabled)
         end
       end
       
@@ -3005,6 +4079,12 @@ module Google
       class MonitoringConfig
         include Google::Apis::Core::Hashable
       
+        # AdvancedDatapathObservabilityConfig specifies configuration of observability
+        # features of advanced datapath.
+        # Corresponds to the JSON property `advancedDatapathObservabilityConfig`
+        # @return [Google::Apis::ContainerV1::AdvancedDatapathObservabilityConfig]
+        attr_accessor :advanced_datapath_observability_config
+      
         # MonitoringComponentConfig is cluster monitoring component configuration.
         # Corresponds to the JSON property `componentConfig`
         # @return [Google::Apis::ContainerV1::MonitoringComponentConfig]
@@ -3022,6 +4102,7 @@ module Google
       
         # Update properties of this object
         def update!(**args)
+          @advanced_datapath_observability_config = args[:advanced_datapath_observability_config] if args.key?(:advanced_datapath_observability_config)
           @component_config = args[:component_config] if args.key?(:component_config)
           @managed_prometheus_config = args[:managed_prometheus_config] if args.key?(:managed_prometheus_config)
         end
@@ -3037,17 +4118,44 @@ module Google
         # @return [String]
         attr_accessor :datapath_provider
       
+        # Controls whether by default nodes have private IP addresses only. It is
+        # invalid to specify both PrivateClusterConfig.enablePrivateNodes and this field
+        # at the same time. To update the default setting, use ClusterUpdate.
+        # desired_default_enable_private_nodes
+        # Corresponds to the JSON property `defaultEnablePrivateNodes`
+        # @return [Boolean]
+        attr_accessor :default_enable_private_nodes
+        alias_method :default_enable_private_nodes?, :default_enable_private_nodes
+      
         # DefaultSnatStatus contains the desired state of whether default sNAT should be
         # disabled on the cluster.
         # Corresponds to the JSON property `defaultSnatStatus`
         # @return [Google::Apis::ContainerV1::DefaultSnatStatus]
         attr_accessor :default_snat_status
       
+        # Disable L4 load balancer VPC firewalls to enable firewall policies.
+        # Corresponds to the JSON property `disableL4LbFirewallReconciliation`
+        # @return [Boolean]
+        attr_accessor :disable_l4_lb_firewall_reconciliation
+        alias_method :disable_l4_lb_firewall_reconciliation?, :disable_l4_lb_firewall_reconciliation
+      
         # DNSConfig contains the desired set of options for configuring clusterDNS.
         # Corresponds to the JSON property `dnsConfig`
         # @return [Google::Apis::ContainerV1::DnsConfig]
         attr_accessor :dns_config
       
+        # Whether CiliumClusterwideNetworkPolicy is enabled on this cluster.
+        # Corresponds to the JSON property `enableCiliumClusterwideNetworkPolicy`
+        # @return [Boolean]
+        attr_accessor :enable_cilium_clusterwide_network_policy
+        alias_method :enable_cilium_clusterwide_network_policy?, :enable_cilium_clusterwide_network_policy
+      
+        # Whether FQDN Network Policy is enabled on this cluster.
+        # Corresponds to the JSON property `enableFqdnNetworkPolicy`
+        # @return [Boolean]
+        attr_accessor :enable_fqdn_network_policy
+        alias_method :enable_fqdn_network_policy?, :enable_fqdn_network_policy
+      
         # Whether Intra-node visibility is enabled for this cluster. This makes same
         # node pod to pod traffic visible for VPC network.
         # Corresponds to the JSON property `enableIntraNodeVisibility`
@@ -3061,18 +4169,35 @@ module Google
         attr_accessor :enable_l4ilb_subsetting
         alias_method :enable_l4ilb_subsetting?, :enable_l4ilb_subsetting
       
+        # Whether multi-networking is enabled for this cluster.
+        # Corresponds to the JSON property `enableMultiNetworking`
+        # @return [Boolean]
+        attr_accessor :enable_multi_networking
+        alias_method :enable_multi_networking?, :enable_multi_networking
+      
         # GatewayAPIConfig contains the desired config of Gateway API on this cluster.
         # Corresponds to the JSON property `gatewayApiConfig`
         # @return [Google::Apis::ContainerV1::GatewayApiConfig]
         attr_accessor :gateway_api_config
       
-        # Output only. The relative name of the Google Compute Engine network(https://
+        # Specify the details of in-transit encryption. Now named inter-node transparent
+        # encryption.
+        # Corresponds to the JSON property `inTransitEncryptionConfig`
+        # @return [String]
+        attr_accessor :in_transit_encryption_config
+      
+        # Output only. The relative name of the Google Compute Engine [network](https://
         # cloud.google.com/compute/docs/networks-and-firewalls#networks) to which the
         # cluster is connected. Example: projects/my-project/global/networks/my-network
         # Corresponds to the JSON property `network`
         # @return [String]
         attr_accessor :network
       
+        # Configuration of network bandwidth tiers
+        # Corresponds to the JSON property `networkPerformanceConfig`
+        # @return [Google::Apis::ContainerV1::ClusterNetworkPerformanceConfig]
+        attr_accessor :network_performance_config
+      
         # The desired state of IPv6 connectivity to Google Services. By default, no
         # private IPv6 access to or from Google Services (all access will be via IPv4)
         # Corresponds to the JSON property `privateIpv6GoogleAccess`
@@ -3098,12 +4223,19 @@ module Google
         # Update properties of this object
         def update!(**args)
           @datapath_provider = args[:datapath_provider] if args.key?(:datapath_provider)
+          @default_enable_private_nodes = args[:default_enable_private_nodes] if args.key?(:default_enable_private_nodes)
           @default_snat_status = args[:default_snat_status] if args.key?(:default_snat_status)
+          @disable_l4_lb_firewall_reconciliation = args[:disable_l4_lb_firewall_reconciliation] if args.key?(:disable_l4_lb_firewall_reconciliation)
           @dns_config = args[:dns_config] if args.key?(:dns_config)
+          @enable_cilium_clusterwide_network_policy = args[:enable_cilium_clusterwide_network_policy] if args.key?(:enable_cilium_clusterwide_network_policy)
+          @enable_fqdn_network_policy = args[:enable_fqdn_network_policy] if args.key?(:enable_fqdn_network_policy)
           @enable_intra_node_visibility = args[:enable_intra_node_visibility] if args.key?(:enable_intra_node_visibility)
           @enable_l4ilb_subsetting = args[:enable_l4ilb_subsetting] if args.key?(:enable_l4ilb_subsetting)
+          @enable_multi_networking = args[:enable_multi_networking] if args.key?(:enable_multi_networking)
           @gateway_api_config = args[:gateway_api_config] if args.key?(:gateway_api_config)
+          @in_transit_encryption_config = args[:in_transit_encryption_config] if args.key?(:in_transit_encryption_config)
           @network = args[:network] if args.key?(:network)
+          @network_performance_config = args[:network_performance_config] if args.key?(:network_performance_config)
           @private_ipv6_google_access = args[:private_ipv6_google_access] if args.key?(:private_ipv6_google_access)
           @service_external_ips_config = args[:service_external_ips_config] if args.key?(:service_external_ips_config)
           @subnetwork = args[:subnetwork] if args.key?(:subnetwork)
@@ -3183,10 +4315,41 @@ module Google
       class NetworkTags
         include Google::Apis::Core::Hashable
       
-        # List of network tags.
-        # Corresponds to the JSON property `tags`
+        # List of network tags.
+        # Corresponds to the JSON property `tags`
+        # @return [Array<String>]
+        attr_accessor :tags
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @tags = args[:tags] if args.key?(:tags)
+        end
+      end
+      
+      # Specifies the NodeAffinity key, values, and affinity operator according to [
+      # shared sole tenant node group affinities](https://cloud.google.com/compute/
+      # docs/nodes/sole-tenant-nodes#node_affinity_and_anti-affinity).
+      class NodeAffinity
+        include Google::Apis::Core::Hashable
+      
+        # Key for NodeAffinity.
+        # Corresponds to the JSON property `key`
+        # @return [String]
+        attr_accessor :key
+      
+        # Operator for NodeAffinity.
+        # Corresponds to the JSON property `operator`
+        # @return [String]
+        attr_accessor :operator
+      
+        # Values for NodeAffinity.
+        # Corresponds to the JSON property `values`
         # @return [Array<String>]
-        attr_accessor :tags
+        attr_accessor :values
       
         def initialize(**args)
            update!(**args)
@@ -3194,7 +4357,9 @@ module Google
       
         # Update properties of this object
         def update!(**args)
-          @tags = args[:tags] if args.key?(:tags)
+          @key = args[:key] if args.key?(:key)
+          @operator = args[:operator] if args.key?(:operator)
+          @values = args[:values] if args.key?(:values)
         end
       end
       
@@ -3230,6 +4395,11 @@ module Google
         # @return [Google::Apis::ContainerV1::ConfidentialNodes]
         attr_accessor :confidential_nodes
       
+        # ContainerdConfig contains configuration to customize containerd.
+        # Corresponds to the JSON property `containerdConfig`
+        # @return [Google::Apis::ContainerV1::ContainerdConfig]
+        attr_accessor :containerd_config
+      
         # Size of the disk attached to each node, specified in GB. The smallest allowed
         # disk size is 10GB. If unspecified, the default disk size is 100GB.
         # Corresponds to the JSON property `diskSizeGb`
@@ -3242,8 +4412,22 @@ module Google
         # @return [String]
         attr_accessor :disk_type
       
+        # Output only. effective_cgroup_mode is the cgroup mode actually used by the
+        # node pool. It is determined by the cgroup mode specified in the
+        # LinuxNodeConfig or the default cgroup mode based on the cluster creation
+        # version.
+        # Corresponds to the JSON property `effectiveCgroupMode`
+        # @return [String]
+        attr_accessor :effective_cgroup_mode
+      
+        # Optional. Reserved for future use.
+        # Corresponds to the JSON property `enableConfidentialStorage`
+        # @return [Boolean]
+        attr_accessor :enable_confidential_storage
+        alias_method :enable_confidential_storage?, :enable_confidential_storage
+      
         # EphemeralStorageLocalSsdConfig contains configuration for the node ephemeral
-        # storage using Local SSD.
+        # storage using Local SSDs.
         # Corresponds to the JSON property `ephemeralStorageLocalSsdConfig`
         # @return [Google::Apis::ContainerV1::EphemeralStorageLocalSsdConfig]
         attr_accessor :ephemeral_storage_local_ssd_config
@@ -3265,7 +4449,8 @@ module Google
         attr_accessor :gvnic
       
         # The image type to use for this node. Note that for a given image type, the
-        # latest version of it will be used.
+        # latest version of it will be used. Please see https://cloud.google.com/
+        # kubernetes-engine/docs/concepts/node-images for available image types.
         # Corresponds to the JSON property `imageType`
         # @return [String]
         attr_accessor :image_type
@@ -3292,7 +4477,7 @@ module Google
         attr_accessor :linux_node_config
       
         # LocalNvmeSsdBlockConfig contains configuration for using raw-block local NVMe
-        # SSD.
+        # SSDs
         # Corresponds to the JSON property `localNvmeSsdBlockConfig`
         # @return [Google::Apis::ContainerV1::LocalNvmeSsdBlockConfig]
         attr_accessor :local_nvme_ssd_block_config
@@ -3305,6 +4490,12 @@ module Google
         # @return [Fixnum]
         attr_accessor :local_ssd_count
       
+        # Specifies which method should be used for encrypting the Local SSDs attached
+        # to the node.
+        # Corresponds to the JSON property `localSsdEncryptionMode`
+        # @return [String]
+        attr_accessor :local_ssd_encryption_mode
+      
         # NodePoolLoggingConfig specifies logging configuration for nodepools.
         # Corresponds to the JSON property `loggingConfig`
         # @return [Google::Apis::ContainerV1::NodePoolLoggingConfig]
@@ -3317,6 +4508,12 @@ module Google
         # @return [String]
         attr_accessor :machine_type
       
+        # The maximum duration for the nodes to exist. If unspecified, the nodes can
+        # exist indefinitely.
+        # Corresponds to the JSON property `maxRunDuration`
+        # @return [String]
+        attr_accessor :max_run_duration
+      
         # The metadata key/value pairs assigned to instances in the cluster. Keys must
         # conform to the regexp `[a-zA-Z0-9-_]+` and be less than 128 bytes in length.
         # These are reflected as part of a URL in the metadata server. Additionally, to
@@ -3386,11 +4583,31 @@ module Google
         # @return [Hash<String,String>]
         attr_accessor :resource_labels
       
+        # A map of resource manager tag keys and values to be attached to the nodes for
+        # managing Compute Engine firewalls using Network Firewall Policies. Tags must
+        # be according to specifications in https://cloud.google.com/vpc/docs/tags-
+        # firewalls-overview#specifications. A maximum of 5 tag key-value pairs can be
+        # specified. Existing tags will be replaced with new values.
+        # Corresponds to the JSON property `resourceManagerTags`
+        # @return [Google::Apis::ContainerV1::ResourceManagerTags]
+        attr_accessor :resource_manager_tags
+      
         # SandboxConfig contains configurations of the sandbox to use for the node.
         # Corresponds to the JSON property `sandboxConfig`
         # @return [Google::Apis::ContainerV1::SandboxConfig]
         attr_accessor :sandbox_config
       
+        # SecondaryBootDiskUpdateStrategy is a placeholder which will be extended in the
+        # future to define different options for updating secondary boot disks.
+        # Corresponds to the JSON property `secondaryBootDiskUpdateStrategy`
+        # @return [Google::Apis::ContainerV1::SecondaryBootDiskUpdateStrategy]
+        attr_accessor :secondary_boot_disk_update_strategy
+      
+        # List of secondary boot disks attached to the nodes.
+        # Corresponds to the JSON property `secondaryBootDisks`
+        # @return [Array<Google::Apis::ContainerV1::SecondaryBootDisk>]
+        attr_accessor :secondary_boot_disks
+      
         # The Google Cloud Platform Service Account to be used by the node VMs. Specify
         # the email address of the Service Account; otherwise, if no Service Account is
         # specified, the "default" service account is used.
@@ -3403,6 +4620,12 @@ module Google
         # @return [Google::Apis::ContainerV1::ShieldedInstanceConfig]
         attr_accessor :shielded_instance_config
       
+        # SoleTenantConfig contains the NodeAffinities to specify what shared sole
+        # tenant node groups should back the node pool.
+        # Corresponds to the JSON property `soleTenantConfig`
+        # @return [Google::Apis::ContainerV1::SoleTenantConfig]
+        attr_accessor :sole_tenant_config
+      
         # Spot flag for enabling Spot VM, which is a rebrand of the existing preemptible
         # flag.
         # Corresponds to the JSON property `spot`
@@ -3410,6 +4633,11 @@ module Google
         attr_accessor :spot
         alias_method :spot?, :spot
       
+        # List of Storage Pools where boot disks are provisioned.
+        # Corresponds to the JSON property `storagePools`
+        # @return [Array<String>]
+        attr_accessor :storage_pools
+      
         # The list of instance tags applied to all nodes. Tags are used to identify
         # valid sources or targets for network firewalls and are specified by the client
         # during cluster or node pool creation. Each tag within the list must comply
@@ -3448,8 +4676,11 @@ module Google
           @advanced_machine_features = args[:advanced_machine_features] if args.key?(:advanced_machine_features)
           @boot_disk_kms_key = args[:boot_disk_kms_key] if args.key?(:boot_disk_kms_key)
           @confidential_nodes = args[:confidential_nodes] if args.key?(:confidential_nodes)
+          @containerd_config = args[:containerd_config] if args.key?(:containerd_config)
           @disk_size_gb = args[:disk_size_gb] if args.key?(:disk_size_gb)
           @disk_type = args[:disk_type] if args.key?(:disk_type)
+          @effective_cgroup_mode = args[:effective_cgroup_mode] if args.key?(:effective_cgroup_mode)
+          @enable_confidential_storage = args[:enable_confidential_storage] if args.key?(:enable_confidential_storage)
           @ephemeral_storage_local_ssd_config = args[:ephemeral_storage_local_ssd_config] if args.key?(:ephemeral_storage_local_ssd_config)
           @fast_socket = args[:fast_socket] if args.key?(:fast_socket)
           @gcfs_config = args[:gcfs_config] if args.key?(:gcfs_config)
@@ -3460,8 +4691,10 @@ module Google
           @linux_node_config = args[:linux_node_config] if args.key?(:linux_node_config)
           @local_nvme_ssd_block_config = args[:local_nvme_ssd_block_config] if args.key?(:local_nvme_ssd_block_config)
           @local_ssd_count = args[:local_ssd_count] if args.key?(:local_ssd_count)
+          @local_ssd_encryption_mode = args[:local_ssd_encryption_mode] if args.key?(:local_ssd_encryption_mode)
           @logging_config = args[:logging_config] if args.key?(:logging_config)
           @machine_type = args[:machine_type] if args.key?(:machine_type)
+          @max_run_duration = args[:max_run_duration] if args.key?(:max_run_duration)
           @metadata = args[:metadata] if args.key?(:metadata)
           @min_cpu_platform = args[:min_cpu_platform] if args.key?(:min_cpu_platform)
           @node_group = args[:node_group] if args.key?(:node_group)
@@ -3469,10 +4702,15 @@ module Google
           @preemptible = args[:preemptible] if args.key?(:preemptible)
           @reservation_affinity = args[:reservation_affinity] if args.key?(:reservation_affinity)
           @resource_labels = args[:resource_labels] if args.key?(:resource_labels)
+          @resource_manager_tags = args[:resource_manager_tags] if args.key?(:resource_manager_tags)
           @sandbox_config = args[:sandbox_config] if args.key?(:sandbox_config)
+          @secondary_boot_disk_update_strategy = args[:secondary_boot_disk_update_strategy] if args.key?(:secondary_boot_disk_update_strategy)
+          @secondary_boot_disks = args[:secondary_boot_disks] if args.key?(:secondary_boot_disks)
           @service_account = args[:service_account] if args.key?(:service_account)
           @shielded_instance_config = args[:shielded_instance_config] if args.key?(:shielded_instance_config)
+          @sole_tenant_config = args[:sole_tenant_config] if args.key?(:sole_tenant_config)
           @spot = args[:spot] if args.key?(:spot)
+          @storage_pools = args[:storage_pools] if args.key?(:storage_pools)
           @tags = args[:tags] if args.key?(:tags)
           @taints = args[:taints] if args.key?(:taints)
           @windows_node_config = args[:windows_node_config] if args.key?(:windows_node_config)
@@ -3484,6 +4722,11 @@ module Google
       class NodeConfigDefaults
         include Google::Apis::Core::Hashable
       
+        # ContainerdConfig contains configuration to customize containerd.
+        # Corresponds to the JSON property `containerdConfig`
+        # @return [Google::Apis::ContainerV1::ContainerdConfig]
+        attr_accessor :containerd_config
+      
         # GcfsConfig contains configurations of Google Container File System (image
         # streaming).
         # Corresponds to the JSON property `gcfsConfig`
@@ -3495,14 +4738,21 @@ module Google
         # @return [Google::Apis::ContainerV1::NodePoolLoggingConfig]
         attr_accessor :logging_config
       
+        # Node kubelet configs.
+        # Corresponds to the JSON property `nodeKubeletConfig`
+        # @return [Google::Apis::ContainerV1::NodeKubeletConfig]
+        attr_accessor :node_kubelet_config
+      
         def initialize(**args)
            update!(**args)
         end
       
         # Update properties of this object
         def update!(**args)
+          @containerd_config = args[:containerd_config] if args.key?(:containerd_config)
           @gcfs_config = args[:gcfs_config] if args.key?(:gcfs_config)
           @logging_config = args[:logging_config] if args.key?(:logging_config)
+          @node_kubelet_config = args[:node_kubelet_config] if args.key?(:node_kubelet_config)
         end
       end
       
@@ -3510,6 +4760,37 @@ module Google
       class NodeKubeletConfig
         include Google::Apis::Core::Hashable
       
+        # Optional. Defines a comma-separated allowlist of unsafe sysctls or sysctl
+        # patterns (ending in `*`). The unsafe namespaced sysctl groups are `kernel.shm*`
+        # , `kernel.msg*`, `kernel.sem`, `fs.mqueue.*`, and `net.*`. Leaving this
+        # allowlist empty means they cannot be set on Pods. To allow certain sysctls or
+        # sysctl patterns to be set on Pods, list them separated by commas. For example:
+        # `kernel.msg*,net.ipv4.route.min_pmtu`. See https://kubernetes.io/docs/tasks/
+        # administer-cluster/sysctl-cluster/ for more details.
+        # Corresponds to the JSON property `allowedUnsafeSysctls`
+        # @return [Array<String>]
+        attr_accessor :allowed_unsafe_sysctls
+      
+        # Optional. Defines the maximum number of container log files that can be
+        # present for a container. See https://kubernetes.io/docs/concepts/cluster-
+        # administration/logging/#log-rotation The value must be an integer between 2
+        # and 10, inclusive. The default value is 5 if unspecified.
+        # Corresponds to the JSON property `containerLogMaxFiles`
+        # @return [Fixnum]
+        attr_accessor :container_log_max_files
+      
+        # Optional. Defines the maximum size of the container log file before it is
+        # rotated. See https://kubernetes.io/docs/concepts/cluster-administration/
+        # logging/#log-rotation Valid format is positive number + unit, e.g. 100Ki, 10Mi.
+        # Valid units are Ki, Mi, Gi. The value must be between 10Mi and 500Mi,
+        # inclusive. Note that the total container log size (container_log_max_size *
+        # container_log_max_files) cannot exceed 1% of the total storage of the node, to
+        # avoid disk pressure caused by log files. The default value is 10Mi if
+        # unspecified.
+        # Corresponds to the JSON property `containerLogMaxSize`
+        # @return [String]
+        attr_accessor :container_log_max_size
+      
         # Enable CPU CFS quota enforcement for containers that specify CPU limits. This
         # option is enabled by default which makes kubelet use CFS quota (https://www.
         # kernel.org/doc/Documentation/scheduler/sched-bwc.txt) to enforce container CPU
@@ -3540,6 +4821,50 @@ module Google
         # @return [String]
         attr_accessor :cpu_manager_policy
       
+        # Optional. Defines the percent of disk usage after which image garbage
+        # collection is always run. The percent is calculated as this field value out of
+        # 100. The value must be between 10 and 85, inclusive and greater than
+        # image_gc_low_threshold_percent. The default value is 85 if unspecified.
+        # Corresponds to the JSON property `imageGcHighThresholdPercent`
+        # @return [Fixnum]
+        attr_accessor :image_gc_high_threshold_percent
+      
+        # Optional. Defines the percent of disk usage before which image garbage
+        # collection is never run. Lowest disk usage to garbage collect to. The percent
+        # is calculated as this field value out of 100. The value must be between 10 and
+        # 85, inclusive and smaller than image_gc_high_threshold_percent. The default
+        # value is 80 if unspecified.
+        # Corresponds to the JSON property `imageGcLowThresholdPercent`
+        # @return [Fixnum]
+        attr_accessor :image_gc_low_threshold_percent
+      
+        # Optional. Defines the maximum age an image can be unused before it is garbage
+        # collected. The string must be a sequence of decimal numbers, each with
+        # optional fraction and a unit suffix, such as "300s", "1.5h", and "2h45m".
+        # Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". The value must
+        # be a positive duration greater than image_minimum_gc_age or "0s". The default
+        # value is "0s" if unspecified, which disables this field, meaning images won't
+        # be garbage collected based on being unused for too long.
+        # Corresponds to the JSON property `imageMaximumGcAge`
+        # @return [String]
+        attr_accessor :image_maximum_gc_age
+      
+        # Optional. Defines the minimum age for an unused image before it is garbage
+        # collected. The string must be a sequence of decimal numbers, each with
+        # optional fraction and a unit suffix, such as "300s", "1.5h", and "2h45m".
+        # Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". The value must
+        # be a positive duration less than or equal to 2 minutes. The default value is "
+        # 2m0s" if unspecified.
+        # Corresponds to the JSON property `imageMinimumGcAge`
+        # @return [String]
+        attr_accessor :image_minimum_gc_age
+      
+        # Enable or disable Kubelet read only port.
+        # Corresponds to the JSON property `insecureKubeletReadonlyPortEnabled`
+        # @return [Boolean]
+        attr_accessor :insecure_kubelet_readonly_port_enabled
+        alias_method :insecure_kubelet_readonly_port_enabled?, :insecure_kubelet_readonly_port_enabled
+      
         # Set the Pod PID limits. See https://kubernetes.io/docs/concepts/policy/pid-
         # limiting/#pod-pid-limits Controls the maximum number of processes allowed to
         # run in a pod. The value must be greater than or equal to 1024 and less than
@@ -3554,9 +4879,17 @@ module Google
       
         # Update properties of this object
         def update!(**args)
+          @allowed_unsafe_sysctls = args[:allowed_unsafe_sysctls] if args.key?(:allowed_unsafe_sysctls)
+          @container_log_max_files = args[:container_log_max_files] if args.key?(:container_log_max_files)
+          @container_log_max_size = args[:container_log_max_size] if args.key?(:container_log_max_size)
           @cpu_cfs_quota = args[:cpu_cfs_quota] if args.key?(:cpu_cfs_quota)
           @cpu_cfs_quota_period = args[:cpu_cfs_quota_period] if args.key?(:cpu_cfs_quota_period)
           @cpu_manager_policy = args[:cpu_manager_policy] if args.key?(:cpu_manager_policy)
+          @image_gc_high_threshold_percent = args[:image_gc_high_threshold_percent] if args.key?(:image_gc_high_threshold_percent)
+          @image_gc_low_threshold_percent = args[:image_gc_low_threshold_percent] if args.key?(:image_gc_low_threshold_percent)
+          @image_maximum_gc_age = args[:image_maximum_gc_age] if args.key?(:image_maximum_gc_age)
+          @image_minimum_gc_age = args[:image_minimum_gc_age] if args.key?(:image_minimum_gc_age)
+          @insecure_kubelet_readonly_port_enabled = args[:insecure_kubelet_readonly_port_enabled] if args.key?(:insecure_kubelet_readonly_port_enabled)
           @pod_pids_limit = args[:pod_pids_limit] if args.key?(:pod_pids_limit)
         end
       end
@@ -3625,6 +4958,18 @@ module Google
       class NodeNetworkConfig
         include Google::Apis::Core::Hashable
       
+        # We specify the additional node networks for this node pool using this list.
+        # Each node network corresponds to an additional interface
+        # Corresponds to the JSON property `additionalNodeNetworkConfigs`
+        # @return [Array<Google::Apis::ContainerV1::AdditionalNodeNetworkConfig>]
+        attr_accessor :additional_node_network_configs
+      
+        # We specify the additional pod networks for this node pool using this list.
+        # Each pod network corresponds to an additional alias IP range for the node
+        # Corresponds to the JSON property `additionalPodNetworkConfigs`
+        # @return [Array<Google::Apis::ContainerV1::AdditionalPodNetworkConfig>]
+        attr_accessor :additional_pod_network_configs
+      
         # Input only. Whether to create a new range for pod IPs in this node pool.
         # Defaults are provided for `pod_range` and `pod_ipv4_cidr_block` if they are
         # not specified. If neither `create_pod_range` or `pod_range` are specified, the
@@ -3637,8 +4982,8 @@ module Google
         alias_method :create_pod_range?, :create_pod_range
       
         # Whether nodes have internal IP addresses only. If enable_private_nodes is not
-        # specified, then the value is derived from cluster.privateClusterConfig.
-        # enablePrivateNodes
+        # specified, then the value is derived from Cluster.NetworkConfig.
+        # default_enable_private_nodes
         # Corresponds to the JSON property `enablePrivateNodes`
         # @return [Boolean]
         attr_accessor :enable_private_nodes
@@ -3649,6 +4994,11 @@ module Google
         # @return [Google::Apis::ContainerV1::NetworkPerformanceConfig]
         attr_accessor :network_performance_config
       
+        # [PRIVATE FIELD] Config for pod CIDR size overprovisioning.
+        # Corresponds to the JSON property `podCidrOverprovisionConfig`
+        # @return [Google::Apis::ContainerV1::PodCidrOverprovisionConfig]
+        attr_accessor :pod_cidr_overprovision_config
+      
         # The IP address range for pod IPs in this node pool. Only applicable if `
         # create_pod_range` is true. Set to blank to have a range chosen with the
         # default size. Set to /netmask (e.g. `/14`) to have a range chosen with a
@@ -3660,6 +5010,13 @@ module Google
         # @return [String]
         attr_accessor :pod_ipv4_cidr_block
       
+        # Output only. The utilization of the IPv4 range for the pod. The ratio is Usage/
+        # [Total number of IPs in the secondary range], Usage=numNodes*numZones*
+        # podIPsPerNode.
+        # Corresponds to the JSON property `podIpv4RangeUtilization`
+        # @return [Float]
+        attr_accessor :pod_ipv4_range_utilization
+      
         # The ID of the secondary range for pod IPs. If `create_pod_range` is true, this
         # ID is used for the new range. If `create_pod_range` is false, uses an existing
         # secondary range with this ID. Only applicable if `ip_allocation_policy.
@@ -3675,10 +5032,14 @@ module Google
       
         # Update properties of this object
         def update!(**args)
+          @additional_node_network_configs = args[:additional_node_network_configs] if args.key?(:additional_node_network_configs)
+          @additional_pod_network_configs = args[:additional_pod_network_configs] if args.key?(:additional_pod_network_configs)
           @create_pod_range = args[:create_pod_range] if args.key?(:create_pod_range)
           @enable_private_nodes = args[:enable_private_nodes] if args.key?(:enable_private_nodes)
           @network_performance_config = args[:network_performance_config] if args.key?(:network_performance_config)
+          @pod_cidr_overprovision_config = args[:pod_cidr_overprovision_config] if args.key?(:pod_cidr_overprovision_config)
           @pod_ipv4_cidr_block = args[:pod_ipv4_cidr_block] if args.key?(:pod_ipv4_cidr_block)
+          @pod_ipv4_range_utilization = args[:pod_ipv4_range_utilization] if args.key?(:pod_ipv4_range_utilization)
           @pod_range = args[:pod_range] if args.key?(:pod_range)
         end
       end
@@ -3692,12 +5053,22 @@ module Google
       class NodePool
         include Google::Apis::Core::Hashable
       
+        # AutopilotConfig contains configuration of autopilot feature for this nodepool.
+        # Corresponds to the JSON property `autopilotConfig`
+        # @return [Google::Apis::ContainerV1::AutopilotConfig]
+        attr_accessor :autopilot_config
+      
         # NodePoolAutoscaling contains information required by cluster autoscaler to
         # adjust the size of the node pool to the current cluster usage.
         # Corresponds to the JSON property `autoscaling`
         # @return [Google::Apis::ContainerV1::NodePoolAutoscaling]
         attr_accessor :autoscaling
       
+        # Best effort provisioning.
+        # Corresponds to the JSON property `bestEffortProvisioning`
+        # @return [Google::Apis::ContainerV1::BestEffortProvisioning]
+        attr_accessor :best_effort_provisioning
+      
         # Which conditions caused the current node pool state.
         # Corresponds to the JSON property `conditions`
         # @return [Array<Google::Apis::ContainerV1::StatusCondition>]
@@ -3725,7 +5096,7 @@ module Google
         # @return [Fixnum]
         attr_accessor :initial_node_count
       
-        # [Output only] The resource URLs of the [managed instance groups](https://cloud.
+        # Output only. The resource URLs of the [managed instance groups](https://cloud.
         # google.com/compute/docs/instance-groups/creating-groups-of-managed-instances)
         # associated with this node pool. During the node pool blue-green upgrade
         # operation, the URLs contain both blue and green resources.
@@ -3769,22 +5140,27 @@ module Google
         # @return [Google::Apis::ContainerV1::PlacementPolicy]
         attr_accessor :placement_policy
       
-        # [Output only] The pod CIDR block size per node in this node pool.
+        # Output only. The pod CIDR block size per node in this node pool.
         # Corresponds to the JSON property `podIpv4CidrSize`
         # @return [Fixnum]
         attr_accessor :pod_ipv4_cidr_size
       
-        # [Output only] Server-defined URL for the resource.
+        # QueuedProvisioning defines the queued provisioning used by the node pool.
+        # Corresponds to the JSON property `queuedProvisioning`
+        # @return [Google::Apis::ContainerV1::QueuedProvisioning]
+        attr_accessor :queued_provisioning
+      
+        # Output only. Server-defined URL for the resource.
         # Corresponds to the JSON property `selfLink`
         # @return [String]
         attr_accessor :self_link
       
-        # [Output only] The status of the nodes in this pool instance.
+        # Output only. The status of the nodes in this pool instance.
         # Corresponds to the JSON property `status`
         # @return [String]
         attr_accessor :status
       
-        # [Output only] Deprecated. Use conditions instead. Additional information about
+        # Output only. Deprecated. Use conditions instead. Additional information about
         # the current status of this node pool instance, if available.
         # Corresponds to the JSON property `statusMessage`
         # @return [String]
@@ -3831,7 +5207,9 @@ module Google
         # @return [Google::Apis::ContainerV1::UpgradeSettings]
         attr_accessor :upgrade_settings
       
-        # The version of the Kubernetes of this node.
+        # The version of Kubernetes running on this NodePool's nodes. If unspecified, it
+        # defaults as described [here](https://cloud.google.com/kubernetes-engine/
+        # versioning#specifying_node_version).
         # Corresponds to the JSON property `version`
         # @return [String]
         attr_accessor :version
@@ -3842,7 +5220,9 @@ module Google
       
         # Update properties of this object
         def update!(**args)
+          @autopilot_config = args[:autopilot_config] if args.key?(:autopilot_config)
           @autoscaling = args[:autoscaling] if args.key?(:autoscaling)
+          @best_effort_provisioning = args[:best_effort_provisioning] if args.key?(:best_effort_provisioning)
           @conditions = args[:conditions] if args.key?(:conditions)
           @config = args[:config] if args.key?(:config)
           @etag = args[:etag] if args.key?(:etag)
@@ -3855,6 +5235,7 @@ module Google
           @network_config = args[:network_config] if args.key?(:network_config)
           @placement_policy = args[:placement_policy] if args.key?(:placement_policy)
           @pod_ipv4_cidr_size = args[:pod_ipv4_cidr_size] if args.key?(:pod_ipv4_cidr_size)
+          @queued_provisioning = args[:queued_provisioning] if args.key?(:queued_provisioning)
           @self_link = args[:self_link] if args.key?(:self_link)
           @status = args[:status] if args.key?(:status)
           @status_message = args[:status_message] if args.key?(:status_message)
@@ -3869,19 +5250,41 @@ module Google
       class NodePoolAutoConfig
         include Google::Apis::Core::Hashable
       
+        # Parameters that can be configured on Linux nodes.
+        # Corresponds to the JSON property `linuxNodeConfig`
+        # @return [Google::Apis::ContainerV1::LinuxNodeConfig]
+        attr_accessor :linux_node_config
+      
         # Collection of Compute Engine network tags that can be applied to a node's
         # underlying VM instance.
         # Corresponds to the JSON property `networkTags`
         # @return [Google::Apis::ContainerV1::NetworkTags]
         attr_accessor :network_tags
       
+        # Node kubelet configs.
+        # Corresponds to the JSON property `nodeKubeletConfig`
+        # @return [Google::Apis::ContainerV1::NodeKubeletConfig]
+        attr_accessor :node_kubelet_config
+      
+        # A map of resource manager tag keys and values to be attached to the nodes for
+        # managing Compute Engine firewalls using Network Firewall Policies. Tags must
+        # be according to specifications in https://cloud.google.com/vpc/docs/tags-
+        # firewalls-overview#specifications. A maximum of 5 tag key-value pairs can be
+        # specified. Existing tags will be replaced with new values.
+        # Corresponds to the JSON property `resourceManagerTags`
+        # @return [Google::Apis::ContainerV1::ResourceManagerTags]
+        attr_accessor :resource_manager_tags
+      
         def initialize(**args)
            update!(**args)
         end
       
         # Update properties of this object
         def update!(**args)
+          @linux_node_config = args[:linux_node_config] if args.key?(:linux_node_config)
           @network_tags = args[:network_tags] if args.key?(:network_tags)
+          @node_kubelet_config = args[:node_kubelet_config] if args.key?(:node_kubelet_config)
+          @resource_manager_tags = args[:resource_manager_tags] if args.key?(:resource_manager_tags)
         end
       end
       
@@ -3907,19 +5310,19 @@ module Google
         # @return [String]
         attr_accessor :location_policy
       
-        # Maximum number of nodes for one location in the NodePool. Must be >=
+        # Maximum number of nodes for one location in the node pool. Must be >=
         # min_node_count. There has to be enough quota to scale up the cluster.
         # Corresponds to the JSON property `maxNodeCount`
         # @return [Fixnum]
         attr_accessor :max_node_count
       
-        # Minimum number of nodes for one location in the NodePool. Must be >= 1 and <=
-        # max_node_count.
+        # Minimum number of nodes for one location in the node pool. Must be greater
+        # than or equal to 0 and less than or equal to max_node_count.
         # Corresponds to the JSON property `minNodeCount`
         # @return [Fixnum]
         attr_accessor :min_node_count
       
-        # Maximum number of nodes in the node pool. Must be greater than
+        # Maximum number of nodes in the node pool. Must be greater than or equal to
         # total_min_node_count. There has to be enough quota to scale up the cluster.
         # The total_*_node_count fields are mutually exclusive with the *_node_count
         # fields.
@@ -3927,9 +5330,9 @@ module Google
         # @return [Fixnum]
         attr_accessor :total_max_node_count
       
-        # Minimum number of nodes in the node pool. Must be greater than 1 less than
-        # total_max_node_count. The total_*_node_count fields are mutually exclusive
-        # with the *_node_count fields.
+        # Minimum number of nodes in the node pool. Must be greater than or equal to 0
+        # and less than or equal to total_max_node_count. The total_*_node_count fields
+        # are mutually exclusive with the *_node_count fields.
         # Corresponds to the JSON property `totalMinNodeCount`
         # @return [Fixnum]
         attr_accessor :total_min_node_count
@@ -3988,7 +5391,7 @@ module Google
         end
       end
       
-      # Kubernetes taint is comprised of three fields: key, value, and effect. Effect
+      # Kubernetes taint is composed of three fields: key, value, and effect. Effect
       # can only be one of three types: NoSchedule, PreferNoSchedule or NoExecute. See
       # [here](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration)
       # for more information, including usage and the valid values.
@@ -4072,12 +5475,12 @@ module Google
         # @return [Array<Google::Apis::ContainerV1::StatusCondition>]
         attr_accessor :cluster_conditions
       
-        # Detailed operation progress, if available.
+        # Output only. Detailed operation progress, if available.
         # Corresponds to the JSON property `detail`
         # @return [String]
         attr_accessor :detail
       
-        # [Output only] The time the operation completed, in [RFC3339](https://www.ietf.
+        # Output only. The time the operation completed, in [RFC3339](https://www.ietf.
         # org/rfc/rfc3339.txt) text format.
         # Corresponds to the JSON property `endTime`
         # @return [String]
@@ -4093,15 +5496,15 @@ module Google
         # @return [Google::Apis::ContainerV1::Status]
         attr_accessor :error
       
-        # [Output only] The name of the Google Compute Engine [zone](https://cloud.
-        # google.com/compute/docs/regions-zones/regions-zones#available) or [region](
-        # https://cloud.google.com/compute/docs/regions-zones/regions-zones#available)
-        # in which the cluster resides.
+        # Output only. The name of the Google Compute Engine [zone](https://cloud.google.
+        # com/compute/docs/regions-zones/regions-zones#available) or [region](https://
+        # cloud.google.com/compute/docs/regions-zones/regions-zones#available) in which
+        # the cluster resides.
         # Corresponds to the JSON property `location`
         # @return [String]
         attr_accessor :location
       
-        # The server-assigned ID for the operation.
+        # Output only. The server-assigned ID for the operation.
         # Corresponds to the JSON property `name`
         # @return [String]
         attr_accessor :name
@@ -4112,7 +5515,7 @@ module Google
         # @return [Array<Google::Apis::ContainerV1::StatusCondition>]
         attr_accessor :nodepool_conditions
       
-        # The operation type.
+        # Output only. The operation type.
         # Corresponds to the JSON property `operationType`
         # @return [String]
         attr_accessor :operation_type
@@ -4122,18 +5525,20 @@ module Google
         # @return [Google::Apis::ContainerV1::OperationProgress]
         attr_accessor :progress
       
-        # Server-defined URL for the resource.
+        # Output only. Server-defined URI for the operation. Example: `https://container.
+        # googleapis.com/v1alpha1/projects/123/locations/us-central1/operations/
+        # operation-123`.
         # Corresponds to the JSON property `selfLink`
         # @return [String]
         attr_accessor :self_link
       
-        # [Output only] The time the operation started, in [RFC3339](https://www.ietf.
-        # org/rfc/rfc3339.txt) text format.
+        # Output only. The time the operation started, in [RFC3339](https://www.ietf.org/
+        # rfc/rfc3339.txt) text format.
         # Corresponds to the JSON property `startTime`
         # @return [String]
         attr_accessor :start_time
       
-        # The current status of the operation.
+        # Output only. The current status of the operation.
         # Corresponds to the JSON property `status`
         # @return [String]
         attr_accessor :status
@@ -4144,14 +5549,21 @@ module Google
         # @return [String]
         attr_accessor :status_message
       
-        # Server-defined URL for the target of the operation.
+        # Output only. Server-defined URI for the target of the operation. The format of
+        # this is a URI to the resource being modified (such as a cluster, node pool, or
+        # node). For node pool repairs, there may be multiple nodes being repaired, but
+        # only one will be the target. Examples: - ## `https://container.googleapis.com/
+        # v1/projects/123/locations/us-central1/clusters/my-cluster` ## `https://
+        # container.googleapis.com/v1/projects/123/zones/us-central1-c/clusters/my-
+        # cluster/nodePools/my-np` `https://container.googleapis.com/v1/projects/123/
+        # zones/us-central1-c/clusters/my-cluster/nodePools/my-np/node/my-node`
         # Corresponds to the JSON property `targetLink`
         # @return [String]
         attr_accessor :target_link
       
-        # The name of the Google Compute Engine [zone](https://cloud.google.com/compute/
-        # docs/zones#available) in which the operation is taking place. This field is
-        # deprecated, use location instead.
+        # Output only. The name of the Google Compute Engine [zone](https://cloud.google.
+        # com/compute/docs/zones#available) in which the operation is taking place. This
+        # field is deprecated, use location instead.
         # Corresponds to the JSON property `zone`
         # @return [String]
         attr_accessor :zone
@@ -4180,6 +5592,38 @@ module Google
         end
       end
       
+      # OperationError records errors seen from CloudKMS keys encountered during
+      # updates to DatabaseEncryption configuration.
+      class OperationError
+        include Google::Apis::Core::Hashable
+      
+        # Description of the error seen during the operation.
+        # Corresponds to the JSON property `errorMessage`
+        # @return [String]
+        attr_accessor :error_message
+      
+        # CloudKMS key resource that had the error.
+        # Corresponds to the JSON property `keyName`
+        # @return [String]
+        attr_accessor :key_name
+      
+        # Time when the CloudKMS error was seen.
+        # Corresponds to the JSON property `timestamp`
+        # @return [String]
+        attr_accessor :timestamp
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @error_message = args[:error_message] if args.key?(:error_message)
+          @key_name = args[:key_name] if args.key?(:key_name)
+          @timestamp = args[:timestamp] if args.key?(:timestamp)
+        end
+      end
+      
       # Information about operation (or operation stage) progress.
       class OperationProgress
         include Google::Apis::Core::Hashable
@@ -4220,10 +5664,70 @@ module Google
         end
       end
       
+      # Configuration for the Cloud Storage Parallelstore CSI driver.
+      class ParallelstoreCsiDriverConfig
+        include Google::Apis::Core::Hashable
+      
+        # Whether the Cloud Storage Parallelstore CSI driver is enabled for this cluster.
+        # Corresponds to the JSON property `enabled`
+        # @return [Boolean]
+        attr_accessor :enabled
+        alias_method :enabled?, :enabled
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @enabled = args[:enabled] if args.key?(:enabled)
+        end
+      end
+      
+      # ParentProductConfig is the configuration of the parent product of the cluster.
+      # This field is used by Google internal products that are built on top of a GKE
+      # cluster and take the ownership of the cluster.
+      class ParentProductConfig
+        include Google::Apis::Core::Hashable
+      
+        # Labels contain the configuration of the parent product.
+        # Corresponds to the JSON property `labels`
+        # @return [Hash<String,String>]
+        attr_accessor :labels
+      
+        # Name of the parent product associated with the cluster.
+        # Corresponds to the JSON property `productName`
+        # @return [String]
+        attr_accessor :product_name
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @labels = args[:labels] if args.key?(:labels)
+          @product_name = args[:product_name] if args.key?(:product_name)
+        end
+      end
+      
       # PlacementPolicy defines the placement policy used by the node pool.
       class PlacementPolicy
         include Google::Apis::Core::Hashable
       
+        # If set, refers to the name of a custom resource policy supplied by the user.
+        # The resource policy must be in the same project and region as the node pool.
+        # If not found, InvalidArgument error is returned.
+        # Corresponds to the JSON property `policyName`
+        # @return [String]
+        attr_accessor :policy_name
+      
+        # Optional. TPU placement topology for pod slice node pool. https://cloud.google.
+        # com/tpu/docs/types-topologies#tpu_topologies
+        # Corresponds to the JSON property `tpuTopology`
+        # @return [String]
+        attr_accessor :tpu_topology
+      
         # The type of placement.
         # Corresponds to the JSON property `type`
         # @return [String]
@@ -4235,15 +5739,42 @@ module Google
       
         # Update properties of this object
         def update!(**args)
+          @policy_name = args[:policy_name] if args.key?(:policy_name)
+          @tpu_topology = args[:tpu_topology] if args.key?(:tpu_topology)
           @type = args[:type] if args.key?(:type)
         end
       end
       
+      # [PRIVATE FIELD] Config for pod CIDR size overprovisioning.
+      class PodCidrOverprovisionConfig
+        include Google::Apis::Core::Hashable
+      
+        # Whether Pod CIDR overprovisioning is disabled. Note: Pod CIDR overprovisioning
+        # is enabled by default.
+        # Corresponds to the JSON property `disable`
+        # @return [Boolean]
+        attr_accessor :disable
+        alias_method :disable?, :disable
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @disable = args[:disable] if args.key?(:disable)
+        end
+      end
+      
       # Configuration options for private clusters.
       class PrivateClusterConfig
         include Google::Apis::Core::Hashable
       
         # Whether the master's internal IP address is used as the cluster endpoint.
+        # Deprecated: Use ControlPlaneEndpointsConfig.IPEndpointsConfig.
+        # enable_public_endpoint instead. Note that the value of enable_public_endpoint
+        # is reversed: if enable_private_endpoint is false, then enable_public_endpoint
+        # will be true.
         # Corresponds to the JSON property `enablePrivateEndpoint`
         # @return [Boolean]
         attr_accessor :enable_private_endpoint
@@ -4251,7 +5782,7 @@ module Google
       
         # Whether nodes have internal IP addresses only. If enabled, all nodes are given
         # only RFC 1918 private addresses and communicate with the master via private
-        # networking.
+        # networking. Deprecated: Use NetworkConfig.default_enable_private_nodes instead.
         # Corresponds to the JSON property `enablePrivateNodes`
         # @return [Boolean]
         attr_accessor :enable_private_nodes
@@ -4276,17 +5807,23 @@ module Google
         attr_accessor :peering_name
       
         # Output only. The internal IP address of this cluster's master endpoint.
+        # Deprecated: Use ControlPlaneEndpointsConfig.IPEndpointsConfig.private_endpoint
+        # instead.
         # Corresponds to the JSON property `privateEndpoint`
         # @return [String]
         attr_accessor :private_endpoint
       
         # Subnet to provision the master's private endpoint during cluster creation.
-        # Specified in projects/*/regions/*/subnetworks/* format.
+        # Specified in projects/*/regions/*/subnetworks/* format. Deprecated: Use
+        # ControlPlaneEndpointsConfig.IPEndpointsConfig.private_endpoint_subnetwork
+        # instead.
         # Corresponds to the JSON property `privateEndpointSubnetwork`
         # @return [String]
         attr_accessor :private_endpoint_subnetwork
       
         # Output only. The external IP address of this cluster's master endpoint.
+        # Deprecated:Use ControlPlaneEndpointsConfig.IPEndpointsConfig.public_endpoint
+        # instead.
         # Corresponds to the JSON property `publicEndpoint`
         # @return [String]
         attr_accessor :public_endpoint
@@ -4328,6 +5865,33 @@ module Google
         end
       end
       
+      # PrivateRegistryAccessConfig contains access configuration for private
+      # container registries.
+      class PrivateRegistryAccessConfig
+        include Google::Apis::Core::Hashable
+      
+        # Private registry access configuration.
+        # Corresponds to the JSON property `certificateAuthorityDomainConfig`
+        # @return [Array<Google::Apis::ContainerV1::CertificateAuthorityDomainConfig>]
+        attr_accessor :certificate_authority_domain_config
+      
+        # Private registry access is enabled.
+        # Corresponds to the JSON property `enabled`
+        # @return [Boolean]
+        attr_accessor :enabled
+        alias_method :enabled?, :enabled
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @certificate_authority_domain_config = args[:certificate_authority_domain_config] if args.key?(:certificate_authority_domain_config)
+          @enabled = args[:enabled] if args.key?(:enabled)
+        end
+      end
+      
       # Pub/Sub specific notification config.
       class PubSub
         include Google::Apis::Core::Hashable
@@ -4359,8 +5923,156 @@ module Google
         # Update properties of this object
         def update!(**args)
           @enabled = args[:enabled] if args.key?(:enabled)
-          @filter = args[:filter] if args.key?(:filter)
-          @topic = args[:topic] if args.key?(:topic)
+          @filter = args[:filter] if args.key?(:filter)
+          @topic = args[:topic] if args.key?(:topic)
+        end
+      end
+      
+      # QueuedProvisioning defines the queued provisioning used by the node pool.
+      class QueuedProvisioning
+        include Google::Apis::Core::Hashable
+      
+        # Denotes that this nodepool is QRM specific, meaning nodes can be only obtained
+        # through queuing via the Cluster Autoscaler ProvisioningRequest API.
+        # Corresponds to the JSON property `enabled`
+        # @return [Boolean]
+        attr_accessor :enabled
+        alias_method :enabled?, :enabled
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @enabled = args[:enabled] if args.key?(:enabled)
+        end
+      end
+      
+      # RBACBindingConfig allows user to restrict ClusterRoleBindings an RoleBindings
+      # that can be created.
+      class RbacBindingConfig
+        include Google::Apis::Core::Hashable
+      
+        # Setting this to true will allow any ClusterRoleBinding and RoleBinding with
+        # subjects system:authenticated.
+        # Corresponds to the JSON property `enableInsecureBindingSystemAuthenticated`
+        # @return [Boolean]
+        attr_accessor :enable_insecure_binding_system_authenticated
+        alias_method :enable_insecure_binding_system_authenticated?, :enable_insecure_binding_system_authenticated
+      
+        # Setting this to true will allow any ClusterRoleBinding and RoleBinding with
+        # subjets system:anonymous or system:unauthenticated.
+        # Corresponds to the JSON property `enableInsecureBindingSystemUnauthenticated`
+        # @return [Boolean]
+        attr_accessor :enable_insecure_binding_system_unauthenticated
+        alias_method :enable_insecure_binding_system_unauthenticated?, :enable_insecure_binding_system_unauthenticated
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @enable_insecure_binding_system_authenticated = args[:enable_insecure_binding_system_authenticated] if args.key?(:enable_insecure_binding_system_authenticated)
+          @enable_insecure_binding_system_unauthenticated = args[:enable_insecure_binding_system_unauthenticated] if args.key?(:enable_insecure_binding_system_unauthenticated)
+        end
+      end
+      
+      # RangeInfo contains the range name and the range utilization by this cluster.
+      class RangeInfo
+        include Google::Apis::Core::Hashable
+      
+        # Output only. Name of a range.
+        # Corresponds to the JSON property `rangeName`
+        # @return [String]
+        attr_accessor :range_name
+      
+        # Output only. The utilization of the range.
+        # Corresponds to the JSON property `utilization`
+        # @return [Float]
+        attr_accessor :utilization
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @range_name = args[:range_name] if args.key?(:range_name)
+          @utilization = args[:utilization] if args.key?(:utilization)
+        end
+      end
+      
+      # RayClusterLoggingConfig specifies configuration of Ray logging.
+      class RayClusterLoggingConfig
+        include Google::Apis::Core::Hashable
+      
+        # Enable log collection for Ray clusters.
+        # Corresponds to the JSON property `enabled`
+        # @return [Boolean]
+        attr_accessor :enabled
+        alias_method :enabled?, :enabled
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @enabled = args[:enabled] if args.key?(:enabled)
+        end
+      end
+      
+      # RayClusterMonitoringConfig specifies monitoring configuration for Ray clusters.
+      class RayClusterMonitoringConfig
+        include Google::Apis::Core::Hashable
+      
+        # Enable metrics collection for Ray clusters.
+        # Corresponds to the JSON property `enabled`
+        # @return [Boolean]
+        attr_accessor :enabled
+        alias_method :enabled?, :enabled
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @enabled = args[:enabled] if args.key?(:enabled)
+        end
+      end
+      
+      # Configuration options for the Ray Operator add-on.
+      class RayOperatorConfig
+        include Google::Apis::Core::Hashable
+      
+        # Whether the Ray Operator addon is enabled for this cluster.
+        # Corresponds to the JSON property `enabled`
+        # @return [Boolean]
+        attr_accessor :enabled
+        alias_method :enabled?, :enabled
+      
+        # RayClusterLoggingConfig specifies configuration of Ray logging.
+        # Corresponds to the JSON property `rayClusterLoggingConfig`
+        # @return [Google::Apis::ContainerV1::RayClusterLoggingConfig]
+        attr_accessor :ray_cluster_logging_config
+      
+        # RayClusterMonitoringConfig specifies monitoring configuration for Ray clusters.
+        # Corresponds to the JSON property `rayClusterMonitoringConfig`
+        # @return [Google::Apis::ContainerV1::RayClusterMonitoringConfig]
+        attr_accessor :ray_cluster_monitoring_config
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @enabled = args[:enabled] if args.key?(:enabled)
+          @ray_cluster_logging_config = args[:ray_cluster_logging_config] if args.key?(:ray_cluster_logging_config)
+          @ray_cluster_monitoring_config = args[:ray_cluster_monitoring_config] if args.key?(:ray_cluster_monitoring_config)
         end
       end
       
@@ -4439,6 +6151,11 @@ module Google
         # @return [String]
         attr_accessor :default_version
       
+        # The auto upgrade target version for clusters on the channel.
+        # Corresponds to the JSON property `upgradeTargetVersion`
+        # @return [String]
+        attr_accessor :upgrade_target_version
+      
         # List of valid versions for the channel.
         # Corresponds to the JSON property `validVersions`
         # @return [Array<String>]
@@ -4452,6 +6169,7 @@ module Google
         def update!(**args)
           @channel = args[:channel] if args.key?(:channel)
           @default_version = args[:default_version] if args.key?(:default_version)
+          @upgrade_target_version = args[:upgrade_target_version] if args.key?(:upgrade_target_version)
           @valid_versions = args[:valid_versions] if args.key?(:valid_versions)
         end
       end
@@ -4543,6 +6261,31 @@ module Google
         end
       end
       
+      # A map of resource manager tag keys and values to be attached to the nodes for
+      # managing Compute Engine firewalls using Network Firewall Policies. Tags must
+      # be according to specifications in https://cloud.google.com/vpc/docs/tags-
+      # firewalls-overview#specifications. A maximum of 5 tag key-value pairs can be
+      # specified. Existing tags will be replaced with new values.
+      class ResourceManagerTags
+        include Google::Apis::Core::Hashable
+      
+        # TagKeyValue must be in one of the following formats ([KEY]=[VALUE]) 1. `
+        # tagKeys/`tag_key_id`=tagValues/`tag_value_id`` 2. ``org_id`/`tag_key_name`=`
+        # tag_value_name`` 3. ``project_id`/`tag_key_name`=`tag_value_name``
+        # Corresponds to the JSON property `tags`
+        # @return [Hash<String,String>]
+        attr_accessor :tags
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @tags = args[:tags] if args.key?(:tags)
+        end
+      end
+      
       # Configuration for exporting cluster resource usages.
       class ResourceUsageExportConfig
         include Google::Apis::Core::Hashable
@@ -4655,6 +6398,66 @@ module Google
         end
       end
       
+      # SecondaryBootDisk represents a persistent disk attached to a node with special
+      # configurations based on its mode.
+      class SecondaryBootDisk
+        include Google::Apis::Core::Hashable
+      
+        # Fully-qualified resource ID for an existing disk image.
+        # Corresponds to the JSON property `diskImage`
+        # @return [String]
+        attr_accessor :disk_image
+      
+        # Disk mode (container image cache, etc.)
+        # Corresponds to the JSON property `mode`
+        # @return [String]
+        attr_accessor :mode
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @disk_image = args[:disk_image] if args.key?(:disk_image)
+          @mode = args[:mode] if args.key?(:mode)
+        end
+      end
+      
+      # SecondaryBootDiskUpdateStrategy is a placeholder which will be extended in the
+      # future to define different options for updating secondary boot disks.
+      class SecondaryBootDiskUpdateStrategy
+        include Google::Apis::Core::Hashable
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+        end
+      end
+      
+      # SecretManagerConfig is config for secret manager enablement.
+      class SecretManagerConfig
+        include Google::Apis::Core::Hashable
+      
+        # Enable/Disable Secret Manager Config.
+        # Corresponds to the JSON property `enabled`
+        # @return [Boolean]
+        attr_accessor :enabled
+        alias_method :enabled?, :enabled
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @enabled = args[:enabled] if args.key?(:enabled)
+        end
+      end
+      
       # SecurityBulletinEvent is a notification sent to customers when a security
       # bulletin has been posted that they are vulnerable to.
       class SecurityBulletinEvent
@@ -4738,6 +6541,32 @@ module Google
         end
       end
       
+      # SecurityPostureConfig defines the flags needed to enable/disable features for
+      # the Security Posture API.
+      class SecurityPostureConfig
+        include Google::Apis::Core::Hashable
+      
+        # Sets which mode to use for Security Posture features.
+        # Corresponds to the JSON property `mode`
+        # @return [String]
+        attr_accessor :mode
+      
+        # Sets which mode to use for vulnerability scanning.
+        # Corresponds to the JSON property `vulnerabilityMode`
+        # @return [String]
+        attr_accessor :vulnerability_mode
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @mode = args[:mode] if args.key?(:mode)
+          @vulnerability_mode = args[:vulnerability_mode] if args.key?(:vulnerability_mode)
+        end
+      end
+      
       # Kubernetes Engine service configuration.
       class ServerConfig
         include Google::Apis::Core::Hashable
@@ -5512,6 +7341,26 @@ module Google
         end
       end
       
+      # SoleTenantConfig contains the NodeAffinities to specify what shared sole
+      # tenant node groups should back the node pool.
+      class SoleTenantConfig
+        include Google::Apis::Core::Hashable
+      
+        # NodeAffinities used to match to a shared sole tenant node group.
+        # Corresponds to the JSON property `nodeAffinities`
+        # @return [Array<Google::Apis::ContainerV1::NodeAffinity>]
+        attr_accessor :node_affinities
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @node_affinities = args[:node_affinities] if args.key?(:node_affinities)
+        end
+      end
+      
       # Standard rollout policy is the default policy for blue-green.
       class StandardRolloutPolicy
         include Google::Apis::Core::Hashable
@@ -5595,6 +7444,26 @@ module Google
         end
       end
       
+      # Configuration for the Stateful HA add-on.
+      class StatefulHaConfig
+        include Google::Apis::Core::Hashable
+      
+        # Whether the Stateful HA add-on is enabled for this cluster.
+        # Corresponds to the JSON property `enabled`
+        # @return [Boolean]
+        attr_accessor :enabled
+        alias_method :enabled?, :enabled
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @enabled = args[:enabled] if args.key?(:enabled)
+        end
+      end
+      
       # The `Status` type defines a logical error model that is suitable for different
       # programming environments, including REST APIs and RPC APIs. It is used by [
       # gRPC](https://github.com/grpc). Each `Status` message contains three pieces of
@@ -5828,6 +7697,12 @@ module Google
       class UpdateNodePoolRequest
         include Google::Apis::Core::Hashable
       
+        # A list of hardware accelerators to be attached to each node. See https://cloud.
+        # google.com/compute/docs/gpus for more information about support for GPUs.
+        # Corresponds to the JSON property `accelerators`
+        # @return [Array<Google::Apis::ContainerV1::AcceleratorConfig>]
+        attr_accessor :accelerators
+      
         # Deprecated. The name of the cluster to upgrade. This field has been deprecated
         # and replaced by the name field.
         # Corresponds to the JSON property `clusterId`
@@ -5840,6 +7715,25 @@ module Google
         # @return [Google::Apis::ContainerV1::ConfidentialNodes]
         attr_accessor :confidential_nodes
       
+        # ContainerdConfig contains configuration to customize containerd.
+        # Corresponds to the JSON property `containerdConfig`
+        # @return [Google::Apis::ContainerV1::ContainerdConfig]
+        attr_accessor :containerd_config
+      
+        # Optional. The desired disk size for nodes in the node pool specified in GB.
+        # The smallest allowed disk size is 10GB. Initiates an upgrade operation that
+        # migrates the nodes in the node pool to the specified disk size.
+        # Corresponds to the JSON property `diskSizeGb`
+        # @return [Fixnum]
+        attr_accessor :disk_size_gb
+      
+        # Optional. The desired disk type (e.g. 'pd-standard', 'pd-ssd' or 'pd-balanced')
+        # for nodes in the node pool. Initiates an upgrade operation that migrates the
+        # nodes in the node pool to the specified disk type.
+        # Corresponds to the JSON property `diskType`
+        # @return [String]
+        attr_accessor :disk_type
+      
         # The current etag of the node pool. If an etag is provided and does not match
         # the current etag of the node pool, update will be blocked and an ABORTED error
         # will be returned.
@@ -5863,7 +7757,9 @@ module Google
         # @return [Google::Apis::ContainerV1::VirtualNic]
         attr_accessor :gvnic
       
-        # Required. The desired image type for the node pool.
+        # Required. The desired image type for the node pool. Please see https://cloud.
+        # google.com/kubernetes-engine/docs/concepts/node-images for available image
+        # types.
         # Corresponds to the JSON property `imageType`
         # @return [String]
         attr_accessor :image_type
@@ -5898,6 +7794,20 @@ module Google
         # @return [Google::Apis::ContainerV1::NodePoolLoggingConfig]
         attr_accessor :logging_config
       
+        # Optional. The desired [Google Compute Engine machine type](https://cloud.
+        # google.com/compute/docs/machine-types) for nodes in the node pool. Initiates
+        # an upgrade operation that migrates the nodes in the node pool to the specified
+        # machine type.
+        # Corresponds to the JSON property `machineType`
+        # @return [String]
+        attr_accessor :machine_type
+      
+        # The maximum duration for the nodes to exist. If unspecified, the nodes can
+        # exist indefinitely.
+        # Corresponds to the JSON property `maxRunDuration`
+        # @return [String]
+        attr_accessor :max_run_duration
+      
         # The name (project, location, cluster, node pool) of the node pool to update.
         # Specified in the format `projects/*/locations/*/clusters/*/nodePools/*`.
         # Corresponds to the JSON property `name`
@@ -5933,12 +7843,32 @@ module Google
         # @return [String]
         attr_accessor :project_id
       
+        # QueuedProvisioning defines the queued provisioning used by the node pool.
+        # Corresponds to the JSON property `queuedProvisioning`
+        # @return [Google::Apis::ContainerV1::QueuedProvisioning]
+        attr_accessor :queued_provisioning
+      
         # Collection of [GCP labels](https://cloud.google.com/resource-manager/docs/
         # creating-managing-labels).
         # Corresponds to the JSON property `resourceLabels`
         # @return [Google::Apis::ContainerV1::ResourceLabels]
         attr_accessor :resource_labels
       
+        # A map of resource manager tag keys and values to be attached to the nodes for
+        # managing Compute Engine firewalls using Network Firewall Policies. Tags must
+        # be according to specifications in https://cloud.google.com/vpc/docs/tags-
+        # firewalls-overview#specifications. A maximum of 5 tag key-value pairs can be
+        # specified. Existing tags will be replaced with new values.
+        # Corresponds to the JSON property `resourceManagerTags`
+        # @return [Google::Apis::ContainerV1::ResourceManagerTags]
+        attr_accessor :resource_manager_tags
+      
+        # List of Storage Pools where boot disks are provisioned. Existing Storage Pools
+        # will be replaced with storage-pools.
+        # Corresponds to the JSON property `storagePools`
+        # @return [Array<String>]
+        attr_accessor :storage_pools
+      
         # Collection of Compute Engine network tags that can be applied to a node's
         # underlying VM instance.
         # Corresponds to the JSON property `tags`
@@ -6012,8 +7942,12 @@ module Google
       
         # Update properties of this object
         def update!(**args)
+          @accelerators = args[:accelerators] if args.key?(:accelerators)
           @cluster_id = args[:cluster_id] if args.key?(:cluster_id)
           @confidential_nodes = args[:confidential_nodes] if args.key?(:confidential_nodes)
+          @containerd_config = args[:containerd_config] if args.key?(:containerd_config)
+          @disk_size_gb = args[:disk_size_gb] if args.key?(:disk_size_gb)
+          @disk_type = args[:disk_type] if args.key?(:disk_type)
           @etag = args[:etag] if args.key?(:etag)
           @fast_socket = args[:fast_socket] if args.key?(:fast_socket)
           @gcfs_config = args[:gcfs_config] if args.key?(:gcfs_config)
@@ -6024,12 +7958,17 @@ module Google
           @linux_node_config = args[:linux_node_config] if args.key?(:linux_node_config)
           @locations = args[:locations] if args.key?(:locations)
           @logging_config = args[:logging_config] if args.key?(:logging_config)
+          @machine_type = args[:machine_type] if args.key?(:machine_type)
+          @max_run_duration = args[:max_run_duration] if args.key?(:max_run_duration)
           @name = args[:name] if args.key?(:name)
           @node_network_config = args[:node_network_config] if args.key?(:node_network_config)
           @node_pool_id = args[:node_pool_id] if args.key?(:node_pool_id)
           @node_version = args[:node_version] if args.key?(:node_version)
           @project_id = args[:project_id] if args.key?(:project_id)
+          @queued_provisioning = args[:queued_provisioning] if args.key?(:queued_provisioning)
           @resource_labels = args[:resource_labels] if args.key?(:resource_labels)
+          @resource_manager_tags = args[:resource_manager_tags] if args.key?(:resource_manager_tags)
+          @storage_pools = args[:storage_pools] if args.key?(:storage_pools)
           @tags = args[:tags] if args.key?(:tags)
           @taints = args[:taints] if args.key?(:taints)
           @upgrade_settings = args[:upgrade_settings] if args.key?(:upgrade_settings)
@@ -6132,6 +8071,93 @@ module Google
         end
       end
       
+      # UpgradeInfoEvent is a notification sent to customers about the upgrade
+      # information of a resource.
+      class UpgradeInfoEvent
+        include Google::Apis::Core::Hashable
+      
+        # The current version before the upgrade.
+        # Corresponds to the JSON property `currentVersion`
+        # @return [String]
+        attr_accessor :current_version
+      
+        # A brief description of the event.
+        # Corresponds to the JSON property `description`
+        # @return [String]
+        attr_accessor :description
+      
+        # The time when the operation ended.
+        # Corresponds to the JSON property `endTime`
+        # @return [String]
+        attr_accessor :end_time
+      
+        # The type of the event.
+        # Corresponds to the JSON property `eventType`
+        # @return [String]
+        attr_accessor :event_type
+      
+        # The end of extended support timestamp.
+        # Corresponds to the JSON property `extendedSupportEndTime`
+        # @return [String]
+        attr_accessor :extended_support_end_time
+      
+        # The operation associated with this upgrade.
+        # Corresponds to the JSON property `operation`
+        # @return [String]
+        attr_accessor :operation
+      
+        # Optional relative path to the resource. For example in node pool upgrades, the
+        # relative path of the node pool.
+        # Corresponds to the JSON property `resource`
+        # @return [String]
+        attr_accessor :resource
+      
+        # The resource type associated with the upgrade.
+        # Corresponds to the JSON property `resourceType`
+        # @return [String]
+        attr_accessor :resource_type
+      
+        # The end of standard support timestamp.
+        # Corresponds to the JSON property `standardSupportEndTime`
+        # @return [String]
+        attr_accessor :standard_support_end_time
+      
+        # The time when the operation was started.
+        # Corresponds to the JSON property `startTime`
+        # @return [String]
+        attr_accessor :start_time
+      
+        # Output only. The state of the upgrade.
+        # Corresponds to the JSON property `state`
+        # @return [String]
+        attr_accessor :state
+      
+        # The target version for the upgrade.
+        # Corresponds to the JSON property `targetVersion`
+        # @return [String]
+        attr_accessor :target_version
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @current_version = args[:current_version] if args.key?(:current_version)
+          @description = args[:description] if args.key?(:description)
+          @end_time = args[:end_time] if args.key?(:end_time)
+          @event_type = args[:event_type] if args.key?(:event_type)
+          @extended_support_end_time = args[:extended_support_end_time] if args.key?(:extended_support_end_time)
+          @operation = args[:operation] if args.key?(:operation)
+          @resource = args[:resource] if args.key?(:resource)
+          @resource_type = args[:resource_type] if args.key?(:resource_type)
+          @standard_support_end_time = args[:standard_support_end_time] if args.key?(:standard_support_end_time)
+          @start_time = args[:start_time] if args.key?(:start_time)
+          @state = args[:state] if args.key?(:state)
+          @target_version = args[:target_version] if args.key?(:target_version)
+        end
+      end
+      
       # These upgrade settings control the level of parallelism and the level of
       # disruption caused by an upgrade. maxUnavailable controls the number of nodes
       # that can be simultaneously unavailable. maxSurge controls the number of
@@ -6281,6 +8307,78 @@ module Google
         end
       end
       
+      # UserManagedKeysConfig holds the resource address to Keys which are used for
+      # signing certs and token that are used for communication within cluster.
+      class UserManagedKeysConfig
+        include Google::Apis::Core::Hashable
+      
+        # The Certificate Authority Service caPool to use for the aggregation CA in this
+        # cluster.
+        # Corresponds to the JSON property `aggregationCa`
+        # @return [String]
+        attr_accessor :aggregation_ca
+      
+        # The Certificate Authority Service caPool to use for the cluster CA in this
+        # cluster.
+        # Corresponds to the JSON property `clusterCa`
+        # @return [String]
+        attr_accessor :cluster_ca
+      
+        # The Cloud KMS cryptoKey to use for Confidential Hyperdisk on the control plane
+        # nodes.
+        # Corresponds to the JSON property `controlPlaneDiskEncryptionKey`
+        # @return [String]
+        attr_accessor :control_plane_disk_encryption_key
+      
+        # Resource path of the Certificate Authority Service caPool to use for the etcd
+        # API CA in this cluster.
+        # Corresponds to the JSON property `etcdApiCa`
+        # @return [String]
+        attr_accessor :etcd_api_ca
+      
+        # Resource path of the Certificate Authority Service caPool to use for the etcd
+        # peer CA in this cluster.
+        # Corresponds to the JSON property `etcdPeerCa`
+        # @return [String]
+        attr_accessor :etcd_peer_ca
+      
+        # Resource path of the Cloud KMS cryptoKey to use for encryption of internal
+        # etcd backups.
+        # Corresponds to the JSON property `gkeopsEtcdBackupEncryptionKey`
+        # @return [String]
+        attr_accessor :gkeops_etcd_backup_encryption_key
+      
+        # The Cloud KMS cryptoKeyVersions to use for signing service account JWTs issued
+        # by this cluster. Format: `projects/`project`/locations/`location`/keyRings/`
+        # keyring`/cryptoKeys/`cryptoKey`/cryptoKeyVersions/`cryptoKeyVersion``
+        # Corresponds to the JSON property `serviceAccountSigningKeys`
+        # @return [Array<String>]
+        attr_accessor :service_account_signing_keys
+      
+        # The Cloud KMS cryptoKeyVersions to use for verifying service account JWTs
+        # issued by this cluster. Format: `projects/`project`/locations/`location`/
+        # keyRings/`keyring`/cryptoKeys/`cryptoKey`/cryptoKeyVersions/`cryptoKeyVersion``
+        # Corresponds to the JSON property `serviceAccountVerificationKeys`
+        # @return [Array<String>]
+        attr_accessor :service_account_verification_keys
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @aggregation_ca = args[:aggregation_ca] if args.key?(:aggregation_ca)
+          @cluster_ca = args[:cluster_ca] if args.key?(:cluster_ca)
+          @control_plane_disk_encryption_key = args[:control_plane_disk_encryption_key] if args.key?(:control_plane_disk_encryption_key)
+          @etcd_api_ca = args[:etcd_api_ca] if args.key?(:etcd_api_ca)
+          @etcd_peer_ca = args[:etcd_peer_ca] if args.key?(:etcd_peer_ca)
+          @gkeops_etcd_backup_encryption_key = args[:gkeops_etcd_backup_encryption_key] if args.key?(:gkeops_etcd_backup_encryption_key)
+          @service_account_signing_keys = args[:service_account_signing_keys] if args.key?(:service_account_signing_keys)
+          @service_account_verification_keys = args[:service_account_verification_keys] if args.key?(:service_account_verification_keys)
+        end
+      end
+      
       # VerticalPodAutoscaling contains global, per-cluster information required by
       # Vertical Pod Autoscaler to automatically adjust the resources of pods
       # controlled by it.
@@ -6383,6 +8481,33 @@ module Google
           @mode = args[:mode] if args.key?(:mode)
         end
       end
+      
+      # WorkloadPolicyConfig is the configuration related to GCW workload policy
+      class WorkloadPolicyConfig
+        include Google::Apis::Core::Hashable
+      
+        # If true, workloads can use NET_ADMIN capability.
+        # Corresponds to the JSON property `allowNetAdmin`
+        # @return [Boolean]
+        attr_accessor :allow_net_admin
+        alias_method :allow_net_admin?, :allow_net_admin
+      
+        # If true, enables the GCW Auditor that audits workloads on standard clusters.
+        # Corresponds to the JSON property `autopilotCompatibilityAuditingEnabled`
+        # @return [Boolean]
+        attr_accessor :autopilot_compatibility_auditing_enabled
+        alias_method :autopilot_compatibility_auditing_enabled?, :autopilot_compatibility_auditing_enabled
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @allow_net_admin = args[:allow_net_admin] if args.key?(:allow_net_admin)
+          @autopilot_compatibility_auditing_enabled = args[:autopilot_compatibility_auditing_enabled] if args.key?(:autopilot_compatibility_auditing_enabled)
+        end
+      end
     end
   end
 end