google-apis-container_v1beta1 0.43.0 → 0.78.0

data/lib/google/apis/container_v1beta1/classes.rb

@@ -37,6 +37,12 @@ module Google
         # @return [String]
         attr_accessor :accelerator_type
       
+        # GPUDriverInstallationConfig specifies the version of GPU driver to be auto
+        # installed.
+        # Corresponds to the JSON property `gpuDriverInstallationConfig`
+        # @return [Google::Apis::ContainerV1beta1::GpuDriverInstallationConfig]
+        attr_accessor :gpu_driver_installation_config
+      
         # Size of partitions to create on the GPU. Valid values are described in the
         # NVIDIA [mig user guide](https://docs.nvidia.com/datacenter/tesla/mig-user-
         # guide/#partitioning).
@@ -63,12 +69,105 @@ module Google
         def update!(**args)
           @accelerator_count = args[:accelerator_count] if args.key?(:accelerator_count)
           @accelerator_type = args[:accelerator_type] if args.key?(:accelerator_type)
+          @gpu_driver_installation_config = args[:gpu_driver_installation_config] if args.key?(:gpu_driver_installation_config)
           @gpu_partition_size = args[:gpu_partition_size] if args.key?(:gpu_partition_size)
           @gpu_sharing_config = args[:gpu_sharing_config] if args.key?(:gpu_sharing_config)
           @max_time_shared_clients_per_gpu = args[:max_time_shared_clients_per_gpu] if args.key?(:max_time_shared_clients_per_gpu)
         end
       end
       
+      # AdditionalNodeNetworkConfig is the configuration for additional node networks
+      # within the NodeNetworkConfig message
+      class AdditionalNodeNetworkConfig
+        include Google::Apis::Core::Hashable
+      
+        # Name of the VPC where the additional interface belongs
+        # Corresponds to the JSON property `network`
+        # @return [String]
+        attr_accessor :network
+      
+        # Name of the subnetwork where the additional interface belongs
+        # Corresponds to the JSON property `subnetwork`
+        # @return [String]
+        attr_accessor :subnetwork
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @network = args[:network] if args.key?(:network)
+          @subnetwork = args[:subnetwork] if args.key?(:subnetwork)
+        end
+      end
+      
+      # AdditionalPodNetworkConfig is the configuration for additional pod networks
+      # within the NodeNetworkConfig message
+      class AdditionalPodNetworkConfig
+        include Google::Apis::Core::Hashable
+      
+        # Constraints applied to pods.
+        # Corresponds to the JSON property `maxPodsPerNode`
+        # @return [Google::Apis::ContainerV1beta1::MaxPodsConstraint]
+        attr_accessor :max_pods_per_node
+      
+        # The name of the network attachment for pods to communicate to; cannot be
+        # specified along with subnetwork or secondary_pod_range.
+        # Corresponds to the JSON property `networkAttachment`
+        # @return [String]
+        attr_accessor :network_attachment
+      
+        # The name of the secondary range on the subnet which provides IP address for
+        # this pod range.
+        # Corresponds to the JSON property `secondaryPodRange`
+        # @return [String]
+        attr_accessor :secondary_pod_range
+      
+        # Name of the subnetwork where the additional pod network belongs.
+        # Corresponds to the JSON property `subnetwork`
+        # @return [String]
+        attr_accessor :subnetwork
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @max_pods_per_node = args[:max_pods_per_node] if args.key?(:max_pods_per_node)
+          @network_attachment = args[:network_attachment] if args.key?(:network_attachment)
+          @secondary_pod_range = args[:secondary_pod_range] if args.key?(:secondary_pod_range)
+          @subnetwork = args[:subnetwork] if args.key?(:subnetwork)
+        end
+      end
+      
+      # AdditionalPodRangesConfig is the configuration for additional pod secondary
+      # ranges supporting the ClusterUpdate message.
+      class AdditionalPodRangesConfig
+        include Google::Apis::Core::Hashable
+      
+        # Output only. Information for additional pod range.
+        # Corresponds to the JSON property `podRangeInfo`
+        # @return [Array<Google::Apis::ContainerV1beta1::RangeInfo>]
+        attr_accessor :pod_range_info
+      
+        # Name for pod secondary ipv4 range which has the actual range defined ahead.
+        # Corresponds to the JSON property `podRangeNames`
+        # @return [Array<String>]
+        attr_accessor :pod_range_names
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @pod_range_info = args[:pod_range_info] if args.key?(:pod_range_info)
+          @pod_range_names = args[:pod_range_names] if args.key?(:pod_range_names)
+        end
+      end
+      
       # Configuration for the addons that can be automatically spun up in the cluster,
       # enabling additional functionality.
       class AddonsConfig
@@ -99,6 +198,11 @@ module Google
         # @return [Google::Apis::ContainerV1beta1::GcpFilestoreCsiDriverConfig]
         attr_accessor :gcp_filestore_csi_driver_config
       
+        # Configuration for the Cloud Storage Fuse CSI driver.
+        # Corresponds to the JSON property `gcsFuseCsiDriverConfig`
+        # @return [Google::Apis::ContainerV1beta1::GcsFuseCsiDriverConfig]
+        attr_accessor :gcs_fuse_csi_driver_config
+      
         # Configuration for the Backup for GKE Agent.
         # Corresponds to the JSON property `gkeBackupAgentConfig`
         # @return [Google::Apis::ContainerV1beta1::GkeBackupAgentConfig]
@@ -139,6 +243,21 @@ module Google
         # @return [Google::Apis::ContainerV1beta1::NetworkPolicyConfig]
         attr_accessor :network_policy_config
       
+        # Configuration for the Cloud Storage Parallelstore CSI driver.
+        # Corresponds to the JSON property `parallelstoreCsiDriverConfig`
+        # @return [Google::Apis::ContainerV1beta1::ParallelstoreCsiDriverConfig]
+        attr_accessor :parallelstore_csi_driver_config
+      
+        # Configuration options for the Ray Operator add-on.
+        # Corresponds to the JSON property `rayOperatorConfig`
+        # @return [Google::Apis::ContainerV1beta1::RayOperatorConfig]
+        attr_accessor :ray_operator_config
+      
+        # Configuration for the Stateful HA add-on.
+        # Corresponds to the JSON property `statefulHaConfig`
+        # @return [Google::Apis::ContainerV1beta1::StatefulHaConfig]
+        attr_accessor :stateful_ha_config
+      
         def initialize(**args)
            update!(**args)
         end
@@ -150,6 +269,7 @@ module Google
           @dns_cache_config = args[:dns_cache_config] if args.key?(:dns_cache_config)
           @gce_persistent_disk_csi_driver_config = args[:gce_persistent_disk_csi_driver_config] if args.key?(:gce_persistent_disk_csi_driver_config)
           @gcp_filestore_csi_driver_config = args[:gcp_filestore_csi_driver_config] if args.key?(:gcp_filestore_csi_driver_config)
+          @gcs_fuse_csi_driver_config = args[:gcs_fuse_csi_driver_config] if args.key?(:gcs_fuse_csi_driver_config)
           @gke_backup_agent_config = args[:gke_backup_agent_config] if args.key?(:gke_backup_agent_config)
           @horizontal_pod_autoscaling = args[:horizontal_pod_autoscaling] if args.key?(:horizontal_pod_autoscaling)
           @http_load_balancing = args[:http_load_balancing] if args.key?(:http_load_balancing)
@@ -157,6 +277,43 @@ module Google
           @kalm_config = args[:kalm_config] if args.key?(:kalm_config)
           @kubernetes_dashboard = args[:kubernetes_dashboard] if args.key?(:kubernetes_dashboard)
           @network_policy_config = args[:network_policy_config] if args.key?(:network_policy_config)
+          @parallelstore_csi_driver_config = args[:parallelstore_csi_driver_config] if args.key?(:parallelstore_csi_driver_config)
+          @ray_operator_config = args[:ray_operator_config] if args.key?(:ray_operator_config)
+          @stateful_ha_config = args[:stateful_ha_config] if args.key?(:stateful_ha_config)
+        end
+      end
+      
+      # AdvancedDatapathObservabilityConfig specifies configuration of observability
+      # features of advanced datapath.
+      class AdvancedDatapathObservabilityConfig
+        include Google::Apis::Core::Hashable
+      
+        # Expose flow metrics on nodes
+        # Corresponds to the JSON property `enableMetrics`
+        # @return [Boolean]
+        attr_accessor :enable_metrics
+        alias_method :enable_metrics?, :enable_metrics
+      
+        # Enable Relay component
+        # Corresponds to the JSON property `enableRelay`
+        # @return [Boolean]
+        attr_accessor :enable_relay
+        alias_method :enable_relay?, :enable_relay
+      
+        # Method used to make Relay available
+        # Corresponds to the JSON property `relayMode`
+        # @return [String]
+        attr_accessor :relay_mode
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @enable_metrics = args[:enable_metrics] if args.key?(:enable_metrics)
+          @enable_relay = args[:enable_relay] if args.key?(:enable_relay)
+          @relay_mode = args[:relay_mode] if args.key?(:relay_mode)
         end
       end
       
@@ -164,6 +321,12 @@ module Google
       class AdvancedMachineFeatures
         include Google::Apis::Core::Hashable
       
+        # Whether or not to enable nested virtualization (defaults to false).
+        # Corresponds to the JSON property `enableNestedVirtualization`
+        # @return [Boolean]
+        attr_accessor :enable_nested_virtualization
+        alias_method :enable_nested_virtualization?, :enable_nested_virtualization
+      
         # The number of threads per physical core. To disable simultaneous
         # multithreading (SMT) set this to 1. If unset, the maximum number of threads
         # supported per core by the underlying processor is assumed.
@@ -177,6 +340,7 @@ module Google
       
         # Update properties of this object
         def update!(**args)
+          @enable_nested_virtualization = args[:enable_nested_virtualization] if args.key?(:enable_nested_virtualization)
           @threads_per_core = args[:threads_per_core] if args.key?(:threads_per_core)
         end
       end
@@ -209,19 +373,39 @@ module Google
         end
       end
       
+      # AutoMonitoringConfig defines the configuration for GKE Workload Auto-
+      # Monitoring.
+      class AutoMonitoringConfig
+        include Google::Apis::Core::Hashable
+      
+        # Scope for GKE Workload Auto-Monitoring.
+        # Corresponds to the JSON property `scope`
+        # @return [String]
+        attr_accessor :scope
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @scope = args[:scope] if args.key?(:scope)
+        end
+      end
+      
       # AutoUpgradeOptions defines the set of options for the user to control how the
       # Auto Upgrades will proceed.
       class AutoUpgradeOptions
         include Google::Apis::Core::Hashable
       
-        # [Output only] This field is set when upgrades are about to commence with the
+        # Output only. This field is set when upgrades are about to commence with the
         # approximate start time for the upgrades, in [RFC3339](https://www.ietf.org/rfc/
         # rfc3339.txt) text format.
         # Corresponds to the JSON property `autoUpgradeStartTime`
         # @return [String]
         attr_accessor :auto_upgrade_start_time
       
-        # [Output only] This field is set when upgrades are about to commence with the
+        # Output only. This field is set when upgrades are about to commence with the
         # description of the upgrade.
         # Corresponds to the JSON property `description`
         # @return [String]
@@ -242,19 +426,100 @@ module Google
       class Autopilot
         include Google::Apis::Core::Hashable
       
+        # AutopilotConversionStatus represents conversion status.
+        # Corresponds to the JSON property `conversionStatus`
+        # @return [Google::Apis::ContainerV1beta1::AutopilotConversionStatus]
+        attr_accessor :conversion_status
+      
         # Enable Autopilot
         # Corresponds to the JSON property `enabled`
         # @return [Boolean]
         attr_accessor :enabled
         alias_method :enabled?, :enabled
       
+        # WorkloadPolicyConfig is the configuration related to GCW workload policy
+        # Corresponds to the JSON property `workloadPolicyConfig`
+        # @return [Google::Apis::ContainerV1beta1::WorkloadPolicyConfig]
+        attr_accessor :workload_policy_config
+      
         def initialize(**args)
            update!(**args)
         end
       
         # Update properties of this object
         def update!(**args)
+          @conversion_status = args[:conversion_status] if args.key?(:conversion_status)
           @enabled = args[:enabled] if args.key?(:enabled)
+          @workload_policy_config = args[:workload_policy_config] if args.key?(:workload_policy_config)
+        end
+      end
+      
+      # AutopilotCompatibilityIssue contains information about a specific
+      # compatibility issue with Autopilot mode.
+      class AutopilotCompatibilityIssue
+        include Google::Apis::Core::Hashable
+      
+        # The constraint type of the issue.
+        # Corresponds to the JSON property `constraintType`
+        # @return [String]
+        attr_accessor :constraint_type
+      
+        # The description of the issue.
+        # Corresponds to the JSON property `description`
+        # @return [String]
+        attr_accessor :description
+      
+        # A URL to a public documnetation, which addresses resolving this issue.
+        # Corresponds to the JSON property `documentationUrl`
+        # @return [String]
+        attr_accessor :documentation_url
+      
+        # The incompatibility type of this issue.
+        # Corresponds to the JSON property `incompatibilityType`
+        # @return [String]
+        attr_accessor :incompatibility_type
+      
+        # The last time when this issue was observed.
+        # Corresponds to the JSON property `lastObservation`
+        # @return [String]
+        attr_accessor :last_observation
+      
+        # The name of the resources which are subject to this issue.
+        # Corresponds to the JSON property `subjects`
+        # @return [Array<String>]
+        attr_accessor :subjects
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @constraint_type = args[:constraint_type] if args.key?(:constraint_type)
+          @description = args[:description] if args.key?(:description)
+          @documentation_url = args[:documentation_url] if args.key?(:documentation_url)
+          @incompatibility_type = args[:incompatibility_type] if args.key?(:incompatibility_type)
+          @last_observation = args[:last_observation] if args.key?(:last_observation)
+          @subjects = args[:subjects] if args.key?(:subjects)
+        end
+      end
+      
+      # AutopilotConversionStatus represents conversion status.
+      class AutopilotConversionStatus
+        include Google::Apis::Core::Hashable
+      
+        # Output only. The current state of the conversion.
+        # Corresponds to the JSON property `state`
+        # @return [String]
+        attr_accessor :state
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @state = args[:state] if args.key?(:state)
         end
       end
       
@@ -284,11 +549,18 @@ module Google
         # @return [String]
         attr_accessor :disk_type
       
-        # The image type to use for NAP created node.
+        # The image type to use for NAP created node. Please see https://cloud.google.
+        # com/kubernetes-engine/docs/concepts/node-images for available image types.
         # Corresponds to the JSON property `imageType`
         # @return [String]
         attr_accessor :image_type
       
+        # Enable or disable Kubelet read only port.
+        # Corresponds to the JSON property `insecureKubeletReadonlyPortEnabled`
+        # @return [Boolean]
+        attr_accessor :insecure_kubelet_readonly_port_enabled
+        alias_method :insecure_kubelet_readonly_port_enabled?, :insecure_kubelet_readonly_port_enabled
+      
         # NodeManagement defines the set of node management services turned on for the
         # node pool.
         # Corresponds to the JSON property `management`
@@ -301,7 +573,7 @@ module Google
         # Haswell or minCpuPlatform: Intel Sandy Bridge. For more information, read [how
         # to specify min CPU platform](https://cloud.google.com/compute/docs/instances/
         # specify-min-cpu-platform). This field is deprecated, min_cpu_platform should
-        # be specified using https://cloud.google.com/requested-min-cpu-platform label
+        # be specified using `cloud.google.com/requested-min-cpu-platform` label
         # selector on the pod. To unset the min cpu platform field pass "automatic" as
         # field value.
         # Corresponds to the JSON property `minCpuPlatform`
@@ -333,6 +605,20 @@ module Google
         # @return [Google::Apis::ContainerV1beta1::ShieldedInstanceConfig]
         attr_accessor :shielded_instance_config
       
+        # These upgrade settings control the level of parallelism and the level of
+        # disruption caused by an upgrade. maxUnavailable controls the number of nodes
+        # that can be simultaneously unavailable. maxSurge controls the number of
+        # additional nodes that can be added to the node pool temporarily for the time
+        # of the upgrade to increase the number of available nodes. (maxUnavailable +
+        # maxSurge) determines the level of parallelism (how many nodes are being
+        # upgraded at the same time). Note: upgrades inevitably introduce some
+        # disruption since workloads need to be moved from old nodes to new, upgraded
+        # ones. Even if maxUnavailable=0, this holds true. (Disruption stays within the
+        # limits of PodDisruptionBudget, if it is configured.) Consider a hypothetical
+        # node pool with 5 nodes having maxSurge=2, maxUnavailable=1. This means the
+        # upgrade process upgrades 3 nodes simultaneously. It creates 2 additional (
+        # upgraded) nodes, then it brings down 3 old (not yet upgraded) nodes at the
+        # same time. This ensures that there are always at least 4 nodes available.
         # These upgrade settings configure the upgrade strategy for the node pool. Use
         # strategy to switch between the strategies applied to the node pool. If the
         # strategy is SURGE, use max_surge and max_unavailable to control the level of
@@ -364,6 +650,7 @@ module Google
           @disk_size_gb = args[:disk_size_gb] if args.key?(:disk_size_gb)
           @disk_type = args[:disk_type] if args.key?(:disk_type)
           @image_type = args[:image_type] if args.key?(:image_type)
+          @insecure_kubelet_readonly_port_enabled = args[:insecure_kubelet_readonly_port_enabled] if args.key?(:insecure_kubelet_readonly_port_enabled)
           @management = args[:management] if args.key?(:management)
           @min_cpu_platform = args[:min_cpu_platform] if args.key?(:min_cpu_platform)
           @oauth_scopes = args[:oauth_scopes] if args.key?(:oauth_scopes)
@@ -373,6 +660,20 @@ module Google
         end
       end
       
+      # Autoscaled rollout policy uses cluster autoscaler during blue-green upgrades
+      # to scale both the green and blue pools.
+      class AutoscaledRolloutPolicy
+        include Google::Apis::Core::Hashable
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+        end
+      end
+      
       # Deprecated.
       class AvailableVersion
         include Google::Apis::Core::Hashable
@@ -398,6 +699,36 @@ module Google
         end
       end
       
+      # Best effort provisioning.
+      class BestEffortProvisioning
+        include Google::Apis::Core::Hashable
+      
+        # When this is enabled, cluster/node pool creations will ignore non-fatal errors
+        # like stockout to best provision as many nodes as possible right now and
+        # eventually bring up all target number of nodes
+        # Corresponds to the JSON property `enabled`
+        # @return [Boolean]
+        attr_accessor :enabled
+        alias_method :enabled?, :enabled
+      
+        # Minimum number of nodes to be provisioned to be considered as succeeded, and
+        # the rest of nodes will be provisioned gradually and eventually when stockout
+        # issue has been resolved.
+        # Corresponds to the JSON property `minProvisionNodes`
+        # @return [Fixnum]
+        attr_accessor :min_provision_nodes
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @enabled = args[:enabled] if args.key?(:enabled)
+          @min_provision_nodes = args[:min_provision_nodes] if args.key?(:min_provision_nodes)
+        end
+      end
+      
       # Parameters for using BigQuery as the destination of resource usage export.
       class BigQueryDestination
         include Google::Apis::Core::Hashable
@@ -435,6 +766,11 @@ module Google
         # @return [String]
         attr_accessor :evaluation_mode
       
+        # Optional. Binauthz policies that apply to this cluster.
+        # Corresponds to the JSON property `policyBindings`
+        # @return [Array<Google::Apis::ContainerV1beta1::PolicyBinding>]
+        attr_accessor :policy_bindings
+      
         def initialize(**args)
            update!(**args)
         end
@@ -443,6 +779,7 @@ module Google
         def update!(**args)
           @enabled = args[:enabled] if args.key?(:enabled)
           @evaluation_mode = args[:evaluation_mode] if args.key?(:evaluation_mode)
+          @policy_bindings = args[:policy_bindings] if args.key?(:policy_bindings)
         end
       end
       
@@ -496,6 +833,12 @@ module Google
       class BlueGreenSettings
         include Google::Apis::Core::Hashable
       
+        # Autoscaled rollout policy uses cluster autoscaler during blue-green upgrades
+        # to scale both the green and blue pools.
+        # Corresponds to the JSON property `autoscaledRolloutPolicy`
+        # @return [Google::Apis::ContainerV1beta1::AutoscaledRolloutPolicy]
+        attr_accessor :autoscaled_rollout_policy
+      
         # Time needed after draining entire blue pool. After this period, blue pool will
         # be cleaned up.
         # Corresponds to the JSON property `nodePoolSoakDuration`
@@ -513,6 +856,7 @@ module Google
       
         # Update properties of this object
         def update!(**args)
+          @autoscaled_rollout_policy = args[:autoscaled_rollout_policy] if args.key?(:autoscaled_rollout_policy)
           @node_pool_soak_duration = args[:node_pool_soak_duration] if args.key?(:node_pool_soak_duration)
           @standard_rollout_policy = args[:standard_rollout_policy] if args.key?(:standard_rollout_policy)
         end
@@ -561,6 +905,59 @@ module Google
         end
       end
       
+      # CertificateAuthorityDomainConfig configures one or more fully qualified domain
+      # names (FQDN) to a specific certificate.
+      class CertificateAuthorityDomainConfig
+        include Google::Apis::Core::Hashable
+      
+        # List of fully qualified domain names (FQDN). Specifying port is supported.
+        # Wilcards are NOT supported. Examples: - my.customdomain.com - 10.0.1.2:5000
+        # Corresponds to the JSON property `fqdns`
+        # @return [Array<String>]
+        attr_accessor :fqdns
+      
+        # GCPSecretManagerCertificateConfig configures a secret from [Google Secret
+        # Manager](https://cloud.google.com/secret-manager).
+        # Corresponds to the JSON property `gcpSecretManagerCertificateConfig`
+        # @return [Google::Apis::ContainerV1beta1::GcpSecretManagerCertificateConfig]
+        attr_accessor :gcp_secret_manager_certificate_config
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @fqdns = args[:fqdns] if args.key?(:fqdns)
+          @gcp_secret_manager_certificate_config = args[:gcp_secret_manager_certificate_config] if args.key?(:gcp_secret_manager_certificate_config)
+        end
+      end
+      
+      # CheckAutopilotCompatibilityResponse has a list of compatibility issues.
+      class CheckAutopilotCompatibilityResponse
+        include Google::Apis::Core::Hashable
+      
+        # The list of issues for the given operation.
+        # Corresponds to the JSON property `issues`
+        # @return [Array<Google::Apis::ContainerV1beta1::AutopilotCompatibilityIssue>]
+        attr_accessor :issues
+      
+        # The summary of the autopilot compatibility response.
+        # Corresponds to the JSON property `summary`
+        # @return [String]
+        attr_accessor :summary
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @issues = args[:issues] if args.key?(:issues)
+          @summary = args[:summary] if args.key?(:summary)
+        end
+      end
+      
       # CidrBlock contains an optional name and one CIDR block.
       class CidrBlock
         include Google::Apis::Core::Hashable
@@ -677,6 +1074,12 @@ module Google
         # @return [Google::Apis::ContainerV1beta1::ClusterTelemetry]
         attr_accessor :cluster_telemetry
       
+        # CompliancePostureConfig defines the settings needed to enable/disable features
+        # for the Compliance Posture.
+        # Corresponds to the JSON property `compliancePostureConfig`
+        # @return [Google::Apis::ContainerV1beta1::CompliancePostureConfig]
+        attr_accessor :compliance_posture_config
+      
         # Which conditions caused the current cluster state.
         # Corresponds to the JSON property `conditions`
         # @return [Array<Google::Apis::ContainerV1beta1::StatusCondition>]
@@ -688,29 +1091,34 @@ module Google
         # @return [Google::Apis::ContainerV1beta1::ConfidentialNodes]
         attr_accessor :confidential_nodes
       
+        # Configuration for all of the cluster's control plane endpoints.
+        # Corresponds to the JSON property `controlPlaneEndpointsConfig`
+        # @return [Google::Apis::ContainerV1beta1::ControlPlaneEndpointsConfig]
+        attr_accessor :control_plane_endpoints_config
+      
         # Configuration for fine-grained cost management feature.
         # Corresponds to the JSON property `costManagementConfig`
         # @return [Google::Apis::ContainerV1beta1::CostManagementConfig]
         attr_accessor :cost_management_config
       
-        # [Output only] The time the cluster was created, in [RFC3339](https://www.ietf.
+        # Output only. The time the cluster was created, in [RFC3339](https://www.ietf.
         # org/rfc/rfc3339.txt) text format.
         # Corresponds to the JSON property `createTime`
         # @return [String]
         attr_accessor :create_time
       
-        # [Output only] The current software version of the master endpoint.
+        # Output only. The current software version of the master endpoint.
         # Corresponds to the JSON property `currentMasterVersion`
         # @return [String]
         attr_accessor :current_master_version
       
-        # [Output only] The number of nodes currently in the cluster. Deprecated. Call
+        # Output only. The number of nodes currently in the cluster. Deprecated. Call
         # Kubernetes API directly to retrieve node information.
         # Corresponds to the JSON property `currentNodeCount`
         # @return [Fixnum]
         attr_accessor :current_node_count
       
-        # [Output only] Deprecated, use [NodePool.version](https://cloud.google.com/
+        # Output only. Deprecated, use [NodePool.version](https://cloud.google.com/
         # kubernetes-engine/docs/reference/rest/v1beta1/projects.locations.clusters.
         # nodePools) instead. The current version of the node software components. If
         # they are currently at multiple versions because they're in the process of
@@ -734,6 +1142,11 @@ module Google
         # @return [String]
         attr_accessor :description
       
+        # Kubernetes open source beta apis enabled on the cluster.
+        # Corresponds to the JSON property `enableK8sBetaApis`
+        # @return [Google::Apis::ContainerV1beta1::K8sBetaApiConfig]
+        attr_accessor :enable_k8s_beta_apis
+      
         # Kubernetes alpha features are enabled on this cluster. This includes alpha API
         # groups (e.g. v1beta1) and features that may not be production ready in the
         # kubernetes version of the master and nodes. The cluster has no SLA for uptime
@@ -751,7 +1164,7 @@ module Google
         attr_accessor :enable_tpu
         alias_method :enable_tpu?, :enable_tpu
       
-        # [Output only] The IP address of this cluster's master endpoint. The endpoint
+        # Output only. The IP address of this cluster's master endpoint. The endpoint
         # can be accessed from the internet at `https://username:password@endpoint/`.
         # See the `masterAuth` property of this resource for username and password
         # information.
@@ -759,6 +1172,11 @@ module Google
         # @return [String]
         attr_accessor :endpoint
       
+        # EnterpriseConfig is the cluster enterprise configuration.
+        # Corresponds to the JSON property `enterpriseConfig`
+        # @return [Google::Apis::ContainerV1beta1::EnterpriseConfig]
+        attr_accessor :enterprise_config
+      
         # This checksum is computed by the server based on the value of cluster fields,
         # and may be sent on update requests to ensure the client has an up-to-date
         # value before proceeding.
@@ -766,12 +1184,17 @@ module Google
         # @return [String]
         attr_accessor :etag
       
-        # [Output only] The time the cluster will be automatically deleted in [RFC3339](
+        # Output only. The time the cluster will be automatically deleted in [RFC3339](
         # https://www.ietf.org/rfc/rfc3339.txt) text format.
         # Corresponds to the JSON property `expireTime`
         # @return [String]
         attr_accessor :expire_time
       
+        # Fleet is the fleet configuration for the cluster.
+        # Corresponds to the JSON property `fleet`
+        # @return [Google::Apis::ContainerV1beta1::Fleet]
+        attr_accessor :fleet
+      
         # Output only. Unique id for the cluster.
         # Corresponds to the JSON property `id`
         # @return [String]
@@ -808,7 +1231,7 @@ module Google
         # @return [Fixnum]
         attr_accessor :initial_node_count
       
-        # Deprecated. Use node_pools.instance_group_urls.
+        # Output only. Deprecated. Use node_pools.instance_group_urls.
         # Corresponds to the JSON property `instanceGroupUrls`
         # @return [Array<String>]
         attr_accessor :instance_group_urls
@@ -828,10 +1251,10 @@ module Google
         # @return [Google::Apis::ContainerV1beta1::LegacyAbac]
         attr_accessor :legacy_abac
       
-        # [Output only] The name of the Google Compute Engine [zone](https://cloud.
-        # google.com/compute/docs/regions-zones/regions-zones#available) or [region](
-        # https://cloud.google.com/compute/docs/regions-zones/regions-zones#available)
-        # in which the cluster resides.
+        # Output only. The name of the Google Compute Engine [zone](https://cloud.google.
+        # com/compute/docs/regions-zones/regions-zones#available) or [region](https://
+        # cloud.google.com/compute/docs/regions-zones/regions-zones#available) in which
+        # the cluster resides.
         # Corresponds to the JSON property `location`
         # @return [String]
         attr_accessor :location
@@ -952,9 +1375,9 @@ module Google
         # @return [Google::Apis::ContainerV1beta1::NodeConfig]
         attr_accessor :node_config
       
-        # [Output only] The size of the address space on each node for hosting
-        # containers. This is provisioned from within the `container_ipv4_cidr` range.
-        # This field will only be set when cluster is in route-based network mode.
+        # Output only. The size of the address space on each node for hosting containers.
+        # This is provisioned from within the `container_ipv4_cidr` range. This field
+        # will only be set when cluster is in route-based network mode.
         # Corresponds to the JSON property `nodeIpv4CidrSize`
         # @return [Fixnum]
         attr_accessor :node_ipv4_cidr_size
@@ -981,6 +1404,19 @@ module Google
         # @return [Google::Apis::ContainerV1beta1::NotificationConfig]
         attr_accessor :notification_config
       
+        # ParentProductConfig is the configuration of the parent product of the cluster.
+        # This field is used by Google internal products that are built on top of a GKE
+        # cluster and take the ownership of the cluster.
+        # Corresponds to the JSON property `parentProductConfig`
+        # @return [Google::Apis::ContainerV1beta1::ParentProductConfig]
+        attr_accessor :parent_product_config
+      
+        # PodAutoscaling is used for configuration of parameters for workload
+        # autoscaling.
+        # Corresponds to the JSON property `podAutoscaling`
+        # @return [Google::Apis::ContainerV1beta1::PodAutoscaling]
+        attr_accessor :pod_autoscaling
+      
         # Configuration for the PodSecurityPolicy feature.
         # Corresponds to the JSON property `podSecurityPolicyConfig`
         # @return [Google::Apis::ContainerV1beta1::PodSecurityPolicyConfig]
@@ -1006,6 +1442,12 @@ module Google
         # @return [Google::Apis::ContainerV1beta1::ProtectConfig]
         attr_accessor :protect_config
       
+        # RBACBindingConfig allows user to restrict ClusterRoleBindings an RoleBindings
+        # that can be created.
+        # Corresponds to the JSON property `rbacBindingConfig`
+        # @return [Google::Apis::ContainerV1beta1::RbacBindingConfig]
+        attr_accessor :rbac_binding_config
+      
         # ReleaseChannel indicates which release channel a cluster is subscribed to.
         # Release channels are arranged in order of risk. When a cluster is subscribed
         # to a release channel, Google maintains both the master version and the node
@@ -1025,12 +1467,35 @@ module Google
         # @return [Google::Apis::ContainerV1beta1::ResourceUsageExportConfig]
         attr_accessor :resource_usage_export_config
       
-        # [Output only] Server-defined URL for the resource.
+        # Output only. Reserved for future use.
+        # Corresponds to the JSON property `satisfiesPzi`
+        # @return [Boolean]
+        attr_accessor :satisfies_pzi
+        alias_method :satisfies_pzi?, :satisfies_pzi
+      
+        # Output only. Reserved for future use.
+        # Corresponds to the JSON property `satisfiesPzs`
+        # @return [Boolean]
+        attr_accessor :satisfies_pzs
+        alias_method :satisfies_pzs?, :satisfies_pzs
+      
+        # SecretManagerConfig is config for secret manager enablement.
+        # Corresponds to the JSON property `secretManagerConfig`
+        # @return [Google::Apis::ContainerV1beta1::SecretManagerConfig]
+        attr_accessor :secret_manager_config
+      
+        # SecurityPostureConfig defines the flags needed to enable/disable features for
+        # the Security Posture API.
+        # Corresponds to the JSON property `securityPostureConfig`
+        # @return [Google::Apis::ContainerV1beta1::SecurityPostureConfig]
+        attr_accessor :security_posture_config
+      
+        # Output only. Server-defined URL for the resource.
         # Corresponds to the JSON property `selfLink`
         # @return [String]
         attr_accessor :self_link
       
-        # [Output only] The IP address range of the Kubernetes services in this cluster,
+        # Output only. The IP address range of the Kubernetes services in this cluster,
         # in [CIDR](http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing)
         # notation (e.g. `1.2.3.4/29`). Service addresses are typically put in the last `
         # /16` from the container CIDR.
@@ -1043,12 +1508,12 @@ module Google
         # @return [Google::Apis::ContainerV1beta1::ShieldedNodes]
         attr_accessor :shielded_nodes
       
-        # [Output only] The current status of this cluster.
+        # Output only. The current status of this cluster.
         # Corresponds to the JSON property `status`
         # @return [String]
         attr_accessor :status
       
-        # [Output only] Deprecated. Use conditions instead. Additional information about
+        # Output only. Deprecated. Use conditions instead. Additional information about
         # the current status of this cluster, if available.
         # Corresponds to the JSON property `statusMessage`
         # @return [String]
@@ -1066,13 +1531,19 @@ module Google
         # @return [Google::Apis::ContainerV1beta1::TpuConfig]
         attr_accessor :tpu_config
       
-        # [Output only] The IP address range of the Cloud TPUs in this cluster, in [CIDR]
-        # (http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) notation (e.g. `
-        # 1.2.3.4/29`).
+        # Output only. The IP address range of the Cloud TPUs in this cluster, in [CIDR](
+        # http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) notation (e.g. `1.
+        # 2.3.4/29`).
         # Corresponds to the JSON property `tpuIpv4CidrBlock`
         # @return [String]
         attr_accessor :tpu_ipv4_cidr_block
       
+        # UserManagedKeysConfig holds the resource address to Keys which are used for
+        # signing certs and token that are used for communication within cluster.
+        # Corresponds to the JSON property `userManagedKeysConfig`
+        # @return [Google::Apis::ContainerV1beta1::UserManagedKeysConfig]
+        attr_accessor :user_managed_keys_config
+      
         # VerticalPodAutoscaling contains global, per-cluster information required by
         # Vertical Pod Autoscaler to automatically adjust the resources of pods
         # controlled by it.
@@ -1095,9 +1566,9 @@ module Google
         # @return [Google::Apis::ContainerV1beta1::WorkloadIdentityConfig]
         attr_accessor :workload_identity_config
       
-        # [Output only] The name of the Google Compute Engine [zone](https://cloud.
-        # google.com/compute/docs/zones#available) in which the cluster resides. This
-        # field is deprecated, use location instead.
+        # Output only. The name of the Google Compute Engine [zone](https://cloud.google.
+        # com/compute/docs/zones#available) in which the cluster resides. This field is
+        # deprecated, use location instead.
         # Corresponds to the JSON property `zone`
         # @return [String]
         attr_accessor :zone
@@ -1115,8 +1586,10 @@ module Google
           @binary_authorization = args[:binary_authorization] if args.key?(:binary_authorization)
           @cluster_ipv4_cidr = args[:cluster_ipv4_cidr] if args.key?(:cluster_ipv4_cidr)
           @cluster_telemetry = args[:cluster_telemetry] if args.key?(:cluster_telemetry)
+          @compliance_posture_config = args[:compliance_posture_config] if args.key?(:compliance_posture_config)
           @conditions = args[:conditions] if args.key?(:conditions)
           @confidential_nodes = args[:confidential_nodes] if args.key?(:confidential_nodes)
+          @control_plane_endpoints_config = args[:control_plane_endpoints_config] if args.key?(:control_plane_endpoints_config)
           @cost_management_config = args[:cost_management_config] if args.key?(:cost_management_config)
           @create_time = args[:create_time] if args.key?(:create_time)
           @current_master_version = args[:current_master_version] if args.key?(:current_master_version)
@@ -1125,11 +1598,14 @@ module Google
           @database_encryption = args[:database_encryption] if args.key?(:database_encryption)
           @default_max_pods_constraint = args[:default_max_pods_constraint] if args.key?(:default_max_pods_constraint)
           @description = args[:description] if args.key?(:description)
+          @enable_k8s_beta_apis = args[:enable_k8s_beta_apis] if args.key?(:enable_k8s_beta_apis)
           @enable_kubernetes_alpha = args[:enable_kubernetes_alpha] if args.key?(:enable_kubernetes_alpha)
           @enable_tpu = args[:enable_tpu] if args.key?(:enable_tpu)
           @endpoint = args[:endpoint] if args.key?(:endpoint)
+          @enterprise_config = args[:enterprise_config] if args.key?(:enterprise_config)
           @etag = args[:etag] if args.key?(:etag)
           @expire_time = args[:expire_time] if args.key?(:expire_time)
+          @fleet = args[:fleet] if args.key?(:fleet)
           @id = args[:id] if args.key?(:id)
           @identity_service_config = args[:identity_service_config] if args.key?(:identity_service_config)
           @initial_cluster_version = args[:initial_cluster_version] if args.key?(:initial_cluster_version)
@@ -1160,13 +1636,20 @@ module Google
           @node_pool_defaults = args[:node_pool_defaults] if args.key?(:node_pool_defaults)
           @node_pools = args[:node_pools] if args.key?(:node_pools)
           @notification_config = args[:notification_config] if args.key?(:notification_config)
+          @parent_product_config = args[:parent_product_config] if args.key?(:parent_product_config)
+          @pod_autoscaling = args[:pod_autoscaling] if args.key?(:pod_autoscaling)
           @pod_security_policy_config = args[:pod_security_policy_config] if args.key?(:pod_security_policy_config)
           @private_cluster = args[:private_cluster] if args.key?(:private_cluster)
           @private_cluster_config = args[:private_cluster_config] if args.key?(:private_cluster_config)
           @protect_config = args[:protect_config] if args.key?(:protect_config)
+          @rbac_binding_config = args[:rbac_binding_config] if args.key?(:rbac_binding_config)
           @release_channel = args[:release_channel] if args.key?(:release_channel)
           @resource_labels = args[:resource_labels] if args.key?(:resource_labels)
           @resource_usage_export_config = args[:resource_usage_export_config] if args.key?(:resource_usage_export_config)
+          @satisfies_pzi = args[:satisfies_pzi] if args.key?(:satisfies_pzi)
+          @satisfies_pzs = args[:satisfies_pzs] if args.key?(:satisfies_pzs)
+          @secret_manager_config = args[:secret_manager_config] if args.key?(:secret_manager_config)
+          @security_posture_config = args[:security_posture_config] if args.key?(:security_posture_config)
           @self_link = args[:self_link] if args.key?(:self_link)
           @services_ipv4_cidr = args[:services_ipv4_cidr] if args.key?(:services_ipv4_cidr)
           @shielded_nodes = args[:shielded_nodes] if args.key?(:shielded_nodes)
@@ -1175,6 +1658,7 @@ module Google
           @subnetwork = args[:subnetwork] if args.key?(:subnetwork)
           @tpu_config = args[:tpu_config] if args.key?(:tpu_config)
           @tpu_ipv4_cidr_block = args[:tpu_ipv4_cidr_block] if args.key?(:tpu_ipv4_cidr_block)
+          @user_managed_keys_config = args[:user_managed_keys_config] if args.key?(:user_managed_keys_config)
           @vertical_pod_autoscaling = args[:vertical_pod_autoscaling] if args.key?(:vertical_pod_autoscaling)
           @workload_alts_config = args[:workload_alts_config] if args.key?(:workload_alts_config)
           @workload_certificates = args[:workload_certificates] if args.key?(:workload_certificates)
@@ -1232,6 +1716,25 @@ module Google
         end
       end
       
+      # Configuration of all network bandwidth tiers
+      class ClusterNetworkPerformanceConfig
+        include Google::Apis::Core::Hashable
+      
+        # Specifies the total network bandwidth tier for the NodePool.
+        # Corresponds to the JSON property `totalEgressBandwidthTier`
+        # @return [String]
+        attr_accessor :total_egress_bandwidth_tier
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @total_egress_bandwidth_tier = args[:total_egress_bandwidth_tier] if args.key?(:total_egress_bandwidth_tier)
+        end
+      end
+      
       # Telemetry integration for the cluster.
       class ClusterTelemetry
         include Google::Apis::Core::Hashable
@@ -1256,6 +1759,12 @@ module Google
       class ClusterUpdate
         include Google::Apis::Core::Hashable
       
+        # AdditionalPodRangesConfig is the configuration for additional pod secondary
+        # ranges supporting the ClusterUpdate message.
+        # Corresponds to the JSON property `additionalPodRangesConfig`
+        # @return [Google::Apis::ContainerV1beta1::AdditionalPodRangesConfig]
+        attr_accessor :additional_pod_ranges_config
+      
         # Configuration for the addons that can be automatically spun up in the cluster,
         # enabling additional functionality.
         # Corresponds to the JSON property `desiredAddonsConfig`
@@ -1267,6 +1776,11 @@ module Google
         # @return [Google::Apis::ContainerV1beta1::AuthenticatorGroupsConfig]
         attr_accessor :desired_authenticator_groups_config
       
+        # WorkloadPolicyConfig is the configuration related to GCW workload policy
+        # Corresponds to the JSON property `desiredAutopilotWorkloadPolicyConfig`
+        # @return [Google::Apis::ContainerV1beta1::WorkloadPolicyConfig]
+        attr_accessor :desired_autopilot_workload_policy_config
+      
         # Configuration for Binary Authorization.
         # Corresponds to the JSON property `desiredBinaryAuthorization`
         # @return [Google::Apis::ContainerV1beta1::BinaryAuthorization]
@@ -1284,6 +1798,22 @@ module Google
         # @return [Google::Apis::ContainerV1beta1::ClusterTelemetry]
         attr_accessor :desired_cluster_telemetry
       
+        # CompliancePostureConfig defines the settings needed to enable/disable features
+        # for the Compliance Posture.
+        # Corresponds to the JSON property `desiredCompliancePostureConfig`
+        # @return [Google::Apis::ContainerV1beta1::CompliancePostureConfig]
+        attr_accessor :desired_compliance_posture_config
+      
+        # ContainerdConfig contains configuration to customize containerd.
+        # Corresponds to the JSON property `desiredContainerdConfig`
+        # @return [Google::Apis::ContainerV1beta1::ContainerdConfig]
+        attr_accessor :desired_containerd_config
+      
+        # Configuration for all of the cluster's control plane endpoints.
+        # Corresponds to the JSON property `desiredControlPlaneEndpointsConfig`
+        # @return [Google::Apis::ContainerV1beta1::ControlPlaneEndpointsConfig]
+        attr_accessor :desired_control_plane_endpoints_config
+      
         # Configuration for fine-grained cost management feature.
         # Corresponds to the JSON property `desiredCostManagementConfig`
         # @return [Google::Apis::ContainerV1beta1::CostManagementConfig]
@@ -1299,23 +1829,68 @@ module Google
         # @return [String]
         attr_accessor :desired_datapath_provider
       
-        # DefaultSnatStatus contains the desired state of whether default sNAT should be
+        # Override the default setting of whether future created nodes have private IP
+        # addresses only, namely NetworkConfig.default_enable_private_nodes
+        # Corresponds to the JSON property `desiredDefaultEnablePrivateNodes`
+        # @return [Boolean]
+        attr_accessor :desired_default_enable_private_nodes
+        alias_method :desired_default_enable_private_nodes?, :desired_default_enable_private_nodes
+      
+        # DefaultSnatStatus contains the desired state of whether default sNAT should be
         # disabled on the cluster.
         # Corresponds to the JSON property `desiredDefaultSnatStatus`
         # @return [Google::Apis::ContainerV1beta1::DefaultSnatStatus]
         attr_accessor :desired_default_snat_status
       
+        # Enable/Disable L4 LB VPC firewall reconciliation for the cluster.
+        # Corresponds to the JSON property `desiredDisableL4LbFirewallReconciliation`
+        # @return [Boolean]
+        attr_accessor :desired_disable_l4_lb_firewall_reconciliation
+        alias_method :desired_disable_l4_lb_firewall_reconciliation?, :desired_disable_l4_lb_firewall_reconciliation
+      
         # DNSConfig contains the desired set of options for configuring clusterDNS.
         # Corresponds to the JSON property `desiredDnsConfig`
         # @return [Google::Apis::ContainerV1beta1::DnsConfig]
         attr_accessor :desired_dns_config
       
-        # Enable/Disable private endpoint for the cluster's master.
+        # Enable/Disable Cilium Clusterwide Network Policy for the cluster.
+        # Corresponds to the JSON property `desiredEnableCiliumClusterwideNetworkPolicy`
+        # @return [Boolean]
+        attr_accessor :desired_enable_cilium_clusterwide_network_policy
+        alias_method :desired_enable_cilium_clusterwide_network_policy?, :desired_enable_cilium_clusterwide_network_policy
+      
+        # Enable/Disable FQDN Network Policy for the cluster.
+        # Corresponds to the JSON property `desiredEnableFqdnNetworkPolicy`
+        # @return [Boolean]
+        attr_accessor :desired_enable_fqdn_network_policy
+        alias_method :desired_enable_fqdn_network_policy?, :desired_enable_fqdn_network_policy
+      
+        # Enable/Disable Multi-Networking for the cluster
+        # Corresponds to the JSON property `desiredEnableMultiNetworking`
+        # @return [Boolean]
+        attr_accessor :desired_enable_multi_networking
+        alias_method :desired_enable_multi_networking?, :desired_enable_multi_networking
+      
+        # Enable/Disable private endpoint for the cluster's master. Deprecated: Use
+        # desired_control_plane_endpoints_config.ip_endpoints_config.
+        # enable_public_endpoint instead. Note that the value of enable_public_endpoint
+        # is reversed: if enable_private_endpoint is false, then enable_public_endpoint
+        # will be true.
         # Corresponds to the JSON property `desiredEnablePrivateEndpoint`
         # @return [Boolean]
         attr_accessor :desired_enable_private_endpoint
         alias_method :desired_enable_private_endpoint?, :desired_enable_private_endpoint
       
+        # DesiredEnterpriseConfig is a wrapper used for updating enterprise_config.
+        # Corresponds to the JSON property `desiredEnterpriseConfig`
+        # @return [Google::Apis::ContainerV1beta1::DesiredEnterpriseConfig]
+        attr_accessor :desired_enterprise_config
+      
+        # Fleet is the fleet configuration for the cluster.
+        # Corresponds to the JSON property `desiredFleet`
+        # @return [Google::Apis::ContainerV1beta1::Fleet]
+        attr_accessor :desired_fleet
+      
         # GatewayAPIConfig contains the desired config of Gateway API on this cluster.
         # Corresponds to the JSON property `desiredGatewayApiConfig`
         # @return [Google::Apis::ContainerV1beta1::GatewayApiConfig]
@@ -1326,6 +1901,12 @@ module Google
         # @return [Google::Apis::ContainerV1beta1::GcfsConfig]
         attr_accessor :desired_gcfs_config
       
+        # HostMaintenancePolicy contains the maintenance policy for the hosts on which
+        # the GKE VMs run on.
+        # Corresponds to the JSON property `desiredHostMaintenancePolicy`
+        # @return [Google::Apis::ContainerV1beta1::HostMaintenancePolicy]
+        attr_accessor :desired_host_maintenance_policy
+      
         # IdentityServiceConfig is configuration for Identity Service which allows
         # customers to use external identity providers with the K8S API
         # Corresponds to the JSON property `desiredIdentityServiceConfig`
@@ -1338,12 +1919,23 @@ module Google
         # @return [String]
         attr_accessor :desired_image_type
       
+        # Specify the details of in-transit encryption. Now named inter-node transparent
+        # encryption.
+        # Corresponds to the JSON property `desiredInTransitEncryptionConfig`
+        # @return [String]
+        attr_accessor :desired_in_transit_encryption_config
+      
         # IntraNodeVisibilityConfig contains the desired config of the intra-node
         # visibility on this cluster.
         # Corresponds to the JSON property `desiredIntraNodeVisibilityConfig`
         # @return [Google::Apis::ContainerV1beta1::IntraNodeVisibilityConfig]
         attr_accessor :desired_intra_node_visibility_config
       
+        # Kubernetes open source beta apis enabled on the cluster.
+        # Corresponds to the JSON property `desiredK8sBetaApis`
+        # @return [Google::Apis::ContainerV1beta1::K8sBetaApiConfig]
+        attr_accessor :desired_k8s_beta_apis
+      
         # ILBSubsettingConfig contains the desired config of L4 Internal LoadBalancer
         # subsetting on this cluster.
         # Corresponds to the JSON property `desiredL4ilbSubsettingConfig`
@@ -1420,6 +2012,26 @@ module Google
         # @return [String]
         attr_accessor :desired_monitoring_service
       
+        # Configuration of all network bandwidth tiers
+        # Corresponds to the JSON property `desiredNetworkPerformanceConfig`
+        # @return [Google::Apis::ContainerV1beta1::ClusterNetworkPerformanceConfig]
+        attr_accessor :desired_network_performance_config
+      
+        # Node kubelet configs.
+        # Corresponds to the JSON property `desiredNodeKubeletConfig`
+        # @return [Google::Apis::ContainerV1beta1::NodeKubeletConfig]
+        attr_accessor :desired_node_kubelet_config
+      
+        # Node kubelet configs.
+        # Corresponds to the JSON property `desiredNodePoolAutoConfigKubeletConfig`
+        # @return [Google::Apis::ContainerV1beta1::NodeKubeletConfig]
+        attr_accessor :desired_node_pool_auto_config_kubelet_config
+      
+        # Parameters that can be configured on Linux nodes.
+        # Corresponds to the JSON property `desiredNodePoolAutoConfigLinuxNodeConfig`
+        # @return [Google::Apis::ContainerV1beta1::LinuxNodeConfig]
+        attr_accessor :desired_node_pool_auto_config_linux_node_config
+      
         # Collection of Compute Engine network tags that can be applied to a node's
         # underlying VM instance. (See `tags` field in [`NodeConfig`](/kubernetes-engine/
         # docs/reference/rest/v1/NodeConfig)).
@@ -1427,6 +2039,15 @@ module Google
         # @return [Google::Apis::ContainerV1beta1::NetworkTags]
         attr_accessor :desired_node_pool_auto_config_network_tags
       
+        # A map of resource manager tag keys and values to be attached to the nodes for
+        # managing Compute Engine firewalls using Network Firewall Policies. Tags must
+        # be according to specifications in https://cloud.google.com/vpc/docs/tags-
+        # firewalls-overview#specifications. A maximum of 5 tag key-value pairs can be
+        # specified. Existing tags will be replaced with new values.
+        # Corresponds to the JSON property `desiredNodePoolAutoConfigResourceManagerTags`
+        # @return [Google::Apis::ContainerV1beta1::ResourceManagerTags]
+        attr_accessor :desired_node_pool_auto_config_resource_manager_tags
+      
         # NodePoolAutoscaling contains information required by cluster autoscaler to
         # adjust the size of the node pool to the current cluster usage.
         # Corresponds to the JSON property `desiredNodePoolAutoscaling`
@@ -1462,6 +2083,19 @@ module Google
         # @return [Google::Apis::ContainerV1beta1::NotificationConfig]
         attr_accessor :desired_notification_config
       
+        # ParentProductConfig is the configuration of the parent product of the cluster.
+        # This field is used by Google internal products that are built on top of a GKE
+        # cluster and take the ownership of the cluster.
+        # Corresponds to the JSON property `desiredParentProductConfig`
+        # @return [Google::Apis::ContainerV1beta1::ParentProductConfig]
+        attr_accessor :desired_parent_product_config
+      
+        # PodAutoscaling is used for configuration of parameters for workload
+        # autoscaling.
+        # Corresponds to the JSON property `desiredPodAutoscaling`
+        # @return [Google::Apis::ContainerV1beta1::PodAutoscaling]
+        attr_accessor :desired_pod_autoscaling
+      
         # Configuration for the PodSecurityPolicy feature.
         # Corresponds to the JSON property `desiredPodSecurityPolicyConfig`
         # @return [Google::Apis::ContainerV1beta1::PodSecurityPolicyConfig]
@@ -1483,6 +2117,12 @@ module Google
         # @return [Google::Apis::ContainerV1beta1::ProtectConfig]
         attr_accessor :desired_protect_config
       
+        # RBACBindingConfig allows user to restrict ClusterRoleBindings an RoleBindings
+        # that can be created.
+        # Corresponds to the JSON property `desiredRbacBindingConfig`
+        # @return [Google::Apis::ContainerV1beta1::RbacBindingConfig]
+        attr_accessor :desired_rbac_binding_config
+      
         # ReleaseChannel indicates which release channel a cluster is subscribed to.
         # Release channels are arranged in order of risk. When a cluster is subscribed
         # to a release channel, Google maintains both the master version and the node
@@ -1496,6 +2136,17 @@ module Google
         # @return [Google::Apis::ContainerV1beta1::ResourceUsageExportConfig]
         attr_accessor :desired_resource_usage_export_config
       
+        # SecretManagerConfig is config for secret manager enablement.
+        # Corresponds to the JSON property `desiredSecretManagerConfig`
+        # @return [Google::Apis::ContainerV1beta1::SecretManagerConfig]
+        attr_accessor :desired_secret_manager_config
+      
+        # SecurityPostureConfig defines the flags needed to enable/disable features for
+        # the Security Posture API.
+        # Corresponds to the JSON property `desiredSecurityPostureConfig`
+        # @return [Google::Apis::ContainerV1beta1::SecurityPostureConfig]
+        attr_accessor :desired_security_posture_config
+      
         # Config to block services with externalIPs field.
         # Corresponds to the JSON property `desiredServiceExternalIpsConfig`
         # @return [Google::Apis::ContainerV1beta1::ServiceExternalIPsConfig]
@@ -1540,6 +2191,11 @@ module Google
         # @return [Google::Apis::ContainerV1beta1::WorkloadIdentityConfig]
         attr_accessor :desired_workload_identity_config
       
+        # Kubernetes open source beta apis enabled on the cluster.
+        # Corresponds to the JSON property `enableK8sBetaApis`
+        # @return [Google::Apis::ContainerV1beta1::K8sBetaApiConfig]
+        attr_accessor :enable_k8s_beta_apis
+      
         # The current etag of the cluster. If an etag is provided and does not match the
         # current etag of the cluster, update will be blocked and an ABORTED error will
         # be returned.
@@ -1547,28 +2203,60 @@ module Google
         # @return [String]
         attr_accessor :etag
       
+        # Configuration options for private clusters.
+        # Corresponds to the JSON property `privateClusterConfig`
+        # @return [Google::Apis::ContainerV1beta1::PrivateClusterConfig]
+        attr_accessor :private_cluster_config
+      
+        # AdditionalPodRangesConfig is the configuration for additional pod secondary
+        # ranges supporting the ClusterUpdate message.
+        # Corresponds to the JSON property `removedAdditionalPodRangesConfig`
+        # @return [Google::Apis::ContainerV1beta1::AdditionalPodRangesConfig]
+        attr_accessor :removed_additional_pod_ranges_config
+      
+        # UserManagedKeysConfig holds the resource address to Keys which are used for
+        # signing certs and token that are used for communication within cluster.
+        # Corresponds to the JSON property `userManagedKeysConfig`
+        # @return [Google::Apis::ContainerV1beta1::UserManagedKeysConfig]
+        attr_accessor :user_managed_keys_config
+      
         def initialize(**args)
            update!(**args)
         end
       
         # Update properties of this object
         def update!(**args)
+          @additional_pod_ranges_config = args[:additional_pod_ranges_config] if args.key?(:additional_pod_ranges_config)
           @desired_addons_config = args[:desired_addons_config] if args.key?(:desired_addons_config)
           @desired_authenticator_groups_config = args[:desired_authenticator_groups_config] if args.key?(:desired_authenticator_groups_config)
+          @desired_autopilot_workload_policy_config = args[:desired_autopilot_workload_policy_config] if args.key?(:desired_autopilot_workload_policy_config)
           @desired_binary_authorization = args[:desired_binary_authorization] if args.key?(:desired_binary_authorization)
           @desired_cluster_autoscaling = args[:desired_cluster_autoscaling] if args.key?(:desired_cluster_autoscaling)
           @desired_cluster_telemetry = args[:desired_cluster_telemetry] if args.key?(:desired_cluster_telemetry)
+          @desired_compliance_posture_config = args[:desired_compliance_posture_config] if args.key?(:desired_compliance_posture_config)
+          @desired_containerd_config = args[:desired_containerd_config] if args.key?(:desired_containerd_config)
+          @desired_control_plane_endpoints_config = args[:desired_control_plane_endpoints_config] if args.key?(:desired_control_plane_endpoints_config)
           @desired_cost_management_config = args[:desired_cost_management_config] if args.key?(:desired_cost_management_config)
           @desired_database_encryption = args[:desired_database_encryption] if args.key?(:desired_database_encryption)
           @desired_datapath_provider = args[:desired_datapath_provider] if args.key?(:desired_datapath_provider)
+          @desired_default_enable_private_nodes = args[:desired_default_enable_private_nodes] if args.key?(:desired_default_enable_private_nodes)
           @desired_default_snat_status = args[:desired_default_snat_status] if args.key?(:desired_default_snat_status)
+          @desired_disable_l4_lb_firewall_reconciliation = args[:desired_disable_l4_lb_firewall_reconciliation] if args.key?(:desired_disable_l4_lb_firewall_reconciliation)
           @desired_dns_config = args[:desired_dns_config] if args.key?(:desired_dns_config)
+          @desired_enable_cilium_clusterwide_network_policy = args[:desired_enable_cilium_clusterwide_network_policy] if args.key?(:desired_enable_cilium_clusterwide_network_policy)
+          @desired_enable_fqdn_network_policy = args[:desired_enable_fqdn_network_policy] if args.key?(:desired_enable_fqdn_network_policy)
+          @desired_enable_multi_networking = args[:desired_enable_multi_networking] if args.key?(:desired_enable_multi_networking)
           @desired_enable_private_endpoint = args[:desired_enable_private_endpoint] if args.key?(:desired_enable_private_endpoint)
+          @desired_enterprise_config = args[:desired_enterprise_config] if args.key?(:desired_enterprise_config)
+          @desired_fleet = args[:desired_fleet] if args.key?(:desired_fleet)
           @desired_gateway_api_config = args[:desired_gateway_api_config] if args.key?(:desired_gateway_api_config)
           @desired_gcfs_config = args[:desired_gcfs_config] if args.key?(:desired_gcfs_config)
+          @desired_host_maintenance_policy = args[:desired_host_maintenance_policy] if args.key?(:desired_host_maintenance_policy)
           @desired_identity_service_config = args[:desired_identity_service_config] if args.key?(:desired_identity_service_config)
           @desired_image_type = args[:desired_image_type] if args.key?(:desired_image_type)
+          @desired_in_transit_encryption_config = args[:desired_in_transit_encryption_config] if args.key?(:desired_in_transit_encryption_config)
           @desired_intra_node_visibility_config = args[:desired_intra_node_visibility_config] if args.key?(:desired_intra_node_visibility_config)
+          @desired_k8s_beta_apis = args[:desired_k8s_beta_apis] if args.key?(:desired_k8s_beta_apis)
           @desired_l4ilb_subsetting_config = args[:desired_l4ilb_subsetting_config] if args.key?(:desired_l4ilb_subsetting_config)
           @desired_locations = args[:desired_locations] if args.key?(:desired_locations)
           @desired_logging_config = args[:desired_logging_config] if args.key?(:desired_logging_config)
@@ -1579,18 +2267,28 @@ module Google
           @desired_mesh_certificates = args[:desired_mesh_certificates] if args.key?(:desired_mesh_certificates)
           @desired_monitoring_config = args[:desired_monitoring_config] if args.key?(:desired_monitoring_config)
           @desired_monitoring_service = args[:desired_monitoring_service] if args.key?(:desired_monitoring_service)
+          @desired_network_performance_config = args[:desired_network_performance_config] if args.key?(:desired_network_performance_config)
+          @desired_node_kubelet_config = args[:desired_node_kubelet_config] if args.key?(:desired_node_kubelet_config)
+          @desired_node_pool_auto_config_kubelet_config = args[:desired_node_pool_auto_config_kubelet_config] if args.key?(:desired_node_pool_auto_config_kubelet_config)
+          @desired_node_pool_auto_config_linux_node_config = args[:desired_node_pool_auto_config_linux_node_config] if args.key?(:desired_node_pool_auto_config_linux_node_config)
           @desired_node_pool_auto_config_network_tags = args[:desired_node_pool_auto_config_network_tags] if args.key?(:desired_node_pool_auto_config_network_tags)
+          @desired_node_pool_auto_config_resource_manager_tags = args[:desired_node_pool_auto_config_resource_manager_tags] if args.key?(:desired_node_pool_auto_config_resource_manager_tags)
           @desired_node_pool_autoscaling = args[:desired_node_pool_autoscaling] if args.key?(:desired_node_pool_autoscaling)
           @desired_node_pool_id = args[:desired_node_pool_id] if args.key?(:desired_node_pool_id)
           @desired_node_pool_logging_config = args[:desired_node_pool_logging_config] if args.key?(:desired_node_pool_logging_config)
           @desired_node_version = args[:desired_node_version] if args.key?(:desired_node_version)
           @desired_notification_config = args[:desired_notification_config] if args.key?(:desired_notification_config)
+          @desired_parent_product_config = args[:desired_parent_product_config] if args.key?(:desired_parent_product_config)
+          @desired_pod_autoscaling = args[:desired_pod_autoscaling] if args.key?(:desired_pod_autoscaling)
           @desired_pod_security_policy_config = args[:desired_pod_security_policy_config] if args.key?(:desired_pod_security_policy_config)
           @desired_private_cluster_config = args[:desired_private_cluster_config] if args.key?(:desired_private_cluster_config)
           @desired_private_ipv6_google_access = args[:desired_private_ipv6_google_access] if args.key?(:desired_private_ipv6_google_access)
           @desired_protect_config = args[:desired_protect_config] if args.key?(:desired_protect_config)
+          @desired_rbac_binding_config = args[:desired_rbac_binding_config] if args.key?(:desired_rbac_binding_config)
           @desired_release_channel = args[:desired_release_channel] if args.key?(:desired_release_channel)
           @desired_resource_usage_export_config = args[:desired_resource_usage_export_config] if args.key?(:desired_resource_usage_export_config)
+          @desired_secret_manager_config = args[:desired_secret_manager_config] if args.key?(:desired_secret_manager_config)
+          @desired_security_posture_config = args[:desired_security_posture_config] if args.key?(:desired_security_posture_config)
           @desired_service_external_ips_config = args[:desired_service_external_ips_config] if args.key?(:desired_service_external_ips_config)
           @desired_shielded_nodes = args[:desired_shielded_nodes] if args.key?(:desired_shielded_nodes)
           @desired_stack_type = args[:desired_stack_type] if args.key?(:desired_stack_type)
@@ -1599,7 +2297,66 @@ module Google
           @desired_workload_alts_config = args[:desired_workload_alts_config] if args.key?(:desired_workload_alts_config)
           @desired_workload_certificates = args[:desired_workload_certificates] if args.key?(:desired_workload_certificates)
           @desired_workload_identity_config = args[:desired_workload_identity_config] if args.key?(:desired_workload_identity_config)
+          @enable_k8s_beta_apis = args[:enable_k8s_beta_apis] if args.key?(:enable_k8s_beta_apis)
           @etag = args[:etag] if args.key?(:etag)
+          @private_cluster_config = args[:private_cluster_config] if args.key?(:private_cluster_config)
+          @removed_additional_pod_ranges_config = args[:removed_additional_pod_ranges_config] if args.key?(:removed_additional_pod_ranges_config)
+          @user_managed_keys_config = args[:user_managed_keys_config] if args.key?(:user_managed_keys_config)
+        end
+      end
+      
+      # ClusterUpgradeInfo contains the upgrade information of a cluster.
+      class ClusterUpgradeInfo
+        include Google::Apis::Core::Hashable
+      
+        # The auto upgrade status.
+        # Corresponds to the JSON property `autoUpgradeStatus`
+        # @return [Array<String>]
+        attr_accessor :auto_upgrade_status
+      
+        # The cluster's current minor version's end of extended support timestamp.
+        # Corresponds to the JSON property `endOfExtendedSupportTimestamp`
+        # @return [String]
+        attr_accessor :end_of_extended_support_timestamp
+      
+        # The cluster's current minor version's end of standard support timestamp.
+        # Corresponds to the JSON property `endOfStandardSupportTimestamp`
+        # @return [String]
+        attr_accessor :end_of_standard_support_timestamp
+      
+        # minor_target_version indicates the target version for minor upgrade.
+        # Corresponds to the JSON property `minorTargetVersion`
+        # @return [String]
+        attr_accessor :minor_target_version
+      
+        # patch_target_version indicates the target version for patch upgrade.
+        # Corresponds to the JSON property `patchTargetVersion`
+        # @return [String]
+        attr_accessor :patch_target_version
+      
+        # The auto upgrade paused reason.
+        # Corresponds to the JSON property `pausedReason`
+        # @return [Array<String>]
+        attr_accessor :paused_reason
+      
+        # The list of past auto upgrades.
+        # Corresponds to the JSON property `upgradeDetails`
+        # @return [Array<Google::Apis::ContainerV1beta1::UpgradeDetails>]
+        attr_accessor :upgrade_details
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @auto_upgrade_status = args[:auto_upgrade_status] if args.key?(:auto_upgrade_status)
+          @end_of_extended_support_timestamp = args[:end_of_extended_support_timestamp] if args.key?(:end_of_extended_support_timestamp)
+          @end_of_standard_support_timestamp = args[:end_of_standard_support_timestamp] if args.key?(:end_of_standard_support_timestamp)
+          @minor_target_version = args[:minor_target_version] if args.key?(:minor_target_version)
+          @patch_target_version = args[:patch_target_version] if args.key?(:patch_target_version)
+          @paused_reason = args[:paused_reason] if args.key?(:paused_reason)
+          @upgrade_details = args[:upgrade_details] if args.key?(:upgrade_details)
         end
       end
       
@@ -1660,6 +2417,51 @@ module Google
         end
       end
       
+      # CompliancePostureConfig defines the settings needed to enable/disable features
+      # for the Compliance Posture.
+      class CompliancePostureConfig
+        include Google::Apis::Core::Hashable
+      
+        # List of enabled compliance standards.
+        # Corresponds to the JSON property `complianceStandards`
+        # @return [Array<Google::Apis::ContainerV1beta1::ComplianceStandard>]
+        attr_accessor :compliance_standards
+      
+        # Defines the enablement mode for Compliance Posture.
+        # Corresponds to the JSON property `mode`
+        # @return [String]
+        attr_accessor :mode
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @compliance_standards = args[:compliance_standards] if args.key?(:compliance_standards)
+          @mode = args[:mode] if args.key?(:mode)
+        end
+      end
+      
+      # Defines the details of a compliance standard.
+      class ComplianceStandard
+        include Google::Apis::Core::Hashable
+      
+        # Name of the compliance standard.
+        # Corresponds to the JSON property `standard`
+        # @return [String]
+        attr_accessor :standard
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @standard = args[:standard] if args.key?(:standard)
+        end
+      end
+      
       # ConfidentialNodes is configuration for the confidential nodes feature, which
       # makes nodes run on confidential VMs.
       class ConfidentialNodes
@@ -1722,6 +2524,51 @@ module Google
         end
       end
       
+      # ContainerdConfig contains configuration to customize containerd.
+      class ContainerdConfig
+        include Google::Apis::Core::Hashable
+      
+        # PrivateRegistryAccessConfig contains access configuration for private
+        # container registries.
+        # Corresponds to the JSON property `privateRegistryAccessConfig`
+        # @return [Google::Apis::ContainerV1beta1::PrivateRegistryAccessConfig]
+        attr_accessor :private_registry_access_config
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @private_registry_access_config = args[:private_registry_access_config] if args.key?(:private_registry_access_config)
+        end
+      end
+      
+      # Configuration for all of the cluster's control plane endpoints.
+      class ControlPlaneEndpointsConfig
+        include Google::Apis::Core::Hashable
+      
+        # Describes the configuration of a DNS endpoint.
+        # Corresponds to the JSON property `dnsEndpointConfig`
+        # @return [Google::Apis::ContainerV1beta1::DnsEndpointConfig]
+        attr_accessor :dns_endpoint_config
+      
+        # IP endpoints configuration.
+        # Corresponds to the JSON property `ipEndpointsConfig`
+        # @return [Google::Apis::ContainerV1beta1::IpEndpointsConfig]
+        attr_accessor :ip_endpoints_config
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @dns_endpoint_config = args[:dns_endpoint_config] if args.key?(:dns_endpoint_config)
+          @ip_endpoints_config = args[:ip_endpoints_config] if args.key?(:ip_endpoints_config)
+        end
+      end
+      
       # Configuration for fine-grained cost management feature.
       class CostManagementConfig
         include Google::Apis::Core::Hashable
@@ -1799,20 +2646,7 @@ module Google
         # specification, under the control of the cluster master. They may have a set of
         # Kubernetes labels applied to them, which may be used to reference them during
         # pod scheduling. They may also be resized up or down, to accommodate the
-        # workload. These upgrade settings control the level of parallelism and the
-        # level of disruption caused by an upgrade. maxUnavailable controls the number
-        # of nodes that can be simultaneously unavailable. maxSurge controls the number
-        # of additional nodes that can be added to the node pool temporarily for the
-        # time of the upgrade to increase the number of available nodes. (maxUnavailable
-        # + maxSurge) determines the level of parallelism (how many nodes are being
-        # upgraded at the same time). Note: upgrades inevitably introduce some
-        # disruption since workloads need to be moved from old nodes to new, upgraded
-        # ones. Even if maxUnavailable=0, this holds true. (Disruption stays within the
-        # limits of PodDisruptionBudget, if it is configured.) Consider a hypothetical
-        # node pool with 5 nodes having maxSurge=2, maxUnavailable=1. This means the
-        # upgrade process upgrades 3 nodes simultaneously. It creates 2 additional (
-        # upgraded) nodes, then it brings down 3 old (not yet upgraded) nodes at the
-        # same time. This ensures that there are always at least 4 nodes available.
+        # workload.
         # Corresponds to the JSON property `nodePool`
         # @return [Google::Apis::ContainerV1beta1::NodePool]
         attr_accessor :node_pool
@@ -1855,6 +2689,11 @@ module Google
       class DnsConfig
         include Google::Apis::Core::Hashable
       
+        # Optional. The domain used in Additive VPC scope.
+        # Corresponds to the JSON property `additiveVpcScopeDnsDomain`
+        # @return [String]
+        attr_accessor :additive_vpc_scope_dns_domain
+      
         # cluster_dns indicates which in-cluster DNS provider should be used.
         # Corresponds to the JSON property `clusterDns`
         # @return [String]
@@ -1876,17 +2715,48 @@ module Google
       
         # Update properties of this object
         def update!(**args)
+          @additive_vpc_scope_dns_domain = args[:additive_vpc_scope_dns_domain] if args.key?(:additive_vpc_scope_dns_domain)
           @cluster_dns = args[:cluster_dns] if args.key?(:cluster_dns)
           @cluster_dns_domain = args[:cluster_dns_domain] if args.key?(:cluster_dns_domain)
           @cluster_dns_scope = args[:cluster_dns_scope] if args.key?(:cluster_dns_scope)
         end
       end
       
+      # Describes the configuration of a DNS endpoint.
+      class DnsEndpointConfig
+        include Google::Apis::Core::Hashable
+      
+        # Controls whether user traffic is allowed over this endpoint. Note that GCP-
+        # managed services may still use the endpoint even if this is false.
+        # Corresponds to the JSON property `allowExternalTraffic`
+        # @return [Boolean]
+        attr_accessor :allow_external_traffic
+        alias_method :allow_external_traffic?, :allow_external_traffic
+      
+        # Output only. The cluster's DNS endpoint configuration. A DNS format address.
+        # This is accessible from the public internet. Ex: uid.us-central1.gke.goog.
+        # Always present, but the behavior may change according to the value of
+        # DNSEndpointConfig.allow_external_traffic.
+        # Corresponds to the JSON property `endpoint`
+        # @return [String]
+        attr_accessor :endpoint
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @allow_external_traffic = args[:allow_external_traffic] if args.key?(:allow_external_traffic)
+          @endpoint = args[:endpoint] if args.key?(:endpoint)
+        end
+      end
+      
       # Time window specified for daily maintenance operations.
       class DailyMaintenanceWindow
         include Google::Apis::Core::Hashable
       
-        # [Output only] Duration of the time window, automatically chosen to be smallest
+        # Output only. Duration of the time window, automatically chosen to be smallest
         # possible in the given scenario.
         # Corresponds to the JSON property `duration`
         # @return [String]
@@ -1913,13 +2783,29 @@ module Google
       class DatabaseEncryption
         include Google::Apis::Core::Hashable
       
+        # Output only. The current state of etcd encryption.
+        # Corresponds to the JSON property `currentState`
+        # @return [String]
+        attr_accessor :current_state
+      
+        # Output only. Keys in use by the cluster for decrypting existing objects, in
+        # addition to the key in `key_name`. Each item is a CloudKMS key resource.
+        # Corresponds to the JSON property `decryptionKeys`
+        # @return [Array<String>]
+        attr_accessor :decryption_keys
+      
         # Name of CloudKMS key to use for the encryption of secrets in etcd. Ex.
         # projects/my-project/locations/global/keyRings/my-ring/cryptoKeys/my-key
         # Corresponds to the JSON property `keyName`
         # @return [String]
         attr_accessor :key_name
       
-        # Denotes the state of etcd encryption.
+        # Output only. Records errors seen during DatabaseEncryption update operations.
+        # Corresponds to the JSON property `lastOperationErrors`
+        # @return [Array<Google::Apis::ContainerV1beta1::OperationError>]
+        attr_accessor :last_operation_errors
+      
+        # The desired state of etcd encryption.
         # Corresponds to the JSON property `state`
         # @return [String]
         attr_accessor :state
@@ -1930,7 +2816,10 @@ module Google
       
         # Update properties of this object
         def update!(**args)
+          @current_state = args[:current_state] if args.key?(:current_state)
+          @decryption_keys = args[:decryption_keys] if args.key?(:decryption_keys)
           @key_name = args[:key_name] if args.key?(:key_name)
+          @last_operation_errors = args[:last_operation_errors] if args.key?(:last_operation_errors)
           @state = args[:state] if args.key?(:state)
         end
       end
@@ -1997,6 +2886,25 @@ module Google
         end
       end
       
+      # DesiredEnterpriseConfig is a wrapper used for updating enterprise_config.
+      class DesiredEnterpriseConfig
+        include Google::Apis::Core::Hashable
+      
+        # desired_tier specifies the desired tier of the cluster.
+        # Corresponds to the JSON property `desiredTier`
+        # @return [String]
+        attr_accessor :desired_tier
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @desired_tier = args[:desired_tier] if args.key?(:desired_tier)
+        end
+      end
+      
       # Configuration for NodeLocal DNSCache
       class DnsCacheConfig
         include Google::Apis::Core::Hashable
@@ -2033,14 +2941,48 @@ module Google
         end
       end
       
+      # EnterpriseConfig is the cluster enterprise configuration.
+      class EnterpriseConfig
+        include Google::Apis::Core::Hashable
+      
+        # Output only. cluster_tier indicates the effective tier of the cluster.
+        # Corresponds to the JSON property `clusterTier`
+        # @return [String]
+        attr_accessor :cluster_tier
+      
+        # desired_tier specifies the desired tier of the cluster.
+        # Corresponds to the JSON property `desiredTier`
+        # @return [String]
+        attr_accessor :desired_tier
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @cluster_tier = args[:cluster_tier] if args.key?(:cluster_tier)
+          @desired_tier = args[:desired_tier] if args.key?(:desired_tier)
+        end
+      end
+      
       # EphemeralStorageConfig contains configuration for the ephemeral storage
       # filesystem.
       class EphemeralStorageConfig
         include Google::Apis::Core::Hashable
       
         # Number of local SSDs to use to back ephemeral storage. Uses NVMe interfaces.
-        # Each local SSD is 375 GB in size. If zero, it means to disable using local
-        # SSDs as ephemeral storage.
+        # The limit for this value is dependent upon the maximum number of disk
+        # available on a machine per zone. See: https://cloud.google.com/compute/docs/
+        # disks/local-ssd for more information. A zero (or unset) value has different
+        # meanings depending on machine type being used: 1. For pre-Gen3 machines, which
+        # support flexible numbers of local ssds, zero (or unset) means to disable using
+        # local SSDs as ephemeral storage. 2. For Gen3 machines which dictate a specific
+        # number of local ssds, zero (or unset) means to use the default number of local
+        # ssds that goes with that machine type. For example, for a c3-standard-8-lssd
+        # machine, 2 local ssds would be provisioned. For c3-standard-8 (which doesn't
+        # support local ssds), 0 will be provisioned. See https://cloud.google.com/
+        # compute/docs/disks/local-ssd#choose_number_local_ssds for more info.
         # Corresponds to the JSON property `localSsdCount`
         # @return [Fixnum]
         attr_accessor :local_ssd_count
@@ -2060,11 +3002,18 @@ module Google
       class EphemeralStorageLocalSsdConfig
         include Google::Apis::Core::Hashable
       
-        # Number of local SSDs to use to back ephemeral storage. Uses NVMe interfaces.
-        # Each local SSD is 375 GB in size. If zero, it means to disable using local
-        # SSDs as ephemeral storage. The limit for this value is dependent upon the
-        # maximum number of disks available on a machine per zone. See: https://cloud.
-        # google.com/compute/docs/disks/local-ssd for more information.
+        # Number of local SSDs to use to back ephemeral storage. Uses NVMe interfaces. A
+        # zero (or unset) value has different meanings depending on machine type being
+        # used: 1. For pre-Gen3 machines, which support flexible numbers of local ssds,
+        # zero (or unset) means to disable using local SSDs as ephemeral storage. The
+        # limit for this value is dependent upon the maximum number of disk available on
+        # a machine per zone. See: https://cloud.google.com/compute/docs/disks/local-ssd
+        # for more information. 2. For Gen3 machines which dictate a specific number of
+        # local ssds, zero (or unset) means to use the default number of local ssds that
+        # goes with that machine type. For example, for a c3-standard-8-lssd machine, 2
+        # local ssds would be provisioned. For c3-standard-8 (which doesn't support
+        # local ssds), 0 will be provisioned. See https://cloud.google.com/compute/docs/
+        # disks/local-ssd#choose_number_local_ssds for more info.
         # Corresponds to the JSON property `localSsdCount`
         # @return [Fixnum]
         attr_accessor :local_ssd_count
@@ -2121,6 +3070,83 @@ module Google
         end
       end
       
+      # Fleet is the fleet configuration for the cluster.
+      class Fleet
+        include Google::Apis::Core::Hashable
+      
+        # Output only. The full resource name of the registered fleet membership of the
+        # cluster, in the format `//gkehub.googleapis.com/projects/*/locations/*/
+        # memberships/*`.
+        # Corresponds to the JSON property `membership`
+        # @return [String]
+        attr_accessor :membership
+      
+        # Output only. Whether the cluster has been registered through the fleet API.
+        # Corresponds to the JSON property `preRegistered`
+        # @return [Boolean]
+        attr_accessor :pre_registered
+        alias_method :pre_registered?, :pre_registered
+      
+        # The Fleet host project(project ID or project number) where this cluster will
+        # be registered to. This field cannot be changed after the cluster has been
+        # registered.
+        # Corresponds to the JSON property `project`
+        # @return [String]
+        attr_accessor :project
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @membership = args[:membership] if args.key?(:membership)
+          @pre_registered = args[:pre_registered] if args.key?(:pre_registered)
+          @project = args[:project] if args.key?(:project)
+        end
+      end
+      
+      # GCPSecretManagerCertificateConfig configures a secret from [Google Secret
+      # Manager](https://cloud.google.com/secret-manager).
+      class GcpSecretManagerCertificateConfig
+        include Google::Apis::Core::Hashable
+      
+        # Secret URI, in the form "projects/$PROJECT_ID/secrets/$SECRET_NAME/versions/$
+        # VERSION". Version can be fixed (e.g. "2") or "latest"
+        # Corresponds to the JSON property `secretUri`
+        # @return [String]
+        attr_accessor :secret_uri
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @secret_uri = args[:secret_uri] if args.key?(:secret_uri)
+        end
+      end
+      
+      # GPUDriverInstallationConfig specifies the version of GPU driver to be auto
+      # installed.
+      class GpuDriverInstallationConfig
+        include Google::Apis::Core::Hashable
+      
+        # Mode for how the GPU driver is installed.
+        # Corresponds to the JSON property `gpuDriverVersion`
+        # @return [String]
+        attr_accessor :gpu_driver_version
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @gpu_driver_version = args[:gpu_driver_version] if args.key?(:gpu_driver_version)
+        end
+      end
+      
       # GPUSharingConfig represents the GPU sharing configuration for Hardware
       # Accelerators.
       class GpuSharingConfig
@@ -2226,6 +3252,26 @@ module Google
         end
       end
       
+      # Configuration for the Cloud Storage Fuse CSI driver.
+      class GcsFuseCsiDriverConfig
+        include Google::Apis::Core::Hashable
+      
+        # Whether the Cloud Storage Fuse CSI driver is enabled for this cluster.
+        # Corresponds to the JSON property `enabled`
+        # @return [Boolean]
+        attr_accessor :enabled
+        alias_method :enabled?, :enabled
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @enabled = args[:enabled] if args.key?(:enabled)
+        end
+      end
+      
       # GetJSONWebKeysResponse is a valid JSON Web Key Set as specififed in rfc 7517
       class GetJsonWebKeysResponse
         include Google::Apis::Core::Hashable
@@ -2356,23 +3402,49 @@ module Google
         end
       end
       
-      # RFC-2616: cache control support
-      class HttpCacheControlResponseHeader
+      # HostMaintenancePolicy contains the maintenance policy for the hosts on which
+      # the GKE VMs run on.
+      class HostMaintenancePolicy
         include Google::Apis::Core::Hashable
       
-        # 14.6 response cache age, in seconds since the response is generated
-        # Corresponds to the JSON property `age`
-        # @return [Fixnum]
-        attr_accessor :age
-      
-        # 14.9 request and response directives
-        # Corresponds to the JSON property `directive`
+        # Specifies the frequency of planned maintenance events.
+        # Corresponds to the JSON property `maintenanceInterval`
         # @return [String]
-        attr_accessor :directive
+        attr_accessor :maintenance_interval
       
-        # 14.21 response cache expires, in RFC 1123 date format
-        # Corresponds to the JSON property `expires`
-        # @return [String]
+        # Strategy that will trigger maintenance on behalf of the customer.
+        # Corresponds to the JSON property `opportunisticMaintenanceStrategy`
+        # @return [Google::Apis::ContainerV1beta1::OpportunisticMaintenanceStrategy]
+        attr_accessor :opportunistic_maintenance_strategy
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @maintenance_interval = args[:maintenance_interval] if args.key?(:maintenance_interval)
+          @opportunistic_maintenance_strategy = args[:opportunistic_maintenance_strategy] if args.key?(:opportunistic_maintenance_strategy)
+        end
+      end
+      
+      # RFC-2616: cache control support
+      class HttpCacheControlResponseHeader
+        include Google::Apis::Core::Hashable
+      
+        # 14.6 response cache age, in seconds since the response is generated
+        # Corresponds to the JSON property `age`
+        # @return [Fixnum]
+        attr_accessor :age
+      
+        # 14.9 request and response directives
+        # Corresponds to the JSON property `directive`
+        # @return [String]
+        attr_accessor :directive
+      
+        # 14.21 response cache expires, in RFC 1123 date format
+        # Corresponds to the JSON property `expires`
+        # @return [String]
         attr_accessor :expires
       
         def initialize(**args)
@@ -2409,6 +3481,31 @@ module Google
         end
       end
       
+      # Hugepages amount in both 2m and 1g size
+      class HugepagesConfig
+        include Google::Apis::Core::Hashable
+      
+        # Optional. Amount of 1G hugepages
+        # Corresponds to the JSON property `hugepageSize1g`
+        # @return [Fixnum]
+        attr_accessor :hugepage_size1g
+      
+        # Optional. Amount of 2M hugepages
+        # Corresponds to the JSON property `hugepageSize2m`
+        # @return [Fixnum]
+        attr_accessor :hugepage_size2m
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @hugepage_size1g = args[:hugepage_size1g] if args.key?(:hugepage_size1g)
+          @hugepage_size2m = args[:hugepage_size2m] if args.key?(:hugepage_size2m)
+        end
+      end
+      
       # ILBSubsettingConfig contains the desired config of L4 Internal LoadBalancer
       # subsetting on this cluster.
       class IlbSubsettingConfig
@@ -2434,6 +3531,12 @@ module Google
       class IpAllocationPolicy
         include Google::Apis::Core::Hashable
       
+        # AdditionalPodRangesConfig is the configuration for additional pod secondary
+        # ranges supporting the ClusterUpdate message.
+        # Corresponds to the JSON property `additionalPodRangesConfig`
+        # @return [Google::Apis::ContainerV1beta1::AdditionalPodRangesConfig]
+        attr_accessor :additional_pod_ranges_config
+      
         # If true, allow allocation of cluster CIDR ranges that overlap with certain
         # kinds of network routes. By default we do not allow cluster CIDR ranges to
         # intersect with any user declared routes. With allow_route_overlap == true, we
@@ -2480,6 +3583,13 @@ module Google
         attr_accessor :create_subnetwork
         alias_method :create_subnetwork?, :create_subnetwork
       
+        # Output only. The utilization of the cluster default IPv4 range for the pod.
+        # The ratio is Usage/[Total number of IPs in the secondary range], Usage=
+        # numNodes*numZones*podIPsPerNode.
+        # Corresponds to the JSON property `defaultPodIpv4RangeUtilization`
+        # @return [Float]
+        attr_accessor :default_pod_ipv4_range_utilization
+      
         # The ipv6 access type (internal or external) when create_subnetwork is true
         # Corresponds to the JSON property `ipv6AccessType`
         # @return [String]
@@ -2501,6 +3611,11 @@ module Google
         # @return [String]
         attr_accessor :node_ipv4_cidr_block
       
+        # [PRIVATE FIELD] Config for pod CIDR size overprovisioning.
+        # Corresponds to the JSON property `podCidrOverprovisionConfig`
+        # @return [Google::Apis::ContainerV1beta1::PodCidrOverprovisionConfig]
+        attr_accessor :pod_cidr_overprovision_config
+      
         # This field is deprecated, use services_ipv4_cidr_block.
         # Corresponds to the JSON property `servicesIpv4Cidr`
         # @return [String]
@@ -2518,7 +3633,7 @@ module Google
         # @return [String]
         attr_accessor :services_ipv4_cidr_block
       
-        # Output only. [Output only] The services IPv6 CIDR block for the cluster.
+        # Output only. The services IPv6 CIDR block for the cluster.
         # Corresponds to the JSON property `servicesIpv6CidrBlock`
         # @return [String]
         attr_accessor :services_ipv6_cidr_block
@@ -2536,7 +3651,7 @@ module Google
         # @return [String]
         attr_accessor :stack_type
       
-        # Output only. [Output only] The subnet's IPv6 CIDR block used by nodes and pods.
+        # Output only. The subnet's IPv6 CIDR block used by nodes and pods.
         # Corresponds to the JSON property `subnetIpv6CidrBlock`
         # @return [String]
         attr_accessor :subnet_ipv6_cidr_block
@@ -2584,14 +3699,17 @@ module Google
       
         # Update properties of this object
         def update!(**args)
+          @additional_pod_ranges_config = args[:additional_pod_ranges_config] if args.key?(:additional_pod_ranges_config)
           @allow_route_overlap = args[:allow_route_overlap] if args.key?(:allow_route_overlap)
           @cluster_ipv4_cidr = args[:cluster_ipv4_cidr] if args.key?(:cluster_ipv4_cidr)
           @cluster_ipv4_cidr_block = args[:cluster_ipv4_cidr_block] if args.key?(:cluster_ipv4_cidr_block)
           @cluster_secondary_range_name = args[:cluster_secondary_range_name] if args.key?(:cluster_secondary_range_name)
           @create_subnetwork = args[:create_subnetwork] if args.key?(:create_subnetwork)
+          @default_pod_ipv4_range_utilization = args[:default_pod_ipv4_range_utilization] if args.key?(:default_pod_ipv4_range_utilization)
           @ipv6_access_type = args[:ipv6_access_type] if args.key?(:ipv6_access_type)
           @node_ipv4_cidr = args[:node_ipv4_cidr] if args.key?(:node_ipv4_cidr)
           @node_ipv4_cidr_block = args[:node_ipv4_cidr_block] if args.key?(:node_ipv4_cidr_block)
+          @pod_cidr_overprovision_config = args[:pod_cidr_overprovision_config] if args.key?(:pod_cidr_overprovision_config)
           @services_ipv4_cidr = args[:services_ipv4_cidr] if args.key?(:services_ipv4_cidr)
           @services_ipv4_cidr_block = args[:services_ipv4_cidr_block] if args.key?(:services_ipv4_cidr_block)
           @services_ipv6_cidr_block = args[:services_ipv6_cidr_block] if args.key?(:services_ipv6_cidr_block)
@@ -2605,6 +3723,76 @@ module Google
         end
       end
       
+      # IP endpoints configuration.
+      class IpEndpointsConfig
+        include Google::Apis::Core::Hashable
+      
+        # Configuration options for the master authorized networks feature. Enabled
+        # master authorized networks will disallow all external traffic to access
+        # Kubernetes master through HTTPS except traffic from the given CIDR blocks,
+        # Google Compute Engine Public IPs and Google Prod IPs.
+        # Corresponds to the JSON property `authorizedNetworksConfig`
+        # @return [Google::Apis::ContainerV1beta1::MasterAuthorizedNetworksConfig]
+        attr_accessor :authorized_networks_config
+      
+        # Controls whether the control plane allows access through a public IP. It is
+        # invalid to specify both PrivateClusterConfig.enablePrivateEndpoint and this
+        # field at the same time.
+        # Corresponds to the JSON property `enablePublicEndpoint`
+        # @return [Boolean]
+        attr_accessor :enable_public_endpoint
+        alias_method :enable_public_endpoint?, :enable_public_endpoint
+      
+        # Controls whether to allow direct IP access.
+        # Corresponds to the JSON property `enabled`
+        # @return [Boolean]
+        attr_accessor :enabled
+        alias_method :enabled?, :enabled
+      
+        # Controls whether the control plane's private endpoint is accessible from
+        # sources in other regions. It is invalid to specify both
+        # PrivateClusterMasterGlobalAccessConfig.enabled and this field at the same time.
+        # Corresponds to the JSON property `globalAccess`
+        # @return [Boolean]
+        attr_accessor :global_access
+        alias_method :global_access?, :global_access
+      
+        # Output only. The internal IP address of this cluster's control plane. Only
+        # populated if enabled.
+        # Corresponds to the JSON property `privateEndpoint`
+        # @return [String]
+        attr_accessor :private_endpoint
+      
+        # Subnet to provision the master's private endpoint during cluster creation.
+        # Specified in projects/*/regions/*/subnetworks/* format. It is invalid to
+        # specify both PrivateClusterConfig.privateEndpointSubnetwork and this field at
+        # the same time.
+        # Corresponds to the JSON property `privateEndpointSubnetwork`
+        # @return [String]
+        attr_accessor :private_endpoint_subnetwork
+      
+        # Output only. The external IP address of this cluster's control plane. Only
+        # populated if enabled.
+        # Corresponds to the JSON property `publicEndpoint`
+        # @return [String]
+        attr_accessor :public_endpoint
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @authorized_networks_config = args[:authorized_networks_config] if args.key?(:authorized_networks_config)
+          @enable_public_endpoint = args[:enable_public_endpoint] if args.key?(:enable_public_endpoint)
+          @enabled = args[:enabled] if args.key?(:enabled)
+          @global_access = args[:global_access] if args.key?(:global_access)
+          @private_endpoint = args[:private_endpoint] if args.key?(:private_endpoint)
+          @private_endpoint_subnetwork = args[:private_endpoint_subnetwork] if args.key?(:private_endpoint_subnetwork)
+          @public_endpoint = args[:public_endpoint] if args.key?(:public_endpoint)
+        end
+      end
+      
       # IdentityServiceConfig is configuration for Identity Service which allows
       # customers to use external identity providers with the K8S API
       class IdentityServiceConfig
@@ -2740,6 +3928,25 @@ module Google
         end
       end
       
+      # Kubernetes open source beta apis enabled on the cluster.
+      class K8sBetaApiConfig
+        include Google::Apis::Core::Hashable
+      
+        # api name, e.g. storage.k8s.io/v1beta1/csistoragecapacities.
+        # Corresponds to the JSON property `enabledApis`
+        # @return [Array<String>]
+        attr_accessor :enabled_apis
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @enabled_apis = args[:enabled_apis] if args.key?(:enabled_apis)
+        end
+      end
+      
       # Configuration options for the KALM addon.
       class KalmConfig
         include Google::Apis::Core::Hashable
@@ -2812,11 +4019,16 @@ module Google
         # @return [String]
         attr_accessor :cgroup_mode
       
+        # Hugepages amount in both 2m and 1g size
+        # Corresponds to the JSON property `hugepages`
+        # @return [Google::Apis::ContainerV1beta1::HugepagesConfig]
+        attr_accessor :hugepages
+      
         # The Linux kernel parameters to be applied to the nodes and all pods running on
         # the nodes. The following parameters are supported. net.core.busy_poll net.core.
         # busy_read net.core.netdev_max_backlog net.core.rmem_max net.core.wmem_default
         # net.core.wmem_max net.core.optmem_max net.core.somaxconn net.ipv4.tcp_rmem net.
-        # ipv4.tcp_wmem net.ipv4.tcp_tw_reuse
+        # ipv4.tcp_wmem net.ipv4.tcp_tw_reuse kernel.shmmni kernel.shmmax kernel.shmall
         # Corresponds to the JSON property `sysctls`
         # @return [Hash<String,String>]
         attr_accessor :sysctls
@@ -2828,6 +4040,7 @@ module Google
         # Update properties of this object
         def update!(**args)
           @cgroup_mode = args[:cgroup_mode] if args.key?(:cgroup_mode)
+          @hugepages = args[:hugepages] if args.key?(:hugepages)
           @sysctls = args[:sysctls] if args.key?(:sysctls)
         end
       end
@@ -2965,11 +4178,18 @@ module Google
       class LocalNvmeSsdBlockConfig
         include Google::Apis::Core::Hashable
       
-        # The number of raw-block local NVMe SSD disks to be attached to the node. Each
-        # local SSD is 375 GB in size. If zero, it means no raw-block local NVMe SSD
-        # disks to be attached to the node. The limit for this value is dependent upon
-        # the maximum number of disks available on a machine per zone. See: https://
-        # cloud.google.com/compute/docs/disks/local-ssd for more information.
+        # Number of local NVMe SSDs to use. The limit for this value is dependent upon
+        # the maximum number of disk available on a machine per zone. See: https://cloud.
+        # google.com/compute/docs/disks/local-ssd for more information. A zero (or unset)
+        # value has different meanings depending on machine type being used: 1. For pre-
+        # Gen3 machines, which support flexible numbers of local ssds, zero (or unset)
+        # means to disable using local SSDs as ephemeral storage. 2. For Gen3 machines
+        # which dictate a specific number of local ssds, zero (or unset) means to use
+        # the default number of local ssds that goes with that machine type. For example,
+        # for a c3-standard-8-lssd machine, 2 local ssds would be provisioned. For c3-
+        # standard-8 (which doesn't support local ssds), 0 will be provisioned. See
+        # https://cloud.google.com/compute/docs/disks/local-ssd#choose_number_local_ssds
+        # for more info.
         # Corresponds to the JSON property `localSsdCount`
         # @return [Fixnum]
         attr_accessor :local_ssd_count
@@ -3160,6 +4380,12 @@ module Google
       class ManagedPrometheusConfig
         include Google::Apis::Core::Hashable
       
+        # AutoMonitoringConfig defines the configuration for GKE Workload Auto-
+        # Monitoring.
+        # Corresponds to the JSON property `autoMonitoringConfig`
+        # @return [Google::Apis::ContainerV1beta1::AutoMonitoringConfig]
+        attr_accessor :auto_monitoring_config
+      
         # Enable Managed Collection.
         # Corresponds to the JSON property `enabled`
         # @return [Boolean]
@@ -3172,6 +4398,7 @@ module Google
       
         # Update properties of this object
         def update!(**args)
+          @auto_monitoring_config = args[:auto_monitoring_config] if args.key?(:auto_monitoring_config)
           @enabled = args[:enabled] if args.key?(:enabled)
         end
       end
@@ -3194,8 +4421,8 @@ module Google
       class MasterAuth
         include Google::Apis::Core::Hashable
       
-        # [Output only] Base64-encoded public certificate used by clients to
-        # authenticate to the cluster endpoint.
+        # Output only. Base64-encoded public certificate used by clients to authenticate
+        # to the cluster endpoint. Issued only if client_certificate_config is set.
         # Corresponds to the JSON property `clientCertificate`
         # @return [String]
         attr_accessor :client_certificate
@@ -3205,13 +4432,14 @@ module Google
         # @return [Google::Apis::ContainerV1beta1::ClientCertificateConfig]
         attr_accessor :client_certificate_config
       
-        # [Output only] Base64-encoded private key used by clients to authenticate to
-        # the cluster endpoint.
+        # Output only. Base64-encoded private key used by clients to authenticate to the
+        # cluster endpoint.
         # Corresponds to the JSON property `clientKey`
         # @return [String]
         attr_accessor :client_key
       
-        # 
+        # Output only. Base64-encoded public certificate that is the root of trust for
+        # the cluster.
         # Corresponds to the JSON property `clusterCaCertificate`
         # @return [String]
         attr_accessor :cluster_ca_certificate
@@ -3278,6 +4506,12 @@ module Google
         attr_accessor :gcp_public_cidrs_access_enabled
         alias_method :gcp_public_cidrs_access_enabled?, :gcp_public_cidrs_access_enabled
       
+        # Whether master authorized networks is enforced on private endpoint or not.
+        # Corresponds to the JSON property `privateEndpointEnforcementEnabled`
+        # @return [Boolean]
+        attr_accessor :private_endpoint_enforcement_enabled
+        alias_method :private_endpoint_enforcement_enabled?, :private_endpoint_enforcement_enabled
+      
         def initialize(**args)
            update!(**args)
         end
@@ -3287,6 +4521,7 @@ module Google
           @cidr_blocks = args[:cidr_blocks] if args.key?(:cidr_blocks)
           @enabled = args[:enabled] if args.key?(:enabled)
           @gcp_public_cidrs_access_enabled = args[:gcp_public_cidrs_access_enabled] if args.key?(:gcp_public_cidrs_access_enabled)
+          @private_endpoint_enforcement_enabled = args[:private_endpoint_enforcement_enabled] if args.key?(:private_endpoint_enforcement_enabled)
         end
       end
       
@@ -3394,6 +4629,12 @@ module Google
       class MonitoringConfig
         include Google::Apis::Core::Hashable
       
+        # AdvancedDatapathObservabilityConfig specifies configuration of observability
+        # features of advanced datapath.
+        # Corresponds to the JSON property `advancedDatapathObservabilityConfig`
+        # @return [Google::Apis::ContainerV1beta1::AdvancedDatapathObservabilityConfig]
+        attr_accessor :advanced_datapath_observability_config
+      
         # MonitoringComponentConfig is cluster monitoring component configuration.
         # Corresponds to the JSON property `componentConfig`
         # @return [Google::Apis::ContainerV1beta1::MonitoringComponentConfig]
@@ -3411,6 +4652,7 @@ module Google
       
         # Update properties of this object
         def update!(**args)
+          @advanced_datapath_observability_config = args[:advanced_datapath_observability_config] if args.key?(:advanced_datapath_observability_config)
           @component_config = args[:component_config] if args.key?(:component_config)
           @managed_prometheus_config = args[:managed_prometheus_config] if args.key?(:managed_prometheus_config)
         end
@@ -3426,17 +4668,44 @@ module Google
         # @return [String]
         attr_accessor :datapath_provider
       
+        # Controls whether by default nodes have private IP addresses only. It is
+        # invalid to specify both PrivateClusterConfig.enablePrivateNodes and this field
+        # at the same time. To update the default setting, use ClusterUpdate.
+        # desired_default_enable_private_nodes
+        # Corresponds to the JSON property `defaultEnablePrivateNodes`
+        # @return [Boolean]
+        attr_accessor :default_enable_private_nodes
+        alias_method :default_enable_private_nodes?, :default_enable_private_nodes
+      
         # DefaultSnatStatus contains the desired state of whether default sNAT should be
         # disabled on the cluster.
         # Corresponds to the JSON property `defaultSnatStatus`
         # @return [Google::Apis::ContainerV1beta1::DefaultSnatStatus]
         attr_accessor :default_snat_status
       
+        # Disable L4 load balancer VPC firewalls to enable firewall policies.
+        # Corresponds to the JSON property `disableL4LbFirewallReconciliation`
+        # @return [Boolean]
+        attr_accessor :disable_l4_lb_firewall_reconciliation
+        alias_method :disable_l4_lb_firewall_reconciliation?, :disable_l4_lb_firewall_reconciliation
+      
         # DNSConfig contains the desired set of options for configuring clusterDNS.
         # Corresponds to the JSON property `dnsConfig`
         # @return [Google::Apis::ContainerV1beta1::DnsConfig]
         attr_accessor :dns_config
       
+        # Whether CiliumClusterWideNetworkPolicy is enabled on this cluster.
+        # Corresponds to the JSON property `enableCiliumClusterwideNetworkPolicy`
+        # @return [Boolean]
+        attr_accessor :enable_cilium_clusterwide_network_policy
+        alias_method :enable_cilium_clusterwide_network_policy?, :enable_cilium_clusterwide_network_policy
+      
+        # Whether FQDN Network Policy is enabled on this cluster.
+        # Corresponds to the JSON property `enableFqdnNetworkPolicy`
+        # @return [Boolean]
+        attr_accessor :enable_fqdn_network_policy
+        alias_method :enable_fqdn_network_policy?, :enable_fqdn_network_policy
+      
         # Whether Intra-node visibility is enabled for this cluster. This makes same
         # node pod to pod traffic visible for VPC network.
         # Corresponds to the JSON property `enableIntraNodeVisibility`
@@ -3450,11 +4719,22 @@ module Google
         attr_accessor :enable_l4ilb_subsetting
         alias_method :enable_l4ilb_subsetting?, :enable_l4ilb_subsetting
       
+        # Whether multi-networking is enabled for this cluster.
+        # Corresponds to the JSON property `enableMultiNetworking`
+        # @return [Boolean]
+        attr_accessor :enable_multi_networking
+        alias_method :enable_multi_networking?, :enable_multi_networking
+      
         # GatewayAPIConfig contains the desired config of Gateway API on this cluster.
         # Corresponds to the JSON property `gatewayApiConfig`
         # @return [Google::Apis::ContainerV1beta1::GatewayApiConfig]
         attr_accessor :gateway_api_config
       
+        # Specify the details of in-transit encryption.
+        # Corresponds to the JSON property `inTransitEncryptionConfig`
+        # @return [String]
+        attr_accessor :in_transit_encryption_config
+      
         # Output only. The relative name of the Google Compute Engine network(https://
         # cloud.google.com/compute/docs/networks-and-firewalls#networks) to which the
         # cluster is connected. Example: projects/my-project/global/networks/my-network
@@ -3462,6 +4742,11 @@ module Google
         # @return [String]
         attr_accessor :network
       
+        # Configuration of all network bandwidth tiers
+        # Corresponds to the JSON property `networkPerformanceConfig`
+        # @return [Google::Apis::ContainerV1beta1::ClusterNetworkPerformanceConfig]
+        attr_accessor :network_performance_config
+      
         # The desired state of IPv6 connectivity to Google Services. By default, no
         # private IPv6 access to or from Google Services (all access will be via IPv4)
         # Corresponds to the JSON property `privateIpv6GoogleAccess`
@@ -3487,12 +4772,19 @@ module Google
         # Update properties of this object
         def update!(**args)
           @datapath_provider = args[:datapath_provider] if args.key?(:datapath_provider)
+          @default_enable_private_nodes = args[:default_enable_private_nodes] if args.key?(:default_enable_private_nodes)
           @default_snat_status = args[:default_snat_status] if args.key?(:default_snat_status)
+          @disable_l4_lb_firewall_reconciliation = args[:disable_l4_lb_firewall_reconciliation] if args.key?(:disable_l4_lb_firewall_reconciliation)
           @dns_config = args[:dns_config] if args.key?(:dns_config)
+          @enable_cilium_clusterwide_network_policy = args[:enable_cilium_clusterwide_network_policy] if args.key?(:enable_cilium_clusterwide_network_policy)
+          @enable_fqdn_network_policy = args[:enable_fqdn_network_policy] if args.key?(:enable_fqdn_network_policy)
           @enable_intra_node_visibility = args[:enable_intra_node_visibility] if args.key?(:enable_intra_node_visibility)
           @enable_l4ilb_subsetting = args[:enable_l4ilb_subsetting] if args.key?(:enable_l4ilb_subsetting)
+          @enable_multi_networking = args[:enable_multi_networking] if args.key?(:enable_multi_networking)
           @gateway_api_config = args[:gateway_api_config] if args.key?(:gateway_api_config)
+          @in_transit_encryption_config = args[:in_transit_encryption_config] if args.key?(:in_transit_encryption_config)
           @network = args[:network] if args.key?(:network)
+          @network_performance_config = args[:network_performance_config] if args.key?(:network_performance_config)
           @private_ipv6_google_access = args[:private_ipv6_google_access] if args.key?(:private_ipv6_google_access)
           @service_external_ips_config = args[:service_external_ips_config] if args.key?(:service_external_ips_config)
           @subnetwork = args[:subnetwork] if args.key?(:subnetwork)
@@ -3595,6 +4887,39 @@ module Google
         end
       end
       
+      # Specifies the NodeAffinity key, values, and affinity operator according to [
+      # shared sole tenant node group affinities](https://cloud.google.com/compute/
+      # docs/nodes/sole-tenant-nodes#node_affinity_and_anti-affinity).
+      class NodeAffinity
+        include Google::Apis::Core::Hashable
+      
+        # Key for NodeAffinity.
+        # Corresponds to the JSON property `key`
+        # @return [String]
+        attr_accessor :key
+      
+        # Operator for NodeAffinity.
+        # Corresponds to the JSON property `operator`
+        # @return [String]
+        attr_accessor :operator
+      
+        # Values for NodeAffinity.
+        # Corresponds to the JSON property `values`
+        # @return [Array<String>]
+        attr_accessor :values
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @key = args[:key] if args.key?(:key)
+          @operator = args[:operator] if args.key?(:operator)
+          @values = args[:values] if args.key?(:values)
+        end
+      end
+      
       # Parameters that describe the nodes in a cluster. GKE Autopilot clusters do not
       # recognize parameters in `NodeConfig`. Use AutoprovisioningNodePoolDefaults
       # instead.
@@ -3627,6 +4952,11 @@ module Google
         # @return [Google::Apis::ContainerV1beta1::ConfidentialNodes]
         attr_accessor :confidential_nodes
       
+        # ContainerdConfig contains configuration to customize containerd.
+        # Corresponds to the JSON property `containerdConfig`
+        # @return [Google::Apis::ContainerV1beta1::ContainerdConfig]
+        attr_accessor :containerd_config
+      
         # Size of the disk attached to each node, specified in GB. The smallest allowed
         # disk size is 10GB. If unspecified, the default disk size is 100GB.
         # Corresponds to the JSON property `diskSizeGb`
@@ -3639,6 +4969,20 @@ module Google
         # @return [String]
         attr_accessor :disk_type
       
+        # Output only. effective_cgroup_mode is the cgroup mode actually used by the
+        # node pool. It is determined by the cgroup mode specified in the
+        # LinuxNodeConfig or the default cgroup mode based on the cluster creation
+        # version.
+        # Corresponds to the JSON property `effectiveCgroupMode`
+        # @return [String]
+        attr_accessor :effective_cgroup_mode
+      
+        # Optional. Reserved for future use.
+        # Corresponds to the JSON property `enableConfidentialStorage`
+        # @return [Boolean]
+        attr_accessor :enable_confidential_storage
+        alias_method :enable_confidential_storage?, :enable_confidential_storage
+      
         # EphemeralStorageConfig contains configuration for the ephemeral storage
         # filesystem.
         # Corresponds to the JSON property `ephemeralStorageConfig`
@@ -3666,8 +5010,15 @@ module Google
         # @return [Google::Apis::ContainerV1beta1::VirtualNic]
         attr_accessor :gvnic
       
+        # HostMaintenancePolicy contains the maintenance policy for the hosts on which
+        # the GKE VMs run on.
+        # Corresponds to the JSON property `hostMaintenancePolicy`
+        # @return [Google::Apis::ContainerV1beta1::HostMaintenancePolicy]
+        attr_accessor :host_maintenance_policy
+      
         # The image type to use for this node. Note that for a given image type, the
-        # latest version of it will be used.
+        # latest version of it will be used. Please see https://cloud.google.com/
+        # kubernetes-engine/docs/concepts/node-images for available image types.
         # Corresponds to the JSON property `imageType`
         # @return [String]
         attr_accessor :image_type
@@ -3707,6 +5058,12 @@ module Google
         # @return [Fixnum]
         attr_accessor :local_ssd_count
       
+        # Specifies which method should be used for encrypting the Local SSDs attahced
+        # to the node.
+        # Corresponds to the JSON property `localSsdEncryptionMode`
+        # @return [String]
+        attr_accessor :local_ssd_encryption_mode
+      
         # NodePoolLoggingConfig specifies logging configuration for nodepools.
         # Corresponds to the JSON property `loggingConfig`
         # @return [Google::Apis::ContainerV1beta1::NodePoolLoggingConfig]
@@ -3719,6 +5076,12 @@ module Google
         # @return [String]
         attr_accessor :machine_type
       
+        # The maximum duration for the nodes to exist. If unspecified, the nodes can
+        # exist indefinitely.
+        # Corresponds to the JSON property `maxRunDuration`
+        # @return [String]
+        attr_accessor :max_run_duration
+      
         # The metadata key/value pairs assigned to instances in the cluster. Keys must
         # conform to the regexp `[a-zA-Z0-9-_]+` and be less than 128 bytes in length.
         # These are reflected as part of a URL in the metadata server. Additionally, to
@@ -3768,7 +5131,7 @@ module Google
         attr_accessor :oauth_scopes
       
         # Whether the nodes are created as preemptible VM instances. See: https://cloud.
-        # google.com/compute/docs/instances/preemptible for more inforamtion about
+        # google.com/compute/docs/instances/preemptible for more information about
         # preemptible VM instances.
         # Corresponds to the JSON property `preemptible`
         # @return [Boolean]
@@ -3788,11 +5151,31 @@ module Google
         # @return [Hash<String,String>]
         attr_accessor :resource_labels
       
+        # A map of resource manager tag keys and values to be attached to the nodes for
+        # managing Compute Engine firewalls using Network Firewall Policies. Tags must
+        # be according to specifications in https://cloud.google.com/vpc/docs/tags-
+        # firewalls-overview#specifications. A maximum of 5 tag key-value pairs can be
+        # specified. Existing tags will be replaced with new values.
+        # Corresponds to the JSON property `resourceManagerTags`
+        # @return [Google::Apis::ContainerV1beta1::ResourceManagerTags]
+        attr_accessor :resource_manager_tags
+      
         # SandboxConfig contains configurations of the sandbox to use for the node.
         # Corresponds to the JSON property `sandboxConfig`
         # @return [Google::Apis::ContainerV1beta1::SandboxConfig]
         attr_accessor :sandbox_config
       
+        # SecondaryBootDiskUpdateStrategy is a placeholder which will be extended in the
+        # future to define different options for updating secondary boot disks.
+        # Corresponds to the JSON property `secondaryBootDiskUpdateStrategy`
+        # @return [Google::Apis::ContainerV1beta1::SecondaryBootDiskUpdateStrategy]
+        attr_accessor :secondary_boot_disk_update_strategy
+      
+        # List of secondary boot disks attached to the nodes.
+        # Corresponds to the JSON property `secondaryBootDisks`
+        # @return [Array<Google::Apis::ContainerV1beta1::SecondaryBootDisk>]
+        attr_accessor :secondary_boot_disks
+      
         # The Google Cloud Platform Service Account to be used by the node VMs. Specify
         # the email address of the Service Account; otherwise, if no Service Account is
         # specified, the "default" service account is used.
@@ -3805,6 +5188,12 @@ module Google
         # @return [Google::Apis::ContainerV1beta1::ShieldedInstanceConfig]
         attr_accessor :shielded_instance_config
       
+        # SoleTenantConfig contains the NodeAffinities to specify what shared sole
+        # tenant node groups should back the node pool.
+        # Corresponds to the JSON property `soleTenantConfig`
+        # @return [Google::Apis::ContainerV1beta1::SoleTenantConfig]
+        attr_accessor :sole_tenant_config
+      
         # Spot flag for enabling Spot VM, which is a rebrand of the existing preemptible
         # flag.
         # Corresponds to the JSON property `spot`
@@ -3812,6 +5201,11 @@ module Google
         attr_accessor :spot
         alias_method :spot?, :spot
       
+        # List of Storage Pools where boot disks are provisioned.
+        # Corresponds to the JSON property `storagePools`
+        # @return [Array<String>]
+        attr_accessor :storage_pools
+      
         # The list of instance tags applied to all nodes. Tags are used to identify
         # valid sources or targets for network firewalls and are specified by the client
         # during cluster or node pool creation. Each tag within the list must comply
@@ -3850,21 +5244,27 @@ module Google
           @advanced_machine_features = args[:advanced_machine_features] if args.key?(:advanced_machine_features)
           @boot_disk_kms_key = args[:boot_disk_kms_key] if args.key?(:boot_disk_kms_key)
           @confidential_nodes = args[:confidential_nodes] if args.key?(:confidential_nodes)
+          @containerd_config = args[:containerd_config] if args.key?(:containerd_config)
           @disk_size_gb = args[:disk_size_gb] if args.key?(:disk_size_gb)
           @disk_type = args[:disk_type] if args.key?(:disk_type)
+          @effective_cgroup_mode = args[:effective_cgroup_mode] if args.key?(:effective_cgroup_mode)
+          @enable_confidential_storage = args[:enable_confidential_storage] if args.key?(:enable_confidential_storage)
           @ephemeral_storage_config = args[:ephemeral_storage_config] if args.key?(:ephemeral_storage_config)
           @ephemeral_storage_local_ssd_config = args[:ephemeral_storage_local_ssd_config] if args.key?(:ephemeral_storage_local_ssd_config)
           @fast_socket = args[:fast_socket] if args.key?(:fast_socket)
           @gcfs_config = args[:gcfs_config] if args.key?(:gcfs_config)
           @gvnic = args[:gvnic] if args.key?(:gvnic)
+          @host_maintenance_policy = args[:host_maintenance_policy] if args.key?(:host_maintenance_policy)
           @image_type = args[:image_type] if args.key?(:image_type)
           @kubelet_config = args[:kubelet_config] if args.key?(:kubelet_config)
           @labels = args[:labels] if args.key?(:labels)
           @linux_node_config = args[:linux_node_config] if args.key?(:linux_node_config)
           @local_nvme_ssd_block_config = args[:local_nvme_ssd_block_config] if args.key?(:local_nvme_ssd_block_config)
           @local_ssd_count = args[:local_ssd_count] if args.key?(:local_ssd_count)
+          @local_ssd_encryption_mode = args[:local_ssd_encryption_mode] if args.key?(:local_ssd_encryption_mode)
           @logging_config = args[:logging_config] if args.key?(:logging_config)
           @machine_type = args[:machine_type] if args.key?(:machine_type)
+          @max_run_duration = args[:max_run_duration] if args.key?(:max_run_duration)
           @metadata = args[:metadata] if args.key?(:metadata)
           @min_cpu_platform = args[:min_cpu_platform] if args.key?(:min_cpu_platform)
           @node_group = args[:node_group] if args.key?(:node_group)
@@ -3872,10 +5272,15 @@ module Google
           @preemptible = args[:preemptible] if args.key?(:preemptible)
           @reservation_affinity = args[:reservation_affinity] if args.key?(:reservation_affinity)
           @resource_labels = args[:resource_labels] if args.key?(:resource_labels)
+          @resource_manager_tags = args[:resource_manager_tags] if args.key?(:resource_manager_tags)
           @sandbox_config = args[:sandbox_config] if args.key?(:sandbox_config)
+          @secondary_boot_disk_update_strategy = args[:secondary_boot_disk_update_strategy] if args.key?(:secondary_boot_disk_update_strategy)
+          @secondary_boot_disks = args[:secondary_boot_disks] if args.key?(:secondary_boot_disks)
           @service_account = args[:service_account] if args.key?(:service_account)
           @shielded_instance_config = args[:shielded_instance_config] if args.key?(:shielded_instance_config)
+          @sole_tenant_config = args[:sole_tenant_config] if args.key?(:sole_tenant_config)
           @spot = args[:spot] if args.key?(:spot)
+          @storage_pools = args[:storage_pools] if args.key?(:storage_pools)
           @tags = args[:tags] if args.key?(:tags)
           @taints = args[:taints] if args.key?(:taints)
           @windows_node_config = args[:windows_node_config] if args.key?(:windows_node_config)
@@ -3887,24 +5292,43 @@ module Google
       class NodeConfigDefaults
         include Google::Apis::Core::Hashable
       
+        # ContainerdConfig contains configuration to customize containerd.
+        # Corresponds to the JSON property `containerdConfig`
+        # @return [Google::Apis::ContainerV1beta1::ContainerdConfig]
+        attr_accessor :containerd_config
+      
         # GcfsConfig contains configurations of Google Container File System.
         # Corresponds to the JSON property `gcfsConfig`
         # @return [Google::Apis::ContainerV1beta1::GcfsConfig]
         attr_accessor :gcfs_config
       
+        # HostMaintenancePolicy contains the maintenance policy for the hosts on which
+        # the GKE VMs run on.
+        # Corresponds to the JSON property `hostMaintenancePolicy`
+        # @return [Google::Apis::ContainerV1beta1::HostMaintenancePolicy]
+        attr_accessor :host_maintenance_policy
+      
         # NodePoolLoggingConfig specifies logging configuration for nodepools.
         # Corresponds to the JSON property `loggingConfig`
         # @return [Google::Apis::ContainerV1beta1::NodePoolLoggingConfig]
         attr_accessor :logging_config
       
+        # Node kubelet configs.
+        # Corresponds to the JSON property `nodeKubeletConfig`
+        # @return [Google::Apis::ContainerV1beta1::NodeKubeletConfig]
+        attr_accessor :node_kubelet_config
+      
         def initialize(**args)
            update!(**args)
         end
       
         # Update properties of this object
         def update!(**args)
+          @containerd_config = args[:containerd_config] if args.key?(:containerd_config)
           @gcfs_config = args[:gcfs_config] if args.key?(:gcfs_config)
+          @host_maintenance_policy = args[:host_maintenance_policy] if args.key?(:host_maintenance_policy)
           @logging_config = args[:logging_config] if args.key?(:logging_config)
+          @node_kubelet_config = args[:node_kubelet_config] if args.key?(:node_kubelet_config)
         end
       end
       
@@ -3942,6 +5366,12 @@ module Google
         # @return [String]
         attr_accessor :cpu_manager_policy
       
+        # Enable or disable Kubelet read only port.
+        # Corresponds to the JSON property `insecureKubeletReadonlyPortEnabled`
+        # @return [Boolean]
+        attr_accessor :insecure_kubelet_readonly_port_enabled
+        alias_method :insecure_kubelet_readonly_port_enabled?, :insecure_kubelet_readonly_port_enabled
+      
         # Set the Pod PID limits. See https://kubernetes.io/docs/concepts/policy/pid-
         # limiting/#pod-pid-limits Controls the maximum number of processes allowed to
         # run in a pod. The value must be greater than or equal to 1024 and less than
@@ -3959,6 +5389,7 @@ module Google
           @cpu_cfs_quota = args[:cpu_cfs_quota] if args.key?(:cpu_cfs_quota)
           @cpu_cfs_quota_period = args[:cpu_cfs_quota_period] if args.key?(:cpu_cfs_quota_period)
           @cpu_manager_policy = args[:cpu_manager_policy] if args.key?(:cpu_manager_policy)
+          @insecure_kubelet_readonly_port_enabled = args[:insecure_kubelet_readonly_port_enabled] if args.key?(:insecure_kubelet_readonly_port_enabled)
           @pod_pids_limit = args[:pod_pids_limit] if args.key?(:pod_pids_limit)
         end
       end
@@ -4022,6 +5453,18 @@ module Google
       class NodeNetworkConfig
         include Google::Apis::Core::Hashable
       
+        # We specify the additional node networks for this node pool using this list.
+        # Each node network corresponds to an additional interface
+        # Corresponds to the JSON property `additionalNodeNetworkConfigs`
+        # @return [Array<Google::Apis::ContainerV1beta1::AdditionalNodeNetworkConfig>]
+        attr_accessor :additional_node_network_configs
+      
+        # We specify the additional pod networks for this node pool using this list.
+        # Each pod network corresponds to an additional alias IP range for the node
+        # Corresponds to the JSON property `additionalPodNetworkConfigs`
+        # @return [Array<Google::Apis::ContainerV1beta1::AdditionalPodNetworkConfig>]
+        attr_accessor :additional_pod_network_configs
+      
         # Input only. Whether to create a new range for pod IPs in this node pool.
         # Defaults are provided for `pod_range` and `pod_ipv4_cidr_block` if they are
         # not specified. If neither `create_pod_range` or `pod_range` are specified, the
@@ -4034,8 +5477,8 @@ module Google
         alias_method :create_pod_range?, :create_pod_range
       
         # Whether nodes have internal IP addresses only. If enable_private_nodes is not
-        # specified, then the value is derived from cluster.privateClusterConfig.
-        # enablePrivateNodes
+        # specified, then the value is derived from Cluster.NetworkConfig.
+        # default_enable_private_nodes
         # Corresponds to the JSON property `enablePrivateNodes`
         # @return [Boolean]
         attr_accessor :enable_private_nodes
@@ -4046,6 +5489,11 @@ module Google
         # @return [Google::Apis::ContainerV1beta1::NetworkPerformanceConfig]
         attr_accessor :network_performance_config
       
+        # [PRIVATE FIELD] Config for pod CIDR size overprovisioning.
+        # Corresponds to the JSON property `podCidrOverprovisionConfig`
+        # @return [Google::Apis::ContainerV1beta1::PodCidrOverprovisionConfig]
+        attr_accessor :pod_cidr_overprovision_config
+      
         # The IP address range for pod IPs in this node pool. Only applicable if `
         # create_pod_range` is true. Set to blank to have a range chosen with the
         # default size. Set to /netmask (e.g. `/14`) to have a range chosen with a
@@ -4057,6 +5505,13 @@ module Google
         # @return [String]
         attr_accessor :pod_ipv4_cidr_block
       
+        # Output only. The utilization of the IPv4 range for the pod. The ratio is Usage/
+        # [Total number of IPs in the secondary range], Usage=numNodes*numZones*
+        # podIPsPerNode.
+        # Corresponds to the JSON property `podIpv4RangeUtilization`
+        # @return [Float]
+        attr_accessor :pod_ipv4_range_utilization
+      
         # The ID of the secondary range for pod IPs. If `create_pod_range` is true, this
         # ID is used for the new range. If `create_pod_range` is false, uses an existing
         # secondary range with this ID. Only applicable if `ip_allocation_policy.
@@ -4072,10 +5527,14 @@ module Google
       
         # Update properties of this object
         def update!(**args)
+          @additional_node_network_configs = args[:additional_node_network_configs] if args.key?(:additional_node_network_configs)
+          @additional_pod_network_configs = args[:additional_pod_network_configs] if args.key?(:additional_pod_network_configs)
           @create_pod_range = args[:create_pod_range] if args.key?(:create_pod_range)
           @enable_private_nodes = args[:enable_private_nodes] if args.key?(:enable_private_nodes)
           @network_performance_config = args[:network_performance_config] if args.key?(:network_performance_config)
+          @pod_cidr_overprovision_config = args[:pod_cidr_overprovision_config] if args.key?(:pod_cidr_overprovision_config)
           @pod_ipv4_cidr_block = args[:pod_ipv4_cidr_block] if args.key?(:pod_ipv4_cidr_block)
+          @pod_ipv4_range_utilization = args[:pod_ipv4_range_utilization] if args.key?(:pod_ipv4_range_utilization)
           @pod_range = args[:pod_range] if args.key?(:pod_range)
         end
       end
@@ -4085,20 +5544,7 @@ module Google
       # specification, under the control of the cluster master. They may have a set of
       # Kubernetes labels applied to them, which may be used to reference them during
       # pod scheduling. They may also be resized up or down, to accommodate the
-      # workload. These upgrade settings control the level of parallelism and the
-      # level of disruption caused by an upgrade. maxUnavailable controls the number
-      # of nodes that can be simultaneously unavailable. maxSurge controls the number
-      # of additional nodes that can be added to the node pool temporarily for the
-      # time of the upgrade to increase the number of available nodes. (maxUnavailable
-      # + maxSurge) determines the level of parallelism (how many nodes are being
-      # upgraded at the same time). Note: upgrades inevitably introduce some
-      # disruption since workloads need to be moved from old nodes to new, upgraded
-      # ones. Even if maxUnavailable=0, this holds true. (Disruption stays within the
-      # limits of PodDisruptionBudget, if it is configured.) Consider a hypothetical
-      # node pool with 5 nodes having maxSurge=2, maxUnavailable=1. This means the
-      # upgrade process upgrades 3 nodes simultaneously. It creates 2 additional (
-      # upgraded) nodes, then it brings down 3 old (not yet upgraded) nodes at the
-      # same time. This ensures that there are always at least 4 nodes available.
+      # workload.
       class NodePool
         include Google::Apis::Core::Hashable
       
@@ -4108,6 +5554,11 @@ module Google
         # @return [Google::Apis::ContainerV1beta1::NodePoolAutoscaling]
         attr_accessor :autoscaling
       
+        # Best effort provisioning.
+        # Corresponds to the JSON property `bestEffortProvisioning`
+        # @return [Google::Apis::ContainerV1beta1::BestEffortProvisioning]
+        attr_accessor :best_effort_provisioning
+      
         # Which conditions caused the current node pool state.
         # Corresponds to the JSON property `conditions`
         # @return [Array<Google::Apis::ContainerV1beta1::StatusCondition>]
@@ -4135,7 +5586,7 @@ module Google
         # @return [Fixnum]
         attr_accessor :initial_node_count
       
-        # [Output only] The resource URLs of the [managed instance groups](https://cloud.
+        # Output only. The resource URLs of the [managed instance groups](https://cloud.
         # google.com/compute/docs/instance-groups/creating-groups-of-managed-instances)
         # associated with this node pool. During the node pool blue-green upgrade
         # operation, the URLs contain both blue and green resources.
@@ -4179,22 +5630,27 @@ module Google
         # @return [Google::Apis::ContainerV1beta1::PlacementPolicy]
         attr_accessor :placement_policy
       
-        # [Output only] The pod CIDR block size per node in this node pool.
+        # Output only. The pod CIDR block size per node in this node pool.
         # Corresponds to the JSON property `podIpv4CidrSize`
         # @return [Fixnum]
         attr_accessor :pod_ipv4_cidr_size
       
-        # [Output only] Server-defined URL for the resource.
+        # QueuedProvisioning defines the queued provisioning used by the node pool.
+        # Corresponds to the JSON property `queuedProvisioning`
+        # @return [Google::Apis::ContainerV1beta1::QueuedProvisioning]
+        attr_accessor :queued_provisioning
+      
+        # Output only. Server-defined URL for the resource.
         # Corresponds to the JSON property `selfLink`
         # @return [String]
         attr_accessor :self_link
       
-        # [Output only] The status of the nodes in this pool instance.
+        # Output only. The status of the nodes in this pool instance.
         # Corresponds to the JSON property `status`
         # @return [String]
         attr_accessor :status
       
-        # [Output only] Deprecated. Use conditions instead. Additional information about
+        # Output only. Deprecated. Use conditions instead. Additional information about
         # the current status of this node pool instance, if available.
         # Corresponds to the JSON property `statusMessage`
         # @return [String]
@@ -4206,6 +5662,20 @@ module Google
         # @return [Google::Apis::ContainerV1beta1::UpdateInfo]
         attr_accessor :update_info
       
+        # These upgrade settings control the level of parallelism and the level of
+        # disruption caused by an upgrade. maxUnavailable controls the number of nodes
+        # that can be simultaneously unavailable. maxSurge controls the number of
+        # additional nodes that can be added to the node pool temporarily for the time
+        # of the upgrade to increase the number of available nodes. (maxUnavailable +
+        # maxSurge) determines the level of parallelism (how many nodes are being
+        # upgraded at the same time). Note: upgrades inevitably introduce some
+        # disruption since workloads need to be moved from old nodes to new, upgraded
+        # ones. Even if maxUnavailable=0, this holds true. (Disruption stays within the
+        # limits of PodDisruptionBudget, if it is configured.) Consider a hypothetical
+        # node pool with 5 nodes having maxSurge=2, maxUnavailable=1. This means the
+        # upgrade process upgrades 3 nodes simultaneously. It creates 2 additional (
+        # upgraded) nodes, then it brings down 3 old (not yet upgraded) nodes at the
+        # same time. This ensures that there are always at least 4 nodes available.
         # These upgrade settings configure the upgrade strategy for the node pool. Use
         # strategy to switch between the strategies applied to the node pool. If the
         # strategy is SURGE, use max_surge and max_unavailable to control the level of
@@ -4227,7 +5697,9 @@ module Google
         # @return [Google::Apis::ContainerV1beta1::UpgradeSettings]
         attr_accessor :upgrade_settings
       
-        # The version of the Kubernetes of this node.
+        # The version of Kubernetes running on this NodePool's nodes. If unspecified, it
+        # defaults as described [here](https://cloud.google.com/kubernetes-engine/
+        # versioning#specifying_node_version).
         # Corresponds to the JSON property `version`
         # @return [String]
         attr_accessor :version
@@ -4239,6 +5711,7 @@ module Google
         # Update properties of this object
         def update!(**args)
           @autoscaling = args[:autoscaling] if args.key?(:autoscaling)
+          @best_effort_provisioning = args[:best_effort_provisioning] if args.key?(:best_effort_provisioning)
           @conditions = args[:conditions] if args.key?(:conditions)
           @config = args[:config] if args.key?(:config)
           @etag = args[:etag] if args.key?(:etag)
@@ -4251,6 +5724,7 @@ module Google
           @network_config = args[:network_config] if args.key?(:network_config)
           @placement_policy = args[:placement_policy] if args.key?(:placement_policy)
           @pod_ipv4_cidr_size = args[:pod_ipv4_cidr_size] if args.key?(:pod_ipv4_cidr_size)
+          @queued_provisioning = args[:queued_provisioning] if args.key?(:queued_provisioning)
           @self_link = args[:self_link] if args.key?(:self_link)
           @status = args[:status] if args.key?(:status)
           @status_message = args[:status_message] if args.key?(:status_message)
@@ -4265,6 +5739,11 @@ module Google
       class NodePoolAutoConfig
         include Google::Apis::Core::Hashable
       
+        # Parameters that can be configured on Linux nodes.
+        # Corresponds to the JSON property `linuxNodeConfig`
+        # @return [Google::Apis::ContainerV1beta1::LinuxNodeConfig]
+        attr_accessor :linux_node_config
+      
         # Collection of Compute Engine network tags that can be applied to a node's
         # underlying VM instance. (See `tags` field in [`NodeConfig`](/kubernetes-engine/
         # docs/reference/rest/v1/NodeConfig)).
@@ -4272,13 +5751,30 @@ module Google
         # @return [Google::Apis::ContainerV1beta1::NetworkTags]
         attr_accessor :network_tags
       
+        # Node kubelet configs.
+        # Corresponds to the JSON property `nodeKubeletConfig`
+        # @return [Google::Apis::ContainerV1beta1::NodeKubeletConfig]
+        attr_accessor :node_kubelet_config
+      
+        # A map of resource manager tag keys and values to be attached to the nodes for
+        # managing Compute Engine firewalls using Network Firewall Policies. Tags must
+        # be according to specifications in https://cloud.google.com/vpc/docs/tags-
+        # firewalls-overview#specifications. A maximum of 5 tag key-value pairs can be
+        # specified. Existing tags will be replaced with new values.
+        # Corresponds to the JSON property `resourceManagerTags`
+        # @return [Google::Apis::ContainerV1beta1::ResourceManagerTags]
+        attr_accessor :resource_manager_tags
+      
         def initialize(**args)
            update!(**args)
         end
       
         # Update properties of this object
         def update!(**args)
+          @linux_node_config = args[:linux_node_config] if args.key?(:linux_node_config)
           @network_tags = args[:network_tags] if args.key?(:network_tags)
+          @node_kubelet_config = args[:node_kubelet_config] if args.key?(:node_kubelet_config)
+          @resource_manager_tags = args[:resource_manager_tags] if args.key?(:resource_manager_tags)
         end
       end
       
@@ -4304,19 +5800,19 @@ module Google
         # @return [String]
         attr_accessor :location_policy
       
-        # Maximum number of nodes for one location in the NodePool. Must be >=
+        # Maximum number of nodes for one location in the node pool. Must be >=
         # min_node_count. There has to be enough quota to scale up the cluster.
         # Corresponds to the JSON property `maxNodeCount`
         # @return [Fixnum]
         attr_accessor :max_node_count
       
-        # Minimum number of nodes for one location in the NodePool. Must be >= 1 and <=
-        # max_node_count.
+        # Minimum number of nodes for one location in the node pool. Must be greater
+        # than or equal to 0 and less than or equal to max_node_count.
         # Corresponds to the JSON property `minNodeCount`
         # @return [Fixnum]
         attr_accessor :min_node_count
       
-        # Maximum number of nodes in the node pool. Must be greater than
+        # Maximum number of nodes in the node pool. Must be greater than or equal to
         # total_min_node_count. There has to be enough quota to scale up the cluster.
         # The total_*_node_count fields are mutually exclusive with the *_node_count
         # fields.
@@ -4324,9 +5820,9 @@ module Google
         # @return [Fixnum]
         attr_accessor :total_max_node_count
       
-        # Minimum number of nodes in the node pool. Must be greater than 1 less than
-        # total_max_node_count. The total_*_node_count fields are mutually exclusive
-        # with the *_node_count fields.
+        # Minimum number of nodes in the node pool. Must be greater than or equal to 0
+        # and less than or equal to total_max_node_count. The total_*_node_count fields
+        # are mutually exclusive with the *_node_count fields.
         # Corresponds to the JSON property `totalMinNodeCount`
         # @return [Fixnum]
         attr_accessor :total_min_node_count
@@ -4385,7 +5881,62 @@ module Google
         end
       end
       
-      # Kubernetes taint is comprised of three fields: key, value, and effect. Effect
+      # NodePoolUpgradeInfo contains the upgrade information of a nodepool.
+      class NodePoolUpgradeInfo
+        include Google::Apis::Core::Hashable
+      
+        # The auto upgrade status.
+        # Corresponds to the JSON property `autoUpgradeStatus`
+        # @return [Array<String>]
+        attr_accessor :auto_upgrade_status
+      
+        # The nodepool's current minor version's end of extended support timestamp.
+        # Corresponds to the JSON property `endOfExtendedSupportTimestamp`
+        # @return [String]
+        attr_accessor :end_of_extended_support_timestamp
+      
+        # The nodepool's current minor version's end of standard support timestamp.
+        # Corresponds to the JSON property `endOfStandardSupportTimestamp`
+        # @return [String]
+        attr_accessor :end_of_standard_support_timestamp
+      
+        # minor_target_version indicates the target version for minor upgrade.
+        # Corresponds to the JSON property `minorTargetVersion`
+        # @return [String]
+        attr_accessor :minor_target_version
+      
+        # patch_target_version indicates the target version for patch upgrade.
+        # Corresponds to the JSON property `patchTargetVersion`
+        # @return [String]
+        attr_accessor :patch_target_version
+      
+        # The auto upgrade paused reason.
+        # Corresponds to the JSON property `pausedReason`
+        # @return [Array<String>]
+        attr_accessor :paused_reason
+      
+        # The list of past auto upgrades.
+        # Corresponds to the JSON property `upgradeDetails`
+        # @return [Array<Google::Apis::ContainerV1beta1::UpgradeDetails>]
+        attr_accessor :upgrade_details
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @auto_upgrade_status = args[:auto_upgrade_status] if args.key?(:auto_upgrade_status)
+          @end_of_extended_support_timestamp = args[:end_of_extended_support_timestamp] if args.key?(:end_of_extended_support_timestamp)
+          @end_of_standard_support_timestamp = args[:end_of_standard_support_timestamp] if args.key?(:end_of_standard_support_timestamp)
+          @minor_target_version = args[:minor_target_version] if args.key?(:minor_target_version)
+          @patch_target_version = args[:patch_target_version] if args.key?(:patch_target_version)
+          @paused_reason = args[:paused_reason] if args.key?(:paused_reason)
+          @upgrade_details = args[:upgrade_details] if args.key?(:upgrade_details)
+        end
+      end
+      
+      # Kubernetes taint is composed of three fields: key, value, and effect. Effect
       # can only be one of three types: NoSchedule, PreferNoSchedule or NoExecute. See
       # [here](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration)
       # for more information, including usage and the valid values.
@@ -4469,12 +6020,12 @@ module Google
         # @return [Array<Google::Apis::ContainerV1beta1::StatusCondition>]
         attr_accessor :cluster_conditions
       
-        # Detailed operation progress, if available.
+        # Output only. Detailed operation progress, if available.
         # Corresponds to the JSON property `detail`
         # @return [String]
         attr_accessor :detail
       
-        # [Output only] The time the operation completed, in [RFC3339](https://www.ietf.
+        # Output only. The time the operation completed, in [RFC3339](https://www.ietf.
         # org/rfc/rfc3339.txt) text format.
         # Corresponds to the JSON property `endTime`
         # @return [String]
@@ -4490,15 +6041,15 @@ module Google
         # @return [Google::Apis::ContainerV1beta1::Status]
         attr_accessor :error
       
-        # [Output only] The name of the Google Compute Engine [zone](https://cloud.
-        # google.com/compute/docs/regions-zones/regions-zones#available) or [region](
-        # https://cloud.google.com/compute/docs/regions-zones/regions-zones#available)
-        # in which the cluster resides.
+        # Output only. The name of the Google Compute Engine [zone](https://cloud.google.
+        # com/compute/docs/regions-zones/regions-zones#available) or [region](https://
+        # cloud.google.com/compute/docs/regions-zones/regions-zones#available) in which
+        # the cluster resides.
         # Corresponds to the JSON property `location`
         # @return [String]
         attr_accessor :location
       
-        # The server-assigned ID for the operation.
+        # Output only. The server-assigned ID for the operation.
         # Corresponds to the JSON property `name`
         # @return [String]
         attr_accessor :name
@@ -4509,7 +6060,7 @@ module Google
         # @return [Array<Google::Apis::ContainerV1beta1::StatusCondition>]
         attr_accessor :nodepool_conditions
       
-        # The operation type.
+        # Output only. The operation type.
         # Corresponds to the JSON property `operationType`
         # @return [String]
         attr_accessor :operation_type
@@ -4519,18 +6070,20 @@ module Google
         # @return [Google::Apis::ContainerV1beta1::OperationProgress]
         attr_accessor :progress
       
-        # Server-defined URL for the resource.
+        # Output only. Server-defined URI for the operation. Example: `https://container.
+        # googleapis.com/v1alpha1/projects/123/locations/us-central1/operations/
+        # operation-123`.
         # Corresponds to the JSON property `selfLink`
         # @return [String]
         attr_accessor :self_link
       
-        # [Output only] The time the operation started, in [RFC3339](https://www.ietf.
-        # org/rfc/rfc3339.txt) text format.
+        # Output only. The time the operation started, in [RFC3339](https://www.ietf.org/
+        # rfc/rfc3339.txt) text format.
         # Corresponds to the JSON property `startTime`
         # @return [String]
         attr_accessor :start_time
       
-        # The current status of the operation.
+        # Output only. The current status of the operation.
         # Corresponds to the JSON property `status`
         # @return [String]
         attr_accessor :status
@@ -4541,14 +6094,21 @@ module Google
         # @return [String]
         attr_accessor :status_message
       
-        # Server-defined URL for the target of the operation.
+        # Output only. Server-defined URI for the target of the operation. The format of
+        # this is a URI to the resource being modified (such as a cluster, node pool, or
+        # node). For node pool repairs, there may be multiple nodes being repaired, but
+        # only one will be the target. Examples: - ## `https://container.googleapis.com/
+        # v1/projects/123/locations/us-central1/clusters/my-cluster` ## `https://
+        # container.googleapis.com/v1/projects/123/zones/us-central1-c/clusters/my-
+        # cluster/nodePools/my-np` `https://container.googleapis.com/v1/projects/123/
+        # zones/us-central1-c/clusters/my-cluster/nodePools/my-np/node/my-node`
         # Corresponds to the JSON property `targetLink`
         # @return [String]
         attr_accessor :target_link
       
-        # The name of the Google Compute Engine [zone](https://cloud.google.com/compute/
-        # docs/zones#available) in which the operation is taking place. This field is
-        # deprecated, use location instead.
+        # Output only. The name of the Google Compute Engine [zone](https://cloud.google.
+        # com/compute/docs/zones#available) in which the operation is taking place. This
+        # field is deprecated, use location instead.
         # Corresponds to the JSON property `zone`
         # @return [String]
         attr_accessor :zone
@@ -4577,6 +6137,38 @@ module Google
         end
       end
       
+      # OperationError records errors seen from CloudKMS keys encountered during
+      # updates to DatabaseEncryption configuration.
+      class OperationError
+        include Google::Apis::Core::Hashable
+      
+        # Description of the error seen during the operation.
+        # Corresponds to the JSON property `errorMessage`
+        # @return [String]
+        attr_accessor :error_message
+      
+        # CloudKMS key resource that had the error.
+        # Corresponds to the JSON property `keyName`
+        # @return [String]
+        attr_accessor :key_name
+      
+        # Time when the CloudKMS error was seen.
+        # Corresponds to the JSON property `timestamp`
+        # @return [String]
+        attr_accessor :timestamp
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @error_message = args[:error_message] if args.key?(:error_message)
+          @key_name = args[:key_name] if args.key?(:key_name)
+          @timestamp = args[:timestamp] if args.key?(:timestamp)
+        end
+      end
+      
       # Information about operation (or operation stage) progress.
       class OperationProgress
         include Google::Apis::Core::Hashable
@@ -4617,25 +6209,165 @@ module Google
         end
       end
       
-      # PlacementPolicy defines the placement policy used by the node pool.
-      class PlacementPolicy
+      # Strategy that will trigger maintenance on behalf of the customer.
+      class OpportunisticMaintenanceStrategy
         include Google::Apis::Core::Hashable
       
-        # The type of placement.
-        # Corresponds to the JSON property `type`
+        # The window of time that opportunistic maintenance can run. Example: A setting
+        # of 14 days implies that opportunistic maintenance can only be ran in the 2
+        # weeks leading up to the scheduled maintenance date. Setting 28 days allows
+        # opportunistic maintenance to run at any time in the scheduled maintenance
+        # window (all `PERIODIC` maintenance is set 28 days in advance).
+        # Corresponds to the JSON property `maintenanceAvailabilityWindow`
         # @return [String]
-        attr_accessor :type
+        attr_accessor :maintenance_availability_window
       
-        def initialize(**args)
+        # The minimum nodes required to be available in a pool. Blocks maintenance if it
+        # would cause the number of running nodes to dip below this value.
+        # Corresponds to the JSON property `minNodesPerPool`
+        # @return [Fixnum]
+        attr_accessor :min_nodes_per_pool
+      
+        # The amount of time that a node can remain idle (no customer owned workloads
+        # running), before triggering maintenance.
+        # Corresponds to the JSON property `nodeIdleTimeWindow`
+        # @return [String]
+        attr_accessor :node_idle_time_window
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @maintenance_availability_window = args[:maintenance_availability_window] if args.key?(:maintenance_availability_window)
+          @min_nodes_per_pool = args[:min_nodes_per_pool] if args.key?(:min_nodes_per_pool)
+          @node_idle_time_window = args[:node_idle_time_window] if args.key?(:node_idle_time_window)
+        end
+      end
+      
+      # Configuration for the Cloud Storage Parallelstore CSI driver.
+      class ParallelstoreCsiDriverConfig
+        include Google::Apis::Core::Hashable
+      
+        # Whether the Cloud Storage Parallelstore CSI driver is enabled for this cluster.
+        # Corresponds to the JSON property `enabled`
+        # @return [Boolean]
+        attr_accessor :enabled
+        alias_method :enabled?, :enabled
+      
+        def initialize(**args)
            update!(**args)
         end
       
         # Update properties of this object
         def update!(**args)
+          @enabled = args[:enabled] if args.key?(:enabled)
+        end
+      end
+      
+      # ParentProductConfig is the configuration of the parent product of the cluster.
+      # This field is used by Google internal products that are built on top of a GKE
+      # cluster and take the ownership of the cluster.
+      class ParentProductConfig
+        include Google::Apis::Core::Hashable
+      
+        # Labels contain the configuration of the parent product.
+        # Corresponds to the JSON property `labels`
+        # @return [Hash<String,String>]
+        attr_accessor :labels
+      
+        # Name of the parent product associated with the cluster.
+        # Corresponds to the JSON property `productName`
+        # @return [String]
+        attr_accessor :product_name
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @labels = args[:labels] if args.key?(:labels)
+          @product_name = args[:product_name] if args.key?(:product_name)
+        end
+      end
+      
+      # PlacementPolicy defines the placement policy used by the node pool.
+      class PlacementPolicy
+        include Google::Apis::Core::Hashable
+      
+        # If set, refers to the name of a custom resource policy supplied by the user.
+        # The resource policy must be in the same project and region as the node pool.
+        # If not found, InvalidArgument error is returned.
+        # Corresponds to the JSON property `policyName`
+        # @return [String]
+        attr_accessor :policy_name
+      
+        # TPU placement topology for pod slice node pool. https://cloud.google.com/tpu/
+        # docs/types-topologies#tpu_topologies
+        # Corresponds to the JSON property `tpuTopology`
+        # @return [String]
+        attr_accessor :tpu_topology
+      
+        # The type of placement.
+        # Corresponds to the JSON property `type`
+        # @return [String]
+        attr_accessor :type
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @policy_name = args[:policy_name] if args.key?(:policy_name)
+          @tpu_topology = args[:tpu_topology] if args.key?(:tpu_topology)
           @type = args[:type] if args.key?(:type)
         end
       end
       
+      # PodAutoscaling is used for configuration of parameters for workload
+      # autoscaling.
+      class PodAutoscaling
+        include Google::Apis::Core::Hashable
+      
+        # Selected Horizontal Pod Autoscaling profile.
+        # Corresponds to the JSON property `hpaProfile`
+        # @return [String]
+        attr_accessor :hpa_profile
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @hpa_profile = args[:hpa_profile] if args.key?(:hpa_profile)
+        end
+      end
+      
+      # [PRIVATE FIELD] Config for pod CIDR size overprovisioning.
+      class PodCidrOverprovisionConfig
+        include Google::Apis::Core::Hashable
+      
+        # Whether Pod CIDR overprovisioning is disabled. Note: Pod CIDR overprovisioning
+        # is enabled by default.
+        # Corresponds to the JSON property `disable`
+        # @return [Boolean]
+        attr_accessor :disable
+        alias_method :disable?, :disable
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @disable = args[:disable] if args.key?(:disable)
+        end
+      end
+      
       # Configuration for the PodSecurityPolicy feature.
       class PodSecurityPolicyConfig
         include Google::Apis::Core::Hashable
@@ -4657,11 +6389,35 @@ module Google
         end
       end
       
+      # Binauthz policy that applies to this cluster.
+      class PolicyBinding
+        include Google::Apis::Core::Hashable
+      
+        # The relative resource name of the binauthz platform policy to evaluate. GKE
+        # platform policies have the following format: `projects/`project_number`/
+        # platforms/gke/policies/`policy_id``.
+        # Corresponds to the JSON property `name`
+        # @return [String]
+        attr_accessor :name
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @name = args[:name] if args.key?(:name)
+        end
+      end
+      
       # Configuration options for private clusters.
       class PrivateClusterConfig
         include Google::Apis::Core::Hashable
       
-        # Whether the master's internal IP address is used as the cluster endpoint.
+        # Whether the master's internal IP address is used as the cluster endpoint. Use
+        # ControlPlaneEndpointsConfig.IPEndpointsConfig.enable_public_endpoint instead.
+        # Note that the value of enable_public_endpoint is reversed: if
+        # enable_private_endpoint is false, then enable_public_endpoint will be true.
         # Corresponds to the JSON property `enablePrivateEndpoint`
         # @return [Boolean]
         attr_accessor :enable_private_endpoint
@@ -4669,7 +6425,7 @@ module Google
       
         # Whether nodes have internal IP addresses only. If enabled, all nodes are given
         # only RFC 1918 private addresses and communicate with the master via private
-        # networking.
+        # networking. Deprecated: Use NetworkConfig.default_enable_private_nodes instead.
         # Corresponds to the JSON property `enablePrivateNodes`
         # @return [Boolean]
         attr_accessor :enable_private_nodes
@@ -4694,17 +6450,23 @@ module Google
         attr_accessor :peering_name
       
         # Output only. The internal IP address of this cluster's master endpoint.
+        # Deprecated: Use ControlPlaneEndpointsConfig.IPEndpointsConfig.private_endpoint
+        # instead.
         # Corresponds to the JSON property `privateEndpoint`
         # @return [String]
         attr_accessor :private_endpoint
       
         # Subnet to provision the master's private endpoint during cluster creation.
-        # Specified in projects/*/regions/*/subnetworks/* format.
+        # Specified in projects/*/regions/*/subnetworks/* format. Deprecated: Use
+        # ControlPlaneEndpointsConfig.IPEndpointsConfig.private_endpoint_subnetwork
+        # instead.
         # Corresponds to the JSON property `privateEndpointSubnetwork`
         # @return [String]
         attr_accessor :private_endpoint_subnetwork
       
         # Output only. The external IP address of this cluster's master endpoint.
+        # Deprecated: Use ControlPlaneEndpointsConfig.IPEndpointsConfig.public_endpoint
+        # instead.
         # Corresponds to the JSON property `publicEndpoint`
         # @return [String]
         attr_accessor :public_endpoint
@@ -4746,6 +6508,33 @@ module Google
         end
       end
       
+      # PrivateRegistryAccessConfig contains access configuration for private
+      # container registries.
+      class PrivateRegistryAccessConfig
+        include Google::Apis::Core::Hashable
+      
+        # Private registry access configuration.
+        # Corresponds to the JSON property `certificateAuthorityDomainConfig`
+        # @return [Array<Google::Apis::ContainerV1beta1::CertificateAuthorityDomainConfig>]
+        attr_accessor :certificate_authority_domain_config
+      
+        # Private registry access is enabled.
+        # Corresponds to the JSON property `enabled`
+        # @return [Boolean]
+        attr_accessor :enabled
+        alias_method :enabled?, :enabled
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @certificate_authority_domain_config = args[:certificate_authority_domain_config] if args.key?(:certificate_authority_domain_config)
+          @enabled = args[:enabled] if args.key?(:enabled)
+        end
+      end
+      
       # ProtectConfig defines the flags needed to enable/disable features for the
       # Protect API.
       class ProtectConfig
@@ -4809,6 +6598,154 @@ module Google
         end
       end
       
+      # QueuedProvisioning defines the queued provisioning used by the node pool.
+      class QueuedProvisioning
+        include Google::Apis::Core::Hashable
+      
+        # Denotes that this nodepool is QRM specific, meaning nodes can be only obtained
+        # through queuing via the Cluster Autoscaler ProvisioningRequest API.
+        # Corresponds to the JSON property `enabled`
+        # @return [Boolean]
+        attr_accessor :enabled
+        alias_method :enabled?, :enabled
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @enabled = args[:enabled] if args.key?(:enabled)
+        end
+      end
+      
+      # RBACBindingConfig allows user to restrict ClusterRoleBindings an RoleBindings
+      # that can be created.
+      class RbacBindingConfig
+        include Google::Apis::Core::Hashable
+      
+        # Setting this to true will allow any ClusterRoleBinding and RoleBinding with
+        # subjects system:authenticated.
+        # Corresponds to the JSON property `enableInsecureBindingSystemAuthenticated`
+        # @return [Boolean]
+        attr_accessor :enable_insecure_binding_system_authenticated
+        alias_method :enable_insecure_binding_system_authenticated?, :enable_insecure_binding_system_authenticated
+      
+        # Setting this to true will allow any ClusterRoleBinding and RoleBinding with
+        # subjets system:anonymous or system:unauthenticated.
+        # Corresponds to the JSON property `enableInsecureBindingSystemUnauthenticated`
+        # @return [Boolean]
+        attr_accessor :enable_insecure_binding_system_unauthenticated
+        alias_method :enable_insecure_binding_system_unauthenticated?, :enable_insecure_binding_system_unauthenticated
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @enable_insecure_binding_system_authenticated = args[:enable_insecure_binding_system_authenticated] if args.key?(:enable_insecure_binding_system_authenticated)
+          @enable_insecure_binding_system_unauthenticated = args[:enable_insecure_binding_system_unauthenticated] if args.key?(:enable_insecure_binding_system_unauthenticated)
+        end
+      end
+      
+      # RangeInfo contains the range name and the range utilization by this cluster.
+      class RangeInfo
+        include Google::Apis::Core::Hashable
+      
+        # Output only. Name of a range.
+        # Corresponds to the JSON property `rangeName`
+        # @return [String]
+        attr_accessor :range_name
+      
+        # Output only. The utilization of the range.
+        # Corresponds to the JSON property `utilization`
+        # @return [Float]
+        attr_accessor :utilization
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @range_name = args[:range_name] if args.key?(:range_name)
+          @utilization = args[:utilization] if args.key?(:utilization)
+        end
+      end
+      
+      # RayClusterLoggingConfig specifies logging configuration for Ray clusters.
+      class RayClusterLoggingConfig
+        include Google::Apis::Core::Hashable
+      
+        # Enable log collection for Ray clusters.
+        # Corresponds to the JSON property `enabled`
+        # @return [Boolean]
+        attr_accessor :enabled
+        alias_method :enabled?, :enabled
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @enabled = args[:enabled] if args.key?(:enabled)
+        end
+      end
+      
+      # RayClusterMonitoringConfig specifies monitoring configuration for Ray clusters.
+      class RayClusterMonitoringConfig
+        include Google::Apis::Core::Hashable
+      
+        # Enable metrics collection for Ray clusters.
+        # Corresponds to the JSON property `enabled`
+        # @return [Boolean]
+        attr_accessor :enabled
+        alias_method :enabled?, :enabled
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @enabled = args[:enabled] if args.key?(:enabled)
+        end
+      end
+      
+      # Configuration options for the Ray Operator add-on.
+      class RayOperatorConfig
+        include Google::Apis::Core::Hashable
+      
+        # Whether the Ray addon is enabled for this cluster.
+        # Corresponds to the JSON property `enabled`
+        # @return [Boolean]
+        attr_accessor :enabled
+        alias_method :enabled?, :enabled
+      
+        # RayClusterLoggingConfig specifies logging configuration for Ray clusters.
+        # Corresponds to the JSON property `rayClusterLoggingConfig`
+        # @return [Google::Apis::ContainerV1beta1::RayClusterLoggingConfig]
+        attr_accessor :ray_cluster_logging_config
+      
+        # RayClusterMonitoringConfig specifies monitoring configuration for Ray clusters.
+        # Corresponds to the JSON property `rayClusterMonitoringConfig`
+        # @return [Google::Apis::ContainerV1beta1::RayClusterMonitoringConfig]
+        attr_accessor :ray_cluster_monitoring_config
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @enabled = args[:enabled] if args.key?(:enabled)
+          @ray_cluster_logging_config = args[:ray_cluster_logging_config] if args.key?(:ray_cluster_logging_config)
+          @ray_cluster_monitoring_config = args[:ray_cluster_monitoring_config] if args.key?(:ray_cluster_monitoring_config)
+        end
+      end
+      
       # Represents an arbitrary window of time that recurs.
       class RecurringTimeWindow
         include Google::Apis::Core::Hashable
@@ -4890,6 +6827,11 @@ module Google
         # @return [String]
         attr_accessor :default_version
       
+        # The auto upgrade target version for clusters on the channel.
+        # Corresponds to the JSON property `upgradeTargetVersion`
+        # @return [String]
+        attr_accessor :upgrade_target_version
+      
         # List of valid versions for the channel.
         # Corresponds to the JSON property `validVersions`
         # @return [Array<String>]
@@ -4904,6 +6846,7 @@ module Google
           @available_versions = args[:available_versions] if args.key?(:available_versions)
           @channel = args[:channel] if args.key?(:channel)
           @default_version = args[:default_version] if args.key?(:default_version)
+          @upgrade_target_version = args[:upgrade_target_version] if args.key?(:upgrade_target_version)
           @valid_versions = args[:valid_versions] if args.key?(:valid_versions)
         end
       end
@@ -4995,6 +6938,31 @@ module Google
         end
       end
       
+      # A map of resource manager tag keys and values to be attached to the nodes for
+      # managing Compute Engine firewalls using Network Firewall Policies. Tags must
+      # be according to specifications in https://cloud.google.com/vpc/docs/tags-
+      # firewalls-overview#specifications. A maximum of 5 tag key-value pairs can be
+      # specified. Existing tags will be replaced with new values.
+      class ResourceManagerTags
+        include Google::Apis::Core::Hashable
+      
+        # Tags must be in one of the following formats ([KEY]=[VALUE]) 1. `tagKeys/`
+        # tag_key_id`=tagValues/`tag_value_id`` 2. ``org_id`/`tag_key_name`=`
+        # tag_value_name`` 3. ``project_id`/`tag_key_name`=`tag_value_name``
+        # Corresponds to the JSON property `tags`
+        # @return [Hash<String,String>]
+        attr_accessor :tags
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @tags = args[:tags] if args.key?(:tags)
+        end
+      end
+      
       # Configuration for exporting cluster resource usages.
       class ResourceUsageExportConfig
         include Google::Apis::Core::Hashable
@@ -5088,19 +7056,80 @@ module Google
         end
       end
       
-      # SandboxConfig contains configurations of the sandbox to use for the node.
-      class SandboxConfig
+      # SandboxConfig contains configurations of the sandbox to use for the node.
+      class SandboxConfig
+        include Google::Apis::Core::Hashable
+      
+        # Type of the sandbox to use for the node (e.g. 'gvisor')
+        # Corresponds to the JSON property `sandboxType`
+        # @return [String]
+        attr_accessor :sandbox_type
+      
+        # Type of the sandbox to use for the node.
+        # Corresponds to the JSON property `type`
+        # @return [String]
+        attr_accessor :type
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @sandbox_type = args[:sandbox_type] if args.key?(:sandbox_type)
+          @type = args[:type] if args.key?(:type)
+        end
+      end
+      
+      # SecondaryBootDisk represents a persistent disk attached to a node with special
+      # configurations based on its mode.
+      class SecondaryBootDisk
+        include Google::Apis::Core::Hashable
+      
+        # Fully-qualified resource ID for an existing disk image.
+        # Corresponds to the JSON property `diskImage`
+        # @return [String]
+        attr_accessor :disk_image
+      
+        # Disk mode (container image cache, etc.)
+        # Corresponds to the JSON property `mode`
+        # @return [String]
+        attr_accessor :mode
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @disk_image = args[:disk_image] if args.key?(:disk_image)
+          @mode = args[:mode] if args.key?(:mode)
+        end
+      end
+      
+      # SecondaryBootDiskUpdateStrategy is a placeholder which will be extended in the
+      # future to define different options for updating secondary boot disks.
+      class SecondaryBootDiskUpdateStrategy
+        include Google::Apis::Core::Hashable
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+        end
+      end
+      
+      # SecretManagerConfig is config for secret manager enablement.
+      class SecretManagerConfig
         include Google::Apis::Core::Hashable
       
-        # Type of the sandbox to use for the node (e.g. 'gvisor')
-        # Corresponds to the JSON property `sandboxType`
-        # @return [String]
-        attr_accessor :sandbox_type
-      
-        # Type of the sandbox to use for the node.
-        # Corresponds to the JSON property `type`
-        # @return [String]
-        attr_accessor :type
+        # Enable/Disable Secret Manager Config.
+        # Corresponds to the JSON property `enabled`
+        # @return [Boolean]
+        attr_accessor :enabled
+        alias_method :enabled?, :enabled
       
         def initialize(**args)
            update!(**args)
@@ -5108,8 +7137,7 @@ module Google
       
         # Update properties of this object
         def update!(**args)
-          @sandbox_type = args[:sandbox_type] if args.key?(:sandbox_type)
-          @type = args[:type] if args.key?(:type)
+          @enabled = args[:enabled] if args.key?(:enabled)
         end
       end
       
@@ -5196,6 +7224,32 @@ module Google
         end
       end
       
+      # SecurityPostureConfig defines the flags needed to enable/disable features for
+      # the Security Posture API.
+      class SecurityPostureConfig
+        include Google::Apis::Core::Hashable
+      
+        # Sets which mode to use for Security Posture features.
+        # Corresponds to the JSON property `mode`
+        # @return [String]
+        attr_accessor :mode
+      
+        # Sets which mode to use for vulnerability scanning.
+        # Corresponds to the JSON property `vulnerabilityMode`
+        # @return [String]
+        attr_accessor :vulnerability_mode
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @mode = args[:mode] if args.key?(:mode)
+          @vulnerability_mode = args[:vulnerability_mode] if args.key?(:vulnerability_mode)
+        end
+      end
+      
       # Kubernetes Engine service configuration.
       class ServerConfig
         include Google::Apis::Core::Hashable
@@ -5976,6 +8030,26 @@ module Google
         end
       end
       
+      # SoleTenantConfig contains the NodeAffinities to specify what shared sole
+      # tenant node groups should back the node pool.
+      class SoleTenantConfig
+        include Google::Apis::Core::Hashable
+      
+        # NodeAffinities used to match to a shared sole tenant node group.
+        # Corresponds to the JSON property `nodeAffinities`
+        # @return [Array<Google::Apis::ContainerV1beta1::NodeAffinity>]
+        attr_accessor :node_affinities
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @node_affinities = args[:node_affinities] if args.key?(:node_affinities)
+        end
+      end
+      
       # Standard rollout policy is the default policy for blue-green.
       class StandardRolloutPolicy
         include Google::Apis::Core::Hashable
@@ -6059,6 +8133,26 @@ module Google
         end
       end
       
+      # Configuration for the Stateful HA add-on.
+      class StatefulHaConfig
+        include Google::Apis::Core::Hashable
+      
+        # Whether the Stateful HA add-on is enabled for this cluster.
+        # Corresponds to the JSON property `enabled`
+        # @return [Boolean]
+        attr_accessor :enabled
+        alias_method :enabled?, :enabled
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @enabled = args[:enabled] if args.key?(:enabled)
+        end
+      end
+      
       # The `Status` type defines a logical error model that is suitable for different
       # programming environments, including REST APIs and RPC APIs. It is used by [
       # gRPC](https://github.com/grpc). Each `Status` message contains three pieces of
@@ -6325,6 +8419,12 @@ module Google
       class UpdateNodePoolRequest
         include Google::Apis::Core::Hashable
       
+        # A list of hardware accelerators to be attached to each node. See https://cloud.
+        # google.com/compute/docs/gpus for more information about support for GPUs.
+        # Corresponds to the JSON property `accelerators`
+        # @return [Array<Google::Apis::ContainerV1beta1::AcceleratorConfig>]
+        attr_accessor :accelerators
+      
         # Required. Deprecated. The name of the cluster to upgrade. This field has been
         # deprecated and replaced by the name field.
         # Corresponds to the JSON property `clusterId`
@@ -6337,6 +8437,25 @@ module Google
         # @return [Google::Apis::ContainerV1beta1::ConfidentialNodes]
         attr_accessor :confidential_nodes
       
+        # ContainerdConfig contains configuration to customize containerd.
+        # Corresponds to the JSON property `containerdConfig`
+        # @return [Google::Apis::ContainerV1beta1::ContainerdConfig]
+        attr_accessor :containerd_config
+      
+        # Optional. The desired disk size for nodes in the node pool. Initiates an
+        # upgrade operation that migrates the nodes in the node pool to the specified
+        # disk size.
+        # Corresponds to the JSON property `diskSizeGb`
+        # @return [Fixnum]
+        attr_accessor :disk_size_gb
+      
+        # Optional. The desired disk type for nodes in the node pool. Initiates an
+        # upgrade operation that migrates the nodes in the node pool to the specified
+        # disk type.
+        # Corresponds to the JSON property `diskType`
+        # @return [String]
+        attr_accessor :disk_type
+      
         # The current etag of the node pool. If an etag is provided and does not match
         # the current etag of the node pool, update will be blocked and an ABORTED error
         # will be returned.
@@ -6359,7 +8478,9 @@ module Google
         # @return [Google::Apis::ContainerV1beta1::VirtualNic]
         attr_accessor :gvnic
       
-        # Required. The desired image type for the node pool.
+        # Required. The desired image type for the node pool. Please see https://cloud.
+        # google.com/kubernetes-engine/docs/concepts/node-images for available image
+        # types.
         # Corresponds to the JSON property `imageType`
         # @return [String]
         attr_accessor :image_type
@@ -6394,6 +8515,19 @@ module Google
         # @return [Google::Apis::ContainerV1beta1::NodePoolLoggingConfig]
         attr_accessor :logging_config
       
+        # Optional. The desired machine type for nodes in the node pool. Initiates an
+        # upgrade operation that migrates the nodes in the node pool to the specified
+        # machine type.
+        # Corresponds to the JSON property `machineType`
+        # @return [String]
+        attr_accessor :machine_type
+      
+        # The maximum duration for the nodes to exist. If unspecified, the nodes can
+        # exist indefinitely.
+        # Corresponds to the JSON property `maxRunDuration`
+        # @return [String]
+        attr_accessor :max_run_duration
+      
         # The name (project, location, cluster, node pool) of the node pool to update.
         # Specified in the format `projects/*/locations/*/clusters/*/nodePools/*`.
         # Corresponds to the JSON property `name`
@@ -6429,12 +8563,32 @@ module Google
         # @return [String]
         attr_accessor :project_id
       
+        # QueuedProvisioning defines the queued provisioning used by the node pool.
+        # Corresponds to the JSON property `queuedProvisioning`
+        # @return [Google::Apis::ContainerV1beta1::QueuedProvisioning]
+        attr_accessor :queued_provisioning
+      
         # Collection of [GCP labels](https://cloud.google.com/resource-manager/docs/
         # creating-managing-labels).
         # Corresponds to the JSON property `resourceLabels`
         # @return [Google::Apis::ContainerV1beta1::ResourceLabels]
         attr_accessor :resource_labels
       
+        # A map of resource manager tag keys and values to be attached to the nodes for
+        # managing Compute Engine firewalls using Network Firewall Policies. Tags must
+        # be according to specifications in https://cloud.google.com/vpc/docs/tags-
+        # firewalls-overview#specifications. A maximum of 5 tag key-value pairs can be
+        # specified. Existing tags will be replaced with new values.
+        # Corresponds to the JSON property `resourceManagerTags`
+        # @return [Google::Apis::ContainerV1beta1::ResourceManagerTags]
+        attr_accessor :resource_manager_tags
+      
+        # List of Storage Pools where boot disks are provisioned. Existing Storage Pools
+        # will be replaced with storage-pools.
+        # Corresponds to the JSON property `storagePools`
+        # @return [Array<String>]
+        attr_accessor :storage_pools
+      
         # Collection of Compute Engine network tags that can be applied to a node's
         # underlying VM instance. (See `tags` field in [`NodeConfig`](/kubernetes-engine/
         # docs/reference/rest/v1/NodeConfig)).
@@ -6448,6 +8602,20 @@ module Google
         # @return [Google::Apis::ContainerV1beta1::NodeTaints]
         attr_accessor :taints
       
+        # These upgrade settings control the level of parallelism and the level of
+        # disruption caused by an upgrade. maxUnavailable controls the number of nodes
+        # that can be simultaneously unavailable. maxSurge controls the number of
+        # additional nodes that can be added to the node pool temporarily for the time
+        # of the upgrade to increase the number of available nodes. (maxUnavailable +
+        # maxSurge) determines the level of parallelism (how many nodes are being
+        # upgraded at the same time). Note: upgrades inevitably introduce some
+        # disruption since workloads need to be moved from old nodes to new, upgraded
+        # ones. Even if maxUnavailable=0, this holds true. (Disruption stays within the
+        # limits of PodDisruptionBudget, if it is configured.) Consider a hypothetical
+        # node pool with 5 nodes having maxSurge=2, maxUnavailable=1. This means the
+        # upgrade process upgrades 3 nodes simultaneously. It creates 2 additional (
+        # upgraded) nodes, then it brings down 3 old (not yet upgraded) nodes at the
+        # same time. This ensures that there are always at least 4 nodes available.
         # These upgrade settings configure the upgrade strategy for the node pool. Use
         # strategy to switch between the strategies applied to the node pool. If the
         # strategy is SURGE, use max_surge and max_unavailable to control the level of
@@ -6495,8 +8663,12 @@ module Google
       
         # Update properties of this object
         def update!(**args)
+          @accelerators = args[:accelerators] if args.key?(:accelerators)
           @cluster_id = args[:cluster_id] if args.key?(:cluster_id)
           @confidential_nodes = args[:confidential_nodes] if args.key?(:confidential_nodes)
+          @containerd_config = args[:containerd_config] if args.key?(:containerd_config)
+          @disk_size_gb = args[:disk_size_gb] if args.key?(:disk_size_gb)
+          @disk_type = args[:disk_type] if args.key?(:disk_type)
           @etag = args[:etag] if args.key?(:etag)
           @fast_socket = args[:fast_socket] if args.key?(:fast_socket)
           @gcfs_config = args[:gcfs_config] if args.key?(:gcfs_config)
@@ -6507,12 +8679,17 @@ module Google
           @linux_node_config = args[:linux_node_config] if args.key?(:linux_node_config)
           @locations = args[:locations] if args.key?(:locations)
           @logging_config = args[:logging_config] if args.key?(:logging_config)
+          @machine_type = args[:machine_type] if args.key?(:machine_type)
+          @max_run_duration = args[:max_run_duration] if args.key?(:max_run_duration)
           @name = args[:name] if args.key?(:name)
           @node_network_config = args[:node_network_config] if args.key?(:node_network_config)
           @node_pool_id = args[:node_pool_id] if args.key?(:node_pool_id)
           @node_version = args[:node_version] if args.key?(:node_version)
           @project_id = args[:project_id] if args.key?(:project_id)
+          @queued_provisioning = args[:queued_provisioning] if args.key?(:queued_provisioning)
           @resource_labels = args[:resource_labels] if args.key?(:resource_labels)
+          @resource_manager_tags = args[:resource_manager_tags] if args.key?(:resource_manager_tags)
+          @storage_pools = args[:storage_pools] if args.key?(:storage_pools)
           @tags = args[:tags] if args.key?(:tags)
           @taints = args[:taints] if args.key?(:taints)
           @upgrade_settings = args[:upgrade_settings] if args.key?(:upgrade_settings)
@@ -6570,6 +8747,50 @@ module Google
         end
       end
       
+      # UpgradeDetails contains detailed information of each individual upgrade
+      # operation.
+      class UpgradeDetails
+        include Google::Apis::Core::Hashable
+      
+        # The end timestamp of the upgrade.
+        # Corresponds to the JSON property `endTime`
+        # @return [String]
+        attr_accessor :end_time
+      
+        # The version before the upgrade.
+        # Corresponds to the JSON property `initialVersion`
+        # @return [String]
+        attr_accessor :initial_version
+      
+        # The start timestamp of the upgrade.
+        # Corresponds to the JSON property `startTime`
+        # @return [String]
+        attr_accessor :start_time
+      
+        # Output only. The state of the upgrade.
+        # Corresponds to the JSON property `state`
+        # @return [String]
+        attr_accessor :state
+      
+        # The version after the upgrade.
+        # Corresponds to the JSON property `targetVersion`
+        # @return [String]
+        attr_accessor :target_version
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @end_time = args[:end_time] if args.key?(:end_time)
+          @initial_version = args[:initial_version] if args.key?(:initial_version)
+          @start_time = args[:start_time] if args.key?(:start_time)
+          @state = args[:state] if args.key?(:state)
+          @target_version = args[:target_version] if args.key?(:target_version)
+        end
+      end
+      
       # UpgradeEvent is a notification sent to customers by the cluster server when a
       # resource is upgrading.
       class UpgradeEvent
@@ -6621,6 +8842,107 @@ module Google
         end
       end
       
+      # UpgradeInfoEvent is a notification sent to customers about the upgrade
+      # information of a resource.
+      class UpgradeInfoEvent
+        include Google::Apis::Core::Hashable
+      
+        # The current version before the upgrade.
+        # Corresponds to the JSON property `currentVersion`
+        # @return [String]
+        attr_accessor :current_version
+      
+        # A brief description of the event.
+        # Corresponds to the JSON property `description`
+        # @return [String]
+        attr_accessor :description
+      
+        # The time when the operation ended.
+        # Corresponds to the JSON property `endTime`
+        # @return [String]
+        attr_accessor :end_time
+      
+        # The type of the event.
+        # Corresponds to the JSON property `eventType`
+        # @return [String]
+        attr_accessor :event_type
+      
+        # The end of extended support timestamp.
+        # Corresponds to the JSON property `extendedSupportEndTime`
+        # @return [String]
+        attr_accessor :extended_support_end_time
+      
+        # The operation associated with this upgrade.
+        # Corresponds to the JSON property `operation`
+        # @return [String]
+        attr_accessor :operation
+      
+        # Optional relative path to the resource. For example in node pool upgrades, the
+        # relative path of the node pool.
+        # Corresponds to the JSON property `resource`
+        # @return [String]
+        attr_accessor :resource
+      
+        # The resource type associated with the upgrade.
+        # Corresponds to the JSON property `resourceType`
+        # @return [String]
+        attr_accessor :resource_type
+      
+        # The end of standard support timestamp.
+        # Corresponds to the JSON property `standardSupportEndTime`
+        # @return [String]
+        attr_accessor :standard_support_end_time
+      
+        # The time when the operation was started.
+        # Corresponds to the JSON property `startTime`
+        # @return [String]
+        attr_accessor :start_time
+      
+        # Output only. The state of the upgrade.
+        # Corresponds to the JSON property `state`
+        # @return [String]
+        attr_accessor :state
+      
+        # The target version for the upgrade.
+        # Corresponds to the JSON property `targetVersion`
+        # @return [String]
+        attr_accessor :target_version
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @current_version = args[:current_version] if args.key?(:current_version)
+          @description = args[:description] if args.key?(:description)
+          @end_time = args[:end_time] if args.key?(:end_time)
+          @event_type = args[:event_type] if args.key?(:event_type)
+          @extended_support_end_time = args[:extended_support_end_time] if args.key?(:extended_support_end_time)
+          @operation = args[:operation] if args.key?(:operation)
+          @resource = args[:resource] if args.key?(:resource)
+          @resource_type = args[:resource_type] if args.key?(:resource_type)
+          @standard_support_end_time = args[:standard_support_end_time] if args.key?(:standard_support_end_time)
+          @start_time = args[:start_time] if args.key?(:start_time)
+          @state = args[:state] if args.key?(:state)
+          @target_version = args[:target_version] if args.key?(:target_version)
+        end
+      end
+      
+      # These upgrade settings control the level of parallelism and the level of
+      # disruption caused by an upgrade. maxUnavailable controls the number of nodes
+      # that can be simultaneously unavailable. maxSurge controls the number of
+      # additional nodes that can be added to the node pool temporarily for the time
+      # of the upgrade to increase the number of available nodes. (maxUnavailable +
+      # maxSurge) determines the level of parallelism (how many nodes are being
+      # upgraded at the same time). Note: upgrades inevitably introduce some
+      # disruption since workloads need to be moved from old nodes to new, upgraded
+      # ones. Even if maxUnavailable=0, this holds true. (Disruption stays within the
+      # limits of PodDisruptionBudget, if it is configured.) Consider a hypothetical
+      # node pool with 5 nodes having maxSurge=2, maxUnavailable=1. This means the
+      # upgrade process upgrades 3 nodes simultaneously. It creates 2 additional (
+      # upgraded) nodes, then it brings down 3 old (not yet upgraded) nodes at the
+      # same time. This ensures that there are always at least 4 nodes available.
       # These upgrade settings configure the upgrade strategy for the node pool. Use
       # strategy to switch between the strategies applied to the node pool. If the
       # strategy is SURGE, use max_surge and max_unavailable to control the level of
@@ -6756,6 +9078,78 @@ module Google
         end
       end
       
+      # UserManagedKeysConfig holds the resource address to Keys which are used for
+      # signing certs and token that are used for communication within cluster.
+      class UserManagedKeysConfig
+        include Google::Apis::Core::Hashable
+      
+        # The Certificate Authority Service caPool to use for the aggregation CA in this
+        # cluster.
+        # Corresponds to the JSON property `aggregationCa`
+        # @return [String]
+        attr_accessor :aggregation_ca
+      
+        # The Certificate Authority Service caPool to use for the cluster CA in this
+        # cluster.
+        # Corresponds to the JSON property `clusterCa`
+        # @return [String]
+        attr_accessor :cluster_ca
+      
+        # The Cloud KMS cryptoKey to use for Confidential Hyperdisk on the control plane
+        # nodes.
+        # Corresponds to the JSON property `controlPlaneDiskEncryptionKey`
+        # @return [String]
+        attr_accessor :control_plane_disk_encryption_key
+      
+        # Resource path of the Certificate Authority Service caPool to use for the etcd
+        # API CA in this cluster.
+        # Corresponds to the JSON property `etcdApiCa`
+        # @return [String]
+        attr_accessor :etcd_api_ca
+      
+        # Resource path of the Certificate Authority Service caPool to use for the etcd
+        # peer CA in this cluster.
+        # Corresponds to the JSON property `etcdPeerCa`
+        # @return [String]
+        attr_accessor :etcd_peer_ca
+      
+        # Resource path of the Cloud KMS cryptoKey to use for encryption of internal
+        # etcd backups.
+        # Corresponds to the JSON property `gkeopsEtcdBackupEncryptionKey`
+        # @return [String]
+        attr_accessor :gkeops_etcd_backup_encryption_key
+      
+        # The Cloud KMS cryptoKeyVersions to use for signing service account JWTs issued
+        # by this cluster. Format: `projects/`project`/locations/`location`/keyRings/`
+        # keyring`/cryptoKeys/`cryptoKey`/cryptoKeyVersions/`cryptoKeyVersion``
+        # Corresponds to the JSON property `serviceAccountSigningKeys`
+        # @return [Array<String>]
+        attr_accessor :service_account_signing_keys
+      
+        # The Cloud KMS cryptoKeyVersions to use for verifying service account JWTs
+        # issued by this cluster. Format: `projects/`project`/locations/`location`/
+        # keyRings/`keyring`/cryptoKeys/`cryptoKey`/cryptoKeyVersions/`cryptoKeyVersion``
+        # Corresponds to the JSON property `serviceAccountVerificationKeys`
+        # @return [Array<String>]
+        attr_accessor :service_account_verification_keys
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @aggregation_ca = args[:aggregation_ca] if args.key?(:aggregation_ca)
+          @cluster_ca = args[:cluster_ca] if args.key?(:cluster_ca)
+          @control_plane_disk_encryption_key = args[:control_plane_disk_encryption_key] if args.key?(:control_plane_disk_encryption_key)
+          @etcd_api_ca = args[:etcd_api_ca] if args.key?(:etcd_api_ca)
+          @etcd_peer_ca = args[:etcd_peer_ca] if args.key?(:etcd_peer_ca)
+          @gkeops_etcd_backup_encryption_key = args[:gkeops_etcd_backup_encryption_key] if args.key?(:gkeops_etcd_backup_encryption_key)
+          @service_account_signing_keys = args[:service_account_signing_keys] if args.key?(:service_account_signing_keys)
+          @service_account_verification_keys = args[:service_account_verification_keys] if args.key?(:service_account_verification_keys)
+        end
+      end
+      
       # VerticalPodAutoscaling contains global, per-cluster information required by
       # Vertical Pod Autoscaler to automatically adjust the resources of pods
       # controlled by it.
@@ -6999,6 +9393,26 @@ module Google
           @node_metadata = args[:node_metadata] if args.key?(:node_metadata)
         end
       end
+      
+      # WorkloadPolicyConfig is the configuration related to GCW workload policy
+      class WorkloadPolicyConfig
+        include Google::Apis::Core::Hashable
+      
+        # If true, workloads can use NET_ADMIN capability.
+        # Corresponds to the JSON property `allowNetAdmin`
+        # @return [Boolean]
+        attr_accessor :allow_net_admin
+        alias_method :allow_net_admin?, :allow_net_admin
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @allow_net_admin = args[:allow_net_admin] if args.key?(:allow_net_admin)
+        end
+      end
     end
   end
 end