pulumi-gcp 7.22.0a1715306721__py3-none-any.whl → 7.22.0a1715611725__py3-none-any.whl

pulumi_gcp/compute/router_peer.py

@@ -77,8 +77,8 @@ class RouterPeerArgs:
                The address must be in the range 2600:2d00:0:2::/64 or 2600:2d00:0:3::/64.
                If you do not specify the next hop addresses, Google Cloud automatically
                assigns unused addresses from the 2600:2d00:0:2::/64 or 2600:2d00:0:3::/64 range for you.
-        :param pulumi.Input['RouterPeerMd5AuthenticationKeyArgs'] md5_authentication_key: Present if MD5 authentication is enabled for the peering. Must be the name of one of the entries in the
-               Router.md5_authentication_keys. The field must comply with RFC1035.
+        :param pulumi.Input['RouterPeerMd5AuthenticationKeyArgs'] md5_authentication_key: Configuration for MD5 authentication on the BGP session.
+               Structure is documented below.
         :param pulumi.Input[str] name: Name of this BGP peer. The name must be 1-63 characters long,
                and comply with RFC1035. Specifically, the name must be 1-63 characters
                long and match the regular expression `a-z?` which
@@ -338,8 +338,8 @@ class RouterPeerArgs:
     @pulumi.getter(name="md5AuthenticationKey")
     def md5_authentication_key(self) -> Optional[pulumi.Input['RouterPeerMd5AuthenticationKeyArgs']]:
         """
-        Present if MD5 authentication is enabled for the peering. Must be the name of one of the entries in the
-        Router.md5_authentication_keys. The field must comply with RFC1035.
+        Configuration for MD5 authentication on the BGP session.
+        Structure is documented below.
         """
         return pulumi.get(self, "md5_authentication_key")
 
@@ -506,8 +506,8 @@ class _RouterPeerState:
                If you do not specify the next hop addresses, Google Cloud automatically
                assigns unused addresses from the 2600:2d00:0:2::/64 or 2600:2d00:0:3::/64 range for you.
         :param pulumi.Input[str] management_type: The resource that configures and manages this BGP peer.
-        :param pulumi.Input['RouterPeerMd5AuthenticationKeyArgs'] md5_authentication_key: Present if MD5 authentication is enabled for the peering. Must be the name of one of the entries in the
-               Router.md5_authentication_keys. The field must comply with RFC1035.
+        :param pulumi.Input['RouterPeerMd5AuthenticationKeyArgs'] md5_authentication_key: Configuration for MD5 authentication on the BGP session.
+               Structure is documented below.
         :param pulumi.Input[str] name: Name of this BGP peer. The name must be 1-63 characters long,
                and comply with RFC1035. Specifically, the name must be 1-63 characters
                long and match the regular expression `a-z?` which
@@ -762,8 +762,8 @@ class _RouterPeerState:
     @pulumi.getter(name="md5AuthenticationKey")
     def md5_authentication_key(self) -> Optional[pulumi.Input['RouterPeerMd5AuthenticationKeyArgs']]:
         """
-        Present if MD5 authentication is enabled for the peering. Must be the name of one of the entries in the
-        Router.md5_authentication_keys. The field must comply with RFC1035.
+        Configuration for MD5 authentication on the BGP session.
+        Structure is documented below.
         """
         return pulumi.get(self, "md5_authentication_key")
 
@@ -1076,6 +1076,26 @@ class RouterPeer(pulumi.CustomResource):
             peer_ip_address=addr_peer.address)
         ```
 
+        ### Router Peer Md5 Authentication Key
+
+        ```python
+        import pulumi
+        import pulumi_gcp as gcp
+
+        foobar = gcp.compute.RouterPeer("foobar",
+            name="%s-peer",
+            router=foobar_google_compute_router["name"],
+            region=foobar_google_compute_router["region"],
+            peer_asn=65515,
+            advertised_route_priority=100,
+            interface=foobar_google_compute_router_interface["name"],
+            peer_ip_address="169.254.3.2",
+            md5_authentication_key=gcp.compute.RouterPeerMd5AuthenticationKeyArgs(
+                name="%s-peer-key",
+                key="%s-peer-key-value",
+            ))
+        ```
+
         ## Import
 
         RouterBgpPeer can be imported using any of these accepted formats:
@@ -1139,8 +1159,8 @@ class RouterPeer(pulumi.CustomResource):
                The address must be in the range 2600:2d00:0:2::/64 or 2600:2d00:0:3::/64.
                If you do not specify the next hop addresses, Google Cloud automatically
                assigns unused addresses from the 2600:2d00:0:2::/64 or 2600:2d00:0:3::/64 range for you.
-        :param pulumi.Input[pulumi.InputType['RouterPeerMd5AuthenticationKeyArgs']] md5_authentication_key: Present if MD5 authentication is enabled for the peering. Must be the name of one of the entries in the
-               Router.md5_authentication_keys. The field must comply with RFC1035.
+        :param pulumi.Input[pulumi.InputType['RouterPeerMd5AuthenticationKeyArgs']] md5_authentication_key: Configuration for MD5 authentication on the BGP session.
+               Structure is documented below.
         :param pulumi.Input[str] name: Name of this BGP peer. The name must be 1-63 characters long,
                and comply with RFC1035. Specifically, the name must be 1-63 characters
                long and match the regular expression `a-z?` which
@@ -1325,6 +1345,26 @@ class RouterPeer(pulumi.CustomResource):
             peer_ip_address=addr_peer.address)
         ```
 
+        ### Router Peer Md5 Authentication Key
+
+        ```python
+        import pulumi
+        import pulumi_gcp as gcp
+
+        foobar = gcp.compute.RouterPeer("foobar",
+            name="%s-peer",
+            router=foobar_google_compute_router["name"],
+            region=foobar_google_compute_router["region"],
+            peer_asn=65515,
+            advertised_route_priority=100,
+            interface=foobar_google_compute_router_interface["name"],
+            peer_ip_address="169.254.3.2",
+            md5_authentication_key=gcp.compute.RouterPeerMd5AuthenticationKeyArgs(
+                name="%s-peer-key",
+                key="%s-peer-key-value",
+            ))
+        ```
+
         ## Import
 
         RouterBgpPeer can be imported using any of these accepted formats:
@@ -1502,8 +1542,8 @@ class RouterPeer(pulumi.CustomResource):
                If you do not specify the next hop addresses, Google Cloud automatically
                assigns unused addresses from the 2600:2d00:0:2::/64 or 2600:2d00:0:3::/64 range for you.
         :param pulumi.Input[str] management_type: The resource that configures and manages this BGP peer.
-        :param pulumi.Input[pulumi.InputType['RouterPeerMd5AuthenticationKeyArgs']] md5_authentication_key: Present if MD5 authentication is enabled for the peering. Must be the name of one of the entries in the
-               Router.md5_authentication_keys. The field must comply with RFC1035.
+        :param pulumi.Input[pulumi.InputType['RouterPeerMd5AuthenticationKeyArgs']] md5_authentication_key: Configuration for MD5 authentication on the BGP session.
+               Structure is documented below.
         :param pulumi.Input[str] name: Name of this BGP peer. The name must be 1-63 characters long,
                and comply with RFC1035. Specifically, the name must be 1-63 characters
                long and match the regular expression `a-z?` which
@@ -1688,8 +1728,8 @@ class RouterPeer(pulumi.CustomResource):
     @pulumi.getter(name="md5AuthenticationKey")
     def md5_authentication_key(self) -> pulumi.Output[Optional['outputs.RouterPeerMd5AuthenticationKey']]:
         """
-        Present if MD5 authentication is enabled for the peering. Must be the name of one of the entries in the
-        Router.md5_authentication_keys. The field must comply with RFC1035.
+        Configuration for MD5 authentication on the BGP session.
+        Structure is documented below.
         """
         return pulumi.get(self, "md5_authentication_key")
 

pulumi_gcp/config/__init__.pyi

@@ -260,6 +260,8 @@ parallelstoreCustomEndpoint: Optional[str]
 
 privatecaCustomEndpoint: Optional[str]
 
+privilegedAccessManagerCustomEndpoint: Optional[str]
+
 project: Optional[str]
 
 publicCaCustomEndpoint: Optional[str]

pulumi_gcp/config/vars.py

@@ -516,6 +516,10 @@ class _ExportableConfig(types.ModuleType):
     def privateca_custom_endpoint(self) -> Optional[str]:
         return __config__.get('privatecaCustomEndpoint')
 
+    @property
+    def privileged_access_manager_custom_endpoint(self) -> Optional[str]:
+        return __config__.get('privilegedAccessManagerCustomEndpoint')
+
     @property
     def project(self) -> Optional[str]:
         return __config__.get('project') or _utilities.get_env('GOOGLE_PROJECT', 'GOOGLE_CLOUD_PROJECT', 'GCLOUD_PROJECT', 'CLOUDSDK_CORE_PROJECT')

pulumi_gcp/container/_inputs.py

@@ -148,6 +148,7 @@ __all__ = [
     'ClusterNodeConfigLocalNvmeSsdBlockConfigArgs',
     'ClusterNodeConfigReservationAffinityArgs',
     'ClusterNodeConfigSandboxConfigArgs',
+    'ClusterNodeConfigSecondaryBootDiskArgs',
     'ClusterNodeConfigShieldedInstanceConfigArgs',
     'ClusterNodeConfigSoleTenantConfigArgs',
     'ClusterNodeConfigSoleTenantConfigNodeAffinityArgs',
@@ -184,6 +185,7 @@ __all__ = [
     'ClusterNodePoolNodeConfigLocalNvmeSsdBlockConfigArgs',
     'ClusterNodePoolNodeConfigReservationAffinityArgs',
     'ClusterNodePoolNodeConfigSandboxConfigArgs',
+    'ClusterNodePoolNodeConfigSecondaryBootDiskArgs',
     'ClusterNodePoolNodeConfigShieldedInstanceConfigArgs',
     'ClusterNodePoolNodeConfigSoleTenantConfigArgs',
     'ClusterNodePoolNodeConfigSoleTenantConfigNodeAffinityArgs',
@@ -236,6 +238,7 @@ __all__ = [
     'NodePoolNodeConfigLocalNvmeSsdBlockConfigArgs',
     'NodePoolNodeConfigReservationAffinityArgs',
     'NodePoolNodeConfigSandboxConfigArgs',
+    'NodePoolNodeConfigSecondaryBootDiskArgs',
     'NodePoolNodeConfigShieldedInstanceConfigArgs',
     'NodePoolNodeConfigSoleTenantConfigArgs',
     'NodePoolNodeConfigSoleTenantConfigNodeAffinityArgs',
@@ -5726,6 +5729,7 @@ class ClusterNodeConfigArgs:
                  resource_labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
                  resource_manager_tags: Optional[pulumi.Input[Mapping[str, Any]]] = None,
                  sandbox_config: Optional[pulumi.Input['ClusterNodeConfigSandboxConfigArgs']] = None,
+                 secondary_boot_disks: Optional[pulumi.Input[Sequence[pulumi.Input['ClusterNodeConfigSecondaryBootDiskArgs']]]] = None,
                  service_account: Optional[pulumi.Input[str]] = None,
                  shielded_instance_config: Optional[pulumi.Input['ClusterNodeConfigShieldedInstanceConfigArgs']] = None,
                  sole_tenant_config: Optional[pulumi.Input['ClusterNodeConfigSoleTenantConfigArgs']] = None,
@@ -5811,6 +5815,7 @@ class ClusterNodeConfigArgs:
                for how these labels are applied to clusters, node pools and nodes.
         :param pulumi.Input[Mapping[str, Any]] resource_manager_tags: A map of resource manager tag keys and values to be attached to the nodes for managing Compute Engine firewalls using Network Firewall Policies. Tags must be according to specifications found [here](https://cloud.google.com/vpc/docs/tags-firewalls-overview#specifications). A maximum of 5 tag key-value pairs can be specified. Existing tags will be replaced with new values. Tags must be in one of the following formats ([KEY]=[VALUE]) 1. `tagKeys/{tag_key_id}=tagValues/{tag_value_id}` 2. `{org_id}/{tag_key_name}={tag_value_name}` 3. `{project_id}/{tag_key_name}={tag_value_name}`.
         :param pulumi.Input['ClusterNodeConfigSandboxConfigArgs'] sandbox_config: Sandbox configuration for this node.
+        :param pulumi.Input[Sequence[pulumi.Input['ClusterNodeConfigSecondaryBootDiskArgs']]] secondary_boot_disks: Parameters for secondary boot disks to preload container images and data on new nodes. Structure is documented below. `gcfs_config` must be `enabled=true` for this feature to work. `min_master_version` must also be set to use GKE 1.28.3-gke.106700 or later versions.
         :param pulumi.Input[str] service_account: The service account to be used by the Node VMs.
                If not specified, the "default" service account is used.
         :param pulumi.Input['ClusterNodeConfigShieldedInstanceConfigArgs'] shielded_instance_config: Shielded Instance options. Structure is documented below.
@@ -5893,6 +5898,8 @@ class ClusterNodeConfigArgs:
             pulumi.set(__self__, "resource_manager_tags", resource_manager_tags)
         if sandbox_config is not None:
             pulumi.set(__self__, "sandbox_config", sandbox_config)
+        if secondary_boot_disks is not None:
+            pulumi.set(__self__, "secondary_boot_disks", secondary_boot_disks)
         if service_account is not None:
             pulumi.set(__self__, "service_account", service_account)
         if shielded_instance_config is not None:
@@ -6326,6 +6333,18 @@ class ClusterNodeConfigArgs:
     def sandbox_config(self, value: Optional[pulumi.Input['ClusterNodeConfigSandboxConfigArgs']]):
         pulumi.set(self, "sandbox_config", value)
 
+    @property
+    @pulumi.getter(name="secondaryBootDisks")
+    def secondary_boot_disks(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['ClusterNodeConfigSecondaryBootDiskArgs']]]]:
+        """
+        Parameters for secondary boot disks to preload container images and data on new nodes. Structure is documented below. `gcfs_config` must be `enabled=true` for this feature to work. `min_master_version` must also be set to use GKE 1.28.3-gke.106700 or later versions.
+        """
+        return pulumi.get(self, "secondary_boot_disks")
+
+    @secondary_boot_disks.setter
+    def secondary_boot_disks(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['ClusterNodeConfigSecondaryBootDiskArgs']]]]):
+        pulumi.set(self, "secondary_boot_disks", value)
+
     @property
     @pulumi.getter(name="serviceAccount")
     def service_account(self) -> Optional[pulumi.Input[str]]:
@@ -6738,6 +6757,7 @@ class ClusterNodeConfigGuestAcceleratorGpuSharingConfigArgs:
         :param pulumi.Input[str] gpu_sharing_strategy: The type of GPU sharing strategy to enable on the GPU node.
                Accepted values are:
                * `"TIME_SHARING"`: Allow multiple containers to have [time-shared](https://cloud.google.com/kubernetes-engine/docs/concepts/timesharing-gpus) access to a single GPU device.
+               * `"MPS"`: Enable co-operative multi-process CUDA workloads to run concurrently on a single GPU device with [MPS](https://cloud.google.com/kubernetes-engine/docs/how-to/nvidia-mps-gpus)
         :param pulumi.Input[int] max_shared_clients_per_gpu: The maximum number of containers that can share a GPU.
         """
         pulumi.set(__self__, "gpu_sharing_strategy", gpu_sharing_strategy)
@@ -6750,6 +6770,7 @@ class ClusterNodeConfigGuestAcceleratorGpuSharingConfigArgs:
         The type of GPU sharing strategy to enable on the GPU node.
         Accepted values are:
         * `"TIME_SHARING"`: Allow multiple containers to have [time-shared](https://cloud.google.com/kubernetes-engine/docs/concepts/timesharing-gpus) access to a single GPU device.
+        * `"MPS"`: Enable co-operative multi-process CUDA workloads to run concurrently on a single GPU device with [MPS](https://cloud.google.com/kubernetes-engine/docs/how-to/nvidia-mps-gpus)
         """
         return pulumi.get(self, "gpu_sharing_strategy")
 
@@ -7071,6 +7092,44 @@ class ClusterNodeConfigSandboxConfigArgs:
         pulumi.set(self, "sandbox_type", value)
 
 
+@pulumi.input_type
+class ClusterNodeConfigSecondaryBootDiskArgs:
+    def __init__(__self__, *,
+                 disk_image: pulumi.Input[str],
+                 mode: Optional[pulumi.Input[str]] = None):
+        """
+        :param pulumi.Input[str] disk_image: Path to disk image to create the secondary boot disk from. After using the [gke-disk-image-builder](https://github.com/GoogleCloudPlatform/ai-on-gke/tree/main/tools/gke-disk-image-builder), this argument should be `global/images/DISK_IMAGE_NAME`.
+        :param pulumi.Input[str] mode: Mode for how the secondary boot disk is used. An example mode is `CONTAINER_IMAGE_CACHE`.
+        """
+        pulumi.set(__self__, "disk_image", disk_image)
+        if mode is not None:
+            pulumi.set(__self__, "mode", mode)
+
+    @property
+    @pulumi.getter(name="diskImage")
+    def disk_image(self) -> pulumi.Input[str]:
+        """
+        Path to disk image to create the secondary boot disk from. After using the [gke-disk-image-builder](https://github.com/GoogleCloudPlatform/ai-on-gke/tree/main/tools/gke-disk-image-builder), this argument should be `global/images/DISK_IMAGE_NAME`.
+        """
+        return pulumi.get(self, "disk_image")
+
+    @disk_image.setter
+    def disk_image(self, value: pulumi.Input[str]):
+        pulumi.set(self, "disk_image", value)
+
+    @property
+    @pulumi.getter
+    def mode(self) -> Optional[pulumi.Input[str]]:
+        """
+        Mode for how the secondary boot disk is used. An example mode is `CONTAINER_IMAGE_CACHE`.
+        """
+        return pulumi.get(self, "mode")
+
+    @mode.setter
+    def mode(self, value: Optional[pulumi.Input[str]]):
+        pulumi.set(self, "mode", value)
+
+
 @pulumi.input_type
 class ClusterNodeConfigShieldedInstanceConfigArgs:
     def __init__(__self__, *,
@@ -8174,6 +8233,7 @@ class ClusterNodePoolNodeConfigArgs:
                  resource_labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
                  resource_manager_tags: Optional[pulumi.Input[Mapping[str, Any]]] = None,
                  sandbox_config: Optional[pulumi.Input['ClusterNodePoolNodeConfigSandboxConfigArgs']] = None,
+                 secondary_boot_disks: Optional[pulumi.Input[Sequence[pulumi.Input['ClusterNodePoolNodeConfigSecondaryBootDiskArgs']]]] = None,
                  service_account: Optional[pulumi.Input[str]] = None,
                  shielded_instance_config: Optional[pulumi.Input['ClusterNodePoolNodeConfigShieldedInstanceConfigArgs']] = None,
                  sole_tenant_config: Optional[pulumi.Input['ClusterNodePoolNodeConfigSoleTenantConfigArgs']] = None,
@@ -8259,6 +8319,7 @@ class ClusterNodePoolNodeConfigArgs:
                for how these labels are applied to clusters, node pools and nodes.
         :param pulumi.Input[Mapping[str, Any]] resource_manager_tags: A map of resource manager tag keys and values to be attached to the nodes for managing Compute Engine firewalls using Network Firewall Policies. Tags must be according to specifications found [here](https://cloud.google.com/vpc/docs/tags-firewalls-overview#specifications). A maximum of 5 tag key-value pairs can be specified. Existing tags will be replaced with new values. Tags must be in one of the following formats ([KEY]=[VALUE]) 1. `tagKeys/{tag_key_id}=tagValues/{tag_value_id}` 2. `{org_id}/{tag_key_name}={tag_value_name}` 3. `{project_id}/{tag_key_name}={tag_value_name}`.
         :param pulumi.Input['ClusterNodePoolNodeConfigSandboxConfigArgs'] sandbox_config: Sandbox configuration for this node.
+        :param pulumi.Input[Sequence[pulumi.Input['ClusterNodePoolNodeConfigSecondaryBootDiskArgs']]] secondary_boot_disks: Parameters for secondary boot disks to preload container images and data on new nodes. Structure is documented below. `gcfs_config` must be `enabled=true` for this feature to work. `min_master_version` must also be set to use GKE 1.28.3-gke.106700 or later versions.
         :param pulumi.Input[str] service_account: The service account to be used by the Node VMs.
                If not specified, the "default" service account is used.
         :param pulumi.Input['ClusterNodePoolNodeConfigShieldedInstanceConfigArgs'] shielded_instance_config: Shielded Instance options. Structure is documented below.
@@ -8341,6 +8402,8 @@ class ClusterNodePoolNodeConfigArgs:
             pulumi.set(__self__, "resource_manager_tags", resource_manager_tags)
         if sandbox_config is not None:
             pulumi.set(__self__, "sandbox_config", sandbox_config)
+        if secondary_boot_disks is not None:
+            pulumi.set(__self__, "secondary_boot_disks", secondary_boot_disks)
         if service_account is not None:
             pulumi.set(__self__, "service_account", service_account)
         if shielded_instance_config is not None:
@@ -8774,6 +8837,18 @@ class ClusterNodePoolNodeConfigArgs:
     def sandbox_config(self, value: Optional[pulumi.Input['ClusterNodePoolNodeConfigSandboxConfigArgs']]):
         pulumi.set(self, "sandbox_config", value)
 
+    @property
+    @pulumi.getter(name="secondaryBootDisks")
+    def secondary_boot_disks(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['ClusterNodePoolNodeConfigSecondaryBootDiskArgs']]]]:
+        """
+        Parameters for secondary boot disks to preload container images and data on new nodes. Structure is documented below. `gcfs_config` must be `enabled=true` for this feature to work. `min_master_version` must also be set to use GKE 1.28.3-gke.106700 or later versions.
+        """
+        return pulumi.get(self, "secondary_boot_disks")
+
+    @secondary_boot_disks.setter
+    def secondary_boot_disks(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['ClusterNodePoolNodeConfigSecondaryBootDiskArgs']]]]):
+        pulumi.set(self, "secondary_boot_disks", value)
+
     @property
     @pulumi.getter(name="serviceAccount")
     def service_account(self) -> Optional[pulumi.Input[str]]:
@@ -9186,6 +9261,7 @@ class ClusterNodePoolNodeConfigGuestAcceleratorGpuSharingConfigArgs:
         :param pulumi.Input[str] gpu_sharing_strategy: The type of GPU sharing strategy to enable on the GPU node.
                Accepted values are:
                * `"TIME_SHARING"`: Allow multiple containers to have [time-shared](https://cloud.google.com/kubernetes-engine/docs/concepts/timesharing-gpus) access to a single GPU device.
+               * `"MPS"`: Enable co-operative multi-process CUDA workloads to run concurrently on a single GPU device with [MPS](https://cloud.google.com/kubernetes-engine/docs/how-to/nvidia-mps-gpus)
         :param pulumi.Input[int] max_shared_clients_per_gpu: The maximum number of containers that can share a GPU.
         """
         pulumi.set(__self__, "gpu_sharing_strategy", gpu_sharing_strategy)
@@ -9198,6 +9274,7 @@ class ClusterNodePoolNodeConfigGuestAcceleratorGpuSharingConfigArgs:
         The type of GPU sharing strategy to enable on the GPU node.
         Accepted values are:
         * `"TIME_SHARING"`: Allow multiple containers to have [time-shared](https://cloud.google.com/kubernetes-engine/docs/concepts/timesharing-gpus) access to a single GPU device.
+        * `"MPS"`: Enable co-operative multi-process CUDA workloads to run concurrently on a single GPU device with [MPS](https://cloud.google.com/kubernetes-engine/docs/how-to/nvidia-mps-gpus)
         """
         return pulumi.get(self, "gpu_sharing_strategy")
 
@@ -9519,6 +9596,44 @@ class ClusterNodePoolNodeConfigSandboxConfigArgs:
         pulumi.set(self, "sandbox_type", value)
 
 
+@pulumi.input_type
+class ClusterNodePoolNodeConfigSecondaryBootDiskArgs:
+    def __init__(__self__, *,
+                 disk_image: pulumi.Input[str],
+                 mode: Optional[pulumi.Input[str]] = None):
+        """
+        :param pulumi.Input[str] disk_image: Path to disk image to create the secondary boot disk from. After using the [gke-disk-image-builder](https://github.com/GoogleCloudPlatform/ai-on-gke/tree/main/tools/gke-disk-image-builder), this argument should be `global/images/DISK_IMAGE_NAME`.
+        :param pulumi.Input[str] mode: Mode for how the secondary boot disk is used. An example mode is `CONTAINER_IMAGE_CACHE`.
+        """
+        pulumi.set(__self__, "disk_image", disk_image)
+        if mode is not None:
+            pulumi.set(__self__, "mode", mode)
+
+    @property
+    @pulumi.getter(name="diskImage")
+    def disk_image(self) -> pulumi.Input[str]:
+        """
+        Path to disk image to create the secondary boot disk from. After using the [gke-disk-image-builder](https://github.com/GoogleCloudPlatform/ai-on-gke/tree/main/tools/gke-disk-image-builder), this argument should be `global/images/DISK_IMAGE_NAME`.
+        """
+        return pulumi.get(self, "disk_image")
+
+    @disk_image.setter
+    def disk_image(self, value: pulumi.Input[str]):
+        pulumi.set(self, "disk_image", value)
+
+    @property
+    @pulumi.getter
+    def mode(self) -> Optional[pulumi.Input[str]]:
+        """
+        Mode for how the secondary boot disk is used. An example mode is `CONTAINER_IMAGE_CACHE`.
+        """
+        return pulumi.get(self, "mode")
+
+    @mode.setter
+    def mode(self, value: Optional[pulumi.Input[str]]):
+        pulumi.set(self, "mode", value)
+
+
 @pulumi.input_type
 class ClusterNodePoolNodeConfigShieldedInstanceConfigArgs:
     def __init__(__self__, *,
@@ -11097,6 +11212,7 @@ class NodePoolNodeConfigArgs:
                  resource_labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
                  resource_manager_tags: Optional[pulumi.Input[Mapping[str, Any]]] = None,
                  sandbox_config: Optional[pulumi.Input['NodePoolNodeConfigSandboxConfigArgs']] = None,
+                 secondary_boot_disks: Optional[pulumi.Input[Sequence[pulumi.Input['NodePoolNodeConfigSecondaryBootDiskArgs']]]] = None,
                  service_account: Optional[pulumi.Input[str]] = None,
                  shielded_instance_config: Optional[pulumi.Input['NodePoolNodeConfigShieldedInstanceConfigArgs']] = None,
                  sole_tenant_config: Optional[pulumi.Input['NodePoolNodeConfigSoleTenantConfigArgs']] = None,
@@ -11136,6 +11252,7 @@ class NodePoolNodeConfigArgs:
         :param pulumi.Input[Mapping[str, pulumi.Input[str]]] resource_labels: The GCE resource labels (a map of key/value pairs) to be applied to the node pool.
         :param pulumi.Input[Mapping[str, Any]] resource_manager_tags: A map of resource manager tags. Resource manager tag keys and values have the same definition as resource manager tags. Keys must be in the format tagKeys/{tag_key_id}, and values are in the format tagValues/456. The field is ignored (both PUT & PATCH) when empty.
         :param pulumi.Input['NodePoolNodeConfigSandboxConfigArgs'] sandbox_config: Sandbox configuration for this node.
+        :param pulumi.Input[Sequence[pulumi.Input['NodePoolNodeConfigSecondaryBootDiskArgs']]] secondary_boot_disks: Secondary boot disks for preloading data or container images.
         :param pulumi.Input[str] service_account: The Google Cloud Platform Service Account to be used by the node VMs.
         :param pulumi.Input['NodePoolNodeConfigShieldedInstanceConfigArgs'] shielded_instance_config: Shielded Instance options.
         :param pulumi.Input['NodePoolNodeConfigSoleTenantConfigArgs'] sole_tenant_config: Node affinity options for sole tenant node pools.
@@ -11206,6 +11323,8 @@ class NodePoolNodeConfigArgs:
             pulumi.set(__self__, "resource_manager_tags", resource_manager_tags)
         if sandbox_config is not None:
             pulumi.set(__self__, "sandbox_config", sandbox_config)
+        if secondary_boot_disks is not None:
+            pulumi.set(__self__, "secondary_boot_disks", secondary_boot_disks)
         if service_account is not None:
             pulumi.set(__self__, "service_account", service_account)
         if shielded_instance_config is not None:
@@ -11593,6 +11712,18 @@ class NodePoolNodeConfigArgs:
     def sandbox_config(self, value: Optional[pulumi.Input['NodePoolNodeConfigSandboxConfigArgs']]):
         pulumi.set(self, "sandbox_config", value)
 
+    @property
+    @pulumi.getter(name="secondaryBootDisks")
+    def secondary_boot_disks(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['NodePoolNodeConfigSecondaryBootDiskArgs']]]]:
+        """
+        Secondary boot disks for preloading data or container images.
+        """
+        return pulumi.get(self, "secondary_boot_disks")
+
+    @secondary_boot_disks.setter
+    def secondary_boot_disks(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['NodePoolNodeConfigSecondaryBootDiskArgs']]]]):
+        pulumi.set(self, "secondary_boot_disks", value)
+
     @property
     @pulumi.getter(name="serviceAccount")
     def service_account(self) -> Optional[pulumi.Input[str]]:
@@ -12262,6 +12393,44 @@ class NodePoolNodeConfigSandboxConfigArgs:
         pulumi.set(self, "sandbox_type", value)
 
 
+@pulumi.input_type
+class NodePoolNodeConfigSecondaryBootDiskArgs:
+    def __init__(__self__, *,
+                 disk_image: pulumi.Input[str],
+                 mode: Optional[pulumi.Input[str]] = None):
+        """
+        :param pulumi.Input[str] disk_image: Disk image to create the secondary boot disk from
+        :param pulumi.Input[str] mode: Mode for how the secondary boot disk is used.
+        """
+        pulumi.set(__self__, "disk_image", disk_image)
+        if mode is not None:
+            pulumi.set(__self__, "mode", mode)
+
+    @property
+    @pulumi.getter(name="diskImage")
+    def disk_image(self) -> pulumi.Input[str]:
+        """
+        Disk image to create the secondary boot disk from
+        """
+        return pulumi.get(self, "disk_image")
+
+    @disk_image.setter
+    def disk_image(self, value: pulumi.Input[str]):
+        pulumi.set(self, "disk_image", value)
+
+    @property
+    @pulumi.getter
+    def mode(self) -> Optional[pulumi.Input[str]]:
+        """
+        Mode for how the secondary boot disk is used.
+        """
+        return pulumi.get(self, "mode")
+
+    @mode.setter
+    def mode(self, value: Optional[pulumi.Input[str]]):
+        pulumi.set(self, "mode", value)
+
+
 @pulumi.input_type
 class NodePoolNodeConfigShieldedInstanceConfigArgs:
     def __init__(__self__, *,