v1

Operation is unknown and will error out.

Set the password to a user generated value.

Generate a new password and set it to that.

Set the username. If an empty username is provided, basic authentication is disabled for the cluster. If a non-empty username is provided, basic authentication is enabled, with either a provided password or a generated one.

UNKNOWN indicates a generic condition.

GCE_STOCKOUT indicates a Google Compute Engine stockout.

GKE_SERVICE_ACCOUNT_DELETED indicates that the user deleted their robot service account.

Google Compute Engine quota was exceeded.

Cluster state was manually changed by an SRE due to a system logic error.

Unable to perform an encrypt operation against the CloudKMS key used for etcd level encryption. More codes TBA

Not set

NoSchedule

PreferNoSchedule

NoExecute

Not set

Tigera (Calico Felix).

Should never be set

Secrets in etcd are encrypted.

Secrets in etcd are stored in plain text (at etcd level) - this is unrelated to GCE level full disk encryption.

Not set.

The PROVISIONING state indicates the node pool is being created.

The RUNNING state indicates the node pool has been created and is fully usable.

The RUNNING_WITH_ERROR state indicates the node pool has been created and is partially usable. Some error state has occurred and some functionality may be impaired. Customer may need to reissue a request or trigger a new update.

The RECONCILING state indicates that some work is actively being done on the node pool, such as upgrading node software. Details can be found in the statusMessage field.

The STOPPING state indicates the node pool is being deleted.

The ERROR state indicates the node pool may be unusable. Details can be found in the statusMessage field.

Not set.

The PROVISIONING state indicates the cluster is being created.

The RUNNING state indicates the cluster has been created and is fully usable.

The RECONCILING state indicates that some work is actively being done on the cluster, such as upgrading the master or node software. Details can be found in the statusMessage field.

The STOPPING state indicates the cluster is being deleted.

The ERROR state indicates the cluster may be unusable. Details can be found in the statusMessage field.

The DEGRADED state indicates the cluster requires user action to restore full functionality. Details can be found in the statusMessage field.

Not set.

The operation has been created.

The operation is currently running.

The operation is done, either cancelled or completed.

The operation is aborting.

UNKNOWN is the zero value of the Status enum. It's not a valid status.

UNUSED denotes that this range is unclaimed by any cluster.

IN_USE_SERVICE denotes that this range is claimed by a cluster for services. It cannot be used for other clusters.

IN_USE_SHAREABLE_POD denotes this range was created by the network admin and is currently claimed by a cluster for pods. It can only be used by other clusters as a pod range.

IN_USE_MANAGED_POD denotes this range was created by GKE and is claimed for pods. It cannot be used for other clusters.

Not set.

Cluster create.

Cluster delete.

A master upgrade.

A node upgrade.

Cluster repair.

Cluster update.

Node pool create.

Node pool delete.

Set node pool management.

Automatic node pool repair.

Automatic node upgrade.

Set labels.

Set/generate master auth materials

Set node pool size.

Updates network policy for a cluster.

Set the maintenance policy.

The number of the accelerator cards exposed to an instance.

The accelerator type resource name. List of supported accelerators here

Configuration for the HTTP (L7) load balancing controller addon, which makes it easy to set up HTTP load balancers for services in a cluster.

This object should have the same structure as HttpLoadBalancing

Configuration for the horizontal pod autoscaling feature, which increases or decreases the number of replica pods a replication controller has based on the resource usage of the existing pods.

This object should have the same structure as HorizontalPodAutoscaling

Configuration for the Kubernetes Dashboard. This addon is deprecated, and will be disabled in 1.15. It is recommended to use the Cloud Console to manage and monitor your Kubernetes clusters, workloads and applications. For more information, see: https://cloud.google.com/kubernetes-engine/docs/concepts/dashboards

This object should have the same structure as KubernetesDashboard

Configuration for NetworkPolicy. This only tracks whether the addon is enabled or not on the Master, it does not track whether network policy is enabled for the nodes.

This object should have the same structure as NetworkPolicyConfig

Configuration for the Cloud Run addon, which allows the user to use a managed Knative service.

This object should have the same structure as CloudRunConfig

Whether this cluster should return group membership lookups during authentication using a group of security groups.

The name of the security group-of-groups to be used. Only relevant if enabled = true.

Scopes that are used by NAP when creating node pools. If oauth_scopes are specified, service_account should be empty.

The Google Cloud Platform Service Account to be used by the node VMs. If service_account is specified, scopes should be empty.

[Output only] This field is set when upgrades are about to commence with the approximate start time for the upgrades, in RFC3339 text format.

[Output only] This field is set when upgrades are about to commence with the description of the upgrade.

The ID of a BigQuery Dataset.

Enable Binary Authorization for this cluster. If enabled, all container images will be validated by Binary Authorization.

Required. Deprecated. The Google Developers Console project ID or project number. This field has been deprecated and replaced by the name field.

Required. Deprecated. The name of the Google Compute Engine zone in which the operation resides. This field has been deprecated and replaced by the name field.

Required. Deprecated. The server-assigned name of the operation. This field has been deprecated and replaced by the name field.

The name (project, location, operation id) of the operation to cancel. Specified in the format 'projects/* /locations/* /operations/*'.

display_name is an optional field for users to identify CIDR blocks.

cidr_block must be specified in CIDR notation.

Issue a client certificate.

Whether Cloud Run addon is enabled for this cluster.

The name of this cluster. The name must be unique within this project and location (e.g. zone or region), and can be up to 40 characters with the following restrictions:

• Lowercase letters, numbers, and hyphens only.
• Must start with a letter.
• Must end with a number or a letter.

An optional description of this cluster.

The number of nodes to create in this cluster. You must ensure that your Compute Engine resource quota is sufficient for this number of instances. You must also have available firewall and routes quota. For requests, this field should only be used in lieu of a "node_pool" object, since this configuration (along with the "node_config") will be used to create a "NodePool" object with an auto-generated name. Do not use this and a node_pool at the same time.

This field is deprecated, use node_pool.initial_node_count instead.

Parameters used in creating the cluster's nodes. For requests, this field should only be used in lieu of a "node_pool" object, since this configuration (along with the "initial_node_count") will be used to create a "NodePool" object with an auto-generated name. Do not use this and a node_pool at the same time. For responses, this field will be populated with the node configuration of the first node pool. (For configuration of each node pool, see node_pool.config)

If unspecified, the defaults are used. This field is deprecated, use node_pool.config instead.

This object should have the same structure as NodeConfig

The authentication information for accessing the master endpoint. If unspecified, the defaults are used: For clusters before v1.12, if master_auth is unspecified, username will be set to "admin", a random password will be generated, and a client certificate will be issued.

This object should have the same structure as MasterAuth

The logging service the cluster should use to write logs. Currently available options:

• "logging.googleapis.com/kubernetes" - the Google Cloud Logging service with Kubernetes-native resource model
• logging.googleapis.com - the Google Cloud Logging service.
• none - no logs will be exported from the cluster.
• if left as an empty string,logging.googleapis.com will be used.

The monitoring service the cluster should use to write metrics. Currently available options:

• monitoring.googleapis.com - the Google Cloud Monitoring service.
• none - no metrics will be exported from the cluster.
• if left as an empty string, monitoring.googleapis.com will be used.

The name of the Google Compute Engine network to which the cluster is connected. If left unspecified, the default network will be used.

The IP address range of the container pods in this cluster, in CIDR notation (e.g. 10.96.0.0/14). Leave blank to have one automatically chosen or specify a /14 block in 10.0.0.0/8.

Configurations for the various addons available to run in the cluster.

This object should have the same structure as AddonsConfig

The name of the Google Compute Engine subnetwork to which the cluster is connected.

The node pools associated with this cluster. This field should not be set if "node_config" or "initial_node_count" are specified.

This object should have the same structure as NodePool

The list of Google Compute Engine zones in which the cluster's nodes should be located.

Kubernetes alpha features are enabled on this cluster. This includes alpha API groups (e.g. v1alpha1) and features that may not be production ready in the kubernetes version of the master and nodes. The cluster has no SLA for uptime and master/node upgrades are disabled. Alpha enabled clusters are automatically deleted thirty days after creation.

The resource labels for the cluster to use to annotate any related Google Compute Engine resources.

The fingerprint of the set of labels for this cluster.

Configuration for the legacy ABAC authorization mode.

This object should have the same structure as LegacyAbac

Configuration options for the NetworkPolicy feature.

This object should have the same structure as NetworkPolicy

Configuration for cluster IP allocation.

This object should have the same structure as IPAllocationPolicy

The configuration options for master authorized networks feature.

This object should have the same structure as MasterAuthorizedNetworksConfig

Configure the maintenance policy for this cluster.

This object should have the same structure as MaintenancePolicy

Configuration for Binary Authorization.

This object should have the same structure as BinaryAuthorization

Cluster-level autoscaling configuration.

This object should have the same structure as ClusterAutoscaling

Configuration for cluster networking.

This object should have the same structure as NetworkConfig

The default constraint on the maximum number of pods that can be run simultaneously on a node in the node pool of this cluster. Only honored if cluster created with IP Alias support.

This object should have the same structure as MaxPodsConstraint

Configuration for exporting resource usages. Resource usage export is disabled when this config is unspecified.

This object should have the same structure as ResourceUsageExportConfig

Configuration controlling RBAC group membership information.

This object should have the same structure as AuthenticatorGroupsConfig

Configuration for private cluster.

This object should have the same structure as PrivateClusterConfig

Configuration of etcd encryption.

This object should have the same structure as DatabaseEncryption

Cluster-level Vertical Pod Autoscaling configuration.

This object should have the same structure as VerticalPodAutoscaling

[Output only] Server-defined URL for the resource.

[Output only] The name of the Google Compute Engine zone in which the cluster resides. This field is deprecated, use location instead.

[Output only] The IP address of this cluster's master endpoint. The endpoint can be accessed from the internet at https://username:password@endpoint/.

See the masterAuth property of this resource for username and password information.

The initial Kubernetes version for this cluster. Valid versions are those found in validMasterVersions returned by getServerConfig. The version can be upgraded over time; such upgrades are reflected in currentMasterVersion and currentNodeVersion.

Users may specify either explicit versions offered by Kubernetes Engine or version aliases, which have the following behavior:

• "latest": picks the highest valid Kubernetes version
• "1.X": picks the highest valid patch+gke.N patch in the 1.X version
• "1.X.Y": picks the highest valid gke.N patch in the 1.X.Y version
• "1.X.Y-gke.N": picks an explicit Kubernetes version
• "","-": picks the default Kubernetes version

[Output only] The current software version of the master endpoint.

[Output only] Deprecated, use NodePools.version instead. The current version of the node software components. If they are currently at multiple versions because they're in the process of being upgraded, this reflects the minimum version of all nodes.

[Output only] The time the cluster was created, in RFC3339 text format.

[Output only] The current status of this cluster.

The number should be among the values of Status

[Output only] Additional information about the current status of this cluster, if available.

[Output only] The size of the address space on each node for hosting containers. This is provisioned from within the container_ipv4_cidr range. This field will only be set when cluster is in route-based network mode.

[Output only] The IP address range of the Kubernetes services in this cluster, in CIDR notation (e.g. 1.2.3.4/29). Service addresses are typically put in the last /16 from the container CIDR.

Deprecated. Use node_pools.instance_group_urls.

[Output only] The number of nodes currently in the cluster. Deprecated. Call Kubernetes API directly to retrieve node information.

[Output only] The time the cluster will be automatically deleted in RFC3339 text format.

[Output only] The name of the Google Compute Engine zone or region in which the cluster resides.

Enable the ability to use Cloud TPUs in this cluster.

[Output only] The IP address range of the Cloud TPUs in this cluster, in CIDR notation (e.g. 1.2.3.4/29).

Which conditions caused the current cluster state.

This object should have the same structure as StatusCondition

Enables automatic node pool creation and deletion.

Contains global constraints regarding minimum and maximum amount of resources in the cluster.

This object should have the same structure as ResourceLimit

AutoprovisioningNodePoolDefaults contains defaults for a node pool created by NAP.

This object should have the same structure as AutoprovisioningNodePoolDefaults

The list of Google Compute Engine zones in which the NodePool's nodes can be created by NAP.

The Kubernetes version to change the nodes to (typically an upgrade).

Users may specify either explicit versions offered by Kubernetes Engine or version aliases, which have the following behavior:

• "latest": picks the highest valid Kubernetes version
• "1.X": picks the highest valid patch+gke.N patch in the 1.X version
• "1.X.Y": picks the highest valid gke.N patch in the 1.X.Y version
• "1.X.Y-gke.N": picks an explicit Kubernetes version
• "-": picks the Kubernetes master version

The monitoring service the cluster should use to write metrics. Currently available options:

• "monitoring.googleapis.com/kubernetes" - the Google Cloud Monitoring service with Kubernetes-native resource model
• "monitoring.googleapis.com" - the Google Cloud Monitoring service
• "none" - no metrics will be exported from the cluster

Configurations for the various addons available to run in the cluster.

This object should have the same structure as AddonsConfig

The node pool to be upgraded. This field is mandatory if "desired_node_version", "desired_image_family" or "desired_node_pool_autoscaling" is specified and there is more than one node pool on the cluster.

The desired image type for the node pool. NOTE: Set the "desired_node_pool" field as well.

Configuration of etcd encryption.

This object should have the same structure as DatabaseEncryption

Autoscaler configuration for the node pool specified in desired_node_pool_id. If there is only one pool in the cluster and desired_node_pool_id is not provided then the change applies to that single node pool.

This object should have the same structure as NodePoolAutoscaling

The desired list of Google Compute Engine zones in which the cluster's nodes should be located. Changing the locations a cluster is in will result in nodes being either created or removed from the cluster, depending on whether locations are being added or removed.

This list must always include the cluster's primary zone.

The desired configuration options for master authorized networks feature.

This object should have the same structure as MasterAuthorizedNetworksConfig

Cluster-level autoscaling configuration.

This object should have the same structure as ClusterAutoscaling

The desired configuration options for the Binary Authorization feature.

This object should have the same structure as BinaryAuthorization

The logging service the cluster should use to write logs. Currently available options:

• "logging.googleapis.com/kubernetes" - the Google Cloud Logging service with Kubernetes-native resource model
• "logging.googleapis.com" - the Google Cloud Logging service
• "none" - no logs will be exported from the cluster

The desired configuration for exporting resource usage.

This object should have the same structure as ResourceUsageExportConfig

Cluster-level Vertical Pod Autoscaling configuration.

This object should have the same structure as VerticalPodAutoscaling

The desired config of Intra-node visibility.

This object should have the same structure as IntraNodeVisibilityConfig

The Kubernetes version to change the master to.

Users may specify either explicit versions offered by Kubernetes Engine or version aliases, which have the following behavior:

• "latest": picks the highest valid Kubernetes version
• "1.X": picks the highest valid patch+gke.N patch in the 1.X version
• "1.X.Y": picks the highest valid gke.N patch in the 1.X.Y version
• "1.X.Y-gke.N": picks an explicit Kubernetes version
• "-": picks the default Kubernetes version

Required. Deprecated. The Google Developers Console project ID or project number. This field has been deprecated and replaced by the name field.

Required. Deprecated. The name of the Google Compute Engine zone in which the cluster resides. This field has been deprecated and replaced by the name field.

Required. Deprecated. The name of the cluster. This field has been deprecated and replaced by the name field.

The name (project, location, cluster id) of the cluster to complete IP rotation. Specified in the format 'projects/* /locations/* /clusters/*'.

Whether to enable consumption metering for this cluster. If enabled, a second BigQuery table will be created to hold resource consumption records.

Required. Deprecated. The Google Developers Console project ID or project number. This field has been deprecated and replaced by the parent field.

Required. Deprecated. The name of the Google Compute Engine zone in which the cluster resides. This field has been deprecated and replaced by the parent field.

Required. A cluster resource

This object should have the same structure as Cluster

The parent (project and location) where the cluster will be created. Specified in the format 'projects/* /locations/*'.

Required. Deprecated. The Google Developers Console project ID or project number. This field has been deprecated and replaced by the parent field.

Required. Deprecated. The name of the Google Compute Engine zone in which the cluster resides. This field has been deprecated and replaced by the parent field.

Required. Deprecated. The name of the cluster. This field has been deprecated and replaced by the parent field.

Required. The node pool to create.

This object should have the same structure as NodePool

The parent (project, location, cluster id) where the node pool will be created. Specified in the format 'projects/* /locations/* /clusters/*'.

Time within the maintenance window to start the maintenance operations. Time format should be in RFC3339 format "HH:MM", where HH : [00-23] and MM : [00-59] GMT.

[Output only] Duration of the time window, automatically chosen to be smallest possible in the given scenario. Duration will be in RFC3339 format "PTnHnMnS".

Denotes the state of etcd encryption.

The number should be among the values of State

Name of CloudKMS key to use for the encryption of secrets in etcd. Ex. projects/my-project/locations/global/keyRings/my-ring/cryptoKeys/my-key

Required. Deprecated. The Google Developers Console project ID or project number. This field has been deprecated and replaced by the name field.

Required. Deprecated. The name of the Google Compute Engine zone in which the cluster resides. This field has been deprecated and replaced by the name field.

Required. Deprecated. The name of the cluster to delete. This field has been deprecated and replaced by the name field.

The name (project, location, cluster) of the cluster to delete. Specified in the format 'projects/* /locations/* /clusters/*'.

Required. Deprecated. The Google Developers Console project ID or project number. This field has been deprecated and replaced by the name field.

Required. Deprecated. The name of the Google Compute Engine zone in which the cluster resides. This field has been deprecated and replaced by the name field.

Required. Deprecated. The name of the cluster. This field has been deprecated and replaced by the name field.

Required. Deprecated. The name of the node pool to delete. This field has been deprecated and replaced by the name field.

The name (project, location, cluster, node pool id) of the node pool to delete. Specified in the format 'projects/* /locations/* /clusters/* /nodePools/*'.

Required. Deprecated. The Google Developers Console project ID or project number. This field has been deprecated and replaced by the name field.

Required. Deprecated. The name of the Google Compute Engine zone in which the cluster resides. This field has been deprecated and replaced by the name field.

Required. Deprecated. The name of the cluster to retrieve. This field has been deprecated and replaced by the name field.

The name (project, location, cluster) of the cluster to retrieve. Specified in the format 'projects/* /locations/* /clusters/*'.

Required. Deprecated. The Google Developers Console project ID or project number. This field has been deprecated and replaced by the name field.

Required. Deprecated. The name of the Google Compute Engine zone in which the cluster resides. This field has been deprecated and replaced by the name field.

Required. Deprecated. The name of the cluster. This field has been deprecated and replaced by the name field.

Required. Deprecated. The name of the node pool. This field has been deprecated and replaced by the name field.

The name (project, location, cluster, node pool id) of the node pool to get. Specified in the format 'projects/* /locations/* /clusters/* /nodePools/*'.

Required. Deprecated. The Google Developers Console project ID or project number. This field has been deprecated and replaced by the name field.

Required. Deprecated. The name of the Google Compute Engine zone in which the cluster resides. This field has been deprecated and replaced by the name field.

Required. Deprecated. The server-assigned name of the operation. This field has been deprecated and replaced by the name field.

The name (project, location, operation id) of the operation to get. Specified in the format 'projects/* /locations/* /operations/*'.

Required. Deprecated. The Google Developers Console project ID or project number. This field has been deprecated and replaced by the name field.

Required. Deprecated. The name of the Google Compute Engine zone to return operations for. This field has been deprecated and replaced by the name field.

The name (project and location) of the server config to get, specified in the format 'projects/* /locations/*'.

Whether the Horizontal Pod Autoscaling feature is enabled in the cluster. When enabled, it ensures that a Heapster pod is running in the cluster, which is also used by the Cloud Monitoring service.

Whether the HTTP Load Balancing controller is enabled in the cluster. When enabled, it runs a small pod in the cluster that manages the load balancers.

Enables intra node visibility for this cluster.

Whether alias IPs will be used for pod IPs in the cluster.

Whether a new subnetwork will be created automatically for the cluster.

This field is only applicable when use_ip_aliases is true.

A custom subnetwork name to be used if create_subnetwork is true. If this field is empty, then an automatic name will be chosen for the new subnetwork.

This field is deprecated, use cluster_ipv4_cidr_block.

This field is deprecated, use node_ipv4_cidr_block.

This field is deprecated, use services_ipv4_cidr_block.

The name of the secondary range to be used for the cluster CIDR block. The secondary range will be used for pod IP addresses. This must be an existing secondary range associated with the cluster subnetwork.

This field is only applicable with use_ip_aliases is true and create_subnetwork is false.

The name of the secondary range to be used as for the services CIDR block. The secondary range will be used for service ClusterIPs. This must be an existing secondary range associated with the cluster subnetwork.

This field is only applicable with use_ip_aliases is true and create_subnetwork is false.

The IP address range for the cluster pod IPs. If this field is set, then cluster.cluster_ipv4_cidr must be left blank.

This field is only applicable when use_ip_aliases is true.

Set to blank to have a range chosen with the default size.

Set to /netmask (e.g. /14) to have a range chosen with a specific netmask.

Set to a CIDR notation (e.g. 10.96.0.0/14) from the RFC-1918 private networks (e.g. 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16) to pick a specific range to use.

The IP address range of the instance IPs in this cluster.

This is applicable only if create_subnetwork is true.

Set to blank to have a range chosen with the default size.

Set to /netmask (e.g. /14) to have a range chosen with a specific netmask.

Set to a CIDR notation (e.g. 10.96.0.0/14) from the RFC-1918 private networks (e.g. 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16) to pick a specific range to use.

The IP address range of the services IPs in this cluster. If blank, a range will be automatically chosen with the default size.

This field is only applicable when use_ip_aliases is true.

Set to blank to have a range chosen with the default size.

Set to /netmask (e.g. /14) to have a range chosen with a specific netmask.

Set to a CIDR notation (e.g. 10.96.0.0/14) from the RFC-1918 private networks (e.g. 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16) to pick a specific range to use.

The IP address range of the Cloud TPUs in this cluster. If unspecified, a range will be automatically chosen with the default size.

This field is only applicable when use_ip_aliases is true.

If unspecified, the range will use the default size.

Set to /netmask (e.g. /14) to have a range chosen with a specific netmask.

Set to a CIDR notation (e.g. 10.96.0.0/14) from the RFC-1918 private networks (e.g. 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16) to pick a specific range to use.

Whether the Kubernetes Dashboard is enabled for this cluster.

Whether the ABAC authorizer is enabled for this cluster. When enabled, identities in the system, including service accounts, nodes, and controllers, will have statically granted permissions beyond those provided by the RBAC configuration or IAM.

Required. Deprecated. The Google Developers Console project ID or project number. This field has been deprecated and replaced by the parent field.

Required. Deprecated. The name of the Google Compute Engine zone in which the cluster resides, or "-" for all zones. This field has been deprecated and replaced by the parent field.

The parent (project and location) where the clusters will be listed. Specified in the format 'projects/* /locations/*'. Location "-" matches all zones and all regions.

A list of clusters in the project in the specified zone, or across all ones.

This object should have the same structure as Cluster

If any zones are listed here, the list of clusters returned may be missing those zones.

Required. Deprecated. The Google Developers Console project ID or project number. This field has been deprecated and replaced by the parent field.

Required. Deprecated. The name of the Google Compute Engine zone in which the cluster resides. This field has been deprecated and replaced by the parent field.

Required. Deprecated. The name of the cluster. This field has been deprecated and replaced by the parent field.

The parent (project, location, cluster id) where the node pools will be listed. Specified in the format 'projects/* /locations/* /clusters/*'.

A list of node pools for a cluster.

This object should have the same structure as NodePool

Required. Deprecated. The Google Developers Console project ID or project number. This field has been deprecated and replaced by the parent field.

Required. Deprecated. The name of the Google Compute Engine zone to return operations for, or - for all zones. This field has been deprecated and replaced by the parent field.

The parent (project and location) where the operations will be listed. Specified in the format 'projects/* /locations/*'. Location "-" matches all zones and all regions.

A list of operations in the project in the specified zone.

This object should have the same structure as Operation

If any zones are listed here, the list of operations returned may be missing the operations from those zones.

The parent project where subnetworks are usable. Specified in the format 'projects/*'.

Filtering currently only supports equality on the networkProjectId and must be in the form: "networkProjectId=[PROJECTID]", where networkProjectId is the project which owns the listed subnetworks. This defaults to the parent project ID.

The max number of results per page that should be returned. If the number of available results is larger than page_size, a next_page_token is returned which can be used to get the next page of results in subsequent requests. Acceptable values are 0 to 500, inclusive. (Default: 500)

Specifies a page token to use. Set this to the nextPageToken returned by previous list requests to get the next page of results.

A list of usable subnetworks in the specified network project.

This object should have the same structure as UsableSubnetwork

This token allows you to get the next page of results for list requests. If the number of results is larger than page_size, use the next_page_token as a value for the query parameter page_token in the next request. The value will become empty when there are no more pages.

Specifies the maintenance window in which maintenance may be performed.

This object should have the same structure as MaintenanceWindow

A hash identifying the version of this policy, so that updates to fields of the policy won't accidentally undo intermediate changes (and so that users of the API unaware of some fields won't accidentally remove other fields). Make a get() request to the cluster to get the current resource version and include it with requests to set the policy.

DailyMaintenanceWindow specifies a daily maintenance operation window.

This object should have the same structure as DailyMaintenanceWindow

RecurringWindow specifies some number of recurring time periods for maintenance to occur. The time windows may be overlapping. If no maintenance windows are set, maintenance can occur at any time.

This object should have the same structure as RecurringTimeWindow

Exceptions to maintenance window. Non-emergency maintenance should not occur in these windows.

The username to use for HTTP basic authentication to the master endpoint. For clusters v1.6.0 and later, basic authentication can be disabled by leaving username unspecified (or setting it to the empty string).

The password to use for HTTP basic authentication to the master endpoint. Because the master endpoint is open to the Internet, you should create a strong password. If a password is provided for cluster creation, username must be non-empty.

Configuration for client certificate authentication on the cluster. For clusters before v1.12, if no configuration is specified, a client certificate is issued.

This object should have the same structure as ClientCertificateConfig

[Output only] Base64-encoded public certificate that is the root of trust for the cluster.

[Output only] Base64-encoded public certificate used by clients to authenticate to the cluster endpoint.

[Output only] Base64-encoded private key used by clients to authenticate to the cluster endpoint.

Whether or not master authorized networks is enabled.

cidr_blocks define up to 50 external networks that could access Kubernetes master through HTTPS.

This object should have the same structure as CidrBlock

Constraint enforced on the max num of pods per node.

Output only. The relative name of the Google Compute Engine network(/compute/docs/networks-and-firewalls#networks) to which the cluster is connected. Example: projects/my-project/global/networks/my-network

Output only. The relative name of the Google Compute Engine subnetwork to which the cluster is connected. Example: projects/my-project/regions/us-central1/subnetworks/my-subnet

Whether Intra-node visibility is enabled for this cluster. This makes same node pod to pod traffic visible for VPC network.

The selected network policy provider.

The number should be among the values of Provider

Whether network policy is enabled on the cluster.

Whether NetworkPolicy is enabled for this cluster.

The name of a Google Compute Engine machine type (e.g. n1-standard-1).

If unspecified, the default machine type is n1-standard-1.

Size of the disk attached to each node, specified in GB. The smallest allowed disk size is 10GB.

If unspecified, the default disk size is 100GB.

The set of Google API scopes to be made available on all of the node VMs under the "default" service account.

The following scopes are recommended, but not required, and by default are not included:

• https://www.googleapis.com/auth/compute is required for mounting persistent storage on your nodes.
• https://www.googleapis.com/auth/devstorage.read_only is required for communicating with gcr.io (the Google Container Registry).

If unspecified, no scopes are added, unless Cloud Logging or Cloud Monitoring are enabled, in which case their required scopes will be added.

The Google Cloud Platform Service Account to be used by the node VMs. If no Service Account is specified, the "default" service account is used.

The metadata key/value pairs assigned to instances in the cluster.

Keys must conform to the regexp [a-zA-Z0-9-_]+ and be less than 128 bytes in length. These are reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project or be one of the reserved keys: "cluster-location" "cluster-name" "cluster-uid" "configure-sh" "containerd-configure-sh" "enable-os-login" "gci-update-strategy" "gci-ensure-gke-docker" "instance-template" "kube-env" "startup-script" "user-data" "disable-address-manager" "windows-startup-script-ps1" "common-psm1" "k8s-node-setup-psm1" "install-ssh-psm1" "user-profile-psm1" "serial-port-logging-enable"

Values are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on them is that each value's size must be less than or equal to 32 KB.

The total size of all keys and values must be less than 512 KB.

The image type to use for this node. Note that for a given image type, the latest version of it will be used.

The map of Kubernetes labels (key/value pairs) to be applied to each node. These will added in addition to any default label(s) that Kubernetes may apply to the node. In case of conflict in label keys, the applied set may differ depending on the Kubernetes version -- it's best to assume the behavior is undefined and conflicts should be avoided. For more information, including usage and the valid values, see: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/

The number of local SSD disks to be attached to the node.

The limit for this value is dependent upon the maximum number of disks available on a machine per zone. See: https://cloud.google.com/compute/docs/disks/local-ssd for more information.

The list of instance tags applied to all nodes. Tags are used to identify valid sources or targets for network firewalls and are specified by the client during cluster or node pool creation. Each tag within the list must comply with RFC1035.

Whether the nodes are created as preemptible VM instances. See: https://cloud.google.com/compute/docs/instances/preemptible for more information about preemptible VM instances.

A list of hardware accelerators to be attached to each node. See https://cloud.google.com/compute/docs/gpus for more information about support for GPUs.

This object should have the same structure as AcceleratorConfig

Type of the disk attached to each node (e.g. 'pd-standard' or 'pd-ssd')

If unspecified, the default disk type is 'pd-standard'

Minimum CPU platform to be used by this instance. The instance may be scheduled on the specified or newer CPU platform. Applicable values are the friendly names of CPU platforms, such as minCpuPlatform: "Intel Haswell" or minCpuPlatform: "Intel Sandy Bridge". For more information, read how to specify min CPU platform

List of kubernetes taints to be applied to each node.

For more information, including usage and the valid values, see: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/

This object should have the same structure as NodeTaint

Shielded Instance options.

This object should have the same structure as ShieldedInstanceConfig

A flag that specifies whether node auto-upgrade is enabled for the node pool. If enabled, node auto-upgrade helps keep the nodes in your node pool up to date with the latest release version of Kubernetes.

A flag that specifies whether the node auto-repair is enabled for the node pool. If enabled, the nodes in this node pool will be monitored and, if they fail health checks too many times, an automatic repair action will be triggered.

Specifies the Auto Upgrade knobs for the node pool.

This object should have the same structure as AutoUpgradeOptions

The name of the node pool.

The node configuration of the pool.

This object should have the same structure as NodeConfig

The initial node count for the pool. You must ensure that your Compute Engine resource quota is sufficient for this number of instances. You must also have available firewall and routes quota.

[Output only] Server-defined URL for the resource.

The version of the Kubernetes of this node.

[Output only] The resource URLs of the managed instance groups associated with this node pool.

[Output only] The status of the nodes in this pool instance.

The number should be among the values of Status

[Output only] Additional information about the current status of this node pool instance, if available.

Autoscaler configuration for this NodePool. Autoscaler is enabled only if a valid configuration is present.

This object should have the same structure as NodePoolAutoscaling

NodeManagement configuration for this NodePool.

This object should have the same structure as NodeManagement

The constraint on the maximum number of pods that can be run simultaneously on a node in the node pool.

This object should have the same structure as MaxPodsConstraint

Which conditions caused the current node pool state.

This object should have the same structure as StatusCondition

[Output only] The pod CIDR block size per node in this node pool.

Is autoscaling enabled for this node pool.

Minimum number of nodes in the NodePool. Must be >= 1 and <= max_node_count.

Maximum number of nodes in the NodePool. Must be >= min_node_count. There has to enough quota to scale up the cluster.

Can this node pool be deleted automatically.

Key for taint.

Value for taint.

Effect for taint.

The number should be among the values of Effect

The server-assigned ID for the operation.

The name of the Google Compute Engine zone in which the operation is taking place. This field is deprecated, use location instead.

The operation type.

The number should be among the values of Type

The current status of the operation.

The number should be among the values of Status

Detailed operation progress, if available.

If an error has occurred, a textual description of the error.

Server-defined URL for the resource.

Server-defined URL for the target of the operation.

[Output only] The name of the Google Compute Engine zone or region in which the cluster resides.

[Output only] The time the operation started, in RFC3339 text format.

[Output only] The time the operation completed, in RFC3339 text format.

Which conditions caused the current cluster state.

This object should have the same structure as StatusCondition

Which conditions caused the current node pool state.

This object should have the same structure as StatusCondition

Whether nodes have internal IP addresses only. If enabled, all nodes are given only RFC 1918 private addresses and communicate with the master via private networking.

Whether the master's internal IP address is used as the cluster endpoint.

The IP range in CIDR notation to use for the hosted master network. This range will be used for assigning internal IP addresses to the master or set of masters, as well as the ILB VIP. This range must not overlap with any other ranges in use within the cluster's network.

Output only. The internal IP address of this cluster's master endpoint.

Output only. The external IP address of this cluster's master endpoint.

The window of the first recurrence.

This object should have the same structure as TimeWindow

An RRULE (https://tools.ietf.org/html/rfc5545#section-3.8.5.3) for how this window reccurs. They go on for the span of time between the start and end time.

For example, to have something repeat every weekday, you'd use: FREQ=WEEKLY;BYDAY=MO,TU,WE,TH,FR To repeat some window daily (equivalent to the DailyMaintenanceWindow): FREQ=DAILY For the first weekend of every month: FREQ=MONTHLY;BYSETPOS=1;BYDAY=SA,SU This specifies how frequently the window starts. Eg, if you wanted to have a 9-5 UTC-4 window every weekday, you'd use something like: start time = 2019-01-01T09:00:00-0400 end time = 2019-01-01T17:00:00-0400 recurrence = FREQ=WEEKLY;BYDAY=MO,TU,WE,TH,FR Windows can span multiple days. Eg, to make the window encompass every weekend from midnight Saturday till the last minute of Sunday UTC: start time = 2019-01-05T00:00:00Z end time = 2019-01-07T23:59:00Z recurrence = FREQ=WEEKLY;BYDAY=SA Note the start and end time's specific dates are largely arbitrary except to specify duration of the window and when it first starts. The FREQ values of HOURLY, MINUTELY, and SECONDLY are not supported.

Resource name "cpu", "memory" or gpu-specific string.

Minimum amount of the resource in the cluster.

Maximum amount of the resource in the cluster.

Configuration to use BigQuery as usage export destination.

This object should have the same structure as BigQueryDestination

Whether to enable network egress metering for this cluster. If enabled, a daemonset will be created in the cluster to meter network egress traffic.

Configuration to enable resource consumption metering.

This object should have the same structure as ConsumptionMeteringConfig

Required. Deprecated. The Google Developers Console project ID or project number. This field has been deprecated and replaced by the name field.

Required. Deprecated. The name of the Google Compute Engine zone in which the cluster resides. This field has been deprecated and replaced by the name field.

Required. Deprecated. The name of the cluster to rollback. This field has been deprecated and replaced by the name field.

Required. Deprecated. The name of the node pool to rollback. This field has been deprecated and replaced by the name field.

The name (project, location, cluster, node pool id) of the node poll to rollback upgrade. Specified in the format 'projects/* /locations/* /clusters/* /nodePools/*'.

Version of Kubernetes the service deploys by default.

List of valid node upgrade target versions.

Default image type.

List of valid image types.

List of valid master versions.

Required. Deprecated. The Google Developers Console project ID or project number. This field has been deprecated and replaced by the name field.

Required. Deprecated. The name of the Google Compute Engine zone in which the cluster resides. This field has been deprecated and replaced by the name field.

Required. Deprecated. The name of the cluster to upgrade. This field has been deprecated and replaced by the name field.

Required. The desired configurations for the various addons available to run in the cluster.

This object should have the same structure as AddonsConfig

The name (project, location, cluster) of the cluster to set addons. Specified in the format 'projects/* /locations/* /clusters/*'.

Required. Deprecated. The Google Developers Console project ID or project number. This field has been deprecated and replaced by the name field.

Required. Deprecated. The name of the Google Compute Engine zone in which the cluster resides. This field has been deprecated and replaced by the name field.

Required. Deprecated. The name of the cluster. This field has been deprecated and replaced by the name field.

Required. The labels to set for that cluster.

Required. The fingerprint of the previous set of labels for this resource, used to detect conflicts. The fingerprint is initially generated by Kubernetes Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash when updating or changing labels. Make a get() request to the resource to get the latest fingerprint.

The name (project, location, cluster id) of the cluster to set labels. Specified in the format 'projects/* /locations/* /clusters/*'.

Required. Deprecated. The Google Developers Console project ID or project number. This field has been deprecated and replaced by the name field.

Required. Deprecated. The name of the Google Compute Engine zone in which the cluster resides. This field has been deprecated and replaced by the name field.

Required. Deprecated. The name of the cluster to update. This field has been deprecated and replaced by the name field.

Required. Whether ABAC authorization will be enabled in the cluster.

The name (project, location, cluster id) of the cluster to set legacy abac. Specified in the format 'projects/* /locations/* /clusters/*'.

Required. Deprecated. The Google Developers Console project ID or project number. This field has been deprecated and replaced by the name field.

Required. Deprecated. The name of the Google Compute Engine zone in which the cluster resides. This field has been deprecated and replaced by the name field.

Required. Deprecated. The name of the cluster to upgrade. This field has been deprecated and replaced by the name field.

Required. The desired list of Google Compute Engine zones in which the cluster's nodes should be located. Changing the locations a cluster is in will result in nodes being either created or removed from the cluster, depending on whether locations are being added or removed.

This list must always include the cluster's primary zone.

The name (project, location, cluster) of the cluster to set locations. Specified in the format 'projects/* /locations/* /clusters/*'.

Required. Deprecated. The Google Developers Console project ID or project number. This field has been deprecated and replaced by the name field.

Required. Deprecated. The name of the Google Compute Engine zone in which the cluster resides. This field has been deprecated and replaced by the name field.

Required. Deprecated. The name of the cluster to upgrade. This field has been deprecated and replaced by the name field.

Required. The logging service the cluster should use to write metrics. Currently available options:

• "logging.googleapis.com" - the Google Cloud Logging service
• "none" - no metrics will be exported from the cluster

The name (project, location, cluster) of the cluster to set logging. Specified in the format 'projects/* /locations/* /clusters/*'.

Required. The Google Developers Console project ID or project number.

Required. The name of the Google Compute Engine zone in which the cluster resides.

Required. The name of the cluster to update.

Required. The maintenance policy to be set for the cluster. An empty field clears the existing maintenance policy.

This object should have the same structure as MaintenancePolicy

The name (project, location, cluster id) of the cluster to set maintenance policy. Specified in the format 'projects/* /locations/* /clusters/*'.

Required. Deprecated. The Google Developers Console project ID or project number. This field has been deprecated and replaced by the name field.

Required. Deprecated. The name of the Google Compute Engine zone in which the cluster resides. This field has been deprecated and replaced by the name field.

Required. Deprecated. The name of the cluster to upgrade. This field has been deprecated and replaced by the name field.

Required. The exact form of action to be taken on the master auth.

The number should be among the values of Action

Required. A description of the update.

This object should have the same structure as MasterAuth

The name (project, location, cluster) of the cluster to set auth. Specified in the format 'projects/* /locations/* /clusters/*'.

Required. Deprecated. The Google Developers Console project ID or project number. This field has been deprecated and replaced by the name field.

Required. Deprecated. The name of the Google Compute Engine zone in which the cluster resides. This field has been deprecated and replaced by the name field.

Required. Deprecated. The name of the cluster to upgrade. This field has been deprecated and replaced by the name field.

Required. The monitoring service the cluster should use to write metrics. Currently available options:

• "monitoring.googleapis.com/kubernetes" - the Google Cloud Monitoring service with Kubernetes-native resource model
• "monitoring.googleapis.com" - the Google Cloud Monitoring service
• "none" - no metrics will be exported from the cluster

The name (project, location, cluster) of the cluster to set monitoring. Specified in the format 'projects/* /locations/* /clusters/*'.

Required. Deprecated. The Google Developers Console project ID or project number. This field has been deprecated and replaced by the name field.

Required. Deprecated. The name of the Google Compute Engine zone in which the cluster resides. This field has been deprecated and replaced by the name field.

Required. Deprecated. The name of the cluster. This field has been deprecated and replaced by the name field.

Required. Configuration options for the NetworkPolicy feature.

This object should have the same structure as NetworkPolicy

The name (project, location, cluster id) of the cluster to set networking policy. Specified in the format 'projects/* /locations/* /clusters/*'.

Required. Deprecated. The Google Developers Console project ID or project number. This field has been deprecated and replaced by the name field.

Required. Deprecated. The name of the Google Compute Engine zone in which the cluster resides. This field has been deprecated and replaced by the name field.

Required. Deprecated. The name of the cluster to upgrade. This field has been deprecated and replaced by the name field.

Required. Deprecated. The name of the node pool to upgrade. This field has been deprecated and replaced by the name field.

Required. Autoscaling configuration for the node pool.

This object should have the same structure as NodePoolAutoscaling

The name (project, location, cluster, node pool) of the node pool to set autoscaler settings. Specified in the format 'projects/* /locations/* /clusters/* /nodePools/*'.

Required. Deprecated. The Google Developers Console project ID or project number. This field has been deprecated and replaced by the name field.

Required. Deprecated. The name of the Google Compute Engine zone in which the cluster resides. This field has been deprecated and replaced by the name field.

Required. Deprecated. The name of the cluster to update. This field has been deprecated and replaced by the name field.

Required. Deprecated. The name of the node pool to update. This field has been deprecated and replaced by the name field.

Required. NodeManagement configuration for the node pool.

This object should have the same structure as NodeManagement

The name (project, location, cluster, node pool id) of the node pool to set management properties. Specified in the format 'projects/* /locations/* /clusters/* /nodePools/*'.

Required. Deprecated. The Google Developers Console project ID or project number. This field has been deprecated and replaced by the name field.

Required. Deprecated. The name of the Google Compute Engine zone in which the cluster resides. This field has been deprecated and replaced by the name field.

Required. Deprecated. The name of the cluster to update. This field has been deprecated and replaced by the name field.

Required. Deprecated. The name of the node pool to update. This field has been deprecated and replaced by the name field.

Required. The desired node count for the pool.

The name (project, location, cluster, node pool id) of the node pool to set size. Specified in the format 'projects/* /locations/* /clusters/* /nodePools/*'.

Defines whether the instance has Secure Boot enabled.

Secure Boot helps ensure that the system only runs authentic software by verifying the digital signature of all boot components, and halting the boot process if signature verification fails.

Defines whether the instance has integrity monitoring enabled.

Enables monitoring and attestation of the boot integrity of the instance. The attestation is performed against the integrity policy baseline. This baseline is initially derived from the implicitly trusted boot image when the instance is created.

Required. Deprecated. The Google Developers Console project ID or project number. This field has been deprecated and replaced by the name field.

Required. Deprecated. The name of the Google Compute Engine zone in which the cluster resides. This field has been deprecated and replaced by the name field.

Required. Deprecated. The name of the cluster. This field has been deprecated and replaced by the name field.

The name (project, location, cluster id) of the cluster to start IP rotation. Specified in the format 'projects/* /locations/* /clusters/*'.

Whether to rotate credentials during IP rotation.

Machine-friendly representation of the condition

The number should be among the values of Code

Human-friendly representation of the condition

The time that the window first starts.

This object should have the same structure as Timestamp

The time that the window ends. The end time should take place after the start time.

This object should have the same structure as Timestamp

Required. Deprecated. The Google Developers Console project ID or project number. This field has been deprecated and replaced by the name field.

Required. Deprecated. The name of the Google Compute Engine zone in which the cluster resides. This field has been deprecated and replaced by the name field.

Required. Deprecated. The name of the cluster to upgrade. This field has been deprecated and replaced by the name field.

Required. A description of the update.

This object should have the same structure as ClusterUpdate

The name (project, location, cluster) of the cluster to update. Specified in the format 'projects/* /locations/* /clusters/*'.

Required. Deprecated. The Google Developers Console project ID or project number. This field has been deprecated and replaced by the name field.

Required. Deprecated. The name of the Google Compute Engine zone in which the cluster resides. This field has been deprecated and replaced by the name field.

Required. Deprecated. The name of the cluster to upgrade. This field has been deprecated and replaced by the name field.

Required. The Kubernetes version to change the master to.

Users may specify either explicit versions offered by Kubernetes Engine or version aliases, which have the following behavior:

• "latest": picks the highest valid Kubernetes version
• "1.X": picks the highest valid patch+gke.N patch in the 1.X version
• "1.X.Y": picks the highest valid gke.N patch in the 1.X.Y version
• "1.X.Y-gke.N": picks an explicit Kubernetes version
• "-": picks the default Kubernetes version

The name (project, location, cluster) of the cluster to update. Specified in the format 'projects/* /locations/* /clusters/*'.

Required. Deprecated. The Google Developers Console project ID or project number. This field has been deprecated and replaced by the name field.

Required. Deprecated. The name of the Google Compute Engine zone in which the cluster resides. This field has been deprecated and replaced by the name field.

Required. Deprecated. The name of the cluster to upgrade. This field has been deprecated and replaced by the name field.

Required. Deprecated. The name of the node pool to upgrade. This field has been deprecated and replaced by the name field.

Required. The Kubernetes version to change the nodes to (typically an upgrade).

Users may specify either explicit versions offered by Kubernetes Engine or version aliases, which have the following behavior:

• "latest": picks the highest valid Kubernetes version
• "1.X": picks the highest valid patch+gke.N patch in the 1.X version
• "1.X.Y": picks the highest valid gke.N patch in the 1.X.Y version
• "1.X.Y-gke.N": picks an explicit Kubernetes version
• "-": picks the Kubernetes master version

Required. The desired image type for the node pool.

The name (project, location, cluster, node pool) of the node pool to update. Specified in the format 'projects/* /locations/* /clusters/* /nodePools/*'.

Subnetwork Name. Example: projects/my-project/regions/us-central1/subnetworks/my-subnet

Network Name. Example: projects/my-project/global/networks/my-network

The range of internal addresses that are owned by this subnetwork.

Secondary IP ranges.

This object should have the same structure as UsableSubnetworkSecondaryRange

A human readable status message representing the reasons for cases where the caller cannot use the secondary ranges under the subnet. For example if the secondary_ip_ranges is empty due to a permission issue, an insufficient permission message will be given by status_message.

The name associated with this subnetwork secondary range, used when adding an alias IP range to a VM instance.

The range of IP addresses belonging to this subnetwork secondary range.

This field is to determine the status of the secondary range programmably.

The number should be among the values of Status

Enables vertical pod autoscaling.