Merge pull request #16108 from kubernetes/dependencies/update-1700201201

Update dependencies

go.mod

@@ -14,10 +14,10 @@ require (
 	github.com/Masterminds/sprig/v3 v3.2.3
 	github.com/apparentlymart/go-cidr v1.1.0
 	github.com/aws/amazon-ec2-instance-selector/v2 v2.4.1
-	github.com/aws/aws-sdk-go v1.47.8
+	github.com/aws/aws-sdk-go v1.47.13
 	github.com/blang/semver/v4 v4.0.0
 	github.com/cert-manager/cert-manager v1.13.2
-	github.com/digitalocean/godo v1.105.1
+	github.com/digitalocean/godo v1.106.0
 	github.com/go-ini/ini v1.67.0
 	github.com/go-logr/logr v1.3.0
 	github.com/gogo/protobuf v1.3.2
@@ -43,30 +43,30 @@ require (
 	github.com/weaveworks/mesh v0.0.0-20191105120815-58dbcc3e8e63
 	go.uber.org/multierr v1.11.0
 	golang.org/x/crypto v0.15.0
-	golang.org/x/exp v0.0.0-20231108232855-2478ac86f678
+	golang.org/x/exp v0.0.0-20231110203233-9a3e6036ecaa
 	golang.org/x/net v0.18.0
 	golang.org/x/oauth2 v0.14.0
 	golang.org/x/sync v0.5.0
 	golang.org/x/sys v0.14.0
-	google.golang.org/api v0.150.0
+	google.golang.org/api v0.151.0
 	google.golang.org/grpc v1.59.0
 	google.golang.org/protobuf v1.31.0
 	gopkg.in/gcfg.v1 v1.2.3
 	gopkg.in/inf.v0 v0.9.1
 	gopkg.in/square/go-jose.v2 v2.6.0
 	helm.sh/helm/v3 v3.13.2
-	k8s.io/api v0.28.3
+	k8s.io/api v0.28.4
-	k8s.io/apimachinery v0.28.3
+	k8s.io/apimachinery v0.28.4
-	k8s.io/cli-runtime v0.28.3
+	k8s.io/cli-runtime v0.28.4
-	k8s.io/client-go v0.28.3
+	k8s.io/client-go v0.28.4
 	k8s.io/cloud-provider-aws v1.28.2
 	k8s.io/cloud-provider-gcp/providers v0.27.1
-	k8s.io/component-base v0.28.3
+	k8s.io/component-base v0.28.4
 	k8s.io/gengo v0.0.0-20230829151522-9cce18d56c01
 	k8s.io/klog/v2 v2.110.1
-	k8s.io/kubectl v0.28.3
+	k8s.io/kubectl v0.28.4
-	k8s.io/kubelet v0.28.3
+	k8s.io/kubelet v0.28.4
-	k8s.io/mount-utils v0.28.3
+	k8s.io/mount-utils v0.28.4
 	k8s.io/utils v0.0.0-20230726121419-3b25d923346b
 	sigs.k8s.io/controller-runtime v0.16.3
 	sigs.k8s.io/structured-merge-diff/v4 v4.4.1
@@ -227,7 +227,7 @@ require (
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 	k8s.io/apiextensions-apiserver v0.28.3 // indirect
 	k8s.io/cloud-provider v0.28.3 // indirect
-	k8s.io/component-helpers v0.28.3 // indirect
+	k8s.io/component-helpers v0.28.4 // indirect
 	k8s.io/csi-translation-lib v0.28.3 // indirect
 	k8s.io/klog v1.0.0 // indirect
 	k8s.io/kube-openapi v0.0.0-20230905202853-d090da108d2f // indirect

go.sum

@@ -128,8 +128,8 @@ github.com/atotto/clipboard v0.1.4 h1:EH0zSVneZPSuFR11BlR9YppQTVDbh5+16AmcJi4g1z
 github.com/atotto/clipboard v0.1.4/go.mod h1:ZY9tmq7sm5xIbd9bOK4onWV4S6X0u6GY7Vn0Yu86PYI=
 github.com/aws/amazon-ec2-instance-selector/v2 v2.4.1 h1:DmxtwV+pkakkVRhxKcAgnLbxCxvT7k8DBG271dfKPZ8=
 github.com/aws/amazon-ec2-instance-selector/v2 v2.4.1/go.mod h1:AEJrtkLkCkfIBIazidrVrgZqaXl+9dxI/wRgjdw+7G0=
-github.com/aws/aws-sdk-go v1.47.8 h1:VCFyO5UTREnhR0HRf9roqFfJeeRVin58zUy+pBMhwjY=
+github.com/aws/aws-sdk-go v1.47.13 h1:pJgCtldg5azDAFoEcE0fz6n+FnCc1/FY4krtUa5uvZQ=
-github.com/aws/aws-sdk-go v1.47.8/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk=
+github.com/aws/aws-sdk-go v1.47.13/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk=
 github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q=
 github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8=
 github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM=
@@ -191,8 +191,8 @@ github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSs
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM=
 github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
-github.com/digitalocean/godo v1.105.1 h1:3FjFDurw7po27Y0uHhdR+EvwNil06KCeu1Nx/0jZbmI=
+github.com/digitalocean/godo v1.106.0 h1:m5iErwl3xHovGFlawd50n54ntgXHt1BLsvU6BXsVxEU=
-github.com/digitalocean/godo v1.105.1/go.mod h1:R6EmmWI8CT1+fCtjWY9UCB+L5uufuZH13wk3YhxycCs=
+github.com/digitalocean/godo v1.106.0/go.mod h1:R6EmmWI8CT1+fCtjWY9UCB+L5uufuZH13wk3YhxycCs=
 github.com/dimchansky/utfbom v1.1.1 h1:vV6w1AhK4VMnhBno/TPVCoK9U/LP0PkLCS9tbxHdi/U=
 github.com/dimchansky/utfbom v1.1.1/go.mod h1:SxdoEBH5qIqFocHMyGOXVAybYJdr71b1Q/j0mACtrfE=
 github.com/distribution/distribution/v3 v3.0.0-20221208165359-362910506bc2 h1:aBfCb7iqHmDEIp6fBvC/hQUddQfg+3qdYjwzaiP9Hnc=
@@ -777,8 +777,8 @@ golang.org/x/exp v0.0.0-20191227195350-da58074b4299/go.mod h1:2RIsYlXP63K8oxa1u0
 golang.org/x/exp v0.0.0-20200119233911-0405dc783f0a/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4=
 golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EHIKF9dgMWnmCNThgcyBT1FY9mM=
 golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU=
-golang.org/x/exp v0.0.0-20231108232855-2478ac86f678 h1:mchzmB1XO2pMaKFRqk/+MV3mgGG96aqaPXaMifQU47w=
+golang.org/x/exp v0.0.0-20231110203233-9a3e6036ecaa h1:FRnLl4eNAQl8hwxVVC17teOw8kdjVDVAiFMtgUdTSRQ=
-golang.org/x/exp v0.0.0-20231108232855-2478ac86f678/go.mod h1:zk2irFbV9DP96SEBUUAy67IdHUaZuSnrz1n472HUCLE=
+golang.org/x/exp v0.0.0-20231110203233-9a3e6036ecaa/go.mod h1:zk2irFbV9DP96SEBUUAy67IdHUaZuSnrz1n472HUCLE=
 golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js=
 golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0=
 golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
@@ -1083,8 +1083,8 @@ google.golang.org/api v0.55.0/go.mod h1:38yMfeP1kfjsl8isn0tliTjIb1rJXcQi4UXlbqiv
 google.golang.org/api v0.56.0/go.mod h1:38yMfeP1kfjsl8isn0tliTjIb1rJXcQi4UXlbqivdVE=
 google.golang.org/api v0.57.0/go.mod h1:dVPlbZyBo2/OjBpmvNdpn2GRm6rPy75jyU7bmhdrMgI=
 google.golang.org/api v0.60.0/go.mod h1:d7rl65NZAkEQ90JFzqBjcRq1TVeG5ZoGV3sSpEnnVb4=
-google.golang.org/api v0.150.0 h1:Z9k22qD289SZ8gCJrk4DrWXkNjtfvKAUo/l1ma8eBYE=
+google.golang.org/api v0.151.0 h1:FhfXLO/NFdJIzQtCqjpysWwqKk8AzGWBUhMIx67cVDU=
-google.golang.org/api v0.150.0/go.mod h1:ccy+MJ6nrYFgE3WgRx/AMXOxOmU8Q4hSa+jjibzhxcg=
+google.golang.org/api v0.151.0/go.mod h1:ccy+MJ6nrYFgE3WgRx/AMXOxOmU8Q4hSa+jjibzhxcg=
 google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM=
 google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
 google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
@@ -1241,26 +1241,26 @@ honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWh
 honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg=
 honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
 honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
-k8s.io/api v0.28.3 h1:Gj1HtbSdB4P08C8rs9AR94MfSGpRhJgsS+GF9V26xMM=
+k8s.io/api v0.28.4 h1:8ZBrLjwosLl/NYgv1P7EQLqoO8MGQApnbgH8tu3BMzY=
-k8s.io/api v0.28.3/go.mod h1:MRCV/jr1dW87/qJnZ57U5Pak65LGmQVkKTzf3AtKFHc=
+k8s.io/api v0.28.4/go.mod h1:axWTGrY88s/5YE+JSt4uUi6NMM+gur1en2REMR7IRj0=
 k8s.io/apiextensions-apiserver v0.28.3 h1:Od7DEnhXHnHPZG+W9I97/fSQkVpVPQx2diy+2EtmY08=
 k8s.io/apiextensions-apiserver v0.28.3/go.mod h1:NE1XJZ4On0hS11aWWJUTNkmVB03j9LM7gJSisbRt8Lc=
-k8s.io/apimachinery v0.28.3 h1:B1wYx8txOaCQG0HmYF6nbpU8dg6HvA06x5tEffvOe7A=
+k8s.io/apimachinery v0.28.4 h1:zOSJe1mc+GxuMnFzD4Z/U1wst50X28ZNsn5bhgIIao8=
-k8s.io/apimachinery v0.28.3/go.mod h1:uQTKmIqs+rAYaq+DFaoD2X7pcjLOqbQX2AOiO0nIpb8=
+k8s.io/apimachinery v0.28.4/go.mod h1:wI37ncBvfAoswfq626yPTe6Bz1c22L7uaJ8dho83mgg=
-k8s.io/cli-runtime v0.28.3 h1:lvuJYVkwCqHEvpS6KuTZsUVwPePFjBfSGvuaLl2SxzA=
+k8s.io/cli-runtime v0.28.4 h1:IW3aqSNFXiGDllJF4KVYM90YX4cXPGxuCxCVqCD8X+Q=
-k8s.io/cli-runtime v0.28.3/go.mod h1:jeX37ZPjIcENVuXDDTskG3+FnVuZms5D9omDXS/2Jjc=
+k8s.io/cli-runtime v0.28.4/go.mod h1:MLGRB7LWTIYyYR3d/DOgtUC8ihsAPA3P8K8FDNIqJ0k=
-k8s.io/client-go v0.28.3 h1:2OqNb72ZuTZPKCl+4gTKvqao0AMOl9f3o2ijbAj3LI4=
+k8s.io/client-go v0.28.4 h1:Np5ocjlZcTrkyRJ3+T3PkXDpe4UpatQxj85+xjaD2wY=
-k8s.io/client-go v0.28.3/go.mod h1:LTykbBp9gsA7SwqirlCXBWtK0guzfhpoW4qSm7i9dxo=
+k8s.io/client-go v0.28.4/go.mod h1:0VDZFpgoZfelyP5Wqu0/r/TRYcLYuJ2U1KEeoaPa1N4=
 k8s.io/cloud-provider v0.28.3 h1:9u+JjA3zIn0nqLOOa8tWnprFkffguSAhfBvo8p7LhBQ=
 k8s.io/cloud-provider v0.28.3/go.mod h1:shAJxdrKu+SwwGUhkodxByPjaH8KBFZqXo6jU1F0ehI=
 k8s.io/cloud-provider-aws v1.28.2 h1:k/ub5dRJSxE1a+caZcXUoV9+f5Tfttc7sR58Jp22g50=
 k8s.io/cloud-provider-aws v1.28.2/go.mod h1:Q/lMMqIYXVv2GFQPtPIYcKqzIS7EWTM9DuiLlLZ5Y5E=
 k8s.io/cloud-provider-gcp/providers v0.27.1 h1:dHBfDCVqu+AhC8JRt1tGJdm7MGwxUwPNwauO6Jx3DSo=
 k8s.io/cloud-provider-gcp/providers v0.27.1/go.mod h1:nJpF5c121eZ73gPrKaLmj4D1HC0Yr6hdyprCKLMH7Ug=
-k8s.io/component-base v0.28.3 h1:rDy68eHKxq/80RiMb2Ld/tbH8uAE75JdCqJyi6lXMzI=
+k8s.io/component-base v0.28.4 h1:c/iQLWPdUgI90O+T9TeECg8o7N3YJTiuz2sKxILYcYo=
-k8s.io/component-base v0.28.3/go.mod h1:fDJ6vpVNSk6cRo5wmDa6eKIG7UlIQkaFmZN2fYgIUD8=
+k8s.io/component-base v0.28.4/go.mod h1:m9hR0uvqXDybiGL2nf/3Lf0MerAfQXzkfWhUY58JUbU=
-k8s.io/component-helpers v0.28.3 h1:te9ieTGzcztVktUs92X53P6BamAoP73MK0qQP0WmDqc=
+k8s.io/component-helpers v0.28.4 h1:+X9VXT5+jUsRdC26JyMZ8Fjfln7mSjgumafocE509C4=
-k8s.io/component-helpers v0.28.3/go.mod h1:oJR7I9ist5UAQ3y/CTdbw6CXxdMZ1Lw2Ua/EZEwnVLs=
+k8s.io/component-helpers v0.28.4/go.mod h1:8LzMalOQ0K10tkBJWBWq8h0HTI9HDPx4WT3QvTFn9Ro=
 k8s.io/csi-translation-lib v0.28.3 h1:7deV+HZjV418AGikSDPW8dyzTpm4K3tNbQUp3KmR7cs=
 k8s.io/csi-translation-lib v0.28.3/go.mod h1:zlrYwakCz2yji9/8EaJk+afIKPrYXPNXXLDO8DVuuTk=
 k8s.io/gengo v0.0.0-20230829151522-9cce18d56c01 h1:pWEwq4Asjm4vjW7vcsmijwBhOr1/shsbSYiWXmNGlks=
@@ -1274,12 +1274,12 @@ k8s.io/klog/v2 v2.110.1 h1:U/Af64HJf7FcwMcXyKm2RPM22WZzyR7OSpYj5tg3cL0=
 k8s.io/klog/v2 v2.110.1/go.mod h1:YGtd1984u+GgbuZ7e08/yBuAfKLSO0+uR1Fhi6ExXjo=
 k8s.io/kube-openapi v0.0.0-20230905202853-d090da108d2f h1:eeEUOoGYWhOz7EyXqhlR2zHKNw2mNJ9vzJmub6YN6kk=
 k8s.io/kube-openapi v0.0.0-20230905202853-d090da108d2f/go.mod h1:AsvuZPBlUDVuCdzJ87iajxtXuR9oktsTctW/R9wwouA=
-k8s.io/kubectl v0.28.3 h1:H1Peu1O3EbN9zHkJCcvhiJ4NUj6lb88sGPO5wrWIM6k=
+k8s.io/kubectl v0.28.4 h1:gWpUXW/T7aFne+rchYeHkyB8eVDl5UZce8G4X//kjUQ=
-k8s.io/kubectl v0.28.3/go.mod h1:RDAudrth/2wQ3Sg46fbKKl4/g+XImzvbsSRZdP2RiyE=
+k8s.io/kubectl v0.28.4/go.mod h1:CKOccVx3l+3MmDbkXtIUtibq93nN2hkDR99XDCn7c/c=
-k8s.io/kubelet v0.28.3 h1:bp/uIf1R5F61BlFvFtzc4PDEiK7TtFcw3wFJlc0V0LM=
+k8s.io/kubelet v0.28.4 h1:Ypxy1jaFlSXFXbg/yVtFOU2ZxErBVRJfLu8+t4s7Dtw=
-k8s.io/kubelet v0.28.3/go.mod h1:E3NHYbp/v45Ao6AD0EOZnqO3L0R6Haks6Nm0+bnFwtU=
+k8s.io/kubelet v0.28.4/go.mod h1:w1wPI12liY/aeC70nqKYcNNkr6/nbyvdMB7P7wmww2o=
-k8s.io/mount-utils v0.28.3 h1:1p6Dk2QhoK0IYOee2MOec/90a7fC0yUqlWPfQy/4JFE=
+k8s.io/mount-utils v0.28.4 h1:5GOZLm2dXi2fr+MKY8hS6kdV5reXrZBiK7848O5MVD0=
-k8s.io/mount-utils v0.28.3/go.mod h1:ceMAZ+Nzlk8zOwN205YXXGJRGmf1o0/XIwsKnG44p0I=
+k8s.io/mount-utils v0.28.4/go.mod h1:ceMAZ+Nzlk8zOwN205YXXGJRGmf1o0/XIwsKnG44p0I=
 k8s.io/utils v0.0.0-20230726121419-3b25d923346b h1:sgn3ZU783SCgtaSJjpcVVlRqd6GSnlTLKgpAAttJvpI=
 k8s.io/utils v0.0.0-20230726121419-3b25d923346b/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0=
 oras.land/oras-go v1.2.4 h1:djpBY2/2Cs1PV87GSJlxv4voajVOMZxqqtq9AB8YNvY=

tests/e2e/go.mod

@@ -12,8 +12,8 @@ require (
 	github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510
 	github.com/octago/sflags v0.2.0
 	github.com/spf13/pflag v1.0.5
-	k8s.io/api v0.28.3
+	k8s.io/api v0.28.4
-	k8s.io/apimachinery v0.28.3
+	k8s.io/apimachinery v0.28.4
 	k8s.io/client-go v11.0.1-0.20190805182717-6502b5e7b1b5+incompatible
 	k8s.io/klog/v2 v2.110.1
 	k8s.io/kops v1.24.1
@@ -66,7 +66,7 @@ require (
 	github.com/aliyun/credentials-go v1.2.3 // indirect
 	github.com/apparentlymart/go-cidr v1.1.0 // indirect
 	github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 // indirect
-	github.com/aws/aws-sdk-go v1.47.8 // indirect
+	github.com/aws/aws-sdk-go v1.47.13 // indirect
 	github.com/aws/aws-sdk-go-v2 v1.18.1 // indirect
 	github.com/aws/aws-sdk-go-v2/config v1.18.27 // indirect
 	github.com/aws/aws-sdk-go-v2/credentials v1.13.26 // indirect
@@ -257,7 +257,7 @@ require (
 	go.uber.org/zap v1.24.0 // indirect
 	go4.org v0.0.0-20201209231011-d4a079459e60 // indirect
 	golang.org/x/crypto v0.15.0 // indirect
-	golang.org/x/exp v0.0.0-20231108232855-2478ac86f678 // indirect
+	golang.org/x/exp v0.0.0-20231110203233-9a3e6036ecaa // indirect
 	golang.org/x/mod v0.14.0 // indirect
 	golang.org/x/net v0.18.0 // indirect
 	golang.org/x/oauth2 v0.14.0 // indirect
@@ -269,7 +269,7 @@ require (
 	golang.org/x/tools v0.15.0 // indirect
 	golang.org/x/tools/go/vcs v0.1.0-deprecated // indirect
 	golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2 // indirect
-	google.golang.org/api v0.150.0 // indirect
+	google.golang.org/api v0.151.0 // indirect
 	google.golang.org/appengine v1.6.7 // indirect
 	google.golang.org/genproto v0.0.0-20231016165738-49dd2c1f3d0b // indirect
 	google.golang.org/genproto/googleapis/api v0.0.0-20231016165738-49dd2c1f3d0b // indirect
@@ -285,7 +285,7 @@ require (
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 	k8s.io/cloud-provider v0.28.3 // indirect
 	k8s.io/cloud-provider-gcp/providers v0.27.1 // indirect
-	k8s.io/component-base v0.28.3 // indirect
+	k8s.io/component-base v0.28.4 // indirect
 	k8s.io/kube-openapi v0.0.0-20230905202853-d090da108d2f // indirect
 	k8s.io/test-infra v0.0.0-20220913174101-46ac1a6cf806 // indirect
 	sigs.k8s.io/bom v0.5.2-0.20230519223618-1ebaa9ce375f // indirect

tests/e2e/go.sum

@@ -201,8 +201,8 @@ github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkY
 github.com/asaskevich/govalidator v0.0.0-20200907205600-7a23bdc65eef/go.mod h1:WaHUgvxTVq04UNunO+XhnAqY/wQc+bxr74GqbsZ/Jqw=
 github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 h1:DklsrG3dyBCFEj5IhUbnKptjxatkF07cF2ak3yi77so=
 github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2/go.mod h1:WaHUgvxTVq04UNunO+XhnAqY/wQc+bxr74GqbsZ/Jqw=
-github.com/aws/aws-sdk-go v1.47.8 h1:VCFyO5UTREnhR0HRf9roqFfJeeRVin58zUy+pBMhwjY=
+github.com/aws/aws-sdk-go v1.47.13 h1:pJgCtldg5azDAFoEcE0fz6n+FnCc1/FY4krtUa5uvZQ=
-github.com/aws/aws-sdk-go v1.47.8/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk=
+github.com/aws/aws-sdk-go v1.47.13/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk=
 github.com/aws/aws-sdk-go-v2 v1.7.1/go.mod h1:L5LuPC1ZgDr2xQS7AmIec/Jlc7O/Y1u2KxJyNVab250=
 github.com/aws/aws-sdk-go-v2 v1.14.0/go.mod h1:ZA3Y8V0LrlWj63MQAnRHgKf/5QB//LSZCPNWlWrNGLU=
 github.com/aws/aws-sdk-go-v2 v1.18.1 h1:+tefE750oAb7ZQGzla6bLkOwfcQCEtC5y2RqoqCeqKo=
@@ -1179,8 +1179,8 @@ golang.org/x/exp v0.0.0-20191227195350-da58074b4299/go.mod h1:2RIsYlXP63K8oxa1u0
 golang.org/x/exp v0.0.0-20200119233911-0405dc783f0a/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4=
 golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EHIKF9dgMWnmCNThgcyBT1FY9mM=
 golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU=
-golang.org/x/exp v0.0.0-20231108232855-2478ac86f678 h1:mchzmB1XO2pMaKFRqk/+MV3mgGG96aqaPXaMifQU47w=
+golang.org/x/exp v0.0.0-20231110203233-9a3e6036ecaa h1:FRnLl4eNAQl8hwxVVC17teOw8kdjVDVAiFMtgUdTSRQ=
-golang.org/x/exp v0.0.0-20231108232855-2478ac86f678/go.mod h1:zk2irFbV9DP96SEBUUAy67IdHUaZuSnrz1n472HUCLE=
+golang.org/x/exp v0.0.0-20231110203233-9a3e6036ecaa/go.mod h1:zk2irFbV9DP96SEBUUAy67IdHUaZuSnrz1n472HUCLE=
 golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js=
 golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0=
 golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
@@ -1522,8 +1522,8 @@ google.golang.org/api v0.55.0/go.mod h1:38yMfeP1kfjsl8isn0tliTjIb1rJXcQi4UXlbqiv
 google.golang.org/api v0.56.0/go.mod h1:38yMfeP1kfjsl8isn0tliTjIb1rJXcQi4UXlbqivdVE=
 google.golang.org/api v0.57.0/go.mod h1:dVPlbZyBo2/OjBpmvNdpn2GRm6rPy75jyU7bmhdrMgI=
 google.golang.org/api v0.60.0/go.mod h1:d7rl65NZAkEQ90JFzqBjcRq1TVeG5ZoGV3sSpEnnVb4=
-google.golang.org/api v0.150.0 h1:Z9k22qD289SZ8gCJrk4DrWXkNjtfvKAUo/l1ma8eBYE=
+google.golang.org/api v0.151.0 h1:FhfXLO/NFdJIzQtCqjpysWwqKk8AzGWBUhMIx67cVDU=
-google.golang.org/api v0.150.0/go.mod h1:ccy+MJ6nrYFgE3WgRx/AMXOxOmU8Q4hSa+jjibzhxcg=
+google.golang.org/api v0.151.0/go.mod h1:ccy+MJ6nrYFgE3WgRx/AMXOxOmU8Q4hSa+jjibzhxcg=
 google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM=
 google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
 google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
@@ -1693,18 +1693,18 @@ honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt
 honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
 honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
 honnef.co/go/tools v0.0.1-2020.1.5/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
-k8s.io/api v0.28.3 h1:Gj1HtbSdB4P08C8rs9AR94MfSGpRhJgsS+GF9V26xMM=
+k8s.io/api v0.28.4 h1:8ZBrLjwosLl/NYgv1P7EQLqoO8MGQApnbgH8tu3BMzY=
-k8s.io/api v0.28.3/go.mod h1:MRCV/jr1dW87/qJnZ57U5Pak65LGmQVkKTzf3AtKFHc=
+k8s.io/api v0.28.4/go.mod h1:axWTGrY88s/5YE+JSt4uUi6NMM+gur1en2REMR7IRj0=
-k8s.io/apimachinery v0.28.3 h1:B1wYx8txOaCQG0HmYF6nbpU8dg6HvA06x5tEffvOe7A=
+k8s.io/apimachinery v0.28.4 h1:zOSJe1mc+GxuMnFzD4Z/U1wst50X28ZNsn5bhgIIao8=
-k8s.io/apimachinery v0.28.3/go.mod h1:uQTKmIqs+rAYaq+DFaoD2X7pcjLOqbQX2AOiO0nIpb8=
+k8s.io/apimachinery v0.28.4/go.mod h1:wI37ncBvfAoswfq626yPTe6Bz1c22L7uaJ8dho83mgg=
 k8s.io/client-go v0.28.3 h1:2OqNb72ZuTZPKCl+4gTKvqao0AMOl9f3o2ijbAj3LI4=
 k8s.io/client-go v0.28.3/go.mod h1:LTykbBp9gsA7SwqirlCXBWtK0guzfhpoW4qSm7i9dxo=
 k8s.io/cloud-provider v0.28.3 h1:9u+JjA3zIn0nqLOOa8tWnprFkffguSAhfBvo8p7LhBQ=
 k8s.io/cloud-provider v0.28.3/go.mod h1:shAJxdrKu+SwwGUhkodxByPjaH8KBFZqXo6jU1F0ehI=
 k8s.io/cloud-provider-gcp/providers v0.27.1 h1:dHBfDCVqu+AhC8JRt1tGJdm7MGwxUwPNwauO6Jx3DSo=
 k8s.io/cloud-provider-gcp/providers v0.27.1/go.mod h1:nJpF5c121eZ73gPrKaLmj4D1HC0Yr6hdyprCKLMH7Ug=
-k8s.io/component-base v0.28.3 h1:rDy68eHKxq/80RiMb2Ld/tbH8uAE75JdCqJyi6lXMzI=
+k8s.io/component-base v0.28.4 h1:c/iQLWPdUgI90O+T9TeECg8o7N3YJTiuz2sKxILYcYo=
-k8s.io/component-base v0.28.3/go.mod h1:fDJ6vpVNSk6cRo5wmDa6eKIG7UlIQkaFmZN2fYgIUD8=
+k8s.io/component-base v0.28.4/go.mod h1:m9hR0uvqXDybiGL2nf/3Lf0MerAfQXzkfWhUY58JUbU=
 k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE=
 k8s.io/klog/v2 v2.110.1 h1:U/Af64HJf7FcwMcXyKm2RPM22WZzyR7OSpYj5tg3cL0=
 k8s.io/klog/v2 v2.110.1/go.mod h1:YGtd1984u+GgbuZ7e08/yBuAfKLSO0+uR1Fhi6ExXjo=

vendor/github.com/aws/aws-sdk-go/aws/credentials/endpointcreds/provider.go

@@ -31,6 +31,8 @@ package endpointcreds
 
 import (
 	"encoding/json"
+	"fmt"
+	"strings"
 	"time"
 
 	"github.com/aws/aws-sdk-go/aws"
@@ -69,7 +71,37 @@ type Provider struct {
 
 	// Optional authorization token value if set will be used as the value of
 	// the Authorization header of the endpoint credential request.
+	//
+	// When constructed from environment, the provider will use the value of
+	// AWS_CONTAINER_AUTHORIZATION_TOKEN environment variable as the token
+	//
+	// Will be overridden if AuthorizationTokenProvider is configured
 	AuthorizationToken string
+
+	// Optional auth provider func to dynamically load the auth token from a file
+	// everytime a credential is retrieved
+	//
+	// When constructed from environment, the provider will read and use the content
+	// of the file pointed to by AWS_CONTAINER_AUTHORIZATION_TOKEN_FILE environment variable
+	// as the auth token everytime credentials are retrieved
+	//
+	// Will override AuthorizationToken if configured
+	AuthorizationTokenProvider AuthTokenProvider
+}
+
+// AuthTokenProvider defines an interface to dynamically load a value to be passed
+// for the Authorization header of a credentials request.
+type AuthTokenProvider interface {
+	GetToken() (string, error)
+}
+
+// TokenProviderFunc is a func type implementing AuthTokenProvider interface
+// and enables customizing token provider behavior
+type TokenProviderFunc func() (string, error)
+
+// GetToken func retrieves auth token according to TokenProviderFunc implementation
+func (p TokenProviderFunc) GetToken() (string, error) {
+	return p()
 }
 
 // NewProviderClient returns a credentials Provider for retrieving AWS credentials
@@ -164,7 +196,20 @@ func (p *Provider) getCredentials(ctx aws.Context) (*getCredentialsOutput, error
 	req := p.Client.NewRequest(op, nil, out)
 	req.SetContext(ctx)
 	req.HTTPRequest.Header.Set("Accept", "application/json")
-	if authToken := p.AuthorizationToken; len(authToken) != 0 {
+
+	authToken := p.AuthorizationToken
+	var err error
+	if p.AuthorizationTokenProvider != nil {
+		authToken, err = p.AuthorizationTokenProvider.GetToken()
+		if err != nil {
+			return nil, fmt.Errorf("get authorization token: %v", err)
+		}
+	}
+
+	if strings.ContainsAny(authToken, "\r\n") {
+		return nil, fmt.Errorf("authorization token contains invalid newline sequence")
+	}
+	if len(authToken) != 0 {
 		req.HTTPRequest.Header.Set("Authorization", authToken)
 	}
 

vendor/github.com/aws/aws-sdk-go/aws/defaults/defaults.go

@@ -9,6 +9,7 @@ package defaults
 
 import (
 	"fmt"
+	"io/ioutil"
 	"net"
 	"net/http"
 	"net/url"
@@ -115,9 +116,31 @@ func CredProviders(cfg *aws.Config, handlers request.Handlers) []credentials.Pro
 
 const (
 	httpProviderAuthorizationEnvVar = "AWS_CONTAINER_AUTHORIZATION_TOKEN"
+	httpProviderAuthFileEnvVar      = "AWS_CONTAINER_AUTHORIZATION_TOKEN_FILE"
 	httpProviderEnvVar              = "AWS_CONTAINER_CREDENTIALS_FULL_URI"
 )
 
+// direct representation of the IPv4 address for the ECS container
+// "169.254.170.2"
+var ecsContainerIPv4 net.IP = []byte{
+	169, 254, 170, 2,
+}
+
+// direct representation of the IPv4 address for the EKS container
+// "169.254.170.23"
+var eksContainerIPv4 net.IP = []byte{
+	169, 254, 170, 23,
+}
+
+// direct representation of the IPv6 address for the EKS container
+// "fd00:ec2::23"
+var eksContainerIPv6 net.IP = []byte{
+	0xFD, 0, 0xE, 0xC2,
+	0, 0, 0, 0,
+	0, 0, 0, 0,
+	0, 0, 0, 0x23,
+}
+
 // RemoteCredProvider returns a credentials provider for the default remote
 // endpoints such as EC2 or ECS Roles.
 func RemoteCredProvider(cfg aws.Config, handlers request.Handlers) credentials.Provider {
@@ -135,19 +158,22 @@ func RemoteCredProvider(cfg aws.Config, handlers request.Handlers) credentials.P
 
 var lookupHostFn = net.LookupHost
 
-func isLoopbackHost(host string) (bool, error) {
+// isAllowedHost allows host to be loopback or known ECS/EKS container IPs
-	ip := net.ParseIP(host)
+//
-	if ip != nil {
+// host can either be an IP address OR an unresolved hostname - resolution will
-		return ip.IsLoopback(), nil
+// be automatically performed in the latter case
+func isAllowedHost(host string) (bool, error) {
+	if ip := net.ParseIP(host); ip != nil {
+		return isIPAllowed(ip), nil
 	}
 
-	// Host is not an ip, perform lookup
 	addrs, err := lookupHostFn(host)
 	if err != nil {
 		return false, err
 	}
+
 	for _, addr := range addrs {
-		if !net.ParseIP(addr).IsLoopback() {
+		if ip := net.ParseIP(addr); ip == nil || !isIPAllowed(ip) {
 			return false, nil
 		}
 	}
@@ -155,6 +181,13 @@ func isLoopbackHost(host string) (bool, error) {
 	return true, nil
 }
 
+func isIPAllowed(ip net.IP) bool {
+	return ip.IsLoopback() ||
+		ip.Equal(ecsContainerIPv4) ||
+		ip.Equal(eksContainerIPv4) ||
+		ip.Equal(eksContainerIPv6)
+}
+
 func localHTTPCredProvider(cfg aws.Config, handlers request.Handlers, u string) credentials.Provider {
 	var errMsg string
 
@@ -165,10 +198,12 @@ func localHTTPCredProvider(cfg aws.Config, handlers request.Handlers, u string)
 		host := aws.URLHostname(parsed)
 		if len(host) == 0 {
 			errMsg = "unable to parse host from local HTTP cred provider URL"
-		} else if isLoopback, loopbackErr := isLoopbackHost(host); loopbackErr != nil {
+		} else if parsed.Scheme == "http" {
-			errMsg = fmt.Sprintf("failed to resolve host %q, %v", host, loopbackErr)
+			if isAllowedHost, allowHostErr := isAllowedHost(host); allowHostErr != nil {
-		} else if !isLoopback {
+				errMsg = fmt.Sprintf("failed to resolve host %q, %v", host, allowHostErr)
-			errMsg = fmt.Sprintf("invalid endpoint host, %q, only loopback hosts are allowed.", host)
+			} else if !isAllowedHost {
+				errMsg = fmt.Sprintf("invalid endpoint host, %q, only loopback/ecs/eks hosts are allowed.", host)
+			}
 		}
 	}
 
@@ -190,6 +225,15 @@ func httpCredProvider(cfg aws.Config, handlers request.Handlers, u string) crede
 		func(p *endpointcreds.Provider) {
 			p.ExpiryWindow = 5 * time.Minute
 			p.AuthorizationToken = os.Getenv(httpProviderAuthorizationEnvVar)
+			if authFilePath := os.Getenv(httpProviderAuthFileEnvVar); authFilePath != "" {
+				p.AuthorizationTokenProvider = endpointcreds.TokenProviderFunc(func() (string, error) {
+					if contents, err := ioutil.ReadFile(authFilePath); err != nil {
+						return "", fmt.Errorf("failed to read authorization token from %v: %v", authFilePath, err)
+					} else {
+						return string(contents), nil
+					}
+				})
+			}
 		},
 	)
 }

vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go

@@ -3977,6 +3977,12 @@ var awsPartition = partition{
 				endpointKey{
 					Region: "ca-central-1",
 				}: endpoint{},
+				endpointKey{
+					Region:  "ca-central-1",
+					Variant: fipsVariant,
+				}: endpoint{
+					Hostname: "autoscaling-fips.ca-central-1.amazonaws.com",
+				},
 				endpointKey{
 					Region: "eu-central-1",
 				}: endpoint{},
@@ -4001,6 +4007,51 @@ var awsPartition = partition{
 				endpointKey{
 					Region: "eu-west-3",
 				}: endpoint{},
+				endpointKey{
+					Region: "fips-ca-central-1",
+				}: endpoint{
+					Hostname: "autoscaling-fips.ca-central-1.amazonaws.com",
+					CredentialScope: credentialScope{
+						Region: "ca-central-1",
+					},
+					Deprecated: boxedTrue,
+				},
+				endpointKey{
+					Region: "fips-us-east-1",
+				}: endpoint{
+					Hostname: "autoscaling-fips.us-east-1.amazonaws.com",
+					CredentialScope: credentialScope{
+						Region: "us-east-1",
+					},
+					Deprecated: boxedTrue,
+				},
+				endpointKey{
+					Region: "fips-us-east-2",
+				}: endpoint{
+					Hostname: "autoscaling-fips.us-east-2.amazonaws.com",
+					CredentialScope: credentialScope{
+						Region: "us-east-2",
+					},
+					Deprecated: boxedTrue,
+				},
+				endpointKey{
+					Region: "fips-us-west-1",
+				}: endpoint{
+					Hostname: "autoscaling-fips.us-west-1.amazonaws.com",
+					CredentialScope: credentialScope{
+						Region: "us-west-1",
+					},
+					Deprecated: boxedTrue,
+				},
+				endpointKey{
+					Region: "fips-us-west-2",
+				}: endpoint{
+					Hostname: "autoscaling-fips.us-west-2.amazonaws.com",
+					CredentialScope: credentialScope{
+						Region: "us-west-2",
+					},
+					Deprecated: boxedTrue,
+				},
 				endpointKey{
 					Region: "il-central-1",
 				}: endpoint{},
@@ -4016,15 +4067,39 @@ var awsPartition = partition{
 				endpointKey{
 					Region: "us-east-1",
 				}: endpoint{},
+				endpointKey{
+					Region:  "us-east-1",
+					Variant: fipsVariant,
+				}: endpoint{
+					Hostname: "autoscaling-fips.us-east-1.amazonaws.com",
+				},
 				endpointKey{
 					Region: "us-east-2",
 				}: endpoint{},
+				endpointKey{
+					Region:  "us-east-2",
+					Variant: fipsVariant,
+				}: endpoint{
+					Hostname: "autoscaling-fips.us-east-2.amazonaws.com",
+				},
 				endpointKey{
 					Region: "us-west-1",
 				}: endpoint{},
+				endpointKey{
+					Region:  "us-west-1",
+					Variant: fipsVariant,
+				}: endpoint{
+					Hostname: "autoscaling-fips.us-west-1.amazonaws.com",
+				},
 				endpointKey{
 					Region: "us-west-2",
 				}: endpoint{},
+				endpointKey{
+					Region:  "us-west-2",
+					Variant: fipsVariant,
+				}: endpoint{
+					Hostname: "autoscaling-fips.us-west-2.amazonaws.com",
+				},
 			},
 		},
 		"autoscaling-plans": service{
@@ -6214,15 +6289,27 @@ var awsPartition = partition{
 				endpointKey{
 					Region: "ap-northeast-2",
 				}: endpoint{},
+				endpointKey{
+					Region: "ap-northeast-3",
+				}: endpoint{},
 				endpointKey{
 					Region: "ap-south-1",
 				}: endpoint{},
+				endpointKey{
+					Region: "ap-south-2",
+				}: endpoint{},
 				endpointKey{
 					Region: "ap-southeast-1",
 				}: endpoint{},
 				endpointKey{
 					Region: "ap-southeast-2",
 				}: endpoint{},
+				endpointKey{
+					Region: "ap-southeast-3",
+				}: endpoint{},
+				endpointKey{
+					Region: "ap-southeast-4",
+				}: endpoint{},
 				endpointKey{
 					Region: "ca-central-1",
 				}: endpoint{},
@@ -6244,6 +6331,9 @@ var awsPartition = partition{
 				endpointKey{
 					Region: "eu-south-1",
 				}: endpoint{},
+				endpointKey{
+					Region: "eu-south-2",
+				}: endpoint{},
 				endpointKey{
 					Region: "eu-west-1",
 				}: endpoint{},
@@ -6298,6 +6388,12 @@ var awsPartition = partition{
 					},
 					Deprecated: boxedTrue,
 				},
+				endpointKey{
+					Region: "il-central-1",
+				}: endpoint{},
+				endpointKey{
+					Region: "me-central-1",
+				}: endpoint{},
 				endpointKey{
 					Region: "me-south-1",
 				}: endpoint{},
@@ -6993,6 +7089,14 @@ var awsPartition = partition{
 						Region: "ap-south-1",
 					},
 				},
+				endpointKey{
+					Region: "ap-south-2",
+				}: endpoint{
+					Hostname: "compute-optimizer.ap-south-2.amazonaws.com",
+					CredentialScope: credentialScope{
+						Region: "ap-south-2",
+					},
+				},
 				endpointKey{
 					Region: "ap-southeast-1",
 				}: endpoint{
@@ -7009,6 +7113,22 @@ var awsPartition = partition{
 						Region: "ap-southeast-2",
 					},
 				},
+				endpointKey{
+					Region: "ap-southeast-3",
+				}: endpoint{
+					Hostname: "compute-optimizer.ap-southeast-3.amazonaws.com",
+					CredentialScope: credentialScope{
+						Region: "ap-southeast-3",
+					},
+				},
+				endpointKey{
+					Region: "ap-southeast-4",
+				}: endpoint{
+					Hostname: "compute-optimizer.ap-southeast-4.amazonaws.com",
+					CredentialScope: credentialScope{
+						Region: "ap-southeast-4",
+					},
+				},
 				endpointKey{
 					Region: "ca-central-1",
 				}: endpoint{
@@ -7025,6 +7145,14 @@ var awsPartition = partition{
 						Region: "eu-central-1",
 					},
 				},
+				endpointKey{
+					Region: "eu-central-2",
+				}: endpoint{
+					Hostname: "compute-optimizer.eu-central-2.amazonaws.com",
+					CredentialScope: credentialScope{
+						Region: "eu-central-2",
+					},
+				},
 				endpointKey{
 					Region: "eu-north-1",
 				}: endpoint{
@@ -7041,6 +7169,14 @@ var awsPartition = partition{
 						Region: "eu-south-1",
 					},
 				},
+				endpointKey{
+					Region: "eu-south-2",
+				}: endpoint{
+					Hostname: "compute-optimizer.eu-south-2.amazonaws.com",
+					CredentialScope: credentialScope{
+						Region: "eu-south-2",
+					},
+				},
 				endpointKey{
 					Region: "eu-west-1",
 				}: endpoint{
@@ -7065,6 +7201,22 @@ var awsPartition = partition{
 						Region: "eu-west-3",
 					},
 				},
+				endpointKey{
+					Region: "il-central-1",
+				}: endpoint{
+					Hostname: "compute-optimizer.il-central-1.amazonaws.com",
+					CredentialScope: credentialScope{
+						Region: "il-central-1",
+					},
+				},
+				endpointKey{
+					Region: "me-central-1",
+				}: endpoint{
+					Hostname: "compute-optimizer.me-central-1.amazonaws.com",
+					CredentialScope: credentialScope{
+						Region: "me-central-1",
+					},
+				},
 				endpointKey{
 					Region: "me-south-1",
 				}: endpoint{
@@ -11713,6 +11865,9 @@ var awsPartition = partition{
 		},
 		"emr-serverless": service{
 			Endpoints: serviceEndpoints{
+				endpointKey{
+					Region: "af-south-1",
+				}: endpoint{},
 				endpointKey{
 					Region: "ap-east-1",
 				}: endpoint{},
@@ -11722,6 +11877,9 @@ var awsPartition = partition{
 				endpointKey{
 					Region: "ap-northeast-2",
 				}: endpoint{},
+				endpointKey{
+					Region: "ap-northeast-3",
+				}: endpoint{},
 				endpointKey{
 					Region: "ap-south-1",
 				}: endpoint{},
@@ -11731,6 +11889,9 @@ var awsPartition = partition{
 				endpointKey{
 					Region: "ap-southeast-2",
 				}: endpoint{},
+				endpointKey{
+					Region: "ap-southeast-3",
+				}: endpoint{},
 				endpointKey{
 					Region: "ca-central-1",
 				}: endpoint{},
@@ -11746,6 +11907,9 @@ var awsPartition = partition{
 				endpointKey{
 					Region: "eu-north-1",
 				}: endpoint{},
+				endpointKey{
+					Region: "eu-south-1",
+				}: endpoint{},
 				endpointKey{
 					Region: "eu-west-1",
 				}: endpoint{},
@@ -35257,12 +35421,42 @@ var awsusgovPartition = partition{
 		},
 		"appconfigdata": service{
 			Endpoints: serviceEndpoints{
+				endpointKey{
+					Region: "fips-us-gov-east-1",
+				}: endpoint{
+					Hostname: "appconfigdata.us-gov-east-1.amazonaws.com",
+					CredentialScope: credentialScope{
+						Region: "us-gov-east-1",
+					},
+					Deprecated: boxedTrue,
+				},
+				endpointKey{
+					Region: "fips-us-gov-west-1",
+				}: endpoint{
+					Hostname: "appconfigdata.us-gov-west-1.amazonaws.com",
+					CredentialScope: credentialScope{
+						Region: "us-gov-west-1",
+					},
+					Deprecated: boxedTrue,
+				},
 				endpointKey{
 					Region: "us-gov-east-1",
 				}: endpoint{},
+				endpointKey{
+					Region:  "us-gov-east-1",
+					Variant: fipsVariant,
+				}: endpoint{
+					Hostname: "appconfigdata.us-gov-east-1.amazonaws.com",
+				},
 				endpointKey{
 					Region: "us-gov-west-1",
 				}: endpoint{},
+				endpointKey{
+					Region:  "us-gov-west-1",
+					Variant: fipsVariant,
+				}: endpoint{
+					Hostname: "appconfigdata.us-gov-west-1.amazonaws.com",
+				},
 			},
 		},
 		"application-autoscaling": service{
@@ -40125,20 +40319,40 @@ var awsusgovPartition = partition{
 		"simspaceweaver": service{
 			Endpoints: serviceEndpoints{
 				endpointKey{
-					Region: "us-gov-east-1",
+					Region: "fips-us-gov-east-1",
 				}: endpoint{
 					Hostname: "simspaceweaver.us-gov-east-1.amazonaws.com",
 					CredentialScope: credentialScope{
 						Region: "us-gov-east-1",
 					},
+					Deprecated: boxedTrue,
 				},
 				endpointKey{
-					Region: "us-gov-west-1",
+					Region: "fips-us-gov-west-1",
 				}: endpoint{
 					Hostname: "simspaceweaver.us-gov-west-1.amazonaws.com",
 					CredentialScope: credentialScope{
 						Region: "us-gov-west-1",
 					},
+					Deprecated: boxedTrue,
+				},
+				endpointKey{
+					Region: "us-gov-east-1",
+				}: endpoint{},
+				endpointKey{
+					Region:  "us-gov-east-1",
+					Variant: fipsVariant,
+				}: endpoint{
+					Hostname: "simspaceweaver.us-gov-east-1.amazonaws.com",
+				},
+				endpointKey{
+					Region: "us-gov-west-1",
+				}: endpoint{},
+				endpointKey{
+					Region:  "us-gov-west-1",
+					Variant: fipsVariant,
+				}: endpoint{
+					Hostname: "simspaceweaver.us-gov-west-1.amazonaws.com",
 				},
 			},
 		},
@@ -40357,6 +40571,24 @@ var awsusgovPartition = partition{
 						Region: "us-gov-east-1",
 					},
 				},
+				endpointKey{
+					Region:  "us-gov-east-1",
+					Variant: fipsVariant,
+				}: endpoint{
+					Hostname: "sso.us-gov-east-1.amazonaws.com",
+					CredentialScope: credentialScope{
+						Region: "us-gov-east-1",
+					},
+				},
+				endpointKey{
+					Region: "us-gov-east-1-fips",
+				}: endpoint{
+					Hostname: "sso.us-gov-east-1.amazonaws.com",
+					CredentialScope: credentialScope{
+						Region: "us-gov-east-1",
+					},
+					Deprecated: boxedTrue,
+				},
 				endpointKey{
 					Region: "us-gov-west-1",
 				}: endpoint{
@@ -40365,6 +40597,24 @@ var awsusgovPartition = partition{
 						Region: "us-gov-west-1",
 					},
 				},
+				endpointKey{
+					Region:  "us-gov-west-1",
+					Variant: fipsVariant,
+				}: endpoint{
+					Hostname: "sso.us-gov-west-1.amazonaws.com",
+					CredentialScope: credentialScope{
+						Region: "us-gov-west-1",
+					},
+				},
+				endpointKey{
+					Region: "us-gov-west-1-fips",
+				}: endpoint{
+					Hostname: "sso.us-gov-west-1.amazonaws.com",
+					CredentialScope: credentialScope{
+						Region: "us-gov-west-1",
+					},
+					Deprecated: boxedTrue,
+				},
 			},
 		},
 		"states": service{
@@ -41396,6 +41646,9 @@ var awsisoPartition = partition{
 				endpointKey{
 					Region: "us-iso-east-1",
 				}: endpoint{},
+				endpointKey{
+					Region: "us-iso-west-1",
+				}: endpoint{},
 			},
 		},
 		"ec2": service{

vendor/github.com/aws/aws-sdk-go/aws/signer/v4/v4.go

@@ -125,6 +125,7 @@ var requiredSignedHeaders = rules{
 			"X-Amz-Copy-Source-Server-Side-Encryption-Customer-Algorithm": struct{}{},
 			"X-Amz-Copy-Source-Server-Side-Encryption-Customer-Key":       struct{}{},
 			"X-Amz-Copy-Source-Server-Side-Encryption-Customer-Key-Md5":   struct{}{},
+			"X-Amz-Expected-Bucket-Owner":                                 struct{}{},
 			"X-Amz-Grant-Full-control":                                    struct{}{},
 			"X-Amz-Grant-Read":                                            struct{}{},
 			"X-Amz-Grant-Read-Acp":                                        struct{}{},

vendor/github.com/aws/aws-sdk-go/aws/version.go

@@ -5,4 +5,4 @@ package aws
 const SDKName = "aws-sdk-go"
 
 // SDKVersion is the version of this SDK
-const SDKVersion = "1.47.8"
+const SDKVersion = "1.47.13"

vendor/github.com/aws/aws-sdk-go/service/autoscaling/api.go

@@ -6512,10 +6512,7 @@ func (c *AutoScaling) StartInstanceRefreshRequest(input *StartInstanceRefreshInp
 
 // StartInstanceRefresh API operation for Auto Scaling.
 //
-// Starts an instance refresh. During an instance refresh, Amazon EC2 Auto Scaling
+// Starts an instance refresh.
-// performs a rolling update of instances in an Auto Scaling group. Instances
-// are terminated first and then replaced, which temporarily reduces the capacity
-// available within your Auto Scaling group.
 //
 // This operation is part of the instance refresh feature (https://docs.aws.amazon.com/autoscaling/ec2/userguide/asg-instance-refresh.html)
 // in Amazon EC2 Auto Scaling, which helps you update instances in your Auto
@@ -8302,6 +8299,11 @@ type CreateAutoScalingGroupInput struct {
 	// in the Amazon EC2 Auto Scaling User Guide.
 	InstanceId *string `min:"1" type:"string"`
 
+	// An instance maintenance policy. For more information, see Set instance maintenance
+	// policy (https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-instance-maintenance-policy.html)
+	// in the Amazon EC2 Auto Scaling User Guide.
+	InstanceMaintenancePolicy *InstanceMaintenancePolicy `type:"structure"`
+
 	// The name of the launch configuration to use to launch instances.
 	//
 	// Conditional: You must specify either a launch template (LaunchTemplate or
@@ -8480,6 +8482,11 @@ func (s *CreateAutoScalingGroupInput) Validate() error {
 	if s.VPCZoneIdentifier != nil && len(*s.VPCZoneIdentifier) < 1 {
 		invalidParams.Add(request.NewErrParamMinLen("VPCZoneIdentifier", 1))
 	}
+	if s.InstanceMaintenancePolicy != nil {
+		if err := s.InstanceMaintenancePolicy.Validate(); err != nil {
+			invalidParams.AddNested("InstanceMaintenancePolicy", err.(request.ErrInvalidParams))
+		}
+	}
 	if s.LaunchTemplate != nil {
 		if err := s.LaunchTemplate.Validate(); err != nil {
 			invalidParams.AddNested("LaunchTemplate", err.(request.ErrInvalidParams))
@@ -8593,6 +8600,12 @@ func (s *CreateAutoScalingGroupInput) SetInstanceId(v string) *CreateAutoScaling
 	return s
 }
 
+// SetInstanceMaintenancePolicy sets the InstanceMaintenancePolicy field's value.
+func (s *CreateAutoScalingGroupInput) SetInstanceMaintenancePolicy(v *InstanceMaintenancePolicy) *CreateAutoScalingGroupInput {
+	s.InstanceMaintenancePolicy = v
+	return s
+}
+
 // SetLaunchConfigurationName sets the LaunchConfigurationName field's value.
 func (s *CreateAutoScalingGroupInput) SetLaunchConfigurationName(v string) *CreateAutoScalingGroupInput {
 	s.LaunchConfigurationName = &v
@@ -13605,6 +13618,9 @@ type Group struct {
 	// HealthCheckType is a required field
 	HealthCheckType *string `min:"1" type:"string" required:"true"`
 
+	// An instance maintenance policy.
+	InstanceMaintenancePolicy *InstanceMaintenancePolicy `type:"structure"`
+
 	// The EC2 instances associated with the group.
 	Instances []*Instance `type:"list"`
 
@@ -13774,6 +13790,12 @@ func (s *Group) SetHealthCheckType(v string) *Group {
 	return s
 }
 
+// SetInstanceMaintenancePolicy sets the InstanceMaintenancePolicy field's value.
+func (s *Group) SetInstanceMaintenancePolicy(v *InstanceMaintenancePolicy) *Group {
+	s.InstanceMaintenancePolicy = v
+	return s
+}
+
 // SetInstances sets the Instances field's value.
 func (s *Group) SetInstances(v []*Instance) *Group {
 	s.Instances = v
@@ -14164,6 +14186,78 @@ func (s *InstanceDetails) SetWeightedCapacity(v string) *InstanceDetails {
 	return s
 }
 
+// Describes an instance maintenance policy.
+//
+// For more information, see Set instance maintenance policy (https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-instance-maintenance-policy.html)
+// in the Amazon EC2 Auto Scaling User Guide.
+type InstanceMaintenancePolicy struct {
+	_ struct{} `type:"structure"`
+
+	// Specifies the upper threshold as a percentage of the desired capacity of
+	// the Auto Scaling group. It represents the maximum percentage of the group
+	// that can be in service and healthy, or pending, to support your workload
+	// when replacing instances. Value range is 100 to 200. After it's set, a value
+	// of -1 will clear the previously set value.
+	//
+	// Both MinHealthyPercentage and MaxHealthyPercentage must be specified, and
+	// the difference between them cannot be greater than 100. A large range increases
+	// the number of instances that can be replaced at the same time.
+	MaxHealthyPercentage *int64 `type:"integer"`
+
+	// Specifies the lower threshold as a percentage of the desired capacity of
+	// the Auto Scaling group. It represents the minimum percentage of the group
+	// to keep in service, healthy, and ready to use to support your workload when
+	// replacing instances. Value range is 0 to 100. After it's set, a value of
+	// -1 will clear the previously set value.
+	MinHealthyPercentage *int64 `type:"integer"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s InstanceMaintenancePolicy) String() string {
+	return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s InstanceMaintenancePolicy) GoString() string {
+	return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *InstanceMaintenancePolicy) Validate() error {
+	invalidParams := request.ErrInvalidParams{Context: "InstanceMaintenancePolicy"}
+	if s.MaxHealthyPercentage != nil && *s.MaxHealthyPercentage < -1 {
+		invalidParams.Add(request.NewErrParamMinValue("MaxHealthyPercentage", -1))
+	}
+	if s.MinHealthyPercentage != nil && *s.MinHealthyPercentage < -1 {
+		invalidParams.Add(request.NewErrParamMinValue("MinHealthyPercentage", -1))
+	}
+
+	if invalidParams.Len() > 0 {
+		return invalidParams
+	}
+	return nil
+}
+
+// SetMaxHealthyPercentage sets the MaxHealthyPercentage field's value.
+func (s *InstanceMaintenancePolicy) SetMaxHealthyPercentage(v int64) *InstanceMaintenancePolicy {
+	s.MaxHealthyPercentage = &v
+	return s
+}
+
+// SetMinHealthyPercentage sets the MinHealthyPercentage field's value.
+func (s *InstanceMaintenancePolicy) SetMinHealthyPercentage(v int64) *InstanceMaintenancePolicy {
+	s.MinHealthyPercentage = &v
+	return s
+}
+
 // The metadata options for the instances. For more information, see Configuring
 // the Instance Metadata Options (https://docs.aws.amazon.com/autoscaling/ec2/userguide/create-launch-config.html#launch-configurations-imds)
 // in the Amazon EC2 Auto Scaling User Guide.
@@ -19000,14 +19094,26 @@ type RefreshPreferences struct {
 	// in all cases), or the HealthCheckGracePeriod property otherwise.
 	InstanceWarmup *int64 `type:"integer"`
 
-	// The amount of capacity in the Auto Scaling group that must pass your group's
+	// Specifies the maximum percentage of the group that can be in service and
-	// health checks to allow the operation to continue. The value is expressed
+	// healthy, or pending, to support your workload when replacing instances. The
-	// as a percentage of the desired capacity of the Auto Scaling group (rounded
+	// value is expressed as a percentage of the desired capacity of the Auto Scaling
-	// up to the nearest integer). The default is 90.
+	// group. Value range is 100 to 200.
 	//
-	// Setting the minimum healthy percentage to 100 percent limits the rate of
+	// If you specify MaxHealthyPercentage, you must also specify MinHealthyPercentage,
-	// replacement to one instance at a time. In contrast, setting it to 0 percent
+	// and the difference between them cannot be greater than 100. A larger range
-	// has the effect of replacing all instances at the same time.
+	// increases the number of instances that can be replaced at the same time.
+	//
+	// If you do not specify this property, the default is 100 percent, or the percentage
+	// set in the instance maintenance policy for the Auto Scaling group, if defined.
+	MaxHealthyPercentage *int64 `min:"100" type:"integer"`
+
+	// Specifies the minimum percentage of the group to keep in service, healthy,
+	// and ready to use to support your workload to allow the operation to continue.
+	// The value is expressed as a percentage of the desired capacity of the Auto
+	// Scaling group. Value range is 0 to 100.
+	//
+	// If you do not specify this property, the default is 90 percent, or the percentage
+	// set in the instance maintenance policy for the Auto Scaling group, if defined.
 	MinHealthyPercentage *int64 `type:"integer"`
 
 	// Choose the behavior that you want Amazon EC2 Auto Scaling to use if instances
@@ -19081,6 +19187,19 @@ func (s RefreshPreferences) GoString() string {
 	return s.String()
 }
 
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *RefreshPreferences) Validate() error {
+	invalidParams := request.ErrInvalidParams{Context: "RefreshPreferences"}
+	if s.MaxHealthyPercentage != nil && *s.MaxHealthyPercentage < 100 {
+		invalidParams.Add(request.NewErrParamMinValue("MaxHealthyPercentage", 100))
+	}
+
+	if invalidParams.Len() > 0 {
+		return invalidParams
+	}
+	return nil
+}
+
 // SetAlarmSpecification sets the AlarmSpecification field's value.
 func (s *RefreshPreferences) SetAlarmSpecification(v *AlarmSpecification) *RefreshPreferences {
 	s.AlarmSpecification = v
@@ -19111,6 +19230,12 @@ func (s *RefreshPreferences) SetInstanceWarmup(v int64) *RefreshPreferences {
 	return s
 }
 
+// SetMaxHealthyPercentage sets the MaxHealthyPercentage field's value.
+func (s *RefreshPreferences) SetMaxHealthyPercentage(v int64) *RefreshPreferences {
+	s.MaxHealthyPercentage = &v
+	return s
+}
+
 // SetMinHealthyPercentage sets the MinHealthyPercentage field's value.
 func (s *RefreshPreferences) SetMinHealthyPercentage(v int64) *RefreshPreferences {
 	s.MinHealthyPercentage = &v
@@ -20170,10 +20295,11 @@ type StartInstanceRefreshInput struct {
 	DesiredConfiguration *DesiredConfiguration `type:"structure"`
 
 	// Sets your preferences for the instance refresh so that it performs as expected
-	// when you start it. Includes the instance warmup time, the minimum healthy
+	// when you start it. Includes the instance warmup time, the minimum and maximum
-	// percentage, and the behaviors that you want Amazon EC2 Auto Scaling to use
+	// healthy percentages, and the behaviors that you want Amazon EC2 Auto Scaling
-	// if instances that are in Standby state or protected from scale in are found.
+	// to use if instances that are in Standby state or protected from scale in
-	// You can also choose to enable additional features, such as the following:
+	// are found. You can also choose to enable additional features, such as the
+	// following:
 	//
 	//    * Auto rollback
 	//
@@ -20220,6 +20346,11 @@ func (s *StartInstanceRefreshInput) Validate() error {
 			invalidParams.AddNested("DesiredConfiguration", err.(request.ErrInvalidParams))
 		}
 	}
+	if s.Preferences != nil {
+		if err := s.Preferences.Validate(); err != nil {
+			invalidParams.AddNested("Preferences", err.(request.ErrInvalidParams))
+		}
+	}
 
 	if invalidParams.Len() > 0 {
 		return invalidParams
@@ -21326,6 +21457,11 @@ type UpdateAutoScalingGroupInput struct {
 	// Only specify EC2 if you must clear a value that was previously set.
 	HealthCheckType *string `min:"1" type:"string"`
 
+	// An instance maintenance policy. For more information, see Set instance maintenance
+	// policy (https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-instance-maintenance-policy.html)
+	// in the Amazon EC2 Auto Scaling User Guide.
+	InstanceMaintenancePolicy *InstanceMaintenancePolicy `type:"structure"`
+
 	// The name of the launch configuration. If you specify LaunchConfigurationName
 	// in your update request, you can't specify LaunchTemplate or MixedInstancesPolicy.
 	LaunchConfigurationName *string `min:"1" type:"string"`
@@ -21443,6 +21579,11 @@ func (s *UpdateAutoScalingGroupInput) Validate() error {
 	if s.VPCZoneIdentifier != nil && len(*s.VPCZoneIdentifier) < 1 {
 		invalidParams.Add(request.NewErrParamMinLen("VPCZoneIdentifier", 1))
 	}
+	if s.InstanceMaintenancePolicy != nil {
+		if err := s.InstanceMaintenancePolicy.Validate(); err != nil {
+			invalidParams.AddNested("InstanceMaintenancePolicy", err.(request.ErrInvalidParams))
+		}
+	}
 	if s.LaunchTemplate != nil {
 		if err := s.LaunchTemplate.Validate(); err != nil {
 			invalidParams.AddNested("LaunchTemplate", err.(request.ErrInvalidParams))
@@ -21520,6 +21661,12 @@ func (s *UpdateAutoScalingGroupInput) SetHealthCheckType(v string) *UpdateAutoSc
 	return s
 }
 
+// SetInstanceMaintenancePolicy sets the InstanceMaintenancePolicy field's value.
+func (s *UpdateAutoScalingGroupInput) SetInstanceMaintenancePolicy(v *InstanceMaintenancePolicy) *UpdateAutoScalingGroupInput {
+	s.InstanceMaintenancePolicy = v
+	return s
+}
+
 // SetLaunchConfigurationName sets the LaunchConfigurationName field's value.
 func (s *UpdateAutoScalingGroupInput) SetLaunchConfigurationName(v string) *UpdateAutoScalingGroupInput {
 	s.LaunchConfigurationName = &v

vendor/github.com/aws/aws-sdk-go/service/ec2/ec2iface/interface.go

@@ -1234,6 +1234,13 @@ type EC2API interface {
 	DescribeInstanceStatusPages(*ec2.DescribeInstanceStatusInput, func(*ec2.DescribeInstanceStatusOutput, bool) bool) error
 	DescribeInstanceStatusPagesWithContext(aws.Context, *ec2.DescribeInstanceStatusInput, func(*ec2.DescribeInstanceStatusOutput, bool) bool, ...request.Option) error
 
+	DescribeInstanceTopology(*ec2.DescribeInstanceTopologyInput) (*ec2.DescribeInstanceTopologyOutput, error)
+	DescribeInstanceTopologyWithContext(aws.Context, *ec2.DescribeInstanceTopologyInput, ...request.Option) (*ec2.DescribeInstanceTopologyOutput, error)
+	DescribeInstanceTopologyRequest(*ec2.DescribeInstanceTopologyInput) (*request.Request, *ec2.DescribeInstanceTopologyOutput)
+
+	DescribeInstanceTopologyPages(*ec2.DescribeInstanceTopologyInput, func(*ec2.DescribeInstanceTopologyOutput, bool) bool) error
+	DescribeInstanceTopologyPagesWithContext(aws.Context, *ec2.DescribeInstanceTopologyInput, func(*ec2.DescribeInstanceTopologyOutput, bool) bool, ...request.Option) error
+
 	DescribeInstanceTypeOfferings(*ec2.DescribeInstanceTypeOfferingsInput) (*ec2.DescribeInstanceTypeOfferingsOutput, error)
 	DescribeInstanceTypeOfferingsWithContext(aws.Context, *ec2.DescribeInstanceTypeOfferingsInput, ...request.Option) (*ec2.DescribeInstanceTypeOfferingsOutput, error)
 	DescribeInstanceTypeOfferingsRequest(*ec2.DescribeInstanceTypeOfferingsInput) (*request.Request, *ec2.DescribeInstanceTypeOfferingsOutput)
@@ -1364,6 +1371,10 @@ type EC2API interface {
 	DescribeLocalGatewaysPages(*ec2.DescribeLocalGatewaysInput, func(*ec2.DescribeLocalGatewaysOutput, bool) bool) error
 	DescribeLocalGatewaysPagesWithContext(aws.Context, *ec2.DescribeLocalGatewaysInput, func(*ec2.DescribeLocalGatewaysOutput, bool) bool, ...request.Option) error
 
+	DescribeLockedSnapshots(*ec2.DescribeLockedSnapshotsInput) (*ec2.DescribeLockedSnapshotsOutput, error)
+	DescribeLockedSnapshotsWithContext(aws.Context, *ec2.DescribeLockedSnapshotsInput, ...request.Option) (*ec2.DescribeLockedSnapshotsOutput, error)
+	DescribeLockedSnapshotsRequest(*ec2.DescribeLockedSnapshotsInput) (*request.Request, *ec2.DescribeLockedSnapshotsOutput)
+
 	DescribeManagedPrefixLists(*ec2.DescribeManagedPrefixListsInput) (*ec2.DescribeManagedPrefixListsOutput, error)
 	DescribeManagedPrefixListsWithContext(aws.Context, *ec2.DescribeManagedPrefixListsInput, ...request.Option) (*ec2.DescribeManagedPrefixListsOutput, error)
 	DescribeManagedPrefixListsRequest(*ec2.DescribeManagedPrefixListsInput) (*request.Request, *ec2.DescribeManagedPrefixListsOutput)
@@ -2360,6 +2371,10 @@ type EC2API interface {
 	ListSnapshotsInRecycleBinPages(*ec2.ListSnapshotsInRecycleBinInput, func(*ec2.ListSnapshotsInRecycleBinOutput, bool) bool) error
 	ListSnapshotsInRecycleBinPagesWithContext(aws.Context, *ec2.ListSnapshotsInRecycleBinInput, func(*ec2.ListSnapshotsInRecycleBinOutput, bool) bool, ...request.Option) error
 
+	LockSnapshot(*ec2.LockSnapshotInput) (*ec2.LockSnapshotOutput, error)
+	LockSnapshotWithContext(aws.Context, *ec2.LockSnapshotInput, ...request.Option) (*ec2.LockSnapshotOutput, error)
+	LockSnapshotRequest(*ec2.LockSnapshotInput) (*request.Request, *ec2.LockSnapshotOutput)
+
 	ModifyAddressAttribute(*ec2.ModifyAddressAttributeInput) (*ec2.ModifyAddressAttributeOutput, error)
 	ModifyAddressAttributeWithContext(aws.Context, *ec2.ModifyAddressAttributeInput, ...request.Option) (*ec2.ModifyAddressAttributeOutput, error)
 	ModifyAddressAttributeRequest(*ec2.ModifyAddressAttributeInput) (*request.Request, *ec2.ModifyAddressAttributeOutput)
@@ -2878,6 +2893,10 @@ type EC2API interface {
 	UnassignPrivateNatGatewayAddressWithContext(aws.Context, *ec2.UnassignPrivateNatGatewayAddressInput, ...request.Option) (*ec2.UnassignPrivateNatGatewayAddressOutput, error)
 	UnassignPrivateNatGatewayAddressRequest(*ec2.UnassignPrivateNatGatewayAddressInput) (*request.Request, *ec2.UnassignPrivateNatGatewayAddressOutput)
 
+	UnlockSnapshot(*ec2.UnlockSnapshotInput) (*ec2.UnlockSnapshotOutput, error)
+	UnlockSnapshotWithContext(aws.Context, *ec2.UnlockSnapshotInput, ...request.Option) (*ec2.UnlockSnapshotOutput, error)
+	UnlockSnapshotRequest(*ec2.UnlockSnapshotInput) (*request.Request, *ec2.UnlockSnapshotOutput)
+
 	UnmonitorInstances(*ec2.UnmonitorInstancesInput) (*ec2.UnmonitorInstancesOutput, error)
 	UnmonitorInstancesWithContext(aws.Context, *ec2.UnmonitorInstancesInput, ...request.Option) (*ec2.UnmonitorInstancesOutput, error)
 	UnmonitorInstancesRequest(*ec2.UnmonitorInstancesInput) (*request.Request, *ec2.UnmonitorInstancesOutput)

vendor/github.com/aws/aws-sdk-go/service/ssm/api.go

@@ -18828,6 +18828,9 @@ type AutomationExecution struct {
 
 	// The CloudWatch alarm that was invoked by the automation.
 	TriggeredAlarms []*AlarmStateInformation `min:"1" type:"list"`
+
+	// Variables defined for the automation.
+	Variables map[string][]*string `min:"1" type:"map"`
 }
 
 // String returns the string representation.
@@ -19046,6 +19049,12 @@ func (s *AutomationExecution) SetTriggeredAlarms(v []*AlarmStateInformation) *Au
 	return s
 }
 
+// SetVariables sets the Variables field's value.
+func (s *AutomationExecution) SetVariables(v map[string][]*string) *AutomationExecution {
+	s.Variables = v
+	return s
+}
+
 // A filter used to match specific automation executions. This is used to limit
 // the scope of Automation execution information returned.
 type AutomationExecutionFilter struct {
@@ -22968,7 +22977,7 @@ type CreateOpsItemInput struct {
 	//    * /aws/changerequest This type of OpsItem is used by Change Manager for
 	//    reviewing and approving or rejecting change requests.
 	//
-	//    * /aws/insights This type of OpsItem is used by OpsCenter for aggregating
+	//    * /aws/insight This type of OpsItem is used by OpsCenter for aggregating
 	//    and reporting on duplicate OpsItems.
 	OpsItemType *string `type:"string"`
 
@@ -27178,6 +27187,9 @@ type DescribeInstancePatchesInput struct {
 	//    * Severity Sample values: Important | Medium | Low
 	//
 	//    * State Sample values: Installed | InstalledOther | InstalledPendingReboot
+	//    For lists of all State values, see Understanding patch compliance state
+	//    values (https://docs.aws.amazon.com/systems-manager/latest/userguide/patch-manager-compliance-states.html)
+	//    in the Amazon Web Services Systems Manager User Guide.
 	Filters []*PatchOrchestratorFilter `type:"list"`
 
 	// The ID of the managed node whose patch state information should be retrieved.
@@ -45492,7 +45504,7 @@ type OpsItem struct {
 	//    * /aws/changerequest This type of OpsItem is used by Change Manager for
 	//    reviewing and approving or rejecting change requests.
 	//
-	//    * /aws/insights This type of OpsItem is used by OpsCenter for aggregating
+	//    * /aws/insight This type of OpsItem is used by OpsCenter for aggregating
 	//    and reporting on duplicate OpsItems.
 	OpsItemType *string `type:"string"`
 
@@ -46783,7 +46795,7 @@ type OpsItemSummary struct {
 	//    * /aws/changerequest This type of OpsItem is used by Change Manager for
 	//    reviewing and approving or rejecting change requests.
 	//
-	//    * /aws/insights This type of OpsItem is used by OpsCenter for aggregating
+	//    * /aws/insight This type of OpsItem is used by OpsCenter for aggregating
 	//    and reporting on duplicate OpsItems.
 	OpsItemType *string `type:"string"`
 
@@ -48633,6 +48645,74 @@ func (s *ParametersFilter) SetValues(v []*string) *ParametersFilter {
 	return s
 }
 
+// A detailed status of the parent step.
+type ParentStepDetails struct {
+	_ struct{} `type:"structure"`
+
+	// The name of the automation action.
+	Action *string `type:"string"`
+
+	// The current repetition of the loop represented by an integer.
+	Iteration *int64 `type:"integer"`
+
+	// The current value of the specified iterator in the loop.
+	IteratorValue *string `type:"string"`
+
+	// The unique ID of a step execution.
+	StepExecutionId *string `type:"string"`
+
+	// The name of the step.
+	StepName *string `type:"string"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s ParentStepDetails) String() string {
+	return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s ParentStepDetails) GoString() string {
+	return s.String()
+}
+
+// SetAction sets the Action field's value.
+func (s *ParentStepDetails) SetAction(v string) *ParentStepDetails {
+	s.Action = &v
+	return s
+}
+
+// SetIteration sets the Iteration field's value.
+func (s *ParentStepDetails) SetIteration(v int64) *ParentStepDetails {
+	s.Iteration = &v
+	return s
+}
+
+// SetIteratorValue sets the IteratorValue field's value.
+func (s *ParentStepDetails) SetIteratorValue(v string) *ParentStepDetails {
+	s.IteratorValue = &v
+	return s
+}
+
+// SetStepExecutionId sets the StepExecutionId field's value.
+func (s *ParentStepDetails) SetStepExecutionId(v string) *ParentStepDetails {
+	s.StepExecutionId = &v
+	return s
+}
+
+// SetStepName sets the StepName field's value.
+func (s *ParentStepDetails) SetStepName(v string) *ParentStepDetails {
+	s.StepName = &v
+	return s
+}
+
 // Represents metadata about a patch.
 type Patch struct {
 	_ struct{} `type:"structure"`
@@ -55401,6 +55481,9 @@ type StepExecution struct {
 	// A user-specified list of parameters to override when running a step.
 	OverriddenParameters map[string][]*string `min:"1" type:"map"`
 
+	// Information about the parent step.
+	ParentStepDetails *ParentStepDetails `type:"structure"`
+
 	// A message associated with the response code for an execution.
 	Response *string `type:"string"`
 
@@ -55533,6 +55616,12 @@ func (s *StepExecution) SetOverriddenParameters(v map[string][]*string) *StepExe
 	return s
 }
 
+// SetParentStepDetails sets the ParentStepDetails field's value.
+func (s *StepExecution) SetParentStepDetails(v *ParentStepDetails) *StepExecution {
+	s.ParentStepDetails = v
+	return s
+}
+
 // SetResponse sets the Response field's value.
 func (s *StepExecution) SetResponse(v string) *StepExecution {
 	s.Response = &v
@@ -55598,9 +55687,7 @@ func (s *StepExecution) SetValidNextSteps(v []*string) *StepExecution {
 type StepExecutionFilter struct {
 	_ struct{} `type:"structure"`
 
-	// One or more keys to limit the results. Valid filter keys include the following:
+	// One or more keys to limit the results.
-	// StepName, Action, StepExecutionId, StepExecutionStatus, StartTimeBefore,
-	// StartTimeAfter.
 	//
 	// Key is a required field
 	Key *string `type:"string" required:"true" enum:"StepExecutionFilterKey"`
@@ -59984,23 +60071,25 @@ type UpdateServiceSettingInput struct {
 	// The new value to specify for the service setting. The following list specifies
 	// the available values for each setting.
 	//
-	//    * /ssm/managed-instance/default-ec2-instance-management-role: The name
+	//    * For /ssm/managed-instance/default-ec2-instance-management-role, enter
-	//    of an IAM role
+	//    the name of an IAM role.
 	//
-	//    * /ssm/automation/customer-script-log-destination: CloudWatch
+	//    * For /ssm/automation/customer-script-log-destination, enter CloudWatch.
 	//
-	//    * /ssm/automation/customer-script-log-group-name: The name of an Amazon
+	//    * For /ssm/automation/customer-script-log-group-name, enter the name of
-	//    CloudWatch Logs log group
+	//    an Amazon CloudWatch Logs log group.
 	//
-	//    * /ssm/documents/console/public-sharing-permission: Enable or Disable
+	//    * For /ssm/documents/console/public-sharing-permission, enter Enable or
+	//    Disable.
 	//
-	//    * /ssm/managed-instance/activation-tier: standard or advanced
+	//    * For /ssm/managed-instance/activation-tier, enter standard or advanced.
 	//
-	//    * /ssm/opsinsights/opscenter: Enabled or Disabled
+	//    * For /ssm/opsinsights/opscenter, enter Enabled or Disabled.
 	//
-	//    * /ssm/parameter-store/default-parameter-tier: Standard, Advanced, Intelligent-Tiering
+	//    * For /ssm/parameter-store/default-parameter-tier, enter Standard, Advanced,
+	//    or Intelligent-Tiering
 	//
-	//    * /ssm/parameter-store/high-throughput-enabled: true or false
+	//    * For /ssm/parameter-store/high-throughput-enabled, enter true or false.
 	//
 	// SettingValue is a required field
 	SettingValue *string `min:"1" type:"string" required:"true"`
@@ -60387,6 +60476,9 @@ const (
 
 	// AutomationExecutionStatusCompletedWithFailure is a AutomationExecutionStatus enum value
 	AutomationExecutionStatusCompletedWithFailure = "CompletedWithFailure"
+
+	// AutomationExecutionStatusExited is a AutomationExecutionStatus enum value
+	AutomationExecutionStatusExited = "Exited"
 )
 
 // AutomationExecutionStatus_Values returns all elements of the AutomationExecutionStatus enum
@@ -60410,6 +60502,7 @@ func AutomationExecutionStatus_Values() []string {
 		AutomationExecutionStatusChangeCalendarOverrideRejected,
 		AutomationExecutionStatusCompletedWithSuccess,
 		AutomationExecutionStatusCompletedWithFailure,
+		AutomationExecutionStatusExited,
 	}
 }
 
@@ -62328,6 +62421,15 @@ const (
 
 	// StepExecutionFilterKeyAction is a StepExecutionFilterKey enum value
 	StepExecutionFilterKeyAction = "Action"
+
+	// StepExecutionFilterKeyParentStepExecutionId is a StepExecutionFilterKey enum value
+	StepExecutionFilterKeyParentStepExecutionId = "ParentStepExecutionId"
+
+	// StepExecutionFilterKeyParentStepIteration is a StepExecutionFilterKey enum value
+	StepExecutionFilterKeyParentStepIteration = "ParentStepIteration"
+
+	// StepExecutionFilterKeyParentStepIteratorValue is a StepExecutionFilterKey enum value
+	StepExecutionFilterKeyParentStepIteratorValue = "ParentStepIteratorValue"
 )
 
 // StepExecutionFilterKey_Values returns all elements of the StepExecutionFilterKey enum
@@ -62339,6 +62441,9 @@ func StepExecutionFilterKey_Values() []string {
 		StepExecutionFilterKeyStepExecutionId,
 		StepExecutionFilterKeyStepName,
 		StepExecutionFilterKeyAction,
+		StepExecutionFilterKeyParentStepExecutionId,
+		StepExecutionFilterKeyParentStepIteration,
+		StepExecutionFilterKeyParentStepIteratorValue,
 	}
 }
 

vendor/github.com/aws/aws-sdk-go/service/ssm/doc.go

@@ -15,7 +15,7 @@
 // Related resources
 //
 //   - For information about each of the capabilities that comprise Systems
-//     Manager, see Systems Manager capabilities (https://docs.aws.amazon.com/systems-manager-automation-runbooks/latest/userguide/systems-manager-capabilities.html)
+//     Manager, see Systems Manager capabilities (https://docs.aws.amazon.com/systems-manager/latest/userguide/what-is-systems-manager.html#systems-manager-capabilities)
 //     in the Amazon Web Services Systems Manager User Guide.
 //
 //   - For details about predefined runbooks for Automation, a capability of

vendor/github.com/digitalocean/godo/CHANGELOG.md

@@ -1,5 +1,9 @@
 # Change Log
 
+## [v1.106.0] - 2023-11-14
+
+- #654 - @dweinshenker - Remove unclean_leader_election_enable for topic configuration
+
 ## [v1.105.1] - 2023-11-07
 
 - #652 - @andrewsomething - Retry on HTTP/2 internal errors.

vendor/github.com/digitalocean/godo/databases.go

@@ -347,7 +347,6 @@ type TopicConfig struct {
 	SegmentIndexBytes               *uint64  `json:"segment_index_bytes,omitempty"`
 	SegmentJitterMS                 *uint64  `json:"segment_jitter_ms,omitempty"`
 	SegmentMS                       *uint64  `json:"segment_ms,omitempty"`
-	UncleanLeaderElectionEnable     *bool    `json:"unclean_leader_election_enable,omitempty"`
 }
 
 // DatabaseCreateTopicRequest is used to create a new topic within a kafka cluster

vendor/github.com/digitalocean/godo/godo.go

@@ -21,7 +21,7 @@ import (
 )
 
 const (
-	libraryVersion = "1.105.1"
+	libraryVersion = "1.106.0"
 	defaultBaseURL = "https://api.digitalocean.com/"
 	userAgent      = "godo/" + libraryVersion
 	mediaType      = "application/json"

vendor/golang.org/x/exp/slog/handler.go

@@ -8,6 +8,7 @@ import (
 	"context"
 	"fmt"
 	"io"
+	"reflect"
 	"strconv"
 	"sync"
 	"time"
@@ -504,6 +505,23 @@ func (s *handleState) appendString(str string) {
 }
 
 func (s *handleState) appendValue(v Value) {
+	defer func() {
+		if r := recover(); r != nil {
+			// If it panics with a nil pointer, the most likely cases are
+			// an encoding.TextMarshaler or error fails to guard against nil,
+			// in which case "<nil>" seems to be the feasible choice.
+			//
+			// Adapted from the code in fmt/print.go.
+			if v := reflect.ValueOf(v.any); v.Kind() == reflect.Pointer && v.IsNil() {
+				s.appendString("<nil>")
+				return
+			}
+
+			// Otherwise just print the original panic message.
+			s.appendString(fmt.Sprintf("!PANIC: %v", r))
+		}
+	}()
+
 	var err error
 	if s.h.json {
 		err = appendJSONValue(s, v)

vendor/google.golang.org/api/compute/v0.alpha/compute-api.json

@@ -11328,6 +11328,11 @@
               "required": true,
               "type": "string"
             },
+            "noGracefulShutdown": {
+              "description": "If true, skips Graceful Shutdown.",
+              "location": "query",
+              "type": "boolean"
+            },
             "project": {
               "description": "Project ID for this request.",
               "location": "path",
@@ -13385,6 +13390,11 @@
               "required": true,
               "type": "string"
             },
+            "noGracefulShutdown": {
+              "description": "If true, skips Graceful Shutdown.",
+              "location": "query",
+              "type": "boolean"
+            },
             "project": {
               "description": "Project ID for this request.",
               "location": "path",
@@ -43542,7 +43552,7 @@
       }
     }
   },
-  "revision": "20231024",
+  "revision": "20231031",
   "rootUrl": "https://compute.googleapis.com/",
   "schemas": {
     "AWSV4Signature": {
@@ -52704,7 +52714,7 @@
           "type": "string"
         },
         "allPorts": {
-          "description": "This field can only be used: - If IPProtocol is one of TCP, UDP, or SCTP. - By internal TCP/UDP load balancers, backend service-based network load balancers, and internal and external protocol forwarding. Set this field to true to allow packets addressed to any port or packets lacking destination port information (for example, UDP fragments after the first fragment) to be forwarded to the backends configured with this forwarding rule. The ports, port_range, and allPorts fields are mutually exclusive.",
+          "description": "The ports, portRange, and allPorts fields are mutually exclusive. Only packets addressed to ports in the specified range will be forwarded to the backends configured with this forwarding rule. The allPorts field has the following limitations: - It requires that the forwarding rule IPProtocol be TCP, UDP, SCTP, or L3_DEFAULT. - It's applicable only to the following products: internal passthrough Network Load Balancers, backend service-based external passthrough Network Load Balancers, and internal and external protocol forwarding. - Set this field to true to allow packets addressed to any port or packets lacking destination port information (for example, UDP fragments after the first fragment) to be forwarded to the backends configured with this forwarding rule. The L3_DEFAULT protocol requires allPorts be set to true. ",
           "type": "boolean"
         },
         "allowGlobalAccess": {
@@ -52843,11 +52853,11 @@
           "type": "boolean"
         },
         "portRange": {
-          "description": "This field can only be used: - If IPProtocol is one of TCP, UDP, or SCTP. - By backend service-based network load balancers, target pool-based network load balancers, internal proxy load balancers, external proxy load balancers, Traffic Director, external protocol forwarding, and Classic VPN. Some products have restrictions on what ports can be used. See port specifications for details. Only packets addressed to ports in the specified range will be forwarded to the backends configured with this forwarding rule. The ports, port_range, and allPorts fields are mutually exclusive. For external forwarding rules, two or more forwarding rules cannot use the same [IPAddress, IPProtocol] pair, and cannot have overlapping portRanges. For internal forwarding rules within the same VPC network, two or more forwarding rules cannot use the same [IPAddress, IPProtocol] pair, and cannot have overlapping portRanges. @pattern: \\\\d+(?:-\\\\d+)?",
+          "description": "The ports, portRange, and allPorts fields are mutually exclusive. Only packets addressed to ports in the specified range will be forwarded to the backends configured with this forwarding rule. The portRange field has the following limitations: - It requires that the forwarding rule IPProtocol be TCP, UDP, or SCTP, and - It's applicable only to the following products: external passthrough Network Load Balancers, internal and external proxy Network Load Balancers, internal and external Application Load Balancers, external protocol forwarding, and Classic VPN. - Some products have restrictions on what ports can be used. See port specifications for details. For external forwarding rules, two or more forwarding rules cannot use the same [IPAddress, IPProtocol] pair, and cannot have overlapping portRanges. For internal forwarding rules within the same VPC network, two or more forwarding rules cannot use the same [IPAddress, IPProtocol] pair, and cannot have overlapping portRanges. @pattern: \\\\d+(?:-\\\\d+)?",
           "type": "string"
         },
         "ports": {
-          "description": "This field can only be used: - If IPProtocol is one of TCP, UDP, or SCTP. - By internal TCP/UDP load balancers, backend service-based network load balancers, and internal protocol forwarding. You can specify a list of up to five ports by number, separated by commas. The ports can be contiguous or discontiguous. Only packets addressed to these ports will be forwarded to the backends configured with this forwarding rule. For external forwarding rules, two or more forwarding rules cannot use the same [IPAddress, IPProtocol] pair, and cannot share any values defined in ports. For internal forwarding rules within the same VPC network, two or more forwarding rules cannot use the same [IPAddress, IPProtocol] pair, and cannot share any values defined in ports. The ports, port_range, and allPorts fields are mutually exclusive. @pattern: \\\\d+(?:-\\\\d+)?",
+          "description": "The ports, portRange, and allPorts fields are mutually exclusive. Only packets addressed to ports in the specified range will be forwarded to the backends configured with this forwarding rule. The ports field has the following limitations: - It requires that the forwarding rule IPProtocol be TCP, UDP, or SCTP, and - It's applicable only to the following products: internal passthrough Network Load Balancers, backend service-based external passthrough Network Load Balancers, and internal protocol forwarding. - You can specify a list of up to five ports by number, separated by commas. The ports can be contiguous or discontiguous. For external forwarding rules, two or more forwarding rules cannot use the same [IPAddress, IPProtocol] pair if they share at least one port number. For internal forwarding rules within the same VPC network, two or more forwarding rules cannot use the same [IPAddress, IPProtocol] pair if they share at least one port number. @pattern: \\\\d+(?:-\\\\d+)?",
           "items": {
             "type": "string"
           },
@@ -58253,13 +58263,11 @@
           "description": "The unit of measure for the target size.",
           "enum": [
             "INSTANCE",
-            "VCPU",
+            "VCPU"
-            "VM"
           ],
           "enumDescriptions": [
             "[Default] TargetSize is the target number of instances.",
-            "TargetSize is the target count of vCPUs of VMs.",
+            "TargetSize is the target count of vCPUs of VMs."
-            "TargetSize is the target number of VMs. Deprecated in favor of 'INSTANCE'."
           ],
           "type": "string"
         },
@@ -58864,7 +58872,7 @@
         },
         "requestedRunDuration": {
           "$ref": "Duration",
-          "description": "Requested run duration for instances that will be created by this request. If specified, the instance termination action will be performed at the end of the run duration."
+          "description": "Requested run duration for instances that will be created by this request. At the end of the run duration instance will be deleted."
         },
         "resizeBy": {
           "description": "The number of instances to be created by this resize request. The group's target size will be increased by this number.",
@@ -74208,7 +74216,7 @@
           "type": "string"
         },
         "managedProtectionTier": {
-          "description": "[Output Only] The Cloud Armor Managed Protection (CAMP) tier for this project. It can be one of the following values: CA_STANDARD, CAMP_PLUS_MONTHLY. If this field is not specified, it is assumed to be CA_STANDARD.",
+          "description": "[Output Only] The Cloud Armor Managed Protection (CAMP) tier for this project. It can be one of the following values: CA_STANDARD, CAMP_PLUS_PAYGO. If this field is not specified, it is assumed to be CA_STANDARD.",
           "enum": [
             "CAMP_PLUS_ANNUAL",
             "CAMP_PLUS_PAYGO",
@@ -79675,6 +79683,13 @@
           },
           "description": "[Output Only] Represents the status of the service integration specs defined by the user in instance.serviceIntegrationSpecs.",
           "type": "object"
+        },
+        "shutdownDetails": {
+          "$ref": "ResourceStatusShutdownDetails",
+          "description": "[Output Only] Details about stopping state of instance"
+        },
+        "upcomingMaintenance": {
+          "$ref": "UpcomingMaintenance"
         }
       },
       "type": "object"
@@ -79697,7 +79712,6 @@
             "PREEMPTED",
             "SCHEDULED_STOP",
             "SHUTDOWN_DUE_TO_MAINTENANCE",
-            "UNSPECIFIED_TERMINATION_REASON",
             "USER_TERMINATED"
           ],
           "enumDescriptions": [
@@ -79713,7 +79727,6 @@
             "Terminated due to preemption",
             "Terminated due to scheduled stop",
             "Terminated due to maintenance",
-            "The termination reason is not specified",
             "Terminated by user"
           ],
           "type": "string"
@@ -79775,6 +79788,45 @@
       },
       "type": "object"
     },
+    "ResourceStatusShutdownDetails": {
+      "description": "Specifies if the instance is in `SHUTTING_DOWN` state or there is a instance stopping scheduled.",
+      "id": "ResourceStatusShutdownDetails",
+      "properties": {
+        "maxDuration": {
+          "$ref": "Duration",
+          "description": "Duration for graceful shutdown. Only applicable when `stop_state=SHUTTING_DOWN`."
+        },
+        "requestTimestamp": {
+          "description": "Past timestamp indicating the beginning of current `stopState` in RFC3339 text format.",
+          "type": "string"
+        },
+        "stopState": {
+          "description": "Current stopping state of the instance.",
+          "enum": [
+            "SHUTTING_DOWN",
+            "STOPPING"
+          ],
+          "enumDescriptions": [
+            "The instance is gracefully shutting down.",
+            "The instance is stopping."
+          ],
+          "type": "string"
+        },
+        "targetState": {
+          "description": "Target instance state.",
+          "enum": [
+            "DELETED",
+            "STOPPED"
+          ],
+          "enumDescriptions": [
+            "The instance will be deleted.",
+            "The instance will be stopped."
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
     "RolloutPolicy": {
       "description": "A rollout policy configuration.",
       "id": "RolloutPolicy",
@@ -82488,6 +82540,9 @@
           "format": "int64",
           "type": "string"
         },
+        "gracefulShutdown": {
+          "$ref": "SchedulingGracefulShutdown"
+        },
         "hostErrorTimeoutSeconds": {
           "description": "Specify the time in seconds for host error detection, the value must be within the range of [90, 330] with the increment of 30, if unset, the default behavior of host error recovery will be used.",
           "format": "int32",
@@ -82589,6 +82644,21 @@
       },
       "type": "object"
     },
+    "SchedulingGracefulShutdown": {
+      "description": "Configuration for gracefully shutting down the instance.",
+      "id": "SchedulingGracefulShutdown",
+      "properties": {
+        "enabled": {
+          "description": "Opts-in for graceful shutdown.",
+          "type": "boolean"
+        },
+        "maxDuration": {
+          "$ref": "Duration",
+          "description": "Specifies time needed to gracefully shut down the instance. After that time, the instance goes to STOPPING even if graceful shutdown is not completed."
+        }
+      },
+      "type": "object"
+    },
     "SchedulingNodeAffinity": {
       "description": "Node Affinity: the configuration of desired nodes onto which this Instance could be scheduled.",
       "id": "SchedulingNodeAffinity",

vendor/google.golang.org/api/compute/v0.alpha/compute-gen.go

@@ -14824,14 +14824,19 @@ type ForwardingRule struct {
 	//   "UDP"
 	IPProtocol string `json:"IPProtocol,omitempty"`
 
-	// AllPorts: This field can only be used: - If IPProtocol is one of TCP,
+	// AllPorts: The ports, portRange, and allPorts fields are mutually
-	// UDP, or SCTP. - By internal TCP/UDP load balancers, backend
+	// exclusive. Only packets addressed to ports in the specified range
-	// service-based network load balancers, and internal and external
+	// will be forwarded to the backends configured with this forwarding
-	// protocol forwarding. Set this field to true to allow packets
+	// rule. The allPorts field has the following limitations: - It requires
+	// that the forwarding rule IPProtocol be TCP, UDP, SCTP, or L3_DEFAULT.
+	// - It's applicable only to the following products: internal
+	// passthrough Network Load Balancers, backend service-based external
+	// passthrough Network Load Balancers, and internal and external
+	// protocol forwarding. - Set this field to true to allow packets
 	// addressed to any port or packets lacking destination port information
 	// (for example, UDP fragments after the first fragment) to be forwarded
-	// to the backends configured with this forwarding rule. The ports,
+	// to the backends configured with this forwarding rule. The L3_DEFAULT
-	// port_range, and allPorts fields are mutually exclusive.
+	// protocol requires allPorts be set to true.
 	AllPorts bool `json:"allPorts,omitempty"`
 
 	// AllowGlobalAccess: This field is used along with the backend_service
@@ -15017,37 +15022,39 @@ type ForwardingRule struct {
 	// is not mutable.
 	NoAutomateDnsZone bool `json:"noAutomateDnsZone,omitempty"`
 
-	// PortRange: This field can only be used: - If IPProtocol is one of
+	// PortRange: The ports, portRange, and allPorts fields are mutually
-	// TCP, UDP, or SCTP. - By backend service-based network load balancers,
+	// exclusive. Only packets addressed to ports in the specified range
-	// target pool-based network load balancers, internal proxy load
+	// will be forwarded to the backends configured with this forwarding
-	// balancers, external proxy load balancers, Traffic Director, external
+	// rule. The portRange field has the following limitations: - It
-	// protocol forwarding, and Classic VPN. Some products have restrictions
+	// requires that the forwarding rule IPProtocol be TCP, UDP, or SCTP,
-	// on what ports can be used. See port specifications for details. Only
+	// and - It's applicable only to the following products: external
-	// packets addressed to ports in the specified range will be forwarded
+	// passthrough Network Load Balancers, internal and external proxy
-	// to the backends configured with this forwarding rule. The ports,
+	// Network Load Balancers, internal and external Application Load
-	// port_range, and allPorts fields are mutually exclusive. For external
+	// Balancers, external protocol forwarding, and Classic VPN. - Some
-	// forwarding rules, two or more forwarding rules cannot use the same
+	// products have restrictions on what ports can be used. See port
-	// [IPAddress, IPProtocol] pair, and cannot have overlapping portRanges.
+	// specifications for details. For external forwarding rules, two or
-	// For internal forwarding rules within the same VPC network, two or
 	// more forwarding rules cannot use the same [IPAddress, IPProtocol]
-	// pair, and cannot have overlapping portRanges. @pattern:
+	// pair, and cannot have overlapping portRanges. For internal forwarding
-	// \\d+(?:-\\d+)?
+	// rules within the same VPC network, two or more forwarding rules
+	// cannot use the same [IPAddress, IPProtocol] pair, and cannot have
+	// overlapping portRanges. @pattern: \\d+(?:-\\d+)?
 	PortRange string `json:"portRange,omitempty"`
 
-	// Ports: This field can only be used: - If IPProtocol is one of TCP,
+	// Ports: The ports, portRange, and allPorts fields are mutually
-	// UDP, or SCTP. - By internal TCP/UDP load balancers, backend
+	// exclusive. Only packets addressed to ports in the specified range
-	// service-based network load balancers, and internal protocol
+	// will be forwarded to the backends configured with this forwarding
-	// forwarding. You can specify a list of up to five ports by number,
+	// rule. The ports field has the following limitations: - It requires
-	// separated by commas. The ports can be contiguous or discontiguous.
+	// that the forwarding rule IPProtocol be TCP, UDP, or SCTP, and - It's
-	// Only packets addressed to these ports will be forwarded to the
+	// applicable only to the following products: internal passthrough
-	// backends configured with this forwarding rule. For external
+	// Network Load Balancers, backend service-based external passthrough
-	// forwarding rules, two or more forwarding rules cannot use the same
+	// Network Load Balancers, and internal protocol forwarding. - You can
-	// [IPAddress, IPProtocol] pair, and cannot share any values defined in
+	// specify a list of up to five ports by number, separated by commas.
-	// ports. For internal forwarding rules within the same VPC network, two
+	// The ports can be contiguous or discontiguous. For external forwarding
-	// or more forwarding rules cannot use the same [IPAddress, IPProtocol]
+	// rules, two or more forwarding rules cannot use the same [IPAddress,
-	// pair, and cannot share any values defined in ports. The ports,
+	// IPProtocol] pair if they share at least one port number. For internal
-	// port_range, and allPorts fields are mutually exclusive. @pattern:
+	// forwarding rules within the same VPC network, two or more forwarding
-	// \\d+(?:-\\d+)?
+	// rules cannot use the same [IPAddress, IPProtocol] pair if they share
+	// at least one port number. @pattern: \\d+(?:-\\d+)?
 	Ports []string `json:"ports,omitempty"`
 
 	// PscConnectionId: [Output Only] The PSC connection id of the PSC
@@ -22643,8 +22650,6 @@ type InstanceGroupManager struct {
 	//   "INSTANCE" - [Default] TargetSize is the target number of
 	// instances.
 	//   "VCPU" - TargetSize is the target count of vCPUs of VMs.
-	//   "VM" - TargetSize is the target number of VMs. Deprecated in favor
-	// of 'INSTANCE'.
 	TargetSizeUnit string `json:"targetSizeUnit,omitempty"`
 
 	// TargetStoppedSize: The target number of stopped instances for this
@@ -23535,8 +23540,8 @@ type InstanceGroupManagerResizeRequest struct {
 	QueuingPolicy *QueuingPolicy `json:"queuingPolicy,omitempty"`
 
 	// RequestedRunDuration: Requested run duration for instances that will
-	// be created by this request. If specified, the instance termination
+	// be created by this request. At the end of the run duration instance
-	// action will be performed at the end of the run duration.
+	// will be deleted.
 	RequestedRunDuration *Duration `json:"requestedRunDuration,omitempty"`
 
 	// ResizeBy: The number of instances to be created by this resize
@@ -45084,8 +45089,8 @@ type Project struct {
 
 	// ManagedProtectionTier: [Output Only] The Cloud Armor Managed
 	// Protection (CAMP) tier for this project. It can be one of the
-	// following values: CA_STANDARD, CAMP_PLUS_MONTHLY. If this field is
+	// following values: CA_STANDARD, CAMP_PLUS_PAYGO. If this field is not
-	// not specified, it is assumed to be CA_STANDARD.
+	// specified, it is assumed to be CA_STANDARD.
 	//
 	// Possible values:
 	//   "CAMP_PLUS_ANNUAL" - Plus tier protection annual.
@@ -52595,6 +52600,12 @@ type ResourceStatus struct {
 	// instance.serviceIntegrationSpecs.
 	ServiceIntegrationStatuses map[string]ResourceStatusServiceIntegrationStatus `json:"serviceIntegrationStatuses,omitempty"`
 
+	// ShutdownDetails: [Output Only] Details about stopping state of
+	// instance
+	ShutdownDetails *ResourceStatusShutdownDetails `json:"shutdownDetails,omitempty"`
+
+	UpcomingMaintenance *UpcomingMaintenance `json:"upcomingMaintenance,omitempty"`
+
 	// ForceSendFields is a list of field names (e.g.
 	// "LastInstanceTerminationDetails") to unconditionally include in API
 	// requests. By default, fields with empty or default values are omitted
@@ -52638,8 +52649,6 @@ type ResourceStatusLastInstanceTerminationDetails struct {
 	//   "PREEMPTED" - Terminated due to preemption
 	//   "SCHEDULED_STOP" - Terminated due to scheduled stop
 	//   "SHUTDOWN_DUE_TO_MAINTENANCE" - Terminated due to maintenance
-	//   "UNSPECIFIED_TERMINATION_REASON" - The termination reason is not
-	// specified
 	//   "USER_TERMINATED" - Terminated by user
 	TerminationReason string `json:"terminationReason,omitempty"`
 
@@ -52785,6 +52794,54 @@ func (s *ResourceStatusServiceIntegrationStatusBackupDRStatus) MarshalJSON() ([]
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }
 
+// ResourceStatusShutdownDetails: Specifies if the instance is in
+// `SHUTTING_DOWN` state or there is a instance stopping scheduled.
+type ResourceStatusShutdownDetails struct {
+	// MaxDuration: Duration for graceful shutdown. Only applicable when
+	// `stop_state=SHUTTING_DOWN`.
+	MaxDuration *Duration `json:"maxDuration,omitempty"`
+
+	// RequestTimestamp: Past timestamp indicating the beginning of current
+	// `stopState` in RFC3339 text format.
+	RequestTimestamp string `json:"requestTimestamp,omitempty"`
+
+	// StopState: Current stopping state of the instance.
+	//
+	// Possible values:
+	//   "SHUTTING_DOWN" - The instance is gracefully shutting down.
+	//   "STOPPING" - The instance is stopping.
+	StopState string `json:"stopState,omitempty"`
+
+	// TargetState: Target instance state.
+	//
+	// Possible values:
+	//   "DELETED" - The instance will be deleted.
+	//   "STOPPED" - The instance will be stopped.
+	TargetState string `json:"targetState,omitempty"`
+
+	// ForceSendFields is a list of field names (e.g. "MaxDuration") to
+	// unconditionally include in API requests. By default, fields with
+	// empty or default values are omitted from API requests. However, any
+	// non-pointer, non-interface field appearing in ForceSendFields will be
+	// sent to the server regardless of whether the field is empty or not.
+	// This may be used to include empty fields in Patch requests.
+	ForceSendFields []string `json:"-"`
+
+	// NullFields is a list of field names (e.g. "MaxDuration") to include
+	// in API requests with the JSON null value. By default, fields with
+	// empty values are omitted from API requests. However, any field with
+	// an empty value appearing in NullFields will be sent to the server as
+	// null. It is an error if a field in this list has a non-empty value.
+	// This may be used to include null fields in Patch requests.
+	NullFields []string `json:"-"`
+}
+
+func (s *ResourceStatusShutdownDetails) MarshalJSON() ([]byte, error) {
+	type NoMethod ResourceStatusShutdownDetails
+	raw := NoMethod(*s)
+	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
+}
+
 // RolloutPolicy: A rollout policy configuration.
 type RolloutPolicy struct {
 	// DefaultRolloutTime: An optional RFC3339 timestamp on or after which
@@ -56175,6 +56232,8 @@ type Scheduling struct {
 	// or unset means default amount of memory of the current machine type.
 	CurrentMemoryMb int64 `json:"currentMemoryMb,omitempty,string"`
 
+	GracefulShutdown *SchedulingGracefulShutdown `json:"gracefulShutdown,omitempty"`
+
 	// HostErrorTimeoutSeconds: Specify the time in seconds for host error
 	// detection, the value must be within the range of [90, 330] with the
 	// increment of 30, if unset, the default behavior of host error
@@ -56307,6 +56366,40 @@ func (s *Scheduling) MarshalJSON() ([]byte, error) {
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }
 
+// SchedulingGracefulShutdown: Configuration for gracefully shutting
+// down the instance.
+type SchedulingGracefulShutdown struct {
+	// Enabled: Opts-in for graceful shutdown.
+	Enabled bool `json:"enabled,omitempty"`
+
+	// MaxDuration: Specifies time needed to gracefully shut down the
+	// instance. After that time, the instance goes to STOPPING even if
+	// graceful shutdown is not completed.
+	MaxDuration *Duration `json:"maxDuration,omitempty"`
+
+	// ForceSendFields is a list of field names (e.g. "Enabled") to
+	// unconditionally include in API requests. By default, fields with
+	// empty or default values are omitted from API requests. However, any
+	// non-pointer, non-interface field appearing in ForceSendFields will be
+	// sent to the server regardless of whether the field is empty or not.
+	// This may be used to include empty fields in Patch requests.
+	ForceSendFields []string `json:"-"`
+
+	// NullFields is a list of field names (e.g. "Enabled") to include in
+	// API requests with the JSON null value. By default, fields with empty
+	// values are omitted from API requests. However, any field with an
+	// empty value appearing in NullFields will be sent to the server as
+	// null. It is an error if a field in this list has a non-empty value.
+	// This may be used to include null fields in Patch requests.
+	NullFields []string `json:"-"`
+}
+
+func (s *SchedulingGracefulShutdown) MarshalJSON() ([]byte, error) {
+	type NoMethod SchedulingGracefulShutdown
+	raw := NoMethod(*s)
+	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
+}
+
 // SchedulingNodeAffinity: Node Affinity: the configuration of desired
 // nodes onto which this Instance could be scheduled.
 type SchedulingNodeAffinity struct {
@@ -124094,6 +124187,13 @@ func (r *InstancesService) Delete(project string, zone string, instance string)
 	return c
 }
 
+// NoGracefulShutdown sets the optional parameter "noGracefulShutdown":
+// If true, skips Graceful Shutdown.
+func (c *InstancesDeleteCall) NoGracefulShutdown(noGracefulShutdown bool) *InstancesDeleteCall {
+	c.urlParams_.Set("noGracefulShutdown", fmt.Sprint(noGracefulShutdown))
+	return c
+}
+
 // RequestId sets the optional parameter "requestId": An optional
 // request ID to identify requests. Specify a unique request ID so that
 // if you must retry your request, the server will know to ignore the
@@ -124215,6 +124315,11 @@ func (c *InstancesDeleteCall) Do(opts ...googleapi.CallOption) (*Operation, erro
 	//       "required": true,
 	//       "type": "string"
 	//     },
+	//     "noGracefulShutdown": {
+	//       "description": "If true, skips Graceful Shutdown.",
+	//       "location": "query",
+	//       "type": "boolean"
+	//     },
 	//     "project": {
 	//       "description": "Project ID for this request.",
 	//       "location": "path",
@@ -131842,6 +131947,13 @@ func (c *InstancesStopCall) DiscardLocalSsd(discardLocalSsd bool) *InstancesStop
 	return c
 }
 
+// NoGracefulShutdown sets the optional parameter "noGracefulShutdown":
+// If true, skips Graceful Shutdown.
+func (c *InstancesStopCall) NoGracefulShutdown(noGracefulShutdown bool) *InstancesStopCall {
+	c.urlParams_.Set("noGracefulShutdown", fmt.Sprint(noGracefulShutdown))
+	return c
+}
+
 // RequestId sets the optional parameter "requestId": An optional
 // request ID to identify requests. Specify a unique request ID so that
 // if you must retry your request, the server will know to ignore the
@@ -131968,6 +132080,11 @@ func (c *InstancesStopCall) Do(opts ...googleapi.CallOption) (*Operation, error)
 	//       "required": true,
 	//       "type": "string"
 	//     },
+	//     "noGracefulShutdown": {
+	//       "description": "If true, skips Graceful Shutdown.",
+	//       "location": "query",
+	//       "type": "boolean"
+	//     },
 	//     "project": {
 	//       "description": "Project ID for this request.",
 	//       "location": "path",

vendor/google.golang.org/api/compute/v0.beta/compute-api.json

@@ -40215,7 +40215,7 @@
       }
     }
   },
-  "revision": "20231024",
+  "revision": "20231110",
   "rootUrl": "https://compute.googleapis.com/",
   "schemas": {
     "AWSV4Signature": {
@@ -48845,7 +48845,7 @@
           "type": "string"
         },
         "allPorts": {
-          "description": "This field can only be used: - If IPProtocol is one of TCP, UDP, or SCTP. - By internal TCP/UDP load balancers, backend service-based network load balancers, and internal and external protocol forwarding. Set this field to true to allow packets addressed to any port or packets lacking destination port information (for example, UDP fragments after the first fragment) to be forwarded to the backends configured with this forwarding rule. The ports, port_range, and allPorts fields are mutually exclusive.",
+          "description": "The ports, portRange, and allPorts fields are mutually exclusive. Only packets addressed to ports in the specified range will be forwarded to the backends configured with this forwarding rule. The allPorts field has the following limitations: - It requires that the forwarding rule IPProtocol be TCP, UDP, SCTP, or L3_DEFAULT. - It's applicable only to the following products: internal passthrough Network Load Balancers, backend service-based external passthrough Network Load Balancers, and internal and external protocol forwarding. - Set this field to true to allow packets addressed to any port or packets lacking destination port information (for example, UDP fragments after the first fragment) to be forwarded to the backends configured with this forwarding rule. The L3_DEFAULT protocol requires allPorts be set to true. ",
           "type": "boolean"
         },
         "allowGlobalAccess": {
@@ -48978,11 +48978,11 @@
           "type": "boolean"
         },
         "portRange": {
-          "description": "This field can only be used: - If IPProtocol is one of TCP, UDP, or SCTP. - By backend service-based network load balancers, target pool-based network load balancers, internal proxy load balancers, external proxy load balancers, Traffic Director, external protocol forwarding, and Classic VPN. Some products have restrictions on what ports can be used. See port specifications for details. Only packets addressed to ports in the specified range will be forwarded to the backends configured with this forwarding rule. The ports, port_range, and allPorts fields are mutually exclusive. For external forwarding rules, two or more forwarding rules cannot use the same [IPAddress, IPProtocol] pair, and cannot have overlapping portRanges. For internal forwarding rules within the same VPC network, two or more forwarding rules cannot use the same [IPAddress, IPProtocol] pair, and cannot have overlapping portRanges. @pattern: \\\\d+(?:-\\\\d+)?",
+          "description": "The ports, portRange, and allPorts fields are mutually exclusive. Only packets addressed to ports in the specified range will be forwarded to the backends configured with this forwarding rule. The portRange field has the following limitations: - It requires that the forwarding rule IPProtocol be TCP, UDP, or SCTP, and - It's applicable only to the following products: external passthrough Network Load Balancers, internal and external proxy Network Load Balancers, internal and external Application Load Balancers, external protocol forwarding, and Classic VPN. - Some products have restrictions on what ports can be used. See port specifications for details. For external forwarding rules, two or more forwarding rules cannot use the same [IPAddress, IPProtocol] pair, and cannot have overlapping portRanges. For internal forwarding rules within the same VPC network, two or more forwarding rules cannot use the same [IPAddress, IPProtocol] pair, and cannot have overlapping portRanges. @pattern: \\\\d+(?:-\\\\d+)?",
           "type": "string"
         },
         "ports": {
-          "description": "This field can only be used: - If IPProtocol is one of TCP, UDP, or SCTP. - By internal TCP/UDP load balancers, backend service-based network load balancers, and internal protocol forwarding. You can specify a list of up to five ports by number, separated by commas. The ports can be contiguous or discontiguous. Only packets addressed to these ports will be forwarded to the backends configured with this forwarding rule. For external forwarding rules, two or more forwarding rules cannot use the same [IPAddress, IPProtocol] pair, and cannot share any values defined in ports. For internal forwarding rules within the same VPC network, two or more forwarding rules cannot use the same [IPAddress, IPProtocol] pair, and cannot share any values defined in ports. The ports, port_range, and allPorts fields are mutually exclusive. @pattern: \\\\d+(?:-\\\\d+)?",
+          "description": "The ports, portRange, and allPorts fields are mutually exclusive. Only packets addressed to ports in the specified range will be forwarded to the backends configured with this forwarding rule. The ports field has the following limitations: - It requires that the forwarding rule IPProtocol be TCP, UDP, or SCTP, and - It's applicable only to the following products: internal passthrough Network Load Balancers, backend service-based external passthrough Network Load Balancers, and internal protocol forwarding. - You can specify a list of up to five ports by number, separated by commas. The ports can be contiguous or discontiguous. For external forwarding rules, two or more forwarding rules cannot use the same [IPAddress, IPProtocol] pair if they share at least one port number. For internal forwarding rules within the same VPC network, two or more forwarding rules cannot use the same [IPAddress, IPProtocol] pair if they share at least one port number. @pattern: \\\\d+(?:-\\\\d+)?",
           "items": {
             "type": "string"
           },
@@ -54470,6 +54470,10 @@
           "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
           "type": "string"
         },
+        "requestedRunDuration": {
+          "$ref": "Duration",
+          "description": "Requested run duration for instances that will be created by this request. At the end of the run duration instance will be deleted."
+        },
         "resizeBy": {
           "description": "The number of instances to be created by this resize request. The group's target size will be increased by this number.",
           "format": "int32",
@@ -61591,6 +61595,10 @@
           "$ref": "PreservedState",
           "description": "[Output Only] Preserved state generated based on stateful policy for this instance."
         },
+        "propertiesFromFlexibilityPolicy": {
+          "$ref": "ManagedInstancePropertiesFromFlexibilityPolicy",
+          "description": "[Output Only] Instance properties selected for this instance resulting from InstanceFlexibilityPolicy."
+        },
         "version": {
           "$ref": "ManagedInstanceVersion",
           "description": "[Output Only] Intended version of this instance."
@@ -61700,6 +61708,16 @@
       },
       "type": "object"
     },
+    "ManagedInstancePropertiesFromFlexibilityPolicy": {
+      "id": "ManagedInstancePropertiesFromFlexibilityPolicy",
+      "properties": {
+        "machineType": {
+          "description": "The machine type to be used for this instance.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
     "ManagedInstanceVersion": {
       "id": "ManagedInstanceVersion",
       "properties": {
@@ -68433,7 +68451,7 @@
           "type": "string"
         },
         "managedProtectionTier": {
-          "description": "[Output Only] The Cloud Armor Managed Protection (CAMP) tier for this project. It can be one of the following values: CA_STANDARD, CAMP_PLUS_MONTHLY. If this field is not specified, it is assumed to be CA_STANDARD.",
+          "description": "[Output Only] The Cloud Armor Managed Protection (CAMP) tier for this project. It can be one of the following values: CA_STANDARD, CAMP_PLUS_PAYGO. If this field is not specified, it is assumed to be CA_STANDARD.",
           "enum": [
             "CAMP_PLUS_ANNUAL",
             "CAMP_PLUS_PAYGO",
@@ -73027,6 +73045,9 @@
         },
         "scheduling": {
           "$ref": "ResourceStatusScheduling"
+        },
+        "upcomingMaintenance": {
+          "$ref": "UpcomingMaintenance"
         }
       },
       "type": "object"
@@ -73823,6 +73844,10 @@
           "format": "uint32",
           "type": "integer"
         },
+        "identifierRange": {
+          "description": "Explicitly specifies a range of valid BGP Identifiers for this Router. It is provided as a link-local IPv4 range (from 169.254.0.0/16), of size at least /30, even if the BGP sessions are over IPv6. It must not overlap with any IPv4 BGP session ranges. Other vendors commonly call this \"router ID\".",
+          "type": "string"
+        },
         "keepaliveInterval": {
           "description": "The interval in seconds between BGP keepalive messages that are sent to the peer. Hold time is three times the interval at which keepalive messages are sent, and the hold time is the maximum number of seconds allowed to elapse between successive keepalive messages that BGP receives from a peer. BGP will use the smaller of either the local hold time value or the peer's hold time value as the hold time for the BGP connection between the two peers. If set, this value must be between 20 and 60. The default is 20.",
           "format": "uint32",
@@ -73899,6 +73924,10 @@
           ],
           "type": "string"
         },
+        "enableIpv4": {
+          "description": "Enable IPv4 traffic over BGP Peer. It is enabled by default if the peerIpAddress is version 4.",
+          "type": "boolean"
+        },
         "enableIpv6": {
           "description": "Enable IPv6 traffic over BGP Peer. If not specified, it is disabled by default.",
           "type": "boolean"
@@ -73911,6 +73940,10 @@
           "description": "IP address of the interface inside Google Cloud Platform. Only IPv4 is supported.",
           "type": "string"
         },
+        "ipv4NexthopAddress": {
+          "description": "IPv4 address of the interface inside Google Cloud Platform.",
+          "type": "string"
+        },
         "ipv6NexthopAddress": {
           "description": "IPv6 address of the interface inside Google Cloud Platform.",
           "type": "string"
@@ -73955,6 +73988,10 @@
           "description": "IP address of the BGP interface outside Google Cloud Platform. Only IPv4 is supported.",
           "type": "string"
         },
+        "peerIpv4NexthopAddress": {
+          "description": "IPv4 address of the BGP interface outside Google Cloud Platform.",
+          "type": "string"
+        },
         "peerIpv6NexthopAddress": {
           "description": "IPv6 address of the BGP interface outside Google Cloud Platform.",
           "type": "string"
@@ -74018,6 +74055,18 @@
           "description": "IP address and range of the interface. The IP range must be in the RFC3927 link-local IP address space. The value must be a CIDR-formatted string, for example: 169.254.0.1/30. NOTE: Do not truncate the address as it represents the IP address of the interface.",
           "type": "string"
         },
+        "ipVersion": {
+          "description": "IP version of this interface.",
+          "enum": [
+            "IPV4",
+            "IPV6"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
         "linkedInterconnectAttachment": {
           "description": "URI of the linked Interconnect attachment. It must be in the same region as the router. Each interface can have one linked resource, which can be a VPN tunnel, an Interconnect attachment, or a subnetwork.",
           "type": "string"

vendor/google.golang.org/api/compute/v0.beta/compute-gen.go

@@ -13993,14 +13993,19 @@ type ForwardingRule struct {
 	//   "UDP"
 	IPProtocol string `json:"IPProtocol,omitempty"`
 
-	// AllPorts: This field can only be used: - If IPProtocol is one of TCP,
+	// AllPorts: The ports, portRange, and allPorts fields are mutually
-	// UDP, or SCTP. - By internal TCP/UDP load balancers, backend
+	// exclusive. Only packets addressed to ports in the specified range
-	// service-based network load balancers, and internal and external
+	// will be forwarded to the backends configured with this forwarding
-	// protocol forwarding. Set this field to true to allow packets
+	// rule. The allPorts field has the following limitations: - It requires
+	// that the forwarding rule IPProtocol be TCP, UDP, SCTP, or L3_DEFAULT.
+	// - It's applicable only to the following products: internal
+	// passthrough Network Load Balancers, backend service-based external
+	// passthrough Network Load Balancers, and internal and external
+	// protocol forwarding. - Set this field to true to allow packets
 	// addressed to any port or packets lacking destination port information
 	// (for example, UDP fragments after the first fragment) to be forwarded
-	// to the backends configured with this forwarding rule. The ports,
+	// to the backends configured with this forwarding rule. The L3_DEFAULT
-	// port_range, and allPorts fields are mutually exclusive.
+	// protocol requires allPorts be set to true.
 	AllPorts bool `json:"allPorts,omitempty"`
 
 	// AllowGlobalAccess: This field is used along with the backend_service
@@ -14174,37 +14179,39 @@ type ForwardingRule struct {
 	// is not mutable.
 	NoAutomateDnsZone bool `json:"noAutomateDnsZone,omitempty"`
 
-	// PortRange: This field can only be used: - If IPProtocol is one of
+	// PortRange: The ports, portRange, and allPorts fields are mutually
-	// TCP, UDP, or SCTP. - By backend service-based network load balancers,
+	// exclusive. Only packets addressed to ports in the specified range
-	// target pool-based network load balancers, internal proxy load
+	// will be forwarded to the backends configured with this forwarding
-	// balancers, external proxy load balancers, Traffic Director, external
+	// rule. The portRange field has the following limitations: - It
-	// protocol forwarding, and Classic VPN. Some products have restrictions
+	// requires that the forwarding rule IPProtocol be TCP, UDP, or SCTP,
-	// on what ports can be used. See port specifications for details. Only
+	// and - It's applicable only to the following products: external
-	// packets addressed to ports in the specified range will be forwarded
+	// passthrough Network Load Balancers, internal and external proxy
-	// to the backends configured with this forwarding rule. The ports,
+	// Network Load Balancers, internal and external Application Load
-	// port_range, and allPorts fields are mutually exclusive. For external
+	// Balancers, external protocol forwarding, and Classic VPN. - Some
-	// forwarding rules, two or more forwarding rules cannot use the same
+	// products have restrictions on what ports can be used. See port
-	// [IPAddress, IPProtocol] pair, and cannot have overlapping portRanges.
+	// specifications for details. For external forwarding rules, two or
-	// For internal forwarding rules within the same VPC network, two or
 	// more forwarding rules cannot use the same [IPAddress, IPProtocol]
-	// pair, and cannot have overlapping portRanges. @pattern:
+	// pair, and cannot have overlapping portRanges. For internal forwarding
-	// \\d+(?:-\\d+)?
+	// rules within the same VPC network, two or more forwarding rules
+	// cannot use the same [IPAddress, IPProtocol] pair, and cannot have
+	// overlapping portRanges. @pattern: \\d+(?:-\\d+)?
 	PortRange string `json:"portRange,omitempty"`
 
-	// Ports: This field can only be used: - If IPProtocol is one of TCP,
+	// Ports: The ports, portRange, and allPorts fields are mutually
-	// UDP, or SCTP. - By internal TCP/UDP load balancers, backend
+	// exclusive. Only packets addressed to ports in the specified range
-	// service-based network load balancers, and internal protocol
+	// will be forwarded to the backends configured with this forwarding
-	// forwarding. You can specify a list of up to five ports by number,
+	// rule. The ports field has the following limitations: - It requires
-	// separated by commas. The ports can be contiguous or discontiguous.
+	// that the forwarding rule IPProtocol be TCP, UDP, or SCTP, and - It's
-	// Only packets addressed to these ports will be forwarded to the
+	// applicable only to the following products: internal passthrough
-	// backends configured with this forwarding rule. For external
+	// Network Load Balancers, backend service-based external passthrough
-	// forwarding rules, two or more forwarding rules cannot use the same
+	// Network Load Balancers, and internal protocol forwarding. - You can
-	// [IPAddress, IPProtocol] pair, and cannot share any values defined in
+	// specify a list of up to five ports by number, separated by commas.
-	// ports. For internal forwarding rules within the same VPC network, two
+	// The ports can be contiguous or discontiguous. For external forwarding
-	// or more forwarding rules cannot use the same [IPAddress, IPProtocol]
+	// rules, two or more forwarding rules cannot use the same [IPAddress,
-	// pair, and cannot share any values defined in ports. The ports,
+	// IPProtocol] pair if they share at least one port number. For internal
-	// port_range, and allPorts fields are mutually exclusive. @pattern:
+	// forwarding rules within the same VPC network, two or more forwarding
-	// \\d+(?:-\\d+)?
+	// rules cannot use the same [IPAddress, IPProtocol] pair if they share
+	// at least one port number. @pattern: \\d+(?:-\\d+)?
 	Ports []string `json:"ports,omitempty"`
 
 	// PscConnectionId: [Output Only] The PSC connection id of the PSC
@@ -22001,6 +22008,11 @@ type InstanceGroupManagerResizeRequest struct {
 	// characters long, and comply with RFC1035.
 	Name string `json:"name,omitempty"`
 
+	// RequestedRunDuration: Requested run duration for instances that will
+	// be created by this request. At the end of the run duration instance
+	// will be deleted.
+	RequestedRunDuration *Duration `json:"requestedRunDuration,omitempty"`
+
 	// ResizeBy: The number of instances to be created by this resize
 	// request. The group's target size will be increased by this number.
 	ResizeBy int64 `json:"resizeBy,omitempty"`
@@ -32264,6 +32276,10 @@ type ManagedInstance struct {
 	// based on stateful policy for this instance.
 	PreservedStateFromPolicy *PreservedState `json:"preservedStateFromPolicy,omitempty"`
 
+	// PropertiesFromFlexibilityPolicy: [Output Only] Instance properties
+	// selected for this instance resulting from InstanceFlexibilityPolicy.
+	PropertiesFromFlexibilityPolicy *ManagedInstancePropertiesFromFlexibilityPolicy `json:"propertiesFromFlexibilityPolicy,omitempty"`
+
 	// Version: [Output Only] Intended version of this instance.
 	Version *ManagedInstanceVersion `json:"version,omitempty"`
 
@@ -32525,6 +32541,33 @@ func (s *ManagedInstanceLastAttemptErrorsErrorsErrorDetails) MarshalJSON() ([]by
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }
 
+type ManagedInstancePropertiesFromFlexibilityPolicy struct {
+	// MachineType: The machine type to be used for this instance.
+	MachineType string `json:"machineType,omitempty"`
+
+	// ForceSendFields is a list of field names (e.g. "MachineType") to
+	// unconditionally include in API requests. By default, fields with
+	// empty or default values are omitted from API requests. However, any
+	// non-pointer, non-interface field appearing in ForceSendFields will be
+	// sent to the server regardless of whether the field is empty or not.
+	// This may be used to include empty fields in Patch requests.
+	ForceSendFields []string `json:"-"`
+
+	// NullFields is a list of field names (e.g. "MachineType") to include
+	// in API requests with the JSON null value. By default, fields with
+	// empty values are omitted from API requests. However, any field with
+	// an empty value appearing in NullFields will be sent to the server as
+	// null. It is an error if a field in this list has a non-empty value.
+	// This may be used to include null fields in Patch requests.
+	NullFields []string `json:"-"`
+}
+
+func (s *ManagedInstancePropertiesFromFlexibilityPolicy) MarshalJSON() ([]byte, error) {
+	type NoMethod ManagedInstancePropertiesFromFlexibilityPolicy
+	raw := NoMethod(*s)
+	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
+}
+
 type ManagedInstanceVersion struct {
 	// InstanceTemplate: [Output Only] The intended template of the
 	// instance. This field is empty when current_action is one of {
@@ -41815,8 +41858,8 @@ type Project struct {
 
 	// ManagedProtectionTier: [Output Only] The Cloud Armor Managed
 	// Protection (CAMP) tier for this project. It can be one of the
-	// following values: CA_STANDARD, CAMP_PLUS_MONTHLY. If this field is
+	// following values: CA_STANDARD, CAMP_PLUS_PAYGO. If this field is not
-	// not specified, it is assumed to be CA_STANDARD.
+	// specified, it is assumed to be CA_STANDARD.
 	//
 	// Possible values:
 	//   "CAMP_PLUS_ANNUAL" - Plus tier protection annual.
@@ -48144,6 +48187,8 @@ type ResourceStatus struct {
 
 	Scheduling *ResourceStatusScheduling `json:"scheduling,omitempty"`
 
+	UpcomingMaintenance *UpcomingMaintenance `json:"upcomingMaintenance,omitempty"`
+
 	// ForceSendFields is a list of field names (e.g. "PhysicalHost") to
 	// unconditionally include in API requests. By default, fields with
 	// empty or default values are omitted from API requests. However, any
@@ -49128,6 +49173,13 @@ type RouterBgp struct {
 	// have the same local ASN.
 	Asn int64 `json:"asn,omitempty"`
 
+	// IdentifierRange: Explicitly specifies a range of valid BGP
+	// Identifiers for this Router. It is provided as a link-local IPv4
+	// range (from 169.254.0.0/16), of size at least /30, even if the BGP
+	// sessions are over IPv6. It must not overlap with any IPv4 BGP session
+	// ranges. Other vendors commonly call this "router ID".
+	IdentifierRange string `json:"identifierRange,omitempty"`
+
 	// KeepaliveInterval: The interval in seconds between BGP keepalive
 	// messages that are sent to the peer. Hold time is three times the
 	// interval at which keepalive messages are sent, and the hold time is
@@ -49221,6 +49273,10 @@ type RouterBgpPeer struct {
 	//   "TRUE"
 	Enable string `json:"enable,omitempty"`
 
+	// EnableIpv4: Enable IPv4 traffic over BGP Peer. It is enabled by
+	// default if the peerIpAddress is version 4.
+	EnableIpv4 bool `json:"enableIpv4,omitempty"`
+
 	// EnableIpv6: Enable IPv6 traffic over BGP Peer. If not specified, it
 	// is disabled by default.
 	EnableIpv6 bool `json:"enableIpv6,omitempty"`
@@ -49232,6 +49288,10 @@ type RouterBgpPeer struct {
 	// Only IPv4 is supported.
 	IpAddress string `json:"ipAddress,omitempty"`
 
+	// Ipv4NexthopAddress: IPv4 address of the interface inside Google Cloud
+	// Platform.
+	Ipv4NexthopAddress string `json:"ipv4NexthopAddress,omitempty"`
+
 	// Ipv6NexthopAddress: IPv6 address of the interface inside Google Cloud
 	// Platform.
 	Ipv6NexthopAddress string `json:"ipv6NexthopAddress,omitempty"`
@@ -49279,6 +49339,10 @@ type RouterBgpPeer struct {
 	// Platform. Only IPv4 is supported.
 	PeerIpAddress string `json:"peerIpAddress,omitempty"`
 
+	// PeerIpv4NexthopAddress: IPv4 address of the BGP interface outside
+	// Google Cloud Platform.
+	PeerIpv4NexthopAddress string `json:"peerIpv4NexthopAddress,omitempty"`
+
 	// PeerIpv6NexthopAddress: IPv6 address of the BGP interface outside
 	// Google Cloud Platform.
 	PeerIpv6NexthopAddress string `json:"peerIpv6NexthopAddress,omitempty"`
@@ -49409,6 +49473,13 @@ type RouterInterface struct {
 	// interface.
 	IpRange string `json:"ipRange,omitempty"`
 
+	// IpVersion: IP version of this interface.
+	//
+	// Possible values:
+	//   "IPV4"
+	//   "IPV6"
+	IpVersion string `json:"ipVersion,omitempty"`
+
 	// LinkedInterconnectAttachment: URI of the linked Interconnect
 	// attachment. It must be in the same region as the router. Each
 	// interface can have one linked resource, which can be a VPN tunnel, an

vendor/google.golang.org/api/compute/v1/compute-api.json

@@ -35267,7 +35267,7 @@
       }
     }
   },
-  "revision": "20231024",
+  "revision": "20231031",
   "rootUrl": "https://compute.googleapis.com/",
   "schemas": {
     "AWSV4Signature": {
@@ -43565,7 +43565,7 @@
           "type": "string"
         },
         "allPorts": {
-          "description": "This field can only be used: - If IPProtocol is one of TCP, UDP, or SCTP. - By internal TCP/UDP load balancers, backend service-based network load balancers, and internal and external protocol forwarding. Set this field to true to allow packets addressed to any port or packets lacking destination port information (for example, UDP fragments after the first fragment) to be forwarded to the backends configured with this forwarding rule. The ports, port_range, and allPorts fields are mutually exclusive.",
+          "description": "The ports, portRange, and allPorts fields are mutually exclusive. Only packets addressed to ports in the specified range will be forwarded to the backends configured with this forwarding rule. The allPorts field has the following limitations: - It requires that the forwarding rule IPProtocol be TCP, UDP, SCTP, or L3_DEFAULT. - It's applicable only to the following products: internal passthrough Network Load Balancers, backend service-based external passthrough Network Load Balancers, and internal and external protocol forwarding. - Set this field to true to allow packets addressed to any port or packets lacking destination port information (for example, UDP fragments after the first fragment) to be forwarded to the backends configured with this forwarding rule. The L3_DEFAULT protocol requires allPorts be set to true. ",
           "type": "boolean"
         },
         "allowGlobalAccess": {
@@ -43694,11 +43694,11 @@
           "type": "boolean"
         },
         "portRange": {
-          "description": "This field can only be used: - If IPProtocol is one of TCP, UDP, or SCTP. - By backend service-based network load balancers, target pool-based network load balancers, internal proxy load balancers, external proxy load balancers, Traffic Director, external protocol forwarding, and Classic VPN. Some products have restrictions on what ports can be used. See port specifications for details. Only packets addressed to ports in the specified range will be forwarded to the backends configured with this forwarding rule. The ports, port_range, and allPorts fields are mutually exclusive. For external forwarding rules, two or more forwarding rules cannot use the same [IPAddress, IPProtocol] pair, and cannot have overlapping portRanges. For internal forwarding rules within the same VPC network, two or more forwarding rules cannot use the same [IPAddress, IPProtocol] pair, and cannot have overlapping portRanges. @pattern: \\\\d+(?:-\\\\d+)?",
+          "description": "The ports, portRange, and allPorts fields are mutually exclusive. Only packets addressed to ports in the specified range will be forwarded to the backends configured with this forwarding rule. The portRange field has the following limitations: - It requires that the forwarding rule IPProtocol be TCP, UDP, or SCTP, and - It's applicable only to the following products: external passthrough Network Load Balancers, internal and external proxy Network Load Balancers, internal and external Application Load Balancers, external protocol forwarding, and Classic VPN. - Some products have restrictions on what ports can be used. See port specifications for details. For external forwarding rules, two or more forwarding rules cannot use the same [IPAddress, IPProtocol] pair, and cannot have overlapping portRanges. For internal forwarding rules within the same VPC network, two or more forwarding rules cannot use the same [IPAddress, IPProtocol] pair, and cannot have overlapping portRanges. @pattern: \\\\d+(?:-\\\\d+)?",
           "type": "string"
         },
         "ports": {
-          "description": "This field can only be used: - If IPProtocol is one of TCP, UDP, or SCTP. - By internal TCP/UDP load balancers, backend service-based network load balancers, and internal protocol forwarding. You can specify a list of up to five ports by number, separated by commas. The ports can be contiguous or discontiguous. Only packets addressed to these ports will be forwarded to the backends configured with this forwarding rule. For external forwarding rules, two or more forwarding rules cannot use the same [IPAddress, IPProtocol] pair, and cannot share any values defined in ports. For internal forwarding rules within the same VPC network, two or more forwarding rules cannot use the same [IPAddress, IPProtocol] pair, and cannot share any values defined in ports. The ports, port_range, and allPorts fields are mutually exclusive. @pattern: \\\\d+(?:-\\\\d+)?",
+          "description": "The ports, portRange, and allPorts fields are mutually exclusive. Only packets addressed to ports in the specified range will be forwarded to the backends configured with this forwarding rule. The ports field has the following limitations: - It requires that the forwarding rule IPProtocol be TCP, UDP, or SCTP, and - It's applicable only to the following products: internal passthrough Network Load Balancers, backend service-based external passthrough Network Load Balancers, and internal protocol forwarding. - You can specify a list of up to five ports by number, separated by commas. The ports can be contiguous or discontiguous. For external forwarding rules, two or more forwarding rules cannot use the same [IPAddress, IPProtocol] pair if they share at least one port number. For internal forwarding rules within the same VPC network, two or more forwarding rules cannot use the same [IPAddress, IPProtocol] pair if they share at least one port number. @pattern: \\\\d+(?:-\\\\d+)?",
           "items": {
             "type": "string"
           },
@@ -65320,6 +65320,9 @@
         "physicalHost": {
           "description": "[Output Only] An opaque ID of the host on which the VM is running.",
           "type": "string"
+        },
+        "upcomingMaintenance": {
+          "$ref": "UpcomingMaintenance"
         }
       },
       "type": "object"
@@ -66639,6 +66642,18 @@
           "format": "int32",
           "type": "integer"
         },
+        "type": {
+          "description": "Indicates whether this NAT is used for public or private IP translation. If unspecified, it defaults to PUBLIC.",
+          "enum": [
+            "PRIVATE",
+            "PUBLIC"
+          ],
+          "enumDescriptions": [
+            "NAT used for private IP translation.",
+            "NAT used for public IP translation. This is the default."
+          ],
+          "type": "string"
+        },
         "udpIdleTimeoutSec": {
           "description": "Timeout (in seconds) for UDP connections. Defaults to 30s if not set.",
           "format": "int32",
@@ -66705,12 +66720,26 @@
           },
           "type": "array"
         },
+        "sourceNatActiveRanges": {
+          "description": "A list of URLs of the subnetworks used as source ranges for this NAT Rule. These subnetworks must have purpose set to PRIVATE_NAT. This field is used for private NAT.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
         "sourceNatDrainIps": {
           "description": "A list of URLs of the IP resources to be drained. These IPs must be valid static external IPs that have been assigned to the NAT. These IPs should be used for updating/patching a NAT rule only. This field is used for public NAT.",
           "items": {
             "type": "string"
           },
           "type": "array"
+        },
+        "sourceNatDrainRanges": {
+          "description": "A list of URLs of subnetworks representing source ranges to be drained. This is only supported on patch/update, and these subnetworks must have previously been used as active ranges in this NAT Rule. This field is used for private NAT.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
         }
       },
       "type": "object"
@@ -68051,9 +68080,11 @@
         "jsonParsing": {
           "enum": [
             "DISABLED",
-            "STANDARD"
+            "STANDARD",
+            "STANDARD_WITH_GRAPHQL"
           ],
           "enumDescriptions": [
+            "",
             "",
             ""
           ],
@@ -68069,6 +68100,13 @@
             ""
           ],
           "type": "string"
+        },
+        "userIpRequestHeaders": {
+          "description": "An optional list of case-insensitive request header names to use for resolving the callers client IP address.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
         }
       },
       "type": "object"
@@ -69661,6 +69699,13 @@
           "format": "int64",
           "type": "string"
         },
+        "guestOsFeatures": {
+          "description": "[Output Only] A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.",
+          "items": {
+            "$ref": "GuestOsFeature"
+          },
+          "type": "array"
+        },
         "id": {
           "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
           "format": "uint64",
@@ -71602,6 +71647,7 @@
             "GLOBAL_MANAGED_PROXY",
             "INTERNAL_HTTPS_LOAD_BALANCER",
             "PRIVATE",
+            "PRIVATE_NAT",
             "PRIVATE_RFC_1918",
             "PRIVATE_SERVICE_CONNECT",
             "REGIONAL_MANAGED_PROXY"
@@ -71610,6 +71656,7 @@
             "Subnet reserved for Global Envoy-based Load Balancing.",
             "Subnet reserved for Internal HTTP(S) Load Balancing.",
             "Regular user created or automatically created subnet.",
+            "Subnetwork used as source range for Private NAT Gateways.",
             "Regular user created or automatically created subnet.",
             "Subnetworks created for Private Service Connect in the producer network.",
             "Subnetwork used for Regional Envoy-based Load Balancing."
@@ -76007,6 +76054,56 @@
       },
       "type": "object"
     },
+    "UpcomingMaintenance": {
+      "description": "Upcoming Maintenance notification information.",
+      "id": "UpcomingMaintenance",
+      "properties": {
+        "canReschedule": {
+          "description": "Indicates if the maintenance can be customer triggered.",
+          "type": "boolean"
+        },
+        "latestWindowStartTime": {
+          "description": "The latest time for the planned maintenance window to start. This timestamp value is in RFC3339 text format.",
+          "type": "string"
+        },
+        "maintenanceStatus": {
+          "enum": [
+            "ONGOING",
+            "PENDING",
+            "UNKNOWN"
+          ],
+          "enumDescriptions": [
+            "There is ongoing maintenance on this VM.",
+            "There is pending maintenance.",
+            "Unknown maintenance status. Do not use this value."
+          ],
+          "type": "string"
+        },
+        "type": {
+          "description": "Defines the type of maintenance.",
+          "enum": [
+            "SCHEDULED",
+            "UNKNOWN_TYPE",
+            "UNSCHEDULED"
+          ],
+          "enumDescriptions": [
+            "Scheduled maintenance (e.g. maintenance after uptime guarantee is complete).",
+            "No type specified. Do not use this value.",
+            "Unscheduled maintenance (e.g. emergency maintenance during uptime guarantee)."
+          ],
+          "type": "string"
+        },
+        "windowEndTime": {
+          "description": "The time by which the maintenance disruption will be completed. This timestamp value is in RFC3339 text format.",
+          "type": "string"
+        },
+        "windowStartTime": {
+          "description": "The current start time of the maintenance window. This timestamp value is in RFC3339 text format.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
     "UrlMap": {
       "description": "Represents a URL Map resource. Compute Engine has two URL Map resources: * [Global](/compute/docs/reference/rest/v1/urlMaps) * [Regional](/compute/docs/reference/rest/v1/regionUrlMaps) A URL map resource is a component of certain types of cloud load balancers and Traffic Director: * urlMaps are used by global external Application Load Balancers, classic Application Load Balancers, and cross-region internal Application Load Balancers. * regionUrlMaps are used by internal Application Load Balancers, regional external Application Load Balancers and regional internal Application Load Balancers. For a list of supported URL map features by the load balancer type, see the Load balancing features: Routing and traffic management table. For a list of supported URL map features for Traffic Director, see the Traffic Director features: Routing and traffic management table. This resource defines mappings from hostnames and URL paths to either a backend service or a backend bucket. To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts.",
       "id": "UrlMap",
@@ -76715,6 +76812,7 @@
             "GLOBAL_MANAGED_PROXY",
             "INTERNAL_HTTPS_LOAD_BALANCER",
             "PRIVATE",
+            "PRIVATE_NAT",
             "PRIVATE_RFC_1918",
             "PRIVATE_SERVICE_CONNECT",
             "REGIONAL_MANAGED_PROXY"
@@ -76723,6 +76821,7 @@
             "Subnet reserved for Global Envoy-based Load Balancing.",
             "Subnet reserved for Internal HTTP(S) Load Balancing.",
             "Regular user created or automatically created subnet.",
+            "Subnetwork used as source range for Private NAT Gateways.",
             "Regular user created or automatically created subnet.",
             "Subnetworks created for Private Service Connect in the producer network.",
             "Subnetwork used for Regional Envoy-based Load Balancing."

vendor/google.golang.org/api/compute/v1/compute-gen.go

@@ -13366,14 +13366,19 @@ type ForwardingRule struct {
 	//   "UDP"
 	IPProtocol string `json:"IPProtocol,omitempty"`
 
-	// AllPorts: This field can only be used: - If IPProtocol is one of TCP,
+	// AllPorts: The ports, portRange, and allPorts fields are mutually
-	// UDP, or SCTP. - By internal TCP/UDP load balancers, backend
+	// exclusive. Only packets addressed to ports in the specified range
-	// service-based network load balancers, and internal and external
+	// will be forwarded to the backends configured with this forwarding
-	// protocol forwarding. Set this field to true to allow packets
+	// rule. The allPorts field has the following limitations: - It requires
+	// that the forwarding rule IPProtocol be TCP, UDP, SCTP, or L3_DEFAULT.
+	// - It's applicable only to the following products: internal
+	// passthrough Network Load Balancers, backend service-based external
+	// passthrough Network Load Balancers, and internal and external
+	// protocol forwarding. - Set this field to true to allow packets
 	// addressed to any port or packets lacking destination port information
 	// (for example, UDP fragments after the first fragment) to be forwarded
-	// to the backends configured with this forwarding rule. The ports,
+	// to the backends configured with this forwarding rule. The L3_DEFAULT
-	// port_range, and allPorts fields are mutually exclusive.
+	// protocol requires allPorts be set to true.
 	AllPorts bool `json:"allPorts,omitempty"`
 
 	// AllowGlobalAccess: This field is used along with the backend_service
@@ -13540,37 +13545,39 @@ type ForwardingRule struct {
 	// is not mutable.
 	NoAutomateDnsZone bool `json:"noAutomateDnsZone,omitempty"`
 
-	// PortRange: This field can only be used: - If IPProtocol is one of
+	// PortRange: The ports, portRange, and allPorts fields are mutually
-	// TCP, UDP, or SCTP. - By backend service-based network load balancers,
+	// exclusive. Only packets addressed to ports in the specified range
-	// target pool-based network load balancers, internal proxy load
+	// will be forwarded to the backends configured with this forwarding
-	// balancers, external proxy load balancers, Traffic Director, external
+	// rule. The portRange field has the following limitations: - It
-	// protocol forwarding, and Classic VPN. Some products have restrictions
+	// requires that the forwarding rule IPProtocol be TCP, UDP, or SCTP,
-	// on what ports can be used. See port specifications for details. Only
+	// and - It's applicable only to the following products: external
-	// packets addressed to ports in the specified range will be forwarded
+	// passthrough Network Load Balancers, internal and external proxy
-	// to the backends configured with this forwarding rule. The ports,
+	// Network Load Balancers, internal and external Application Load
-	// port_range, and allPorts fields are mutually exclusive. For external
+	// Balancers, external protocol forwarding, and Classic VPN. - Some
-	// forwarding rules, two or more forwarding rules cannot use the same
+	// products have restrictions on what ports can be used. See port
-	// [IPAddress, IPProtocol] pair, and cannot have overlapping portRanges.
+	// specifications for details. For external forwarding rules, two or
-	// For internal forwarding rules within the same VPC network, two or
 	// more forwarding rules cannot use the same [IPAddress, IPProtocol]
-	// pair, and cannot have overlapping portRanges. @pattern:
+	// pair, and cannot have overlapping portRanges. For internal forwarding
-	// \\d+(?:-\\d+)?
+	// rules within the same VPC network, two or more forwarding rules
+	// cannot use the same [IPAddress, IPProtocol] pair, and cannot have
+	// overlapping portRanges. @pattern: \\d+(?:-\\d+)?
 	PortRange string `json:"portRange,omitempty"`
 
-	// Ports: This field can only be used: - If IPProtocol is one of TCP,
+	// Ports: The ports, portRange, and allPorts fields are mutually
-	// UDP, or SCTP. - By internal TCP/UDP load balancers, backend
+	// exclusive. Only packets addressed to ports in the specified range
-	// service-based network load balancers, and internal protocol
+	// will be forwarded to the backends configured with this forwarding
-	// forwarding. You can specify a list of up to five ports by number,
+	// rule. The ports field has the following limitations: - It requires
-	// separated by commas. The ports can be contiguous or discontiguous.
+	// that the forwarding rule IPProtocol be TCP, UDP, or SCTP, and - It's
-	// Only packets addressed to these ports will be forwarded to the
+	// applicable only to the following products: internal passthrough
-	// backends configured with this forwarding rule. For external
+	// Network Load Balancers, backend service-based external passthrough
-	// forwarding rules, two or more forwarding rules cannot use the same
+	// Network Load Balancers, and internal protocol forwarding. - You can
-	// [IPAddress, IPProtocol] pair, and cannot share any values defined in
+	// specify a list of up to five ports by number, separated by commas.
-	// ports. For internal forwarding rules within the same VPC network, two
+	// The ports can be contiguous or discontiguous. For external forwarding
-	// or more forwarding rules cannot use the same [IPAddress, IPProtocol]
+	// rules, two or more forwarding rules cannot use the same [IPAddress,
-	// pair, and cannot share any values defined in ports. The ports,
+	// IPProtocol] pair if they share at least one port number. For internal
-	// port_range, and allPorts fields are mutually exclusive. @pattern:
+	// forwarding rules within the same VPC network, two or more forwarding
-	// \\d+(?:-\\d+)?
+	// rules cannot use the same [IPAddress, IPProtocol] pair if they share
+	// at least one port number. @pattern: \\d+(?:-\\d+)?
 	Ports []string `json:"ports,omitempty"`
 
 	// PscConnectionId: [Output Only] The PSC connection id of the PSC
@@ -43855,6 +43862,8 @@ type ResourceStatus struct {
 	// is running.
 	PhysicalHost string `json:"physicalHost,omitempty"`
 
+	UpcomingMaintenance *UpcomingMaintenance `json:"upcomingMaintenance,omitempty"`
+
 	// ForceSendFields is a list of field names (e.g. "PhysicalHost") to
 	// unconditionally include in API requests. By default, fields with
 	// empty or default values are omitted from API requests. However, any
@@ -45501,6 +45510,14 @@ type RouterNat struct {
 	// connections. Defaults to 30s if not set.
 	TcpTransitoryIdleTimeoutSec int64 `json:"tcpTransitoryIdleTimeoutSec,omitempty"`
 
+	// Type: Indicates whether this NAT is used for public or private IP
+	// translation. If unspecified, it defaults to PUBLIC.
+	//
+	// Possible values:
+	//   "PRIVATE" - NAT used for private IP translation.
+	//   "PUBLIC" - NAT used for public IP translation. This is the default.
+	Type string `json:"type,omitempty"`
+
 	// UdpIdleTimeoutSec: Timeout (in seconds) for UDP connections. Defaults
 	// to 30s if not set.
 	UdpIdleTimeoutSec int64 `json:"udpIdleTimeoutSec,omitempty"`
@@ -45625,12 +45642,23 @@ type RouterNatRuleAction struct {
 	// addresses assigned to the project. This field is used for public NAT.
 	SourceNatActiveIps []string `json:"sourceNatActiveIps,omitempty"`
 
+	// SourceNatActiveRanges: A list of URLs of the subnetworks used as
+	// source ranges for this NAT Rule. These subnetworks must have purpose
+	// set to PRIVATE_NAT. This field is used for private NAT.
+	SourceNatActiveRanges []string `json:"sourceNatActiveRanges,omitempty"`
+
 	// SourceNatDrainIps: A list of URLs of the IP resources to be drained.
 	// These IPs must be valid static external IPs that have been assigned
 	// to the NAT. These IPs should be used for updating/patching a NAT rule
 	// only. This field is used for public NAT.
 	SourceNatDrainIps []string `json:"sourceNatDrainIps,omitempty"`
 
+	// SourceNatDrainRanges: A list of URLs of subnetworks representing
+	// source ranges to be drained. This is only supported on patch/update,
+	// and these subnetworks must have previously been used as active ranges
+	// in this NAT Rule. This field is used for private NAT.
+	SourceNatDrainRanges []string `json:"sourceNatDrainRanges,omitempty"`
+
 	// ForceSendFields is a list of field names (e.g. "SourceNatActiveIps")
 	// to unconditionally include in API requests. By default, fields with
 	// empty or default values are omitted from API requests. However, any
@@ -47411,6 +47439,7 @@ type SecurityPolicyAdvancedOptionsConfig struct {
 	// Possible values:
 	//   "DISABLED"
 	//   "STANDARD"
+	//   "STANDARD_WITH_GRAPHQL"
 	JsonParsing string `json:"jsonParsing,omitempty"`
 
 	// Possible values:
@@ -47418,6 +47447,10 @@ type SecurityPolicyAdvancedOptionsConfig struct {
 	//   "VERBOSE"
 	LogLevel string `json:"logLevel,omitempty"`
 
+	// UserIpRequestHeaders: An optional list of case-insensitive request
+	// header names to use for resolving the callers client IP address.
+	UserIpRequestHeaders []string `json:"userIpRequestHeaders,omitempty"`
+
 	// ForceSendFields is a list of field names (e.g. "JsonCustomConfig") to
 	// unconditionally include in API requests. By default, fields with
 	// empty or default values are omitted from API requests. However, any
@@ -49851,6 +49884,12 @@ type Snapshot struct {
 	// snapshot to a disk.
 	DownloadBytes int64 `json:"downloadBytes,omitempty,string"`
 
+	// GuestOsFeatures: [Output Only] A list of features to enable on the
+	// guest operating system. Applicable only for bootable images. Read
+	// Enabling guest operating system features to see a list of available
+	// options.
+	GuestOsFeatures []*GuestOsFeature `json:"guestOsFeatures,omitempty"`
+
 	// Id: [Output Only] The unique identifier for the resource. This
 	// identifier is defined by the server.
 	Id uint64 `json:"id,omitempty,string"`
@@ -52431,6 +52470,8 @@ type Subnetwork struct {
 	//   "INTERNAL_HTTPS_LOAD_BALANCER" - Subnet reserved for Internal
 	// HTTP(S) Load Balancing.
 	//   "PRIVATE" - Regular user created or automatically created subnet.
+	//   "PRIVATE_NAT" - Subnetwork used as source range for Private NAT
+	// Gateways.
 	//   "PRIVATE_RFC_1918" - Regular user created or automatically created
 	// subnet.
 	//   "PRIVATE_SERVICE_CONNECT" - Subnetworks created for Private Service
@@ -58548,6 +58589,63 @@ func (s *Uint128) MarshalJSON() ([]byte, error) {
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }
 
+// UpcomingMaintenance: Upcoming Maintenance notification information.
+type UpcomingMaintenance struct {
+	// CanReschedule: Indicates if the maintenance can be customer
+	// triggered.
+	CanReschedule bool `json:"canReschedule,omitempty"`
+
+	// LatestWindowStartTime: The latest time for the planned maintenance
+	// window to start. This timestamp value is in RFC3339 text format.
+	LatestWindowStartTime string `json:"latestWindowStartTime,omitempty"`
+
+	// Possible values:
+	//   "ONGOING" - There is ongoing maintenance on this VM.
+	//   "PENDING" - There is pending maintenance.
+	//   "UNKNOWN" - Unknown maintenance status. Do not use this value.
+	MaintenanceStatus string `json:"maintenanceStatus,omitempty"`
+
+	// Type: Defines the type of maintenance.
+	//
+	// Possible values:
+	//   "SCHEDULED" - Scheduled maintenance (e.g. maintenance after uptime
+	// guarantee is complete).
+	//   "UNKNOWN_TYPE" - No type specified. Do not use this value.
+	//   "UNSCHEDULED" - Unscheduled maintenance (e.g. emergency maintenance
+	// during uptime guarantee).
+	Type string `json:"type,omitempty"`
+
+	// WindowEndTime: The time by which the maintenance disruption will be
+	// completed. This timestamp value is in RFC3339 text format.
+	WindowEndTime string `json:"windowEndTime,omitempty"`
+
+	// WindowStartTime: The current start time of the maintenance window.
+	// This timestamp value is in RFC3339 text format.
+	WindowStartTime string `json:"windowStartTime,omitempty"`
+
+	// ForceSendFields is a list of field names (e.g. "CanReschedule") to
+	// unconditionally include in API requests. By default, fields with
+	// empty or default values are omitted from API requests. However, any
+	// non-pointer, non-interface field appearing in ForceSendFields will be
+	// sent to the server regardless of whether the field is empty or not.
+	// This may be used to include empty fields in Patch requests.
+	ForceSendFields []string `json:"-"`
+
+	// NullFields is a list of field names (e.g. "CanReschedule") to include
+	// in API requests with the JSON null value. By default, fields with
+	// empty values are omitted from API requests. However, any field with
+	// an empty value appearing in NullFields will be sent to the server as
+	// null. It is an error if a field in this list has a non-empty value.
+	// This may be used to include null fields in Patch requests.
+	NullFields []string `json:"-"`
+}
+
+func (s *UpcomingMaintenance) MarshalJSON() ([]byte, error) {
+	type NoMethod UpcomingMaintenance
+	raw := NoMethod(*s)
+	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
+}
+
 // UrlMap: Represents a URL Map resource. Compute Engine has two URL Map
 // resources: * Global (/compute/docs/reference/rest/v1/urlMaps) *
 // Regional (/compute/docs/reference/rest/v1/regionUrlMaps) A URL map
@@ -59599,6 +59697,8 @@ type UsableSubnetwork struct {
 	//   "INTERNAL_HTTPS_LOAD_BALANCER" - Subnet reserved for Internal
 	// HTTP(S) Load Balancing.
 	//   "PRIVATE" - Regular user created or automatically created subnet.
+	//   "PRIVATE_NAT" - Subnetwork used as source range for Private NAT
+	// Gateways.
 	//   "PRIVATE_RFC_1918" - Regular user created or automatically created
 	// subnet.
 	//   "PRIVATE_SERVICE_CONNECT" - Subnetworks created for Private Service

vendor/google.golang.org/api/container/v1/container-api.json

@@ -2540,7 +2540,7 @@
       }
     }
   },
-  "revision": "20231024",
+  "revision": "20231030",
   "rootUrl": "https://container.googleapis.com/",
   "schemas": {
     "AcceleratorConfig": {
@@ -5465,6 +5465,10 @@
           "format": "int32",
           "type": "integer"
         },
+        "queuedProvisioning": {
+          "$ref": "QueuedProvisioning",
+          "description": "Specifies the configuration of queued provisioning."
+        },
         "selfLink": {
           "description": "[Output only] Server-defined URL for the resource.",
           "type": "string"
@@ -5978,6 +5982,17 @@
       },
       "type": "object"
     },
+    "QueuedProvisioning": {
+      "description": "QueuedProvisioning defines the queued provisioning used by the node pool.",
+      "id": "QueuedProvisioning",
+      "properties": {
+        "enabled": {
+          "description": "Denotes that this nodepool is QRM specific, meaning nodes can be only obtained through queuing via the Cluster Autoscaler ProvisioningRequest API.",
+          "type": "boolean"
+        }
+      },
+      "type": "object"
+    },
     "RangeInfo": {
       "description": "RangeInfo contains the range name and the range utilization by this cluster.",
       "id": "RangeInfo",

vendor/google.golang.org/api/container/v1/container-gen.go

@@ -5149,6 +5149,10 @@ type NodePool struct {
 	// this node pool.
 	PodIpv4CidrSize int64 `json:"podIpv4CidrSize,omitempty"`
 
+	// QueuedProvisioning: Specifies the configuration of queued
+	// provisioning.
+	QueuedProvisioning *QueuedProvisioning `json:"queuedProvisioning,omitempty"`
+
 	// SelfLink: [Output only] Server-defined URL for the resource.
 	SelfLink string `json:"selfLink,omitempty"`
 
@@ -5964,6 +5968,37 @@ func (s *PubSub) MarshalJSON() ([]byte, error) {
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }
 
+// QueuedProvisioning: QueuedProvisioning defines the queued
+// provisioning used by the node pool.
+type QueuedProvisioning struct {
+	// Enabled: Denotes that this nodepool is QRM specific, meaning nodes
+	// can be only obtained through queuing via the Cluster Autoscaler
+	// ProvisioningRequest API.
+	Enabled bool `json:"enabled,omitempty"`
+
+	// ForceSendFields is a list of field names (e.g. "Enabled") to
+	// unconditionally include in API requests. By default, fields with
+	// empty or default values are omitted from API requests. However, any
+	// non-pointer, non-interface field appearing in ForceSendFields will be
+	// sent to the server regardless of whether the field is empty or not.
+	// This may be used to include empty fields in Patch requests.
+	ForceSendFields []string `json:"-"`
+
+	// NullFields is a list of field names (e.g. "Enabled") to include in
+	// API requests with the JSON null value. By default, fields with empty
+	// values are omitted from API requests. However, any field with an
+	// empty value appearing in NullFields will be sent to the server as
+	// null. It is an error if a field in this list has a non-empty value.
+	// This may be used to include null fields in Patch requests.
+	NullFields []string `json:"-"`
+}
+
+func (s *QueuedProvisioning) MarshalJSON() ([]byte, error) {
+	type NoMethod QueuedProvisioning
+	raw := NoMethod(*s)
+	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
+}
+
 // RangeInfo: RangeInfo contains the range name and the range
 // utilization by this cluster.
 type RangeInfo struct {

vendor/google.golang.org/api/internal/version.go

@@ -5,4 +5,4 @@
 package internal
 
 // Version is the current tagged release of the library.
-const Version = "0.150.0"
+const Version = "0.151.0"

vendor/k8s.io/mount-utils/mount_windows.go

@@ -150,12 +150,12 @@ func (mounter *Mounter) MountSensitive(source string, target string, fstype stri
 		mklinkSource = mklinkSource + "\\"
 	}
 
-	output, err := exec.Command("cmd", "/c", "mklink", "/D", target, mklinkSource).CombinedOutput()
+	err := os.Symlink(mklinkSource, target)
 	if err != nil {
-		klog.Errorf("mklink failed: %v, source(%q) target(%q) output: %q", err, mklinkSource, target, string(output))
+		klog.Errorf("symlink failed: %v, source(%q) target(%q)", err, mklinkSource, target)
 		return err
 	}
-	klog.V(2).Infof("mklink source(%q) on target(%q) successfully, output: %q", mklinkSource, target, string(output))
+	klog.V(2).Infof("symlink source(%q) on target(%q) successfully", mklinkSource, target)
 
 	return nil
 }
@@ -219,8 +219,9 @@ func removeSMBMapping(remotepath string) (string, error) {
 func (mounter *Mounter) Unmount(target string) error {
 	klog.V(4).Infof("Unmount target (%q)", target)
 	target = NormalizeWindowsPath(target)
-	if output, err := exec.Command("cmd", "/c", "rmdir", target).CombinedOutput(); err != nil {
+
-		klog.Errorf("rmdir failed: %v, output: %q", err, string(output))
+	if err := os.Remove(target); err != nil {
+		klog.Errorf("removing directory %s failed: %v", target, err)
 		return err
 	}
 	return nil

vendor/modules.txt

@@ -97,7 +97,7 @@ github.com/aws/amazon-ec2-instance-selector/v2/pkg/instancetypes
 github.com/aws/amazon-ec2-instance-selector/v2/pkg/selector
 github.com/aws/amazon-ec2-instance-selector/v2/pkg/selector/outputs
 github.com/aws/amazon-ec2-instance-selector/v2/pkg/sorter
-# github.com/aws/aws-sdk-go v1.47.8
+# github.com/aws/aws-sdk-go v1.47.13
 ## explicit; go 1.19
 github.com/aws/aws-sdk-go/aws
 github.com/aws/aws-sdk-go/aws/arn
@@ -251,7 +251,7 @@ github.com/cpuguy83/go-md2man/v2/md2man
 # github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc
 ## explicit
 github.com/davecgh/go-spew/spew
-# github.com/digitalocean/godo v1.105.1
+# github.com/digitalocean/godo v1.106.0
 ## explicit; go 1.20
 github.com/digitalocean/godo
 github.com/digitalocean/godo/metrics
@@ -964,7 +964,7 @@ golang.org/x/crypto/scrypt
 golang.org/x/crypto/ssh
 golang.org/x/crypto/ssh/agent
 golang.org/x/crypto/ssh/internal/bcrypt_pbkdf
-# golang.org/x/exp v0.0.0-20231108232855-2478ac86f678
+# golang.org/x/exp v0.0.0-20231110203233-9a3e6036ecaa
 ## explicit; go 1.20
 golang.org/x/exp/constraints
 golang.org/x/exp/maps
@@ -1061,7 +1061,7 @@ golang.org/x/tools/internal/typesinternal
 # gomodules.xyz/jsonpatch/v2 v2.4.0
 ## explicit; go 1.20
 gomodules.xyz/jsonpatch/v2
-# google.golang.org/api v0.150.0
+# google.golang.org/api v0.151.0
 ## explicit; go 1.19
 google.golang.org/api/cloudresourcemanager/v1
 google.golang.org/api/compute/v0.alpha
@@ -1231,7 +1231,7 @@ helm.sh/helm/v3/pkg/plugin
 helm.sh/helm/v3/pkg/registry
 helm.sh/helm/v3/pkg/strvals
 helm.sh/helm/v3/pkg/time
-# k8s.io/api v0.28.3
+# k8s.io/api v0.28.4
 ## explicit; go 1.20
 k8s.io/api/admission/v1
 k8s.io/api/admission/v1beta1
@@ -1292,7 +1292,7 @@ k8s.io/api/storage/v1beta1
 ## explicit; go 1.20
 k8s.io/apiextensions-apiserver/pkg/apis/apiextensions
 k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1
-# k8s.io/apimachinery v0.28.3
+# k8s.io/apimachinery v0.28.4
 ## explicit; go 1.20
 k8s.io/apimachinery/pkg/api/equality
 k8s.io/apimachinery/pkg/api/errors
@@ -1351,13 +1351,13 @@ k8s.io/apimachinery/pkg/watch
 k8s.io/apimachinery/third_party/forked/golang/json
 k8s.io/apimachinery/third_party/forked/golang/netutil
 k8s.io/apimachinery/third_party/forked/golang/reflect
-# k8s.io/cli-runtime v0.28.3
+# k8s.io/cli-runtime v0.28.4
 ## explicit; go 1.20
 k8s.io/cli-runtime/pkg/genericclioptions
 k8s.io/cli-runtime/pkg/genericiooptions
 k8s.io/cli-runtime/pkg/printers
 k8s.io/cli-runtime/pkg/resource
-# k8s.io/client-go v0.28.3
+# k8s.io/client-go v0.28.4
 ## explicit; go 1.20
 k8s.io/client-go/applyconfigurations/admissionregistration/v1
 k8s.io/client-go/applyconfigurations/admissionregistration/v1alpha1
@@ -1698,7 +1698,7 @@ k8s.io/cloud-provider-aws/pkg/providers/v1
 # k8s.io/cloud-provider-gcp/providers v0.27.1
 ## explicit; go 1.19
 k8s.io/cloud-provider-gcp/providers/gce
-# k8s.io/component-base v0.28.3
+# k8s.io/component-base v0.28.4
 ## explicit; go 1.20
 k8s.io/component-base/cli/flag
 k8s.io/component-base/config
@@ -1714,7 +1714,7 @@ k8s.io/component-base/metrics/prometheus/restclient
 k8s.io/component-base/metrics/prometheusextension
 k8s.io/component-base/tracing/api/v1
 k8s.io/component-base/version
-# k8s.io/component-helpers v0.28.3
+# k8s.io/component-helpers v0.28.4
 ## explicit; go 1.20
 k8s.io/component-helpers/node/util
 # k8s.io/csi-translation-lib v0.28.3
@@ -1755,7 +1755,7 @@ k8s.io/kube-openapi/pkg/spec3
 k8s.io/kube-openapi/pkg/util/proto
 k8s.io/kube-openapi/pkg/util/proto/validation
 k8s.io/kube-openapi/pkg/validation/spec
-# k8s.io/kubectl v0.28.3
+# k8s.io/kubectl v0.28.4
 ## explicit; go 1.20
 k8s.io/kubectl/pkg/cmd/util
 k8s.io/kubectl/pkg/cmd/util/editor
@@ -1770,10 +1770,10 @@ k8s.io/kubectl/pkg/util/slice
 k8s.io/kubectl/pkg/util/templates
 k8s.io/kubectl/pkg/util/term
 k8s.io/kubectl/pkg/validation
-# k8s.io/kubelet v0.28.3
+# k8s.io/kubelet v0.28.4
 ## explicit; go 1.20
 k8s.io/kubelet/config/v1beta1
-# k8s.io/mount-utils v0.28.3
+# k8s.io/mount-utils v0.28.4
 ## explicit; go 1.20
 k8s.io/mount-utils
 # k8s.io/utils v0.0.0-20230726121419-3b25d923346b