diff --git a/docs/resources/google_compute_disk.md b/docs/resources/google_compute_disk.md
index 05014de01..3a5d3ffa1 100644
--- a/docs/resources/google_compute_disk.md
+++ b/docs/resources/google_compute_disk.md
@@ -65,7 +65,9 @@ Properties that can be accessed from the `google_compute_disk` resource:
 
   * `type`: URL of the disk type resource describing which disk type to use to create the disk. Provide this when creating the disk.
 
-  * `source_image`: The source image used to create this disk. If the source image is deleted, this field will not be set.  To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-8 to use the latest Debian 8 image:  projects/debian-cloud/global/images/family/debian-8  Alternatively, use a specific version of a public operating system image:  projects/debian-cloud/global/images/debian-8-jessie-vYYYYMMDD  To create a disk with a private image that you created, specify the image name in the following format:  global/images/my-private-image  You can also specify a private image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name:  global/images/family/my-private-family
+  * `erase_windows_vss_signature`: (Beta only) Specifies whether the disk restored from a source snapshot should erase Windows specific VSS signature.
+
+  * `source_image`: The source image used to create this disk. If the source image is deleted, this field will not be set.  To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image:  projects/debian-cloud/global/images/family/debian-9  Alternatively, use a specific version of a public operating system image:  projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD  To create a disk with a private image that you created, specify the image name in the following format:  global/images/my-private-image  You can also specify a private image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name:  global/images/family/my-private-family
 
   * `resource_policies`: (Beta only) Resource policies applied to this disk for automatic snapshot creations.
 
@@ -79,6 +81,8 @@ Properties that can be accessed from the `google_compute_disk` resource:
 
     * `kms_key_name`: The name of the encryption key that is stored in Google Cloud KMS.
 
+    * `kms_key_service_account`: The service account used for the encryption request for the given KMS key.  If absent, the Compute Engine Service Agent service account is used.
+
   * `source_image_id`: The ID value of the image used to create this disk. This value identifies the exact image that was used to create this persistent disk. For example, if you created the persistent disk from an image that was later deleted and recreated under the same name, the source image ID would identify the exact version of the image that was used.
 
   * `disk_encryption_key`: Encrypts the disk using a customer-supplied encryption key.  After you encrypt a disk with a customer-supplied key, you must provide the same key if you use the disk later (e.g. to create a disk snapshot or an image, or to attach the disk to a virtual machine).  Customer-supplied encryption keys do not protect access to metadata of the disk.  If you do not provide an encryption key when creating the disk, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
@@ -89,6 +93,8 @@ Properties that can be accessed from the `google_compute_disk` resource:
 
     * `kms_key_name`: The name of the encryption key that is stored in Google Cloud KMS. Your project's Compute Engine System service account (`service-{{PROJECT_NUMBER}}@compute-system.iam.gserviceaccount.com`) must have `roles/cloudkms.cryptoKeyEncrypterDecrypter` to use this feature.
 
+    * `kms_key_service_account`: The service account used for the encryption request for the given KMS key.  If absent, the Compute Engine Service Agent service account is used.
+
   * `source_snapshot`: The source snapshot used to create this disk. You can provide this as a partial or full URL to the resource. If the snapshot is in another project than this disk, you must supply a full URL. For example, the following are valid values:  * `https://www.googleapis.com/compute/v1/projects/project/global/snapshots/snapshot` * `projects/project/global/snapshots/snapshot` * `global/snapshots/snapshot`
 
   * `source_snapshot_encryption_key`: The customer-supplied encryption key of the source snapshot. Required if the source snapshot is protected by a customer-supplied encryption key.
@@ -99,6 +105,8 @@ Properties that can be accessed from the `google_compute_disk` resource:
 
     * `sha256`: The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
 
+    * `kms_key_service_account`: The service account used for the encryption request for the given KMS key.  If absent, the Compute Engine Service Agent service account is used.
+
   * `source_snapshot_id`: The unique ID of the snapshot used to create this disk. This value identifies the exact snapshot that was used to create this persistent disk. For example, if you created the persistent disk from a snapshot that was later deleted and recreated under the same name, the source snapshot ID would identify the exact version of the snapshot that was used.
 
 
diff --git a/docs/resources/google_compute_disks.md b/docs/resources/google_compute_disks.md
index d2aa8b890..f1a695d52 100644
--- a/docs/resources/google_compute_disks.md
+++ b/docs/resources/google_compute_disks.md
@@ -37,6 +37,7 @@ See [google_compute_disk.md](google_compute_disk.md) for more detailed informati
   * `users`: an array of `google_compute_disk` users
   * `physical_block_size_bytes`: an array of `google_compute_disk` physical_block_size_bytes
   * `types`: an array of `google_compute_disk` type
+  * `erase_windows_vss_signatures`: (Beta only) an array of `google_compute_disk` erase_windows_vss_signature
   * `source_images`: an array of `google_compute_disk` source_image
   * `resource_policies`: (Beta only) an array of `google_compute_disk` resource_policies
   * `zones`: an array of `google_compute_disk` zone
diff --git a/libraries/google/compute/property/disk_disk_encryption_key.rb b/libraries/google/compute/property/disk_disk_encryption_key.rb
index 219698820..a977ddab4 100644
--- a/libraries/google/compute/property/disk_disk_encryption_key.rb
+++ b/libraries/google/compute/property/disk_disk_encryption_key.rb
@@ -23,12 +23,15 @@ class DiskDiskEncryptionKey
 
         attr_reader :kms_key_name
 
+        attr_reader :kms_key_service_account
+
         def initialize(args = nil, parent_identifier = nil)
           return if args.nil?
           @parent_identifier = parent_identifier
           @raw_key = args['rawKey']
           @sha256 = args['sha256']
           @kms_key_name = args['kmsKeyName']
+          @kms_key_service_account = args['kmsKeyServiceAccount']
         end
 
         def to_s
diff --git a/libraries/google/compute/property/disk_source_image_encryption_key.rb b/libraries/google/compute/property/disk_source_image_encryption_key.rb
index 14cbdd2f3..e52893eaa 100644
--- a/libraries/google/compute/property/disk_source_image_encryption_key.rb
+++ b/libraries/google/compute/property/disk_source_image_encryption_key.rb
@@ -23,12 +23,15 @@ class DiskSourceImageEncryptionKey
 
         attr_reader :kms_key_name
 
+        attr_reader :kms_key_service_account
+
         def initialize(args = nil, parent_identifier = nil)
           return if args.nil?
           @parent_identifier = parent_identifier
           @raw_key = args['rawKey']
           @sha256 = args['sha256']
           @kms_key_name = args['kmsKeyName']
+          @kms_key_service_account = args['kmsKeyServiceAccount']
         end
 
         def to_s
diff --git a/libraries/google/compute/property/disk_source_snapshot_encryption_key.rb b/libraries/google/compute/property/disk_source_snapshot_encryption_key.rb
index 4dce32824..c4c207b3b 100644
--- a/libraries/google/compute/property/disk_source_snapshot_encryption_key.rb
+++ b/libraries/google/compute/property/disk_source_snapshot_encryption_key.rb
@@ -23,12 +23,15 @@ class DiskSourceSnapshotEncryptionKey
 
         attr_reader :sha256
 
+        attr_reader :kms_key_service_account
+
         def initialize(args = nil, parent_identifier = nil)
           return if args.nil?
           @parent_identifier = parent_identifier
           @raw_key = args['rawKey']
           @kms_key_name = args['kmsKeyName']
           @sha256 = args['sha256']
+          @kms_key_service_account = args['kmsKeyServiceAccount']
         end
 
         def to_s
diff --git a/libraries/google_compute_disk.rb b/libraries/google_compute_disk.rb
index 1523aab0b..ada57d9c7 100644
--- a/libraries/google_compute_disk.rb
+++ b/libraries/google_compute_disk.rb
@@ -38,6 +38,7 @@ class ComputeDisk < GcpResourceBase
   attr_reader :users
   attr_reader :physical_block_size_bytes
   attr_reader :type
+  attr_reader :erase_windows_vss_signature
   attr_reader :source_image
   attr_reader :resource_policies
   attr_reader :zone
@@ -69,6 +70,7 @@ def parse
     @users = @fetched['users']
     @physical_block_size_bytes = @fetched['physicalBlockSizeBytes']
     @type = @fetched['type']
+    @erase_windows_vss_signature = @fetched['eraseWindowsVssSignature']
     @source_image = @fetched['sourceImage']
     @resource_policies = @fetched['resourcePolicies']
     @zone = @fetched['zone']
diff --git a/libraries/google_compute_disks.rb b/libraries/google_compute_disks.rb
index 5c254f3c5..74029547b 100644
--- a/libraries/google_compute_disks.rb
+++ b/libraries/google_compute_disks.rb
@@ -36,6 +36,7 @@ class ComputeDisks < GcpResourceBase
   filter_table_config.add(:users, field: :users)
   filter_table_config.add(:physical_block_size_bytes, field: :physical_block_size_bytes)
   filter_table_config.add(:types, field: :type)
+  filter_table_config.add(:erase_windows_vss_signatures, field: :erase_windows_vss_signature)
   filter_table_config.add(:source_images, field: :source_image)
   filter_table_config.add(:resource_policies, field: :resource_policies)
   filter_table_config.add(:zones, field: :zone)
@@ -97,6 +98,7 @@ def transformers
       'users' => ->(obj) { return :users, obj['users'] },
       'physicalBlockSizeBytes' => ->(obj) { return :physical_block_size_bytes, obj['physicalBlockSizeBytes'] },
       'type' => ->(obj) { return :type, obj['type'] },
+      'eraseWindowsVssSignature' => ->(obj) { return :erase_windows_vss_signature, obj['eraseWindowsVssSignature'] },
       'sourceImage' => ->(obj) { return :source_image, obj['sourceImage'] },
       'resourcePolicies' => ->(obj) { return :resource_policies, obj['resourcePolicies'] },
       'zone' => ->(obj) { return :zone, obj['zone'] },