Apigee release notes

This page documents production updates to all Apigee software in 2022 and later. We recommend that users periodically check this list for any new announcements, or subscribe to this page using a feed reader to get notifications of updates.

What is a feed reader?

Really simple syndication (RSS) feed readers aggregate content from websites that you specify.

Feed reader notifications can be email-, browser-, desktop-, or mobile-based. Some readers are free, or have free versions, and some require a subscription.

A few examples:

More information on RSS:

See also:

Subscribe:

You can see the latest product updates for all of Google Cloud on the Google Cloud page, browse and filter all release notes in the Google Cloud console, or programmatically access release notes in BigQuery.

To get the latest product updates delivered to you, add the URL of this page to your feed reader, or add the feed URL directly: https://cloud.google.com/feeds/apigee-release-notes.xml

May 20, 2024

Application Integration

Terraform support

You can now use Terraform to provision new regions and create authentication profiles. For a detailed reference document about terraform resources, see google_integrations_client and google_integrations_auth_config.

May 17, 2024

Apigee X

On May 17, 2024, we released an updated version of Apigee (1-12-0-apigee-4-hotfix).

Bug ID Description
337876238, 330314128, 333762214 Resolved issues resulting in an increase in 404/503 responses.

Upgraded storage for the Apigee router to the latest version to resolve 404 responses.

Adjusted traffic weight and delays in the older replica set to handle traffic divergence during the release process to address any 5xx responses.

335832119 Fixed 404 errors caused during Apigee instance update/rollback.
255772956 Turned off asynchronous services callout when the <Response> element is not present due to inconsistent scaling of runtime pods.
338717278 Reverted problematic commit to address thread pool exhaustion.

Navigation menus in the Classic Apigee UI have been restored to support the transition from the Classic console to Apigee in the Google Cloud console.

Each menu item in the Classic console now directs you to the corresponding feature location in the Cloud console where you can carry out your task. Please see Apigee UI in Cloud console navigation for more details.

Correction: Apigee hybrid entitlements are available in Apigee Subscription 2024 plans. For more information, see Apigee Subscription 2024 entitlements.

May 16, 2024

Apigee Integrated Portal

On May 16, 2024 we released a new version of the Apigee integrated portal.

This release includes general improvements to performance and availability.

May 14, 2024

Apigee Advanced API Security

On May 14, 2024 we released an updated version of Advanced API Security.

NOTE: Rollouts of this feature are ongoing and will take multiple days to complete across all Google Cloud zones. You may not be able to use the functionality until the rollout is complete.

Addition of autonomous system numbers (ASN), HTTP methods, and region codes as supported security action rule condition types.

This new functionality is not available with Apigee hybrid at this time.

See Create a security action to learn more.

May 09, 2024

Apigee Advanced API Security

On May 9, 2024 we released an updated version of Advanced API Security.

Addition of CIDR range support when specifying IPv4 addresses for security action rules.

Apigee Advanced API Security now includes support for CIDR range specification when creating security action rules that restrict access based on IP addresses.

This new functionality is not available with Apigee hybrid at this time.

See Create a security action to learn more.

Apigee X

Limit on number of basepaths per environment

Apigee is enforcing a temporary limit of 500 basepaths per environment to avoid potential failures when deploying API proxy revisions.

While this limit is in place, you can deploy up to 500 API proxy revisions (each containing a single basepath) per environment. If your API proxies or revisions contain more than one basepath, the total number of basepaths per environment must not exceed 500.

To track the status of this issue, see Apigee Known Issues.

May 08, 2024

Apigee X

On May 8, 2024, we released an updated version of Apigee X.

This release contains the General Availability (GA) release of AppGroups for Apigee and Apigee hybrid (version 1.10.0 and later).

AppGroups represent a relationship between one or more apps that are managed by the same set of people. For information, see Using AppGroups to organize app ownership. Client support for AppGroups is available with the latest Drupal Teams module.

May 07, 2024

Apigee X

On May 7, 2024, we released an updated version of Apigee.

Target server SSL enforcement

With this release, Apigee customers can specify strict SSL southbound enforcement in TargetServer configurations using the object's enforce key. If set to true, SSL enforcement is applied to service callouts.

The option to specify this behavior is analogous to usage of the <Enforce> tag in the <SSLInfo> block of the TargetEndpoint configuration.

For more information, see Configure strict SSL enforcement .

Environment-level flag for SSL enforcement

Apigee customers can specify strict SSL southbound enforcement across an Apigee environment, using the SSLInfo.Enforce flag.

If SSLInfo.Enforce is set to true or false, the value specified overrides any granular enforcement options specified in <SSLInfo> blocks in TargetEndpoint or TargetServer configurations.

If SSLInfo.Enforce is unset, SSL enforcement is determined by any values specified using the <Enforce> element within individual <SSLInfo> blocks. For more information, see TLS/SSL TargetEndpoint configuration.

Two-way HTTPS health monitor support

Apigee health monitors using <HTTPMonitor> can now use all SSL parameters available in the <SSLInfo> block of their TargetServer configurations when performing health checks.

To enable access, set <UseTargetServerSSLInfo> to true in the <Request> block of the HTTPMonitor configuration.

For more information, see Health monitor using HTTP monitor .

May 06, 2024

Apigee API hub

Apigee API hub is available in preview.

With Apigee API hub, you can consolidate and organize critical information about your APIs in one place. Use API hub to accelerate the consistency, use, reuse, and governance of your API portfolio.

Use API hub to:

  • Create and manage a complete catalog of your APIs and API resources.
  • Add rich attributes to your APIs for tracking, organizing, and filtering.
  • Link to one or more Apigee projects to automatically fetch and store Apigee API proxy information.
  • Find APIs with powerful free-form semantic search capabilities.
  • Track compliance for your API specification files using Linting functionality.

To learn more about the features and functionality available, see What is Apigee API hub?

NOTE: Rollouts of this feature will begin on May 6, 2024, and may take four or more business days to be completed across all Google Cloud zones. You may not be able to provision API hub until the rollout is complete.

May 03, 2024

Application Integration

Loop Metadata variables are changing

In the For each loop and While loop tasks, there's a Loop metadata variable in which you will find duplicate keys for the output variable–for example, Current Iteration Count and current_iteration_count. We recommend you to use the variables that contain the underscore (_) symbol because the other keys are being deprecated.

For more information, see Known issue: Duplicate keys in the Loop metadata.

May 01, 2024

Apigee Integrated Portal

On May 1, 2024 we released an updated version of Apigee integrated portal.

This release contains multiple security fixes.

April 29, 2024

Application Integration

April 28, 2024

Application Integration

While configuring a Cloud Pub/Sub trigger, you can now add a config variable for your service account. Config variables let you externalize configuration for integrations.

April 26, 2024

Apigee X

On April 26, 2024, we released an updated version of Apigee.

Logging Apigee access logs

Apigee Subscription and Pay-as-you-go customers can now enable Cloud Logging ingress access logs for each Apigee instance in their organization. Once enabled, this feature allows you to view the logs generated by ingress gateways in your Apigee infrastructure, such as an external Application Load Balancer or an Anthos gateway, to assist in troubleshooting Apigee API calls.

For more information, see Logging Apigee access logs.

April 24, 2024

Application Integration

For Cloud Pub/Sub triggers, the default value of the expiration period option for subscriptions is changed from 31 days to never expire. If you want to change the value of the expiration period, then you must update the Cloud Pub/Sub subscription in the Google Cloud console.

April 21, 2024

Application Integration

April 19, 2024

Apigee X

On April 19, 2024, we released an updated version of Apigee.

With this release, Apigee API Management organizations with Subscription 2021 contracts have been upgraded to introduce standard and extensible API proxy features and expanded limits on deployments.

With this upgrade:

  • Standard and extensible API proxy calls are counted equally when calculating overall API call entitlement for Subscription 2021 contracts.
  • The maximum number of shared flow deployments is 75 per environment.
  • There are no limits on the total number of API proxy deployments per environment.
  • The maximum limit of total deployment units (API proxies or shared flows) per organization is 4250.

Note: The fleetwide upgrade is complete for the majority of Subscription 2021 contract organizations. Organization administrators for the remaining 5% of organizations have been contacted by Apigee representatives regarding timelines for the release.

To learn more about:

Subscription Apigee organizations (without hybrid entitlements) upgraded in this release will see changes to the user experience in the Classic Apigee UI. To support management of the upgraded functionality now available to these organizations, a number of feature administration pages are now only available in the Apigee UI in Cloud console.

For more information, see Apigee UI in Cloud console navigation.

April 17, 2024

Apigee hybrid

hybrid v1.12.0

On April 17, 2024 we released an updated version of the Apigee hybrid software, v1.12.0.

For information on upgrading, see Upgrading Apigee hybrid to version v1.12.0. For information on new installations, see The big picture.

A new suite of metrics for monitoring Apigee proxies and target endpoints is now available for Hybrid 1.12.

You can now add your own contractEncryptionKey for new Apigee hybrid installations. For details, see Data encryption.

The JAR file dependencies required to create a Java callout are now hosted securely in Artifact Registry.

For more information on downloading the JAR dependencies from Artifact Regsitry, see Compile your code with Maven.

Hybrid 1.12 validates required conditions are satisfied before allowing Runtime services to be created. See Diagnosing issues with guardrails.

Apigee hybrid now supports Workload Identity Federation for component authentication on AKS and EKS installations. See Enabling Workload Identity Federation on AKS and EKS.

Hybrid v1.12 now supports storing service account keys in Hashicorp Vault. See Storing service account keys in Hashicorp Vault.

The apigeectl command-line tool is deprecated. as of April 17, 2024. The apigeectl tool is not supported for Apigee hybrid v1.12. Support for apigeectl for hybrid v1.10 and v1.11 will end on April 17, 2025. For more information, see apigeectl deprecation.

The Proxyv2 and targetv2 metrics suite is deprecated. The Apigee hybrid v1.12 release supports the new proxy and target metrics by default. Support for Proxyv2 and targetv2 metrics in hybrid v 1.10 and v1.11 will end on April 17, 2025. For more information, see ProxyV2 and TargetV2 deprecation.

Bug ID Description
284034011 Modified Apigee Watcher and Apigee Ingress to leverage a sidecar instead of pod/exec for collecting ingress routing status.
298202120 The Datastore component now uses Cassandra 4.
311705715 Use a non-default service account for the remove-dc component. (Fixed in Apigee hybrid 1.10.3-hotfix.4, 1.10.4, and 1.11.1)
306341401 Fixed regression where virtualhost cipherSuites overrides weren't being used. (Fixed in Apigee hybrid 1.10.4 and 1.11.1)
302186503 Added the missing HTTP proxy template settings to the Apigee Hybrid Helm datastore component. (Fixed in Apigee hybrid 1.10.4)
300542690 Added dedicated service accounts for Apigee Connect, Redis, and UDCA to prevent Kubernetes from automatically injecting credentials for a specified Service Account or the default Service Account. (Fixed in Apigee hybrid 1.10.4)
277353680 Fixed issue causing target server HealthMonitors to continue beyond revision or deletion of the proxy.

Target health checks are now terminated as soon as the proxy is removed from the runtime (undeployed or deleted). Note: There may be a delay between removal of the proxy and termination of the target server health checks. (Fixed in Apigee hybrid 1.10.4)

These security bugs were fixed in Apigee hybrid v1.12.0

Bug ID Description
N/A Security fixes for apigee-cassandra-backup-utility
This addresses the following vulnerabilities:
N/A Security fixes for apigee-hybrid-cassandra-client
This addresses the following vulnerabilities:
N/A Security fixes for apigee-hybrid-cassandra
This addresses the following vulnerabilities:
N/A Security fixes for apigee-kube-rbac-proxy
This addresses the following vulnerabilities:
N/A Security fixes for apigee-prometheus-adapter
This addresses the following vulnerability:
N/A Security fixes for apigee-udca
This addresses the following vulnerabilities:
N/A Security fixes for apigee-watcher
This addresses the following vulnerability:
N/A Security fixes for apigee-connect-agent
This addresses the following vulnerability:
N/A Security fixes for apigee-fluent-bit
This addresses the following vulnerabilities:

These security bugs were fixed in Apigee hybrid v1.10.4.

Bug ID Description
315034009 Security fixes: apigee-asm-ingress and apigee-asm-istiod (ingressgateway and ingressgateway-controller) are upgraded to Service Mesh version 1.17.8-asm.4.
This addresses the following vulnerabilities:
311167948 A security issue was addressed.
303460289 Security fixes for apigee-prometheus-adapter.
This addresses the following vulnerabilities:
303459588 Security fixes for apigee-prom-prometheus.
This addresses the following vulnerabilities:
300319489 Security fixes for fluentd.
This addresses the following vulnerabilities:
294892189 Security fixes for apigee-diagnostics-collector.
This addresses the Guava vulnerability:
N/A Security fixes for apigee-cassandra-backup-utility and apigee-prom-prometheus.
This addresses the following vulnerabilities:
N/A Security fixes for apigee-fluent-bit.
This addresses the following vulnerabilities:
N/A Security fixes for apigee-hybrid-cassandra and apigee-hybrid-cassandra-client.
This addresses the following vulnerabilities:
N/A Security fixes for apigee-installer, apigee-operators, and apigee-watcher.
This addresses the following vulnerabilities:
N/A Security fixes for apigee-kube-rbac-proxy.
This addresses the following vulnerabilities:

These security bugs were fixed in Apigee hybrid v1.11.1.

Bug ID Description
315034009 Security fixes: apigee-asm-ingress and apigee-asm-istiod (ingressgateway and ingressgateway-controller) are upgraded to Service Mesh version 1.17.8-asm.4.
This addresses the following vulnerabilities:
303460289 Security fixes to apigee-prometheus-adapter.
This addresses the following vulnerabilities:
303459588 Security fixes to apigee-prom-prometheus.
This addresses the following vulnerabilities:
303292806 Restrict connections from the Cassandra backup utility to Cassandra server pods in the apigee namespace.
N/A Security fixes to apigee-cassandra-backup-utility.
This addresses the following vulnerabilities:
N/A Security fixes to apigee-fluent-bit.
This addresses the following vulnerabilities:
N/A Security fixes to apigee-hybrid-cassandra.
This addresses the following vulnerabilities:
N/A Security fixes to apigee-hybrid-cassandra-client.
This addresses the following vulnerabilities:
N/A Security fixes to apigee-kube-rbac-proxy.
This addresses the following vulnerabilities:
N/A Security fixes to apigee-installer, apigee-operators, and apigee-watcher.
This addresses the following vulnerabilities:

These security bugs were fixed in Apigee hybrid v1.11.1-hotfix.1.

Bug ID Description
324460830 Security fix for apigee-ingress.
This addresses the following vulnerabilities:

These security bugs were fixed in Apigee hybrid v1.10.4-hotfix.1.

Bug ID Description
324460830 Security fix for apigee-ingress.
This addresses the following vulnerabilities:

April 15, 2024

Apigee X

On April 15, 2024, we released an updated version of Apigee (1-12-0-apigee-4).

Bug ID Description
332981542 Optimized VerifyAPI policy execution time for high count of API products.

April 03, 2024

Apigee X

On April 3, 2024, we released an updated version of Apigee.

With this release, Apigee expanded its support for data residency to additional regions in Asia-Pacific and the Middle East. Data residency for Apigee meets compliance and regulatory requirements by allowing you to specify the geographic locations (regions) where Apigee data is stored.

For more information, see Introduction to data residency.

For a list of supported geographic locations, see Apigee locations.

April 02, 2024

Apigee X

On April 2, 2024, we announced an increase in the rate limits for the Spike Arrest policy.

The limit on the rate you can specify increased from 1,000 requests per second, 60,000 requests per minute to 4,000 requests per second, 240,000 requests per minute.

See the Spike Arrest section of the Limits page for information on Spike Arrest limits.

April 01, 2024

Apigee X

On April 1, 2024, we released an updated version of Apigee.

With this release, Apigee expanded its support for data residency to additional regions in Canada. Data residency for Apigee meets compliance and regulatory requirements by allowing you to specify the geographic locations (regions) where Apigee data is stored.

For more information, see Introduction to data residency.

For a list of supported geographic locations, see Apigee locations.

March 29, 2024

Apigee X

On March 29, 2024, we released an updated version of Apigee (1-12-0-apigee-2).

With this release, Apigee expanded its support for data residency to additional regions in the European Union. Data residency for Apigee meets compliance and regulatory requirements by allowing you to specify the geographic locations (regions) where Apigee data is stored.

For more information, see Introduction to data residency.

For a list of supported geographic locations, see Apigee locations.

New Apigee API Monitoring Metrics

An new suite of metrics for monitoring Apigee proxies and target endpoints is now available. With improved scalability and accuracy, the new suite can support large workloads and withstand underlying infrastructure changes.

Apigee's API Monitoring tables and dashboards have been updated to include the following new metrics, which can be used to configure alerts and create custom dashboards:

proxy/request_count
proxy/response_count
proxy/latencies
target/request_count
target/response_count
target/latencies
Bug ID Description
322843888 Fixed issue with incorrect proxy routing when using base paths in proxy chaining.
293933387 KVM list operation now permits entries with null or empty values.
239523766 Removed Unable to evaluate jsonVariable, returning null error string from ExtractVariable Policy logging.
285592278 Fixed issue with deduction of recurring fees from prepaid balances.
237656263 Resolved issue with async mode in the ServiceCallout policy when the <Response> element is removed.

This note is incorrect; this fix is not included in this release.

321744310 Added support for caching JSON results retrieved from the ExtractVariables policy.
295341973 Resolved issue causing delay in updating southbound SSL certificates in truststore and keystore references.

March 28, 2024

Apigee Integrated Portal

On March 28, 2024 we released an updated version of Apigee integrated portal.

Bug ID Description
324872865 Fixed scrolling issue with API documentation display when navigating to the overview page.

March 26, 2024

Apigee X

On March 26, 2024, we released an updated version of Apigee (1-12-0-apigee-1).

New Apigee API Monitoring Metrics

An new suite of metrics for monitoring Apigee proxies and target endpoints is now available. With improved scalability and accuracy, the new suite can support large workloads and withstand underlying infrastructure changes.

Apigee's API Monitoring tables and dashboards have been updated to include the following new metrics, which can be used to configure alerts and create custom dashboards:

proxy/request_count
proxy/response_count
proxy/latencies
target/request_count
target/response_count
target/latencies
Bug ID Description
322843888 Fixed issue with incorrect proxy routing when using base paths in proxy chaining.
293933387 KVM list operation now permits entries with null or empty values.
239523766 Removed Unable to evaluate jsonVariable, returning null error string from ExtractVariable Policy logging.
285592278 Fixed issue with deduction of recurring fees from prepaid balances.
237656263 Resolved issue with async mode in the ServiceCallout policy when the <Response> element is removed.

This note is incorrect; this fix is not included in this release.

321744310 Added support for caching JSON results retrieved from the ExtractVariables policy.
295341973 Resolved issue causing delay in updating southbound SSL certificates in truststore and keystore references.

March 14, 2024

Apigee UI

On March 14, 2024 we released an updated version of the Apigee UI.

Bug ID Description
320739232 An issue was fixed where an incorrect error message was displayed after an API proxy or shared flow was undeployed.

March 13, 2024

Apigee X

As of March 13, 2024, the conversion of Apigee API Management organizations with Pay-as-you-go pricing provisioned before October 1, 2023, to Pay-as-you-go organizations that use updated attributes for pricing is complete, with the exception of one organization that requires customer action.

The Apigee API Analytics add-on is enabled in converted organizations.The Analytics add-on can be disabled if it is not required. In addition, you can update your Pay-as-you-go environment types using the API.

For more information on the updated pricing and enhanced features now available for these organizations, see Pay-as-you-go (updated attributes) overview.

Updated pricing attributes will be reflected in March invoices. For billing questions related to this change, contact Google Cloud Billing support.

March 06, 2024

Application Integration

Application Integration now supports config variables. Config variables let you to build CICD for your integration. This feature is in preview.

March 04, 2024

Apigee Advanced API Security

On March 4, 2024 we released an updated version of Advanced API Security.

New conditions for security actions

You can now create security actions based on the following condition types (in addition to the condition types for Detection rules and IP addresses that were already available):

  • API keys
  • API products
  • Access tokens
  • Developers
  • Developer apps
  • User agents

These new conditions are not available with Apigee hybrid at this time.

See Create a security action to learn more.

February 23, 2024

Application Integration

Application Integration now supports private triggers that enable you to break large flows into various subflows. This feature is in preview.

February 19, 2024

Application Integration

Data masking in logs

You can now prevent sensitive data from appearing the integration execution logs. For more information, see Mask sensitive data in logs.

February 12, 2024

Apigee X

On February 12, 2024, we released an updated version of Apigee (1-11-0-apigee-17).

This release addresses the security concerns in GCP-2024-007 from Google Anthos Service Mesh.

Bug ID Description
322389251 Security fix for apigee-ingress.
This addresses the following vulnerabilities:
Bug ID Description
230082910 Fixed issue causing null values for system.timestamp and system.time.millisecond proxy variables.

This note is incorrect; this fix is not included in this release.

| 285592278 | Fixed issue with deduction of recurring fees from prepaid balances.

This note is incorrect; see entry for March 26, 2024.

Application Integration

You can now also view the integration execution logs in Cloud Logging. For more information, see View logs in Cloud Logging.

February 09, 2024

Apigee hybrid

hybrid v1.11.1-hotfix.1

On February 9, 2024 we released an updated version of the Apigee hybrid software, v1.11.1-hotfix.1.

This release addresses the security concerns in GCP-2024-007 from Google Anthos Service Mesh.

Bug ID Description
324460830 Security fix for apigee-ingress.
This addresses the following vulnerabilities:

hybrid v1.10.4-hotfix.1

On February 9, 2024 we released an updated version of the Apigee hybrid software, v1.10.4-hotfix.1.

This release addresses the security concerns in GCP-2024-007 from Google Anthos Service Mesh.

Bug ID Description
324460830 Security fix for apigee-ingress.
This addresses the following vulnerabilities:

February 08, 2024

Apigee X

On February 8, 2024 we released an updated version of the Apigee APIs.

API support for update operations on KeyValueMap entries

Starting with this release, the Apigee APIs support update operations for KeyValueMap entries. See the API reference page for REST Resource: organizations.environments.keyvaluemaps.entries for information.

February 07, 2024

Apigee Integrated Portal

On February 07, 2024 we released an updated version of Apigee integrated portal.

Bug ID Description
323278335 A security issue was fixed.
192987085 Fixed an issue where switching API spec pages in the public developer portal resulted in an error. Note, this issue was erroneously mentioned in the 12/7/23 release notes.

February 02, 2024

Apigee X

On February 2, 2024, we released an updated version of Apigee.

We modified or added these limits:

  • Changed the maximum API proxy endpoints per API proxy from 5 to 10
  • Specified the maximum API base paths per organization as 21,250

See the Limits page for details.

February 01, 2024

Apigee X

On February 1, 2024, we released an updated version of Apigee.

With this release, Apigee API Management organizations with Pay-as-you-go pricing provisioned before October 1, 2023, will be converted to Pay-as-you-go organizations that use updated attributes for pricing.

Prior to the conversion, these organizations were billed for API runtimes based on Apigee gateway node usage and the total number of API requests processed by Apigee analytics.

Once converted, these organizations will be billed for the following:

  • Volume of API calls processed by a given proxy type
  • Usage of deployment environments (per hour per region)
  • Usage of additional deployment units (API proxies or shared flows)
  • Any additional add-on capabilities (Advanced API security, Monetization, Analytics)

The conversion process is expected to last about 5 minutes and traffic will continue to be processed normally during this time. If proxy revision deployments are interrupted during this time frame, revisions can be deployed after conversion completes.

The Apigee API Analytics add-on will be enabled by default in converted organizations.The Analytics add-on can be disabled after the pricing change if it is not required.

For more information on the updated pricing and enhanced features now available for these organizations, see Pay-as-you-go (updated attributes) overview.

Updated pricing attributes will be reflected in March invoices. For billing questions related to this change, contact Google Cloud Billing support.

January 24, 2024

Application Integration

Custom connectors [Preview]

Application Integration now supports custom connectors. The custom connectors feature (based on the Open API specification) lets you create your own connectors that aren't a part of the standard connectors provided by Integration Connectors. You can use these connectors in your integrations. For more information, see Custom connectors.

January 23, 2024

Apigee UI

On January 23, 2024 we released an updated version of the Apigee UI.

Bug ID Description
317739341 In some cases the navigation menu for Monetization was hidden when Monetization was enabled in the Apigee organization. This has been fixed.
Application Integration

The following new data transformer functions are available:

January 22, 2024

Apigee Integrated Portal

On January 22, 2024 we released an updated version of Apigee integrated portal.

Bug ID Description
311491188 API requests to add a category to a catalog item now validate that the category ID exists.
Apigee X

On January 22, 2023, we released an updated version of Apigee (1-11-0-apigee-14).

Note: Rollouts of this release to production instances will begin within two business days and may take four or more business days to be completed across all Google Cloud zones. Your instances may not have the features and fixes available until the rollout is complete.

Bug ID Description
316093865 Fixed issue where empty LoadBalancer configuration in the Target Endpoint results in a failed proxy deployment with NullPointerException.
312966965 Resolved proxy chaining issue resulting in incorrect post-target service callout hostnames.
318909276 Fixed issue withLookupCache policy failures under certain circumstances.
262071551 Resolved issue with the use of combinators such as allOf in the OASValidation Policy.
311049371 Resolved issue causing SSL error in proxy chaining and path chaining flows.
308196929 Use of target.header.host flow variable with gRPC targets is now fixed.

January 16, 2024

Apigee Advanced API Security

On January 16, 2024 we released an updated version of Advanced API Security.

Training machine learning models for abuse detection on your data

You now have the option to allow Apigee to train your organization's machine learning models for abuse detection on your data. Training the models on your data helps improve their accuracy for detecting security incidents.

Application Integration

Webhook triggers are now supported in preview. With webhook triggers, you can build integrations for your data sources that don't have specific triggers but support webhook for event listening.

December 21, 2023

Apigee hybrid

hybrid 1.11.1

On December 21, 2023 we released an updated version of the Apigee hybrid software, 1.11.1.

Bug ID Description
311705715 Use a non-default service account for the remove-dc component.
306341401 Fixed regression where virtualhost cipherSuites overrides weren't being used.
Bug ID Description
315034009 Security fixes: apigee-asm-ingress and apigee-asm-istiod (ingressgateway and ingressgateway-controller) are upgraded to Service Mesh version 1.17.8-asm.4.
This addresses the following vulnerabilities:
303460289 Security fixes to apigee-prometheus-adapter.
This addresses the following vulnerabilities:
303459588 Security fixes to apigee-prom-prometheus.
This addresses the following vulnerabilities:
303292806 Restrict connections from the Cassandra backup utility to Cassandra server pods in the apigee namespace.
N/A Security fixes to apigee-cassandra-backup-utility.
This addresses the following vulnerabilities:
N/A Security fixes to apigee-fluent-bit.
This addresses the following vulnerabilities:
N/A Security fixes to apigee-hybrid-cassandra.
This addresses the following vulnerabilities:
N/A Security fixes to apigee-hybrid-cassandra-client.
This addresses the following vulnerabilities:
N/A Security fixes to apigee-kube-rbac-proxy.
This addresses the following vulnerabilities:
N/A Security fixes to apigee-installer, apigee-operators, and apigee-watcher.
This addresses the following vulnerabilities:

December 18, 2023

Apigee hybrid

hybrid v1.10.4

On December 18, 2023 we released an updated version of the Apigee hybrid software, 1.10.4.

Bug ID Description
311705715 Use a non-default service account for the remove-dc component.
306341401 Fixed regression where virtualhost cipherSuites overrides weren't being used.
302186503 Add the missing HTTP proxy template settings to the Apigee Hybrid Helm datastore component.
300542690 Added dedicated service accounts for Apigee Connect, Redis, and UDCA to prevent Kubernetes from automatically injecting credentials for a specified Service Account or the default Service Account.
277353680 Fixed issue causing target server HealthMonitors to continue beyond revision or deletion of the proxy.

Target health checks are now terminated as soon as the proxy is removed from the runtime (undeployed or deleted). Note: There may be a delay between removal of the proxy and termination of the target server health checks.

Bug ID Description
315034009 Security fixes: apigee-asm-ingress and apigee-asm-istiod (ingressgateway and ingressgateway-controller) are upgraded to Service Mesh version 1.17.8-asm.4.
This addresses the following vulnerabilities:
311167948 A security issue was addressed.
303460289 Security fixes for apigee-prometheus-adapter.
This addresses the following vulnerabilities:
303459588 Security fixes for apigee-prom-prometheus.
This addresses the following vulnerabilities:
300319489 Security fixes for fluentd.
This addresses the following vulnerabilities:
294892189 Security fixes for apigee-diagnostics-collector.
This addresses the Guava vulnerability:
N/A Security fixes for apigee-cassandra-backup-utility and apigee-prom-prometheus.
This addresses the following vulnerabilities:
N/A Security fixes for apigee-fluent-bit.
This addresses the following vulnerabilities:
N/A Security fixes for apigee-hybrid-cassandra and apigee-hybrid-cassandra-client.
This addresses the following vulnerabilities:
N/A Security fixes for apigee-installer, apigee-operators, and apigee-watcher.
This addresses the following vulnerabilities:
N/A Security fixes for apigee-kube-rbac-proxy.
This addresses the following vulnerabilities:

December 15, 2023

Apigee X

On December 15, 2023, we released an updated version of Apigee.

Update Pay-as-you-go environment types with Apigee APIs.

Use Apigee APIs to upgrade or downgrade the type of an existing environment to add or remove feature capabilities and manage your Apigee Pay-as-you-go billing and resource usage. For more information, see Update Pay-as-you-go environment types.

Apigee Advanced API Security add-on for Pay-as-you-go organizations is generally available (GA).

With this release, Apigee Advanced API Security is available as a paid add-on capability for Pay-as-you-go organizations. The add-on can be enabled in any Apigee Intermediate or Comprehensive environment from the Apigee UI in Cloud Console or using the Apigee APIs. For more information, see Manage the Advanced API Security add-on.

December 13, 2023

Apigee Advanced API Security

On December 13, 2023 we released an updated version of Advanced API Security.

Public preview of archiving security incidents

With this release, you can now archive security incidents that you no longer want to see displayed in the incidents list. For example, you might want to archive incidents that you have already dealt with and no longer need to track. Archiving incidents can help you focus on those incidents that still require your attention. Archiving does not delete the incident: you can always unarchive it whenever you want.

Performance improvements to Risk Assessment security scores

Risk Assessment security scores now load faster in the Apigee UI, due to improved server side caching of scores.

Apigee X

On December 13, 2023, we released an updated version of Apigee.

Note: Rollouts of this release to production instances will begin within two business days and may take four or more business days to be completed across all Google Cloud zones. Your instances may not have the features and fixes available until the rollout is complete.

You can now restrict the creation of Apigee location based resources (Organization, Instances and EndpointAttachments) to specific locations using an Organization Policy Service constraint. This feature is generally available. To learn more, see Restricting Resource Locations.

Apigee now supports data residency. Data residency for Apigee meets compliance and regulatory requirements by allowing you to specify the geographic locations (regions) where Apigee data is stored. See Introduction to data residency.

Apigee now supports Forward Proxying. Forward Proxying provides the ability to forward traffic received in a particular environment to a specified URI. See Forward proxying.

Apigee now supports CMEK for the control plane. If you have specific compliance or regulatory requirements related to the keys that protect your data, you can use customer-managed encryption keys (CMEK). See Introduction to CMEK.

Application Integration

Application Integration is now available in the following regions:

  • asia-east2 (Taiwan)
  • asia-northeast2 (Osaka)
  • asia-northeast3 (Seoul)
  • asia-south2 (Delhi)
  • asia-southeast2 (Jakarta)
  • europe-central2 (Warsaw)
  • europe-west10 (Berlin)
  • europe-west12 (Turin)
  • northamerica-northeast2 (Toronto)
  • southamerica-west1 (Santiago)
  • us-east5 (Columbus)
  • us-west3 (Salt Lake City)
  • us-west4 (Las Vegas)
  • us-south1 (Dallas)

For the list of all the supported regions, see Locations.

December 07, 2023

Apigee Integrated Portal

On December 7, 2023 we released an updated version of Apigee integrated portal.

Bug ID Description
313803133 Fixed an issue where switching API spec pages in the public developer portal resulted in an error.
310865440 Fixed an issue where updating the documentation of a CatalogItem could timeout.
Apigee X

On December 7, 2023, we released an updated version of Apigee X.

General Availability (GA) of Apigee gRPC passthrough

Apigee's gRPC proxy passthrough functionality provides the ability to create proxies which receive gRPC client requests and pass them through to a gRPC target server.

For information, see Creating gRPC API proxies.

December 06, 2023

Apigee Advanced API Security

On December 6, 2023 we released an updated version of Advanced API Security.

New button to create a security action is now in several places in the Abuse detection and Risk assessment pages

The new button links directly to the Security actions page from the Abuse detection or Risk assessment pages, so you can easily create a security action for the environment you are currently viewing. The button is in the following locations:

  • The Source assessment view in the Risk assessment page
  • The Detected Traffic, Incident, and Incident details views in the Abuse detection page

December 05, 2023

Apigee Advanced API Security

On December 5, 2023 we released an updated version of Advanced API Security.

Changes to proxy security scores

The following changes have been made to the way proxy security scores are calculated:

  • Previously, adding a policy to a proxy or shared flow, but not attaching the policy to any flow (preflow, postflow or conditional flow), could affect the proxy's score.

    With this release, you must attach a policy in a flow in order for the policy to affect the proxy's score. A policy that is not attached in a flow is treated as if no policy were present for scoring.

  • Previously, proxies with no policies were not considered in scoring.

    With this release, proxies with no policies are considered in scoring.

See How policies affect proxy security scores to learn more.

December 01, 2023

Apigee X

On December 1, 2023, we released an updated version of Apigee (1-11-0-apigee-8).

Note: Rollouts of this release to production instances will begin within two business days and may take four or more business days to be completed across all Google Cloud zones. Your instances may not have the features and fixes available until the rollout is complete.

Dynamic endpoint target metrics aggregated into a single metric.

With this release, all request, response, and latency target metrics for dynamically-configured endpoints are aggregated and presented as a single metric per proxy, using the endpoint label Dynamic Target. This feature does not change monitoring behavior for statically configured endpoints.

Bug ID Description
294882858 Fixed issue with ServiceCallout policy overriding target_ip value in proxy.
279037851 Improved performance when running debug sessions with masked payload.
312026988 Resolved possible usage counting issue for monetization prepaid developers using proxies with multiple proxy endpoints configured.
Apigee hybrid

hybrid v1.10.3-hotfix.4

On December 1, 2023 we released an updated version of the Apigee hybrid software, v1.10.3-hotfix.4.

Bug ID Description
311705715 Mount a dedicated service account to the remove-dc component.
Bug ID Description
311167948 A security issue was addressed.
Application Integration

Cloud Pub/Sub trigger supports cross-project topics

You can now configure your Cloud Pub/Sub trigger for a Pub/Sub topic that isn't in the same Google Cloud project as your integration. The Pub/Sub topic can be in any Google Cloud project.

Starting with this release, you must specify a service account when configuring the Cloud Pub/Sub trigger. Your existing Cloud Pub/Sub triggers, that don't have any service account associated with them, will continue to work as before. However, if you want to modify the Pub/Sub topic in any of the existing Cloud Pub/Sub triggers, you must also configure a service account for those triggers to continue using them.

November 29, 2023

Application Integration

The Database persistence feature is now renamed to Local logging, which also supports logging in ASYNC mode. For more information, see Local logging.

Application Integration is now available in the Dammam (me-central2) region. For the list of all the supported regions, see Locations.

November 23, 2023

Application Integration

HubSpot trigger is now available in preview.

November 21, 2023

Application Integration

November 17, 2023

Apigee hybrid

hybrid v1.11.0

On November 17, 2023 we released an updated version of the Apigee hybrid software, v1.11.0.

Helm charts management for Apigee hybrid

Starting in version v1.11.0, you have the choice of installing and managing your clusters with either Helm or apigeectl. You cannot manage a cluster with both. Apigee recommends using Helm for new hybrid installations. See Apigee hybrid Helm charts reference.

Vault integration for Cassandra credentials (preview)

Starting in version v1.11.0, you can store Cassandra credentials in Hashicorp Vault.
Note: Using Vault requires Helm management of your Apigee installation.
See Storing Cassandra credentials in Hashicorp Vault.

Vault integration is in preview as of the Apigee hybrid 1.11.0 release.

Apigee Advance API Security Actions for Apigee hybrid

Advanced API Security's new Security Actions feature is now available in Apigee hybrid.

Bug ID Description
295929616 Installation of Hybrid 1.10.x would fail on OpenShift due to out of memory issues. (Fixed in Apigee hybrid v1.10.3)
294069799 Updated the security context settings for the Apigee Hybrid Backup and Restore pod.
292571089 An error with support for CSI backup and restore for Cassandra was fixed. (Fixed in Apigee hybrid v1.10.3)
292118812 Fixed UDCA regression in Hybrid 1.10.1 where UDCA would ignore forward proxy configuration. (Fixed in Apigee hybrid v1.10.2)
289254725 Implemented a fix to prevent failure of proxy deployments that include the OASValidation policy. (Fixed in Apigee hybrid v1.10.1)
287321226 Security context has been corrected for apigee-prom-prometheus to avoid privilege escalation. (Fixed in Apigee hybrid v1.10.3)
277353680 Fixed issue causing target server HealthMonitors to continue beyond revision or deletion of the proxy.

Target health checks are now terminated as soon as the proxy is removed from the runtime (undeployed or deleted). Note: There may be a delay between removal of the proxy and termination of the target server health checks. (Fixed in Apigee X)

240180122 Disable privilege escalation on the cassandra container by moving the ulimit settings to the newly introduced initContainer "apigee-cassandra-ulimit-init".

If you are using security controls with gatekeeper, ensure that apigee-cassandra-ulimit-init initContainer can runAs user, group as 0 and allow capabilities IPC_LOCK and SYS_RESOURCES. (Fixed in Apigee hybrid v1.11.0)

205666368 Fixed issue with default validation of TLS target endpoint certificates.

To enable strict SSL on southbound connections to a proxy target endpoint, add the tag <Enforce>true</Enforce> in the target <SSLInfo> block.

See About setting TLS options in a target endpoint or target server.

See also Known Issue #205666368.

(Fixed in Apigee hybrid v1.10.3-hotfix.1)
158132963 Added improvements to capture relevant target flow variables in trace and analytics in case of target timeouts. (Fixed in Apigee hybrid v1.10.2)
Bug ID Description
303292806 Set backup utility to only connect to Cassandra server pods in the apigee namespace. (Fixed in Apigee hybrid v1.10.3-hotfix.3)
300542690 Added dedicated service accounts for Apigee Connect, Redis, and UDCA to prevent Kubernetes from automatically injecting credentials for a specified ServiceAccount or the default ServiceAccount. (Fixed in Apigee hybrid v1.10.3-hotfix.3)
297938600,
297938559,
297938486,
294892344
Security fixes for apigee-diagnostics-collector. (Fixed in Apigee hybrid v1.10.3)
This addresses the following vulnerabilities:
297938498,
297938487
Security fixes for apigee-fluent-bit.(Fixed in Apigee hybrid v1.10.3)
This addresses the following vulnerabilities:
297938441 Security fixes for apigee-runtime. (Fixed in Apigee hybrid v1.10.3)
This addresses the following vulnerabilities:
297286274 Security fixes for apigee-installer. (Fixed in Apigee hybrid v1.10.3)
This addresses the following vulnerabilities:
296719459,
296719400,
296719348,
296719307,
296719306,
296719188,
296719187,
296719186,
296719115,
296719018,
296718937,
296718918,
296718917,
296718916,
296716670,
296716669,
296716472,
296716471,
296715155
Security fixes for apigee-hybrid-cassandra. (Fixed in Apigee hybrid v1.10.3)
This addresses the following vulnerabilities:
296717666,
296717283,
296716668,
296716667,
296716650,
296716635,
296716634,
296716633,
296716470,
296716234,
296715734,
296715733,
296715154,
296715153
Security fixes for apigee-hybrid-cassandra-client. (Fixed in Apigee hybrid v1.10.3)
This addresses the following vulnerabilities:
296717665,
296717664,
296717663,
296717662,
296717185,
296716666,
296716649,
296716632,
296716468,
296716467,
296716232,
296715152,
296715151,
296714218
Security fixes for apigee-cassandra-backup-utility. (Fixed in Apigee hybrid v1.10.3)
This addresses the following vulnerabilities:
295936113 Security fixes for apigee-mart-server. (Fixed in Apigee hybrid v1.10.3)
This addresses the following vulnerability:
294906706 Security fixes for apigee-prom-prometheus. (Fixed in Apigee hybrid v1.10.3)
This addresses the following vulnerabilities:
293925856 Security fixes for apigee-prometheus-adapter. (Fixed in Apigee hybrid v1.10.3)
This addresses the following vulnerabilities:
293348130 Security fixes for apigee-udca. (Fixed in Apigee hybrid v1.10.2)
This addresses the following vulnerabilities:
291994501 Security fixes for apigee-operator and apigee-watcher. (Fixed in Apigee hybrid v1.10.2)
This addresses the following vulnerabilities:
291994501 Security fixes for apigee-installer. (Fixed in Apigee hybrid v1.10.2)
This addresses the following vulnerabilities:
290829031 Security fixes for apigee-hybrid-cassandra, apigee-cassandra-client, and cassandra-backup-utility. (Fixed in Apigee hybrid v1.10.2)
This addresses the following vulnerabilities:
290829028 Security fixes for Apigee Connect and apigee-connect-agent and apigee-redis. (Fixed in Apigee hybrid v1.10.2)
This addresses the following vulnerabilities:
290068742 Security fixes for apigee-udca. (Fixed in Apigee hybrid v1.10.1)
This addresses the following vulnerability:
290067464, 297938583 Security fixes for apigee-stackdriver-logging-agent. (Fixed in Apigee hybrid v1.10.1)
This addresses the following vulnerabilities:
290065830 Security fixes for apigee-udca. (Fixed in Apigee hybrid v1.10.1)
This addresses the following vulnerability:
281561243 Security fixes for apigee-diagnostics-collector, apigee-mart-server, apigee-mint-task-scheduler, apigee-runtime, and apigee-synchronizer. (Fixed in Apigee hybrid v1.10.1)
This addresses the following vulnerability:
N/A Security fixes for apigee-prometheus-adapter. (Fixed in Apigee hybrid hybrid v1.11)
This addresses the following vulnerabilities:
N/A Security fixes for apigee-prom-prometheus/master. (Fixed in Apigee hybrid v1.11)
This addresses the following vulnerabilities:
N/A Security fixes for apigee-kube-rbac-proxy. (Fixed in Apigee hybrid hybrid v1.11)
This addresses the following vulnerabilities:
N/A Security fixes for apigee-hybrid-cassandra. (Fixed in Apigee hybrid hybrid v1.11)
This addresses the following vulnerabilities:
N/A Security fixes for apigee-fluent-bit. (Fixed in Apigee hybrid hybrid v1.11)
This addresses the following vulnerabilities:
N/A Security fixes for apigee-diagnostics-collector, apigee-mart-server, apigee-mint-task-scheduler, apigee-runtime, and apigee-synchronizer. (Fixed in Apigee hybrid hybrid v1.11)
This addresses the following vulnerabilities:
N/A Security fixes for apigee-cassandra-backup-utility, apigee-hybrid-cassandra-client, and apigee-connect-agent. (Fixed in Apigee hybrid v1.11)
This addresses the following vulnerabilities:
N/A Security fixes for apigee-asm-ingress and apigee-asm-istiod. (Fixed in Apigee hybrid v1.11)
This addresses the following vulnerabilities:

November 10, 2023

Apigee Integrated Portal

On November 10, 2023 we released an updated version of Apigee integrated portal.

This release includes the public preview of integrated portal APIs which allow you to manage your integrated portal APIs and reference documentation using API calls.

The catalog items list view now uses pagination when making requests to the portals service, examples have been added to Publishing your APIs, and new reference documentation is available:

Apigee X

As of November 10, 2023, Configurable API Proxies (preview) is no longer available. For more information, see Configurable API Proxies (preview) deprecation.

On November 10, 2023 we released an updated version of Apigee.

Apigee is now available in a new region: Middle East - Dammam (me-central2).

See Apigee locations for more information about available regions.

November 08, 2023

Apigee Integrated Portal

On November 8, 2023 we released an updated version of Apigee integrated portal.

Bug ID Description
305287906 Fixed links to an API product from the API details, User account details, or Team details page in the Apigee UI.
307600672 Fixed issue where the name of the documentation was not populated in the Documentation column on the Apigee UI, API catalog page.
307599975 Improved pagination through large API catalogs on the Apigee UI, API catalog page.

November 03, 2023

Apigee X

On November 3, 2023, we updated the following security bulletin:

Bug ID Description
304599411 Security bulletin updated
GCP-2023-32
A Denial-of-Service (DoS) vulnerability was recently discovered in multiple implementations of the HTTP/2 protocol (CVE-2023-44487), including the Apigee Ingress (Anthos Service Mesh) server used by Apigee X. The vulnerability could lead to a DoS of Apigee API management functionality.

The shutdown of the Configurable API Proxy (Preview) feature is approaching. On or after November 10, 2023, the preview feature will no longer be available. For more information, see Configurable API proxies (preview) deprecation.

November 01, 2023

Apigee Advanced API Security

On December 6, 2024 we release an updated version of Advanced API Security.

Public preview of Advanced API Security custom profiles in the Apigee UI

With this release, you can now create and edit custom security profiles in the Apigee UI. Custom profiles let you specify the security categories that your security scores are based on.

The Security scores page in the Apigee UI has been renamed to the Risk assessment page, and the page now has tabs for security scores and security profiles.

October 26, 2023

Apigee Integrated Portal

On October 26, 2023 we released an updated version of Apigee integrated portal.

Bug ID Description
5400261 Improve confirmation dialog text when user clicks the button to revoke an app key from the portal UI.

This dialog is displayed when you:
  1. Select Apps from the user account drop-down in the portal.
  2. Click an app.
  3. Click the Revoke button in the API Keys row.
Apigee UI

On October 26, 2023 we released an updated version of the Apigee UI.

Bug ID Description
287028804, 291942702 Fixed issue where customers with a mismatched with Google Cloud project and Apigee organization ID would be presented with the Apigee welcome screen instead of the management UI in the Apigee UI in Google Cloud console.

The above fix requires a change in permissions for users managing Apigee through the Google Cloud console with a custom role.

Custom roles must now include the apigee.projectorganizations.get role for users who manage Apigee organizations via the Apigee UI in Cloud console. Without this role, users see a provisioning prompt in the console rather than the standard UI actions.

See UI-based Apigee management permissions for instructions.

October 24, 2023

Apigee UI

On October 24, 2023 we released an updated version of the Apigee UI.

Bug ID Description
301458133 Fixed an issue in which saving a previously deployed proxy or shared flow revision resulted in the error "revision revision_name is immutable." You are now prompted to create a new revision in this case.
Apigee X

On October 24, 2023, we released an updated version of Apigee (1-11-0-apigee-7).

Note: Rollouts of this release to production instances will begin within two business days and may take four or more business days to be completed across all Google Cloud zones. Your instances may not have the features and fixes available until the rollout is complete.

With this release, the HeaderName element is available as a child element of Authentication. This element appears in the ServiceCallout and ExternalCallout policies, and in the TargetEndpoint proxy configuration.

By default, when an Authentication configuration is present, Apigee generates and injects a bearer token into the Authorization header, in the message sent to the target system. The new HeaderName element allows the configuration to specify the name of a different header to hold that bearer token.

Bug ID Description
294293907 Fixed issue with Google authentication for gRPC-based target servers.
292454825 Fixed issue causing Null Pointer Exception when creating or updating an API product.
291784631 Implemented fix to permit the use of hyphens (-) in flow variables used to define target URLs in <HTTPTargetConnection>.
267229604 Fixed issue where updates to a TLS truststore reference were not reflected for in-use southbound target server connections.
277353680 Fixed issue causing target server HealthMonitors to continue beyond revision or deletion of the proxy.

Target health checks are now terminated as soon as the proxy is removed from the runtime (undeployed or deleted). Note: There may be a delay between removal of the proxy and termination of the target server health checks.

N/A Upgraded infrastructure and libraries.

October 19, 2023

Apigee Integration

The maximum memory available for script evaluation in the Data Transformer Script task is 300 MB. For the list of all the applicable limits, see Quotas and Limits.

Apigee X

On October 19, 2023, we released an updated version of Apigee

Looker Studio Integration

This release includes the public preview of Looker Studio Integration, which connects Apigee data to Google's Looker Studio. Looker Studio is a powerful and flexible tool that you can use to display Apigee data in fully customizable dashboards and reports.

Application Integration

The maximum memory available for script evaluation in the Data Transformer Script task is 300 MB. For the list of all the applicable limits, see Quotas and Limits.

October 17, 2023

Apigee hybrid

hybrid v1.10.3-hotfix.3

On October 17, 2023 we released an updated version of the Apigee hybrid software, v1.10.3-hotfix.3.

Bug ID Description
303292806 Set backup utility to only connect to Cassandra server pods in the apigee namespace.
300542690 Added dedicated service accounts for Apigee Connect, Redis, and UDCA to prevent Kubernetes from automatically injecting credentials for a specified ServiceAccount or the default ServiceAccount.

October 13, 2023

Apigee X

On October 13, 2023, we released an updated version of Apigee (1-11-0-apigee-6).

Bug ID Description
304681330 Security fix for apigee-ingress.
This addresses the following vulnerability:
CVE-2023-44487
305127632 Security bulletin published.
GCP-2023-032

Description

A Denial-of-Service (DoS) vulnerability was recently discovered in multiple implementations of the HTTP/2 protocol (CVE-2023-44487), including the Apigee Ingress (Anthos Service Mesh) server used by Apigee X. The vulnerability could lead to a DoS of Apigee API management functionality.

Affected Products

Deployments of Apigee X that are accessible through a Google Cloud Network Load Balancer (Layer 4), or a custom layer 4 load balancer, are affected. A hotfix is being applied to all Apigee X instances. Your Apigee X instances will be automatically updated within the next few days.

Unaffected products

Apigee X instances which are accessed only via Google Cloud Application Load Balancers (Layer 7) are not affected. This includes deployments that have HTTP/2 enabled for gRPC proxies.

What Should I Do?

All Apigee X instances will be automatically updated within the next few days. Customers do not need to take any actions.

What Vulnerabilities Are Addressed By These Patches?

The vulnerability, CVE-2023-44487, allows an attacker to execute a denial-of-service attack on Apigee ingresses.

Apigee hybrid

hybrid v1.10.3-hotfix.2

On October 13, 2023 we released an updated version of the Apigee hybrid software, v1.10.3-hotfix.2.

Bug ID Description
304681330 Security fix for apigee-ingress.
This addresses the following vulnerability:
CVE-2023-44487
305127632 Security bulletin published.
GCP-2023-032

hybrid v1.9.4-hotfix.1

On October 13, 2023 we released an updated version of the Apigee hybrid software, v1.9.4-hotfix.1.

Bug ID Description
304681330 Security fix for apigee-ingress.
This addresses the following vulnerability:
CVE-2023-44487
305127632 Security bulletin published.
GCP-2023-032

Description

A Denial-of-Service (DoS) vulnerability was recently discovered in multiple implementations of the HTTP/2 protocol (CVE-2023-44487), including the Apigee Ingress (Anthos Service Mesh) server used by Apigee hybrid. The vulnerability could lead to a DoS of Apigee API management functionality.

Affected Products

Apigee hybrid instances that allow HTTP/2 requests to reach the Apigee Ingress are affected. Customers should verify if the load balancers fronting their Apigee hybrid ingresses allow for HTTP/2 requests to reach the Apigee Ingress service.

What Should I Do?

Apigee hybrid customers will need to upgrade to one of the following patch versions:

What Vulnerabilities Are Addressed By These Patches?

The vulnerability, CVE-2023-44487, allows an attacker to execute a denial-of-service attack on Apigee ingresses.

October 10, 2023

Apigee Integration

The following new data transformer functions are available:

  • Manifest XML - Converts the specified input JSON object into an XML string.

  • Parse XML - Parses the specified input XML string into a JSON object.

IAM Conditions for fine-grained access

IAM Conditions lets you define and enforce conditional, attribute-based access control for Google Cloud resources, including Application Integration resources. For more information, see Add IAM conditions.

You can now view the detailed summary of an integration from the Integration designer. For more information, see View integration details.

Application Integration

The following new data transformer functions are available:

  • Manifest XML - Converts the specified input JSON object into an XML string.

  • Parse XML - Parses the specified input XML string into a JSON object.

IAM Conditions for fine-grained access

IAM Conditions lets you define and enforce conditional, attribute-based access control for Google Cloud resources, including Application Integration resources. For more information, see Add IAM conditions.

You can now view the detailed summary of an integration from the Integration designer. For more information, see View integration details.

Support for user-defined service account

You can now configure a service account of your choice for an integration. The option to select a service account is displayed to you during the integration creation step.

October 06, 2023

Apigee Advanced API Security

On October 6, 2023, we released an updated version of Advanced API Security.

Public Preview of Advanced API Security Actions

Advanced API Security's new Security Actions feature lets you create security actions that define how Apigee handles detected traffic. You can create the following security actions:

  • Deny actions, which deny requests that meet specified conditions, for example, originating at an IP address that has been identified as a source of abuse.

  • Flag actions, which let requests pass through, but add headers to requests to identify them as suspicious.

  • Allow actions, which are used to override deny actions in specific cases when the request is trusted.

October 05, 2023

Apigee Integrated Portal

On October 5, 2023 we released an updated version of Apigee integrated portal. This release includes general improvements to performance and availability.

September 29, 2023

Apigee X

On September 29, 2023, we released an updated version of Apigee.

New attributes for Pay-as-you-go pricing are generally available (GA).

Apigee updated its Pay-as-you-go pricing model, making it possible for customers to onboard at a significantly reduced initial cost and right-size their ongoing expenses to usage.

To learn more about the updated Pay-as-you-go pricing experience, see Pay-as-you-go (updated attributes) pricing overview.

Standard and extensible API proxies are generally available (GA).

Standard and extensible API proxies are generally available for use with Apigee organizations.

For more information about standard and extensible API proxies, see API proxy types.

HTTPModifier and ReadPropertySet policies and templating support for message elements are generally available (GA).

The HTTPModifier policy can change an existing request or response message and provides a subset of the functionality already available in the AssignMessage policy. See HTTPModifier policy.

The ReadPropertySet policy reads property sets and populates flow variables with the results. See ReadPropertySet policy.

HTTPModifier and ReadPropertySet are standard policies. Proxies built exclusively with standard policies are called standard proxies and can be deployed to any environment type. See Pay-as-you-go (updated attributes) pricing overview.

With this release, template support for message elements is also generally available. See URL templating.

New environment types are generally available (GA).

With this release, Apigee introduces three distinct environments that have access to varying degrees of Apigee capabilities and costs: Base, Intermediate, and Comprehensive.

For more information, see Apigee Pay-as-you-go environment types.

Apigee API Analytics add-on for Pay-as-you-go organizations is generally available (GA).

With this release, Apigee API Analytics is available as a paid add-on capability for Pay-as-you-go organizations. The add-on can be enabled in any Apigee Intermediate or Comprehensive environment. For more information, see Manage the Apigee API Analytics add-on.

One click provisioning for Apigee Pay-as-you-go organizations is generally available (GA).

Simplify your onboarding experience with one click provisioning for new Pay-as-you-go organizations, using smart default configurations. To learn more, see Provision Apigee with one click.

Updated pricing attributes in Subscription plans are available.

To get started with subscription plans that include new pricing attributes (consistent with Pay-as-you-go pricing), contact your Google Cloud sales specialist.

For more information, see Apigee Subscription 2024 entitlements. Apigee hybrid is not available in the new subscription plan at this time.

This note is incorrect; see entry for May 17, 2024.

September 27, 2023

Apigee Advanced API Security

On September 27, 2023, we released an updated version of Advanced API Security.

Public preview of Advanced API Security Alerting

Advanced API Security's new alerting feature lets you create alerts for events related to API security using Google Cloud Monitoring, such as changes to your security scores or incidents involving detected API abuse. You can configure alerts to send you notifications by email or other channels when these events occur, so you can take action to counteract them.

September 25, 2023

Apigee Advanced API Security

On September 25, 2023 we release an updated version of Advanced API Security.

If a flow hook contains any FlowCallout policies, Advanced API Security scores now processes all policies from the shared flows that the flow callouts are pointing to for scoring. Further callout chaining is not supported.

Bug ID Description
300849647 Fixed a bug in Security scores for proxies that don't contain any policies in the categories authorization, mediation, threat or CORS .
Apigee UI

On September 25, 2023, we released an updated version of the Apigee UI.

This release includes a new Overview page for Apigee API Management in the Google Cloud console.

From the Overview page, you can:

For more information, see UI overview.

September 22, 2023

Apigee Integration

Vertex AI - Predict task

Starting with this release, Apigee Integration provides the Vertex AI - Predict task that lets you perform online predictions on your ML models.

Application Integration

Vertex AI - Predict task

Starting with this release, Application Integration provides the Vertex AI - Predict task that lets you perform online predictions on your ML models.

September 20, 2023

Apigee Integration

Application Integration is now available for your Google Cloud project. You can now use both Apigee Integration and Application Integration within the same Google Cloud project. For more information, see Using Application Integration.

September 19, 2023

Apigee UI

On September 19, 2023, we released an updated version of the Apigee UI.

GA release of the Apigee UI in Cloud console

This is the GA release of the Apigee UI in Cloud console, a new version of the Apigee UI that is integrated with the Google Cloud console. The new UI makes it easier to use Apigee, while also performing related tasks in the Cloud console.

Apigee X

On September 19, 2023, we released an updated version of Apigee X (1-11-0-apigee-5).

Bug ID Description
296296456 Implemented fix to ensure that continueOnError is honored in the SpikeArest policy.
229615887 The flow variable target.scheme is now set consistently with the target server URL.
78106145 Fixed issue in the RegularExpressionProtection policy to ensure that multiple JSONPaths elements in a JSON payload are checked.
294090782 Implemented fix to allow the Apigee runtime to connect to a target server using a wildcard CNAME that references a wildcard A record.
285592278 Fixed issue with deduction of recurring fees from prepaid balances.

This note is incorrect; see entry for March 26, 2024.

N/A Upgraded infrastructure and libraries.
Bug ID Description
296506425, 295936113, 295925991, 295688738, 296110120, 281112632 Security fix for apigee-runtime.
This addresses the following vulnerabilities:
287218068 Fixed security vulnerability to prevent header injection using flow variables.

September 18, 2023

Apigee UI

On September 18, 2023, we released an updated version of the Apigee UI.

This release includes improvements to the Create Environment experience in the Apigee UI in the Cloud console.

With this release, users can create a new environment, attach the environment to an Apigee instance, and assign the environment to an environment group within the same creation flow.

In addition, users can edit or remove environment group assignments from the environment detail page in the Apigee UI, simplifying management of their Apigee implementation.

For more information, see Working with environments.

September 14, 2023

Apigee hybrid

hybrid 1.10.3-hotfix.1

On September 14, 2023 we released an updated version of the Apigee hybrid software, 1.10.3-hotfix.1.

Bug ID Description
205666368 Fixed issue with default validation of TLS target endpoint certificates.

To enable strict SSL on southbound connections to a proxy target endpoint, add the tag <Enforce>true</Enforce> in the target <SSLInfo> block.

See About setting TLS options in a target endpoint or target server.

See also Known Issue #205666368.

September 07, 2023

Apigee Integrated Portal

On September 7, 2023 we released an updated version of Apigee integrated portal. This release includes general improvements to performance and availability.

September 06, 2023

Application Integration

Application Integration Quick setup (GA)

Application Integration Quick setup is now generally available in all the supported Google Cloud locations.

Quick setup is a single-click operation that automatically provisions Application Integration with the default configurations needed to get you started with the product.

For more information, see Set up Application Integration.

August 31, 2023

Apigee hybrid

hybrid v1.10.3

On August 31, 2023 we released an updated version of the Apigee hybrid software, v1.10.3.

Bug ID Description
295929616 Installation of Hybrid 1.10.x would fail on OpenShift due to out of memory issues.
292571089 An error with support for CSI backup and restore for Cassandra was fixed.
287321226 Security context has been corrected for apigee-prom-prometheus to avoid privilege escalation.
Bug ID Description
296717665,
296717664,
296717663,
296717662,
296717185,
296716666,
296716649,
296716632,
296716468,
296716467,
296716232,
296715152,
296715151,
296714218
Security fixes for apigee-cassandra-backup-utility.
This addresses the following vulnerabilities:
297938600,
297938559,
297938486,
294892344
Security fixes for apigee-diagnostics-collector.
This addresses the following vulnerabilities:
297938498,
297938487
Security fixes for apigee-fluent-bit.
This addresses the following vulnerabilities:
296719459,
296719400,
296719348,
296719307,
296719306,
296719188,
296719187,
296719186,
296719115,
296719018,
296718937,
296718918,
296718917,
296718916,
296716670,
296716669,
296716472,
296716471,
296715155
Security fixes for apigee-hybrid-cassandra.
This addresses the following vulnerabilities:
296717666,
296717283,
296716668,
296716667,
296716650,
296716635,
296716634,
296716633,
296716470,
296716234,
296715734,
296715733,
296715154,
296715153
Security fixes for apigee-hybrid-cassandra-client.
This addresses the following vulnerabilities:
297286274 Security fixes for apigee-installer.
This addresses the following vulnerabilities:
295936113 Security fixes for apigee-mart-server.
This addresses the following vulnerability:
297938441 Security fixes for apigee-runtime.
This addresses the following vulnerabilities:
294906706 Security fixes for apigee-prom-prometheus.
This addresses the following vulnerabilities:
293925856 Security fixes for apigee-prometheus-adapter.
This addresses the following vulnerabilities:

August 25, 2023

Apigee Advanced API Security

On August 25, 2023, we released an updated version of Apigee Advanced API Security.

This release includes custom profiles for Advanced API Security scores. Custom profiles let you specify the security categories you want your security scores to be based on. In this release, you must create a security profile in the security scores API. However, you can view scores for the profile in the security scores UI.

August 15, 2023

Apigee X

On August 15, 2023, we released an updated version of Apigee X (1-11-0-apigee-1).

Bug ID Description
155498623 XPaths in maskconfigs now mask values with special characters.
291746838 Implemented fix to prevent service callouts from overwriting timeouts on clients used by other policies or target endpoints.
274663992 Fixed issue in AccessControl policy to avoid race condition.
294441215 Implemented fix to resolve quota count in the Quota policy.
287659763 Fixed issue causing incorrect target endpoint URLs to display in debug sessions.
283285631 Fixed issue where base environment debug sessions were not recorded for Pay-as-you-go (updated attributes) organizations.
196216798 Fixed issue with access to monetization flow variables in the post client flow.
N/A Upgraded infrastructure and libraries.
Bug ID Description
281112632, 294892189 Security fix for apigee-runtime.
This addresses the following vulnerability:
294891556 Security fix for apigee-emulator, apigee-mock-server, and apigee-runtime.
This addresses the following vulnerability:
287207717 Fixed sandbox bypass vulnerability.
286993631 Fixed message template injection vulnerability.

August 14, 2023

Apigee X

On August 14, 2023, we released an updated version of Apigee X.

This release includes a major redesign of the Advanced API Security scores page in the Apigee UI in Cloud console. The Security scores page now:

  • Highlights the top recommendations for improving security scores.
  • Links directly to the Apigee UI Proxy Editor and Target Server tabs , where you can implement recommended changes to your API proxies and target servers.

August 09, 2023

Apigee X

The Apigee documentation site navigation has been updated to be more consistent with other Google Cloud product documentation sites. The changes include:

  • Added a new Overview tab that provides links to Apigee documentation, training and tutorials, use cases, and videos.
  • Moved the Getting started tab content to the Guides tab.

August 07, 2023

Apigee X

On August 7, 2023, we released an updated version of Apigee X (1-10-0-apigee-7).

Bug ID Description
N/A Upgraded infrastructure and libraries.

August 03, 2023

Apigee Advanced API Security

On August 3, 2023, we released an updated version of Apigee Advanced API Security.

Previously, Advanced API Security scores didn't evaluate proxies calling shared flows via flow hooks and the FlowCallout policy in the proxy. With this release, security scores take into account proxies calling shared flows this way. As a result, your security scores may change because they now factor in the shared flows in the environment.

Apigee X

On August 3, 2023, we released an updated version of Apigee X.

Previously, Advanced API Security scores didn't evaluate proxies calling shared flows via flow hooks and the FlowCallout policy in the proxy. With this release, security scores take into account proxies calling shared flows this way. As a result, your security scores may change because they now factor in the shared flows in the environment.

July 31, 2023

Apigee hybrid

hybrid v1.10.2

On July 31, 2023 we released an updated version of the Apigee hybrid software, v1.10.2.

Bug ID Description
292118812 Fixed UDCA regression in Hybrid 1.10.1 where UDCA would ignore forward proxy configuration.
205666368 Fixed issue with default validation of TLS target endpoint certificates.

To enable strict SSL on southbound connections to a proxy target endpoint, add the tag <Enforce>true</Enforce> in the target <SSLInfo> block.

See About setting TLS options in a target endpoint or target server.

See also Known Issue #205666368.

158132963 Added improvements to capture relevant target flow variables in trace and analytics in case of target timeouts.
Bug ID Description
293348130 Security fixes for apigee-udca.
This addresses the following vulnerabilities:
291994501 Security fixes for apigee-operator and apigee-watcher.
This addresses the following vulnerabilities:
291994501 Security fixes for apigee-installer.
This addresses the following vulnerabilities:
290829031 Security fixes for apigee-hybrid-cassandra, apigee-cassandra-client, and cassandra-backup-utility.
This addresses the following vulnerabilities:
290829028 Security fixes for Apigee Connect and apigee-connect-agent and apigee-redis.
This addresses the following vulnerabilities:

July 24, 2023

Apigee X

On July 24, 2023, we released an updated version of Apigee X.

Public preview of Apigee gRPC passthrough

Apigee's new gRPC proxy passthrough functionality provides the ability to create proxies which receive gRPC client requests and pass them through to a gRPC target server.

For information, see Creating gRPC API proxies.

July 21, 2023

Apigee X

On July 21, 2023, we released an updated version of Apigee X.

The Advanced API Security Abuse detection Incident details page now displays unique IP addresses, even if more than one incident corresponds to the same IP address. Previously, the Incident details page could display the same IP address more than once for different incidents.

Also, the Attributes tab of the Incident details page no longer displays the following attributes:

  • Top App Key
  • Detected Rules
  • Top URL
Apigee hybrid

hybrid v1.9.4

On July 21, 2023 we released an updated version of the Apigee hybrid software, v1.9.4.

Bug ID Description
289254725 Implemented a fix to prevent failure of proxy deployments that include the OASValidation policy.
279712107 Added the ability to annotate apigee-ingressgateway-manager pods through overrides.yaml file.
See istiod.annotations for details.
272212164 Cassandra CSI backup could clash with Azure default configuration. The CSI backup script has been fixed to prevent a resource naming issue that could cause backups to fail.
158132963 Added improvements to capture relevant target flow variables in trace and analytics in case of target timeouts.
Bug ID Description
290709899 Security fixes for apigee-diagnostics-collector, apigee-mart-server, apigee-mint-task-scheduler, apigee-runtime, and apigee-synchronizer.
This addresses the following vulnerability:
290829028 Security fixes for Apigee Connect and apigee-connect-agent and apigee-redis.
This addresses the following vulnerabilities:

July 20, 2023

Apigee X

On July 20, 2023, we released an updated version of Apigee X (1-10-0-apigee-6).

Bug ID Description
290943249 Fixed latency issue between Istio and runtime container.
205666368 Fixed issue with default validation of TLS target endpoint certificates.

To enable strict SSL on southbound connections to a proxy target endpoint, add the tag <Enforce>true</Enforce> in the target <SSLInfo> block.

For more information about using <Enforce>true</Enforce> in <SSLInfo>, see About setting TLS options in a target endpoint or target server.

Bug ID Description
290709899 Security fix for apigee-runtime.
This addresses the following vulnerability:
N/A Security fixes for apigee-redis and apigee-connect-agent.
These address the following vulnerabilities:
N/A Security fixes for apigee-connect-agent.
These address the following vulnerabilities:
Application Integration

Connector Event triggers (Preview)

Application Integration introduces Connector Event triggers; specialized triggers that let you invoke an integration based on the event subscriptions created in various business applications using Integration Connectors.

The following Connector Event triggers are available in preview:

For more information, see Connector Event triggers.

July 19, 2023

Apigee API hub

On July 19, 2023 Apigee API hub released a new version of the software.

Lint result artifacts, or conformance reports, represent how conformant an API is with respect to the specified lint rules. Results in conformance report artifacts attached to an API spec revision are now displayed in the right pane of the API spec revision detail page. One of the following is displayed:

  • No information to display.
    No style guide conformance information has been generated for this spec.
  • No issues found.
    Style guide conformance scans found no issues with this spec.
  • Warnings and Errors.
    Any errors or warnings are explained.
    An indicator also marks the corresponding line in the spec.

See also:

July 13, 2023

Apigee hybrid

hybrid v1.10.1

On July 13, 2023 we released an updated version of the Apigee hybrid software, v1.10.1.

Bug ID Description
289254725 Implemented a fix to prevent failure of proxy deployments that include the OASValidation policy.
Bug ID Description
281561243 Security fixes for apigee-diagnostics-collector, apigee-mart-server, apigee-mint-task-scheduler, apigee-runtime, and apigee-synchronizer.
This addresses the following vulnerability:
290067464 Security fixes for apigee-stackdriver-logging-agent.
This addresses the following vulnerability:
290068742 Security fixes for apigee-udca.
This addresses the following vulnerability:
290065830 Security fixes for apigee-udca.
This addresses the following vulnerability:

July 12, 2023

Apigee X

On July 12, 2023, we released an updated version of Apigee X.

Preview release of non-VPC peering option for Apigee provisioning Apigee now supports a provisioning option that does not require VPC peering. With this approach, you are not required to provide networks and IP ranges during the Apigee provisioning process. Instead, you use Private Service Connect (PSC) for routing northbound traffic to Apigee and southbound traffic to target services running in your Google Cloud projects.

Non-VPC peering is supported for command-line (CLI) provisioning steps only. You can perform non-VPC provisioning for subscription, Pay-as-you-go, and evaluation installations of Apigee.

To learn more, see Apigee networking options.

July 10, 2023

Apigee X

On July 10, 2023, we released an updated version of Apigee X (1-10-0-apigee-5).

Bug ID Description
289254725 Implemented fix to prevent failure of proxy deployments that include the OASValidation policy.
N/A Upgraded infrastructure and libraries.
Bug ID Description
273693152 Fixed SAMLAssertion policy parsing to limit the number of entities that will be parsed to 10000.

Any attempt to parse more than 10000 entities will generate an error.

273695718 Fixed DataCapture policy to avoid evaluation of external entities during XML parsing for variable collection.
273929507 Fixed issue with potential Java security bypass in LookupCache policy.

Certain objects which implement PostDeserializer interface are now cached.

273950705 Fixed issue in PythonScript policy to prevent execution of arbitrary Java code.

With this fix, the runtime does not allow execution of python code added to a .js resource file.

July 07, 2023

Apigee Adapter for Envoy

v2.1.1

On June 7, 2023, we released version 2.1.1 of Apigee Adapter for Envoy.

An issue was fixed where quotas were being improperly duplicated between operations instead of being shared at the Product level.

July 06, 2023

Apigee X

On July 6, 2023, we released an updated version of Apigee X.

Preview release of Pay-as-you-go pricing with updated attributes

Apigee is updating its Pay-as-you-go pricing model, making it possible to start using Apigee at a significantly reduced initial cost and right-size ongoing expenses to match precise usage.

To learn how to get started with the updated Pay-as-you-go pricing experience, see Pay-as-you-go (updated attributes) pricing overview.

Preview release of new environment types

Apigee announces the Preview release of three distinct environment types: Base, Intermediate, and Comprehensive. Each environment type offers varying degrees of capabilities and costs; you can tailor pricing to suit your needs.

For more information, see Apigee Pay-as-you-go environment types.

Preview release of standard and extensible API proxies

Apigee announces the Preview release of standard and extensible API proxies, available for use with preview organizations using Pay-as-you-go (updated attributes) pricing.

For more information about standard and extensible API proxies, see API proxy types.

Preview release of new HTTPModifier and ReadPropertySet policies and templating support for message <URL> elements

Apigee announces the Preview release of the HTTPModifier and ReadPropertySet policies.

The HTTPModifier policy can change an existing request or response message and provides a subset of the functionality already available in the AssignMessage policy. See HTTPModifier policy.

The ReadPropertySet policy reads property sets and populates flow variables with the results. See ReadPropertySet policy.

HTTPModifier and ReadPropertySet are standard policies. Proxies built exclusively with standard policies are called standard proxies and can be deployed to any environment type. See Pay-as-you-go (updated attributes) pricing overview.

This release also includes template support for message <URL> elements. See URL templating.

July 05, 2023

Application Integration

June 30, 2023

Apigee hybrid

hybrid v1.10

On June 30, 2023 we released an updated version of the Apigee hybrid software, v1.10.0.

Pre-install Cluster Check Kubernetes job

Starting in version 1.10, Apigee hybrid offers a new tool that examines the hybrid cluster before you install the hybrid runtime. See Step 8: Check cluster readiness .

Automated Issue Surfacing (AIS)

Starting with Apigee hybrid 1.10, Apigee hybrid offers a new tool that examines the hybrid runtime and surfaces issues by running a kubectl command. If the tool detects errors in the cluster, it returns a detailed error message. The error message contains a link to the troubleshooting guide for that specific error. See Automated issue surfacing and Configuration property reference, watcher.

Support for AppGroups (preview)

Starting in version 1.10, Apigee hybrid supports AppGroups, which represent a relationship between one or more apps that are managed by the same set of people. For information, see Using AppGroups to organize app ownership.

AppGroups is in preview as of the Apigee hybrid 1.10 release. See the AppGroups preview launch announcement for details.

Support for environment-level scaling

Starting in version 1.9.3, Apigee hybrid added the following environment configuration properties that enable you to specify environment-specific scaling in the overrides.yaml file:

Documentation: Environment-based scaling

Bug ID Description
181569522 You can now create a new environment with the same name as a deleted environment without needing to perform manual clean-up tasks first. (Fixed in Apigee hybrid v1.8.5 and v1.7.6)
209509030 Apigee Ingressgateway cannot access K8s secret from another namespace.
218567150 The ingress gateway is now configured to consistently preserve UUID in the x-request-id header.
Note: This setting does have some impact on tracing in the ingress gateway. For more information, see pack_trace_reason in "UUID (proto)" in the envoy documentation. (Fixed in Apigee hybrid v1.7.6 and v1.8.3)
223320630 mTLS-related client variables are now set by the Apigee runtime. (Fixed in Apigee hybrid v1.8.6)
245619397 In Apigee hybrid, fluentbit support now includes the NO_PROXY environment variable. (Fixed in Apigee hybrid v1.8.5, v1.8.6, and v1.9.1)
259264961 Added support for ASM v1.15. Please see Known issue 266452840 (Fixed in Apigee hybrid v1.7.6)
260342163 Fixed a narrow scenario where threads in runtime pods ended up consuming 100% CPU. (Fixed in Apigee hybrid v1.9.1)
260372012 Requests failed with 500 response and keyvaluemap.service.ErrorDuringDecryption error after upgrade to Hybrid 1.8. Note: Fixed in Apigee hybrid 1.8.4 and newer. (Fixed in Apigee hybrid v1.8.5)
262699558 The watcher component no longer fails when using Kubernetes Secret to store hybrid service account secret. (Fixed in Apigee hybrid v1.7.6)
263840644 Fixed a conflict with an existing ASM on the cluster. (Fixed in Apigee hybrid v1.8.6)
265374889 Fixed an issue where in some circumstances the Java Callout would to fail due with the following error: Failed to execute JavaCallout. Could not initialize class org.jose4j.jwa.AlgorithmFactoryFactory2. (Fixed in Apigee hybrid v1.9.1)
266411394 Add support for Azure Front Door request headers to /healthz health check. (Fixed in Apigee hybrid v1.8.5 and v1.9.1)
266594584 Websocket was failing in asm 1.15. This was due to incompatible capitalization in variable names between the Anthos Service Mesh overlay.yaml file and the and the Envoy filter apigee-envoyfilter.yaml file. (Fixed in Apigee hybrid v1.8.5 and v1.9.1)
266814873 In certain circumstances, retrieving encrypted KVM entries could fail with an error. This fix ensures that MART will be able to successfully function for environment-scoped KVM entries, even if the encryption key is used in the Org Env configuration or when the keys contain non-UTF8 characters. There is no change to KVM data. (Fixed in Apigee hybrid v1.8.6 and v1.9.1)
266989915
266919136
In some circumstances, Apigee could return incorrect developer credentials for an app, unless the specific app was selected when requesting the credentials. (Fixed in Apigee hybrid v1.9.1)
267666187 When using a custom Kubernetes service for the Apigee ingress gateway, you can disable the creation of a default load balancer. See Managing Apigee ingress gateway. (Fixed in Apigee hybrid v1.8.6 and v1.9.1)
267691299
265295406
The Apigee controller uses a dedicated apigee-manager Kubernetes service account, instead of using the default SA. (Fixed in Apigee hybrid v1.8.6 and v1.9.1)
268445095 The validateOrg flag can be set to false to bypass upgrade validation errors when configuration includes HTTP Forward proxy. You can use this to avoid upgrade errors caused by HTTP proxy settings. (Fixed in Apigee hybrid v1.7.6)
268696297 Providing a Kubernetes secret for Cassandra and Redis components is now supported. See cassandra.auth.secret and redis.auth.secret in the Configuration properties reference. (Fixed in Apigee hybrid v1.9.1)
269451743 In certain circumstances, upgrading from Apigee hybrid v1.8.3 to v1.9.0 could fail with an error message when creating the virtual hosts. (Fixed in Apigee hybrid v1.9.1)
269738951 The example network policies are now included in the apigeectl/examples/network-policies directory. see Configuring Kubernetes network policies. (Fixed in Apigee hybrid v1.9.1)
270371160 In Apigee hybrid v1.8.7, we removed certain insecure TLS ciphers. Apigee hybrid supports the TLS cipher suites supported by the Boring FIPS build of Envoy. You can now specify specific cipher suites with the virtualhosts.cipherSuites configuration property in your overrides. (Fixed in Apigee hybrid v1.8.7)

Note: Apigee hybrid only supports the RSA ciphers listed. ECDSA ciphers are not supported.

270371160 In Apigee hybrid v1.9.0, we removed certain insecure TLS ciphers. Apigee hybrid supports the TLS cipher suites supported by the Boring FIPS build of Envoy. You can now specify specific cipher suites with the virtualhosts.cipherSuites configuration property in your overrides. (Fixed in Apigee hybrid v1.9.2)

Note: Apigee hybrid only supports the RSA ciphers listed. ECDSA ciphers are not supported.

271266079 Removed port 80 from the default Kubernetes service of Apigee Ingress Gateway. (Fixed in Apigee hybrid v1.8.6 and v1.9.1)
272212164 Cassandra CSI backup could clash with Azure default configuration. The CSI backup script has been fixed to prevent a resource naming issue that could cause backups to fail. (Fixed in Apigee hybrid v1.9.4 and v1.10.0)
273561434 Some projects were unable to run debug sessions. (Fixed in Apigee hybrid v1.8.8 and v1.9.3)
274292101 In certain circumstances, environment-scoped KVMs in hybrid could cause rollback issues for MART. (Fixed in Apigee hybrid v1.8.6)
274999014 Restrict watcher RBAC to a single K8s namespace
278646149 In certain circumstances, the logger.livenessProbe.timeoutSeconds configuration property was not working as expected. See logger.livenessProbe.timeoutSeconds in the Configuration property reference. (Fixed in Apigee hybrid v1.8.7 and v1.9.2)
279053612 x-forwarded-client-cert (XFCC) HTTP headers handled with the istiod.forwardClientCertDetails configuration property. (Fixed in Apigee hybrid v1.8.7 and v1.9.2)
See the Configuration properties reference for details:
279193831 Envoy has been updated to v1.25.6.. (Fixed in Apigee hybrid v1.8.8)
279712107 Added the ability to annotate apigee-ingressgateway-manager pods through overrides.yaml file. (Fixed in Apigee hybrid v1.8.8)
280544499 Request headers were not seen in debug sessions. (Fixed in Apigee hybrid v1.8.8)
284488296 Removed an unneeded Workload Identity on the Cassandra Schema Validation cron job. (Fixed in Apigee hybrid v1.8.8 and v1.9.3)
Bug ID Description
270371160 In Apigee hybrid v1.9.0, we removed certain insecure TLS ciphers. Apigee hybrid supports the TLS cipher suites supported by the Boring FIPS build of Envoy.

Note: Apigee hybrid only supports the RSA ciphers listed. ECDSA ciphers are not supported.
271266079 Removed port 80 from the default Kubernetes service of Apigee Ingress Gateway. Port 80 is not supported by Apigee ingress gateway. If you are migrating from ASM to Apigee ingress gateway, and followed the instructions in the community post to enable Port 80, it will not work with Apigee Ingress gateway. (Fixed in Apigee hybrid v1.8.6 and v1.9.1)
Bug ID Description
262576079 Security fix for for apigee-envoy. (Fixed in Apigee hybrid v1.10)
This addresses the following vulnerability:
273797045 Security fix for for apigee-diagnostics-collector apigee-synchronizer apigee-udca. (Fixed in Apigee hybrid v1.8.8)
This addresses the following vulnerability:
273800345, 281572616 Security fixes for apigee-diagnostics-collector, apigee-mart-server, apigee-mint-task-scheduler, apigee-runtime, apigee-synchronizer, and apigee-udca. (Fixed in Apigee hybrid v1.8.8 and v1.9.3
This addresses the following vulnerabilities:
273800717 Security fixes for apigee-emulator, apigee-diagnostics-collector, apigee-mart-server, apigee-mint-task-scheduler, apigee-mock-server, apigee-runtime, and apigee-synchronizer. (Fixed in Apigee hybrid v1.8.7 and v1.9.2)
This addresses the following vulnerabilities:
273800965 Security fix for apigee-diagnostics-collector, apigee-mart-server, apigee-mint-task-scheduler, apigee-runtime, and apigee-synchronizer. (Fixed in Apigee hybrid v1.8.7, v1.9.2, and v1.9.3)
This addresses the following vulnerability:
273801301 Security fixes for apigee-mart-server and apigee-runtime.(Fixed in Apigee hybrid v1.8.8 and v1.9.3)
This addresses the following vulnerability:
274112103 Security fixes to the Apigee Controller and Apigee Watcher. (Fixed in Apigee hybrid v1.8.6 and v1.9.1)
This addresses the following vulnerabilities:
275002360 Security fixes for fluent-bit. (Fixed in Apigee hybrid v1.8.6 and v1.9.1)
This addresses the following vulnerabilities:
277367440 Security fixes for Apigee Controller, Watcher, and apigeectl. (Fixed in Apigee hybrid v1.8.7 and v1.9.2)
This addresses the following vulnerabilities:
278313047 Security fixes for apigee-stackdriver-logging-agent. (Fixed in Apigee hybrid v1.9.2)
This addresses the following vulnerabilities:
279194142 Fixes build issues to achieve FIPS compliance. (Fixed in Apigee hybrid v1.8.7 and v1.9.2)
281561243 Security fix for apigee-diagnostics-collector, apigee-mint-task-scheduler, apigee-runtime, and apigee-synchronizer. (Fixed in Apigee hybrid v1.8.8 and v1.9.3)
This addresses the following vulnerability:
283826216 Security fixes for apigee-ingressgateway. (Fixed in Apigee hybrid v1.9.3)
This addresses the following vulnerabilities:
283826785 Security fixes for istiod. (Fixed in Apigee hybrid v1.9.3)
This addresses the following vulnerabilities:

June 27, 2023

Apigee X

On June 27, 2023 we released an updated version of Apigee X.

Public preview of AppGroups

Introduces the concept of AppGroups, which represent a relationship between one or more apps that are managed by the same set of people. For information, see Using AppGroups to organize app ownership.

Note that the purpose of this release is to support upgrades from Apigee Edge customers who used company-apps without monetization; however, it is available to any Apigee X/hybrid customer during the public preview stage.

June 26, 2023

Apigee API hub

On June 26, 2023 Apigee API hub released a new version of the software.

API hub has been upgraded to use a later version of the Registry API open-sourced project. See v0.6.13 on GitHub for changes and links to previous revisions that are also included in this update. Note that this update (like all previous updates), overwrites project-level artifacts that configure API hub displays including display settings, taxonomies, and lifecycles. In future releases, we will no longer overwrite project-level artifacts.

Application Integration

Data Transformer Script task (Preview)

The Data Transformer Script task is a template engine based data mapping feature available in Application Integration. With the Data Transformer Script task and the supported Data Transformer functions, you can create and evaluate custom Jsonnet templates in order to perform data mapping in your integration.

For more information, see Data Transformer Script task.

June 23, 2023

Apigee Integrated Portal

On April 20, 2023 we released an updated version of Apigee integrated portal. The fix below was not reported in a release note at the time. This update corrects the record.

Bug ID Description
275578252 Addressed an issue where an account could be created even though the built-in identity provider (IdP) had been disabled.

For any portal with a disabled IdP, you can review the user accounts on the Portals > Portal name > Accounts > Users page. Select an account and then change the Status to Inactive to prevent login.

Documentation: Deactivating user accounts

June 20, 2023

Apigee X

On June 20, 2023, we released an updated version of Apigee X (1-10-0-apigee-4).

Bug ID Description
284114575 Implemented fix to prevent the execution of untrusted code in Apigee policies.
279092925 Modified Cloud Logging policy to improve runtime performance.
186885918 Disabled access to external entities in XML parsing.
270764083 Default expiration for refresh tokens set to 30 days if not explicitly set in the OAuth policy.
N/A Upgraded infrastructure and libraries.
Bug ID Description
273801301 Security fix for apigee-diagnostics-collector, apigee-mart-server, apigee-runtime, and apigee-synchronizer.
This addresses the following vulnerabilities:

281561243 Security fix for apigee-diagnostics-collector, apigee-mart-server, apigee-runtime, and apigee-synchronizer.
This addresses the following vulnerabilities:

June 16, 2023

Apigee API hub

On June 16, 2023 Apigee API hub released a new version of the software.

API hub has been upgraded to use a later version of the Registry API open-sourced project. See v0.6.12 on GitHub for changes and links to previous revisions that are also included in this update.

Note that artifacts associated with API spec and deployment resources are now associated with the revisions of those resources. This allows artifacts that represent lint results and other revision-specific characteristics to be associated with those revisions. When artifacts are applied directly to the parent resource (spec or deployment), these artifacts are associated with the latest revisions of these resources. For more details, see this GitHub issue.

Migration of pre-existing spec- and deployment-related artifacts is not guaranteed in this update. In most cases, these artifacts are generated automatically by the registry controller and will be automatically recreated. If you find that manually-added artifacts are missing after the update, those will need to be reapplied with the same mechanisms that were available previously.

June 14, 2023

Apigee hybrid

hybrid v1.8.8

On June 14, 2023 we released an updated version of the Apigee hybrid software, v1.8.8.

Bug ID Description
273561434 Some projects were unable to run debug sessions..
279193831 Envoy has been updated to v1.25.6..
279712107 Added the ability to annotate apigee-ingressgateway-manager pods through overrides.yaml file.
280544499 Request headers were not seen in debug sessions.
284488296 Removed an unneeded Workload Identity on the Cassandra Schema Validation cron job.
Bug ID Description
281561243 Security fix for apigee-diagnostics-collector, apigee-mint-task-scheduler, apigee-runtime, and apigee-synchronizer.
This addresses the following vulnerability:
273797045 Security fix for for apigee-diagnostics-collector apigee-synchronizer apigee-udca.
This addresses the following vulnerability:
273800345, 281572616 Security fixes for apigee-diagnostics-collector, apigee-mart-server, apigee-mint-task-scheduler, apigee-runtime, apigee-synchronizer, and apigee-udca.
This addresses the following vulnerabilities:
273801301 Security fixes for apigee-mart-server and apigee-runtime.
This addresses the following vulnerability:

June 13, 2023

Apigee Integration Application Integration

Application Integration is now generally available (GA)

Application Integration is now generally available in all the supported Google Cloud locations.

Preview features such as Cloud Scheduler trigger, Error catcher trigger, JavaScript task, Return task, and Google-managed encryption keys are now moved to GA.

The following new features are added in this GA release:

Cloud Monitoring

Application Integration is integrated with Cloud Monitoring to provide visibility into the usage, performance, alerts, and the overall health of your integration resources.

For more information, see Monitor Application Integration resources.

Inline connection creation

You can now use the Connectors task in Application Integration to directly create a new connection in the Integration Connectors platform.

For more information, see Connectors task.

Integration designer changes

Several styling and user experience enhancements have been made to the integration designer layout and user interface. The new enhancements include a new variable pane that lets you create and manage all your integration variables in one place, a revamped designer toolbar and navigation bar design, and a refreshed Integration designer canvas.

For more information, see Integration designer.

Application Integration v2 REST API is available in preview.

For more information, see REST API reference (v2).

June 09, 2023

Apigee Analytics

On June 9, 2023 we released an updated version of Apigee X.

Bug ID Description
286452898 Previously, the Apigee Analytics topk query parameter, which returns the top k results for a query, always returned the results in descending order, even when the order parameter was ASC. This has been fixed: results are now sorted according to the order parameter before returning the top k entries.

June 05, 2023

Apigee Adapter for Envoy

v2.1.0

On June 5, 2023, we released version 2.1.0 of Apigee Adapter for Envoy.

The application_id claim was added to the /verifyApiKey response.

Apigee hybrid

ANNOUNCEMENT

hybrid v1.9.3

On June 5, 2023 we released an updated version of the Apigee hybrid software, v1.9.3.

Bug ID Description
284488296 Removed an unneeded Workload Identity on the Cassandra Schema Validation cron job.
273561434 Some projects were unable to run debug sessions.
Bug ID Description
273800965 Security fix for apigee-diagnostics-collector, apigee-mart-server, apigee-mint-task-scheduler, apigee-runtime, and apigee-synchronizer.
This addresses the following vulnerability:
273800345, 281572616 Security fixes for apigee-diagnostics-collector, apigee-mart-server, apigee-mint-task-scheduler, apigee-runtime, apigee-synchronizer, and apigee-udca.
This addresses the following vulnerabilities:
273801301 Security fixes for apigee-mart-server and apigee-runtime.
This addresses the following vulnerability:
283826216 Security fixes for apigee-ingressgateway.
This addresses the following vulnerabilities:
283826785 Security fixes for istiod.
This addresses the following vulnerabilities:
281561243 Security fix for apigee-diagnostics-collector, apigee-mint-task-scheduler, apigee-runtime, and apigee-synchronizer.
This addresses the following vulnerability:

May 30, 2023

Apigee UI

On May, 30, 2023, we released an updated version of the Apigee UI.

The following labels in the Advanced API Security abuse detection view have been changed:

  • Detection type has been changed to Detection rules.
  • Suspected bot traffic has been changed to Detected traffic.
  • Percent bot traffic has been changed to % of detected traffic.
  • Bot count has been changed to Detected IP address count.
  • Top API key has been changed to: Top app key.
  • Bot reason has been changed to Detected rules.
  • Total calls made has been changed to Detected traffic.
  • First detection time has been changed to First event detected.
  • Last detection time has been changed to Last event detected.

May 23, 2023

Apigee Integration Application Integration

May 22, 2023

Apigee Integrated Portal

On May 22, 2023 we released an updated version of Apigee integrated portal.

Bug ID Description
274916981 Fixed issue where an API specification set via URL could fail.
277265034 App names can start with numeric characters as described in Naming guidelines.
Apigee Integration

Error catcher trigger

The Error Catcher trigger lets you invoke an error catcher that is defined or customized to handle the failure of an identified trigger, task, or edge condition in your integration.

For more information, see Error catcher trigger.

Return task

The Return task lets you customize the error messages corresponding to the HTTP response codes that are returned during an integration execution failure.

For more information, see Return task.

Application Integration

Support for Google-managed encryption keys

Application Integration now uses Google-managed encryption keys as the default method of data encryption for your provisioned regions. You can optionally modify your encryption method with customer-managed encryption keys (CMEK).

For more information, see Encryption methods.

Error catcher trigger

The Error Catcher trigger lets you invoke an error catcher that is defined or customized to handle the failure of an identified trigger, task, or edge condition in your integration.

For more information, see Error catcher trigger.

Return task

The Return task lets you customize the error messages corresponding to the HTTP response codes that are returned during an integration execution failure.

For more information, see Return task.

May 17, 2023

Apigee X

On May 17, 2023, we released an updated version of Apigee X (1-10-0-apigee-1).

Bug ID Description
N/A Upgraded infrastructure and libraries.
280695936 Fixed issue with incomplete removal of form parameters when using the <Remove> element in the Assign Message policy to delete headers and form parameters simultaneously.
271217050 Fixed issue resulting in missing execution records in debug sessions for the JavaCallout policy.
271894110, 273568673, 273571029 Fix enables support for TLS 1.3 for southbound targets.
271539836 Fixed intermittent Cloud Logging failures.
277090269 Fixed encryption of internal proxy chaining headers to avoid proxy invocation misuse.
273561434 Fixed issue with incomplete debug session information for proxies deployed in the same environment.
158132963 Improved capture of relevant target flow variables in trace and analytics in the event of target timeouts.
271093461 Fixed issue with heap exhaustion when using OASValidation policy.
269514256 Fixed issue causing GoogleTokenGeneration failure.
261924658 Optimization to reduce latency in Quota policy.
252864240 Fixed issue to support bot detection with Analytics obfuscation enabled.
222024484 CORS policy now returns Access-Control-Allow-Credentials header in preflight response when <AllowCredentials> is set to true.
261205290 Optimization to reduce resource usage on Cassandra connections.
266814873 Fixed issue with retrieval of environment-scoped KVM entries containing encryption keys with non-UTF-8 characters.
260342163 Fixed issue causing 100% CPU usage by runtime pod threads under specific circumstances.
273800523, 273800717 Security fixes for Apigee.

The fixes address the following vulnerabilities:

Fixed issue with incomplete removal of form parameters when using the <Remove> element in the Assign Message policy to delete headers and form parameters simultaneously.

This fix may result in a breaking change for any customer employing an antipattern that attempts to access a form parameter after using the <Remove> element to delete the same form parameter and headers simultaneously in the policy flow.

For more information on the recommended steps for setting and removing form parameters and headers using the Assign Message policy, see the updated documentation for the Assign Message policy examples.

May 11, 2023

Apigee UI

On May 11, 2023 we released an updated version of the Apigee UI.

This release includes new Permissions Pre-check functionality and UI messaging, which is available when provisioning Apigee with Pay-as-you-go pricing in the Google Cloud console. With the release of this feature, users are alerted when any permissions required to complete the provisioning operations are missing. The missing permissions and the steps to resolve are now identified in the UI messaging.

May 09, 2023

Apigee Integration

Cloud logs support for Connectors tasks

You can now view the execution logs of a failed Connectors task in Apigee Integration.

For more information, see Execution Logs.

The issue relating to the validation of incorrect variable assignments in an integration has been resolved.

Application Integration

Cloud logs support for Connectors tasks

You can now view the execution logs of a failed Connectors task in Application Integration.

For more information, see Execution Logs.

The issue relating to the validation of incorrect variable assignments in an integration has been resolved.

May 08, 2023

Apigee hybrid

hybrid v1.8.7

On May 8, 2023 we released an updated version of the Apigee hybrid software, v1.8.7.

Bug ID Description
279053612 x-forwarded-client-cert (XFCC) HTTP headers handled with the istiod.forwardClientCertDetails configuration property. See istiod.forwardClientCertDetails in the Configuration properties reference for details.
278646149 In certain circumstances, the logger.livenessProbe.timeoutSeconds configuration property was not working as expected. See logger.livenessProbe.timeoutSeconds in the Configuration property reference.
270371160 In Apigee hybrid v1.8.7, we removed certain insecure TLS ciphers. Apigee hybrid supports the TLS cipher suites supported by the Boring FIPS build of Envoy. You can now specify specific cipher suites with the virtualhosts.cipherSuites configuration property in your overrides.

Note: Apigee hybrid only supports the RSA ciphers listed. ECDSA ciphers are not supported.

Bug ID Description
279194142 Fixes build issues to achieve FIPS compliance.
277367440 Security fixes for Apigee Controller, Watcher, and apigeectl.
This addresses the following vulnerabilities:
273800965 Security fixes for apigee-diagnostics-collector, apigee-mart-server, apigee-runtime, and synchronizer.
This addresses the following vulnerabilities:
273800717 Security fixes for apigee-emulator, apigee-diagnostics-collector, apigee-mart-serve, apigee-mint-task-scheduler, apigee-mock-server, apigee-runtime, and apigee-synchronizer.
This addresses the following vulnerabilities:

May 02, 2023

Apigee hybrid

hybrid v1.9.2

On May 2, 2023 we released an updated version of the Apigee hybrid software, v1.9.2.

Bug ID Description
279053612 x-forwarded-client-cert (XFCC) HTTP headers handled with the istiod.forwardClientCertDetails configuration property. See istiod.forwardClientCertDetails in the Configuration properties reference for details.
278646149 In certain circumstances, the logger.livenessProbe.timeoutSeconds configuration property was not working as expected. See logger.livenessProbe.timeoutSeconds in the Configuration property reference.
270371160 In Apigee hybrid v1.9.0, we removed certain insecure TLS ciphers. Apigee hybrid supports the TLS cipher suites supported by the Boring FIPS build of Envoy. You can now specify specific cipher suites with the virtualhosts.cipherSuites configuration property in your overrides.

Note: Apigee hybrid only supports the RSA ciphers listed. ECDSA ciphers are not supported.

Bug ID Description
279194142 Fixes build issues to achieve FIPS compliance.
278313047 Security fixes for apigee-stackdriver-logging-agent.
This addresses the following vulnerabilities:
277367440 Security fixes for Apigee Controller, Watcher, and apigeectl.
This addresses the following vulnerabilities:
273800965 Security fixes for apigee-diagnostics-collector, apigee-mart-server, apigee-runtime, and synchronizer.
This addresses the following vulnerabilities:
273800717 Security fixes for apigee-emulator, apigee-diagnostics-collector, apigee-mart-server, apigee-mint-task-scheduler, apigee-mock-server, apigee-runtime, and apigee-synchronizer.
This addresses the following vulnerabilities:

May 01, 2023

Apigee Integration

On May 1, 2023 we released an updated version of the Apigee Integration.

Apigee Integrations is now available in the following locations:

  • Melbourne (australia-southeast2)
  • Finland (europe-north1)
  • Paris (europe-west9)
  • Madrid (europe-southwest1)
  • Doha (me-central1)
  • Tel Aviv (me-west1)

For more information about the supported locations, see Apigee Integration supported regions.

Application Integration

Application Integration is now available in the following locations:

  • Melbourne (australia-southeast2)
  • Finland (europe-north1)
  • Paris (europe-west9)
  • Madrid (europe-southwest1)
  • Doha (me-central1)
  • Tel Aviv (me-west1)

For more information about the supported locations, see Application Integration locations.

April 26, 2023

Apigee X

Effective May 31, 2023, the default value for the OAuthv2 policy RefreshTokenExpiresIn element has new behavior. Starting May 31, RefreshTokenExpiresIn defaults to 2592000000 ms (30 days) for all policies where this element is not set.

For information on this element, see RefreshTokenExpiresIn.

April 20, 2023

Apigee Advanced API Security

On April 20, 2023 we released an updated version of Apigee Advanced API Security.

This release contains a new Advanced API Security Detected Traffic view, which displays information about API traffic originating from detected bots. This information was previously displayed in the Abuse metrics section of the Security scores view.

Apigee Integration

Apigee Integration fails to validate incorrect variable assignments in an integration. For example, you can currently assign a JSON value to an unassigned variable of String data type. This behaviour might cause data mapping and integration failures.

Until this issue is resolved, we recommend that you do the following:

  • Assign values to an integration variable as per the variable data type.
  • Verify and update existing integration variable values as per its respective variable data type.
Apigee X

On April 20, 2023 we released an updated version of Apigee.

This release contains a new Advanced API Security Detected Traffic view, which displays information about API traffic originating from detected bots. This information was previously displayed in the Abuse metrics section of the Security scores view.

Application Integration

Application Integration fails to validate incorrect variable assignments in an integration. For example, you can currently assign a JSON value to an unassigned variable of String data type. This behaviour might cause data mapping and integration failures.

Until this issue is resolved, we recommend that you do the following:

  • Assign values to an integration variable as per the variable data type.
  • Verify and update existing integration variable values as per its respective variable data type.

April 17, 2023

Apigee X

On April 17, 2023, we released an updated version of Apigee X (1-9-0-apigee-25).

Bug ID Description
N/A Upgraded infrastructure and libraries.

April 13, 2023

Apigee X

On April 13, 2023, we released an updated version of Apigee.

New features now supported in Apigee in VS Code for local development

The following features are now supported with Apigee in VS Code for local development as part of the Insiders build (as of v1.22.1-insiders.3):

  • Create multi-repository workspaces - Choose individual storage locations for artifacts, such as API proxies that are stored as individual SCMs, but develop them together using a single workspace. You no longer have to create a single repository that contains all of your API proxies. See Understanding the structure of an Apigee multi-repository workspace.
  • Use keystore - Introduces a new environment-level setting for creating the required keystores in the Apigee Emulator by using locally available keys. See Configuring the keystrokes (keystores.json).
  • Test API proxies that require service accounts (for example, calling a cloud logging process as part of an API proxy flow) - Set up your Apigee Emulators with a service account key to enable service accounts, add policies and targets that rely on service accounts, and deploy the API proxies to the Apigee Emulator to test them. See Customizing the Apigee Emulator to support service account-based authentication.

April 03, 2023

Apigee Integration

On April 3, 2023 we released an updated version of the Apigee Integration.

Secret Manager - Access task (Preview)

The Secret Manager - Access task lets you access secret versions that are stored in Cloud Secret Manager from your integration.

For more information, see Secret Manager - Access task.

Apigee hybrid

hybrid v1.8.6

On April 3, 2023 we released an updated version of the Apigee hybrid software, v1.8.6.

Bug ID Description
274292101 In certain circumstances, environment-scoped KVMs in hybrid could cause rollback issues for MART.
271266079 Removed port 80 from the default Kubernetes service of Apigee Ingress Gateway.
267691299 The Apigee controller uses a dedicated apigee-manager Kubernetes service account, instead of using the default SA.
267666187 When using a custom Kubernetes service for the Apigee ingress gateway, you can disable the creation of a default load balancer. See Managing Apigee ingress gateway.
266814873 In certain circumstances, retrieving encrypted KVM entries could fail with an error. This fix ensures that MART will be able to successfully function for environment-scoped KVM entries, even if the encryption key is used in the Org Env configuration or when the keys contain non-UTF8 characters. There is no change to KVM data.
263840644 Fixed a conflict with an existing ASM on the cluster.
245619397 In Apigee hybrid, fluentbit support now includes the NO_PROXY environment variable.
223320630 mTLS-related client variables are now set by the Apigee runtime.
Bug ID Description
275002360 Security fixes for fluent-bit.
This addresses the following vulnerabilities:
274112103 Security fixes to the Apigee Controller and Apigee Watcher.
This addresses the following vulnerabilities:
Bug ID Description
271266079 Removed port 80 from the default Kubernetes service of Apigee Ingress Gateway. Port 80 is not supported by Apigee ingress gateway. If you are migrating from ASM to Apigee ingress gateway, and followed the instructions in the community post to enable Port 80, it will not work with Apigee Ingress gateway.
Application Integration

Secret Manager - Access task

The Secret Manager - Access task lets you access secret versions that are stored in Cloud Secret Manager from your integration.

For more information, see Secret Manager - Access task.

March 27, 2023

Apigee hybrid

hybrid v1.9.1

On March 27, 2023 we released an updated version of the Apigee hybrid software, v1.9.1.

Bug ID Description
269738951 The example network policies are now included in the apigeectl/examples/network-policies directory. see Configuring Kubernetes network policies.
271266079 Removed port 80 from the default Kubernetes service of Apigee Ingress Gateway.
269451743 In certain circumstances, upgrading from Apigee hybrid v1.8.3 to v1.9.0 could fail with an error message when creating the virtual hosts.
268696297 Providing a Kubernetes secret for Cassandra and Redis components is now supported. See cassandra.auth.secret and redis.auth.secret in the Configuration properties reference.
267691299 The Apigee controller uses a dedicated apigee-manager Kubernetes service account, instead of using the default SA.
267666187 When using a custom Kubernetes service for the Apigee ingress gateway, you can disable the creation of a default load balancer. See Managing Apigee ingress gateway.
266989915
266919136
In some circumstances, Apigee could return incorrect developer credentials for an app, unless the specific app was selected when requesting the credentials.
266814873 In certain circumstances, retrieving encrypted KVM entries could fail with an error. This fix ensures that MART will be able to successfully function for environment-scoped KVM entries, even if the encryption key is used in the Org Env configuration or when the keys contain non-UTF8 characters. There is no change to KVM data.
266594584 Websocket was failing in asm 1.15. This was due to incompatible capitalization in variable names between the Anthos Service Mesh overlay.yaml file and the and the Envoy filter apigee-envoyfilter.yaml file.
266411394 Added support for Azure Front Door request headers to /healthz health check.
265374889 Fixed an issue where in some circumstances the Java Callout would to fail due with the following error: Failed to execute JavaCallout. Could not initialize class org.jose4j.jwa.AlgorithmFactoryFactory2.
260342163 Fixed a narrow scenario where threads in runtime pods ended up consuming 100% CPU.
245619397 In Apigee hybrid, fluentbit support now includes the NO_PROXY environment variable.
Bug ID Description
275002360 Security fixes for fluent-bit.
This addresses the following vulnerabilities:
274112103 **Security fixes to the Apigee Controller and Apigee Watcher. This addresses the following vulnerabilities:
Bug ID Description
271266079 Removed port 80 from the default Kubernetes service of Apigee Ingress Gateway. Port 80 is not supported by Apigee ingress gateway. If you are migrating from ASM to Apigee ingress gateway, and followed the instructions in the community post to enable Port 80, it will not work with Apigee Ingress gateway.

March 23, 2023

Apigee Advanced API Security

On March 23, 2023, we released an updated version of Apigee Advanced API Security.

Public preview release of Advanced API Security abuse detection

Advanced API Security's new abuse detection feature lets you view security incidents involving your APIs. Abuse detection uses Google's machine learning algorithms to detect API traffic patterns that are a sign of malicious activity targeting your APIs.

Abuse detection includes two new types of detection rules powered by machine learning models:

  • Advanced Anomaly Detection: Detects unusual patterns of API traffic.
  • Advanced API scraper: Detects attempts to extract information from APIs for malicious purposes.

The two new detection rules, Advanced Anomaly Detection and Advanced API Scraper, are not available for organizations with VPC Service Controls. We are actively working to resolve this issue.

Apigee Integrated Portal

On March 23, 2023 we released an updated version of Apigee integrated portal.

Users are now able to enable the content security policy feature for their portal for Apigee and Apigee hybrid. Previously, this feature was available in Apigee Edge only.

See: Configure a content security policy

Bug ID Description
272794133 When setting a user account to Inactive, a notice is now displayed indicating that this setting affects the login behavior only for built-in identity provider accounts.
267502391 Improved error messages for invalid input to various endpoints.
265051231 Default assets (images) added to a newly created portal used to show up as size 0px x 0px. Now they show their proper size.
253037871 Users are now able to enable the content security policy feature for their portal for Apigee and Apigee hybrid. Previously, this feature was available in Apigee Edge only.
Apigee X

On March 23, 2023, we released an updated version of Apigee.

Public preview release of Advanced API Security abuse detection

Advanced API Security's new abuse detection feature lets you view security incidents involving your APIs. Abuse detection uses Google's machine learning algorithms to detect API traffic patterns that are a sign of malicious activity targeting your APIs.

Abuse detection includes two new types of detection rules powered by machine learning models:

  • Advanced Anomaly Detection: Detects unusual patterns of API traffic.
  • Advanced API scraper: Detects attempts to extract information from APIs for malicious purposes.

The two new detection rules, Advanced Anomaly Detection and Advanced API Scraper, are not available for organizations with VPC Service Controls. We are actively working to resolve this issue.

March 22, 2023

Apigee X

On March 22, we released an updated version of Apigee X.

Customize SSL certs for access routing when provisioning Apigee Pay-as-you-go organizations.

Users can now select existing self-managed SSL certs when customizing access routing during Apigee Pay-as-you-go provisioning. For more information, see Step 4: Customize access routing .

Receive Cloud console notifications when Pay-as-you-go provisioning completes.

While provisioning is in progress, users can navigate away from the Apigee provisioning page and monitor notifications in the Cloud console for updates when provisioning completes.

March 17, 2023

Apigee X

On March 17, we released an updated version of Apigee X (1-9-0-apigee-23).

With this release we removed certain insecure TLS ciphers for northbound traffic. You can find the full list of supported ciphers in the FIPS build of Envoy.

Note: Apigee only supports the RSA ciphers listed. ECDSA ciphers are not supported.

Bug ID Description
N/A Upgraded infrastructure and libraries.

March 13, 2023

Apigee API hub

On March 13, 2023 Apigee API hub released a new version of the software.

FieldSet artifacts that are attached to an API are now displayed in the API overview page.

March 09, 2023

Apigee Adapter for Envoy

v2.0.7

On March 9, 2023, we released version 2.0.7 of Apigee Adapter for Envoy.

Note: If you are upgrading an existing Apigee Adapter for Envoy, you must add the --force-proxy-install flag to the provision command. This flag forces the Apigee proxy to be replaced with the latest proxy. See Apigee hybrid example.

JWTs can now add a claim named customattributes that will pass the value on to the target in a header called x-apigee-customattributes (if append_metadata_headers is configured to be true).

  • An issue was fixed where an invalid api key could create spurious log entries and analytics records.
  • A deprecated version check was removed in a proxy that caused issues in newer versions of Apigee.

March 08, 2023

Apigee API hub

On March 8, 2023, the Apigee Registry API documents were updated to include the Google APIs Explorer panel.

The Google APIs Explorer has been added to the Apigee Registry API documents. The Try this method panel acts on real data and lets you try Google API methods without writing code.

March 02, 2023

Apigee UI

On March 2, 2023, we released an updated provisioning experience for Apigee users creating Pay-as-you-go organizations from the Apigee UI. All Apigee users creating new organizations with Pay-as-you-go billing can access the simplified onboarding experience, whether they are provisioning from the Apigee UI or the Google Cloud console.

March 01, 2023

Apigee Connectors

On March 1, 2023, we released updates to connectors for Apigee.

The following new connectors are available in preview:

The IBM MQ connector now supports requestReply messages.

The Cloud Storage connector now supports the following actions for file operations:

  • UploadObject
  • DownloadObject
  • MoveObject
  • CopyObject
  • DeleteObject

The MongoDB connector now supports the following actions:

  • InsertDocument
  • UpdateDocument
  • DeleteDocument
  • GetDocument
Apigee UI

On March 1, 2023, we released an updated version of the Apigee UI.

Public preview release of the Apigee UI in the Google Cloud console

This release includes a new version of the Apigee UI that is integrated with the Google Cloud console. The new UI makes it easier to perform Apigee tasks that are managed in the Cloud console. We welcome your feedback on the new UI: click Send Feedback at the top of the UI.

For now, you can continue to use the classic Apigee UI if you wish: just click Back to Classic Apigee in the new UI.

The following tabs in the classic Apigee UI have not yet been implemented in the Apigee UI in the Cloud console, but they will be available there soon:

  • Develop > Integrations
  • API Security
  • Monetization
  • Analyze > API Metrics > Cache Performance,
  • Analyze > API Metrics > Target Performance
  • Analyze > Developers
  • Analyze > End Users
  • Publish > Portals

If you need to use these features, you can do so by switching to the classic Apigee UI.

This release will be rolled out over the next week, so you might not be able to view the new Apgee UI until the rollout is complete.

February 24, 2023

Apigee hybrid

hybrid v1.8.5

On February 24, 2023 we released an updated version of the Apigee hybrid software, v1.8.5.

For information on upgrading, see Upgrading Apigee hybrid to version 1.8.

Bug ID Description
266594584 Websocket was failing in asm 1.15. This was due to incompatible capitalization in variable names between the Anthos Service Mesh overlay.yaml file and the and the Envoy filter apigee-envoyfilter.yaml file.
266411394 Add support for Azure Front Door request headers to /healthz health check.
260372012 Requests failed with 500 response and keyvaluemap.service.ErrorDuringDecryption error after upgrade to Hybrid 1.8. Note: Fixed in Apigee hybrid 1.8.4 and newer.
245619397 In Apigee hybrid, fluentbit support now includes the NO_PROXY environment variable.
181569522 You can now create a new environment with the same name as a deleted environment without needing to perform manual clean-up tasks first.

February 20, 2023

Apigee API hub

On February 20, 2023 Apigee API hub released a new version of the software.

Bug ID Description
264686707 Vertical scrollbars would not appear if the taxonomy and lifecycle stage tables overflowed the page.
264409346 The API list failed to load if there were over 1,000 APIs registered.

February 14, 2023

Apigee hybrid

hybrid v1.7.6

On February 14, 2023 we released an updated version of the Apigee hybrid software, v1.7.6.

For information on upgrading, see Upgrading Apigee hybrid to version 1.7.

Bug ID Description
268445095 The validateOrg flag can be set to false to bypass upgrade validation errors when configuration includes HTTP Forward proxy. You can use this to avoid upgrade errors caused by HTTP proxy settings.
262699558 The watcher component no longer fails when using Kubernetes Secret to store hybrid service account secret.
181569522 You can now create a new environment with the same name as a deleted environment without needing to perform manual clean-up tasks first.
218567150 The ingress gateway is now configured to consistently preserve UUID in the x-request-id header.
Note: This setting does have some impact on tracing in the ingress gateway. For more information, see pack_trace_reason in "UUID (proto)" in the envoy documentation. (Also fixed in Apigee hybrid v1.8.3)
259264961 Added support for ASM v1.15. Please see Known issue 266452840

February 09, 2023

Apigee Integration

On February 9, 2023 we released an updated version of the Apigee Integration.

Data Mapping Editor improvements

Transform expression changes:

  • You can now add, modify, or remove a function or a function parameter in-between an existing transform expression without losing the subsequent transform functions in the expression.
  • When applying a pre-defined transform function to a variable in the Data Mapping Editor, the function selection menu now displays the list of functions as per the return type of the preceding function or the data type of the preceding parameter.

Data Mapping Editor UI changes:

  • Input rows are updated to display indent guides to improve readability and structure recognition.
  • Mapping validation errors are now highlighted for each function in an Input row.

For more information, see Data Mapping editor.

Application Integration

Data Mapping Editor improvements

Transform expression changes:

  • You can now add, modify, or remove a function or a function parameter in-between an existing transform expression without losing the subsequent transform functions in the expression.
  • When applying a pre-defined transform function to a variable in the Data Mapping Editor, the function selection menu now displays the list of functions as per the return type of the preceding function or the data type of the preceding parameter.

Data Mapping Editor UI changes:

  • Input rows are updated to display indent guides to improve readability and structure recognition.
  • Mapping validation errors are now highlighted for each function in an Input row.

For more information, see Data Mapping editor.

February 08, 2023

Apigee X

On February 8, we released an updated version of Apigee X (1-9-0-apigee-21).

The VerifyAPIKey policy and the VerifyAccessToken action of the OAuth2 policy now support CacheExpiryInSeconds. Setting this variable enforces TTL on the cache and enables customization of the time period for cached token expiry.

Bug ID Description
181569522 Fixed the environment recreate scenario without manual cleanup.
217173784 The HMAC.policy-name.error variable is populated for HMAC failing policies.
257268790 Fixed bug where invalid proxy configuration halted Message Processor boot up.
250638658 Fixed the SetIntegrationRequest policy that fails if the JSON payload contains {foo}.
265204739 Set externalTrafficPolicy:local as default for Apigee X instances to mitigate 502 errors.
N/A Upgraded infrastructure and libraries.

February 06, 2023

Apigee Integration

On February 6, 2023 we released an updated version of the Apigee Integration.

JavaScript task (Preview)

The JavaScript task lets you write custom JavaScript code snippets for your integration.

Using the JavaScript Editor, you can code complex data mapping logic for your integration, perform variable assignments, and add or modify integration variables.

For more information, see JavaScript task.

Delete integration

You can now delete an entire integration without the need to individually delete all the respective integration versions.

When you delete an integration, you permanently delete all the versions of that integration, including all the integration variables, configured triggers, tasks, and data mappings.

For more information, see Delete integrations.

Application Integration

JavaScript task

The JavaScript task lets you write custom JavaScript code snippets for your integration.

Using the JavaScript Editor, you can code complex data mapping logic for your integration, perform variable assignments, and add or modify integration variables.

For more information, see JavaScript task.

Delete integration

You can now delete an entire integration without the need to individually delete all the respective integration versions.

When you delete an integration, you permanently delete all the versions of that integration, including all the integration variables, configured triggers, tasks, and data mappings.

For more information, see Delete integrations.

New Overview page

A new Overview page is now introduced in Application Integration. It's the first place you land when opening Application Integration in your Google Cloud console, and helps you understand and get started with setting up Application Integration in your Google Cloud project.

February 01, 2023

Apigee hybrid

hybrid v1.9.0

On February 1, 2023 we released an updated version of the Apigee hybrid software, v1.9.0.

Kubernetes network policies

Starting in version 1.9, Apigee hybrid offers new Kubernetes network policies to secure Cassandra and Redis pods within an Apigee Hybrid cluster. See Configuring Kubernetes network policies.

CSI Backup and Restore

Starting with Apigee hybrid 1.9, you can back up and restore your hybrid data using CSI (Container Storage Interface) snapshots. CSI backup generates disk snapshots and stores them as encrypted data in cloud storage. See Cassandra CSI backup and restore.

Custom ingress access logs

Starting in version 1.9, Apigee hybrid offers custom log formats for the Apigee Ingress gateway. See Customize Ingress access logs.

Target separate ingress gateways to virtual hosts

Starting in version 1.9, Apigee hybrid you can control how separate Apigee Ingress gateways map to specific virtual hosts. See Targeting an Apigee ingress to a virtual host.

Support for customer-installed Anthos Service Mesh deprecated

Starting in version 1.9, Apigee hybrid only supports the Apigee Ingress gateway for ingress, and no longer supports customer-installed Anthos Service Mesh. See:

Bug ID Description
266356206 A jackson-databind library error was causing OAS Validation errors when loading applications. The jackson-databind libraries have been updated to correctly parse null vs NullMode values. (Fixed in Apigee hybrid v1.9.0)
262616276 Apigee hybrid v1.9 adds support for Kubernetes in AKS v1.24+. Also fixed in Apigee hybrid v1.8.4 and newer (Fixed in Apigee hybrid v1.9.0 and v1.8.4)
260372012 Requests failed with 500 response and keyvaluemap.service.ErrorDuringDecryption error after upgrade to Hybrid 1.8. Also fixed in Apigee hybrid v1.8.4 and newer (Fixed in Apigee hybrid v1.9.0 and v1.8.4)
260324159 Solved up to 30 minute delay proxy deployment due to socket closed error in synchronizer. (Fixed in Apigee hybrid v1.9.0)
259738092 Intermittent 404's were seen at the Apigee Ingress Gateway due to an inconsistent configuration delivery mechanism. (Fixed in Apigee hybrid v1.8.3)
258699204 The default memory requests and limits for metrics pods that were inadvertently changed in 1.8.x. have been fixed. Also fixed in Apigee hybrid v1.8.4 and newer (Fixed in Apigee hybrid v1.9.0 and v1.8.4)
255677576 In fresh installations with Apigee Ingress (instead of user-installed Anthos Service Mesh), the Apigee UI would sometimes show red (not working) status. This is because in certain circumstances Watcher did not send the correct deployment status due to using the wrong selector for the Apigee Ingress Gateway. (Fixed in Apigee hybrid v1.8.3)
251435916 Fixed an issue where in certain circumstances, MP pods would scale without traffic. (Fixed in Apigee hybrid v1.7.5)
249144084 Reuse existing target IPs if DNS resolution fail on DNS cache refresh. (Fixed in Apigee hybrid v1.8.1)
245664917 During the upgrade to Apigee hybrid 1.8.x, after running apigeectl init and confirming that check-ready succeeded, the Cassandra schema validation job was in an error state. Also fixed in Apigee hybrid v1.8.4 and newer (Fixed in Apigee hybrid v1.9.0 and v1.8.4)
243880171 Upgrade from Apigee hybrid v1.7 to v1.8 could fail when http_proxy was configured to DENY internal network traffic. (Fixed in Apigee hybrid v1.8.1)
243717191 Container restart no longer conflicts with the existing certificates.
243599452 Fixed indentation issue with ingress gateway annotations. (Fixed in Apigee hybrid v1.8.2)
243167389 Apigee now validates the length of ingressGateways[].name in overrides.yaml.
TThe value of ingressGateways:name must meet the following requirements:
  • Have a maximum length of 17 characters
  • Contain only lowercase alphanumeric characters, '-' or '.'
  • Start with an alphanumeric character
  • End with an alphanumeric character
See ingressGateways[].name in the Configuration property reference. (Fixed in Apigee hybrid v1.8.1)
243158304 'ApigeeRouteConfig' no longer looks for a cert in the istio-system namespace. (Fixed in Apigee hybrid v1.9.0)
241959053 Fixed apigeectl parsing error for serviceaccountRef. (Fixed in Apigee hybrid v1.8.2)
232529030 Replaced the Logging fluentbit container environment variable http_proxy with HTTP__PROXY to maintain compatibility with fluentbit 1.8. (Fixed in Apigee hybrid v1.8.1)
227212728 Cassandra scripts now avoid writing data to the Pod Filesystem. (Fixed in Apigee hybrid v1.8.1)
218567150 The ingress gateway is now configured to consistently preserve UUID in the x-request-id header. This applies to both Apigee Ingress gateway and to the Istio ingress gateway when are using customer-installed Anthos Service Mesh.
Note: This setting does have some impact on tracing in the ingress gateway. For more information, see pack_trace_reason in the "UUID (proto)" page in the envoy documentation. (Fixed in Apigee hybrid v1.8.3)
Bug ID Description
270371160 In Apigee hybrid v1.9.0, we removed certain insecure TLS ciphers. Apigee hybrid supports the TLS cipher suites supported by the Boring FIPS build of Envoy.

Note: Apigee hybrid only supports the RSA ciphers listed. ECDSA ciphers are not supported.

Bug ID Description
N/A Upgraded to ASM 1.12.9 to address Istio and Go language vulnerabilities in an earlier version (CVE-2022-39278). For more information, see the Service Mesh security bulletin. (Fixed in Apigee hybrid v1.8.2)
N/A Upgraded to ASM 1.12.9 to address Istio and Go language vulnerabilities in an earlier version (CVE-2022-39278). For more information, see the Service Mesh security bulletin. (Fixed in Apigee hybrid v1.7.5)
N/A Miscellaneous Security updates and fixes. (Fixed in Apigee hybrid v1.7.4)
262576073 Security fix for apigee-watcher. Also fixed in Apigee hybrid v1.8.4 and newer (Fixed in Apigee hybrid v1.9.0 and v1.8.4)
This addresses the following vulnerabilities:
262574571 Security fix for apigee-operators. Also fixed in Apigee hybrid v1.8.4 and newer (Fixed in Apigee hybrid v1.9.0 and v1.8.4)
This addresses the following vulnerabilities:
259290668 Update Kubectl in the backup utility. (Fixed in Apigee hybrid v1.8.3)
This addresses the following vulnerabilities:
256019598 Security fix for Cassandra. Also fixed in Apigee hybrid v1.8.4 and newer (Fixed in Apigee hybrid v1.9.0 and v1.8.4)
This addresses the following vulnerabilities:
254862745, 249630685 Security fix for apigee-diagnostics-runner and apigee-envoy. (Fixed in Apigee hybrid v1.8.3)
This addresses the following vulnerabilities:
254774193, 254773110 Fix for vulnerability in apigee-diagnostics-collector, apigee-mart-server, and apigee-mint-task-scheduler. (Fixed in Apigee hybrid v1.8.3)
This addresses the following vulnerability:
254774167 Fix for apigee-mart-server, apigee-mint-task-scheduler, apigee-runtime, and apigee-synchronizer. (Fixed in Apigee hybrid v1.8.3)
This addresses the following vulnerabilities:
254773838, 254773636, 254772551, 254771693 Fix for vulnerability in apigee-diagnostics-collector, apigee-mart-server, apigee-mint-task-scheduler, apigee-runtime, and apigee-synchronizer. (Fixed in Apigee hybrid v1.8.3)
This addresses the following vulnerabilities:
254770883, 249633275, 249629782 Security fixes for apigee-diagnostics-collector, apigee-mart-server, apigee-runtime, and apigee-synchronizer. (Fixed in Apigee hybrid v1.8.3)
This addresses the following vulnerabilities:
253693906 Upgraded Prometheus to 2.39.1 to address vulnerabilities in an earlier version. (Fixed in Apigee hybrid v1.8.2)
This addresses the following vulnerabilities:
253498057 Upgraded Fluent Bit to 1.9.9 to address vulnerabilities in an earlier version. (Fixed in Apigee hybrid v1.8.2)
This addresses the following vulnerabilities:
249635718, 249629771 Security fixes for Apigee Connect and apigee-redis. (Fixed in Apigee hybrid v1.8.3)
This addresses the following vulnerabilities:
249633289 Fix for apigee-prometheus-adapter. (Fixed in Apigee hybrid v1.8.3)
This addresses the following vulnerabilities:
248288668 Fixes to address apigee-installer vulnerabilities. (Fixed in Apigee hybrid v1.8.2)
247864229 upgraded kube-rbac-proxy to v0.13.0 to address vulnerabilities in an earlier version. (Fixed in Apigee hybrid v1.8.2)
240833499 Security fix for gopkg.in/yaml.v3. (Fixed in Apigee hybrid v1.7.4)
230369447 Security fix for commons-codec (Fixed in Apigee hybrid v1.7.4)
230368838 Security fix for CVE-2018-10237, auto-value:guava. (Fixed in Apigee hybrid v1.7.4)
230366823 Security fix for jackson-databind. (Fixed in Apigee hybrid v1.7.4)
230366589 Security fix for CVE-2021-22696-cxf in cxf. (Fixed in Apigee hybrid v1.7.4)
230366276 Security fix for CVE-2021-22569. (Fixed in Apigee hybrid v1.7.4)
229804717 Security fix for apigee-envoy. (Fixed in Apigee hybrid v1.7.4)
222772470, 220169963, 210116413 Security fix for CVE-2021-38297: Updated Go language version. (Fixed in Apigee hybrid v1.8.1)
222772341, 222772333, 222772261, 222771839 Security fix for CVE-2022-23806: Updated Go language version. (Fixed in Apigee hybrid v1.8.2)
202174499 Fixed Vulnerability for protobuf-java and protobuf-java-util packages. (Fixed in Apigee hybrid v1.8.2)

January 26, 2023

Apigee hybrid

hybrid v1.8.4

On January 26, 2023 we released an updated version of the Apigee hybrid software, v1.8.4. For information on upgrading, see Upgrading Apigee hybrid to version 1.8.

Bug ID Description
262699558 The watcher component failed when using Kubernetes Secret to store hybrid service account secret.
262616276 Added support for Kubernetes v1.24 and v1.25
260372012 Requests failed with 500 response and keyvaluemap.service.ErrorDuringDecryption error after upgrade to Hybrid 1.8.
258699204 The default memory requests and limits for metrics pods that were inadvertently changed in 1.8.x. have been fixed.
245664917 During the upgrade to Apigee hybrid 1.8.x, after running apigeectl init and confirming that check-ready succeeded, the Cassandra schema validation job was in an error state.
Bug ID Description
262576073 Security fix for apigee-watcher. This addresses the following vulnerabilities:
CVE-2022-41716
CVE-2022-41715
CVE-2022-2880
CVE-2022-2879
262574571 Security fix for apigee-operators. This addresses the following vulnerabilities:
CVE-2022-41716

January 17, 2023

Apigee Integrated Portal

On January 17, 2023 we released an updated version of Apigee integrated portal.

Bug ID Description
262260756 We have updated the new account notification to administrators to read:

"A new account was created by {{firstname}} {{lastname}} ({{email}}), for site {{siteurl}}. If you have enabled manual approval for new user accounts, this user will not be able to log in until you approve their account creation request by setting their status to 'active'."

This is to highlight that they need to manually activate new accounts ONLY if they have enabled manual approval for new accounts.
261788412 Updated the version of GraphiQL used in the portal.

January 11, 2023

Apigee UI

On January 11, 2023, we released an updated version of the Apigee UI.

GA release of the new Proxy Editor

The new Proxy Editor simplifies the process of adding policies to an API proxy, configuring those policies, and then deploying the proxy.

January 10, 2023

Apigee Integration

On January 10, 2023 we released an updated version of the Apigee Integrations software.

Cloud Scheduler trigger (Preview)

The Cloud Scheduler trigger lets you schedule your integration executions for defined time periods or regular intervals across multiple regions. Cloud Scheduler triggers leverage the Cloud Scheduler services to provide a fully managed enterprise-grade cron job scheduler within Apigee Integration.

For more information, see Cloud Scheduler trigger.

Application Integration

Cloud Scheduler trigger

The Cloud Scheduler trigger lets you schedule your integration executions for defined time periods or regular intervals across multiple regions. Cloud Scheduler triggers leverage the Cloud Scheduler services to provide a fully managed enterprise-grade cron job scheduler within Application Integration.

For more information, see Cloud Scheduler trigger.

January 09, 2023

Apigee UI

On January 9, 2023, we released an updated version of the Apigee UI.

Specify an IP range with prefix /28 when creating a new instance

Previously, you could only specify an IP range with prefix /22 when creating an instance. This change makes it possible to specify /28 ranges as well as /22 ranges when creating an Apigee instance in the instance manager or the provisioning wizard.

Bug ID Description
255609921 Advanced API Security table rows now use links or span tags

January 04, 2023

Apigee Connectors

On January 04, 2023, we released the preview version of new connectors for Apigee.

The following new connectors are available in preview:

December 26, 2022

Apigee Integration

On December 26, 2022 we released an updated version of the Apigee Integrations software.

Test without publishing an integration

You can now test your integration without the need to publish or create a new integration version. Testing an integration lets you experiment with the integration input variable values, and helps in identifying any faults in the integration connection flow before you finalize and publish the integration.

For more information, see Test and publish integrations.

Application Integration

Test without publishing an integration

You can now test your integration without the need to publish or create a new integration version. Testing an integration lets you experiment with the integration input variable values, and helps in identifying any faults in the integration connection flow before you finalize and publish the integration.

For more information, see Test and publish integrations.

December 22, 2022

Apigee Connectors

On December 22, 2022, we released the preview version of new connectors for Apigee.

The following new connectors are available in preview:

Connectors for Google services

Connectors for other applications

  1. Box
  2. Couchbase
  3. FTP
  4. IBM MQ
  5. Kintone
  6. MailChimp
  7. Neo4J
  8. Redshift
  9. SAP HANA
  10. SAP Netweaver Gateway
  11. SendGrid
  12. Shopify
  13. SingleStore
  14. Snowflake
  15. Streak
  16. Stripe
  17. TaxJar
  18. Trello

December 14, 2022

Apigee Integrated Portal

On December 14, 2022 we released an updated version of Apigee integrated portal.

Bug ID Description
260725456 The x-xss-protection header on portal runtime loading changed from value of "1;" to be "1; mode=block".
254053443 Fixed a bug to ensure that a Not found page is displayed whenever an invalid document path is navigated to in a portal.

December 08, 2022

Apigee X

On December 8, we released an updated version of Apigee X.

GA release of Simplified Onboarding for Apigee X (Pay-as-you-go) in the Google Cloud console.

With this release, new Apigee customers using Pay-as-you-go pricing can quickly configure Apigee using a simplified onboarding flow accessible from the Google Cloud console.

  • The new onboarding UI provides stepped navigation consistent with other products available in the console.
  • Apigee X (Pay-as-you-go) provisioning is simplified but remains flexible. Default settings are provided, with the option to customize as needed.
  • Improved contextual help streamlines decision-making during onboarding.

See Before you begin and Get started in the Cloud Console for more details on provisioning Apigee X with Pay-as-you-go pricing from the Google Cloud console.

December 05, 2022

Apigee hybrid

hybrid v1.8.3

On December 5, 2022 we released an updated version of the Apigee hybrid software, v1.8.3.

For information on upgrading, see Upgrading Apigee hybrid to version 1.8.

Bug ID Description
259738092 Intermittent 404's were seen at the Apigee Ingress Gateway due to an inconsistent configuration delivery mechanism.
255677576 In fresh installations with Apigee Ingress (instead of user-installed Anthos Service Mesh), the Apigee UI would sometimes show red (not working) status. This is because in certain circumstances Watcher did not send the correct deployment status due to using the wrong selector for the Apigee Ingress Gateway.
218567150 The ingress gateway is now configured to consistently preserve UUID in the x-request-id header. This applies to both Apigee Ingress gateway and to the Istio ingress gateway when are using customer-installed Anthos Service Mesh.
Note: This setting does have some impact on tracing in the ingress gateway. For more information, see pack_trace_reason in the "UUID (proto)" page in the envoy documentation.
Bug ID Description
259290668 Update Kubectl in the backup utility. This addresses the following vulnerabilities:
CVE-2022-42004
CVE-2022-42003
CVE-2022-32189
CVE-2022-30635
CVE-2022-30633
CVE-2022-30632
CVE-2022-30631
CVE-2022-30630
CVE-2022-30580
CVE-2022-28327
CVE-2022-28131
CVE-2022-27664
CVE-2022-25857
CVE-2022-24921
CVE-2022-24675
CVE-2022-23773
CVE-2022-23772
CVE-2022-23635
CVE-2022-0391
CVE-2021-39156
CVE-2021-39155
CVE-2021-37137
CVE-2021-37136
CVE-2021-29482
CVE-2021-20190
CVE-2021-3121
CVE-2020-36518
CVE-2020-36189
CVE-2020-36188
CVE-2020-36187
CVE-2020-36186
CVE-2020-36185
CVE-2020-36184
CVE-2020-36183
CVE-2020-36182
CVE-2020-36181
CVE-2020-36180
CVE-2020-36179
CVE-2020-35728
CVE-2020-35491
CVE-2020-35490
CVE-2020-29652
CVE-2020-25649
CVE-2020-24750
CVE-2020-24616
CVE-2020-17516
CVE-2020-16845
CVE-2020-14195
CVE-2020-14062
CVE-2020-14061
CVE-2020-14060
CVE-2019-16869
CVE-2019-9674
CVE-2019-0205
CVE-2018-1320
CVE-2017-18640
CVE-2016-5397
254862745, 249630685 Security fix for apigee-diagnostics-runner and apigee-envoy. This addresses the following vulnerabilities:
CVE-2021-3999
CVE-2022-2068
254774167 Fix for apigee-mart-server, apigee-mint-task-scheduler, apigee-runtime, and apigee-synchronizer. This addresses the following vulnerabilities:
CVE-2022-42004
CVE-2022-42003
254773838, 254773636, 254772551, 254771693 Fix for vulnerability in apigee-diagnostics-collector, apigee-mart-server, apigee-mint-task-scheduler, apigee-runtime, and apigee-synchronizer. This addresses the following vulnerabilities:
CVE-2022-25857
CVE-2022-0239
CVE-2021-37136
CVE-2021-30468
CVE-2017-18640
254774193, 254773110 Fix for vulnerability in apigee-diagnostics-collector, apigee-mart-server, and apigee-mint-task-scheduler. This addresses the following vulnerability:
CVE-2022-2048
254770883, 249633275, 249629782 Security fixes for apigee-diagnostics-collector, apigee-mart-server, apigee-runtime, and apigee-synchronizer. This addresses the following vulnerabilities:
CVE-2022-42889
CVE-2022-42004
CVE-2022-42003
CVE-2022-40150
CVE-2022-40149
CVE-2022-38752
CVE-2022-38751
CVE-2022-38750
CVE-2022-38749
CVE-2022-25857
CVE-2022-3171
CVE-2022-2097
CVE-2022-2068
CVE-2022-2048
CVE-2022-2047
CVE-2022-1292
CVE-2021-31684
CVE-2021-29425
CVE-2021-27568
CVE-2020-13936
CVE-2020-8908
CVE-2019-18276
CVE-2018-10237
CVE-2017-18640
249635718, 249629771 Security fixes for Apigee Connect and apigee-redis. This addresses the following vulnerabilities:
CVE-2022-32189
CVE-2022-30635
CVE-2022-30633
CVE-2022-30632
CVE-2022-30631
CVE-2022-30630
CVE-2022-30580
CVE-2022-28327
CVE-2022-28131
CVE-2022-27664
CVE-2022-24921
CVE-2022-24675
CVE-2022-23773
CVE-2022-23772
249633289 Fix for apigee-prometheus-adapter. This addresses the following vulnerabilities:
CVE-2022-21698
CVE-2022-1996

November 29, 2022

Apigee Integration

On November 29, 2022 we released an updated version of the Apigee Integrations software.

Integration variable color code

The color codes of all the integration variable data types is removed and now changed to a single uniform color. Integration variables will no longer be color coded (green, blue, orange) based on their data type.

See Format of an integration variable.

Data Mapping editor

  • The background color of the Input and Output row is changed to a single uniform color.
  • Input rows are updated to add line breaks and indentations according to the use of mapping functions to improve readability and structure recognition.
  • A confirmation dialog is displayed before proceeding to delete an entire Input row.

See Data Mapping editor.

November 23, 2022

Apigee Integration

On November 23, 2022 we released an updated version of the Apigee Integrations software.

Bug ID Description
250638658 Updated the behaviour of the SetIntegrationRequest policy to identify payload parameter strings enclosed within $# and #$ as flow variables.

SetIntegrationRequest policy payload parameter strings enclosed within { and } are no longer identified as flow variables.

November 18, 2022

Apigee X

On November 18, 2022, we released an updated version of Apigee X (1-9-0-apigee-16).

Bug ID Description
257268790 There is an edge case scenario where an invalid resource or bundle configuration resulting in unhandled exception will result in failure that leads to restart of runtime pods or bootup of new runtime pods.

November 14, 2022

Apigee Monetization

On November 14, 2022 we released an updated version of the Apigee Monetization software.

Added support for a new recurring fees

Apigee X now supports optional recurring fees charged to API developers. For more information on fees, see Understanding billing.

November 10, 2022

Apigee Integrated Portal

On November 10, 2022 we released an updated version of Apigee integrated portal.

Bug ID Description
246636016 Updated the handling of linked or uploaded empty specification files for API catalog items, and added a meaningful error message.
226406073 In the portal list view, changed column Last Published to Created. Sorting is by oldest portal at top.
182687440 Updated the file filter for icon upload so you can choose and upload .ico files.
153886771 Fixed an issue with identity provider configuration where SAML certificate data would not correctly render after initial upload.
Apigee Monetization

On November 10, 2022 we released an updated version of the Apigee Monetization software.

Added support for a new setup fee

Apigee X now supports an optional setup fee charged to new API developers. For more information on fees, see Understanding billing.

November 04, 2022

Apigee Integration

On November 4, 2022 we released an updated version of the Apigee Integration software.

US multi-region (us) for Apigee Integration is deprecated. Use us-east1, us-west1, or us-central1 locations instead

As of November 10, 2022, you can no longer create an integration in the US multi-region (us) location. Any existing integration running in US multi-region (us) will be stopped on or after January 10, 2023.

It's recommended that you perform the following actions before January 10, 2023:

  • Clone your existing integrations to us-east1, us-west1, us-central1, or any of the supported regions. For information about how to clone an integration, see Clone integrations.

  • Migrate your existing integration proxies to us-east1, us-west1, us-central1, or any of the supported regions. You can do this by manually updating the IntegrationRegion child element in the SetIntegrationRequest policy.

Apigee X

On November 4, 2022 we released an updated version of Apigee X.

Apigee support for using Private Service Connect (PSC) for client-to-Apigee (northbound) traffic is now GA. In addition, we now support using PSC for northbound routing in multi-region configurations. For details, see Expanding Apigee to multiple regions. See also Northbound networking with Private Service Connect and Migrate northbound routing to Private Service Connect.

November 02, 2022

Apigee hybrid

hybrid v1.7.5

On November 2, 2022 we released an updated version of the Apigee hybrid software, v1.7.5.

For information on upgrading, see Upgrading Apigee hybrid to version 1.7.

Bug ID Description
251435916 Fixed an issue where in certain circumstances, MP pods would scale without traffic.
241959053 Fixed apigeectl parsing error for serviceaccountRef.
Bug ID Description
253693906 Upgraded Prometheus to 2.39.1 to address vulnerabilities in an earlier version. This change addresses the following vulnerabilities:
CVE-2022-24675
CVE-2022-27664
CVE-2022-28131
CVE-2022-28327
CVE-2022-30580
CVE-2022-30630
CVE-2022-30631
CVE-2022-30632
CVE-2022-30633
CVE-2022-30635
CVE-2022-32189
253498057 Upgraded Fluent Bit to 1.9.9 to address vulnerabilities in an earlier version. This change addresses the following vulnerabilities:
CVE-2022-1292
CVE-2022-2068
CVE-2021-3999
CVE-2022-23218
CVE-2022-23219
CVE-2022-25013
CVE-2021-33574
CVE-2018-12886
CVE-2022-0778
248288668 Fixes to address apigee-installer vulnerabilities.
247864229 upgraded kube-rbac-proxy to v0.13.0 to address vulnerabilities in an earlier version.
N/A Upgraded to ASM 1.12.9 to address Istio and Go language vulnerabilities in an earlier version (CVE-2022-39278). For more information, see the Service Mesh security bulletin.

October 27, 2022

Apigee API hub

On October 27, 2022 Apigee API hub released a new version of the software.

A link to the Settings page has been added to the APIs list page.

See: Discover APIs using APIs list

Bug ID Description
254505866 Provisioning API hub using the UI failed if you selected a region other than the following: asia-east1, asia-southeast1, europe-west1, europe-west4, us-central1, us-east1, us-west1, us-west4.
Apigee X

On October 27, 2022 we released an updated version of Apigee X.

This release contains the General Acceptance (GA) release of Advanced API Security, which:

  • Detects unwanted requests sent to your APIs, including attacks by bots or other malicious agents.
  • Evaluates the security of your API configurations and provides recommendations for improvements.

Advanced API Security is a paid add-on to Apigee. You can try out Advanced API Security for free in any trial org—follow the procedure described in Enable Advanced API Security. Contact Apigee to learn more.

Apigee hybrid

hybrid v1.8.2

On October 27, 2022 we released an updated version of the Apigee hybrid software, v1.8.2.

For information on upgrading, see Upgrading Apigee hybrid to version 1.8.

Bug ID Description
253693906 Upgraded Prometheus to 2.39.1 to address vulnerabilities in an earlier version. This change addresses the following vulnerabilities:
CVE-2022-24675
CVE-2022-27664
CVE-2022-28131
CVE-2022-28327
CVE-2022-30580
CVE-2022-30630
CVE-2022-30631
CVE-2022-30632
CVE-2022-30633
CVE-2022-30635
CVE-2022-32189
253498057 Upgraded Fluent Bit to 1.9.9 to address vulnerabilities in an earlier version. This change addresses the following vulnerabilities:
CVE-2022-1292
CVE-2022-2068
CVE-2021-3999
CVE-2022-23218
CVE-2022-23219
CVE-2022-25013
CVE-2021-33574
CVE-2018-12886
CVE-2022-0778
248288668 Fixes to address apigee-installer vulnerabilities.
247864229 upgraded kube-rbac-proxy to v0.13.0 to address vulnerabilities in an earlier version.
N/A Upgraded to ASM 1.12.9 to address Istio and Go language vulnerabilities in an earlier version (CVE-2022-39278). For more information, see the Service Mesh security bulletin.

October 24, 2022

Apigee X

On October 24, 2022, we released an updated version of Apigee X (1-9-0-apigee-5).

Some runtime error messages have been improved with a reason code. To display only the error codes with a reason code, scroll down to Search and type reason. The error catalog filters the view.

See: Runtime error catalog

Bug ID Description
252818300 Fixed issue with failing web socket connections.
249580739 This feature introduces a new filter-based mechanism to display API products.
249521773 Endpoint attachment ID naming convention change. The ID must start with a lowercase letter followed by up to 31 lowercase letters, numbers, or hyphens, and cannot end with a hyphen. The minimum length is 2. See Create an endpoint attachment.
249069616 Fixed issue where error in DebugSession could interrupt runtime flow.
248631925 The Developer List API has been enhanced to support pagination in a Google-wide consistent pattern.
247540503 Race condition with encryption key lookup causing KVM lookup failures.
246774745 io.timeout.millis not honored, causing 504 Gateway timeout for dynamic targets.
246193561 Disabling/Destroying of customer cloud KMS key impacted the runtime after 5 minutes and data that was encrypted with the key could not be accessed by Apigee data plane.
241786534 MART is able to send logs to UDCA successfully now.
240618523 Dynamically setting target.url now supports websocket protocols (ws and wss)
218567150 X-request-id headers modified at 14th character.
206879901 Fixed issue where Response headers were not visible from debug screen.
173566787 Message Processors behavior is changed. Message Processors will now reuse existing target IP addresses once if DNS resolution fails during DNS cache refresh
159599332 The flow variable servicecallout.requesturi reflects appropriately if the URI is constructed using multiple variables.
N/A Upgraded infrastructure and libraries
Bug ID Description
204965286 Security fix for CVE-2022-25647
193613381 Security fix for CVE-2021-21290 in netty-transport

October 19, 2022

Apigee Integrated Portal

On October 19, 2022 we released an updated version of Apigee integrated portal.

Bug ID Description
239424786 When reusing your portal custom domain with other sites, the cookies for the domain can get larger. This fix allows you to send cookies up to 16K in size, up from the previous 8K limit.
237181283 Pressing the enter button in the input field of Portals > Accounts > Authentication > Account creation & sign in no longer opens a file explorer window.
233933177 The email notification field for new account creation can be only a single email address, and not multiple email addresses separated by a delimiter (ie , space or tab). This fix adds validation on the client side to enforce this limitation.

October 18, 2022

Apigee Adapter for Envoy

v2.0.6

On October 18, 2022, we released version 2.0.6 of Apigee Adapter for Envoy.

Security release to address a Denial of Service (DoS) vulnerability in a dependency library. See CVE-2022-28948.

October 17, 2022

Apigee API hub

On October 17, 2022 Apigee API hub released a new version of the software.

New UI provisioning wizard

Added a wizard to the API hub UI to provide a simpler provisioning process.

See: Provision API hub using the UI

Updated the layout of the score card display in the API overview tab.

See: Scorecard

October 06, 2022

Apigee X

On October 6, 2022, Apigee announced the GA launch of Cloud Monitoring for Apigee gateway node usage for Pay-as-you-go customers.

The availability of Apigee gateway node usage metrics in Cloud Monitoring enables Pay-as-you-go customers to view node usage, create dashboards, and configure alerting policies using Cloud Monitoring interfaces. For more information, see View usage and estimate your bill.

October 04, 2022

Apigee Integration

On October 4, 2022 we released an updated version of the Apigee Integration software.

Apigee Integration trials

Starting with this release, Apigee Integration trials (eval org) is available in Application Integration. Users in a newly provisioned Apigee eval org will be redirected to Application Integration when they open Integrations in Apigee. You can continue using the Apigee proxies (created in the eval org) with the integrations created in Application Integration.

October 01, 2022

Apigee hybrid

hybrid new installation experience public preview

On September 30, 2022 we released the public preview of the new Apigee hybrid installation experience.

Overview

The new Apigee hybrid installation experience provides a Kubernetes way of installing Apigee components using kubectl. The enhanced validations and visibility of the components being installed provides better debuggability and improves the overall install process.

An install script, apigee-hybrid-setup.sh, provides an easy tool for basic installation. You can use that to create your hybrid installation and then modify it to fit your needs with kubectl, or you can create your hybrid installation from scratch using kubectl. All Apigee hybrid configuration properties are stored in yaml files, one for each major component. This allows much more granular control of your hybrid installation on your Kubernetes environment.

Preview release

The new Apigee hybrid installation experience and its documentation are part of a preview release. Apigee does not warranty the software or the procedures in this preview. The software and documentation are subject to change without notice.

September 29, 2022

Apigee hybrid

hybrid v1.8.1

On September 29, 2022 we released an updated version of the Apigee hybrid software, v1.8.1.

For information on upgrading, see Upgrading Apigee hybrid to version 1.8.

Bug ID Description
249144084 Reuse existing target IPs if DNS resolution fail on DNS cache refresh.
243880171 Upgrade from Apigee hybrid v1.7 to v1.8 could fail when http_proxy was configured to DENY internal network traffic.
243717191 Container restart no longer conflicts with the existing certificates.
243599452 Fixed indentation issue with ingress gateway annotations.
243167389 Apigee now validates the length of ingressGateways[].name in overrides.yaml.
TThe value of ingressGateways:name must meet the following requirements:
  • Have a maximum length of 17 characters
  • Contain only lowercase alphanumeric characters, '-' or '.'
  • Start with an alphanumeric character
  • End with an alphanumeric character
See ingressGateways[].name in the Configuration property reference.
241959053 Fixed apigeectl parsing error for serviceaccountRef.
232529030 Replaced the Logging fluentbit container environment variable http_proxy with HTTP__PROXY to maintain compatibility with fluentbit 1.8.
227212728 Cassandra scripts now avoid writing data to the Pod Filesystem.
Bug ID Description
222772470, 220169963, 210116413 Security fix for CVE-2021-38297: Updated Go language version.
222772341, 222772333, 222772261, 222771839 Security fix for CVE-2022-23806: Updated Go language version.
202174499 Fixed Vulnerability for protobuf-java and protobuf-java-util packages.

September 28, 2022

Application Integration

Application Integration Preview Release

Application Integration is now available in preview. Application Integration is an Integration-Platform-as-a-Service (iPaaS) solution in Google Cloud that offers a comprehensive set of core integration tools to connect and manage the multitude of applications and data required to support various business operations.

For more information about the Application Integration features and functionalities, see Application Integration documentation.

September 26, 2022

Apigee API hub

On September 26, 2022 Apigee API hub released a new version of the software.

Bug ID Description
248598430 Scorecard display did not select the latest spec by default when the recommended deployment pointed to a spec with no scorecard.
Apigee X

Availability of scripts to recreate Apigee instances created before January 25, 2022.

If you have an Apigee instance that was created before January 25, 2022, Apigee recommends that you replace it with a new instance. If you do not recreate the older instance, you may experience scaling issues and the number of environments you can add to an instance will continue to be limited to 10.

For more information and detailed instructions, see Recreating an Apigee instance with zero downtime

September 19, 2022

Apigee API hub

On September 19, 2022 Apigee API hub released a new version of the software.

Scorecard added to Apigee API hub API overview page

The scorecard allows you to display score or health information about your APIs on the API overview page.

The default scorecard configuration uses OpenAPI v2 and OpenAPI v3 specs and is analyzed using the Spectral linter to generate a Lint summary.

Specify whether the scorecard is displayed or hidden on the Settings page.

Help links added to Apigee API hub blank APIs list page

If there are no APIs registered, the APIs list page will display links pointing to API registration documentation.

September 14, 2022

Apigee X

On September 14, 2022 we released an updated version of the Apigee X software.

When using local development with Apigee in VS Code, the following pre-release features are available as part of the Insiders build (v1.21.0 and higher):

September 12, 2022

Apigee Integrated Portal

On September 12, 2022 we released an updated version of Apigee integrated portal.

Bug ID Description
237412458 Fixed an issue where some SMTP settings were not migrated to an upgraded portal.
235634994 Implemented a minor security fix to block content spoofing in the API search page.
233407912 When creating a new App key for products that have been set to manual approval, but have already been approved, the new key will "auto" approve and not have to go through the approval process again.

September 09, 2022

Apigee X

On September 09, 2022, we released an updated version of Apigee X.

With this release, Apigee support for Private Service Connect (PSC) is GA. PSC allows you to privately connect Apigee to target services running across VPC networks in addition to the peered network. For more information, see Southbound networking patterns.

September 06, 2022

Apigee API hub

On September 6, 2022 Apigee hub released a new version of the software.

API hub has been upgraded to use a later version of the Registry API open-sourced project. See v0.5.6 on GitHub for details.

Bug ID Description
N/A Multiple fixes as listed at v0.5.6 Changelog on GitHub.

September 02, 2022

Apigee hybrid

hybrid v1.7.4

On September 2, 2022 we released an updated version of the Apigee hybrid software, v1.7.4.

For information on upgrading, see Upgrading Apigee hybrid to version 1.7.

Bug ID Description
232529030 Replaced the Logging fluentbit container environment variable http_proxy with HTTP_PROXY to maintain compatibility with fluentbit 1.8.
Bug ID Description
240833499 Security fix for gopkg.in/yaml.v3.
230369447 Security fix for commons-codec
230368838 Security fix for CVE-2018-10237, auto-value:guava.
230366823 Security fix for jackson-databind.
230366589 Security fix for CVE-2021-22696-cxf in cxf.
230366276 Security fix for CVE-2021-22569.
229804717 Security fix for apigee-envoy.
N/A Miscellaneous Security updates and fixes.

September 01, 2022

Apigee Integration

On September 01, 2022 we released an updated version of the Apigee Integration software.

Region support for integration endpoint

August 30, 2022

Apigee X

On August 30, 2022, Apigee announced the GA launch of Pay-as-you-go pricing, a consumption-based model for Google's Apigee Platform.

When you use Pay-as-you-go pricing for Apigee, you are charged for the following:

  • The number of Apigee gateway nodes in the Apigee organization
  • The number of API requests processed by Apigee Analytics services
  • The amount of network usage

For more information, see the Pay-as-you-go overview and the Pay-as-you-go Example pricing.

With this release, the Apigee Pay-as-you-go pricing model includes a maximum Apigee gateway node count of 1,000 across all environments in a region.

August 25, 2022

Apigee API hub

On August 25, 2022 Apigee hub released a new version of the software.

API hub has been upgraded to use a later version of the Registry API open-sourced project. See v0.5.5 on GitHub for details.

Bug ID Description
N/A Multiple fixes as listed at v0.5.5 Changelog on GitHub.

August 23, 2022

Apigee API hub

On August 23, 2022 Apigee hub released a new version of the software.

API hub has been upgraded to use a later version of the Registry API open-sourced project. See v0.5.4 on GitHub for details.

Bug ID Description
N/A Multiple fixes as listed at v0.5.4 Changelog on GitHub.
Apigee UI

On August 23, 2022, we released an updated version of the Apigee UI.

Note: Rollouts of this release will begin today and may take several weeks to be completed across all Google Cloud zones. Your instances may not have the features and fixes available until the rollout is complete.

With this release, the Apigee UI will display the new version of the Proxy Editor by default.

In this release, you can view both the visual editor and the text editor at the same time in the Develop view, without having to manually switch between the two. You can also resize the display area of either editor to view it more easily. See Change the target endpoint for a description of the changes to the editor layout.

August 22, 2022

Apigee X

On August 22, 2022, we released an updated version of Apigee X (1-8-0-apigee-33).

Bug ID Description
N/A Upgraded infrastructure and libraries

Value of io.timeout.millis is not honored when used with multiple dynamic targets.

If a proxy sets two or more io.timeout.millis values in two or more flows using the same target host, only one io.timeout.millis value is honored.

Apigee hybrid

hybrid v1.8.0

On August 22, 2022 we released an updated version of the Apigee hybrid software, v1.8.0.

For information on upgrading, see Upgrading Apigee hybrid to version 1.8.

Apigee Ingress gateway

Starting in version 1.8, Apigee hybrid offers a new feature to manage the ingress gateway for your hybrid installation, Apigee ingress gateway. Anthos Service Mesh is no longer a prerequisite for hybrid installation. With Apigee ingress gateway, Apigee will stop supplying routing configuration to Anthos Service Mesh. See Managing Apigee ingress.

ORG-level UDCA

Apigee hybrid now supports setting UDCA at the org level instead of at the environment level. See orgScopedUDCA in the Configuration property reference.

Support for newer versions of Anthos, Anthos Service Mesh, and Kubernetes

Starting in version 1.8, Apigee hybrid supports Anthos version 1.12, Anthos Service Mesh version 1.13, and Kubernetes version 1.23 on specific platforms. See Apigee hybrid supported platforms and versions for details.

KVM pagination

The Key Value Map (KVM) CRUD APIs with pagination support are now available in Hybrid (introduced in Apigee X on March 10, 2022). See REST Resource: organizations.keyvaluemaps and REST Resource: v1.organizations.environments.keyvaluemaps.

apigeectl now supports the --v option to set the log verbosity level

Starting in version 1.8, apigeectl includes a --v option to set log verbosity levels in the format --v=int, for example apigeectl apply --v=5. This option replaces the --verbose option (now deprecated). This is the same as the kubectl --v option. See apigeectl for details.

tools/apigee-pull-push.sh includes a –list option to list all images

Starting in version 1.8, The tools/apigee-pull-push.sh utility has a --list or -l option that will list all images in the gcr repo. See apigee-pull-push.sh for details.

Bug ID Description
239854141 apigee-pull-push.sh now uses gcr source repositories. (Fixed in Apigee hybrid v1.8.0)
238370197 Fixed an issue where the timeTaken variable's value could sometimes be calculated incorrectly. (Fixed in Apigee hybrid v1.7.3)
236399482 Added support for ASM v1.13. (Fixed in Apigee hybrid v1.7.2)
236129944 Fixed the controller crashloopbackoff due to null pointer issue. (Fixed in Apigee hybrid v1.6.9)
236129944 Fixed the controller crashloopbackoff resulting from null pointer. (Fixed in Apigee hybrid v1.7.2)
234620567 Fix logger issue in Anthos BareMetal with CentOS. (Fixed in Apigee hybrid v1.6.9)
234355351 Fixed issue with message processor pods restarting frequently. Added backoff polling task for Cloud KMS key listener. The listener is paused only when the flush policy is met. (Fixed in Apigee X, June 21, 2022)
233349518 Fixed "Invalid Resource" error generated for job/apigee-resources-install. (Fixed in Apigee hybrid v1.7.1)
233094108 Fixed Stacktrace truncation in runtime containers to support proxy diagnosis. (Fixed in Apigee hybrid v1.7.2)
232977937 Fixed an issue where deployment would become stuck on "Applying routing changes on" for multiple ingress gateways. (Fixed in Apigee hybrid v1.7.1)
231313050 Fixed issue causing Apigee logger pod to remain in crashloopbackoff state. (Fixed in Apigee hybrid v1.7.2)
229824389 Fixed an issue in hybrid 1.7.0 where the output apigeectl init could be generated in the wrong order. (Fixed in Apigee hybrid v1.7.1)
229804717 Fixed upgrade envoy to use distroless v1.22.0. (Fixed in Apigee hybrid v1.7.1)
229639530 Fixed an error harmonizing the container process ID to use Apigee ID for Hybrid on OpenShift. (Fixed in Apigee hybrid v1.7.1)
228855520 Upgraded support for ASM version 1.13. (Fixed in Apigee X, May 9, 2022)
227600373 Fixed an installation issue with Cassandra. (Fixed in Apigee hybrid v1.6.7)
227538469 Fixed an issue where configuration actions would write logs to the pod file system. (Fixed in Apigee hybrid v1.7.1)
226964206 MART, runtime and synchronizer would write to the pod file system. (Fixed in Apigee hybrid v1.7.1)
226464960 Apigee hybrid fresh installations on OpenShift 4.6 and 4.8 would fail. (Fixed in Apigee hybrid v1.6.7)
225939342 Fixed an error where deployment status would show as "Applying routing changes on {env}". (Fixed in Apigee hybrid v1.7.1)
225198475 Fixed an issue where resource reference changes could not be detected. (Fixed in Apigee hybrid v1.7.1)
225169066 Cassandra database backup and restore was not working when http_proxy is enabled under certain circumstances. (Fixed in Apigee hybrid v1.5.10)
225081332 Fixed allow privileged pods issue. (Fixed in Apigee hybrid v1.7.1)
224620542 On some Kubernetes platforms, logging would fail without adding an empty directory for the logs. (Fixed in Apigee hybrid v1.6.7)
223081301 Fixed organization-level UDCA incorrect http-proxy secret name. (Fixed in Apigee hybrid v1.6.7)
222649295 Organization-level UDCA would hang. (Fixed in Apigee hybrid v1.6.7)
221885751 Hybrid logging functionality has been reworked. This should resolve issues with excessive log volume generation, frequent logger restarts, and ensure correct logger functionality with both docker and containerd runtimes. (Fixed in Apigee hybrid v1.5.8)
221292104 Fix to address failure to capture requests in Debug sessions involving PostClientFlow ServiceCallouts. (Fixed in Apigee X, May 9, 2022)
221266789 Hybrid logging functionality has been reworked. This should resolve issues with excessive log volume generation, frequent logger restarts, and ensure correct logger functionality with both docker and containerd runtimes. (Fixed in Apigee hybrid v1.6.7)
219622478 Fixed the CPS property token so that when set to true, it will allow the instance to shutdown and reboot when cassandra connection failures occur. (Fixed in Apigee hybrid v1.7.3)
216018530 Fixed an issue where the apigee-logger-apigee-telemetry DaemonSet could still be left running after turning off logger. (Fixed in Apigee hybrid v1.7.1)
213261445 Fixed reliance on keystore generated by cert manager for metrics endpoint and removed the need for a custom generate_cert script. (Fixed in Apigee hybrid v1.6.7)
211716827 Fixed an issue where a non-default gateway could cause routing errors in certain circumstances. (Fixed in Apigee hybrid v1.7.1)
205616792 Fixed core dump on running user schema setup. (Fixed in Apigee hybrid v1.7.1)
202950533 Remove the server header from all responses. This will be consistent with CG SaaS and OPDK. (Fixed in Apigee hybrid v1.8.0)
202403896 Upgrade to Apigee hybrid v1.6 from v1.5 could fail due to annotation size. (Fixed in Apigee hybrid v1.5.8)
Bug ID Description
230369447 Security fix for commons-codec (Fixed in Apigee hybrid v1.8)
230368838 Security fix for CVE-2018-10237, auto-value:guava (Fixed in Apigee hybrid v1.8)
230366823 Security fix for jackson-databind (Fixed in Apigee hybrid v1.8)
230366589 Security fix for CVE-2021-22696-cxf in cxf (Fixed in Apigee hybrid v1.8)
229804717 Security fix for CVE-2021-3711 (Fixed in Apigee hybrid v1.8, v1.7, v1.6)
229804942 Security fix for CVE-2022-0778 (Fixed in Apigee hybrid v1.8)
N/A Miscellaneous Security updates and fixes.

The apigeectl --verbose option has been deprecated. It is replaced with the --v option which lets you specify the log verbosity level in the format --v=int, for example apigeectl apply --v=5. See apigeectl for details.

August 18, 2022

Apigee Connectors

Support for private connectivity through Private Service Connect (PSC)

On August 18, 2022, we released PSC support for hostname configuration in Apigee Connectors.

For all the connectors that require a hostname and port configuration, you can now see a Destinations section when creating the connector. In this section, you must enter the details of the remote host (backend system) you want to connect. You can now specify the destination details either as a host address or a service attachment.

August 15, 2022

Apigee Connectors

Preview release of new Connectors for Apigee

On August 15, 2022, we released the preview version of the Oracle DB connector for Apigee. For more information, see Create a Oracle DB connection.

August 11, 2022

Apigee X

On August 11, 2022 we released an updated version of Apigee X.

This release contains the new Abuse page in Advanced API Security, which displays information about bots that have been detected by analysis of your API traffic. The Abuse page displays the IP addresses of detected bots, as well as their locations, the bot rules that led to their detection, and other details.

August 10, 2022

Apigee Integration

On August 10, 2022 we released an updated version of the Apigee Integration software.

Support for VPC Service Controls (Preview)

VPC Service Controls lets you define a security perimeter around the Apigee Integration Google Cloud service. For more information, see Set up VPC Service Controls for Apigee Integration.

August 03, 2022

Apigee API hub

On August 3, 2022 Apigee hub released a new version of the software.

Bug ID Description
241241073 Changed API hub UI route prefix from apigee/api-registry to apigee/hub. The previous apigee/api-registry path will still continue to work, but will redirect to apigee/hub automatically.

July 29, 2022

Apigee hybrid

hybrid v1.7.3

On July 29, 2022 we released an updated version of the Apigee hybrid software, v1.7.3.

For information on upgrading, see Upgrading Apigee hybrid to version 1.7.

Bug ID Description
219622478 Fixed the CPS property token so that when set to true, it will allow the instance to shutdown and reboot when cassandra connection failures occur.
238370197 Fixed an issue where the timeTaken variable's value could sometimes be calculated incorrectly.
Bug ID Description
N/A Security fix for CVE-2022-22963.

July 27, 2022

Apigee API hub

On July 27, 2022 Apigee hub released a new version of the software.

Bug ID Description
230374510 Mitigated issue where specs over 900KB (uncompressed) in size caused timeouts when trying to view their contents, and in turn caused instability with future requests for a short period of time. A warning message is now displayed when attempting to view specs that exceed 900KB.
230374510 Fixed issue where viewing spec files that had a file extension of .gz would allow only download of the file and would not display the contents of the file, if supported.

July 25, 2022

Apigee X

On July 25, 2022, we released an updated version of Apigee X (1-8-0-apigee-23).

Bug ID Description
N/A Upgraded infrastructure and libraries

July 21, 2022

Apigee X

On July 21, 2022 we released an updated version of Apigee X.

The Advanced API Security's target assessment, which evaluates the security of target servers in your API, is now available. See Security scores in the Apigee UI to learn more.

July 19, 2022

Apigee UI

On July 19, 2022 we released an updated version of the Apigee UI.

The Needs Attention Table in Advanced API Security Scores now use links instead of buttons. This fixes font and alignment issues inside the table rows.

Bug ID Description
238248377 The Needs Attention Table in Advanced API Security Scores was not showing target components. This has been fixed.

July 09, 2022

Apigee Integration

On July 09, 2022 we released an updated version of the Apigee Integration software.

Data Mapping task enhancements

The Data Mapping task in Apigee Integrations now provides the following enhancements:

  • Nested function support. You can pass one or more transformation functions as input parameters to another function.
  • New transformation functions. You can use the following new transform functions for array-type variables:

    • FILTER - Filters the array elements that satisfy a given condition.
    • FOR_EACH - Applies one or more transformation functions for each element in an array.
  • Subfield mapping support for JSON variables. You can view and search all the subfields of a JSON variable in the data mapping editor variable list.

For more information, see the Data Mapping task.

July 08, 2022

Apigee hybrid

hybrid v1.6.9

On July 8, 2022 we released an updated version of the Apigee hybrid software, v1.6.9.

For information on upgrading, see Upgrading Apigee hybrid to version 1.6.

Bug ID Description
236129944 Fixed the controller crashloopbackoff due to null pointer issue.
234620567 Fix logger issue in Anthos BareMetal with CentOS.
231313050 Fixed issue causing Apigee logger pod to remain in crashloopbackoff state.
233094108 Fixed Stacktrace truncation in runtime containers to support proxy diagnosis.

July 06, 2022

Apigee API hub

On July 6, 2022 Apigee hub released a new version of the software.

Bug ID Description
229852942 The error message displayed has been clarified for the case where the uploaded spec file type was not gzip, but the mime type selected was gzip.

July 01, 2022

Apigee UI

On July 1, 2022, we released an updated version of the Apigee UI.

This release contains a new version of the Debug tab in the Apigee Proxy Editor. Following previous releases of new versions of the Overview and Develop tabs, this completes the initial release of the new Proxy Editor.

To view the new Debug tab, see Using Debug.

June 30, 2022

Apigee Connectors

Preview release of new Connectors for Apigee

On June 30, 2022 we released the preview version of new connectors for Apigee.

Apigee X

On June 30, 2022 we released an updated version of Apigee X.

This release contains the Public Preview of Advanced API Security, which protects your APIs from unwanted requests, including attacks by malicious clients such as bots, and evaluates the security level of your API configurations.

Advanced API Security lets you:

  • Create security reports to detect bots and other threats to your APIs.
  • View security scores, which rate the security of your APIs and provide recommendations for improving security.

June 27, 2022

Apigee API hub

On June 27, 2022 Apigee hub released a new version of the software.

Bug ID Description
227334287 An improved error dialog is displayed when an error occurs on API delete.
229852889 Reference lists now filter out their parent API to prevent self-references.
232250641 Resource IDs generated from names are now automatically truncated or padded to conform to length requirements.
236744313 Fixed an issue where the spinning progress indicator would not go away.

June 24, 2022

Apigee hybrid

hybrid v1.7.2

On June 24, 2022 we released an updated version of the Apigee hybrid software, v1.7.2.

For information on upgrading, see Upgrading Apigee hybrid to version 1.7.

Bug ID Description
233094108 Fixed Stacktrace truncation in runtime containers to support proxy diagnosis.
236129944 Fixed the controller crashloopbackoff resulting from null pointer.
231313050 Fixed issue causing Apigee logger pod to remain in crashloopbackoff state.
236399482 Added support for ASM v1.13.

June 23, 2022

Apigee Integration

On June 23, 2022 we released an updated version of the Apigee Integrations software.

Apigee Integration trials

Starting with this release, Apigee Integrations is available in an Apigee Eval org which lets you try out the integrations feature without getting billed for the usage. For information, see Enable integrations in an eval org.

Updates to SetIntegrationRequest policy

The SetIntegrationRequest policy has the following updates:

  • Support for ref attribute in the <Parameter>, <ParameterArray>, and <Value> elements. By using this attribute, you can assign flow variable values to the parameters.

  • Empty  <Parameter> and <ParameterArray> elements are supported. However, if these elements are empty, Apigee treats the element value as null.

  • Empty <Value> element is not supported. If the element is empty, Apigee reports an error.

June 21, 2022

Apigee Integrated Portal

On June 21, we released an updated version of Apigee integrated portal.

Added the ability to sort by Name and Created fields in the Apps and Teams tables. Click the column heading to sort.

Apigee UI

On June 21, 2022 we released an updated version of the Apigee UI,

The Data Collectors UI is now generally available.

A search bar has been added to the new Proxy Editor Develop view. This lets you search for items within a proxy or sharedflow bundle.

Apigee X

On June 21, 2022, we released an updated version of Apigee X (1-8-0-apigee-18).

Bug ID Description
234355351 Fixed issue with message processor pods restarting frequently. Added backoff polling task for Cloud KMS key listener. The listener is paused only when the flush policy is met.
N/A Upgraded infrastructure and libraries.

June 14, 2022

Apigee Integrated Portal

On June 14, we released an updated version of Apigee integrated portal.

Use a GraphQL schema to publish your APIs to an integrated portal.

For details, see:

June 06, 2022

Apigee API hub

On June 6, 2022 Apigee hub released a new version of the software

Bug ID Description
234772624 Fixed an issue where an API could not be deleted if it had deployments.

June 02, 2022

Apigee X

On June 2, 2022, we released an updated version of Apigee X.

Apigee X APIs for managing key value entries in a key value map scoped to an organization, environment, or API proxy are now available. For more information, see the Apigee API reference documentation.

Apigee hybrid

hybrid v1.7.1

On June 2, 2022 we released an updated version of the Apigee hybrid software, v1.7.1.

For information on upgrading, see Upgrading Apigee hybrid to version 1.7.

Bug ID Description
233349518 Fixed "Invalid Resource" error generated for job/apigee-resources-install.
232977937 Fixed an issue where deployment would become stuck on "Applying routing changes on" for multiple ingress gateways.
216018530 Fixed an issue where the apigee-logger-apigee-telemetry DaemonSet could still be left running after turning off logger.
226964206 MART, runtime and synchronizer would write to the pod file system.
211716827 Fixed an issue where a non-default gateway could cause routing errors in certain circumstances.
225198475 Fixed an issue where resource reference changes could not be detected.
225939342 Fixed an error where deployment status would show as "Applying routing changes on {env}".
229824389 Fixed an issue in hybrid 1.7.0 where the output apigeectl init could be generated in the wrong order.
229639530 Fixed an error harmonizing the container process ID to use Apigee ID for Hybrid on OpenShift
229804717 Fixed upgrade envoy to use distroless v1.22.0.
227538469 Fixed an issue where configuration actions would write logs to the pod file system.
205616792 Fixed core dump on running user schema setup.
225081332 Fixed allow privileged pods issue.

May 31, 2022

Apigee UI

On May 31, 2022 we released an updated version of the Apigee UI.

API Monitoring Timeline charts were not displayed correctly in the Timeline view.

Previously, you needed to navigate to another API Monitoring view (such as Investigate) and then return to the Timeline view to see charts. This has been fixed: now you can go directly to the Timeline view to see charts.

Apigee hybrid

hybrid v1.6.8

On May 31, 2022 we released an updated version of the Apigee hybrid software, v1.6.8.

For information on upgrading, see Upgrading Apigee hybrid to version 1.6.

Bug ID Description
233349518 Fixed "Invalid Resource" error generated for job/apigee-resources-install.
225939342 Fixed an error where deployment status would show as "Applying routing changes on {env}".
225198475 Fixed an issue where resource reference changes could not be detected.
232977937 Fixed an issue where deployment would become stuck on "Applying routing changes on" for multiple ingress gateways.
229804717 Fixed upgrade envoy to use distroless v1.22.0.

May 25, 2022

Apigee Connectors

Preview release of new Connectors for Apigee

On May 20, 2022, we released the preview version of the Connectors for Apigee.

The Zendesk connector is available for Apigee. For more information, see Zendesk connection.

Apigee UI

You can now create and manage Private Service Connect (PSC) endpoint attachments in the Apigee UI. For details, see Creating an endpoint attachment.

May 23, 2022

Apigee X

On May 23, 2022, we released an updated version of Apigee X (1-8-0-apigee-9).

Bug ID Description
N/A Upgraded infrastructure and libraries

May 18, 2022

Apigee Monetization

On May 18, 2022 we released an updated version of the Apigee Monetization software.

Apigee X now supports export of additional fee-based values for organizations using monetization. For more information, see Generating monetization reports.

Apigee UI

On May 18, 2022, we released an updated version of the Apigee UI.

May 16, 2022

Apigee API hub

On May 16, 2022 Apigee hub released a new version of the software.

Bug ID Description
232129385 Users without artifact write permission encountered errors when loading various pages if the default API hub artifacts were not yet initialized by the system.

May 12, 2022

Apigee Connectors

Preview release of new Connectors for Apigee

On May 12, 2022, we released the preview version of new Connectors for Apigee.

The following new connectors are available for Apigee:

May 11, 2022

Apigee Integrated Portal

On May 11, 2022 we released an updated version of the Apigee Integrated Portal software.

Bug ID Description
228603948 Fixed an issue that prevented users from editing custom fields for account creation and signup.
228339667 Documentation now reflects support for the STARTTLS SMTP authorization type.
227511014 Fixed an issue that prevented V1 Portals from being upgraded to V2.
224991572 Improvements to the Get Started documentation bundled with a new portal. Create a new portal and then click Get Started to see the new content.
220980189 Fixed issue with publishing API Products on a Portal when the organization has over 1,000 API Products.
218320618 Page descriptions are now limited to 1,000 characters. Page content is now limited to 1 MB.
210651558 Fixed issue where adding a new API Product subscription to an App would remove all scopes on the Apps credentials.
Apigee hybrid

hybrid v1.6.7

On May 11, 2022 we released an updated version of the Apigee hybrid v1.6.7 software.

For information on upgrading, see Upgrading Apigee hybrid to version 1.6.

Bug ID Description
227600373 Fixed an installation issue with Cassandra.
227538469 Configuration actions would write logs to the pod file system.
226964206 MART, runtime and synchronizer would write to the pod file system.
226464960 Apigee hybrid fresh installations on OpenShift 4.6 and 4.8 would fail.
225081332 Allow privileged pods issue.
224620542 On some Kubernetes platforms, logging would fail without adding an empty directory for the logs.
223081301 Fixed organization-level UDCA incorrect http-proxy secret name.
222649295 Organization-level UDCA would hang.
221266789 Hybrid logging functionality has been reworked. This should resolve issues with excessive log volume generation, frequent logger restarts, and ensure correct logger functionality with both docker and containerd runtimes.
213261445 Fixed reliance on keystore generated by cert manager for metrics endpoint and removed the need for a custom generate_cert script.
205616792 Fixed core dump on running user schema setup.

May 10, 2022

Apigee hybrid

May 09, 2022

Apigee API hub

On May 9, 2022 Apigee hub released a new version of the software.

Bug ID Description
231715589 When viewing the API hub getting started page in the Google Cloud console, if you switched to another un-provisioned project, the browser encountered a redirect loop.
Apigee X

On May 9, 2022 we released an updated version of the Apigee X software (1-8-0-apigee-5).

The GoogleIDToken.Audience tag now includes the useTargetUrl attribute to simplify audience configuration of Google ID tokens for Apigee policies.

Bug ID Description
221292104 Fix to address failure to capture requests in Debug sessions involving PostClientFlow ServiceCallouts.
228855520 Upgraded ASM to the latest version.
Bug ID Description
217497793 A security issue was addressed.

May 04, 2022

Apigee API hub

On May 4, 2022 Apigee API hub began the release of a new version of the software for Public Preview.

At Public Preview, products or features are ready for testing by customers. Preview offerings are often publicly announced, but are not necessarily feature-complete, and no SLAs or technical support commitments are provided for these. Unless stated otherwise by Google, Preview offerings are intended for use in test environments only.

Added the API Hub label in the Apigee community.

Added provisioning instructions.

Documentation: Provision API hub

Added instructions on how to get support.

Documentation: Get support

Action buttons in the UI are now disabled if you do not have appropriate permissions to perform the action.

Apigee Integrated Portal

On May 4, 2022 we released an updated version of the Apigee Integrated Portal software.

Error messages for rejected logins for an inactive user are now more informative to the user.

Emails from portal-sso will either be the email address of the sender that the user sets up in the custom smtp settings, or it will be no-reply@google.com, instead of the human-readable name orgname-portalname. This screenshot illustrates emails sent from portal-sso in e2e. It shows one email with custom smtp settings (tsnow-custom-smtp) and one email with the default settings (no-reply).

Bug ID Description
220993729 Portal SSO showed the Apigee domain when hovering over footer links in third-party web pages.
220188030 Reset password was not working for LDAP configurations.
214146121 An authentication issue with Apigee SSO has been fixed.
204952689 Fixed miscellaneous logback error.
194469693 Enabled SAML config error so that it is visible.
194053231 Added server-side validation for the password field. If the password is non-compliant, the response is 422:Unprocessable Entity.
190609332 Improved error output for failures while enabling SSO for Apigee
157131343 Added support for the parenthesis () and plus + characters for built-in IDP custom fields. Other special characters will continue to be blocked due to security reasons.
ID Description
200604177 Upgraded jQuery and Bootstrap
Apigee UI

On May 4, 2022 we released an updated version of the Apigee UI.

We have released a new version of the Develop tab in the Proxy Editor. See Introducing the new Proxy Editor.

April 27, 2022

Apigee API hub

On April 27, 2022 Apigee hub released a new version of the software.

All system taxonomy descriptions are now editable.

April 22, 2022

Apigee X

On April 22, 2022 we released an updated version of the Apigee X software (1-7-0-apigee-34).

Bug ID Description
N/A Upgraded infrastructure and libraries
Apigee hybrid

hybrid v1.5.10

On April 22, 2022 we released an updated version of the Apigee hybrid v1.5.10 software.

For information on upgrading, see Upgrading Apigee hybrid to version 1.5.

Bug ID Description
225169066 Cassandra database backup and restore was not working when http_proxy is enabled under certain circumstances.
221885751 Hybrid logging functionality has been reworked. This should resolve issues with excessive log volume generation, frequent logger restarts, and ensure correct logger functionality with both docker and containerd runtimes.
202403896 Upgrade to Apigee hybrid v1.6 from v1.5 could fail due to annotation size.
221885751 Multiple issues with the Hybrid logging functionality have been addressed.

April 20, 2022

Apigee API hub

On April 20, 2022 Apigee hub released a new version of the software.

Changed columns in the History table:

  • Changed Date & time to Updated
  • Changed Comment to Commit history
  • Added ID, which is the ID of the revision as it appears in the registry API.

April 18, 2022

Apigee UI

On April 18, 2022, we released an updated version of the Apigee UI.

The UI for managing Apigee instances has been updated and improved:

  • You can now specify a list of accepted Cloud projects that can privately connect to the instance's service attachment.
  • The New Instance dialog is replaced by a dedicated Create new instance configuration page with fields for specifying or creating a disk encryption key and for editing the list of accepted projects.
  • The Edit instance dialog is replaced by a dedicated page that lets you add or remove environments and edit the list of accepted projects that can privately connect to the instance's service attachment.
  • The UI now lets you select the disk encryption key from a list and provides a convenient flow if you want to create a new key.
  • The UI for deleting an instance has changed. There is now a DELETE button on the Instance details page.

For more information, see Managing instances.

Bug ID Description
229008583 When opening the Apigee UI in multiple tabs with different orgs, some cache entries were not being synched. This has been fixed.
204429957 Make ClientSpecificResourceService and ClientResourceNamePipe return plain values. Previously, methods on those classes returned observables. Now they return values.
Apigee hybrid

Apigee hybrid v1.7.0

On April 18, 2022 we released Apigee hybrid v1.7.0.

For information on upgrading, see Upgrading Apigee hybrid to version 1.7.

mTLS communication between Cassandra clients and Cassandra nodes

Apigee hybrid now supports mTLS communication between Cassandra clients (MART, Sync, and MP) and Cassandra nodes. For related ports used, see feedbackSecure ports usage. (Implemented in Apigee hybrid v1.7.0)

Custom metrics scaling

Apigee hybrid v1.7.0 now supports custom metrics scaling using the metrics:appStackdriverExporter and metrics:proxyStackdriverExporter configuration properties. See metrics in the Configuration properties reference. (Implemented in Apigee hybrid v1.7.0)

OAuth JWT access tokens

Apigee hybrid v1.7.0 now supports JWT operations that allow the OAuthV2 policy to generate, verify, and refresh access tokens that conform to the JWT token standard. See Using JWT OAuth tokens. (Implemented in Apigee hybrid v1.7.0)

Cloud Logging

Apigee hybrid v1.7.0 now supports the <CloudLogging> element in the MessageLogging policy that lets you log messages to Cloud Logging. (Implemented in Apigee hybrid v1.7.0)

PublishMessage policy

Apigee hybrid v1.7.0 now supports the PublishMessage policy that lets you publish your API proxy flow information to a Google Cloud Pub/Sub topic.

GraphQL policy now supports JSON-encoded payloads. (Implemented in Apigee X, March 15, 2022)

Bug ID Description
224577096 Support Added for Anthos Service Mesh 1.12 (Fixed in Apigee hybrid v1.6.6)
219523719 Fix to address CPU and memory consumption when debug-session is enabled with response-status as the filtering criteria. (Fixed in Apigee X, March 15, 2022)
217386412 Change the property set logging level to fine when property is not found. (Fixed in Apigee hybrid v1.6.5)
215773113 Setting the securityPolicy appeared to have no effect for specific configurations. (Fixed in Apigee hybrid v1.6.5)
214960081 HTTPS endpoints could be called as HTTP resulting in an "EOF unexpected" error. (Fixed in Apigee hybrid v1.6.4)
211787541 Errors displayed in synchronizer logs for stale contracts. (Fixed in Apigee hybrid v1.6.5)
210590135 Invalid protocol in proxy.url flow variable in Apigee X. The proxy.url flow variable could show as http even when the request is https. (Fixed in Apigee hybrid v1.6.4)
210314786 The backup utility did not work with workload identity. (Fixed in Apigee hybrid v1.6.4)
209622008 Dynamic updates to rate in spike arrest are now reflected immediately. (Fixed in Apigee X, March 15, 2022)
209484701 Invalid client IP sent to analytics. (Fixed in Apigee hybrid v1.6.5)
209097822 Fixed and issue where SpikeArrest was not reflecting updated rate (Fixed in Apigee hybrid v1.6.3)
208474799 Apigee hybrid now supports ASM version 1.12. See Supported platforms for ASM version support for each supported version of Apigee Hybrid. (Fixed in Apigee hybrid v1.7.0)
208322185 Apigee hybrid Cassandra backup and restore can now use either a user-provided custom secret or a generated secret (Fixed in Apigee hybrid v1.6.3)
207762842 Hybrid logging functionality has been reworked. This should resolve issues with excessive log volume generation, frequent logger restarts, and ensure correct logger functionality with both docker and containerd runtimes.(Fixed in Apigee hybrid v1.7.0)
207618262 Fixed an issue where SpikeArrest opened too many connections to redis-envoy. (Fixed in Apigee hybrid v1.6.3)
207400645 Allow direct reads from API server to API client when enabled. (Fixed in Apigee hybrid v1.6.3)
205820658 Fixed an issue where Apigee X/hybrid Debug could show the authorization header. (Fixed in Apigee hybrid v1.6.3)
205810988 Resolve suspension dialog displayed "user not authorized" message for regions other than US This has been fixed. Location information is now added into the suspension URL from Apigee. (Fixed in Apigee X, December 02,2021)
205732137 Handle Quota correctly when the Operation group is set with empty string params (Fixed in Apigee hybrid v1.6.3)
205148816 Product Level Quota Info now available in Proxy. (Fixed in Apigee hybrid v1.6.3)
204943895 Quota Policy in Shared Flow now working properly. (Fixed in Apigee hybrid v1.6.3)
204943880 Fixed issue where SpikeArrest in Shared Flow did not have context of API Proxy. (Fixed in Apigee hybrid v1.6.3)
204905727 GenerateResponse was hanging on response flow when enabled=true. (Fixed in Apigee hybrid v1.6.5)
204368970 TLS variables are now set by Apigee Runtime. (Fixed in Apigee hybrid v1.6.3)
204146857 Fixed an issue where new environments were not created in Apigee hybrid deployment. (Fixed in Apigee hybrid v1.6.3)
203785814 A transient error could occur when calling conversion webhook for Apigee Telemetry. The error would occur when Apigee CRD is installed too early in the sequence. The installer job now checks for the correct sequence. (Fixed in Apigee hybrid v1.6.4)
203468593 Corrected the storageclass property name. (Fixed in Apigee hybrid v1.5.5)
203462573 The StorageClass set in overrides was not honored. (Fixed in Apigee hybrid v1.6.1)
202560276 AKS - containerd broke apigee-logger. (Fixed in Apigee hybrid v1.6.1)
202309278 Monetization: Eliminated a race condition that could make a prepaid developer's balance appear incorrect. (Fixed in Apigee hybrid v1.6.2)
202299966 Added new remote-address-related headers and modified the headers to be RFC compliant. (Fixed in Apigee hybrid v1.6.3)
200918549 There was an issue when using forward proxy with the ApigeeConnect agent. (Fixed in Apigee hybrid v1.6.1)
200700375 Fixed API products sorting issue in UI. Previously, sorting was disabled on the API products page. Sorting is now enabled. (Fixed in Apigee X, September 23, 2021)
200648523 Trace Variable, is_request_blocked, was showing incorrect information. (Fixed in Apigee hybrid v1.6.2)
199952038 The apigeectl command uses the new --restore flag to restore Cassandra to a previously saved snapshot. For more information, see Restoring in a single region. (Fixed in Apigee hybrid v1.6.6)
199807323 Updating Developer would reset the Developer billing type attribute (Fixed in Apigee hybrid v1.6.2)
199541025 Transaction ID is now required to be unique when used with prepaid developer balance credit API. (Fixed in Apigee hybrid v1.6.2)
198549304, 197730687, 196937143, 188370635, 187890034 Error state for conflicting dates is now correct. (Fixed in Apigee hybrid v1.6.2)
198036824 The securityContext was empty when it should have been populated. (Fixed in Apigee hybrid v1.6.1)
197945951 Stale DNS record in MP memory could cause an outage for a proxy. (Fixed in Apigee hybrid v1.6.4)
197910247 SetDialogflowResponse Policy - JSONPath expressions were not working. (Fixed in Apigee hybrid v1.6.1)
197711066 Cluster upgrade failed due to PDB (PodDisruptionBudget) policy not being met. (Fixed in Apigee hybrid v1.6.1)
196095557 Fixed proxy high response times. (Fixed in Apigee hybrid v1.5.4)
196024622 Hybrid images contained keys. (Fixed in Apigee hybrid v1.6.1)
196024483 Hybrid images did not set USER instruction when building the container. (Fixed in Apigee hybrid v1.6.1)
193799009 Fixed wrong status code shown on trace with ServiceCallout in PostClientflow. (Fixed in Apigee hybrid v1.5.4)
193520269 Fixed Apigee UI not showing the trace UI. (Fixed in Apigee hybrid v1.5.4)
193041253 Cassandra upgraded to v3.11.9 The Cassandra database in Apigee hybrid v1.7.0 has been upgraded to version 3.11.9. (Fixed in Apigee hybrid v1.7.0)
192987085 Fixed the ApiProductNotFound exception, which occurred when you deleted an API product but the deletion of associated rate plans was pending. (Fixed in Apigee X Monetization, November 3, 2021)
191853747 Apigee Workload Identities not working for specific configurations. (Fixed in Apigee hybrid v1.6.5)
190679584 There was an Incorrect error message on deploying AssertCondition policy with invalid condition. (Fixed in Apigee hybrid v1.6.1)
189341334 Fixed an issue to eliminate the potential for connection leaks for the watcher component. (Fixed in Apigee hybrid v1.6.3)
188407113 Invalid value in the ConsumptionPricingType during rate plan creation displayed the 500 status code. Now the status code for an invalid value is 4xx. (Fixed in Apigee X Monetization, November 3, 2021)
181259284 Fixed unresolved flow variables system.region.name and system.pod.name. (Fixed in Apigee hybrid v1.5.4)
180672249 FlowCallout succeeded, although SharedFlow had errors in deployment. (Fixed in Apigee hybrid v1.6.1)
173738907 Fixed support resource request/limit in override.yaml in apigee-metrics. (Fixed in Apigee hybrid v1.5.4)
173566787 Reuse existing target IPs if DNS resolution fail on DNS cache refresh. (Fixed in Apigee hybrid v1.6.5)
111777025 LookupCache: cachehit was shown false in trace when the actual value was true. (Fixed in Apigee hybrid v1.6.5)N/A
N/A If there is more than one SpikeArrest policy in a bundle, 502 errors will occur. (Fixed in Apigee X, December 12, 2021)
N/A If ServiceCallout is "fire and forget" (no tag), a race condition can occur if there is another policy that occurs after it. (Fixed in Apigee X, December 12, 2021)
N/A Fix bug delete dialog does not open Previously, on click of delete dialog, the dialog was not appearing, this fixes it (Fixed in Apigee X, October 05, 2021)
N/A Dynamic updates to rate in SpikeArrest may not reflect immediately. (Fixed in Apigee X, December 12, 2021)
Bug ID Description
217743790 ** Cassandra backup would run as privileged.**
204994504 Container Vulnerability fixed: CVE-2018-12934. (Fixed in Apigee hybrid v1.6.5)
N/A Multiple security fixes including CVE-2019-5021. (Fixed in Apigee hybrid v1.6.5)
N/A Miscellaneous Security updates and fixes. (Fixed in Apigee X, December 12, 2021)
205820658 A security issue was addressed. (Fixed in Apigee hybrid v1.6.2-hotfix.1)

"Apigee Deployer" role deprecated and replaced by "Apigee Environment Admin" The environment role "Apigee Deployer" has been deprecated, and replaced by "Apigee Environment Admin". (Implemented in Apigee X, December 2, 2022)

April 11, 2022

Apigee Connectors

Preview release of new Connectors for Apigee

On April 12, 2022, we released the preview version of new Connectors for Apigee.

April 05, 2022

Apigee Integrated Portal

On April 5, 2022 we released an updated version of the Apigee Integrated Portal software.

Bug ID Description
220377670 Fixed an issue that prevented users from uploading svg and ico files.
217600695 Menus will scroll when they don't fit on the page.
174476355 When adding a custom registration field in the accounts-authentication UI for creating/editing a portal, the allowed characters for a custom field has been limited to letters, numbers, and spaces.

April 04, 2022

Apigee API hub

On April 4, 2022 Apigee hub released a new version of the software.

Delete dialogs will now remain open while the delete operation is being processed.

Bug ID Description
226195254 Lifecycle replacements did not take effect on lifecycles that were assigned to versions.

March 31, 2022

Apigee API hub

On March 31, 2022 Apigee hub released a new version of the software.

Added ability to specify the MIME type of the initial spec file when registering a new API.

Documentation: Register APIs

Added ability to specify the MIME type of the spec file when uploading a new revision.

Documentation: Manage revisions

Apigee X

On March 31, 2022, we released an updated version of Apigee X.

You can now use Private Service Connect (PSC) to connect to Apigee. This architectural pattern eliminates the need to create managed instance groups to forward requests from the global load balancer to Apigee. For details, see Using Private Service Connect.

March 29, 2022

Apigee X

On March 29, 2022, we released an updated version of Apigee X (1-7-0-apigee-28).

Bug ID Description
N/A Upgraded infrastructure and libraries

March 28, 2022

Apigee API hub

On March 28, 2022 Apigee hub released a new version of the software.

Bug ID Description
226194605 The design style was not saved on API update.
226184510 The related and dependencies edit forms were blank when opened.
Apigee X

On March 28, 2022 we released an updated version of Apigee X.

You can now use Private Service Connect (PSC) to connect Apigee with backend target services running in VPC networks other than the one that is peered with your Apigee organization. For details, see Southbound networking patterns.

March 24, 2022

Apigee Analytics

On March 24, 2022, we released a new version of the Apigee Analytics software.

We welcome your feedback about the anomaly events feature in Advanced API Operations. If you have received an anomaly alert, you can send feedback about the alert in the API Monitoring Investigate dashboard by clicking the Anomaly Feedback button at the top of the Anomaly Event Details pane.

Apigee hybrid

hybrid v1.6.6

On March 24, 2022 we released an updated version of the Apigee hybrid v1.6.6 software.

For information on upgrading, see Upgrading Apigee hybrid to version 1.6.

Bug ID Description
224577096 Support Added for Anthos Service Mesh 1.12
204368970 Fixed a bug in TLS variables population
199952038 The apigeectl command uses the new --restore flag to restore Cassandra to a previously saved snapshot. For more information, see Restoring in a single region.

hybrid v1.5.9

On March 24, 2022 we released an updated version of the Apigee hybrid v1.5.9 software.

For information on upgrading, see Upgrading Apigee hybrid to version 1.5.

Bug ID Description
224577096 Support Added for Anthos Service Mesh 1.12
204368970 Fixed the bug in TLS variables population

March 22, 2022

Apigee X

On March 22, 2022, we released an updated version of the Apigee X software.

Support for conditions in IAM policies

You can add resource conditions in your IAM policies. A resource condition lets you have granular control over your Apigee resources. For more information, see Adding resource conditions in IAM policies.

March 17, 2022

Apigee API hub

On March 17, 2022 Apigee API hub released a new version of the software.

Added Related and Dependencies reference list cards to the API detail page.

Added ability to edit the links in the Related and Dependencies reference list cards.

Added title to the APIs list page.

Documentation: Customize the display

Updated the API History table to use the filename as the link to the spec detail page, instead of the timestamp, and swapped the order of the Filename and Date/Time columns.

Documentation: Manage revisions

Changed the label of the "Revision History" tab on the API detail page to "History".

Documentation: Manage revisions

Changed the System icon from a Lock to a Check and changed the Search filter from a Circled Check to a Check on the Taxonomies page.

Documentation: Manage taxonomies

Bug ID Description
224570429 Some pages did not set a proper page title.
223927791 There was a typo in the API Edit deployment form.
222122131 The API Document buttons in the API Deployments table did not update when a version was deleted or updated.
219989013 Line breaks did not render in API descriptions.
218682838 Could not delete the last revision of a spec if it had artifacts attached.
210991828 On the Taxonomy edit form, if an element name generated an ID that was too short or too long, a submit error occurred.
201782973 The API Filter form on the APIs list page did not take focus when opened.

March 15, 2022

Apigee X

On March15, we released version 1.7x of Apigee X (1-7-0-apigee-22).

GraphQL policy now supports JSON-encoded payloads.

KVM pagination support now available (via the API only).

Note: When using the GraphQL policy, you can only provide one graphQL schema for verification in an environment.

Bug ID Description
209622008 Dynamic updates to rate in spike arrest are now reflected immediately.
219523719 Fix to address CPU and memory consumption when debug-session is enabled with response-status as the filtering criteria.

March 07, 2022

Apigee API hub

On March 7, 2022 Apigee API hub released a new version of the software.

Added ability to mark a deployment as the recommended deployment for an API.

Added tag to the Deployments table to identify which deployment is currently set as the recommended deployment for the API.

Added a button to the Deployments table that displays the version of the documentation revision that is currently assigned to the deployment and navigates to the documentation view of the revision, when clicked.

Added a button to the APIs list and API detail page that displays the version of the documentation revision that is currently assigned to the recommended deployment and navigates to the documentation view of the revision, when clicked.

Added button to the API detail page that opens the access information panel for the recommended deployment of the API, when clicked.

Changed the "Version" column in the Deployments table to "Documentation".

Added tab for display settings to the Settings page.

Added ability to define an organization name that will be used in the UI to identify APIs owned by the user's organization.

Items in the Deployment selection field in the Get Access side panel now signify if the deployment does not have any access information defined.

Bug ID Description
221265023 Fixed issue where the Get Access button in the Deployment list was visible even if the deployment had no access information.
221265023 Fixed issue where the Deployment selection field in the Get Access side panel would allow you to select deployments that had no access information defined.

March 03, 2022

Apigee Adapter for Envoy

Envoy adapter v2.0.5

On March 3, 2022 we released a new version of Apigee Adapter for Envoy v2.0.5.

Security release to address a Denial of Service (DoS) risk in the prometheus library. See CVE-2022-21698.

Apigee X

On March 3, 2022, we released new features for the Public Preview of configurable API proxies. To learn more, see Introduction to configurable API proxies.

HTTP request transforms are now available for use with configurable API proxies.

With HTTP request transforms, configurable API proxy developers can quickly rewrite HTTP request paths, header, and query parameters using HTTP Request Transforms. Rewriting is enabled using a simple configuration that can reference incoming path template segments, header values, or query parameter values.

For more information, see HTTP request transforms for configurable proxies.

Google authentication for securing targets is now supported when using configurable API proxies.

With this feature, configurable API proxy developers can secure their Google backend services using Google OAuth and automatically grant access to authorized API consumers. This offers the advantage of seamless integration with other Google services, without requiring API producers to manage private keys.

For more information, see Securing targets for configurable proxies.

Southbound mTLS can be enabled for use with configurable API proxies .

By adding south bound mTLS functionality to configurable proxies, Apigee customers can seamlessly maintain their current usage of mTLS when transitioning to the use of configurable proxies, or increase security for communications between existing configurable proxies and their backends.

For more information, see Enable south bound mTLS for configurable proxies.

Configurable API proxies now support the use of template variables.

Apigee property sets can be used to specify template variables for configurable API proxies in archive deployments. This feature enables customers to use string templates in their proxy configuration YAML files.

For more information, see Template variables for configurable proxies.

March 01, 2022

Apigee hybrid

hybrid v1.5.8

On March 1, 2022 we released an updated version of the Apigee hybrid v1.5.8 software.

For information on upgrading, see Upgrading Apigee hybrid to version 1.5.

Bug ID Description
219523719 Fix to address the CPU and memory consumption when debug-session is enabled with response-status as the filtering criteria.
217386412 Change the property set logging level to fine when property is not found.
215773113 Setting the securityPolicy appeared to have no effect for specific configurations.
209484701 Invalid client IP sent to analytics.
189233354 Distributed tracing with Jaeger would error out.
Bug ID Description
N/A Multiple security fixes including CVE-2019-5021.

February 28, 2022

Apigee hybrid

hybrid v1.6.5

On February 28, 2022 we released an updated version of the Apigee hybrid v1.6.5 software.

For information on upgrading, see Upgrading Apigee hybrid to version 1.6.

Bug ID Description
217386412 Change the property set logging level to fine when property is not found.
215773113 Setting the securityPolicy appeared to have no effect for specific configurations.
211787541 Errors displayed in synchronizer logs for stale contracts.
209484701 Invalid client IP sent to analytics.
204905727 GenerateResponse was hanging on response flow when enabled=true.
191853747 Apigee Workload Identities not working for specific configurations.
173566787 Reuse existing target IPs if DNS resolution fail on DNS cache refresh.
111777025 LookupCache: cachehit was shown false in trace when the actual value was true.
Bug ID Description
217743790 ** Cassandra backup would run as privileged.**
204994504 Container Vulnerability fixed: CVE-2018-12934.
N/A Multiple security fixes including CVE-2019-5021.

February 24, 2022

Apigee Integrated Portal

On February 24, 2022 we released an updated version of the Apigee Integrated Portal software.

Bug ID Description
216299743 Inconsistent button icon for delete in Pages. Updated the page delete button from (circle with x) to (trash can).
210539825 CSS compiler should gracefully handle errors with unexpected form. Fixed a rare issue where some custom CSS payloads would result in an Internal Server Error.
205579028 500s caused by could not get auth token for GCP. Periodically, under high load, GCP Authentication would fail on the backend and return a 500 internal exception.
194226935 Update site pages to link to Quickstart documentation. The Quick Start tutorial is no longer embedded in the portal. See Build your first portal in the Apigee documentation.

February 22, 2022

Apigee UI

On February 22, 2022 we released an updated version of the Apigee UI software.

The following accessibility improvements have been made in the Apigee UI:

  • In the Develop > API Proxies view, the screen reader now reads "Create new proxy" for the Create New button
  • In the Traffic column of the API Proxies view, the screen reader now reads the traffic tooltip text, and the tooltip has been removed.
  • In the Last Modified column, the screen reader now reads a message like "5 months ago on Sep 17, 2021 6:21 PM," and the tooltip has been removed.
  • Hovering the mouse in the Action column now displays a menu showing the Delete item, to make it accessible.
Bug ID Description
170748813 The help text in the project selector menu at the top of the UI was out of date. The information has now been updated.
220188457 Proxy/sharedflow undeployment was failing in the new Proxy Editor. This has been fixed.

February 21, 2022

Apigee Integration

On February 21, 2022 we released an updated version of the Apigee Integration software.

Bug ID Description
N/A Cloud Pub/Sub trigger having same topic in multiple region fails. You can now create a Cloud Pub/Sub trigger for the same topic in multiple regions. Because of this fix, your already existing Cloud Pub/Sub trigger may now execute multiple times. Contact Apigee support if you notice this problem. However, if you haven't used the Cloud Pub/Sub trigger in your integrations, you can ignore this fix.

February 15, 2022

Apigee API hub

On February 15, 2022 Apigee API hub released a new version of the software.

Added Deployment List to API detail page.

Documentation: Deployments and Manage deployments

Added ability to create new deployments for an API.

Added ability to edit existing deployments for an API.

Added ability to delete existing deployments for an API.

Added ability to view access information for a deployment of an API.

Apigee UI

On February 15, 2022 we released an updated version of the Apigee UI software.

New Overview Tab in Proxy Editor

We have released a new version of the Overview tab in the Proxy Editor. See Introducing the new Proxy Editor.

Note: The new features in this release will be rolled out over the next week, so you might not be able to view them until the rollout is complete.

The UI now shows a warning when an API Product is in legacy format, stating that some of the displayed fields might be legacy fields.

Bug ID Description
201759530 Operations that did not have methods defined were not appearing in the operations table in the API Products UI
199814779 The test button in Admin > Environments > Keystores was not working correctly. The button has been temporarily removed from the UI.
Apigee X

On February 15, 2022 we released an updated version of the Apigee X software.

Backend target routing with Private Service Connect

You can now use Private Service Connect (PSC) to connect Apigee with backend target services running in VPC networks other than the one that is peered with your Apigee organization. For details, see Southbound networking patterns.

February 09, 2022

Apigee API hub

On February 9, 2022 Apigee API hub released a new version of the software.

Changed "Add API" to "Register API" across the application.

API search now matches description text.

Bug ID Description
216809912 Gateway taxonomy has been removed from the API edit form.
218092962 The filter button did not close the API filter.

February 08, 2022

Apigee Integrated Portal

On February 8, 2022 we released an updated version of the Apigee Integrated Portal software.

Bug ID Description
212421254 Consumers can access teams in a portal for which they have no IDP account. Before, a consumer could access a team as long as they were added to the team and had an IDP account in the same organization as the team. Now they can only access the team if they are added as a member and have an IDP account in the same portal as the team.
209436418 Display asset file sizes in megabytes. Asset file size was being incorrectly displayed in mebibytes and is now shown in megabytes.
207130598 Improve asset upload error messages. Improved an error message when an unsupported image type was uploaded.
205963075 New portal name rules are not enforced on backend. The same portal name rules that were already enforced on the front end are now also enforced on the backend.
205881764 Cannot delete mobile logo/favicon in Apigee X/Hybrid. Fixed a bug where Apigee X and Hybrid customers could not delete mobile logos or favicons.
205629978 Broken HTML after portals v2 migration. The live portal of the upgraded portal will not be displayed correctly after migrating a portal from v1 to v2.
205581372 Users endpoint should not crash when passed an invalid Enum value. Passing an invalid sortBy value to the providers/{scope}/users endpoint is now handled gracefully.
196875216 Team does not exist exceptions should not be reported as 500s. When API producers attempted to retrieve a team which does not exist, they got an uniformative 500. Now they get an easy-to-read 404.
Apigee UI

On February 8, 2022 we released an updated version of the Apigee UI software.

Bug ID Description
212782769 An issue prevented editing a new target server that used a keystore reference, and selecting a key alias when using a keystore.
Apigee X

On February 8, 2022 we released an updated version of the Apigee X software.

Bug ID Description
N/A Upgraded infrastructure and libraries

February 02, 2022

Apigee UI

On February 2, 2022 we released an updated version of the Apigee UI software.

The Apigee provisioning wizard can now auto-allocate /22 and /28 IP address ranges, instead of the larger /21 range

This feature makes it easier to allocate IP address ranges when you are provisioning Apigee. The feature is an enhancement to the IP range feature released on Jan. 24, 2022.

Bug ID Description
205810610 Products couldn't be removed from an app if the product's name contained a trailing space

January 31, 2022

Apigee API hub

On January 31, 2022 Apigee API hub released a new version of the software.

Bug ID Description
216513294 API hub pages did not refresh after switching projects.
Apigee hybrid

hybrid v1.6.4

On January 31, 2022 we released an updated version of the Apigee hybrid v1.6.4 software

For information on upgrading, see Upgrading Apigee hybrid to version 1.6.

Bug ID Description
214960081 HTTPS endpoints could be called as HTTP resulting in an "EOF unexpected" error.
210590135 Invalid protocol in proxy.url flow variable in Apigee X. The proxy.url flow variable could show as http even when the request is https.
203785814 A transient error could occur when calling conversion webhook for Apigee Telemetry. The error would occur when Apigee CRD is installed too early in the sequence. The installer job now checks for the correct sequence.
197945951 Stale DNS record in MP memory could cause an outage for a proxy.
210314786 The backup utility did not work with workload identity.

January 28, 2022

Apigee X

On January 28, 2022 we released an updated version of the Apigee X software.

UI updates for service networking and instance creation

UI updates were made to support changes to network IP CIDR range requirements for service networking and instance creation. These changes simplify Apigee provisioning.

Apigee hybrid

hybrid v1.5.7

On January 28, 2022 we released an updated version of the Apigee hybrid v1.5.7 software

For information on upgrading, see Upgrading Apigee hybrid to version 1.5.

Bug ID Description
214960081 HTTPS endpoints could be called as HTTP resulting in an EOF unexpected error.
204368970 TLS variables were not being set by Apigee Runtime.
189341334 Fixed potential connection leaks for watcher component.

January 26, 2022

Apigee API hub

On January 26, 2022 Apigee API hub released a new version of the software.

Added the ability to view the contents of spec revisions.

Added the ability to download spec revision files.

January 24, 2022

Apigee X

On January 24, 2022 we released an updated version of the Apigee X software.

Reduce the IP range required to peer your VPC network

The required IP range needed to peer your VPC network to the Apigee network is now limited to a non-overlapping CIDR range of /22. This change simplifies Apigee provisioning. Note that the provisioning step for service network configuration has been updated to reflect this change. For more information, see Understanding peering ranges.

January 21, 2022

Apigee API hub

On January 21, 2022 Apigee API hub released a new version of the software.

Added API spec Revision history tab to the API detail page.

Added the ability to upload new API spec revisions from the API spec Revision history tab.

Added the ability to add new versions from the API spec Revision history tab.

January 19, 2022

Apigee Integration

On January 19, 2022 we released an updated version of the Apigee Integration software.

Filter clause in the Connectors task

You can add a filter to restrict the amount of data processed by an entity operation. For more information, see Add a filter for an operation.

Upload and download integrations

The Upload/download menu button in the integration designer lets you upload and download integrations in a JSON file format. For more information, see Upload and download integrations.

January 17, 2022

Apigee UI

On January 17, 2022 we released an updated version of the Apigee UI software.

Bug ID Description
211983110 Product link in app detail page was broken.

December 15, 2021

Apigee API hub

On December 15, 2021, Apigee API hub launched as private preview.

Private preview is available by invitation to a small set of customers for testing and feedback before becoming more broadly available.

At private preview, products or features are ready for testing by customers. Preview offerings are often publicly announced, but are not necessarily feature-complete, and no SLAs or technical support commitments are provided for these. Unless stated otherwise by Google, private preview offerings are intended for use in test environments only.

December 03, 2021

Apigee Adapter for Envoy

v2.0.4

On December 3, 2021 we released an updated version of the Apigee Adapter for Envoy v2.0.4 software.

▶ Click to see the list of supported platforms.

We publish binaries for MacOS, Linux, and Windows, and in this version, we support the following platforms:

  • Apigee hybrid version 1.4.x, 1.5.x, 1.6.x
  • Apigee X
  • Apigee Edge for Public Cloud
  • Apigee Edge for Private Cloud
  • Istio versions 1.10, 1.11, 1.12
  • Envoy versions 1.17, 1.18, 1.19, 1.20

Bug ID Description
360 A nil-check was added for the PEM block private key loading to avoid panic.
104 Remote service authorization errors are now logged at the Debug level. An exception to this categorization is made for token fetching errors for API keys. In that case, errors are logged at the Error level so that they are visible even if Debug log level for apigee-remote-service-envoy is disabled. See also Setting remote service log levels.

The list of supported Envoy and Istio versions for the CLI samples command has been updated. These versions are now supported for samples:

  • Envoy versions 1.18 to 1.20
  • Istio versions 1.10 to 1.12

November 03, 2021

Apigee Monetization

On November 3, 2021 we released an updated version of the Apigee Monetization software.

DataCapture policy captures monetization variables

You can configure the DataCapture policy to capture a transaction's monetization information such as revenue, currency, price multiplier, and status. For more information, see Monetization variables.

Prepaid billing

Apigee now supports the prepaid billing of developers, as well as postpaid billing. In prepaid billing, app developers pay in advance even before using your API products. The upfront payment made by the developers is available in the developer's wallet, which can have different currencies. You can track a developer's balance in real time and block API calls if a developer has insufficient funds.

Revenue sharing with developers

The revenue sharing feature enables developers to receive a percentage of the total revenue generated. As an API provider, you can configure Revenue share in your rate plan to share a specific percentage of the revenue with your developer partners.

Volume banded consumption pricing

Rate plan supports the new Banded type of consumption based fees. You can configure variable fees for each monetized transaction based on a band. A band refers to an API consumption range, and you can configure a different fee for each band.

Dynamic consumption pricing

To calculate the cost of a transaction, you can specify a multiplier (perUnitPriceMultiplier) value on top of the pre-configured base price in your DataCapture policy.

Criteria for successful transaction

You can specify if a transaction must be monetized or not by configuring the transactionSuccess monetization variable in your DataCapture policy.

Bug ID Description
199807323 A prepaid developer is set as a postpaid developer after updates to the prepaid developer.
198549304, 197730687, 196937143, 188370635, 187890034 Apigee displays improved error messages during rate plan creation.
192987085 Fixed the ApiProductNotFound exception, which occurred when you deleted an API product but the deletion of associated rate plans was pending.
188407113 Invalid value in the ConsumptionPricingType during rate plan creation displayed the 500 status code. Now the status code for an invalid value is 4xx.

The rateplans API doesn't support the paymentFundingModel field.

October 06, 2021

Apigee Connectors

GA release

On October 6, 2021 we released the GA version of the Apigee Connectors software.

Support for display names in the Connectors UI

Connectors now supports the addition of a display name for connections in the Connectors UI.

Service Account authentication for Connection workloads

With this release, Connectors now supports the use of customer Service Accounts as an authentication option for most Connectors workloads.

Support for pagination in LIST calls to Entity APIs

Connectors now supports the option to paginate LIST calls to Entity APIs from Apigee Integration. With the pagination option, Apigee Integration can now request lists of entities in batches using the Connector task.

September 21, 2021

Apigee Adapter for Envoy

v2.0.3

On September 21, 2021 we released an updated version of the Apigee Adapter for Envoy v2.0.3 software.

▶ Click to see the list of supported platforms.

We publish binaries for MacOS, Linux, and Windows, and in this version, we support the following platforms:

  • Apigee hybrid version 1.4.x, 1.5.x, 1.6.x
  • Apigee X
  • Apigee Edge for Public Cloud
  • Apigee Edge for Private Cloud
  • Istio versions 1.10, 1.11, 1.12
  • Envoy versions 1.17, 1.18, 1.19

Bug ID Description
N/A An analytics logging issue with direct responses was fixed. The issue only occurred under certain circumstances. For example: a) For requests not requiring authn/z check, no authContext was generated and dynamic metadata was nil causing the access log entry to be ignored. b) The denied response used RPC code instead of HTTP code, causing records to be shown in the Apigee UI as success.

September 08, 2021

Apigee Connectors

Private preview release

This is a Private preview of the Connectors feature for Apigee Integration on Apigee X. With the release of Connectors, Apigee Integration customers can connect to business applications, technologies, and other data sources using the native protocols of each target application. With Connectors, both Google Cloud services and third-party business applications are exposed to Apigee Integration through a transparent, standard interface. Apigee Integration users can quickly connect to a growing pool of applications and systems of record without the need for protocol-specific knowledge or the use of custom code.

With this release, the Connectors platform is now available within the Cloud console under Apigee > Connectors. Users with Apigee credentials, Apigee X orgs, and Connectors entitlement can use the Connectors UI to create new connections for use in Apigee Integration.

Connectors supported in this release:

Learn more:

March 24, 2021

Apigee Analytics

On March 24, 2021 we released an updated version of the Apigee Analytics software.

Advanced API Operations

This is the GA release of Apigee's Advanced API Operations (AAPI Ops), which provides tools to help you ensure that your APIs stay up and running as intended. AAPI Ops automatically detects unusual patterns in API traffic—called anomalies—such as spikes in latency or error rate.

AAPI Ops enables you to:

February 05, 2021

Apigee Analytics

On February 5, 2021 we released an updated version of the Apigee Analytics software.

Recent view

The new API Monitoring Recent view displays treemaps of API traffic by proxy. A treemap displays traffic data for each proxy as a rectangle, whose size is proportional to the amount of traffic in the proxy. The colors of the rectangle indicate the relative sizes of the following variables:

  • Number of incidents triggered by alerts.
  • Error rate
  • Maximum latency 50th percentile (median)

See Using the Recent view.

Additional channels for sending alert notifications

Apigee API Monitoring now supports the following channels for sending alert notifications:

  • Email
  • PagerDuty
  • Slack
  • Webhooks

See Creating a notification for an alert.