Google Cloud release notes

Zendesk plugins version 1.2.0 is available in the Cloud Data Fusion Hub. The following changes are included in version 1.2.0:

• Zendesk Multi Objects Batch Source is generally available (GA).
• The Zendesk plugins support Connection Management.

The global external HTTP(S) load balancer now supports a configurable client HTTP Keepalive Timeout. The client HTTP keepalive timeout represents the maximum amount of time that a TCP connection can be idle between the (downstream) client and the target HTTP/S proxy.

For details, see

• Client HTTP keepalive timeout
• Update client HTTP keepalive timeout.

This capability is available in Preview.

You can now import and export differential database backups. This can help you import and export data more frequently, reducing migration downtime.

Fine-grained access control is now available for PostgreSQL-dialect databases. For more information, see About fine-grained access control.

PaLM Text and Embeddings APIs, and Generative AI Studio

The Generative AI support on Vertex AI is now available in (GA). With this feature launch, you can leverage the PaLM API to generate AI models that you can test, tune, and deploy in your AI-powered applications. With the GA of these features, you will incur usage costs if you use the text-bison and textembedding-gecko PaLM APIs. To learn about pricing, see the Vertex AI pricing page.

Features and models in this release include:

• PaLM 2 for Text: text-bison
• Embedding for Text: textembedding-gecko
• Generative AI Studio for Language

Vertex AI Model Garden

The Vertex AI Model Garden is now available in (GA). The Model Garden is a platform that helps you discover, test, customize, and deploy Vertex AI and select OSS models. These models range from tunable to task-specific - all available on the Model Garden page in the Google Cloud console.

To get started, see Explore AI models and APIs in Model Garden.

Vertex AI Codey APIs

The Vertex AI Codey APIs are now in (Preview). With the Codey API, code generation, code completion, and code chat APIs can be used from any GCP project without allowlisting. The APIs can be accessed from the us-central1 region. The Codey APIs can be used in the Generative AI studio or programmatically in REST commands.

To get started, see the Code models overview.

Access Transparency supports Memorystore for Redis in the GA stage.

Use folders and organizations in budgets: When you set up budgets for your Cloud Billing account, you can set the budget's scope to one or more folders or organizations that are linked to your account, in addition to the current options for specific projects and labels.

When you create a budget that applies to a folder or organization, the budget also covers future projects that you create in the folder or organization.

Learn about creating and modifying budgets for your Cloud Billing account.

Access Transparency is now Generally Available for Memorystore for Redis.

Generally available: The Estimated cut-over time field is now generally available. This field gives an estimate of the time it takes to complete a cut-over job for a VM once the cut-over is triggered. This field is populated only for an active VM that has completed a few replication cycles.

Batch is available in the following regions:

• asia-east2 (Hong Kong)
• europe-central2 (Warsaw)
• us-south1 (Dallas)
• us-west2 (Los Angeles)
• us-west3 (Salt Lake City)
• us-west4 (Las Vegas)

For more information, see Locations.

Features supported in this release include:

• Blockchain Node Engine is a fully-managed service for dedicated blockchain nodes.
• Ethereum support:
  • Execution and consensus clients
  • Full and Archive nodes
  • JSON-RPC and WebSocket endpoints.
• With a single operation, Blockchain Node Engine provisions a new node with the specified configuration (network, region, client, node type), bootstrap it from a known-good snapshot, sync it with the blockchain, and ensure its availability.
• Google Cloud Armor always enabled.

See:

• What is Blockchain Node Engine?
• Get started
• Create a blockchain node
• Using blockchain nodes
• APIs and reference

The following resource types are now publicly available through the Export APIs (ExportAssets, ListAssets, and BatchGetAssetsHistory), Feed API, and Search APIs (SearchAllResources, SearchAllIamPolicies).

• Dataform
  • dataform.googleapis.com/CompilationResult
  • dataform.googleapis.com/ReleaseConfig
  • dataform.googleapis.com/Repository
  • dataform.googleapis.com/WorkflowConfig
  • dataform.googleapis.com/WorkflowInvocation
  • dataform.googleapis.com/Workspace

Use Geo-location objects in firewall policy rules to filter external IPv4 and external IPv6 traffic based on specific geographic locations or regions. This feature is available in General Availability.

Use Threat Intelligence for firewall policy rules to secure your network by allowing or blocking traffic based on threat intelligence data. This feature is available in General Availability.

You can now configure CMEK and a default storage location for individual folders, in addition to organizations. For more information, see Configure default settings for organizations and folders and Configure CMEK for Cloud Logging.

Generally available: Accelerator-optimized (G2) machine types with attached NVIDIA® L4 GPUs are generally available in the following regions and zones:

• Singapore, APAC: asia-southeast1-b
• Netherlands, Europe: europe-west4-a,b,c
• Iowa, North America: us-central1-a,b
• South Carolina, North America: us-east1-b,d
• Virginia, North America: us-east4-a
• Oregon, North America: us-west1-a,b

Support for IPv6 static routes with the following next hops is available in Preview:

• next-hop-gateway
• next-hop-instance

Access Transparency supports Anthos Identity Service in the GA stage.

The SAP Ariba Batch Source plugin is generally available (GA). You can connect your data pipeline to an SAP Ariba Source and a BigQuery Sink with this plugin in Cloud Data Fusion versions 6.5.1 and later.

The SAP SuccessFactors Batch Source plugin is GA. You can connect your data pipeline to an SAP SuccessFactors Source and a BigQuery Sink with this plugin in Cloud Data Fusion versions 6.5.1 and later.

The rollout of the following minor versions, extension versions, and plugin versions is currently underway:

Minor versions

• 10.22 is upgraded to 10.23.
• 11.17 is upgraded to 11.19.
• 12.12 is upgraded to 12.14.
• 13.8 is upgraded to 13.10.
• 14.5 is upgraded to 14.7.

Extension and plugin versions

• pg_cron is upgraded from 1.4.1 to 1.5.
• pg_partman is upgraded from 4.7.0 to 4.7.3.
• postgresql-hll is upgraded from 2.16 to 2.17.
• pg_repack is upgraded from 1.4.7 to 1.4.8.
• wal2json is upgraded from 2.4 to 2.5.
• pg_hint_plan is upgraded, as follows:
  • from 1.3.7 to 1.3.8 (for PostgreSQL versions 11-13)
  • from 1.4.0 to 1.4.1 (for PostgreSQL version 14)
  • from 1.4.0 to 1.5.0 (for PostgreSQL version 15)

If you use a maintenance window, then the updates to the minor, extension, and plugin versions happen according to the timeframe that you set in the window. Otherwise, the updates occur within the next few weeks.

The new maintenance version is [PostgreSQL version].R20230530.01_00. To learn how to check your maintenance version, see Self service maintenance. To find your maintenance window or to manage maintenance updates, see Find and set maintenance windows.

Continuous backup and recovery is generally available (GA).

Anthos clusters on VMware 1.15.1-gke.40 is now available. To upgrade, see Upgrading Anthos clusters on VMware. Anthos clusters on VMware 1.15.1-gke.40 runs on Kubernetes 1.26.2-gke.1001.

The supported versions offering the latest patches and updates for security vulnerabilities, exposures, and issues impacting Anthos clusters on VMware are 1.15, 1.14, and 1.13.

Release 1.13.8

Anthos clusters on bare metal 1.13.8 is now available for download. To upgrade, see Upgrading Anthos on bare metal. Anthos clusters on bare metal 1.13.8 runs on Kubernetes 1.24.

For Node.js runtimes version 18 and version 20 (preview), you can use the Pnpm package manager to configure dependencies for Node.js runtimes. Learn how to configure your runtime.

You can use the Pnpm package manager to configure dependencies for Node.js runtimes. Learn how to configure your runtime.

You can use the Pnpm package manager to configure dependencies for Node.js runtimes. Learn how to configure your application.

You can use the Pnpm package manager to configure dependencies for Node.js runtimes. Learn how to configure your runtime.

Agones on GKE users will get recommendations and insights if they did not install the Agones controller on dedicated nodes.

Vertex Prediction

You can now specify a multi-region BigQuery table as the input or output to a batch prediction request.

Release 1.15.1

Anthos clusters on bare metal 1.15.1 is now available for download. To upgrade, see Upgrading Anthos on bare metal. Anthos clusters on bare metal 1.15.1 runs on Kubernetes 1.26.

Preview: In a managed instance group (MIG), you can set metadata and labels for all VMs in the group without the need to create a new instance template. For more information, see Override instance template properties with an all-instances configuration.

The image import tool now supports importing CentOS Stream 9 and CentOS Stream 8 images to Google Cloud.

Data sampling is now generally available (GA). Data sampling lets you observe the data at each step of a pipeline. For more information, see Use data sampling to observe pipeline data.

Dataproc Metastore gRPC endpoints are generally available (GA).

Metadata federation support for BigQuery and BigLake is generally available (GA).

Cross-Cloud Interconnect is now generally available. You can use a Cross-Cloud Interconnect connection to peer your Google Virtual Private Cloud (VPC) network with your network that's hosted by a supported cloud service provider. You can also use Cross-Cloud Interconnect VLAN attachments as part of a site-to-site data transfer strategy.

For example, after you configure a VLAN attachment for your Cross-Cloud Interconnect connection, you can create a Network Connectivity Center spoke to represent the attachment. If the spoke has site-to-site data transfer enabled, you can then transfer data between your remote cloud network and your other external sites. Other external sites can include your on-premises network or your network in other clouds.

For information about the cloud service providers that Cross-Cloud Interconnect supports, see the Cross-Cloud Interconnect overview. For information about site-to-site data transfer, see the Site-to-site data transfer overview.

Site-to-site data transfer is supported only in certain locations.

The advanced traffic management using flexible pattern matching capability with Global External HTTP(S) Load Balancer is now Generally Available.

(Cloud Composer 2) The number of web server workers is now set dynamically based on available web server CPU and memory. This change improves Airflow web server performance and scalability by allowing it to handle more users.

• These workers are internal to the gunicorn web server and are not related to workers that run tasks.

• The new value is applied to the [webserver]workers Airflow configuration option when you change the environment's configuration. To use a different value, override this Airflow configuration option.

• The number of web server workers is clamped between 2 and 12 workers and is calculated as the minimum of (web_server_CPU * 2) + 1 and web_server_memory * 1.1.

The global external HTTP(S) load balancer now supports advanced traffic management using flexible pattern matching. This allows you to use wildcards anywhere in your path matcher. You can use this to customize origin routing for different types of traffic, request and response behaviors, and caching policies. In addition, you can now use results from your pattern matching to rewrite the path that is sent to the origin.

For details, see URL maps overview: Wildcards and pattern matching operators in path templates for route rules.

This capability is available in General availability.

Cloud NAT support for Standard Tier egress is available in Preview.

Observability for Google Kubernetes Engine: The Observability tab for each of your GKE clusters now includes metrics for ephemeral storage. For more information, see View observability metrics.

Adds MAX_THREE_PER_COMPANY DiversificationLevel option.

Resource AlloyDBBackup(v1alpha1):

• Added spec.encryptionConfig field.

• Added status.encryptionInfo field.

Resource AlloyDBCluster(v1alpha1):

• Added spec.encryptionConfig field.

• Added spec.automatedBackupPolicy.encryptionConfig field.

• Added status.encryptionInfo field.

Resource BigQueryJob(v1beta1):

• Added spec.load.parquetOptions field.

Resource CertificateManagerCertificate(v1alpha1):

• Added spec.location field.

Resource CloudBuildTrigger(v1beta1):

• Added spec.build.step.items.allowExitCodes field.

• Added spec.build.step.items.allowFailure field.

• Added spec.gitFileSource.repositoryRef field.

• Added spec.sourceToBuild.repositoryRef field.

Resource ComputeBackendService(v1beta1):

• Added spec.cdnPolicy.bypassCacheOnRequestHeaders field.

Resource ComputeDisk(v1beta1):

• Added spec.asyncPrimaryDisk.diskRef field.

Resource ComputeForwardingRule(v1beta1):

• Added spec.allowPscGlobalAccess field.

• Added spec.sourceIpRanges field.

• Added status.baseForwardingRule field.

Resource ComputeNetworkPeering(v1beta1):

• Added spec.stackType field.

Resource ComputeResourcePolicy(v1beta1):

• Added spec.diskConsistencyGroupPolicy field.

Resource ComputeRouterPeer(v1beta1):

• Added spec.enableIpv6 field.

• Added spec.ipv6NexthopAddress field.

• Added spec.peerIpv6NexthopAddress field.

Resource ContainerCluster(v1beta1):

• Added spec.addonsConfig.gcsFuseCsiDriverConfig field.

Resource VertexAIEndpoint(v1alpha1):

• Added spec.region field.

Resource WorkflowsWorkflow(v1alpha1):

• Added spec.cryptoKeyName field.

Resource WorkstationsWorkstationCluster(v1alpha1):

• Added status.resourceConditions field.

• Restructured status.conditions field to be consistent with status.conditions field of any Config Connector kind.

The Observability tab for each of your GKE clusters now includes metrics for ephemeral storage. For more information, see View observability metrics.

Image batch processing now available as a Preview feature

Vertex AI Vision now offers batch image processing as a Preview feature. This new processing mode lets you provide a Cloud Storage path with image files as input and Cloud Storage path to store output batch processing results.

For more information, see the image batch processing documentation.

Python SDK now available

A new Python SDK is now available for Vertex AI Vision. For more information, see the following documentation pages:

• Set up a project and a development environment
• Use the Face Blur model with the Python SDK

General Availibility: You can use the private.googleapis.com and restricted.googleapis.com virtual IP addresses (VIPs) to access Google APIs and services with IPv6 addresses. For more information, see the following pages:

• Use the VIPs from VMs with internal IPv6 addresses
• Use the VIPs from VMs with external IPv6 addresses
• Use the VIPs from on-premises hosts with IPv6 addresses
• Use the VIPs with VPC Service Controls

Private Service Connect backends support using an external regional TCP proxy load balancer to access published services. This feature is available in Preview.

Added a new field spec.helm.deployNamespace in the RootSync API to support specifying which namespace to deploy the rendered chart. For more information, see RootSync and RepoSync fields.

The constraint template library includes a new template: K8sHorizontalPodAutoscaler. For reference, see the Constraint template library.

The BigQuery partitioning and clustering recommender is now in preview. The recommender analyzes your BigQuery tables to identify partitioning or clustering opportunities for potential cost savings. You can view partition or cluster recommendations through the BigQuery UI or recommender API. You can also apply recommendations directly to your BigQuery tables.

Generally available: NVIDIA A100 80GB GPUs are now available in the following additional regions and zones:

• Netherlands, Europe: europe-west4-a
• Singapore, APAC: asia-southeast1-c

For more information about using GPUs on Compute Engine, see GPU platforms.

CCAI Platform now supports Agent Assist Session Summarization. This feature automatically provides a summary of the conversation transcript at the end of a chat or phone call. The summary includes brief overview of the conversation, key discussion points and resolutions or solutions agreed upon. For more information, see the Agent Assist voice or Agent Assist chat documentation.

Release 1.14.5

Anthos clusters on bare metal 1.14.5 is now available for download. To upgrade, see Upgrading Anthos on bare metal. Anthos clusters on bare metal 1.14.5 runs on Kubernetes 1.25.

Chronicle has updated Rules Engine's YARA-L 2.0 language to support more functionality for handling arrays.

• A new arrays.length() function has been added. This function returns the number of elements in a repeated field. For more information, see YARA-L 2.0 language syntax.

• You can now perform array indexing on repeated fields using bracket notation. This lets you access an element of a repeated field at a specific index. For more information, see YARA-L 2.0 language syntax.

Cloud Load Balancing introduces the external regional TCP proxy load balancer. This is an Envoy proxy-based regional layer 4 load balancer that enables you to run and scale your TCP service traffic in a single region behind an external regional IP address. External regional TCP proxy load balancer will load-balance external TCP traffic from the internet to backends in the same region.

For details, see the External Regional TCP Proxy Load Balancing overview

To set up an external regional TCP proxy load balancer, see the following pages:

• Instance group backends

• Zonal NEG backends

• Hybrid connectivity NEG backends

This capability is in General Availability.

PostgreSQL version 15 is now generally available. To start using PostgreSQL 15, see Create instances.

Cloud Spanner lets you use a generated column in the primary key.

Cloud Spanner database deletion protection is now available in Preview. You can enable database deletion protection to prevent the accidental deletion of databases. For more information, see Prevent accidental database deletion.

New tasks for Google Cloud services

The following new integration tasks are available in preview:

• AI Platform - Prediction
• Cloud KMS - encrypt
• Cloud KMS - decrypt
• Dataflow - Create Job
• Drive - List
• Doc AI - Batch Process
• Doc AI - Process
• Doc AI - Operation
• Firestore - Batch Get
• Firestore - Batch Write
• Firestore - Document Get
• Language - Annotate Text
• Language - Classify Text
• Sheets - Append
• Sheets - Batch Get
• Sheets - Get
• Translate - Document
• Translate - Text
• Workflows - Execute

New tasks for Google Cloud services

The following new integration tasks are available in preview:

• AI Platform - Prediction
• Cloud KMS - encrypt
• Cloud KMS - decrypt
• Dataflow - Create Job
• Drive - List
• Doc AI - Batch Process
• Doc AI - Process
• Doc AI - Operation
• Firestore - Batch Get
• Firestore - Batch Write
• Firestore - Document Get
• Language - Annotate Text
• Language - Classify Text
• Sheets - Append
• Sheets - Batch Get
• Sheets - Get
• Translate - Document
• Translate - Text
• Workflows - Execute

Support for the asia-south2 (Delhi) region.

Support for the asia-south2 (Delhi) region.

Reserving static regional external IPv6 addresses is available in General Availability.

Reserving static regional internal IPv6 addresses is available in General Availability.

Internal ranges are available in Preview. Internal ranges let you allocate blocks of private IP addresses in VPC networks and specify how those addresses can be used.

Support for IPv6 extension headers is available in Preview.

Error catcher trigger

The Error Catcher trigger lets you invoke an error catcher that is defined or customized to handle the failure of an identified trigger, task, or edge condition in your integration.

For more information, see Error catcher trigger.

Return task

The Return task lets you customize the error messages corresponding to the HTTP response codes that are returned during an integration execution failure.

For more information, see Return task.

Node.js 20 is now available in preview. Note that Node.js 20 enters long-term support (LTS) in October and is the Node.js "Current" version until that time. We encourage you to explore the new features and benefits included in this release to evaluate their potential impact on your applications. For more information, see the Node.js 20 announcement .

Support for Google-managed encryption keys

Application Integration now uses Google-managed encryption keys as the default method of data encryption for your provisioned regions. You can optionally modify your encryption method with customer-managed encryption keys (CMEK).

For more information, see Encryption methods.

Error catcher trigger

The Error Catcher trigger lets you invoke an error catcher that is defined or customized to handle the failure of an identified trigger, task, or edge condition in your integration.

For more information, see Error catcher trigger.

Return task

The Return task lets you customize the error messages corresponding to the HTTP response codes that are returned during an integration execution failure.

For more information, see Return task.

The COUNTRY_DEMOGRAPHIC infoType detector, which identifies when countries are used for place of birth, residency, or citizenship, is available in all regions. For more information about all built-in infoTypes, see InfoType detector reference.

The Key Usage dashboard in the Google Cloud console and the new KMS Inventory REST API are now generally available.

For more information about the Key Usage dashboard, see View key usage.

For more information about the KMS Inventory REST API, see KMS Inventory API.

For example curl commands using the KMS Inventory REST API, see View key usage and View keys by project.

You can now use SQL JOIN and UNION operators in queries on the Log Analytics page. For more information, see Combine data from multiple sources.

Cloud SQL for MySQL now supports minor version 8.0.33. To upgrade your existing instance to the new version, see Upgrade the database minor version.

Cloud Spanner automatically increases the degree of parallelism on a query when the instance size allows. For more information on parallel execution of queries, see Life of a Spanner Query.

Generally available: General purpose C3 VMs are now generally available in the following regions:

• Council Bluffs, Iowa, North America : us-central1
• Moncks Corner, South Carolina, North America: us-east1
• Ashburn, Virginia, North America: us-east4
• St. Ghislain, Belgium, Europe: europe-west1
• Eemshaven, Netherlands, Europe : europe-west4
• Jurong West, Singapore, APAC: asia-southeast1

Added noexec, nodev, nosuid to /etc/resolv.conf bind mount. It fixes EPERM errors when running a pod in UserNS in COS.

Cloud EKM support for Filestore is now generally available.

The C3 machine family is generally available for GKE Standard clusters running on version 1.22 and later. You can select this family by using the --machine-type flag when creating a cluster or node pool.

The following features are not supported for this machine family:

• Node auto-provisioning.
• Confidential GKE nodes.
• Local SSD.
• Standard persistent disks (pd-standard).

For more information, refer to the C3 machine series documentation.

Secure Web Proxy is generally available (GA).

EXTERNAL_QUERY SQL pushdown optimizes data retrieval from external sources like Cloud SQL or Cloud Spanner databases. Transferring less data reduces execution time and cost. SQL pushdown encompasses both column pruning (SELECT clauses) and filter pushdowns (WHERE clauses). SQL pushdown applies to SELECT * FROM T queries, a significant percentage of all federated queries. Not all data types are supported for filter pushdowns. This feature is generally available (GA).

Cloud Composer API for Highly resilient environments is available. Cloud Console UI, gcloud CLI commands, and Terraform support for this feature will be gradually rolled out in the upcoming days.

Splitting Celery logs into stdout/stderr (#30485) is now possible with the [logging]celery_stdout_stderr_separation Airflow configuration option. The default value for this option is False.

Cloud SQL for MySQL has launched two database flags that impact the Cloud SQL SLA: innodb_flush_log_at_trx_commit and sync_binlog. For more information about these flags, see supported flags.

The following extensions, views, utilities, and flags are generally available:

Extensions

• postgresql_anonymizer: mask or replace personally identifiable information (PII) or sensitive data from a PostgreSQL database.
• pgtt: create, manage and use Oracle-style global temporary tables.
• rdkit: compare, manipulate, and identify molecular structures.

Views and utilities

• pg_authid: access this catalog table that contains hashed passwords and other properties for all database roles.
• pg_dumpall: extract all PostgreSQL databases of a cluster into a single script file.

Flags

• log_line_prefix: generate a printf-style string at the beginning of each line of a PostgreSQL log file.

The rollout of the following minor versions, extension versions, and plugin versions is currently underway:

Minor versions

• 10.21 is upgraded to 10.22.
• 11.16 is upgraded to 11.17.
• 12.11 is upgraded to 12.12.
• 13.7 is upgraded to 13.8.
• 14.4 is upgraded to 14.5.

Extension and plugin versions

• plv8 is upgraded from 3.1.2 to 3.1.4.
• wal2json is upgraded from 2.3 to 2.4.
• pgTAP is upgraded from 1.1.0 to 1.2.0.
• PostGIS is upgraded from 3.1.4 to 3.1.7.
• pg_partman is upgraded from 4.5.1 to 4.7.0.
• pg_wait_sampling is upgraded from 1.1.3 to 1.1.4.
• pg_hint_plan is upgraded from 1.3.7 to 1.4.
• pglogical is upgraded from 2.4.1 to 2.4.2.

This rollout also introduces the following:

• PostGIS GDAL driver support
• LZ4 TOAST compression for PostgreSQL versions 14 and later

Romanization and transliteration are now in Preview.

Preview: You can now use the discard-local-ssd=false flag to preserve the contents of a single attached Local SSD disk when suspending or stopping a VM. For more information, see the Local SSD Documentation.

The following features have been introduced in this release of Distributed Cloud Edge:

• Survivability mode. Distributed Cloud Edge now allows you to create clusters with the Kubernetes control plane running locally on your Distributed Cloud Edge hardware. This improves the reliability of Distributed Cloud Edge when your connection to Google Cloud is intermittent. This is a Public Preview feature. For more information, see Distributed Cloud Edge survivability mode.

• Symcloud Storage integration. You can now integrate Distributed Cloud Edge with Rakuten Symcloud Storage, a third-party storage abstraction solution that allows Pods to access local storage on different Distributed Cloud Edge nodes. This is a Public Preview feature. For more information, see Configure Distributed Cloud Edge for Symcloud Storage.

• Enhanced rNDC security. Distributed Cloud Edge has replaced the bond0 interface with the gdcenet0 interface that allows you to use the physical management network interface card for your application workloads while maintaining complete separation from Distributed Cloud Edge control and management traffic. You must manually reconfigure any existing network resources that reference the bond0 interface to use the gdcenet0 interface. For more information, see Upgrade CustomNetworkInterfaceConfig resources from Distributed Cloud Edge 1.3.0 to 1.4.0 and Upgrade NetworkAttachmentDefinition resources to Distributed Cloud Edge 1.4.0.

• Cloud Router reuse for VPN connections. When creating a VPN connection, Distributed Cloud Edge now automatically reuses any Cloud Router resource it has automatically created for a VPN connection. You can also specify a custom Cloud Router resource when creating a VPN connection. Existing VPN connections are not affected. For more information, see Manage VPN connections.

You can now sort your query results by using the sort menu next to a column name. This feature is in preview.

• Dataplex auto data quality (AutoDQ) and data profiling can be used on any BigQuery tables, including tables that aren't part of a Dataplex lake. You don't need to create a Dataplex lake to run Dataplex AutoDQ and data profiling.
• Dataplex AutoDQ and data profiling support BigQuery views, BigLake tables, and BigQuery external tables.
• Dataplex AutoDQ and data profiling support sampling your data to reduce time and cost.

--properties=dataproc:componentgateway.ha.enabled=truecan now be used to enable component gateway and knox along with SHS UI in HA mode.

Pause report updates. You can pause updates to minimize the number of data requests made while building and editing your report. While the report is paused, changes made to the report's data settings are placed on hold until you resume updates. Pausing report updates can potentially save on query costs because Looker Studio only requests the data needed to meet the report configuration as of the time you resumed updates.

Network Analyzer is now integrated with the Transparency and Control Center. Google Cloud users can now use this feature to opt out of analysis. For more information, see Opting out of data processing.

Vertex Prediction

You can now co-host models on the same VM from the Google Cloud Console. Previously, this capability was available only from the REST API. For more information, see Share resources across deployments.

Private Service Connect service connectivity automation is available in Preview. Service connectivity automation lets service producers automate deployment and service connectivity to eligible managed services on behalf of consumers.

The AlloyDB FORCE_APPLY update policy is available in Preview. Use this policy to modify database flags and apply updates faster (within 1-2 minutes) to an instance.

Preview: Integrate a job into a workflow using the Batch API connector for Workflows.

The following resource types are now publicly available through the Export APIs (ExportAssets, ListAssets, and BatchGetAssetsHistory), Feed API, and Search APIs (SearchAllResources, SearchAllIamPolicies).

• BigqueryMigration
  • bigquerymigration.googleapis.com/MigrationWorkflow

Allocating up to 32 GiB of memory and up to 8 CPU to your Cloud Run services is now at general availability (GA).

Managed Microsoft AD is available in the following regions:

• europe-west12 (Turin)
• me-central1 (Doha)

For more information, see Deploy domain controllers in additional regions.

Global access for Private Service Connect endpoints for published services is available in General Availability. When global access is configured, clients in any region can send traffic to Private Service Connect endpoints.

Support for a Batch API connector is available in Preview.

You can now restrict new deployments by product generation (1st gen or 2nd gen). This feature is at the General Availability release level.

The Cloud SQL Proxy Operator is now generally available. To learn more about the Cloud SQL Proxy Operator, see About the Cloud SQL Proxy Operator.

The Cloud SQL Proxy Operator is now generally available. To learn more about the Cloud SQL Proxy Operator, see About the Cloud SQL Proxy Operator.

The Cloud SQL Proxy Operator is now generally available. To learn more about the Cloud SQL Proxy Operator, see About the Cloud SQL Proxy Operator.

The image import tool now supports importing Rocky Linux 9 images to Google Cloud.

SIP URI Directory - Call Routing: With this release, you can now use the SIP Directory to configure SIP call routing and transfers in IVR queue settings. You can use this functionality to route incoming calls to appropriate destinations based on IVR menu selections or queue routing rules. You can set it up so that a customer calling a support line, for example, can select a department or agent from the IVR menu based on their inquiry. See the SIP URI documentation for details.

Security insights for container images are now available on the release details page.

VMware Aria Operations for Logs is now certified for Google Cloud VMware Engine. You can use VMware Aria Operations for Logs to collect and manage logs from VMware Engine and on-prem environments into a centralized solution.

VMware Aria Operations for Logs with VMware Engine enables more operational visibility and intelligent analytics for both troubleshooting and auditing purposes, making it easier for you to manage and operate your VMware Engine environment. See the VMware blog announcement for more information.

Vertex AI custom training now supports deep integration with Vertex AI Experiments. You can submit training jobs with autologging enabled to automatically log parameters and model performance metrics. For more information, see Run training job with experiment tracking

The scheduler API for Vertex AI Pipelines is now available in Preview. You can schedule recurring pipeline runs in Vertex AI by specifying a frequency, start time (optional), and end time (optional). For more information, see Schedule a pipeline run with scheduler API.

Anthos clusters on VMware 1.13.8-gke.42 is now available. To upgrade, see Upgrading Anthos clusters on VMware. Anthos clusters on VMware 1.13.8-gke.42 runs on Kubernetes 1.24.11-gke.1200.

The supported versions offering the latest patches and updates for security vulnerabilities, exposures, and issues impacting Anthos clusters on VMware are 1.15, 1.14, and 1.13.

The PHP 8.2 runtime for App Engine standard environment is now generally available.

The following resource types are now publicly available through the Export APIs (ExportAssets, ListAssets, and BatchGetAssetsHistory) and Feed API.

• AI Platform
  • aiplatform.googleapis.com/NasJob

Cloud Functions has added support for a new runtime, PHP 8.2, at the General Availability release level. PHP 8.2 adds significant new functionality over PHP 8.1 and uses Ubuntu 22.04 for its base O/S image.

Cloud Functions now supports 2nd gen Firestore triggers through Eventarc at the Preview release level.

You can now customize the time range of your queries in the Log Analytics page by using the time-range selector. There are several time range options, such as preset times, custom start and end times, and relative time ranges. For more information, see Filter by time.

Version 2.31.0 of the Ops Agent introduces preview support for an OpenTelemetry Protocol (OTLP) receiver. You can use this receiver to collect custom metrics and traces from applications written by using OpenTelemetry SDKs. For more information, see Collect OTLP metrics and traces.

You can now use the point-in-time-recovery (PITR) feature and read replicas on the same primary instance. For more information, see Point-in-time Recovery.

Version 2.31.0 of the Ops Agent introduces preview support for an OpenTelemetry Protocol (OTLP) receiver. You can use this receiver to collect custom traces and metrics from applications written by using OpenTelemetry SDKs. For more information, see Collect OTLP traces.

Generally available: The local SSD quota per machine family (LOCAL_SSD_TOTAL_GB_PER_VM_FAMILY) is generally available. Use the quota metric compute.googleapis.com/local_ssd_total_storage_per_vm_family instead of compute.googleapis.com/local_ssd_total_storage to view the quota usage and limits for local SSD in your project. For more information, see View and manage local SSD quota per machine family.

BigQuery subscriptions now support the NUMERIC and BIGNUMERIC data types. For more information, see Schema compatibility.

The AlloyDB admin API now includes user-management methods. These let you use the gcloud command-line tool to manage the user roles of your AlloyDB clusters, in addition to the PostgreSQL functions already supported.

.NET 6 is now generally available. This version requires you to specify an operating system version in your app.yaml file. Learn more.

You can now deploy sidecar containers to your Cloud Run service. (In Preview.)

You can now configure in-memory volumes for your Cloud Run containers. (In Preview.)

Unified Session Types: The new session type variable, Session Type V2, is now available. This update introduces a range of new fields, variables, and columns that will provide you with access to valuable additional information such as the ability to distinguish between Inbound SMS, Outbound SMS, and Outbound SMS via API. For more information, see the session type terminology documentation.

To take advantage of the new fields and variables, you will need to update your scripts, code, automation triggers, and any third-party integrations. The legacy components will no longer be updated with new functionality and will be deprecated on October 6, 2023.

Holiday hours: With Holiday Hours, you now have the ability to create and manage your own set of holidays with complete control over the holiday name, time, and dates. Additionally, you can group your holidays together for easier management. See the holiday hours documentation for details.

Campaign Management: Outbound Number: Outbound Number is a new feature for the Outbound Dialer that allows you to specify which outbound number to use when dialing out for each contact. With this new feature, you can rotate outbound phone numbers to have more control over the outbound phone numbers you use to make your outbound calls. For more information, see the Outbound Number documentation.

The g2-standard machine family with NVIDIA L4 is generally available for node pools in clusters running GKE version 1.22 and later. To select the machine family, use the --machine-type flag in your create command.

The storage per cluster limit has increased to 32 TiB.

This release includes new Permissions Pre-check functionality and UI messaging, which is available when provisioning Apigee with Pay-as-you-go pricing in the Google Cloud console. With the release of this feature, users are alerted when any permissions required to complete the provisioning operations are missing. The missing permissions and the steps to resolve are now identified in the UI messaging.

Ruby 3.2 is now generally available. This version requires you to specify an operating system version in your app.yaml file. Learn more.

Object tables are now generally available (GA).

Object tables are read-only tables containing metadata for unstructured data stored in Cloud Storage. They enable you to analyze and perform inference on images, audio files, documents and other file types by using BigQuery ML and BigQuery remote functions. Object tables extend the data security and governance best practices currently applied to structured data to unstructured data as well.

The GA release includes the following new and updated functions:

• ML.DECODE_IMAGE: Decodes image data so that it can be interpreted by the ML.PREDICT function.
• ML.CONVERT_COLOR_SPACE: Converts images with an RGB color space to a different color space.
• ML.CONVERT_IMAGE_TYPE: Converts the data type of the pixel values in an image.
• ML.RESIZE_IMAGE: Resizes images.
• ML.DISTANCE: Computes the distance between two vectors.
• ML.LP_NORM: Computes the Lᵖ norm for a vector, where ᵖ is the degree.

You can now create manual triggers, webhook triggers, or Pub/Sub triggers using Cloud Build repositories (2nd gen). This feature is available at the preview release stage. To learn more, see the Repositories overview page.

Custom audit logging for Cloud Storage is now available in Preview.

• JSON API requests now support user-defined headers that are prefixed with x-goog-custom-audit-.
• Cloud Audit Logs can subsequently include these headers as part of your request's audit log entry.

Datastream now supports backfill for PostgreSQL tables of any size. For more information, click here.

reCAPTCHA Enterprise Fraud Prevention is generally available.

You can use reCAPTCHA Enterprise Fraud Prevention to protect payment transactions against attacks such as carding, stolen instrument fraud, and account takeover payment fraud. For more information, see Protect payment transactions with Fraud Prevention.

The columnar engine now supports columns with json and jsonb data types.

The Cloud Router custom learned routes feature is in Preview. This feature lets you configure a Border Gateway Protocol (BGP) session to include learned routes that you manually specify. Cloud Router then behaves as if it learned the routes from the BGP peer.

Custom learned routes can be helpful if you want to avoid the limitations of static routes. For example:

• Static routes can't detect a loss of reachability in the next hop of a route. In contrast, custom learned routes can detect a loss of reachability, and they react accordingly to avoid dropping traffic without notification.

• Static routes do not support using HA VPN tunnels or Cloud Interconnect VLAN attachments as next hops. Custom learned routes do.

For more information, see Custom learned routes.

Cloud Run integrations (Preview) are now available in asia-east1, europe-west4, us-east1, and us-west1.

This release includes support for the following features:

• API and gcloud CLI support for the me-west1 region (Tel Aviv, Israel, Middle East).
• API support for GPUs is available in preview.
• Terraform support is available in preview.
• Posit Workbench (including RStudio Pro) integration is available in preview.
• BeyondCorp Enterprise integration for the Cloud Workstations API is available in preview.

Customers who do not have the oem_jar license feature enabled can now access the set_smtp_settings API endpoint.

The Looker IDE will now display an error when incompatible types are being compared in Liquid statements.

The Source column in the Admin > Queries panel now correctly displays the API version for queries that are initiated from the Looker API.

Cookieless embed API endpoints are now marked as stable.

When the filter definition for matches_filter is empty, 1=1 will be added to the WHERE clause so that there are no SQL errors and the query can run. This functionality mirrors the is equal to [empty] standard filter option.

When the Advanced Vis Config Labs feature is enabled, any user who has either the Looker Admin role or the can_override_vis_config permission can access the Advanced Visualization editor. This editor lets users modify HighCharts visualizations by exposing certain JSON parameters of the visualization to enable deep customization. These customizations will not dynamically interact with data.

Generative AI Support for Vertex AI

Generative AI Support for Vertex AI is now available in (Preview). With this feature launch, you can leverage the Vertex AI PaLM API to generate AI models that you can test, tune, and deploy in your AI-powered applications.

Features and models in this release include:

• PaLM 2 for Text: text-bison@001
• PaLM 2 for Chat: chat-bison@001
• Embedding for Text: textembedding-gecko@001
• Generative AI Studio for Language
• Tuning for PaLM 2
• Vertex AI SDK v1.25, which includes new features such as TextGenerationModel(text-bison@001), ChatModel(chat-bison@001), TextEmbeddingModel(textembedding-gecko@001)

You can interact with the generative AI features on Vertex AI by using Generative AI Studio in the Google Cloud console, the Vertex AI API, and the Vertex AI SDK for Python.

• Learn more about Generative AI Support for Vertex AI
• See an Introduction to Generative AI Studio
• Get started with a Generative AI Studio quickstart

Vertex AI Model Garden

The Vertex AI Model Garden is now available in (Preview). The Model Garden is a platform that helps you discover, test, customize, and deploy Vertex AI and select OSS models. These models range from tunable to task-specific - all available on the Model Garden page in the Google Cloud console.

• To get started, see Explore AI models and APIs in Model Garden.

Cloud logs support for Connectors tasks

You can now view the execution logs of a failed Connectors task in Apigee Integration.

For more information, see Execution Logs.

Cloud logs support for Connectors tasks

You can now view the execution logs of a failed Connectors task in Application Integration.

For more information, see Execution Logs.

You can now view BI Engine Top Tables Cached Bytes, BI Engine Query Fallback Count, and Query Execution Count as dashboard metrics for BigQuery. This feature is now generally available (GA).

EXTERNAL_QUERY SQL pushdown optimizes data retrieval from external sources like Cloud SQL or Cloud Spanner databases. Transferring less data reduces execution time and cost. SQL pushdown encompasses both column pruning (SELECT clauses) and filter pushdowns (WHERE clauses). SQL pushdown applies to SELECT * FROM T queries, a significant percentage of all federated queries. Pushdowns have limitations, for example not all data types are supported for filter pushdowns. This feature is generally available (GA).

You can now restrict the creation of Cloud Build builds, triggers, and repositories to a particular location using an Organization Policy Service constraint. This feature is generally available. To learn more, see Restricting Resource Locations.

Cloud Run services can now connect to Firebase Hosting for custom domains and CDN capabilities, using Integrations (Preview).

Support for logging the processing duration of your Cloud Spanner read and write requests is now available in Cloud Audit Logs. For more information, see Processing duration.

Resource ComputeFirewallPolicyRule(v1beta1):

• Added spec.match.destAddressGroups field.
• Added spec.match.destFqdns field.
• Added spec.match.destRegionCodes field.
• Added spec.match.destThreatIntelligences field.
• Added spec.match.srcAddressGroups field.
• Added spec.match.srcFqdns field.
• Added spec.match.srcRegionCodes field.
• Added spec.match.srcThreatIntelligences field.

Resource IAMWorkforcePoolProvider(v1beta1):

• Added spec.oidc.webSsoConfig field.

Added kernel support for nftables.

M108 update

This update of the M108 release includes the following:

• The following Deep Learning Containers images are now available:
  • Tensorflow 2.12 CPU with CUDA 11.8 and Python 3.10 (us-docker.pkg.dev/deeplearning-platform-release/gcr.io/tf-cpu.2-12.py310:latest)
  • Tensorflow 2.12 GPU with CUDA 11.8 and Python 3.10 (us-docker.pkg.dev/deeplearning-platform-release/gcr.io/tf-gpu.2-12.py310:latest)

M108 update

This update of the M108 release includes the following:

• The following Deep Learning VM images are now available:
  • Tensorflow 2.12 CPU with CUDA 11.8 and Python 3.10 (tf-2-12-cpu-debian-11-py310)
  • Tensorflow 2.12 GPU with CUDA 11.8 and Python 3.10 (tf-2-12-gpu-debian-11-py310)