Stay organized with collections
Save and categorize content based on your preferences.
The following release notes cover the most recent changes over the last 60 days.
For a comprehensive list of product-specific release notes, see the
individual product release note pages.
You can also see and filter all release notes in the
Google Cloud console or you
can programmatically access release notes in
BigQuery.
To get the latest product updates delivered to you, add the URL of this page to your
feed
reader, or add the feed URL directly.
You can also use the Google Cloud Console to enable private origin authentication for Amazon Simple Storage Service (Amazon S3) and compatible object stores.
Note:
When using Dataproc version 2.0.125 with the ranger-gcs-plugin, please create a customer support request for your project to use the enhanced version of the plugin prior to its GA release. This note does not apply Dataproc on Compute Engine image versions 2.1 and 2.2.
Disabled HiveServer2 Ranger policy synchronization in non-HA clusters for latest image version 2.1 and later. Policy synchronization is causing instability of the HiveServer2 process while trying to connect to ZooKeeper, which is not active by default in non-HA clusters.
For GKE clusters running version 1.31.1-gke.1146000 or later, Cloud Tensor Processing Unit (TPU) v3 machine types are generally available. These TPU VMs (ct3-hightpu-4t and ct3p-hightpu-4t) are currently available in us-east1-d, europe-west4-a, us-central1-a, us-central1-b, and us-central1-f. To learn more, see TPUs in GKE.
GKE control plane authority is now generally available with version 1.31.1-gke.1846000 or later. GKE control plane authority provides enhanced visibility, security controls, and customization of the GKE control plane. For more information, see the About GKE control plane authority.
Clusters that are experiencing stale endpoint resources and stale kube-dns entries are likely affected by Kubernetes issue #126578. Your cluster is most likely affected if endpoint resources consistently have incorrect Pod IPs. This issue has been fixed in the following GKE versions or later:
1.28.14-gke.1115000
1.29.9-gke.1207000
1.30.5-gke.1171000
1.31.1-gke.1414000
Spanner
A monthly digest of client library updates from across the Cloud SDK.
Enabling endToEndTracing support in Connection API (#3412) (16cc6ee)
Dependencies
Update dependency com.google.cloud:sdk-platform-java-config to v3.38.0 (#3424) (b727453)
Update dependency io.opentelemetry:opentelemetry-bom to v1.43.0 (#3399) (a755c6c)
Update dependency io.opentelemetry:opentelemetry-sdk-testing to v1.43.0 (#3398) (693243a)
Update googleapis/sdk-platform-java action to v2.48.0 (#3422) (d5d1f55)
Documentation
Fix tracing sample to exit when completed, and use custom monitored resource for export (#3287) (ddb65b1)
Vertex AI Agent Builder
Vertex AI Search: Stream answers (GA with allowlist)
The answer streaming method can return generated answers in sequential parts. This reduces the perception of latency. As the end users read the first part of the answer, the subsequent parts of the answer are being generated.
The answer streaming method also includes many of the features of the original answer method.
This feature is Generally available to select Google customers (GA with allowlist). For more information, see Stream answers.
October 30, 2024
Cloud Composer
A new Cloud Composer release has started on October 30, 2024. Get ready for upcoming changes and features as we roll out the new release to all regions. This release is in progress at the moment. Listed changes and features might not be available in some regions yet.
(Cloud Composer 3) Airflow workers now generate a proper OpenID Connect (OIDC) token.
(Airflow 2.9.3 and 2.7.3) The dbt-common package was downgraded from 1.11.0 to 1.10.0.
Generally available: General purpose C4A Arm VMs on Google's custom-built Axiom processors. C4A VMs are available as predefined configurations in sizes ranging from 1 vCPU to 72 vCPUs and up to 576 GB of DDR5 memory. C4A uses Google Cloud's latest generation storage options including Hyperdisk Balanced and Hyperdisk Extreme.
C4A VMs are available in the following regions and zones:
Singapore - asia-southeast1-a,b,c
Belgium - europe-west1-b,c,d
Frankfurt - europe-west3-a,b,c
Netherlands - europe-west4-a,b,c
Iowa - us-central1-a,b,c
South Carolina - us-east1-b,c,d
Virginia - us-east4-a,b,c
Generally available: You can autoscale a regional MIG with a BALANCED target distribution shape. With the BALANCED shape, the autoscaler is aware of the capacity in each zone and creates VMs in zones that have resource availability. For more information, see Autoscaling a regional MIG.
Google Kubernetes Engine
Weighted load balancing for GKE External LoadBalancer Services is now available in Preview. Weighted load balancing is a more efficient way to distribute traffic to nodes based on the number of serving Pods they have backing the Service. To learn more, see About LoadBalancer Services.
(2024-R42) Version updates
GKE cluster versions have been updated.
New versions available for upgrades and new clusters.
The following Kubernetes versions are now available for new clusters and for
opt-in control plane upgrades and node upgrades for existing clusters. For more
information on versioning and upgrades, see GKE versioning and support
and Upgrades.
Rapid channel
Version 1.31.1-gke.1846000 is now the default version for cluster creation in the Rapid channel.
The following versions are now available in the Rapid channel:
The following versions are no longer available in the Rapid channel:
1.28.14-gke.1217000
1.29.9-gke.1341000
1.30.5-gke.1355000
1.31.1-gke.1678000
1.31.1-gke.2008000
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.27 to version 1.28.14-gke.1340000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version 1.29.9-gke.1496000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version 1.30.5-gke.1443001 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version 1.31.1-gke.1846000 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version 1.28.14-gke.1340000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version 1.29.9-gke.1496000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version 1.30.5-gke.1443001 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.31 to version 1.31.1-gke.1846000 with this release.
Regular channel
Version 1.30.5-gke.1355000 is now the default version for cluster creation in the Regular channel.
The following versions are now available in the Regular channel:
The following versions are no longer available in the Regular channel:
1.28.14-gke.1099000
1.29.9-gke.1177000
1.30.5-gke.1014001
1.30.5-gke.1014003
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.27 to version 1.28.14-gke.1217000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version 1.29.9-gke.1341000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version 1.30.5-gke.1355000 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version 1.28.14-gke.1217000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version 1.29.9-gke.1341000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.30 to version 1.30.5-gke.1355000 with this release.
Stable channel
Version 1.30.5-gke.1014003 is now the default version for cluster creation in the Stable channel.
The following versions are no longer available in the Stable channel:
1.28.14-gke.1004000
1.29.8-gke.1278000
1.30.5-gke.1014001
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.27 to version 1.28.14-gke.1099000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version 1.29.9-gke.1177000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version 1.30.5-gke.1014003 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version 1.28.14-gke.1099000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version 1.29.9-gke.1177000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.30 to version 1.30.5-gke.1014003 with this release.
Extended channel
Version 1.30.5-gke.1355000 is now the default version for cluster creation in the Extended channel.
The following versions are now available in the Extended channel:
The following versions are no longer available in the Extended channel:
1.27.16-gke.1712000
1.28.14-gke.1099000
1.29.9-gke.1177000
1.30.5-gke.1014001
1.30.5-gke.1014003
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.28 to version 1.28.14-gke.1217000 with this release.
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.29 to version 1.29.9-gke.1341000 with this release.
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.30 to version 1.30.5-gke.1355000 with this release.
No channel
Version 1.30.5-gke.1355000 is now the default version for cluster creation.
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.27 to version 1.28.14-gke.1217000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.28 to version 1.29.9-gke.1341000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.29 to version 1.30.5-gke.1014003 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.28 to version 1.28.14-gke.1217000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.29 to version 1.29.9-gke.1341000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.30 to version 1.30.5-gke.1014003 with this release.
October 29, 2024
Cloud Load Balancing
All the Application Load Balancers, except the classic Application Load Balancer, now support stateful cookie-based session affinity. When you use stateful cookie-based affinity, the load balancer includes an HTTP cookie in the Set-Cookie header in response to the initial HTTP request. With stateful session affinity, customers can preserve stickiness to the selected backend.
You can now create and manage log scopes by using the Google Cloud CLI, in addition to using the Cloud Console and Terraform. Log scopes are in Public Preview. For more information, see
When an authenticated browser download occurs outside of the Google Cloud console, a resulting Data Access log has its principalEmail and callerIp fields redacted.
Google Kubernetes Engine
Three new metrics are added for measuring node and workload startup latency:
kubernetes.io/node/latencies/startup: The total startup latency of a node, from the GCE instance's CreationTimestamp to Kubernetes Node Ready for the first time.
kubernetes.io/pod/latencies/pod_first_ready: The Pod end-to-end startup latency (from Pod Created to Ready), including image pulls. This metric is available for clusters with GKE version 1.31.1-gke.1678000 or later.
kubernetes.io/autoscaler/latencies/per_hpa_recommendation_scale_latency_seconds: Horizontal Pod Autoscaling (HPA) scaling recommendation latency (the time between metrics being created and the corresponding scaling recommendation being applied to the API server) for the HPA target. This metric is available for clusters running the following versions or later:
1.30.4-gke.1348001
1.31.0-gke.1324000
Instance Group Managers for node pools created with version 1.30.5-gke.1523000 or later and 1.31.1-gke.1869000 or later will now have update on repair enabled by default. This will allow labels to persist upon Spot VM preemption.
Memorystore for Redis
Added support for the databases configuration. For more details, see the entry for databases in Supported Redis configurations.
SAP on Google Cloud
BigQuery Connector for SAP version 2.8
Version 2.8 of the BigQuery Connector for SAP is generally available (GA). This version offers several enhancements and bug fixes, including the record compression option at field level, a transaction to view the version of BigQuery Connector for SAP, and an enhancement spot for HTTP error handling.
AlloyDB for PostgreSQL now supports in-place major version upgrade in Preview. You can upgrade your cluster that is compatible with PostgreSQL version 14 to 15. For more information, see Upgrade a database in-place major version.
You can now configure more complicated retry strategies for tasks, such as retries based on the error codes or the variable values during the execution:
Configure multiple ordered conditional failure policies for each task.
Configure a default failure policy that will be applied if no conditional failure policies matches.
Dynamic Workload Scheduler for Batch is available in Preview. We recommend using Dynamic Workload Scheduler to improve resource availability for jobs that run on A3 GPU VMs when you don't intend to use a reservation. For more information, see Create and run a job that uses GPUs.
Cloud Load Balancing
To take advantage of the new features of the global external Application Load Balancer, you can now migrate your classic Application Load Balancer resources to the global external Application Load Balancer infrastructure.
To migrate to the global external Application Load Balancer, you change the load balancing scheme of your load balancing resources—specifically, the backend services and forwarding rules—from EXTERNAL to EXTERNAL_MANAGED. You can also rollback resources to the classic Application Load Balancer infrastructure, as long as you do so within 90 days of changing the load balancing scheme.
For more details on the migration process, see the following pages:
You can now use tags to annotate your log buckets and use the tags to manage access to the log buckets. For more information, see Manage log buckets by using tags.
A weekly digest of client library updates from across the Cloud SDK.
The capabilities for dashboard-level filtering has been enhanced. You can now configure pinned filters and variables to have multiple default values and support selection of multiple values. You can also create value-only variables and generate the list of possible values for a variable by running a SQL query. These features are in Public Preview. For more information, see the following documents:
Update gRPC ReadObject retry to avoid double retry (#2765) (1fc57b9)
Dependencies
Update dependency com.google.apis:google-api-services-storage to v1-rev20241008-2.0.0 (#2776) (0545b5e)
Update dependency com.google.cloud:sdk-platform-java-config to v3.38.0 (#2787) (a470e88)
Update gcr.io/cloud-devrel-public-resources/storage-testbench docker tag to v0.48.0 (#2781) (8fa013e)
Update gcr.io/cloud-devrel-public-resources/storage-testbench docker tag to v0.49.0 (#2782) (a7baffb)
Update googleapis/sdk-platform-java action to v2.48.0 (#2786) (2893e61)
You can now use the Google Cloud console to get soft delete recommendations for buckets. Soft delete recommendations help you determine when it's best to enable or disable the soft delete feature on a bucket based on impact to cost and security.
dataflow: Update google.golang.org/api to v0.203.0 (8bb87d5)
dataflow: WARNING: On approximately Dec 1, 2024, an update to Protobuf will change service registration function signatures to use an interface instead of a concrete type in generated .pb.go files. This change is expected to affect very few if any users of this client library. For more information, see https://togithub.com/googleapis/google-cloud-go/issues/11020. (8bb87d5)
Firestore in Datastore mode
A weekly digest of client library updates from across the Cloud SDK.
The notebooks use an updated high-performance container for single host multi-GPU LoRA fine-tuning.
Better throughput and GPU utilization with well-tested max-sequence-lengths.
Support for input token masking.
No out of memory (OOM) error during fine-tuning.
Added a custom dataset example that uses a template and format validation.
Support for a default accelerator pool with quota checks.
Improved documentation.
Google Kubernetes Engine
The A3 Edge (a3-edgegpu-8g) machine type with H100 80GB GPUs attached is now available on GKE Standard clusters. To learn more, see About GPUs.
Google SecOps
Google SecOps has updated the list of supported default parsers. Parsers are updated gradually, so it might take one to four days before you see the changes reflected in your region.
The following supported default parsers have changed. Each parser is listed by product name and log_type value, if applicable. This list now includes both released default parsers and pending parser updates.
AIX system (OS)
Apache Tomcat (Web server)
Apigee (Google Cloud Specific)
Aqua Security (IaaS Applications)
Aruba Switch (Network Infrastructure)
Auth0 (Authentication log)
AWS Cloudtrail (Cloud Log Aggregator)
AWS GuardDuty (IDS/IPS)
AWS RDS (Database)
AWS Route 53 DNS (AWS Specific)
AWS VPC Flow (AWS Specific)
Azure AD (LDAP)
Azure AD Sign-In (Misc Windows Specific)
Azure VPN (VPN)
Blue Coat Proxy (Web Proxy)
BMC Client Management (Security)
Checkpoint Audit (AUDIT)
Chrome Management (Browser)
Cisco ASA (firewall)
Cisco Internetwork Operating System (Network Infrastructure)
Cisco IronPort (Gateway Security)
Cisco Meraki (Wireless)
Cisco Router (Switches, Routers)
Cisco Switch (Switches, Routers)
Cisco UCM (Communication Manager)
Cisco Unity Connection (Administration and Management)
Google SecOps has updated the list of supported default parsers. Parsers are updated gradually, so it might take one to four days before you see the changes reflected in your region.
The following supported default parsers have changed. Each parser is listed by product name and log_type value, if applicable. This list now includes both released default parsers and pending parser updates.
AIX system (OS)
Apache Tomcat (Web server)
Apigee (Google Cloud Specific)
Aqua Security (IaaS Applications)
Aruba Switch (Network Infrastructure)
Auth0 (Authentication log)
AWS Cloudtrail (Cloud Log Aggregator)
AWS GuardDuty (IDS/IPS)
AWS RDS (Database)
AWS Route 53 DNS (AWS Specific)
AWS VPC Flow (AWS Specific)
Azure AD (LDAP)
Azure AD Sign-In (Misc Windows Specific)
Azure VPN (VPN)
Blue Coat Proxy (Web Proxy)
BMC Client Management (Security)
Checkpoint Audit (AUDIT)
Chrome Management (Browser)
Cisco ASA (firewall)
Cisco Internetwork Operating System (Network Infrastructure)
Cisco IronPort (Gateway Security)
Cisco Meraki (Wireless)
Cisco Router (Switches, Routers)
Cisco Switch (Switches, Routers)
Cisco UCM (Communication Manager)
Cisco Unity Connection (Administration and Management)
The ITALY_PASSPORT infoType detector is available in all regions. For more information about all built-in infoTypes, see InfoType detector reference.
Workflows
Two standard library functions to support common hashing algorithms have been added: compute_checksum and compute_hmac.
October 26, 2024
Google SecOps SOAR
Release 6.3.23 is currently in Preview.
Custom SMTP Configuration does not send emails with send_mail function in monitoring jobs (ID #52614371)
Unexpected behavior between system wide and user preference localization time zone settings. Following this bug fix, the default time zone is now set to UTC + 1. This does not override the user local settings. The admin needs to change the default timezone to the required timezone if needed. (ID #51914939, #52558921)
October 25, 2024
Cloud SQL for MySQL
When you run the backupRuns.GET API or the gcloud sql backups describe command, the maxChargeableBytes parameter now appears in the response. This parameter contains the maximum number of bytes that you can be charged for a backup.
Cloud SQL for PostgreSQL
When you run the backupRuns.GET API or the gcloud sql backups describe command, the maxChargeableBytes parameter now appears in the response. This parameter contains the maximum number of bytes that you can be charged for a backup.
Cloud SQL for SQL Server
When you run the backupRuns.GET API or the gcloud sql backups describe command, the maxChargeableBytes parameter now appears in the response. This parameter contains the maximum number of bytes that you can be charged for a backup.
Colab Enterprise
Colab Enterprise is now available in the following regions:
Generally available: The A3 Edge accelerator-optimized machine type is now available. The A3 Edge machine type has NVIDIA® H100 80GB GPUs attached and provides up to 800 Gbps of network bandwidth speed depending on the region. A3 Edge VMs are ideal for inference or training ML workloads that require a single node. The A3 Edge machine type is available in the following regions and zones:
Dataproc Serverless for Spark: Added common AI/ML Python packages by default to Dataproc Serverless for Spark 1.2 and 2.2 runtimes.
Dataproc Serverless for Spark: Upgraded Cloud Storage connector to 3.0.3 version in the latest 1.2 and 2.2 runtimes.
Google Distributed Cloud (software only) for VMware
Google Distributed Cloud (software only) for VMware 1.29.700-gke.110 is now available for download. To upgrade, see Upgrade a cluster or a node pool. Google Distributed Cloud 1.29.700-gke.110 runs on Kubernetes v1.29.8-gke.1800.
If you are using a third-party storage vendor, check the GDCV Ready storage partners document to make sure the storage vendor has already passed the qualification for this release.
After a release, it takes approximately 7 to 14 days for the version to become available for use with GKE On-Prem API clients: the Google Cloud console, the gcloud CLI, and Terraform.
The following issues are fixed in 1.29.700-gke.110:
Fixed the known issue that caused gkectl to display false warnings on admin cluster version skew.
Fixed the known issue that caused migrating a user cluster to Controlplane V2 to fail if secrets encryption has ever been enabled on the user cluster, even if it's already disabled.
Fixed the known issue that caused migrating an admin cluster from non-HA to HA to fail if the admin cluster had enabled secret encryption at 1.14 or earlier, and upgraded all the way from that version.
The following vulnerabilities are fixed in 1.29.700-gke.110:
New versions available for upgrades and new clusters.
The following Kubernetes versions are now available for new clusters and for
opt-in control plane upgrades and node upgrades for existing clusters. For more
information on versioning and upgrades, see GKE versioning and support
and Upgrades.
Rapid channel
Version 1.31.1-gke.1678000 is now the default version for cluster creation in the Rapid channel.
The following versions are now available in the Rapid channel:
The following versions are no longer available in the Rapid channel:
1.28.14-gke.1099000
1.29.9-gke.1177000
1.30.5-gke.1145000
1.31.1-gke.1146000
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.27 to version 1.28.14-gke.1217000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version 1.29.9-gke.1341000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version 1.30.5-gke.1355000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version 1.31.1-gke.1678000 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version 1.28.14-gke.1217000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version 1.29.9-gke.1341000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version 1.30.5-gke.1355000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.31 to version 1.31.1-gke.1678000 with this release.
Regular channel
The following versions are now available in the Regular channel:
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.31 to version 1.31.1-gke.1678000 with this release.
Stable channel
Version 1.30.5-gke.1014001 is now the default version for cluster creation in the Stable channel.
The following versions are now available in the Stable channel:
The following versions are no longer available in the Stable channel:
1.28.13-gke.1119000
1.29.8-gke.1211000
1.30.4-gke.1348001
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.27 to version 1.28.14-gke.1004000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version 1.29.8-gke.1278000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version 1.30.5-gke.1014001 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version 1.28.14-gke.1004000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version 1.29.8-gke.1278000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.30 to version 1.30.5-gke.1014001 with this release.
Extended channel
The following versions are now available in the Extended channel:
Version 1.27.16-gke.1342000 is no longer available in the Extended channel.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.27 to version 1.27.16-gke.1373000 with this release.
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.31 to version 1.31.1-gke.1678000 with this release.
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.29 to version 1.30.5-gke.1014001 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.30 to version 1.30.5-gke.1014001 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.31 to version 1.31.1-gke.1678000 with this release.
(2024-R41) Version updates
Version 1.31.1-gke.1678000 is now the default version for cluster creation in the Rapid channel.
The following versions are now available in the Rapid channel:
The following versions are no longer available in the Rapid channel:
1.28.14-gke.1099000
1.29.9-gke.1177000
1.30.5-gke.1145000
1.31.1-gke.1146000
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.27 to version 1.28.14-gke.1217000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version 1.29.9-gke.1341000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version 1.30.5-gke.1355000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version 1.31.1-gke.1678000 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version 1.28.14-gke.1217000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version 1.29.9-gke.1341000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version 1.30.5-gke.1355000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.31 to version 1.31.1-gke.1678000 with this release.
(2024-R41) Version updates
The following versions are now available in the Regular channel:
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.31 to version 1.31.1-gke.1678000 with this release.
(2024-R41) Version updates
Version 1.30.5-gke.1014001 is now the default version for cluster creation in the Stable channel.
The following versions are now available in the Stable channel:
The following versions are no longer available in the Stable channel:
1.28.13-gke.1119000
1.29.8-gke.1211000
1.30.4-gke.1348001
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.27 to version 1.28.14-gke.1004000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version 1.29.8-gke.1278000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version 1.30.5-gke.1014001 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version 1.28.14-gke.1004000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version 1.29.8-gke.1278000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.30 to version 1.30.5-gke.1014001 with this release.
(2024-R41) Version updates
The following versions are now available in the Extended channel:
Version 1.27.16-gke.1342000 is no longer available in the Extended channel.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.27 to version 1.27.16-gke.1373000 with this release.
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.31 to version 1.31.1-gke.1678000 with this release.
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.29 to version 1.30.5-gke.1014001 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.30 to version 1.30.5-gke.1014001 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.31 to version 1.31.1-gke.1678000 with this release.
Security Command Center
Event Threat Detection's Outgoing DoS finding has been shut down and is no longer available.
Sensitive Data Protection
The PARAGUAY_TAX_NUMBER infoType detector is available in all regions. For more information about all built-in infoTypes, see InfoType detector reference.
Vertex AI Search: Return only well-grounded answers with summaries and follow-ups (GA)
With the answer method, you can choose to filter out poorly-grounded answers. There are two filter levels: choose to return only answers with high grounding scores (at the risk of losing some helpful answers) or choose a lower filter to get more answers.
BigQuery provides context-aware transformation recommendations from Gemini for cleansing data for analysis. Data preparation is available in Preview.
Cloud Data Fusion
Using Dataproc version 2.2 in your Cloud Data Fusion pipeline can fail in some cases with the following error: ERROR [Driver:o.a.s.d.y.ApplicationMaster@97] - User class threw exception: java.lang.NoSuchMethodError: 'org.apache.spark.sql.catalyst.encoders.ExpressionEncoder org.apache.spark.sql.catalyst.encoders.RowEncoder.apply(org.apache.spark.sql.types.StructType)' at io.cdap.cdap.etl.spark.batch.OpaqueDatasetCollection.toDataframeCollection(OpaqueDatasetCollection.java:111).
To avoid this issue, change the Dataproc image to 2.1 (CDAP-21075).
Cloud Load Balancing
Global external Application Load Balancers and global external proxy Network Load Balancers can now load balance IPv6 traffic. The following backends have dual-stack support:
VM instance groups
Zonal NEGs (GCE_VM_IP_PORT endpoints)
You can also convert your existing single-stack load balancers from IPv4-only to dual stack (IPv4 and IPv6) deployments.
This feature is available in General Availability.
Cloud Logging
You can now create alerting policies that monitor the results of your SQL queries. For more information about SQL-based alerting policies, see the following documents:
You can now create alerting policies that monitor the results of your SQL queries. For more information about SQL-based alerting policies, see the following documents:
Upgraded app-containers/docker-credential-helpers to v0.8.2.
Upgraded app-containers/cni-plugins to v1.5.1.
Upgraded app-containers/docker-credential-gcr to v2.1.23.
Upgraded app-containers/containerd, app-containers/containerd-test to v1.7.20.
Upgraded app-admin/google-guest-configs to v20240725.00.
Upgraded dev-python/jsonpatch to v1.33.
Upgraded dev-python/netifaces to v0.11.0-r2.
Upgraded dev-lang/python-exec to v2.4.10.
Upgraded dev-db/sqlite to v3.46.0.
Upgraded dev-python/six to v1.16.0-r1.
Upgraded sys-libs/libcap-ng to v0.8.5.
Upgraded net-libs/libtirpc to v1.3.4-r3.
Upgraded net-fs/cifs-utils to v7.0-r1, Upgraded sys-libs/talloc to v2.4.2.
Upgraded dev-python/jinja to v3.1.4.
Upgraded sys-libs/libcap to v2.70.
Upgraded app-arch/pigz to v2.8.
Upgraded sys-fs/xfsprogs to v6.8.0.
Upgraded dev-python/pyserial to v3.5-r2.
Upgraded sys-libs/zlib to v1.3.1-r1.
Upgraded dev-python/configobj to v5.0.8.
Upgraded sys-libs/gdbm to v1.24.
Upgraded app-arch/lz4 to v1.10.0-r1.
Upgraded app-arch/unzip to v6.0_p27-r1.
Upgraded dev-libs/nss to v3.103.
Upgraded sys-apps/acl to v2.3.2-r1.
Updated R550, latest driver to v550.90.12.
Upgraded app-arch/libarchive to version 3.7.6. This fixed CVE-2024-48957, CVE-2024-48958.
Runtime sysctl changes:
Changed: fs.file-max: 812253 -> 812259
Upgraded app-containers/containerd to 1.7.23.
Dialogflow
Dialogflow CX & ES: In order to increase the stability of Cloud Text-to-speech, out-of-quota requests for Journey Voices will now be fulfilled with a fallback voice of the same speaker persona. To opt out, contact your Google account team.
Dialogflow CX & ES: Dialogflow now supports A-law encoding in addition to Mu-law encoding for input and output audio. A-law and Mu-law are the two available formats in G.711.
Google Distributed Cloud (software only) for bare metal
Release 1.29.700-gke.113
Google Distributed Cloud for bare metal 1.29.700-gke.113 is now available for download. To upgrade, see Upgrade clusters. Google Distributed Cloud for bare metal 1.29.700-gke.113 runs on Kubernetes 1.29.
After a release, it takes approximately 7 to 14 days for the version to become available for installations or upgrades with the GKE On-Prem API clients: the Google Cloud console, the gcloud CLI, and Terraform.
If you use a third-party storage vendor, check the Ready storage partners document to make sure the storage vendor has already passed the qualification for this release of Google Distributed Cloud for bare metal.
Fixes:
Fixed an issue where the control plane VIP might become unavailable because Keepalived didn't check correctly that the VIP is on a node with a responsive HAProxy.
Fixed an issue where bmctl restore fails due to etcd containers not starting correctly.
Fixed an issue where the registry mirror reachability check fails for a single unreachable registry mirror. Now the reachability check applies to configured registry mirrors only, instead of all registry mirrors.
The following container image security vulnerabilities have been fixed in 1.29.700-gke.113:
When using the CLI/API to create an instance, if the database version for the instance or replica that you're creating is PostgreSQL 16 and later, then the default Cloud SQL edition is Enterprise Plus.
When using the CLI/API to create an instance, If you either don't specify a database version or you specify a version other than PostgreSQL 16 and later, then the default Cloud SQL edition is Enterprise.
The following information applies to flags and extensions for PostgreSQL 17:
Announced billing changes for BigQuery users who are accessing Cloud Storage will now take effect February 1, 2025. These changes were originally set to take effect November 1, 2024.
Compute Engine
Generally available: You can extend the term lengths of your resource-based commitments beyond the preset 1 or 3 years and choose custom term lengths such as 2, 3.5, or 5.5 years. Term extensions let you tailor commitments to match your resource usage needs and keep receiving committed use discounts (CUDs) for a longer time.
(Only new Cloud Composer 2 environments, all versions) If a GKE Control Plane IP range is specified for an environment, GKE creates a new subnetwork in this range to provision the IP address for communication with the GKE Control Plane. Otherwise, the subnetwork specified in the Cloud Composer connection subnetwork range is used (this range defaults to the environment's subnetwork). For more information about IP ranges used by Cloud Composer environments, see Configure private IP networking.
(Airflow 2.9.3) The apache-airflow-providers-google package was upgraded to version 10.24.0 in Cloud Composer 2 images and Cloud Composer 3 builds. For more information about changes, see the apache-airflow-providers-google changelog from version 10.23.0 to version 10.24.0.
(Airflow 2.9.3) The apache-airflow-providers-cncf-kubernetes package was upgraded to version 9.0.0 in Cloud Composer 2 images and Cloud Composer 3 builds. For more information about changes, see the apache-airflow-providers-cncf-kubernetes changelog from version 8.4.2 to version 9.0.0.
(Airflow 2.9.3 and 2.7.3) Changes in preinstalled packages:
The grpcio package was downgraded from 1.66.2 to 1.65.5.
The js2py package was removed from dependencies.
The pyjsparser package was removed from dependencies.
The tzlocal package was removed from dependencies.
You can now emit client-side metrics for gRPC. To learn which metrics are supported and how to emit them, see Use gRPC client-side metrics.
Document AI
The Document AI section of the Google Cloud console now allows you to configure property descriptions as part of the Custom extractor processor-creation process.
Property description allows you to provide additional context, insights, and prior knowledge for each entity to improve extraction accuracy.
Property descriptions can be edited after schema creation. After you update the property descriptions, you will need to either call the pretrained models or create or fine-tune a new processor version for the changes to take effect.
Generative AI on Vertex AI
The Anthropic Claude Sonnet 3.5 v2 is Generally Available. To learn more, view the Claude Sonnet 3.5 v2 model card in Model Garden.
Artifact Analysis now supports scanning for vulnerabilities in the following types of operating systems:
AlmaLinux OS
Chainguard
Google Distroless
Red Hat Universal Base Image (UBI)
Rocky Linux
SUSE Linux Enterprise Server (SLES)
Wolfi
If the Container Scanning API is enabled, it scans container images pushed to Artifact Registry addressing these new operating systems, in addition to already supported operating system and language package vulnerabilities.
Artifact Analysis now supports manual scans for vulnerabilities in the following types of packages:
AlmaLinux OS
Chainguard
.NET
Google Distroless
NPM
PHP
Python
Ruby
Rust
Red Hat Universal Base Image (UBI)
Rocky Linux
SUSE Linux Enterprise Server (SLES)
Wolfi
You can use the On-Demand Scanning API to manually scan container images locally on your computer or in your registry. Artifact Analysis scans for vulnerabilities in these new packages types, in addition to already supported package types.
Backup and DR service added support to deploy new management console without the need to create private services access. You can also deploy backup/recovery appliances in any VPC available within the management console project.
Custom organization policies let you allow or deny specific operations on BigQuery Data Transfer Service transfer configurations to meet your organization's compliance and security requirements. This feature is generally available (GA).
Bigtable
A weekly digest of client library updates from across the Cloud SDK.
Cloud Run integrations are discontinued from the Google Cloud console and Google Cloud CLI for new users. If you are an existing user, you will continue to have access until January 2025. No action is required, your deployed services that use these integrations will continue to work. We recommend transitioning to use the individual product experiences for each integration you have deployed. For more information about configuring resources for your services to connect to other Google Cloud products, see Connect to Google Cloud services.
You can now use the Google Cloud Console to create the following load balancers in Premium Tier:
Regional external Application Load Balancer
Regional external proxy Network Load Balancer
Previously, only Standard Tier support was available in the Console.
Previously, the classic external Application Load Balancer had lenient HTTP/2 request parsing
that did not reject requests containing certain invalid characters in the request path. The same requests would have been rejected if they had arrived over HTTP/1 or HTTP/3.
Now, all HTTP requests, including HTTP/2 requests, are rejected if the path contains a character that isn't one of the following:
An allowed ASCII character specified in RFC 3986, sections 3.3 and 3.4.
One of the following special allowed characters: [ ] { } | ^
All other characters must be properly URL encoded.
You can identify rejected requests in the proxy logs by looking for the following:
The VMTD disabled finding category from Virtual Machine Threat Detection is no longer available. For more information about the finding categories that this built-in service provides, see Virtual Machine Threat Detection overview.
Spanner
Spanner Graph now supports the following functions:
DESTINATION_NODE_ID(): gets a unique identifier for a graph edge's destination node.
ELEMENT_ID(): gets a unique identifier for a graph element.
SOURCE_NODE_ID(): gets a unique identifier for a graph edge's source node.
Spanner now supports customer-managed encryption keys (CMEK) to protect databases in custom, dual-region, and multi-region instance configurations. For more information, see Customer-managed encryption keys (CMEK) overview.
A new release is available. This release may include some or all of the
following: general performance improvements, bug fixes, and updates to the
API reference documentation.
Stretched private clouds using `ve2' node types are now available in the following region:
Frankfurt, Germany, Europe (europe-west3)
Google Distributed Cloud (software only) for VMware
Google Distributed Cloud (software only) for VMware 1.28.1100-gke.91 is now available for download. To upgrade, see Upgrade a cluster or a node pool. Google Distributed Cloud 1.28.1100-gke.91 runs on Kubernetes v1.28.14-gke.200.
If you are using a third-party storage vendor, check the GDCV Ready storage partners document to make sure the storage vendor has already passed the qualification for this release.
After a release, it takes approximately 7 to 14 days for the version to become available for use with GKE On-Prem API clients: the Google Cloud console, the gcloud CLI, and Terraform.
The following issue is fixed in 1.28.1100-gke.91:
Fixed the known issue that caused gkectl to display false warnings on admin cluster version skew.
The following vulnerabilities are fixed in 1.28.1100-gke.91:
Google Distributed Cloud (software only) for bare metal
Release 1.28.1100-gke.94
Google Distributed Cloud for bare metal 1.28.1100-gke.94 is now available for download. To upgrade, see Upgrade clusters. Google Distributed Cloud for bare metal 1.28.1100-gke.94 runs on Kubernetes 1.28.
After a release, it takes approximately 7 to 14 days for the version to become available for installations or upgrades with the GKE On-Prem API clients: the Google Cloud console, the gcloud CLI, and Terraform.
If you use a third-party storage vendor, check the Ready storage partners document to make sure the storage vendor has already passed the qualification for this release of Google Distributed Cloud for bare metal.
Fixed an issue where the control plane VIP might become unavailable because Keepalived didn't check correctly that the VIP is on a node with a responsive HAProxy.
The following container image security vulnerabilities have been fixed in 1.28.1100-gke.94:
You can now use NVIDIA H100 80GB GPUs on GKE in the following smaller machine types:
a3-highgpu-1g (1 GPU)
a3-highgpu-2g (2 GPUs)
a3-highgpu-4g (4 GPUs)
These machine types are available through Dynamic Workload Scheduler Flex Start mode, Spot VMs in GKE Standard mode clusters, or Spot Pods in GKE Autopilot mode clusters. You can only provision these machine types if there's available capacity in your region.
GKE continues to support the 8 GPU H100 80GB machine types: a3-highgpu-8g and a3-megagpu-8g.
The new release of the GKE Gateway controller (2024-R2) is now generally available. With this release, the GKE Gateway controller provides the following new capabilities:
In GKE clusters with the control plane running version 1.29.1-gke.1425000 or later, TPU slice nodes support SIGTERM signals that alert the node of an imminent shutdown. The imminent shutdown notification is configurable up to five minutes in TPU nodes. To configure GKE to terminate your workloads gracefully within this notification timeframe, see Manage GKE node disruption for GPUs and TPUs.
(2024-R40) Version updates
GKE cluster versions have been updated.
New versions available for upgrades and new clusters
The following Kubernetes versions are now available for new clusters and for
opt-in control plane upgrades and node upgrades for existing clusters. For more
information on versioning and upgrades, see GKE versioning and support
and Upgrades.
Rapid channel
The following versions are now available in the Rapid channel:
The following versions are no longer available in the Rapid channel:
1.28.14-gke.1175000
1.31.1-gke.1621000
Regular channel
The following versions are no longer available in the Regular channel:
1.28.14-gke.1004000
1.29.8-gke.1278000
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.27 to version 1.28.14-gke.1099000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version 1.29.9-gke.1177000 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version 1.28.14-gke.1099000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version 1.29.9-gke.1177000 with this release.
Stable channel
Version 1.30.4-gke.1348001 is now the default version for cluster creation in the Stable channel.
The following versions are now available in the Stable channel:
The following versions are no longer available in the Stable channel:
1.28.13-gke.1049000
1.29.8-gke.1096000
1.30.3-gke.1969002
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.27 to version 1.28.13-gke.1119000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version 1.29.8-gke.1211000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version 1.30.4-gke.1348001 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version 1.28.13-gke.1119000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version 1.29.8-gke.1211000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.30 to version 1.30.4-gke.1348001 with this release.
The following versions are no longer available in the Extended channel:
1.27.16-gke.1576000
1.28.14-gke.1004000
1.29.8-gke.1278000
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.28 to version 1.28.14-gke.1099000 with this release.
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.29 to version 1.29.9-gke.1177000 with this release.
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.27 to version 1.28.14-gke.1099000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.28 to version 1.29.9-gke.1177000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.29 to version 1.30.4-gke.1348001 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.28 to version 1.28.14-gke.1099000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.29 to version 1.29.9-gke.1177000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.30 to version 1.30.4-gke.1348001 with this release.
(2024-R40) Version updates
The following versions are now available in the Rapid channel:
The following versions are no longer available in the Rapid channel:
1.28.14-gke.1175000
1.31.1-gke.1621000
(2024-R40) Version updates
The following versions are no longer available in the Regular channel:
1.28.14-gke.1004000
1.29.8-gke.1278000
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.27 to version 1.28.14-gke.1099000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version 1.29.9-gke.1177000 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version 1.28.14-gke.1099000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version 1.29.9-gke.1177000 with this release.
(2024-R40) Version updates
Version 1.30.4-gke.1348001 is now the default version for cluster creation in the Stable channel.
The following versions are now available in the Stable channel:
The following versions are no longer available in the Stable channel:
1.28.13-gke.1049000
1.29.8-gke.1096000
1.30.3-gke.1969002
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.27 to version 1.28.13-gke.1119000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version 1.29.8-gke.1211000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version 1.30.4-gke.1348001 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version 1.28.13-gke.1119000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version 1.29.8-gke.1211000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.30 to version 1.30.4-gke.1348001 with this release.
The following versions are no longer available in the Extended channel:
1.27.16-gke.1576000
1.28.14-gke.1004000
1.29.8-gke.1278000
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.28 to version 1.28.14-gke.1099000 with this release.
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.29 to version 1.29.9-gke.1177000 with this release.
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.27 to version 1.28.14-gke.1099000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.28 to version 1.29.9-gke.1177000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.29 to version 1.30.4-gke.1348001 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.28 to version 1.28.14-gke.1099000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.29 to version 1.29.9-gke.1177000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.30 to version 1.30.4-gke.1348001 with this release.
Directed reads are Generally Available. This feature provides the flexibility to route read-only transactions and single reads to a specific replica type or region in a multi-region instance configuration. For more information, see Directed reads.
Vertex AI Agent Builder
Vertex AI Search: CMEK for US and EU (GA) and CMEK with EKM and HSM (GA with allowlist)
Customer-managed encryption keys (CMEK) are Generally available (GA) in the US and the EU. You no longer need to be added to an allowlist to use CMEK. If you store your data in a US or EU multi-region data store, you can provide your own encryption key to protect your data at rest.
Using external key manager (EKM) or hardware security module (HSM) with CMEK is in GA with allowlist.
Cloud SQL for MySQL now supports minor version 8.0.39. To upgrade your existing MySQL 8.0 instance to the new version, see Upgrade the database minor version.
Compute Engine
End of life: On October 31, 2024, SLES 12 SP5 and SLES 12 SP5 for SAP are reaching end of life and the images will be deprecated on Google Cloud. If you use SLES 12 SP5 or SLES 12 SP5 for SAP images in your project, review Long Term Service Support Pack (LTSS) options.
Config Connector
Config Connector version 1.124.0 is now available.
The direct resource development guide is now available for contributors
To improve the Config Connector resource development process, we have a new development guide to contributing resources to Config Connector with the direct reconciliation process. This new approach makes contributing more reliable and consistent with Kubernetes development practices. For more information, read the new Direct resource development guide.
RedisCluster is promoted from alpha to beta (Direct Reconciler).
CertificateManagerDNSAuthorization
Add the spec.Location field.
ComputeForwardingRule
Added spec.target.googleApisBundle field (allowed values are all-apis or vpc-sc). Note, when configuring this field, the resource will use direct reconciliation.
CertificateManagerDNSAuthorization is migrated from the Terraform-based to the new Direct controller to enhance reliability and performance. The resource CRD is unchanged.
Added missing release notes for stretched private cloud availability using ve2 node types in Sydney, Australia, APAC (australia-southeast1-b)
Google Kubernetes Engine
In GKE version 1.31.1-gke.1621000 and later, the kube_pod_resource_request metric and the kube_pod_resource_limit metric are exported as part of the the scheduler metrics package.
Support for toxic combination findings on AWS resources. This feature is available in Preview.
Addition of a new Toxic Combination Cases TTR and Trend widget on the Posture overview page of the Google Security Operations console. The widget details the trends for open and closed toxic combination cases for a specific time range.
October 15, 2024
Artifact Registry
Organization policy constraints for Artifact Registry is available in General Availability.
Hierarchical namespace for Cloud Storage buckets is generally available (GA). With hierarchical namespace, you can store your data in a logical file system structure.
Compute Engine
Generally available: In addition to the A3 High machine type that has 8 NVIDIA H100 GPUs attached, we now have smaller machine types available that have 1, 2, or 4 NVIDIA H100 GPUs attached. These smaller machine types are ideal for workloads such as inference, simulations, and small-scale training.
All release notes published on this date are part of version 3.27.
The timing of the update to your instance depends on the deployment schedule that you have chosen. For more information, see Deployment schedules.
Spelling and grammar check
The agent adapter now provides spelling and grammar checking. Agents can choose from spelling and grammar suggestions while entering text in the agent adapter. You can enable spelling and grammar check globally or at the queue level. For more information, see Check spelling and grammar.
Voice detection for auto-answer
You can now configure auto-answer to listen for an agent's voice after a call is connected. If no voice is detected after the specified time, the call is considered missed by the agent. For more information, see Auto answer.
Agents in the US and Canada can now make calls to emergency services. Agents in Canada can make calls to other special services. You can set up queues for callback from emergency or special services.
Conversational Agents (Dialogflow CX) is supported in additional regions
Conversational Agents (Dialogflow CX) is now supported in additional regions. This can help you optimize performance by keeping your support agents closer to your services and end-users. For more information, see Regionalization and location settings.
Fixed an issue where queue-level caller announcements were not working properly.
Fixed an issue where multiple contacts could be created for the same contact.
Dataplex
Some of the BigQuery metadata that is stored in Dataplex Catalog is changing. If you have workloads that depend on BigQuery metadata, you must adjust them to preserve continuity. For more information about the scope of this change and what you need to do, see Changes to BigQuery metadata stored in Dataplex Catalog.
Dataplex is available in Dammam (me-central2). For more information, see Locations and Pricing.
Google Kubernetes Engine
On GKE Autopilot clusters running version 1.30 and later, partner workloads that set AppArmor profiles might unexpectedly be rejected at admission. This might include installations of Prisma Defender, Wiz Runtime Sensor, Sentinel One Agent, Checkpoint CloudGuard, Aqua Security Enforcer and Splunk OTEL Collector.
The following GKE versions contain a fix for this issue:
For newly-created VPC Peering-based clusters running version 1.27 or later, traffic from the kube-apiserver to nodes routes through the Konnectivity service. For existing VPC Peering-based clusters, GKE gradually migrates your cluster to use the Konnectivity service.
You can now create workloads with multiple network interfaces in GKE Autopilot clusters running version 1.29.5-gke.1091000 and later or version 1.30.1-gke.1280000 and later. For more information, see Setup multi-network support for Pods.
Google SecOps
Google SecOps has updated the list of supported default parsers. Parsers are updated gradually, so it might take one to four days before you see the changes reflected in your region.
The following supported default parsers have changed. Each parser is listed by product name and log_type value, if applicable. This list now includes both released default parsers and pending parser updates.
Google SecOps has updated the list of supported default parsers. Parsers are updated gradually, so it might take one to four days before you see the changes reflected in your region.
The following supported default parsers have changed. Each parser is listed by product name and log_type value, if applicable. This list now includes both released default parsers and pending parser updates.
deps: Update the Java code generator (gapic-generator-java) to 2.47.0 (90b88ee)
Dependencies
Update dependency com.google.cloud:sdk-platform-java-config to v3.37.0 (#1702) (1f7da17)
Cloud Monitoring
You can now use the Monitoring API to configure a metric-based alerting policy to send notifications when incidents are closed. For more information, see AlertStrategy in the Monitoring API documentation.
Cloud Storage
A weekly digest of client library updates from across the Cloud SDK.
Dataproc Clusters created with image versions 2.0.57+, 2.1.5+, or 2.2+: Secondary workers' control plane operations are made by the Dataproc Service Agent service account (service-<project-number>@dataproc-accounts.iam.gserviceaccount.com). They will no longer use the Google APIs Service Agent service account (<project-number>@cloudservices.gserviceaccount.com).
Creating regional secrets using Secret Manager is now in Generally Availability (GA). Regional secrets let you store your sensitive data within a specific geographic location, ensuring it remains in that region at all times – whether at rest, in use, or in transit. Regional secrets are crucial for meeting data residency requirements and complying with regulatory mandates.
For information about all tasks related to creating and managing regional secrets, see the Regional service documentation.
Vertex AI Search: Answers with summaries and follow-ups for blended search apps (GA with allowlist)
The answer method can be used to query blended search apps. You can apply the answer method to blended search apps in the same way that you apply the method to search apps that are connected to only one data store.
This feature is Generally available to select Google customers (GA with allowlist). For more information, see Get answers and follow-ups.
October 13, 2024
Google SecOps SOAR
Release 6.3.22 is currently in Preview.
Gemini Case Summary has been added as a placeholder to playbook actions. You can now use this to show the AI-generated case summary in a playbook action. Note that the playbook will only include this summary if it is available.
NOTE: This bug fix did not get fixed in 6.3.22 but was moved to 6.3.23.
Unexpected behavior between system-wide and user preference localization time zone settings. Following this bug fix, the default time zone is now set to UTC + 1. This does not override the user local settings. The admin needs to change the default time zone to the required time zone if needed. (ID #51914939, #52558921)
The Remote Agent page doesn't display all the integrations and connectors. (ID #53428660)
Advanced Reports not displaying all the information. (ID #52923225, #00298032, #52553071)
Vw Dashboard Alerts HasPlaybook column shows incorrect information. (ID #53304589)
Issue with Siemplify Create or Update Entity action. (ID #53053446)
The search_everything database is displaying incorrect entity values. (ID #52746256)
SDK _get_case_by_id function does not return case tags, even though the case has tags.
Case Close Root Causes may cause errors when removed from playbook. (ID #50942408)
CaseSearchEverything API time zone discrepancies. (ID #52558921)
Playbook errors remain in the Pending Actions widget even after re-running their playbook. (ID #00274123)
Parallel action name changes are not reflecting the subsequent actions in a playbook. (ID #352725736)
October 11, 2024
Apigee UI
On October 11, 2024, we released an updated version of the Apigee UI.
Bug ID
Description
357165778
VerifyIAM policy selection removed for hybrid organizations.
The VerifyIAM policy is not supported for hybrid-enabled Apigee organizations. It has been removed as an option in the Proxy Editor.
372224845
Offline debug page not loading
Fixed issue where the offline debug page would not load if a debug session was loaded elsewhere in the UI previously.
Datastream is now available in the me-central2 (Dammam) region. For the list of all available regions, see IP allowlists and regions.
Google Cloud Architecture Center
(New series) Architecture Framework: AI and ML perspective: Describes principles and recommendations that are specific to AI and ML, for each pillar of the Architecture Framework: operational excellence, security, reliability, cost optimization, and performance optimization.
Google Kubernetes Engine
(2024-R39) Version updates
GKE cluster versions have been updated.
New versions available for upgrades and new clusters
The following Kubernetes versions are now available for new clusters and for
opt-in control plane upgrades and node upgrades for existing clusters. For more
information on versioning and upgrades, see GKE versioning and support
and Upgrades.
Rapid channel
Version 1.31.1-gke.1146000 is now the default version for cluster creation in the Rapid channel.
The following versions are now available in the Rapid channel:
The following versions are no longer available in the Rapid channel:
1.27.16-gke.1373000
1.27.16-gke.1478000
1.29.8-gke.1278000
1.30.5-gke.1014000
1.31.1-gke.1000000
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version 1.29.9-gke.1177000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version 1.30.5-gke.1145000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version 1.31.1-gke.1146000 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version 1.29.9-gke.1177000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version 1.30.5-gke.1145000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.31 to version 1.31.1-gke.1146000 with this release.
Regular channel
Version 1.30.5-gke.1014001 is now the default version for cluster creation in the Regular channel.
The following versions are now available in the Regular channel:
The following versions are no longer available in the Regular channel:
1.27.16-gke.1342000
1.27.16-gke.1373000
1.28.13-gke.1119000
1.29.8-gke.1211000
1.30.4-gke.1348000
1.30.4-gke.1348001
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.27 to version 1.28.14-gke.1004000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version 1.29.8-gke.1278000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version 1.30.5-gke.1014001 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version 1.28.14-gke.1004000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version 1.29.8-gke.1278000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.30 to version 1.30.5-gke.1014001 with this release.
Stable channel
Version 1.30.3-gke.1969002 is now the default version for cluster creation in the Stable channel.
The following versions are now available in the Stable channel:
The following versions are no longer available in the Stable channel:
1.27.16-gke.1148001
1.27.16-gke.1258000
1.27.16-gke.1287000
1.28.13-gke.1024000
1.29.8-gke.1057000
1.30.3-gke.1969001
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.27 to version 1.28.13-gke.1049000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version 1.29.8-gke.1096000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version 1.30.3-gke.1969002 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version 1.28.13-gke.1049000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version 1.29.8-gke.1096000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.30 to version 1.30.3-gke.1969002 with this release.
Extended channel
Version 1.30.5-gke.1014001 is now the default version for cluster creation in the Extended channel.
The following versions are now available in the Extended channel:
The following versions are no longer available in the Extended channel:
1.28.13-gke.1119000
1.29.8-gke.1211000
1.30.4-gke.1348000
1.30.4-gke.1348001
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.28 to version 1.28.14-gke.1004000 with this release.
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.29 to version 1.29.8-gke.1278000 with this release.
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.30 to version 1.30.5-gke.1014001 with this release.
No channel
Version 1.30.5-gke.1014001 is now the default version for cluster creation.
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.27 to version 1.28.14-gke.1004000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.28 to version 1.29.8-gke.1278000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.29 to version 1.30.3-gke.1969002 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.28 to version 1.28.14-gke.1004000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.29 to version 1.29.8-gke.1278000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.30 to version 1.30.3-gke.1969002 with this release.
(2024-R39) Version updates
Version 1.31.1-gke.1146000 is now the default version for cluster creation in the Rapid channel.
The following versions are now available in the Rapid channel:
The following versions are no longer available in the Rapid channel:
1.27.16-gke.1373000
1.27.16-gke.1478000
1.29.8-gke.1278000
1.30.5-gke.1014000
1.31.1-gke.1000000
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version 1.29.9-gke.1177000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version 1.30.5-gke.1145000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version 1.31.1-gke.1146000 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version 1.29.9-gke.1177000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version 1.30.5-gke.1145000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.31 to version 1.31.1-gke.1146000 with this release.
(2024-R39) Version updates
Version 1.30.5-gke.1014001 is now the default version for cluster creation in the Regular channel.
The following versions are now available in the Regular channel:
The following versions are no longer available in the Regular channel:
1.27.16-gke.1342000
1.27.16-gke.1373000
1.28.13-gke.1119000
1.29.8-gke.1211000
1.30.4-gke.1348000
1.30.4-gke.1348001
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.27 to version 1.28.14-gke.1004000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version 1.29.8-gke.1278000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version 1.30.5-gke.1014001 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version 1.28.14-gke.1004000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version 1.29.8-gke.1278000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.30 to version 1.30.5-gke.1014001 with this release.
(2024-R39) Version updates
Version 1.30.3-gke.1969002 is now the default version for cluster creation in the Stable channel.
The following versions are now available in the Stable channel:
The following versions are no longer available in the Stable channel:
1.27.16-gke.1148001
1.27.16-gke.1258000
1.27.16-gke.1287000
1.28.13-gke.1024000
1.29.8-gke.1057000
1.30.3-gke.1969001
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.27 to version 1.28.13-gke.1049000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version 1.29.8-gke.1096000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version 1.30.3-gke.1969002 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version 1.28.13-gke.1049000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version 1.29.8-gke.1096000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.30 to version 1.30.3-gke.1969002 with this release.
(2024-R39) Version updates
Version 1.30.5-gke.1014001 is now the default version for cluster creation in the Extended channel.
The following versions are now available in the Extended channel:
The following versions are no longer available in the Extended channel:
1.28.13-gke.1119000
1.29.8-gke.1211000
1.30.4-gke.1348000
1.30.4-gke.1348001
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.28 to version 1.28.14-gke.1004000 with this release.
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.29 to version 1.29.8-gke.1278000 with this release.
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.30 to version 1.30.5-gke.1014001 with this release.
(2024-R39) Version updates
Version 1.30.5-gke.1014001 is now the default version for cluster creation.
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.27 to version 1.28.14-gke.1004000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.28 to version 1.29.8-gke.1278000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.29 to version 1.30.3-gke.1969002 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.28 to version 1.28.14-gke.1004000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.29 to version 1.29.8-gke.1278000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.30 to version 1.30.3-gke.1969002 with this release.
Security Command Center
Working with findings and resources in the Security Operations console
The ability to work with findings and resources using the Security Operations console is now in General Availability. This feature is available only to Security Command Center Enterprise customers.
The following capabilities were added since the Preview release of this feature:
The autocomplete menu suggests possible values when your write queries in the Query editor. During Preview, the autocomplete menu suggested only filter names and functions.
Your sort and column settings are retained within the current session.
Sensitive Data Protection
The KOREA_DRIVERS_LICENSE_NUMBER infoType detector is available in all regions. For more information about all built-in infoTypes, see InfoType detector reference.
On October 10, 2024, we released an updated version of Apigee.
Apigee no longer limits the number of Cloud projects that can connect to an Apigee instance. Previously, the limit was 50 projects. For each project, you can now create up to 100 Private Service Connect Network Endpoint Groups. The previous limit was 20. For any Apigee instances created before October 10, 2024, you must perform an update to the consumer accept list for an Apigee instance if you want to take advantage of these new limits. See Updating the consumer accept list for an Apigee instance. See also Limits.
BigQuery
BigQuery tables for Apache Iceberg bring the convenience of BigQuery storage optimization to Apache Iceberg tables that reside in your own cloud buckets. BigQuery tables for Apache Iceberg let you use BigQuery without moving data out of buckets that you control. This feature is now in preview.
In the data lineage list view, you can filter lineage information based on the time that lineage occurred. For more information, see About data lineage.
In the data lineage list view, you can filter lineage information based on the time that lineage occurred. For more information, see About data lineage.
Dialogflow
Conversational Agents: The gemini-1.5-flash-001model is generally available (GA) for data store handlers as of August 20, 2024. The gemini-1.5-flash-002 model remains public Preview.
Google Cloud Deploy
You can now block rollouts during a specified time window, using deploy policies, in preview.
Cloud Deploy now uses Skaffold 2.13 as the default Skaffold version, as of October 4, 2024, for all target types.
Google Distributed Cloud (software only) for VMware
Google Distributed Cloud (software only) for VMware 1.30.200-gke.101 is now available for download. To upgrade, see Upgrade a cluster or a node pool. Google Distributed Cloud 1.30.200-gke.101 runs on Kubernetes v1.30.4-gke.1800.
If you are using a third-party storage vendor, check the GDCV Ready storage partners document to make sure the storage vendor has already passed the qualification for this release.
After a release, it takes approximately 7 to 14 days for the version to become available for use with GKE On-Prem API clients: the Google Cloud console, the gcloud CLI, and Terraform.
Removed TLS/SSL weak message authentication code cipher suites in the vSphere cloud controller manager.
The following issues are fixed in 1.30.200-gke.101:
Fixed the known issue that caused migrating a user cluster to Controlplane V2 to fail if secrets encryption had ever been enabled.
Fixed the known issue that caused migrating an admin cluster from non-HA to HA to fail if secret encryption was enabled.
Fixed the issue that caused the Pre-upgrade tool to block upgrading a user cluster to version 1.30 or higher because of an incorrect storage driver validator check.
The following vulnerabilities are fixed in 1.30.200-gke.101:
Google Distributed Cloud (software only) for bare metal
Release 1.30.200-gke.101
Google Distributed Cloud for bare metal 1.30.200-gke.101 is now available for download. To upgrade, see Upgrade clusters. Google Distributed Cloud for bare metal 1.30.200-gke.101 runs on Kubernetes 1.30.
After a release, it takes approximately 7 to 14 days for the version to become available for installations or upgrades with the GKE On-Prem API clients: the Google Cloud console, the gcloud CLI, and Terraform.
If you use a third-party storage vendor, check the Ready storage partners document to make sure the storage vendor has already passed the qualification for this release of Google Distributed Cloud for bare metal.
Updated the bmctl update command to identify differences (if any) between the preview feature annotations in the cluster configuration file and the annotations in the deployed Cluster resource.
Fixes:
Fixed an issue where the control plane VIP might become unavailable because Keepalived didn't check correctly that the VIP is on a node with a responsive HAProxy.
Fixed Cloud Audit Logging failure due to allowlisting issue with multiple project IDs.
The following container image security vulnerabilities have been fixed in 1.30.200-gke.101:
The following cart conversion are now available in the New Search Ads 360 connector:
Orders (Cart)
Avg. cart size
Avg. order value
Cross-sell cost of goods sold
Cross-sell gross profit
Cross-sell revenue
Cross-sell units sold
Lead cost of goods sold
Lead gross profit
Lead revenue
Lead units sold
Cost of goods sold
Gross profit
Revenue (Cart)
Units sold (Cart)
Sensitive Data Protection
The INDONESIA_PASSPORT infoType detector is available in all regions. For more information about all built-in infoTypes, see InfoType detector reference.
Spanner
Spanner now lets you create incremental backups through a backup schedule. You can specify when and how often backups are created, and how long they're retained.
An incremental backup contains only the data that has changed since the previous backup. Incremental backups typically consume less storage, and can help reduce your storage costs.
Incremental backups are available on the Enterprise and Enterprise Plus editions.
For more information about incremental backups, see Backups overview.
Spanner is now available on Database Center in Preview. You can track your Spanner resources in the fleet inventory section and the resource table in the Database Center. You can also use Database Center to monitor the following health issues for your Spanner resources:
An open-source Cassandra to Spanner proxy adapter is now available. You can use it to migrate workloads from Cassandra or DataStax Enterprise (DSE) to Spanner without making any changes to your application logic. For more information, see Cassandra to Spanner proxy adapter.
reCAPTCHA
reCAPTCHA Mobile SDK v18.7.0-beta01 is now available for Android.
This version contains a dependency on com.google.android.gms:play-services-recaptchabase for enhanced detection.
You can now view and apply workload updates to ensure that your workloads are using the most recent control package configuration. This feature is available in the Preview stage.
Ops Agent release 2.51.0 adds support for Compute Engine Arm VMs that are running Rocky Linux 8.
Cloud Monitoring
With the Ops Agent version 2.51.0, you can now collect a set of observability metrics from NVIDIA Data Center GPU Manager (DCGM). For more information, see NVIDIA Data Center GPU Manager (DCGM).
Your App Hub applications are now writing metadata labels. You can use these labels to filter the data displayed by a chart or monitored by an alerting policy. App Hub labels have the prefix of apphub_.
From the context of an App Hub host, you can now view system metrics for your applications. To view system metrics stored in multiple projects, configure the metrics scope of the App Hub host project. For more information, see the following documents:
Ops Agent release 2.51.0 adds support for Compute Engine Arm VMs that are running Rocky Linux 8.
Cloud SQL for SQL Server
Cloud SQL configures the max server memory (mb) flag based on the instance size automatically by limiting the amount of memory that SQL Server can allocate for its internal pools. For more information, see Configure database flags.
You can export the transaction logs for point-in-time recovery (PITR) that Cloud SQL stores in Cloud Storage. This feature is in Preview.
Compute Engine
Public preview: Instance flexibility in a managed instance group (MIG) lets you configure multiple machine types in the group. This can improve resource availability for applications that require large-scale capacity and high-demand hardware. For more information, see
About instance flexibility in MIGs.
Generative AI on Vertex AI
The Vertex AI Gemini API SDK supports tokenization capabilities for local token counting and computation. This is a streamlined way to compute tokens locally, ensuring compatibility across different Gemini models and their tokenizers. Supported models include gemini-1.5-flash and gemini-1.5-pro . To learn more, see Count tokens.
Cloud Armor support for regional internal Application Load Balancers is Generally Available. You can use the regional backend security policy type with this load balancer. For more information, see types of security policies.
Google Cloud VMware Engine
VMware Engine ve2 nodes are available in Frankfurt, Germany, Europe (europe-west3-b).
VMware Engine ve1 nodes are available in Jurong West, Singapore, APAC (asia-southeast1-b).
Looker
Looker 24.18 includes the following changes, features, and fixes:
Expected Looker (original) deployment start: Monday, October 14, 2024
Expected Looker (original) final deployment and download available: Thursday, October 24, 2024
Expected Looker (Google Cloud core) final deployment: Monday, October 28, 2024
As of Looker 24.18, Google Maps is the only visualization engine for all map visualizations. The Legacy Maps chart type has been removed from Looker. The Allow Legacy Maps Legacy feature has been removed. Please reach out to Looker Support if you encounter any issues.
Note: As of October 17, 2024, this feature has been disabled to resolve an issue. When the feature is available, this release note will be updated. In Looker application API methods that include a query_id field, or, in the case of Query APIs, an id field, the query_id and id fields no longer accept a numeric value and now require a query slug value.
The LookML validator will now return an error if an Explore name contains the % character. The % character will also be highlighted as an invalid character for object names in the Looker IDE.
The Studio in Looker feature is now available to preview for most Looker-hosted and Looker (Google Cloud core) instances. This opt-in feature lets you create, view, and edit Looker Studio reports in your Looker instance, including both governed and ad hoc data. You can share and manage your reports in Looker folders and see your recent reports and the reports that you have marked as favorites from the Looker Home page.
For more information, see the Studio in Looker Public Preview documentation:
Both Looker (Google Cloud core) customers and Looker (original) customers who use Google OAuth for authentication must sign up for the preview using the Sign-up for Looker Cloud Core form. Looker (Google Cloud core) customers who use Google OAuth authentication only need to submit the form once.
Looker (original) customers who use authentication methods other than Google OAuth do not need to submit the sign-up form.
Note: This release notes item was updated on October 10, 2024 to include the list of Public Preview documents. This release note was also updated on October 15, 2024 to clarify which customers are required to submit the sign-up form.
The Chart Config Editor now lets you change the data label color.
The Chart Config Editor now supports a {log} variable, which returns all available data values for an attribute. We recommend that you use this feature only while building and testing visualizations, as it can affect visualization performance.
Improved search now returns more complete results for folders and Explores.
The Home page now displays updated Favorites and Recently Viewed sections.
The Explore query tracker is now generally available. The query tracker includes a progress bar that appears in the Explore UI when a query is running and that tracks the phases of the query. The GA release includes a new sidebar with a detailed breakdown of times for each query stage as well as a new System Activity dashboard for query performance that enables deeper exploration. Note: This item was added to the release notes on October 10, 2024.
An issue has been fixed where the model_fieldname_suggestions API failed to generate suggestions when a suggest_explore and suggest_dimension were defined. This feature now performs as expected.
When a field is referenced in a SQL field that does not allow field references, such as sql_table_name, the LookML validator message that is returned is now more descriptive.
Previously, interacting with chart legends could impact visualization performance. This feature now performs as expected.
The Get Async Query Results API now returns a string rather than a QueryTask object.
An issue that was preventing users from downloading or scheduling dashboards without any tiles has been resolved. This feature now performs as expected.
An issue has been fixed where heatmaps would not render data when switching from a legacy map to a Google Maps visualization. This feature now performs as expected. Note: As of Looker 24.18, Google Maps is the only visualization engine for all map visualizations.
Previously, drilling on values with ampersands would return incomplete results. This feature now performs as expected.
The filters tab in the Save to Dashboard dialog in an Explore now scrolls when there are many filters present.
Looker now loads projects faster when a user first enters dev mode for a project.
Cloud Audit Log is now generally available for Looker (Google Cloud Core) instances.
You can use the BigQuery Quickstart connection to create a default BigQuery connection that can leverage Application Default Credentials.
The principal_subject attribute in the Cloud audit logs now includes the Looker user ID.
The Propose to switch to google map if mapbox fails within the dashboard Looker Labs feature has been removed. All map visualizations are now rendered with Google Maps.
The Dashboard in Drill Menus Looker Labs feature has been removed. Use the LookML link parameter instead.
SAP on Google Cloud
SAP HANA: support for deploying striped disk to host the data directory
To enable you to deploy striped disks for hosting the /hana/data directory, we have done the following:
Updated our documentation with the minimum sizes for SSD-based
Persistent Disk and Hyperdisk volumes.
Introduced deployment automation support through the
enable_data_striping Terraform argument. You can use this argument to
provision a striped disk to host the /hana/data directory while deploying
SAP HANA scale-up, scale-up HA, and scale-out HA systems with Terraform.
This argument is available from version 1.3.674800406 of the Terraform
modules sap_hana and sap_hana_ha, provided by Google Cloud. For more
information, see the deployment guide for your
SAP HANA scenario.
Google Cloud's Agent for SAP version 3.6
Version 3.6 of Google Cloud's Agent for SAP is generally available (GA). This version introduces striped disk support for SAP HANA backup and recovery by using the disk snapshot feature, metric enhancements for monitoring SAP HANA, and other minor enhancements.
Install new version of the Security Command Center Enterprise use case
The installation and configuration of a new version of the SCC Enterprise - Cloud Orchestration & Remediation use case in the Security Operations console is required for the toxic combination functionality of Security Command Center Enterprise. The new use case, identified by date October 9, 2024, introduces a new widget, an updated ingestion logic, and other enhancements to support the management of toxic combination findings and cases in the Security Operations console.
On October 8, 2024 we released an updated version of Advanced API Security.
Note: Rollouts of this release to production instances will begin within two business days and may take four or more business days to complete across all Google Cloud zones. Your instances may not have the feature available until the rollout is complete.
New features added to the Risk Assessment v2 preview
This release introduces new features to the Risk Assessment v2 preview:
Support for custom security profiles. You can create your own security profiles, with unique combinations of risk assessment checks and weights, to use for proxy risk assessment.
New assessment checks. We've added additional checks you can use when assessing proxy risk.
Assess proxies across multiple profiles. You can now switch between security profiles to see differences in scoring across profiles.
Additionally, if you have API Hub enabled in your project, then Gemini can assist you to provide contextually appropriate Call REST Endpoint tasks and task configuration recommendations based on the logical flow of your existing integration. For more information see, Configure Call REST API tasks.
BigQuery
You can now use pipe syntax anywhere you write GoogleSQL. Pipe syntax supports a linear query structure designed to make your queries easier to read, write, and maintain. This feature is in Preview.
Bigtable
Hot backups, optimized backups to restore your data to production performance availability more efficiently, are now generally available (GA). For more information, see Backups overview.
Database Migration Service for homogeneous PostgreSQL migrations to Cloud SQL does not automatically enable point-in-time recovery (PITR) for the destination instance when you promote the migration job. You can enable PITR after the migration is complete.
Preview: An updated version of the gVNIC driver for Windows offers improved network performance and support for Jumbo frames. For more information, see Update to the latest gVNIC driver for Windows.
Deploying an index with Private Service Connect automation is generally available (GA). You can set up a service connection policy so that you don't have to manually create a compute address and forwarding rule after each index deployment.
Update dependency com.google.cloud:gapic-libraries-bom to v1.45.0 (#2363) (9d24c45)
Cloud Logging
You can now include pipe syntax in the SQL queries you run on the Log Analytics page. For more information, see the BigQuery documentation about pipe syntax.
A weekly digest of client library updates from across the Cloud SDK.
Spanner now lets you create and manage backup schedules. You can use backup schedules to meet your organization's data protection and compliance needs. You can specify the following when creating a backup schedule:
When and how often your databases are backed up.
The retention duration of the backups created.
The encryption type of the backups created.
For more information about backup schedules, see
Backups overview.
Speech-to-Text
Speech-to-Text has updated the Generally Available Chirp 2 model, further enhancing its ASR accuracy and multilingual capabilities. Under the existing chirp_2 model flag, you can experience significant improvements in accuracy and speed, as well as support for word-level timestamps, model adaptation, and speech translation. Finally, Chirp 2 can support Streaming Recognizer requests, in addition to the already supported Sync and Batch Recognition requests, allowing its use in realtime applications.
Explore the new chirp_2 model's capabilities and learn how to leverage its full potential by visiting our updated documentation and tutorials.
Workload Manager
Preview: Workload Manager now supports deploying Microsoft SQL Server workloads on Google Cloud. You can configure and deploy a SQL Server system using the Guided Deployment Automation tool in Workload Manager. For more information, see Overview of SQL Server deployment.
By default, local logging for new integrations is now enabled in async mode. With this change, the log data is persisted (written) at fixed intervals or after the completion of the integration's execution, whichever is earlier. You can change the default settings by editing the integration details.
Diagram mode in the Data Transformer Task (Preview)
The Diagram mode provides a console-based experience to select the input and output variables and perform transformations in the data transformation editor. For more information, see the Data Transformer task.
If you have executions that are suspended due to an approval task or a technical issue, you can now choose to cancel those executions. For more information, see Cancel executions.
Google SecOps
When performing a search on entities in the SOAR search page, you can now focus on more precise results by using the new condition Equals, in addition to the default condition Contains.
When performing a search on entities in the SOAR search page, you can now focus on more precise results by using the new condition Equals, in addition to the default condition Contains.
October 04, 2024
Apigee Advanced API Security
On October 4, 2024 we released an updated version of Advanced API Security.
Fixed: Delay in score generation for Risk Assessment v2 with VPC-SC-enabled organizations only
In Risk Assessment v2, which is in preview, this issue has been resolved:
With VPC-SC-enabled organizations only, when generating scores for new organizations or scoring changes to included proxies, shared flows, and target server configurations, score generation could have take as much as three hours.
New analytics and debug data pipeline for data residency-enabled orgs
Newly created Apigee hybrid v1.13.1 orgs created with data residency enabled can use a new data pipeline to collect analytics and debug data and allow various runtime components to write data directly to our control plane. You cannot use the new data pipeline with non data residency-enabled orgs; only new orgs created on hybrid v1.13.1 can use this new feature. For details, see Using data residency with Apigee hybrid.
Bug ID
Description
364282883
Remove check for dc-expansion flag and add timeout to multi-region seed host connection test.
362305438
You can now add additional env variables to the runtime component.
353527851
WebSocket connection drops when using VerifyJwt or OAuthV2 VerifyJWTAccessToken operations.
351440306
An issue was fixed where trace could not be viewed in the UI for orgs with DRZ enabled.
338638343
An ID is now added at the end of apigee-env and virtualhost guardrails pods to make the pod names unique.
Bug ID
Description
N/A
Security fixes for apigee-open-telemetry-collector. This addresses the following vulnerability:
A new release is available. This release may include some or all of the
following: general performance improvements, bug fixes, and updates to the
API reference documentation.
The following beta APIs were added in Kubernetes 1.31 and are available in GKE version 1.31.1-gke.1361000 and later:
networking.k8s.io/v1beta1/ipaddresses
networking.k8s.io/v1beta1/servicecidrs
Enabling both APIs at the same time enables the Multiple Service CIDRs Kubernetes feature in a GKE cluster. For more information, see the following resources:
During the beta phase, you can only create Service CIDRs in the 34.118.224.0/20 reserved IP address range to avoid possible issues with overlapping IP address ranges.
Ray Operator on GKE is now generally available on 1.29 and later. Ray Operator is a GKE add-on that lets you manage and scale Ray applications. To learn more, see the Ray Operator documentation.
CVE-2024-45016 was discovered in the Linux kernel, which can lead to a privilege escalation on Container-Optimized OS and Ubuntu nodes.
Spanner now supports the SAFE_TO_JSON function in GoogleSQL-dialect databases. You can use this function to convert SQL objects to JSON objects. Unlike TO_JSON, this function converts invalid JSON types to JSON null values, rather than errors.
October 03, 2024
Access Context Manager
Generally available: App allowlist support for context-aware access
You can now create an access binding with a map of applications to access levels to apply
access levels to specific applications, avoiding unintended effects on other applications. For more information, see Create an access binding with a map of applications to access levels.
Apigee UI
On October 3, 2024, we released an updated version of the Apigee UI.
Bug ID
Description
369647749
Proxy deployment units counts include shared flows
Fixed issue where proxy deployment unit counts in the UI did not take into account shared flow deployments.
369385955
Fixed the display of the Apigee apps list
Resolved an issue causing Apigee apps to display incorrectly in the Apps list when the search bar is used for filtering.
361497390
Updated the description and calculation of Apigee deployment quotas
The deployment quota displayed on the Apigee overview page now correctly describes and calculates the value of all proxy deployment units, including both API proxy and shared flow deployments across all environments./p>
You can upload containerized metadata about another container image to Artifact Registry as an attachment. To learn more, see Manage container metadata.
[New] Connector authentication on Google Cloud VMs:
The connector now supports authentication through Application Default
Credentials using the Google internal metadata server, eliminating the
need for a keyfile. This feature works only on Google Cloud Compute Engine VMs.
[Resolved] The output for PrimaryKeys previously denoted the Key Sequence
as a 0-indexed value. This has been corrected to a 1-indexed value,
indicating the sequential order of the primary key's column within the
primary key itself.
Cloud SQL for MySQL
You can now configure server certificate authority (CA) mode when you create a Cloud SQL instance. With server CA mode, you have two options:
Per-instance CA: this is the default configuration. With this option, an internal CA dedicated to each Cloud SQL instance signs the
server certificate for that instance.
Shared CA: with this option, the Cloud SQL instance uses a CA hierarchy consisting of a root CA and subordinate server CAs managed by Cloud SQL and hosted on Google Cloud Certificate Authority Service (CA Service). The subordinate server CAs in a region sign the server certificates and are shared across instances in the region. This option can be used only with MySQL 8.0.30 and later.
The pg_ivm extension, version 1.9, is generally available. This extension enables you to make materialized views up-to-date in which only incremental changes are computed and applied on views rather than recomputing the contents from scratch.
Cloud SQL for PostgreSQL, version 16, now supports the pgRouting extension. This extension extends PostGIS and enhances geospatial processing through network routing and analysis.
The rollout of the following minor versions, extension versions, and plugin versions is underway:
Minor versions
12.19 is upgraded to 12.20.
13.15 is upgraded to 13.16.
14.12 is upgraded to 14.13.
15.7 is upgraded to 15.8.
16.3 is upgraded to 16.4.
Extension and plugin versions
google_ml_integration is upgraded from 1.2 to 1.4.2.
pgvector is upgraded from 0.7.0 to 0.7.4.
If you use a maintenance window, then the updates to the minor, extension, and plugin versions happen according to the timeframe that you set in the window. Otherwise, the updates occur within the next few weeks.
The new maintenance version is [PostgreSQL version].R20240910.01.00_02. To learn how to check your maintenance version, see Self service maintenance. To find your maintenance window or to manage maintenance updates, see Find and set maintenance windows.
You can now configure server certificate authority (CA) mode when you create a Cloud SQL instance. With server CA mode, you have two options:
Per-instance CA: this is the default configuration. With this option, an internal CA dedicated to each Cloud SQL instance signs the
server certificate for that instance.
Shared CA: with this option, the Cloud SQL instance uses a CA hierarchy consisting of a root CA and subordinate server CAs managed by Cloud SQL and hosted on Google Cloud Certificate Authority Service (CA Service). The subordinate server CAs in a region sign the server certificates and are shared across instances in the region.
You can now configure server certificate authority (CA) mode when you create a Cloud SQL instance. With server CA mode, you have two options:
Per-instance CA: this is the default configuration. With this option, an internal CA dedicated to each Cloud SQL instance signs the
server certificate for that instance.
Shared CA: with this option, the Cloud SQL instance uses a CA hierarchy consisting of a root CA and subordinate server CAs managed by Cloud SQL and hosted on Google Cloud Certificate Authority Service (CA Service). The subordinate server CAs in a region sign the server certificates and are shared across instances in the region.
Gemini in Colab Enterprise, which is a product in the Gemini for Google Cloud portfolio, is generally available. Gemini in Colab Enterprise helps you write code by suggesting code as you type. You can also use the Help me code tool to generate code from a description of what you want.
Gemini in Colab Enterprise is available to try at no cost through December 31, 2024.
Google Distributed Cloud (software only) for VMware
Google Distributed Cloud (software only) for VMware 1.29.600-gke.109 is now available for download. To upgrade, see Upgrade a cluster or a node pool. Google Distributed Cloud 1.29.600-gke.109 runs on Kubernetes v1.29.8-gke.1800.
If you are using a third-party storage vendor, check the GDCV Ready storage partners document to make sure the storage vendor has already passed the qualification for this release.
After a release, it takes approximately 7 to 14 days for the version to become available for use with GKE On-Prem API clients: the Google Cloud console, the gcloud CLI, and Terraform.
Removed TLS/SSL weak message authentication code cipher suites in the vSphere cloud controller manager.
Fixed the following vulnerabilities in 1.29.600-gke.109:
New versions available for upgrades and new clusters
The following Kubernetes versions are now available for new clusters and for
opt-in control plane upgrades and node upgrades for existing clusters. For more
information on versioning and upgrades, see GKE versioning and support
and Upgrades.
Rapid channel
Version 1.31.1-gke.1000000 is now the default version for cluster creation in the Rapid channel.
The following versions are no longer available in the Rapid channel:
1.27.16-gke.1342000
1.28.13-gke.1119000
1.28.14-gke.1004000
1.29.8-gke.1211000
1.30.4-gke.1348000
1.31.0-gke.1577000
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.26 to version 1.27.16-gke.1373000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.27 to version 1.28.14-gke.1099000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version 1.29.8-gke.1278000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version 1.30.5-gke.1014000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version 1.31.1-gke.1000000 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.27 to version 1.27.16-gke.1373000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version 1.28.14-gke.1099000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version 1.29.8-gke.1278000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version 1.30.5-gke.1014000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.31 to version 1.31.1-gke.1000000 with this release.
Regular channel
Version 1.30.4-gke.1348000 is now the default version for cluster creation in the Regular channel.
The following versions are now available in the Regular channel:
The following versions are no longer available in the Regular channel:
1.27.16-gke.1287000
1.28.13-gke.1049000
1.29.8-gke.1096000
1.30.3-gke.1969001
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.26 to version 1.27.16-gke.1342000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.27 to version 1.28.13-gke.1119000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version 1.29.8-gke.1211000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version 1.30.4-gke.1348000 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.27 to version 1.27.16-gke.1342000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version 1.28.13-gke.1119000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version 1.29.8-gke.1211000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.30 to version 1.30.4-gke.1348000 with this release.
Stable channel
The following versions are now available in the Stable channel:
The following versions are no longer available in the Stable channel:
1.28.13-gke.1006000
1.29.8-gke.1031000
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.27 to version 1.28.13-gke.1024000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version 1.29.8-gke.1057000 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version 1.28.13-gke.1024000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version 1.29.8-gke.1057000 with this release.
Extended channel
Version 1.30.4-gke.1348000 is now the default version for cluster creation in the Extended channel.
The following versions are now available in the Extended channel:
The following versions are no longer available in the Extended channel:
1.27.16-gke.1287000
1.28.13-gke.1049000
1.29.8-gke.1096000
1.30.3-gke.1969001
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.27 to version 1.27.16-gke.1342000 with this release.
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.28 to version 1.28.13-gke.1119000 with this release.
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.29 to version 1.29.8-gke.1211000 with this release.
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.30 to version 1.30.4-gke.1348000 with this release.
No channel
Version 1.30.4-gke.1348000 is now the default version for cluster creation.
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.26 to version 1.27.16-gke.1342000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.27 to version 1.28.13-gke.1119000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.28 to version 1.29.8-gke.1211000 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.27 to version 1.27.16-gke.1342000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.28 to version 1.28.13-gke.1119000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.29 to version 1.29.8-gke.1211000 with this release.
(2024-R38) Version updates
Version 1.31.1-gke.1000000 is now the default version for cluster creation in the Rapid channel.
The following versions are no longer available in the Rapid channel:
1.27.16-gke.1342000
1.28.13-gke.1119000
1.28.14-gke.1004000
1.29.8-gke.1211000
1.30.4-gke.1348000
1.31.0-gke.1577000
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.26 to version 1.27.16-gke.1373000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.27 to version 1.28.14-gke.1099000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version 1.29.8-gke.1278000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version 1.30.5-gke.1014000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version 1.31.1-gke.1000000 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.27 to version 1.27.16-gke.1373000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version 1.28.14-gke.1099000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version 1.29.8-gke.1278000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version 1.30.5-gke.1014000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.31 to version 1.31.1-gke.1000000 with this release.
(2024-R38) Version updates
Version 1.30.4-gke.1348000 is now the default version for cluster creation in the Regular channel.
The following versions are now available in the Regular channel:
The following versions are no longer available in the Regular channel:
1.27.16-gke.1287000
1.28.13-gke.1049000
1.29.8-gke.1096000
1.30.3-gke.1969001
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.26 to version 1.27.16-gke.1342000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.27 to version 1.28.13-gke.1119000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version 1.29.8-gke.1211000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version 1.30.4-gke.1348000 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.27 to version 1.27.16-gke.1342000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version 1.28.13-gke.1119000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version 1.29.8-gke.1211000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.30 to version 1.30.4-gke.1348000 with this release.
(2024-R38) Version updates
The following versions are now available in the Stable channel:
The following versions are no longer available in the Stable channel:
1.28.13-gke.1006000
1.29.8-gke.1031000
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.27 to version 1.28.13-gke.1024000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version 1.29.8-gke.1057000 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version 1.28.13-gke.1024000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version 1.29.8-gke.1057000 with this release.
(2024-R38) Version updates
Version 1.30.4-gke.1348000 is now the default version for cluster creation in the Extended channel.
The following versions are now available in the Extended channel:
The following versions are no longer available in the Extended channel:
1.27.16-gke.1287000
1.28.13-gke.1049000
1.29.8-gke.1096000
1.30.3-gke.1969001
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.27 to version 1.27.16-gke.1342000 with this release.
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.28 to version 1.28.13-gke.1119000 with this release.
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.29 to version 1.29.8-gke.1211000 with this release.
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.30 to version 1.30.4-gke.1348000 with this release.
(2024-R38) Version updates
Version 1.30.4-gke.1348000 is now the default version for cluster creation.
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.26 to version 1.27.16-gke.1342000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.27 to version 1.28.13-gke.1119000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.28 to version 1.29.8-gke.1211000 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.27 to version 1.27.16-gke.1342000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.28 to version 1.28.13-gke.1119000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.29 to version 1.29.8-gke.1211000 with this release.
If you have a VPC network that consumes a service offered through private services access, you can use a Network Connectivity Center producer VPC spoke to make the service reachable by other spokes on a hub.
Security Command Center
GKE Security Posture vulnerability findings now support attack exposure scores
GKE runtime OS vulnerability findings detected by GKE Security Posture in Google Cloud are now scored by attack path simulations. Use these attack exposure scores on vulnerabilities to help secure the resources that are the most valuable to your business and to address the most significant vulnerabilities in your GKE clusters. For more information, see Attack exposure scores.
Sovereign Controls by Partners
Cloud Run and Filestore are now supported by the following control packages. See supported products for more information:
You can now create an external dataset in BigQuery that links to an existing database in Spanner. This feature is in Preview.
October 02, 2024
Agent Assist
Agent Assist now offers a native UI Connector with Twilio Flex to integrate with voice conversations. See the documentation for details.
AlloyDB for PostgreSQL
The alloydb_scann extension (previously named postgres_scann) is generally available (GA) for the AlloyDB service in Google Cloud. For more information about storing vector embeddings, creating indexes, and tuning indexes to achieve faster query performance and better recall, see Work with vectors.
AlloyDB Omni is in Limited Availability on the Aiven Platform. Aiven provides managed AlloyDB Omni as a service on multiple public clouds. For more information, see Store your data on any major cloud.
Apigee X
On October 2, 2024, we released an updated version of Apigee.
With this release, all remaining Apigee API Management organizations with Subscription 2021 contracts have been upgraded to introduce standard and extensible API proxy features.
To learn more about:
Standard and Extensible API Proxy types, see API Proxy types.
Subscription Apigee organizations (without hybrid entitlements) upgraded in this release will see changes to the user experience in the Classic Apigee UI. To support management of the upgraded functionality now available to these organizations, a number of feature administration pages are now only available in the Apigee UI in Cloud console.
Google Distributed Cloud (software only) for VMware
Google Distributed Cloud (software only) for VMware 1.30.100-gke.96 is now
available for
download.
To upgrade, see Upgrade a cluster or a node
pool.
Google Distributed Cloud 1.30.100-gke.96 runs on Kubernetes v1.30.4-gke.1800.
If you are using a third-party storage vendor, check the GDCV Ready storage
partners
document to make sure the storage vendor has already passed the qualification
for this release.
After a release, it takes approximately 7 to 14 days for the version to become
available for use with GKE On-Prem API
clients:
the Google Cloud console, the gcloud CLI, and Terraform.
Fixed the following issues in 1.30.100-gke.96:
Fixed the known issue where updating dataplaneV2.forwardMode didn't automatically trigger anetd DaemonSet restart.
Fixed the following vulnerabilities in 1.30.100-gke.96:
The FLOAT32 (GoogleSQL) and float4/real (PostgreSQL) data types are Generally Available.
October 01, 2024
Agent Assist
Agent Assist now offers Live transcription adaptation in preview. See the documentation for more details.
Anthos Attached Clusters
This release includes the following GKE attached clusters platform versions. Click on the following links to see the release notes associated with these patches:
You can now launch clusters with the following Kubernetes versions. Click on the following links to see the release notes associated with these patches:
You can now launch clusters with the following Kubernetes versions. Click on the following links to see the release notes associated with these patches:
A new major engine version is now available for Retail and Commercial lines of business, within the v4 tuning version. This includes:
New recommended field counterparty_account.region_code added to the Transaction table.
The new engine version uses this field to account for risks associated with the region of the counterparty account.
Cloud Composer
(Available without upgrading) Fixed the cause of DAG run failures for runs created from the Cloud Console when the [scheduler]allowed_run_id_pattern Airflow configuration option is set to a custom value.
(Airflow 2.9.3 and 2.9.1) The apache-airflow-providers-google package was upgraded to version 10.23.0 in Cloud Composer 2 images and Cloud Composer 3 builds. For more information about changes, see the apache-airflow-providers-google changelog from version 10.22.0 to version 10.23.0.
(Airflow 2.9.3 and 2.9.1) The apache-airflow-providers-cncf-kubernetes package was upgraded to version 8.4.2 in Cloud Composer 2 images and Cloud Composer 3 builds. For more information about changes, see the apache-airflow-providers-cncf-kubernetes changelog from version 8.4.1 to version 8.4.2.
Cloud SQL for MySQL 8.4 is now generally available. For more information about the differences between MySQL 8.4 and MySQL 8.0, review What Is New in MySQL 8.4 since MySQL 8.0.
By default, if you specify MySQL 8.4 as the version when you create a Cloud SQL instance (either primary or replica) using the gcloud CLI or the REST API, then the Cloud SQL edition is Enterprise Plus.
If you specify a version other than MySQL 8.4 or don't specify a version, then the default Cloud SQL edition of the instance is Enterprise.
For more information about the implementation of MySQL 8.4 in Cloud SQL, see the following topics:
You can now use the gcloud sql instances patch command to update the time zone of your Cloud SQL for SQL Server instance after you create the instance. Previously, you could only set a custom time zone for a SQL Server instance when you first created the instance. For more information about setting the time zone for a Cloud SQL for SQL Server instance, see About instance settings.
Cloud Service Mesh
The following images are now rolling out for managed Cloud Service Mesh:
1.19.10-asm.19 is rolling out to the rapid release channel.
1.19.10-asm.19 is rolling out to the regular release channel.
1.19.10-asm.19 is rolling out to the stable release channel.
1.19.10-asm.19 contains the fixes for the security vulnerabilities listed in GCP-2024-052 and uses Envoy v1.27.7.
A known issue with asmcli for 1.23 is now fixed. Customers might have seen the following error when attempting to install in-cluster Cloud Service Mesh 1.23:
asmcli: Downloading ASM..
gzip: stdin: not in gzip format
tar: Child returned status 1
tar: Error is not recoverable: exiting now
A new version of asmcli with the fix has released.
Config Controller
Config Controller now uses the following versions of its included products:
They were internally upgraded to a higher quality model.
The labeling system has been upgraded to use the latest version of the OCR model.
v1.2 is recommended for the best quality. v1.3 is recommended for the lowest latency.
We recommend creating a new processor and relabeling the training and evaluation documents to benefit from both the improved quality with the new processor versions of Custom Extractor (v1.2 and v1.3) and the enhanced labeling system.
Firestore
You can now use customer-managed encryption keys (CMEK) in Firestore to protect your data. This feature is generally available (GA) behind an allow-list.
You can now use customer-managed encryption keys (CMEK) in Datastore to protect your data. This feature is generally available (GA) behind an allow-list.
Grounding: Dynamic retrieval for grounded results (GA)
Dynamic retrieval lets you choose when to turn off grounding with Google Search. This is useful when a prompt doesn't require an answer grounded in Google Search, and the supported models can provide an answer based on their knowledge without grounding. Dynamic retrieval helps you manage latency, quality, and cost more effectively.
Google Distributed Cloud (software only) for bare metal
Release 1.29.600-gke.108
Google Distributed Cloud for bare metal 1.29.600-gke.108 is now available for download. To upgrade, see Upgrade clusters. Google Distributed Cloud for bare metal 1.29.600-gke.108 runs on Kubernetes 1.29.
After a release, it takes approximately 7 to 14 days for the version to become available for installations or upgrades with the GKE On-Prem API clients: the Google Cloud console, the gcloud CLI, and Terraform.
If you use a third-party storage vendor, check the Ready storage partners document to make sure the storage vendor has already passed the qualification for this release of Google Distributed Cloud for bare metal.
Fixes:
Fixed Cloud Audit Logging failure due to allowlisting issue with multiple project IDs.
The following container image security vulnerabilities have been fixed in 1.29.600-gke.108:
GKE now supports the Parallelstore CSI driver in allowlisted general availability (GA), which means that you can reach out to your Google support team to use the service under GA terms.
Parallelstore accelerates AI/ML training and excels at saturating individual compute clients, ensuring that expensive compute resources are efficiently used. The product demonstrated a 3.9x training time improvement and 3.7x better throughput improvement compared to native ML framework data loaders and saturates single clients NIC bandwidth at 90%+.
In GKE version 1.30.3-gke.1639000 and later and 1.31.0-gke.1058000 and later, GKE can handle GPU and TPU node disruptions by notifying you in advance of a shutdown and by gracefully terminating your workloads. This feature is generally available. For details, see Manage GKE node disruption for GPUs and TPUs.
Pub/Sub adds support for OpenTelemetry tracing. OpenTelemetry tracing lets you identify and trace the latency of various Pub/Sub client library operations.
The current default LOCATIONinfoType detection model, which is accessible when InfoType.version is set to latest or stable, is now also used when InfoType.version is set to legacy.
The old detection model that was previously accessible by setting InfoType.version to legacy is no longer accessible.
The region restriction on the LOCATIONinfoType has been lifted. It is now available in all regions.
Spanner
Spanner now supports end-to-end tracing in preview, along with client-side tracing in the Java and Go client libraries. You can opt-in for end-to-end traces to have more visibility into the application to Spanner latencies.
For more information, see Trace collection overview.
Vertex AI Agent Builder
Vertex AI Agent Builder: Dynamic retrieval for grounded results (GA with allowlist)
Dynamic retrieval lets you choose when to turn off grounding with Google Search. This is useful when a prompt doesn't require an answer grounded in Google Search and the supported models can provide an answer based on their own knowledge without grounding. Dynamic retrieval helps you manage latency, quality, and cost more effectively.
This feature is available to select Google Cloud customers (GA with allowlist). For more information, see Dynamic retrieval.
Artifact Analysis is gradually rolling out regionalized data storage and endpoints to help support compliance with data residency requirements. The Container Analysis API stores metadata in the same region or multi-region as the Artifact Registry repository where your image is scanned.
You can now use flexible column names with BigQuery tables and views for extracting, loading, streaming, and querying data. This feature is generally available (GA).
You can now use the operational health dashboard to get a single-pane view of key metrics such as slot usage, shuffle usage, errors, and total storage in real time. This feature is generally available (GA).
Add RetryCallable to the callable chain (#2348) (0330d77)
Pass deadline through ExecuteQuery RetrySettings (#2355) (6bc9820)
Time based flakiness in execute query deadline test (#2358) (b474173)
Dependencies
Update dependency com.google.cloud:sdk-platform-java-config to v3.36.1 (#2351) (40c428e)
Cloud Billing
View and manage unexpected costs with Anomaly Detection (in preview)
You can now view and manage cost spikes that deviate from your historical spend patterns using the Anomalies dashboard (preview). Each anomaly comes with a detailed root cause analysis that identifies the top services, regions, and SKUs that contributed to the spike.
The regional external Application Load Balancers, cross-region internal Application Load Balancers, regional internal Application Load Balancers, now support a configurable client HTTP keepalive timeout. The client HTTP keepalive timeout represents the maximum amount of time that a TCP connection can be idle between the (downstream) client and the target HTTP(S) proxy.
You can now apply and modify dashboard-wide filters by selecting the filter option within the cell of a table. For example, if a table has a column named zone and a cell that displays us-east5-b, then selecting the filter button in that cell applies the dashboard-wide filter zone: us-east5-b. For more information about filtering your dashboard, see the following documents:
Upgraded app-admin/google-guest-configs to v20240924.00.
Upgraded app-admin/google-osconfig-agent to v20240924.02.
Upgraded app-admin/google-guest-configs to v20240905.00.
Upgraded app-admin/fluent-bit to v3.1.8.
Upgraded app-containers/docker-credential-gcr to v2.1.25.
Upgraded chromeos-base/chromeos-common-script to v0.0.1-r642.
Upgraded chromeos-base/update_engine-client to v0.0.1-r2449.
Upgraded chromeos-base/session_manager-client to v0.0.1-r2801.
Upgraded chromeos-base/debugd-client to v0.0.1-r2712.
Upgraded chromeos-base/power_manager-client to v0.0.1-r2947.
Upgraded chromeos-base/minijail to v18-r155.
Upgraded chromeos-base/shill-client to v0.0.1-r4688.
Upgraded dev-python/configobj to v5.0.9.
Upgraded net-firewall/iptables to v1.8.10-r1.
Upgraded net-libs/libtirpc to v1.3.5.
Upgraded dev-libs/nss to v3.104.
Upgraded net-dns/c-ares to v1.33.1.
Updated the Linux kernel to v6.6.52.
Update R550, latest driver to v550.90.12.
Updated cos-gpu-installer to v2.4.2. This enables creation
of /dev/dri when loading nvidia-drm.ko for COS kernels build with
loadable drm and dependent modules.
Removed sys-libs/libsepol and sys-libs/libselinux.
Note: As announced in release 5.4, workload specific repositories will continue to receive code updates for at least one more release.
New Data Sources
Marketing: YouTube (with DV360). Get comprehensive overview of your campaign spend, performance and audience targeting with actionable insights for paid media campaigns on YouTube purchased in DV360 platform. Access the Looker Block for YouTube (with DV360) with sample dashboards for faster data analysis and exploration.
Marketing: Google Analytics 4 (GA4). Understand website engagement and purchases using page views, time spent, call to action ratios, average purchases, lifetime value over time, traffic volumes, and success rates for defined conversion.
Oracle EBS: Measure and understand Order to Cash operational metrics around sales performance, order status, order fulfillment, invoicing, and receivables with new BigQuery integration templates and data models. Access the Looker Block for Oracle EBS with sample dashboards for further analytics.
New Cloud Build features support
Added support for the following Cloud Build features:
Private worker pools: Run Cortex Framework deployment builds in your Cloud Build private worker pool.
Regional builds: Specify a region for Cortex Framework deployment builds.
User-specified service accounts: Run Cortex Framework deployment builds with a specific service account instead of the Cloud Build default.
SAP
SAP Raw to CDC DAG: Rewrote logic and became less costly with about 25% improvement in performance.
Fiscal dimension: All views now use the new Fiscal Dimension instead of function. ECC/S4 specific Fiscal Functions are now removed as announced in v3.1. Fiscal functions will be removed in the next version.
Future deprecation: Legacy Currency_Conversion and Currency_Decimal functions will be deprecated in the next version. Join the views currency_conversion and currency_decimal instead.
Finance: New views for FSV, Cost, and Profit center hierarchy that supersedes the old hier_reader local k9, which will be removed in the next version. For more information, see Cortex Framework: integration with SAP.
Improved SalesStatus_Items and S/4 Billing logic.
Inventory: Moved the following views and functions from src/SAP/SAP_REPORTING/local_k9/inventory_snapshots to src/SAP/SAP_REPORTING/{SAP_FLAVOR}; and renamed them to make the structure more logical and succinct. Also added notes and instructions on this module in the Cortex Framework: integration with SAP . There isn't any content or logic change.
From 00_stock_characteristics_config to StockCharacteristicsConfig.
From 00_slow_moving_threshold to SlowMovingThreshold.
From 0_{weekly|monthly}_inventory_aggregation.sql to Aggregate{Weekly|Monthly}Inventory.
From stock_weekly_snapshots_inventory_aggregation_update to UpdateMonthlyInventoryAggregation.
From 01_stock_{weekly|monthly}_snapshots to Update{Weekly|Monthly}StockSnapshots.
Data Mesh
Added support for annotations on nested fields.
Removed inherited default values for lake regions and zone location types. These values need to be provided if deploying lakes and zones.
Moved deployment configs for Language and Currency to workload specific sections. This affects SAP and Oracle EBS data sources.
Officially dropped Airflow v1 support.
Adding test harness support for new BigQuery regions africa-south1 and europe-west10.
Deployer log verbosity reduced by 75% for reporting deployment steps across all workloads.
Cloud Composer (Airflow) DAGs now use current python and BigQuery operators in place of deprecated airflow.operators.python_operator and airflow.contrib.operators.bigquery_operator operators.
Patched multiple Python library vulnerabilities.
Deprecated Credly badging.
Known issues and limitations
Data Mesh deployments where only column descriptions are deployed require Data Catalog API to be enabled. This will be patched in a future release.
Local K9 for SAP produces a temporary folder (tmp*) in the target bucket for DAGs. Please, remove it manually. There is no impact in the execution.
Dataform
The maximum size limit for workspaces encrypted with customer-managed encryption keys (CMEK) is 512 MB. For more information about Dataform quotas and limits, see Quotas and limits. For more information about encrypting Dataform repositories with CMEK, see Use customer-managed encryption keys.
Dataplex
Managed connectivity pipelines are generally available (GA). Use a managed connectivity pipeline to extract metadata from third-party sources and import it into Dataplex Catalog. You develop your own connector that extracts metadata, and use Workflows for orchestration and scheduling.
Developer Connect is now Generally Available (GA). This launch introduces the following features:
Connectivity with several more source code management tools, including GitHub Enterprise Cloud, GitHub Enterprise, GitLab and GitLab Enterprise
Integration with Gemini Code Assist, helping you get coding tips tailored to your private repositories
Gemini Code Assist users can connect their source code on GitHub or GitLab repositories and GitHub Enterprise, GitHub Enterprise Cloud, GitLab Enterprise repositories hosted on networks that can be accessed via the public internet.
NFSv4.1 protocol support, integrated with Managed Service for Microsoft Active Directory, is now generally available for zonal, regional, and enterprise instances.
Generative AI on Vertex AI
Prompt templates let you to test how different prompt formats perform with different sets of prompt data. This feature is in Preview. To learn more, see Use prompt templates.
Google SecOps
The case report now includes all information written on the case wall.
It is now possible to merge cases where the requester is not the assignee both in the platform and through the API endpoint: api/external/v1/cases-queue/bulk-operations/MergeCases
Google SecOps SOAR
Remote Agents 2.2.0 Release is currently in Preview.
Logs quality and coverage enhancements.
Identity Platform
Custom organization policies for Identity Platform are generally available (GA). You can use custom organization policies to allow or deny specific operations on Identity Platform resources for the security, compliance, or governance requirements of your application.
Parallelstore, Google's managed Parallel File System service, is now generally available (GA).
Parallelstore offers extreme IOPS and throughput, at very low latencies. Parallelstore supports capacities between 12 and 100 TiB and is POSIX-compatible.
Please contact your sales representative to use Parallelstore in your Google Cloud project.
Pub/Sub
A weekly digest of client library updates from across the Cloud SDK.
Update the requirements.txt for samples directory (#1263) (5cce8b1)
The message retention duration option for a subscription specifies how long Pub/Sub retains messages after publication. The maximum value for this property is now increased to 31 days. For more information, see Message retention duration.
Sensitive Data Protection
The FINLAND_BUSINESS_ID infoType detector is available in all regions. For more information about all built-in infoTypes, see InfoType detector reference.
Spanner
A monthly digest of client library updates from across the Cloud SDK.
The case report now includes all information written to the Case wall.
It is now possible to merge cases where the requester is not the assignee both in the platform and through the API endpoint: api/external/v1/cases-queue/bulk-operations/MergeCases
Custom integration is reverted to the latest imported code after saving custom integration settings. (ID #53578268)
Remote agents not visible in the drop-down field. (ID #53299495)
Timeout error when trying to add an alert grouping rule. (ID #00298026)
Time Zone sync issue (ID #52421707)
Inaccurate case tag data in Advanced Reports (ID #00308538)
Tags are displayed in the database after being deleted from the platform (ID #53263012)
Timeout error for playbook action (ID #52418008)
September 27, 2024
Access Approval
Access Approval supports Speech-to-Text in the GA stage.
Access Approval supports Dataplex in the Preview stage.
Access Transparency
Access Transparency supports Dataplex in the Preview stage.
Avoid charges for underutilized Compute Engine reservations in the FinOps hub
You can now get recommendations to modify or delete your underutilized, on-demand reservations for Compute Engine resources when you haven't consumed your specified threshold of resources for at least 7 days.
Vertex AI Search for retail: Conversational search API
As part of Search for retail's Guided search package, ConversationalSearchSpec sits on top of the Retail API. When coverage parameters are met, Search for retail users can enable this feature in the console or by setting the followup_conversation_requested flag to true in the search service interface. Conversational search uses an LLM-generated question for each catalog attribute where allowed_in_conversation field is enabled.
As part of Search for retail's Guided search package, tile navigation allows tiles to appear for each of the most likely to be used dynamic facets across a search page. The objective is to increase filter usage to narrow search faster.
Agent Assist now offers a new version of summarization with custom sections in preview. Summarization with custom sections V3.1 reduces latency and improves quality from V3.0.
Config Sync now supports GitHub App authentication for GitHub repositories. See Grant access to Git for more information.
This release note was added on October 4, 2024.
Upgraded the git-sync dependency from v4.2.3 to v4.2.4.
Apigee API hub
On September 26, 2024, Apigee announced the GA launch of Apigee API hub.
A new "Get started with API hub" page was added to the user interface. This new page includes valuable getting started information, including a new FAQ, to help you get the most out of API hub.
We added a new Supply chain page where you can create, view and manage your dependencies across API operations. The same dependencies can also be created from the API operations page. See Manage dependencies.
The Semantic Search (formerly Smart Search) user interface has been improved, and search results are shown across all API hub entities, such as APIs, deployments, specifications, and versions. See Search and filter APIs.
We added support for GMEK and CMEK in the provisioning steps. While provisioning, you can also choose to host your Vertex search data in a different location or disable Vertex search altogether. See Provision API hub.
The List APIs for specifications, dependencies, and external APIs have been enhanced to return a complete response, including user-defined attributes.
While you can use API hub by making direct REST over HTTP requests, we now provide client libraries for several popular languages. See API hub client libraries.
Significant user interface improvements were made, such as standardization of cards on the API details page, unlinking of deployments, various performance fixes, and more.
Apigee X
On September 26, 2024 we released an updated version of Apigee.
If you have CMEK org policy constraints on your Google Cloud project, Apigee will enforce compliance with those constraints and guide you in choosing valid configuration, and prevent you from using Apigee features that are not CMEK-compliant.
The following documents are new and explain how to use CMEK with Apigee:
A known issue was added: Apigee does not support key re-encryption, which means even after rotation, the old key version will still be used and you cannot change the CMEK key after org creation.
Use Gemini AI assistant to find or create Billing Reports (preview)
Gemini Cloud Assist in Cloud Billing Reports provides FinOps-focused AI assistance to create the cost reports you need to analyze your cost trends and to summarize key insights from the cost reports.
Gemini Cloud Assist in Cloud Billing Reports helps you to:
Use saved reports: Quickly access existing reports to analyze your spending.
Create new reports: Configure custom reports with AI assistance to get the exact data you need.
Summarize reports: Get AI-powered summaries of your reports to quickly understand key cost trends and insights.
The SAP ODP batch source plugin version 0.11.3 is available in Cloud Data Fusion versions 6.8.0 and later. This release includes the following changes:
Fixed an issue causing the following error: Error encountered while configuring the stage: Unable to access Cloud Storage or download JCo libraries from Cloud Storage. To address the issue, you must upgrade the Cloud Storage client library to version 2.3.0 or later.
Fixed an issue causing memory errors in the SAP system. You can choose to load changed data without loading historical data first. You can select this option in the plugin properties.
TensorFlow 2.17 container images are now available.
Deep Learning VM Images
M125 release
TensorFlow 2.17 VM images are now available.
Dialogflow
Starting in late 2024 and ending in early 2025, there will be changes to some Dialogflow product names, feature names, and consoles. See the documentation for complete details.
Dialogflow CX: You can now enable security checks to prevent prompt injection attacks. See the documentation for details.
Dialogflow CX: Cloud Text-to-Speech europe-west1 and europe-west3 regions for Neural2 voices now use corresponding regions.
Document AI
Effective April 9, 2025, the following Custom Extractor versions will no longer be accessible:
We understand that this update requires planning, but we're here to support you during this process. If you have questions or need assistance, contact Google Cloud support.
The following earlier versions of Document AI Enterprise Document Optical Character Recognition (OCR) and Expense Parser will be discontinued in the United States (US) and European Union (EU) starting April 30, 2025.
Enterprise Document OCR:
pretrained-ocr-v1.0-2020-09-23
pretrained-ocr-v1.1-2022-09-12
Expense Parser:
pretrained-expense-v1.2-2022-02-18
pretrained-expense-v1.3-2022-07-15
pretrained-expense-v1.4-2022-11-18
To ensure uninterrupted service and benefit from improved extraction quality, we recommend you migrate to the following later versions before April 30, 2025:
If you have any questions or require assistance, contact us at Google Cloud support.
Google Cloud VMware Engine
VMware Engine ve2 nodes are available in Frankfurt, Germany, Europe (europe-west3-a).
Google Kubernetes Engine
(2024-R37) Version updates
GKE cluster versions have been updated.
New versions available for upgrades and new clusters
The following Kubernetes versions are now available for new clusters and for
opt-in control plane upgrades and node upgrades for existing clusters. For more
information on versioning and upgrades, see GKE versioning and support
and Upgrades.
Rapid channel
Version 1.31.0-gke.1577000 is now the default version for cluster creation in the Rapid channel.
The following versions are now available in the Rapid channel:
The following versions are no longer available in the Rapid channel:
1.27.16-gke.1287000
1.28.13-gke.1049000
1.29.8-gke.1096000
1.30.3-gke.1969001
1.30.4-gke.1476000
1.31.0-gke.1506000
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.26 to version 1.27.16-gke.1342000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.27 to version 1.28.13-gke.1119000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version 1.29.8-gke.1211000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version 1.30.4-gke.1348000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version 1.31.0-gke.1577000 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.27 to version 1.27.16-gke.1342000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version 1.28.13-gke.1119000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version 1.29.8-gke.1211000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version 1.30.4-gke.1348000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.31 to version 1.31.0-gke.1577000 with this release.
Regular channel
The following versions are now available in the Regular channel:
The following versions are no longer available in the Regular channel:
1.27.16-gke.1148001
1.27.16-gke.1258000
1.28.13-gke.1006000
1.28.13-gke.1024000
1.29.8-gke.1031000
1.29.8-gke.1057000
1.30.3-gke.1639000
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.26 to version 1.27.16-gke.1287000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.27 to version 1.28.13-gke.1049000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version 1.29.8-gke.1096000 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.27 to version 1.27.16-gke.1287000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version 1.28.13-gke.1049000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version 1.29.8-gke.1096000 with this release.
Stable channel
Version 1.30.3-gke.1969001 is now the default version for cluster creation in the Stable channel.
The following versions are now available in the Stable channel:
The following versions are no longer available in the Stable channel:
1.27.16-gke.1051001
1.28.12-gke.1052000
1.28.12-gke.1179000
1.29.7-gke.1104000
1.29.7-gke.1274000
1.30.2-gke.1587003
1.30.3-gke.1639000
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.26 to version 1.27.16-gke.1148001 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.27 to version 1.28.13-gke.1006000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version 1.29.8-gke.1031000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version 1.30.3-gke.1969001 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.27 to version 1.27.16-gke.1148001 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version 1.28.13-gke.1006000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version 1.29.8-gke.1031000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.30 to version 1.30.3-gke.1969001 with this release.
Extended channel
The following versions are now available in the Extended channel:
The following versions are no longer available in the Extended channel:
1.27.16-gke.1148001
1.27.16-gke.1258000
1.28.13-gke.1006000
1.28.13-gke.1024000
1.29.8-gke.1031000
1.29.8-gke.1057000
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.27 to version 1.27.16-gke.1287000 with this release.
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.28 to version 1.28.13-gke.1049000 with this release.
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.29 to version 1.29.8-gke.1096000 with this release.
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.26 to version 1.27.16-gke.1287000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.27 to version 1.28.13-gke.1049000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.28 to version 1.29.8-gke.1096000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.29 to version 1.30.3-gke.1969001 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.27 to version 1.27.16-gke.1287000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.28 to version 1.28.13-gke.1049000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.29 to version 1.29.8-gke.1096000 with this release.
(2024-R37) Version updates
Version 1.31.0-gke.1577000 is now the default version for cluster creation in the Rapid channel.
The following versions are now available in the Rapid channel:
The following versions are no longer available in the Rapid channel:
1.27.16-gke.1287000
1.28.13-gke.1049000
1.29.8-gke.1096000
1.30.3-gke.1969001
1.30.4-gke.1476000
1.31.0-gke.1506000
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.26 to version 1.27.16-gke.1342000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.27 to version 1.28.13-gke.1119000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version 1.29.8-gke.1211000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version 1.30.4-gke.1348000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version 1.31.0-gke.1577000 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.27 to version 1.27.16-gke.1342000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version 1.28.13-gke.1119000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version 1.29.8-gke.1211000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version 1.30.4-gke.1348000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.31 to version 1.31.0-gke.1577000 with this release.
(2024-R37) Version updates
The following versions are now available in the Regular channel:
The following versions are no longer available in the Regular channel:
1.27.16-gke.1148001
1.27.16-gke.1258000
1.28.13-gke.1006000
1.28.13-gke.1024000
1.29.8-gke.1031000
1.29.8-gke.1057000
1.30.3-gke.1639000
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.26 to version 1.27.16-gke.1287000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.27 to version 1.28.13-gke.1049000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version 1.29.8-gke.1096000 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.27 to version 1.27.16-gke.1287000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version 1.28.13-gke.1049000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version 1.29.8-gke.1096000 with this release.
(2024-R37) Version updates
Version 1.30.3-gke.1969001 is now the default version for cluster creation in the Stable channel.
The following versions are now available in the Stable channel:
The following versions are no longer available in the Stable channel:
1.27.16-gke.1051001
1.28.12-gke.1052000
1.28.12-gke.1179000
1.29.7-gke.1104000
1.29.7-gke.1274000
1.30.2-gke.1587003
1.30.3-gke.1639000
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.26 to version 1.27.16-gke.1148001 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.27 to version 1.28.13-gke.1006000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version 1.29.8-gke.1031000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version 1.30.3-gke.1969001 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.27 to version 1.27.16-gke.1148001 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version 1.28.13-gke.1006000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version 1.29.8-gke.1031000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.30 to version 1.30.3-gke.1969001 with this release.
(2024-R37) Version updates
The following versions are now available in the Extended channel:
The following versions are no longer available in the Extended channel:
1.27.16-gke.1148001
1.27.16-gke.1258000
1.28.13-gke.1006000
1.28.13-gke.1024000
1.29.8-gke.1031000
1.29.8-gke.1057000
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.27 to version 1.27.16-gke.1287000 with this release.
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.28 to version 1.28.13-gke.1049000 with this release.
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.29 to version 1.29.8-gke.1096000 with this release.
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.26 to version 1.27.16-gke.1287000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.27 to version 1.28.13-gke.1049000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.28 to version 1.29.8-gke.1096000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.29 to version 1.30.3-gke.1969001 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.27 to version 1.27.16-gke.1287000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.28 to version 1.28.13-gke.1049000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.29 to version 1.29.8-gke.1096000 with this release.
Cloud Identity POSIX groups are deprecated. As of September 26, 2024, you can no longer create new POSIX groups, and existing POSIX groups will be removed on or after September 26, 2025. For more information, see POSIX groups deprecation.
Cross-bucket replication is now available in Cloud Storage. You can use cross-bucket replication to copy new and updated objects asynchronously from a source bucket to a destination bucket. For more information on how to use cross-bucket replication, see Using cross-bucket replication.
Generative AI on Vertex AI
The Llama 3.2 90B model is available in Preview on Vertex AI. Llama 3.2 90B enables developers to build and deploy the latest generative AI models and applications that use Llama's capabilities, such as image reasoning. Llama 3.2 is also designed to be more accessible for on-device applications. For more information, see Llama models.
Google Distributed Cloud (software only) for VMware
Google Distributed Cloud (software only) for VMware 1.28.1000-gke.59 is now available for download. To upgrade, see Upgrade a cluster or a node pool. Google Distributed Cloud 1.28.1000-gke.59 runs on Kubernetes v1.28.13-gke.600.
If you are using a third-party storage vendor, check the GDCV Ready storage partners document to make sure the storage vendor has already passed the qualification for this release.
After a release, it takes approximately 7 to 14 days for the version to become available for use with GKE On-Prem API clients: the Google Cloud console, the gcloud CLI, and Terraform.
Removed TLS/SSL weak message authentication code cipher suites in the vSphere cloud controller manager.
Fixed the following vulnerabilities in 1.28.1000-gke.59:
Google Distributed Cloud (software only) for bare metal
Release 1.30.100-gke.96
Google Distributed Cloud for bare metal 1.30.100-gke.96 is now available for download. To upgrade, see Upgrade clusters. Google Distributed Cloud for bare metal 1.30.100-gke.96 runs on Kubernetes 1.30.
After a release, it takes approximately 7 to 14 days for the version to become available for installations or upgrades with the GKE On-Prem API clients: the Google Cloud console, the gcloud CLI, and Terraform.
If you use a third-party storage vendor, check the Ready storage partners document to make sure the storage vendor has already passed the qualification for this release of Google Distributed Cloud for bare metal.
Functionality changes:
Added --skip-preflight flag to the bmctl upgrade command to prevent preflight checks from running during an upgrade.
The following container image security vulnerabilities have been fixed in 1.30.100-gke.96:
YARA rule names that appear in Virtual Machine Threat Detection findings will be renamed
On or after October 28, 2024, YARA rule names that appear in Malware: Malicious file on disk (YARA) findings from Virtual Machine Threat Detection will be renamed. This update will resolve naming inconsistencies in the YARA rules. The new naming convention will contain the prefix, designation, type, name, and iteration of the YARA rule. The following are examples of the new names:
Vertex AI Search: gemini-1.5-flash-002/answer_gen/v1 model
The gemini-1.5-flash-002/answer_gen/v1 model is available for answer generation. This model is based on the gemini-1.5-flash-002 model and has been further tuned to address question and answering tasks.
Access Approval supports Vertex AI Search in the GA stage.
Application Integration
The Resolve JSON Path data transformer function is now available. This function resolves a JSON path on a given JSON object by using the JSONPath reference.
Database Migration Service for homogeneous PostgreSQL migrations to AlloyDB for PostgreSQL now supports PostgreSQL version 16. See Supported source and destination databases in AlloyDB for PostgreSQL migrations.
Cloud Key Management Service
Cloud KMS with Autokey is now in General Availability for Cloud Storage, Compute Engine, BigQuery, Secret Manager, Cloud SQL, and Spanner.
Autokey simplifies creating and using customer-managed encryption keys (CMEKs) by automating provisioning and assignment. With Autokey, key rings, keys, and service accounts don't need to be planned and provisioned before they're needed. Instead, Autokey generates keys on demand as resources are created.
Using keys generated by Autokey can help you consistently align with industry standards and recommended practices for data security, including the HSM protection level, separation of duties, key rotation, location, and key specificity. Keys requested using Autokey function identically to other Cloud HSM keys with the same settings.
For more information, see Autokey overview.
Cloud Storage is now enabled for use with Cloud KMS Autokey.
Using keys generated by Autokey can help you consistently align with industry
standards and recommended practices for data security, including the HSM
protection level, separation of duties, key rotation, location, and key
specificity. Keys requested using Autokey function identically to other
Cloud HSM keys with the same settings.
New stable versions of Gemini 1.5 Pro (gemini-1.5-pro-002) and Gemini 1.5 Flash (gemini-1.5-flash-002)
are Generally Available. These models introduce broad quality improvements over the previous 001 versions, with significant gains in the following categories:
Factuality and reduce model hallucinations
Openbook Q&A for RAG use cases
Instruction following
Multilingual understanding in 102 languages, especially in Korean, French, German, Spanish, Japanese, Russian, and Chinese.
The 2M context window with Gemini 1.5 Pro is now in Generally Available, which opens up long-form multimodal use cases that only Gemini can support.
Use Gemini to directly analyze YouTube videos and publicly available media (such as images, audio, and video) by using a link. This feature is in Public Preview.
The new API parameters audioTimestamp, responseLogprob, and logprobs are in Public Preview. For more information, see API reference.
Gemini 1.5 Pro and Gemini 1.5 Flash now support multimodal input with function calling. This feature is in Preview.
The Vertex AI prompt optimizer adapts your prompts using the optimal instructions and examples to elicit the best performance from your chosen model. This feature is available in Preview. To learn more, see Optimize prompts.
Gemini 1.5 Pro and Gemini 1.5 Flash Tuning is now available in GA.
Tune Gemini with text, image, audio, and document data types using the latest models:
The latest versions of Gemini 1.5 Flash (gemini-1.5-flash-002) and Gemini 1.5 Pro (gemini-1.5-pro-002) use dynamic shared quota, which distributes on-demand capacity among all queries being processed. Dynamic shared quota is Generally Available.
GKE clusters using the Network Policy feature and Pods specifying a hostPort might have experienced networking connectivity issues after control plane upgrades. As a precaution, GKE disabled auto-upgrades for potentially impacted clusters.
The following GKE versions contain a fix for this issue and are safe to manually upgrade to:
1.27.16-gke.1342000 or later
1.28.13-gke.1078000 or later
1.29.8-gke.1157000 or later
1.30.4-gke.1282000 or later
1.31 or later
GKE control plane upgrades are now resumed and clusters will be auto-upgraded when the patch version becomes an auto-upgrade target for your clusters, honoring maintenance windows and exclusions.
Generate LookML: Use Gemini assistance to generate LookML code suggestions in response to natural language prompts. In the Looker IDE, click the Help me code icon to get Gemini assistance to create dimensions, dimension groups, and measures in your LookML project.
Spanner now offers editions, a tier-based pricing model that provides greater flexibility, better cost transparency, and opportunities for cost savings. You can choose between the Standard, Enterprise, and Enterprise Plus editions, letting you pick the right set of capabilities to fit your needs and budget. To learn more, read the Spanner editions overview and blog.
Spanner is now enabled for use with Cloud KMS Autokey.
Using keys generated by Autokey can help you consistently align with industry
standards and recommended practices for data security, including the HSM
protection level, separation of duties, key rotation, location, and key
specificity. Keys requested using Autokey function identically to other
Cloud HSM keys with the same settings.
bigquery: Update google.golang.org/api to v0.191.0 (5b32644)
Documentation
bigquery/datatransfer: Add a note to the CreateTransferConfigRequest and UpdateTransferConfigRequest to disable restricting service account usage (2710d0f)
bigquery/migration: A comment for field name in message .google.cloud.bigquery.migration.v2.MigrationWorkflow is changed to include 'Identifier' (1bb4c84)
bigquery/migration: A comment for field translation_config_details in message .google.cloud.bigquery.migration.v2.MigrationTask is changed (1bb4c84)
bigquery/migration: A comment for field type in message .google.cloud.bigquery.migration.v2.MigrationTask is changed to include new supported types (1bb4c84)
bigquery/storage: A comment for field location_uri in message .google.cloud.bigquery.storage.v1alpha.StorageDescriptor is changed (2710d0f)
bigquery/storage: A comment for message StreamMetastorePartitionsRequest is changed (2710d0f)
bigquery/storage: A comment for message StreamMetastorePartitionsResponse is changed (2710d0f)
You can now create workflows to execute code assets in sequence at a scheduled time. This feature is in Preview.
Bigtable
A weekly digest of client library updates from across the Cloud SDK.
Scope 2 market-based emissions data is now Generally Available. This metric represents purchased electricity, incorporating Google's annual renewable energy purchases. Scope 2 emissions on this page are estimated using annual emissions factors from government sources (IEA, EPA & AIB). You can learn more here about the methodology and the difference between location-based and market-based emission metrics.
Scope 2 market-based emissions data is available only from January 2023 onwards and can be accessed in:
Fixed an issue causing the maximum concurrent runs setting not to work as expected for scheduled pipeline runs (CDAP-20988).
Fixed an issue causing upgrades to fail when the schedule name had hyphens, spaces, or other symbols (CDAP-20999).
Cloud Healthcare API
A new release is available. This release may include some or all of the
following: general performance improvements, bug fixes, and updates to the
API reference documentation.
Cloud Monitoring
The layout of the incident detail page has been updated. You can now view related incidents, and switch between viewing only the time series that caused the condition to be met and viewing all time series that the alerting policy evaluated. For more information, see Incidents for metric-based alerting policies
and Incidents for log-based alerting policies.
Config Connector version 1.123.1 is now available.
Starting from this version, all new CustomResources (CRs) have the cnrm.cloud.google.com/state-into-spec annotation field default to absent. For more information about this behavior, see the spec fields documentation. The behavior of existing CRs is not impacted by this change.
You can use the alpha.cnrm.cloud.google.com/reconciler: direct annotation on DataflowFlexTemplateJob resource to opt-in
the Direct Cloud Reconciler, which provides an advanced status update solution for some timeout issues.
If you use the CloudIdentityGroup, CloudBuildTrigger and FirestoreIndex resources, do not use version 1.123.0, as it contains regression issues for these resources due to the state-into-spec setting.
BigQueryDataTransferConfig (v1alpha1) now uses direct reconciliation.
BigQueryConnectionConnection (v1alpha1) now uses direct reconciliation.
DataformRepository is promoted from alpha to beta.
Added FirestoreDatabase (v1alpha1). This uses direct reconciliation.
All release notes published on this date are part of version 3.26.
The timing of the update to your instance depends on the deployment schedule that you have chosen. For more information, see Deployment schedules.
Agent-level deflections
With agent-level deflections, you can let your agents set their own deflection options for agent to agent calls. There are deflections for over-capacity, after-hours, and automatic redirection. Agents can choose to deflect to a queue, a phone number, an outbound SIP transfer, voicemail, callback, or keep waiting. Agent-level deflections can also be configured globally. For more information, see Let an agent configure their own deflection options.
Rich messaging
With rich messaging, you can do the following when creating and sending
messages: use bold, italic, and underline formatting; create bulleted and
numbered lists; and add links. You can also add emojis to messages. This
capability is available to agents in the chat adapter. It's also available to
administrators when they configure chat shortcuts and the initial chat messages
for the web SDK and the mobile SDKs. For more information, see Rich messaging.
First In First Out queue routing
With First In First Out queue routing, you can set equal priority for transferred calls and chats and non-transferred (standard) calls and chats. By default, transferred calls and chats have priority. For more information, see First in first out queue routing.
Direct inbound calling
With direct inbound calling, you can create direct phone numbers and assign them to agents or queues. This lets end-users call directly to an individual agent or queue, bypassing IVR queue trees. Administrators can enable inbound call recording and configure deflection options for direct inbound calls. For more information, see Direct phone numbers.
UPDATE: Session data is available in the agent adapter
You can configure CCAI Platform so that users can view session data in the agent adapter. This includes virtual agent session variables and custom data from the web and mobile SDKs. This information can be useful for an agent to get additional information during a session, or for a supervisor to get an overview of a session that they barge into. For more information, see View session data in the agent adapter.
Fixed an issue where the Interaction JSON metadata file was sometimes not being sent to the Kustomer CRM after a chat or call ended.
Fixed an issue where the queue duration of a chat was sometimes doubled in reporting.
Fixed an issue where messages were not sent to chat participants for chats initiated by the chat API.
Fixed an issue where co-browse metadata was not saved when the recording option was disabled.
Fixed an issue where co-browse session events were not generated at session start and end.
Made improvements to barge.
Fixed an issue where users with a permission group in workforce management could not be created or edited .
Fixed an issue where the generic message was played for custom after hours deflection.
Fixed an issue where agents had more permissions than that role permits.
Fixed an agent assist integration timeout issue.
Implemented a change that prevents the administrator account from being deactivated or changed using bulk user update.
Updated cos-gpu-installer to v2.4.2. This enables creation
of /dev/dri when loading nvidia-drm.ko for COS kernels build with
loadable drm and dependent modules.
Dataproc Serverless for Spark: In runtime versions 1.2 and 2.2, minimized the dynamic memory footprint of the Spark application by setting XX:MaxHeapFreeRatio to 30% and XX:MinHeapFreeRatio to 10%.
Dataproc Serverless for Spark: Added the google-cloud-dlp Python package by default to the Dataproc Serverless for Spark runtimes.
Dataproc Serverless for Spark: Fixed an issue that would cause some batches and sessions to fail to start when using the premium compute tier.
Document AI
Models pretrained-expense-v1.3.2-2024-09-11 and pretrained-expense-v1.4.2-2024-09-12 are available as Release Candidates (RC) for Expense Parser. They are upgrades over v1.3 and v1.4 with an enhanced underlying vision model.
Google Distributed Cloud (software only) for VMware
A security issue was discovered in Kubernetes clusters with Windows nodes where BUILTIN\Users may be able to read container logs and AUTHORITY\Authenticated Users may be able to modify container logs. For more information, see the
GCP-2024-054 security bulletin.
Google Distributed Cloud (software only) for bare metal
Release 1.28.1000-gke.60
Google Distributed Cloud for bare metal 1.28.1000-gke.60 is now available for download. To upgrade, see Upgrade clusters. Google Distributed Cloud for bare metal 1.28.1000-gke.60 runs on Kubernetes 1.28.
After a release, it takes approximately 7 to 14 days for the version to become available for installations or upgrades with the GKE On-Prem API clients: the Google Cloud console, the gcloud CLI, and Terraform.
If you use a third-party storage vendor, check the Ready storage partners document to make sure the storage vendor has already passed the qualification for this release of Google Distributed Cloud for bare metal.
Fixes:
Fixed Cloud Audit Logging failure due to allowlisting issue with multiple project IDs.
The following container image security vulnerabilities have been fixed in 1.28.1000-gke.60:
A security issue was discovered in Kubernetes clusters with Windows nodes where BUILTIN\Users may be able to read container logs and AUTHORITY\Authenticated Users may be able to modify container logs. For more information, see the GCP-2024-054 security bulletin.
Network Analyzer now includes additional information in the IP address utilization summary insights. In the case of Shared VPC, Network Analyzer gives a summary of the IP address utilization of all relevant subnet ranges of the host project, and also provides the insights of the service projects. For more information, see IP address utilization summary insights.
SAP on Google Cloud
New SAP HANA certifications: X4 bare metal machine types for OLTP workloads
SAP has certified the Compute Engine bare metal machine types x4-megamem-960-metal, x4-megamem-1440-metal, and x4-megamem-1920-metal, for use with SAP HANA OLTP workloads in scale-out configurations with up to 4 nodes.
Google Cloud storage manager for SAP HANA standby nodes version 2.8
Version 2.8 of the Google Cloud storage manager for SAP HANA standby nodes is generally available (GA). This version includes bug fixes and supportability improvements.
On September 20, 2024, we released an updated version of Apigee (1-13-0-apigee-5).
Bug ID
Description
366039324
Fixed PEM parsing error in JWT/JWS policies
Resolved a PEM parsing error in JWT/JWS policy execution caused by a problematic PEM format.
353527851
Resolved dropped WebSocket connection
Fixed issue causing a dropped WebSocket connection when using the OAuthV2 policy and the VerifyJWTAccessToken operation or VerifyJWT.
361166073
Fixed issue with JWKS rejection in GenerateJWT policy
Fixed an issue where valid JWKS used to sign encrypted JWTs with the GenerateJWT Policy are incorrectly rejected with steps.jwt.NoMatchingPublicKey.
352593965
Resolved SSL enforcement bug in proxies using the <SSLInfo> block
This release fixes an SSL enforcement bug in proxies where an <SSLInfo> block specifies both <IgnoreValidationErrors> and <Enforce> as true. The bug results in no enforcement for one specific type of SSL violation - a mismatch between the certificate subject name and the real host name of the target (No Subject Alternative Name, or NSAN). With this fix, <Enforce> uniformly overrides <IgnoreValidationErrors> in all cases, including NSAN.
Property description allows you to provide additional context, insights, and prior knowledge for each entity to improve extraction accuracy.
Good examples of property descriptions include location information and text patterns of the property values, which help disambiguate potential sources of confusion in the document, guiding the model with rules that ensure more reliable and consistent extractions, regardless of the specific document structure or content variations.
Generative AI on Vertex AI
Add label metadata to generateContent and streamGenerateContent API calls. For details, see Add labels to API calls.
The integration enables customers to deploy source from GitLab to Google Cloud run-time environments. The integration simplifies authentication and authorization to Google for GitLab piplines, and uses GitLab and Google CI/CD components.
Auto-tiering in Preview is now generally available for allow-listed users. Auto-tiering is now available for Premium and Extreme service levels. Auto-tiering reduces the overall cost of storage by identifying data that is infrequently used and transparently moves it from primary hot storage to less expensive but slower cold storage. For more information, see Auto-tiering.
ML.DESCRIBE_DATA:
compute descriptive statistics for a set of training or serving data.
ML.VALIDATE_DATA_SKEW:
compute the statistics for a set of serving data, and then compare them to
the statistics for the data used to train a BigQuery ML model in order to
identify anomalous differences between the two data sets.
ML.VALIDATE_DATA_DRIFT:
compute and compare the statistics for two sets of serving data in order to
identify anomalous differences between the two data sets.
ML.TFDV_VALIDATE:
compute and compare the statistics for training and serving data, or two
sets of serving data, in order to identify anomalous differences between
the two data sets. This function provides the same behavior as the
TensorFlow tfdv.validate_statistics API.
Cloud Data Fusion
The SAP SLT No RFC Replication plugin version 0.11.3 is available in Cloud Data Fusion version 6.8.0 and later. This release fixes an issue causing the following error: Error encountered while configuring the stage: Unable to access Cloud Storage or download JCo libraries from Cloud Storage.
Cloud Logging
You can now query your log data from the Log Analytics page by using reserved BigQuery slots. For more information, see Query and view logs in Log Analytics.
Cloud SQL for PostgreSQL
You can now use gcloud or the Cloud SQL Admin API to switch the storage location of the transaction logs used for point-in-time recovery on your instance without downtime to Cloud Storage. For more information, see Use point-in-time recovery and Switch transaction log storage to Cloud Storage.
Cloud Service Mesh
1.23.2-asm.2 is now available for in-cluster Cloud Service Mesh.
You can now download 1.23.2-asm.2 for in-cluster Cloud Service Mesh. It includes the features of Istio 1.23.2 subject to the list of supported features.
Istio's credentialName field in the DestinationRule API is not supported.
Cloud Service Mesh 1.23.2-asm.2 uses Envoy v1.31.1.
This release contains the fix for the security vulnerability listed in GCP-2024-052.
Managed Cloud Service Mesh 1.23 isn't rolling out to the rapid release channel at this time. You can periodically check this page for announcements regarding rapid channel rollout.
1.22.5-asm.1 is now available for in-cluster Cloud Service Mesh.
This patch release contains fixes for the security vulnerabilities listed in GCP-2024-052. For details on upgrading Cloud Service Mesh, refer to Upgrade Cloud Service Mesh. Cloud Service Mesh v1.22.5-asm.1 uses Envoy v1.30.5.
1.21.5-asm.7 is now available for in-cluster Cloud Service Mesh.
This patch release contains fixes for the security vulnerabilities listed in GCP-2024-052. For details on upgrading Cloud Service Mesh, refer to Upgrade Cloud Service Mesh. Cloud Service Mesh v1.21.5-asm.7 uses Envoy v1.29.8.
1.20.8-asm.7 is now available for in-cluster Cloud Service Mesh.
This patch release contains fixes for the security vulnerabilities listed in GCP-2024-052. For details on upgrading Cloud Service Mesh, refer to Upgrade Cloud Service Mesh. Cloud Service Mesh v1.20.8-asm.7 uses Envoy v1.28.6.
Dialogflow
Dialogflow CX and Vertex AI: The text-bison@002, text-bison and code-bison models will be deprecated on October 21, 2024 and automatically upgraded to the gemini-1.5-flash-001 model. This change applies to Vertex AI agents and the following Dialogflow CX Generative Features:
Vertex AI agent apps
Data store agents (also known as Chat agents)
Generators
After the upgrade on October 21, 2024, gemini-1.5-flash-001 will be automatically selected in the console. We recommend that you upgrade to the new model early to allow enough time for testing and to ensure that your solution works as intended.
Dialogflow CX & ES: Text-to-speech Journey Voices now supports MULAW output audio_encoding (CX, ES) in addition to LINEAR16. Future updates to Journey Voices will appear in the Cloud Text-to-Speech documentation.
Dialogflow CX: Cloud Text-to-Speech europe-west1 and europe-west3 regions for Neural2 voices will temporarily use the eu mulit-region instead.
Google Distributed Cloud (software only) for VMware
Google Distributed Cloud (software only) for VMware 1.29.500-gke.160 is now
available for
download.
To upgrade, see Upgrade a cluster or a node
pool.
Google Distributed Cloud 1.29.500-gke.160 runs on Kubernetes v1.29.7-gke.1200.
If you are using a third-party storage vendor, check the GDCV Ready storage
partners
document to make sure the storage vendor has already passed the qualification
for this release.
After a release, it takes approximately 7 to 14 days for the version to become
available for use with GKE On-Prem API
clients:
the Google Cloud console, the gcloud CLI, and Terraform.
Fixed the following issues in 1.29.500-gke.160:
Fixed the known
issue
where updating DataplaneV2 ForwardMode didn't automatically trigger anetd
DaemonSet restart.
Fixed the known
issue
where the credential.yaml file regenerated incorrectly during admin workstation upgrade.
Fixed the following vulnerabilities in 1.29.500-gke.160:
New versions available for upgrades and new clusters
The following Kubernetes versions are now available for new clusters and for
opt-in control plane upgrades and node upgrades for existing clusters. For more
information on versioning and upgrades, see GKE versioning and support
and Upgrades.
Rapid channel
The following versions are now available in the Rapid channel:
The following versions are no longer available in the Rapid channel:
1.27.16-gke.1296000
1.28.13-gke.1078000
1.29.8-gke.1157000
1.30.3-gke.1969000
1.30.4-gke.1282000
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version 1.30.3-gke.1969001 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version 1.31.0-gke.1506000 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version 1.30.3-gke.1969001 with this release.
Regular channel
Version 1.30.3-gke.1969001 is now the default version for cluster creation in the Regular channel.
The following versions are now available in the Regular channel:
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version 1.30.3-gke.1969001 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.30 to version 1.30.3-gke.1969001 with this release.
Stable channel
The following versions are now available in the Stable channel:
Version 1.30.3-gke.1639000 is no longer available in the Extended channel.
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.30 to version 1.30.3-gke.1969001 with this release.
No channel
Version 1.30.3-gke.1969001 is now the default version for cluster creation.
The following versions are no longer available in the Rapid channel:
1.27.16-gke.1296000
1.28.13-gke.1078000
1.29.8-gke.1157000
1.30.3-gke.1969000
1.30.4-gke.1282000
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version 1.30.3-gke.1969001 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version 1.31.0-gke.1506000 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version 1.30.3-gke.1969001 with this release.
(2024-R36) Version updates
Version 1.30.3-gke.1969001 is now the default version for cluster creation in the Regular channel.
The following versions are now available in the Regular channel:
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version 1.30.3-gke.1969001 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.30 to version 1.30.3-gke.1969001 with this release.
(2024-R36) Version updates
The following versions are now available in the Stable channel:
Version 1.30.3-gke.1639000 is no longer available in the Extended channel.
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.30 to version 1.30.3-gke.1969001 with this release.
(2024-R36) Version updates
Version 1.30.3-gke.1969001 is now the default version for cluster creation.
Flex service level now offers regional storage pools and volumes. Regional volumes provide high-availability across zones by synchronously replicating the data between the two zones selected by the user and automatically failing over to the replica zone in the event of a zone failure. This feature is now generally available.
Customer Managed Encryption Keys (CMEK) for the Flex service level which is in Preview is now generally available. For more information, see About CMEK.
You can now create more than one active directive policy per region. For more information, see Active Directory.
Flex service level now supports the optional feature Block volume from deletion when clients are connected. This option is required for using NetApp Volumes with Google Cloud VMware Engine (GCVE) datastores. When this option is enabled, it prevents the deletion of a volume if the volume is mounted as a GCVE datastore.
On September 18, 2024, we released an updated version of the Apigee UI.
Bug ID
Description
349284447
All API products associated with a key now displayed in the UI
All API products associated with a key can now be viewed in the App detail page of the UI using pagination. Previously, a maximum of 50 API products could be displayed.
Apigee X
On September 18, 2024 we released an updated version of Apigee
Release of Cloud IAM-based authorization and authentication and the VerifyIAM policy.
This release introduces Cloud IAM-based authorization and authentication for Apigee API access. With this IAM-based solution, access to invoke an API requires the API consumer to have a specific Google Cloud IAM role or permissions.
Support dates for previous Cloud Composer 3 builds are available. All Cloud Composer 3 builds with Airflow 2.9.1 are supported until September 18, 2025.
Database Migration Service for homogeneous PostgreSQL migrations to Cloud SQL now automatically enables point-in-time recovery (PITR) for the destination instance when you promote the migration job. Previously, you had to turn on PITR after you promoted an instance.
Database Migration Service doesn't automatically enable PITR for homogeneous PostgreSQL migrations to Cloud SQL. For more information, see the release note entry for October 8, 2024.
Compute Engine
You can determine the number of running VMs and reservations that match the properties of a future reservation request. By subtracting this number from the total count specified in a future reservation request, you can determine the number of reserved VMs that an existing future reservation provisions at its start time. For more information, see Determine the number of provisioned VMs.
You can create a future reservation request by reusing the properties of an existing VM. This lets you consume the auto-created reservations for the future reservation by creating VMs with properties that exactly match the reference VM's properties. For more information, see the following:
Model Garden supports an organization policy so that administrators can limit access to certain models and capabilities. For more information, see Control access to Model Garden models
Security Command Center
Assign high-value resources based on Sensitive Data Protection insights for Amazon S3 buckets
Vertex AI Agent Builder: Redirection URI for grounded results (GA)
When you use Grounding with Google Search, the grounded result contains a redirection URI that leads you to the publisher's URI. This redirection URI remains accessible for up to 30 days after the grounded result is generated.
Cloud Service Mesh with a Traffic Director control plane implementation is still incompatible with Envoy version v1.31.0.
If you manually control your Envoy version, do not upgrade to v1.31.0 as there is an existing issue with connecting to the Traffic Director API. Instead, upgrade to Envoy version 1.31.1 where this issue is fixed, or set GRPC_DNS_RESOLVER=native for v1.31.0 as a workaround.
If you do not manually control your Envoy version, you don't have to do anything. Google's data plane management will not select an incompatible version for you.
Google Cloud Architecture Center
(New guide)
Scalable BigQuery backup automation: Build a solution to automate recurrent BigQuery backup operations at scale, with two backup methods: BigQuery snapshots and exports to Cloud Storage. This architecture is accompanied by a deployment guide.
NetApp Volumes
Large capacity volumes in Preview is now generally available for allow-listed users. Premium and Extreme service levels now offer large capacity volumes. Large capacity volumes can be sized between 15TiB and 1 PiB in increments of 1 GiB, and deliver throughput performance of up to 12.5 GiBps. Large capacity volumes offer six storage endpoints (IP addresses) to load-balance client traffic to the volume and achieve higher performance. For more information, see Large capacity volumes.
Sensitive Data Protection
The POLITICAL_TERM infoType detector is available in all regions. For more information about all built-in infoTypes, see InfoType detector reference.
The NEW_ZEALAND_NHI_NUMBER infoType detector is available in all regions. For more information about all built-in infoTypes, see InfoType detector reference.
Vertex AI
To ensure that VM resources are available when your custom training and prediction jobs need them, you can now use Compute Engine reservations. Reservations provide a high level of assurance in obtaining capacity for Compute Engine resources. This feature is available in Preview for A2 and A3 machine series reservations.
To reduce the cost of running your training and prediction jobs, you can now use Spot VMs. Spot VMs are virtual machine (VM) instances that are excess Compute Engine capacity. Spot VMs have significant discounts, but Compute Engine might preemptively stop or delete Spot VMs to reclaim the capacity at any time. This feature is available in Preview.
The postgres_ann extension has been renamed to alloydb_scann. Before you upgrade to AlloyDB Omni Kubernetes operator version 1.1.1, you must drop any indexes created using the earlier postgres_ann version, then upgrade AlloyDB Omni, and then create the indexes again using the alloydb_scann extension.
Added a tutorial that shows you how to set up a connection from an application running in a Google Kubernetes Engine autopilot cluster to an AlloyDB instance.
Fixed a regression for the AlloyDB Vertex AI integration.
Fixed a bug in which upgrading from version 1.0.0 to version 1.1.0 failed when using injected sidecars.
Fixed a bug in which backups weren't reestablished correctly across failovers when using the Commvault sidecar with high availability (HA) configurations.
Fixed a bug that caused a status to be incorrectly set by the load balancer, resulting in erroneous reports that the database cluster wasn't ready.
Upgrading to version 1.1.1 of the AlloyDB Omni Kubernetes operator might result in a brief interruption to all database clusters. No data loss is expected.
Anti Money Laundering AI
A new major engine version is now available for Retail and Commercial lines of business, within the v4 tuning version. This includes:
Reduction of the total requirement for Transaction and Account data from 41 to 30 months
Performance improvements across several feature families, focusing on more recent high risk activity
Adjustment to the calculation of the PartyRecall metric in the rare corner case when many customers have the same prediction score and it's not possible to yield exactly partyInvestigationsPerPeriod positive predictions
AutoML Translation API is deprecated and will no longer be available on Google Cloud after September 30, 2025. You can replicate the functionality of custom models through Cloud Translate - Advanced (v3).
Envoy-based Application Load Balancers now support authorization policies that let you establish access control checks for incoming traffic. For details, see Authorization policy.
This feature is available in Preview.
Cloud Logging
You can now create and manage your log scopes by using the Logging API in addition to using the Cloud Console. This feature is in public preview. For more information, see Create and manage log scopes.
There is a new Cloud Observability Overview page in the Google Cloud Console. The new page, which you can customize, introduces the Cloud Observability products, and provides information about your logs, dashboards, incidents, and more. This page can help you detect issues in your resources, view relevant events, and view signals that matter to you.
A weekly digest of client library updates from across the Cloud SDK.
Update dependency com.google.cloud:sdk-platform-java-config to v3.35.0 (#1683) (31ec2b9)
Cloud Monitoring
There is a new Cloud Observability Overview page in the Google Cloud Console. The new page, which you can customize, introduces the Cloud Observability products, and provides information about your logs, dashboards, incidents, and more. This page can help you detect issues in your resources, view relevant events, and view signals that matter to you.
Cloud SQL is discontinuing support for legacy high availability (HA) instance configuration on January 6, 2025. After this date, you can't create Cloud SQL for MySQL instances with the legacy configuration for high availability. You also can't enable the legacy configuration for high availability on existing instances. Until January 6, 2025, legacy HA instances are still covered by the Cloud SQL SLA. We recommend that you upgrade your existing legacy HA instances to regional persistent disk HA instances as soon as possible and create new HA instances using regional persistent disk instead.
Starting on May 1, 2025, Cloud SQL will migrate any remaining instances that use the legacy HA configuration to the current HA configuration automatically.
Cloud Workstations
Cloud Workstations preconfigured base images use Ubuntu 24.04. The last images built on Ubuntu 22.04 are tagged with last-ubuntu2204 for building backwards compatible custom images.
Cloud Workstations preconfigured base images default to Python 3.12.3.
Dialogflow CX and Vertex AI Agents: Generative features will migrate to the gemini-1.5-flash-001 model on September 30, 2024. See the email notification.
Firestore in Datastore mode
A weekly digest of client library updates from across the Cloud SDK.
Google SecOps has updated the list of supported default parsers. Parsers are updated gradually, so it might take one to four days before you see the changes reflected in your region.
The following supported default parsers have changed. Each parser is listed by product name and log_type value, if applicable. This list now includes both released default parsers and pending parser updates.
Google SecOps has updated the list of supported default parsers. Parsers are updated gradually, so it might take one to four days before you see the changes reflected in your region.
The following supported default parsers have changed. Each parser is listed by product name and log_type value, if applicable. This list now includes both released default parsers and pending parser updates.
HTTP method filtering for specific route rules is now Generally Available. You can now also implement such filtering by using the GUI.
Migrate to Virtual Machines
As Container Registry is deprecated, Migrate to Virtual Machines is transitioning from Container Registry to Artifact Registry to store images running on Migrate Connector. This transition will be completed by October 15, 2025. For the most part, this change should not affect your usage of Migrate Connector or Migrate to Virtual Machines. However, for some configurations, you might have to add VPC-SC rules to allow Migrate Connector to access Artifact Registry. If you need help using Artifact Registry with Migrate to Virtual Machines, contact the Migrate to Virtual Machines support team.
Oracle Database@Google Cloud
Oracle Database@Google Cloud is now Generally Available (GA).
Google Cloud's partnership with Oracle allows you to combine Oracle Cloud Infrastructure (OCI) and Google Cloud technologies. With native integration, you can deploy your Oracle database services in a Google Cloud data center running on OCI Exadata hardware with minimal latency. Oracle Database@Google Cloud supports the following OCI products on Google Cloud:
Exadata Database Service
Autonomous Database Service
For more information about Oracle Database@Google Cloud, see the Product overview.
Pub/Sub
A weekly digest of client library updates from across the Cloud SDK.
Authorization extensions help you configure Cloud Load Balancing authorization policies to use custom authorization engines. This feature is in Preview.
You can now also host an extension on a backend service that uses serverless NEGs pointing to Cloud Run services. For more information, see Supported backends for extension services.
Vertex AI
Schedule Vertex AI custom training jobs based on resource availability. For details, see the Vertex AI documentation.
For Cloud SQL Enterprise Plus edition, you can set the number of days of retained transaction logs from 1 to 35. For more information, see Use point-in-time recovery (PITR).
Added new cloud monitoring metrics, specifically for auto-tiering and backups. For more information, see Monitor NetApp Volumes.
SAP on Google Cloud
Support for version 1 of Google Cloud's Agent for SAP has ended
Version 1 of Google Cloud's Agent for SAP has reached the end of support.
If you're using version 1 of the agent, then we strongly recommend that you update to using a supported version as soon as possible. For information about supported versions, see Supported versions for SAP on Google Cloud. For information about how to update to a supported version of the agent, see Update Google Cloud's Agent for SAP.
Workforce Identity Federation lets you use an external identity provider (IdP) to authenticate and authorize a workforce — a group of users, such as employees, partners, and contractors — using Identity and Access Management (IAM) to access Apigee services.
Fixed a problem where apps associated with an AppGroup did not appear in the Apps list in the Apigee UI in Cloud Console. As a result, users could not access the app's App Detail page in the console. Using search in the console with a partial app name or API key search for the app was not available.
With this fix, users can now view apps associated with an AppGroup in the Apps list, and view details for each app or delete the app. Users will still not be able to create or edit AppGroup apps.
Apigee hybrid organizations were not impacted by this problem, as they use the Classic UI to view the app details.
PEM parsing error in JWT/JWS policies due to non-standard format
For Apigee and Apigee hybrid versions 1.13 and higher, any deviations in the required PEM format of keys used in Apigee JWS or JWT policies may result in a parsing error.
Cloud SQL now supports near-zero downtime planned maintenance on standalone Cloud SQL Enterprise Plus edition primary instances. In addition, you can also simulate near-zero downtime for planned maintenance events on standalone Cloud SQL Enterprise Plus edition primary instances.
You can now upgrade the minor version of a Cloud SQL for MySQL Enterprise Plus edition instance with near-zero downtime. To upgrade the minor version of your Cloud SQL for MySQL 8.0 instance, see Upgrade the minor version.
You can now provide access to Cloud SQL Studio by granting a new IAM role, Cloud SQL Studio User (roles/cloudsql.studioUser), instead of using the Cloud SQL Admin IAM role.
Cloud SQL now supports near-zero downtime planned maintenance on standalone Cloud SQL Enterprise Plus edition primary instances. In addition, you can also simulate near-zero downtime for planned maintenance events on standalone Cloud SQL Enterprise Plus edition primary instances.
You can now provide access to Cloud SQL Studio by granting a new IAM role, Cloud SQL Studio User (roles/cloudsql.studioUser), instead of using the Cloud SQL Admin IAM role.
You can now provide access to Cloud SQL Studio by granting a new IAM role, Cloud SQL Studio User (roles/cloudsql.studioUser), instead of using the Cloud SQL Admin IAM role.
Google Distributed Cloud (software only) for bare metal
Release 1.29.500-gke.163
Google Distributed Cloud for bare metal 1.29.500-gke.163 is now available for download. To upgrade, see Upgrade clusters. Google Distributed Cloud for bare metal 1.29.500-gke.163 runs on Kubernetes v1.29.7-gke.1200.
After a release, it takes approximately 7 to 14 days for the version to become available for installations or upgrades with the GKE On-Prem API clients: the Google Cloud console, the gcloud CLI, and Terraform.
If you use a third-party storage vendor, check the Ready storage partners document to make sure the storage vendor has already passed the qualification for this release of Google Distributed Cloud for bare metal.
The following container image security vulnerabilities have been fixed in 1.29.500-gke.163:
Public Preview of Gemini in Looker Conversational Analytics
You can query data in natural language. The Conversational Analytics feature is a Gemini-powered data querying experience that makes it easier to find answers, explore data, and share insights using natural language. This feature is now available in Public Preview.
Delay in score generation for Risk Assessment v2 with VPC-SC-enabled organizations only
This issue impacts Risk Assessment v2 only, which is in preview.
With VPC-SC-enabled organizations only, when generating scores for new organizations or scoring changes to included proxies, shared flows, and target server configurations, score generation could take as much as three hours.
You can now specify United States regions when using regional endpoints.
Config Connector
Config Connector version 1.122.0 is now available.
The state-into-spec field now defaults to Absent in all Config Controller clusters.
RedisCluster (Alpha) now uses direct reconciliation.
SQLInstance now uses direct reconciliation.
Added RedisCluster (Alpha) resource for service Redis.
ContainerCluster
The spec.nodeConfig.taint can be updated in place in lieu of destroying and recreating the object.
ContainerNodePool
The spec.nodeConfig.taint can be updated in place in lieu of destroying and recreating the object.
SQLInstance
Add the spec.cloneSource field to clone a SQLInstance.
RunJob
Add the spec.template.template.volumes[].cloudSqlInstance field to configure Cloud SQL instance.
Google Kubernetes Engine
For GPU node pools created in GKE Standard clusters running version 1.30.1-gke.115600 or later, GKE automatically installs the default NVIDIA GPU driver version corresponding to the GKE version if you don't specify the gpu-driver-version flag.
(2024-R35) Version updates
GKE cluster versions have been updated.
New versions available for upgrades and new clusters.
The following Kubernetes versions are now available for new clusters and for
opt-in control plane upgrades and node upgrades for existing clusters. For more
information on versioning and upgrades, see GKE versioning and support
and Upgrades.
Rapid channel
Version 1.31.0-gke.1506000 is now the default version for cluster creation in the Rapid channel.
The following versions are now available in the Rapid channel:
The following versions are no longer available in the Rapid channel:
1.27.16-gke.1234000
1.27.16-gke.1234001
1.27.16-gke.1258000
1.28.13-gke.1024000
1.28.13-gke.1042000
1.29.8-gke.1031000
1.29.8-gke.1057000
1.30.4-gke.1129000
1.30.4-gke.1213000
1.31.0-gke.1058000
1.31.0-gke.1324000
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.26 to version 1.27.16-gke.1287000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.27 to version 1.28.13-gke.1049000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version 1.29.8-gke.1096000 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.27 to version 1.27.16-gke.1287000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version 1.28.13-gke.1049000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version 1.29.8-gke.1096000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.31 to version 1.31.0-gke.1506000 with this release.
Regular channel
The following versions are now available in the Regular channel:
The following versions are no longer available in the Regular channel:
1.27.16-gke.1148000
1.28.12-gke.1179000
1.29.7-gke.1274000
1.30.3-gke.1969000
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.26 to version 1.27.16-gke.1148001 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.27 to version 1.28.13-gke.1006000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version 1.29.8-gke.1031000 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.27 to version 1.27.16-gke.1148001 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version 1.28.13-gke.1006000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version 1.29.8-gke.1031000 with this release.
Stable channel
Version 1.30.2-gke.1587003 is now the default version for cluster creation in the Stable channel.
The following versions are now available in the Stable channel:
Version 1.27.16-gke.1008000 is no longer available in the Stable channel.
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.26 to version 1.27.16-gke.1051001 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.27 to version 1.27.16-gke.1051001 with this release.
Extended channel
The following versions are now available in the Extended channel:
The following versions are no longer available in the Extended channel:
1.27.16-gke.1148000
1.28.12-gke.1179000
1.29.7-gke.1274000
1.30.3-gke.1969000
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.27 to version 1.27.16-gke.1148001 with this release.
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.28 to version 1.28.13-gke.1006000 with this release.
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.29 to version 1.29.8-gke.1031000 with this release.
No channel
The following control plane and node versions are now available:
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.26 to version 1.27.16-gke.1148001 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.27 to version 1.28.13-gke.1006000 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.27 to version 1.27.16-gke.1148001 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.28 to version 1.28.13-gke.1006000 with this release.
(2024-R35) Version updates
Version 1.31.0-gke.1506000 is now the default version for cluster creation in the Rapid channel.
The following versions are now available in the Rapid channel:
The following versions are no longer available in the Rapid channel:
1.27.16-gke.1234000
1.27.16-gke.1234001
1.27.16-gke.1258000
1.28.13-gke.1024000
1.28.13-gke.1042000
1.29.8-gke.1031000
1.29.8-gke.1057000
1.30.4-gke.1129000
1.30.4-gke.1213000
1.31.0-gke.1058000
1.31.0-gke.1324000
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.26 to version 1.27.16-gke.1287000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.27 to version 1.28.13-gke.1049000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version 1.29.8-gke.1096000 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.27 to version 1.27.16-gke.1287000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version 1.28.13-gke.1049000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version 1.29.8-gke.1096000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.31 to version 1.31.0-gke.1506000 with this release.
(2024-R35) Version updates
The following versions are now available in the Regular channel:
The following versions are no longer available in the Regular channel:
1.27.16-gke.1148000
1.28.12-gke.1179000
1.29.7-gke.1274000
1.30.3-gke.1969000
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.26 to version 1.27.16-gke.1148001 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.27 to version 1.28.13-gke.1006000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version 1.29.8-gke.1031000 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.27 to version 1.27.16-gke.1148001 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version 1.28.13-gke.1006000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version 1.29.8-gke.1031000 with this release.
(2024-R35) Version updates
Version 1.30.2-gke.1587003 is now the default version for cluster creation in the Stable channel.
The following versions are now available in the Stable channel:
Version 1.27.16-gke.1008000 is no longer available in the Stable channel.
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.26 to version 1.27.16-gke.1051001 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.27 to version 1.27.16-gke.1051001 with this release.
(2024-R35) Version updates
The following versions are now available in the Extended channel:
The following versions are no longer available in the Extended channel:
1.27.16-gke.1148000
1.28.12-gke.1179000
1.29.7-gke.1274000
1.30.3-gke.1969000
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.27 to version 1.27.16-gke.1148001 with this release.
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.28 to version 1.28.13-gke.1006000 with this release.
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.29 to version 1.29.8-gke.1031000 with this release.
(2024-R35) Version updates
The following control plane and node versions are now available:
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.26 to version 1.27.16-gke.1148001 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.27 to version 1.28.13-gke.1006000 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.27 to version 1.27.16-gke.1148001 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.28 to version 1.28.13-gke.1006000 with this release.
Looker
Looker 24.16 includes the following changes, features, and fixes:
Expected Looker (original) deployment start: Monday, September 16, 2024
Expected Looker (original) final deployment and download available: Thursday, September 26, 2024
Expected Looker (Google Cloud core) final deployment: Monday, September 30, 2024
Beginning in Looker 24.18, the October 2024 Looker release, Google Maps will be the only visualization engine for all map visualizations. The Legacy Maps chart type will be removed. Please go to the Legacy features page in the Admin panel and disable "Allow legacy maps"; if you encounter any issues, contact Looker Support.
The LookML Validator now checks for incompatible types in Liquid comparison expressions and, if it finds them, returns an error.
You can change the width of the panels in the Looker IDE, both the feature panel (which contains File Browser, Object Browser, and Git Actions) and the side panel (which contains Project Health, Quick Help, and Metadata). The size of the side panels is persisted across logins and refreshes.
The Chart Config Editor now supports sunburst visualizations.
The Redshift driver is now configured with AWS's recommended TCP keep-alive settings.
The content_summary API endpoint is now generally available. You can use this endpoint to search for recently viewed content or content that you have marked as a favorite.
Comprehensive API support for Looker Connected Sheets is now accessible through both AppsScript and the Google Sheets APIs. API support enables automated data refresh, custom workflows, and integration with external tools and services.
Looker instances with the Redshift license feature enabled will now use the driver version 2.1.0.30.
The Looker IDE now persists a user's IDE state, including the open LookML file in the file browser; the expanded or collapsed status of items in the file browser; the selected item in the IDE navigation bar (such as the file browser, Git actions, object browser, or project settings); the sidebar item (such as the Quick Help panel, the Metadata panel, and the Project Health panel), and the size of the IDE side panels. You can remove the persistence by clicking the Reset IDE Layout button in the new IDE Settings page of the Looker IDE. Note: Item added to release notes on September 16, 2024.
The Looker IDE now supports text line wrapping in the IDE editor. Line wrapping is now the default behavior. You can turn off line wrap mode in the new IDE Settings page in the Looker IDE. Note: Item added to release notes on September 16, 2024.
The Looker IDE supports Vim and Emacs editors in addition to the default Looker IDE editor. You now can set your editor preference in the new IDE Settings page in the Looker IDE. Note: Item added to release notes on September 16, 2024.
To improve performance for LookML validation, the LookML parser object pool has been increased from a fixed-size pool of three LookML parser objects per Looker node to a dynamic pool size that is equal to the number of provisioned CPUs in the Looker node.
An issue has been fixed where measures would remove COALESCE SQL expressions from dimensions during query generation. This feature now performs as expected.
CJK characters are now displayed properly in mobile browsers when they are included within inline table email attachments.
An issue has been fixed that was causing the Collapse All Folders button in the Looker IDE to not work correctly. This feature now performs as expected.
An issue has been fixed where some schedules would fail to send if a PDT was rebuilding. This feature now performs as expected.
An issue where downloaded queries would not show error messages has been fixed. This feature now performs as expected.
An issue has been fixed where the progress bar on single value visualizations could overlap with the visualization note. This feature now performs as expected.
The LookML validator no longer forces the full_suggestions parameter to be enabled in certain situations involving Liquid variables and derived tables.
The Chart Config Editor now displays a more informative error message if you try to use an unsupported visualization type.
An issue has been fixed where the LookML Validator would return incorrect errors on cancel_grouping_fields in Explores with joins. This feature now performs as expected.
An issue has been fixed where the Looker SQL Interface could not connect to Tableau using OAuth. This feature now performs as expected.
Internal database calls during LookML validation have been reduced.
An issue where the LookML Validator could crash if a LookML file incorrectly referenced a dimension_group in a filters parameter has been fixed. This feature now performs as expected.
An issue has been fixed where Looker was incorrectly sanitizing some of the allowed CSS properties. This feature now performs as expected.
The child_count property can now be omitted from dashboard and Look API responses when a feature flag is enabled.
An issue has been fixed with the TRUNC function on some Denodo 8 dialects. This feature now performs as expected.
An issue has been fixed where query metrics were not appearing in the Explore list. This feature now performs as expected.
An issue has been fixed where the LookML validator would not return an error when value_format and named_value_format were both defined for a field. This feature now performs as expected.
The render event has been added to the audit log list.
Looker (Google Cloud Core) provides comprehensive audit logging through Cloud Audit Logs, including full Data Access and System Event audit log coverage. Previously, Cloud Audit Logs for Looker (Google Cloud core) captured only admin activities like instance creation and deletion. Note: Item added to release notes on September 16, 2024.
An issue with SAML authentication has been fixed.
The audit log buffer is now persisted to minimize log data loss.
A new Labs feature, Delegate Model Set Management, lets admins grant a new permission, manage_modelsets_restricted. This permission grants users permissions that are similar to manage_models, but only for model sets to which the users have access.
Secure Source Manager integration with Cloud Build lets you define your Cloud Build configuration and build triggers in your Secure Source Manager repository. To learn how to trigger builds automatically, see Connect to Cloud Build.
Security Command Center
Validate updates to integrations in the Security Command Center Enterprise use case
Updates to the threat response playbook blocks and use case flows are available in the SCC Enterprise - Cloud Orchestration & Remediation use case for Security Command Center Enterprise. To get these changes, upgrade the integrations to the latest versions.
The discovery service of Sensitive Data Protection now supports Amazon S3. You can run discovery to generate data profiles of your S3 buckets. Data profiles provide metrics and insights about the sensitivity and risk levels of your data to help you plan your data governance workflows.
This feature is available only to Security Command Center Enterprise customers. To use this feature, you need an AWS connector in Security Command Center that has Sensitive Data Protection enabled.
To get started on profiling Amazon S3 data, see the following:
Vertex AI Search: Natural language query filters (Public preview)
For queries on structured data stores, the natural language queries can be reformulated as filters and a residual query. For example, "Find a coffee shop serving banana bread" becomes
"query": "banana bread", "filter": "type": ANY(\"cafe\").
The natural-language query understanding feature only applies to generic apps. It is recommended for structured data stores but can also be applied to unstructured data stores with metadata and to website data stores with structured data.
Vertex AI APIs: Updated model for ranking and reranking documents for RAG
The ranking API model is upgraded. This underlying model significantly improves the relevance of top-ranked documents and provides more nuanced scores. For more information about ranking documents, see Rank and rerank documents with RAG.
September 10, 2024
Apigee Advanced API Security
On September 10, 2024 we released an updated version of Advanced API Security.
Proxy-specific security actions
You can now create security actions that apply only to one or more specified proxies.
This new functionality is not available with Apigee hybrid at this time.
See Security actions to learn more about proxy-specific security actions.
Google Kubernetes Engine
We previously identified a potential issue that could cause downtime for traffic directed to your GKE-managed internal passthrough Network Load Balancers after certain cluster operations, like node upgrades. This issue specifically affected clusters with GKE subsetting and Services configured with externalTrafficPolicy=Cluster. See the Aug 14, 2024 release note for details.
A fix for this issue is now available. We recommend upgrading your GKE cluster's control plane to the following patch versions or later:
Secret Manager is now enabled for use with Cloud KMS Autokey.
Using keys generated by Autokey can help you consistently align with industry
standards and recommended practices for data security, including the HSM
protection level, separation of duties, key rotation, location, and key
specificity. Keys requested using Autokey function identically to other
Cloud HSM keys with the same settings.
The ability to back up and restore data on a Vertex AI Workbench instance is now available in Preview. For more information, see Back up and restore an instance.
reCAPTCHA
reCAPTCHA Mobile SDK v18.6.1 is now available for Android.
This version contains the compatibility fix for Android 6 and earlier.
September 09, 2024
Access Approval
Access Approval supports Cloud Data Fusion in the GA stage.
Table and TopList widgets can now display the results of multiple queries. You can also configure the column headers, data alignment, and color-code cells based on how a numeric value compares to a threshold. For more information, see the following documents:
You can now set a default Dataform customer-managed encryption keys (CMEK) key for your project to encrypt multiple Dataform repositories with the same CMEK key. For more information, see Use Dataform default CMEK keys.
Firestore in Datastore mode
A weekly digest of client library updates from across the Cloud SDK.
Google Distributed Cloud (software only) for VMware
Google Distributed Cloud (software only) for VMware 1.28.900-gke.113 is now
available for
download.
To upgrade, see
Upgrade a cluster or a node pool.
Google Distributed Cloud 1.28.900-gke.113 runs on Kubernetes
v1.28.12-gke.1100.
If you are using a third-party storage vendor, check the
GDCV Ready storage partners
document to make sure the storage vendor has already passed the qualification
for this release.
After a release, it takes approximately 7 to 14 days for the version to become
available for use with
GKE On-Prem API clients:
the Google Cloud console, the gcloud CLI, and Terraform.
The following issues are fixed in 1.28.900-gke.113:
Fixed the
known issue
where updating DataplaneV2 ForwardMode doesn't automatically trigger anetd
DaemonSet restart.
Fixed the known issue where the credential.yaml file was regenerated incorrectly during an admin workstation upgrade.
Fixed the
known issue
where the etcdctl command was not found during cluster upgrade at the
admin cluster backup stage.
Fixed the following vulnerabilities in 1.28.900-gke.113:
deps: Update dependency @opentelemetry/semantic-conventions to ~1.26.0 (#1945) (f082869)
deps: Update dependency protobufjs to ~7.4.0 (#1959) (25946e0)
Propagate set options to LeaseManager (from https://github.com/googleapis/nodejs-pubsub/pull/1880) (#1954) (cdb0916)
SAP on Google Cloud
ABAP SDK for Google Cloud version v1.8 (On-premises or any cloud edition)
Version 1.8 of the on-premises or any cloud edition of ABAP SDK for Google Cloud is generally available (GA). This version introduces the Vertex AI SDK for ABAP, a dedicated toolset for seamless interaction with Google Cloud's Vertex AI platform from SAP environment.
The SDK lets you build AI-powered enterprise features and applications with reduced complexity and development efforts from within your SAP systems.
New configuration options for Vulnerability Assessment for AWS
When configuring Vulnerability Assessment for AWS, you can customize the scan settings by defining the scan interval, specific regions, specific tags, and specific instance IDs. You can also include SC1 or ST1 instances in the scan. For more information, see Enable and use Vulnerability Assessment for AWS.
Playbooks are getting stuck in the queue. (ID #53247410)
September 06, 2024
Cloud Data Fusion
The CloudSQL MySQL plugin version 1.10.7 is available in Cloud Data Fusion versions 6.9.0 and 6.10.0. This plugin version lets you use a macro to specify the name of the CloudSQL instance in the plugin's Connection name field.
The fleetwide and per-instance Observability tabs on the Compute Engine VM instances page now include charts for GPU metrics the from NVIDIA Management Library (NVML). To view the fleetwide GPU charts, select Compute Engine > VM instances > Observability. To view the GPU charts for a VM instance, select Compute Engine > VM instances, click on the name of a VM instance, and then select Observability. These charts are available only for VM instances with attached GPUs, with both the Ops Agent and the NVIDIA GPU driver installed. For information about configuring these VMs, see About the gpu metrics.
Dataproc on Compute Engine: The latest 2.2 image versions now support Hudi 0.15.0.
Dataproc on Compute Engine: The latest 2.2 image versions support Hudi Trino integration natively. If both components are selected when you create a Dataproc cluster, Trino will be configured to support Hudi automatically.
Google Kubernetes Engine
(2024-R34) Version updates
GKE cluster versions have been updated.
New versions available for upgrades and new clusters.
The following Kubernetes versions are now available for new clusters and for
opt-in control plane upgrades and node upgrades for existing clusters. For more
information on versioning and upgrades, see GKE versioning and support
and Upgrades.
Rapid channel
There are no new releases in the Rapid channel.
Regular channel
There are no new releases in the Regular channel.
Stable channel
There are no new releases in the Stable channel.
Extended channel
There are no new releases in the Extended channel.
No channel
There are no updates for clusters not enrolled in a release channel.
(2024-R33) Version updates
GKE cluster versions have been updated.
New versions available for upgrades and new clusters.
The following Kubernetes versions are now available for new clusters and for
opt-in control plane upgrades and node upgrades for existing clusters. For more
information on versioning and upgrades, see GKE versioning and support
and Upgrades.
Rapid channel
Version 1.31.0-gke.1058000 is now the default version for cluster creation in the Rapid channel.
The following versions are now available in the Rapid channel:
The following versions are no longer available in the Rapid channel:
1.27.16-gke.1148000
1.28.13-gke.1006000
1.29.7-gke.1274000
1.30.3-gke.1639000
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.26 to version 1.27.16-gke.1234000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.27 to version 1.28.13-gke.1024000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version 1.29.8-gke.1031000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version 1.30.3-gke.1969000 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.27 to version 1.27.16-gke.1234000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version 1.28.13-gke.1024000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version 1.29.8-gke.1031000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version 1.30.3-gke.1969000 with this release.
Regular channel
Version 1.30.3-gke.1639000 is now the default version for cluster creation in the Regular channel.
The following versions are now available in the Regular channel:
The following versions are no longer available in the Regular channel:
1.27.16-gke.1051000
1.27.16-gke.1082000
1.28.12-gke.1052000
1.29.7-gke.1104000
1.30.3-gke.1225000
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.26 to version 1.27.16-gke.1148000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.27 to version 1.28.12-gke.1179000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version 1.29.7-gke.1274000 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.27 to version 1.27.16-gke.1148000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version 1.28.12-gke.1179000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version 1.29.7-gke.1274000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.30 to version 1.30.3-gke.1639000 with this release.
Stable channel
Version 1.29.7-gke.1104000 is now the default version for cluster creation in the Stable channel.
The following versions are no longer available in the Stable channel:
1.27.15-gke.1252000
1.28.11-gke.1260000
1.29.6-gke.1326000
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.26 to version 1.27.16-gke.1008000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.27 to version 1.28.12-gke.1052000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version 1.29.7-gke.1104000 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.27 to version 1.27.16-gke.1008000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version 1.28.12-gke.1052000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version 1.29.7-gke.1104000 with this release.
Extended channel
Version 1.30.3-gke.1639000 is now the default version for cluster creation in the Extended channel.
The following versions are now available in the Extended channel:
The following versions are no longer available in the Extended channel:
1.27.16-gke.1051000
1.27.16-gke.1082000
1.28.12-gke.1052000
1.29.7-gke.1104000
1.30.3-gke.1225000
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.27 to version 1.27.16-gke.1148000 with this release.
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.28 to version 1.28.12-gke.1179000 with this release.
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.29 to version 1.29.7-gke.1274000 with this release.
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.30 to version 1.30.3-gke.1639000 with this release.
No channel
Version 1.30.3-gke.1639000 is now the default version for cluster creation.
The following control plane and node versions are now available:
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.26 to version 1.27.16-gke.1148000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.27 to version 1.28.12-gke.1179000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.28 to version 1.29.7-gke.1104000 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.27 to version 1.27.16-gke.1148000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.28 to version 1.28.12-gke.1179000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.29 to version 1.29.7-gke.1104000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.30 to version 1.30.3-gke.1639000 with this release.
(2024-R34) Version updates
There are no new releases in the Rapid channel.
(2024-R33) Version updates
Version 1.31.0-gke.1058000 is now the default version for cluster creation in the Rapid channel.
The following versions are now available in the Rapid channel:
The following versions are no longer available in the Rapid channel:
1.27.16-gke.1148000
1.28.13-gke.1006000
1.29.7-gke.1274000
1.30.3-gke.1639000
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.26 to version 1.27.16-gke.1234000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.27 to version 1.28.13-gke.1024000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version 1.29.8-gke.1031000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version 1.30.3-gke.1969000 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.27 to version 1.27.16-gke.1234000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version 1.28.13-gke.1024000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version 1.29.8-gke.1031000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version 1.30.3-gke.1969000 with this release.
(2024-R34) Version updates
There are no new releases in the Regular channel.
(2024-R33) Version updates
Version 1.30.3-gke.1639000 is now the default version for cluster creation in the Regular channel.
The following versions are now available in the Regular channel:
The following versions are no longer available in the Regular channel:
1.27.16-gke.1051000
1.27.16-gke.1082000
1.28.12-gke.1052000
1.29.7-gke.1104000
1.30.3-gke.1225000
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.26 to version 1.27.16-gke.1148000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.27 to version 1.28.12-gke.1179000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version 1.29.7-gke.1274000 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.27 to version 1.27.16-gke.1148000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version 1.28.12-gke.1179000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version 1.29.7-gke.1274000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.30 to version 1.30.3-gke.1639000 with this release.
(2024-R34) Version updates
There are no new releases in the Stable channel.
(2024-R33) Version updates
Version 1.29.7-gke.1104000 is now the default version for cluster creation in the Stable channel.
The following versions are no longer available in the Stable channel:
1.27.15-gke.1252000
1.28.11-gke.1260000
1.29.6-gke.1326000
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.26 to version 1.27.16-gke.1008000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.27 to version 1.28.12-gke.1052000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version 1.29.7-gke.1104000 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.27 to version 1.27.16-gke.1008000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version 1.28.12-gke.1052000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version 1.29.7-gke.1104000 with this release.
(2024-R34) Version updates
There are no new releases in the Extended channel.
(2024-R33) Version updates
Version 1.30.3-gke.1639000 is now the default version for cluster creation in the Extended channel.
The following versions are now available in the Extended channel:
The following versions are no longer available in the Extended channel:
1.27.16-gke.1051000
1.27.16-gke.1082000
1.28.12-gke.1052000
1.29.7-gke.1104000
1.30.3-gke.1225000
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.27 to version 1.27.16-gke.1148000 with this release.
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.28 to version 1.28.12-gke.1179000 with this release.
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.29 to version 1.29.7-gke.1274000 with this release.
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.30 to version 1.30.3-gke.1639000 with this release.
(2024-R34) Version updates
There are no updates for clusters not enrolled in a release channel.
(2024-R33) Version updates
Version 1.30.3-gke.1639000 is now the default version for cluster creation.
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.26 to version 1.27.16-gke.1148000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.27 to version 1.28.12-gke.1179000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.28 to version 1.29.7-gke.1104000 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.27 to version 1.27.16-gke.1148000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.28 to version 1.28.12-gke.1179000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.29 to version 1.29.7-gke.1104000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.30 to version 1.30.3-gke.1639000 with this release.
Google SecOps
Burst limits will be rolling out over the next 90 days. This should not affect customers if sources are properly configured. Review documentation for full details.
Google SecOps SIEM
Burst limits will be rolling out over the next 90 days. This should not affect customers if sources are properly configured. Review documentation for full details.
Sensitive Data Protection
The SEXUAL_ORIENTATION infoType detector is available in all regions. For more information about all built-in infoTypes, see InfoType detector reference.
September 05, 2024
Anthos Attached Clusters
This release includes the following GKE attached clusters platform versions. Click on the following links to see the release notes associated with these patches:
You can now launch clusters with the following Kubernetes versions. Click on the following links to see the release notes associated with these patches:
You can now launch clusters with the following Kubernetes versions. Click on the following links to see the release notes associated with these patches:
Fix for aggressive scaling of runtime pods & cpu spike.
362979563
Fix for Ingress Health Check failure /healthz/ingress - route_not_found.
Capacity Planner
Preview: You can view the on-demand reservations and future reservation requests available for consumption in your project, folder, or organization. This helps you plan for future capacity assurance, as well as view the reserved resources that cover your projected growth or peak usage. For more information, see View usage and forecast data in Capacity Planner.
Preview: You can use the Capacity Planner API to export usage and forecast data of the VMs, Persistent Disk volumes, or GPUs in your project, folder, or organization. This lets you export usage and forecast data in a Cloud Storage bucket or BigQuery table. For more information, see Export usage and forecast data using the Capacity Planner API.
Cloud Healthcare API
A new release is available. This release may include some or all of the following: general performance improvements, bug fixes, and updates to the API reference documentation.
Compute Engine
Generally available: Multi-writer support for Hyperdisk Balanced disks. Up to 8 VMs can simultaneously read from and write to the same disk. For more information, see Share disks between VMs.
Dataproc Metastore
Dataproc Metastore supports custom region configurations. A custom region configuration lets your service run workloads from two separate regions.
Firestore
You can now use Firestore to perform K-nearest neighbor (KNN) vector searches. Additionally, use Firestore vector searches with inequality filters, retrieve the calculated vector distance, and specify a distance threshold. This feature is generally available (GA).
Gemini in Looker now available for Looker Studio content
Looker Studio Pro users can now create calculated fields and generate Google Slides from Looker Studio content using Gemini assistance. Gemini in Looker no longer requires content to be associated with a Looker Studio Pro subscription.
AlloyDB for PostgreSQL is now available in africa-south1 (Johannesburg) and in me-central2 (Damman). For more information, see AlloyDB locations.
Backup and DR
Backup and DR Service added support to automatically protect your Google Cloud VMware Engine VMs using vSphere tags. The dynamic protection tags feature is supported for backup/recovery appliances running on version 11.0.12.320 or later. You can check the appliance version from Manage > Appliances page.
BigQuery
You can now use vector search and vector index features in BigQuery.
You can use the
VECTOR_SEARCH function
to search embeddings in order to identify semantically similar entities.
You can use
vector indexes
to make VECTOR_SEARCH more efficient, with the trade-off of returning more
approximate results.
The BigQuery vector search and vector index features are
generally available
(GA).
Dataproc
Dataproc on Compute Engine:Dataproc image version 2.2 will become the default Dataproc on Compute Engine image version on September 6, 2024.
Google Kubernetes Engine
For GKE versions 1.29 and later, the gke-metrics-agent Pod runs with the prometheus-metrics-collector container in addition to the existing gke-metrics-agent and core-metrics-exporter containers. This change might result in an increase in the Service time series ingestion requests per minute quota; however, there is no additional cost.
Migrate to Virtual Machines
Experimental: As CentOS Linux 7 has reached end-of-life (EOL) on June 30, 2024, Migrate to Virtual Machines lets you convert CentOS Linux 7 to Rocky Linux 8 as part of your migration.
Note: This product or feature is subject to the Pre-GA Offerings Terms in the General Service Terms section of the Service Specific Terms. Pre-GA products and features are available as is and might have limited support.
Security Command Center
Install new version of the Security Command Center Enterprise use case
The installation and configuration of a new version of the SCC Enterprise - Cloud Orchestration & Remediation use case in the Security Operations console is required for the toxic combination functionality of Security Command Center Enterprise. The new use case, identified by date, September 4, 2024, introduces updated widgets, new playbooks, optimized data synchronization jobs, updated ingestion logic, and other enhancements to support the management of toxic combination findings and cases in the Security Operations console.
The extension pgvector is updated to version 0.7.2.
Cloud Run
Deterministic URLs, which let you predict a Cloud Run service URL before the service is created, is now in general availability (GA).
Cloud SQL for MySQL
When you clone your zonal instance, you can now specify a preferred zone for the instance. You can also specify preferred primary and secondary zones for your regional instance. If the zones for your instance go down in the future, then Cloud SQL can assign the preferred zones to the instance, and you don't experience downtime. For more information, see Clone instances.
Cloud SQL for PostgreSQL
You can now use point-in-time recovery to restore your zonal instance to a preferred primary zone and your regional instance to both a preferred primary zone and a preferred secondary zone. For more information, see Use point-in-time recovery (PITR).
When you clone your zonal instance, you can now specify a preferred zone for the instance. You can also specify preferred primary and secondary zones for your regional instance. If the zones for your instance go down in the future, then Cloud SQL can assign the preferred zones to the instance, and you don't experience downtime. For more information, see Clone instances.
Cloud SQL for SQL Server
When you clone your zonal instance, you can now specify a preferred zone for the instance. You can also specify preferred primary and secondary zones for your regional instance. If the zones for your instance go down in the future, then Cloud SQL can assign the preferred zones to the instance, and you don't experience downtime. For more information, see Clone instances.
Contact Center AI Platform
Version 3.24 is released
All release notes published on this date are part of version 3.24.
The timing of the update to your instance depends on the deployment schedule that you have chosen. For more information, see Deployment schedules.
Raw data export
With raw data export, you can export detailed CCAI Platform session data to an external storage bucket. With this data you can get insights into calls, chats, emails, queues, agent performance, virtual agents, and more.
Virtual agents can create and assign tickets for custom CRM apps
Virtual agents can now create and assign incoming tickets for custom CRM apps prior to a human agent taking the ticket. This capability was previously available only for some commercial CRM apps. For more information, see Configure the assignment of chat or call records created by virtual agents.
Barge is available for chat
Barge, which lets supervisors join or take over calls with end-users, is now available for chat. For more information, see Barge for calls and chat.
Reserved data attributes
With reserved data attributes, you can tag sessions with one of the following labels: Verified Customer, Bad Actor, or Repeat Customer. You can send this information to Google at the start of a session using an SDK, a SIP header, or the Apps API. With the API you can also send this information after the session starts. After we receive this information we display it in the agent adapter so the agent or a supervisor can act accordingly. For more information, see Reserved data attributes.
Fixed an issue where listening to a voicemail would occasionally lead to the creation of a duplicate entry at the top of the list.
Fixed an issue that prevented emails from being sent to external storage.
Fixed an issue where integrating the Salesforce CRM with CCAI Platform was failing.
VMware Engine now offers GA support for VPC Service Controls. VPC Service Controls provides an additional layer of security to prevent data exfiltration and unauthorized access. For more information, see VPC Service Controls.
Memorystore for Redis Cluster
Added support for Maintenance Windows (Preview). For more details, see About maintenance.
Workflows
Support for execution backlogging is available in Preview. Backlogged executions
automatically run as soon as execution concurrency quota becomes available.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2024-11-01 UTC."],[],[]]
