Stay organized with collections
Save and categorize content based on your preferences.
The following release notes cover the most recent changes over the last 60 days.
For a comprehensive list of product-specific release notes, see the
individual product release note pages.
You can also see and filter all release notes in the
Google Cloud console or you
can programmatically access release notes in
BigQuery.
To get the latest product updates delivered to you, add the URL of this page to your
feed
reader, or add the feed URL directly.
November 22, 2024
Anthos Attached Clusters
GKE attached clusters now supports clusters in the us-central1 region. For more information, see:
On November 22, 2024, we released an updated version of the Apigee UI.
This release includes an improved Apps page for Apigee API Management in the Google Cloud console, making it easier to manage API products that are assigned to app
credentials.
With this release:
Products can be added to an app from a single
multi-select list box.
Products can be approved, revoked, and removed from a
credential by selecting products in the credential product
table and using one of the available action buttons.
Clicking the Add Credential button adds an empty credential to the list.
Credential approval and expiry configuration fields are located in the credential card.
A warning appears to users if they attempt to leave the Apps page when un-saved changes are present.
Bug ID
Description
357165778
Refactored app credential management experience
Resolved issue causing the Apps page in the Apigee UI in Cloud console to crash when working with apps that have a large amount of products assigned to app credentials.
Firestore
You can now use Active Assist to provide recommendations
and insights that improve the reliability of your databases. This feature is generally available (GA).
You can now use Active Assist to provide recommendations
and insights that improve the reliability of your databases. This feature is generally available (GA).
Google Distributed Cloud (software only) for VMware
Google Distributed Cloud (software only) for VMware 1.30.300-gke.84 is now available for download. To upgrade, see Upgrade a cluster or a node pool. Google Distributed Cloud 1.30.300-gke.84 runs on Kubernetes v1.30.5-gke.600.
If you are using a third-party storage vendor, check the GDCV Ready storage partners document to make sure the storage vendor has already passed the qualification for this release.
After a release, it takes approximately 7 to 14 days for the version to become available for use with GKE On-Prem API clients: the Google Cloud console, the gcloud CLI, and Terraform.
The following issues are fixed in 1.30.300-gke.84:
Fixed the issue that additional manual steps are needed after disabling always-on secrets encryption with gkectl update cluster.
Fixed the known issue that caused gkectl to display false warnings on admin cluster version skew.
The following vulnerabilities are fixed in 1.30.300-gke.84:
Google Distributed Cloud (software only) for bare metal
Release 1.30.300-gke.84
Google Distributed Cloud for bare metal 1.30.300-gke.84 is now available for download. To upgrade, see Upgrade clusters. Google Distributed Cloud for bare metal 1.30.300-gke.84 runs on Kubernetes 1.30.
After a release, it takes approximately 7 to 14 days for the version to become available for installations or upgrades with the GKE On-Prem API clients: the Google Cloud console, the gcloud CLI, and Terraform.
If you use a third-party storage vendor, check the Ready storage partners document to make sure the storage vendor has already passed the qualification for this release of Google Distributed Cloud for bare metal.
Fixes:
Fixed an issue where the control plane VIP might become unavailable because Keepalived didn't check correctly that the VIP is on a node with a responsive HAProxy.
Fixed an issue where the registry mirror reachability check fails for a single unreachable registry mirror. Now the reachability check applies to configured registry mirrors only, instead of all registry mirrors.
The following container image security vulnerabilities have been fixed in 1.30.300-gke.84:
Mistral Large (24.11) is Generally Available on Vertex AI as a managed model. To learn more, view the Mistral Large (24.11) model card in Model Garden.
The Gen AI evaluation service can now help you evaluate your translation models using MetricX, COMET, and BLEU metrics.
To learn more about evaluating your translation models, see Evaluate translation models.
Google Cloud VMware Engine
VMware Engine ve1 nodes are now available in the following additional region:
Dallas, Texas, North America (us-south1-b).
Google Distributed Cloud (software only) for bare metal
Release 1.29.800-gke.111
Google Distributed Cloud for bare metal 1.29.800-gke.111 is now available for download. To upgrade, see Upgrade clusters. Google Distributed Cloud for bare metal 1.29.800-gke.111 runs on Kubernetes 1.29.
After a release, it takes approximately 7 to 14 days for the version to become available for installations or upgrades with the GKE On-Prem API clients: the Google Cloud console, the gcloud CLI, and Terraform.
If you use a third-party storage vendor, check the Ready storage partners document to make sure the storage vendor has already passed the qualification for this release of Google Distributed Cloud for bare metal.
Functionality changes:
Added support for configuring the GKE Identity Service to enforce a minimum transport layer security (TLS) version of 1.2 for HTTPS connections. By default, the GKE Identity Service allows TLS 1.1 and higher connections. If you require enforcement for a minimum of TLS 1.2, reach out to Cloud Customer Care for assistance.
Fixes:
Fixed the issue where non-root users can't run bmctl restore to restore quorum.
The following container image security vulnerabilities have been fixed in 1.29.800-gke.111:
If your GKE cluster was created before version 1.26, you can now migrate it to cgroupv2. This migration enables the use of Pod bursting in Autopilot mode.
When defining filters on charts, pages, or reports that use Equal to (=) or In conditions, report editors can select from a list of possible filter values that are provided from the underlying data. Filter suggestions are supported for all data connectors and can be disabled during filter creation.
The following features are now available for use with the Looker connector:
Filter-only fields can be set as a report control and a quick filter.
Looker Studio displays suggestions for filter values based on the data source's LookML suggest_dimension and suggest_explore definitions when Equal to (=) and In conditions are used.
Secure Source Manager
Secure Source Manager supports email notifications. For more information, see Notifications overview. To configure notifications, follow the instructions in Set up notifications.
The Sensitive Data Protection discovery service remains available to Security Command Center Premium and Standard customers as a separately priced feature.
Base CUDA 12.3 container images are now available.
Base CUDA 12.4 container images are now available.
PyTorch 2.4.0 with CUDA 12.4 and Python 3.10 container images are now available.
Upgraded R from 4.4.1 to 4.4.2 for R container images.
Deep Learning VM Images
M126 release
CUDA 12.4 VM images are now available.
PyTorch 2.4.0 with CUDA 12.4 and Python 3.10 VM images are now available.
Upgraded R from 4.4.1 to 4.4.2 for R VM images.
One or more supported framework versions have reached their end of patch and support dates. To view end of patch and support dates, see Supported framework versions. To create a VM instance using an image family that has reached its end of patch and support date, you must specify an image from the image family when you create the VM instance. To list images from an image family name after its end of patch and support date, include the --show-deprecated flag in your gcloud compute images list command, or select Show deprecated images when creating an instance in the Google Cloud console.
VMware Engine ve2 nodes are now available in the following regions:
São Paulo, Brazil (southamerica-east1)
Santiago, Chile (southamerica-west1)
Google Kubernetes Engine
You can now specify a custom resource policy as a compact placement policy with node auto-provisioning in clusters running GKE version 1.31.1-gke.2010000 or later. To learn more, see Use compact placement for node auto-provisioning.
VPC Service Controls
VPC Service Controls feature: VPC Service Controls extends support for etags in the service perimeter resources. For example, you can use the --etag flag with the gcloud CLI commands such as gcloud access-context-manager perimeters update and gcloud access-context-manager perimeters describe. This feature is generally available.
Vertex AI Workbench
M126 release
The M126 release of Vertex AI Workbench user-managed notebooks includes the following:
Artifact Registry now provides the option to enable or disable vulnerability scanning on individual repositories. By giving you more granular control over the number of images scanned, this feature can help you manage scanning costs and reduce noise in vulnerability scanning results.
Percentage-based request mirroring is now supported for the cross-region and regional internal Application Load Balancers. By default, the mirrored backend service receives all requests, even if the
original traffic is being split between multiple weighted backend services. You
can now configure the mirrored backend service to receive only a percentage of the
requests by using the mirrorPercent flag to specify the percentage of
requests to be mirrored expressed as a value between 0 and 100.0.
The write endpoint feature is now available in Preview. This endpoint is a global domain name service (DNS) name. This name resolves to the IP address of the current primary Cloud SQL instance that's enabled with private services access.
By using a write endpoint, you can avoid having to make application connection changes after performing a switchover or replica failover operation to test or mitigate a regional failure. For more information, see Configure private IP.
Cloud SQL for PostgreSQL
For Cloud SQL Enterprise Plus edition instances, you can now use advanced disaster recovery (DR) to simplify recovery and fallback processes after you perform a cross-regional failover. With advanced DR, you can:
Designate a cross-region disaster recovery (DR) replica
Perform a cross-region replica failover for disaster recovery
Restore your original deployment by using zero-data loss switchover
You can also use switchover to simulate disaster recovery without data loss. You can use advanced DR on Cloud SQL for PostgreSQL version 12, 13, 14, 15, or 16.
The write endpoint feature is now available in Preview. This endpoint is a global domain name service (DNS) name. This name resolves to the IP address of the current primary Cloud SQL instance that's enabled with private services access.
By using a write endpoint, you can avoid having to make application connection changes after performing a switchover or replica failover operation to test or mitigate a regional failure. For more information, see Configure private IP.
Cloud Service Mesh
The rollout of managed Cloud Service Mesh version 1.19 to all channels has completed.
Compute Engine
The documentation has been updated to clarify that future reservation requests don't support E2 machine types. To reserve VMs that use E2 machine types, use on-demand reservations instead.
New versions available for upgrades and new clusters.
The following Kubernetes versions are now available for new clusters and for
opt-in control plane upgrades and node upgrades for existing clusters. For more
information on versioning and upgrades, see GKE versioning and support
and Upgrades.
Rapid channel
The following versions are now available in the Rapid channel:
GKE version 1.31 introduces increased scalability, allowing users to create clusters with up to 65,000 nodes. For clusters exceeding 5,000 nodes, a quota increase is required. Contact Google Cloud support to request this increase.
Updated Go version used to build images and CLI tools
Changed version of php-buildpack to address build issue.
Secret Manager
Creating custom organization policies with Secret Manager resources is now in General Availability (GA). You can use custom organization policies to enhance secret security by enforcing rotation schedules, annotations, and expirations for secrets. You can also use custom organization policies to restrict secret types to manage costs. To learn more about using custom organization policies in Secret Manager, see Use custom organization policies.
Sensitive Data Protection
The November 4 release note announcing the release of sample discovery findings was published in error. This feature is not available.
Spanner
Spanner supports the ALL_DIFFERENT graph predicate in GoogleSQL-dialect databases. You can use this predicate to see if the graph elements in a list are mutually distinct.
November 18, 2024
AlloyDB for PostgreSQL
AlloyDB for PostgreSQL is now available in the following region: northamerica-south1 (Mexico). For more information, see AlloyDB Locations.
Anti Money Laundering AI
Two major engine versions within the v4 tuning version are no longer used by customers and are deprecated as of today. We recommend customers use the most recent engine versions instead. Deprecation overrides the support timeline for all minor versions within these major engine versions.
If your integration flow requires any complex data mapping logic, Gemini can now recommend a JavaScript task. For more information, see Create an integration using Gemini.
You can add a JavaScript task, edit an existing task, or use Gemini to help understand the JavaScript code. For more information, see Configure JavaScript tasks.
You can now create a Data Boost app profile and view Data Boost metrics in the Google Cloud console. Data Boost for Bigtable is in Preview. For more information, see Create and configure app profiles.
A weekly digest of client library updates from across the Cloud SDK.
Bigtable is now available in the northamerica-south1 (Mexico) region. For more information, see Bigtable locations.
Cloud Data Fusion
The Cloud SQL MySQL plugins version 1.11.5 is available in Cloud Data Fusion versions 6.8.0 and later. This release fixes an issue in the Cloud SQL MySQL sink causing pipelines to fail when the schema contains a MySQL reserved word (PLUGIN-1017).
Cloud Database Migration Service
Database Migration Service now lets you select if a connection profile is for a source or a destination database, based on your migration scenario. Database Migration Service shows configuration options applicable to your choice.
Cloud Interconnect
Dedicated Cloud Interconnect support is available in the following colocation facilities:
Cloud SQL now supports near-zero downtime when you enable or disable data cache for Cloud SQL Enterprise Plus edition primary instances. For more information, see Availability in Cloud SQL.
Cloud SQL now supports near-zero downtime for infrequent scale downs (once every three hours) of the compute size (vCPU, memory) of your Cloud SQL Enterprise Plus edition primary instance.
The pgvector extension is now upgraded from version 0.7.4 to version 0.8.0. Use this extension to store and search for vector embeddings in PostgreSQL databases. For more information, see Configure PostgreSQL extensions.
To use this version of the extension, update your instance to one of the following:
POSTGRES_17_0.R20241011.00_03 (for PostgreSQL instances, version 17)
[PostgreSQL version].R20240910.01_17 (for PostgreSQL instances, versions 13 to 16)
Cloud SQL now supports near-zero downtime when you enable or disable data cache for Cloud SQL Enterprise Plus edition primary instances. For more information, see Availability in Cloud SQL.
Cloud SQL now supports near-zero downtime for infrequent scale downs (once every three hours) of the compute size (vCPU, memory) of your Cloud SQL Enterprise Plus edition primary instance.
The Cloud Workstations base editor (Code OSS) has been upgraded to 1.94.2. The last image that offers the previous version is tagged code-oss-1.89.1.
Compute Engine
Generally available: Queretaro, Mexico, North America (northamerica-south1-a,b,c) has launched with E2, N4, C4, and C3D VMs available in all three zones. For more information, see Global Locations and VM instance pricing.
Data Catalog
Data Catalog is now available in the Mexico (northamerica-south1) region. For more information, see Global locations and pricing.
Dataflow
Dataflow is available in Queretaro, Mexico (northamerica-south1). Learn more about Google Cloud locations.
Dataproc
Dataproc is now available in the northamerica-south1region (Queretaro, Mexico).
Performance horizontal Pod autoscaling (HPA) profile is now available in Preview for new and existing GKE clusters running version 1.31.2-gke.1138000 or later. This feature speeds up HPA reaction time and enables quick recalculation of up to 1,000 HPA objects. To learn more, see Configuring Performance HPA profile.
For auto mode VPC networks, added a new subnet 10.224.0.0/20 for the Mexico northamerica-south1 region. For more information, see Global Locations and Auto mode IP ranges.
November 17, 2024
Secret Manager
Secret Manager is now available in the following region:
Backup for GKE now supports backing up and restoring Hyperdisk throughput, extreme, and balanced types volumes.
Capacity Planner
Preview: You can view and export historical utilization of on-demand and future reservations in your project, folder, or organization. This data helps you analyze usage trends for your VMs or GPUs, as well as plan for future capacity needs. For more information, see the following:
asia-south1 (Mumbai, India) is now subject to Tier 1 pricing
Cloud SQL for PostgreSQL
You can now register an AI model endpoint, generate vector embeddings, and invoke predictions by using model endpoint management in Cloud SQL. For more information, see Register and call remote AI models in Cloud SQL overview.
VPC Service Controls feature (Status: Preview): VPC Service Controls adds support for using groups of third-party identities in ingress and egress rules to allow access to resources protected by service perimeters. This feature is available in Preview.
Dependent jobs are available in Preview. Dependent jobs let you schedule an automated chain of jobs, which can help you optimize resource consumption—for example, separate the types of VMs used for data preparation and compute-intensive data processing.
BigQuery
The following BigQuery ML features are now available:
Using the
ML.GENERATE_TEXT function
with these remote models to perform generative natural language tasks for
text stored in BigQuery tables.
Using the
ML.GENERATE_TEXT function
with these remote models to perform generative AI tasks, for example audio
transcription or document classification, using image, video, audio, PDF,
or text content stored in BigQuery
object tables.
You can try Gemini in BigQuery at no charge until January 27, 2025. After that date, to continue to use Gemini in BigQuery you must do one of the following:
Purchase and assign BigQuery Enterprise Plus edition reservations to projects that use Gemini in BigQuery.
You can now create custom organization policies for the BackupRun resource in Cloud SQL instances. In addition, more fields in the Instances resource are available to create custom organization policies. For more information, see Add custom organization policies.
Cloud SQL for PostgreSQL
You can now create custom organization policies for the BackupRun resource in Cloud SQL instances. In addition, more fields in the Instances resource are available to create custom organization policies. For more information, see Add custom organization policies.
Cloud SQL for SQL Server
You can now create custom organization policies for the BackupRun resource in Cloud SQL instances. In addition, more fields in the Instances resource are available to create custom organization policies. For more information, see Add custom organization policies.
Cloud Storage
Bucket IP filtering for Cloud Storage is now available in Preview. With bucket IP filtering, you can restrict access to a bucket based on the source IP address of the request and secure your data from unauthorized access.
Contact Center AI Insights
Conversational Insights now offers Rule-based analysis as a preview feature to customize your conversation analyses. Rule-based analysis provides the following customizations for your conversation analyses:
Data store tools: You can now optimize the RAG performance of data store tools used by Playbooks. See the documentation for details.
Dialogflow CX: New feature Context token limits has been added to Agent Settings > Generative AI. You can use this feature to set a percentage of the token budget to be reserved for conversation history, as a maximum. See the Agent Settings documentation for details.
Generators and data store handlers: The modelgemini-1.5-flash-002 is now GA.
Data store handlers: The default generative model has been changed to gemini-1.5-flash-001.
Google Distributed Cloud (software only) for VMware
Google Distributed Cloud (software only) for VMware 1.29.800-gke.108 is now available for download. To upgrade, see Upgrade a cluster or a node pool. Google Distributed Cloud 1.29.800-gke.108 runs on Kubernetes 1.29.10-gke.100.
If you are using a third-party storage vendor, check the GDC Ready storage partners document to make sure the storage vendor has already passed the qualification for this release.
After a release, it takes approximately 7 to 14 days for the version to become available for use with GKE On-Prem API clients: the Google Cloud console, the gcloud CLI, and Terraform.
Added support for configuring the GKE Identity Service to enforce a minimum transport layer security (TLS) version of 1.2 for HTTPS connections. By default, the GKE Identity Service allows TLS 1.1 and higher connections. If you require enforcement for a minimum of TLS 1.2, reach out to Cloud Customer Care for assistance.
The following issue is fixed in 1.29.800-gke.108:
Fixed the issue that additional manual steps are needed after disabling always-on secrets encryption with gkectl update cluster.
The following vulnerabilities are fixed in 1.29.800-gke.108:
The current default STREET_ADDRESSinfoType detection model, which is available when InfoType.version is set to latest or stable, is now also used when InfoType.version is set to legacy.
The old detection model that was previously available by setting InfoType.version to legacy is no longer available.
November 13, 2024
Agent Assist
Agent Assist now offers a UI Connector with Salesforce to integrate with chat conversations. See the documentation for details.
Cloud Composer
A new Cloud Composer release has started on November 13, 2024. Get ready for upcoming changes and features as we roll out the new release to all regions. This release is in progress at the moment. Listed changes and features might not be available in some regions yet.
Airflow 2.10.2 is available in Cloud Composer.
(Airflow 2.7.3) Backported #35887 to fix an issue that occurred during the DST transition. The issue affected DAGs with timezone-aware cron schedule and caused infinite loops in the Airflow scheduler.
Improved the error message generated when a Cloud Composer 3 environment creation fails because of missing permissions.
(Airflow 2.10.2 and 2.9.3) The apache-airflow-providers-google package was upgraded to version 10.25.0 in Cloud Composer 2 images and Cloud Composer 3 builds. For more information about changes, see the apache-airflow-providers-google changelog from version 10.24.0 to version 10.25.0.
(Airflow 2.10.2 and 2.9.3) The apache-airflow-providers-cncf-kubernetes package was upgraded to version 9.0.1 in Cloud Composer 2 images and Cloud Composer 3 builds. For more information about changes, see the apache-airflow-providers-cncf-kubernetes changelog from version 9.0.0 to version 9.0.1.
Support dates for previous Cloud Composer 3 builds are available. All Cloud Composer 3 builds with Airflow 2.9.3 are supported until November 13, 2025.
Cloud Healthcare API
A new release is available. This release may include some or all of the
following: general performance improvements, bug fixes, and updates to the
API reference documentation.
Compute Engine
Preview: The OS policy orchestrator feature in VM Manager lets you manage OS policy assignments across projects and zones at scale in large organizations. OS policy assignment was previously available only for zonal resources in a project. For more information, see About OS Policy Orchestrator.
Config Connector
Config Connector version 1.125.0 is now available.
You can use the alpha.cnrm.cloud.google.com/reconciler: direct annotation on the SQLInstance CR object to opt-in the direct controller.
The direct reconciler contains 2 fix and improvement:
Fix the upgrade and downgrade issue between ENTERPRISE and ENTERPRISE_PLUS.
Supports creating from clone functionality via spec. cloneSource
Migrated the SQLInstance from the Terraform-based or DCL-based controller to the new Direct Controller to enhance the reliability and performance. The CRD is unchanged.
You can use the alpha.cnrm.cloud.google.com/reconciler: direct annotation on the ComputeFirewallPolicyRule CR object to opt-in the direct controller, which fixes the targetResources error "required value priority could not be found".
Migrated this resource from the Terraform-based controller to the new Direct Controller to enhance the reliability and performance. The resource CRD is unchanged.
Issue 3007ComputeBackendService cannot refer clientTLSPolicy due to invalid format
Issue 2973 kubelet_config has insecure_kubelet_readonly_port_enabled: true set even if not configured in the ContainerNodePool object.
Google Cloud Contact Center as a Service
Flutter for the Mobile SDKs
You can now use Flutter to help you integrate the Mobile SDKs (the Android SDK and the iOS SDK) into your Android or iOS app. For more information, see Integrate using Flutter.
Google Kubernetes Engine
(2024-R44) Version updates
GKE cluster versions have been updated.
New versions available for upgrades and new clusters.
The following Kubernetes versions are now available for new clusters and for
opt-in control plane upgrades and node upgrades for existing clusters. For more
information on versioning and upgrades, see GKE versioning and support
and Upgrades.
Rapid channel
Version 1.31.1-gke.2105000 is now the default version for cluster creation in the Rapid channel.
The following versions are now available in the Rapid channel:
The following versions are no longer available in the Rapid channel:
1.28.14-gke.1376000
1.29.9-gke.1541000
1.30.5-gke.1628000
1.31.1-gke.1846000
1.31.2-gke.1115000
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.27 to version 1.28.15-gke.1020000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version 1.29.10-gke.1054000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version 1.30.5-gke.1699000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version 1.31.1-gke.2105000 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version 1.28.15-gke.1020000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version 1.29.10-gke.1054000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version 1.30.5-gke.1699000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.31 to version 1.31.1-gke.2105000 with this release.
Regular channel
The following versions are now available in the Regular channel:
Version 1.27.16-gke.1373000 is no longer available in the Extended channel.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.27 to version 1.27.16-gke.1681000 with this release.
The following versions are no longer available in the Rapid channel:
1.28.14-gke.1376000
1.29.9-gke.1541000
1.30.5-gke.1628000
1.31.1-gke.1846000
1.31.2-gke.1115000
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.27 to version 1.28.15-gke.1020000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version 1.29.10-gke.1054000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version 1.30.5-gke.1699000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version 1.31.1-gke.2105000 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version 1.28.15-gke.1020000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version 1.29.10-gke.1054000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version 1.30.5-gke.1699000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.31 to version 1.31.1-gke.2105000 with this release.
(2024-R44) Version updates
GKE cluster versions have been updated.
The following versions are now available in the Regular channel:
Version 1.27.16-gke.1373000 is no longer available in the Extended channel.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.27 to version 1.27.16-gke.1681000 with this release.
If you are dropping an AlloyDB database that is larger than 64 TiB, then any write operations on other AlloyDB databases are paused until the drop operation is completed.
Apigee hybrid
hybrid v1.13.2
On November 12, 2024 we released an updated version of the Apigee hybrid software, 1.13.2.
Cloud Load Balancing resources now let you use custom constraints to define your own restrictions on Google Cloud services. To learn about which load balancing resources support custom constraints, and some sample use cases, see Manage Cloud Load Balancing resources using custom constraints.
For more information about custom constraints, see the following:
This feature is available in General Availability.
Cloud Run
The in-memory volume type is now generally available (GA) for Cloud Run services and jobs.
Cloud SQL for MySQL
You can now have Cloud SQL create a Private Service Connect endpoint automatically instead of creating the endpoint manually after the instance is created. You use this endpoint to access a Cloud SQL instance through a VPC network. For more information, see Connect to an instance using Private Service Connect. This feature is available in Preview.
Cloud SQL for PostgreSQL
You can now have Cloud SQL create a Private Service Connect endpoint automatically instead of creating the endpoint manually after the instance is created. You use this endpoint to access a Cloud SQL instance through a VPC network. For more information, see Connect to an instance using Private Service Connect. This feature is available in Preview.
Cloud SQL for SQL Server
You can now have Cloud SQL create a Private Service Connect endpoint automatically instead of creating the endpoint manually after the instance is created. You use this endpoint to access a Cloud SQL instance through a VPC network. For more information, see Connect to an instance using Private Service Connect. This feature is available in Preview.
Cloud Service Mesh
In-cluster Cloud Service Mesh 1.20 is no longer supported. For more information, see Supported versions.
1.20.8-asm.10 is now available for in-cluster Cloud Service Mesh.
1.20 is no longer supported. While the fix for the bug in the distroless proxy container has been backported to 1.20, you should upgrade to 1.21 or later.
You can now download 1.20.8-asm.10 for in-cluster Cloud Service Mesh. It includes the features of Istio 1.20.8 subject to the list of supported features. Cloud Service Mesh version 1.20.8-asm.10 uses envoy v1.28.6.
1.23.3-asm.2 is now available for in-cluster Cloud Service Mesh.
You can now download 1.23.3-asm.2 for in-cluster Cloud Service Mesh. It includes the features of Istio 1.23.3 subject to the list of supported features. Cloud Service Mesh version 1.23.3-asm.2 uses envoy v1.31.2.
1.22.6-asm.2 is now available for in-cluster Cloud Service Mesh.
You can now download 1.22.6-asm.2 for in-cluster Cloud Service Mesh. It includes the features of Istio 1.22.6 subject to the list of supported features. Cloud Service Mesh version 1.22.6-asm.2 uses envoy v1.30.6.
1.21.5-asm.12 is now available for in-cluster Cloud Service Mesh.
You can now download 1.21.5-asm.12 for in-cluster Cloud Service Mesh. It includes the features of Istio 1.21.5 subject to the list of supported features. Cloud Service Mesh version 1.21.5-asm.12 uses envoy v1.29.8.
This release fixes a bug in the distroless proxy container. Before this fix, the distroless proxy
produced errors similar to the following when deployed in a Kubernetes cluster with in-cluster
control plane that did not have Container Network Interface (CNI) installed.
xtables resource problem: can't open lock file /run/xtables.lock: No such file or directory
This fix applies to the following new versions:
1.20.8-asm.10
1.21.5-asm.12
1.22.6-asm.2
1.23.3-asm.2
Config Controller
Config Controller now uses the following versions of its included products:
Datastream now supports global transaction identifier (GTID)-based replication for MySQL sources. The feature is in Preview.
GTID-based replication supports failovers and managed database clusters, such as Cloud SQL Enterprise Plus edition. For more information, see the Datastream documentation.
Google Cloud Contact Center as a Service
Mobile SDK 2.10 is released
Mobile SDK 2.10 includes the following updates:
iOS SDK:
Text resizing. End-users can increase text size up to 200%. Text is resized using the device settings.
Android SDK:
Fixed the sticky button behavior so that it matches iOS.
Android SDK and iOS SDK:
Fixed an issue where content card text was misaligned.
Google Cloud Managed Service for Apache Kafka
Google Cloud Managed Service for Apache Kafka is now in General Availability (GA).
You can evaluate a Vertex AI LLM using the
ML.EVALUATE function.
Pre-trained PaLM and Gemini models and tuned Gemini models are supported
for evaluation.
Dashboard variables and dashboard-level filtering is now GA. Pinned filters and variables can have multiple default values and they support selection of multiple values. For more information, see the following documents:
Clusters now have unified and flexible configuration, allowing you to modify control plane access and cluster node settings at any time, without the need to recreate the cluster. This eliminates the previous distinction between private and public clusters. All clusters support this flexibility and utilize DNS-based endpoints for secure and direct control plane access from any network, removing the need for bastion hosts or proxies. You can still enhance security with measures like VPC Service Controls.
DNS-based access for GKE clusters control plane is now generally available. This capability provides each cluster with a unique domain name system (DNS) name or fully-qualified domain name (FQDN). Access to clusters is controlled through IAM policies, eliminating the need for bastion hosts or proxy nodes. Authorized users can connect to the control plane from different cloud networks, on-prem deployments, or from remote locations, without relying on proxies.
Instances that use 1, 2, or 4 shards are now Generally Available. For more information about the minimum and maximum supported shard count, see Cluster and node specification.
If you activated Security Command Center at the project level prior to December 9, 2024, then any projects you activate in the same organization will support all available versions of the Security Command Center API.
The Vulnerability management dashboard was enhanced to include information about containers with exploitable vulnerabilities. This feature is in Preview.
Starting October 24, 2024, the IAM Recommender service is enabled by default when activating Security Command Center. You manage the IAM Recommender service under the Security Command Center Settings page > Integrated services tab. For more information, see Add integrated Google Cloud services to Security Command Center.
Sensitive Data Protection
The current default ORGANIZATION_NAMEinfoType detection model, which is available when InfoType.version is set to latest or stable, is now also used when InfoType.version is set to legacy.
The old detection model that was previously available by setting InfoType.version to legacy is no longer available.
The region restriction on the ORGANIZATION_NAMEinfoType has been lifted. It is now available in all regions.
Text-to-Speech
Journey Voices now supports the de-de, en-gb, en-in, es-us, fr-ca, fr-fr, and it-it locales.
November 09, 2024
Google SecOps
The following parser documentation is now available.
The alloydb_scann extension—previously named postgres_scann—is generally available (GA). For more information about storing vector embeddings, creating indexes, and tuning indexes to achieve faster query performance and better recall, see Work with vectors.
Support for Red Hat Enterprise Linux (RHEL) 8 is generally available (GA).
Disk cache and columnar storage cache are available to improve AlloyDB Omni performance by accelerating data access for AlloyDB Omni in a container and on a Kubernetes cluster.
The healthcheckPeriodSeconds parameter lets you specify the number of seconds to wait between health checks. For more information, see Adjust automatic failover trigger settings.
The following metrics help you monitor the performance of your database container. Each of these metrics is of type gauge. For more information, see Database container-level metrics.
alloydb_omni_memory_limit_byte shows the memory limit of a database container.
alloydb_omni_instance_postgresql_replication_state shows the state of each replica that's connected to the AlloyDB Omni primary node.
alloydb_omni_memory_used_byte shows the memory used by the database container in bytes.
An issue that caused a brief interruption to all database clusters when the following is true is fixed:
You can enable or disable model endpoint management through Kubernetes manifests. For more information, see Install AlloyDB Omni with AlloyDB AI.
You can configure when logs rotate using thresholds that are based on the size of the log files, the time since the log file last rotated, or both. For more information, see Configure AlloyDB Omni log rotation.
In AlloyDB Omni versions 15.5.5 and earlier, parameterized view features were available in the alloydb_ai_nl extension. Starting in version 15.7.0, parameterized view features are available in the parameterized_views extension, which you must create before you use parameterized views. Also starting in version 15.7.0, the related function, google_exec_param_query, has been renamed to execute_parameterized_query and is available in the parameterized_views extension. For more information, see Query your database using natural language.
The Multiple table plugin version 1.4.1 is available in Cloud Data Fusion versions 6.10.1 and later. This release fixes an issue causing pipelines to fail if a Multiple database tables batch source's Reference Name field contains spaces. The field no longer accepts spaces (PLUGIN-1752).
Cloud Logging
Audit Logging now populates the status.details field in the audit log with the google.rpc.ErrorInfo and google.rpc.Help proto payload types in cases where an API returns an error status and that status includes one of those types in the details field.
Batch prediction is available for Gemini in General Availability (GA). Available Gemini models include Gemini 1.0 Pro, Gemini 1.5 Pro, and Gemini 1.5 Flash. To get started with batch prediction, see Get batch predictions for Gemini.
Google Kubernetes Engine
The machine family of N1 custom machine types (like custom-1-1024) is now accurately labeled as "N1" for all node versions later than 1.31.2-gke.1115000.
Live Stream API
The Live Stream API is now available in asia-south1 and europe-north1. For more information, see Live Stream API locations.
Security Command Center
To help you detect potentially malicious anomalies in your network, Event Threat Detection now supports the ability to analyze foundational log sources, which produce Bad IP findings without enabling VPC Flow Logs. This feature is in Preview.
If you activated Security Command Center Premium or Enterprise in a project or organization before October 18, 2024, then you have access to this feature in that project or organization.
If you activated Security Command Center Premium or Enterprise at the project level before October 18, 2024, and you activate additional projects in the same organization, then the additional projects will have access to this feature.
If you activated Security Command Center Premium or Enterprise in a project or organization on or after October 18, 2024, and you want to enable this feature, then contact Google Cloud Customer Care.
Sensitive Data Protection
The EMPLOYMENT_STATUS infoType detector is available in all regions. For more information about all built-in infoTypes, see InfoType detector reference.
November 07, 2024
AlloyDB for PostgreSQL
Since the google_ml_integration.enable_model_support flag is enabled by default, if you are using the google_ml_integration extension version 1.3, your ability to query Vertex AI models using the embedding() function might be impacted. Querying registered models using the google_ml.embedding() function remains unaffected.
To resolve the issue with using the embedding() function , upgrade the google_ml_integration extension version 1.3 to the latest version, 1.4.2. For more information, see how to upgrade the extension.
Anthos Attached Clusters
This release includes the following GKE attached clusters platform versions. Click on the following links to see the release notes associated with these patches:
You can now launch clusters with the following Kubernetes versions. Click on the following links to see the release notes associated with these patches:
You can now launch clusters with the following Kubernetes versions. Click on the following links to see the release notes associated with these patches:
Audit Manager is a compliance audit solution that helps you to simplify your compliance audit process on Google Cloud.
Cloud Database Migration Service
Database Migration Service now supports MySQL minor version 8.0.39 for homogeneous MySQL migrations. For more information, see Supported source and destination databases in Cloud SQL for MySQL migrations.
Cloud Run
You can now specify mount options when you configure Cloud Storage volume mounts for both Cloud Run services and jobs. (In Preview)
Cloud Service Mesh
The following images are now rolling out for managed Cloud Service Mesh:
1.19.10-asm.21 is rolling out to the rapid release channel.
1.19.10-asm.21 is rolling out to the regular release channel.
1.19.10-asm.21 is rolling out to the stable release channel.
Cloud Storage
You can now restore soft-deleted buckets. If you delete a bucket with an active soft delete policy, Cloud Storage retains the bucket for the specified soft delete retention duration, during which the bucket can be restored to a live state. To learn more about the bucket restore feature, see Use soft-deleted buckets.
Dialogflow
Dialogflow CX: As of August 2024, us-dialogflow.* has been re-introduced as the canonical endpoint for the US multi-region. The usa-dialogflow.* endpoint is still supported as an alias. See the regionalization documentation for details.
Google Cloud Contact Center as a Service
Version 3.29 is released
All release notes published on this date are part of version 3.29.
The timing of the update to your instance depends on the deployment schedule that you have chosen. For more information, see Deployment schedules.
Skip CRM account and record creation (Zendesk and ServiceNow)
You can now skip CRM account and record creation for Zendesk and ServiceNow. You can also adjust the CRM pop-up settings.
Agent status translation
You can translate the default, system, and custom agent statuses for the languages supported by Google Cloud Contact Center as a Service (CCaaS). Google Cloud CCaaS provides automatic translation of default and system statuses. It also lets you do translations manually. For more information, see Agent status translation.
Generative session summarization using Agent Assist
Agent Assist now supports generative session summarization for chat and voice sessions. Agents can view information about a customer's previous support interactions in the agent adapter, including generative session summaries, agent notes, and transcripts. This helps give agents the context they need for a customer and can improve overall handling times. Supervisors can view generative session summarizations for ongoing and completed sessions in the session monitoring pages.
Generative session summarizations are generated for an entire session and for segments of a session. Session segments are generated when a session is handled by multiple human or virtual agents.
Generative session summarization requires you to enable Agent Assist and configure external storage.
Generative knowledge assist using Agent Assist
Agents can now view knowledge articles while on a call or chat. These knowledge articles appear as clickable tiles in the agent adapter and are generated based on the ongoing conversation between the agent and end-user. Agents can click a tile to open the article in a browser tab. Agents can also search for knowledge articles using a search field in the agent adapter.
Queue transfer restrictions
You can control which queues or teams that agents can transfer sessions to. This provides more granular control over call flows and helps prevent improper transfers. For more information, see Restrict queue transfers.
Support for direct SIP REFER in virtual agent call transfers
Virtual assistant call transfers now support the direct SIP REFER method. This means you can pass useful information in the call transfer, such as caller intent and account information. Call transfer data is recorded as Planned Transfers in virtual assistant metrics. For more information, see Transfer a call to a SIP endpoint using the SIP REFER method.
Alvaria WFM for chat
Customers with Alvaria integrations can now receive chat session data. For more information, see Alvaria Workforce integration.
Clear the voicemails in a queue
You can now clear the voicemails in any queue from the Call settings page. For more information, see Clear voicemails from queues.
Queue status API
We added two new API endpoints that let you check whether a queue is in After Hours (AH) or Overcapacity (OC) status.
SDK parameters in the custom CRM lookup flow
You can now use SDK data parameters in the CRM lookup flow. For more information, see CRM lookup URLs.
Use the admin user for CRM API calls with Salesforce
Using Salesforce, you can now use the admin user for all CRM API calls for record creation and updating, while still allowing agents to retain ownership of CRM-specific actions.
New Agent_Assist_Started event
A new Agent_Assist_Added event is now available. This event contains the conversation ID for a specific agent assist session. For more information, see Agent Assist started.
Chat transcripts download
You can now download a chat transcript using the web SDK.
Display email session ID in the email adapter and email subject
You can now display the session ID in the email adapter and in the subject line of an email thread.
Clickable authentication icon
The authentication icon in the agent adapter can now be clicked by the agent to mark the customer as either authenticated or unauthenticated. For more information, see User profile flags for calls and User profile tags for chat.
Fixed an issue where the session summary wouldn't automatically scale with the height of the chat adapter.
Fixed an issue where wrap-up and disposition settings were not following destination queue settings when calls and chats were transferred.
Fixed an issue where transferring calls to a parent queue sometimes caused calls to drop.
Fixed an issue that sometimes prevented agents from going into Available status after wrapping up a call while still in a chat session.
Fixed an issue where the wait time for transferred sessions sometimes displayed incorrectly on the "Queued Calls" and "Queued Chats" dashboards.
Improved the user interface for the email transcript capability.
Google Distributed Cloud (software only) for VMware
Google Distributed Cloud (software only) for VMware 1.28.1200-gke.83 is now available for download. To upgrade, see Upgrade a cluster or a node pool. Google Distributed Cloud 1.28.1200-gke.83 runs on Kubernetes v1.28.14-gke.700.
If you are using a third-party storage vendor, check the GDCV Ready storage partners document to make sure the storage vendor has already passed the qualification for this release.
After a release, it takes approximately 7 to 14 days for the version to become available for use with GKE On-Prem API clients: the Google Cloud console, the gcloud CLI, and Terraform.
The following issue is fixed in 1.28.1200-gke.83:
Fixed the issue that additional manual steps are needed after disabling always-on secrets encryption with gkectl update cluster.
The following vulnerabilities are fixed in 1.28.1200-gke.83:
Google Distributed Cloud (software only) for bare metal
Release 1.28.1200-gke.83
Google Distributed Cloud for bare metal 1.28.1200-gke.83 is now available for download. To upgrade, see Upgrade clusters. Google Distributed Cloud for bare metal 1.28.1200-gke.83 runs on Kubernetes 1.28.
After a release, it takes approximately 7 to 14 days for the version to become available for installations or upgrades with the GKE On-Prem API clients: the Google Cloud console, the gcloud CLI, and Terraform.
If you use a third-party storage vendor, check the Ready storage partners document to make sure the storage vendor has already passed the qualification for this release of Google Distributed Cloud for bare metal.
Fixes:
Fixed an issue where the registry mirror reachability check fails for a single unreachable registry mirror. Now the reachability check applies to configured registry mirrors only, instead of all registry mirrors.
Fixed the issue where non-root users can't run bmctl restore to restore quorum.
The following container image security vulnerabilities have been fixed in 1.28.1200-gke.83:
GKE clusters running version 1.28 or later now support automatic application monitoring in public preview. Enabling this feature automatically deploys PodMonitoring configurations to capture key metrics for supported workloads like Apache Airflow, Istio, and RabbitMQ. These metrics are integrated with Cloud Monitoring dashboards for observability. To learn more, see Configure automatic application monitoring for workloads.
Looker
Looker 24.20 includes the following changes, features, and fixes:
Expected Looker (original) deployment start: Monday, November 11, 2024
Expected Looker (original) final deployment and download available: Thursday, November 21, 2024
Expected Looker (Google Cloud core) final deployment: Thursday, November 14, 2024
In the Looker application API, for methods that include a query_id field, or, in the case of Query APIs, an id field, the query_id and id fields no longer accept a numeric value and now require a query slug value. This change will be released in phases:
Looker 24.20: December 4, 2024 for Americas Early (Note: This information was updated on November 12, 2024.)
Looker 25.0: Americas Mid
Looker 25.2: General Availability (GA) (Note: This information was updated on November 15, 2024.)
Users no longer need the download_without_limit permission to select the All Results option when they schedule Looks and dashboards.
The Chart Config Editor now supports creating a Dependency Wheel visualization.
The Chart Config Editor now supports creating an Item visualization.
The New Project page in Looker has been replaced with the Create a Model page. However, you can still access the New Project page if you are using a Looker (original) instance and your Looker admin has enabled the Use Legacy Project Creation Page legacy feature or through the informational banner at the top of the Create a Model page.
An issue has been fixed where renaming a project using a bare repository could prevent deploying to production for that project. This feature now performs as expected.
An issue has been fixed where editing a model set could take a long time to load. This feature now performs as expected.
An issue has been fixed where the Actions page could fail to reflect recently saved settings. This feature now performs as expected.
An issue has been fixed where Sankey charts could ignore series values if they matched other series values.
An issue has been fixed where conditional formatting could fail to apply to total rows if the value was zero. This feature now performs as expected.
An issue has been fixed where Looker could generate datagroup names with dashes even though dashes aren't allowed in datagroup names. This feature now performs as expected.
An issue has been fixed where certain System Activity queries could time out. This feature now performs as expected.
The PDF and PNG rendering software has been upgraded to the latest stable version.
An issue has been fixed where visualizations that were created with the Chart Config Editor could fail to be displayed in an embedded context. This feature now performs as expected.
An issue has been fixed where the LookML Validator would not display an error message if the convert_tz parameter was used in an invalid context. This feature now performs as expected.
An issue has been fixed where selecting the word cloud visualization could cause Looker to display a blank page. This feature now performs as expected.
Tooltips have been added for truncated progress values in single value visualizations.
An issue has been fixed where progress values in single value visualizations were unnecessarily truncated. This feature now performs as expected.
An issue has been fixed where modifying dashboard filters after deleting a tile could cause Looker to display an error. This feature now performs as expected.
An issue has been fixed where progress bars in single value visualizations could disappear when the visualization was resized. This feature now performs as expected.
An issue has been fixed where relative date filters could misinterpret numbers with more than three digits (such as "in the last 1000 minutes") as dates. This feature now performs as expected.
An issue has been fixed where killing queries on BigQuery Standard SQL could be unnecessarily expensive. This feature now performs as expected.
An issue has been fixed where special characters (such as < and >) in pivoted dimension values could cause Looker to incorrectly truncate legend labels. This feature now performs as expected.
An issue has been fixed where downloading a dashboard tile with an invalid hex color code as an Excel spreadsheet could cause the download to fail. Looker now applies a default font color instead.
An issue has been fixed where location type fields could not be used in custom filter expressions. This feature now performs as expected.
An issue has been fixed where invalid "set" or "when" LookML fields could cause the LookML Validator to fail with a 500 error. The LookML Validator now displays a more informative error message.
An issue has been fixed where a locale value of fr would fall back to fr-CA instead of fr-FR, which was causing text to be translated incorrectly. This feature now performs as expected.
An issue has been fixed where the LookML IDE did not persist line wrap settings. This feature now performs as expected.
Upon upgrade to Looker 24.20, support access will be disabled on Looker (original) instances. To enable it, set a duration and a support access role on the Support Access page of the Admin panel.
Looker (original) deployments can now use the Redshift 2.1.0.30 driver.
A new Labs feature is available, New Database Connection Setup. When enabled, this feature updates the Add/Edit Connection page with a modernized UI, enhanced validation and connection testing capabilities, and a comprehensive configuration summary.
Google Cloud Technical Support access has updated duration settings of 0 to 48 hours. Admins may choose to grant all Support users either a Support Basic Editor role or a Support Advanced Editor role.
A new Labs feature is available, Tiered Support Access, which defaults to enabled. When this feature is disabled, Looker uses the legacy version of support access.
A new legacy feature is available, Use Legacy Project Creation Page. When this feature is enabled, it hides the Create a Model page and displays the deprecated New Project page.
A new Labs feature is available, Complex Filters UI Configuration for Explores. When this feature is enabled, matches (advanced) filters no longer update to simpler filter types when a comma is entered into the filter expression until the page is reloaded. This feature resolves a few stability issues with matches (advanced) filters.
Cloud Composer 2.9.7 is a version with an extended upgrade timeline.
Cloud Service Mesh
1.23.3-asm.1 is now available for in-cluster Cloud Service Mesh.
You can now download 1.23.3-asm.1 for in-cluster Cloud Service Mesh. It includes the features of Istio 1.23.3 subject to the list of supported features. Cloud Service Mesh version 1.23.3-asm.1 uses envoy v1.31.2.
1.22.6-asm.1 is now available for in-cluster Cloud Service Mesh.
You can now download 1.22.6-asm.1 for in-cluster Cloud Service Mesh. It includes the features of Istio 1.22.6 subject to the list of supported features. Cloud Service Mesh version 1.22.6-asm.1 uses envoy v1.30.6.
1.21.5-asm.10 is now available for in-cluster Cloud Service Mesh.
You can now download 1.21.5-asm.10 for in-cluster Cloud Service Mesh. It includes the features of Istio 1.21.5 subject to the list of supported features. Cloud Service Mesh version 1.21.5-asm.10 uses envoy v1.29.8.
1.20.8-asm.9 is now available for in-cluster Cloud Service Mesh.
You can now download 1.20.8-asm.9 for in-cluster Cloud Service Mesh. It includes the features of Istio 1.20.8 subject to the list of supported features. Cloud Service Mesh version 1.20.8-asm.9 uses envoy v1.28.6.
This release fixes a bug in the following versions where the default user for distroless proxy was changed to root; As a result of this fix, the default user is now back to non-root
1.20.8-asm.6
1.20.8-asm.7
1.21.5-asm.5
1.21.5-asm.7
1.22.3-asm.1
1.22.4-asm.0
1.22.5-asm.1
This change may affect some gateway deployments which rely on the root user to expose a privileged port for ingress or egress. To ensure your gateways continue to work correctly, you may need to apply additional security contexts to your deployments. For details, see the troubleshooting guide.
Patches fixing a bug where the default user for distroless proxy was changed to root will be rolling out to all release channels. As a result of this fix, the default user is changing back to non-root. When you see the release note notifying that this rollout is complete, you must restart each affected workload to make the change effective.
The GKE Volume Populator is generally available on GKE clusters running version 1.31.1-gke.1729000 or later. This feature provides a way to automate data transfer from a Google Cloud Storage bucket source storage to a destination PersistentVolumeClaim backed by a Parallelstore instance. To learn more, see Transfer data from Cloud Storage during dynamic provisioning using GKE Volume Populator.
(2024-R43) Version updates
GKE cluster versions have been updated.
New versions available for upgrades and new clusters.
The following Kubernetes versions are now available for new clusters and for
opt-in control plane upgrades and node upgrades for existing clusters. For more
information on versioning and upgrades, see GKE versioning and support
and Upgrades.
Rapid channel
The following versions are now available in the Rapid channel:
The following versions are no longer available in the Rapid channel:
1.28.14-gke.1340000
1.28.15-gke.1015000
1.29.9-gke.1496000
1.29.10-gke.1043000
1.30.5-gke.1443001
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.27 to version 1.28.14-gke.1376000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version 1.29.9-gke.1541000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version 1.30.5-gke.1628000 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version 1.28.14-gke.1376000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version 1.29.9-gke.1541000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version 1.30.5-gke.1628000 with this release.
Regular channel
Version 1.30.5-gke.1443001 is now the default version for cluster creation in the Regular channel.
The following versions are no longer available in the Regular channel:
1.28.14-gke.1217000
1.29.9-gke.1341000
1.30.5-gke.1355000
1.31.1-gke.1678000
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.27 to version 1.28.14-gke.1340000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version 1.29.9-gke.1496000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version 1.30.5-gke.1443001 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version 1.28.14-gke.1340000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version 1.29.9-gke.1496000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.30 to version 1.30.5-gke.1443001 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.31 to version 1.31.1-gke.1846000 with this release.
Stable channel
There are no new releases in the Stable channel.
Extended channel
Version 1.30.5-gke.1443001 is now the default version for cluster creation in the Extended channel.
The following versions are no longer available in the Extended channel:
1.28.14-gke.1217000
1.29.9-gke.1341000
1.30.5-gke.1355000
1.31.1-gke.1678000
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.28 to version 1.28.14-gke.1340000 with this release.
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.29 to version 1.29.9-gke.1496000 with this release.
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.30 to version 1.30.5-gke.1443001 with this release.
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.31 to version 1.31.1-gke.1846000 with this release.
No channel
Version 1.30.5-gke.1443001 is now the default version for cluster creation.
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.27 to version 1.28.14-gke.1340000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.28 to version 1.29.9-gke.1496000 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.28 to version 1.28.14-gke.1340000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.29 to version 1.29.9-gke.1496000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.31 to version 1.31.1-gke.1846000 with this release.
(2024-R43) Version updates
The following versions are now available in the Rapid channel:
The following versions are no longer available in the Rapid channel:
1.28.14-gke.1340000
1.28.15-gke.1015000
1.29.9-gke.1496000
1.29.10-gke.1043000
1.30.5-gke.1443001
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.27 to version 1.28.14-gke.1376000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version 1.29.9-gke.1541000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version 1.30.5-gke.1628000 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version 1.28.14-gke.1376000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version 1.29.9-gke.1541000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version 1.30.5-gke.1628000 with this release.
(2024-R43) Version updates
Version 1.30.5-gke.1443001 is now the default version for cluster creation in the Regular channel.
The following versions are no longer available in the Regular channel:
1.28.14-gke.1217000
1.29.9-gke.1341000
1.30.5-gke.1355000
1.31.1-gke.1678000
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.27 to version 1.28.14-gke.1340000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version 1.29.9-gke.1496000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version 1.30.5-gke.1443001 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version 1.28.14-gke.1340000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version 1.29.9-gke.1496000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.30 to version 1.30.5-gke.1443001 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.31 to version 1.31.1-gke.1846000 with this release.
(2024-R43) Version updates
There are no new releases in the Stable channel.
(2024-R43) Version updates
Version 1.30.5-gke.1443001 is now the default version for cluster creation in the Extended channel.
The following versions are no longer available in the Extended channel:
1.28.14-gke.1217000
1.29.9-gke.1341000
1.30.5-gke.1355000
1.31.1-gke.1678000
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.28 to version 1.28.14-gke.1340000 with this release.
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.29 to version 1.29.9-gke.1496000 with this release.
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.30 to version 1.30.5-gke.1443001 with this release.
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.31 to version 1.31.1-gke.1846000 with this release.
(2024-R43) Version updates
Version 1.30.5-gke.1443001 is now the default version for cluster creation.
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.27 to version 1.28.14-gke.1340000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.28 to version 1.29.9-gke.1496000 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.28 to version 1.28.14-gke.1340000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.29 to version 1.29.9-gke.1496000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.31 to version 1.31.1-gke.1846000 with this release.
Pub/Sub
General availability: You can now create Cloud Storage import topics in Pub/Sub that lets you ingest data from Cloud Storage into Pub/Sub. The change is being rolled out in a phased manner over the rest of the week. For more information about Cloud Storage import topics, see Create a Cloud Storage import topic .
General availability: You can now enable Google Cloud platform logs to help you troubleshoot issues when you are using Cloud Storage import topics to ingest data. For more information, see Use platform logs to troubleshoot Cloud Storage import topics.
November 05, 2024
BigQuery
Dataplex automatic discovery lets you scan data in Cloud Storage buckets to extract and catalog metadata. Automatic discovery creates BigLake or external tables and object tables you can use for analytics and AI, and catalogs that data in Dataplex Catalog. This feature is available in public preview.
For Java jobs, you can use Artifact Registry to store and manage the JAR files for your BigQuery Engine for Apache Flink jobs. For more information, see Use Artifact Registry.
Compute Engine
Generally available: An updated version of the gVNIC driver for Windows offers improved network performance and support for Jumbo frames. For more information, see Update to the latest gVNIC driver for Windows.
Dataplex
Dataplex automatic discovery is available in public preview. Automatic discovery is a feature in BigQuery that lets you scan data in Cloud Storage buckets to extract and catalog metadata. Automatic discovery creates BigLake or external tables and object tables you can use for analytics and AI, and catalogs that data in Dataplex Catalog. For more information, see Discover and catalog Cloud storage data.
Generative AI on Vertex AI
We are extending the availability of Gemini 1.0 Pro 001 and Gemini 1.0 Pro Vision 001 from February 15, 2025 to April 9, 2025. For details, see the Deprecations.
Cloud TPU v6e machine types are now in public preview for GKE clusters running version 1.30.4-gke.1167000 or later. These TPU VMs (ct6e-standard) are available in the following zones: us-east5-b, europe-west4-a, us-east1-d, asia-northeast1-b, and us-south1-a. To learn more, see Plan TPUs in GKE.
Spanner
Spanner now supports client-side metrics for Java and Go applications. These metrics can be used with server-side metrics to enable faster troubleshooting of performance and latency issues.
These metrics are included in the latest Spanner client libraries for the following languages:
bigquery: Parse negative NUMERIC from arrow (#11052) (83352c4)
bigquery: Update google.golang.org/api to v0.203.0 (8bb87d5)
bigquery: WARNING: On approximately Dec 1, 2024, an update to Protobuf will change service registration function signatures to use an interface instead of a concrete type in generated .pb.go files. This change is expected to affect very few if any users of this client library. For more information, see https://togithub.com/googleapis/google-cloud-go/issues/11020. (8bb87d5)
Documentation
bigquery: Link types on package docs (#11036) (c4af6fe)
Percentage-based request mirroring is now supported for the global and regional external Application Load Balancers (classic is not supported). By default, the mirrored backend service receives all requests, even if the
original traffic is being split between multiple weighted backend services. You
can now configure the mirrored backend service to receive only a percentage of the
requests by using the mirrorPercent flag to specify the percentage of
requests to be mirrored expressed as a value between 0 and 100.0.
storage: Skip only specific transport tests. (#11016) (d40fbff)
storage: Update google.golang.org/api to v0.203.0 (8bb87d5)
storage: WARNING: On approximately Dec 1, 2024, an update to Protobuf will change service registration function signatures to use an interface instead of a concrete type in generated .pb.go files. This change is expected to affect very few if any users of this client library. For more information, see https://togithub.com/googleapis/google-cloud-go/issues/11020. (2b8ca4b)
Miscellaneous Chores
storage/internal: Remove notification, service account, and hmac RPCS. These API have been migrated to Storage Control and are available via the JSON API. (#11008) (e0759f4)
Cloud Translation
The translation LLM now supports Polish, Turkish, Indonesian, Dutch, Vietnamese, Thai and Czech. For the full list of supported languages, see the Translate text page.
Compute Engine
Preview: You can create GPU VMs all at once in a regional managed instance group (MIG) by using resize requests. This feature was previously available only for zonal MIGs. For more information, see About resize requests in a MIG.
Dataplex
Project-based semantic search offered by Dataplex Search is available in Preview. Semantic search, powered by Gemini, simplifies the search process without the need for complex search syntax. It supports natural language queries. For more information, see Discover data using semantic search.
Firestore in Datastore mode
A weekly digest of client library updates from across the Cloud SDK.
datastore: Update google.golang.org/api to v0.203.0 (8bb87d5)
datastore: Use local retryer in transactions (#11050) (3ef61a2)
datastore: WARNING: On approximately Dec 1, 2024, an update to Protobuf will change service registration function signatures to use an interface instead of a concrete type in generated .pb.go files. This change is expected to affect very few if any users of this client library. For more information, see https://togithub.com/googleapis/google-cloud-go/issues/11020. (8bb87d5)
Update dependency com.google.cloud:sdk-platform-java-config to v3.39.0 (#1640) (fe61f66)
Update googleapis/sdk-platform-java action to v2.49.0 (#1638) (57598d7)
Generative AI on Vertex AI
The translation LLM now supports Polish, Turkish, Indonesian, Dutch, Vietnamese, Thai and Czech. For the full list of supported languages, see the Translate text page.
The Anthropic Claude Haiku 3.5 is Generally Available on Vertex AI. To learn more, view the Claude Haiku 3.5 model card in Model Garden.
Pub/Sub
A weekly digest of client library updates from across the Cloud SDK.
Mark test_streaming_pull_max_messages flaky (#1288) (d6635a0)
Sensitive Data Protection
You can configure discovery to save sample findings to a BigQuery table. This feature is useful if you want to evaluate whether your inspection configuration is correctly matching the type of information that you want to flag as sensitive. To enable this feature, create or edit the scan configuration for the data resource that you want to profile.
November 02, 2024
Google SecOps SOAR
Release 6.3.24 is currently in Preview.
You can now use custom integrations in prompts when creating a playbook with Gemini.
From now on, only new features and changes will be written up for the Release Notes. Please use the customer portal to track progress of your support tickets or reach out to Customer Support for more information.
November 01, 2024
Apigee hybrid
hybrid v1.12.3
On November 1, 2024 we released an updated version of the Apigee hybrid software, 1.12.3.
Creating a Multislice TPU environment is now available in the Google Cloud Console. You can use Multislice to run training jobs using multiple TPU slices within a single Pod or on slices in multiple Pods. You must use a queued resource request to create a Multislice environment. For more information, see Cloud TPU Multislice overview.
You can now request Cloud TPUs as queued resources in the Google Cloud Console. Queuing your request for TPU resources can help alleviate stockout issues. If the resources you request are not immediately available, your request is added to a queue until the request succeeds or you delete it. You can also specify a time range in which you want to fulfill the resource request. For more information, see Manage queued resources.
Google Cloud Architecture Center
(New guide) Migrate from AWS Lambda to Cloud Run: Describes how to design, implement, and validate a plan to migrate from AWS Lambda to Cloud Run.
October 31, 2024
Anti Money Laundering AI
A new major engine version is available for Retail and Commercial lines of business, within the v4 tuning version. These engine versions:
Introduce a new feature area within the unusual-counterparty-activity feature family focused on surfacing suspicious parties through their inbound and outbound transactions with exited parties.
Apply a new data validation to ensure there are no periods in the required time range without any valid entries in the Party, Transaction, or AccountPartyLink table.
The retail engine version also has more reliable tuning performance, in particular for small datasets. This improvement was already present in commercial engine versions.
You can also use the Google Cloud Console to enable private origin authentication for Amazon Simple Storage Service (Amazon S3) and compatible object stores.
Cloud Load Balancing
Support for IPv6 static routes with a next hop internal passthrough Network Load Balancer (next-hop-ilb) is available in Preview.
Note:
When using Dataproc version 2.0.125 with the ranger-gcs-plugin, please create a customer support request for your project to use the enhanced version of the plugin prior to its GA release. This note does not apply Dataproc on Compute Engine image versions 2.1 and 2.2.
Disabled HiveServer2 Ranger policy synchronization in non-HA clusters for latest image version 2.1 and later. Policy synchronization is causing instability of the HiveServer2 process while trying to connect to ZooKeeper, which is not active by default in non-HA clusters.
Eventarc
Eventarc is available in Preview in a new edition: Eventarc Advanced lets you receive, filter, transform, route, and deliver messages between different services, apps, and systems.
Eventarc Standard continues to deliver events from provider to destination by letting you define triggers that filter events.
Firestore
The Google Cloud console now includes a monitoring dashboard for each database. For more information, see Use the Cloud Monitoring dashboard.
For GKE clusters running version 1.31.1-gke.1146000 or later, Cloud Tensor Processing Unit (TPU) v3 machine types are generally available. These TPU VMs (ct3-hightpu-4t and ct3p-hightpu-4t) are currently available in us-east1-d, europe-west4-a, us-central1-a, us-central1-b, and us-central1-f. To learn more, see TPUs in GKE.
GKE control plane authority is now generally available with version 1.31.1-gke.1846000 or later. GKE control plane authority provides enhanced visibility, security controls, and customization of the GKE control plane. For more information, see the About GKE control plane authority.
Clusters that are experiencing stale endpoint resources and stale kube-dns entries are likely affected by Kubernetes issue #126578. Your cluster is most likely affected if endpoint resources consistently have incorrect Pod IPs. This issue has been fixed in the following GKE versions or later:
1.28.14-gke.1115000
1.29.9-gke.1207000
1.30.5-gke.1171000
1.31.1-gke.1414000
Identity Platform
Support for SMS-based authentication flows in the Identity Platform integration with reCAPTCHA Enterprise API is now in Preview. In addition, the integration now supports reCAPTCHA's SMS toll fraud protection and the ability to bring your own reCAPTCHA keys.
Enabling endToEndTracing support in Connection API (#3412) (16cc6ee)
Dependencies
Update dependency com.google.cloud:sdk-platform-java-config to v3.38.0 (#3424) (b727453)
Update dependency io.opentelemetry:opentelemetry-bom to v1.43.0 (#3399) (a755c6c)
Update dependency io.opentelemetry:opentelemetry-sdk-testing to v1.43.0 (#3398) (693243a)
Update googleapis/sdk-platform-java action to v2.48.0 (#3422) (d5d1f55)
Documentation
Fix tracing sample to exit when completed, and use custom monitored resource for export (#3287) (ddb65b1)
Vertex AI
PSC-I Egress is supported for Ray clusters Vertex AI. PSC-I is recommended for private connectivity since it reduces the chance of IP exhaustion, and allows for transitive peering. Check out Private Service Connect interface for Ray on Vertex AI. This feature is available in Preview.
Private Service Connect interface (PSC-I) is now supported for ML pipeline runs in Vertex AI Pipelines. PSC-I is recommended for private connectivity, since it reduces the chance of IP exhaustion, and allows for transitive peering.
Vertex AI Search: Stream answers (GA with allowlist)
The answer streaming method can return generated answers in sequential parts. This reduces the perception of latency. As the end users read the first part of the answer, the subsequent parts of the answer are being generated.
The answer streaming method also includes many of the features of the original answer method.
This feature is Generally available to select Google customers (GA with allowlist). For more information, see Stream answers.
Virtual Private Cloud
Support for IPv6 static routes with a next hop internal passthrough Network Load Balancer (next-hop-ilb) is available in Preview.
October 30, 2024
Cloud Composer
(Cloud Composer 3) Airflow workers now generate a proper OpenID Connect (OIDC) token.
(Airflow 2.9.3 and 2.7.3) The dbt-common package was downgraded from 1.11.0 to 1.10.0.
Dedicated Interconnect and Cross-Cloud Interconnect now support network traffic differentiation through application awareness on Cloud Interconnect in Preview. For more information, see "Configure traffic differentiation" for Dedicated Interconnect and Cross-Cloud Interconnect.
Cloud Load Balancing
Service Extensions plugins are available for Google Cloud Application Load Balancers, excluding Classic, in Preview.
Service Extensions plugins help you insert WebAssembly (Wasm) plugins in a fully managed serverless environment directly into the data path of Application Load Balancers.
Generally available: General purpose C4A Arm VMs on Google's custom-built Axiom processors. C4A VMs are available as predefined configurations in sizes ranging from 1 vCPU to 72 vCPUs and up to 576 GB of DDR5 memory. C4A uses Google Cloud's latest generation storage options including Hyperdisk Balanced and Hyperdisk Extreme.
C4A VMs are available in the following regions and zones:
Singapore - asia-southeast1-a,b,c
Belgium - europe-west1-b,c,d
Frankfurt - europe-west3-a,b,c
Netherlands - europe-west4-a,b,c
Iowa - us-central1-a,b,c
South Carolina - us-east1-b,c,d
Virginia - us-east4-a,b,c
Generally available: You can autoscale a regional MIG with a BALANCED target distribution shape. With the BALANCED shape, the autoscaler is aware of the capacity in each zone and creates VMs in zones that have resource availability. For more information, see Autoscaling a regional MIG.
Google Kubernetes Engine
Weighted load balancing for GKE External LoadBalancer Services is now available in Preview. Weighted load balancing is a more efficient way to distribute traffic to nodes based on the number of serving Pods they have backing the Service. To learn more, see About LoadBalancer Services.
(2024-R42) Version updates
GKE cluster versions have been updated.
New versions available for upgrades and new clusters.
The following Kubernetes versions are now available for new clusters and for
opt-in control plane upgrades and node upgrades for existing clusters. For more
information on versioning and upgrades, see GKE versioning and support
and Upgrades.
Rapid channel
Version 1.31.1-gke.1846000 is now the default version for cluster creation in the Rapid channel.
The following versions are now available in the Rapid channel:
The following versions are no longer available in the Rapid channel:
1.28.14-gke.1217000
1.29.9-gke.1341000
1.30.5-gke.1355000
1.31.1-gke.1678000
1.31.1-gke.2008000
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.27 to version 1.28.14-gke.1340000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version 1.29.9-gke.1496000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version 1.30.5-gke.1443001 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version 1.31.1-gke.1846000 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version 1.28.14-gke.1340000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version 1.29.9-gke.1496000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version 1.30.5-gke.1443001 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.31 to version 1.31.1-gke.1846000 with this release.
Regular channel
Version 1.30.5-gke.1355000 is now the default version for cluster creation in the Regular channel.
The following versions are now available in the Regular channel:
The following versions are no longer available in the Regular channel:
1.28.14-gke.1099000
1.29.9-gke.1177000
1.30.5-gke.1014001
1.30.5-gke.1014003
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.27 to version 1.28.14-gke.1217000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version 1.29.9-gke.1341000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version 1.30.5-gke.1355000 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version 1.28.14-gke.1217000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version 1.29.9-gke.1341000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.30 to version 1.30.5-gke.1355000 with this release.
Stable channel
Version 1.30.5-gke.1014003 is now the default version for cluster creation in the Stable channel.
The following versions are no longer available in the Stable channel:
1.28.14-gke.1004000
1.29.8-gke.1278000
1.30.5-gke.1014001
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.27 to version 1.28.14-gke.1099000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version 1.29.9-gke.1177000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version 1.30.5-gke.1014003 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version 1.28.14-gke.1099000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version 1.29.9-gke.1177000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.30 to version 1.30.5-gke.1014003 with this release.
Extended channel
Version 1.30.5-gke.1355000 is now the default version for cluster creation in the Extended channel.
The following versions are now available in the Extended channel:
The following versions are no longer available in the Extended channel:
1.27.16-gke.1712000
1.28.14-gke.1099000
1.29.9-gke.1177000
1.30.5-gke.1014001
1.30.5-gke.1014003
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.28 to version 1.28.14-gke.1217000 with this release.
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.29 to version 1.29.9-gke.1341000 with this release.
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.30 to version 1.30.5-gke.1355000 with this release.
No channel
Version 1.30.5-gke.1355000 is now the default version for cluster creation.
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.27 to version 1.28.14-gke.1217000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.28 to version 1.29.9-gke.1341000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.29 to version 1.30.5-gke.1014003 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.28 to version 1.28.14-gke.1217000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.29 to version 1.29.9-gke.1341000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.30 to version 1.30.5-gke.1014003 with this release.
(2024-R42) Version updates
Version 1.31.1-gke.1846000 is now the default version for cluster creation in the Rapid channel.
The following versions are now available in the Rapid channel:
The following versions are no longer available in the Rapid channel:
1.28.14-gke.1217000
1.29.9-gke.1341000
1.30.5-gke.1355000
1.31.1-gke.1678000
1.31.1-gke.2008000
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.27 to version 1.28.14-gke.1340000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version 1.29.9-gke.1496000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version 1.30.5-gke.1443001 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version 1.31.1-gke.1846000 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version 1.28.14-gke.1340000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version 1.29.9-gke.1496000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version 1.30.5-gke.1443001 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.31 to version 1.31.1-gke.1846000 with this release.
(2024-R42) Version updates
Version 1.30.5-gke.1355000 is now the default version for cluster creation in the Regular channel.
The following versions are now available in the Regular channel:
The following versions are no longer available in the Regular channel:
1.28.14-gke.1099000
1.29.9-gke.1177000
1.30.5-gke.1014001
1.30.5-gke.1014003
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.27 to version 1.28.14-gke.1217000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version 1.29.9-gke.1341000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version 1.30.5-gke.1355000 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version 1.28.14-gke.1217000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version 1.29.9-gke.1341000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.30 to version 1.30.5-gke.1355000 with this release.
(2024-R42) Version updates
Version 1.30.5-gke.1014003 is now the default version for cluster creation in the Stable channel.
The following versions are no longer available in the Stable channel:
1.28.14-gke.1004000
1.29.8-gke.1278000
1.30.5-gke.1014001
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.27 to version 1.28.14-gke.1099000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version 1.29.9-gke.1177000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version 1.30.5-gke.1014003 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version 1.28.14-gke.1099000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version 1.29.9-gke.1177000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.30 to version 1.30.5-gke.1014003 with this release.
(2024-R42) Version updates
Version 1.30.5-gke.1355000 is now the default version for cluster creation in the Extended channel.
The following versions are now available in the Extended channel:
The following versions are no longer available in the Extended channel:
1.27.16-gke.1712000
1.28.14-gke.1099000
1.29.9-gke.1177000
1.30.5-gke.1014001
1.30.5-gke.1014003
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.28 to version 1.28.14-gke.1217000 with this release.
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.29 to version 1.29.9-gke.1341000 with this release.
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.30 to version 1.30.5-gke.1355000 with this release.
(2024-R42) Version updates
Version 1.30.5-gke.1355000 is now the default version for cluster creation.
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.27 to version 1.28.14-gke.1217000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.28 to version 1.29.9-gke.1341000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.29 to version 1.30.5-gke.1014003 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.28 to version 1.28.14-gke.1217000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.29 to version 1.29.9-gke.1341000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.30 to version 1.30.5-gke.1014003 with this release.
Network Security Integration
You can use Packet Mirroring, an "out-of-band" Network Security Integration, to analyze your workloads' network traffic at scale. This feature is available in Preview. For more information, see Network Security Integration overview.
For Preview, Network Security Integration resources are available free of charge. For other Google Cloud resources, see the product-specific pricing documentation.
Service Extensions
Service Extensions plugins help you insert WebAssembly (Wasm) plugins in a fully managed serverless environment directly into the data path of most Cloud Load Balancing Application Load Balancers. This feature is in Preview.
Studio Voices now support synthesis with multiple speakers to generate audios for interviews, interactive storytelling, video games, e-learning platforms, and accessibility solutions.
October 29, 2024
Cloud Load Balancing
All the Application Load Balancers, except the classic Application Load Balancer, now support stateful cookie-based session affinity. When you use stateful cookie-based affinity, the load balancer includes an HTTP cookie in the Set-Cookie header in response to the initial HTTP request. With stateful session affinity, customers can preserve stickiness to the selected backend.
You can now create and manage log scopes by using the Google Cloud CLI, in addition to using the Cloud Console and Terraform. Log scopes are in Public Preview. For more information, see
When an authenticated browser download occurs outside of the Google Cloud console, a resulting Data Access log has its principalEmail and callerIp fields redacted.
Google Kubernetes Engine
Three new metrics are added for measuring node and workload startup latency:
kubernetes.io/node/latencies/startup: The total startup latency of a node, from the GCE instance's CreationTimestamp to Kubernetes Node Ready for the first time.
kubernetes.io/pod/latencies/pod_first_ready: The Pod end-to-end startup latency (from Pod Created to Ready), including image pulls. This metric is available for clusters with GKE version 1.31.1-gke.1678000 or later.
kubernetes.io/autoscaler/latencies/per_hpa_recommendation_scale_latency_seconds: Horizontal Pod Autoscaling (HPA) scaling recommendation latency (the time between metrics being created and the corresponding scaling recommendation being applied to the API server) for the HPA target. This metric is available for clusters running the following versions or later:
1.30.4-gke.1348001
1.31.0-gke.1324000
Instance Group Managers for node pools created with version 1.30.5-gke.1523000 or later and 1.31.1-gke.1869000 or later will now have update on repair enabled by default. This will allow labels to persist upon Spot VM preemption.
Memorystore for Redis
Added support for the databases configuration. For more details, see the entry for databases in Supported Redis configurations.
Version 2.8 of the BigQuery Connector for SAP is generally available (GA). This version offers several enhancements and bug fixes, including the record compression option at field level, a transaction to view the version of BigQuery Connector for SAP, and an enhancement spot for HTTP error handling.
AlloyDB for PostgreSQL now supports in-place major version upgrade in Preview. You can upgrade your cluster that is compatible with PostgreSQL version 14 to 15. For more information, see Upgrade a database in-place major version.
You can now configure more complicated retry strategies for tasks, such as retries based on the error codes or the variable values during the execution:
Configure multiple ordered conditional failure policies for each task.
Configure a default failure policy that will be applied if no conditional failure policies matches.
Dynamic Workload Scheduler for Batch is available in Preview. We recommend using Dynamic Workload Scheduler to improve resource availability for jobs that run on A3 GPU VMs when you don't intend to use a reservation. For more information, see Create and run a job that uses GPUs.
Cloud Data Fusion
The Oracle plugin version 1.11.4 is available in Cloud Data Fusion versions 6.10.1 and later. This release includes the following change:
Fixed an issue causing pipelines with an Oracle sink that has date columns in the input schema to fail (PLUGIN-1812).
Cloud Load Balancing
To take advantage of the new features of the global external Application Load Balancer, you can now migrate your classic Application Load Balancer resources to the global external Application Load Balancer infrastructure.
To migrate to the global external Application Load Balancer, you change the load balancing scheme of your load balancing resources—specifically, the backend services and forwarding rules—from EXTERNAL to EXTERNAL_MANAGED. You can also rollback resources to the classic Application Load Balancer infrastructure, as long as you do so within 90 days of changing the load balancing scheme.
For more details on the migration process, see the following pages:
You can now use tags to annotate your log buckets and use the tags to manage access to the log buckets. For more information, see Manage log buckets by using tags.
A weekly digest of client library updates from across the Cloud SDK.
The capabilities for dashboard-level filtering has been enhanced. You can now configure pinned filters and variables to have multiple default values and support selection of multiple values. You can also create value-only variables and generate the list of possible values for a variable by running a SQL query. These features are in Public Preview. For more information, see the following documents:
Update gRPC ReadObject retry to avoid double retry (#2765) (1fc57b9)
Dependencies
Update dependency com.google.apis:google-api-services-storage to v1-rev20241008-2.0.0 (#2776) (0545b5e)
Update dependency com.google.cloud:sdk-platform-java-config to v3.38.0 (#2787) (a470e88)
Update gcr.io/cloud-devrel-public-resources/storage-testbench docker tag to v0.48.0 (#2781) (8fa013e)
Update gcr.io/cloud-devrel-public-resources/storage-testbench docker tag to v0.49.0 (#2782) (a7baffb)
Update googleapis/sdk-platform-java action to v2.48.0 (#2786) (2893e61)
You can now use the Google Cloud console to get soft delete recommendations for buckets. Soft delete recommendations help you determine when it's best to enable or disable the soft delete feature on a bucket based on impact to cost and security.
dataflow: Update google.golang.org/api to v0.203.0 (8bb87d5)
dataflow: WARNING: On approximately Dec 1, 2024, an update to Protobuf will change service registration function signatures to use an interface instead of a concrete type in generated .pb.go files. This change is expected to affect very few if any users of this client library. For more information, see https://togithub.com/googleapis/google-cloud-go/issues/11020. (8bb87d5)
Firestore in Datastore mode
A weekly digest of client library updates from across the Cloud SDK.
The notebooks use an updated high-performance container for single host multi-GPU LoRA fine-tuning.
Better throughput and GPU utilization with well-tested max-sequence-lengths.
Support for input token masking.
No out of memory (OOM) error during fine-tuning.
Added a custom dataset example that uses a template and format validation.
Support for a default accelerator pool with quota checks.
Improved documentation.
Google Kubernetes Engine
The A3 Edge (a3-edgegpu-8g) machine type with H100 80GB GPUs attached is now available on GKE Standard clusters. To learn more, see About GPUs.
Google SecOps
Google SecOps has updated the list of supported default parsers. Parsers are updated gradually, so it might take one to four days before you see the changes reflected in your region.
The following supported default parsers have changed. Each parser is listed by product name and log_type value, if applicable. This list now includes both released default parsers and pending parser updates.
AIX system (OS)
Apache Tomcat (Web server)
Apigee (Google Cloud Specific)
Aqua Security (IaaS Applications)
Aruba Switch (Network Infrastructure)
Auth0 (Authentication log)
AWS Cloudtrail (Cloud Log Aggregator)
AWS GuardDuty (IDS/IPS)
AWS RDS (Database)
AWS Route 53 DNS (AWS Specific)
AWS VPC Flow (AWS Specific)
Azure AD (LDAP)
Azure AD Sign-In (Misc Windows Specific)
Azure VPN (VPN)
Blue Coat Proxy (Web Proxy)
BMC Client Management (Security)
Checkpoint Audit (AUDIT)
Chrome Management (Browser)
Cisco ASA (firewall)
Cisco Internetwork Operating System (Network Infrastructure)
Cisco IronPort (Gateway Security)
Cisco Meraki (Wireless)
Cisco Router (Switches, Routers)
Cisco Switch (Switches, Routers)
Cisco UCM (Communication Manager)
Cisco Unity Connection (Administration and Management)
Google SecOps has updated the list of supported default parsers. Parsers are updated gradually, so it might take one to four days before you see the changes reflected in your region.
The following supported default parsers have changed. Each parser is listed by product name and log_type value, if applicable. This list now includes both released default parsers and pending parser updates.
AIX system (OS)
Apache Tomcat (Web server)
Apigee (Google Cloud Specific)
Aqua Security (IaaS Applications)
Aruba Switch (Network Infrastructure)
Auth0 (Authentication log)
AWS Cloudtrail (Cloud Log Aggregator)
AWS GuardDuty (IDS/IPS)
AWS RDS (Database)
AWS Route 53 DNS (AWS Specific)
AWS VPC Flow (AWS Specific)
Azure AD (LDAP)
Azure AD Sign-In (Misc Windows Specific)
Azure VPN (VPN)
Blue Coat Proxy (Web Proxy)
BMC Client Management (Security)
Checkpoint Audit (AUDIT)
Chrome Management (Browser)
Cisco ASA (firewall)
Cisco Internetwork Operating System (Network Infrastructure)
Cisco IronPort (Gateway Security)
Cisco Meraki (Wireless)
Cisco Router (Switches, Routers)
Cisco Switch (Switches, Routers)
Cisco UCM (Communication Manager)
Cisco Unity Connection (Administration and Management)
pubsub: Update google.golang.org/api to v0.203.0 (8bb87d5)
pubsub: WARNING: On approximately Dec 1, 2024, an update to Protobuf will change service registration function signatures to use an interface instead of a concrete type in generated .pb.go files. This change is expected to affect very few if any users of this client library. For more information, see https://togithub.com/googleapis/google-cloud-go/issues/11020. (8bb87d5)
Documentation
pubsub: Add doc links to top level package doc (#11029) (fe2ec56)
secretmanager: Update google.golang.org/api to v0.203.0 (8bb87d5)
secretmanager: WARNING: On approximately Dec 1, 2024, an update to Protobuf will change service registration function signatures to use an interface instead of a concrete type in generated .pb.go files. This change is expected to affect very few if any users of this client library. For more information, see https://togithub.com/googleapis/google-cloud-go/issues/11020. (2b8ca4b)
Sensitive Data Protection
The ITALY_PASSPORT infoType detector is available in all regions. For more information about all built-in infoTypes, see InfoType detector reference.
Workflows
Two standard library functions to support common hashing algorithms have been added: compute_checksum and compute_hmac.
October 26, 2024
Google SecOps SOAR
Release 6.3.23 is currently in Preview.
Custom SMTP Configuration does not send emails with send_mail function in monitoring jobs (ID #52614371)
Unexpected behavior between system wide and user preference localization time zone settings. Following this bug fix, the default time zone is now set to UTC + 1. This does not override the user local settings. The admin needs to change the default timezone to the required timezone if needed. (ID #51914939, #52558921)
October 25, 2024
Cloud Healthcare API
A new release is available. This release may include some or all of the following: general performance improvements, bug fixes, and updates to the API reference documentation.
Cloud SQL for MySQL
When you run the backupRuns.GET API or the gcloud sql backups describe command, the maxChargeableBytes parameter now appears in the response. This parameter contains the maximum number of bytes that you can be charged for a backup.
Cloud SQL for PostgreSQL
When you run the backupRuns.GET API or the gcloud sql backups describe command, the maxChargeableBytes parameter now appears in the response. This parameter contains the maximum number of bytes that you can be charged for a backup.
Cloud SQL for SQL Server
When you run the backupRuns.GET API or the gcloud sql backups describe command, the maxChargeableBytes parameter now appears in the response. This parameter contains the maximum number of bytes that you can be charged for a backup.
Colab Enterprise
Colab Enterprise is now available in the following regions:
Generally available: The A3 Edge accelerator-optimized machine type is now available. The A3 Edge machine type has NVIDIA® H100 80GB GPUs attached and provides up to 800 Gbps of network bandwidth speed depending on the region. A3 Edge VMs are ideal for inference or training ML workloads that require a single node. The A3 Edge machine type is available in the following regions and zones:
Dataproc Serverless for Spark: Added common AI/ML Python packages by default to Dataproc Serverless for Spark 1.2 and 2.2 runtimes.
Dataproc Serverless for Spark: Upgraded Cloud Storage connector to 3.0.3 version in the latest 1.2 and 2.2 runtimes.
Google Distributed Cloud (software only) for VMware
Google Distributed Cloud (software only) for VMware 1.29.700-gke.110 is now available for download. To upgrade, see Upgrade a cluster or a node pool. Google Distributed Cloud 1.29.700-gke.110 runs on Kubernetes v1.29.8-gke.1800.
If you are using a third-party storage vendor, check the GDCV Ready storage partners document to make sure the storage vendor has already passed the qualification for this release.
After a release, it takes approximately 7 to 14 days for the version to become available for use with GKE On-Prem API clients: the Google Cloud console, the gcloud CLI, and Terraform.
The following issues are fixed in 1.29.700-gke.110:
Fixed the known issue that caused gkectl to display false warnings on admin cluster version skew.
Fixed the known issue that caused migrating a user cluster to Controlplane V2 to fail if secrets encryption has ever been enabled on the user cluster, even if it's already disabled.
Fixed the known issue that caused migrating an admin cluster from non-HA to HA to fail if the admin cluster had enabled secret encryption at 1.14 or earlier, and upgraded all the way from that version.
The following vulnerabilities are fixed in 1.29.700-gke.110:
New versions available for upgrades and new clusters.
The following Kubernetes versions are now available for new clusters and for
opt-in control plane upgrades and node upgrades for existing clusters. For more
information on versioning and upgrades, see GKE versioning and support
and Upgrades.
Rapid channel
Version 1.31.1-gke.1678000 is now the default version for cluster creation in the Rapid channel.
The following versions are now available in the Rapid channel:
The following versions are no longer available in the Rapid channel:
1.28.14-gke.1099000
1.29.9-gke.1177000
1.30.5-gke.1145000
1.31.1-gke.1146000
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.27 to version 1.28.14-gke.1217000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version 1.29.9-gke.1341000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version 1.30.5-gke.1355000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version 1.31.1-gke.1678000 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version 1.28.14-gke.1217000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version 1.29.9-gke.1341000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version 1.30.5-gke.1355000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.31 to version 1.31.1-gke.1678000 with this release.
Regular channel
The following versions are now available in the Regular channel:
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.31 to version 1.31.1-gke.1678000 with this release.
Stable channel
Version 1.30.5-gke.1014001 is now the default version for cluster creation in the Stable channel.
The following versions are now available in the Stable channel:
The following versions are no longer available in the Stable channel:
1.28.13-gke.1119000
1.29.8-gke.1211000
1.30.4-gke.1348001
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.27 to version 1.28.14-gke.1004000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version 1.29.8-gke.1278000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version 1.30.5-gke.1014001 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version 1.28.14-gke.1004000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version 1.29.8-gke.1278000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.30 to version 1.30.5-gke.1014001 with this release.
Extended channel
The following versions are now available in the Extended channel:
Version 1.27.16-gke.1342000 is no longer available in the Extended channel.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.27 to version 1.27.16-gke.1373000 with this release.
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.31 to version 1.31.1-gke.1678000 with this release.
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.29 to version 1.30.5-gke.1014001 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.30 to version 1.30.5-gke.1014001 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.31 to version 1.31.1-gke.1678000 with this release.
(2024-R41) Version updates
Version 1.31.1-gke.1678000 is now the default version for cluster creation in the Rapid channel.
The following versions are now available in the Rapid channel:
The following versions are no longer available in the Rapid channel:
1.28.14-gke.1099000
1.29.9-gke.1177000
1.30.5-gke.1145000
1.31.1-gke.1146000
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.27 to version 1.28.14-gke.1217000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version 1.29.9-gke.1341000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version 1.30.5-gke.1355000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version 1.31.1-gke.1678000 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version 1.28.14-gke.1217000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version 1.29.9-gke.1341000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version 1.30.5-gke.1355000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.31 to version 1.31.1-gke.1678000 with this release.
(2024-R41) Version updates
The following versions are now available in the Regular channel:
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.31 to version 1.31.1-gke.1678000 with this release.
(2024-R41) Version updates
Version 1.30.5-gke.1014001 is now the default version for cluster creation in the Stable channel.
The following versions are now available in the Stable channel:
The following versions are no longer available in the Stable channel:
1.28.13-gke.1119000
1.29.8-gke.1211000
1.30.4-gke.1348001
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.27 to version 1.28.14-gke.1004000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version 1.29.8-gke.1278000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version 1.30.5-gke.1014001 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version 1.28.14-gke.1004000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version 1.29.8-gke.1278000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.30 to version 1.30.5-gke.1014001 with this release.
(2024-R41) Version updates
The following versions are now available in the Extended channel:
Version 1.27.16-gke.1342000 is no longer available in the Extended channel.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.27 to version 1.27.16-gke.1373000 with this release.
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.31 to version 1.31.1-gke.1678000 with this release.
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.29 to version 1.30.5-gke.1014001 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.30 to version 1.30.5-gke.1014001 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.31 to version 1.31.1-gke.1678000 with this release.
Security Command Center
Event Threat Detection's Outgoing DoS finding has been shut down and is no longer available.
Sensitive Data Protection
The PARAGUAY_TAX_NUMBER infoType detector is available in all regions. For more information about all built-in infoTypes, see InfoType detector reference.
Vertex AI Search: Return only well-grounded answers with summaries and follow-ups (GA)
With the answer method, you can choose to filter out poorly-grounded answers. There are two filter levels: choose to return only answers with high grounding scores (at the risk of losing some helpful answers) or choose a lower filter to get more answers.
BigQuery provides context-aware transformation recommendations from Gemini for cleansing data for analysis. Data preparation is available in Preview.
Cloud Data Fusion
Using Dataproc version 2.2 in your Cloud Data Fusion pipeline can fail in some cases with the following error: ERROR [Driver:o.a.s.d.y.ApplicationMaster@97] - User class threw exception: java.lang.NoSuchMethodError: 'org.apache.spark.sql.catalyst.encoders.ExpressionEncoder org.apache.spark.sql.catalyst.encoders.RowEncoder.apply(org.apache.spark.sql.types.StructType)' at io.cdap.cdap.etl.spark.batch.OpaqueDatasetCollection.toDataframeCollection(OpaqueDatasetCollection.java:111).
To avoid this issue, change the Dataproc image to 2.1 (CDAP-21075).
Cloud Load Balancing
Global external Application Load Balancers and global external proxy Network Load Balancers can now load balance IPv6 traffic. The following backends have dual-stack support:
VM instance groups
Zonal NEGs (GCE_VM_IP_PORT endpoints)
You can also convert your existing single-stack load balancers from IPv4-only to dual stack (IPv4 and IPv6) deployments.
This feature is available in General Availability.
Cloud Logging
You can now create alerting policies that monitor the results of your SQL queries. For more information about SQL-based alerting policies, see the following documents:
You can now create alerting policies that monitor the results of your SQL queries. For more information about SQL-based alerting policies, see the following documents:
You can now use Quality AI as a GA feature within the Insights console to evaluate contact center conversations and agent performance more efficiently. Quality AI automates conversation scoring so that all conversations are taken into account.
See the Overview, Basics, Setup Guide, and Best Practices pages for more details.
Upgraded app-containers/docker-credential-helpers to v0.8.2.
Upgraded app-containers/cni-plugins to v1.5.1.
Upgraded app-containers/docker-credential-gcr to v2.1.23.
Upgraded app-containers/containerd, app-containers/containerd-test to v1.7.20.
Upgraded app-admin/google-guest-configs to v20240725.00.
Upgraded dev-python/jsonpatch to v1.33.
Upgraded dev-python/netifaces to v0.11.0-r2.
Upgraded dev-lang/python-exec to v2.4.10.
Upgraded dev-db/sqlite to v3.46.0.
Upgraded dev-python/six to v1.16.0-r1.
Upgraded sys-libs/libcap-ng to v0.8.5.
Upgraded net-libs/libtirpc to v1.3.4-r3.
Upgraded net-fs/cifs-utils to v7.0-r1, Upgraded sys-libs/talloc to v2.4.2.
Upgraded dev-python/jinja to v3.1.4.
Upgraded sys-libs/libcap to v2.70.
Upgraded app-arch/pigz to v2.8.
Upgraded sys-fs/xfsprogs to v6.8.0.
Upgraded dev-python/pyserial to v3.5-r2.
Upgraded sys-libs/zlib to v1.3.1-r1.
Upgraded dev-python/configobj to v5.0.8.
Upgraded sys-libs/gdbm to v1.24.
Upgraded app-arch/lz4 to v1.10.0-r1.
Upgraded app-arch/unzip to v6.0_p27-r1.
Upgraded dev-libs/nss to v3.103.
Upgraded sys-apps/acl to v2.3.2-r1.
Updated R550, latest driver to v550.90.12.
Upgraded app-arch/libarchive to version 3.7.6. This fixed CVE-2024-48957, CVE-2024-48958.
Runtime sysctl changes:
Changed: fs.file-max: 812253 -> 812259
Upgraded app-containers/containerd to 1.7.23.
Dialogflow
Dialogflow CX & ES: In order to increase the stability of Cloud Text-to-speech, out-of-quota requests for Journey Voices will now be fulfilled with a fallback voice of the same speaker persona. To opt out, contact your Google account team.
Dialogflow CX & ES: Dialogflow now supports A-law encoding in addition to Mu-law encoding for input and output audio. A-law and Mu-law are the two available formats in G.711.
Google Distributed Cloud (software only) for bare metal
Release 1.29.700-gke.113
Google Distributed Cloud for bare metal 1.29.700-gke.113 is now available for download. To upgrade, see Upgrade clusters. Google Distributed Cloud for bare metal 1.29.700-gke.113 runs on Kubernetes 1.29.
After a release, it takes approximately 7 to 14 days for the version to become available for installations or upgrades with the GKE On-Prem API clients: the Google Cloud console, the gcloud CLI, and Terraform.
If you use a third-party storage vendor, check the Ready storage partners document to make sure the storage vendor has already passed the qualification for this release of Google Distributed Cloud for bare metal.
Fixes:
Fixed an issue where the control plane VIP might become unavailable because Keepalived didn't check correctly that the VIP is on a node with a responsive HAProxy.
Fixed an issue where bmctl restore fails due to etcd containers not starting correctly.
Fixed an issue where the registry mirror reachability check fails for a single unreachable registry mirror. Now the reachability check applies to configured registry mirrors only, instead of all registry mirrors.
The following container image security vulnerabilities have been fixed in 1.29.700-gke.113:
When using the CLI/API to create an instance, if the database version for the instance or replica that you're creating is PostgreSQL 16 and later, then the default Cloud SQL edition is Enterprise Plus.
When using the CLI/API to create an instance, If you either don't specify a database version or you specify a version other than PostgreSQL 16 and later, then the default Cloud SQL edition is Enterprise.
The following information applies to flags and extensions for PostgreSQL 17:
Announced billing changes for BigQuery users who are accessing Cloud Storage will now take effect February 1, 2025. These changes were originally set to take effect November 1, 2024.
Compute Engine
Generally available: You can extend the term lengths of your resource-based commitments beyond the preset 1 or 3 years and choose custom term lengths such as 2, 3.5, or 5.5 years. Term extensions let you tailor commitments to match your resource usage needs and keep receiving committed use discounts (CUDs) for a longer time.
(Only new Cloud Composer 2 environments, all versions) If a GKE Control Plane IP range is specified for an environment, GKE creates a new subnetwork in this range to provision the IP address for communication with the GKE Control Plane. Otherwise, the subnetwork specified in the Cloud Composer connection subnetwork range is used (this range defaults to the environment's subnetwork). For more information about IP ranges used by Cloud Composer environments, see Configure private IP networking.
(Airflow 2.9.3) The apache-airflow-providers-google package was upgraded to version 10.24.0 in Cloud Composer 2 images and Cloud Composer 3 builds. For more information about changes, see the apache-airflow-providers-google changelog from version 10.23.0 to version 10.24.0.
(Airflow 2.9.3) The apache-airflow-providers-cncf-kubernetes package was upgraded to version 9.0.0 in Cloud Composer 2 images and Cloud Composer 3 builds. For more information about changes, see the apache-airflow-providers-cncf-kubernetes changelog from version 8.4.2 to version 9.0.0.
(Airflow 2.9.3 and 2.7.3) Changes in preinstalled packages:
The grpcio package was downgraded from 1.66.2 to 1.65.5.
The js2py package was removed from dependencies.
The pyjsparser package was removed from dependencies.
The tzlocal package was removed from dependencies.
You can now emit client-side metrics for gRPC. To learn which metrics are supported and how to emit them, see Use gRPC client-side metrics.
Document AI
The Document AI section of the Google Cloud console now allows you to configure property descriptions as part of the Custom extractor processor-creation process.
Property description allows you to provide additional context, insights, and prior knowledge for each entity to improve extraction accuracy.
Property descriptions can be edited after schema creation. After you update the property descriptions, you will need to either call the pretrained models or create or fine-tune a new processor version for the changes to take effect.
Generative AI on Vertex AI
The Anthropic Claude Sonnet 3.5 v2 is Generally Available. To learn more, view the Claude Sonnet 3.5 v2 model card in Model Garden.
Artifact Analysis now supports scanning for vulnerabilities in the following types of operating systems:
AlmaLinux OS
Chainguard
Google Distroless
Red Hat Universal Base Image (UBI)
Rocky Linux
SUSE Linux Enterprise Server (SLES)
Wolfi
If the Container Scanning API is enabled, it scans container images pushed to Artifact Registry addressing these new operating systems, in addition to already supported operating system and language package vulnerabilities.
Artifact Analysis now supports manual scans for vulnerabilities in the following types of packages:
AlmaLinux OS
Chainguard
.NET
Google Distroless
NPM
PHP
Python
Ruby
Rust
Red Hat Universal Base Image (UBI)
Rocky Linux
SUSE Linux Enterprise Server (SLES)
Wolfi
You can use the On-Demand Scanning API to manually scan container images locally on your computer or in your registry. Artifact Analysis scans for vulnerabilities in these new packages types, in addition to already supported package types.
Backup and DR service added support to deploy new management console without the need to create private services access. You can also deploy backup/recovery appliances in any VPC available within the management console project.
Custom organization policies let you allow or deny specific operations on BigQuery Data Transfer Service transfer configurations to meet your organization's compliance and security requirements. This feature is generally available (GA).
Bigtable
A weekly digest of client library updates from across the Cloud SDK.
deps: Update the Java code generator (gapic-generator-java) to 2.47.0 (cdc2cc7)
Cloud Database Migration Service
You can now use additional concurrency settings for heterogeneous Oracle migration jobs with Database Migration Service. This lets you adjust the migration process to better align with your scenario.
For information about creating migration jobs using the new full dump configuration and maximum concurrent connection settings, see:
Cloud Run integrations are discontinued from the Google Cloud console and Google Cloud CLI for new users. If you are an existing user, you will continue to have access until January 2025. No action is required, your deployed services that use these integrations will continue to work. We recommend transitioning to use the individual product experiences for each integration you have deployed. For more information about configuring resources for your services to connect to other Google Cloud products, see Connect to Google Cloud services.
You can now use the Google Cloud Console to create the following load balancers in Premium Tier:
Regional external Application Load Balancer
Regional external proxy Network Load Balancer
Previously, only Standard Tier support was available in the Console.
Previously, the classic external Application Load Balancer had lenient HTTP/2 request parsing
that did not reject requests containing certain invalid characters in the request path. The same requests would have been rejected if they had arrived over HTTP/1 or HTTP/3.
Now, all HTTP requests, including HTTP/2 requests, are rejected if the path contains a character that isn't one of the following:
An allowed ASCII character specified in RFC 3986, sections 3.3 and 3.4.
One of the following special allowed characters: [ ] { } | ^
All other characters must be properly URL encoded.
You can identify rejected requests in the proxy logs by looking for the following:
The VMTD disabled finding category from Virtual Machine Threat Detection is no longer available. For more information about the finding categories that this built-in service provides, see Virtual Machine Threat Detection overview.
Spanner
Spanner Graph now supports the following functions:
DESTINATION_NODE_ID(): gets a unique identifier for a graph edge's destination node.
ELEMENT_ID(): gets a unique identifier for a graph element.
SOURCE_NODE_ID(): gets a unique identifier for a graph edge's source node.
Spanner now supports customer-managed encryption keys (CMEK) to protect databases in custom, dual-region, and multi-region instance configurations. For more information, see Customer-managed encryption keys (CMEK) overview.
A new release is available. This release may include some or all of the
following: general performance improvements, bug fixes, and updates to the
API reference documentation.
Stretched private clouds using `ve2' node types are now available in the following region:
Frankfurt, Germany, Europe (europe-west3)
Google Distributed Cloud (software only) for VMware
Google Distributed Cloud (software only) for VMware 1.28.1100-gke.91 is now available for download. To upgrade, see Upgrade a cluster or a node pool. Google Distributed Cloud 1.28.1100-gke.91 runs on Kubernetes v1.28.14-gke.200.
If you are using a third-party storage vendor, check the GDCV Ready storage partners document to make sure the storage vendor has already passed the qualification for this release.
After a release, it takes approximately 7 to 14 days for the version to become available for use with GKE On-Prem API clients: the Google Cloud console, the gcloud CLI, and Terraform.
The following issue is fixed in 1.28.1100-gke.91:
Fixed the known issue that caused gkectl to display false warnings on admin cluster version skew.
The following vulnerabilities are fixed in 1.28.1100-gke.91:
Google Distributed Cloud (software only) for bare metal
Release 1.28.1100-gke.94
Google Distributed Cloud for bare metal 1.28.1100-gke.94 is now available for download. To upgrade, see Upgrade clusters. Google Distributed Cloud for bare metal 1.28.1100-gke.94 runs on Kubernetes 1.28.
After a release, it takes approximately 7 to 14 days for the version to become available for installations or upgrades with the GKE On-Prem API clients: the Google Cloud console, the gcloud CLI, and Terraform.
If you use a third-party storage vendor, check the Ready storage partners document to make sure the storage vendor has already passed the qualification for this release of Google Distributed Cloud for bare metal.
Fixed an issue where the control plane VIP might become unavailable because Keepalived didn't check correctly that the VIP is on a node with a responsive HAProxy.
The following container image security vulnerabilities have been fixed in 1.28.1100-gke.94:
You can now use NVIDIA H100 80GB GPUs on GKE in the following smaller machine types:
a3-highgpu-1g (1 GPU)
a3-highgpu-2g (2 GPUs)
a3-highgpu-4g (4 GPUs)
These machine types are available through Dynamic Workload Scheduler Flex Start mode, Spot VMs in GKE Standard mode clusters, or Spot Pods in GKE Autopilot mode clusters. You can only provision these machine types if there's available capacity in your region.
GKE continues to support the 8 GPU H100 80GB machine types: a3-highgpu-8g and a3-megagpu-8g.
The new release of the GKE Gateway controller (2024-R2) is now generally available. With this release, the GKE Gateway controller provides the following new capabilities:
In GKE clusters with the control plane running version 1.29.1-gke.1425000 or later, TPU slice nodes support SIGTERM signals that alert the node of an imminent shutdown. The imminent shutdown notification is configurable up to five minutes in TPU nodes. To configure GKE to terminate your workloads gracefully within this notification timeframe, see Manage GKE node disruption for GPUs and TPUs.
(2024-R40) Version updates
GKE cluster versions have been updated.
New versions available for upgrades and new clusters
The following Kubernetes versions are now available for new clusters and for
opt-in control plane upgrades and node upgrades for existing clusters. For more
information on versioning and upgrades, see GKE versioning and support
and Upgrades.
Rapid channel
The following versions are now available in the Rapid channel:
The following versions are no longer available in the Rapid channel:
1.28.14-gke.1175000
1.31.1-gke.1621000
Regular channel
The following versions are no longer available in the Regular channel:
1.28.14-gke.1004000
1.29.8-gke.1278000
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.27 to version 1.28.14-gke.1099000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version 1.29.9-gke.1177000 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version 1.28.14-gke.1099000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version 1.29.9-gke.1177000 with this release.
Stable channel
Version 1.30.4-gke.1348001 is now the default version for cluster creation in the Stable channel.
The following versions are now available in the Stable channel:
The following versions are no longer available in the Stable channel:
1.28.13-gke.1049000
1.29.8-gke.1096000
1.30.3-gke.1969002
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.27 to version 1.28.13-gke.1119000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version 1.29.8-gke.1211000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version 1.30.4-gke.1348001 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version 1.28.13-gke.1119000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version 1.29.8-gke.1211000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.30 to version 1.30.4-gke.1348001 with this release.
The following versions are no longer available in the Extended channel:
1.27.16-gke.1576000
1.28.14-gke.1004000
1.29.8-gke.1278000
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.28 to version 1.28.14-gke.1099000 with this release.
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.29 to version 1.29.9-gke.1177000 with this release.
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.27 to version 1.28.14-gke.1099000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.28 to version 1.29.9-gke.1177000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.29 to version 1.30.4-gke.1348001 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.28 to version 1.28.14-gke.1099000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.29 to version 1.29.9-gke.1177000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.30 to version 1.30.4-gke.1348001 with this release.
(2024-R40) Version updates
The following versions are now available in the Rapid channel:
The following versions are no longer available in the Rapid channel:
1.28.14-gke.1175000
1.31.1-gke.1621000
(2024-R40) Version updates
The following versions are no longer available in the Regular channel:
1.28.14-gke.1004000
1.29.8-gke.1278000
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.27 to version 1.28.14-gke.1099000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version 1.29.9-gke.1177000 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version 1.28.14-gke.1099000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version 1.29.9-gke.1177000 with this release.
(2024-R40) Version updates
Version 1.30.4-gke.1348001 is now the default version for cluster creation in the Stable channel.
The following versions are now available in the Stable channel:
The following versions are no longer available in the Stable channel:
1.28.13-gke.1049000
1.29.8-gke.1096000
1.30.3-gke.1969002
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.27 to version 1.28.13-gke.1119000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version 1.29.8-gke.1211000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version 1.30.4-gke.1348001 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version 1.28.13-gke.1119000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version 1.29.8-gke.1211000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.30 to version 1.30.4-gke.1348001 with this release.
The following versions are no longer available in the Extended channel:
1.27.16-gke.1576000
1.28.14-gke.1004000
1.29.8-gke.1278000
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.28 to version 1.28.14-gke.1099000 with this release.
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.29 to version 1.29.9-gke.1177000 with this release.
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.27 to version 1.28.14-gke.1099000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.28 to version 1.29.9-gke.1177000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.29 to version 1.30.4-gke.1348001 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.28 to version 1.28.14-gke.1099000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.29 to version 1.29.9-gke.1177000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.30 to version 1.30.4-gke.1348001 with this release.
Directed reads are Generally Available. This feature provides the flexibility to route read-only transactions and single reads to a specific replica type or region in a multi-region instance configuration. For more information, see Directed reads.
Vertex AI Agent Builder
Vertex AI Search: CMEK for US and EU (GA) and CMEK with EKM and HSM (GA with allowlist)
Customer-managed encryption keys (CMEK) are Generally available (GA) in the US and the EU. You no longer need to be added to an allowlist to use CMEK. If you store your data in a US or EU multi-region data store, you can provide your own encryption key to protect your data at rest.
Using external key manager (EKM) or hardware security module (HSM) with CMEK is in GA with allowlist.
Cloud SQL for MySQL now supports minor version 8.0.39. To upgrade your existing MySQL 8.0 instance to the new version, see Upgrade the database minor version.
Compute Engine
End of life: On October 31, 2024, SLES 12 SP5 and SLES 12 SP5 for SAP are reaching end of life and the images will be deprecated on Google Cloud. If you use SLES 12 SP5 or SLES 12 SP5 for SAP images in your project, review Long Term Service Support Pack (LTSS) options.
Config Connector
Config Connector version 1.124.0 is now available.
The direct resource development guide is now available for contributors
To improve the Config Connector resource development process, we have a new development guide to contributing resources to Config Connector with the direct reconciliation process. This new approach makes contributing more reliable and consistent with Kubernetes development practices. For more information, read the new Direct resource development guide.
RedisCluster is promoted from alpha to beta (Direct Reconciler).
CertificateManagerDNSAuthorization
Add the spec.Location field.
ComputeForwardingRule
Added spec.target.googleApisBundle field (allowed values are all-apis or vpc-sc). Note, when configuring this field, the resource will use direct reconciliation.
CertificateManagerDNSAuthorization is migrated from the Terraform-based to the new Direct controller to enhance reliability and performance. The resource CRD is unchanged.
Added missing release notes for stretched private cloud availability using ve2 node types in Sydney, Australia, APAC (australia-southeast1-b)
Google Kubernetes Engine
In GKE version 1.31.1-gke.1621000 and later, the kube_pod_resource_request metric and the kube_pod_resource_limit metric are exported as part of the the scheduler metrics package.
Support for toxic combination findings on AWS resources. This feature is available in Preview.
Addition of a new Toxic Combination Cases TTR and Trend widget on the Posture overview page of the Google Security Operations console. The widget details the trends for open and closed toxic combination cases for a specific time range.
October 15, 2024
Artifact Registry
Organization policy constraints for Artifact Registry is available in General Availability.
Hierarchical namespace for Cloud Storage buckets is generally available (GA). With hierarchical namespace, you can store your data in a logical file system structure.
Compute Engine
Generally available: In addition to the A3 High machine type that has 8 NVIDIA H100 GPUs attached, we now have smaller machine types available that have 1, 2, or 4 NVIDIA H100 GPUs attached. These smaller machine types are ideal for workloads such as inference, simulations, and small-scale training.
Some of the BigQuery metadata that is stored in Dataplex Catalog is changing. If you have workloads that depend on BigQuery metadata, you must adjust them to preserve continuity. For more information about the scope of this change and what you need to do, see Changes to BigQuery metadata stored in Dataplex Catalog.
Dataplex is available in Dammam (me-central2). For more information, see Locations and Pricing.
Google Cloud Contact Center as a Service
Version 3.27 is released
All release notes published on this date are part of version 3.27.
The timing of the update to your instance depends on the deployment schedule that you have chosen. For more information, see Deployment schedules.
Spelling and grammar check
The agent adapter now provides spelling and grammar checking. Agents can choose from spelling and grammar suggestions while entering text in the agent adapter. You can enable spelling and grammar check globally or at the queue level. For more information, see Check spelling and grammar.
Voice detection for auto-answer
You can now configure auto-answer to listen for an agent's voice after a call is connected. If no voice is detected after the specified time, the call is considered missed by the agent. For more information, see Auto answer.
Agents in the US and Canada can now make calls to emergency services. Agents in Canada can make calls to other special services. You can set up queues for callback from emergency or special services. For more information, see Set up emergency and special services calling (US and Canada only).
Conversational Agents (Dialogflow CX) is supported in additional regions
Conversational Agents (Dialogflow CX) is now supported in additional regions. This can help you optimize performance by keeping your support agents closer to your services and end-users. For more information, see Regionalization and location settings.
Fixed an issue where queue-level caller announcements were not working properly.
Fixed an issue where multiple contacts could be created for the same contact.
Google Kubernetes Engine
On GKE Autopilot clusters running version 1.30 and later, partner workloads that set AppArmor profiles might unexpectedly be rejected at admission. This might include installations of Prisma Defender, Wiz Runtime Sensor, Sentinel One Agent, Checkpoint CloudGuard, Aqua Security Enforcer and Splunk OTEL Collector.
The following GKE versions contain a fix for this issue:
For newly-created VPC Peering-based clusters running version 1.27 or later, traffic from the kube-apiserver to nodes routes through the Konnectivity service. For existing VPC Peering-based clusters, GKE gradually migrates your cluster to use the Konnectivity service.
You can now create workloads with multiple network interfaces in GKE Autopilot clusters running version 1.29.5-gke.1091000 and later or version 1.30.1-gke.1280000 and later. For more information, see Setup multi-network support for Pods.
Google SecOps
Google SecOps has updated the list of supported default parsers. Parsers are updated gradually, so it might take one to four days before you see the changes reflected in your region.
The following supported default parsers have changed. Each parser is listed by product name and log_type value, if applicable. This list now includes both released default parsers and pending parser updates.
Google SecOps has updated the list of supported default parsers. Parsers are updated gradually, so it might take one to four days before you see the changes reflected in your region.
The following supported default parsers have changed. Each parser is listed by product name and log_type value, if applicable. This list now includes both released default parsers and pending parser updates.
Update actions/checkout action to v4.2.1 (#3520) (ad8175a)
Update actions/upload-artifact action to v4.4.1 (#3521) (dc21975)
Update dependency com.google.apis:google-api-services-bigquery to v2-rev20240919-2.0.0 (#3514) (9fe3829)
Update dependency com.google.cloud:sdk-platform-java-config to v3.37.0 (bf4d37a)
Update github/codeql-action action to v2.26.11 (#3517) (ac736bb)
Update github/codeql-action action to v2.26.12 (#3522) (fdf8dc4)
You can now use fine-grained DML to optimize the execution of UPDATE, DELETE, and MERGE statements on tables. This feature is in Preview.
Cloud Data Fusion
The SAP ODATA batch source plugin version 0.11.5 is available in Cloud Data Fusion version 6.8.0 and later. This release includes the following changes:
Fixed an issue causing pipelines to fail when the source plugin contained nested fields (an array of records): ERROR [Executor task launch worker for task 0.0 in stage 0.0 (TID 0):o.a.s.u.Utils@98] - Aborting task
io.cdap.cdap.api.data.format.UnexpectedFormatException: Schema must be a record with at least one field.
Added a Read Timeout plugin property, which lets you configure the read timeout value for long-running pipelines.
Cloud Logging
A weekly digest of client library updates from across the Cloud SDK.
deps: Update the Java code generator (gapic-generator-java) to 2.47.0 (90b88ee)
Dependencies
Update dependency com.google.cloud:sdk-platform-java-config to v3.37.0 (#1702) (1f7da17)
Cloud Monitoring
You can now use the Monitoring API to configure a metric-based alerting policy to send notifications when incidents are closed. For more information, see AlertStrategy in the Monitoring API documentation.
Cloud Storage
A weekly digest of client library updates from across the Cloud SDK.
Dataproc Clusters created with image versions 2.0.57+, 2.1.5+, or 2.2+: Secondary workers' control plane operations are made by the Dataproc Service Agent service account (service-<project-number>@dataproc-accounts.iam.gserviceaccount.com). They will no longer use the Google APIs Service Agent service account (<project-number>@cloudservices.gserviceaccount.com).
Creating regional secrets using Secret Manager is now in Generally Availability (GA). Regional secrets let you store your sensitive data within a specific geographic location, ensuring it remains in that region at all times – whether at rest, in use, or in transit. Regional secrets are crucial for meeting data residency requirements and complying with regulatory mandates.
For information about all tasks related to creating and managing regional secrets, see the Regional service documentation.
Vertex AI Search: Answers with summaries and follow-ups for blended search apps (GA with allowlist)
The answer method can be used to query blended search apps. You can apply the answer method to blended search apps in the same way that you apply the method to search apps that are connected to only one data store.
This feature is Generally available to select Google customers (GA with allowlist). For more information, see Get answers and follow-ups.
October 13, 2024
Google SecOps SOAR
Release 6.3.22 is currently in Preview.
Gemini Case Summary has been added as a placeholder to playbook actions. You can now use this to show the AI-generated case summary in a playbook action. Note that the playbook will only include this summary if it is available.
NOTE: This bug fix did not get fixed in 6.3.22 but was moved to 6.3.23.
Unexpected behavior between system-wide and user preference localization time zone settings. Following this bug fix, the default time zone is now set to UTC + 1. This does not override the user local settings. The admin needs to change the default time zone to the required time zone if needed. (ID #51914939, #52558921)
The Remote Agent page doesn't display all the integrations and connectors. (ID #53428660)
Advanced Reports not displaying all the information. (ID #52923225, #00298032, #52553071)
Vw Dashboard Alerts HasPlaybook column shows incorrect information. (ID #53304589)
Issue with Siemplify Create or Update Entity action. (ID #53053446)
The search_everything database is displaying incorrect entity values. (ID #52746256)
SDK _get_case_by_id function does not return case tags, even though the case has tags.
Case Close Root Causes may cause errors when removed from playbook. (ID #50942408)
CaseSearchEverything API time zone discrepancies. (ID #52558921)
Playbook errors remain in the Pending Actions widget even after re-running their playbook. (ID #00274123)
Parallel action name changes are not reflecting the subsequent actions in a playbook. (ID #352725736)
October 11, 2024
Apigee UI
On October 11, 2024, we released an updated version of the Apigee UI.
Bug ID
Description
357165778
VerifyIAM policy selection removed for hybrid organizations.
The VerifyIAM policy is not supported for hybrid-enabled Apigee organizations. It has been removed as an option in the Proxy Editor.
372224845
Offline debug page not loading
Fixed issue where the offline debug page would not load if a debug session was loaded elsewhere in the UI previously.
Datastream is now available in the me-central2 (Dammam) region. For the list of all available regions, see IP allowlists and regions.
Google Cloud Architecture Center
(New series) Architecture Framework: AI and ML perspective: Describes principles and recommendations that are specific to AI and ML, for each pillar of the Architecture Framework: operational excellence, security, reliability, cost optimization, and performance optimization.
Google Kubernetes Engine
(2024-R39) Version updates
GKE cluster versions have been updated.
New versions available for upgrades and new clusters
The following Kubernetes versions are now available for new clusters and for
opt-in control plane upgrades and node upgrades for existing clusters. For more
information on versioning and upgrades, see GKE versioning and support
and Upgrades.
Rapid channel
Version 1.31.1-gke.1146000 is now the default version for cluster creation in the Rapid channel.
The following versions are now available in the Rapid channel:
The following versions are no longer available in the Rapid channel:
1.27.16-gke.1373000
1.27.16-gke.1478000
1.29.8-gke.1278000
1.30.5-gke.1014000
1.31.1-gke.1000000
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version 1.29.9-gke.1177000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version 1.30.5-gke.1145000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version 1.31.1-gke.1146000 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version 1.29.9-gke.1177000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version 1.30.5-gke.1145000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.31 to version 1.31.1-gke.1146000 with this release.
Regular channel
Version 1.30.5-gke.1014001 is now the default version for cluster creation in the Regular channel.
The following versions are now available in the Regular channel:
The following versions are no longer available in the Regular channel:
1.27.16-gke.1342000
1.27.16-gke.1373000
1.28.13-gke.1119000
1.29.8-gke.1211000
1.30.4-gke.1348000
1.30.4-gke.1348001
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.27 to version 1.28.14-gke.1004000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version 1.29.8-gke.1278000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version 1.30.5-gke.1014001 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version 1.28.14-gke.1004000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version 1.29.8-gke.1278000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.30 to version 1.30.5-gke.1014001 with this release.
Stable channel
Version 1.30.3-gke.1969002 is now the default version for cluster creation in the Stable channel.
The following versions are now available in the Stable channel:
The following versions are no longer available in the Stable channel:
1.27.16-gke.1148001
1.27.16-gke.1258000
1.27.16-gke.1287000
1.28.13-gke.1024000
1.29.8-gke.1057000
1.30.3-gke.1969001
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.27 to version 1.28.13-gke.1049000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version 1.29.8-gke.1096000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version 1.30.3-gke.1969002 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version 1.28.13-gke.1049000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version 1.29.8-gke.1096000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.30 to version 1.30.3-gke.1969002 with this release.
Extended channel
Version 1.30.5-gke.1014001 is now the default version for cluster creation in the Extended channel.
The following versions are now available in the Extended channel:
The following versions are no longer available in the Extended channel:
1.28.13-gke.1119000
1.29.8-gke.1211000
1.30.4-gke.1348000
1.30.4-gke.1348001
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.28 to version 1.28.14-gke.1004000 with this release.
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.29 to version 1.29.8-gke.1278000 with this release.
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.30 to version 1.30.5-gke.1014001 with this release.
No channel
Version 1.30.5-gke.1014001 is now the default version for cluster creation.
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.27 to version 1.28.14-gke.1004000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.28 to version 1.29.8-gke.1278000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.29 to version 1.30.3-gke.1969002 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.28 to version 1.28.14-gke.1004000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.29 to version 1.29.8-gke.1278000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.30 to version 1.30.3-gke.1969002 with this release.
(2024-R39) Version updates
Version 1.31.1-gke.1146000 is now the default version for cluster creation in the Rapid channel.
The following versions are now available in the Rapid channel:
The following versions are no longer available in the Rapid channel:
1.27.16-gke.1373000
1.27.16-gke.1478000
1.29.8-gke.1278000
1.30.5-gke.1014000
1.31.1-gke.1000000
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version 1.29.9-gke.1177000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version 1.30.5-gke.1145000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version 1.31.1-gke.1146000 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version 1.29.9-gke.1177000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version 1.30.5-gke.1145000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.31 to version 1.31.1-gke.1146000 with this release.
(2024-R39) Version updates
Version 1.30.5-gke.1014001 is now the default version for cluster creation in the Regular channel.
The following versions are now available in the Regular channel:
The following versions are no longer available in the Regular channel:
1.27.16-gke.1342000
1.27.16-gke.1373000
1.28.13-gke.1119000
1.29.8-gke.1211000
1.30.4-gke.1348000
1.30.4-gke.1348001
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.27 to version 1.28.14-gke.1004000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version 1.29.8-gke.1278000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version 1.30.5-gke.1014001 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version 1.28.14-gke.1004000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version 1.29.8-gke.1278000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.30 to version 1.30.5-gke.1014001 with this release.
(2024-R39) Version updates
Version 1.30.3-gke.1969002 is now the default version for cluster creation in the Stable channel.
The following versions are now available in the Stable channel:
The following versions are no longer available in the Stable channel:
1.27.16-gke.1148001
1.27.16-gke.1258000
1.27.16-gke.1287000
1.28.13-gke.1024000
1.29.8-gke.1057000
1.30.3-gke.1969001
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.27 to version 1.28.13-gke.1049000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version 1.29.8-gke.1096000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version 1.30.3-gke.1969002 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version 1.28.13-gke.1049000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version 1.29.8-gke.1096000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.30 to version 1.30.3-gke.1969002 with this release.
(2024-R39) Version updates
Version 1.30.5-gke.1014001 is now the default version for cluster creation in the Extended channel.
The following versions are now available in the Extended channel:
The following versions are no longer available in the Extended channel:
1.28.13-gke.1119000
1.29.8-gke.1211000
1.30.4-gke.1348000
1.30.4-gke.1348001
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.28 to version 1.28.14-gke.1004000 with this release.
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.29 to version 1.29.8-gke.1278000 with this release.
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.30 to version 1.30.5-gke.1014001 with this release.
(2024-R39) Version updates
Version 1.30.5-gke.1014001 is now the default version for cluster creation.
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.27 to version 1.28.14-gke.1004000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.28 to version 1.29.8-gke.1278000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.29 to version 1.30.3-gke.1969002 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.28 to version 1.28.14-gke.1004000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.29 to version 1.29.8-gke.1278000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.30 to version 1.30.3-gke.1969002 with this release.
Security Command Center
Working with findings and resources in the Security Operations console
The ability to work with findings and resources using the Security Operations console is now in General Availability. This feature is available only to Security Command Center Enterprise customers.
The following capabilities were added since the Preview release of this feature:
The autocomplete menu suggests possible values when your write queries in the Query editor. During Preview, the autocomplete menu suggested only filter names and functions.
Your sort and column settings are retained within the current session.
Sensitive Data Protection
The KOREA_DRIVERS_LICENSE_NUMBER infoType detector is available in all regions. For more information about all built-in infoTypes, see InfoType detector reference.
On October 10, 2024, we released an updated version of Apigee.
Apigee no longer limits the number of Cloud projects that can connect to an Apigee instance. Previously, the limit was 50 projects. For each project, you can now create up to 100 Private Service Connect Network Endpoint Groups. The previous limit was 20. For any Apigee instances created before October 10, 2024, you must perform an update to the consumer accept list for an Apigee instance if you want to take advantage of these new limits. See Updating the consumer accept list for an Apigee instance. See also Limits.
BigQuery
BigQuery tables for Apache Iceberg bring the convenience of BigQuery storage optimization to Apache Iceberg tables that reside in your own cloud buckets. BigQuery tables for Apache Iceberg let you use BigQuery without moving data out of buckets that you control. This feature is now in preview.
In the data lineage list view, you can filter lineage information based on the time that lineage occurred. For more information, see About data lineage.
In the data lineage list view, you can filter lineage information based on the time that lineage occurred. For more information, see About data lineage.
Dialogflow
Conversational Agents: The gemini-1.5-flash-001model is generally available (GA) for data store handlers as of August 20, 2024. The gemini-1.5-flash-002 model remains public Preview.
Google Cloud Deploy
You can now block rollouts during a specified time window, using deploy policies, in preview.
Cloud Deploy now uses Skaffold 2.13 as the default Skaffold version, as of October 4, 2024, for all target types.
Google Distributed Cloud (software only) for VMware
Google Distributed Cloud (software only) for VMware 1.30.200-gke.101 is now available for download. To upgrade, see Upgrade a cluster or a node pool. Google Distributed Cloud 1.30.200-gke.101 runs on Kubernetes v1.30.4-gke.1800.
If you are using a third-party storage vendor, check the GDCV Ready storage partners document to make sure the storage vendor has already passed the qualification for this release.
After a release, it takes approximately 7 to 14 days for the version to become available for use with GKE On-Prem API clients: the Google Cloud console, the gcloud CLI, and Terraform.
Removed TLS/SSL weak message authentication code cipher suites in the vSphere cloud controller manager.
The following issues are fixed in 1.30.200-gke.101:
Fixed the known issue that caused migrating a user cluster to Controlplane V2 to fail if secrets encryption had ever been enabled.
Fixed the known issue that caused migrating an admin cluster from non-HA to HA to fail if secret encryption was enabled.
Fixed the issue that caused the Pre-upgrade tool to block upgrading a user cluster to version 1.30 or higher because of an incorrect storage driver validator check.
The following vulnerabilities are fixed in 1.30.200-gke.101:
Google Distributed Cloud (software only) for bare metal
Release 1.30.200-gke.101
Google Distributed Cloud for bare metal 1.30.200-gke.101 is now available for download. To upgrade, see Upgrade clusters. Google Distributed Cloud for bare metal 1.30.200-gke.101 runs on Kubernetes 1.30.
After a release, it takes approximately 7 to 14 days for the version to become available for installations or upgrades with the GKE On-Prem API clients: the Google Cloud console, the gcloud CLI, and Terraform.
If you use a third-party storage vendor, check the Ready storage partners document to make sure the storage vendor has already passed the qualification for this release of Google Distributed Cloud for bare metal.
Updated the bmctl update command to identify differences (if any) between the preview feature annotations in the cluster configuration file and the annotations in the deployed Cluster resource.
Fixes:
Fixed an issue where the control plane VIP might become unavailable because Keepalived didn't check correctly that the VIP is on a node with a responsive HAProxy.
Fixed Cloud Audit Logging failure due to allowlisting issue with multiple project IDs.
The following container image security vulnerabilities have been fixed in 1.30.200-gke.101:
The following cart conversion are now available in the New Search Ads 360 connector:
Orders (Cart)
Avg. cart size
Avg. order value
Cross-sell cost of goods sold
Cross-sell gross profit
Cross-sell revenue
Cross-sell units sold
Lead cost of goods sold
Lead gross profit
Lead revenue
Lead units sold
Cost of goods sold
Gross profit
Revenue (Cart)
Units sold (Cart)
Sensitive Data Protection
The INDONESIA_PASSPORT infoType detector is available in all regions. For more information about all built-in infoTypes, see InfoType detector reference.
Spanner
Spanner now lets you create incremental backups through a backup schedule. You can specify when and how often backups are created, and how long they're retained.
An incremental backup contains only the data that has changed since the previous backup. Incremental backups typically consume less storage, and can help reduce your storage costs.
Incremental backups are available on the Enterprise and Enterprise Plus editions.
For more information about incremental backups, see Backups overview.
Spanner is now available on Database Center in Preview. You can track your Spanner resources in the fleet inventory section and the resource table in the Database Center. You can also use Database Center to monitor the following health issues for your Spanner resources:
An open-source Cassandra to Spanner proxy adapter is now available. You can use it to migrate workloads from Cassandra or DataStax Enterprise (DSE) to Spanner without making any changes to your application logic. For more information, see Cassandra to Spanner proxy adapter.
reCAPTCHA
reCAPTCHA Mobile SDK v18.7.0-beta01 is now available for Android.
This version contains a dependency on com.google.android.gms:play-services-recaptchabase for enhanced detection.
You can now view and apply workload updates to ensure that your workloads are using the most recent control package configuration. This feature is available in the Preview stage.
Ops Agent release 2.51.0 adds support for Compute Engine Arm VMs that are running Rocky Linux 8.
Cloud Monitoring
With the Ops Agent version 2.51.0, you can now collect a set of observability metrics from NVIDIA Data Center GPU Manager (DCGM). For more information, see NVIDIA Data Center GPU Manager (DCGM).
Your App Hub applications are now writing metadata labels. You can use these labels to filter the data displayed by a chart or monitored by an alerting policy. App Hub labels have the prefix of apphub_.
From the context of an App Hub host, you can now view system metrics for your applications. To view system metrics stored in multiple projects, configure the metrics scope of the App Hub host project. For more information, see the following documents:
Ops Agent release 2.51.0 adds support for Compute Engine Arm VMs that are running Rocky Linux 8.
Cloud SQL for SQL Server
Cloud SQL configures the max server memory (mb) flag based on the instance size automatically by limiting the amount of memory that SQL Server can allocate for its internal pools. For more information, see Configure database flags.
You can export the transaction logs for point-in-time recovery (PITR) that Cloud SQL stores in Cloud Storage. This feature is in Preview.
Compute Engine
Public preview: Instance flexibility in a managed instance group (MIG) lets you configure multiple machine types in the group. This can improve resource availability for applications that require large-scale capacity and high-demand hardware. For more information, see
About instance flexibility in MIGs.
Generative AI on Vertex AI
The Vertex AI Gemini API SDK supports tokenization capabilities for local token counting and computation. This is a streamlined way to compute tokens locally, ensuring compatibility across different Gemini models and their tokenizers. Supported models include gemini-1.5-flash and gemini-1.5-pro . To learn more, see Count tokens.
Cloud Armor support for regional internal Application Load Balancers is Generally Available. You can use the regional backend security policy type with this load balancer. For more information, see types of security policies.
Google Cloud VMware Engine
VMware Engine ve2 nodes are available in Frankfurt, Germany, Europe (europe-west3-b).
VMware Engine ve1 nodes are available in Jurong West, Singapore, APAC (asia-southeast1-b).
Looker
Looker 24.18 includes the following changes, features, and fixes:
Expected Looker (original) deployment start: Monday, October 14, 2024
Expected Looker (original) final deployment and download available: Thursday, October 24, 2024
Expected Looker (Google Cloud core) final deployment: Monday, October 28, 2024
As of Looker 24.18, Google Maps is the only visualization engine for all map visualizations. The Legacy Maps chart type has been removed from Looker. The Allow Legacy Maps Legacy feature has been removed. Please reach out to Looker Support if you encounter any issues.
Note: As of October 17, 2024, this feature has been disabled to resolve an issue. When the feature is available, this release note will be updated. In Looker application API methods that include a query_id field, or, in the case of Query APIs, an id field, the query_id and id fields no longer accept a numeric value and now require a query slug value.
The LookML validator will now return an error if an Explore name contains the % character. The % character will also be highlighted as an invalid character for object names in the Looker IDE.
The Studio in Looker feature is now available to preview for most Looker-hosted and Looker (Google Cloud core) instances. This opt-in feature lets you create, view, and edit Looker Studio reports in your Looker instance, including both governed and ad hoc data. You can share and manage your reports in Looker folders and see your recent reports and the reports that you have marked as favorites from the Looker Home page.
For more information, see the Studio in Looker Public Preview documentation:
Both Looker (Google Cloud core) customers and Looker (original) customers who use Google OAuth for authentication must sign up for the preview using the Sign-up for Looker Cloud Core form. Looker (Google Cloud core) customers who use Google OAuth authentication only need to submit the form once.
Looker (original) customers who use authentication methods other than Google OAuth do not need to submit the sign-up form.
Note: This release notes item was updated on October 10, 2024 to include the list of Public Preview documents. This release note was also updated on October 15, 2024 to clarify which customers are required to submit the sign-up form.
The Chart Config Editor now lets you change the data label color.
The Chart Config Editor now supports a {log} variable, which returns all available data values for an attribute. We recommend that you use this feature only while building and testing visualizations, as it can affect visualization performance.
Improved search now returns more complete results for folders and Explores.
The Home page now displays updated Favorites and Recently Viewed sections.
The Explore query tracker is now generally available. The query tracker includes a progress bar that appears in the Explore UI when a query is running and that tracks the phases of the query. The GA release includes a new sidebar with a detailed breakdown of times for each query stage as well as a new System Activity dashboard for query performance that enables deeper exploration. Note: This item was added to the release notes on October 10, 2024.
An issue has been fixed where the model_fieldname_suggestions API failed to generate suggestions when a suggest_explore and suggest_dimension were defined. This feature now performs as expected.
When a field is referenced in a SQL field that does not allow field references, such as sql_table_name, the LookML validator message that is returned is now more descriptive.
Previously, interacting with chart legends could impact visualization performance. This feature now performs as expected.
The Get Async Query Results API now returns a string rather than a QueryTask object.
An issue that was preventing users from downloading or scheduling dashboards without any tiles has been resolved. This feature now performs as expected.
An issue has been fixed where heatmaps would not render data when switching from a legacy map to a Google Maps visualization. This feature now performs as expected. Note: As of Looker 24.18, Google Maps is the only visualization engine for all map visualizations.
Previously, drilling on values with ampersands would return incomplete results. This feature now performs as expected.
The filters tab in the Save to Dashboard dialog in an Explore now scrolls when there are many filters present.
Looker now loads projects faster when a user first enters dev mode for a project.
Cloud Audit Log is now generally available for Looker (Google Cloud Core) instances.
You can use the BigQuery Quickstart connection to create a default BigQuery connection that can leverage Application Default Credentials.
The principal_subject attribute in the Cloud audit logs now includes the Looker user ID.
The Propose to switch to google map if mapbox fails within the dashboard Looker Labs feature has been removed. All map visualizations are now rendered with Google Maps.
The Dashboard in Drill Menus Looker Labs feature has been removed. Use the LookML link parameter instead.
SAP on Google Cloud
SAP HANA: support for deploying striped disk to host the data directory
To enable you to deploy striped disks for hosting the /hana/data directory, we have done the following:
Updated our documentation with the minimum sizes for SSD-based
Persistent Disk and Hyperdisk volumes.
Introduced deployment automation support through the
enable_data_striping Terraform argument. You can use this argument to
provision a striped disk to host the /hana/data directory while deploying
SAP HANA scale-up, scale-up HA, and scale-out HA systems with Terraform.
This argument is available from version 1.3.674800406 of the Terraform
modules sap_hana and sap_hana_ha, provided by Google Cloud. For more
information, see the deployment guide for your
SAP HANA scenario.
Google Cloud's Agent for SAP version 3.6
Version 3.6 of Google Cloud's Agent for SAP is generally available (GA). This version introduces striped disk support for SAP HANA backup and recovery by using the disk snapshot feature, metric enhancements for monitoring SAP HANA, and other minor enhancements.
Install new version of the Security Command Center Enterprise use case
The installation and configuration of a new version of the SCC Enterprise - Cloud Orchestration & Remediation use case in the Security Operations console is required for the toxic combination functionality of Security Command Center Enterprise. The new use case, identified by date October 9, 2024, introduces a new widget, an updated ingestion logic, and other enhancements to support the management of toxic combination findings and cases in the Security Operations console.
On October 8, 2024 we released an updated version of Advanced API Security.
Note: Rollouts of this release to production instances will begin within two business days and may take four or more business days to complete across all Google Cloud zones. Your instances may not have the feature available until the rollout is complete.
New features added to the Risk Assessment v2 preview
This release introduces new features to the Risk Assessment v2 preview:
Support for custom security profiles. You can create your own security profiles, with unique combinations of risk assessment checks and weights, to use for proxy risk assessment.
New assessment checks. We've added additional checks you can use when assessing proxy risk.
Assess proxies across multiple profiles. You can now switch between security profiles to see differences in scoring across profiles.
Additionally, if you have API Hub enabled in your project, then Gemini can assist you to provide contextually appropriate Call REST Endpoint tasks and task configuration recommendations based on the logical flow of your existing integration. For more information see, Configure Call REST API tasks.
BigQuery
You can now use pipe syntax anywhere you write GoogleSQL. Pipe syntax supports a linear query structure designed to make your queries easier to read, write, and maintain. This feature is in Preview.
Bigtable
Hot backups, optimized backups to restore your data to production performance availability more efficiently, are now generally available (GA). For more information, see Backups overview.
Database Migration Service for homogeneous PostgreSQL migrations to Cloud SQL does not automatically enable point-in-time recovery (PITR) for the destination instance when you promote the migration job. You can enable PITR after the migration is complete.
Preview: An updated version of the gVNIC driver for Windows offers improved network performance and support for Jumbo frames. For more information, see Update to the latest gVNIC driver for Windows.
Deploying an index with Private Service Connect automation is generally available (GA). You can set up a service connection policy so that you don't have to manually create a compute address and forwarding rule after each index deployment.
Update dependency com.google.cloud:gapic-libraries-bom to v1.45.0 (#2363) (9d24c45)
Cloud Logging
You can now include pipe syntax in the SQL queries you run on the Log Analytics page. For more information, see the BigQuery documentation about pipe syntax.
A weekly digest of client library updates from across the Cloud SDK.
Spanner now lets you create and manage backup schedules. You can use backup schedules to meet your organization's data protection and compliance needs. You can specify the following when creating a backup schedule:
When and how often your databases are backed up.
The retention duration of the backups created.
The encryption type of the backups created.
For more information about backup schedules, see
Backups overview.
Speech-to-Text
Speech-to-Text has updated the Generally Available Chirp 2 model, further enhancing its ASR accuracy and multilingual capabilities. Under the existing chirp_2 model flag, you can experience significant improvements in accuracy and speed, as well as support for word-level timestamps, model adaptation, and speech translation. Finally, Chirp 2 can support Streaming Recognizer requests, in addition to the already supported Sync and Batch Recognition requests, allowing its use in realtime applications.
Explore the new chirp_2 model's capabilities and learn how to leverage its full potential by visiting our updated documentation and tutorials.
Workload Manager
Preview: Workload Manager now supports deploying Microsoft SQL Server workloads on Google Cloud. You can configure and deploy a SQL Server system using the Guided Deployment Automation tool in Workload Manager. For more information, see Overview of SQL Server deployment.
By default, local logging for new integrations is now enabled in async mode. With this change, the log data is persisted (written) at fixed intervals or after the completion of the integration's execution, whichever is earlier. You can change the default settings by editing the integration details.
Diagram mode in the Data Transformer Task (Preview)
The Diagram mode provides a console-based experience to select the input and output variables and perform transformations in the data transformation editor. For more information, see the Data Transformer task.
If you have executions that are suspended due to an approval task or a technical issue, you can now choose to cancel those executions. For more information, see Cancel executions.
Google SecOps
When performing a search on entities in the SOAR search page, you can now focus on more precise results by using the new condition Equals, in addition to the default condition Contains.
When performing a search on entities in the SOAR search page, you can now focus on more precise results by using the new condition Equals, in addition to the default condition Contains.
October 04, 2024
Apigee Advanced API Security
On October 4, 2024 we released an updated version of Advanced API Security.
Fixed: Delay in score generation for Risk Assessment v2 with VPC-SC-enabled organizations only
In Risk Assessment v2, which is in preview, this issue has been resolved:
With VPC-SC-enabled organizations only, when generating scores for new organizations or scoring changes to included proxies, shared flows, and target server configurations, score generation could have take as much as three hours.
New analytics and debug data pipeline for data residency-enabled orgs
Newly created Apigee hybrid v1.13.1 orgs created with data residency enabled can use a new data pipeline to collect analytics and debug data and allow various runtime components to write data directly to our control plane. You cannot use the new data pipeline with non data residency-enabled orgs; only new orgs created on hybrid v1.13.1 can use this new feature. For details, see Using data residency with Apigee hybrid.
Bug ID
Description
364282883
Remove check for dc-expansion flag and add timeout to multi-region seed host connection test.
362305438
You can now add additional env variables to the runtime component.
353527851
WebSocket connection drops when using VerifyJwt or OAuthV2 VerifyJWTAccessToken operations.
351440306
An issue was fixed where trace could not be viewed in the UI for orgs with DRZ enabled.
338638343
An ID is now added at the end of apigee-env and virtualhost guardrails pods to make the pod names unique.
Bug ID
Description
N/A
Security fixes for apigee-open-telemetry-collector. This addresses the following vulnerability:
A new release is available. This release may include some or all of the
following: general performance improvements, bug fixes, and updates to the
API reference documentation.
The following beta APIs were added in Kubernetes 1.31 and are available in GKE version 1.31.1-gke.1361000 and later:
networking.k8s.io/v1beta1/ipaddresses
networking.k8s.io/v1beta1/servicecidrs
Enabling both APIs at the same time enables the Multiple Service CIDRs Kubernetes feature in a GKE cluster. For more information, see the following resources:
During the beta phase, you can only create Service CIDRs in the 34.118.224.0/20 reserved IP address range to avoid possible issues with overlapping IP address ranges.
Ray Operator on GKE is now generally available on 1.29 and later. Ray Operator is a GKE add-on that lets you manage and scale Ray applications. To learn more, see the Ray Operator documentation.
CVE-2024-45016 was discovered in the Linux kernel, which can lead to a privilege escalation on Container-Optimized OS and Ubuntu nodes.
Spanner now supports the SAFE_TO_JSON function in GoogleSQL-dialect databases. You can use this function to convert SQL objects to JSON objects. Unlike TO_JSON, this function converts invalid JSON types to JSON null values, rather than errors.
October 03, 2024
Access Context Manager
Generally available: App allowlist support for context-aware access
You can now create an access binding with a map of applications to access levels to apply
access levels to specific applications, avoiding unintended effects on other applications. For more information, see Create an access binding with a map of applications to access levels.
Apigee UI
On October 3, 2024, we released an updated version of the Apigee UI.
Bug ID
Description
369647749
Proxy deployment units counts include shared flows
Fixed issue where proxy deployment unit counts in the UI did not take into account shared flow deployments.
369385955
Fixed the display of the Apigee apps list
Resolved an issue causing Apigee apps to display incorrectly in the Apps list when the search bar is used for filtering.
361497390
Updated the description and calculation of Apigee deployment quotas
The deployment quota displayed on the Apigee overview page now correctly describes and calculates the value of all proxy deployment units, including both API proxy and shared flow deployments across all environments./p>
You can upload containerized metadata about another container image to Artifact Registry as an attachment. To learn more, see Manage container metadata.
[New] Connector authentication on Google Cloud VMs:
The connector now supports authentication through Application Default
Credentials using the Google internal metadata server, eliminating the
need for a keyfile. This feature works only on Google Cloud Compute Engine VMs.
[Resolved] The output for PrimaryKeys previously denoted the Key Sequence
as a 0-indexed value. This has been corrected to a 1-indexed value,
indicating the sequential order of the primary key's column within the
primary key itself.
Cloud SQL for MySQL
You can now configure server certificate authority (CA) mode when you create a Cloud SQL instance. With server CA mode, you have two options:
Per-instance CA: this is the default configuration. With this option, an internal CA dedicated to each Cloud SQL instance signs the
server certificate for that instance.
Shared CA: with this option, the Cloud SQL instance uses a CA hierarchy consisting of a root CA and subordinate server CAs managed by Cloud SQL and hosted on Google Cloud Certificate Authority Service (CA Service). The subordinate server CAs in a region sign the server certificates and are shared across instances in the region. This option can be used only with MySQL 8.0.30 and later.
The pg_ivm extension, version 1.9, is generally available. This extension enables you to make materialized views up-to-date in which only incremental changes are computed and applied on views rather than recomputing the contents from scratch.
Cloud SQL for PostgreSQL, version 16, now supports the pgRouting extension. This extension extends PostGIS and enhances geospatial processing through network routing and analysis.
The rollout of the following minor versions, extension versions, and plugin versions is underway:
Minor versions
12.19 is upgraded to 12.20.
13.15 is upgraded to 13.16.
14.12 is upgraded to 14.13.
15.7 is upgraded to 15.8.
16.3 is upgraded to 16.4.
Extension and plugin versions
google_ml_integration is upgraded from 1.2 to 1.4.2.
pgvector is upgraded from 0.7.0 to 0.7.4.
If you use a maintenance window, then the updates to the minor, extension, and plugin versions happen according to the timeframe that you set in the window. Otherwise, the updates occur within the next few weeks.
The new maintenance version is [PostgreSQL version].R20240910.01.00_02. To learn how to check your maintenance version, see Self service maintenance. To find your maintenance window or to manage maintenance updates, see Find and set maintenance windows.
You can now configure server certificate authority (CA) mode when you create a Cloud SQL instance. With server CA mode, you have two options:
Per-instance CA: this is the default configuration. With this option, an internal CA dedicated to each Cloud SQL instance signs the
server certificate for that instance.
Shared CA: with this option, the Cloud SQL instance uses a CA hierarchy consisting of a root CA and subordinate server CAs managed by Cloud SQL and hosted on Google Cloud Certificate Authority Service (CA Service). The subordinate server CAs in a region sign the server certificates and are shared across instances in the region.
You can now configure server certificate authority (CA) mode when you create a Cloud SQL instance. With server CA mode, you have two options:
Per-instance CA: this is the default configuration. With this option, an internal CA dedicated to each Cloud SQL instance signs the
server certificate for that instance.
Shared CA: with this option, the Cloud SQL instance uses a CA hierarchy consisting of a root CA and subordinate server CAs managed by Cloud SQL and hosted on Google Cloud Certificate Authority Service (CA Service). The subordinate server CAs in a region sign the server certificates and are shared across instances in the region.
Gemini in Colab Enterprise, which is a product in the Gemini for Google Cloud portfolio, is generally available. Gemini in Colab Enterprise helps you write code by suggesting code as you type. You can also use the Help me code tool to generate code from a description of what you want.
Gemini in Colab Enterprise is available to try at no cost through December 31, 2024.
Google Distributed Cloud (software only) for VMware
Google Distributed Cloud (software only) for VMware 1.29.600-gke.109 is now available for download. To upgrade, see Upgrade a cluster or a node pool. Google Distributed Cloud 1.29.600-gke.109 runs on Kubernetes v1.29.8-gke.1800.
If you are using a third-party storage vendor, check the GDCV Ready storage partners document to make sure the storage vendor has already passed the qualification for this release.
After a release, it takes approximately 7 to 14 days for the version to become available for use with GKE On-Prem API clients: the Google Cloud console, the gcloud CLI, and Terraform.
Removed TLS/SSL weak message authentication code cipher suites in the vSphere cloud controller manager.
Fixed the following vulnerabilities in 1.29.600-gke.109:
New versions available for upgrades and new clusters
The following Kubernetes versions are now available for new clusters and for
opt-in control plane upgrades and node upgrades for existing clusters. For more
information on versioning and upgrades, see GKE versioning and support
and Upgrades.
Rapid channel
Version 1.31.1-gke.1000000 is now the default version for cluster creation in the Rapid channel.
The following versions are no longer available in the Rapid channel:
1.27.16-gke.1342000
1.28.13-gke.1119000
1.28.14-gke.1004000
1.29.8-gke.1211000
1.30.4-gke.1348000
1.31.0-gke.1577000
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.26 to version 1.27.16-gke.1373000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.27 to version 1.28.14-gke.1099000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version 1.29.8-gke.1278000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version 1.30.5-gke.1014000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version 1.31.1-gke.1000000 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.27 to version 1.27.16-gke.1373000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version 1.28.14-gke.1099000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version 1.29.8-gke.1278000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version 1.30.5-gke.1014000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.31 to version 1.31.1-gke.1000000 with this release.
Regular channel
Version 1.30.4-gke.1348000 is now the default version for cluster creation in the Regular channel.
The following versions are now available in the Regular channel:
The following versions are no longer available in the Regular channel:
1.27.16-gke.1287000
1.28.13-gke.1049000
1.29.8-gke.1096000
1.30.3-gke.1969001
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.26 to version 1.27.16-gke.1342000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.27 to version 1.28.13-gke.1119000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version 1.29.8-gke.1211000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version 1.30.4-gke.1348000 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.27 to version 1.27.16-gke.1342000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version 1.28.13-gke.1119000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version 1.29.8-gke.1211000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.30 to version 1.30.4-gke.1348000 with this release.
Stable channel
The following versions are now available in the Stable channel:
The following versions are no longer available in the Stable channel:
1.28.13-gke.1006000
1.29.8-gke.1031000
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.27 to version 1.28.13-gke.1024000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version 1.29.8-gke.1057000 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version 1.28.13-gke.1024000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version 1.29.8-gke.1057000 with this release.
Extended channel
Version 1.30.4-gke.1348000 is now the default version for cluster creation in the Extended channel.
The following versions are now available in the Extended channel:
The following versions are no longer available in the Extended channel:
1.27.16-gke.1287000
1.28.13-gke.1049000
1.29.8-gke.1096000
1.30.3-gke.1969001
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.27 to version 1.27.16-gke.1342000 with this release.
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.28 to version 1.28.13-gke.1119000 with this release.
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.29 to version 1.29.8-gke.1211000 with this release.
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.30 to version 1.30.4-gke.1348000 with this release.
No channel
Version 1.30.4-gke.1348000 is now the default version for cluster creation.
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.26 to version 1.27.16-gke.1342000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.27 to version 1.28.13-gke.1119000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.28 to version 1.29.8-gke.1211000 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.27 to version 1.27.16-gke.1342000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.28 to version 1.28.13-gke.1119000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.29 to version 1.29.8-gke.1211000 with this release.
(2024-R38) Version updates
Version 1.31.1-gke.1000000 is now the default version for cluster creation in the Rapid channel.
The following versions are no longer available in the Rapid channel:
1.27.16-gke.1342000
1.28.13-gke.1119000
1.28.14-gke.1004000
1.29.8-gke.1211000
1.30.4-gke.1348000
1.31.0-gke.1577000
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.26 to version 1.27.16-gke.1373000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.27 to version 1.28.14-gke.1099000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version 1.29.8-gke.1278000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version 1.30.5-gke.1014000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version 1.31.1-gke.1000000 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.27 to version 1.27.16-gke.1373000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version 1.28.14-gke.1099000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version 1.29.8-gke.1278000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version 1.30.5-gke.1014000 with this release.
Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.31 to version 1.31.1-gke.1000000 with this release.
(2024-R38) Version updates
Version 1.30.4-gke.1348000 is now the default version for cluster creation in the Regular channel.
The following versions are now available in the Regular channel:
The following versions are no longer available in the Regular channel:
1.27.16-gke.1287000
1.28.13-gke.1049000
1.29.8-gke.1096000
1.30.3-gke.1969001
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.26 to version 1.27.16-gke.1342000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.27 to version 1.28.13-gke.1119000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version 1.29.8-gke.1211000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version 1.30.4-gke.1348000 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.27 to version 1.27.16-gke.1342000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version 1.28.13-gke.1119000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version 1.29.8-gke.1211000 with this release.
Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.30 to version 1.30.4-gke.1348000 with this release.
(2024-R38) Version updates
The following versions are now available in the Stable channel:
The following versions are no longer available in the Stable channel:
1.28.13-gke.1006000
1.29.8-gke.1031000
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.27 to version 1.28.13-gke.1024000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version 1.29.8-gke.1057000 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version 1.28.13-gke.1024000 with this release.
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version 1.29.8-gke.1057000 with this release.
(2024-R38) Version updates
Version 1.30.4-gke.1348000 is now the default version for cluster creation in the Extended channel.
The following versions are now available in the Extended channel:
The following versions are no longer available in the Extended channel:
1.27.16-gke.1287000
1.28.13-gke.1049000
1.29.8-gke.1096000
1.30.3-gke.1969001
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.27 to version 1.27.16-gke.1342000 with this release.
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.28 to version 1.28.13-gke.1119000 with this release.
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.29 to version 1.29.8-gke.1211000 with this release.
Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.30 to version 1.30.4-gke.1348000 with this release.
(2024-R38) Version updates
Version 1.30.4-gke.1348000 is now the default version for cluster creation.
Auto-upgrade targets are now available for the following minor versions:
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.26 to version 1.27.16-gke.1342000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.27 to version 1.28.13-gke.1119000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.28 to version 1.29.8-gke.1211000 with this release.
The following patch-only version auto-upgrade targets are now available for clusters with maintenance exclusions or other factors preventing minor version upgrades:
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.27 to version 1.27.16-gke.1342000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.28 to version 1.28.13-gke.1119000 with this release.
Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.29 to version 1.29.8-gke.1211000 with this release.
If you have a VPC network that consumes a service offered through private services access, you can use a Network Connectivity Center producer VPC spoke to make the service reachable by other spokes on a hub.
Security Command Center
GKE Security Posture vulnerability findings now support attack exposure scores
GKE runtime OS vulnerability findings detected by GKE Security Posture in Google Cloud are now scored by attack path simulations. Use these attack exposure scores on vulnerabilities to help secure the resources that are the most valuable to your business and to address the most significant vulnerabilities in your GKE clusters. For more information, see Attack exposure scores.
Sovereign Controls by Partners
Cloud Run and Filestore are now supported by the following control packages. See supported products for more information:
You can now create an external dataset in BigQuery that links to an existing database in Spanner. This feature is in Preview.
October 02, 2024
Agent Assist
Agent Assist now offers a native UI Connector with Twilio Flex to integrate with voice conversations. See the documentation for details.
AlloyDB for PostgreSQL
The alloydb_scann extension (previously named postgres_scann) is generally available (GA) for the AlloyDB service in Google Cloud. For more information about storing vector embeddings, creating indexes, and tuning indexes to achieve faster query performance and better recall, see Work with vectors.
AlloyDB Omni is in Limited Availability on the Aiven Platform. Aiven provides managed AlloyDB Omni as a service on multiple public clouds. For more information, see Store your data on any major cloud.
Apigee X
On October 2, 2024, we released an updated version of Apigee.
With this release, all remaining Apigee API Management organizations with Subscription 2021 contracts have been upgraded to introduce standard and extensible API proxy features.
To learn more about:
Standard and Extensible API Proxy types, see API Proxy types.
Subscription Apigee organizations (without hybrid entitlements) upgraded in this release will see changes to the user experience in the Classic Apigee UI. To support management of the upgraded functionality now available to these organizations, a number of feature administration pages are now only available in the Apigee UI in Cloud console.
Google Distributed Cloud (software only) for VMware
Google Distributed Cloud (software only) for VMware 1.30.100-gke.96 is now
available for
download.
To upgrade, see Upgrade a cluster or a node
pool.
Google Distributed Cloud 1.30.100-gke.96 runs on Kubernetes v1.30.4-gke.1800.
If you are using a third-party storage vendor, check the GDCV Ready storage
partners
document to make sure the storage vendor has already passed the qualification
for this release.
After a release, it takes approximately 7 to 14 days for the version to become
available for use with GKE On-Prem API
clients:
the Google Cloud console, the gcloud CLI, and Terraform.
Fixed the following issues in 1.30.100-gke.96:
Fixed the known issue where updating dataplaneV2.forwardMode didn't automatically trigger anetd DaemonSet restart.
Fixed the following vulnerabilities in 1.30.100-gke.96:
The FLOAT32 (GoogleSQL) and float4/real (PostgreSQL) data types are Generally Available.
October 01, 2024
Agent Assist
Agent Assist now offers Live transcription adaptation in preview. See the documentation for more details.
Anthos Attached Clusters
This release includes the following GKE attached clusters platform versions. Click on the following links to see the release notes associated with these patches:
You can now launch clusters with the following Kubernetes versions. Click on the following links to see the release notes associated with these patches:
You can now launch clusters with the following Kubernetes versions. Click on the following links to see the release notes associated with these patches:
A new major engine version is now available for Retail and Commercial lines of business, within the v4 tuning version. This includes:
New recommended field counterparty_account.region_code added to the Transaction table.
The new engine version uses this field to account for risks associated with the region of the counterparty account.
Cloud Composer
(Available without upgrading) Fixed the cause of DAG run failures for runs created from the Cloud Console when the [scheduler]allowed_run_id_pattern Airflow configuration option is set to a custom value.
(Airflow 2.9.3 and 2.9.1) The apache-airflow-providers-google package was upgraded to version 10.23.0 in Cloud Composer 2 images and Cloud Composer 3 builds. For more information about changes, see the apache-airflow-providers-google changelog from version 10.22.0 to version 10.23.0.
(Airflow 2.9.3 and 2.9.1) The apache-airflow-providers-cncf-kubernetes package was upgraded to version 8.4.2 in Cloud Composer 2 images and Cloud Composer 3 builds. For more information about changes, see the apache-airflow-providers-cncf-kubernetes changelog from version 8.4.1 to version 8.4.2.
Cloud SQL for MySQL 8.4 is now generally available. For more information about the differences between MySQL 8.4 and MySQL 8.0, review What Is New in MySQL 8.4 since MySQL 8.0.
By default, if you specify MySQL 8.4 as the version when you create a Cloud SQL instance (either primary or replica) using the gcloud CLI or the REST API, then the Cloud SQL edition is Enterprise Plus.
If you specify a version other than MySQL 8.4 or don't specify a version, then the default Cloud SQL edition of the instance is Enterprise.
For more information about the implementation of MySQL 8.4 in Cloud SQL, see the following topics:
You can now use the gcloud sql instances patch command to update the time zone of your Cloud SQL for SQL Server instance after you create the instance. Previously, you could only set a custom time zone for a SQL Server instance when you first created the instance. For more information about setting the time zone for a Cloud SQL for SQL Server instance, see About instance settings.
Cloud Service Mesh
The following images are now rolling out for managed Cloud Service Mesh:
1.19.10-asm.19 is rolling out to the rapid release channel.
1.19.10-asm.19 is rolling out to the regular release channel.
1.19.10-asm.19 is rolling out to the stable release channel.
1.19.10-asm.19 contains the fixes for the security vulnerabilities listed in GCP-2024-052 and uses Envoy v1.27.7.
A known issue with asmcli for 1.23 is now fixed. Customers might have seen the following error when attempting to install in-cluster Cloud Service Mesh 1.23:
asmcli: Downloading ASM..
gzip: stdin: not in gzip format
tar: Child returned status 1
tar: Error is not recoverable: exiting now
A new version of asmcli with the fix has released.
Config Controller
Config Controller now uses the following versions of its included products:
They were internally upgraded to a higher quality model.
The labeling system has been upgraded to use the latest version of the OCR model.
v1.2 is recommended for the best quality. v1.3 is recommended for the lowest latency.
We recommend creating a new processor and relabeling the training and evaluation documents to benefit from both the improved quality with the new processor versions of Custom Extractor (v1.2 and v1.3) and the enhanced labeling system.
Firestore
You can now use customer-managed encryption keys (CMEK) in Firestore to protect your data. This feature is generally available (GA) behind an allow-list.
You can now use customer-managed encryption keys (CMEK) in Datastore to protect your data. This feature is generally available (GA) behind an allow-list.
Grounding: Dynamic retrieval for grounded results (GA)
Dynamic retrieval lets you choose when to turn off grounding with Google Search. This is useful when a prompt doesn't require an answer grounded in Google Search, and the supported models can provide an answer based on their knowledge without grounding. Dynamic retrieval helps you manage latency, quality, and cost more effectively.
Google Distributed Cloud (software only) for bare metal
Release 1.29.600-gke.108
Google Distributed Cloud for bare metal 1.29.600-gke.108 is now available for download. To upgrade, see Upgrade clusters. Google Distributed Cloud for bare metal 1.29.600-gke.108 runs on Kubernetes 1.29.
After a release, it takes approximately 7 to 14 days for the version to become available for installations or upgrades with the GKE On-Prem API clients: the Google Cloud console, the gcloud CLI, and Terraform.
If you use a third-party storage vendor, check the Ready storage partners document to make sure the storage vendor has already passed the qualification for this release of Google Distributed Cloud for bare metal.
Fixes:
Fixed Cloud Audit Logging failure due to allowlisting issue with multiple project IDs.
The following container image security vulnerabilities have been fixed in 1.29.600-gke.108:
GKE now supports the Parallelstore CSI driver in allowlisted general availability (GA), which means that you can reach out to your Google support team to use the service under GA terms.
Parallelstore accelerates AI/ML training and excels at saturating individual compute clients, ensuring that expensive compute resources are efficiently used. The product demonstrated a 3.9x training time improvement and 3.7x better throughput improvement compared to native ML framework data loaders and saturates single clients NIC bandwidth at 90%+.
In GKE version 1.30.3-gke.1639000 and later and 1.31.0-gke.1058000 and later, GKE can handle GPU and TPU node disruptions by notifying you in advance of a shutdown and by gracefully terminating your workloads. This feature is generally available. For details, see Manage GKE node disruption for GPUs and TPUs.
Pub/Sub adds support for OpenTelemetry tracing. OpenTelemetry tracing lets you identify and trace the latency of various Pub/Sub client library operations.
The current default LOCATIONinfoType detection model, which is accessible when InfoType.version is set to latest or stable, is now also used when InfoType.version is set to legacy.
The old detection model that was previously accessible by setting InfoType.version to legacy is no longer accessible.
The region restriction on the LOCATIONinfoType has been lifted. It is now available in all regions.
Spanner
Spanner now supports end-to-end tracing in preview, along with client-side tracing in the Java and Go client libraries. You can opt-in for end-to-end traces to have more visibility into the application to Spanner latencies.
For more information, see Trace collection overview.
Vertex AI Agent Builder
Vertex AI Agent Builder: Dynamic retrieval for grounded results (GA with allowlist)
Dynamic retrieval lets you choose when to turn off grounding with Google Search. This is useful when a prompt doesn't require an answer grounded in Google Search and the supported models can provide an answer based on their own knowledge without grounding. Dynamic retrieval helps you manage latency, quality, and cost more effectively.
This feature is available to select Google Cloud customers (GA with allowlist). For more information, see Dynamic retrieval.
Artifact Analysis is gradually rolling out regionalized data storage and endpoints to help support compliance with data residency requirements. The Container Analysis API stores metadata in the same region or multi-region as the Artifact Registry repository where your image is scanned.
You can now use flexible column names with BigQuery tables and views for extracting, loading, streaming, and querying data. This feature is generally available (GA).
You can now use the operational health dashboard to get a single-pane view of key metrics such as slot usage, shuffle usage, errors, and total storage in real time. This feature is generally available (GA).
Add RetryCallable to the callable chain (#2348) (0330d77)
Pass deadline through ExecuteQuery RetrySettings (#2355) (6bc9820)
Time based flakiness in execute query deadline test (#2358) (b474173)
Dependencies
Update dependency com.google.cloud:sdk-platform-java-config to v3.36.1 (#2351) (40c428e)
Cloud Billing
View and manage unexpected costs with Anomaly Detection (in preview)
You can now view and manage cost spikes that deviate from your historical spend patterns using the Anomalies dashboard (preview). Each anomaly comes with a detailed root cause analysis that identifies the top services, regions, and SKUs that contributed to the spike.
The regional external Application Load Balancers, cross-region internal Application Load Balancers, regional internal Application Load Balancers, now support a configurable client HTTP keepalive timeout. The client HTTP keepalive timeout represents the maximum amount of time that a TCP connection can be idle between the (downstream) client and the target HTTP(S) proxy.
You can now apply and modify dashboard-wide filters by selecting the filter option within the cell of a table. For example, if a table has a column named zone and a cell that displays us-east5-b, then selecting the filter button in that cell applies the dashboard-wide filter zone: us-east5-b. For more information about filtering your dashboard, see the following documents:
Upgraded app-admin/google-guest-configs to v20240924.00.
Upgraded app-admin/google-osconfig-agent to v20240924.02.
Upgraded app-admin/google-guest-configs to v20240905.00.
Upgraded app-admin/fluent-bit to v3.1.8.
Upgraded app-containers/docker-credential-gcr to v2.1.25.
Upgraded chromeos-base/chromeos-common-script to v0.0.1-r642.
Upgraded chromeos-base/update_engine-client to v0.0.1-r2449.
Upgraded chromeos-base/session_manager-client to v0.0.1-r2801.
Upgraded chromeos-base/debugd-client to v0.0.1-r2712.
Upgraded chromeos-base/power_manager-client to v0.0.1-r2947.
Upgraded chromeos-base/minijail to v18-r155.
Upgraded chromeos-base/shill-client to v0.0.1-r4688.
Upgraded dev-python/configobj to v5.0.9.
Upgraded net-firewall/iptables to v1.8.10-r1.
Upgraded net-libs/libtirpc to v1.3.5.
Upgraded dev-libs/nss to v3.104.
Upgraded net-dns/c-ares to v1.33.1.
Updated the Linux kernel to v6.6.52.
Update R550, latest driver to v550.90.12.
Updated cos-gpu-installer to v2.4.2. This enables creation
of /dev/dri when loading nvidia-drm.ko for COS kernels build with
loadable drm and dependent modules.
Removed sys-libs/libsepol and sys-libs/libselinux.
Note: As announced in release 5.4, workload specific repositories will continue to receive code updates for at least one more release.
New Data Sources
Marketing: YouTube (with DV360). Get comprehensive overview of your campaign spend, performance and audience targeting with actionable insights for paid media campaigns on YouTube purchased in DV360 platform. Access the Looker Block for YouTube (with DV360) with sample dashboards for faster data analysis and exploration.
Marketing: Google Analytics 4 (GA4). Understand website engagement and purchases using page views, time spent, call to action ratios, average purchases, lifetime value over time, traffic volumes, and success rates for defined conversion.
Oracle EBS: Measure and understand Order to Cash operational metrics around sales performance, order status, order fulfillment, invoicing, and receivables with new BigQuery integration templates and data models. Access the Looker Block for Oracle EBS with sample dashboards for further analytics.
New Cloud Build features support
Added support for the following Cloud Build features:
Private worker pools: Run Cortex Framework deployment builds in your Cloud Build private worker pool.
Regional builds: Specify a region for Cortex Framework deployment builds.
User-specified service accounts: Run Cortex Framework deployment builds with a specific service account instead of the Cloud Build default.
SAP
SAP Raw to CDC DAG: Rewrote logic and became less costly with about 25% improvement in performance.
Fiscal dimension: All views now use the new Fiscal Dimension instead of function. ECC/S4 specific Fiscal Functions are now removed as announced in v3.1. Fiscal functions will be removed in the next version.
Future deprecation: Legacy Currency_Conversion and Currency_Decimal functions will be deprecated in the next version. Join the views currency_conversion and currency_decimal instead.
Finance: New views for FSV, Cost, and Profit center hierarchy that supersedes the old hier_reader local k9, which will be removed in the next version. For more information, see Cortex Framework: integration with SAP.
Improved SalesStatus_Items and S/4 Billing logic.
Inventory: Moved the following views and functions from src/SAP/SAP_REPORTING/local_k9/inventory_snapshots to src/SAP/SAP_REPORTING/{SAP_FLAVOR}; and renamed them to make the structure more logical and succinct. Also added notes and instructions on this module in the Cortex Framework: integration with SAP . There isn't any content or logic change.
From 00_stock_characteristics_config to StockCharacteristicsConfig.
From 00_slow_moving_threshold to SlowMovingThreshold.
From 0_{weekly|monthly}_inventory_aggregation.sql to Aggregate{Weekly|Monthly}Inventory.
From stock_weekly_snapshots_inventory_aggregation_update to UpdateMonthlyInventoryAggregation.
From 01_stock_{weekly|monthly}_snapshots to Update{Weekly|Monthly}StockSnapshots.
Data Mesh
Added support for annotations on nested fields.
Removed inherited default values for lake regions and zone location types. These values need to be provided if deploying lakes and zones.
Moved deployment configs for Language and Currency to workload specific sections. This affects SAP and Oracle EBS data sources.
Officially dropped Airflow v1 support.
Adding test harness support for new BigQuery regions africa-south1 and europe-west10.
Deployer log verbosity reduced by 75% for reporting deployment steps across all workloads.
Cloud Composer (Airflow) DAGs now use current python and BigQuery operators in place of deprecated airflow.operators.python_operator and airflow.contrib.operators.bigquery_operator operators.
Patched multiple Python library vulnerabilities.
Deprecated Credly badging.
Known issues and limitations
Data Mesh deployments where only column descriptions are deployed require Data Catalog API to be enabled. This will be patched in a future release.
Local K9 for SAP produces a temporary folder (tmp*) in the target bucket for DAGs. Please, remove it manually. There is no impact in the execution.
Dataform
The maximum size limit for workspaces encrypted with customer-managed encryption keys (CMEK) is 512 MB. For more information about Dataform quotas and limits, see Quotas and limits. For more information about encrypting Dataform repositories with CMEK, see Use customer-managed encryption keys.
Dataplex
Managed connectivity pipelines are generally available (GA). Use a managed connectivity pipeline to extract metadata from third-party sources and import it into Dataplex Catalog. You develop your own connector that extracts metadata, and use Workflows for orchestration and scheduling.
Developer Connect is now Generally Available (GA). This launch introduces the following features:
Connectivity with several more source code management tools, including GitHub Enterprise Cloud, GitHub Enterprise, GitLab and GitLab Enterprise
Integration with Gemini Code Assist, helping you get coding tips tailored to your private repositories
Gemini Code Assist users can connect their source code on GitHub or GitLab repositories and GitHub Enterprise, GitHub Enterprise Cloud, GitLab Enterprise repositories hosted on networks that can be accessed via the public internet.
NFSv4.1 protocol support, integrated with Managed Service for Microsoft Active Directory, is now generally available for zonal, regional, and enterprise instances.
Generative AI on Vertex AI
Prompt templates let you to test how different prompt formats perform with different sets of prompt data. This feature is in Preview. To learn more, see Use prompt templates.
Google SecOps
The case report now includes all information written on the case wall.
It is now possible to merge cases where the requester is not the assignee both in the platform and through the API endpoint: api/external/v1/cases-queue/bulk-operations/MergeCases
Google SecOps SOAR
Remote Agents 2.2.0 Release is currently in Preview.
Logs quality and coverage enhancements.
Identity Platform
Custom organization policies for Identity Platform are generally available (GA). You can use custom organization policies to allow or deny specific operations on Identity Platform resources for the security, compliance, or governance requirements of your application.
Parallelstore, Google's managed Parallel File System service, is now generally available (GA).
Parallelstore offers extreme IOPS and throughput, at very low latencies. Parallelstore supports capacities between 12 and 100 TiB and is POSIX-compatible.
Please contact your sales representative to use Parallelstore in your Google Cloud project.
Pub/Sub
A weekly digest of client library updates from across the Cloud SDK.
Update the requirements.txt for samples directory (#1263) (5cce8b1)
The message retention duration option for a subscription specifies how long Pub/Sub retains messages after publication. The maximum value for this property is now increased to 31 days. For more information, see Message retention duration.
Sensitive Data Protection
The FINLAND_BUSINESS_ID infoType detector is available in all regions. For more information about all built-in infoTypes, see InfoType detector reference.
Spanner
A monthly digest of client library updates from across the Cloud SDK.
The case report now includes all information written to the Case wall.
It is now possible to merge cases where the requester is not the assignee both in the platform and through the API endpoint: api/external/v1/cases-queue/bulk-operations/MergeCases
Custom integration is reverted to the latest imported code after saving custom integration settings. (ID #53578268)
Remote agents not visible in the drop-down field. (ID #53299495)
Timeout error when trying to add an alert grouping rule. (ID #00298026)
Time Zone sync issue (ID #52421707)
Inaccurate case tag data in Advanced Reports (ID #00308538)
Tags are displayed in the database after being deleted from the platform (ID #53263012)
Timeout error for playbook action (ID #52418008)
September 27, 2024
Access Approval
Access Approval supports Speech-to-Text in the GA stage.
Access Approval supports Dataplex in the Preview stage.
Access Transparency
Access Transparency supports Dataplex in the Preview stage.
Avoid charges for underutilized Compute Engine reservations in the FinOps hub
You can now get recommendations to modify or delete your underutilized, on-demand reservations for Compute Engine resources when you haven't consumed your specified threshold of resources for at least 7 days.
Vertex AI Search for retail: Conversational search API
As part of Search for retail's Guided search package, ConversationalSearchSpec sits on top of the Retail API. When coverage parameters are met, Search for retail users can enable this feature in the console or by setting the followup_conversation_requested flag to true in the search service interface. Conversational search uses an LLM-generated question for each catalog attribute where allowed_in_conversation field is enabled.
As part of Search for retail's Guided search package, tile navigation allows tiles to appear for each of the most likely to be used dynamic facets across a search page. The objective is to increase filter usage to narrow search faster.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2024-11-25 UTC."],[],[]]