Google Cloud release notes

The following release notes cover the most recent changes over the last 30 days. For a comprehensive list, see the individual product release note pages .

You can see the latest product updates for all of Google Cloud on the Google Cloud release notes page.

To get the latest product updates delivered to you, add the URL of this page to your feed reader, or add the feed URL directly: https://cloud.google.com/feeds/gcp-release-notes.xml

September 28, 2020

Cloud Billing

Budget alert email notifications: Cloud Billing Budgets functionality has been updated to offer more control over recipients of alert emails. In May 2020, we announced that you can use Monitoring notifications to customize your budget to send alert emails to up to five additional email recipients you specify, in addition to the default email recipients. Now, you can also opt out of the default email settings, choosing not to send budget alert emails to Billing Account Administrators and Billing Account Users on the target Cloud Billing account (that is, every user assigned a billing role of either roles/billing.admin or roles/billing.user). To opt out of the default behavior, in the Cloud Billing budget's Manage notifications settings, deselect Email alerts to billing admins and users. Read more about email notification settings in our documentation.

Committed use discounts (CUDs) are now available to purchase for Cloud VMware Engine. CUDs provide discounted prices in exchange for your commitment to use a minimum level of resources for a specified term. With spend-based committed use discounts for Cloud VMware Engine, you can earn a deep discount off your cost of use in exchange for committing to continuously use VMware Engine nodes in a particular region for a 1- or 3-year term. See the documentation for more details.

Cloud Spanner Compute Engine

N2D machine types are available in The Dalles, Oregon, the us-west1-b zone. For more information, see the VM instance pricing page.

Google Cloud VMware Engine

Committed use discounts (CUDs) are available to purchase for Google Cloud VMware Engine. CUDs provide discounted prices in exchange for your commitment to use a minimum level of resources for a specified term. With spend-based committed use discounts for VMware Engine, you can earn a deep discount off your cost of use in exchange for committing to continuously use VMware Engine nodes in a particular region for a 1- or 3-year term. See the documentation for more details.

September 25, 2020

App Engine flexible environment .NET

You can use network ingress controls so your app only receives requests that are sent from your project's VPC or that are routed through the Cloud Load Balancing load balancer.

App Engine flexible environment Go

You can use network ingress controls so your app only receives requests that are sent from your project's VPC or that are routed through the Cloud Load Balancing load balancer.

App Engine flexible environment Java

You can use network ingress controls so your app only receives requests that are sent from your project's VPC or that are routed through the Cloud Load Balancing load balancer.

App Engine flexible environment Node.js

You can use network ingress controls so your app only receives requests that are sent from your project's VPC or that are routed through the Cloud Load Balancing load balancer.

App Engine flexible environment PHP

You can use network ingress controls so your app only receives requests that are sent from your project's VPC or that are routed through the Cloud Load Balancing load balancer.

App Engine flexible environment Python

You can use network ingress controls so your app only receives requests that are sent from your project's VPC or that are routed through the Cloud Load Balancing load balancer.

App Engine flexible environment Ruby

You can use network ingress controls so your app only receives requests that are sent from your project's VPC or that are routed through the Cloud Load Balancing load balancer.

App Engine standard environment Go

If you use Cloud Load Balancing, you can use network ingress controls so your app only receives requests that are routed through the load balancer.

If you use Cloud Load Balancing, you can use network ingress controls so your app only receives requests that are routed through the load balancer.

App Engine standard environment Java

If you use Cloud Load Balancing, you can use network ingress controls so your app only receives requests that are routed through the load balancer.

If you use Cloud Load Balancing, you can use network ingress controls so your app only receives requests that are routed through the load balancer.

App Engine standard environment Node.js

If you use Cloud Load Balancing, you can use network ingress controls so your app only receives requests that are routed through the load balancer.

App Engine standard environment PHP

If you use Cloud Load Balancing, you can use network ingress controls so your app only receives requests that are routed through the load balancer.

If you use Cloud Load Balancing, you can use network ingress controls so your app only receives requests that are routed through the load balancer.

App Engine standard environment Python

If you use Cloud Load Balancing, you can use network ingress controls so your app only receives requests that are routed through the load balancer.

If you use Cloud Load Balancing, you can use network ingress controls so your app only receives requests that are routed through the load balancer.

App Engine standard environment Ruby

If you use Cloud Load Balancing, you can use network ingress controls so your app only receives requests that are routed through the load balancer.

Compute Engine

On July 28, 2020, we announced that improved validation checks will be introduced on API calls to the Compute Engine API. This change has been postponed and will be rescheduled for a later time.

Filestore

Filestore backups has launched to beta. Now you can back up your Filestore instances.

September 24, 2020

AI Platform Deep Learning VM Image

M56 release

  • Bug fixes for TensorFlow 2.3 add-ons
  • Fixes bug affecting BigQuery magic commands in some environments
  • Adds a diagnostics tool for AI Platform Notebooks
Anthos

Anthos 1.5.0 is now available.

Updated components:

Anthos Config Management

Anthos Config Management now includes Config Connector v1.19.1.

Anthos Policy Controller has been updated to include a more recent build of OPA Gatekeeper (hash: 15d56e3).

Binary Authorization can now be enabled through the Anthos Config Management Operator. See Setting up with Anthos Config Management for details.

The syncer and importer Containers now both run in the git-importer Pod in the importer Container.

The nomos CLI tool is now available via gcloud. Please see the downloads page for more information.

This release includes several logging and performance improvements.

Anthos GKE on-prem

Anthos GKE on-prem 1.5.0-gke.27 is now available. To upgrade, see Upgrading GKE on-prem. GKE on-prem 1.5.0-gke.27 clusters run on Kubernetes 1.17.9-gke.4400.

Improved upgrade and installation:

  • Preflight checks are now blocking with v1 configs for installation and upgrades. Users can use --skip-preflight-check-blocking to unblock the operation.
  • Added support for running gkeadm on macOS Catalina, v10.14.
  • Enabled installation and upgrade by using any Google Cloud–authenticated service account. This removes the need for allowlisting.
  • Improved security by adding support for using an external credential file in admin or user configuration. This enables customers to check in their cluster configuration files in source code repositories without exposing confidential credential information.

Improved HA and failure recovery:

Improved support for Day-2 operations:

  • The gkectl update cluster command is now generally available. Users can use it to change supported features in the user cluster configurations after cluster creation.
  • The gkectl update credentials command for vSphere and F5 credentials is now generally available.
  • Improves scalability with 20 user clusters per admin cluster, and 250 nodes, 7500 pods, 500 load balancing services (using Seesaw), and 250 load balancing services (using F5) per user cluster.
  • Introduces vSphere CSI driver in preview.

Enhanced monitoring with Cloud Monitoring:

  • Introduces out-of-the-box alerts for critical cluster metrics and events in preview.
  • Out-of-the-box monitoring dashboards are automatically created during installation when Cloud Monitoring is enabled.
  • Allows users to modify CPU or memory resource settings for Cloud Monitoring components.

Functionality changes:

  • Preflight check failures now block gkectl create loadbalancer for the bundled load balancer with Seesaw.
  • Adds a blocking preflight check for the anthos.googleapis.com API of a configured gkeConnect project.
  • Adds a blocking preflight check on proxy IP and service/pod CIDR overlapping.
  • Adds a non-blocking preflight check on cluster health before an admin or user cluster upgrade.
  • Updates the gkectl diagnose snapshot:
    • Fixes the all scenario to collect all supported Kubernetes resources for the target cluster.
    • Collects F5 load balancer information, including Virtual Server, Virtual Address, Pool, Node, and Monitor.
    • Collects vSphere information, including VM objects and their events based on the resource pool, and the Datacenter, Cluster, Network, and Datastore objects that are associated with VMs.
  • Fixes the OIDC proxy configuration issue. Users no longer need to edit NO_PROXY env settings in the cluster configuration to include new node IPs.
  • Adds monitoring.dashboardEditor to the roles granted to the logging-monitoring service account during admin workstation creation with --auto-create-service-accounts.
  • Bundled load balancing with Seesaw switches to the IPVS maglev hashing algorithm, achieving stateless, seamless failover. There is no connection sync daemon anymore.
  • The hostconfig section of the ipBlock file can be specified directly in the cluster yaml file network section and has a streamlined format.

Breaking changes:

  • Starting with version 1.5, instead of using kubectl patch machinedeployment to resize the user cluster and kubectl edit cluster to add static IPs to user clusters, use gkectl update cluster to resize the worker node in user clusters and to add static IPs to user clusters.
  • Starting with version 1.5, the gkectl log is saved in a single file instead of multiple files by log verbosity levels. By default, the gkectl log is saved in the /home/ubuntu/.config/gke-on-prem/logs directory with a symlink created under the ./logs directory for easy access. Users can use --log_dir or --log_file to change this default setting.
  • Starting with version 1.5, the gkeadm log is saved in a single file instead of multiple files by log verbosity levels. By default, the gkeadm log is saved under ./logs. Users can use --log_dir or --log_file to change this default setting.
  • In version 1.5 only, the etcd version is updated from 3.3 to 3.4, which means the etcd image becomes smaller for improved performance and security (distroless), and the admin and user cluster etcd restore process is changed.

Fixes:

  • Fixed an issue that caused approximately 50 seconds of downtime for the user cluster API service during cluster upgrade or update.
  • Corrected the default log verbosity setting in gkectl and gkeadm Help messages.

Due to a 1.17 kubernetes issue, kube-apiserver and kube-scheduler don't expose kubernetes_build_info on the /metrics endpoint in the 1.5 release. Customers can use Kubernetes_build_info from kube-controller-manager to get similar information like the Kubernetes major version, minor version, and build date.

Cloud Run for Anthos

Cloud Run for Anthos on Google Cloud version 0.17.2-gke.1 is now available for following GKE minor version:

1.18

Cloud SQL for MySQL

MySQL 5.6.42 is upgraded to 5.6.47.

Resource Manager

The Organization policy constraints for Direct Path disablement have launched into beta.

September 23, 2020

Cloud Billing

We've added .NET and Go client libraries for the Cloud Billing Budget API (Beta).

Learn about using the Cloud Billing Budget client libraries.

September 22, 2020

AI Platform Training

AI Platform Training runtime version 2.2 now supports training with TPUs using TensorFlow 2.2.

Cloud Logging

The histogram panel in the Logs Viewer (Preview) now contains a viewport to help you quickly understand the time range of the log entries you're viewing within the Query results pane. To learn more, go to the Histogram panel.

Compute Engine

NVIDIA® T4 GPUs are now available in the following additional regions and zones:

  • Sydney, Australia: australia-southeast1-a

For information about using T4 GPUs on Compute Engine, see GPUs on Compute Engine.

September 21, 2020

AI Platform Notebooks

AI Platform Notebooks API is now Generally Available. The API now includes an isUpgradable endpoint and adds manual and auto-upgrade functionality to notebooks instances created using the API.

Cloud Audit Logging for AI Platform Notebooks is now Generally Available.

Granular IAM permissions for AI Platform Notebooks is now Generally Available.

AI Platform Notebooks now supports E2 machine types.

The following new regions have been added:

  • europe-west2 (London, UK)
  • europe-west3 (Frankfurt, Germany)
  • europe-west6 (Zürich, Switzerland)
BigQuery

The following time-unit partitioning features are now Generally Available (GA):

  • Creating partitions using hourly, monthly, and yearly time-unit granularities.
  • Using a DATETIME column as the partitioning column.
Cloud Logging

Logs Buckets are now generally available. For information about this feature, refer to the Managing logs buckets guide.

Cloud SQL for MySQL

Cloud SQL has upgraded Replicating from an external server to version 1.1. You can now:

  • Replicate from sources where GTID is not enabled.
  • Allow Cloud SQL to copy data directly from an external server to a Cloud SQL replica.
  • Use new APIs that give you greater control to verify replication requirements, retry after making external server configuration changes, and remove the 30-minute limit for successful connectivity to an external server.
Cloud SQL for SQL Server

Cloud SQL for SQL Server enables you to set a default collation value for databases in an instance. This collation value is a default for sorting rules, case, and accent sensitivity. You can set this value through the Cloud Console, the gcloud command, and the Cloud SQL Admin API.

Identity and Access Management

You can now use workload identity federation, available in beta, to grant access to Google Cloud resources from on-premises and multi-cloud workloads.

Network Intelligence Center

Running Connectivity Tests to and from Google-managed services is available in Alpha. This release includes support for Google Kubernetes Engine (GKE) cluster masters and Cloud SQL instances.

September 18, 2020

BigQuery

Beginning in late 2020, all BigQuery predefined roles with permission to create jobs, including queries, will also be able to get information about their own jobs and cancel their own jobs. This change does not include permission to see jobs created by other users.

Cloud Run for Anthos

Events for Cloud Run for Anthos is now available in beta.

Dataproc

New sub-minor versions of Dataproc images: 1.3.69-debian10, 1.3.69-ubuntu18, 1.4.40-debian10, 1.4.40-ubuntu18, 1.5.15-debian10, 1.5.15-ubuntu18, 2.0.0-RC11-debian10, and 2.0.0-RC11-ubuntu18.

All image versions

Image 2.0 preview

September 17, 2020

Anthos

Anthos 1.4.3 is now available.

Updated components:

Anthos 1.3.4 is now available.

Updated components:

Anthos GKE on AWS

GKE on AWS 1.4.3-gke.7 is now available. GKE on AWS 1.4.3-gke.7 clusters run on Kubernetes 1.16.13-gke.1402.

To Upgrade:

  1. Upgrade your Management service to 1.4.3-gke.7.
  2. Upgrade your user clusters to to 1.16.13-gke.1402.

A vulnerability, described in CVE-2020-14386, was recently discovered in the Linux kernel. The vulnerability may allow container escape to obtain root privileges on the host node.

All GKE on AWS nodes are affected.

To fix this vulnerability, upgrade your management service and user clusters to this patched version. The following GKE on AWS version contains the fix for this vulnerability:

  • GKE on AWS 1.4.3

For more information, see the Security Bulletin

Anthos GKE on-prem

Anthos GKE on-prem 1.4.3-gke.3 is now available. To upgrade, see Upgrading GKE on-prem. GKE on-prem 1.4.3-gke.3 clusters run on Kubernetes 1.16.11-gke.11.

Fixes:

  • Fixed CVE-2020-14386 described in Security Bulletin.

  • Preflight check for hostname validation was too strict. We updated the hostname validation following the RFC 1123 DNS subdomain definition.

  • There was an issue in the 1.4.0 and 1.4.2 releases where the node problem detector didn't start when the node restarted. This is fixed in this version.

Anthos GKE on-prem 1.3.4-gke.3 is now available. To upgrade, see Upgrading GKE on-prem. GKE on-prem 1.3.4-gke.3 clusters run on Kubernetes 1.15.12-gke.15.

Fixes:

BigQuery BigQuery Data Transfer Service Cloud Composer
  • New versions of Cloud Composer images: composer-1.12.0-airflow-1.10.3, composer-1.12.0-airflow-1.10.6, composer-1.12.0-airflow-1.10.9, and composer-1.12.0-airflow-1.10.10. The default is composer-1.12.0-airflow-1.10.6. Upgrade your Cloud SDK to use features in this release.
  • Airflow 1.10.10 is now available.
  • You can now securely store Airflow connections and secrets by configuring Composer environments with Secret Manager.
  • All new Environments now use Zonal DNS names.
  • Validation has been added to prevent setting DAG serialization and async DAG bag loading at the same time.
  • Fixed rendering templates in the Airflow UI when async DAG bag loading is on.
  • Fixed an issue with Airflow worker Pod placement on GKE Nodes after environment upgrade and update.
  • Added validation to the v1 API so that environment creation fails quickly if Domain Restricted Sharing is enforced in the project.
  • Environment variables set by the user at the environment creation are now correctly propagated to Pub/Sub topics.
  • A fix for the broken Airflow Sentry integration has been backported to older Composer Airflow versions.
  • Airflow 1.10.9:

    • Fixed an issue where task retries did not work while DAG serialization was turned on.
    • Fixed an issue that broke Airflow database connections when DAG serialization was turned on.
    • Fixed an issue where the default worker concurrency could not be set, causing problems with cluster resources usage.
Cloud Healthcare API

You can now configure a ParserVersion in an HL7v2 store, which allows you to set the version of the unschematized parser. A new parser version, V2, has been added, which allows parsedData to include every given non-empty message field. This version parses the MSH segment starting with the MSH-1 field and is in accordance with the HL7v2 standard.

Cloud Logging

In the Logs Viewer (Preview), you can now pin log entries within the Query results and Histogram panes. To learn more, go to Pinning logs.

In the Logs Viewer (Preview), you can now view a log entry in its resource context. To learn more, go to Viewing a pinned log entry in its resource context.

You can now copy a link to a log entry in the Logs Viewer (Preview). To learn more, go to Copy a link to a log entry.

Compute Engine

You can now migrate a VM instance from one network to another. This feature is available in Beta.

Identity and Access Management

The issue with undeleting service accounts has been resolved. You can now undelete most service accounts that meet the criteria for undeletion.

September 16, 2020

Compute Engine

Troubleshoot VMs by capturing a screenshot from the VM. This is Generally Available.

Datastore

You can now use the goog-firestoremanaged billing report label to view costs related to export and import operations.

Firestore

You can now use the goog-firestoremanaged billing report label to view costs related to import and export operations.

Istio on Google Kubernetes Engine

There is a known issue with the upgrade from GKE 1.16 to 1.17. Any custom resources you created in the istio-system namespace are deleted during an upgrade to 1.17 (R30 or earlier). These resources must be manually recreated. We recommend that you do not upgrade to GKE 1.17 until a patch release fixes the issue. The fix will be rolled out in GKE release R31.

September 15, 2020

Cloud Load Balancing

Added total latency to external HTTP(S) load balancer Cloud Logging entries. Total latency measures from when the external HTTP(S) load balancer receives the first bytes of the incoming request headers until the external HTTP(S) load balancer finishes proxying the backend's response to the client. This feature is now available in General Availability.

Cloud SQL for MySQL

Cloud SQL now offers serverless export. With serverless export, Cloud SQL performs the export from a temporary instance. Offloading the export operation allows databases on the primary instance to continue to serve queries and perform other operations at the usual performance rate.

Cloud SQL for PostgreSQL

Cloud SQL now offers serverless export. With serverless export, Cloud SQL performs the export from a temporary instance. Offloading the export operation allows databases on the primary instance to continue to serve queries and perform other operations at the usual performance rate.

The following PostgreSQL minor versions have been upgraded:

  • PostgreSQL 9.6.16 is upgraded to 9.6.18.
  • PostgreSQL 10.11 is upgraded to 10.13.
  • PostgreSQL 11.6 is upgraded to 11.8.
  • PostgreSQL 12.1 is upgraded to 12.3.
Compute Engine

SSD persistent disks attached to certain VMs with at least 64 vCPUs can now reach 100,000 write IOPS. To learn more about the requirements to reach these limits, see Block storage performance.

September 14, 2020

Cloud CDN

Cache Modes, TTL overrides and custom response headers are now supported on backend buckets and backend services, and are available in beta.

Cache modes allow Cloud CDN to automatically cache static content types, including web assets like CSS, JavaScript and fonts, as well as image and video content.

TTL overrides support fine-tuning how long Cloud CDN caches your responses, and custom response headers introduce a new {cdn_cache_status} variable that is populated with the cache status response.

External HTTP(S) Load Balancing now supports setting custom response headers on backend buckets and services. This feature is available in beta.

Custom response headers make it easier to set common web security headers and/or override response headers from your application at the load balancer.

Cloud Load Balancing

The External HTTP(S) Load Balancer now supports setting custom response headers on backend buckets and services. This feature is available in Beta.

Custom response headers make it easier to set common web security headers and override response headers from your application at the load balancer.

Cloud Logging

Cloud Logging now offers the ability to view a history of your ran queries through the Recent queries tab. To learn more, go to the Recent queries section on the Building queries page.

Compute Engine

Compute-optimized (C2) machine types are now available in Sydney, Australia australia-southeast1-a. See VM instance pricing for details.

Datastore

The gcloud datastore index create and gcloud datastore index cleanup commands now require gcloud version 279.0.0 or greater. To update the gcloud CLI, use the gcloud components update command.

Migrate for Compute Engine

There is no longer a requirement that the subnet of the deployment cluster is under the same network as the Cloud Extension.

Video Intelligence API

Bug fix for shot change detection API: Tuned internal model parameters to reduce false positives under certain scenarios.

September 11, 2020

BigQuery

You can now use the BQ.JOBS.CANCEL system procedure to cancel a job. For more information, see Canceling jobs.

Cloud TPU

Compute Engine TPU Metrics and Logs In-Context

New Monitoring tab for TPUs provides key TPU Metrics and access to logs at a glance. You can see a variety of key TPU metrics including MXU utilization, CPU, memory, sent/received traffic, and more. In addition, it provides instant access to TPU logs which give insight into important events.

Compute Engine

You can build highly available deployments of stateful workloads on VM instances using stateful managed instance groups (stateful MIGs). A stateful MIG preserves the unique state of each instance (instance name, attached persistent disks, and/or metadata) on machine restart, recreation, autohealing, or update. Stateful MIGs are Generally available.

Dataproc

Added the PrivateIpv6GoogleAccess API field to allow configuring IPv6 access to Dataproc cluster.

New sub-minor versions of Dataproc images: 1.3.68-debian10, 1.3.68-ubuntu18, 1.4.39-debian10, 1.4.39-ubuntu18, 1.5.14-debian10, 1.5.14-ubuntu18, 2.0.0-RC10-debian10, and 2.0.0-RC10-ubuntu18.

1.3-1.5 Images:

HIVE-18323: Vectorization: add the support of timestamp in VectorizedPrimitiveColumnReader for parquet

1.5 and 2.0 preview images:

Upgraded the jupyter-core and jupyter-client packages in the 1.5 and 2.0 images to be compatible with the installed notebook package version.

2.0 preview image:

Fixed a regression that could cause clusters to fail to start if user-supplied keystore/truststore are provided when enabling Kerberos.

Firestore

September 10, 2020

Cloud Billing

The Cloud Billing data export to BigQuery daily cost detail data now includes 3 additional fields to describe credits: credits.id, credits.full_name, and credits.type. Including the credit details in the data export to BigQuery is especially useful for creating queries to analyze how credits impact your costs on a more granular level, such as understanding credits grouped by project, or for analyzing the source of multiple credits of the same type that were earned during the same invoice period (such as sustained usage discounts earned as usage increases).

See Understanding the Cloud Billing data tables in BigQuery for more details.

September 09, 2020

Cloud CDN Cloud Load Balancing Cloud Monitoring

The API for creating and managing alerting policies is now Generally Available. For information on using this API, see Managing alerting policies by API.

Cloud Spanner

Cloud Spanner introduces a new introspection tool that provides insights into queries that are currently running in your database. Use Oldest Active Queries to analyze what queries are running and how they are impacting database performance characteristics.

Identity and Access Management

You cannot undelete most service accounts at this time. Our engineering team is working to resolve this issue.

September 08, 2020

Cloud Data Loss Prevention

STREET_ADDRESS infoType detector is now available in all regions.

Cloud Healthcare API

Two new permissions, healthcare.locations.get and healthcare.locations.list, have been added to the IAM permissions. These permissions are checked whenever the new GetLocation and ListLocations methods are called.

Cloud Storage

New conditions available for Object Lifecycle Management:

  • Noncurrent time conditions allow you to define lifecycle actions based on when an object became noncurrent.
  • Custom time conditions allow you to define lifecycle actions based on a custom time that you define for objects.

Custom time metadata is now available for objects.

  • Custom time metadata allows you to associate an arbitrary date and time with objects.
Security Command Center

Security Command Center Premium is now in general availability (Container Threat Detection remains in beta). Read these notes to learn about updates, usability improvements, and new features.

Improved Summary Dashboard

  • A new set of interactive charts and tables provide a high-level overview of all threats and vulnerabilities.
  • An updated time selector lets you choose preset and customizable time ranges for reviewing findings and creating reports.
  • New page headers provide users with more page-specific context.

Learn more about Using the Security Command Center dashboard.

Onboarding and configuration upgrades

  • A streamlined interface lets you manage organization-wide service enablement settings.
  • A dedicated settings page for integrated services has been added to the configuration interface.

Learn more about Setting up Security Command Center.

Security Health Analytics now supports real-time detections, with some exceptions. Read more about Security Health Analytics detectors and findings.

Managed Web Security Scans are now available to all Security Command Center Premium users. Learn more about managed scans in our Overview of Web Security Scanner.

gcloud integration with new, simplified Beta APIs (Alpha)

  • The gcloud command line interface can now access configuration functionality through new Beta APIs. The Beta APIs provide stable, programmatic interaction equivalent in functionality to the Security Command Center interface. Learn to use gcloud to manage Security Command Center settings.

Documentation

September 04, 2020

Data Catalog

Data Catalog is now available in Jakarta (asia-southeast2).

Dataproc

Switched 1.3 and 1.3-debian image version aliases to point to 1.3 Debian 10 images.

When Enhanced Flexibility Mode is enabled, increased app master, task, and Spark stage retries to 10 to improve resiliency of applications to downscaling and preemption of preemptible VMs.

Support more than 8 local SSDs on VMs. Compute Engine supports 16 and 24 SSDs for larger machine types.

Changed secondary workers default boot disk size to 1000 GB in clusters created with 2.0 preview images.

Improved node memory utilization in clusters created with 2.0 preview images.

September 03, 2020

Config Connector

BigtableInstance: numNodes on resources is now optional. You can then programmatically scale your Bigtable instances. You cannot add the numNodes field after creating a BigtableInstance.

For production instances where the numNodes will be managed by Config Connector, this field is required with a minimum of 1. For a development instance or for an existing instance where the numNodes is managed outside of Config Connector, this field must be left unset.

Traffic Director

Traffic Director can now be set up for GKE Pods with automatic Envoy injection.

September 02, 2020

Cloud CDN

Reduced cache fill pricing from Cloud Storage, Compute Engine, and external origins by up to 80% starting September 1st.

Google Cloud has also removed cache-to-cache fill and cache invalidation charges.

Virtual Private Cloud

Firewall Rules Logging metadata controls is now available in General Availability.

September 01, 2020

Assured Workloads for Government

Assured Workloads for Government is now generally available for the FedRAMP Moderate compliance regime.

Cloud Logging

Cloud Logging updated IAM custom role permissions. Users with custom roles should verify their permissions are correct. For a list of the permissions and roles, go to the Permissions and Roles section on the Access control page.

Dialogflow

Beta launch of Dialogflow CX. Dialogflow CX provides a new way of designing agents, taking a state machine approach to agent design. This gives you clear and explicit control over a conversation, a better end-user experience, and a better development workflow.

As part of introducing Dialogflow CX, some changes have been made to editions:

  • Dialogflow Enterprise Edition is no longer used as an umbrella term for paid editions.
  • Dialogflow Standard Edition is now called Dialogflow Trial Edition.
  • Dialogflow Plus Edition and Dialogflow Essentials Edition have been merged to one Dialogflow Essentials (ES) Edition.
  • Dialogflow Customer Experience (CX) Edition is a new edition with a simpler pricing and quota model.

The service previously named Dialogflow is now called Dialogflow ES, and the term Dialogflow is now an umbrella term used to describe both the Dialogflow ES and Dialogflow CX services.

Filestore

Filestore Troubleshooting page published. Now you can troubleshoot common Filestore issues.

VPC Service Controls

Beta stage support for the following integration:

August 31, 2020

BigQuery

Updated version of Magnitude Simba JDBC driver includes bug fixes and enhancements such as automatically turning on the BigQuery Storage API for anonymous table reads (no charge for temporary table reads).

Cloud Load Balancing

Google Cloud internal HTTP(S) load balancers have native support for the WebSocket protocol when you use HTTP or HTTPS as the protocol to the backend. The load balancer does not need any configuration to proxy WebSocket connections.

Cloud SQL for SQL Server

Cloud SQL for SQL Server supports cloning using the Cloud Console, the gcloud command, and the Cloud SQL Admin API. When you clone an instance, you create an independent copy of the source instance.

Google Cloud Armor

Google Cloud Armor Managed Protection Plus Tier is in Beta. Managed Protection Plus Tier offers a monthly subscription that includes all of the features of Standard Tier, and bundles Google Cloud Armor WAF policy, rules, HTTP request usage, and named IP lists.

Pre-configured rules for local file inclusion (LFI), remote file inclusion (RFI), and remote code execution (RCE) are now in General Availability.

Network Intelligence Center

In the details pane for a connection, under View flows in BigQuery, Network Topology now provides a table that lists the subnets relevant to the currently selected connection and whether those subnets have VPC Flow Logs enabled. For more information, see Using generated queries to retrieve detailed logs.