Google Cloud release notes

Generally available: Z3 VMs, which offer the latest compute, networking, and storage innovations in one platform with a particular focus on high density, high performing Local SSD are now available on Compute Engine. For more information, see Storage-optimized machine family.

Generally available: Hyperdisk Balanced is available with M1 and M2 VMs. Hyperdisk Balanced is a good fit for a wide range of use cases such as LOB applications, and medium-tier databases that don't require the performance of Hyperdisk Extreme. For more information, see About Hyperdisk.

The Z3 machine family is generally available in Standard clusters running for GKE 1.25 and later. You can select this family by using the --machine-type flag when creating a cluster or node pool. The following limitations apply:

• Node auto-provisioning for Z3 is supported in 1.29 and later.
• GKE Autopilot is supported in 1.29 and later.
• Z3 machines are gracefully terminated during host maintenance.

The Direct VPC egress feature of Cloud Run is now supported in all regions.

GPUDirect-TCPX is now supported on GKE version 1.27 and later and requires the following patch versions:

• For GKE version 1.27, use GKE patch version 1.27.7-gke.1121000 or later.
• For GKE version 1.28, use GKE patch version 1.28.8-gke.1095000 or later.
• For GKE version 1.29, use GKE patch version 1.29.3-gke.1093000 or later.

To use GPUDirect-TCPX, see Maximize GPU network bandwidth with GPUDirect-TCPX and multi-networking.

Bigtable now integrates with LangChain, an LLM orchestration framework. For more information, see Build LLM-powered applications using LangChain. This feature is available in Preview.

In Release 6.2.45 the option to manually enter General placeholders was added. The General Placeholders section has now been added to the platform.

If you use Pub/Sub metrics as a signal to autoscale your pipeline, refer to Best practices for using Pub/Sub metrics as a scaling signal.

The N4 machine family is generally available in GKE Standard clusters running on GKE 1.29 and later. You can select this family by using the --machine-type flag when creating a cluster or node pool. The following limitations apply:

• Confidential GKE nodes is not supported.
• Local SSD is not supported.
• hyperdisk-balanced is the only supported boot disk type.

Open SQL Interface now supports parameters and filter-only fields.

As part of a Looker Studio Pro subscription, Looker Studio Pro licenses are available at no cost to Looker users. Looker admins of Looker (original) instances and Looker (Google Cloud core) instances can accept these complimentary licenses and finish setting up a Looker Studio Pro subscription to get started using Looker Studio.

The following Gemini in Databases features are now available in Public Preview:

• Database Center: an AI-assisted dashboard that gives you one centralized view across your entire database fleet.
• AlloyDB Studio (GA): lets authorized users interact directly with the SQL database and run SQL queries from the Google Cloud console to access and manipulate data.
• Monitor active queries: monitor and troubleshoot the queries that are active in your database.
• Index advisor: a fully managed index advisor that tracks the queries your database handles regularly.
• Enhanced Query Insights: an assistive query performance diagnostics platform that lets you detect, troubleshoot, and prevent database and query performance problems in near real-time.
• 4-week query metric retention in the Query Insights dashboard.
• 5 new database insight recommendations.

To learn how to enable and activate Gemini in Databases, see Set up Gemini in Databases.

AlloyDB Omni version 15.5.1 has the following AlloyDB AI features available in Preview:

• Model endpoint management lets you maintain a per-project registry of AI model endpoints from a variety of sources and providers.
• The postgres_ann extension provides a configurable and highly efficient nearest-neighbor index powered by the ScaNN algorithm.
• You can query your database using natural language. This Technology Preview includes parameterized secure views, which let you narrowly define the scope of data that natural-language queries have access to.

BigQuery ML now offers the following expanded embedding support features in preview:

• Using the ML.GENERATE_EMBEDDING function with a remote model based on a Vertex AI multimodalembedding large language model (LLM) to create multimodal embeddings, which embed text and images into the same semantic space.
• Using the ML.GENERATE_EMBEDDING function with a principal component analysis (PCA) model or autoencoder model to create embeddings for structured independent and identically distributed random variables (IID) data.
• Using the ML.GENERATE_EMBEDDING function with a matrix factorization model to create embeddings for user or item data.

Try the new multimodal embedding functionality:

• Generate image embeddings by using the ML.GENERATE_EMBEDDING function
• Generate text embeddings by using the ML.GENERATE_EMBEDDING function
• Generate and search multimodal embeddings

You can now create a data canvas in BigQuery Studio. A data canvas lets you discover, transform, query, and visualize data using natural language. It provides a graphic interface for your analysis that lets you work with data sources, queries, and visualizations in a directed acyclic graph (DAG), giving you a graphical view of your analysis workflow that maps to your mental model. You can iterate on query results and work with multiple branches of inquiry in a single place. This feature is in preview and access can be requested here.

The following Gemini in BigQuery features are now available in Public Preview:

• Data insights: an automated and intuitive way to explore and understand your data.
• Data canvas: a graphic interface that lets you discover, transform, query, and visualize data using natural language.
• SQL and Python code assistance: Gemini-assisted code generation, completion, and explanation.
• Materialized views, partitioning, and clustering recommendations: recommendations to reduce cost and improve performance.
• Autotune and troubleshoot serverless Spark: optimize and explain Spark workloads.

To learn how to enable and activate Gemini in BigQuery features, see Set up Gemini in BigQuery.

Bigtable Data Boost, a serverless compute service designed for high-throughput read jobs and queries, is available in Preview.

You can now build distributed counters with Bigtable with write-time aggregates. This feature is available in Preview.

You can control access to data in your Bigtable tables with authorized views. This feature is generally available (GA).

Bigtable app profiles let you configure request priorities to prioritize certain workload data requests over others. This feature is now generally available (GA).

The following Gemini in Databases features are now available in Public Preview:

• Database Center: an AI-assisted dashboard that gives you one centralized view across your entire database fleet.
• Cloud SQL Studio: lets authorized users interact directly with the SQL database and run SQL queries from the Google Cloud console to access and manipulate data.
• Monitor active queries: monitor and troubleshoot the queries that are active in your database.
• Index advisor: a fully managed index advisor that tracks the queries your database handles regularly.
• 4-week query metric retention in the Query Insights dashboard.
• 17 new database insight recommendations.

To learn how to enable and activate Gemini in Databases, see Set up Gemini in Databases.

Cloud SQL for MySQL now supports the storage of vector embeddings in MySQL 8.0.36 and later databases. To use this feature, update your instance to MySQL 8.0.36.R20240401.03_00 or later.

After you store vector embeddings in your database, you can then perform K-nearest neighbor (KNN) searches on the dataset along with the rest of your data. Cloud SQL for MySQL also supports the creation of vector search indexes for several different index types using approximate nearest neighbor (ANN) search.

For more information, see Working with vector embeddings using Cloud SQL for MySQL. This feature is in Preview.

The following Gemini in Databases features are now available in Public Preview:

• Database Center: an AI-assisted dashboard that gives you one centralized view across your entire database fleet.
• Cloud SQL Studio: lets authorized users interact directly with the SQL database and run SQL queries from the Google Cloud console to access and manipulate data.
• Monitor active queries: monitor and troubleshoot the queries that are active in your database.
• Index advisor: a fully managed index advisor that tracks the queries your database handles regularly.
• 4-week query metric retention in the Query Insights dashboard.
• 15 new database insight recommendations.

To learn how to enable and activate Gemini in Databases, see Set up Gemini in Databases.

The following Gemini in Databases features are now available in Public Preview:

• Database Center: an AI-assisted dashboard that gives you one centralized view across your entire database fleet.
• Cloud SQL Studio: lets authorized users interact directly with the SQL database and run SQL queries from the Google Cloud console to access and manipulate data.
• 9 new database insight recommendations.

To learn how to enable and activate Gemini in Databases, see Set up Gemini in Databases.

Generally available: N4 VMs are generally available on the Intel Emerald Rapids CPU with 640 GB DDR5 memory. The N4 machine series offers predefined and custom machine types with extended memory and Hyperdisk Balanced storage.

N4 VMs are available in limited regions and zones.

See VM pricing for cost details.

Generally available: You can plan ahead for VM maintenance on M1, M2, and M3 machine types by viewing their maintenance schedule notifications. For specific machine types within these families, you can also trigger VM maintenance ahead of schedule.

Dataproc Serverless for Spark: The preview release of Advanced troubleshooting, including Gemini-assisted troubleshooting, is now available for Spark workloads submitted with the following or later-released runtime versions:

• 1.1.55
• 1.2.0-RC1
• 2.0.63
• 2.1.42
• 2.2.0-RC15

Dataproc Serverless for Spark: Announcing the preview release of Autotuning Spark workloads.

New Imagen on Vertex AI image generation model and features

The 006 version of the Imagen 2 image generation model (imagegeneration@006) is now available. This model offers the following additional features:

• Additional aspect ratios (1:1, 3:4, 4:3, 9:16, 16:9)
• Digital watermark (SynthID) enabled by default
• Watermark verification*
• New user-configurable safety features (safety setting, person/face setting)

For more information, see Model versions and Generate images using text prompts.

* The seed field can't be used while digital watermark is enabled.

New Imagen on Vertex AI image editing model and features

The 006 version of the Imagen 2 image editing model (imagegeneration@006) is now available. This model offers the following additional features:

• Inpainting - Add or remove content from a masked area of an image
• Outpainting - Expand a masked area of an image
• Product image editing - Identify and maintain a primary product while changing the background or product position

For more information, see Model versions.

Grounding Gemini and Grounding with Google Search

The Gemini API now supports Grounding with Google Search in Preview. Currently available for Gemini 1.0 Pro models.

Generative AI on Vertex AI security control update

Security controls are available for the online prediction feature for Gemini 1.0 Pro and Gemini 1.0 Pro Vision.

New text embedding models

The following text embedding models are now in Preview.

• text-embedding-preview-0409
• text-multilingual-embedding-preview-0409

When evaluated using the MTEB benchmarks, these models produce better embeddings compared to previous versions. The new models also offer dynamic embedding sizes, which you can use to output smaller embedding dimensions, with minor performance loss, to save on computing and storage costs.

For details on how to use these models, refer to the public documentation and try out our Colab.

System instructions

System instructions are supported in Preview by the Gemini 1.0 Pro (stable version gemini-1.0-pro-002 only) and Gemini 1.5 Pro (Preview) multimodal models. Use system instructions to guide model behavior based on your specific needs and use cases. For more information, see System instructions examples.

Supervised Tuning for Gemini

Supervised tuning is available for the gemini-1.0-pro-002 model.

Online Evaluation Service

Generative AI evaluation supports online evaluation in addition to pipeline evaluation. The list of supported evaluation metrics has also expanded. See API reference and SDK reference.

Cloud Tensor Processing Units (TPUs) are now available in GKE Autopilot clusters running version 1.29.2-gke.1521000 or later. To learn more, visit Deploy TPU workloads on GKE Autopilot.

Flow Analyzer is now available in Preview.

Flow Analyzer lets you quickly and efficiently understand your VPC traffic flows without the need to write complex SQL queries for analyzing VPC Flow Logs.

The following Gemini in Databases features are now available in Public Preview:

• Spanner Studio (GA): lets users interact with the SQL database and run SQL queries from the Google Cloud console to access and manipulate data.
• Spanner now supports the use of Gemini models with GoogleSQL and PostgreSQL machine learning prediction functions.

To learn how to enable and activate Gemini in Databases, see Set up Gemini in Databases.

Spanner now supports the ML_PREDICT_ROW() function for PostgreSQL. You can use this function to generate predictions using SQL. To learn more about this function and how to use it, see Using Spanner Vertex AI integration functions.

You can now generate ML predictions using the Spanner emulator with GoogleSQL and PostgreSQL.

Spanner GoogleSQL now supports SAFE.ML.PREDICT(), which allows you to return a null instead of an error in your predictions.

You can generate and backfill vector embeddings for textual data (STRING or JSON) stored in Spanner using GoogleSQL partitioned DML and the Vertex AI textembedding-gecko model. For more information, see Generate vector embeddings for textual data in bulk using partitioned DML.

Spanner now supports several new PostgreSQL JSONB functions:

• spanner.jsonb_query_array()
• jsonb_build_array()
• jsonb_build_object()

The PostgreSQL CONCAT() function also supports more than 4 arguments.

For more information, see Supported PostgreSQL functions.

Spanner has extended the array data type with the VECTOR LENGTH parameter (in Preview). This optional parameter sets an array to a fixed size for use in a vector search. For more information, see the PostgreSQL array data type or the GoogleSQL array data type.

Spanner now supports the dot_product() function (in Preview). For more information, see Choose among vector distance functions to measure vector embeddings similarity.`

Spanner now supports the float32 (GoogleSQL) and float4/real (PostgreSQL) data type (in Preview).

Spanner now supports the use of Gemini models with GoogleSQL and PostgreSQL machine learning prediction functions (in Preview).

Spanner now supports using LangChain with the vector store, document loader, and chat message history objects. For more information, see Build LLM-powered applications using LangChain.

Vertex AI Search: Document chunking support for more search types (Public preview)

When document chunking is turned on for an unstructured data store, search summaries and search with follow-ups are supported in Public preview.

For information, see Chunk documents for RAG.

Vertex AI Search: Document ranking API (Public preview)

The ranking API takes a list of documents and reranks those documents based on how relevant the documents are to a query. This is a stateless API that does not require you to index documents in advance.

For more information, see Rank and rerank documents.

Vertex AI Search: Check grounding (Public preview)

The check grounding API is available as a Public preview feature.

The check grounding API determines how grounded a piece of text is in a given set of facts. Perfect grounding requires that every statement in the text can be attributed to one or more of the given facts. The API returns support scores and citations.

Additionally, as an experimental feature, the API also generates contradicting citations that show which facts contradict the text and how strongly.

For more information, see Check grounding and the check API.

Vertex AI Search: Answers with summaries and follow-ups (Public preview)

The answer API improves on the search with summary and search with follow-ups features. For example, it better handles complex queries, can do multi-step retrieval, and provides customization of answer styles.

The answer API is supported in Public preview.

For more information, see Get answers and follow-ups.

Vertex AI Search: FHIR data streaming ingestion (Private preview)

Select the import frequency for your healthcare FHIR data. You can either perform a one-time batch import or set up a streaming import. Streaming import is available as a Private preview feature.

For more information, see Create a healthcare search data store.

Vertex AI Search: Autocomplete support for healthcare search (Public preview)

Autocomplete is available as a Public preview feature for healthcare data search. The autocomplete configuration uses a canonical medical data source to generate autocomplete suggestions for healthcare data stores.

For more information, see Configure autocomplete.

Vertex AI Search: Connect Google Drive to Vertex AI Search (GA)

Syncing Google Drive data to Vertex AI Search is available in GA. For more information about creating a Google Drive data store, see Sync from Google Drive.

Vertex AI Search: Connect multiple search apps to the same data store (GA)

Connecting more than one generic search app to a single data store is supported in GA. With this capability, you can create multiple apps that search across the same data without having to ingest that data multiple times.

Vertex AI Search: Blended search (GA)

Blended search, where you can search across multiple data stores using a single search app, is available in GA. For more information about blended search, see About connecting multiple data stores.

Vertex AI Search: Connect Spanner, Cloud SQL, Firestore, and Bigtable to Vertex AI Search (Public preview)

Importing data from Spanner, Cloud SQL, Firestore, and Bigtable to Vertex AI Search is available in Public preview. For more information about creating a Google Drive data store, see Create a search data store.

Vertex AI Search: Additional languages supported for media search

Vertex AI Search for media is supported in nine languages: Arabic, English, French, German, Hindi, Korean, Japanese, Portuguese, and Spanish.

For more information, see Languages.

Vertex AI Search: Search-as-you-type for media apps (GA)

The search-as-you-type feature is Generally available (GA) for media search apps.

Search results are returned after each character instead of after the full query is entered. Search-as-you-type is ideal for search apps with awkward input devices such as television remotes. You can enable search-as-you-type through the widget UI as well as through the API.

For more information, see Get search-as-you-type results for a media app.

You can preview a simplified installation method for AlloyDB Omni. This lets you install and run AlloyDB Omni on your environment using portable open-source tools, such as the docker command-line interface.

AlloyDB Omni version 15.5.1 is now available. This version includes the following features and changes:

• The AlloyDB Omni Kubernetes Operator version 1.0.0 is Generally Available (GA). The operator includes the following new features:

  • Backups now support point-in-time recovery (PITR).
  • You can create asynchronous read pool instances.
  • High availability (HA) database clusters can have more than one standby replica
  • HA database clusters don't require any change in connection parameters when failing over.
  • You can use an HA standby replica as a read-only instance.
  • You can enable and configure logical replication.
  • You can set up physical replication between a primary and secondary database cluster running on two separate Kubernetes clusters.
  • You can restrict AlloyDB Omni pods to run on specific nodes in your Kubernetes cluster.
  • A number of database and system metrics are available.

• The pg_squeeze extension version 1.0 is included.

• Various bug fixes and performance improvements.

BigQuery Studio is generally available (GA).

BigQuery Studio lets you save, share, and manage versions of code assets such as notebooks and saved queries.

BigQuery DataFrames is generally available (GA).

BigQuery DataFrames is a set of open source Python libraries that implements the pandas and scikit-learn APIs with server-side processing. To get started, you can try BigQuery DataFrames.

The BigQuery materialized view recommender analyzes your past query jobs to identify opportunities to apply materialized views to your queries for potential cost savings. You can view all available materialized view recommendations through the BigQuery UI or Recommender API. This feature is in preview.

Cloud NGFW Enterprise, including the intrusion prevention service, is available in General Availability. Use intrusion prevention service to safeguard your workload traffic from threats such as malware, spyware, and command-and-control attacks.

Application Load Balancers now support Certificate Manager allowlisted certificates. For more information, see Mutual TLS authentication.

This capability is in General Availability.

Hybrid NAT is now available in Preview.

Cloud SQL Enterprise Plus edition primary instances with high availability (HA) now require less than one second of downtime for planned maintenance.

Cloud SQL Enterprise Plus edition primary instances with high availability (HA) now require less than one second of downtime for planned maintenance.

Code Transformations for Gemini Code Assist are now available for Public Preview. You can now use an inline text box directly in your code file to do the following:

• Generate comment lines to document your code.
• Troubleshoot code with issues.
• Improve code readability.
• Make code more efficient.

You can also view context sources of a generated response in the Gemini: Chat pane.

For more information, see Code with Gemini Code Assist.

Code Transformations for Gemini Code Assist are now available for Public Preview. You can now use an inline text box directly in your code file to do the following:

• Generate comment lines to document your code.
• Troubleshoot code with issues.
• Improve code readability.
• Make code more efficient.

You can also view context sources of a generated response in the Gemini: Chat pane.

For more information, see Code with Gemini Code Assist.

Firestore now supports the following additional locations:

• africa-south1 Johannesburg
• europe-north1 Finland
• europe-southwest1 Madrid
• europe-west10 Berlin
• europe-west12 Turin
• europe-west8 Milan
• southamerica-west1 Santiago
• us-central1 Iowa
• us-east5 Columbus

For a full list of supported locations, see Locations.

Firestore in Datastore mode now supports the following additional locations:

• africa-south1 Johannesburg
• europe-north1 Finland
• europe-southwest1 Madrid
• europe-west10 Berlin
• europe-west12 Turin
• europe-west8 Milan
• southamerica-west1 Santiago
• us-central1 Iowa
• us-east5 Columbus

For a full list of supported locations, see Locations.

Vector search capabilities are now Generally Available on Memorystore for Redis.

You can now ingest streaming data from Amazon Kinesis Data Streams into Pub/Sub by using an import topic. For more information about import topics, including required roles and permissions and how to create an import topic, see Create an import topic. The change is being rolled out in a phased manner over the rest of the week.

You can now add a time to live (TTL)-based deletes filter to your Spanner change streams using the exclude_ttl_deletes option.

You can now add a table modification type filter to your Spanner change streams to exclude INSERT, UPDATE, or DELETE table modifications.

Spanner change streams now support a new value capture type called NEW_ROW_AND_OLD_VALUES. This new type captures all new values for both modified and unmodified columns, and old values for modified columns.

Differential privacy is now generally available (GA).

You can now use BigLake to access Delta Lake tables. For more information, see Create Delta Lake BigLake tables. This feature is available in preview.

The Cloud Billing FinOps hub is now Generally Available

Use the FinOps hub to monitor and share your current savings, explore recommended opportunities to optimize costs, and plan your optimization goals. The FinOps hub dashboard generates recommendations based on historical usage, including recent usage and current commitments, and helps you gauge how well you're using Google Cloud tools to monitor and save costs.

Learn about using FinOps hub.

Database Migration Service now supports physical backup files created by using the Percona XtraBackup utility for homogeneous MySQL to Cloud SQL for MySQL migrations. For more information, see Migrate your databases by using a Percona XtraBackup physical file.

Custom constraints for Cloud Storage are now available. You can use custom constraints to enforce policies on Cloud Storage resources, such as a policy that enforces all buckets to have Object Versioning enabled.

The following Dataflow templates are generally available (GA):

• Google Cloud to Neo4j
• Pub/Sub to Datadog

Support for Customer-managed encryption keys (CMEK). This feature is in Preview.

Support for Customer-managed encryption keys (CMEK). This feature is in Preview.

(New guide) Use Google Cloud Armor, load balancing, and Cloud CDN to deploy programmable global front ends: Provides an architecture that uses a global front end incorporating Google Cloud best practices to help scale, secure, and accelerate the delivery of internet-facing applications.

GPU NVIDIA Multi-Process Service (MPS) is available in version 1.27.7-gke.1088000 and later, which allows multiple workloads to share a single NVIDIA GPU hardware accelerator with NVIDIA MPS.

Added support for new node types, including smaller and larger nodes. For more details, see Cluster and node specification.

Added support for AOF and RDB persistence (Preview). For more details, see Persistence overview.

Added support for instance configurations (Preview). For more details, see Supported instance configurations.

The allow_non_incremental_definition option and max_staleness option for materialized views are now generally available (GA). The allow_non_incremental_definition option supports an expanded range of SQL queries to create materialized views, and the max_staleness option provides consistently high performance with controlled costs when processing large, frequently changing datasets.

You can now perform model monitoring in BigQuery ML. The following model monitoring functions are now in preview:

• ML.DESCRIBE_DATA: compute descriptive statistics for a set of training or serving data.
• ML.VALIDATE_DATA_SKEW: compute the statistics for a set of serving data, and then compare them to the statistics for the data used to train a BigQuery ML model in order to identify anomalous differences between the two data sets.
• ML.VALIDATE_DATA_DRIFT: compute and compare the statistics for two sets of serving data in order to identify anomalous differences between the two data sets.
• ML.TFDV_DESCRIBE: compute fine-grained descriptive statistics for a set of training or serving data. This function provides the same behavior as the TensorFlow tfdv.generate_statistics_from_csv API.
• ML.TFDV_VALIDATE: compute and compare the statistics for training and serving data, or two sets of serving data, in order to identify anomalous differences between the two data sets. This function provides the same behavior as the TensorFlow validate_statistics API.

BigQuery data clean rooms with analysis rules and enhanced usage metrics are now generally available (GA). Data clean rooms provide a security-enhanced and privacy-preserving environment for multiple parties to share and augment data without moving or revealing the underlying data.

Join restrictions, list overlap, differential privacy with privacy budgeting, and aggregation thresholding are now enforceable in BigQuery data clean rooms using analysis rules.

For Cloud SQL Enterprise Plus edition, you can now use advanced disaster recovery (DR) to simplify recovery and fallback processes after you perform a cross-regional failover. With advanced DR, you can:

• Designate a cross-region disaster recovery (DR) replica
• Perform replica failover
• Restore your original deployment by using zero data loss switchover

You can also use switchover to simulate disaster recovery without data loss.

For more information, see Advanced disaster recovery (DR) and Use advanced disaster recovery (DR). This feature is in Preview.

Generally available: Simplify block storage management for Compute Engine instances with Hyperdisk Storage Pools. A Hyperdisk Storage Pool is a pre-purchased collection of disk capacity, throughput, and IOPS which you can then provision to your applications as needed. By managing disks in aggregate, you can save costs while achieving expected capacity and performance growth. For more information, see About Hyperdisk Storage Pools.

Add NVIDIA GPU drivers R550 branch and update latest to 550.54.14.

Vertex AI Conversation: You can now create a data store in one language that is connected to an agent that uses different languages.

With this release, Apigee expanded its support for data residency to additional regions in Asia-Pacific and the Middle East. Data residency for Apigee meets compliance and regulatory requirements by allowing you to specify the geographic locations (regions) where Apigee data is stored.

For more information, see Introduction to data residency.

For a list of supported geographic locations, see Apigee locations.

You can set maximum time limits for tasks and runnables. For more information, see Limit run times for tasks and runnables using timeouts.

Collation now supports the following generally available (GA) features:

• The underscore in the LIKE operator.
• Comparison support for the STRUCT data type with the following operators and conditional expressions: =, !=, IN and CASE.

You can now configure materialized views with tables enabled for change data capture (CDC) streaming update and delete operations.

Curated Detections has been enhanced with new detection content for Cloud Threats category. These new rule sets identify threats in AWS environments and are generally available to customers with a Chronicle Security Operations Enterprise and Enterprise Plus license.

Curated Detections rule packs covering AWS threats are generally available to Chronicle Enterprise and Enterprise Plus customers.

The cross-region internal Application Load Balancer supports backends in multiple regions, provides seamless cross-region failover using Cloud DNS routing policies, and is globally accessible by clients from any Google Cloud region, on premise, or other clouds. Supports Google-managed certificates using Cloud Certificate Manager and Certificate Authority Service.

For details, see the Internal Application Load Balancer overview.

To set up a cross-region internal Application Load Balancer, see the following pages:

• Instance group backends

• Mixed zonal and hybrid connectivity NEG backends

• Cloud Run backends

This capability is in General Availability.

The cross-region internal proxy Network Load Balancer supports backends in multiple regions, provides seamless cross-region failover, and is globally accessible by clients from any Google Cloud region, on premise, or other clouds.

For details, see the Internal proxy Network Load Balancer overview.

To set up a cross-region internal proxy Network Load Balancer, see the following pages:

• Instance group backends

• Mixed zonal and hybrid connectivity NEG backends

This capability is in General Availability.

The Logging query language now supports the cast and regexp_extract functions. For more information, see the Logging query language documentation.

You can now migrate your external MySQL 5.7 and 8.0 databases into Cloud SQL for MySQL by using Percona XtraBackup physical files. This feature is in Preview.

For more information, see Migrate to Cloud SQL from an XtraBackup physical file.

You can now migrate data in the tables of your database in parallel. There's a performance improvement because Cloud SQL can transfer the data with parallel processes within a database. You can set the speed that Cloud SQL transfers this data to min, optimal, or max.

Managed folders are now available in the Google Cloud Console.

You can now use managed folders in your Cloud Storage buckets using the Cloud Console. You can create, list, move, and delete your managed folders in the Console, as well as set IAM policies. To learn more, see Create and manage managed folders.

Improved support for AlloyDB, by adding new fields to AlloyDBCluster and AlloyDBInstance.

Dialogflow CX: Language auto detect is now available for chat conversations. You can configure Dialogflow CX to detect an end-user's language and automatically respond in that same language. See the language reference page for a list of languages available for this feature.

You can now use Firestore to perform K-nearest neighbor (KNN) vector searches. This feature is in Preview.

(New guide) Infrastructure for a RAG-capable generative AI application using GKE: Design the infrastructure to run a generative AI application with retrieval-augmented generation (RAG) using GKE, Cloud SQL, and open source tools like Ray, Hugging Face, and LangChain.

Cloud Armor Enterprise Paygo (formerly Managed Protection Plus Paygo) is now Generally Available. Learn more about Cloud Armor Enterprise service tiers.

The GKE compliance dashboard now offers compliance evaluation for CIS Kubernetes Benchmark 1.5, Pod Security Standards (PSS) Baseline, and PSS Restricted standards in Preview. To learn more, see About the compliance dashboard.

GKE threat detection is now available in Preview. Threats against the Kubernetes control plane impacting your GKE Enterprise clusters are now visible in the GKE security posture dashboard. To learn more, see About GKE threat detection.

AlloyDB Studio is now generally available (GA). AlloyDB Studio includes an Explorer pane that integrates with an enhanced query editor, letting you browse, query, and modify your AlloyDB databases with this single interface. For more information, see Manage your data using AlloyDB Studio.

Artifact Analysis automatic scanning for Ruby, Rust, .NET and PHP vulnerabilities in container images is now generally available. If the Container Scanning API is enabled, it scans container images pushed to Artifact Registry for Ruby, Rust, .NET and PHP vulnerabilities, in addition to already supported operating system and language package vulnerabilities.

Artifact Analysis returns Ruby, Rust, .NET and PHP vulnerability results for images that have a supported or unsupported operating system. When you push new versions of images to the registry, you might see more successful vulnerability scans against images without a supported operating system.

For more information, see Container scanning overview.

The following BigQuery ML features are now in preview:

• Performing supervised tuning on a remote model based on a Vertex AI text-bison large language model (LLM).
• Evaluate a Vertex AI LLM using the ML.EVALUATE function. Pre-trained text-bison, text unicorn, or gemini-pro models and tuned text-bison models are supported for evaluation.

Try tuning and evaluating an LLM with the Customize an LLM by using supervised fine tuning how-to topic.

You can now scale up the compute size (vCPU, memory) of a Cloud SQL Enterprise Plus edition primary instance with near-zero downtime.

You can now scale up the compute size (vCPU, memory) of a Cloud SQL Enterprise Plus edition primary instance with near-zero downtime.

You can now use SSL mode instead of the legacy require_ssl setting to specify the encryption requirements for connections to your Cloud SQL for SQL Server instances. For more information, see Enforce SSL/TLS encryption.

You can now use Customer-Managed Encryption Keys (CMEK) to protect repositories in Dataform. CMEK in Dataform is available in preview. For more information, see Use customer-managed encryption keys.

Dialogflow CX: Call companion is now generally available with new user interface settings.

Dialogflow CX: Dialogflow CX phone gateway is now generally available.

Vertex AI Conversation: Data stores now support parse and chunk configuration.

Fine tuning generative AI models within the Custom Extractor is now supported in GA. For more information, see custom processors and fine tuning pricing.

Eventarc support for creating triggers for direct events from Cloud Deploy is generally available (GA).

Model Garden supports all Text Generation Inference supported models in HuggingFace:

• Verified deployment settings for about 400 Hugging Face text generation models (including google/gemma-7b-it, meta-llama/Llama-2-7b-chat-hf, and mistralai/Mistral-7B-v0.1).
• Other Hugging Face text generation models have unverified deployment settings that are auto generated.

Observability for Google Kubernetes Engine: Added a dashboard for Tensor Processing Unit (TPU) metrics on the Observability tab of both the cluster listing and cluster details pages for GKE clusters. The charts on this dashboard are populated with data only if the cluster has TPU nodes and GKE system metrics is enabled. For more information, see View observability metrics.

To learn more, see Delay destruction of secret versions.

Enterprise tier released to General Availability

The Enterprise tier, which transforms Security Command Center into a cloud-native application protection platform (CNAPP) that combines cloud security and enterprise security operations with multicloud support, is released to General Availability.

The following features and capabilities of the Enterprise tier are new to Security Command Center:

• Multicloud support: You can now connect Security Command Center to Amazon Web Services for the following capabilities:
  • Detect threats and vulnerabilities
  • Assess the risk exposure of your high-value AWS resources
  • Assess compliance with security standards
• A new Security Operations console for global security operations tasks
• SIEM and SOAR capabilities for security operations
  • Security investigation and event management (SIEM) capabilities:
    • Ingest and normalize logs from Google Cloud, AWS, Security Command Center findings, and resource metadata from multiple sources
    • Detect the most important cloud threats with curated threat detection
    • Search across consolidated SIEM data
  • Security operations and response (SOAR) capabilities:
    • Manage detections, investigations, and responses with cases
    • Automate response workflows with playbooks
    • Focus on posture and threat findings with dedicated views in the Security Operations console
    • Integrate with IT service management products, such as Jira and ServiceNow, for posture management
    • Search across consolidated SOAR data
• The following attack exposure scoring features are in General Availability:
  • Attack exposure scores now calculated for high-value resources
  • Severities of vulnerability findings can vary to align with attack exposure scores
  • Optional automated assignment of resource values with Sensitive Data Protection
• Vulnerability and misconfiguration detections
  • Security Health Analytics includes the following enhancements:
    • New misconfiguration detectors for AWS resources
    • Detectors are mapped to new security standards
  • You can now manage the remediation of critical and high severity vulnerability and misconfiguration findings using cases that are automatically opened for you.
• Threat detection and investigation
  • Detect threats in your AWS deployments
  • Investigate and respond to incidents with SIEM-like capabilities across 90 days of cloud logs
  • Manage the investigation of and response to threats by using cases
  • Define response workflows and automated actions in response to threats by using playbooks
• Mandiant Attack Surface Management integration
  • Mandiant Attack Surface Management scans your external attack surfaces to identify vulnerability and misconfiguration findings
• Sensitive Data Protection integration
  • The Risk overview page of Security Command Center in the Google Cloud console now shows data security findings from the Sensitive Data Protection discovery service
  • Findings from Sensitive Data Protection that indicate the sensitivity and data risk levels of your data can inform the automated assignment of resource values for the attack path simulation feature
• Gemini artificial intelligence features
  • Natural language search for threat findings
  • AI investigation widget for cases
• Compliance, security standards
  • Support for AWS security standards
• Validate infrastructure as code (IaC) against organization policies and Security Health Analytics detectors. The IaC validation feature lets you determine whether your new or modified resource definitions violate the existing policies that are applied to your Google Cloud resources.
• Integration with Assured Open Source Software The paid tier of Assured OSS is included with your Enterprise tier license, so that you can enhance your code security by using the open source software packages that Google uses for its own developer workflows.

With this release, Apigee expanded its support for data residency to additional regions in Canada. Data residency for Apigee meets compliance and regulatory requirements by allowing you to specify the geographic locations (regions) where Apigee data is stored.

For more information, see Introduction to data residency.

For a list of supported geographic locations, see Apigee locations.

Backup and DR Service added support to automatically protect your compute engine instances using Google Cloud tags. The dynamic protection tags feature is supported for backup/recovery appliances running on version 11.0.10.417 or later. You can check the appliance version from Manage > Appliances page.

You can now enable, disable, and analyze history-based optimizations for queries. This feature is in preview.

The BigQuery Data Transfer Service for Search Ads 360 now supports the new Search Ads 360 Reporting API. You can use the Search Ads 360 connector to specify custom Floodlight variables and custom columns when transferring Search Ads 360 data to BigQuery. This feature is now generally available (GA).

Scope 2 market-based emissions data is now launched in Preview. This metric represents purchased electricity, incorporating Google's annual renewable energy purchases. Scope 2 emissions on this page are estimated using annual emissions factors from government sources (IEA, EPA & AIB). You can learn more here about the methodology and the difference between location-based and market-based emission metrics.

Scope 2 market-based emissions data is available only from January 2023 onwards and can be accessed in:

• The console Dashboard on the Market-based emissions tab, and

• The BigQuery export as field carbon_footprint_kgCO2e.scope2.market_based in the export data schema.

Please note that data already exported to BigQuery for previous months will still have Scope 2 market-based emissions data as NULL in your exported tables. To see the newly-released market-based data, schedule a manual data backfill for the desired time period. Note that there is a half-month lag of our data release. For example, to backfill January and February 2023 data, run the backfill for February 15, 2023 and March 15, 2023, which will update the data for January and February 2023 in your BigQuery table.

You can now configure advanced traffic management using flexible pattern matching. This feature allows you to use wildcard syntax anywhere in your path matcher configuration. You can use this feature to customize origin routing for different types of traffic and request and response behaviors. In addition, you can now use results from your pattern matching to rewrite the path that is sent to the origin.

Pattern matching with wildcards is now supported for the following products:

• Global external Application Load Balancer (launched previously)
• Regional external Application Load Balancer
• Cross-region internal Application Load Balancer
• Regional internal Application Load Balancer
• Traffic Director

For details, see URL maps overview: Wildcards and pattern matching operators in path templates for route rules.

This capability is available in General availability.

Google Cloud Storage now offers Dual-region Google Egress Bandwidth quotas per dual-region location. See Bandwidth usage in Cloud Storage.

Added NVIDIA GPU drivers R550 branch and update latest to 550.54.14.

Added NVIDIA GPU drivers R550 branch and update latest to 550.54.14.

Added NVIDIA GPU drivers R550 branch and update latest to 550.54.14.

Added NVIDIA GPU drivers R550 branch and update latest to 550.54.14.

Dataproc Metastore now supports managed migrations.

Managed migration is an automated feature that helps you migrate data from a self-managed Hive Metastore to a Dataproc Metastore service, without any sizable down time.

Dataproc Metastore now supports autoscaling. Autoscaling automatically increases or decreases the scaling factor required to run your workloads.

You can use Packet Mirroring to collect IPv6 traffic. This feature is available in General Availability.

General Availability: Network Topology provides dedicated views and insights of VMs and instance groups that generate higher egress is now . You can further filter the traffic based on the following traffic types: all egress, cross-zonal egress, egress to internet, and hybrid egress. For more information, see Network Topology overview.

With this release, Apigee expanded its support for data residency to additional regions in the European Union. Data residency for Apigee meets compliance and regulatory requirements by allowing you to specify the geographic locations (regions) where Apigee data is stored.

For more information, see Introduction to data residency.

For a list of supported geographic locations, see Apigee locations.

New Apigee API Monitoring Metrics

An new suite of metrics for monitoring Apigee proxies and target endpoints is now available. With improved scalability and accuracy, the new suite can support large workloads and withstand underlying infrastructure changes.

Apigee's API Monitoring tables and dashboards have been updated to include the following new metrics, which can be used to configure alerts and create custom dashboards:

proxy/request_count
proxy/response_count
proxy/latencies
target/request_count
target/response_count
target/latencies

Chronicle now supports direct ingestion and parsing of Google Cloud Next Generation Firewall (NGFW) Enterprise logs.

Database Migration Service now supports faster migrations of large PostgreSQL databases to AlloyDB for PostgreSQL.

For information about creating migration jobs using the high-performance parallelism settings, see Create a migration job to a new destination instance and Create a migration job to an existing destination instance.

The Storage Control API is now available for use. The Storage Control API lets you perform metadata-specific, control plane, and long-running operations. To learn more about the Storage Control API and operations you can perform, see Storage Control API overview.

Dialogflow CX: You can now enable smart endpointing.

Vertex AI Retail Search: Search analytics v2 improvements

• Enhanced dashboard experience: Leverages Looker for a more interactive and informative analysis of your search and browse performance.
• Detailed metrics: Gain granular insights with per-search/per-browse metrics, along with metrics tied to search/browse visits.
• Full funnel reporting: Analyze page-views, add-to-cart events, purchases, and revenue to understand the entire customer conversion journey.
• Flexible analysis: Filter data by date ranges and device types to tailor your analysis.

The following compliance programs now support the following products. See supported products for more information:

• Australia Regions with Assured Support:
  • Access Transparency
• Canada Regions and Support:
  • Access Transparency
• EU Regions and Support:
  • Access Approval
  • Certificate Authority Service
  • Cloud Monitoring
  • Cloud Run
  • Firestore
  • Sensitive Data Protection
• FedRAMP Moderate:
  • Artifact Registry
  • Cloud Workstations
• Israel Regions and Support:
  • Dataflow
  • Memorystore for Redis
• Japan Regions:
  • Access Approval
  • Access Transparency
• US Regions and Support:
  • Access Transparency

You can now query data in SAP Datasphere using a federated query. This feature is in preview.

Query optimization using search indexes is now applied to comparisons of string literals and indexed data, including the equal (=), IN, and LIKE operators and the STARTS_WITH function. This feature is generally available (GA).

Preview: Capacity planner supports the following for data aggregated by organization ID:

• View and export the actual and forecasted usage data of the VMs and persistent disks in your organization.

• Generate gcloud CLI commands to create future reservation requests based on the actual or forecasted usage data of your VMs by organization.

For more information, see the following pages:

• About Capacity Planner

• Export usage and forecast data in Capacity Planner

• Reserve capacity from actual or forecasted usage

• View actual and forecasted usage in Capacity Planner

Pie charts are now available for visualizing data in the Log Analytics page. For more information, see Change chart type.

Uptime checks now support authentication by using a service account and a generated OpenID Connect (OIDC) token, as an alternative to providing a username and password. For more information, see Create public uptime checks.

You can now simulate a planned maintenance update with near-zero downtime on your Cloud SQL Enterprise Plus primary instance without updating your database. For more information, see About maintenance on Cloud SQL instances.

You can now simulate a planned maintenance update with near-zero downtime on your Cloud SQL Enterprise Plus primary instance without updating your database. For more information, see About maintenance on Cloud SQL instances.

The Dataflow right fitting feature is now supported by non-Prime batch pipelines.

Dataproc on Compute Engine: New Hadoop Google Secret Manager Credential Provider feature introduced in latest Dataproc on Compute Engine 2.0 image versions.

(New guide) Model development and data labeling with Google Cloud and Labelbox: Provides guidance for building a standardized pipeline to help accelerate the development of ML models.

(New guide) Jump Start Solution: Generative AI RAG with Cloud SQL: Deploy a retrieval augmented generation (RAG) application with vector embeddings and Cloud SQL.

(New guide) Build and deploy generative AI and machine learning models in an enterprise: Describes the generative AI and machine learning blueprint, which deploys a pipeline for creating AI models.

The SWITZERLAND_SOCIAL_SECURITY_NUMBER infoType detector is available in all regions. For more information about all built-in infoTypes, see InfoType detector reference.

Vertex AI Search: Autocomplete updates

Autocomplete is Generally available (GA) for the US and EU multi-regions as well for the global region.

Autocomplete supports access transparency. This means that, when access transparency is enabled, if Google personal access your autocomplete data, this is recorded in the Access Transparency logs.

For information about autocomplete, see Configure autocomplete, and for information about Access Transparency, see Enable Access Transparency in Vertex AI Search.

Vertex AI Search: Structured data stores (GA)

Use of data stores containing structured data is Generally available (GA). Additionally, two new field value types are allowed for structured data stores: geolocation and datetime.

For information about structured data stores, see Structured data in Prepare for ingesting and Schemas: auto-dectection versus providing you own.

Vertex AI Search: Boost search results (Public preview)

Boosting search results using custom numerical attributes and according to freshness is available in Public preview.

For more information, see Boost search results.

Vertex AI Search: Extractive segments and relevance scores (GA)

Extractive segments and relevance scores for extractive segments are GA.

For more information, see Extractive segments.

Vertex AI Search: Document chunking and parsing improvements (Public preview)

The following improvements have been introduced for document chunking and parsing:

• Adjacent chunks: When returning chunks in search responses, you can return chunks from immediately before and after the relevant chunk in the source document. Doing so can improve context and accuracy.
• Page span: Chunk metadata in search responses includes the span of pages where the chunk appeared in the source document.
• List chunks: List all chunks from a specific source document.
• Get chunks: Get a specific chunk.
• Get processed documents in JSON: Get a parsed document or a chunked document in JSON format.
• Bring your own chunks (Preview with allowlist): Upload data that you've already chunked. Contact your Google account team if you're interested in trying this feature.

For more information, see Parse and chunk documents.

Vertex AI Search: Media recommendations analytics (GA)

Analytics for media recommendations are GA. You can view analytics for your media recommendations apps in the Google Cloud console.

For more information, see View analytics.

Support for future major upgrades

Currently, Google supports minor upgrades which make changes to the remote agent code only.

We have now added support for the customer to carry out a major upgrade which requires changes to the entire OS or libraries in the machine.

You will receive clear instructions before a major upgrade. These must be followed very carefully in order to ensure the Remote Agent can continue to work with your machine.

Support for updating custom environment variables (ID #47675122)

You can now configure environment variables on the agent.

A new migration job status called Running with errors is available for heterogeneous Oracle migrations in Database Migration Service. This status represents migration jobs that encounter errors, but continue replicating data for unaffected objects and attempt to retry faulty operations.

For more information, see Migration job statuses for Oracle to AlloyDB for PostgreSQL and Migration job statuses for Oracle to Cloud SQL for PostgreSQL.

Database Migration Service now supports faster migrations of large PostgreSQL databases to Cloud SQL for PostgreSQL.

For information about creating migration jobs using the high-performance parallelism settings, see Create a migration job to a new destination instance and Create a migration job to an existing destination instance.

Typically with HTTPS communication, the authentication works only one way: the client verifies the identity of the server. For applications that require the load balancer to authenticate the identity of clients that connect to it, regional external Application Load Balancer, regional internal Application Load Balancer, and cross-region internal Application Load Balancer support mutual TLS (mTLS).

With mTLS, the load balancer requests that the client send a certificate to authenticate itself during the TLS handshake with the load balancer. You can configure a trust store that the load balancer uses to validate the client certificate's chain of trust.

For details, see the following:

• Mutual TLS authentication
• Set up mutual TLS for a regional external Application Load Balancer
• Set up mutual TLS for a regional internal Application Load Balancer
• Set up mutual TLS for a cross-region internal Application Load Balancer

This capability is in Preview.

Global external Application Load Balancer and global external Application Load Balancer (classic) already support frontend mTLS(General Availability).

Added infiniband and mlx5 device drivers.

Fixed integrity-fs dm-crypt creation flakiness.

Data insights in Dataplex is available in Preview. Data insights offers an automated and intuitive way to explore and understand your data. It uses Gemini large language models to generate queries based on the metadata of a table, and lets you uncover patterns, assess data quality, and perform statistical analysis.

Firestore now supports using range and inequality filters on multiple fields in a single query. This feature is in Preview.

Support for Query Explain. This feature is in Preview.

Query Explain lets you submit queries and receive detailed query plan, billing and performance statistics on query execution in return. It helps you understand how your queries are executed, showing you inefficiencies.

It functions like the EXPLAIN [ANALYZE] operation in many relational database systems.

For more information, see the guide for Query Explain.

Datastore now supports using range and inequality filters on multiple fields in a single query. This feature is in Preview.

Support for Query Explain. This feature is in Preview.

Query Explain lets you submit queries and receive detailed query plan, billing and performance statistics on query execution in return. It helps you understand how your queries are executed, showing you inefficiencies.

It functions like the EXPLAIN [ANALYZE] operation in many relational database systems.

For more information, see the guide for Query Explain.

(New guide) Jump Start Solution: Generative AI Knowledge Base: Demonstrates how to build an extractive question-answering (EQA) pipeline to produce content for an internal knowledge base.

New Apigee API Monitoring Metrics

An new suite of metrics for monitoring Apigee proxies and target endpoints is now available. With improved scalability and accuracy, the new suite can support large workloads and withstand underlying infrastructure changes.

Apigee's API Monitoring tables and dashboards have been updated to include the following new metrics, which can be used to configure alerts and create custom dashboards:

proxy/request_count
proxy/response_count
proxy/latencies
target/request_count
target/response_count
target/latencies

Go 1.22 is now generally available.

Starting in Go version 1.22 and later:

• You can't use go get outside of a module in the legacy GOPATH mode (GO111MODULE=off).
• Go recommends that you use a go.mod file for managing dependencies.

For more information, see Specify dependencies.

Go 1.22 is now generally available.

Starting in Go version 1.22 and later:

• You can't use go get outside of a module in the legacy GOPATH mode (GO111MODULE=off).
• Go recommends that you use a go.mod file for managing dependencies.

For more information, see Specify dependencies.

The Help me code tool lets you use natural language to generate a SQL query that can then be run in BigQuery. This feature is now in preview.

The following Generative AI features are now in preview:

• Creating a remote model based on a Vertex AI gemini-pro-vision large vision model (VLM).
• Using the ML.GENERATE_TEXT function with this remote model to perform Vision Generative AI tasks, such as image or video captioning and visual Q&A, for visual content stored in BigQuery object tables.

Try these features with the Generate text that describes visual content how-to topic.

The Logs in Cloud Logging only feature is available in all regions:

• In newly created Cloud Composer environments, Airflow task logs are now stored only in Cloud Logging by default.
• You can disable this feature for a new or an existing environment. In this case, Airflow task logs are saved both to Cloud Logging and to the environment's bucket.

The Amazon Redshift batch source connector version 1.11.1 is available in Preview in Cloud Data Fusion 6.10.0 and later. This source lets you load batch data from your Redshift dataset to a destination, such as BigQuery.

The Amazon Redshift batch source connector version 1.10.6 is available in Preview in Cloud Data Fusion 6.9 versions. This source lets you load batch data from your Redshift dataset to a destination, such as BigQuery.

Cloud Functions (2nd gen) now supports the Go 1.22 runtime at the General Availability release level.

You can now configure your aggregated sink to be intercepting, which prevents logs from being passed through the Log Router of child resources. For more information, see Collate and route organization-level logs to supported destinations.

You can now integrate Cloud SQL and Vertex AI. This integration lets you apply large language models (LLMs), which are hosted in Vertex AI, to a Cloud SQL for PostgreSQL database, version 12 and later. For more information, see Integrate Cloud SQL with Vertex AI.

Agent alias

Agents can use aliases instead of their real names when communicating with end-users. Admins can configure agent aliases manually or with a bulk upload. Agents can also configure their own aliases. The agent alias feature is available when using the mobile and web SDKs. For more information, see Agent alias.

Country code of the outbound phone number is included with the added party's phone number

When an agent adds a party to a call, the country code from the outbound phone number is automatically included with the added party's phone number.

Calls waiting indicator

The call adapter includes a calls waiting indicator that indicates the number of calls in the queue waiting to be answered. You can find the calls waiting indicator in the Calls tab of the call adaptor.

Time stamp in the chat adapter displays seconds

The message time stamp in the chat adapter displays seconds.

Virtual task assistant for chats

The virtual task assistant is available for chats. Configuration and use are similar to that of the virtual task assistant for calls. Available for the web SDK only. For more information, see Virtual task assistants.

Configure SSO for your email channel using OAuth credentials from Google Cloud

You can configure single sign-on (SSO) for your Contact Center AI Platform email channel using OAuth 2.0 credentials from Google Cloud. For more information, see Configure your email channel for OAuth with Google Cloud.

Deflections are available for agent-to-agent calls

You can configure agent-to-agent calls to deflect to voicemail after a period of time that you set. You can also include these "voice internal" calls in your call reports. For more information, see Turn on deflections.

Support phone number is included for incoming calls

The incoming call screen shows the support phone number that the end-user used to call your support center. For more information, see Receive an inbound call.

Support for multiple data parameters in API requests to the DAPs for your IVR queues

You can capture data in the headers of incoming Session Initiation Protocol (SIP) calls and pass them in API requests to the Direct Access Points (DAPs) for your Interactive Voice Response (IVR) queues. For more information, see API DAPs.

(New guide) Cross-silo and cross-device federated learning on Google Cloud: Provides guidance to help you create a federated learning platform that supports either a cross-silo or cross-device architecture.

Preview: Migrate to Virtual Machines supports the ARM64 migration journey. This feature lets you migrate ARM virtual machine (VM) instances from AWS and Azure cloud services to ARM VM instances on Compute Engine, and is supported for the following operating systems:

• Debian 11 and 12
• RHEL 9
• Rocky Linux 8 and 9
• SLES 15 SP5
• Ubuntu 20.04 and 22.04

You can now optimize your writes by setting the maximum delay time of your Spanner write requests between 0 and 500 milliseconds. For more information, see Throughput optimized writes.

The software bill of materials (SBOM) feature is now Generally Available (GA). To learn more, see SBOM overview.

Backup and DR Service added support to view daily scheduled compliance logs in Cloud Logging.

Backup and DR Service added support to view daily scheduled compliance reports in BigQuery.

Chronicle Applied Threat Intelligence helps you identify and respond to threats. When enabled, it ingests IOCs curated by Mandiant Threat Intelligence with an IC-Score greater than 80 and generates an error when a match is found. The following are some of the features of Applied Threat Intelligence.

• Event-level enrichment: All telemetry in Chronicle is enriched with Google Threat Intelligence which is a combination of Mandiant and Virus Total, including all threat intelligence associations like campaigns and actors.

• Sophisticated indicator matching: Curated out-of-the-box detections that deliver sophisticated indicator matching using augmented prioritization logic, noise reduction based on customer environment context, and other correlation techniques to maximize signal to noise.

• Active breach alerting: Uses Mandiant's incident response intelligence to alert on potential active breaches delivering on our no patient 1 vision.

• Curated behavioral detections for emerging threats: To protect against newly emerging risks and tactics, techniques, and procedures (TTPs), Applied Threat Intelligence uses real-time insights.

• DIY detection engineering and response automation: Access to Fusion intelligence (formerly known as Mandiant Fusion) for the following.

  • Customer authoring of rules
  • Customer development of response playbooks

• Curated views for Investigation and triage Insights: Applied Threat Intelligence provides curated views that show valuable associations between an indicator and threat actor, threat campaign, or malware, statistics about a threat observed in customer environments. These views are invaluable for all security operations workflows.

For more information about Applied Threat Intelligence, see Applied Threat Intelligence overview.

Chronicle Applied Threat Intelligence helps you identify and respond to threats. When enabled, it ingests IOCs curated by Mandiant Threat Intelligence with an IC-Score greater than 80 and generates an error when a match is found. The following are some of the features of Applied Threat Intelligence.

• Event-level enrichment: All telemetry in Chronicle is enriched with Google Threat Intelligence which is a combination of Mandiant and Virus Total, including all threat intelligence associations like campaigns and actors.

• Sophisticated indicator matching: Curated out-of-the-box detections that deliver sophisticated indicator matching using augmented prioritization logic, noise reduction based on customer environment context, and other correlation techniques to maximize signal to noise.

• Active breach alerting: Uses Mandiant's incident response intelligence to alert on potential active breaches delivering on our no patient 1 vision.

• Curated behavioral detections for emerging threats: To protect against newly emerging risks and tactics, techniques, and procedures (TTPs), Applied Threat Intelligence uses real-time insights.

• DIY detection engineering and response automation: Access to Fusion intelligence (formerly known as Mandiant Fusion) for the following.

  • Customer authoring of rules
  • Customer development of response playbooks

• Curated views for Investigation and triage Insights: Applied Threat Intelligence provides curated views that show valuable associations between an indicator and threat actor, threat campaign, or malware, statistics about a threat observed in customer environments. These views are invaluable for all security operations workflows.

For more information about Applied Threat Intelligence, see Applied Threat Intelligence overview.

Chronicle now supports direct ingestion and parsing of Google Cloud Next Generation Firewall (NGFW) Enterprise logs.

The following resource types are now publicly available through the ExportAssets, ListAssets, BatchGetAssetsHistory, QueryAssets, Feed, and Search (SearchAllResources, SearchAllIamPolicies) APIs.

• Compute Engine
  • compute.googleapis.com/NetworkEdgeSecurityService
• Database Migration
  • datamigration.googleapis.com/ConversionWorkspace
• Redis
  • redis.googleapis.com/Cluster

Private Service Connect now includes support for cross-region read replicas. You can also choose an availability type (REGIONAL or ZONAL) for Private Service Connect-enabled instances. Both features are in GA.

Private Service Connect now includes support for cross-region read replicas. You can also choose an availability type (REGIONAL or ZONAL) for Private Service Connect-enabled instances. Both features are in GA.

You can now use Private Service Connect to connect to a Cloud SQL for SQL Server instance. This solution allows you to connect to the instance from multiple VPC networks that belong to different groups, teams, projects, or organizations.

Private Service Connect includes support for cross-region read replicas. You can also choose an availability type (REGIONAL or ZONAL) for Private Service Connect-enabled instances.

All features are in GA.

Updated cos-gpu-installer to v2.2.0. Some key features of this update include:

• Switched precompiled driver and signature location to COS build artifacts for M109.
• This fixes a permissions issue in the GPU driver install directory with OSS drivers.
• Added major version specification for GPU driver installation.

Added additional option to existing kernel cmdline flag that moves protected stateful partition integrity tags to memory.

Enabled TDX Guest support in the Linux Kernel.

Changed default umask value for a user to 027.

Removed legacy logging agent (fluentd).

Fragmented nvidia-drivers and nvidia-drivers-open pkg into separate packages per major version.

Enhanced integrity-fs with disk resize and dm-clone.

Removed deprecated R525 NVIDIA GPU drivers.

Added support for dm-zero and dm-clone.

Sosreport now includes GPU Installer logs.

Updated NVIDIA GPU drivers.

Backported support for TCP RTO configuration in networkd.

Enable portmapper registration reporting for lsof. This also fixes an issue where lsof is missing from SOS reports.

Add compiler mitigations to mitigate memory corruption vulnerabilities.

Sequence named before nss-lookup.target.

Added support for user.* xattr on tmpfs.

Added automatic generation of known modules list to image build process.

Include nvidia plugin into sosreport.

Added support for iSCSI targets and RAM block devices.

Automated cataloging of Vertex AI feature store is available in Preview. With this integration, you can discover Vertex AI feature groups and features across projects and regions using the Console or Dataplex API. Dataplex fully automates the process of ingesting and indexing metadata, while performing source IAM permission checks, providing a governed single-pane-of-glass experience for data and AI artifacts across Cloud services.

Dialogflow CX: The Override request-level speech model has been added to advanced speech settings. This can be used to override the speech model provided in a runtime API request.

Vertex AI Conversation data stores: Gemini-pro 1.0 is now officially in General Availability. The model includes optimized prompting, delivering enhanced results with minimal latency impact. Please note: prompt optimization is currently focused on English, with other languages to follow.

Dialogflow CX: DTMF for telephony integrations is now available for preview.

Chronicle now supports direct ingestion and parsing of reCAPTCHA Enterprise logs from Google Cloud.

Chronicle now supports direct ingestion and parsing of reCAPTCHA Enterprise logs from Google Cloud.

Chronicle has added a new rule set to Cloud Threat Detections , called Serverless Threats, that detects activity associated with potential compromise or abuse of server-less resources in Google Cloud, such as Cloud Run and Cloud Functions.

Direct VPC egress (Preview) is now available in the following additional regions:

• africa-south1
• asia-south1
• asia-southeast2
• australia-southeast2
• europe-central2
• europe-west2
• europe-west6
• europe-west8
• europe-west9
• europe-west10
• me-central1
• me-central2
• southamerica-west1
• us-east5
• us-west2
• us-west3
• us-west8

Cloud Run services can now connect to a Firestore database using integrations (Preview).

Cloud Run services can now connect to Vertex AI to access generative AI models using integrations (Preview).

Support for GPUs is generally available (GA). For more information, see Available GPUs.

Cloud Workstations supports the following machine type:

• a2-megagpu-16g

For more information, see Available machine types, REST workstationConfigs, or RPC google.cloud.workstations.v1beta GceInstance.

Generally available: Disaster recovery with Persistent Disk Async Replication has been expanded to allow you to replicate data on a disk in one region to any other region within the same continent.

Also, the following performance and capacity enhancements are available:

• Data replication change rate increased to 2 GiB/min from 250 MB/min.
• Maximum provisioned disk size increased to 32 TB from 5 TB per disk.
• The number of disks per project increased to 1000 from 100.
• The number of disks per consistency group increased to 128 from 64.

Updated cos-gpu-installer to v2.2.0.

Added automatic generation of known modules list to image build process.

Include nvidia plugin into sosreport.

Added support for iSCSI targets and RAM block devices.

The discovery and inspection services, which support BigQuery, now support tables that contain columns with INTERVAL, RANGE<DATE>, RANGE<DATETIME>, and RANGE<TIMESTAMP> data types.

For more information about sensitive data discovery, see Data profiles.

For more information about sensitive data inspection for BigQuery, see Inspect a BigQuery table.

The constraint template library includes a new template: K8sPSSRunAsNonRoot. For reference, see the Constraint template library.

Backup and DR Service added support to access historical reports. Learn more.

You can now add Salesforce Data Cloud data to BigQuery. This feature is generally available (GA).

Incremental materialized views now support LEFT OUTER JOIN and UNION ALL. This feature is in preview.

You can now view Bigtable cost data with instance granularity in the Google Cloud Billing detailed export to BigQuery. For more information, see Structure of detailed cost data export.

Generally available: In a managed instance group (MIG), you can set metadata and labels for all VMs in the group without the need to create a new instance template. For more information, see Override instance template properties with an all-instances configuration.

Generally available: In a managed instance group (MIG), you can turn off repairs to inspect failed and unhealthy VMs, to implement your own repair logic, or to monitor the application health without triggering repairs by MIG. For more information, see Turn off repairs in a MIG.

Security Command Center detectors are now mapped to the following additional compliance frameworks:

• CIS Critical Security Controls v8
• Cloud Controls Matrix v 4
• HIPAA
• ISO 27001 (2022)
• NIST 800-53 (rev 5)
• NIST Cybersecurity Framework (v 1.0)
• PCI-DSS 4.0
• SOC 2 (2017)

Preview stage support for the following integration:

• Sovereign Controls by Partners

reCAPTCHA Enterprise platform logs are now available in Chronicle. Users can now view their reCAPTCHA assessment and annotation data in a structured and searchable data format in Chronicle. For more information, see Collect reCAPTCHA Enterprise logs.

You can now create and manage VRFs for the networks in your Bare Metal Solution environment. This feature is generally available (GA).

The maximum notebook size has been increased from 10 MB to 20 MB. Notebooks are available in preview.

You can now view lists of all saved queries and all notebooks in your project. These features are available in preview.

Case filter and URL now in a reciprocal relationship

In the Cases page, the filter and the URL now directly affect each other. Changing the filter changes the URL, and conversely, changing the URL changes the filter. You can take advantage of this feature by setting a filter for cases and putting the newly created URL in an external dashboard. Clicking on this link would then take you directly to the filtered case queue.

Chronicle has expanded Cloud Threat Detections to create a detection when findings from Security Command Center Event Threat Detections, Cloud Armor, Sensitive Actions Service, and Custom modules for Event Threat Detection are identified. These detections are available through the following rule sets: CDIR SCC Cloud IDS, CDIR SCC Cloud Armor, CDIR SCC Impact, CDIR SCC Enhanced Persistence, CDIR SCC Enhanced Defense Evasion, and CDIR SCC Custom Module.

The Logs in Cloud Logging only feature is gradually rolled out to all regions:

• New Cloud Composer environments now save Airflow task logs only in Cloud Logging by default.
• Existing environments are not changed. If you upgrade an existing environment, it keeps saving logs to the environment's bucket.
• You can enable and disable saving logs to the environment's bucket for an existing environment.

Currently the feature is rolled out to the following regions: africa-south1, asia-east1, asia-east2, asia-northeast2, asia-south2, asia-southeast2, australia-southeast2, europe-central2, europe-southwest1, europe-west10, europe-west12, europe-west2, europe-west3, europe-west4, europe-west6, europe-west8, me-central1, me-central2, me-west1, northamerica-northeast2, southamerica-west1, us-east5, us-east7, us-south1, and us-west4.

The Healthcare Natural Language API supports the following entity mention types in Preview:

• Oncology
• Social determinants of health (SDOH)
• Protected health information (PHI)

Explaining data access using FHIR is available in Preview.

The Google Cloud Console has launched a new wizard experience to walk you through the process of selecting a new load balancer. The new wizard walks you through all the available options (internal or internet-facing, proxy or passthrough, global or regional) and guides you to the appropriate load balancer for your use-case.

Try out the new wizard in the Google Cloud Console at Create a load balancer.

Added support for iSCSI targets and RAM block devices.

(New guide) Design storage for AI and ML workloads in Google Cloud: Select the recommended storage options for your AI and ML workloads.

New misconfiguration detectors for AlloyDB for PostgreSQL clusters released to General Availability.

Security Health Analytics, a built-in service of Security Command Center, released new detectors to General Availability. The following detectors, which are available only with the Premium tier of Security Command Center, detect misconfigurations in AlloyDB for PostgreSQL clusters and instances:

• ALLOYDB_AUTO_BACKUP_DISABLED: Automated backups are not enabled in AlloyDB for PostgreSQL cluster.
• ALLOYDB_LOG_ERROR_VERBOSITY: Instance database flag log_error_verbosity for AlloyDB for PostgreSQL instance is not set to default or another less restrictive value.
• ALLOYDB_LOG_MIN_ERROR_STATEMENT_SEVERITY: Instance database flag log_min_error_statement for AlloyDB for PostgreSQL instance is not set to ERROR or lower.
• ALLOYDB_LOG_MIN_MESSAGES: Instance database flag log_min_messages for AlloyDB for PostgreSQL instance is not set to at minimum warning.

For more information, see SQL vulnerability findings.

Leader-aware routing now dynamically routes read-write transactions to the leader region in Spanner multi-region instances, reducing latency and improving performance. For more information, see Leader-aware routing.

You can now create and run Spark stored procedures that are written in Python, Java, and Scala. You can also use the PySpark editor in BigQuery to create stored Python procedures for Apache Spark. This feature is now generally available (GA).

The minimum duration between scheduled queries has been reduced from 15 minutes to 5 minutes. This feature is generally available.

You can now create daily backups of your Bigtable table by enabling automated backup. This feature is available in Preview. For details, see Automated backup.

The following resource types are now publicly available through the ExportAssets, ListAssets, BatchGetAssetsHistory, QueryAssets, Feed, and Search (SearchAllResources, SearchAllIamPolicies) APIs.

• NetApp
  • netapp.googleapis.com/Backup
  • netapp.googleapis.com/BackupPolicy
  • netapp.googleapis.com/BackupVault

Airflow 2.7.3 is available in Cloud Composer images.

You can now mount an NFS file share as a volume for Cloud Run services and jobs. (In Preview)

Cloud SQL Enterprise Plus edition now supports the me-central2 (Dammam) region.

Cloud SQL Enterprise Plus edition now supports the me-central2 (Dammam) region.

Dialogflow CX now provides the offers and deals prebuilt component.

Vertex AI Conversation data store tools now support filter and userMetadata example parameters.

Dialogflow CX request-scoped parameters now supports the $request.user-utterance parameter to reference the end-user utterance.

Eventarc support for creating triggers for direct events from Network Services is generally available (GA).

Cilium cluster-wide network policies are now generally available with the following GKE versions:

• 1.28.6-gke.1095000 or later
• 1.29.1-gke.1016000 or later

You can now control your GKE workloads' ingress and egress traffic cluster-wide, without being bound to a namespace for your network policies. This new capability is intended to streamline network policies for GKE platform administrators looking for a uniform way to apply policies across namespaces or application teams.

Cilium cluster-wide network policy is available in all GKE editions.

To learn more, read Control cluster-wide communication using network policies.

Statistics for active partitioned data manipulation language (DML) queries are now generally available. You can get insights on active partitioned DMLs queries and their progress from statistics tables in your Spanner database. For more information, see Active partitioned DMLs statistics.

Preview stage support for the following integration:

• Cloud Code

You can now undelete a dataset that is within your time travel window to recover it to the state that it was in when it was deleted. This feature is in preview.

These BigQuery features are now generally available (GA):

Text analysis configuration options for the following:

• CREATE SEARCH INDEX DDL
• Existing LOG_ANALYZER and new PATTERN_ANALYZER analyzers, which are used in various functions, including SEARCH
• The TEXT_ANALYZE function

The following advanced processing functions:

• ML.BAG_OF_WORDS
• ML.TF_IDF
• BAG_OF_WORDS
• TF_IDF
• COSINE_DISTANCE
• EUCLIDEAN_DISTANCE
• EDIT_DISTANCE

You can now perform hierarchical forecasts in BigQuery ML time series models, which let you aggregate and roll up values for all time series in the model. This feature is generally available (GA).

You can now use the GCS FUSE file cache feature, a client-based read cache that lets repeat file reads to be served from a faster cache storage of your choice. To learn more about caching, see GCS FUSE caching documentation.

M118 release

• Pytorch 2.1.0 with CUDA 12.1 and Python 3.10 container images are now available.
• Pytorch 2.2.0 with CUDA 12.1 and Python 3.10 container images are now available.

M118 release

• Restored legacy gpu image families for TensorFlow 2.12 through 2.14, and for PyTorch 2.0.
• Pytorch 2.1.0 with CUDA 12.1 and Python 3.10 VM images are now available.
• Pytorch 2.2.0 with CUDA 12.1 and Python 3.10 VM images are now available.
• R images (Experimental) updated to R 4.3.3.
• Updated Nvidia drivers of older Deep Learning VM images to R535.

The following prebuilt components have been added to Dialogflow CX:

• Retail fraud and dispute
• Cancel order
• Return and refund
• Exchange order

M118 release

The M118 release of Vertex AI Workbench user-managed notebooks includes the following:

• Pytorch 2.1.0 with CUDA 12.1 and Python 3.10 user-managed notebooks instances are now available.
• Pytorch 2.2.0 with CUDA 12.1 and Python 3.10 user-managed notebooks instances are now available.
• Updated Nvidia drivers of older user-managed notebooks images to R535.

The M118 release of Vertex AI Workbench managed notebooks includes the following:

• Updated Nvidia drivers to R535, which fixed a bug where the latest PyTorch 2.0 kernel didn't work due to outdated drivers.

M118 release

The M118 release of Vertex AI Workbench instances includes the following:

• Updated Nvidia drivers to R535.

Access Approval supports Google Distributed Cloud Edge in the GA stage.

Access Transparency supports the following services in the GA stage:

• Google Distributed Cloud Edge
• IAM workforce identity pools

Artifact Registry remote repositories support basic authentication to user-defined and preset upstream sources for Docker, Maven, npm, and Python formats.

To create a remote repository using a preset or user-defined upstream source, see Create remote repositories. For more information on remote repository authentication, see Configure authentication to remote repositories.

Chronicle has expanded Cloud Threat Detections to create a detection when findings from Security Command Center Event Threat Detections, Cloud Armor, Sensitive Actions Service, and Custom modules for Event Threat Detection are identified. These detections are available through the following rule sets: CDIR SCC Cloud IDS, CDIR SCC Cloud Armor, CDIR SCC Impact, CDIR SCC Enhanced Persistence, CDIR SCC Enhanced Defense Evasion, and CDIR SCC Custom Module.

You can now use worker utilization hints to tune horizontal autoscaling for streaming pipelines.

Added new autoscaling metrics:

• Autoscaling rationale chart: explains the factors driving autoscaling decisions
• Worker CPU utilization chart: shows current user worker CPU utilization and customer autoscaling hint value
• Timer backlog per stage: shows an estimate of time needed to materialize the output for windows whose timer has expired
• Parallel processing: the number of keys available for parallel processing

Datastream now supports SQL Server as a source. The feature is in Preview. For more information, see Streamlining data integration with SQL Server source support in Datastream and the Datastream documentation.

Vertex AI Search: Sync from Google Drive (Preview with allowlist)

Connecting to Google Drive as a data source for Vertex AI Search is available as a Preview with allowlist feature. For more information, see Sync from Google Drive.

Forwarder troubleshooting guide is now available to help you diagnose and resolve common issues that may arise while using the Chronicle Linux forwarder.

Direct VPC egress now supports Cloud NAT with Public NAT IP addresses (in Preview).

The following new features have been introduced in this release of Distributed Cloud Edge:

• Multi-rack deployments. Distributed Cloud Edge now supports aggregating the resources of multiple Distributed Cloud Edge Racks into a single zone. You can now create clusters that span nodes across multiple Distributed Cloud Edge Racks. A single multi-rack deployment supports one Distributed Cloud Edge Base Rack and up to 10 Distributed Cloud Edge Standalone Racks. For more information, see How Distributed Cloud Edge works.

• Distributed Cloud Edge Base Rack. We are now shipping a new form factor of Distributed Cloud Edge Rack hardware, the Distributed Cloud Edge Base Rack. This form factor is a pair of existing Distributed Cloud Edge Standalone Rack hardware with the addition of four network switches that aggregate network traffic from up to 10 Distributed Cloud Edge Standalone Racks.

• Prometheus integration. You can now use the Prometheus metrics solution to collect Distributed Cloud Edge metrics and workload metrics on local control plane clusters running in survivability mode. For more information, see Collect metrics with Prometheus.

• Node labels. You can now assign unique labels to individual nodes when creating a node pool. For more information, see Create a node pool.

Preview stage support for the following integration:

• API keys

AlloyDB now supports continuous backup and recovery, and scheduled backups on secondary clusters. When you create a secondary cluster, any backup plans on the primary cluster are automatically copied to the new secondary cluster. For more information, see About cross-region replication.

Jobs Enhancement

When updating an integration, the jobs will now be updated automatically. This does not apply to any legacy jobs that were created before October 2023.

The Marketplace integration will clearly identify the legacy jobs that are affected and provide instructions on how to proceed.

In addition, legacy jobs are now marked as such in the Jobs Scheduler page so that you can take action and resolve issues beforehand.

Jobs Enhancement

When updating an integration, the jobs will now be updated automatically. This does not apply to any legacy jobs that were created before October 2023.

The Marketplace integration will clearly identify the legacy jobs that are affected and provide instructions on how to proceed.

In addition, legacy jobs are now marked as such in the Jobs Scheduler page so that you can take action and resolve issues beforehand.

You can now view granular Bigtable usage in the Cloud Billing Detailed export to BigQuery

You can now view granular Bigtable instance cost data in the Google Cloud Billing detailed export. Use the resource.global_name field in the export to view and filter your detailed Bigtable instance usage.

Review the schema of the Detailed cost data export.

You can now view granular Memorystore for Redis usage in the Cloud Billing Detailed export to BigQuery

You can now view granular Memorystore for Redis cost data in the Google Cloud Billing detailed export. Use the resource.global_name and resource.name fields in the export to view and filter your detailed Memorystore for Redis usage.

Review the schema of the Detailed cost data export.

Cloud SQL now supports SQL Server Reporting Services (SSRS) on your instances. For more information, see Use SSRS for creating reports.

Generally available: You can use SSH-in-browser to connect to TPU VMs. For more information, see Connecting to a Cloud TPU.

The Performant Field Picker feature is now generally available.

When an instance has no projects, Looker will more prominently prompt users to create a model.

In the Create a model wizard, your selections are now saved even if you close steps without having completed the model creation process.

Adding a query slug to source queries in the merge query API response GET merge_queries/<merge_query_id> returns the query slug in addition to the ID.

The save_content permission now has two child permissions, save_dashboards and save_looks. These permissions let Looker admins exert finer control over the kinds of content that users can save.

The Disallow Numeric Query IDs legacy feature has been added to let users opt in to or out of query API changes.

The Advanced Features for New Schedules Page Labs feature is now available. This lets you sort and filter the list of scheduled plans on the Admin - Schedules page.

You can add tags at the time of creating folders and projects. These tags can be added as key-value pairs. For more information, see Add tags during folder creation and Add tags during project creation. This feature is currently in preview.

Support for transfers from cloud and on-premises Hadoop Distributed File System (HDFS) sources is now generally available (GA).

HDFS support allows for use cases such as migrating from on-premises storage to Cloud Storage, archiving data to free up on-premises storage space, replicating data to Google Cloud for business continuity, or transferring data to Google Cloud for analysis and processing.

See Transfer from HDFS to Cloud Storage for details.

AlloyDB Language Connectors are now generally available (GA). These language connectors are libraries that provide automated mutual TLS connections, IAM-based authorization, and Automated IAM Authentication when connecting to an AlloyDB instance. For more information about language connectors, see AlloyDB Language Connectors overview.

Certificate Manager supports integration with regional external Application Load Balancers and regional internal Application Load Balancers. This feature is generally available (GA). For more information, see Certificate Manager overview.

Forwarder troubleshooting guide is now available to help you diagnose and resolve common issues that may arise while using the Chronicle Linux forwarder.

The global external Proxy Network Load Balancer is implemented on globally distributed GFEs and supports advanced traffic management capabilities. This load balancer can be configured to handle either TCP or SSL traffic by using either a target TCP proxy or a target SSL proxy respectively. Global external proxy Network Load Balancers support backends such as instance groups, hybrid NEGs, and Private Service Connect NEGs. For details, see the External proxy Network Load Balancer overview.

To set up a global external Proxy Network Load Balancer, see the following pages:

• Instance group backends with SSL
• Instance group backends with TCP

This capability is in General Availability.

Regional external Application Load Balancers and regional internal Application Load Balancers now support Certificate Manager certificates. For more information, see Certificates and Google Cloud load balancers.

This capability is in General Availability.

You can now view granular bucket-level cost data in the Cloud Billing Detailed data export.

For AutoML datasets, you can tag segment pairs when importing them through the Google Cloud console.

Generally available: You can scale a single VM into a managed instance group (MIG), which is a group of VMs that you can manage as a single entity. A MIG can make your workload scalable and highly available using features like autoscaling, autohealing, regional (multiple zones) deployment, and automatic updating.

For more information, see Create a MIG from an existing VM.

Granting repository access to all authenticated users is available. For more information, see Grant public access to a repository.

Vertex AI Search: Specify a parser for unstructured content (Public preview)

You can control how documents are parsed when they are uploaded to Vertex AI Search. Parser specification is available in Public preview.

Vertex AI Search provides a digital parser (GA), an OCR parser for PDFs (Public preview), and a layout parser (Public Preview). During data store creation for generic search apps with unstructured data, you can set a default parser for the data store and an override parser for specific file types.

For more information, see Parse documents.

Vertex AI Search: Turn on document chunking (Public preview)

To use Vertex AI Search for retrieval-augmented generation (RAG) for LLMs, you can turn on document chunking when creating a data store. Document chunking is available in Public preview.

When document chunking is turned on, your documents are split into chunks when you ingest documents into your data store, and your search app can return chunks of data in search results instead of full documents. Using chunked data for RAG increases relevance for LLM answers and reduces computational load for LLMs. Document chunking is in Public preview. For more information, see Chunk documents for RAG.

Vertex AI Search: Connect ServiceNow as a data source (Private preview)

You can connect ServiceNow as a third-party data source for Vertex AI Search. For more information, see Connect a third-party data source.

Tags data for Google Cloud Storage buckets is available in both the Standard usage cost export and the Detailed usage cost export.

To learn more about Tags, see Tags overview. To learn about using Tags in your cost data exported to BigQuery, see more about tags and query examples with tags.

Generally available: Hyperdisk Balanced is available with C3 and H3 VMs. Hyperdisk Balanced is a good fit for a wide range of use cases such as LOB applications, web applications, and medium-tier databases that don't require the performance of Hyperdisk Extreme. For more information, see About Hyperdisk.

Updated cos-gpu-installer to v2.2.1. Fixed cached driver installation error with network disabled. Added force-fallback flag, major version specification for GPU driver installation and fixed ordering of kernel module loading for nvidia-modeset and nvidia-drm

Updated cos-gpu-installer to v2.2.1. Fixed cached driver installation error with network disabled. Added force-fallback flag, major version specification for GPU driver installation and fixed ordering of kernel module loading for nvidia-modeset and nvidia-drm

Updated cos-gpu-installer to v2.2.1. Fixed cached driver installation error with network disabled. Added force-fallback flag, major version specification for GPU driver installation and fixed ordering of kernel module loading for nvidia-modeset and nvidia-drm

Updated cos-gpu-installer to v2.2.1. Fixed cached driver installation error with network disabled. Added force-fallback flag, major version specification for GPU driver installation and fixed ordering of kernel module loading for nvidia-modeset and nvidia-drm

You can now use committed use discounts (CUDs) with Dataflow streaming jobs. Committed use discounts provide discounted prices in exchange for your commitment to continuously use a certain amount of Dataflow compute resources for a year or longer.

Google Cloud VMware Engine now leverages Cloud Logging to provide status updates about hardware health and VMware management components. The logs are available in Logs Explorer with the following log name:

• projects/PROJECT_ID/logs/vmwareengine.googleapis.com%2Falerts

These logs are also available in the Google Cloud VMware Engine UI on the Dashboard in Logs.

Private clusters created on GKE versions 1.29.0-gke.1384000 and later use Private Service Connect (PSC) for nodes to privately communicate with the control plane. There is no price increase for using GKE private clusters running on PSC.

For private clusters created with a different GKE version, the clusters continue to use VPC Peering for node-to-control plane communication.

Secret Manager add-on for GKE is now available. With the add-on, you can access the secrets stored in Secret Manager as volumes mounted in Kubernetes Pods. The add-on is supported on Standard and Autopilot clusters versioned 1.29 and later. For more info, see Use Secret Manager add-on with GKE.

Opportunistic bursting and lower Pod minimums are now available on newly created GKE Autopilot clusters at version 1.29.2-gke.1060000 or later, and on existing clusters created at 1.26 or later that have been fully upgraded (including all nodes) to 1.29.2-gke.1060000 or later. To learn more, see Configure Pod bursting on GKE.

Table renaming is now generally available. This feature lets you rename tables in place or safely swap names using synonyms. For more information, see Manage table names.

Dataproc Metastore now supports scheduled backups. Backups can be scheduled to run at user-specified cron job intervals, including running daily, weekly, or monthly.

Recommendation Hub is a centralized page on Google Cloud that helps you view all of your recommendations in one place. We recently made improvements to the page, including enabling organization and folder-view of recommendations, custom sorting and filtering of recommendations, and more. For more information, see documentation

Vertex AI Feature Store

The following features of Vertex AI Feature Store are now available in Preview:

• Integration of Vertex AI Feature Store with Dataplex: Online store instances, feature views, and feature groups are now automatically registered as data assets in Data Catalog, a Dataplex feature that catalogs metadata from these resources. You can use the metadata search capability of Dataplex to search for and view the metadata of these resources. For more information, see Search for resource metadata in Data Catalog.

• **Service account configuration for feature views: **You can configure a feature view to use a dedicated service account. By default, every feature view uses the service account configured for your project. For more information, see Configure the service account for a feature view.

• Multiple entity IDs for a feature view: While creating or updating a feature view, you can specify multiple entity ID columns. For more information, see Create a feature view.

In the Entity Explorer page, Case Distribution has been renamed to Alert Distribution.

This change makes the information easier to understand. (ID #48941723)

The following resource types are now publicly available through the ExportAssets, ListAssets, BatchGetAssetsHistory, QueryAssets, Feed, and Search (SearchAllResources, SearchAllIamPolicies) APIs.

• Cloud Configuration Manager API
  • config.googleapis.com/Deployment

Create your first budget with one click

You can now create your first budget and receive budget alerts in one step using the Create a budget alert panel on the Billing Overview page. The tool shows you recommended budget amounts based on your usage patterns, and you will receive alerts when your actual spend reaches 50%, 75%, 100%, and 150% of your selected budget. You can later edit these settings in the Manage budgets and alerts section.

Learn more about budgets.

Cloud Build repositories (2nd gen) now supports integration with Bitbucket Cloud and Bitbucket Data Center. These features are generally available.

You can display events, such as the crash of a GKE pod, on your dashboards. This feature is now GA. This feature is available for dashboards managed by Cloud Monitoring, and for the observability dashboards managed by Compute Engine, Google Kubernetes Engine and Cloud Run.

• For a list of supported events, see Event types.
• For information about enabling events, see Show events on a dashboard.

Charts on the metrics dashboard of Cloud Run services now display deployment events.