Copyright 2014-2023 Google Inc. All rights reserved.
Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.
433.0.1 (2023-06-1)
Google Cloud CLI
- Disabled self-signed jwt usage for service accounts.
Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.
433.0.0 (2023-05-31)
Breaking Changes
- (Cloud Run) Added
--[no-]async
flags togcloud run jobs delete
andgcloud run jobs executions delete
with a default value of--no-async
. Changed these two commands to wait for delete operation by default.
Google Cloud CLI
- Fixed issue where running the install script from within the root
google-cloud-sdk
directory would crash with an unactionable error when new versions of certain components were made available prior to installation.
AlloyDB
- Promoted AlloyDB Cross Region Replication commands to GA track. Modified commands include: alloydb clusters create-secondary, alloydb clusters promote, alloydb instances create-secondary.
Anthos On-Prem
- Modified
gcloud container bare-metal admin-clusters list
. When specifying--location=-
, or when both--location
and gcloud configurationcontainer_bare_metal/location
are not specified, return admin clusters in all locations of the specified project.
Artifact Registry
- Updated the output of
gcloud artifacts docker images list
with flag--show-occurrences
to include SBOM reference occurrences.
Certificate Authority Service
- Added
--publishing-encoding-format
flag togcloud privateca pools create
andgcloud privateca pools update
to allow users to optionally publish DER encoded CA certificates and CRLs to Google Cloud Storage buckets.
Cloud Build
- Added flag to specify substitutions in
gcloud builds triggers run
. - Modified
--branch
,--tag
,--sha
flags to be optional ingcloud builds triggers run
command.
Cloud Composer
- Added
--enable-high-resilience
togcloud composer environments create
to create environments with high resilience mode. - Added
gcloud composer environments database-failover
to manually run a database failover for environments with high resilience enabled. - Added
gcloud composer environments fetch-database-properties
to fetch airflow database properties for Composer environments.
Cloud Logging
- Added
logging_service_account_id
tosettings describe
response.
Cloud SQL
- Added
--no-recovery
,--bak-type
and--recovery-only
flags togcloud sql import bak
and added--bak-type
and--differential-base
flags togcloud sql export bak
to enable the differential import/export feature for SQL Server.
Cloud Workstations
- Added
--accelerator-type
and--accelerator-count
flags togcloud beta workstations configs create
.
Compute Engine
- Fixed bug in handling quota exceeded error with
gcloud compute commitments create
command. - Added
--region
flag togcloud beta compute security-policies rules
commands. - Deprecated
--no-client-ttl
and--no-max-ttl
arguments ofgcloud compute [backend-services|backend-buckets] [create|update]
.
Kpt
- Updated kpt in Google Cloud CLI from 1.0.0-beta.33 to 1.0.0-beta.34.
Kubernetes Engine
- Added
--enable-best-effort-provision
and--min-provision-nodes
togcloud container node-pools create
to turn on best effort provisioning for node pool creation.
Network Security
- Added
network-security firewall-endpoint-associations
commands to manage Cloud Firewall Plus endpoint associations, and promoted them to beta. - Promoted commands under
gcloud network-security address-groups
to GA. - Promoted commands under
gcloud network-security org-address-groups
to GA.
Security Command Center
- Added
gcloud topic datetimes
support forgcloud scc
command group timestamp and duration flags.
Transfer
- Added
--docker-network
flag togcloud transfer agents install
to allow configuration of the underlying Docker container's network.
Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.
432.0.0 (2023-05-23)
AI
- Added
--public-endpoint-enabled
flag togcloud ai index-endpoints create
to support public endpoint. - Modified
--network
flag ofgcloud ai index-endpoints create
to be optional.
Anthos On-Prem
- Added
--disable-control-plane-v2
flag togcloud container vmware clusters create
to explicitly disable the use of control plane v2 feature. --enable-control-plane-v2
ingcloud container vmware clusters create
is by default set for version 1.15+.- Added
--ignore-errors
flag togcloud container bare-metal admin-clusters unenroll
. If set, the unenrollment of a bare metal admin cluster resource will succeed even if errors occur during unenrollment.
Artifact Registry
- Changed IAM policy analysis scope to the root of project in
gcloud beta artifacts docker upgrade print-iam-policy
.
BigQuery
- Fixed bug to ensure show works with encrypted S3 managed tables.
- Fixed bug to ensure spark properties can be updated to empty values.
- Fixed
RANGE<TIMESTAMP>
to correctly displayUNBOUNDED
boundaries. - Fixed bug in the
bq info
command that caused it to always fail. - Fixed bug where a line of logging was always printed.
- Added connections to
get-iam-policy
andset-iam-policy
.
Cloud Build
- Modified (
--repo
,--repo-type
) and--repository
to be optional ingcloud builds triggers create manual
,gcloud builds triggers create webhook
andgcloud builds triggers create pubsub
.
Cloud Storage
- Updated gsutil component to 5.24.
Compute Engine
- Added
--http-keep-alive-timeout-sec
flag togcloud compute alpha/beta target-http-proxies/target-https-proxies create/update
to configure http keep alive timeout sec field in target httpx proxy. - Added
--server-tls-policy
and--clear-server-tls-policy
flags togcloud compute target-https-proxies create/update
to attach/detach a server TLS policy to the target https proxy. - Release pathTemplateMatch and pathTemplateRewrite fields in urlMaps to v1 API.
- Updated
--consumer-accept-list
and--consumer-reject-list
ofgcloud compute service-attachments create
andgcloud compute service-attachments update
to support networks. - Promoted
--provisioned-throughput
flag ofgcloud compute disks create
andgcloud compute disks update
to GA. - Promoted
--create-disk=provisioned-throughput
forgcloud compute instances create
andgcloud compute instance-templates create
to GA. - Promoted
gcloud compute interconnects remote-locations <describe|list>
to beta and GA. - Promoted
--remote-location
flag ofgcloud compute interconnects create
to beta and GA. - Promoted
--subnet-length
flag ofgcloud compute interconnects attachments <dedicated|provider> create
to beta and GA.
Container Registry
- Changed "gloud container images describe" to check existence of the digest.
Database Migration
- Updated
gcloud database-migration connection-profiles create alloydb
to support customer-managed encryption key(CMEK). - Updated
gcloud database-migration connection-profiles create cloudsql
to support customer-managed encryption key(CMEK).
Kpt
- Updated kpt from v1.0.0-beta.31 to v1.0.0-beta.33. See https://github.com/GoogleContainerTools/kpt/releases/tag/v1.0.0-beta.33 and previous release notes for more details.
Kubernetes Engine
- Promoted fields
gpu-driver-version
within--accelerator
flag to enable GPU driver auto installation. - Updated default kubectl from 1.24.13 to 1.25.9.
- Additional kubectl versions:
- kubectl.1.21 (1.21.14)
- kubectl.1.22 (1.22.17)
- kubectl.1.23 (1.23.17)
- kubectl.1.24 (1.24.13)
- kubectl.1.25 (1.25.9)
- kubectl.1.26 (1.26.4)
- kubectl.1.27 (1.27.1)
Network Security
- Promoted
gcloud network-security security-profile-groups
to beta. - Added
network-security firewall-endpoints
commands to manage Cloud Firewall Plus endpoints, and promoted them to beta. - Promoted
gcloud network-security security-profiles threat-prevention
to beta.
Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.
431.0.0 (2023-05-16)
Breaking Changes
- (Anthos On-Prem) Modified
--version
flag to be required ingcloud container vmware clusters create
. - (Compute Engine) Added
centos-stream-8
andcentos-stream-9
options to--os
flag for:gcloud compute images import
in GA,gcloud compute instances import
in GAgcloud compute machine-images import
in GA
Google Cloud CLI
- Fixed error when filtering was applied to date or time type keys and their values were None. Now, the resources will be excluded as when values were empty.
- Added warning message to indicate support for Python 3.5-3.7 will be deprecated on August 8th, 2023.
Anthos On-Prem
- Modified
gcloud container bare-metal clusters list
to return clusters in all locations of the specified project if--location
is not specified and configurationcontainer_bare_metal/location
is not set.
Artifact Registry
- Changed IAM policy translation logic in
gcloud beta artifacts docker upgrade print-iam-policy
.
Batch
- Promoted Batch submit job optional job_id feature to beta and GA.
Cloud Build
- Added
--repository
flag togcloud builds triggers create manual
,gcloud builds triggers create webhook
andgcloud builds triggers create pubsub
which supports creating manual, webhook or Pub/Sub trigger with 2nd-gen repository resource.
Cloud Dataproc
- Added
--staging-bucket
flag togcloud dataproc batches submit ...
commands in GA. This sets staging bucket when creating batches. - Added
--staging-bucket
flag togcloud dataproc session create ...
commands in Preview. This sets staging bucket when creating sessions.
Cloud Firestore
- Promoted
firestore locations list
to GA.
Cloud Run
- Promoted
gcloud run jobs deploy
to GA, which allows creating or updating a Cloud Run job from a container image or source to build.
Cloud Storage
- Added a
preserve_symlinks
option togcloud storage
cp
andmv
commands; when present, this option will cause file and directory symlinks to be represented by placeholder files in the cloud, and reconstructed as symlinks when downloaded.
Compute Engine
- Promoted
gcloud compute addresses move
to GA.
Compute Firewall Rules
- Added
--bind-tags-to-instances
flag togcloud compute firewall-rules migrate
to bind secure tags to VM instances.
Database Migration
- Updated
gcloud database-migration migration-jobs create
to support customer-managed encryption key(CMEK).
Dataproc Metastore
- Promoted
gcloud metastore services alter-metadata-resource-location
to GA. - Promoted
gcloud metastore services alter-table-properties
to GA. - Promoted
gcloud metastore services move-table-to-database
to GA. - Promoted
gcloud metastore services query-metadata
to GA.
Events
- Removed
gcloud beta events
surface and all commands within. Please usegcloud eventarc
instead.
Kubernetes Engine
- Deprecated
--linux-sysctls
flag since--system-config-from-file
is now used to config nodes.
Notebooks
- Added
--data-disk-type
,--data-disk-size
,--no-remove-data-disk
togcloud notebooks instances create
to configure data disk.
Recaptcha
- Added
--private-key-file
,--team-id
,--key-id
torecaptcha keys create
for iOS keys. Providing these fields allows reCAPTCHA Enterprise to provide more accurate risk scores. - Added
--private-key-file
,--team-id
,--key-id
torecaptcha keys update
for iOS keys. Providing these fields allows reCAPTCHA Enterprise to provide more accurate risk scores.
Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.
430.0.0 (2023-05-09)
Breaking Changes
- (Distributed Cloud Edge) Changed default behavior of
gcloud edge-cloud container clusters get-credentials
to use kubectl exec auth. More info at https://cloud.google.com/blog/products/containers-kubernetes/kubectl-auth-changes-in-gke. If a user requires use of the deprecated in-tree-auth-plugin, they can revert back to previous behavior by setting an environment flag:USE_GKE_GCLOUD_AUTH_PLUGIN=false
.
Google Cloud CLI
- Fixed issue where
gcloud auth enterprise-certificate-config create
usedcert_issuer
instead ofissuer
for Windows and MacOS configurations.
AlloyDB
- Added
gcloud alloydb users <command>
Users API to manage AlloyDB users.
Anthos On-Prem
- Modified
gcloud container vmware clusters list
to return clusters in all locations of the specified project if--location
is not specified and configurationcontainer_vmware/location
is not set.
App Engine
- Updated the Python App Engine devappserver to set app.yaml
build_env_variables
when running pip. - Updated the Python App Engine devappserver to fix php55 lost request bug.
- Updated the Java SDK to version 2.0.14 build from the open source project https://github.com/GoogleCloudPlatform/appengine-java-standard/releases/tag/v2.0.14.
Bare Metal Solution
- Promoted
gcloud bms instance rename
to GA. - Promoted
gcloud bms networks rename
to GA. - Promoted
gcloud bms nfs-shares rename
to GA. - Promoted
gcloud bms volumes rename
to GA.
Cloud Bigtable
- Rebuilt cbt cli with go version 1.20.4 which fixed CVE-2022-41723.
- Add ability to count rows for a prefix.
Cloud Bigtable Emulator
- Rebuilt cbt emulator with go version 1.20.4 which fixed CVE-2022-41723.
Cloud Build
- Added
--git-source-revision
flag togcloud builds submit
. - Added
--git-source-dir
flag togcloud builds submit
.
Cloud Firestore
- Promoted
firestore locations list
to beta.
Cloud IAM
- Added
--web-sso-response-type
and--web-sso-assertion-claims-behavior
flag togcloud iam workforce-pools providers create-oidc
andgcloud iam workforce-pools providers update-oidc
to allow user to setup web sso configuration.
Cloud Logging
- Added
--custom-learned-route-priority
and--set-custom-learned-route-ranges
flags ofgcloud compute routers add-bgp-peer
in beta to specify the custom learned route configuration. - Added
--custom-learned-route-priority
,--set-custom-learned-route-ranges
,--add-custom-learned-route-ranges
and--remove-custom-learned-route-ranges
flags ofgcloud compute routers update-bgp-peer
in beta to specify the custom learned route configuration.
Cloud Pub/Sub
- The
gcloud pubsub pull
command now waits for messages by default.- The
--wait
flag has been deprecated fromgcloud beta pubsub pull
command. - The
--return-immediately
flag has been added togcloud beta pubsub pull
command to support the old behavior.
- The
Cloud Run
- No longer sets the
client.knative.dev/user-image
annotation when deploying or updating Cloud Run Services and Jobs. - Fixes issue in
gcloud run deploy
andgcloud run services update
where changing--port
would fail due to health check errors.
Compute Engine
- Update replica-zones support
--create-disk=replica-zones
forgcloud compute instances create
. - Promoted
gcloud compute addresses move
to beta. - Added
--user-ip-request-headers
forgcloud compute security-policies update
, and promoted it to beta.
Database Migration
- Added a set of commands for
gcloud database-migration private-connections
to perform common (create, list, describe, delete) operations on private connections. - Updated
gcloud database-migration connection-profiles create
to support creating Oracle connection profiles. - Updated
gcloud database-migration connection-profiles create
to support connectivity in creating Postgresql connection profiles. - Added
gcloud database-migrate conversion-workspaces
that supports the following commands for creating and managing conversion workspaces: create, update, delete, list, describe, commit, rollback, seed, import-rules, convert, apply, list background jobs and describe entities. - Updated
gcloud database-migration migration-jobs create
to support heterogeneous migration jobs.
Kubernetes Engine
- Added
--enable-master-global-access
flag ofgcloud container clusters create-auto
.
Looker
- Launch Looker (Google Cloud core) for General Availability to the public.
Network Connectivity
- Updated
gcloud network-connectivity service-connection-policies create
subnet flag field to accept resource arguments.
Network Services
- Updated GA schema for
gcloud network-services gateways
. - This primarily impacts gateway import/export.
- It includes SWG-specific changes so gateways of type SWG can be created.
Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.
429.0.0 (2023-05-02)
Breaking Changes
- (Compute Engine) Added rocky-9 option to
--os
flag for:gcloud compute images import
in GA,gcloud compute instances import
in GAgcloud compute machine-images import
in GA
Google Cloud CLI
- Updated bundled-python cryptography package to 39.0.1 and PyOpenSSL to 23.0.0.
AlloyDB
- Added
--update-mode
flag togcloud alloydb instances update
in alpha and beta tracks.
BigQuery
- Added
bq info
command to print debug information. - Froze the request library to version '2.27.1' until python2 is removed.
- Removed excess line of logging to stderr that was printed on most commands.
- Improved error messaging for unsupported regions.
- Added support for an
encoding
when creating a JSON backed external table. - Updated bundled
urllib3
.
Certificate Authority Service
- Added
--ignore_dependent_resources
flag togcloud privateca roots disable
to allow a root CA to be disabled even if it is the last CA in its CA Pool while its CA Pool is being depended on by another cloud resource. - Added
--ignore_dependent_resources
flag togcloud privateca subordinates disable
to allow a subordinate CA to be disabled even if it is the last CA in its CA Pool while its CA Pool is being depended on by another cloud resource. - Added
--ignore_dependent_resources
flag togcloud privateca roots delete
to allow a root CA to be deleted even if its CA Pool is being depended on by another cloud resource. - Added
--ignore_dependent_resources
flag togcloud privateca subordinates delete
to allow a subordinate CA to be deleted even if its CA Pool is being depended on by another cloud resource. - Added
--ignore_dependent_resources
flag togcloud privateca pools delete
to allow a CA Pool to be deleted even if it is being depended on by another cloud resource.
Cloud Bigtable
- Rebuilding cbt cli with go version 1.20.3 which fixed CVE-2022-41723.
Cloud Firestore Emulator
- Release Cloud Firestore emulator v1.17.4
- Added support for eventarc triggers(2nd gen)
- Fix ListDocuments to have page token
Cloud Identity-Aware Proxy
- Fixed a low throughput issue that appeared in some download cases for
gcloud compute start-iap-tunnel
.
Cloud Monitoring
- Promoted
gcloud monitoring snoozes
commands to beta and GA.
Cloud Pub/Sub
- Added
--event-time
flag togcloud pubsub lite-topics publish
to allow users to specify an event time when publishing a message.
Cloud Run
- Updated
gcloud beta run integrations list
to display integrations across all regions by default when--region
flag is not specified.
Cloud SQL
- Promoted
--threads-per-core
flag forgcloud sql instances create
andgcloud sql instances patch
to GA.
Cloud Workstations
- Added the
beta workstations list-usable
command which lists a user's usable workstations under a given configuration. - Added
gcloud beta workstations get-iam-policy
. - Added
gcloud beta workstations set-iam-policy
. - Added
gcloud beta workstations configs get-iam-policy
. - Added
gcloud beta workstations configs set-iam-policy
.
Compute Engine
- Added "REGION" column in the output of
gcloud compute ssl-certificates list
. - Promoted
--gateway-ip-version
flag ofgcloud compute vpn-gateways create
to beta. Flag defines the IP version of VPN Gateway. - Allowed
--interfaces
flag to accept IPv6 addresses ofgcloud beta compute external-vpn-gateways create
. - Promoted support of regional instance template for
gcloud compute instance-groups managed create
to beta and GA. - Promoted support of regional instance template for
gcloud compute instance-groups managed set-instance-template
to beta and GA. - Promoted support of regional instance template for
gcloud compute instance-groups managed rolling-action start-update
to beta and GA. - Promoted
--nat-name
flag ofgcloud compute routers get-nat-mapping-info
to GA.
Distributed Cloud Edge
- Added
--lro-timeout
forgcloud edge-cloud container clusters create
which allows specifying a custom duration for thegcloud
CLI to wait on LROs.
Identity and Access Management
- Fixed issue with
gcloud auth login --login-config=$LOGIN_CONFIG --no-browser
not working on Linux machines due to terminal input limit.
Kpt
- Updated kpt from v1.0.0-beta.30 to v1.0.0-beta.31. See https://github.com/GoogleContainerTools/kpt/releases/tag/v1.0.0-beta.31 for more details.
Kubernetes Engine
- Added
--enable-unstable-kubernetes-apis
flag togcloud containers cluster create
andgcloud containers cluster update
to facilitate enabling beta apis in kube-apiserver.
Network Connectivity
- Made network field accept both resource identifier and path.
Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.
428.0.0 (2023-04-25)
Breaking Changes
- (Cloud Run) For
gcloud beta run jobs deploy
,gcloud run jobs create
, andgcloud run jobs update
, mark--execute-now
and--async
flags mutually exclusive.
Google Cloud CLI
- Added
--lifetime
flag togcloud auth application-default print-access-token
to configure service account impersonation access token lifetime. - Duration flags now support fractional input.
Anthos Multi-Cloud
- Promoted
--enable-managed-prometheus
flag ofgcloud container aws clusters create
to GA. - Promoted
--enable-managed-prometheus
and--disable-managed-prometheus
flags ofgcloud container aws clusters update
to GA. - Promoted
--enable-managed-prometheus
flag ofgcloud container azure clusters create
to GA. - Promoted
--enable-managed-prometheus
and--disable-managed-prometheus
flags ofgcloud container azure clusters update
to GA. - Fixed issue where
--max-nodes
,--min-nodes
, and--max-pods-per-node
flags ofgcloud container aws node-pools create
andgcloud container azure node-pools create
were incorrectly documented as optional.
Anthos On-Prem
- Added
gcloud container bare-metal admin-clusters unenroll
which removes Cluster API resources so that the cluster is no longer managed by the Anthos On-Prem API. - Added support for annotations in the
container bare-metal clusters update
command.
Cloud Bigtable
- Rebuilding cbt cli with go version 1.20 which fixed cve-2023-24537.
Cloud Bigtable Emulator
- Rebuilding cbt emulator with go version 1.20 which fixed cve-2023-24537.
Cloud Run
- Added
firebase-hosting
integration type togcloud beta run integrations
command group.
Cloud Storage
- Updated gsutil component to 5.23.
Cloud Tasks
- Added
gcloud beta tasks buffer
which enables creation of an HTTP task without specifying the task body. It requires the parent queue to have an HTTP target override and is only enabled in the beta track.
Cloud Workstations
- Added
-labels
flag togcloud beta workstations create
andgcloud beta workstations cluster create
.
Compute Engine
- Added
--auto-network-tier
flag ofgcloud compute routers nats create
andgcloud compute routers nats update
in beta to select network tier to be used by NAT in auto mode. - Promoted flag
--enforce-on-key-configs
ofgcloud compute security-policies rules create|update
to GA. - Added
--certificate-manager-certificates
flag togcloud compute target-https-proxies create/update
to add a list of ssl certificates created in certificate-manager to the target https proxy. - Added
--allow-psc-global-access
flag ofgcloud compute forwarding-rules <create|update>
to v1.
Compute Firewall Policies
- Promoted
--src-threat-intelligence
and--dest-threat-intelligence
flags to GA ingcloud compute firewall-policies rules create
,gcloud compute firewall-policies rules update
,gcloud compute network-firewall-policies rules create
andgcloud compute network-firewall-policies rules update
commands. - Promoted
--src-region-codes
and--dest-region-codes
flags to GA ingcloud compute firewall-policies rules create
,gcloud compute firewall-policies rules update
,gcloud compute network-firewall-policies rules create
andgcloud compute network-firewall-policies rules update
commands. - Promoted
--src-fqdns
and--dest-fqdns
flags to GA ingcloud compute firewall-policies rules create/update
andgcloud compute network-firewall-policies rules create/update
commands. - Promoted
--src-address-groups
and--dest-address-groups
flags to GA ingcloud compute firewall-policies rules create/update
andgcloud compute network-firewall-policies rules create/update
commands.
Kubernetes Engine
- Added
--location
flag toclusters
,node-pools
, andoperations
surfaces as a simpler alternative to--zone
or--region
. - Updated default kubectl from 1.24.12 to 1.24.13.
- Additional kubectl versions:
- kubectl.1.21 (1.21.14)
- kubectl.1.22 (1.22.17)
- kubectl.1.23 (1.23.17)
- kubectl.1.24 (1.24.13)
- kubectl.1.25 (1.25.9)
- kubectl.1.26 (1.26.4)
Network Security
- Added
gcloud network-security server-tls-policies describe
to alpha and beta. - Promoted
gcloud network-security gateway-security-policies
to GA. - Promoted
gcloud network-security gateway-security-policies rules
to GA. - Promoted
gcloud network-security url-lists
to GA. - Promoted
gcloud network-security tls-inspection-policies
to GA.
Public CA
- Promoted
gcloud publicca
to GA.
Security Command Center
- Fixed
gcloud scc findings list
to provide descriptive error message whenparent
argument is omitted.
Transcoder
- Added support for
--mode
flag when creating a new job.
Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.
427.0.0 (2023-04-18)
Breaking Changes
- (Google Cloud CLI) Deprecated Python 2. The minimum supported Python version is Python 3.5.
- (Cloud Datastore) Remove
gcloud datastore databases create
after version 427.0.0. Please usegcloud firestore database update --type=datastore-mode
instead. - (Cloud Firestore) Switched
firestore database create
to use Firestore API. - (Cloud Firestore) Deprecated
--region
ingcloud firestore database create
. Use--location
to specify the database location.
Google Cloud CLI
- Added
--lifetime
flag togcloud auth print-access-token
to configure service account impersonation access token lifetime.
App Engine
- Updated the Go SDK to version 1.9.75. Please visit the following release notes for details: https://cloud.google.com/appengine/docs/go/release-notes.
- Updated the Java SDK to version 2.0.13 build from the open source project https://github.com/GoogleCloudPlatform/appengine-java-standard/releases/tag/v2.0.13.
- Upgraded Jetty web server to version 9.4.51.v20230217.
Artifact Registry
- Promoted
gcloud artifacts googet
command group to GA.
BigQuery
- Removed restrictions to what locations can be used with
--location
when combined with--use_regional_endpoints
. - Improved
Format RANGE<TIMESTAMP>
formatting.
Certificate Authority Service
- Added
ignore_dependent_resources
parameter to disable CA, delete CA, and delete CA Pool. These commands would normally fail if the CA Pool would be in a state where it's not able to issue certificates while there's a resource that depends on it. This flag skips the check and may cause unintended and unrecoverable effects on any dependent resource(s) since the CA Pool would no longer be able to issue certificates.
Cloud Firestore
- Promoted
firestore databases describe
to beta. - Promoted
firestore databases update
to beta. - Promoted
firestore databases list
to beta. - Promoted
firestore databases describe
to GA. - Promoted
firestore databases update
to GA. - Promoted
firestore databases list
to GA.
Cloud Firestore Emulator
- Release Cloud Firestore emulator v1.16.2
- Fixed an issue where some http/1 headers were causing 400 errors.
Cloud On Demand Scanning
- Updated
local-extract
component to 1.5.8 to allow it to run in environments withoutglibc
.
Cloud Run
- Promoted
--session-affinity
to GA for--platform=managed
forgcloud run deploy
andgcloud run services update
. - Promoted
--add-custom-audiences
,--clear-custom-audiences
,--remove-custom-audiences
and--set-custom-audiences
to beta for--platform=managed
forgcloud run deploy
andgcloud run services update
.
Cloud SQL
- Added PostgreSQL 15 to database versions.
Cloud Spanner
- Added database drop protection column to
gcloud spanner databases list
command.
Cloud Storage
- Promoted
gcloud storage insights
commands to GA.
Cloud TPU
- Add
gcloud compute tpus topologies list
to list available TPUs by chip topology.
Cloud Workstations
- Adding support for labels in the
beta workstations config create
andbeta workstations config update
commands.
Compute Engine
- Updated the scope flags
--zone
or--region
of the primary disk,--secondary-disk-zone
or--secondary-disk-region
of the secondary disk to be required forgcloud compute disks start-async-replication
.
Dataproc Metastore
- Added support for Dataproc Metastore admin interface. The following commands have been added to alpha/beta release tracks:
metastore services alter-table-properties
Events
- Deprecated
gcloud beta events
surface and all commands within. This surface will be removed in an upcoming release. Please usegcloud eventarc
instead.
GKE Hub
- Added
--location
flag togcloud container fleet memberships register
andgcloud beta container fleet memberships register
. - If
--location
is not specified when registering GKE clusters, Membership region is selected to match to GKE cluster location by default. - If
--location
is not specified when registering non-GKE clusters, Membership region is selected as "global" by default.
Kpt
- Updated kpt from v1.0.0-beta.29 to v1.0.0-beta.30. See https://github.com/GoogleContainerTools/kpt/releases/tag/v1.0.0-beta.30 for more details.
Kubernetes Engine
- Added
--addons=GcsFuseCsiDriver
togcloud beta container clusters create
and--update-addons=GcsFuseCsiDriver
togcloud beta container clusters update
to enable/disable the Cloud Storage FUSE Container Storage Interface (CSI) Driver. - Allow
--enable-managed-prometheus
or--disable-managed-prometheus
flag to be passed with--logging
and--monitoring
flags at the same time ingcloud container clusters update
. - Added
--additional-pod-ipv4-ranges
and--remove-additional-pod-ipv4-ranges
flags ofgcloud container clusters update
to GA.
Network Connectivity
- Renamed 'psc-subnetworks' field to 'subnets' based on review comments.
Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.
426.0.0 (2023-04-11)
Breaking Changes
- (Cloud Firestore) Switched
firestore database create
to use Firestore API after version 427.0.0. - (Cloud Firestore) Deprecated
--region
ingcloud firestore database create
. Use--location
to specify the database location.--region
flag will be remove after version 427.0.0.
Anthos On-Prem
- Promoted
gcloud container vmware
to beta. - Promoted
gcloud container bare-metal
to beta.
App Engine
- Updated the Go SDK to version 1.9.74. Please visit the following release notes for details: https://cloud.google.com/appengine/docs/go/release-notes.
Batch
- Added
no-external-ip-address
flag togcloud batch job submit
.
BigQuery
- Added warning when
apilog
flag is missing that the logging level is being lowered.
Cloud Bigtable
- Clarified the functionality of
--transactional-writes
flag ingcloud bigtable app-profiles update
.
Cloud Build
- Hide
--repository
flag ingcloud builds triggers create manual
,gcloud builds triggers create webhook
andgcloud builds triggers create pubsub
.
Cloud Dataflow
- Added
JAVA17
togcloud dataflow flex-template
command SDK Language options, allowing users to submit Flex Template jobs using Java 17.
Cloud Filestore
- Added
gcloud filestore instances revert
command in GA to revert a filestore instance to specific snapshot.
Cloud Functions
- Updated
gcloud functions deploy
to no longer require the flag--gen2
when updating an existing 2nd gen function. This aligns with the existing behavior of other commands. You can disable this behavior and only work with 1st gen functions by either adding--no-gen2
to a command or by setting thefunctions/gen2
config property tooff
.
Cloud Memorystore
- Change to
current default
fromlatest
for--maintenance-version
flag ingcloud redis instances update
to allow updating to the current default maintenance version.
Cloud Org Policy
- Added
--update-mask
flag togcloud org-policies reset
command to support partial reset of policies (e.g, reset only dry-run policy spec or live policy spec).
Cloud Run
- Promoted
--cpu-boost
to GA for--platform=managed
forgcloud run deploy
.
Cloud Workflows
- Added the
call-log-level
flag togcloud workflows deploy
, and add thelog-none
value to thecall-log-level
flag forgcloud workflows <execute|run>
, to specify no call logging even if logging was specified at the workflow level.
Compute Engine
- Promoted
--max-count-per-zone
flag ofgcloud compute instances bulk create
to beta. Flag defines maximum number of instances that can be created per zone for regional bulk insert. - Added
SEV_LIVE_MIGRATABLE
to the list ofguestOsFeatures
. - Rearranged
gcloud compute images import
source flags by moving--source-file
&--source-image
to the beginning.
Network Connectivity
- Added
gcloud network-connectivity service-connection-policies create
andgcloud network-connectivity service-connection-policies delete
commands. - Added
gcloud network-connectivity service-connection-policies list
andgcloud network-connectivity service-connection-policies describe
commands.
Security Command Center
- Promoted
gcloud scc custom-modules sha
to GA.
Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.
425.0.0 (2023-04-04)
Breaking Changes
- (Compute Engine) Migrate single request
gcloud compute
commands from the compute batch - (Compute Engine) endpoint to region-specific endpoints.
App Engine
- Removed
InvalidInstanceIpModeError
exception fromgcloud.app.instances.ssh
because SSH is now supported for all Instance Ip Modes.
Artifact Registry
- Added
gcloud beta artifacts docker upgrade print-iam-policy
.
Certificate Manager
- Promoted
gcloud certificate-manager trust-configs delete
to beta. - Promoted
gcloud certificate-manager trust-configs describe
to beta. - Promoted
gcloud certificate-manager trust-configs export
to beta. - Promoted
gcloud certificate-manager trust-configs import
to beta. - Promoted
gcloud certificate-manager trust-configs list
to beta.
Cloud Access Context Manager
- Added
--dry-run-level
flag togcloud access-context-manager cloud-bindings
to test cloud-binding before enforcing them.
Cloud Build
- Update wait timeout for
gcloud builds worker-pools create
andgcloud builds worker-pools delete
commands to 1h.
Cloud Functions
- Updated
gcloud functions add-iam-policy-binding
,gcloud functions call
,gcloud functions delete
,gcloud functions get-iam-policy
,gcloud functions remove-iam-policy-binding
, andgcloud functions set-iam-policy
to no longer require the flag--gen2
when operating on a 2nd gen function. This aligns with the existing behavior ofgcloud functions describe
. You can disable this behavior and only work with 1st gen functions by either adding--no-gen2
to a command or by setting thefunctions/gen2
config property tooff
.
Cloud IAM
- Added
gcloud iam workload-identity-pools providers keys
commands to manage workload identity pool provider keys.
Cloud Workstations
- Adding support for the customer managed encryption key and encryption key service account flags in the
beta workstations config create
command.
Compute Engine
- Enable "Uniform Bucket Level Access" by default for the temporary Cloud Storage buckets created in
gcloud compute images import
andgcloud compute images export
. - Promoted
--source-ip-ranges
flag ofgcloud compute forwarding-rules [create|update]
to GA.
Database Migration
- Added
--allocated-ip-range
flag togcloud database-migration connection-profiles create cloudsql
to allow selecting an allocated IP range for VPC peering. - Added
--alloydb-cluster
flag togcloud database-migration connection-profiles create
to allow creating a connection profile with an existing AlloyDB cluster. - Added
--alloydb-cluster
flag togcloud database-migration connection-profiles update
to allow configuring a connection profile with an existing AlloyDB cluster.
Network Security
- Promoted
gcloud network-security tls-inspection-policies
to beta.
Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.
424.0.0 (2023-03-28)
Breaking Changes
- (Artifact Registry) Fixed issue where the default table format was used when
--show-occurrences
flag was passed in, even though that format prevented occurrences from being displayed. Changed to use the default format when the flag is used. Use the same command without--show-occurrences
to get the old behavior.
Artifact Registry
- Allow using
gcloud beta artifacts images describe
with Artifact Registry repos that use gcr.io domain. - Promoted
artifacts settings describe
artifacts settings enable-upgrade-redirection
, andartifacts settings disable-upgrade-redirection
commands to GA.
BigQuery
- Fixed issue storing
--api
flag in the.bigqueryrc
file. - Added the option for three-year capacity commitment plans.
- Updated wcwidth to version
0.2.6
.
Certificate Manager
- Promoted
gcloud certificate-manager issuance-configs
to GA.
Cloud Build
- Added
--default-buckets-behavior
flag togcloud builds submit
.
Cloud Deploy
- Added
gcloud deploy rollouts advance
to alpha and beta. - Added
gcloud deploy rollouts cancel
to alpha and beta. - Added
gcloud deploy rollouts ignore-job
to alpha and beta. - Added
gcloud deploy job-runs terminate
to alpha and beta. - Added
starting-phase-id
flag togcloud deploy targets redeploy
. - Added
starting-phase-id
flag togcloud deploy targets rollback
. - Added
starting-phase-id
flag togcloud deploy releases promote
. - Added
initial-rollout-phase-id
flag togcloud deploy releases create
.
Cloud Memorystore
- Added
--maintenance-version
flag togcloud redis instances update
to allow updating a maintenance version when updating an instance.
Cloud Run
- Promoted
gcloud run jobs
command group and its sub-commands to GA, except for the following commands:gcloud beta run jobs deploy
gcloud beta run jobs logs
gcloud beta run jobs executions logs
- Promoted
--encryption-key-shutdown-hours
and--clear-encryption-key-shutdown-hours
flags ofgcloud run deploy
andgcloud run services update
to GA for--platform=managed
.
Cloud SQL
- Added
gcloud sql instances reencrypt
, which re-encrypts a Cloud SQL CMEK instance with the current primary key version in alpha.
Cloud TPU
- Update
gcloud compute tpus tpu-vm create
to allow configuration of TPUs with chip topology using--type
and--topology
flags.
Compute Engine
- Promoted
disk-consistency-group
argument ofgcloud compute resource-policies create
to beta. - Promoted
--primary-disk
,--primary-disk-project
,--primary-disk-region
, and--primary-disk-zone
ofgcloud compute disks create
to beta. - Promoted
gcloud compute disks start-async-replication
to beta. - Promoted
gcloud compute disks stop-async-replication
to beta. - Promoted
gcloud compute disks stop-group-async-replication
to beta. - Promoted
gcloud compute disks bulk create
to beta. - Fixed documentation for
--update-policy-max-surge
and--update-policy-replacement-method
flags. - Promoted
--queue-count
flag in--network-interface
ofgcloud compute instance-templates create
to GA. - Promoted
--queue-count
flag in--network-interface
ofgcloud compute instances bulk create
to GA.
Database Migration
- Added
demote-destination
request togcloud database-migration migration-jobs
to allow demoting the destination of a migration job.
Dataproc Metastore
- Promoted the
custom-routes-enabled
boolean value to thenetwork-config-from-file
flag ofgcloud metastore services create
to v1alpha and v1beta. - Fixed issue where commands including an
--instance-size
flag would fail if the user specified an enum value ofEXTRA_SMALL
orEXTRA_LARGE
.
Eventarc
- Added
--event-data-content-type
flag togcloud eventarc triggers create
andgcloud eventarc triggers update
to label the type of payload in MIME format that is expected from the CloudEvent data field.
Kpt
- Updated kpt from v1.0.0-beta.27 to v1.0.0-beta.29. See https://github.com/GoogleContainerTools/kpt/releases/tag/v1.0.0-beta.29 and previous release notes for more details.
Kubernetes Engine
- Updates default kubectl from 1.24.11 to 1.24.12.
- Additional kubectl versions:
- kubectl.1.21 (1.21.14)
- kubectl.1.22 (1.22.17)
- kubectl.1.23 (1.23.17)
- kubectl.1.24 (1.24.12)
- kubectl.1.25 (1.25.8)
- kubectl.1.26 (1.26.3)
Network Security
- Promoted
gcloud network-security url-lists
to beta. - Promoted
gcloud network-security gateway-security-policies
to beta. - Promoted
gcloud network-security gateway-security-policy-rules
to beta.
Recaptcha
- Added
--support-non-google-app-store-distribution
torecaptcha keys create
that enables support for non-Google Play Store distributed applications for the key.
Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.
423.0.0 (2023-03-21)
Google Cloud CLI
- Added
gcloud auth enterprise-certificate-config
to create enterprise-certificate configurations. - Disabled mTLS during installation.
- Fixed crash that occurred when parsing certain repeated dictionary-type flags if duplicate keys were provided or if invalid choices for another flag were specified afterwards.
- Improved post-processing times during
gcloud components update
andgcloud components install
on Windows.
App Engine
- Updated the Java SDK to version 2.0.12 build from the open source project https://github.com/GoogleCloudPlatform/appengine-java-standard/releases/tag/v2.0.12.
- Fixed a DevAppServer issue where in some scenarios, the class
io.opencensus.trace.propagation.TextFormat
could not be found. - Added
--tunnel-through-iap
flag togcloud app instances ssh
. Using this flag lets you use an Identity-Aware Proxy (IAP) tunnel when attempting to SSH into an App Engine flexible environment instance without an external IP address. - Updated the Go SDK to version 1.9.73. Please visit the following release notes for details: https://cloud.google.com/appengine/docs/go/release-notes.
- Added
--tunnel-through-iap
flag togcloud app instances scp
. Using this flag lets you use an Identity-Aware Proxy (IAP) tunnel when attempting to SCP to/from an App Engine flexible environment instance without an external IP address.
Artifact Registry
Updated
gcloud artifacts docker images describe
andgcloud artifacts docker images list
to return occurrences when an occurrence filter is used, even if the user does not explicitly say to show occurrences.Added
--immutable-tags
flag togcloud artifacts repositories create
andgcloud artifacts repositories update
.
Bare Metal Solution
- Promoted
gcloud bms ssh-keys list
to GA. - Promoted
gcloud bms ssh-keys add
to GA. - Promoted
gcloud bms ssh-keys remove
to GA.
Cloud Build
- Added
--repository
flag togcloud builds triggers create manual
,gcloud builds triggers create webhook
andgcloud builds triggers create pubsub
.
Cloud Dataproc
- Added
--ttl
flag togcloud dataproc batches submit
commands in GA. This sets a workload TTL when creating batches.
Cloud Firestore Emulator
- Released Cloud Firestore emulator v1.16.1
- Fixed: support read_time in ListCollectionIds
Cloud Healthcare
- Added
gcloud healthcare fhir-stores metrics
which allows users to retrieve metrics associated with a FHIR store.
Cloud Key Management Service
- Added
--key-management-mode
and--crypto-space-path
togcloud kms ekm-connections
that is used when creating coordinated external keys. - Added
gcloud kms ekm-config
commands which enables setting configuration values for EKM users.
Compute Engine
- Promoted
--aws-*
flags ofgcloud compute images import
to GA. - Promoted
gcloud compute sole-tenancy node-groups simulate-maintenance-event
to GA.
Database Migration
- Added
--availability-type
flag togcloud database-migration connection-profiles create
to allow configuring the availability type on the destination Cloud SQL instance. - Added
--secondary-zone
flag togcloud database-migration connection-profiles create
to allow configuring the secondary zone of the destination Cloud SQL instance when regional availability type is used.
Kubernetes Engine
- Added
--enable-fleet
flag togcloud container clusters create
,gcloud container clusters create-auto
andgcloud container clusters update
in alpha, beta track. - Added
--fleet-project
flag togcloud container clusters create
,gcloud container clusters create-auto
andgcloud container clusters update
in alpha, beta track. - Added
--clear-fleet-project
flag togcloud container clusters update
in alpha, beta track.
Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.
422.0.0 (2023-03-14)
Breaking Changes
- (Cloud Pub/Sub) Fixed output format of
gcloud schemas list
andgcloud schemas list-revisions
to remove the DEFINITION column if--view
is not FULL.
Google Cloud CLI
- Added
gcloud auth enterprise-certificate-config
to create enterprise-certificate configurations.
Anthos Multi-Cloud
- Added
--clear-client
flag togcloud container azure clusters update
to clear the Azure client. This flag is required when updating to use Azure workload identity federation from Azure client to manage Azure resources.
App Engine
- Updated the Python App Engine devappserver to support a new flag
--python_virtualenv_path
. It is an optional directory that will be used to setup a Python 3 virtual env for the local devappserver execution environment for Python 3 applications. If the path does not exist it will be created and it will not be cleanup at the end of the devappserver execution, allowing for caching between invocations. If not defined, a temporary directory will be used and cleaned up at the end of the execution.
Artifact Registry
gcloud beta artifacts settings enable-upgrade-redirection
command no longer requires creating missing repos.
Bare Metal Solution
- Promoted
gcloud bms instances enable-serial-console
to GA. - Promoted
gcloud bms instances disable-serial-console
to GA.
BigQuery
- Updated the bundled google auth libraries.
- Updated bundled libraries to use charset_normalizer with the request library.
Cloud Datastream
- Added the
max_concurrent_backfill_tasks
support to--mysql-source-config
,--oracle-source-config
,--postgresql-source-config
flags ingcloud datastream streams
.
Cloud Functions
- Preview of the CMEK support for Cloud Functions, 2nd Gen. In particular,
promoted
--docker-repository
,--kms-key
,--clear-docker-repository
and--clear-kms-key
flags ofgcloud functions deploy --gen2
to beta.
Cloud Run
- Removed
--condition
flag fromgcloud run {services,jobs} {add,remove}-iam-policy-binding
.
Cloud Workflows
- Added
--revision-id
flag togcloud workflows describe
to allow retrieving the source code of a workflow at a specific revision.
Cloud Workstations
- Added
gcloud beta workstations configs update
which updates a specified - Added
gcloud beta workstations ssh
which SSH's into a specified workstation. workstation configuration.
Compute Engine
- Added
--plan
togcloud compute commitments update
to support commitment term upgrade. - Promoted
gcloud compute security-policies rules add-preconfig-waf-exclusion|remove-preconfig-waf-exclusion
to GA. - Promoted
--queue-count
flag in--network-interface
ofgcloud compute instances create
to GA. - Promoted
--internal-ipv6-address
flag ofgcloud compute instances create
to GA. - Promoted
--internal-ipv6-prefix-length
flag ofgcloud compute instances create
to GA. - Added new
ADVANCED_PREVIEW
enum option to--network-ddos-protection
flag ofgcloud compute security-policies update
in alpha and beta.
GKE Hub
- Changed
gcloud container fleet memberships unregister
command to assume membership region based on gke cluster region by default.
Network Connectivity
- Fixed issue where
sort-by
arguments in list spoke command produced type validation errors.
Recaptcha
- Support creating express enabled site keys using
recaptcha keys create --waf-feature=express
.
Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.
421.0.0 (2023-03-07)
Artifact Registry
- Fixed an issue where
gcloud artifacts docker images list
does not return nested images.
BigQuery
- Extended third-party identity login to support a web-based 3-legged OAuth flow.
- Extended
ls -p
to page through all projects. - Extended
--format
forload
to support more formats. - Removes some unneeded shipped libraries.
- Added logging support for all exceptions when
--apilog
is present. - Added
--encoding
forload
to support csv encodings. - Updated the bundled cachetools library.
Cloud Filestore
- Added
--instance-location
flag togcloud filestore instances snapshots create
, which accepts either a zone or region and allows clients to create Enterprise and HighScale snapshots. - Added
--instance-location
flag togcloud filestore instances snapshots delete
, which accepts either a zone or region and allows clients to delete Enterprise and HighScale snapshots. - Added
--instance-location
flag togcloud filestore instances snapshots list
, which accepts either a zone or region and allows clients to list Enterprise and HighScale snapshots. - Added
--instance-location
flag togcloud filestore instances snapshots update
, which accepts either a zone or region and allows clients to update Enterprise and HighScale snapshots. - Added
--instance-location
flag togcloud filestore instances snapshots describe
, which accepts either a zone or region and allows clients to describe Enterprise and HighScale snapshots.
Cloud Pub/Sub
- Fixed
gcloud schemas commit
to raise an Invalid Argument error if--type
is not equal toprotocol-buffer
,protocol_buffer
, oravro
.
Cloud Services
- Added key-string support for undelete command for api_keys in beta.
Cloud Spanner
- Promoted
gcloud spanner databases roles list
to GA. - Promoted
--database-role
flag ingcloud spanner databases execute-sql
to GA.
Cloud Storage
- Updated gsutil component to 5.21.
Cloud Workflows
- Added
--labels
flag togcloud workflows <execute|run>
to allow adding execution specific labels.
Cloud Workstations
- Fixed issue with the custom container image not being properly set in
gcloud beta workstations configs create
.
Compute Engine
- Added
--encryption
togcloud compute interconnects attachments dedicated create
to add encryption option for dedicated interconnect attachment (VLAN attachment). - Added
--encryption
togcloud compute interconnects attachments partner create
to add encryption option for partner interconnect attachment (VLAN attachment). - Added
--ipsec-internal-addresses
togcloud compute interconnects attachments dedicated create
to add list of addresses that have been reserved for dedicated interconnect attachment (VLAN attachment). - Added
--ipsec-internal-addresses
togcloud compute interconnects attachments partner create
to add list of addresses that have been reserved for partner interconnect attachment (VLAN attachment). - Added
--encrypted-interconnect-router
togcloud compute routers create
to indicate that the router is dedicated for use with encrypted interconnect attachments (VLANs). - Added
--interconnect-attachments
togcloud compute vpn-gateways create
to add interconnect attachments (VLAN attachments) associated with the VPN gateway interfaces. - Added
9
to allowed list of values for--version
ofgcloud beta compute instances ops-agents policies [create|update]
. - Promoted
--locality_lb_policy
flag ofgcloud compute backend-services create/update
to GA. - Added
--max-run-duration
and--termination-time
flags ingcloud compute instances set-scheduling
to beta. - Added
--clear-max-run-duration
and--clear-termination-time
flags ingcloud compute instances set-scheduling
to beta. - Promoted
--endpoint-types
flag ingcloud compute routers nats create
to GA.
Dataproc Metastore
- Promoted
--auxiliary-versions
flag ofgcloud metastore services create
to GA. Modified flag to no longer be mutually exclusive with--consumer-subnetworks
and--network-config-from-file
. - Promoted
--auxiliary-versions-from-file
flag ofgcloud metastore services create
to GA. Modified flag to no longer be mutually exclusive with--consumer-subnetworks
and--network-config-from-file
. - Promoted
--instance-size
flag ofgcloud metastore services create
andgcloud metastore services update
to GA. - Added
--instance-size
flag togcloud metastore services create
andgcloud metastore services update
to specify a service instance size. - Promoted
--scaling-factor
flag ofgcloud metastore services create
andgcloud metastore services update
to GA. - Added
--scaling-factor
flag togcloud metastore services create
andgcloud metastore services update
to specify a service scaling factor. - Modified
--tier
flag ofgcloud metastore services create
andgcloud metastore services update
to be mutually exclusive with--instance-size
and--scaling-factor
in all release tracks.
Identity and Access Management
- Added support for credential sharing with bq and gsutil when using browser-based sign-in with Workforce identity federation to authenticate with the Google Cloud CLI via
gcloud auth login
.
Kpt
- Updated kpt from v1.0.0-beta.24 to v1.0.0-beta.27. See https://github.com/GoogleContainerTools/kpt/releases/tag/v1.0.0-beta.27 and previous release notes for more details.
Kubernetes Engine
- Prevent overwriting directory permission when KUBECONFIG contains empty entry or a directory. Instead, raise an error.
- Updates default kubectl from 1.24.10 to 1.24.11.
- Additional kubectl versions:
- kubectl.1.21 (1.21.14)
- kubectl.1.22 (1.22.17)
- kubectl.1.23 (1.23.17)
- kubectl.1.24 (1.24.11)
- kubectl.1.25 (1.25.7)
- kubectl.1.26 (1.26.2)
Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.
420.0.0 (2023-02-28)
Breaking Changes
- (Cloud Firestore) Switched
firestore beta database create
to use Firestore API. - (Cloud Firestore) Added
--type
,--location
and--database
togcloud beta firestore database create
. - (Cloud Firestore) Removed
--region
ingcloud beta firestore database create
. Use--location
instead.
App Engine
- Added support for App Engine go runtime versions 116, 117, 118, 119, 120.
BigQuery
- Updated messaging for the
use_legacy_sql
flag. - Added stack trace logging for errors when the
apilog
flag is used. - Removed unnecessary fetches for data transfer commands.
Certificate Authority Service
- Added name constraints arguments to
gcloud privateca roots create
to allow configuring certificate authorities with name constraints. - Added name constraints arguments to
gcloud privateca subordinates create
to allow configuring certificate authorities with name constraints. - Added name constraints arguments to
gcloud privateca certificates create
to allow configuring certificate authorities with name constraints.
Cloud Composer
- Update warning message when running commands that use the default Cloud Composer version, which was changed recently from 1 to 2.
Cloud Functions
- Fixed issue where
gcloud functions deploy
would crash on updating an existing function with VPC Connector when--egress-settings
flag was specified. - Added warning and prompting to
gcloud functions add-iam-policy-binding
about needing to bind theroles/run.invoker
role for 2nd gen functions.
Cloud Key Management Service
- Added
gcloud beta kms inventory
which allows viewing and tracking of keys across cloud resources.
Cloud Logging
- Promoted
buckets create --enable-analytics
to GA. - Added
buckets update --enable-analytics
to GA track. - Removed deprecated
buckets update --enable-loglink
from ALPHA track. - Added
--async
option to thebuckets create
andbuckets update
commands. - Added
links
command group implementation.
Compute Engine
- Promoted
--queue-count
flag in--network-interface
ofgcloud compute instances create
to beta. - Promoted
--stack-type
flag ofgcloud compute instances bulk create
to GA. - Promoted
gcloud compute disks update
to GA. - Promoted
--provisioned-iops
flag ofgcloud compute disks update
to GA.
GKE Hub
- Added
gcloud container fleet scopes|namespaces
which allows users to manage Fleet Tenancy.
Identity and Access Management
- Workforce identity federation now supports browser-based sign-in when authenticating with the Google Cloud CLI via
gcloud auth login
. To learn more, see Obtain short-lived tokens for workforce identity federation or the Azure AD or Okta-specificgcloud
CLI sign-in instructions.
Pubsub Emulator
- Added support for updating schemas.
- Fixed the inability to create topics, subscriptions, and schemas when using
the
gcloud
CLI.
Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.
419.0.0 (2023-02-22)
App Engine
- Updated the Java SDK to version 2.0.11 build from the open source project https://github.com/GoogleCloudPlatform/appengine-java-standard/releases/tag/v2.0.11.
Artifact Registry
- Fix issue where
artifacts repositories create
failed unconditionally.
Cloud Datastream
- Added new
--full-hierarchy
and--hierarchy-depth
flags for connection-profiles discover. - Deprecated
--recursive
and--recursive-depth
flags for connection-profiles-discover.
Cloud Functions
- Added support for Docker package format
{location}-docker.pkg.dev/{project}/{repository}
to--docker-repository
flag ofgcloud functions deploy
. - Fixed issue where
gcloud functions deploy
fails if the user doesn't have the permissionserviceusage.services.get
.
Cloud Logging
- Promote
--logging-optional
and--logging-optional-fields
flags ofgcloud compute backend-services create
andgcloud compute backend-services update
to GA.
Cloud Run
- Promoted
gcloud beta run jobs executions logs read
to beta, which reads logs from a selected resource. - Promoted
gcloud beta run jobs executions logs tail
to beta, which tail logs from a selected resource.
Cloud Storage
gcloud storage cp
will now silently ignore the Content-MD5 header for parallel composite uploads.gcloud storage hash
has been promoted to GA.
Firebase Test Lab
- Promoted
--client-details
flag ofgcloud firebase test [android|ios] run
to GA. This flag can be used to provide additional details to attach to the test matrix, including amatrixLabel
to help you identify and locate your test in the Firebase console.
Recaptcha
- Support creating Fastly enabled site keys using
recaptcha keys create --waf-service=fastly
.
Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.
418.0.0 (2023-02-14)
Breaking Changes
- (Cloud Dataproc) Modified
--job-id
and--yarn_application_id
flags to--job-ids
and--yarn-application-ids
respectively ingcloud dataproc clusters diagnose
command. These flags can now accept a comma separated list of job ids and yarn app ids instead of a single value.
Google Cloud CLI
- Defined "quota_project" in
gcloud auth application-default set-quota-project
command documentation. - Launched the enterprise-certificate-proxy component. See more at
$ gcloud topic client-certificate
.
AI
- Added
gcloud ai models copy
which copies a model.
AlloyDB
- Added
--clear-continuous-backup-encryption-key
flag togcloud beta alloydb clusters update
to support clearing a custom encryption configuration for Continuous Backups. - Added following flags of
gcloud alloydb instances create
andgcloud alloydb instances update
to alpha, beta and GA:--insights-config-query-string-length
--insights-config-query-plans-per-minute
--insights-config-record-application-tags
--insights-config-record-client-address
Artifact Registry
- Adding new command
gcloud artifacts vpcsc-config allow --project=my-proj --location=us-west1
. - Adding new command
gcloud artifacts vpcsc-config deny --project=my-proj --location=us-west1
. - Adding new command
gcloud artifacts vpcsc-config describe --project=my-proj --location=us-west1
. - Adding new command
gcloud artifacts repositories create my-repo --project=my-project --repository-format=maven --location=us-east1 --description="My test repo" --mode=virtual-repository --upstream-policy-file=policy.json
. - Adding new command
gcloud artifacts repositories create my-repo --project=my-project --repository-format=python --location=us-east1 --description="My python repo" --mode=remote-repository --remote-repo-config-desc="test python remote repo" --remote-python-repo=PYPI
. - Adding new command
gcloud artifacts repositories create my-repo --project=my-project --repository-format=npm --location=us-east1 --description="My npm repo" --mode=remote-repository --remote-repo-config-desc="test npm remote repo" --remote-npm-repo=NPMJS
. - Adding new command
gcloud artifacts repositories create my-repo --project=my-project --repository-format=maven --location=us-east1 --description="My test repo" --mode=remote-repository --remote-repo-config-desc="test maven remote repo" --remote-mvn-repo=MAVEN-CENTRAL
. - Adding new command
gcloud artifacts repositories create my-repo --project=my-project --repository-format=docker --location=us-east1 --description="no CRM permission" --mode=remote-repository --remote-repo-config-desc="test docker remote repo" --remote-docker-repo=DOCKER-HUB
.
BigQuery
- Added SPARK reservation assignment.
- Added main class option for Spark procedures.
- Added support for bi-engine reservation paths.
Cloud DNS
- Fixed issue with
gcloud dns response-policies
being unable to updategkeclusters
flag in GA. - Updated
gcloud dns record-sets create
andgcloud dns record-sets update
to allow referencing forwarding rules by their full resource path.
Cloud Datastream
- Modified Create/Update Stream flags that use a JSON/YAML file to use camelCase field naming instead of snake_case, to match the REST API. Old snake_case configuration files will still be supported.
Cloud Filestore
- Added
--location
flag togcloud filestore instances snapshots create
, which accepts either a zone or region and allows clients to create Enterprise and HighScale snapshots. - Added
--location
flag togcloud filestore instances snapshots delete
, which accepts either a zone or region and allows clients to delete Enterprise and HighScale snapshots. - Added
--location
flag togcloud filestore instances snapshots list
, which accepts either a zone or region and allows clients to list Enterprise and HighScale snapshots. - Added
--location
flag togcloud filestore instances snapshots update
, which accepts either a zone or region and allows clients to update Enterprise and HighScale snapshots. - Added
--location
flag togcloud filestore instances snapshots describe
, which accepts either a zone or region and allows clients to describe Enterprise and HighScale snapshots.
Cloud Firestore
- Added
--api-scope
and--query-scope
support for Firestore Index Create.
Cloud Key Management Service
- Set
--location
and--keyring
as required flags for commandsset-primary-version
,set-rotation-schedule
,get-rotation-schedule
,set-iam-policy
,get-iam-policy
.
Cloud Logging
- Allow for protocols
TCP
,UDP
andUNSPECIFIED
ingcloud compute backend-services create
andgcloud compute backend-services update
. - Added
--logging-optional
and--logging-optional-fields
flags ofgcloud compute backend-services create
andgcloud compute backend-services update
in beta to specify the optional fields to be added to the reported logs.
Cloud Run
- Fixed an issue where
gcloud run
delete commands report error sometimes even though the deletion succeeded.
Cloud Storage
- Updated gsutil component to 5.20.
- All
gcloud storage
commands that accept JSON files now also support YAML.
Compute Engine
- Promoted
--resource-policies
flag forglcloud compute reservations create
to to GA.
Distributed Cloud Edge
- Introduced the GDCE version for cluster, machine, and node-pool as output during list and describe operations.
- Added
gcloud edge-cloud networking
which allows users to configure the networking configurations on the ToRs to support customer workloads which are running in Google Distributed Cloud Edge Clusters.
Stackdriver Debugger
- Deprecated
gcloud debug
. Cloud Debugger is deprecated and will be shut down May 31, 2023. For more information, see https://cloud.google.com/debugger/docs/deprecations.
Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.
417.0.1 (2023-02-08)
App Engine Flexible Environment
- Fixing issue where App Engine Flex users cannot deploy their PHP, Java or Python applications via gcloud 417.0.0.
Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.
417.0.0 (2023-02-07)
Breaking Changes
- (Cloud IoT) Added
--device-field-mask
flag togcloud iot devices list
to have override possibility for device fieldMask. In case the API response does not include theblocked
field for any of the devices, theBLOCKED
column will disappear from the results table.
Google Cloud CLI
- Defined "quota_project" in
gcloud auth application-default set-quota-project
command documentation.
Anthos Multi-Cloud
- Modified
gcloud container azure clients create
to wait for the returned long-running operation. Use--async
flag to get the old behavior. - Modified
gcloud container azure clients delete
to wait for the returned long-running operation. Use--async
flag to get the old behavior.
Cloud Composer
- Added warning message when running commands that use the default Cloud Composer version, which will be changed soon.
Cloud Logging
- Updated
gcloud logging buckets list
command to include CMEK enabled or disabled setting.
Cloud Run
- Promoted
gcloud run jobs deploy
to beta, which allows creating or updating a Cloud Run job from a container image or source to build.
Compute Engine
- Added
REGION
column to default output ofgcloud compute target-https-proxies list
. - Promoted
gcloud compute network-attachments
to GA.
Distributed Cloud Edge
- Promoted
--vpc-project
togcloud edge-cloud container vpn-connections create
to create resources in a different GCP project than the GDCE cluster project.
Firebase Test Lab
- Promoted
gcloud firebase test [android|ios] list-device-capacities
to GA. This feature can inform your test decisions by letting you view the inventory level of device types in the Test Lab catalog. To access this information, rungcloud firebase test [android|ios] list-device-capacities
, orgcloud firebase test [android|ios] models describe [MODEL_ID]
.
Identity and Access Management
- Added
gcloud iam workforce-pools
commands for Workforce Identity Federation management.
Notebooks
- Deprecate alpha and beta notebooks.
Security Command Center
- Updated
gcloud scc custom-modules sha
command group to allow custom modules feature.
Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.
416.0.0 (2023-01-31)
Breaking Changes
- (Cloud Datalab) Removed
gcloud datalab
component (Originally removed in release 413.0.0).
AI
- Fixed an issue in
gcloud ai hp-tuning-jobs
that the values of--max-trial-count
and--max-parallel-trial-count
are not passed in the config.yaml file.
AlloyDB
- Updated
gcloud beta alloydb clusters create
andgcloud beta alloydb clusters update
to support enabling continuous backups via new--enable-continuous-backup
and--continuous-backup-recovery-window-days
and--continuous-backup-encryption-key
flags.
Anthos Identity Service
Added
--fleet-default-member-config
flag to the following commands:gcloud beta container fleet identity-service enable
gcloud beta container fleet identity-service delete
These will make it possible to configure and delete fleet default membership configurations.
App Engine
- Added the
--tunnel-through-iap
flag togcloud beta app instances scp
. Using this flag lets you use an Identity-Aware Proxy (IAP) tunnel when attempting to SCP to/from an App Engine flexible environment instance without an external IP address.
Cloud Run
- Promotes
gcloud beta run jobs logs read
to beta, which reads logs from a selected resource. - Promotes
gcloud beta run jobs logs tail
to beta, which tail logs from a selected resource.
Cloud SQL
- Promoted
gcloud sql users describe
command to GA.
Cloud Storage
- Updated gsutil component to 5.19.
- Fixed an issue causing parallel transfer commands to require elevated permissions.
Compute Engine
- Modified
gcloud compute instance-groups managed update
to support relative path for regional health check. - Added
--allow-psc-global-access
flag ofgcloud compute forwarding-rules <create|update>
to beta. - Promoted
gcloud compute resource-policies update snapshot-schedule
to beta.
Config Controller
- Fixed issue where
--full-management
flag doesn't take effect.
Immersive Stream
- Promoted
gcloud immersive-stream xr
to GA.
Kubernetes Engine
- Updates default kubectl from 1.24.9 to 1.24.10.
- Additional kubectl versions:
- kubectl.1.21 (1.21.14)
- kubectl.1.22 (1.22.17)
- kubectl.1.23 (1.23.16)
- kubectl.1.24 (1.24.10)
- kubectl.1.25 (1.25.6)
- kubectl.1.26 (1.26.1)
Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.
415.0.0 (2023-01-24)
Google Cloud CLI
- Global
--format
flag now respects thecore/default_format
property when--format=default
. Ifcore/default_format
is not set, thendefault
format isyaml
.
AI
- Modified
--region
flag ofgcloud ai endpoints
to include new online prediction regions. - Modified
--region
flag ofgcloud ai models
to include new online prediction regions. - Added
--enable-dashboard-access
flag togcloud ai custom-jobs create
andgcloud ai hp-tuning-jobs create
to allow the access to the dashboard specified in custom container.
BigQuery
- Added support for using the
auth/impersonate_service_account
property inbq
commands.
Cloud Build
- Added command groups for managing connections and repositories:
gcloud beta builds connections
andgcloud beta builds repositories
.
Cloud Dataproc
- Added
gcloud dataproc node-groups
group with commands:describe
andresize
. - Added
--driver-pool-${X}
flags togcloud dataproc clusters create
.
Cloud Firestore
- Added
--database
flag togcloud firestore operations
to add database support for Firestore operations.
Cloud On Demand Scanning
- Fixed issue with extracting packages from Go binaries built with newer versions of to the Go toolchain.
Cloud Org Policy
- Added
--update-mask
togcloud org-policies set-policy
to specify the fields to be overwritten in the policy.
Cloud Pub/Sub
- Added
gcloud pubsub schemas commit
to commit a revision for a Pub/Sub schema. - Added
gcloud pubsub schemas rollback
to roll back a revision for a Pub/Sub schema. - Added
gcloud pubsub schemas delete-revision
to delete a revision for a Pub/Sub schema. - Added
gcloud pubsub schemas list-revisions
to list all revisions for a Pub/Sub schema. - Added
--first-revision-id
and--last-revision-id
flags togcloud pubsub topics create
to create schema settings for Pub/Sub topics. - Added
--clear-schema-settings
,--schema
,--message-encoding
,--first-revision-id
and--last-revision-id
flags togcloud pubsub topics update
to update schema settings for a Pub/Sub topic.
Cloud SQL
- Promoted
gcloud sql users describe
command to beta.
Compute Engine
- Added
--update-policy-<type|max-unavailable|max-surge|minimal-action|most-disrtuptive-action|replacement-method>
flags ofgcloud compute instance-groups managed <create|update>
to GA. - Added
--update-policy-min-ready
flag ofgcloud compute instance-groups managed <create|update>
to beta. - Added
--enforce-on-key-configs
flag togcloud beta compute security-policies rules create
andgcloud beta compute security-policies rules update
.
Dataproc Metastore
- Promoted
gcloud metastore services import
flag--dump-type
to GA. - Promoted
gcloud metastore services export
flag--dump-type
to GA.
Declarative Workflows
- Make
--storage-path
,--resource-types
and--resource-types-file
mutually exclusive ingcloud beta resource-config bulk-export
.
Kpt
- Updated kpt from v1.0.0-beta.19 to v1.0.0-beta.24. See https://github.com/GoogleContainerTools/kpt/releases/tag/v1.0.0-beta.24 and previous release notes for more details.
Recommender
- Added support for
gcloud recommender recommendations mark-dismissed
.
Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.
414.0.0 (2023-01-18)
Anthos Multi-Cloud
- Added
--azure-tenant-id
and--azure-application-id
flags togcloud container azure clusters create
andgcloud container azure clusters update
to set authentication configuration for management of Azure resources. These flags replace--client
flag.
Apigee
- Fixed issue where
gcloud apigee apis describe
would demand a non-existent--revision
argument.
Cloud API Gateway
- Fixed issue where
sort-by
arguments in list commands produced type validation errors.
Cloud Build
- Added
--peered-network-ip-range
flag togcloud builds worker-pools create
.
Cloud Firestore
- Added database support for Firestore import/export.
- Added namespace_ids support for Firestore import/export.
- Added databaseId support for Firestore TTL.
- Added databaseId support for Firestore SFI.
Cloud Storage
- Add IAM and ACL-related flags.
- Updated gsutil component to 5.18.
Compute Engine
- Promoted
--external-ipv6-address
flag ofgcloud compute instances network-interfaces update
to GA. - Promoted
--external-ipv6-prefix-length
flag ofgcloud compute instances network-interfaces update
to GA. - Added keyword
network-attachment
for--network-interface
ingcloud compute instance-templates create
. - Promoted
--external-ipv6-address
flag ofgcloud compute instances create
to GA. - Promoted
--external-ipv6-prefix-length
flag ofgcloud compute instances create
to GA. - Promoted
--source-instance-template
flag ofgcloud compute reservations create
to GA.
Database Migration
- Added
gcloud database-migration conversion-workspaces seed
which seeds from a connection profile for a database-migration conversion workspace. - Added
gcloud database-migration conversion-workspaces delete
which deletes a database-migration conversion workspace. - Added
gcloud database-migration conversion-workspaces convert
which converts source entities to draft entities in a database-migration conversion workspace. - Added
gcloud database-migration conversion-workspaces apply
which applies a database-migration conversion workspace onto the destination database. - Added
gcloud database-migration conversion-workspaces list-background-jobs
which lists the background jobs in a database-migration conversion workspaces. - Added
gcloud database-migration conversion-workspaces describe-entities
which describes the database entities in a database-migration conversion workspaces.
Dataproc Metastore
- Promoted
gcloud metastore services
flag--database-type
to GA.
Kubernetes Engine
- Updates default kubectl from 1.23.15 to 1.24.9.
- Additional kubectl versions:
- kubectl.1.21 (1.21.14)
- kubectl.1.22 (1.22.17)
- kubectl.1.23 (1.23.15)
- kubectl.1.24 (1.24.9)
- kubectl.1.25 (1.25.5)
- kubectl.1.26 (1.26.0)
Network Management
- Added
appEngineVersion
andcloudRunRevision
arguments for source ingcloud network-management connectivity-tests
. This allows the user to run tests using App Engine version and Cloud Run revision endpoint types as source.
Security Command Center
- Fixed
gcloud scc findings create
to require flagevent-time
.
Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.
413.0.0 (2023-01-10)
Breaking Changes
- (Cloud Storage) Added
--fetch-encrypted-object-hashes
flag tols
andobjects list
commands. API requests to the LIST endpoint do not fetch the hashes for encrypted objects by default. If this flag is set, a GET request is sent for each encrypted object in order to fetch hashes. This can significantly increase the cost of the commands.- Previously, the fallback to GET was implemented for CSEK-encrypted objects as the default behavior. With this flag, both CSEK and CMEK are handled, and
gcloud
CLI checks if it has the necessary CSEK key before sending a GET request.
- Previously, the fallback to GET was implemented for CSEK-encrypted objects as the default behavior. With this flag, both CSEK and CMEK are handled, and
- (Kubernetes Engine) This change starts using the Client-Go Credential Plugin
gke-gcloud-auth-plugin
as noted in Client-go Credential Plugin changes.
Google Cloud CLI
- Fixed a crash during reauth when Enterprise Certificate is used.
- Fixed issue where the
gcloud
CLI would crash when invoked in PowerShell 7.3. This issue was reported at: https://issuetracker.google.com/issues/259295558. - Added
core/default_format
andcore/format
properties to config in order enable setting a default print format. Print format is first determined by global flag--format
. If--format
flag is not defined, then CLI defaults tocore/format
value. Ifcore/format
is not defined, then CLI defaults to command specific output. If command specific output is undefined, then format is determined bycore/default_format
.core/default_format
defaults to yaml format.
AI
- Modified
--region
flag ofgcloud ai model-monitoring-jobs
to include new model monitoring jobs regions. - Modified
--explanation-metadata-file
flag ofgcloud ai models upload
from required to optional. - Added optional
output-image-uri
field to--worker-pool-spec
flag ofgcloud ai custom-jobs create
to name and store the custom image built with autopackaging in the specified Google Container Registry or Artifact Registry.
Anthos Multi-Cloud
- Updated
gcloud container aws operations list
to show the underlying action (create, update, delete, etc) associated with AWS long-running operations. - Updated
gcloud container azure operations list
to show the underlying action (create, update, delete, etc) associated with Azure long-running operations. - Added
gcloud container azure operations cancel
to cancel an ongoing LRO operation on Azure resources. - Added
gcloud container aws operations cancel
to cancel an ongoing LRO operation on AWS resources. - Added
--tags
flag togcloud container aws node-pools update
to update the tags assigned to AWS node pool resources. - Added
--clear-tags
flag togcloud container aws node-pools update
to clear the tags assigned to AWS node pool resources. - Added
--autoscaling-metrics-granularity
flag togcloud container aws node-pools create
to set granularity when enabling CloudWatch metrics collection of the autoscaling group of AWS node pools. - Added
--autoscaling-metrics
flag togcloud container aws node-pools create
to enable collection of specific CloudWatch metrics of the autoscaling group of AWS node pools. - Added
--autoscaling-metrics-granularity
flag togcloud container aws node-pools update
to update the granularity of CloudWatch metrics collection for the autoscaling group of AWS node pools. - Added
--autoscaling-metrics
flag togcloud container aws node-pools update
to update the collection of specific CloudWatch metrics for the autoscaling group of AWS node pools. - Added
--clear-autoscaling-metrics
flag togcloud container aws node-pools update
to clear the CloudWatch metrics collection associated with the autoscaling group of AWS node pools. - Added
gcloud container attached operations list
to show the underlying action (create, update, delete, etc) associated with Attached clusters long-running operations. - Added
gcloud container attached operations describe
to show detailed status of a provided Attached clusters long-running operation. - Added
gcloud container attached operations wait
to wait for completion of a provided Attached clusters long-running operation.
BigQuery
- Fixed issue with timestamp normalization in Windows.
- Extended the insert flags to include a
insert_id
flag that's appended to the row number of the data to be inserted as theinsertId
field that's used for deduping newly inserted rows. This can be used to ensure repeat executions don't add unintended data.
Cloud Access Context Manager
- Promoted
gcloud access-context-manager authorized-orgs
to GA.
Cloud Build
- Removed
--subscription-filter
flag ofgcloud builds triggers create manual
.
Cloud Composer
- Added
--enable-cloud-data-lineage-integration
togcloud composer environments create/update
to enable Cloud Data Lineage integration. - Added
--disable-cloud-data-lineage-integration
togcloud composer environments update
to disable Cloud Data Lineage integration. - Enabled
db check
Airflow command executable viagcloud composer environments run
for environments with Airflow 2.3 or newer.
Cloud Datalab
- Removed
gcloud datalab
component.
Cloud Run
- Added
--env-vars-file
togcloud beta run jobs create
to add environment variables to the job from a YAML file. - Removed the call to action from
gcloud beta run integrations describe
for Redis integrations that are not ready for use.
Cloud SQL
- Added
--striped
and--stripe_count
flags togcloud sql import bak
and added--striped
flag togcloud sql export bak
to enable the striped import/export feature for SQL Server. - Promoted
--restore-database-name
flag forgcloud sql instance clone --point-in-time
to support single database PITR restore for SQL Server to beta and GA. - Added
gcloud sql users describe
command, which describes a Cloud SQL user in an instance in alpha.
Cloud Services
- Promoted
gcloud services api-keys list
in beta.- Promoted
gcloud services api-keys describe
in beta. - Promoted
gcloud services api-keys get-key-string
in beta. - Promoted
gcloud services api-keys create
in beta. - Promoted
gcloud services api-keys update
in beta.
- Promoted
Cloud Storage
- Added
gcloud storage buckets create --placement
flag. - Promoted
gcloud storage objects update
retention flags to GA.--event-based-hold
--temporary-hold
- Removed
gcloud storage buckets update --no-lock-retention-period
flag.
Cloud Workstations
- Added
gcloud beta workstations clusters create
which creates a cluster under a specified region. - Added
gcloud beta workstations configs create
which creates a workstation configuration under a specified cluster. - Added
gcloud beta workstations create
which creates a workstation under a specified config. - Added
gcloud beta workstations delete
which deletes the given workstation. - Added
gcloud beta workstations configs delete
which deletes the given config. - Added
gcloud beta workstations clusters delete
which deletes the given cluster. - Added
gcloud beta workstations describe
which displays all fields for a given workstation. - Added
gcloud beta workstations configs describe
which displays all fields for a given config. - Added
gcloud beta workstations clusters describe
which displays all fields for a given cluster. - Added
gcloud beta workstations start
which starts a specified workstation. - Added
gcloud beta workstations stop
which stops a specified workstation.
Compute Engine
- Added
-iam-policy and
-iam-policy-bindings to
gcloud beta compute backend-buckets`. - Promoted
--endpoint-type
flag ofgcloud compute addresses create
to GA. - Promoted
gcloud compute sole-tenancy node-groups simulate-maintenance-event
to beta. - Added
--all-instances-config-effective
flag ofgcloud compute instance-groups managed wait-until
to beta. - Modified
gcloud compute forwarding-rules create
to allow specifying--address
and--ip-version
at the same time.
Compute Firewall Policies
- Fixed
gcloud compute network-firewall-policies rules update
not sending an empty list to the API if a field is specified as empty.
Database Migration
- Added
gcloud database-migration private-connections create
which creates a database-migration private connection. - Added
gcloud database-migration private-connections list
which lists the database-migration private connections. - Added
gcloud database-migration private-connections describe
which describes a database-migration private connection. - Added
gcloud database-migration private-connections delete
which deletes a database-migration private connection. - Updated
gcloud database-migration connection-profiles create
to support creating Oracle connection profiles. - Updated
gcloud database-migration connection-profiles create
to support connectivity in creating Postgresql connection profiles. - Added
gcloud database-migrate conversion-workspaces create
which creates a database-migration conversion workspace. - Added
gcloud database-migrate conversion-workspaces update
which updates a database-migration conversion workspace. - Added
gcloud database-migration conversion-workspaces list
which lists the database-migration conversion workspaces. - Added
gcloud database-migration conversion-workspaces describe
which describes a database-migration conversion workspace. - Added
gcloud database-migration conversion-workspaces commit
which commits a database-migration conversion workspace. - Added
gcloud database-migration conversion-workspaces rollback
which rollbacks a database-migration conversion workspace.
Kubernetes Engine
- Updates default kubectl from 1.23.14 to 1.23.15.
- Removes kubectl.1.20, since it is no longer needed.
- Additional kubectl versions:
- kubectl.1.21 (1.21.14)
- kubectl.1.22 (1.22.17)
- kubectl.1.23 (1.23.15)
- kubectl.1.24 (1.24.9)
- kubectl.1.25 (1.25.5)
Pubsub Emulator
- Added support for Exactly-once Delivery.
Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.
412.0.0 (2022-12-13)
Breaking Changes
- (Compute Engine) Modified concurrent operation quota errors to show additional information to user instead of just error message.
Google Cloud CLI
- Added property
core/parse_error_details
. If set,gcloud
CLI will parse and display errors in a more human readable format, where available.
AI
- Modified
--region
flag ofgcloud ai endpoints
to include new online prediction regions. - Modified
--region
flag ofgcloud ai models
to include new online prediction regions. - Modified
--region
flag ofgcloud ai custom-jobs
to include new online training regions. - Modified
--region
flag ofgcloud ai hp-tuning-jobs
to include new online training regions.
AlloyDB
- Introduced
gcloud alloydb
track.
Anthos Multi-Cloud
- Promoted
gcloud container attached
to GA.
App Engine
- Updated
gcloud beta app instances ssh
to use an IAP tunnel when attempting to SSH to an instance without an external IP.
Cloud Build
- Modified one of
gcloud builds triggers run --branch
,gcloud builds triggers run --tag
, andgcloud builds triggers run --sha
flag to be required. - Make
--region
flag visible inbuilds triggers create
command group. Set--dockerfile
flag as required forbuilds triggers create
command group. - Ungroup
--build-config
flag and--inline-config
flag forbuilds triggers create
command group. - Promoted
gcloud builds triggers
to GA.
Cloud Composer
- Added
gcloud composer environments snapshots load
- to load a snapshot into the environment. - Added
gcloud composer environments snapshots save
- save a snapshot of the environment. - Added
--enable-scheduled-snapshot-creation
togcloud composer environments create/update
to enable snapshots of the environment creation according to a schedule. Can be specified for Composer 2.0.32 or greater. - Added
--snapshot-creation-schedule
togcloud composer environments create/update
to specify cron expression when snapshots of the environment should be created. - Added
--snapshot-location
togcloud composer environments create/update
to specify the Cloud Storage location for storing automatically created snapshots. - Added
--snapshot-schedule-timezone
togcloud composer environments create/update
to specify Timezone that sets the context to interpret snapshot_creation_schedule. - Added
--disable-scheduled-snapshot-creation
togcloud composer environments update
to disable the automatic snapshots creation.
Cloud Datastream
- Fixed issue where
gcloud datastream create
failed for Postgresql source config.
Cloud Functions
- Added
--cpu
flag togcloud beta functions deploy
for 2nd Gen functions to alpha and beta. - Added
--concurrency
flag togcloud beta functions deploy
for 2nd Gen functions to alpha and beta.
Cloud Pub/Sub
- Added
--event-time
and--publish-time
flags togcloud pubsub lite-subscriptions create
to create Pub/Sub Lite subscriptions from a nominated timestamp. - Added
--export-pubsub-topic
,--export-dead-letter-topic
and--export-desired-state
flags togcloud pubsub lite-subscriptions create
to create Pub/Sub Lite export subscriptions. - Added
--export-pubsub-topic
,--export-dead-letter-topic
and--export-desired-state
flags togcloud pubsub lite-subscriptions update
to update Pub/Sub Lite export subscriptions.
Cloud SQL
- Added
--enable-google-private-path
flag togcloud sql instances create
andgcloud sql instances patch
commands in Alpha, Beta, and GA. This field specifies whether the instance is accessible to internal Google Cloud services such as BigQuery. This is applicable only to MySQL and PostgreSQL instances that don't use public IP. Currently, SQL Server isn't supported.
Cloud Services
- Promoted
gcloud services api-keys delete
to beta. - Promoted
gcloud services api-keys undelete
to beta.
Cloud Workstations
- Added
gcloud beta workstations configs list
which lists workstation configs under a specified cluster.
Config Controller
- Added
--full-management
flag togcloud anthos config controller create
to allow creating Config Controller on GKE Autopilot instances.
Database Migration
- Updated
gcloud database-migration connection-profiles create
to support creating AlloyDB connection profiles.
Firebase Test Lab
- Added
--robo-script
flag togcloud firebase test ios run
to customize an iOS Robo crawl with a Robo script.
Identity and Access Management
- Added
--executable-interactive-timeout-millis
flag togcloud iam workforce pools create-cred-config
. This enables using executable-sourced credentials with user interactivity withgcloud auth login --cred-file=/path/to/interactive/executable/config.json
when using Workforce Identity Federation.
Kubernetes Engine
- Added
--stack-type
and--ipv6-access-type
arguments togcloud container clusters create
command to support dual stack GKE clusters. - Added
--stack-type
argument togcloud container clusters update
command to support changing stack type between IPv4 and dual stack GKE clusters. - Added
--ephemeral-storage-local-ssd
togcloud beta container clusters create
,gcloud beta container node-pools create
,gcloud container clusters create
,gcloud container node-pools create
. This flag is used to configure nodes' ephemeral storage to be backed by local SSDs. - Added
--local-nvme-ssd-block
togcloud beta container clusters create
,gcloud beta container node-pools create
,gcloud container clusters create
,gcloud container node-pools create
. This flag is used to initialize nodes in node-pool with raw-block local NVMe SSDs attached.
Notebooks
- Added support for Shielded VM configuration to
gcloud notebooks instances create
. - Added support for reservation configuration to
gcloud notebooks instances create
.
Terraform
- Added zone and region option for
gcloud beta terraform vet
.
Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.
411.0.0 (2022-12-06)
Breaking Changes
- (Compute Engine) Added rhel-9 and rhel-9-byol options to
--os
flag for:gcloud compute images import
in GA,gcloud compute instances import
in GAgcloud compute machine-images import
in GA
Google Cloud CLI
- Added
gcloud topic
command group to alpha and beta.
App Engine
- Add
--service-account
flag ofgcloud app create
to GA, which allows to create an app with a user-managed service account. - Add
--service-account
flag ofgcloud app update
to GA, which allows to update the app with a user-managed service account.
App Engine Flexible Environment
- Add
--service-account
flag ofgcloud app create
to GA, which allows to create an app with a user-managed service account. - Add
--service-account
flag ofgcloud app update
to GA, which allows to update the app with a user-managed service account.
BigQuery
- Expose enable_resumable_uploads flag in public bq.
- Formatting fix for bigquery_client.py.
- Changed "locking" Owned Test Accounts to "getting" to avoid overloading AccountProviderService.
- Extended api logging to include URIs of requests.
- Extends encodings supported during file upload.
- Messages and fails early when the user tries to upload with an invalid schema.
- Adds support for GOOGLE_CLOUD_QUOTA_PROJECT environment variable.
- Adds configuration for external accounts using token_uri.
- Dataset name validation and feedback.
Cloud Bigtable
- Promoted
gcloud bigtable instances tables create
to beta and GA. - Promoted
gcloud bigtable instances tables delete
to beta and GA. - Promoted
gcloud bigtable instances tables update
to beta and GA. - Added
include-stats
option tocbt lookup
andcbt read
commands. - Added
cbt notices
command, which displays licenses covering all direct and indirect dependencies.
Cloud Build
- Bugfix to enforce limits to be applied after filters.
- Added
--enterprise-config
flag tobuilds triggers create github
to support creating GitHub Enterprise trigger.
Cloud Composer
- Added
--enable-scheduled-snapshot-creation
togcloud beta composer environments create/update
to enable snapshots of the environment creation according to a schedule. Can be specified for Composer 2.0.32 or greater. - Added
--snapshot-creation-schedule
togcloud beta composer environments create/update
to specify cron expression when snapshots of the environment should be created. - Added
--snapshot-location
togcloud beta composer environments create/update
to specify the Cloud Storage location for storing automatically created snapshots. - Added
--snapshot-schedule-timezone
togcloud beta composer environments create/update
to specify Timezone that sets the context to interpret snapshot_creation_schedule. - Added
--disable-scheduled-snapshot-creation
togcloud beta composer environments update
to disable the automatic snapshots creation.
Cloud Firestore
- Add apiScope output for Firestore index. ApiScope can be viewed in
gcloud firestore indexes composite list
andgcloud firestore indexes composite describe
. - Added databaseId support for Firestore index.
Cloud IDS
- Added
--threat_exceptions
flag to exclude certain threat types from being reported.
Cloud Key Management Service
- Modified
gcloud kms import-jobs create
to accept new SHA256 import methodsrsa-oaep-3072-sha256
,rsa-oaep-3072-sha256-aes-256
,rsa-oaep-4096-sha256
, andrsa-oaep-4096-sha256-aes-256
.
Cloud Pub/Sub
- Promoted
--enable-exactly-once-delivery
flag ofgcloud pubsub subscriptions create
to GA. - Promoted
--enable-exactly-once-delivery
flag ofgcloud pubsub subscriptions update
to GA.
Cloud Run
- Promoted
--execution-environment
ofgcloud run
from beta to GA. - Fixed issue where
gcloud beta run jobs execute
with--wait
flag, and other jobs commands to wait for an execution to complete, failed to wait more than 30 minutes. - Fixed issue where
gcloud beta run integrations delete
failed when the associated Cloud Run service is deleted.
Cloud SQL
- Promoted
--timeout
flag forgcloud sql instances create
to GA. - Added
--restore-database-name
flag togcloud sql instance clone --point-in-time
to support single database PITR restore for SQL Server.
Cloud Services
- Updated
gcloud services list
to retry 429 errors. - Set the default page size for
gcloud services list
to 200. - Promoted
gcloud services api-keys lookup
to beta.
Cloud Spanner
- Added
--skip-init
flag togcloud spanner samples run
.
Cloud Storage
- Promoted
gcloud storage buckets update
retention flags to GA.--default-event-based-hold
--retention-period
--clear-retention-period
--lock-retention-period
- Promoted
gcloud storage buckets update --uniform-bucket-level-access
to GA. - Rebuilt
gcloud-crc32c
1.0.0 on latest version of golang. - Updated gsutil component to 5.17.
Compute Engine
- Added
--merge-source-commitment
togcloud compute commitments create
for beta and GA. - Fixed issue where
gcloud compute instance-groups unmanaged list-instances
would fail to fall back to thecompute/zone
property when--zone
was missing. - Added customRequestHeaders and customResponseHeaders to modifiable fields list in
gcloud compute backend-services edit
.
Dataproc Metastore
- Added support for querying and mutating Dataproc Metastore metadata. The following commands have been added to the alpha and beta release tracks:
metastore services queryMetadata
metastore services alterLocation
metastore services moveTableToDatabase
Distributed Cloud Edge
- Added warning to long running operation metadata of
gcloud edge-cloud container cluster create/update
when the cluster has a maintenance window configuration that overlaps with other clusters' in the same project.
Firebase Test Lab
- Added
--type=robo
flag togcloud firebase test ios run
to support running iOS Robo tests.
GKE Hub
- Fixed bug in
gcloud container fleet
andgcloud container hub
command groups where a membership with ambiguous location was not given default valueglobal
.
Kubernetes Engine
- Promoted
--cluster-dns-scope=cluster
flag ofgcloud container clusters create
andgcloud container clusters update
to GA. - Promoted
--binauthz-evaluation-mode=MONITORING
,binauthz-evaluation-mode=MONITORING_AND_PROJECT_SINGLETON_POLICY_ENFORCE
, and--binauthz-policy
flags ofgcloud container clusters create
,gcloud container clusters create-auto
, andgcloud container clusters update
to beta. - Corrected outdated description help text of
gcloud container node-pools delete
. - Promoted
--placement-type
flag forgcloud container clusters create
command to GA. - Promoted
--placement-type
flag forgcloud container node-pools create
command to GA. - Added
--async
flag togcloud container node-pools create/update
to allow the in-progress operation to be returned, instead of the node pool. - Additionally, default formatting for
gcloud container node-pools create/update/delete --async
has been added to provide a more human-readable format of the operation; potentially impacting parsing of output. It is recommended to use--format
when parsinggcloud
CLI output. - Updates default kubectl from 1.22.14 to 1.23.14.
Additional kubectl versions:
- kubectl.1.20 (1.20.15)
- kubectl.1.21 (1.21.14)
- kubectl.1.22 (1.22.15)
- kubectl.1.23 (1.23.14)
- kubectl.1.24 (1.24.8)
- kubectl.1.25 (1.25.4)
Added
--windows-os-version
flag togcloud container node-pools create/update
to allow create Windows node pools using Windows Server LTSC 2022 Containerd node image.
Media CDN
- Added
gcloud edge-cache
command group to enable configuration of Media CDN.
Network Connectivity
- Promoted
gcloud network-connectivity internal-ranges
command group to GA.
Network Security
- Promoting networksecurity firewall API to v1beta1.
- Promoted commands under
gcloud network-security org-address-groups
andgcloud network-security address-groups
to beta.
Recommender
- Added billing account scope support for
gcloud recommender recommender-config describe
. - Added billing account scope support for
gcloud recommender recommender-config update
. - Added billing account scope support for
gcloud recommender insight-type-config describe
. - Added billing account scope support for
gcloud recommender insight-type-config update
.
Terraform
- Added support for environment variables
GOOGLE_PROJECT
,GOOGLE_CLOUD_PROJECT
,GCLOUD_PROJECT
ingcloud beta terraform vet
. - Fixed an issue where
gcloud beta terraform vet
would fail while trying to format and output pre-formatted error strings.
Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.
410.0.0 (2022-11-15)
Google Cloud CLI
- Added
gcloud topic endpoint-override
for details on overriding the default api URL.
AI
- Added asia-southeast2, europe-central2, and us-south1 options to
--region
flag ofgcloud ai custom-jobs
andgcloud ai hp-tuning-jobs
.
AlloyDB
- Introduced the following commands:
gcloud beta alloydb clusters create-secondary
,gcloud beta alloydb instances create-secondary
,gcloud beta alloydb clusters promote
.
App Engine
- Updated the Java SDK to version 2.0.10 build from the open source project https://github.com/GoogleCloudPlatform/appengine-java-standard/releases/tag/v2.0.10.
Artifact Registry
- Update maven and gradle plugin versions to 2.2.0.
Assured Workloads
- Added
SOVEREIGN_CONTROLS_BY_T_SYSTEMS
as an option for--partner
flag ofgcloud assured workloads create
command (available for both beta and GA).
Cloud Asset Inventory
- Promoted
gcloud asset query
command to GA.
Cloud Bigtable
- Added
stats
option to--view
flag forbigtable instances tables describe
.
Cloud Composer
- Added
--enable-triggerer
togcloud beta composer environments create/update
to allow usage of deferrable operators in dags. - Added
--triggerer-cpu
togcloud beta composer environments create/update
to specify CPU allocated to Airflow triggerer. - Added
--triggerer-memory
togcloud beta composer environments create/update
to specify memory allocated to Airflow triggerer. - Added
--disable-triggerer
togcloud beta composer environments update
to disable Airflow triggerer.
Cloud Dataproc
- Added
--async
flag togcloud dataproc jobs kill
.
Cloud Datastream
- Added the
max_concurrent_cdc_tasks
support to--mysql-source-config
and--oracle-source-config
flags ingcloud datastream streams
. - Fixed issue where
stream create
using amysql-source-config
ororacle-source-config
with column level filtering fails to create.
Cloud Functions
- Fixed issue where
gcloud functions list
would crash when a 2nd Gen-only region was specified using--regions
. - Updated
gcloud function describe
to look up both 1st Gen and 2nd Gen environments for the function. When--gen2
flag is specified, only 2nd Gen functions will be looked up.
Cloud Run
- Promoted
gcloud run services logs read
andgcloud run revisions logs read
to beta, which reads logs from a selected resource. - Promoted
gcloud run services logs tail
andgcloud run revisions logs tail
to beta, which tail logs from a selected resource. - Added
--execute-now
and--wait
flags togcloud beta run job update
to immediately execute the job after update and wait for completion. - Promoted
gcloud beta run integrations
command group and all sub-commands to beta.
Compute Engine
- Promoted
--list-managed-instances-results
flag forgcloud compute instance-groups managed create
andgcloud compute instance-groups managed update
to GA. - Fixed
--network-interface
to mark the public IP asNone
when--no-address
is specified.
GKE Hub
- Fixed issue where
gcloud container fleet memberships
commands did not output memberships with missing cluster. - Fixed bug in
gcloud container fleet config-management version
where memberships were stuck with version "NA".
Identity and Access Management
- Added support for retrieving the token introspection endpoint through external account credentials.
Kubernetes Engine
- Added
--labels
flag togcloud container node-pools create/update
to allow creating and updating node pools with GCP labels.
VPC Access
- Promoted
gcloud compute networks vpc-access connectors update
to beta.- Enables updating of
min-instances
,max-instances
andmachine-type
of already existing vpc-access connectors.
- Enables updating of
Vmware Engine
- Added commands for managing resources:
- Locations
- Operations
- VMwareEngine networks
- Network policies
- Node types
- Private clouds
- Clusters
- HCX activation keys
- NSX credentials
- VCenter credentials
- Subnets
Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.
409.0.0 (2022-11-08)
Breaking Changes
- (Compute Engine) Modified stockout errors to show entire error object to user in yaml format instead of just error message.
- (Compute Engine) Modified quota exceeded errors to show additional information to user instead of just error message.
Google Cloud CLI
- Modified
gcloud config list
to accept both a section name and--all
flag. The command will display all the set and unset properties when specifying both.
Anthos Multi-Cloud
- Added
--allow-missing
flag to the following command groups:gcloud container aws clusters delete
,gcloud container aws node-pools delete
,gcloud container azure clients delete
,gcloud container azure clusters delete
,gcloud container azure node-pools delete
, to allow the delete request to succeed, even if the cluster, node-pool or client resource does not exist.
Cloud Composer
- Added
--skip-airflow-overrides-setting
togcloud beta composer snapshots load
to allow skipping setting Airflow overrides from the snapshot. - Added
--skip-environment-variables-setting
togcloud beta composer snapshots load
to allow skipping setting environment variables from the snapshot. - Added
--skip-gcs-data-copying
togcloud beta composer snapshots load
to allow skipping copying dags, plugins and data folders from the snapshot.
Cloud Datastream
- Added the
max_concurrent_cdc_tasks
support to--mysql-source-config
and--oracle-source-config
flags ingcloud datastream streams
.
Cloud Filestore
- Fixed issue where
--kms-key
was being ignored ingcloud filestore backups create
command.
Cloud Firestore Emulator
- Promoted
gcloud emulators firestore
to GA. - Release Cloud Firestore emulator v1.15.1
- feat: allow users to configure websocket port
Cloud Functions
- Fixed issue where
gcloud functions list
would crash when a 2nd Gen-only region was specified using--regions
.
Cloud Logging
- Updated
gcloud logging read
to accept multiple resources to query using a new--resource-names
flag.
Cloud SQL
- Added the following flags to
gcloud sql instances create
in BETA:--timeout
Compute Engine
- Added
--split-source-commitment
togcloud compute commitments create
for beta and GA. - Promoted
any-single-zone
value support for the flag--target-distribution-shape
ofgcloud compute instance-groups managed create
/update
to beta. - Added keyword
network-attachment
for--network-interface
ingcloud compute instances create
. - Promoted
--max-run-duration
flag ofgcloud compute instances create
to beta.- Allows specifying the duration of time after which the instance will terminate.
- Promoted
--termination-time
flag ofgcloud compute instances create
to beta.- Allows specifying the timestamp that the instance will terminate.
- Added 3 additional accepted values to
--enforce-on-key
forgcloud compute security-policies rules create|update
and promoted it to GA. - Promoted
gcloud compute network-edge-security-services
command group to GA. - Promoted
--region
and '--global' flags ofgcloud compute security-policies
to GA. - Promoted
--network-ddos-protection
flag ofgcloud compute security-policies update
to GA.
Distributed Cloud Edge
- Removed unsupported GPU_TYPE field from
gcloud edge-cloud container machines list
. This field will be restored once the API provides accurate GPU information.
GKE Hub
- Fixed a bug where
gcloud container fleet memberships get-credentials
andgcloud container hub memberships get-credentials
would not return an error when the membership argument was left empty.
Kubernetes Engine
- Corrected outdated description help text of
gcloud container node-pools delete
. - Added
--private-endpoint-subnetwork
and--enable-google-cloud-access
flags togcloud container clusters create
andgcloud container clusters create-auto
. - Added
--enable-google-cloud-access
and--enable-private-endpoint
flags togcloud container clusters update
. - Added
--enable-private-nodes
flag togcloud container node-pools create
andgcloud container node-pools update
.
Notebooks
- Added
gcloud notebooks instances diagnose
andgcloud notebooks runtimes diagnose
commands to GA. These commands provide access to the AI Platform Notebooks new Diagnose API.
Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.
408.0.1 (2022-11-02)
BigQuery
- Adds various fixes to PSC environments.
- Adds support for random forest models as part of BQML.
Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.
408.0.0 (2022-11-01)
Breaking Changes
- (Cloud Storage) Lifecycle and CORS settings files now use camel case instead of snake case to match the API documentation. Example: http://cloud/storage/docs/json_api/v1/buckets#lifecycle.
AI
- Added more available regions to
gcloud ai model-monitoring-jobs
. - Added
--version-description
flag togcloud ai models upload
to support setting model version description.
BigQuery
- Add missing open source licenses.
- Expose Iceberg for public preview.
Cloud Composer
- Added
--connection-type
flag togcloud beta composer environments create
andgcloud composer environments create
command to allow forcing the use of VPC peerings for internal communication.
Cloud Deploy
- Added
initial-rollout-labels
andinitial-rollout-annotations
flags togcloud deploy releases create
command.
Cloud SQL
- Promoted
--connector_enforcement
flag forgcloud sql instances create
andgcloud sql instances patch
to GA.
Cloud Storage
- Updated gsutil component to 5.16.
Compute Engine
- Promoted
--discard-local-ssd
flag ofgcloud compute instances stop
to beta. - Promoted
--force-update-on-repair
flag ofgcloud compute instance-groups managed <create | update>
to beta. - Fixed missing ephemeral IP when neither
--address
nor--no-address
keys are provided with--network-interface
flag during instance template creation.
GKE Hub
- Changed membership-related flags in
gcloud container fleet
andgcloud container hub
command groups to resource arguments, adding--location
flag andLOCATION
column in list commands.
Kubernetes Engine
- Promoted
--enable-managed-prometheus
flag ofgcloud container clusters create/update
to GA. - Promoted
--disable-managed-prometheus
flag ofgcloud container clusters update
to GA.
Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.
407.0.0 (2022-10-25)
Breaking Changes
- (Cloud Run) Now
gcloud beta run jobs update
command removes existing Binary Authorization breakglass justification if--breakglass
flag is not set. - (Cloud Run) In
gcloud run deploy
andgcloud run services update
,--set-secrets
,--remove-secrets
, and--update-secrets
flags now support mounting multiple versions of the same secret in the same directory. - (Cloud Run)
- If multiple different secrets are requested to be mounted in the same
directory, including for secrets already set on the service in the case
of
--update-secrets
, the operation will now fail instead of silently overriding all secret versions with the last one specified.
- If multiple different secrets are requested to be mounted in the same
directory, including for secrets already set on the service in the case
of
- (Compute Engine) Removed
--csek-key-file
flag ofgcloud beta compute instances resume
- Removing since instance suspend and resume do not support CSEK
- If your instance with CSEK protection is suspended, please stop the instance then restart it and file a bug.
Assured Workloads
- Added ASSURED_WORKLOADS_FOR_PARTNERS as an option for
--compliance-regime
flag ofgcloud assured workloads create
command. - Added
--partner
flag (optional) forgcloud assured workloads create
command to enable creation of partner workload (workload managed by local trusted partners) through gCloud command.
Cloud DNS
- Promoted
gcloud dns managed-zones get-iam-policy
andgcloud dns managed-zones set-iam-policy
to GA.
Cloud Dataplex
- Promoted Content command group to GA.
- Promoted Environment command group to GA.
Cloud Datastream
- Added
postgresql
type to--type
flag ofdatastream connection-profiles <create/update>
. - Added
postgresql
type to--postgresql-rdbms-file
flag ofdatastream connection-profiles discover
. - Added
--postgresql-source-config
flag togcloud datastream streams <create/update>
. - Added
postgresql
type to--type
flag ofdatastream connection-profiles <create/update>
.
Cloud Filestore
- Added
--kms-key
flag togcloud beta filestore backups create
, which allows an Enterprise or High Scale backup to be created that is encrypted with a CMEK key." => "which creates a backup with an associated customer-managed encryption key (CMEK). Only available for Enterprise or High Scale tier instances. - Added
--location
flag togcloud beta filestore instances restore
, which restores Enterprise instances." => "restore Basic HDD, Basic SSD, and Enterprise tier instances. - Added
--instance-location
flag togcloud beta filestore backups create
, which accepts either a zone or region and allows clients to create Basic HDD, Basic SSD, and Enterprise tier backups.
Cloud SQL
- Added the following flags to
gcloud sql instances create
andgcloud sql instances patch
in BETA:--connector_enforcement
Cloud Storage
- Updated gsutil component to 5.15.
Cloud Workstations
- Promoted
gcloud beta workstations
commands to beta for Preview.
Compute Engine
- Promoted
--source-machine-image
,--source-machine-image-csek-key-file
, and--erase-windows-vss-signature
flags ofcompute instances create
to GA. - Fixed an issue with
--create-disk
and--disk
flags that causesgcloud compute instance-templates create
orgcloud compute instance-templates create-with-container
to fail when attaching a boot disk. - Promoted
--region
flag forcompute target-tcp-proxies
to GA.
Compute Firewall Policies
- Fixed bug in
gcloud compute network-firewall-policies rules update
that would causesrc-secure-tags
to not be updated.
GKE Hub
- Modified
gcloud container fleet memberships register
to skip Connect agent installation for GKE clusters by default. Use--install-connect-agent
flag to get the old behavior. - Modified
gcloud container fleet memberships unregister
to skip Connect agent uninstallation for GKE clusters by default. Use--uninstall-connect-agent
flag to get the old behavior. - Added
--install-connect-agent
flag togcloud container fleet memberships register
andgcloud container hub memberships register
to install connect agent on GKE clusters. - Added
--uninstall-connect-agent
flag togcloud container fleet memberships unregister
andgcloud container hub memberships unregister
to uninstall Connect agent on GKE clusters.
Identity and Access Management
- Added
gcloud iam policies create
which creates a deny policy on the given attachment point with the given name. - Added
gcloud iam policies delete
which deletes a deny policy on the given attachment point with the given name. - Added
gcloud iam policies get
which gets a deny policy on the given attachment point with the given name. - Added
gcloud iam policies list
which lists the deny policies on the given attachment point. - Added
gcloud iam policies update
which updates the deny policy on the given attachment point with the given name. - Updated External Account URL validation to allow PSC endpoints.
Kubernetes Engine
- Added
--gateway-api
flag togcloud container clusters create
andgcloud container clusters update
which allows users to turn on the GKE Gateway controller for their cluster and to select the Gateway API release channel they want to use.
Security Command Center
- Updated
gcloud scc notifications update
to allow for project and folder parents. - Updated
gcloud scc notifications create
to allow for project and folder parents. - Updated
gcloud scc notifications delete
to allow for project and folder parents. - Updated
gcloud scc notifications list
to allow for project and folder parents. - Updated
gcloud scc notifications describe
to allow for project and folder parents.
Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.
406.0.0 (2022-10-17)
Breaking Changes
- (Cloud Storage) Changed "Additional Properties" formatting for
ls -L
to print condensed JSON object instead of JSON list withkey
andvalue
keys before every key and value. - (Kubernetes Engine) Remove deprecated
--istio-config
flag ofgcloud beta container clusters create
andgcloud beta container clusters update
.
Anthos Multi-Cloud
- Promoted
--logging
flag togcloud container aws clusters create
andgcloud container azure clusters create
to update the logging config. - Promoted
--logging
flag togcloud container aws clusters update
andgcloud container azure clusters update
to update the logging config. - Added
--annotations
flag togcloud container azure node-pools create
to set the annotations field when creating Azure node pools. - Added
--annotations
flag togcloud container azure node-pools update
to update the annotations of Azure node pools. - Added
--clear-annotations
flag togcloud container azure node-pools update
to clear the annotations of Azure node pools.
Bare Metal Solution
- Promoted
gcloud bms nfs-shares create
to GA. - Promoted
gcloud bms nfs-shares delete
to GA. - Promoted
gcloud bms volumes restore
to GA. - Promoted
gcloud bms volumes snapshot
to GA. - Promoted
gcloud bms volumes snapshots describe
to GA. - Promoted
gcloud bms volumes snapshots list
to GA. - Promoted
gcloud bms volumes snapshots delete
to GA. - Promoted
--add-allowed-client
flag ofgcloud bms nfs-shares update
to GA. - Promoted
--remove-allowed-client
flag ofgcloud bms nfs-shares update
to GA. - Promoted
--clear-allowed-clients
flag ofgcloud bms nfs-shares update
to GA. - Promoted
gcloud bms instances stop
to GA.
BigQuery
- Fixed issue with
--api
flag in external clients. - Added support for the target_job_concurrency flag and begins deprecating the concurrency flag.
- Added the max_staleness flag for external tables.
- Added support for SIMPLE with the object_metadata flag.
- Added ZSTD as an extract option.
Certificate Manager
- Added
gcloud certificate-manager issuance-configs
command group to beta. Commands in this group allow for configuring Private Trust certificate issuance. - Added
--issuance-config
flag forgcloud certificate-manager certificates create
command to beta. The flag allows configuring managed certificates issuance with Private Trust.
Cloud Access Context Manager
- Changed
--level
flag ofgcloud access-context-manager cloud-bindings create
andgcloud access-context-manager cloud-bindings update
to take a string input instead of a resource:- No change is required on any previous configurations as a result of this change.
Cloud Datastream
- Added BigQuery destination type support.
Cloud Firestore Emulator
- Promoted
gcloud emulators firestore
to GA.
Cloud SQL
- Added the following flags to
gcloud sql instances create
andgcloud sql instances patch
for ALPHA:--connector_enforcement
Cloud TPU
- Promoted
--shielded-secure-boot
flag ofgcloud compute tpus tpu-vm
to GA.
Compute Firewall Policies
- Updated
gcloud compute firewall-policies rules create
to include help text forsrc-threat-intelligence
,src-fqdns
,src-region-codes
,src-address-groups
,dest-threat-intelligence
,dest-fqdns
,dest-region-codes
anddest-address-groups
. - Updated
gcloud compute firewall-policies rules update
to include help text forsrc-threat-intelligence
,src-fqdns
,src-region-codes
,src-address-groups
,dest-threat-intelligence
,dest-fqdns
,dest-region-codes
anddest-address-groups
. - Updated
gcloud compute network-firewall-policies rules create
to include help text forsrc-threat-intelligence
,src-fqdns
,src-region-codes
,src-address-groups
,dest-threat-intelligence
,dest-fqdns
,dest-region-codes
anddest-address-groups
. - Updated
gcloud compute network-firewall-policies rules update
to include help text forsrc-threat-intelligence
,src-fqdns
,src-region-codes
,src-address-groups
,dest-threat-intelligence
,dest-fqdns
,dest-region-codes
anddest-address-groups
. - Promoted
--src-address-groups
and--dest-address-groups
flags to beta ingcloud compute firewall-policies rules create
,gcloud compute firewall-policies rules update
,gcloud compute network-firewall-policies rules create
andgcloud compute network-firewall-policies rules update
commands. - Promoted
--src-fqdns
and--dest-fqdns
flags to beta ingcloud compute firewall-policies rules create
,gcloud compute firewall-policies rules update
,gcloud compute network-firewall-policies rules create
andgcloud compute network-firewall-policies rules update
commands.
Kpt
- Updated kpt from v1.0.0-beta.15 to v1.0.0-beta.19. https://github.com/GoogleContainerTools/kpt/releases.
Kubernetes Engine
- Promoted the GKE add-on
BackupRestore
ofgcloud container clusters <create|update>
to GA. This add-on is disabled by default.- Use
--addons=BackupRestore
to enable the add-on during cluster creation. - Use
--update-addons=BackupRestore=ENABLED|DISABLED
to enable/disable the add-on for existing GKE clusters.
- Use
Managed Active Directory
- Promoted
gcloud active-directory domains extend-schema
to GA.
Network Security
- Updated
gcloud network-security address-groups list
to include theTYPE
,CAPACITY
andUSAGE
columns in the output. - Updated
gcloud network-security org-address-groups list
to include theTYPE
,CAPACITY
andUSAGE
columns in the output.
Security Command Center
- Updated
gcloud scc notifications update
to allow for project and folder parents. - Updated
gcloud scc notifications create
to allow for project and folder parents. - Updated
gcloud scc notifications delete
to allow for project and folder parents. - Updated
gcloud scc notifications list
to allow for project and folder parents.
405.0.1 (2022-10-14)
GKE Hub
- Updated
gke-gcloud-auth-plugin
to 0.4.0.
Cloud Bigtable
- Updated the version of
cbt
to v1.12.1.
Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.
405.0.0 (2022-10-04)
Google Cloud CLI
- Fixed issue where revoking impersonated ADC credentials caused a crash.
- Fixed issue where it was not possible to set a logging configuration when creating a regional backend service in alpha and beta.
Anthos Multi-Cloud
- Added
--tags
flag togcloud container aws clusters update
to update the tags assigned to control plane replicas. - Added
--clear-tags
flag togcloud container aws clusters update
to clear the tags assigned to control plane replicas.
App Engine
- Updated the Java SDK to version 2.0.9 build from the open source project https://github.com/GoogleCloudPlatform/appengine-java-standard.
- Fixed https://github.com/GoogleCloudPlatform/app-maven-plugin/issues/480.
Artifact Registry
- Automatically creates missing repos for
gcloud beta artifacts settings enable-upgrade-redirection
command.
Batch
- Promoted
gcloud batch
to GA track.
Cloud Dataplex
- Updated
gcloud dataplex tasks create
to support scheduling notebooks.
Cloud Firestore
- Promoted
gcloud firestore fields ttls
command group to GA.
Cloud Spanner
- Promoted
gcloud spanner instance-configs [create|update|delete]
to GA.
Cloud SQL
- Promoted
--time-zone
flag ofgcloud sql instances create
command to GA. - Provided a helpful error message when Cloud SQL Proxy fails to start during
gcloud sql connect
command.
Cloud Run
- Added
gcloud beta run jobs replace
to deploy a job from yaml.
Compute Engine
- Added ubuntu-2204 and windows-11-x64-byol options to
--os
flag for:gcloud compute images import
in GA,gcloud compute instances import
in GAgcloud compute machine-images import
in GA
- Updated
gcloud compute instance-templates create
not to crash ifinstantiate-from
value is not specified in--configure-disk
when using--source-instance
flag. - Promoted
--md5-authentication-key
flag ofgcloud compute routers add-bgp-peer
to GA. - Promoted
--md5-authentication-key
and--clear-md5-authentication-key
flags ofgcloud compute routers update-bgp-peer
to GA.
Firebase Test Lab
- Delayed displaying information about the number of devices used until after all executions are created.
Identity and Access Management
- Fixed an issue that would cause the Google Cloud CLI to crash when using invalid External Account Credentials.
Kubernetes Engine
- Added a prompt when passing
--enable-binauthz
togcloud container clusters update
that acknowledges the current version of Binary Authorization will be downgraded. - Promoted
--enable-cost-allocation
flag ofgcloud container clusters create
to GA. - Promoted
--enable-cost-allocation
flag ofgcloud container clusters update
to GA.
Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.
404.0.0 (2022-09-27)
App Engine
- Updated the Java SDK to version 2.0.8 build from the open source project https://github.com/GoogleCloudPlatform/appengine-java-standard.
- Updated
gcloud app instances ssh
to explicitly error when attempting to SSH to an instance without an external IP.
Assured Workloads
- Promoted
gcloud assured workloads violations
commands to GA. This command provides the ability to create new Assured Workloads environment resources.
Batch
- Improved error message formats for
gcloud batch jobs submit
unparsable json config file,gcloud batch jobs describe
job andgcloud batch tasks describe
task that does not exist. - Added new
batch/location
property that can be used to set a default location. To set the properties, rungcloud config set batch/location LOCATION
.
BigQuery
- Add support for storage_billing_model flag for datasets.
- Allow users to log in with pluggable-auth based external account credentials.
- Add support for configuring the access token lifetime for service account impersonation when using external account credentials.
- Add session support for load jobs.
Cloud Asset Inventory
- Added
--saved-analysis-query
option togcloud asset analyze-iam-policy
, which runs a saved analysis query when specified. - Added
gcloud asset saved-queries
commands, which creates, retrieves, updates and deletes saved queries in a specified project, folder or organization.
Cloud Memorystore
- Added
--maintenance-version
flag togcloud beta redis instances update
to allow updating a maintenance version when updating an instance.
Cloud Storage
- Added
storage/key_store_path
property for encryption/decryption keys. - Updated gsutil component to 5.14.
Compute Engine
- Promoted
--region
forgcloud compute ssl-policies
to GA.
Eventarc
- Updated
gcloud eventarc triggers list
to return the locations of triggers.
Identity and Access Management
- Fixed bug that occurs when switching external account credentials.
Kubernetes Engine
- Adds new kubectl v1.25 for GKE rapid channel.
- Removes old kubectl v1.19.
- Updates default kubectl from 1.22.12 to 1.22.14.
- Additional kubectl versions:
- kubectl.1.20 (1.20.15)
- kubectl.1.21 (1.21.14)
- kubectl.1.22 (1.22.14)
- kubectl.1.23 (1.23.11)
- kubectl.1.24 (1.24.5)
- kubectl.1.25 (1.25.1)
Managed Active Directory
- Added support for
gcloud beta active-directory domains migration
for enabling existing domain migration.
Policy Troubleshooter
- Updated
gcloud policy-troubleshoot iam
beta and GA Command to use V2Alpha1 API.
Stackdriver Monitoring
- Added
--validate-only
flag togcloud monitoring dashboards create
to allow validating dashboards without saving.
Terraform
- Fixed issue where http proxy environment variables were not used in
gcloud beta terraform vet
.
Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.
403.0.0 (2022-09-20)
Breaking Changes
- (Assured Workloads) Removed AU_REGIONS_AND_US_SUPPORT as compliance regime options for
gcloud assured workloads create
command. - (Assured Workloads) Removed messages related to 'Versioning' as they should not be used externally.
- (Assured Workloads) Removed v1beta1 messages from v1 api and vice-versa.
- (Assured Workloads) Updated violation acknowledge api to POST Request.
Google Cloud CLI
- Fixed issue where MTLS endpoints were not used when
use_client_certificate
was true. - Fixed issue where
gcloud auth application-default set-quota-project
would fail ifserviceusage.services.use
permission was revoked from the active project. - Added bundled Python 3 as a default component on
x86_64
component-based Linux installs. The bundled Python 3 interpreter will be preferred over the system Python interpreter when invoking the gcloud command-line tool.- The bundled Python 3 interpreter should work on supported Linux systems, but
a different interpreter can be specified by setting the
CLOUDSDK_PYTHON
environment variable. Seegcloud topic startup
and https://cloud.google.com/sdk/docs/install#linux for more information.
- The bundled Python 3 interpreter should work on supported Linux systems, but
a different interpreter can be specified by setting the
AI
- Added
gcloud beta api indexes remove-datapoints
andgcloud beta api indexes upsert-datapoints
to support Matching Engine steaming update.
AlloyDB
- Added support to specify automated backup policy in
gcloud beta alloydb clusters create
. - Updated
gcloud beta alloydb clusters create
to support PITR (point in time recovery) configuration via new--disable-pitr
and--pitr-log-retention-window
flags.
Artifact Registry
- Fixed a bug where the plus sign ("+") was not escaped properly, making it impossible to delete artifacts with a plus sign in their version.
Batch
- Improved error message formats for
gcloud batch jobs submit
unparsable json config file,gcloud batch jobs describe
job andgcloud batch tasks describe
task that does not exist.
BigQuery
- Expose object_metadata for private preview.
- Improve error message for unparseable parameters.
Binauthz
- Updated
gcloud container binauthz attestations list
to also return occurrences in cases where the artifact-url does not begin with https.
Cloud DNS
- Added Location flag to Cloud DNS Managed Zones, Response Policies GA commands. This flag can be specified to target Cloud DNS Zonal Servers.
Cloud Dataproc
- Fixed issue where
gcloud beta dataproc sessions list
would hang when large numbers of sessions are present.
Cloud Deploy
- Added new
--from-run-manifest
togcloud deploy releases create
command. When used, a Skaffold file will be generated using the Cloud Run manifest.
Cloud Run
- Added
--encryption-key-shutdown-hours
flag togcloud beta run deploy
andgcloud beta run services update
to set the number of hours to wait before an automatic shutdown server after CMEK key revocation is detected. - Added
--clear-encryption-key-shutdown-hours
flag togcloud beta run deploy
andgcloud beta run services update
to clear the CMEK key shutdown hours setting.
Compute Engine
- Updated
gcloud compute instance-templates create
to throw error if--machine-type
/--labels
flags are used with--source-instance
. - Promoted
--compression-mode
flag togcloud compute backend-services <create | update>
to GA. - Promoted
--compression-mode
flag togcloud compute backend-buckets <create | update>
to GA.
Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.
402.0.0 (2022-09-13)
Breaking Changes
- (Google Cloud CLI) The gcloud command-line tool no longer overrides the scheme specified in the
https_proxy
environment variable. Previously, the scheme was silently ignored and the gcloud command-line tool would always attempt to connect to the proxy via HTTP, even if the proxy server URL specified HTTPS.- Note that the gcloud command-line tool does not currently support connecting to proxies via HTTPS (nor did it previously).
- If attempting to connect to an HTTP proxy results in warnings or errors,
ensure that the
https_proxy
environment variable looks likehttp://...
as opposed tohttps://...
. - See https://cloud.google.com/sdk/docs/proxy-settings#proxy_configuration for more information.
- (Batch) Deprecated positional argument
TASK_GROUP
ofgcloud batch tasks list
. - (Batch) Use
--job
as the required flag instead.
Anthos Multi-Cloud
- Added
--annotations
flag togcloud container aws node-pools create
to set the annotations field when creating AWS node pools. - Added
--annotations
flag togcloud container aws node-pools update
to update the annotations of AWS node pools. - Added
--clear-annotations
flag togcloud container aws node-pools update
to clear the annotations of AWS node pools.
Batch
- Updated
--config
flag to support job configs from Here Doc.
Cloud Dataproc
- Fixed issue where
gcloud dataproc batches list
would hang when large numbers of batches are present.
Cloud Deploy
- Added
gcloud deploy targets redeploy
command to redeploy a release to a given target. - Added
gcloud deploy rollouts retry-job
,gcloud deploy job-runs list
, andgcloud deploy job-runs describe
commands for Deployment Verification Public Preview.
Cloud Run
- Fixed issue where job-level labels are not propagated to its execution.
- Added
last updated message
togcloud beta run jobs describe
output.
Cloud Storage
- Updated gsutil component to 5.13.
- Promoted
gcloud storage
to GA.
Compute Engine
- Added
-iam-policy and
-iam-policy-bindings to
gcloud compute backend-services` for GA. - Added
gcloud compute security-policies rules add-preconfig-waf-exclusion|remove-preconfig-waf-exclusion
in alpha and beta.
Config Connector
- Updated Google Cloud Config Connector to version 1.93.0. See Config Connector Overview for more details https://cloud.google.com/config-connector/docs/overview.
GKE Hub
- Added new argument to the following commands:
gcloud container hub mesh update --management automatic
.gcloud container fleet mesh update --management automatic
.
Identity and Access Management
- Added support for executable-sourced external account credentials.
- Added support for configuring the access token lifetime for service account impersonation when using external account credentials.
Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.
401.0.0 (2022-09-07)
Google Cloud CLI
- Added warning message to indicate support for Python 2 will soon be deprecated.
AlloyDB
- Added
--view
flag togcloud alpha alloydb instances describe
to get the view of AlloyDB instance.--view=BASIC
will be the same response as describe instance without this flag, and--view=FULL
for read pool instance will list the details of each node in the pool.
Anthos Multi-Cloud
- Added
--description
flag togcloud container aws clusters update
to update the description of AWS clusters. - Added
--clear-description
flag togcloud container aws clusters update
to clear the description of AWS clusters. - Added
--annotations
flag togcloud container aws clusters update
to update the annotations of AWS clusters. - Added
--clear-annotations
flag togcloud container aws clusters update
to clear the annotations of AWS clusters. - Added
--description
flag togcloud container azure clusters create
to set the description field when creating Azure clusters. - Added
--annotations
flag togcloud container azure clusters create
to set the annotations field when creating Azure clusters. - Added
--description
flag togcloud container azure clusters update
to update the description of Azure clusters. - Added
--clear-description
flag togcloud container azure clusters update
to clear the description of Azure clusters. - Added
--annotations
flag togcloud container azure clusters update
to update the annotations of Azure clusters. - Added
--clear-annotations
flag togcloud container azure clusters update
to clear the annotations of Azure clusters.
Cloud Run
- Added execution log URI to
gcloud beta run jobs executions describe
output.
Compute Engine
- Promoted
--snapshot-type
flag ofgcloud compute snapshots create
to GA. - Added
--json-custom-content-types
forgcloud compute security-policies update
, and promoted it to beta and GA. - Promoted
--guest-os-features
flag ofgcloud compute images import
to GA. - Promoted
gcloud compute firewall-rules migrate
to beta. - Added
--share-setting
and--share-with
flags togcloud compute sole-tenancy node-groups create|update
for GA. - Added
--share-settings
flag togcloud compute sole-tenancy node-groups list
for GA. - Added
--node-project
flag togcloud compute instances create
for GA.
Network Management
- Added
cloudFunction
argument for source ingcloud network-management connectivity-tests
. This allows the user to run tests using Cloud Function endpoint types as source.
Stackdriver Logging
Promoted the following commands to beta and GA:
gcloud logging copy
gcloud logging settings get
gcloud logging settings update
gcloud logging operations cancel
gcloud logging operations describe
gcloud logging operations list
Promoted
--bucket-name
flag ofgcloud logging metrics
to beta and GA.Promoted
--cmke-kms-key-name
flag ofgcloud logging buckets
to beta and GA.
Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.
400.0.0 (2022-08-30)
Breaking Changes
- (Anthos Multi-Cloud) Removed
aws/location
property ofgcloud container aws
. Usecontainer_aws/location
to set the default Google Cloud location forgcloud container aws
. - (Anthos Multi-Cloud) Removed
azure/location
property ofgcloud container azure
. Usecontainer_azure/location
to set the default Google Cloud location forgcloud container azure
.
Anthos Multi-Cloud
- Added
--description
flag togcloud container aws clusters create
to set the description field when creating AWS clusters. - Added
--annotations
flag togcloud container aws clusters create
to set the annotations field when creating AWS clusters.
App Engine
- Use java17 as the default runtime for generated configuration.
This is a behavior change with the command
gcloud app deploy
when there is no app.yaml configuration for Java projects (Maven, or Gradle, or simple jar). Instead of using a java11 runtime target, the application will be deployed now on a java17 runtime with a F2 instance class. If you want to stay on a java11 runtime, just create a simple app.yaml file withruntime: java11
in it.
Artifact Registry
- Fixed issue where
gcloud artifacts repositories create
requires excessive permission when a kms key is supplied.
BigQuery
- Add support for specifying
vertex_ai_model_id
when in the BigQuery ML update model AI. - Add support for preserving embedded Ascii Control characters in CSV External tables.
- Add support for serving_default signature when exporting BigQuery trained Tensorflow models.
- Add support for reference file schema for AVRO, PARQUET, and ORC formats.
- Add support for BigSpark routines.
- Fix bug when api flag is used within a restricted network.
- Add support
metadata_cache_mode
andmax_staleness
for Query Acceleration on BigLake tables. - Add support for BigSpark connections.
Cloud Asset Inventory
- Added
gcloud beta asset query
. - Added
--read-time
,--start-time
,--end-time
,--bigquery-dataset
,--bigquery-table
, and--write-disposition
flags to support point-in-time/range queries and export to BigQuery.
Cloud Run
- Changed the link in
gcloud beta run jobs execute
output to the UI of the resulted execution instead of its logging UI. - Added elapsed time to
gcloud beta run jobs executions describe
output. This is between execution creation timestamp and execution completion timestamp.
Cloud Spanner
- Added
--database-role
flag togcloud spanner databases
to support role-based access control in Cloud Spanner. - Added
gcloud beta spanner databases roles list
to list all roles in Cloud Spanner database.
Config Connector
- Updated Google Cloud Config Connector to version 1.92.0. See Config Connector Overview for more details https://cloud.google.com/config-connector/docs/overview.
Kubernetes Engine
- Added
--logging-variant
flag togcloud container clusters create
,gcloud container clusters update
,gcloud container node-pools create
andgcloud container node-pools update
that allow users to set the logging variant used in the cluster or in the node pools. Selecting logging variant is available in clusters with version 1.24.2-gke.300+.--logging_variant
is used to choose the desired logging agent that is deployed on GKE nodes. Valid options areMAX_THROUGHPUT
andDEFAULT
. For more details about configuring the logging agent to achieve desired throughput, see http://cloud/stackdriver/docs/solutions/gke/managing-logs#throughput.
Secret Manager
- Added
--update-annotations
flag togcloud secrets update
andgcloud secrets beta update
to enable the addition of new annotations to secret versions. - Added
--remove-annotations
flag togcloud secrets update
andgcloud secrets beta update
to enable the removal of annotations to secret versions. - Added
--clear-annotations
flag togcloud secrets update
andgcloud secrets beta update
to enable the clearing of all annotations from a secret. - Added
--set-annotations
flag togcloud secrets create
andgcloud secrets beta create
to enable the setting of annotations on new secrets. - Added
--out-file
flag togcloud secrets versions access
andgcloud beta secrets versions access
to directly get the output in file.
Terraform
- Added support for the following resources in CAI-based policies:
google_cloudfunctions2_function_iam_binding
google_cloudfunctions2_function_iam_member
google_cloudfunctions2_function_iam_policy
google_gke_hub_membership_iam_binding
google_gke_hub_membership_iam_member
google_gke_hub_membership_iam_policy
- TF -> CAI resource conversion compiled against google provider version 4.33.0.
- Fixed asset names for the following resources:
google_compute_backend_service_iam
google_compute_instance_iam
google_compute_region_backend_service_iam
google_privateca_certificate_template_iam
- Added support for
organizations/unknown
in CAI-based policy match parameters. - Enabled support for non-Google Terraform resources in TF-based policies.
Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.
399.0.0 (2022-08-23)
AlloyDB
- Added
--cluster
flag togcloud beta alloydb operations list
to enable listing of operations pertaining to a given cluster. - Updated
gcloud beta alloydb clusters restore
to support PITR (point in time recovery) via new--source-cluster
and--point-in-time
flags.
App Engine
- Updated the Java SDK to version 1.9.98.1 to address bug https://issuetracker.google.com/issues/240455023.
Cloud Asset Inventory
- Added
gcloud asset get-effective-iam-policy
command, which retrieves batch effective IAM policies for a specified list of resources within specified accessible scope.
Cloud Dataflow
- Added
GO
togcloud flex-template build
command SDK Language options, allowing users to submit Go Flex Template jobs.
Cloud Functions
- Move Python 3.10 for Cloud Functions to GA.
Cloud Org Policy
- Added
gcloud org-policies {custom constraint}
commands that allow users to create, update, list, describe, and delete org policy custom constraints. gcloud org-policies set-custom-constraint
gcloud org-policies describe-custom-constraint
gcloud org-policies delete-custom-constraint
gcloud org-policies list-custom-constraints
.
Cloud SQL
- Set the maximum allowed value for
--storage-auto-increase-limit
ingcloud beta sql instances create
to the max value of int. This removes the hardcoded limit of 10230.
Cloud Spanner
- Promoted
gcloud spanner samples
to beta and GA. Commands in this group support creating sample databases and running open source sample applications. - Added
--instance-type
,--expire-behavior
flags tospanner instances create
andspanner instances update
to add ability to create free instances in GA. - Added instance_type column for
spanner instances list
and free_instance_availability column forspanner instance-configs list
.
Compute Engine
- Promoted
--architecture
flag ofgcloud compute disks create
to GA. - Promoted
--update-architecture
flags ofgcloud compute disks update
to GA. - Promoted
--clear-architecture
flags ofgcloud compute disks update
to GA. - Promoted
--architecture
flag ofgcloud compute images create
andgcloud compute disks update
to GA.
Network Services
- Promoted
gcloud network-services tls-routes
to GA.
Notebooks
- Added
notebooks runtimes
command group which provides access to AI Platform Notebooks' runtimes.
Transfer
- Added multipart copy feature to agent setup flags.
Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.
398.0.0 (2022-08-16)
AI
- Promoted
--autoscaling-metric-specs
flag ofgcloud ai endpoints deploy-model
to GA. - Added
--encryption-kms-key-name
flag togcloud ai endpoints create
andgcloud beta ai endpoints create
.
Artifact Registry
- Updated
gcloud artifacts docker images describe
andgcloud artifacts docker images list
to return occurrences of any Grafeas kind. - Added
gcloud artifacts repositories set-cleanup-policy
to set a cleanup policy on a repository. - Added
gcloud artifacts repositories list-cleanup-policy
to list cleanup policies on a repository. - Added
gcloud artifacts repositories delete-cleanup-policy
to delete cleanup policies on a repository.
Cloud DNS
- Added support for the ALIAS record set type to beta. ALIAS record sets can
be created/modified using
--type
flag ingcloud beta dns record-sets
command group.
Cloud Dataproc
- Fixed issue where
gcloud dataproc clusters enable-personal-auth-session-session
did not successfully inject credentials.
Cloud Deploy
- Added support for absolute paths for "
--skaffold-file
flag ofgcloud deploy releases create
commmand".
Cloud Memorystore
- Promoted
--customer-managed-key
flags ofgcloud redis instances create
to GA.
Cloud Run
- Promoted
--cpu-boost
flag to beta.
Cloud SQL
- Added
--deletion-protection
flag togcloud sql instances create
andgcloud sql instances patch
in alpha, beta and GA to provide Cloud SQL instances with protection against accidental deletion.
Cloud Spanner
- Updated default timeout for
gcloud spanner databases execute-sql
to 10 minutes.
Cloud Storage
- Updated gsutil component to 5.12.
Compute Engine
- Deprecated
--load-balancing-scheme
,--network
,--subnet
, and--subnet-region
arguments ofgcloud compute forwarding-rules set-target
. - Promoted
--resource-policies
flag forglcloud compute reservations create
to beta. - Promoted
--region
and--global
flags forgcloud compute url-maps invalidate-cdn-cache
andgcloud compute url-maps list-cdn-cache-invalidations
to GA. - Added region information to
gcloud compute health-checks list
output. - Deprecated
--no-serve-while-stale
argument ofgcloud compute [backend-services|backend-buckets] [create|update]
. - Promoted
--architecture
flag ofgcloud compute instances create
andgcloud compute instanceTemplates create
to GA.
Eventarc
- Updated WARNING text for trigger creation from 10 minutes to 2 minutes.
Network Services
- Promoted
gcloud network-services gateways
to GA.- Promoted
gcloud network-services meshes
to GA. - Promoted
gcloud network-services tcp-routes
to GA. - Promoted
gcloud network-services grpc-routes
to GA. - Promoted
gcloud network-services http-routes
to GA.
- Promoted
Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.
397.0.0 (2022-08-09)
Breaking Changes
- (Cloud Datastore) Deprecated
gcloud datastore database create
. Usegcloud alpha firestore database update --type=datastore-mode
instead. - (Cloud Firestore) The
gcloud firestore database create
will be required to administer your database. Please enable the API and ensure you have the required permissions. See https://cloud.google.com/firestore/docs/app-engine-requirement. - (Cloud Firestore)
gcloud firestore database create
will no longer support App Engine regions (us-central, europe-west). See https://cloud.google.com/firestore/docs/locations for available regions.
AI
- Added
--request-response-logging-table
and--request-response-logging-rate
flags togcloud ai endpoints create|update
to allow config prediction endpoint request-response logging.
Artifact Registry
- Added
gcloud artifacts versions describe
command. - Added
gcloud artifacts settings
to describe/modify project settings.
Batch
- Modified
gcloud batch jobs list
to use--location
as an optional flag.
Cloud DNS
- Update record-sets create and update methods for health checked routing policies.
Cloud Datastore Emulator
- Release Cloud Datastore emulator v2.2.2
- Fixed bug which caused failures when attempting to Export.
Cloud Identity-Aware Proxy
- Promoted host based flags to GA for surfaces
gcloud compute ssh
,gcloud compute scp
andgcloud compute start-iap-tunnel
.
Cloud Run
- Added
Startup Probe
andLiveness Probe
fields to the output ofgcloud run services describe [SERVICE]
.
Compute Engine
- Added 'network-firewall-policy
and 'network-regional-firewall-policy
to TYPE column of 'compute instances network-interfaces get-effective-firewalls` output.
Config Connector
- Updated Google Cloud Config Connector to version 1.91.0. See Config Connector Overview for more details https://cloud.google.com/config-connector/docs/overview.
Terraform
- Added support for the following resources in CAI-based policies:
google_artifact_registry_repository_iam_binding
google_artifact_registry_repository_iam_member
google_artifact_registry_repository_iam_policy
google_bigquery_connection_iam_binding
google_bigquery_connection_iam_member
google_bigquery_connection_iam_policy
google_cloud_tasks_queue_iam_binding
google_cloud_tasks_queue_iam_member
google_cloud_tasks_queue_iam_policy
google_cloudiot_registry_iam_binding
google_cloudiot_registry_iam_member
google_cloudiot_registry_iam_policy
google_compute_backend_bucket_iam_binding
google_compute_backend_bucket_iam_member
google_compute_backend_bucket_iam_policy
google_compute_snapshot_iam_binding
google_compute_snapshot_iam_member
google_compute_snapshot_iam_policy
google_dataproc_autoscaling_policy_iam_binding
google_dataproc_autoscaling_policy_iam_member
google_dataproc_autoscaling_policy_iam_policy
google_dataproc_metastore_service_iam_binding
google_dataproc_metastore_service_iam_member
google_dataproc_metastore_service_iam_policy
- TF -> CAI resource conversion compiled against google provider version 4.30.0.
- Resources without a known project, folder, or organization will have their
ancestry set to
organizations/unknown
instead of throwing a 403 error that halts validation.
Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.
396.0.0 (2022-08-02)
AI
- Added
--labels
flag togcloud ai models upload
to support setting labels. Use--labels
flag to set metadata to organize your models and model versions. Label keys and values can be no longer than 64 characters (Unicode codepoints), can only contain lowercase letters, numeric characters, underscores and dashes. International characters are allowed. See https://goo.gl/xmQnxf for more information and examples of labels.
Cloud Identity-Aware Proxy
- Promoted
gcloud iap tcp dest-groups
to GA.
Cloud Logging
- Promoted
--index
flag ofgcloud logging buckets create
to GA. - Promoted
--clear-indexes
flag ofgcloud logging buckets update
to GA. - Promoted
--remove-indexes
flag ofgcloud logging buckets update
to GA. - Promoted
--add-index
flag ofgcloud logging buckets update
to GA. - Promoted
--update-index
flag ofgcloud logging buckets update
to GA.
Compute Engine
- Promoted
--maintenance-interval
flag ofgcloud compute commitments create
to beta.
Compute OS Config
- Promoted
gcloud compute os-config troubleshoot
to GA.- Troubleshoot common issues with VM Manager.
Config Connector
- Updated Google Cloud Config Connector to version 1.90.0. See Config Connector Overview for more details https://cloud.google.com/config-connector/docs/overview.
Database Migration
- Fixed issue where creation of a migration job in a project inside a VPC-SC perimeter constantly failed.
- Fixed issue where creation of a connection profile in a project inside a VPC-SC perimeter constantly failed.
Identity Groups
- Fixed issue where
gcloud identity groups create
will fail when specifying--group-type=security
.
Identity and Access Management
- Added
--service-account-token-lifetime-seconds
flag togcloud iam <workforce-pools|workload-identity-pools> create-cred-config
command to allow configuring the access token lifespan for service account impersonation.
Recommender
- Added support for
gcloud recommender recommender-config describe
. - Added support for
gcloud recommender recommender-config update
. - Added support for
gcloud recommender insight-type-config describe
. - Added support for
gcloud recommender insight-type-config update
.
Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.
395.0.0 (2022-07-26)
AI
- Modified
gcloud ai models upload
to support model version aliases. Use--version-aliases
flag to set version aliases so that a model version can be referenced via alias (i.e. projects/{project}/locations/{location}/models/{model_id}@{version_alias} instead of auto-generated version id (i.e. projects/{project}/locations/{location}/models/{model_id}@{version_id}). The format is [a-z][a-zA-Z0-9-]{0,126}[a-z0-9] to distinguish from version_id. The aliases set in the flag will replace the aliases set in the model.
App Engine
- Updated the Java SDK to version 1.9.98. Please visit the following release notes for details: https://cloud.google.com/appengine/docs/java/release-notes.
Artifact Registry
- Added
gcloud artifacts packages describe
command.
Cloud Deploy
- Added new
--from-k8s-manifest
toreleases create
command. When used, a Skaffold file will be generated.
Cloud Domains
- Implemented the following commands for
gcloud domains registrations
in alpha and beta.import
list-importable-domains
Cloud Functions
- Updated
gcloud functions list
to return 2nd gen functions in addition to 1st gen functions. - Fixed crash in
gcloud beta functions deploy --gen2
failures causing the error message "This stage does not belong to this progress tracker". - Promoted
--gen2
flag ofgcloud functions add-iam-policy-binding
to GA. - Promoted
--gen2
flag ofgcloud functions call
to GA. - Promoted
--gen2
flag ofgcloud functions delete
to GA. - Promoted
--gen2
flag ofgcloud functions deploy
to GA. - Promoted
--gen2
flag ofgcloud functions describe
to GA. - Promoted
--gen2
flag ofgcloud functions get-iam-policy
to GA. - Promoted
--gen2
flag ofgcloud functions remove-iam-policy-binding
to GA. - Promoted
--gen2
flag ofgcloud functions set-iam-policy
to GA. - Promoted
--gen2
flag ofgcloud functions event-types list
to GA. - Promoted
--gen2
flag ofgcloud functions logs read
to GA. - Promoted
--gen2
flag ofgcloud functions regions list
to GA. - Promoted
gcloud functions add-invoker-policy-binding
to GA. - Promoted
gcloud functions remove-invoker-policy-binding
to GA.
Cloud Healthcare
- Added
--schema-type
valueanalytics_v2
togcloud healthcare fhir-stores export bq
.
Cloud Identity-Aware Proxy
- Renamed flag
--group-name
to--dest-group
forgcloud iap tcp dest-groups
IAM commands.
Cloud Pub/Sub
- Fixed issue where
gcloud pubsub subscriptions create
andgcloud pubsub subscriptions update
will crash when specifying--min-retry-delay=0
and/or--max-retry-delay=0
. - Fixed issue where
gcloud pubsub subscriptions create
will crash when specifying--retention_duration=0
.
Cloud Run
- Added
--description
flag ingcloud run deploy
, and description field ingcloud run services describe [SERVICE]
.- Description is an optional, human-readable string of up to 512 characters.
- Using the flag is functionally equivalent to adding service annotation "run.googleapis.com/description".
Compute Engine
- Added
--update-user-licenses
and--clear-user-licenses
flags ofgcloud compute images update
to alpha and beta. - Made global scope the default for
gcloud compute security-policies
.
Config Controller
- Added
--man-blocks
flag togcloud anthos config controller create
to allow specifying multiple master authorized network CIDR blocks for a CC instance. - Deprecated
--man-block
flag ofgcloud anthos config controller create
. Use--man-blocks
to set master authorized network CIDR block. - Modified
gcloud anthos config controller list
to print out only the instance name instead of the fully specified name. - Added
--full-name
flag togcloud anthos config controller list
to allow users printing out the fully specified name in the NAME column when needed.
GKE Hub
- Promote
gcloud container hub memberships generate-gateway-rbac
to GA.
Kubernetes Engine
- Add
cgroupMode
node system config option to allow switching nodes to cgroupv1 or cgroupv2. - Updates default kubectl from 1.22.9 to 1.22.12
- Additional kubectl versions:
- kubectl.1.19 (1.19.16)
- kubectl.1.20 (1.20.15)
- kubectl.1.21 (1.21.14)
- kubectl.1.22 (1.22.12)
- kubectl.1.23 (1.23.9)
- kubectl.1.24 (1.24.3)
Pubsub Emulator
- Added support for creating BigQuery subscriptions.
Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.
394.0.0 (2022-07-19)
AI
- Modified
gcloud ai models describe
to support model versioning. - Added europe-west9 option to
--region
flag ofgcloud ai custom-jobs
andgcloud ai hp-tuning-jobs
.- Provide the model version ID or version alias to retrieve a specific version of the model.
- If no model version ID or alias is specified, the "default" model version will be used. The "default" version alias is created for the first version of the model, and can be moved to other versions later on. There will be exactly one default version.
- Added
gcloud ai models delete-version
which deletes an existing Vertex AI model version.
Anthos Multi-Cloud
- Added
--ssh-public-key
flag togcloud container azure node-pools update
to update the SSH public key for the Azure node pool nodes.
Artifact Registry
- Fixed a bug where the plus sign ("+") was not escaped properly, making it impossible to delete artifacts with a plus sign in their name.
Bare Metal Solution
- Started using v2.projects.locations.operations instead of v1.operations for
the following commands:
gcloud bms instances start
gcloud bms instances reset
gcloud bms instances disable-serial-console
gcloud bms instances enable-serial-console
gcloud bms instances update
gcloud bms networks update
gcloud bms nfs-shares update
gcloud bms volumes update
gcloud bms volumes restore
gcloud bms operations describe
gcloud bms operations wait
- Promoted
--os-image
flag ofgcloud bms instances update
to GA. - Promoted
--[no-]enable-hyperthreading
flag ofgcloud bms instances update
to GA. - Promoted
--add-ip-range-reservation
flag ofgcloud bms networks update
to GA. - Promoted
--clear-ip-range-reservations
flag ofgcloud bms networks update
to GA. - Promoted
--remove-ip-range-reservation
flag ofgcloud bms networks update
to GA. - Promoted
gcloud bms networks list-ip-reservations
to GA.
Batch
- Promoted
gcloud batch
to alpha and beta which enables the CLI to use Batch APIs.
Cloud Deploy
- Changed the default bucket name upload path on release create to use the pipeline UUID.
- Added mutex flags
--enable-initial-rollout
and--disable-initial-rollout
.
Cloud Key Management Service
- Modified
gcloud kms import-jobs create
to accept new SHA-2 import methodsrsa-oaep-3072-sha256
,rsa-oaep-3072-sha256-aes-256
,rsa-oaep-4096-sha256
, andrsa-oaep-4096-sha256-aes-256
in beta.
Cloud SQL
- Added support for incremental addition of user password policies.
Cloud Storage
- Updated gsutil component to 5.11.
Compute Engine
- Added
--layer7-ddos-defense-auto-deploy-load-threshold
,--layer7-ddos-defense-auto-deploy-confidence-threshold
,--layer7-ddos-defense-auto-deploy-impacted-baseline-threshold
, and--layer7-ddos-defense-auto-deploy-expiration-sec
togcloud compute security-policies update
togcloud beta compute security-policies update
. - Promoted flags
--enable-strong-affinity
ofgcloud compute backend-services create
andgcloud compute backend-services update
to GA.
Google Cloud CLI
- Replaced the default login flow when a browser is not detected from
--no-browser
to--no-launch-browser
.
Identity and Access Management
- Removed
etag
flag fromgcloud beta iam policies update
command. The command will always use theetag
in the policy file.
Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.
393.0.0 (2022-07-12)
Breaking Changes
- (AlloyDB) Updated
gcloud beta alloydb instances create
andgcloud beta alloydb instances update
to remove the unused--zone
flag. - (Cloud Datastore Emulator) Removed support for running the Datastore emulator (
gcloud beta emulators datastore start
) in environment with Java versions prior to 11. Users can upgrade to Java 11 or above to continue using the latest Datastore emulator. Alternatively, users can use gcloud command-line tool with version before 392.0.0 to continue using the previous Datastore emulator with Java 8 support. - (Cloud Firestore Emulator) Removed support for running the Firestore emulator (
gcloud beta emulators firestore start
) in environment with Java versions prior to 11. Users can upgrade to Java 11 or above to continue using the latest Firestore emulator. Alternatively, users can use gcloud command-line tool with version before 392.0.0 to continue using the previous Firestore emulator with Java 8 support.
AI
- Added
gcloud ai models delete-version
which delete an existing Vertex AI model version. - Modified
gcloud ai models upload
to support model versioning. Use--parent-model
flag to specify the parent model of the model version to be uploaded. When this flag is specified, a new version of the parent model will be uploaded. Use--model-id
flag to specify the model ID for the uploaded model. - Fixed an issue for
gcloud ai custom-jobs create
that the value of the--args
and--command
flags are not passed when the--worker-pool-spec
flag is left unspecified.
AlloyDB
- Updated
gcloud beta alloydb instances create
andgcloud beta alloydb instances update
to allow--cpu-count
of 2.
Artifact Registry
- Fixed issue where
gcloud artifacts packages delete
requires the package id unescaped.
Cloud Dataproc
- Added
bootDiskKmsKey
key in--pools
flag togcloud dataproc clusters gke create
to allow creating Dataproc on GKE cluster with CMEK protected node pool.
Cloud Datastream
- Added
--bigquery-destination-config
flag togcloud datastream streams <create/update>
. - Added
bigquery
type to--type
flag ofdatastream connection-profiles <create/update>
.
Cloud Deploy
- Added optional flags
--labels
and--annotations
for users to add labels or annotations to apply togcloud deploy targets rollback
command.
Cloud Firestore Emulator
- Release Cloud Firestore emulator v1.14.4
- Fix: Condition Normalization now correctly handles cartesian products and flattening in certain edge cases.
Cloud Functions
- Promoted
--docker-registry
flag ofgcloud functions deploy
to GA. - Move PHP 8.1 for Cloud Functions to GA.
- Added
gcloud functions runtimes list
which displays the supported runtimes for both 1st & 2nd generation functions.
Cloud Key Management Service
- Promoted
--wrapped-key-file
flag ofgcloud kms keys versions import
to GA. - Deprecated
--rsa-aes-wrapped-key-file
flag ofgcloud kms keys versions import
. Use--wrapped-key-file
instead.
Cloud Memorystore
- Promoted
--persistence-mode
,--rdb-snapshot-period
and--rdb-snapshot-start-time
flags ofgcloud redis instances create
to GA. - Promoted
--persistence-mode
,--rdb-snapshot-period
and--rdb-snapshot-start-time
flags ofgcloud redis instances update
to GA.
Cloud SQL
- Added flag
--password-policy-enable-password-verification
togcloud sql users create
andgcloud sql users set-password-policy
for MySQL password validation. - Added flags
--discard-dual-password
and--retain-password
togcloud sql users set-password
to allow control over MySQL's dual password.
Cloud Speech API
- Added
latest_short
andlatest_long
options forgcloud ml speech <recognize | recognize-long-running> --model
flag.
Cloud TPU
- Updated
tpus tpu-vm ssh
to return an error when users attempt to ssh into a TPU VM during a maintenance event.
Compute Engine
- Promoted
--target-distribution-shape
flag ofgcloud compute instances bulk create
to GA. - Promoted
--key-revocation-action-type
flag to GA forgcloud compute instance-templates create
. - Promoted explicit scope requirement for
gcloud compute security-policies
to beta. - Promoted
--network-ddos-protection
flag ofgcloud compute security-policies create
to beta. - Promoted
gcloud compute network-edge-security-services
to beta. - Promoted
--key-reservation-action-type
flag to GA forgcloud compute instances create
. - Promoted
keyRevocationActionType
property ofgcloud compute instances update-from-file
to GA.
Compute Firewall Policies
- Promoted
--src-region-codes
and--dest-region-codes
flags to beta ingcloud compute firewall-policies rules create
,gcloud compute firewall-policies rules update
,gcloud compute network-firewall-policies rules create
andgcloud compute network-firewall-policies rules update
commands. - Promoted
--src-threat-intelligence
and--dest-threat-intelligence
flags to beta ingcloud compute firewall-policies rules create
,gcloud compute firewall-policies rules update
,gcloud compute network-firewall-policies rules create
andgcloud compute network-firewall-policies rules update
commands.
Config Connector
- Updated Google Cloud Config Connector to version 1.89.0. See Config Connector Overview for more details https://cloud.google.com/config-connector/docs/overview.
Config Controller
- Added
--man-blocks
flag togcloud anthos config controller create
to allow specifying multiple master authorized network CIDR blocks for a CC instance. - Deprecated
--man-block
flag ofgcloud anthos config controller create
. Use--man-blocks
to set master authorized network CIDR block.
Kubernetes Engine
- Added
--binauthz-evaluation-mode
flag togcloud container clusters create
command. - Added
--binauthz-evaluation-mode
flag togcloud container clusters create-auto
command. - Added
--binauthz-evaluation-mode
flag togcloud container clusters update
command. - Added
--total-max-nodes
and--total-min-nodes
togcloud container cluster/node-pools create/update
that allow users to set total size limits for autoscaled nodepools. The limits are available in clusters with version 1.24+. - Added
--location-policy
togcloud container cluster/node-pools create/update
that allow users to set location policy for autoscaled nodepools. The location policy is available in clusters with version 1.24.1-gke.800+.
Transcoder
- added support for
--labels
flag when creating a new job/job template.
Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.
392.0.0 (2022-06-28)
Anthos Multi-Cloud
- Added
--iam-instance-profile
flag togcloud container aws clusters update
andgcloud container aws node-pools update
to update the name or ARN of the IAM instance profile associated with control plane or node pool. - Added
--ssh-public-key
flag togcloud container azure clusters update
to update the SSH public key for the Azure control plane. - Added
--logging
flag togcloud container aws clusters update
andgcloud container azure clusters update
to update the logging config.
App Engine
- Updated the Java SDK to version 1.9.97. Please visit the following release notes for details: https://cloud.google.com/appengine/docs/java/release-notes.
Certificate Authority Service
- Added
--unconstrained-chain-length
flag togcloud privateca subordinates create
to allow creation of a subordinate CA with unconstrained chain length. - Added
--unconstrained-chain-length
flag togcloud privateca roots create
to allow creation of a root CA with unconstrained chain length. - Added
--unconstrained-chain-length
flag togcloud privateca certificates create
to allow creation of a CA with unconstrained chain length.
Certificate Manager
- Promoted
gcloud certificate-manager
to GA. - Allowed using project number in
gcloud certificate-manager
commands.
Cloud Bigtable
- Promoted
gcloud bigtable instances tables undelete
to beta and GA. - Added
--autoscaling-storage-target
flags togcloud bigtable clusters create
for alpha, beta and GA to let users create autoscaling clusters with configurable storage target. - Added key
autoscaling-storage-target
to--cluster-config
flag ofgcloud bigtable instances create
for alpha, beta and GA to let users create autoscaling clusters with configurable storage target. - Added
--autoscaling-storage-target
flag togcloud bigtable clusters update
for alpha, beta and GA to let users configure autoscaling storage target when updating clusters.
Cloud Deploy
- Added new command
gcloud deploy releases abandon
to prevent new rollouts on a Cloud Deploy release. - Added
suspended
field to the Delivery Pipeline resource. If this field is set, activity on a pipeline is prevented. The field can be set or unset in the Delivery Pipeline definition, and then applied usinggcloud deploy apply
.
Cloud TPU
- Fixed an issue with connection to TPU VMs when the 'compute.disableGuestAttributesAccess' Organization Policy Constraint is enforced.
Compute Engine
- Added
--list-managed-instances-results
flag togcloud beta compute instance-groups managed create
andgcloud beta compute instance-groups managed update
. - Promoted
--certificate-map
of 'compute target-https-proxies insert|update` to GA. - Promoted
--certificate-map
of 'compute target-ssl-proxies insert|update` to GA.
Dataproc Metastore
- Promoted
--network-config-from-file
and--consumer-subnetworks
flag togcloud beta metastore services create
to specify the subnetworks from which the Dataproc Metastore service can be accessed to GA.
Eventarc
- Added
gcloud eventarc google-channels
command group. - Added
gcloud eventarc channels update
command to configure crypto keys on a channel. - Added
--crypto-key
flag togcloud eventarc channels create
to configure crypto keys on a new channel.
Google Cloud CLI
- Updated login flow initiated by
gcloud auth login --no-launch-browser
andgcloud auth application-default login --no-launch-browser
to address a security issue.
Kubernetes Engine
- Promoted
--enable-cost-allocation
flag ofgcloud container clusters create
to beta. - Promoted
--enable-cost-allocation
flag ofgcloud container clusters update
to beta. - Renamed
--enable-cost-management
flag ofgcloud container clusters create
to--enable-cost-allocation
. - Renamed
--enable-cost-management
flag ofgcloud container clusters update
to--enable-cost-allocation
. - Added
--stack-type
and--ipv6-access-type
arguments togcloud container clusters create
command to support dual stack GKE clusters.
Terraform
- Added support for the following resources in CAI-based policies:
google_access_context_manager_access_policy
- TF -> CAI resource conversion compiled against
google
provider version 4.24.0. - Fixed the ancestry used for resources that do not exist within a project.
Users may need
folders.get
access to folders that have resources included in the plan. - Simplified converter error messages and added resource address.
- Added support for
ancestries
/excludedAncestries
match parameters for CAI-based constraints.
Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.
391.0.0 (2022-06-22)
Breaking Changes
- (Anthos Multi-Cloud) Removed
--instance-type
flag ofgcloud container aws node-pools update
to disable updating the EC2 instance type of node pool nodes.
Assured Workloads
- Added ITAR as compliance regime options for
gcloud assured workloads create
command.
Cloud Dataflow
- Added a
--force
flag togcloud dataflow jobs cancel
which forcibly cancels (leaking VMs) Dataflow jobs that are stuck on normal cancellation.
Cloud Filestore
- Enable Filestore High-Scale tier for GA.
Cloud Identity-Aware Proxy
- Promoted flags for host based connetion for command
gcloud compute start-iap-tunnel
to beta. - Promoted
gcloud iap oauth-brands
surface to GA. - Promoted
gcloud iap oauth-clients
surface to GA.
Cloud SQL
- Promoted SQL Server Audit to GA.
Compute Engine
- Updated
gcloud compute networks subnets list-usable
list format to include PSC and IPv6 fields.
Dataproc Metastore
Added support for managing Dataproc Metastore Federation. The following commands have been added to the alpha, beta and GA release tracks:
metastore federations create
metastore federations delete
metastore federations describe
metastore federations get
metastore federations list
metastore federations update
Added support for managing IAM policy for Dataproc Metastore Federation. The following commands have been added to the GA release track:
metastore federations get-iam-policy
metastore federations set-iam-policy
metastore federations add-iam-policy-binding
metastore federations remove-iam-policy-binding
Identity and Access Management
- Added
--executable-command
flag togcloud iam workload-identity-pools create-cred-config
command to allow executable sourced credentials.
Managed Active Directory
- Adding support for
gcloud beta active-directory domains extend-schema
for initiating schema extension on domain.
Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.
390.0.0 (2022-06-14)
Access Approval
- Added
gcloud access-approval requests invalidate
to invalidate an existing approval.
BigQuery
- Add support for
partitioning_type
with--time_partitioning_type
flag in Scheduled Queries when a schedule is specified by--schedule
inbq query
. - Added support for showing table clone info in
bq show
. - Added support for both Workload and Workforce identity federation.
- Added
--max_time_travel_hours
flag tobq mk
. - Added
--autodetect_schema
flag tobq update
. - Added flag
--preserve_ascii_control_characters
tobq load
to allow ASCII Control chars. - Updated the comment on
--restore
flag inbq cp
to reflect that it's deprecated. - Added support for dataset tags.
- Minor bug fixes and dependency updates.
- Add
--federated_app_client_id
and--federated_azure
flags tomk
command. - Add
--federated_app_client_id
flag toupdate
command. - Add support for
LOAD DATA
query.
Cloud Dataproc
- Added
--metric-sources, --metric-overrides and --metric-overrides-file
flags togcloud beta dataproc clusters create
to allow clusters to be created with a metric sources specified, override specific set of metrics using a list or a file as an input. - Added
--metric-sources, --metric-overrides and --metric-overrides-file
flag togcloud beta dataproc workflow-templates set-managed-cluster
to allow managed clusters created with a metric sources specified, override specific set of metrics using a list or a file as an input. - Modified
gcloud dataproc clusters export
to remove un-importable fields on Dataproc on GKE clusters.
Cloud Firestore
- Added
gcloud beta firestore fields ttls
command group.
Cloud Pub/Sub
- Fixed issue where
gcloud --format=json beta pubsub subscriptions pull --auto-ack
andgcloud --format=json alpha pubsub subscriptions pull --auto-ack
output was backwards incompatible. This issue can be tracked at https://issuetracker.google.com/issues/222551623.
Cloud Run
- Added
--description
flag ingcloud beta run deploy
, and description field ingcloud beta run services describe [SERVICE]
.- Description is an optional, human-readable string of up to 512 characters.
- Using the flag is functionally equivalent to adding service annotation "run.googleapis.com/description".
Compute Engine
- Promoted
network-firewall-policies
command group to GA. - Promoted
gcloud compute instances create --visible_core_count
to beta.
Config Connector
- Updated Google Cloud Config Connector to version 1.88.0. See Config Connector Overview for more details https://cloud.google.com/config-connector/docs/overview.
Kubernetes Engine
- Added
--enable-confidential-nodes
togcloud container cluster create
to enable cluster creation with nodes on Confidential VM. Added--enable-confidential-nodes
flag togcloud container node-pools create/update
to allow creating node-pools with confidential nodes, and updating existing node pools to confidential nodes.
Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.
389.0.0 (2022-06-07)
Anthos Multi-Cloud
- Added
--instance-type
flag togcloud container aws node-pools update
to update the EC2 instance type of node pool nodes.
Artifact Registry
- Added new command
gcloud artifacts files list
to list files in a specific repository.
Cloud Composer
- Added
--enable-master-authorized-networks
and--master-authorized-networks
flags togcloud composer environments create
command. - Added
--enable-master-authorized-networks
and--disable-master-authorized-networks
and--master-authorized-networks
togcloud composer environments update
command. - Added
--enable-ip-masq-agent
flag togcloud composer environments create
command to enable IP address masquerading in the GKE cluster.
Cloud DNS
- Add setIamPolicy and getIamPolicy commands in beta.
Cloud Filestore
- Add support for Filestore's multi-share instances to
gcloud beta filestore instances list
. CAPACITY_GB will show the instance's capacity for multi-share instances instead of an empty string. FILE_SHARE_NAME will show "N/A" for multi-share instances instead of an empty string.
Cloud Identity-Aware Proxy
- Promoted
gcloud iap tcp dest-groups
command group to beta.
Cloud Run
- Promoted
--session-affinity
ofgcloud run
to beta.
Cloud SQL
- Add command
gcloud sql generate-login-token
to generate down-scoped OAuth2 access tokens for IAM database authentication.
Compute Engine
- Modified
--ssl-certificates
flag to be optional ingcloud compute target-https-proxies create
. - Updated the documentation for
--mtu
flag ofcompute networks create|update
. - Updated the validation for
--enable-logging
and--logging-sample-rate
flags ofbeta compute backend-services create|update
. - Updated the documentation for
--logging-sample-rate
flag ofcompute backend-services create|update
.
Config Connector
- Updated Google Cloud Config Connector to version 1.87.0. See Config Connector Overview for more details https://cloud.google.com/config-connector/docs/overview.
Database Migration
- Renamed
--sync
flag to--no-async
flag togcloud database-migrate migration-jobs create
command to wait for the migration job creation operation to be completed before proceeding. - Added
--no-async
flag togcloud database-migrate migration-jobs update
command to wait for the migration job updation operation to be completed before proceeding. - Updated
gcloud database-migration connection-profiles create cloudsql
to support the flag root-password. - Added
--no-async
flag togcloud database-migrate migration-jobs create
command to wait for the connection profile creation operation to be completed before proceeding.
Kpt
- Updated kpt from v1.0.0-beta.13 to v1.0.0-beta.15. See https://github.com/GoogleContainerTools/kpt/releases/tag/v1.0.0-beta.15 for more details.
- The kpt fn commands now includes Kptfile and functionConfig in the function input by default. Previously this behavior was controlled using
--enable-meta-resources
command-line flag. --enable-meta-resources
flag is also deprecated. If this disrupts any of your config workflow, you can use exclude functionality to exclude resources from function inputs. This functionality was added in this release to minimize the disruption. - The kpt website is overhauled to reflect the new scope of kpt project. New components package orchestrator, Configuration as Data UI and Config Sync are added to the project.
- Added package orchestrator (a.k.a.
porch
) CLI interface under alpha subgroup (kpt alpha rpkg
,kpt alpha repo
,kpt alpha sync
). - Added command-line flag
--save
tokpt fn eval
to save evaluated function to package's Kptfile. - Added capability to select resources using
labelSelector
andannotationSelector
inkpt fn eval
andkpt fn render
. - Added capability to exclude resources in
kpt fn eval
andkpt fn render
. - Added support for variant constructor pattern in
kpt pkg init
andkpt pkg get
. - Added capability to execute functions in a kubernetes cluster using porch.
Kubernetes Engine
- Added
podPidLimits
kubelet config option which controls per pod pid limits togcloud container clusters create
,gcloud container node-pools create
, andgcloud container node-pools update
. - Updates default kubectl from 1.21 to 1.22.
- Additional kubectl versions:
- kubectl.1.19 (1.19.16)
- kubectl.1.20 (1.20.15)
- kubectl.1.21 (1.21.13)
- kubectl.1.22 (1.22.9)
- kubectl.1.23 (1.23.6)
- kubectl.1.24 (1.24.0)
Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.
388.0.0 (2022-06-01)
Google Cloud CLI
- Added Cloud SQL OAuth scope to Application Default Credential.
AI
- Fixed issue where unspecified
--network
and--service-account
flags ofgcloud ai hp-tuning-jobs create
mistakenly overrode the corresponding values set via--config
flag.
Apigee
- Promoted
gcloud apigee operations
to beta.
Bare Metal Solution
- Updated
gcloud bms instances list
to also return the IP addresses of instances that do not use the default network template.
Cloud Bigtable
- Removed
NAME
column output frombigtable hot-tablets list
.
Cloud Datastore Emulator
- Release Cloud Datastore Emulator version 2.2.1
- Fixes
--firestore_in_datastore_mode
flag parsing.
- Fixes
Cloud Deploy
- Fixed issue where
gcloud deploy targets rollback
redeployed to the current release instead of rolling back to the previous release. This occurred in cases where the name of the release to rollback to was not provided.
Cloud Functions
- Added
--gen2
support for--set-secrets
,--update-secrets
,--remove-secrets
and--clear-secrets
flags ofgcloud functions deploy
to beta, alpha.
Cloud On Demand Scanning
- Fixed issue where scanning for Maven vulnerabilities would occasionally fail.
Compute Engine
- Promoted
network-firewall-policies
command group to GA.
Config Connector
- Updated Google Cloud Config Connector to version 1.86.0. See Config Connector Overview for more details https://cloud.google.com/config-connector/docs/overview.
Database Migration
- Added
--sync-
flag togcloud database-migrate migration-jobs create
command to wait for the migration job creation operation to be completed before proceeding.
Kubernetes Engine
- Added
podPidLimits
kubelet config option which controls per pod pid limits togcloud container clusters create
,gcloud container node-pools create
, andgcloud container node-pools update
. - Updated the following GA commands to support IAM Conditions:
gcloud beta attestors get-iam-policy
outputs conditions associated with each binding.gcloud beta attestors set-iam-policy
accepts policies with conditional bindings.gcloud beta attestors <add|remove>-iam-policy-binding
accepts conditional bindings via new--condition
and--condition-from-file
flags.gcloud beta policy get-iam-policy
outputs conditions associated with each binding.gcloud beta policy set-iam-policy
accepts policies with conditional bindings.gcloud beta policy <add|remove>-iam-policy-binding
accepts conditional bindings via new--condition
and--condition-from-file
flags.
Terraform
- Added support for the following resources in CAI-based policies:
google_access_context_manager_access_policy_iam_binding
google_access_context_manager_access_policy_iam_member
google_access_context_manager_access_policy_iam_policy
google_endpoints_service_consumers_iam_binding
google_endpoints_service_consumers_iam_member
google_endpoints_service_consumers_iam_policy
google_privateca_certificate_template_iam_binding
google_privateca_certificate_template_iam_member
google_privateca_certificate_template_iam_policy
- TF -> CAI resource conversion compiled against
google
provider version 4.20.0. - Added output of logs based on configuration of log level.
Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.
387.0.0 (2022-05-24)
Anthos Multi-Cloud
- Fixed issue where
gcloud container aws clusters get-credentials --private-endpoint
andgcloud container azure clusters get-credentials --private-endpoint
commands do not work for clusters in a project different from the default project.
Cloud Composer
- Added
--enable-privately-used-public-ips
flag togcloud composer environments create
command to enable using privately used public IP address ranges feature in the GKE cluster.
Cloud Dataproc
- Added
--properties-file
flag togcloud beta dataproc jobs submit
.
Cloud Deploy
- Fixed
gcloud deploy releases <create|promote>
andgcloud deploy targets rollback
to support--format
flag.
Cloud Functions
- - Added
--trigger-event-filters-path-pattern
flag togcloud beta functions deploy
.
Cloud Pub/Sub
- Added
--bigquery-table
,--write-metadata
,--use-topic-schema
, and--drop-unknown-fields
flags togcloud pubsub subscriptions create
to set BigQuery configuration options in Cloud Pub/Sub subscriptions. - Added
--bigquery-table
,--write-metadata
,--use-topic-schema
,--drop-unknown-fields
, and--clear-bigquery-config
flags togcloud pubsub subscriptions update
to update BigQuery configuration options in Cloud Pub/Sub subscriptions.
Compute Engine
- Added
22.04
to allowed list of values for--version
ofgcloud beta compute instances ops-agents policies [create|update]
. - Promoted
delete
command ofgcloud compute instance-groups managed all-instances-config
to beta. - Promoted
update
command ofgcloud compute instance-groups managed all-instances-config
to beta. - Promoted
--region
forgcloud compute ssl-policies
to beta. - Promoted
--region
flag forgcloud compute target-tcp-proxies
to beta. - Added
--target-distribution-shape
flag togcloud compute instances bulk create
to specify shape of distribution in regional bulk insert for alpha and beta.
Config Connector
- Updated Google Cloud Config Connector to version 1.85.0. See Config Connector Overview for more details https://cloud.google.com/config-connector/docs/overview.
Eventarc
- Added
gcloud eventarc audit-logs-provider
command group.
Stackdriver Monitoring
- Promoted
gcloud monitoring metrics-scopes
command group to beta.
Terraform
- Added support for the following resources in CAI-based policies:
google_access_context_manager_access_policy_iam_binding
google_access_context_manager_access_policy_iam_member
google_access_context_manager_access_policy_iam_policy
google_endpoints_service_consumers_iam_binding
google_endpoints_service_consumers_iam_member
google_endpoints_service_consumers_iam_policy
google_privateca_certificate_template_iam_binding
google_privateca_certificate_template_iam_member
google_privateca_certificate_template_iam_policy
- TF -> CAI resource conversion compiled against
google
provider version 4.20.0.
Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.
386.0.0 (2022-05-17)
Google Cloud CLI
- Added Cloud SQL OAuth scope to
gcloud auth login
.
Anthos Identity Service
- Promoted
gcloud container hub identity-service
to GA. - Promoted
gcloud container fleet identity-service
to GA.
App Engine
- Promoted
--service-account
flag ofgcloud app deploy
to GA.
App Engine Flexible Environment
- Promoted
--service-account
flag ofgcloud app deploy
to GA.
Cloud Build
- Add
--include-logs-with-status
flag togcloud triggers create
.
Cloud Composer
- Improve error message in case of lacking permissions in
gcloud composer environments storage * delete
commands.
Cloud IAM
- Added
gcloud iam workload-identity-pools create-saml
andgcloud iam workload-identity-pools update-saml
commands to manage SAML workload identity pool providers.
Cloud Memorystore
- Promoted support for maintenance windows in
gcloud memcache
to GA. - Promoted the command
gcloud memcache reschedule-maintenance
to GA.
Cloud Run
- Modified
gcloud run services describe
to include session affinity configuration.
Cloud SQL
- Changed the prompt generated by
--prompt-for-password
forgcloud sql users set-password
fromInstance Password:
toNew Password:
, sinceset-password
command changes a database user's password, not the instance's password. - Setting max-login-attempts will also set enable-password-verification to true.
Compute Engine
- Promoted
--service-bindings
flag ofgcloud compute backend-services create|update
commands to GA. - Promoted
gcloud compute backend-services add-service-bindings
andgcloud compute backend-services remove-service-bindings
commands to GA. - Promoted
--provisioning-model
and--instance-termination-action
flags ofgcloud compute instances set-scheduling
to GA. - Promoted sole tenancy flags of
gcloud compute instances update
to GA. - Added
--network-performance-configs
flag togcloud compute instances bulk create
. - Promoted
--disable-automate-dns-zone
flag ofgcloud compute forwarding-rules create
to GA. - Promoted
--stack-type
flag to GA forgcloud compute networks peeerings <create|update>
. - Added windows-2022 & windows-2022-byol options to
--os
flag for:gcloud compute images import
in GA,gcloud compute instances import
in GAgcloud compute machine-images import
in GA
Config Connector
- Updated Google Cloud Config Connector to version 1.84.0. See Config Connector Overview for more details https://cloud.google.com/config-connector/docs/overview.
Database Migration
- Updated
gcloud database-migration migration-jobs create
command to create a migration job without any connectivity method (if connectivity isn't specified). - Added
gcloud database-migration migration-jobs create --static-ip
command to create a migration job with static IP connectivity. This was the default behavior. - Added
gcloud database-migration migration-jobs update --static-ip
command to update a migration job with static IP connectivity.
Distributed Cloud Edge
- Added
--clear-maintenance-window
flag togcloud edge-cloud container clusters update
which removes the maintenance window setting of a cluster. - Updated
gcloud edge-cloud container clusters node-pools list
to make specifying a parent cluster optional. When--cluster
is not specified, all node pools are listed.
Managed Active Directory
- Promoted
gcloud active-directory domains backups
andgcloud active-directory domains restore
to GA.
Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.
385.0.0 (2022-05-10)
Google Cloud CLI
- Updated bundled Python executable for Windows to Python 3.9.12.
AI
- Added
--anomaly-cloud-logging
flag togcloud ai model-monitoring-jobs create|update
to allow logging anomaly to Cloud Logging.
Anthos Multi-Cloud
- Added
--ssh-ec2-key-pair
flag togcloud container aws clusters update
andgcloud container aws node-pools update
to update the name of the EC2 key pair to login into control plane or node pool nodes. - Added
--clear-ssh-ec2-key-pair
flag togcloud container aws clusters update
andgcloud container aws node-pools update
to clear the EC2 key pair to login into control plane or node pool nodes.
Cloud Run
- Fixed issue where some commands were missing from
gcloud beta run jobs
.
Cloud SQL
- Added
--enable-password-policy
flag togcloud sql instances create
andgcloud sql instances patch
for GA.
Compute Engine
- Promoted
--key-revocation-action-type
flag to beta forgcloud compute instance-templates create
. - Promoted
keyRevocationActionType
flag ofgcloud compute instances update-from-file
to beta. - Added
FIXED_STANDARD
to allowed list of values for--default-network-tier
flag.
Config Controller
- Updated output of
gcloud anthos config controller create
to not include the default Config Connector identity upon creation.
Eventarc
- Added
gcloud eventarc channels
group to interact with third-party sources. - Added
gcloud eventarc channel-connections
for event providers to create association with the user channel. - Added
--channel
argument togcloud eventarc triggers create
to specify associated channel.
Network Services
- Promoted
gcloud network-services service-bindings
to GA.
Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.
384.0.1 (2022-05-05)
Cloud Storage
- Updated gsutil component to 5.10. Google Cloud CLI version 384.0.0 included an older gsutil component (version 5.6) in deb, rpm, and snap packages. Version 384.0.1 includes gsutil component version 5.10 in the deb, rpm, and snap packages.
384.0.0 (2022-05-03)
Cloud Datastore Emulator
- Adds
--use-firestore-in-datastore-mode
flag togcloud [alpha|beta] emulators datastore start
command.
Cloud Resource Manager
- Promoted
--condition
flag to GA for the following commands:gcloud resources-manager tags keys <add_iam_policy_binding|create|delete|describe|get_iam_policy|list|remove_iam_policy_binding|set_iam_policy|update>
gcloud resources-manager tags values <add_iam_policy_binding|create|delete|describe|get_iam_policy|list|remove_iam_policy_binding|set_iam_policy|update>
gcloud resources-manager tags bindings <create|delete|list>
gcloud resources-manager tags holds <create|delete|list>
Cloud Run
- Promoted
gcloud beta run jobs
command group and all sub-commands to beta.
Cloud Storage
- Updated gsutil component to 5.10.
Compute Engine
- Started showing error messages on use of
gcloud compute ssl-certificates create
with--domains
and--region
flags together. Previously--region
flag was being ignored. - Promoted
--md5-authentication-key
flag ofgcloud compute routers add-bgp-peer
to beta. - Promoted
--md5-authentication-key
and--clear-md5-authentication-key
flags ofgcloud compute routers update-bgp-peer
to beta. - Updated import and export schemas for
gcloud compute backend-services
. - Promoted
--key-reservation-action-type
flag to beta forgcloud compute instances create
.
Config Connector
- Updated Google Cloud Config Connector to version 1.83.0. See Config Connector Overview for more details https://cloud.google.com/config-connector/docs/overview.
GKE Hub
- Fix a bug that RBAC policy produced by
generate-gateway-rbac
command could be removed unexpectedly. - Promoted the following commands to GA:
gcloud container hub mesh update
.gcloud container fleet mesh update
.
Kubernetes Engine
- Promoted fields
gpu-sharing-strategy
andmax-shared-clients-per-gpu
within--accelerator
flag to enable GPU sharing support.
Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.
383.0.1 (2022-04-26)
Google Cloud CLI
- Added back
--[no-]launch-browser
ingcloud auth login
andgcloud auth application-default login
.--no-browser
is the preferred and more secure auth flow in comparison. - Added back
--console-only
and--no-launch-browser
ingcloud init
. Use--no-browser
as the replacement.
383.0.0 (2022-04-26)
Breaking Changes
- (Google Cloud CLI) Removed
--[no-]launch-browser
ingcloud auth login
andgcloud auth application-default login
. Use--no-browser
as the replacement. - (Google Cloud CLI) Removed
--console-only
and--no-launch-browser
ingcloud init
. Use--no-browser
as the replacement. - (Compute Engine) Removed
--local-ssd=size=SIZE
fromgcloud beta compute instances create-with-container
due to the parameter being nonfunctional.
AI
- Modified
--region
flag ofgcloud ai endpoints
to include new online prediction regions. - Modified
--region
flag ofgcloud ai models
to include new online prediction regions.
Access Approval
- Added
gcloud access-approval service-account get
which retrieves the service account that is used by Access Approval to access KMS keys for signing approved approval requests.
App Engine
- Enables build environment variables to be set in app.yaml.
Artifact Registry
- Added new command
gcloud artifacts files list
to list files from a specified project and repository.
Cloud DNS
- Modified
gcloud dns managed-zones update
to allow detaching all networks from a private zone by setting--networks
to an empty string. - Modified
gcloud beta dns managed-zones update
to allow detaching all GKE clusters from a private zone by setting--gkeclusters
to an empty string. - Modified
gcloud beta dns managed-zones update
to allow updating the GKE clusters or networks bound to a private zone independently by setting only--gkeclusters
or--networks
.
Cloud Datastore Emulator
- Release Cloud Datastore Emulator version 2.2.0
- Adds a flag to support
Cloud Firestore in Datastore mode
product mode in the emulator.
- Adds a flag to support
Cloud Firestore Emulator
- Released Cloud Firestore emulator v1.14.3.
- Fixed exports throwing BufferOverflowException.
Cloud IAM
- Service Accounts SignJwt promoted to GA command.
Compute Engine
- Changed the default value of
--image-family
flag to debian-11 forgcloud compute instances create
andgcloud compute instance-templates create
commands.
Config Connector
- Updated Google Cloud Config Connector to version 1.82.0. See Config Connector Overview for more details https://cloud.google.com/config-connector/docs/overview.
Config Controller
- Let
gcloud anthos config controller create
print the default Config Connector identity, to allow easier subsequent permission grant. - Added
gcloud anthos config controller get-config-connector-identity
which prints the default Config Connector identity, to allow easier subsequent permission grant.
Identity and Access Management
- Added
--enable-imdsv2
flag togcloud iam workload-identity-pools create-cred-config
command to include AWS token Url to the credential source while generating AWS credentials config file.
Kubernetes Engine
- Added
--node-labels
,--node-taints
and--tags
flags togcloud container node-pools update
.
Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.
382.0.0 (2022-04-19)
Access Approval
- Added
--active_key_version
flag togcloud access-approval settings update
to set the crypto key version to use for signing approval requests.
Anthos Multi-Cloud
- Added
--proxy-secret-arn
flag togcloud container aws node-pools update
to update the Amazon Resource Name (ARN) of the AWS Secrets Manager secret containing a proxy configuration. - Added
--proxy-secret-version-id
flag togcloud container aws node-pools update
to update the version ID of the AWS Secrets Manager secret containing a proxy configuration. - Added
--clear-proxy-config
flag togcloud container aws node-pools update
to clear the proxy configuration associated with the node pool.
Apigee
- Fixed issue where
gcloud beta apigee archives list
would only list the first 25 archive deployments, even if more existed in the environment.
Binauthz
- Updated the following beta commands to better support IAM Conditions:
gcloud beta attestors get-iam-policy
outputs conditions associated with each binding.gcloud beta attestors set-iam-policy
accepts policies with conditional bindings.gcloud beta attestors <add|remove>-iam-policy-binding
accepts conditional bindings via new--condition
and--condition-from-file
flags.gcloud beta policy get-iam-policy
outputs conditions associated with each binding.gcloud beta policy set-iam-policy
accepts policies with conditional bindings.gcloud beta policy <add|remove>-iam-policy-binding
accepts conditional bindings via new--condition
and--condition-from-file
flags.
Cloud Composer
- Enabled nested Airflow commands for Airflow 1.10.14 and 1.10.15 in
gcloud composer environments run
.
Cloud Logging
- Added
--location
,--bucket
, and--view
flags t