Google Cloud CLI - Release Notes

Copyright 2014-2023 Google Inc. All rights reserved.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

448.0.0 (2023-09-26)

Breaking Changes

  • (Google Cloud CLI) Deprecated Python 3.5-3.7. The minimum supported Python version is Python 3.8.

Google Cloud CLI

  • Updated Mac installer to prompt to install Python 3.10.11.

Anthos On-Prem

  • Promoted gcloud container vmware admin-clusters to GA.
  • Promoted gcloud container vmware clusters to GA.
  • Promoted gcloud container vmware node-pools to GA.
  • Promoted gcloud container vmware operations to GA.
  • Promoted gcloud container bare-metal admin-clusters to GA.
  • Promoted gcloud container bare-metal clusters to GA.
  • Promoted gcloud container bare-metal node-pools to GA.
  • Promoted gcloud container bare-metal operations to GA.

App Engine

  • Fixed "https://github.com/GoogleCloudPlatform/java-docs-samples/issues/8659".

Artifact Registry

  • Improved error reporting for artifacts repositories set-cleanup-policies.
  • Added Registry URL to the output of artifacts repositories describe.
  • Added VEX_SCOPE column to gcloud artifact vulnerabilities list results.

Cloud Deploy

  • Fixed an issue where you couldn't create a release without clouddeploy.config.get permission.

Cloud Healthcare

  • Added --parser-version flag to gcloud healthcare hl7v2-stores create to enable specifying parser config version.
  • Updated gcloud healthcare hl7v2-stores list to include PARSER_VER header.

Cloud NetApp

  • Added --source-backup flag to gcloud beta netapp volumes {create,update} in order to introduce a source backup resource to restore to during disaster recovery.

Cloud Workstations

  • Added support for the replica zones flag in the beta workstations config create command.

Distributed Cloud Edge

  • Added --control-plane-kms-key flags to gcloud edge-cloud container clusters create command to allow specify a KMS key for the control plane data encryption of remote control plane clusters.
  • Fixed parsing of new cluster creation properties --system-addons-confg, --external-lb-ipv4-address-pools, --control-plane-node-count, --control-plane-machine-filter, --control-plane-shared-deployment-policy, --version, --release-channel, --version, and --release-channel.

Eventarc

  • Added destination-http-endpoint-uri, destination-http-endpoint-forward-dns-requests and network-attachment flags to gcloud eventarc triggers create as part of Eventarc integration with Message Streams.

Network Security

  • New flag to add description for Firewall Endpoint in create and update commands.

Vmware Engine

  • Deprecated --node-type-config flag from gcloud vmware private-clouds clusters update command.
  • Added --update-nodes-config and --remove-nodes-config flags in gcloud vmware private-clouds clusters update command.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

447.0.0 (2023-09-19)

Breaking Changes

  • (GKE Hub) Removed gcloud {alpha, beta} fleet namespaces. Use gcloud fleet scopes namespaces instead.
  • (GKE Hub) Removed gcloud {alpha, beta} fleet namespaces rbacrolebindings. Use gcloud fleet scopes rbacrolebindings instead.
  • (Network Connectivity) Deprecated gcloud network-connectivity spokes accept and gcloud network-connectivity spokes reject commands. Use gcloud network-connectivity hubs accept-spoke and gcloud network-connectivity hubs reject-spoke commands instead.

Google Cloud CLI

  • Improved post-processing times during gcloud components update and gcloud components install on macOS and Linux.
  • Fixed write permission check for gcloud auth enterprise-certificate-config create.

Anthos On-Prem

  • Added --vcenter-resource-pool, --vcenter-datastore, --vcenter-datacenter, --vcenter-cluster, --vcenter-folder, --vcenter-ca-cert-data, --vcenter-storage-policy-name to gcloud container vmware clusters create to specify vCenter configurations that are different from its admin cluster.

App Engine

Binauthz

  • Added flag --pae-encode-payload in command gcloud container binauthz attestations sign-and-create to generate DSSE format attestations.
  • Added flag --dsse-type in command gcloud container binauthz attestations sign-and-create to allow specifying the DSSE type for the attestations.

Cloud Dataproc

  • Added --secondary-worker-machine-types flags to gcloud dataproc clusters create.

Cloud Datastream

  • Fixed a bug updating the backfill policy of a stream.

Cloud Firestore Emulator

  • Release Cloud Firestore emulator v1.18.2
    • Remove nanosecond precision of event timestamp in the Firestore eventarc integration(2nd gen).
    • Fix a bug to make emulator consistent with production for queries.

Cloud Memorystore

  • Updated gcloud memcache instances create command to include MEMCACHE_1_6_15 as an allowed value for memcached-version flag.
  • Promoted the command gcloud memcache instances upgrade to GA.

Cloud NetApp

  • Fixed a crash when creating NetApp snapshots, backup policies, backup vaults.

Cloud Storage

  • Added the storage/parallel_composite_upload_prefix config option, which allows adjusting the paths of temporary components created during composite uploads.

Cloud TPU

  • Promote gcloud compute tpus tpu-vm update command and its --description flag to GA.

Compute Engine

  • Promoted --purpose=global-managed-proxy flag of gcloud compute networks subnets create to GA.

  • Added 'STANDARD_WITH_GRAPHQL' enum value to gcloud compute security-policies update --json-parsing and promoted it to beta.

  • Added specific-then-any-reservation and specific-then-no-reservation to the flag --reservation-affinity for alpha and beta in:

    • gcloud compute instances create
    • gcloud compute instances bulk create
    • gcloud compute instances-templates create

Database Migration

  • Added POSTGRES_15 database version option for --database-version flag to database-migration connection-profiles create cloudsql.
  • Added server side SSL support using --ca-certificate flag in database-migration connection-profiles create oracle.
  • Added oracle connection update support via database-migration connection-profiles update oracle.

Kpt

  • Updated kpt in Google Cloud CLI from 1.0.0-beta.43 to 1.0.0-beta.44.

Kubernetes Engine

  • Added --enable-backup-restore flag to gcloud container clusters create-auto to allow enabling Backup for GKE agent on Autopilot clusters at creation time.

Network Connectivity

  • Added gcloud network-connectivity hubs accept-spoke and gcloud network-connectivity hubs reject-spoke commands.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

446.0.1 (2023-09-14)

Cloud Run

  • Fixed race condition where tags could go to different Revisions than expected

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

446.0.0 (2023-09-12)

AlloyDB

  • Added the ability to specify a backup or source cluster using its full resource path when creating a restored cluster. This enables restoring across projects.

Anthos Multi-Cloud

  • Added --instance-type flag to gcloud container aws node-pools update to update the EC2 instance type of node pool nodes.

BigQuery

  • Added --external_source flag for dataset creation.
    • Updated bq show to display tags on a table.
    • Fixed an issue where a command could fail with little to no messaging. Other uncaught cases will need --debug_mode to get more information.
    • Fixed a bug when updating kms_key_name on a connection.
    • Improved logging for discovery doc load and authentication.
    • Utilized new python features with breaking changes for python 2.

Certificate Manager

  • Promoted gcloud certificate-manager trust-configs delete to GA.
  • Promoted gcloud certificate-manager trust-configs describe to GA.
  • Promoted gcloud certificate-manager trust-configs export to GA.
  • Promoted gcloud certificate-manager trust-configs import to GA.
  • Promoted gcloud certificate-manager trust-configs list to GA.

Cloud Billing

  • Added filter-resource-ancestors flag to gcloud billing budget CLI to include folders and organizations filter.

Cloud Composer

  • Added maintenance window flags for environment update:
    • --maintenance-window-start
    • --maintenance-window-end
    • --maintenance-window-recurrence
    • --clear-maintenance-window.

Cloud Dataplex

  • Added snake case support for dataplex datascans spec file.

Cloud Filestore

  • Updated --capacity flag description with High Scale tier capacity range.

Cloud Monitoring

  • Updated the format of gcloud beta monitoring metrics-scopes list <PROJECT_ID> to gcloud beta monitoring metrics-scopes list projects/<PROJECT_ID>.
  • Updated the format of gcloud beta monitoring metrics-scopes create <PROJECT_ID> to gcloud beta monitoring metrics-scopes create projects/<PROJECT_ID>.
  • Updated the format of gcloud beta monitoring metrics-scopes delete <PROJECT_ID> to gcloud beta monitoring metrics-scopes delete projects/<PROJECT_ID>.

Cloud NetApp

  • Add Standard service level to gcloud (alpha|beta) netapp storage-pools command group.
  • Removed explicit check on --volume in gcloud netapp volumes replications stop command.

Compute Engine

  • Added support for --cloudbuild-service-account flag for:

    • gcloud compute images import in GA;
    • gcloud compute instances import in GA;
    • gcloud compute machine_images import in GA.
  • Added alpha and beta versions of a new API named snapshot settings. Documentation of this feature will be available at https://cloud.google.com/compute/docs/disks/snapshot-settings following shortly after the release of this version of gcloud CLI.

Distributed Cloud Edge

  • Added --version and --release-channel flags to gcloud edge-cloud container clusters create command to allow specifying the cluster version and release channel.
  • Promoted --system-addons-confg, --external-lb-ipv4-address-pools, --control-plane-node-count, --control-plane-machine-filter, --control-plane-shared-deployment-policy, --version, and --release-channel flags from ALPHA to GA.

Network Security

  • Promoted gcloud network-security server-tls-policies delete to GA.
  • Promoted gcloud network-security server-tls-policies describe to GA.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

445.0.0 (2023-09-06)

Breaking Changes

  • (GKE Hub) Removed --security-posture and --workload-vulnerability-scanning flags of gcloud container fleet and gcloud beta container fleet.
    • --security-posture and --workload-vulnerability-scanning flags are not supported yet.
  • (GKE Hub) Updated anthos-support and users flags to be mutually exclusive in adding groups support to gcloud container fleet memberships generate-gateway-rbac command.

Google Cloud CLI

  • Fixed issue where the gcloud CLI would crash on unknown platforms.
  • Added a warning that --update-adc is now deprecated for 1st-party user credentials and replaced by gcloud auth application-default login.

Anthos Multi-Cloud

  • Promoted --enable-autorepair and --no-enable-autorepair of gcloud container aws node-pools create to GA.
  • Promoted --enable-autorepair and --no-enable-autorepair of gcloud container aws node-pools update to GA.
  • Promoted --enable-autorepair and --no-enable-autorepair of gcloud container azure node-pools create to GA.
  • Promoted --enable-autorepair and --no-enable-autorepair of gcloud container azure node-pools update to GA.
  • Added --admin-groups flag to gcloud container aws clusters create for setting groups as admins.
  • Added --admin-groups flag to gcloud container aws clusters update for setting groups as admins.
  • Added --admin-groups flag to gcloud container azure clusters create for setting groups as admins.
  • Added --admin-groups flag to gcloud container azure clusters update for setting groups as admins.
  • Added --admin-groups flag to gcloud container attached clusters create for setting groups as admins.
  • Added --admin-groups flag to gcloud container attached clusters register for setting groups as admins.
  • Added --admin-groups flag to gcloud container attached clusters update for setting groups as admins.
  • Added --proxy-secret-name and --proxy-secret-namespace flags to gcloud container attached clusters to configure an HTTP/HTTPS proxy for outbound traffic.
  • Added --binauthz-evaluation-mode flag to gcloud container aws clusters create to configure Binary Authorization evaluation mode.
  • Added --binauthz-evaluation-mode flag to gcloud container aws clusters update to configure Binary Authorization evaluation mode.
  • Added --binauthz-evaluation-mode flag to gcloud container attached clusters register to configure Binary Authorization evaluation mode.
  • Added --binauthz-evaluation-mode flag to gcloud container attached clusters update to configure Binary Authorization evaluation mode.
  • Added --clear-admin-groups and --clear-admin-users flags to gcloud container attached clusters update to clear admin users and groups from the cluster.

Cloud Billing

Cloud Build

  • Modified gcloud builds submit to support submitting a build with 2nd-gen repository resource.
  • Added --dir and --revision flag in gcloud builds submit command.

Cloud Deploy

  • Added support to fail fast when using an unsupported Skaffold version in the create release command.
  • Added a new command deploy get-config which gets the config for the specified region and project.

Cloud Firestore

  • Added Firestore backups feature support to Alpha.

Cloud NetApp

  • Added --restricted-actions flag to gcloud netapp volumes and gcloud beta netapp volumes during create and update.

Cloud Run

  • Added --dry_run flag to gcloud beta run services replace, which will validate the YAML service specification without applying it.
  • Modified the output format of gcloud run services describe and gcloud run revisions describe to support multiple containers.

Cloud SQL

  • Promoted --password-policy-disallow-compromised-credentials flag for gcloud sql instances create and gcloud sql instances patch to GA.

Cloud TPU

  • Fixed issue where gcloud compute tpus tpu-vm ssh is unable to login when project-level enable-oslogin:TRUE is configured and instance-level enable-oslogin is unset.

Compute Engine

  • Promoted the flag of --instance-template-region to GA in gcloud compute instance-templates create.
  • Promoted the flag of --region to GA in:
    • gcloud compute instance-templates list
    • gcloud compute instance-templates delete
    • gcloud compute instance-templates describe.

Distributed Cloud Edge

  • Added --version and --release-channel flags to gcloud edge-cloud container clusters create command to allow specifying the cluster version and release channel.

GKE Hub

  • Updated gcloud container fleet memberships generate-gateway-rbac to include handling for first-party groups (email) and third-party groups of the format principalSet://iam.googleapis.com/locations/global/workforcePools/example-pool/group/third party group.

Kpt

  • Updated kpt to v1.0.0-beta.43 release. Refer to release notes for more details.

Kubernetes Engine

  • Deprecate --enable-workload-config-audit, --enable-workload-vulnerability-scanning, and enable-security-posture flags in gcloud container clusters {create, create-auto, update}. The replacements for these are:
    • --enable-workload-config-audit -> --security-posture=standard
    • --enable-security-posture -> --security-posture=standard
    • --enable-workload-vulnerability-scanning -> --workload-vulnerability-scanning=standard
  • Added enterprise value to the available modes for --workload-vulnerability-scanning flag in the alpha and beta tracks.
  • Updated default kubectl from 1.27.4 to 1.27.5.
  • Additional kubectl versions:
    • kubectl.1.23 (1.23.17)
    • kubectl.1.24 (1.24.17)
    • kubectl.1.25 (1.25.13)
    • kubectl.1.26 (1.26.8)
    • kubectl.1.27 (1.27.5)
    • kubectl.1.28 (1.28.1)

Network Connectivity

  • Added gcloud network-connectivity hubs groups command group.
  • Added gcloud network-connectivity service-connection-policies update command.

Notebooks

  • Added --timeout-minutes to the following commands to allow specifying custom timeout for the diagnose operation.
    • gcloud notebooks instances diagnose
    • gcloud notebooks runtimes diagnose

Policy Troubleshooter

  • Promoted gcloud policy-intelligence troubleshoot-policy iam to GA.

Workbench

  • Fixed workbench instances diagnose flags.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

444.0.0 (2023-08-22)

AI

  • Added gcloud beta ai persistent-resources command group which supports creating and managing persistent resources for running custom training jobs.

AlloyDB

  • Added flag --availability-type to specify availability-type for an instance to the following commands:

    • gcloud alloydb instances create
    • gcloud alloydb instances update
    • gcloud alloydb instances create-secondary
  • Added the following flags of gcloud alloydb instances create and gcloud alloydb instances update to alpha, beta and GA:

    • --ssl-mode
    • --require-connectors
  • Added flag --allocated-ip-range-name to specify the allocated IP range for a cluster to the following commands:

    • gcloud alloydb clusters create
    • gcloud alloydb clusters restore
    • gcloud alloydb clusters create-secondary

Anthos Multi-Cloud

  • Added --node-labels flag to gcloud container aws node-pools update to update the labels assigned to node pool nodes.
  • Added --clear-node-labels flag to gcloud container aws node-pools update to clear the labels assigned to node pool nodes.

App Engine

BigQuery

  • Added --quota_project_id flag to force the quota project of a request.

Cloud Billing

  • Promoted gcloud billing accounts and gcloud billing projects to GA.

Cloud Dataplex

  • Promoted resource-read-access-mode flag in assets command group to GA.
  • Added export-results-table flag in datascans create data-profile command.

Cloud Dataproc

  • Added --min-num-workers flags to gcloud dataproc clusters create.
  • Added gcloud beta dataproc sessions to create and manage Dataproc interactive sessions.
  • Added gcloud beta dataproc session-templates to create and manage Dataproc session templates.

Cloud NetApp

  • Added gcloud netapp operations and gcloud netapp locations command group.

Cloud Run

  • Added gcloud beta run jobs executions cancel to allow cancelling a running Cloud Run job execution.

Compute Engine

  • Promoted support for Standby Policy for gcloud compute instance-groups managed create in Alpha.
  • Promoted support for Standby Policy for gcloud compute instance-groups managed update in Alpha.
  • Promoted compute routers get-nat-ip-info to GA.
  • Promoted gcloud compute future-reservations command group to beta.

Connectors

  • Added gcloud connectors command group. Commands in this group provide ways to interact with Integration Connectors resources.

Dataproc Metastore

  • Promoted gcloud metastore operations cancel to GA.

GKE Hub

  • Promoted GkeHub tenancy commands to GA.
    • Promoted gcloud container fleet methods to GA.
    • Promoted gcloud container fleet memberships bindings to GA.
    • Promoted gcloud container fleet scopes to GA.
    • Promoted gcloud container fleet scopes namespaces to GA.
    • Promoted gcloud container fleet scopes rbacrolebindings to GA.

Network Connectivity

  • Updated gcloud network-connectivity internal-ranges to support overlap-existing-subnet-range enum value for --overlaps flag during create and update.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

443.0.0 (2023-08-15)

AI

  • Added --notification-channels flag to gcloud beta ai model-monitoring-jobs create|update to allow sending alerts to notification channels.

AlloyDB

  • Added option for --cpu-count=96 in instances create and instances update commands.
  • Added support for specifying --database-version in clusters create command in alpha and beta tracks.

Anthos Multi-Cloud

  • Promoted --spot-instance-types flag of gcloud container aws node-pools create to GA.

Anthos On-Prem

  • Promoted gcloud vmware admin-clusters unenroll to beta.

Artifact Registry

  • Added --remote-apt-repo and --remote-apt-repo-path to gcloud artifacts repositories create to support Apt remote repos.
  • Added --remote-yum-repo and --remote-yum-repo-path to gcloud artifacts repositories create to support Yum remote repos.
  • Fixed issue where gcloud artifacts versions delete --delete-tags errors, when the package name has slashes.
  • Updated to use the project from URI of gcloud artifacts sbom export for requests.
  • Include InTotoSlsaProvenanceV1 in the process of computing SLSA build level.

Cloud Bigtable

  • Promoted gcloud bigtable backups copy to beta and GA.

Cloud Build

  • Remove gcloud builds triggers create gitlab-enterprise command.

Cloud DNS

  • Added support to allow specifying Global internal Application load balancers as health checked targets for Routing Policies.

Cloud Dataflow

  • Promoted gcloud dataflow jobs update-options from beta to GA.

Cloud Deploy

  • Enable "Uniform Bucket Level Access" by default for the Cloud Storage buckets created in gcloud deploy releases create.

Cloud Domains

  • Added information about an agreement between Google and Squarespace, Inc. to Cloud Domains gcloud domains registrations command group.

Cloud On Demand Scanning

  • Fixed issue with extracting packages from Go binaries with invalid dependency versions.

Cloud Storage

  • Fixed --uri flag for buckets list and objects list commands.

Compute Engine

  • Promoted AWS Origin Authentication in BackendService compute API to v1.
  • Added --managed-protection-tier flag to gcloud beta compute project-info update command.

Kubernetes Engine

  • Added --tpu-topology flag to gcloud container node-pools create for creating TPU node pools with a TPU topology. For more information on TPU topologies, see https://cloud.google.com/tpu/docs/types-topologies#tpu_topologies. flag when create a cluster.
  • Added hugepage related options inside existing --system-config-from-file flag for users to configure hugepages to clusters/nodepools.

Network Management

  • Updated gcloud network-management connectivity-tests list command to print details about Google-managed endpoints, networks, and forwarding rules.
  • Updated help text for the ipAddress argument in gcloud network-management connectivity-tests to keep it consistent with the currently supported scenarios.

Workbench

  • Fixed issue with metadata flag for gcloud workbench instances create.
  • Fixed issue with service-account-email flag for gcloud workbench instances create.
  • Fixed issue with machine_type flag for gcloud workbench instances update.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

442.0.0 (2023-08-08)

Artifact Registry

  • Added an argument group of two flags allow-sbom-generation and disable-sbom-generation to gcloud artifacts repositories create, to set the SBOM generation config of the repository.
  • Added an argument group of two flags allow-sbom-generation and disable-sbom-generation to gcloud artifacts repositories update, to set the SBOM generation config of the repository.
  • Added gcloud artifacts sbom export command to export SBOM into Google Cloud Storage.
  • Added gcloud artifacts sbom list command to list SBOMs.
  • Added gcloud artifacts sbom load command to upload a custom SBOM for an artifact.
  • Added gcloud artifacts vulnerabilities load-vex command to upload a vex statement.
  • Added gcloud artifacts vulnerabilities list command to list vulnerabilities for an artifact.

Bare Metal Solution

  • Promoted gcloud bms os-images list to GA.

BigQuery

  • Fixed a bug in discovery doc load when caching is used.
  • Fixed a bug that caused a crash in some common actions like bq show.

Cloud Dataflow

  • Added gcloud beta dataflow jobs update-options which updates properties of running dataflow jobs.

Cloud Functions

Cloud Memorystore

  • Added MEMCACHED_VERSION field to the output of the command gcloud memcache instances list to specify memcached version of the instance.

Cloud Run

  • Added --network, --subnet, --network-tags, --clear-network and --clear-network-tags flags to the following commands to allow enabling or disabling Direct VPC egress for a Cloud Run service or job:
    • gcloud beta run deploy
    • gcloud beta run services update
    • gcloud beta run jobs create
    • gcloud beta run jobs deploy
    • gcloud beta run jobs update
  • Added --args, --task-timeout, --tasks and --update-env-vars flags to gcloud beta run jobs execute to allow executing a Cloud Run job with runtime overrides.

Cloud SQL

  • Added --enable-private-service-connect, --allowed-psc-projects and --clear-allowed-psc-projects flags to gcloud sql instances create and gcloud sql instances patch to support Private Service Connect for Cloud SQL.
  • Added gcloud sql instances reencrypt, which re-encrypts a Cloud SQL CMEK instance with the current primary key version.

Cloud Services

  • Promoted gcloud services api-keys lookup to GA.

Compute Engine

  • Added support for version=12 and short-name=debian in --os-types for gcloud beta compute instances ops-agents policies [create|update].
  • Promoted --auto-network-tier flag of gcloud compute routers nats create and gcloud compute routers nats update to GA.
  • Added --local-ssd-recovery-timeout to specify the timeout to recover Local SSD to GA for:
    • gcloud compute instances create
    • gcloud compute instances create-with-container
    • gcloud compute instance-templates create
    • gcloud compute instances bulk create
    • gcloud compute instances set-scheduling
    • gcloud compute instances update-from-file
  • Added gcloud compute security-policies add/remove-layer7-ddos-defense-threshold-config.
  • Added --maintenance-interval to specify the frequency of planned maintenance events to beta for:
    • gcloud compute instance-templates create
  • Promoted --resource-policies flag for glcloud compute commitments createto to beta.
  • Promoted --resource-policies flag for glcloud compute commitments createto to GA.

Database Migration

  • Modified gcloud database-migration connection-profiles --help to specify what the host field value should be when --psc-service-attachment is also specified.
  • Added --edition to gcloud database-migration connection-profiles create cloudsql to allow creating a connection profile with the edition of the given Cloud SQL instance.
  • Added skip-validation param to gcloud database-migration migration-jobs start and gcloud database-migration migration-jobs restart to allow starting/restarting migration jobs without running validations.

Kpt

  • Updated kpt in Google Cloud CLI from 1.0.0-beta.37 to 1.0.0-beta.41.

Kubernetes Engine

  • flag when create a cluster.
  • Fixed issue of gcloud container cluster update --dataplane-v2-observability-mode resetting dataplane-v2-metrics to false.
  • Updated help-text by adding hyperdisk types to --disk-type choices.

Network Management

  • Added forwardingRule argument for destination in gcloud network-management connectivity-tests. This allows the user to run tests using a Forwarding Rule endpoint as a source.

Network Security

  • Added labels support for Security Profile create, add-override, delete-override and update-override commands.

Recommender

  • Added a list command for locations that lists all locations.

Transcoder

  • Added support for --batch-mode-priority flag when creating a new job.

Transfer

  • Log info about agent delete delays.
  • Fix bug for users mounting root with --mount-directories.

Workbench

  • Added gcloud workbench instances rollback to rollback workbench instances.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

441.0.0 (2023-08-01)

Artifact Registry

  • Include InTotoSlsaProvenanceV1 in the provenance output of gcloud artifacts docker images describe when using --show-provenance flag.
  • Deprecated artifacts repositories set-cleanup-policies --overwrite. The overwrite action is now the default behavior.

BigQuery

  • Fixed bug where local discovery docs were not loaded locally.
  • Added file_set_spec_type flag to support manifest Files in load jobs and external tables.

Cloud Bigtable

  • Updated --transactional-writes behavior in gcloud bigtable app-profile update to no longer silently disable transactional writes, if not specified. --no-transactional-writes must be used to disable transactional writes, as opposed to the previous behavior, which only required omitting --transactional-writes.

Cloud Build

  • Fixed issue where gcloud builds triggers update pubsub command returned invalid request when not providing pubsub topic.

Cloud Composer

  • Fixed an issue where using comments in the requirements.txt file broke updating Python packages.

Cloud Dataplex

  • Promoted datascans command group to GA.

Cloud Key Management Service

  • Added gcloud kms raw-encrypt and gcloud kms raw-decrypt commands to support raw symmetric encryption algorithms AES-128-GCM, AES-256-GCM, AES-128-CBC, AES-256-CBC, AES-128-CTR, and AES-256-CTR.

Cloud NetApp

  • Removed some extra fields in gcloud {beta, alpha} netapp {storage-pools, volumes, kms-configs} list due to messy output when too many fields.

Cloud Storage

  • Fixed behavior when preserving both symlinks and POSIX metadata on an OS with limited symlink support.
  • Fixed an issue clobbering an existing file on download if the file is a broken symlink.
  • Fixed an issue causing some hidden files to be skipped or transferred multiple times.
  • Added name field to objects and buckets list and describe commands.
  • Added bucket field to objects list and describe commands.

Cloud Workstations

  • Added --enable-nested-virtualization flag to gcloud workstations configs to enable nested virtualization on new or existing Cloud Workstation Configurations.

Compute Engine

  • Added new ENDPOINT_TYPE_MANAGED_PROXY_LB enum option to --endpoint-types flag of gcloud compute routers nats create in beta.
  • Promoted any-single-zone target distribution shape for regional managed instance groups to GA.
  • Promoted regional INTERNET_IP_PORT and INTERNET_FQDN_PORT Network Endpoint Groups in gcloud compute network-endpoint-groups to beta. Affected commands:
    • gcloud compute network-endpoint-groups create - support for Internet NEG types in regional scopes
    • gcloud compute network-endpoint-groups list-network-endpoints
    • gcloud compute network-endpoint-groups update <RESOURCE_NAME> --add-endpoint
    • gcloud compute network-endpoint-groups update <RESOURCE_NAME> --remove-endpoint
  • Update replica-zones support --create-disk=replica-zones for gcloud compute instance-templates create.
  • Promoted --purpose=global-managed-proxy flag of gcloud compute networks subnets create to beta.

Database Migration

  • Added gcloud database-migration conversion-workspaces describe-ddls which describes DDLs in a Database Migration Service conversion workspace.
  • Added gcloud database-migration conversion-workspaces describe-issues which describes issues in a Database Migration Service conversion workspace.
  • Added gcloud database-migration migration-jobs create to allow creating a migration job with a dump parallelization level.
  • Added gcloud database-migration migration-jobs update to allow configuring a migration job with a dump parallelization level.
  • Added --allocated-ip-range to gcloud connection-profiles create cloudsql to allow using an allocated subnet range when creating the destination Cloud SQL instance with a private connection.

GKE Hub

  • Updated gcloud container fleet memberships generate-gateway-rbac to include handling for third-party principals of the format principal://iam.googleapis.com/locations/global/workforcePools/example-pool/subject/third party user.

Kubernetes Engine

  • Updated default kubectl from 1.25.11 to 1.26.7.
  • Additional kubectl versions:
    • kubectl.1.21 (1.21.14)
    • kubectl.1.22 (1.22.17)
    • kubectl.1.23 (1.23.17)
    • kubectl.1.24 (1.24.16)
    • kubectl.1.25 (1.25.12)
    • kubectl.1.26 (1.26.7)
    • kubectl.1.27 (1.27.4)
  • Removed prerequisite for using --enable-master-global-access

Network Connectivity

  • Updated gcloud network-connectivity internal-ranges update to support setting and clearing overlaps.

Network Security

  • Added labels support for Security Profile Group create and update commands.

Policy Simulator

  • Added gcloud beta policy-intelligence simulate orgpolicy which runs a Simulation for OrgPolicy.

Pubsub Emulator

  • Fixed issue where messages may not be delivered in order when using unary pull.

Workbench

  • Added gcloud workbench to manage workbench instances.
  • Added gcloud workbench instances add-iam-policy-binding to add iam policy for workbench instances.
  • Added gcloud workbench instances delete to delete workbench instances.
  • Added gcloud workbench instances describe to describe workbench instances.
  • Added gcloud workbench instances get-iam-policy to get the iam policy for workbench instances.
  • Added gcloud workbench instances remove-iam-policy-binding to remove the iam policy binding for workbench instances.
  • Added gcloud workbench instances set-iam-policy to set the iam policy for workbench instances.
  • Added gcloud workbench instances reset to reset workbench instances.
  • Added gcloud workbench instances stop to stop workbench instances.
  • Added gcloud workbench instances start to start workbench instances.
  • Added gcloud workbench instances diagnose to diagnose workbench instances.
  • Added gcloud workbench instances upgrade to upgrade workbench instances.
  • Added gcloud workbench instances check-instance-upgradability to check upgradability of workbench instances.
  • Added gcloud workbench instances create to create workbench instances.
  • Added gcloud workbench instances update to update workbench instances.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

440.0.0 (2023-07-25)

Cloud Build

  • Updated help text for --comment-control flag in gcloud builds triggers bitbucket-server, gcloud builds triggers gitlab and gcloud builds triggers gitlab-enterprise to describe the allowed values.

Cloud Composer

  • Added --enable-high-resilience to gcloud composer environments update to enable high resilience mode for environments.
  • Added --disable-high-resilience to gcloud composer environments update to disable high resilience mode for environments.

Cloud DNS

  • Added support to allow specifying regional L7 forwarding rules as health checked targets for Routing Policies.

Cloud Healthcare

  • Added support for --stream-configs and --send-for-bulk-import flags to the following commands:
    • gcloud healthcare dicom-stores create
    • gcloud healthcare dicom-stores update
    • gcloud beta healthcare dicom-stores list
    • gcloud healthcare dicom-stores list

Cloud NetApp

  • Added LOCATION to fields to be listed in structured output during gcloud beta netapp volumes list.

Cloud Pub/Sub

  • Added a warning when --push-auth-token-audience and --push-auth-service-account flags are ignored due to missing dependent flags in gcloud pubsub subscriptions [create|update|modify-push-config] commands.

Cloud Storage

  • Modified buckets create so that multiple buckets can be created with a single command.

Compute Engine

  • Promoted --service-lb-policy flag of gcloud compute backend-services create and gcloud compute backend-services update to beta.
  • Promoted --type flag of gcloud compute routers nats create to beta.
  • Promoted --source-nat-active-ranges, --source-nat-active-ranges-region, --source-nat-drain-ranges, --clear-source-nat-drain-ranges and --source-nat-drain-ranges-region flags of gcloud compute routers nats rule update to beta.
  • Promoted --source-nat-active-ranges and --source-nat-active-ranges-region flags of gcloud compute routers nats rule create to beta.
  • Promoted new allowed value: PRIVATE_NAT for --purpose flag of gcloud compute networks subnets create to beta.
  • Promoted new :ALL range option for subnets passed to --nat-custom-subnet-ip-ranges flag of gcloud compute routers nats (create|update).
  • Promoted --security-profile-group and --[no-]tls-inspect flags for gcloud compute <network->firewall-policies rules <create|update> to beta.
  • Promoted gcloud compute resource-policies update snapshot-schedule to GA.
  • Promoted --force-update-on-repair flag of gcloud compute instance-groups managed <create | update> to GA.
  • Promoted --confidential-compute flag of gcloud compute disks create to beta.
  • Promoted --create-disk=confidential-compute for gcloud compute instances create to beta.

Container Registry

  • Fixed gcloud container images describe for gcr.io repos in Artifact Registry.

Kubernetes Engine

  • Updated broken links in gcloud container get-credentials help text.
  • Added --network-performance-configs=total-egress-bandwidth-tier=[DEFAULT|TIER_1] to gcloud container clusters create and gcloud container clusters update to allow setting default network performance tier for new node-pools. See gcloud container node-pools create.
  • Added --enable-multi-networking to gcloud container clusters create and added --additional-node-network and --additional-pod-network to gcloud container node-pools create to allow creation of multi-networking enabled clusters with additional node and pod networks.
  • Added --placement-policy flag to gcloud container clusters create command.
  • Added --placement-policy flag to gcloud container node-pools create command.
  • Disabled --enable-insecure-kubelet-readonly-port flag.
  • Updated help-text by removing --release-channel=NONE option for gcloud container create-auto. This option is not available for create-auto since Autopilot cluster must be subscribed to a release-channel.

Transcoder

  • Added support for --optimization flag when creating a new job.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

439.0.0 (2023-07-18)

Breaking Changes

  • (Kubernetes Engine) Renamed --binauthz-policy to --binauthz-policy-bindings in gcloud beta container clusters commands.

App Engine

Assured Workloads

  • Added --partner-permissions flag (optional) for gcloud assured workloads create command to enable setting the partner permissions parameter for creation of partner workload (workload managed by local trusted partners) through gCloud command.

BigQuery

  • Updated bundled discovery docs to revision 20230614.
  • Fixed bug stopping httplib2_debuglevel from being used.
  • Added file_set_spec_type flag to support manifest Files in load jobs and external tables.
  • Added destination_kms_key to create / update transfer configs.

Cloud Bigtable

  • Added --change-stream-retention-period flag to gcloud bigtable instances tables create and gcloud bigtable instances tables update.
  • Added --clear-change-stream-retention-period flag to gcloud bigtable instances tables update.
  • Rebuilt with golang 1.20.6 to address CVEs present in prior versions.

Cloud Bigtable Emulator

  • Rebuilt with golang 1.20.6 to address multiple CVEs in prior versions of golang.
  • Added support for reverse scans.

Cloud Build

  • Promoted gcloud builds triggers update to GA.

Cloud Datastream

  • Fixed issue where creating an oracle profile with streamLargeObjects field returned an error.

Cloud Functions

  • Updated gcloud functions deploy to prompt to allow unauthenticated invocations for new 2nd gen functions before deploying. This aligns with the behavior for new 1st gen functions.

Cloud IAM

  • Added --web-sso-additional-scopes flag to gcloud iam workforce-pools providers create-oidc and gcloud iam workforce-pools providers update-oidc which allows specification of additional OIDC scopes for web sign-in.

Cloud Memorystore

  • Added --reserved-ip-range-id flag to gcloud memcache instances create to allow specifying named allocations while creating an instance.

Cloud Pub/Sub

  • Promoted --push-no-wrapper and --push-no-wrapper-write-metadata flags of gcloud pubsub subscriptions [create|update|modify-push-config] to GA. Adds the ability to set and update payload unwrapping properties for push subscriptions. For more information, see the https://cloud.google.com/pubsub/docs/payload-unwrapping.

Cloud SQL

  • Added --[no-]recreate-replicas-on-primary-crash flag to gcloud sql instances create and gcloud sql instances patch to enable/disable replica recreation when a Mysql primary instance operating in reduced durability mode crashes.

Cloud Spanner

  • Added --priority flag to gcloud spanner databases execute-sql to allow setting request priority for the query to convey the relative importance of workloads.

Cloud Storage

  • Fixed gcloud storage buckets update --clear-log-bucket behavior so it now clears the entire logging configuration.
  • Promoted gcloud storage du command to GA.
  • Promoted gcloud storage hmac command group to GA.
  • Promoted gcloud sign-url command to GA.
  • Standardized resource format for describe and list commands across API providers. Use --raw flag to get the old API-specific format.

Compute Engine

  • Promoted --custom-learned-route-priority and --set-custom-learned-route-ranges flags of gcloud compute routers add-bgp-peer to GA.
  • Promoted --custom-learned-route-priority, --set-custom-learned-route-ranges, --add-custom-learned-route-ranges and --remove-custom-learned-route-ranges flags of gcloud compute routers update-bgp-peer to GA.
  • Promoted --http-keep-alive-timeout-sec flag for gcloud compute <target-http-proxies|target-https-proxies> <create|update> to GA.
  • Promoted --clear-http-keep-alive-timeout-sec flag for gcloud compute <target-http-proxies|target-https-proxies> update to GA.
  • Added --local-ssd-recovery-timeout to specify the timeout to recover Local SSD to beta for:
    • gcloud compute instances create
    • gcloud compute instances create-with-container
    • gcloud compute instance-templates create
    • gcloud compute instances bulk create
    • gcloud compute instances set-scheduling
    • gcloud compute instances update-from-file
  • Added --requested-features flag to gcloud compute interconnects create to allow requesting MACSec support for an Interconnect.
  • Promoted --requested-features flag of gcloud compute interconnects create to beta.
  • Promoted gcloud compute interconnects macsec get-config to beta.
  • Promoted gcloud compute interconnects macsec update to beta.
  • Promoted gcloud compute interconnects macsec add-key to beta.
  • Promoted gcloud compute interconnects macsec remove-key to beta.
  • Added gcloud compute interconnects macsec update-key to allow updating MACSec pre-shared keys.
  • Promoted gcloud compute interconnects macsec update-key to beta.
  • Custom machine type validation in regional gcloud compute instances bulk create command has been fixed.

GKE Hub

  • Promoted gcloud container fleet fleetobservability to GA.

Kubernetes Engine

  • Updated broken links in gcloud container get-credentials help text.
  • Added --enable-dataplane-v2-metrics and --dataplane-v2-observability-mode flags to gcloud container clusters create, gcloud container clusters create-auto and gcloud container clusters update.

Network Security

  • Updated import/export schema for gcloud network-security tls-inspection-policies with new fields in beta.
  • Security Profile Groups and Security Profiles only supports global location. --location flag now takes default global as location.
  • Updated Firewall Endpoint Associations resource to accept TLS inspection policy with an optional flag.

Security Command Center

  • Add deprecation notices to gcloud scc assets commands which are being deprecated in favor of Cloud Asset Inventory APIs.

Workbench

  • Added gcloud workbench to manage workbench instances.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

438.0.0 (2023-07-11)

Breaking Changes

  • (AI) Modified gcloud ai index-endpoints create to create public endpoint by default. Set --network flag to create private endpoint.
  • (Cloud IAM) Make --web-sso-response-type and --web-sso-assertion-claims-behaviorflag required in gcloud iam workforce-pools providers create-oidc.
  • (Stackdriver Debugger) Deleted gcloud deploy. Cloud Debugger is deprecated and was shut down May 31, 2023. For more information, see https://cloud.google.com/debugger/docs/deprecations.

Artifact Registry

  • Added artifacts repositories set-cleanup-policies.
  • Added artifacts repositories list-cleanup-policies.
  • Added artifacts repositories delete-cleanup-policies.

Backup For GKE

  • Added the following flags to gcloud container backup-restore restore-plans create and gcloud container backup-restore restore-plans update to expand cluster resource restore scope options:
    • --cluster-resource-scope-all-group-kinds
    • --cluster-resource-scope-selected-group-kinds
    • --cluster-resource-scope-excluded-group-kinds
    • --cluster-resource-scope-no-group-kinds
  • Deprecated --cluster-resource-restore-scope. Use --cluster-resource-selected-group-kinds instead.
  • Added the following flags to gcloud container backup-restore restore-plans create and gcloud container backup-restore restore-plans update to expand namespaced resourced restore scope options:
    • --no-namespaces
    • --excluded-namespaces

Cloud Build

  • Add E2_MEDIUM machine type.
  • Promoted gcloud builds connections and gcloud builds repositories to GA.
  • Promoted gcloud builds triggers create gitlab to GA.

Cloud Datastore Emulator

  • Released Cloud Datastore emulator v2.3.1
    • Fixed bug which caused /reset to never return a response.

Cloud Functions

  • Added warning and prompting to gcloud functions get-iam-policy and gcloud functions remove-iam-policy-binding about needing to bind the roles/run.invoker role for 2nd gen functions.

Cloud Healthcare

  • Added --stream-configs flag to the following commands:
    • gcloud beta healthcare dicom-stores create
    • gcloud beta healthcare dicom-stores update

Cloud IAM

  • Added --client-secret-value flag to gcloud iam workforce-pools providers create-oidc and gcloud iam workforce-pools providers update-oidc which allow user to setup client secret for authorization code flow.
  • Added --clear-client-secret flag to gcloud iam workforce-pools providers update-oidc which allow user to clear client secret setup for authorization code flow.
  • Added code as value for --web-sso-response-type flag to gcloud iam workforce-pools providers create-oidc and gcloud iam workforce-pools providers update-oidc which allow user to setup authorization code flow.
  • Added merge-user-info-over-id-token-claims as value for --web-sso-assertion-claims-behavior flag to gcloud iam workforce-pools providers create-oidc and gcloud iam workforce-pools providers update-oidc which allow user to merge the UserInfo Endpoint Claims with ID Token Claims, preferring UserInfo Claim Values for the same Claim Name.

Cloud Pub/Sub

  • Promoted --cloud-storage-bucket, --cloud-storage-file-prefix, --cloud-storage-file-suffix, --cloud-storage-max-bytes, --cloud-storage-max-duration, --cloud-storage-output-format and --cloud-storage-write-metadata flags of gcloud pubsub subscriptions create to GA. Adds the ability to set Cloud Storage configuration options in Cloud Pub/Sub subscriptions. For more information, see the https://cloud.google.com/pubsub/docs/cloudstorage.
  • Promoted --cloud-storage-bucket, --cloud-storage-file-prefix, --cloud-storage-file-suffix, --cloud-storage-max-bytes, --cloud-storage-max-duration, --cloud-storage-output-format, --cloud-storage-write-metadata, and --clear-cloud-storage-config flags of gcloud pubsub subscriptions update to GA. Adds the ability to update Cloud Storage configuration options in Cloud Pub/Sub subscriptions. For more information, see the https://cloud.google.com/pubsub/docs/cloudstorage.

Cloud SQL

  • Added gcloud sql operations cancel to cancel an operation running on a Cloud SQL instance.
  • Added edition and enable-data-cache flags to gcloud sql instances create and gcloud sql instances patch to support Edition and Data Cache.
  • Added show-edition flag to gcloud sql instances list and gcloud sql tiers list to display Edition.

  • Added --password-policy-disallow-compromised-credentials flag to gcloud sql instances create and gcloud sql instances patch for ALPHA and BETA.

Cloud Storage

  • Updated gsutil component to 5.25.
  • Fix a bug preventing nested directory symlinks from being preserved when uploading a directory recursively.

Cloud Workstations

  • Updated --machine-type flag for configs command to accept any string.

Compute Engine

  • Added 23.04 to allowed list of values for --version of gcloud beta compute instances ops-agents policies [create|update].
  • Promote --instance-kms-key flag of gcloud compute instance create to GA.
  • Promoted --preference flag of gcloud compute backend-services add-backend and gcloud compute backend-services update-backend to beta.
  • Added --allow-cidr-routes-overlap flag to gcloud beta compute networks subnets update command.
  • Added SEV_SNP_CAPABLE to the list of guestOsFeatures.
  • Added support for clearing fields to gcloud beta compute security-policies remove-user-defined-field and gcloud beta compute security-policies rules update.

GKE Hub

  • Modified gcloud container fleet memberships register command to validate that the --manifest-output-file flag is only used with the --install-connect-agent flag.

Kpt

  • Updated kpt in Google Cloud CLI from 1.0.0-beta.35 to 1.0.0-beta.37.

Kubernetes Engine

  • Added new kubedns option to --cluster-dns to allow KubeDNS to be explicitly specified as the cluster DNS provider.
  • Added GcsFuseCsiDriver option to --addons flag of gcloud container clusters create to enable the Cloud Storage FUSE Container Storage Interface (CSI) Driver.
  • Added GcsFuseCsiDriver option to --update-addons flag of gcloud container clusters update to enable/disable the Cloud Storage FUSE Container Storage Interface (CSI) Driver.
  • Updated default kubectl from 1.25.9 to 1.25.11.
  • Additional kubectl versions:
    • kubectl.1.21 (1.21.14)
    • kubectl.1.22 (1.22.17)
    • kubectl.1.23 (1.23.17)
    • kubectl.1.24 (1.24.15)
    • kubectl.1.25 (1.25.11)
    • kubectl.1.26 (1.26.6)
    • kubectl.1.27 (1.27.3)

Network Connectivity

  • Added gcloud network-connectivity hubs add-iam-policy-binding, gcloud network-connectivity hubs remove-iam-policy-binding, gcloud network-connectivity hubs get-iam-policy, and gcloud network-connectivity hubs set-iam-policy commands.
  • Added gcloud network-connectivity hubs list-spokes command which supports listing all spokes associated with a hub.
  • Added gcloud network-connectivity hubs route-tables command group which supports listing and describing route tables.
  • Added gcloud network-connectivity hubs route-tables routes command group which supports listing and describing routes.
  • Added gcloud network-connectivity spokes accept and gcloud network-connectivity spokes reject commands.
  • Added --global flag to gcloud network-connectivity spokes delete, gcloud network-connectivity spokes describe, and gcloud network-connectivity spokes list commands.
  • Added gcloud network-connectivity spokes linked-vpc-network command group which supports creating and updating VPC spokes.

Network Security

  • Added gcloud network-security firewall-endpoint-associations update to alpha and beta. This command updates the labels and TLS inspection policy of Cloud Firewall Plus associations.

Network Services

  • Promoted gcloud network-services service-lb-policies to beta.

Recaptcha

  • Added --skip-billing-check to recaptcha keys migrate. If usage is under the free quota, the billing check can be safely skipped.

Recommender

  • Added list insight-types to beta for recommender surface.
  • Added list recommenders to beta for recommender surface.
  • Updated list insights to use beta list insight-types command.
  • Updated list recommendations to use beta list recommenders command.

Security Command Center

  • Updated gcloud scc findings documentation to fix an invalid finding id used in examples.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

437.0.1 (2023-06-30)

Cloud Storage

  • Reverted change that broke gcloud storage cp with relative path characters.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

437.0.0 (2023-06-27)

Anthos Multi-Cloud

  • Modified gcloud container aws node-pools list and gcloud container azure node-pools list to fetch server configurations and to give a warning when any of the node pools are running an end-of-life version.

App Engine

Artifact Registry

  • Updated the output of gcloud artifacts docker images describe to include SBOM location information.
  • Added flag --show-sbom-references to gcloud artifacts docker images describe to list SBOM reference occurrences.
  • Updated the output of gcloud artifacts docker images describe with flag --show-all-metadata to include SBOM reference occurrences.
  • Added Go as an option of --repository-format flag of gcloud artifacts repositories create to create Go repositories.
  • Added gcloud artifacts go upload command to upload Go modules.

Cloud Bigtable

  • The maximum retention period for a Cloud Bigtable backup has been increased from 30 days to 90 days, giving you more robust data protection and data quality control. For more information on how Bigtable backups work, see https://cloud.google.com/bigtable/docs/backups.

Cloud Build

  • Added gcloud beta builds connections create gitlab and gcloud beta builds connections update gitlab.

Cloud Filestore

  • Added --tier=ZONAL flag to gcloud beta filestore instances create to support a zonal filestore instance creation.

Cloud NetApp

  • Removed a print statement that led to messy output during gcloud beta netapp volumes replications create.

Cloud SQL

  • Added gcloud beta sql instances reencrypt, which re-encrypts a Cloud SQL CMEK instance with the current primary key version in beta.

Cloud Storage

  • Release rsync command

Compute Engine

  • Gcloud compute will now retry two times if its follow-up Operations.Wait|Get requests return 503 error.

GKE Hub

  • Added gcloud container fleet memberships support-access which allows users to manage Support access.

Network Security

  • Added gcloud network-security firewall-endpoints update to alpha and beta. This command updates the labels of Cloud Firewall Plus endpoints.

Recaptcha

  • Removed gcloud recaptcha firewallpolicies surface and all commands within. Please use gcloud recaptcha firewall-policies instead.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

436.0.0 (2023-06-21)

AlloyDB

  • Promoted AlloyDB Inject Fault commands to GA track. Modified commands include: alloydb instances inject-fault.

Anthos Multi-Cloud

  • Modified gcloud container aws node-pools describe and gcloud container azure node-pools describe to fetch server configurations and to give a warning when the nodepool is running an end-of-life version.
  • Modified gcloud container aws clusters list and gcloud container azure clusters list to fetch server configurations and to give a warning when any of the clusters are running an end-of-life version.

Batch

  • Promoted Batch submit job optional prefix feature to beta and GA.

Cloud Deploy

  • Added new --deploy-parameters to gcloud deploy releases create command. When used, deploy parameters will be set for the release.
  • Added gcloud deploy rollouts advance, gcloud deploy rollouts cancel, gcloud deploy rollouts ignore-job, and gcloud deploy job-runs terminate commands for the Deployment Strategies GA launch.

Cloud Firestore Emulator

  • Release Cloud Firestore emulator v1.18.1
    • Added a new emulator configuration to start with experimental mode.

Cloud Functions

  • Fixed issue where gcloud functions deploy could fail in certain cases if the caller was missing permissions to get the project IAM policy.

Cloud IAM

  • Added flags --folder and --organization to gcloud beta services identity create.
    • Support folder and organization level service agents creation, in addition to project level service agents.

Cloud NetApp

  • Added --force parameter to gcloud beta netapp volumes replications stop to force stop a replication during a data transfer.

Cloud SQL

  • Added --preferred-zone flag to gcloud sql instances clone --point-in-time to support point in time recovery to a specified zone for PostgreSQL.
  • Added gcloud sql instances get-latest-recovery-time command to get the latest recovery time for a PostgreSQL instance.

Cloud Spanner

  • Promoted spanner databases update command to beta and GA tracks.

Cloud Storage

  • Fixed issue where certain gcloud storage commands would fail to load when the PATH environment variable was not set.

Cloud Workstations

  • Promoting workstations, workstations configs, and workstations clusters commands to GA.

Compute Engine

  • Promoted --instance-kms-key flag of gcloud compute instance create to beta.
  • Promoted --max-count-per-zone flag of gcloud compute instances bulk create to v1. Flag defines maximum number of instances that can be created per zone for regional bulk insert.
  • Promoted disk-consistency-group argument of gcloud compute resource-policies create to GA.
  • Promoted --primary-disk, --primary-disk-project, --primary-disk-region, and --primary-disk-zone of gcloud compute disks create to GA.
  • Promoted gcloud compute disks start-async-replication to GA.
  • Promoted gcloud compute disks stop-async-replication to GA.
  • Promoted gcloud compute disks stop-group-async-replication to GA.
  • Promoted gcloud compute disks bulk create to GA.
  • Added deny as a choice for --action and--exceed-action of gcloud compute security-policies rules create|update.

Kubernetes Engine

  • Added --sole-tenant-node-affinity-file flag to gcloud container node-pools create for creating node pools backed by sole tenant node groups. For more information see https://cloud.google.com/kubernetes-engine/docs/how-to/sole-tenancy.
  • Added --security-posture and --workload-vulnerability-scanning flags to gcloud container clusters create, gcloud container clusters create-auto, and gcloud container clusters update for controlling GKE Security Posture features.

  • Added --workload-policies flag to gcloud container clusters create-auto and gcloud container clusters update for enabling NET_ADMIN privilege. Added --remove-workload-policies flag to gcloud container clusters update for disabling NET_ADMIN privilege.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

435.0.1 (2023-06-14)

Cloud Firestore

  • Removed the --enable-pitr flag from gcloud firestore databases <create|update> which was causing firestore database creation failures.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

435.0.0 (2023-06-13)

Breaking Changes

  • (Compute Engine) Modified quota exceeded errors to show future limit and rollout status information to user in addition to original error message.

Anthos Multi-Cloud

  • Modified gcloud container aws clusters describe and gcloud container azure clusters describe to fetch server configurations and to give a warning when the cluster is running an end-of-life version.
  • Added --root-volume-throughput flag to gcloud container aws clusters and gcloud container aws node-pools to support customizable EBS root volume throughput.
  • Added --main-volume-throughput flag to gcloud container aws clusters create to support customizable EBS main volume throughput.
  • Added --disable-per-node-pool-sg-rules flag to gcloud container aws clusters create and gcloud container aws clusters update to disable the default security group rules provisioned for each node pool.
  • Added --enable-per-node-pool-sg-rules flag to gcloud container aws container clusters update to re-enable the default security group rules provisioned for each node pool.

Cloud Bigtable

  • Add ability to count rows for a prefix.

Cloud Filestore

  • Added --kms-key flag to gcloud filestore backups create, which allows an Enterprise or High Scale backup to be created that is encrypted with a CMEK key." => "which creates a backup with an associated customer-managed encryption key (CMEK). Only available for Enterprise or High Scale tier instances.
  • Added --instance-location flag to gcloud filestore backups create, which accepts either a zone or region and allows clients to restore Basic HDD, Basic SSD, and Enterprise tier backups.

Cloud Functions

  • Promoted --docker-repository, --kms-key, clear-docker-repository, and --clear-kms-key flags of gcloud functions deploy --gen2 to GA, which bring CMEK support for Cloud Functions 2nd Gen.

Cloud NetApp

  • Added gcloud beta netapp group which includes gcloud beta netapp storage-pools, gcloud beta netapp volumes, gcloud beta netapp active-directories, gcloud beta netapp kms-configs, gcloud beta netapp locations, gcloud beta netapp operations, gcloud beta netapp volumes snapshots, and gcloud beta netapp volumes replications.

Cloud Run

  • Promoted gcloud run services proxy to GA. This command allows you to proxy a service or a revision to localhost. Requests will be authenticated as the current SDK account, or with a provided token.

Cloud TPU

  • Fixed bug so that gcloud compute tpus tpu-vm ssh respects instance preference of setting enable-oslogin to false.

Compute Engine

  • Promoted source-instant-snapshot flag of gcloud compute disks create to beta.
  • Promoted --source-instant-snapshot, --source-instant-snapshot-zone and --source-instant-snapshot-region flags of gcloud compute snapshots create to beta.
  • Promoted gcloud compute instant-snapshots create to beta.
  • Promoted gcloud compute instant-snapshots delete to beta.
  • Promoted gcloud compute instant-snapshots describe to beta.
  • Promoted gcloud compute instant-snapshots list to beta.
  • Promoted gcloud compute instant-snapshots add-labels to beta.
  • Fixed bug in handling quota exceeded error with gcloud compute commitments create command.
  • Added force-attach support to gcloud compute instances create.
  • Added --recaptcha-action-site-keys and --recaptcha-session-site-keys to gcloud beta compute security-policies rules create|update.
  • Added --network-user-defined-fields, --network-src-ip-ranges, --network-dest-ip-ranges, --network-ip-protocols, --network-src-ports, --network-dest-ports, --network-src-region-codes, and --network-src-asns to gcloud beta compute security-policies rules create|update.
  • Added gcloud beta compute security-policies add-user-defined-fields and gcloud beta compute security-policies remove-user-defined-fields commands.
  • Added --security-policy and --security-policy-region to gcloud beta compute instances network-interfaces update.
  • Added gcloud beta compute target-pools update and gcloud beta compute target-instances update commands.

Kpt

  • Updated kpt in Google Cloud CLI from 1.0.0-beta.34 to 1.0.0-beta.35.

Kubernetes Engine

  • Undeprecated and unhid --logging and --monitoring flags from gcloud container clusters create-auto.

  • Added a new command gcloud container clusters check-autopilot-compatibility which returns a list of autopilot compatibility issues of the given cluster.

Vmware Engine

  • Added commands for managing resources:

    • Private connections:
    • Added commands to perform CRUD
    • Retrieving exchanged routes

    • Subnets:

    • Added commands to describe and update a subnet

    • Private clouds:

    • Added ability to create a time limited PC

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

434.0.0 (2023-06-06)

AlloyDB

  • Promote Continuous Backups related commands to the GA track, which include changes to gcloud alloydb clusters create, gcloud alloydb clusters update and gcloud alloydb clusters restore.

Anthos On-Prem

  • Modified gcloud container vmware admin-clusters list. When specifying --location=-, or when both --location and gcloud configuration container_vmware/location are not specified, return admin clusters in all locations of the specified project.

Cloud Functions

  • Updated gcloud functions logs read to read function logs from both 1st gen and 2nd gen functions when no function name is provided unless --gen2 or --no-gen2 is set.

Cloud Key Management Service

  • Promoted gcloud kms inventory which allows viewing and tracking of keys across cloud resources.

Cloud Logging

  • Promoted --custom-writer-identity flag of gcloud logging sinks create to beta and GA.
  • Promoted --custom-writer-identity flag of gcloud logging sinks update to beta and GA.

Compute Engine

  • Updated the Interconnect attachment Bring Your Own IP (BYOIP) IPv6 fields to be unavailable.
  • Added --size flag to gcloud compute disks update to support size update.
  • Added hyperdisk-balanced support to gcloud compute disks create and gcloud compute instances create.
  • Added --per-instance-hostnames flag to gcloud compute instances bulk create for alpha and beta.
  • Promoted --http-keep-alive-timeout-sec flag for gcloud compute <target-http-proxies|target-https-proxies> <create|update> and --clear-http-keep-alive-timeout-sec flag for gcloud compute <target-http-proxies|target-https-proxies> update to beta.

Dataproc Metastore

  • Promoted --endpoint-protocol flag to GA.

Kubernetes Engine

  • Added --enable-fqdn-network-policy flag to gcloud beta container clusters create and gcloud beta container clusters update.

Recommender

  • Added a list command for insights that lists all available insight types.
  • Added a list command for recommenders that lists all available recommenders.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

433.0.1 (2023-06-1)

Google Cloud CLI

  • Disabled self-signed jwt usage for service accounts.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

433.0.0 (2023-05-31)

Breaking Changes

  • (Cloud Run) Added --[no-]async flags to gcloud run jobs delete and gcloud run jobs executions delete with a default value of --no-async. Changed these two commands to wait for delete operation by default.

Google Cloud CLI

  • Fixed issue where running the install script from within the root google-cloud-sdk directory would crash with an unactionable error when new versions of certain components were made available prior to installation.

AlloyDB

  • Promoted AlloyDB Cross Region Replication commands to GA track. Modified commands include: alloydb clusters create-secondary, alloydb clusters promote, alloydb instances create-secondary.

Anthos On-Prem

  • Modified gcloud container bare-metal admin-clusters list. When specifying --location=-, or when both --location and gcloud configuration container_bare_metal/location are not specified, return admin clusters in all locations of the specified project.

Artifact Registry

  • Updated the output of gcloud artifacts docker images list with flag --show-occurrences to include SBOM reference occurrences.

Certificate Authority Service

  • Added --publishing-encoding-format flag to gcloud privateca pools create and gcloud privateca pools update to allow users to optionally publish DER encoded CA certificates and CRLs to Google Cloud Storage buckets.

Cloud Build

  • Added flag to specify substitutions in gcloud builds triggers run.
  • Modified --branch, --tag, --sha flags to be optional in gcloud builds triggers run command.

Cloud Composer

  • Added --enable-high-resilience to gcloud composer environments create to create environments with high resilience mode.
  • Added gcloud composer environments database-failover to manually run a database failover for environments with high resilience enabled.
  • Added gcloud composer environments fetch-database-properties to fetch airflow database properties for Composer environments.

Cloud Logging

  • Added logging_service_account_id to settings describe response.

Cloud SQL

  • Added --no-recovery, --bak-type and --recovery-only flags to gcloud sql import bak and added --bak-type and --differential-base flags to gcloud sql export bak to enable the differential import/export feature for SQL Server.

Cloud Workstations

  • Added --accelerator-type and --accelerator-count flags to gcloud beta workstations configs create.

Compute Engine

  • Fixed bug in handling quota exceeded error with gcloud compute commitments create command.
  • Added --region flag to gcloud beta compute security-policies rules commands.
  • Deprecated --no-client-ttl and --no-max-ttl arguments of gcloud compute [backend-services|backend-buckets] [create|update].

Kpt

  • Updated kpt in Google Cloud CLI from 1.0.0-beta.33 to 1.0.0-beta.34.

Kubernetes Engine

  • Added --enable-best-effort-provision and --min-provision-nodes to gcloud container node-pools create to turn on best effort provisioning for node pool creation.

Network Security

  • Added network-security firewall-endpoint-associations commands to manage Cloud Firewall Plus endpoint associations, and promoted them to beta.
  • Promoted commands under gcloud network-security address-groups to GA.
  • Promoted commands under gcloud network-security org-address-groups to GA.

Security Command Center

  • Added gcloud topic datetimes support for gcloud scc command group timestamp and duration flags.

Transfer

  • Added --docker-network flag to gcloud transfer agents install to allow configuration of the underlying Docker container's network.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

432.0.0 (2023-05-23)

AI

  • Added --public-endpoint-enabled flag to gcloud ai index-endpoints create to support public endpoint.
  • Modified --network flag of gcloud ai index-endpoints create to be optional.

Anthos On-Prem

  • Added --disable-control-plane-v2 flag to gcloud container vmware clusters create to explicitly disable the use of control plane v2 feature.
  • --enable-control-plane-v2 in gcloud container vmware clusters create is by default set for version 1.15+.
  • Added --ignore-errors flag to gcloud container bare-metal admin-clusters unenroll. If set, the unenrollment of a bare metal admin cluster resource will succeed even if errors occur during unenrollment.

Artifact Registry

  • Changed IAM policy analysis scope to the root of project in gcloud beta artifacts docker upgrade print-iam-policy.

BigQuery

  • Fixed bug to ensure show works with encrypted S3 managed tables.
    • Fixed bug to ensure spark properties can be updated to empty values.
    • Fixed RANGE<TIMESTAMP> to correctly display UNBOUNDED boundaries.
    • Fixed bug in the bq info command that caused it to always fail.
    • Fixed bug where a line of logging was always printed.
    • Added connections to get-iam-policy and set-iam-policy.

Cloud Build

  • Modified (--repo, --repo-type) and --repository to be optional in gcloud builds triggers create manual, gcloud builds triggers create webhook and gcloud builds triggers create pubsub.

Cloud Storage

  • Updated gsutil component to 5.24.

Compute Engine

  • Added --http-keep-alive-timeout-sec flag to gcloud compute alpha/beta target-http-proxies/target-https-proxies create/update to configure http keep alive timeout sec field in target httpx proxy.
  • Added --server-tls-policy and --clear-server-tls-policy flags to gcloud compute target-https-proxies create/update to attach/detach a server TLS policy to the target https proxy.
  • Release pathTemplateMatch and pathTemplateRewrite fields in urlMaps to v1 API.
  • Updated --consumer-accept-list and --consumer-reject-list of gcloud compute service-attachments create and gcloud compute service-attachments update to support networks.
  • Promoted --provisioned-throughput flag of gcloud compute disks create and gcloud compute disks update to GA.
  • Promoted --create-disk=provisioned-throughput for gcloud compute instances create and gcloud compute instance-templates create to GA.
  • Promoted gcloud compute interconnects remote-locations <describe|list> to beta and GA.
  • Promoted --remote-location flag of gcloud compute interconnects create to beta and GA.
  • Promoted --subnet-length flag of gcloud compute interconnects attachments <dedicated|provider> create to beta and GA.

Container Registry

  • Changed "gloud container images describe" to check existence of the digest.

Database Migration

  • Updated gcloud database-migration connection-profiles create alloydb to support customer-managed encryption key(CMEK).
  • Updated gcloud database-migration connection-profiles create cloudsql to support customer-managed encryption key(CMEK).

Kpt

Kubernetes Engine

  • Promoted fields gpu-driver-version within --accelerator flag to enable GPU driver auto installation.
  • Updated default kubectl from 1.24.13 to 1.25.9.
  • Additional kubectl versions:
    • kubectl.1.21 (1.21.14)
    • kubectl.1.22 (1.22.17)
    • kubectl.1.23 (1.23.17)
    • kubectl.1.24 (1.24.13)
    • kubectl.1.25 (1.25.9)
    • kubectl.1.26 (1.26.4)
    • kubectl.1.27 (1.27.1)

Network Security

  • Promoted gcloud network-security security-profile-groups to beta.
  • Added network-security firewall-endpoints commands to manage Cloud Firewall Plus endpoints, and promoted them to beta.
  • Promoted gcloud network-security security-profiles threat-prevention to beta.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

431.0.0 (2023-05-16)

Breaking Changes

  • (Anthos On-Prem) Modified --version flag to be required in gcloud container vmware clusters create.
  • (Compute Engine) Added centos-stream-8 and centos-stream-9 options to --os flag for:
    • gcloud compute images import in GA,
    • gcloud compute instances import in GA
    • gcloud compute machine-images import in GA

Google Cloud CLI

  • Fixed error when filtering was applied to date or time type keys and their values were None. Now, the resources will be excluded as when values were empty.
  • Added warning message to indicate support for Python 3.5-3.7 will be deprecated on August 8th, 2023.

Anthos On-Prem

  • Modified gcloud container bare-metal clusters list to return clusters in all locations of the specified project if --location is not specified and configuration container_bare_metal/location is not set.

Artifact Registry

  • Changed IAM policy translation logic in gcloud beta artifacts docker upgrade print-iam-policy.

Batch

  • Promoted Batch submit job optional job_id feature to beta and GA.

Cloud Build

  • Added --repository flag to gcloud builds triggers create manual, gcloud builds triggers create webhook and gcloud builds triggers create pubsub which supports creating manual, webhook or Pub/Sub trigger with 2nd-gen repository resource.

Cloud Dataproc

  • Added --staging-bucket flag to gcloud dataproc batches submit ... commands in GA. This sets staging bucket when creating batches.
  • Added --staging-bucket flag to gcloud dataproc session create ... commands in Preview. This sets staging bucket when creating sessions.

Cloud Firestore

  • Promoted firestore locations list to GA.

Cloud Run

  • Promoted gcloud run jobs deploy to GA, which allows creating or updating a Cloud Run job from a container image or source to build.

Cloud Storage

  • Added a preserve_symlinks option to gcloud storage cp and mv commands; when present, this option will cause file and directory symlinks to be represented by placeholder files in the cloud, and reconstructed as symlinks when downloaded.

Compute Engine

  • Promoted gcloud compute addresses move to GA.

Compute Firewall Rules

  • Added --bind-tags-to-instances flag to gcloud compute firewall-rules migrate to bind secure tags to VM instances.

Database Migration

  • Updated gcloud database-migration migration-jobs create to support customer-managed encryption key(CMEK).

Dataproc Metastore

  • Promoted gcloud metastore services alter-metadata-resource-location to GA.
  • Promoted gcloud metastore services alter-table-properties to GA.
  • Promoted gcloud metastore services move-table-to-database to GA.
  • Promoted gcloud metastore services query-metadata to GA.

Events

  • Removed gcloud beta events surface and all commands within. Please use gcloud eventarc instead.

Kubernetes Engine

  • Deprecated --linux-sysctls flag since --system-config-from-file is now used to config nodes.

Notebooks

  • Added --data-disk-type, --data-disk-size, --no-remove-data-disk to gcloud notebooks instances create to configure data disk.

Recaptcha

  • Added --private-key-file, --team-id, --key-id to recaptcha keys create for iOS keys. Providing these fields allows reCAPTCHA Enterprise to provide more accurate risk scores.
  • Added --private-key-file, --team-id, --key-id to recaptcha keys update for iOS keys. Providing these fields allows reCAPTCHA Enterprise to provide more accurate risk scores.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

430.0.0 (2023-05-09)

Breaking Changes

Google Cloud CLI

  • Fixed issue where gcloud auth enterprise-certificate-config create used cert_issuer instead of issuer for Windows and MacOS configurations.

AlloyDB

  • Added gcloud alloydb users <command> Users API to manage AlloyDB users.

Anthos On-Prem

  • Modified gcloud container vmware clusters list to return clusters in all locations of the specified project if --location is not specified and configuration container_vmware/location is not set.

App Engine

Bare Metal Solution

  • Promoted gcloud bms instance rename to GA.
  • Promoted gcloud bms networks rename to GA.
  • Promoted gcloud bms nfs-shares rename to GA.
  • Promoted gcloud bms volumes rename to GA.

Cloud Bigtable

  • Rebuilt cbt cli with go version 1.20.4 which fixed CVE-2022-41723.
  • Add ability to count rows for a prefix.

Cloud Bigtable Emulator

  • Rebuilt cbt emulator with go version 1.20.4 which fixed CVE-2022-41723.

Cloud Build

  • Added --git-source-revision flag to gcloud builds submit.
  • Added --git-source-dir flag to gcloud builds submit.

Cloud Firestore

  • Promoted firestore locations list to beta.

Cloud IAM

  • Added --web-sso-response-type and --web-sso-assertion-claims-behavior flag to gcloud iam workforce-pools providers create-oidc and gcloud iam workforce-pools providers update-oidc to allow user to setup web sso configuration.

Cloud Logging

  • Added --custom-learned-route-priority and --set-custom-learned-route-ranges flags of gcloud compute routers add-bgp-peer in beta to specify the custom learned route configuration.
  • Added --custom-learned-route-priority, --set-custom-learned-route-ranges, --add-custom-learned-route-ranges and --remove-custom-learned-route-ranges flags of gcloud compute routers update-bgp-peer in beta to specify the custom learned route configuration.

Cloud Pub/Sub

  • The gcloud pubsub pull command now waits for messages by default.
    • The --wait flag has been deprecated from gcloud beta pubsub pull command.
    • The --return-immediately flag has been added to gcloud beta pubsub pull command to support the old behavior.

Cloud Run

  • No longer sets the client.knative.dev/user-image annotation when deploying or updating Cloud Run Services and Jobs.
  • Fixes issue in gcloud run deploy and gcloud run services update where changing --port would fail due to health check errors.

Compute Engine

  • Update replica-zones support --create-disk=replica-zones for gcloud compute instances create.
  • Promoted gcloud compute addresses move to beta.
  • Added --user-ip-request-headers for gcloud compute security-policies update, and promoted it to beta.

Database Migration

  • Added a set of commands for gcloud database-migration private-connections to perform common (create, list, describe, delete) operations on private connections.
  • Updated gcloud database-migration connection-profiles create to support creating Oracle connection profiles.
  • Updated gcloud database-migration connection-profiles create to support connectivity in creating Postgresql connection profiles.
  • Added gcloud database-migrate conversion-workspaces that supports the following commands for creating and managing conversion workspaces: create, update, delete, list, describe, commit, rollback, seed, import-rules, convert, apply, list background jobs and describe entities.
  • Updated gcloud database-migration migration-jobs create to support heterogeneous migration jobs.

Kubernetes Engine

  • Added --enable-master-global-access flag of gcloud container clusters create-auto.

Looker

  • Launch Looker (Google Cloud core) for General Availability to the public.

Network Connectivity

  • Updated gcloud network-connectivity service-connection-policies create subnet flag field to accept resource arguments.

Network Services

  • Updated GA schema for gcloud network-services gateways.
  • This primarily impacts gateway import/export.
  • It includes SWG-specific changes so gateways of type SWG can be created.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

429.0.0 (2023-05-02)

Breaking Changes

  • (Compute Engine) Added rocky-9 option to --os flag for:
    • gcloud compute images import in GA,
    • gcloud compute instances import in GA
    • gcloud compute machine-images import in GA

Google Cloud CLI

  • Updated bundled-python cryptography package to 39.0.1 and PyOpenSSL to 23.0.0.

AlloyDB

  • Added --update-mode flag to gcloud alloydb instances update in alpha and beta tracks.

BigQuery

  • Added bq info command to print debug information.
  • Froze the request library to version '2.27.1' until python2 is removed.
  • Removed excess line of logging to stderr that was printed on most commands.
  • Improved error messaging for unsupported regions.
  • Added support for an encoding when creating a JSON backed external table.
  • Updated bundled urllib3.

Certificate Authority Service

  • Added --ignore_dependent_resources flag to gcloud privateca roots disable to allow a root CA to be disabled even if it is the last CA in its CA Pool while its CA Pool is being depended on by another cloud resource.
  • Added --ignore_dependent_resources flag to gcloud privateca subordinates disable to allow a subordinate CA to be disabled even if it is the last CA in its CA Pool while its CA Pool is being depended on by another cloud resource.
  • Added --ignore_dependent_resources flag to gcloud privateca roots delete to allow a root CA to be deleted even if its CA Pool is being depended on by another cloud resource.
  • Added --ignore_dependent_resources flag to gcloud privateca subordinates delete to allow a subordinate CA to be deleted even if its CA Pool is being depended on by another cloud resource.
  • Added --ignore_dependent_resources flag to gcloud privateca pools delete to allow a CA Pool to be deleted even if it is being depended on by another cloud resource.

Cloud Bigtable

  • Rebuilding cbt cli with go version 1.20.3 which fixed CVE-2022-41723.

Cloud Firestore Emulator

  • Release Cloud Firestore emulator v1.17.4
    • Added support for eventarc triggers(2nd gen)
    • Fix ListDocuments to have page token

Cloud Identity-Aware Proxy

  • Fixed a low throughput issue that appeared in some download cases for gcloud compute start-iap-tunnel.

Cloud Monitoring

  • Promoted gcloud monitoring snoozes commands to beta and GA.

Cloud Pub/Sub

  • Added --event-time flag to gcloud pubsub lite-topics publish to allow users to specify an event time when publishing a message.

Cloud Run

  • Updated gcloud beta run integrations list to display integrations across all regions by default when --region flag is not specified.

Cloud SQL

  • Promoted --threads-per-core flag for gcloud sql instances create and gcloud sql instances patch to GA.

Cloud Workstations

  • Added the beta workstations list-usable command which lists a user's usable workstations under a given configuration.
  • Added gcloud beta workstations get-iam-policy.
  • Added gcloud beta workstations set-iam-policy.
  • Added gcloud beta workstations configs get-iam-policy.
  • Added gcloud beta workstations configs set-iam-policy.

Compute Engine

  • Added "REGION" column in the output of gcloud compute ssl-certificates list.
  • Promoted --gateway-ip-version flag of gcloud compute vpn-gateways create to beta. Flag defines the IP version of VPN Gateway.
  • Allowed --interfaces flag to accept IPv6 addresses of gcloud beta compute external-vpn-gateways create.
  • Promoted support of regional instance template for gcloud compute instance-groups managed create to beta and GA.
  • Promoted support of regional instance template for gcloud compute instance-groups managed set-instance-template to beta and GA.
  • Promoted support of regional instance template for gcloud compute instance-groups managed rolling-action start-update to beta and GA.
  • Promoted --nat-name flag of gcloud compute routers get-nat-mapping-info to GA.

Distributed Cloud Edge

  • Added --lro-timeout for gcloud edge-cloud container clusters create which allows specifying a custom duration for the gcloud CLI to wait on LROs.

Identity and Access Management

  • Fixed issue with gcloud auth login --login-config=$LOGIN_CONFIG --no-browser not working on Linux machines due to terminal input limit.

Kpt

Kubernetes Engine

  • Added --enable-unstable-kubernetes-apis flag to gcloud containers cluster create and gcloud containers cluster update to facilitate enabling beta apis in kube-apiserver.

Network Connectivity

  • Made network field accept both resource identifier and path.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

428.0.0 (2023-04-25)

Breaking Changes

  • (Cloud Run) For gcloud beta run jobs deploy, gcloud run jobs create, and gcloud run jobs update, mark --execute-now and --async flags mutually exclusive.

Google Cloud CLI

  • Added --lifetime flag to gcloud auth application-default print-access-token to configure service account impersonation access token lifetime.
  • Duration flags now support fractional input.

Anthos Multi-Cloud

  • Promoted --enable-managed-prometheus flag of gcloud container aws clusters create to GA.
  • Promoted --enable-managed-prometheus and --disable-managed-prometheus flags of gcloud container aws clusters update to GA.
  • Promoted --enable-managed-prometheus flag of gcloud container azure clusters create to GA.
  • Promoted --enable-managed-prometheus and --disable-managed-prometheus flags of gcloud container azure clusters update to GA.
  • Fixed issue where --max-nodes, --min-nodes, and --max-pods-per-node flags of gcloud container aws node-pools create and gcloud container azure node-pools create were incorrectly documented as optional.

Anthos On-Prem

  • Added gcloud container bare-metal admin-clusters unenroll which removes Cluster API resources so that the cluster is no longer managed by the Anthos On-Prem API.
  • Added support for annotations in the container bare-metal clusters update command.

Cloud Bigtable

  • Rebuilding cbt cli with go version 1.20 which fixed cve-2023-24537.

Cloud Bigtable Emulator

  • Rebuilding cbt emulator with go version 1.20 which fixed cve-2023-24537.

Cloud Run

  • Added firebase-hosting integration type to gcloud beta run integrations command group.

Cloud Storage

  • Updated gsutil component to 5.23.

Cloud Tasks

  • Added gcloud beta tasks buffer which enables creation of an HTTP task without specifying the task body. It requires the parent queue to have an HTTP target override and is only enabled in the beta track.

Cloud Workstations

  • Added -labels flag to gcloud beta workstations create and gcloud beta workstations cluster create.

Compute Engine

  • Added --auto-network-tier flag of gcloud compute routers nats create and gcloud compute routers nats update in beta to select network tier to be used by NAT in auto mode.
  • Promoted flag --enforce-on-key-configs of gcloud compute security-policies rules create|update to GA.
  • Added --certificate-manager-certificates flag to gcloud compute target-https-proxies create/update to add a list of ssl certificates created in certificate-manager to the target https proxy.
  • Added --allow-psc-global-access flag of gcloud compute forwarding-rules <create|update> to v1.

Compute Firewall Policies

  • Promoted --src-threat-intelligence and --dest-threat-intelligence flags to GA in gcloud compute firewall-policies rules create , gcloud compute firewall-policies rules update , gcloud compute network-firewall-policies rules create and gcloud compute network-firewall-policies rules update commands.
  • Promoted --src-region-codes and --dest-region-codes flags to GA in gcloud compute firewall-policies rules create , gcloud compute firewall-policies rules update , gcloud compute network-firewall-policies rules create and gcloud compute network-firewall-policies rules update commands.
  • Promoted --src-fqdns and --dest-fqdns flags to GA in gcloud compute firewall-policies rules create/update and gcloud compute network-firewall-policies rules create/update commands.
  • Promoted --src-address-groups and --dest-address-groups flags to GA in gcloud compute firewall-policies rules create/update and gcloud compute network-firewall-policies rules create/update commands.

Kubernetes Engine

  • Added --location flag to clusters, node-pools, and operations surfaces as a simpler alternative to --zone or --region.
  • Updated default kubectl from 1.24.12 to 1.24.13.
  • Additional kubectl versions:
    • kubectl.1.21 (1.21.14)
    • kubectl.1.22 (1.22.17)
    • kubectl.1.23 (1.23.17)
    • kubectl.1.24 (1.24.13)
    • kubectl.1.25 (1.25.9)
    • kubectl.1.26 (1.26.4)

Network Security

  • Added gcloud network-security server-tls-policies describe to alpha and beta.
  • Promoted gcloud network-security gateway-security-policies to GA.
  • Promoted gcloud network-security gateway-security-policies rules to GA.
  • Promoted gcloud network-security url-lists to GA.
  • Promoted gcloud network-security tls-inspection-policies to GA.

Public CA

  • Promoted gcloud publicca to GA.

Security Command Center

  • Fixed gcloud scc findings list to provide descriptive error message when parent argument is omitted.

Transcoder

  • Added support for --mode flag when creating a new job.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

427.0.0 (2023-04-18)

Breaking Changes

  • (Google Cloud CLI) Deprecated Python 2. The minimum supported Python version is Python 3.5.
  • (Cloud Datastore) Remove gcloud datastore databases create after version 427.0.0. Please use gcloud firestore database update --type=datastore-mode instead.
  • (Cloud Firestore) Switched firestore database create to use Firestore API.
  • (Cloud Firestore) Deprecated --region in gcloud firestore database create. Use --location to specify the database location.

Google Cloud CLI

  • Added --lifetime flag to gcloud auth print-access-token to configure service account impersonation access token lifetime.

App Engine

Artifact Registry

  • Promoted gcloud artifacts googet command group to GA.

BigQuery

  • Removed restrictions to what locations can be used with --location when combined with --use_regional_endpoints.
  • Improved Format RANGE<TIMESTAMP> formatting.

Certificate Authority Service

  • Added ignore_dependent_resources parameter to disable CA, delete CA, and delete CA Pool. These commands would normally fail if the CA Pool would be in a state where it's not able to issue certificates while there's a resource that depends on it. This flag skips the check and may cause unintended and unrecoverable effects on any dependent resource(s) since the CA Pool would no longer be able to issue certificates.

Cloud Firestore

  • Promoted firestore databases describe to beta.
  • Promoted firestore databases update to beta.
  • Promoted firestore databases list to beta.
  • Promoted firestore databases describe to GA.
  • Promoted firestore databases update to GA.
  • Promoted firestore databases list to GA.

Cloud Firestore Emulator

  • Release Cloud Firestore emulator v1.16.2
    • Fixed an issue where some http/1 headers were causing 400 errors.

Cloud On Demand Scanning

  • Updated local-extract component to 1.5.8 to allow it to run in environments without glibc.

Cloud Run

  • Promoted --session-affinity to GA for --platform=managed for gcloud run deploy and gcloud run services update.
  • Promoted --add-custom-audiences, --clear-custom-audiences, --remove-custom-audiences and --set-custom-audiences to beta for --platform=managed for gcloud run deploy and gcloud run services update.

Cloud SQL

  • Added PostgreSQL 15 to database versions.

Cloud Spanner

  • Added database drop protection column to gcloud spanner databases list command.

Cloud Storage

  • Promoted gcloud storage insights commands to GA.

Cloud TPU

  • Add gcloud compute tpus topologies list to list available TPUs by chip topology.

Cloud Workstations

  • Adding support for labels in the beta workstations config create and beta workstations config update commands.

Compute Engine

  • Updated the scope flags --zone or --region of the primary disk, --secondary-disk-zone or --secondary-disk-region of the secondary disk to be required for gcloud compute disks start-async-replication.

Dataproc Metastore

  • Added support for Dataproc Metastore admin interface. The following commands have been added to alpha/beta release tracks:
    • metastore services alter-table-properties

Events

  • Deprecated gcloud beta events surface and all commands within. This surface will be removed in an upcoming release. Please use gcloud eventarc instead.

GKE Hub

  • Added --location flag to gcloud container fleet memberships register and gcloud beta container fleet memberships register.
  • If --location is not specified when registering GKE clusters, Membership region is selected to match to GKE cluster location by default.
  • If --location is not specified when registering non-GKE clusters, Membership region is selected as "global" by default.

Kpt

Kubernetes Engine

  • Added --addons=GcsFuseCsiDriver to gcloud beta container clusters create and --update-addons=GcsFuseCsiDriver to gcloud beta container clusters update to enable/disable the Cloud Storage FUSE Container Storage Interface (CSI) Driver.
  • Allow --enable-managed-prometheus or --disable-managed-prometheus flag to be passed with --logging and --monitoring flags at the same time in gcloud container clusters update.
  • Added --additional-pod-ipv4-ranges and --remove-additional-pod-ipv4-ranges flags of gcloud container clusters update to GA.

Network Connectivity

  • Renamed 'psc-subnetworks' field to 'subnets' based on review comments.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

426.0.0 (2023-04-11)

Breaking Changes

  • (Cloud Firestore) Switched firestore database create to use Firestore API after version 427.0.0.
  • (Cloud Firestore) Deprecated --region in gcloud firestore database create. Use --location to specify the database location. --region flag will be remove after version 427.0.0.

Anthos On-Prem

  • Promoted gcloud container vmware to beta.
  • Promoted gcloud container bare-metal to beta.

App Engine

Batch

  • Added no-external-ip-address flag to gcloud batch job submit.

BigQuery

  • Added warning when apilog flag is missing that the logging level is being lowered.

Cloud Bigtable

  • Clarified the functionality of --transactional-writes flag in gcloud bigtable app-profiles update.

Cloud Build

  • Hide --repository flag in gcloud builds triggers create manual, gcloud builds triggers create webhook and gcloud builds triggers create pubsub.

Cloud Dataflow

  • Added JAVA17 to gcloud dataflow flex-template command SDK Language options, allowing users to submit Flex Template jobs using Java 17.

Cloud Filestore

  • Added gcloud filestore instances revert command in GA to revert a filestore instance to specific snapshot.

Cloud Functions

  • Updated gcloud functions deploy to no longer require the flag --gen2 when updating an existing 2nd gen function. This aligns with the existing behavior of other commands. You can disable this behavior and only work with 1st gen functions by either adding --no-gen2 to a command or by setting the functions/gen2 config property to off.

Cloud Memorystore

  • Change to current default from latest for --maintenance-version flag in gcloud redis instances update to allow updating to the current default maintenance version.

Cloud Org Policy

  • Added --update-mask flag to gcloud org-policies reset command to support partial reset of policies (e.g, reset only dry-run policy spec or live policy spec).

Cloud Run

  • Promoted --cpu-boost to GA for --platform=managed for gcloud run deploy.

Cloud Workflows

  • Added the call-log-level flag to gcloud workflows deploy, and add the log-none value to the call-log-level flag for gcloud workflows <execute|run>, to specify no call logging even if logging was specified at the workflow level.

Compute Engine

  • Promoted --max-count-per-zone flag of gcloud compute instances bulk create to beta. Flag defines maximum number of instances that can be created per zone for regional bulk insert.
  • Added SEV_LIVE_MIGRATABLE to the list of guestOsFeatures.
  • Rearranged gcloud compute images import source flags by moving --source-file & --source-image to the beginning.

Network Connectivity

  • Added gcloud network-connectivity service-connection-policies create and gcloud network-connectivity service-connection-policies delete commands.
  • Added gcloud network-connectivity service-connection-policies list and gcloud network-connectivity service-connection-policies describe commands.

Security Command Center

  • Promoted gcloud scc custom-modules sha to GA.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

425.0.0 (2023-04-04)

Breaking Changes

  • (Compute Engine) Migrate single request gcloud compute commands from the compute batch
  • (Compute Engine) endpoint to region-specific endpoints.

App Engine

  • Removed InvalidInstanceIpModeError exception from gcloud.app.instances.ssh because SSH is now supported for all Instance Ip Modes.

Artifact Registry

  • Added gcloud beta artifacts docker upgrade print-iam-policy.

Certificate Manager

  • Promoted gcloud certificate-manager trust-configs delete to beta.
  • Promoted gcloud certificate-manager trust-configs describe to beta.
  • Promoted gcloud certificate-manager trust-configs export to beta.
  • Promoted gcloud certificate-manager trust-configs import to beta.
  • Promoted gcloud certificate-manager trust-configs list to beta.

Cloud Access Context Manager

  • Added --dry-run-level flag to gcloud access-context-manager cloud-bindings to test cloud-binding before enforcing them.

Cloud Build

  • Update wait timeout for gcloud builds worker-pools create and gcloud builds worker-pools delete commands to 1h.

Cloud Functions

  • Updated gcloud functions add-iam-policy-binding, gcloud functions call, gcloud functions delete, gcloud functions get-iam-policy, gcloud functions remove-iam-policy-binding, and gcloud functions set-iam-policy to no longer require the flag --gen2 when operating on a 2nd gen function. This aligns with the existing behavior of gcloud functions describe. You can disable this behavior and only work with 1st gen functions by either adding --no-gen2 to a command or by setting the functions/gen2 config property to off.

Cloud IAM

  • Added gcloud iam workload-identity-pools providers keys commands to manage workload identity pool provider keys.

Cloud Workstations

  • Adding support for the customer managed encryption key and encryption key service account flags in the beta workstations config create command.

Compute Engine

  • Enable "Uniform Bucket Level Access" by default for the temporary Cloud Storage buckets created in gcloud compute images import and gcloud compute images export.
  • Promoted --source-ip-ranges flag of gcloud compute forwarding-rules [create|update] to GA.

Database Migration

  • Added --allocated-ip-range flag to gcloud database-migration connection-profiles create cloudsql to allow selecting an allocated IP range for VPC peering.
  • Added --alloydb-cluster flag to gcloud database-migration connection-profiles create to allow creating a connection profile with an existing AlloyDB cluster.
  • Added --alloydb-cluster flag to gcloud database-migration connection-profiles update to allow configuring a connection profile with an existing AlloyDB cluster.

Network Security

  • Promoted gcloud network-security tls-inspection-policies to beta.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

424.0.0 (2023-03-28)

Breaking Changes

  • (Artifact Registry) Fixed issue where the default table format was used when --show-occurrences flag was passed in, even though that format prevented occurrences from being displayed. Changed to use the default format when the flag is used. Use the same command without --show-occurrences to get the old behavior.

Artifact Registry

  • Allow using gcloud beta artifacts images describe with Artifact Registry repos that use gcr.io domain.
  • Promoted artifacts settings describe artifacts settings enable-upgrade-redirection, and artifacts settings disable-upgrade-redirection commands to GA.

BigQuery

  • Fixed issue storing --api flag in the .bigqueryrc file.
  • Added the option for three-year capacity commitment plans.
  • Updated wcwidth to version 0.2.6.

Certificate Manager

  • Promoted gcloud certificate-manager issuance-configs to GA.

Cloud Build

  • Added --default-buckets-behavior flag to gcloud builds submit.

Cloud Deploy

  • Added gcloud deploy rollouts advance to alpha and beta.
  • Added gcloud deploy rollouts cancel to alpha and beta.
  • Added gcloud deploy rollouts ignore-job to alpha and beta.
  • Added gcloud deploy job-runs terminate to alpha and beta.
  • Added starting-phase-id flag to gcloud deploy targets redeploy.
  • Added starting-phase-id flag to gcloud deploy targets rollback.
  • Added starting-phase-id flag to gcloud deploy releases promote.
  • Added initial-rollout-phase-id flag to gcloud deploy releases create.

Cloud Memorystore

  • Added --maintenance-version flag to gcloud redis instances update to allow updating a maintenance version when updating an instance.

Cloud Run

  • Promoted gcloud run jobs command group and its sub-commands to GA, except for the following commands:
    • gcloud beta run jobs deploy
    • gcloud beta run jobs logs
    • gcloud beta run jobs executions logs
  • Promoted --encryption-key-shutdown-hours and --clear-encryption-key-shutdown-hours flags of gcloud run deploy and gcloud run services update to GA for --platform=managed.

Cloud SQL

  • Added gcloud sql instances reencrypt, which re-encrypts a Cloud SQL CMEK instance with the current primary key version in alpha.

Cloud TPU

  • Update gcloud compute tpus tpu-vm create to allow configuration of TPUs with chip topology using --type and --topology flags.

Compute Engine

  • Promoted disk-consistency-group argument of gcloud compute resource-policies create to beta.
  • Promoted --primary-disk, --primary-disk-project, --primary-disk-region, and --primary-disk-zone of gcloud compute disks create to beta.
  • Promoted gcloud compute disks start-async-replication to beta.
  • Promoted gcloud compute disks stop-async-replication to beta.
  • Promoted gcloud compute disks stop-group-async-replication to beta.
  • Promoted gcloud compute disks bulk create to beta.
  • Fixed documentation for --update-policy-max-surge and --update-policy-replacement-method flags.
  • Promoted --queue-count flag in --network-interface of gcloud compute instance-templates create to GA.
  • Promoted --queue-count flag in --network-interface of gcloud compute instances bulk create to GA.

Database Migration

  • Added demote-destination request to gcloud database-migration migration-jobs to allow demoting the destination of a migration job.

Dataproc Metastore

  • Promoted the custom-routes-enabled boolean value to the network-config-from-file flag of gcloud metastore services create to v1alpha and v1beta.
  • Fixed issue where commands including an --instance-size flag would fail if the user specified an enum value of EXTRA_SMALL or EXTRA_LARGE.

Eventarc

  • Added --event-data-content-type flag to gcloud eventarc triggers create and gcloud eventarc triggers update to label the type of payload in MIME format that is expected from the CloudEvent data field.

Kpt

Kubernetes Engine

  • Updates default kubectl from 1.24.11 to 1.24.12.
  • Additional kubectl versions:
    • kubectl.1.21 (1.21.14)
    • kubectl.1.22 (1.22.17)
    • kubectl.1.23 (1.23.17)
    • kubectl.1.24 (1.24.12)
    • kubectl.1.25 (1.25.8)
    • kubectl.1.26 (1.26.3)

Network Security

  • Promoted gcloud network-security url-lists to beta.
  • Promoted gcloud network-security gateway-security-policies to beta.
  • Promoted gcloud network-security gateway-security-policy-rules to beta.

Recaptcha

  • Added --support-non-google-app-store-distribution to recaptcha keys create that enables support for non-Google Play Store distributed applications for the key.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

423.0.0 (2023-03-21)

Google Cloud CLI

  • Added gcloud auth enterprise-certificate-config to create enterprise-certificate configurations.
  • Disabled mTLS during installation.
  • Fixed crash that occurred when parsing certain repeated dictionary-type flags if duplicate keys were provided or if invalid choices for another flag were specified afterwards.
  • Improved post-processing times during gcloud components update and gcloud components install on Windows.

App Engine

  • Updated the Java SDK to version 2.0.12 build from the open source project https://github.com/GoogleCloudPlatform/appengine-java-standard/releases/tag/v2.0.12.
  • Fixed a DevAppServer issue where in some scenarios, the class io.opencensus.trace.propagation.TextFormat could not be found.
  • Added --tunnel-through-iap flag to gcloud app instances ssh. Using this flag lets you use an Identity-Aware Proxy (IAP) tunnel when attempting to SSH into an App Engine flexible environment instance without an external IP address.
  • Updated the Go SDK to version 1.9.73. Please visit the following release notes for details: https://cloud.google.com/appengine/docs/go/release-notes.
  • Added --tunnel-through-iap flag to gcloud app instances scp. Using this flag lets you use an Identity-Aware Proxy (IAP) tunnel when attempting to SCP to/from an App Engine flexible environment instance without an external IP address.

Artifact Registry

  • Updated gcloud artifacts docker images describe and gcloud artifacts docker images list to return occurrences when an occurrence filter is used, even if the user does not explicitly say to show occurrences.

  • Added --immutable-tags flag to gcloud artifacts repositories create and gcloud artifacts repositories update.

Bare Metal Solution

  • Promoted gcloud bms ssh-keys list to GA.
  • Promoted gcloud bms ssh-keys add to GA.
  • Promoted gcloud bms ssh-keys remove to GA.

Cloud Build

  • Added --repository flag to gcloud builds triggers create manual, gcloud builds triggers create webhook and gcloud builds triggers create pubsub.

Cloud Dataproc

  • Added --ttl flag to gcloud dataproc batches submit commands in GA. This sets a workload TTL when creating batches.

Cloud Firestore Emulator

  • Released Cloud Firestore emulator v1.16.1
    • Fixed: support read_time in ListCollectionIds

Cloud Healthcare

  • Added gcloud healthcare fhir-stores metrics which allows users to retrieve metrics associated with a FHIR store.

Cloud Key Management Service

  • Added --key-management-mode and --crypto-space-path to gcloud kms ekm-connections that is used when creating coordinated external keys.
  • Added gcloud kms ekm-config commands which enables setting configuration values for EKM users.

Compute Engine

  • Promoted --aws-* flags of gcloud compute images import to GA.
  • Promoted gcloud compute sole-tenancy node-groups simulate-maintenance-event to GA.

Database Migration

  • Added --availability-type flag to gcloud database-migration connection-profiles create to allow configuring the availability type on the destination Cloud SQL instance.
  • Added --secondary-zone flag to gcloud database-migration connection-profiles create to allow configuring the secondary zone of the destination Cloud SQL instance when regional availability type is used.

Kubernetes Engine

  • Added --enable-fleet flag to gcloud container clusters create, gcloud container clusters create-auto and gcloud container clusters update in alpha, beta track.
  • Added --fleet-project flag to gcloud container clusters create, gcloud container clusters create-auto and gcloud container clusters update in alpha, beta track.
  • Added --clear-fleet-project flag to gcloud container clusters update in alpha, beta track.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

422.0.0 (2023-03-14)

Breaking Changes

  • (Cloud Pub/Sub) Fixed output format of gcloud schemas list and gcloud schemas list-revisions to remove the DEFINITION column if --view is not FULL.

Google Cloud CLI

  • Added gcloud auth enterprise-certificate-config to create enterprise-certificate configurations.

Anthos Multi-Cloud

  • Added --clear-client flag to gcloud container azure clusters update to clear the Azure client. This flag is required when updating to use Azure workload identity federation from Azure client to manage Azure resources.

App Engine

  • Updated the Python App Engine devappserver to support a new flag --python_virtualenv_path. It is an optional directory that will be used to setup a Python 3 virtual env for the local devappserver execution environment for Python 3 applications. If the path does not exist it will be created and it will not be cleanup at the end of the devappserver execution, allowing for caching between invocations. If not defined, a temporary directory will be used and cleaned up at the end of the execution.

Artifact Registry

  • gcloud beta artifacts settings enable-upgrade-redirection command no longer requires creating missing repos.

Bare Metal Solution

  • Promoted gcloud bms instances enable-serial-console to GA.
  • Promoted gcloud bms instances disable-serial-console to GA.

BigQuery

  • Updated the bundled google auth libraries.
  • Updated bundled libraries to use charset_normalizer with the request library.

Cloud Datastream

  • Added the max_concurrent_backfill_tasks support to --mysql-source-config, --oracle-source-config, --postgresql-source-config flags in gcloud datastream streams.

Cloud Functions

  • Preview of the CMEK support for Cloud Functions, 2nd Gen. In particular, promoted --docker-repository, --kms-key, --clear-docker-repository and --clear-kms-key flags of gcloud functions deploy --gen2 to beta.

Cloud Run

  • Removed --condition flag from gcloud run {services,jobs} {add,remove}-iam-policy-binding.

Cloud Workflows

  • Added --revision-id flag to gcloud workflows describe to allow retrieving the source code of a workflow at a specific revision.

Cloud Workstations

  • Added gcloud beta workstations configs update which updates a specified
  • Added gcloud beta workstations ssh which SSH's into a specified workstation. workstation configuration.

Compute Engine

  • Added --plan to gcloud compute commitments update to support commitment term upgrade.
  • Promoted gcloud compute security-policies rules add-preconfig-waf-exclusion|remove-preconfig-waf-exclusion to GA.
  • Promoted --queue-count flag in --network-interface of gcloud compute instances create to GA.
  • Promoted --internal-ipv6-address flag of gcloud compute instances create to GA.
  • Promoted --internal-ipv6-prefix-length flag of gcloud compute instances create to GA.
  • Added new ADVANCED_PREVIEW enum option to --network-ddos-protection flag of gcloud compute security-policies update in alpha and beta.

GKE Hub

  • Changed gcloud container fleet memberships unregister command to assume membership region based on gke cluster region by default.

Network Connectivity

  • Fixed issue where sort-by arguments in list spoke command produced type validation errors.

Recaptcha

  • Support creating express enabled site keys using recaptcha keys create --waf-feature=express.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

421.0.0 (2023-03-07)

Artifact Registry

  • Fixed an issue where gcloud artifacts docker images list does not return nested images.

BigQuery

  • Extended third-party identity login to support a web-based 3-legged OAuth flow.
  • Extended ls -p to page through all projects.
  • Extended --format for load to support more formats.
  • Removes some unneeded shipped libraries.
  • Added logging support for all exceptions when --apilog is present.
  • Added --encoding for load to support csv encodings.
  • Updated the bundled cachetools library.

Cloud Filestore

  • Added --instance-location flag to gcloud filestore instances snapshots create, which accepts either a zone or region and allows clients to create Enterprise and HighScale snapshots.
  • Added --instance-location flag to gcloud filestore instances snapshots delete, which accepts either a zone or region and allows clients to delete Enterprise and HighScale snapshots.
  • Added --instance-location flag to gcloud filestore instances snapshots list, which accepts either a zone or region and allows clients to list Enterprise and HighScale snapshots.
  • Added --instance-location flag to gcloud filestore instances snapshots update, which accepts either a zone or region and allows clients to update Enterprise and HighScale snapshots.
  • Added --instance-location flag to gcloud filestore instances snapshots describe, which accepts either a zone or region and allows clients to describe Enterprise and HighScale snapshots.

Cloud Pub/Sub

  • Fixed gcloud schemas commit to raise an Invalid Argument error if --type is not equal to protocol-buffer, protocol_buffer, or avro.

Cloud Services

  • Added key-string support for undelete command for api_keys in beta.

Cloud Spanner

  • Promoted gcloud spanner databases roles list to GA.
  • Promoted --database-role flag in gcloud spanner databases execute-sql to GA.

Cloud Storage

  • Updated gsutil component to 5.21.

Cloud Workflows

  • Added --labels flag to gcloud workflows <execute|run> to allow adding execution specific labels.

Cloud Workstations

  • Fixed issue with the custom container image not being properly set in gcloud beta workstations configs create.

Compute Engine

  • Added --encryption to gcloud compute interconnects attachments dedicated create to add encryption option for dedicated interconnect attachment (VLAN attachment).
  • Added --encryption to gcloud compute interconnects attachments partner create to add encryption option for partner interconnect attachment (VLAN attachment).
  • Added --ipsec-internal-addresses to gcloud compute interconnects attachments dedicated create to add list of addresses that have been reserved for dedicated interconnect attachment (VLAN attachment).
  • Added --ipsec-internal-addresses to gcloud compute interconnects attachments partner create to add list of addresses that have been reserved for partner interconnect attachment (VLAN attachment).
  • Added --encrypted-interconnect-router to gcloud compute routers create to indicate that the router is dedicated for use with encrypted interconnect attachments (VLANs).
  • Added --interconnect-attachments to gcloud compute vpn-gateways create to add interconnect attachments (VLAN attachments) associated with the VPN gateway interfaces.
  • Added 9 to allowed list of values for --version of gcloud beta compute instances ops-agents policies [create|update].
  • Promoted --locality_lb_policy flag of gcloud compute backend-services create/update to GA.
  • Added --max-run-duration and --termination-time flags in gcloud compute instances set-scheduling to beta.
  • Added --clear-max-run-duration and --clear-termination-time flags in gcloud compute instances set-scheduling to beta.
  • Promoted --endpoint-types flag in gcloud compute routers nats create to GA.

Dataproc Metastore

  • Promoted --auxiliary-versions flag of gcloud metastore services create to GA. Modified flag to no longer be mutually exclusive with --consumer-subnetworks and --network-config-from-file.
  • Promoted --auxiliary-versions-from-file flag of gcloud metastore services create to GA. Modified flag to no longer be mutually exclusive with --consumer-subnetworks and --network-config-from-file.
  • Promoted --instance-size flag of gcloud metastore services create and gcloud metastore services update to GA.
  • Added --instance-size flag to gcloud metastore services create and gcloud metastore services update to specify a service instance size.
  • Promoted --scaling-factor flag of gcloud metastore services create and gcloud metastore services update to GA.
  • Added --scaling-factor flag to gcloud metastore services create and gcloud metastore services update to specify a service scaling factor.
  • Modified --tier flag of gcloud metastore services create and gcloud metastore services update to be mutually exclusive with --instance-size and --scaling-factor in all release tracks.

Identity and Access Management

  • Added support for credential sharing with bq and gsutil when using browser-based sign-in with Workforce identity federation to authenticate with the Google Cloud CLI via gcloud auth login.

Kpt

Kubernetes Engine

  • Prevent overwriting directory permission when KUBECONFIG contains empty entry or a directory. Instead, raise an error.
  • Updates default kubectl from 1.24.10 to 1.24.11.
  • Additional kubectl versions:
    • kubectl.1.21 (1.21.14)
    • kubectl.1.22 (1.22.17)
    • kubectl.1.23 (1.23.17)
    • kubectl.1.24 (1.24.11)
    • kubectl.1.25 (1.25.7)
    • kubectl.1.26 (1.26.2)

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

420.0.0 (2023-02-28)

Breaking Changes

  • (Cloud Firestore) Switched firestore beta database create to use Firestore API.
  • (Cloud Firestore) Added --type, --location and --database to gcloud beta firestore database create.
  • (Cloud Firestore) Removed --region in gcloud beta firestore database create. Use --location instead.

App Engine

  • Added support for App Engine go runtime versions 116, 117, 118, 119, 120.

BigQuery

  • Updated messaging for the use_legacy_sql flag.
  • Added stack trace logging for errors when the apilog flag is used.
  • Removed unnecessary fetches for data transfer commands.

Certificate Authority Service

  • Added name constraints arguments to gcloud privateca roots create to allow configuring certificate authorities with name constraints.
  • Added name constraints arguments to gcloud privateca subordinates create to allow configuring certificate authorities with name constraints.
  • Added name constraints arguments to gcloud privateca certificates create to allow configuring certificate authorities with name constraints.

Cloud Composer

  • Update warning message when running commands that use the default Cloud Composer version, which was changed recently from 1 to 2.

Cloud Functions

  • Fixed issue where gcloud functions deploy would crash on updating an existing function with VPC Connector when --egress-settings flag was specified.
  • Added warning and prompting to gcloud functions add-iam-policy-binding about needing to bind the roles/run.invoker role for 2nd gen functions.

Cloud Key Management Service

  • Added gcloud beta kms inventory which allows viewing and tracking of keys across cloud resources.

Cloud Logging

  • Promoted buckets create --enable-analytics to GA.
  • Added buckets update --enable-analytics to GA track.
  • Removed deprecated buckets update --enable-loglink from ALPHA track.
  • Added --async option to the buckets create and buckets update commands.
  • Added links command group implementation.

Compute Engine

  • Promoted --queue-count flag in --network-interface of gcloud compute instances create to beta.
  • Promoted --stack-type flag of gcloud compute instances bulk create to GA.
  • Promoted gcloud compute disks update to GA.
  • Promoted --provisioned-iops flag of gcloud compute disks update to GA.

GKE Hub

  • Added gcloud container fleet scopes|namespaces which allows users to manage Fleet Tenancy.

Identity and Access Management

Pubsub Emulator

  • Added support for updating schemas.
  • Fixed the inability to create topics, subscriptions, and schemas when using the gcloud CLI.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

419.0.0 (2023-02-22)

App Engine

Artifact Registry

  • Fix issue where artifacts repositories create failed unconditionally.

Cloud Datastream

  • Added new --full-hierarchy and --hierarchy-depth flags for connection-profiles discover.
  • Deprecated --recursive and --recursive-depth flags for connection-profiles-discover.

Cloud Functions

  • Added support for Docker package format {location}-docker.pkg.dev/{project}/{repository} to --docker-repository flag of gcloud functions deploy.
  • Fixed issue where gcloud functions deploy fails if the user doesn't have the permission serviceusage.services.get.

Cloud Logging

  • Promote --logging-optional and --logging-optional-fields flags of gcloud compute backend-services create and gcloud compute backend-services update to GA.

Cloud Run

  • Promoted gcloud beta run jobs executions logs read to beta, which reads logs from a selected resource.
  • Promoted gcloud beta run jobs executions logs tail to beta, which tail logs from a selected resource.

Cloud Storage

  • gcloud storage cp will now silently ignore the Content-MD5 header for parallel composite uploads.
  • gcloud storage hash has been promoted to GA.

Firebase Test Lab

  • Promoted --client-details flag of gcloud firebase test [android|ios] run to GA. This flag can be used to provide additional details to attach to the test matrix, including a matrixLabel to help you identify and locate your test in the Firebase console.

Recaptcha

  • Support creating Fastly enabled site keys using recaptcha keys create --waf-service=fastly.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

418.0.0 (2023-02-14)

Breaking Changes

  • (Cloud Dataproc) Modified --job-id and --yarn_application_id flags to --job-ids and --yarn-application-ids respectively in gcloud dataproc clusters diagnose command. These flags can now accept a comma separated list of job ids and yarn app ids instead of a single value.

Google Cloud CLI

  • Defined "quota_project" in gcloud auth application-default set-quota-project command documentation.
  • Launched the enterprise-certificate-proxy component. See more at $ gcloud topic client-certificate.

AI

  • Added gcloud ai models copy which copies a model.

AlloyDB

  • Added --clear-continuous-backup-encryption-key flag to gcloud beta alloydb clusters update to support clearing a custom encryption configuration for Continuous Backups.
  • Added following flags of gcloud alloydb instances create and gcloud alloydb instances update to alpha, beta and GA:
    • --insights-config-query-string-length
    • --insights-config-query-plans-per-minute
    • --insights-config-record-application-tags
    • --insights-config-record-client-address

Artifact Registry

  • Adding new command gcloud artifacts vpcsc-config allow --project=my-proj --location=us-west1.
  • Adding new command gcloud artifacts vpcsc-config deny --project=my-proj --location=us-west1.
  • Adding new command gcloud artifacts vpcsc-config describe --project=my-proj --location=us-west1.
  • Adding new command gcloud artifacts repositories create my-repo --project=my-project --repository-format=maven --location=us-east1 --description="My test repo" --mode=virtual-repository --upstream-policy-file=policy.json.
  • Adding new command gcloud artifacts repositories create my-repo --project=my-project --repository-format=python --location=us-east1 --description="My python repo" --mode=remote-repository --remote-repo-config-desc="test python remote repo" --remote-python-repo=PYPI.
  • Adding new command gcloud artifacts repositories create my-repo --project=my-project --repository-format=npm --location=us-east1 --description="My npm repo" --mode=remote-repository --remote-repo-config-desc="test npm remote repo" --remote-npm-repo=NPMJS.
  • Adding new command gcloud artifacts repositories create my-repo --project=my-project --repository-format=maven --location=us-east1 --description="My test repo" --mode=remote-repository --remote-repo-config-desc="test maven remote repo" --remote-mvn-repo=MAVEN-CENTRAL.
  • Adding new command gcloud artifacts repositories create my-repo --project=my-project --repository-format=docker --location=us-east1 --description="no CRM permission" --mode=remote-repository --remote-repo-config-desc="test docker remote repo" --remote-docker-repo=DOCKER-HUB.

BigQuery

  • Added SPARK reservation assignment.
  • Added main class option for Spark procedures.
  • Added support for bi-engine reservation paths.

Cloud DNS

  • Fixed issue with gcloud dns response-policies being unable to update gkeclusters flag in GA.
  • Updated gcloud dns record-sets create and gcloud dns record-sets update to allow referencing forwarding rules by their full resource path.

Cloud Datastream

  • Modified Create/Update Stream flags that use a JSON/YAML file to use camelCase field naming instead of snake_case, to match the REST API. Old snake_case configuration files will still be supported.

Cloud Filestore

  • Added --location flag to gcloud filestore instances snapshots create, which accepts either a zone or region and allows clients to create Enterprise and HighScale snapshots.
  • Added --location flag to gcloud filestore instances snapshots delete, which accepts either a zone or region and allows clients to delete Enterprise and HighScale snapshots.
  • Added --location flag to gcloud filestore instances snapshots list, which accepts either a zone or region and allows clients to list Enterprise and HighScale snapshots.
  • Added --location flag to gcloud filestore instances snapshots update, which accepts either a zone or region and allows clients to update Enterprise and HighScale snapshots.
  • Added --location flag to gcloud filestore instances snapshots describe, which accepts either a zone or region and allows clients to describe Enterprise and HighScale snapshots.

Cloud Firestore

  • Added --api-scope and --query-scope support for Firestore Index Create.

Cloud Key Management Service

  • Set --location and --keyring as required flags for commands set-primary-version, set-rotation-schedule, get-rotation-schedule, set-iam-policy, get-iam-policy.

Cloud Logging

  • Allow for protocols TCP, UDP and UNSPECIFIED in gcloud compute backend-services create and gcloud compute backend-services update.
  • Added --logging-optional and --logging-optional-fields flags of gcloud compute backend-services create and gcloud compute backend-services update in beta to specify the optional fields to be added to the reported logs.

Cloud Run

  • Fixed an issue where gcloud run delete commands report error sometimes even though the deletion succeeded.

Cloud Storage

  • Updated gsutil component to 5.20.
  • All gcloud storage commands that accept JSON files now also support YAML.

Compute Engine

  • Promoted --resource-policies flag for glcloud compute reservations createto to GA.

Distributed Cloud Edge

  • Introduced the GDCE version for cluster, machine, and node-pool as output during list and describe operations.
  • Added gcloud edge-cloud networking which allows users to configure the networking configurations on the ToRs to support customer workloads which are running in Google Distributed Cloud Edge Clusters.

Stackdriver Debugger

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

417.0.1 (2023-02-08)

App Engine Flexible Environment

  • Fixing issue where App Engine Flex users cannot deploy their PHP, Java or Python applications via gcloud 417.0.0.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

417.0.0 (2023-02-07)

Breaking Changes

  • (Cloud IoT) Added --device-field-mask flag to gcloud iot devices list to have override possibility for device fieldMask. In case the API response does not include the blocked field for any of the devices, the BLOCKED column will disappear from the results table.

Google Cloud CLI

  • Defined "quota_project" in gcloud auth application-default set-quota-project command documentation.

Anthos Multi-Cloud

  • Modified gcloud container azure clients create to wait for the returned long-running operation. Use --async flag to get the old behavior.
  • Modified gcloud container azure clients delete to wait for the returned long-running operation. Use --async flag to get the old behavior.

Cloud Composer

  • Added warning message when running commands that use the default Cloud Composer version, which will be changed soon.

Cloud Logging

  • Updated gcloud logging buckets list command to include CMEK enabled or disabled setting.

Cloud Run

  • Promoted gcloud run jobs deploy to beta, which allows creating or updating a Cloud Run job from a container image or source to build.

Compute Engine

  • Added REGION column to default output of gcloud compute target-https-proxies list.
  • Promoted gcloud compute network-attachments to GA.

Distributed Cloud Edge

  • Promoted --vpc-project to gcloud edge-cloud container vpn-connections create to create resources in a different GCP project than the GDCE cluster project.

Firebase Test Lab

  • Promoted gcloud firebase test [android|ios] list-device-capacities to GA. This feature can inform your test decisions by letting you view the inventory level of device types in the Test Lab catalog. To access this information, run gcloud firebase test [android|ios] list-device-capacities, or gcloud firebase test [android|ios] models describe [MODEL_ID].

Identity and Access Management

  • Added gcloud iam workforce-pools commands for Workforce Identity Federation management.

Notebooks

  • Deprecate alpha and beta notebooks.

Security Command Center

  • Updated gcloud scc custom-modules sha command group to allow custom modules feature.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

416.0.0 (2023-01-31)

Breaking Changes

  • (Cloud Datalab) Removed gcloud datalab component (Originally removed in release 413.0.0).

AI

  • Fixed an issue in gcloud ai hp-tuning-jobs that the values of --max-trial-count and --max-parallel-trial-count are not passed in the config.yaml file.

AlloyDB

  • Updated gcloud beta alloydb clusters create and gcloud beta alloydb clusters update to support enabling continuous backups via new --enable-continuous-backup and --continuous-backup-recovery-window-days and --continuous-backup-encryption-key flags.

Anthos Identity Service

  • Added --fleet-default-member-config flag to the following commands:

    • gcloud beta container fleet identity-service enable
    • gcloud beta container fleet identity-service delete

      These will make it possible to configure and delete fleet default membership configurations.

App Engine

  • Added the --tunnel-through-iap flag to gcloud beta app instances scp. Using this flag lets you use an Identity-Aware Proxy (IAP) tunnel when attempting to SCP to/from an App Engine flexible environment instance without an external IP address.

Cloud Run

  • Promotes gcloud beta run jobs logs read to beta, which reads logs from a selected resource.
  • Promotes gcloud beta run jobs logs tail to beta, which tail logs from a selected resource.

Cloud SQL

  • Promoted gcloud sql users describe command to GA.

Cloud Storage

  • Updated gsutil component to 5.19.
    • Fixed an issue causing parallel transfer commands to require elevated permissions.

Compute Engine

  • Modified gcloud compute instance-groups managed update to support relative path for regional health check.
  • Added --allow-psc-global-access flag of gcloud compute forwarding-rules <create|update> to beta.
  • Promoted gcloud compute resource-policies update snapshot-schedule to beta.

Config Controller

  • Fixed issue where --full-management flag doesn't take effect.

Immersive Stream

  • Promoted gcloud immersive-stream xr to GA.

Kubernetes Engine

  • Updates default kubectl from 1.24.9 to 1.24.10.
  • Additional kubectl versions:
    • kubectl.1.21 (1.21.14)
    • kubectl.1.22 (1.22.17)
    • kubectl.1.23 (1.23.16)
    • kubectl.1.24 (1.24.10)
    • kubectl.1.25 (1.25.6)
    • kubectl.1.26 (1.26.1)

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

415.0.0 (2023-01-24)

Google Cloud CLI

  • Global --format flag now respects the core/default_format property when --format=default. If core/default_format is not set, then default format is yaml.

AI

  • Modified --region flag of gcloud ai endpoints to include new online prediction regions.
  • Modified --region flag of gcloud ai models to include new online prediction regions.
  • Added --enable-dashboard-access flag to gcloud ai custom-jobs create and gcloud ai hp-tuning-jobs create to allow the access to the dashboard specified in custom container.

BigQuery

  • Added support for using the auth/impersonate_service_account property in bq commands.

Cloud Build

  • Added command groups for managing connections and repositories: gcloud beta builds connections and gcloud beta builds repositories.

Cloud Dataproc

  • Added gcloud dataproc node-groups group with commands: describe and resize.
  • Added --driver-pool-${X} flags to gcloud dataproc clusters create.

Cloud Firestore

  • Added --database flag to gcloud firestore operations to add database support for Firestore operations.

Cloud On Demand Scanning

  • Fixed issue with extracting packages from Go binaries built with newer versions of to the Go toolchain.

Cloud Org Policy

  • Added --update-mask to gcloud org-policies set-policy to specify the fields to be overwritten in the policy.

Cloud Pub/Sub

  • Added gcloud pubsub schemas commit to commit a revision for a Pub/Sub schema.
  • Added gcloud pubsub schemas rollback to roll back a revision for a Pub/Sub schema.
  • Added gcloud pubsub schemas delete-revision to delete a revision for a Pub/Sub schema.
  • Added gcloud pubsub schemas list-revisions to list all revisions for a Pub/Sub schema.
  • Added --first-revision-id and --last-revision-id flags to gcloud pubsub topics create to create schema settings for Pub/Sub topics.
  • Added --clear-schema-settings, --schema, --message-encoding, --first-revision-id and --last-revision-id flags to gcloud pubsub topics update to update schema settings for a Pub/Sub topic.

Cloud SQL

  • Promoted gcloud sql users describe command to beta.

Compute Engine

  • Added --update-policy-<type|max-unavailable|max-surge|minimal-action|most-disrtuptive-action|replacement-method> flags of gcloud compute instance-groups managed <create|update> to GA.
  • Added --update-policy-min-ready flag of gcloud compute instance-groups managed <create|update> to beta.
  • Added --enforce-on-key-configs flag to gcloud beta compute security-policies rules create and gcloud beta compute security-policies rules update.

Dataproc Metastore

  • Promoted gcloud metastore services import flag --dump-type to GA.
  • Promoted gcloud metastore services export flag --dump-type to GA.

Declarative Workflows

  • Make --storage-path, --resource-types and --resource-types-file mutually exclusive in gcloud beta resource-config bulk-export.

Kpt

Recommender

  • Added support for gcloud recommender recommendations mark-dismissed.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

414.0.0 (2023-01-18)

Anthos Multi-Cloud

  • Added --azure-tenant-id and --azure-application-id flags to gcloud container azure clusters create and gcloud container azure clusters update to set authentication configuration for management of Azure resources. These flags replace --client flag.

Apigee

  • Fixed issue where gcloud apigee apis describe would demand a non-existent --revision argument.

Cloud API Gateway

  • Fixed issue where sort-by arguments in list commands produced type validation errors.

Cloud Build

  • Added --peered-network-ip-range flag to gcloud builds worker-pools create.

Cloud Firestore

  • Added database support for Firestore import/export.
  • Added namespace_ids support for Firestore import/export.
  • Added databaseId support for Firestore TTL.
  • Added databaseId support for Firestore SFI.

Cloud Storage

  • Add IAM and ACL-related flags.
  • Updated gsutil component to 5.18.

Compute Engine

  • Promoted --external-ipv6-address flag of gcloud compute instances network-interfaces update to GA.
  • Promoted --external-ipv6-prefix-length flag of gcloud compute instances network-interfaces update to GA.
  • Added keyword network-attachment for --network-interface in gcloud compute instance-templates create.
  • Promoted --external-ipv6-address flag of gcloud compute instances create to GA.
  • Promoted --external-ipv6-prefix-length flag of gcloud compute instances create to GA.
  • Promoted --source-instance-template flag of gcloud compute reservations create to GA.

Database Migration

  • Added gcloud database-migration conversion-workspaces seed which seeds from a connection profile for a database-migration conversion workspace.
  • Added gcloud database-migration conversion-workspaces delete which deletes a database-migration conversion workspace.
  • Added gcloud database-migration conversion-workspaces convert which converts source entities to draft entities in a database-migration conversion workspace.
  • Added gcloud database-migration conversion-workspaces apply which applies a database-migration conversion workspace onto the destination database.
  • Added gcloud database-migration conversion-workspaces list-background-jobs which lists the background jobs in a database-migration conversion workspaces.
  • Added gcloud database-migration conversion-workspaces describe-entities which describes the database entities in a database-migration conversion workspaces.

Dataproc Metastore

  • Promoted gcloud metastore services flag --database-type to GA.

Kubernetes Engine

  • Updates default kubectl from 1.23.15 to 1.24.9.
  • Additional kubectl versions:
    • kubectl.1.21 (1.21.14)
    • kubectl.1.22 (1.22.17)
    • kubectl.1.23 (1.23.15)
    • kubectl.1.24 (1.24.9)
    • kubectl.1.25 (1.25.5)
    • kubectl.1.26 (1.26.0)

Network Management

  • Added appEngineVersion and cloudRunRevision arguments for source in gcloud network-management connectivity-tests. This allows the user to run tests using App Engine version and Cloud Run revision endpoint types as source.

Security Command Center

  • Fixed gcloud scc findings create to require flag event-time.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

413.0.0 (2023-01-10)

Breaking Changes

  • (Cloud Storage) Added --fetch-encrypted-object-hashes flag to ls and objects list commands. API requests to the LIST endpoint do not fetch the hashes for encrypted objects by default. If this flag is set, a GET request is sent for each encrypted object in order to fetch hashes. This can significantly increase the cost of the commands.
    • Previously, the fallback to GET was implemented for CSEK-encrypted objects as the default behavior. With this flag, both CSEK and CMEK are handled, and gcloud CLI checks if it has the necessary CSEK key before sending a GET request.
  • (Kubernetes Engine) This change starts using the Client-Go Credential Plugin gke-gcloud-auth-plugin as noted in Client-go Credential Plugin changes.

Google Cloud CLI

  • Fixed a crash during reauth when Enterprise Certificate is used.
  • Fixed issue where the gcloud CLI would crash when invoked in PowerShell 7.3. This issue was reported at: https://issuetracker.google.com/issues/259295558.
  • Added core/default_format and core/format properties to config in order enable setting a default print format. Print format is first determined by global flag --format. If --format flag is not defined, then CLI defaults to core/format value. If core/format is not defined, then CLI defaults to command specific output. If command specific output is undefined, then format is determined by core/default_format. core/default_format defaults to yaml format.

AI

  • Modified --region flag of gcloud ai model-monitoring-jobs to include new model monitoring jobs regions.
  • Modified --explanation-metadata-file flag of gcloud ai models upload from required to optional.
  • Added optional output-image-uri field to --worker-pool-spec flag of gcloud ai custom-jobs create to name and store the custom image built with autopackaging in the specified Google Container Registry or Artifact Registry.

Anthos Multi-Cloud

  • Updated gcloud container aws operations list to show the underlying action (create, update, delete, etc) associated with AWS long-running operations.
  • Updated gcloud container azure operations list to show the underlying action (create, update, delete, etc) associated with Azure long-running operations.
  • Added gcloud container azure operations cancel to cancel an ongoing LRO operation on Azure resources.
  • Added gcloud container aws operations cancel to cancel an ongoing LRO operation on AWS resources.
  • Added --tags flag to gcloud container aws node-pools update to update the tags assigned to AWS node pool resources.
  • Added --clear-tags flag to gcloud container aws node-pools update to clear the tags assigned to AWS node pool resources.
  • Added --autoscaling-metrics-granularity flag to gcloud container aws node-pools create to set granularity when enabling CloudWatch metrics collection of the autoscaling group of AWS node pools.
  • Added --autoscaling-metrics flag to gcloud container aws node-pools create to enable collection of specific CloudWatch metrics of the autoscaling group of AWS node pools.
  • Added --autoscaling-metrics-granularity flag to gcloud container aws node-pools update to update the granularity of CloudWatch metrics collection for the autoscaling group of AWS node pools.
  • Added --autoscaling-metrics flag to gcloud container aws node-pools update to update the collection of specific CloudWatch metrics for the autoscaling group of AWS node pools.
  • Added --clear-autoscaling-metrics flag to gcloud container aws node-pools update to clear the CloudWatch metrics collection associated with the autoscaling group of AWS node pools.
  • Added gcloud container attached operations list to show the underlying action (create, update, delete, etc) associated with Attached clusters long-running operations.
  • Added gcloud container attached operations describe to show detailed status of a provided Attached clusters long-running operation.
  • Added gcloud container attached operations wait to wait for completion of a provided Attached clusters long-running operation.

BigQuery

  • Fixed issue with timestamp normalization in Windows.
  • Extended the insert flags to include a insert_id flag that's appended to the row number of the data to be inserted as the insertId field that's used for deduping newly inserted rows. This can be used to ensure repeat executions don't add unintended data.

Cloud Access Context Manager

  • Promoted gcloud access-context-manager authorized-orgs to GA.

Cloud Build

  • Removed --subscription-filter flag of gcloud builds triggers create manual.

Cloud Composer

  • Added --enable-cloud-data-lineage-integration to gcloud composer environments create/update to enable Cloud Data Lineage integration.
  • Added --disable-cloud-data-lineage-integration to gcloud composer environments update to disable Cloud Data Lineage integration.
  • Enabled db check Airflow command executable via gcloud composer environments run for environments with Airflow 2.3 or newer.

Cloud Datalab

  • Removed gcloud datalab component.

Cloud Run

  • Added --env-vars-file to gcloud beta run jobs create to add environment variables to the job from a YAML file.
  • Removed the call to action from gcloud beta run integrations describe for Redis integrations that are not ready for use.

Cloud SQL

  • Added --striped and --stripe_count flags to gcloud sql import bak and added --striped flag to gcloud sql export bak to enable the striped import/export feature for SQL Server.
  • Promoted --restore-database-name flag for gcloud sql instance clone --point-in-time to support single database PITR restore for SQL Server to beta and GA.
  • Added gcloud sql users describe command, which describes a Cloud SQL user in an instance in alpha.

Cloud Services

  • Promoted gcloud services api-keys list in beta.
    • Promoted gcloud services api-keys describe in beta.
    • Promoted gcloud services api-keys get-key-string in beta.
    • Promoted gcloud services api-keys create in beta.
    • Promoted gcloud services api-keys update in beta.

Cloud Storage

  • Added gcloud storage buckets create --placement flag.
  • Promoted gcloud storage objects update retention flags to GA.
    • --event-based-hold
    • --temporary-hold
  • Removed gcloud storage buckets update --no-lock-retention-period flag.

Cloud Workstations

  • Added gcloud beta workstations clusters create which creates a cluster under a specified region.
  • Added gcloud beta workstations configs create which creates a workstation configuration under a specified cluster.
  • Added gcloud beta workstations create which creates a workstation under a specified config.
  • Added gcloud beta workstations delete which deletes the given workstation.
  • Added gcloud beta workstations configs delete which deletes the given config.
  • Added gcloud beta workstations clusters delete which deletes the given cluster.
  • Added gcloud beta workstations describe which displays all fields for a given workstation.
  • Added gcloud beta workstations configs describe which displays all fields for a given config.
  • Added gcloud beta workstations clusters describe which displays all fields for a given cluster.
  • Added gcloud beta workstations start which starts a specified workstation.
  • Added gcloud beta workstations stop which stops a specified workstation.

Compute Engine

  • Added -iam-policyand-iam-policy-bindingstogcloud beta compute backend-buckets`.
  • Promoted --endpoint-type flag of gcloud compute addresses create to GA.
  • Promoted gcloud compute sole-tenancy node-groups simulate-maintenance-event to beta.
  • Added --all-instances-config-effective flag of gcloud compute instance-groups managed wait-until to beta.
  • Modified gcloud compute forwarding-rules create to allow specifying --address and --ip-version at the same time.

Compute Firewall Policies

  • Fixed gcloud compute network-firewall-policies rules update not sending an empty list to the API if a field is specified as empty.

Database Migration

  • Added gcloud database-migration private-connections create which creates a database-migration private connection.
  • Added gcloud database-migration private-connections list which lists the database-migration private connections.
  • Added gcloud database-migration private-connections describe which describes a database-migration private connection.
  • Added gcloud database-migration private-connections delete which deletes a database-migration private connection.
  • Updated gcloud database-migration connection-profiles create to support creating Oracle connection profiles.
  • Updated gcloud database-migration connection-profiles create to support connectivity in creating Postgresql connection profiles.
  • Added gcloud database-migrate conversion-workspaces create which creates a database-migration conversion workspace.
  • Added gcloud database-migrate conversion-workspaces update which updates a database-migration conversion workspace.
  • Added gcloud database-migration conversion-workspaces list which lists the database-migration conversion workspaces.
  • Added gcloud database-migration conversion-workspaces describe which describes a database-migration conversion workspace.
  • Added gcloud database-migration conversion-workspaces commit which commits a database-migration conversion workspace.
  • Added gcloud database-migration conversion-workspaces rollback which rollbacks a database-migration conversion workspace.

Kubernetes Engine

  • Updates default kubectl from 1.23.14 to 1.23.15.
  • Removes kubectl.1.20, since it is no longer needed.
  • Additional kubectl versions:
    • kubectl.1.21 (1.21.14)
    • kubectl.1.22 (1.22.17)
    • kubectl.1.23 (1.23.15)
    • kubectl.1.24 (1.24.9)
    • kubectl.1.25 (1.25.5)

Pubsub Emulator

  • Added support for Exactly-once Delivery.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

412.0.0 (2022-12-13)

Breaking Changes

  • (Compute Engine) Modified concurrent operation quota errors to show additional information to user instead of just error message.

Google Cloud CLI

  • Added property core/parse_error_details. If set, gcloud CLI will parse and display errors in a more human readable format, where available.

AI

  • Modified --region flag of gcloud ai endpoints to include new online prediction regions.
  • Modified --region flag of gcloud ai models to include new online prediction regions.
  • Modified --region flag of gcloud ai custom-jobs to include new online training regions.
  • Modified --region flag of gcloud ai hp-tuning-jobs to include new online training regions.

AlloyDB

  • Introduced gcloud alloydb track.

Anthos Multi-Cloud

  • Promoted gcloud container attached to GA.

App Engine

  • Updated gcloud beta app instances ssh to use an IAP tunnel when attempting to SSH to an instance without an external IP.

Cloud Build

  • Modified one of gcloud builds triggers run --branch, gcloud builds triggers run --tag, and gcloud builds triggers run --sha flag to be required.
  • Make --region flag visible in builds triggers create command group. Set --dockerfile flag as required for builds triggers create command group.
  • Ungroup --build-config flag and --inline-config flag for builds triggers create command group.
  • Promoted gcloud builds triggers to GA.

Cloud Composer

  • Added gcloud composer environments snapshots load - to load a snapshot into the environment.
  • Added gcloud composer environments snapshots save - save a snapshot of the environment.
  • Added --enable-scheduled-snapshot-creation to gcloud composer environments create/update to enable snapshots of the environment creation according to a schedule. Can be specified for Composer 2.0.32 or greater.
  • Added --snapshot-creation-schedule to gcloud composer environments create/update to specify cron expression when snapshots of the environment should be created.
  • Added --snapshot-location to gcloud composer environments create/update to specify the Cloud Storage location for storing automatically created snapshots.
  • Added --snapshot-schedule-timezone to gcloud composer environments create/update to specify Timezone that sets the context to interpret snapshot_creation_schedule.
  • Added --disable-scheduled-snapshot-creation to gcloud composer environments update to disable the automatic snapshots creation.

Cloud Datastream

  • Fixed issue where gcloud datastream create failed for Postgresql source config.

Cloud Functions

  • Added --cpu flag to gcloud beta functions deploy for 2nd Gen functions to alpha and beta.
  • Added --concurrency flag to gcloud beta functions deploy for 2nd Gen functions to alpha and beta.

Cloud Pub/Sub

  • Added --event-time and --publish-time flags to gcloud pubsub lite-subscriptions create to create Pub/Sub Lite subscriptions from a nominated timestamp.
  • Added --export-pubsub-topic, --export-dead-letter-topic and --export-desired-state flags to gcloud pubsub lite-subscriptions create to create Pub/Sub Lite export subscriptions.
  • Added --export-pubsub-topic, --export-dead-letter-topic and --export-desired-state flags to gcloud pubsub lite-subscriptions update to update Pub/Sub Lite export subscriptions.

Cloud SQL

  • Added --enable-google-private-path flag to gcloud sql instances create and gcloud sql instances patch commands in Alpha, Beta, and GA. This field specifies whether the instance is accessible to internal Google Cloud services such as BigQuery. This is applicable only to MySQL and PostgreSQL instances that don't use public IP. Currently, SQL Server isn't supported.

Cloud Services

  • Promoted gcloud services api-keys delete to beta.
  • Promoted gcloud services api-keys undelete to beta.

Cloud Workstations

  • Added gcloud beta workstations configs list which lists workstation configs under a specified cluster.

Config Controller

  • Added --full-management flag to gcloud anthos config controller create to allow creating Config Controller on GKE Autopilot instances.

Database Migration

  • Updated gcloud database-migration connection-profiles create to support creating AlloyDB connection profiles.

Firebase Test Lab

  • Added --robo-script flag to gcloud firebase test ios run to customize an iOS Robo crawl with a Robo script.

Identity and Access Management

  • Added --executable-interactive-timeout-millis flag to gcloud iam workforce pools create-cred-config. This enables using executable-sourced credentials with user interactivity with gcloud auth login --cred-file=/path/to/interactive/executable/config.json when using Workforce Identity Federation.

Kubernetes Engine

  • Added --stack-type and --ipv6-access-type arguments to gcloud container clusters create command to support dual stack GKE clusters.
  • Added --stack-type argument to gcloud container clusters update command to support changing stack type between IPv4 and dual stack GKE clusters.
  • Added --ephemeral-storage-local-ssd to gcloud beta container clusters create, gcloud beta container node-pools create, gcloud container clusters create, gcloud container node-pools create. This flag is used to configure nodes' ephemeral storage to be backed by local SSDs.
  • Added --local-nvme-ssd-block to gcloud beta container clusters create, gcloud beta container node-pools create, gcloud container clusters create, gcloud container node-pools create. This flag is used to initialize nodes in node-pool with raw-block local NVMe SSDs attached.

Notebooks

  • Added support for Shielded VM configuration to gcloud notebooks instances create.
  • Added support for reservation configuration to gcloud notebooks instances create.

Terraform

  • Added zone and region option for gcloud beta terraform vet.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

411.0.0 (2022-12-06)

Breaking Changes

  • (Compute Engine) Added rhel-9 and rhel-9-byol options to --os flag for:
    • gcloud compute images import in GA,
    • gcloud compute instances import in GA
    • gcloud compute machine-images import in GA

Google Cloud CLI

  • Added gcloud topic command group to alpha and beta.

App Engine

  • Add --service-account flag of gcloud app create to GA, which allows to create an app with a user-managed service account.
  • Add --service-account flag of gcloud app update to GA, which allows to update the app with a user-managed service account.

App Engine Flexible Environment

  • Add --service-account flag of gcloud app create to GA, which allows to create an app with a user-managed service account.
  • Add --service-account flag of gcloud app update to GA, which allows to update the app with a user-managed service account.

BigQuery

  • Expose enable_resumable_uploads flag in public bq.
  • Formatting fix for bigquery_client.py.
  • Changed "locking" Owned Test Accounts to "getting" to avoid overloading AccountProviderService.
  • Extended api logging to include URIs of requests.
  • Extends encodings supported during file upload.
  • Messages and fails early when the user tries to upload with an invalid schema.
  • Adds support for GOOGLE_CLOUD_QUOTA_PROJECT environment variable.
  • Adds configuration for external accounts using token_uri.
  • Dataset name validation and feedback.

Cloud Bigtable

  • Promoted gcloud bigtable instances tables create to beta and GA.
  • Promoted gcloud bigtable instances tables delete to beta and GA.
  • Promoted gcloud bigtable instances tables update to beta and GA.
  • Added include-stats option to cbt lookup and cbt read commands.
  • Added cbt notices command, which displays licenses covering all direct and indirect dependencies.

Cloud Build

  • Bugfix to enforce limits to be applied after filters.
  • Added --enterprise-config flag to builds triggers create github to support creating GitHub Enterprise trigger.

Cloud Composer

  • Added --enable-scheduled-snapshot-creation to gcloud beta composer environments create/update to enable snapshots of the environment creation according to a schedule. Can be specified for Composer 2.0.32 or greater.
  • Added --snapshot-creation-schedule to gcloud beta composer environments create/update to specify cron expression when snapshots of the environment should be created.
  • Added --snapshot-location to gcloud beta composer environments create/update to specify the Cloud Storage location for storing automatically created snapshots.
  • Added --snapshot-schedule-timezone to gcloud beta composer environments create/update to specify Timezone that sets the context to interpret snapshot_creation_schedule.
  • Added --disable-scheduled-snapshot-creation to gcloud beta composer environments update to disable the automatic snapshots creation.

Cloud Firestore

  • Add apiScope output for Firestore index. ApiScope can be viewed in gcloud firestore indexes composite list and gcloud firestore indexes composite describe.
  • Added databaseId support for Firestore index.

Cloud IDS

  • Added --threat_exceptions flag to exclude certain threat types from being reported.

Cloud Key Management Service

  • Modified gcloud kms import-jobs create to accept new SHA256 import methods rsa-oaep-3072-sha256, rsa-oaep-3072-sha256-aes-256, rsa-oaep-4096-sha256, and rsa-oaep-4096-sha256-aes-256.

Cloud Pub/Sub

  • Promoted --enable-exactly-once-delivery flag of gcloud pubsub subscriptions create to GA.
  • Promoted --enable-exactly-once-delivery flag of gcloud pubsub subscriptions update to GA.

Cloud Run

  • Promoted --execution-environment of gcloud run from beta to GA.
  • Fixed issue where gcloud beta run jobs execute with --wait flag, and other jobs commands to wait for an execution to complete, failed to wait more than 30 minutes.
  • Fixed issue where gcloud beta run integrations delete failed when the associated Cloud Run service is deleted.

Cloud SQL

  • Promoted --timeout flag for gcloud sql instances create to GA.
  • Added --restore-database-name flag to gcloud sql instance clone --point-in-time to support single database PITR restore for SQL Server.

Cloud Services

  • Updated gcloud services list to retry 429 errors.
  • Set the default page size for gcloud services list to 200.
  • Promoted gcloud services api-keys lookup to beta.

Cloud Spanner

  • Added --skip-init flag to gcloud spanner samples run.

Cloud Storage

  • Promoted gcloud storage buckets update retention flags to GA.
    • --default-event-based-hold
    • --retention-period
    • --clear-retention-period
    • --lock-retention-period
  • Promoted gcloud storage buckets update --uniform-bucket-level-access to GA.
  • Rebuilt gcloud-crc32c 1.0.0 on latest version of golang.
  • Updated gsutil component to 5.17.

Compute Engine

  • Added --merge-source-commitment to gcloud compute commitments create for beta and GA.
  • Fixed issue where gcloud compute instance-groups unmanaged list-instances would fail to fall back to the compute/zone property when --zone was missing.
  • Added customRequestHeaders and customResponseHeaders to modifiable fields list in gcloud compute backend-services edit.

Dataproc Metastore

  • Added support for querying and mutating Dataproc Metastore metadata. The following commands have been added to the alpha and beta release tracks:
    • metastore services queryMetadata
    • metastore services alterLocation
    • metastore services moveTableToDatabase

Distributed Cloud Edge

  • Added warning to long running operation metadata of gcloud edge-cloud container cluster create/update when the cluster has a maintenance window configuration that overlaps with other clusters' in the same project.

Firebase Test Lab

  • Added --type=robo flag to gcloud firebase test ios run to support running iOS Robo tests.

GKE Hub

  • Fixed bug in gcloud container fleet and gcloud container hub command groups where a membership with ambiguous location was not given default value global.

Kubernetes Engine

  • Promoted --cluster-dns-scope=cluster flag of gcloud container clusters create and gcloud container clusters update to GA.
  • Promoted --binauthz-evaluation-mode=MONITORING, binauthz-evaluation-mode=MONITORING_AND_PROJECT_SINGLETON_POLICY_ENFORCE, and --binauthz-policy flags of gcloud container clusters create, gcloud container clusters create-auto, and gcloud container clusters update to beta.
  • Corrected outdated description help text of gcloud container node-pools delete.
  • Promoted --placement-type flag for gcloud container clusters create command to GA.
  • Promoted --placement-type flag for gcloud container node-pools create command to GA.
  • Added --async flag to gcloud container node-pools create/update to allow the in-progress operation to be returned, instead of the node pool.
  • Additionally, default formatting for gcloud container node-pools create/update/delete --async has been added to provide a more human-readable format of the operation; potentially impacting parsing of output. It is recommended to use --format when parsing gcloud CLI output.
  • Updates default kubectl from 1.22.14 to 1.23.14.
  • Additional kubectl versions:

    • kubectl.1.20 (1.20.15)
    • kubectl.1.21 (1.21.14)
    • kubectl.1.22 (1.22.15)
    • kubectl.1.23 (1.23.14)
    • kubectl.1.24 (1.24.8)
    • kubectl.1.25 (1.25.4)
  • Added --windows-os-version flag to gcloud container node-pools create/update to allow create Windows node pools using Windows Server LTSC 2022 Containerd node image.

Media CDN

  • Added gcloud edge-cache command group to enable configuration of Media CDN.

Network Connectivity

  • Promoted gcloud network-connectivity internal-ranges command group to GA.

Network Security

  • Promoting networksecurity firewall API to v1beta1.
  • Promoted commands under gcloud network-security org-address-groups and gcloud network-security address-groups to beta.

Recommender

  • Added billing account scope support for gcloud recommender recommender-config describe.
  • Added billing account scope support for gcloud recommender recommender-config update.
  • Added billing account scope support for gcloud recommender insight-type-config describe.
  • Added billing account scope support for gcloud recommender insight-type-config update.

Terraform

  • Added support for environment variables GOOGLE_PROJECT, GOOGLE_CLOUD_PROJECT, GCLOUD_PROJECT in gcloud beta terraform vet.
  • Fixed an issue where gcloud beta terraform vet would fail while trying to format and output pre-formatted error strings.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

410.0.0 (2022-11-15)

Google Cloud CLI

  • Added gcloud topic endpoint-override for details on overriding the default api URL.

AI

  • Added asia-southeast2, europe-central2, and us-south1 options to --region flag of gcloud ai custom-jobs and gcloud ai hp-tuning-jobs.

AlloyDB

  • Introduced the following commands: gcloud beta alloydb clusters create-secondary, gcloud beta alloydb instances create-secondary, gcloud beta alloydb clusters promote.

App Engine

Artifact Registry

  • Update maven and gradle plugin versions to 2.2.0.

Assured Workloads

  • Added SOVEREIGN_CONTROLS_BY_T_SYSTEMS as an option for --partner flag of gcloud assured workloads create command (available for both beta and GA).

Cloud Asset Inventory

  • Promoted gcloud asset query command to GA.

Cloud Bigtable

  • Added stats option to --view flag for bigtable instances tables describe.

Cloud Composer

  • Added --enable-triggerer to gcloud beta composer environments create/update to allow usage of deferrable operators in dags.
  • Added --triggerer-cpu to gcloud beta composer environments create/update to specify CPU allocated to Airflow triggerer.
  • Added --triggerer-memory to gcloud beta composer environments create/update to specify memory allocated to Airflow triggerer.
  • Added --disable-triggerer to gcloud beta composer environments update to disable Airflow triggerer.

Cloud Dataproc

  • Added --async flag to gcloud dataproc jobs kill.

Cloud Datastream

  • Added the max_concurrent_cdc_tasks support to --mysql-source-config and --oracle-source-config flags in gcloud datastream streams.
  • Fixed issue where stream create using a mysql-source-config or oracle-source-config with column level filtering fails to create.

Cloud Functions

  • Fixed issue where gcloud functions list would crash when a 2nd Gen-only region was specified using --regions.
  • Updated gcloud function describe to look up both 1st Gen and 2nd Gen environments for the function. When --gen2 flag is specified, only 2nd Gen functions will be looked up.

Cloud Run

  • Promoted gcloud run services logs read and gcloud run revisions logs read to beta, which reads logs from a selected resource.
  • Promoted gcloud run services logs tail and gcloud run revisions logs tail to beta, which tail logs from a selected resource.
  • Added --execute-now and --wait flags to gcloud beta run job update to immediately execute the job after update and wait for completion.
  • Promoted gcloud beta run integrations command group and all sub-commands to beta.

Compute Engine

  • Promoted --list-managed-instances-results flag for gcloud compute instance-groups managed create and gcloud compute instance-groups managed update to GA.
  • Fixed --network-interface to mark the public IP as None when --no-address is specified.

GKE Hub

  • Fixed issue where gcloud container fleet memberships commands did not output memberships with missing cluster.
  • Fixed bug in gcloud container fleet config-management version where memberships were stuck with version "NA".

Identity and Access Management

  • Added support for retrieving the token introspection endpoint through external account credentials.

Kubernetes Engine

  • Added --labels flag to gcloud container node-pools create/update to allow creating and updating node pools with GCP labels.

VPC Access

  • Promoted gcloud compute networks vpc-access connectors update to beta.
    • Enables updating of min-instances, max-instances and machine-type of already existing vpc-access connectors.

Vmware Engine

  • Added commands for managing resources:
    • Locations
    • Operations
    • VMwareEngine networks
    • Network policies
    • Node types
    • Private clouds
    • Clusters
    • HCX activation keys
    • NSX credentials
    • VCenter credentials
    • Subnets

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

409.0.0 (2022-11-08)

Breaking Changes

  • (Compute Engine) Modified stockout errors to show entire error object to user in yaml format instead of just error message.
  • (Compute Engine) Modified quota exceeded errors to show additional information to user instead of just error message.

Google Cloud CLI

  • Modified gcloud config list to accept both a section name and --all flag. The command will display all the set and unset properties when specifying both.

Anthos Multi-Cloud

  • Added --allow-missing flag to the following command groups: gcloud container aws clusters delete, gcloud container aws node-pools delete, gcloud container azure clients delete, gcloud container azure clusters delete, gcloud container azure node-pools delete, to allow the delete request to succeed, even if the cluster, node-pool or client resource does not exist.

Cloud Composer

  • Added --skip-airflow-overrides-setting to gcloud beta composer snapshots load to allow skipping setting Airflow overrides from the snapshot.
  • Added --skip-environment-variables-setting to gcloud beta composer snapshots load to allow skipping setting environment variables from the snapshot.
  • Added --skip-gcs-data-copying to gcloud beta composer snapshots load to allow skipping copying dags, plugins and data folders from the snapshot.

Cloud Datastream

  • Added the max_concurrent_cdc_tasks support to --mysql-source-config and --oracle-source-config flags in gcloud datastream streams.

Cloud Filestore

  • Fixed issue where --kms-key was being ignored in gcloud filestore backups create command.

Cloud Firestore Emulator

  • Promoted gcloud emulators firestore to GA.
  • Release Cloud Firestore emulator v1.15.1
    • feat: allow users to configure websocket port

Cloud Functions

  • Fixed issue where gcloud functions list would crash when a 2nd Gen-only region was specified using --regions.

Cloud Logging

  • Updated gcloud logging read to accept multiple resources to query using a new --resource-names flag.

Cloud SQL

  • Added the following flags to gcloud sql instances create in BETA:
    • --timeout

Compute Engine

  • Added --split-source-commitment to gcloud compute commitments create for beta and GA.
  • Promoted any-single-zone value support for the flag --target-distribution-shape of gcloud compute instance-groups managed create / update to beta.
  • Added keyword network-attachment for --network-interface in gcloud compute instances create.
  • Promoted --max-run-duration flag of gcloud compute instances create to beta.
    • Allows specifying the duration of time after which the instance will terminate.
  • Promoted --termination-time flag of gcloud compute instances create to beta.
    • Allows specifying the timestamp that the instance will terminate.
  • Added 3 additional accepted values to --enforce-on-key for gcloud compute security-policies rules create|update and promoted it to GA.
  • Promoted gcloud compute network-edge-security-services command group to GA.
  • Promoted --region and '--global' flags of gcloud compute security-policies to GA.
  • Promoted --network-ddos-protection flag of gcloud compute security-policies update to GA.

Distributed Cloud Edge

  • Removed unsupported GPU_TYPE field from gcloud edge-cloud container machines list. This field will be restored once the API provides accurate GPU information.

GKE Hub

  • Fixed a bug where gcloud container fleet memberships get-credentials and gcloud container hub memberships get-credentials would not return an error when the membership argument was left empty.

Kubernetes Engine

  • Corrected outdated description help text of gcloud container node-pools delete.
  • Added --private-endpoint-subnetwork and --enable-google-cloud-access flags to gcloud container clusters create and gcloud container clusters create-auto.
  • Added --enable-google-cloud-access and --enable-private-endpoint flags to gcloud container clusters update.
  • Added --enable-private-nodes flag to gcloud container node-pools create and gcloud container node-pools update.

Notebooks

  • Added gcloud notebooks instances diagnose and gcloud notebooks runtimes diagnose commands to GA. These commands provide access to the AI Platform Notebooks new Diagnose API.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

408.0.1 (2022-11-02)

BigQuery

  • Adds various fixes to PSC environments.
  • Adds support for random forest models as part of BQML.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

408.0.0 (2022-11-01)

Breaking Changes

AI

  • Added more available regions to gcloud ai model-monitoring-jobs.
  • Added --version-description flag to gcloud ai models upload to support setting model version description.

BigQuery

  • Add missing open source licenses.
  • Expose Iceberg for public preview.

Cloud Composer

  • Added --connection-type flag to gcloud beta composer environments create and gcloud composer environments create command to allow forcing the use of VPC peerings for internal communication.

Cloud Deploy

  • Added initial-rollout-labels and initial-rollout-annotations flags to gcloud deploy releases create command.

Cloud SQL

  • Promoted --connector_enforcement flag for gcloud sql instances create and gcloud sql instances patch to GA.

Cloud Storage

  • Updated gsutil component to 5.16.

Compute Engine

  • Promoted --discard-local-ssd flag of gcloud compute instances stop to beta.
  • Promoted --force-update-on-repair flag of gcloud compute instance-groups managed <create | update> to beta.
  • Fixed missing ephemeral IP when neither --address nor --no-address keys are provided with --network-interface flag during instance template creation.

GKE Hub

  • Changed membership-related flags in gcloud container fleet and gcloud container hub command groups to resource arguments, adding --location flag and LOCATION column in list commands.

Kubernetes Engine

  • Promoted --enable-managed-prometheus flag of gcloud container clusters create/update to GA.
  • Promoted --disable-managed-prometheus flag of gcloud container clusters update to GA.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

407.0.0 (2022-10-25)

Breaking Changes

  • (Cloud Run) Now gcloud beta run jobs update command removes existing Binary Authorization breakglass justification if --breakglass flag is not set.
  • (Cloud Run) In gcloud run deploy and gcloud run services update, --set-secrets, --remove-secrets, and --update-secrets flags now support mounting multiple versions of the same secret in the same directory.
  • (Cloud Run)
    • If multiple different secrets are requested to be mounted in the same directory, including for secrets already set on the service in the case of --update-secrets, the operation will now fail instead of silently overriding all secret versions with the last one specified.
  • (Compute Engine) Removed --csek-key-file flag of gcloud beta compute instances resume
    • Removing since instance suspend and resume do not support CSEK
    • If your instance with CSEK protection is suspended, please stop the instance then restart it and file a bug.

Assured Workloads

  • Added ASSURED_WORKLOADS_FOR_PARTNERS as an option for --compliance-regime flag of gcloud assured workloads create command.
  • Added --partner flag (optional) for gcloud assured workloads create command to enable creation of partner workload (workload managed by local trusted partners) through gCloud command.

Cloud DNS

  • Promoted gcloud dns managed-zones get-iam-policy and gcloud dns managed-zones set-iam-policy to GA.

Cloud Dataplex

  • Promoted Content command group to GA.
  • Promoted Environment command group to GA.

Cloud Datastream

  • Added postgresql type to --type flag of datastream connection-profiles <create/update>.
  • Added postgresql type to --postgresql-rdbms-file flag of datastream connection-profiles discover.
  • Added --postgresql-source-config flag to gcloud datastream streams <create/update>.
  • Added postgresql type to --type flag of datastream connection-profiles <create/update>.

Cloud Filestore

  • Added --kms-key flag to gcloud beta filestore backups create, which allows an Enterprise or High Scale backup to be created that is encrypted with a CMEK key." => "which creates a backup with an associated customer-managed encryption key (CMEK). Only available for Enterprise or High Scale tier instances.
  • Added --location flag to gcloud beta filestore instances restore, which restores Enterprise instances." => "restore Basic HDD, Basic SSD, and Enterprise tier instances.
  • Added --instance-location flag to gcloud beta filestore backups create, which accepts either a zone or region and allows clients to create Basic HDD, Basic SSD, and Enterprise tier backups.

Cloud SQL

  • Added the following flags to gcloud sql instances create and gcloud sql instances patch in BETA:
    • --connector_enforcement

Cloud Storage

  • Updated gsutil component to 5.15.

Cloud Workstations

  • Promoted gcloud beta workstations commands to beta for Preview.

Compute Engine

  • Promoted --source-machine-image, --source-machine-image-csek-key-file, and --erase-windows-vss-signature flags of compute instances create to GA.
  • Fixed an issue with --create-disk and --disk flags that causes gcloud compute instance-templates create or gcloud compute instance-templates create-with-container to fail when attaching a boot disk.
  • Promoted --region flag for compute target-tcp-proxies to GA.

Compute Firewall Policies

  • Fixed bug in gcloud compute network-firewall-policies rules update that would cause src-secure-tags to not be updated.

GKE Hub

  • Modified gcloud container fleet memberships register to skip Connect agent installation for GKE clusters by default. Use --install-connect-agent flag to get the old behavior.
  • Modified gcloud container fleet memberships unregister to skip Connect agent uninstallation for GKE clusters by default. Use --uninstall-connect-agent flag to get the old behavior.
  • Added --install-connect-agent flag to gcloud container fleet memberships register and gcloud container hub memberships register to install connect agent on GKE clusters.
  • Added --uninstall-connect-agent flag to gcloud container fleet memberships unregister and gcloud container hub memberships unregister to uninstall Connect agent on GKE clusters.

Identity and Access Management

  • Added gcloud iam policies create which creates a deny policy on the given attachment point with the given name.
  • Added gcloud iam policies delete which deletes a deny policy on the given attachment point with the given name.
  • Added gcloud iam policies get which gets a deny policy on the given attachment point with the given name.
  • Added gcloud iam policies list which lists the deny policies on the given attachment point.
  • Added gcloud iam policies update which updates the deny policy on the given attachment point with the given name.
  • Updated External Account URL validation to allow PSC endpoints.

Kubernetes Engine

  • Added --gateway-api flag to gcloud container clusters create and gcloud container clusters update which allows users to turn on the GKE Gateway controller for their cluster and to select the Gateway API release channel they want to use.

Security Command Center

  • Updated gcloud scc notifications update to allow for project and folder parents.
  • Updated gcloud scc notifications create to allow for project and folder parents.
  • Updated gcloud scc notifications delete to allow for project and folder parents.
  • Updated gcloud scc notifications list to allow for project and folder parents.
  • Updated gcloud scc notifications describe to allow for project and folder parents.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

406.0.0 (2022-10-17)

Breaking Changes

  • (Cloud Storage) Changed "Additional Properties" formatting for ls -L to print condensed JSON object instead of JSON list with key and value keys before every key and value.
  • (Kubernetes Engine) Remove deprecated --istio-config flag of gcloud beta container clusters create and gcloud beta container clusters update.

Anthos Multi-Cloud

  • Promoted --logging flag to gcloud container aws clusters create and gcloud container azure clusters create to update the logging config.
  • Promoted --logging flag to gcloud container aws clusters update and gcloud container azure clusters update to update the logging config.
  • Added --annotations flag to gcloud container azure node-pools create to set the annotations field when creating Azure node pools.
  • Added --annotations flag to gcloud container azure node-pools update to update the annotations of Azure node pools.
  • Added --clear-annotations flag to gcloud container azure node-pools update to clear the annotations of Azure node pools.

Bare Metal Solution

  • Promoted gcloud bms nfs-shares create to GA.
  • Promoted gcloud bms nfs-shares delete to GA.
  • Promoted gcloud bms volumes restore to GA.
  • Promoted gcloud bms volumes snapshot to GA.
  • Promoted gcloud bms volumes snapshots describe to GA.
  • Promoted gcloud bms volumes snapshots list to GA.
  • Promoted gcloud bms volumes snapshots delete to GA.
  • Promoted --add-allowed-client flag of gcloud bms nfs-shares update to GA.
  • Promoted --remove-allowed-client flag of gcloud bms nfs-shares update to GA.
  • Promoted --clear-allowed-clients flag of gcloud bms nfs-shares update to GA.
  • Promoted gcloud bms instances stop to GA.

BigQuery

  • Fixed issue with --api flag in external clients.
  • Added support for the target_job_concurrency flag and begins deprecating the concurrency flag.
  • Added the max_staleness flag for external tables.
  • Added support for SIMPLE with the object_metadata flag.
  • Added ZSTD as an extract option.

Certificate Manager

  • Added gcloud certificate-manager issuance-configs command group to beta. Commands in this group allow for configuring Private Trust certificate issuance.
  • Added --issuance-config flag for gcloud certificate-manager certificates create command to beta. The flag allows configuring managed certificates issuance with Private Trust.

Cloud Access Context Manager

  • Changed --level flag of gcloud access-context-manager cloud-bindings create and gcloud access-context-manager cloud-bindings update to take a string input instead of a resource:
    • No change is required on any previous configurations as a result of this change.

Cloud Datastream

  • Added BigQuery destination type support.

Cloud Firestore Emulator

  • Promoted gcloud emulators firestore to GA.

Cloud SQL

  • Added the following flags to gcloud sql instances create and gcloud sql instances patch for ALPHA:
    • --connector_enforcement

Cloud TPU

  • Promoted --shielded-secure-boot flag of gcloud compute tpus tpu-vm to GA.

Compute Firewall Policies

  • Updated gcloud compute firewall-policies rules create to include help text for src-threat-intelligence, src-fqdns, src-region-codes , src-address-groups, dest-threat-intelligence, dest-fqdns , dest-region-codes and dest-address-groups.
  • Updated gcloud compute firewall-policies rules update to include help text for src-threat-intelligence, src-fqdns, src-region-codes , src-address-groups, dest-threat-intelligence, dest-fqdns , dest-region-codes and dest-address-groups.
  • Updated gcloud compute network-firewall-policies rules create to include help text for src-threat-intelligence, src-fqdns, src-region-codes , src-address-groups, dest-threat-intelligence, dest-fqdns , dest-region-codes and dest-address-groups.
  • Updated gcloud compute network-firewall-policies rules update to include help text for src-threat-intelligence, src-fqdns, src-region-codes , src-address-groups, dest-threat-intelligence, dest-fqdns , dest-region-codes and dest-address-groups.
  • Promoted --src-address-groups and --dest-address-groups flags to beta in gcloud compute firewall-policies rules create , gcloud compute firewall-policies rules update , gcloud compute network-firewall-policies rules create and gcloud compute network-firewall-policies rules update commands.
  • Promoted --src-fqdns and --dest-fqdns flags to beta in gcloud compute firewall-policies rules create , gcloud compute firewall-policies rules update , gcloud compute network-firewall-policies rules create and gcloud compute network-firewall-policies rules update commands.

Kpt

Kubernetes Engine

  • Promoted the GKE add-on BackupRestore of gcloud container clusters <create|update> to GA. This add-on is disabled by default.
    • Use --addons=BackupRestore to enable the add-on during cluster creation.
    • Use --update-addons=BackupRestore=ENABLED|DISABLED to enable/disable the add-on for existing GKE clusters.

Managed Active Directory

  • Promoted gcloud active-directory domains extend-schema to GA.

Network Security

  • Updated gcloud network-security address-groups list to include the TYPE, CAPACITY and USAGE columns in the output.
  • Updated gcloud network-security org-address-groups list to include the TYPE, CAPACITY and USAGE columns in the output.

Security Command Center

  • Updated gcloud scc notifications update to allow for project and folder parents.
  • Updated gcloud scc notifications create to allow for project and folder parents.
  • Updated gcloud scc notifications delete to allow for project and folder parents.
  • Updated gcloud scc notifications list to allow for project and folder parents.

405.0.1 (2022-10-14)

GKE Hub

  • Updated gke-gcloud-auth-plugin to 0.4.0.

Cloud Bigtable

  • Updated the version of cbt to v1.12.1.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

405.0.0 (2022-10-04)

Google Cloud CLI

  • Fixed issue where revoking impersonated ADC credentials caused a crash.
  • Fixed issue where it was not possible to set a logging configuration when creating a regional backend service in alpha and beta.

Anthos Multi-Cloud

  • Added --tags flag to gcloud container aws clusters update to update the tags assigned to control plane replicas.
  • Added --clear-tags flag to gcloud container aws clusters update to clear the tags assigned to control plane replicas.

App Engine

Artifact Registry

  • Automatically creates missing repos for gcloud beta artifacts settings enable-upgrade-redirection command.

Batch

  • Promoted gcloud batch to GA track.

Cloud Dataplex

  • Updated gcloud dataplex tasks create to support scheduling notebooks.

Cloud Firestore

  • Promoted gcloud firestore fields ttls command group to GA.

Cloud Spanner

  • Promoted gcloud spanner instance-configs [create|update|delete] to GA.

Cloud SQL

  • Promoted --time-zone flag of gcloud sql instances create command to GA.
  • Provided a helpful error message when Cloud SQL Proxy fails to start during gcloud sql connect command.

Cloud Run

  • Added gcloud beta run jobs replace to deploy a job from yaml.

Compute Engine

  • Added ubuntu-2204 and windows-11-x64-byol options to --os flag for:
    • gcloud compute images import in GA,
    • gcloud compute instances import in GA
    • gcloud compute machine-images import in GA
  • Updated gcloud compute instance-templates create not to crash if instantiate-from value is not specified in --configure-disk when using --source-instance flag.
  • Promoted --md5-authentication-key flag of gcloud compute routers add-bgp-peer to GA.
  • Promoted --md5-authentication-key and --clear-md5-authentication-key flags of gcloud compute routers update-bgp-peer to GA.

Firebase Test Lab

  • Delayed displaying information about the number of devices used until after all executions are created.

Identity and Access Management

  • Fixed an issue that would cause the Google Cloud CLI to crash when using invalid External Account Credentials.

Kubernetes Engine

  • Added a prompt when passing --enable-binauthz to gcloud container clusters update that acknowledges the current version of Binary Authorization will be downgraded.
  • Promoted --enable-cost-allocation flag of gcloud container clusters create to GA.
  • Promoted --enable-cost-allocation flag of gcloud container clusters update to GA.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

404.0.0 (2022-09-27)

App Engine

Assured Workloads

  • Promoted gcloud assured workloads violations commands to GA. This command provides the ability to create new Assured Workloads environment resources.

Batch

  • Improved error message formats for gcloud batch jobs submit unparsable json config file, gcloud batch jobs describe job and gcloud batch tasks describe task that does not exist.
  • Added new batch/location property that can be used to set a default location. To set the properties, run gcloud config set batch/location LOCATION.

BigQuery

  • Add support for storage_billing_model flag for datasets.
  • Allow users to log in with pluggable-auth based external account credentials.
  • Add support for configuring the access token lifetime for service account impersonation when using external account credentials.
  • Add session support for load jobs.

Cloud Asset Inventory

  • Added --saved-analysis-query option to gcloud asset analyze-iam-policy, which runs a saved analysis query when specified.
  • Added gcloud asset saved-queries commands, which creates, retrieves, updates and deletes saved queries in a specified project, folder or organization.

Cloud Memorystore

  • Added --maintenance-version flag to gcloud beta redis instances update to allow updating a maintenance version when updating an instance.

Cloud Storage

  • Added storage/key_store_path property for encryption/decryption keys.
  • Updated gsutil component to 5.14.

Compute Engine

  • Promoted --region for gcloud compute ssl-policies to GA.

Eventarc

  • Updated gcloud eventarc triggers list to return the locations of triggers.

Identity and Access Management

  • Fixed bug that occurs when switching external account credentials.

Kubernetes Engine

  • Adds new kubectl v1.25 for GKE rapid channel.
  • Removes old kubectl v1.19.
  • Updates default kubectl from 1.22.12 to 1.22.14.
  • Additional kubectl versions:
    • kubectl.1.20 (1.20.15)
    • kubectl.1.21 (1.21.14)
    • kubectl.1.22 (1.22.14)
    • kubectl.1.23 (1.23.11)
    • kubectl.1.24 (1.24.5)
    • kubectl.1.25 (1.25.1)

Managed Active Directory

  • Add