Google Cloud CLI - Release Notes

Copyright 2014-2023 Google Inc. All rights reserved.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

433.0.1 (2023-06-1)

Google Cloud CLI

• Disabled self-signed jwt usage for service accounts.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

433.0.0 (2023-05-31)

Breaking Changes

• (Cloud Run) Added --[no-]async flags to gcloud run jobs delete and gcloud run jobs executions delete with a default value of --no-async. Changed these two commands to wait for delete operation by default.

Google Cloud CLI

• Fixed issue where running the install script from within the root google-cloud-sdk directory would crash with an unactionable error when new versions of certain components were made available prior to installation.

AlloyDB

• Promoted AlloyDB Cross Region Replication commands to GA track. Modified commands include: alloydb clusters create-secondary, alloydb clusters promote, alloydb instances create-secondary.

Anthos On-Prem

• Modified gcloud container bare-metal admin-clusters list. When specifying --location=-, or when both --location and gcloud configuration container_bare_metal/location are not specified, return admin clusters in all locations of the specified project.

Artifact Registry

• Updated the output of gcloud artifacts docker images list with flag --show-occurrences to include SBOM reference occurrences.

Certificate Authority Service

• Added --publishing-encoding-format flag to gcloud privateca pools create and gcloud privateca pools update to allow users to optionally publish DER encoded CA certificates and CRLs to Google Cloud Storage buckets.

Cloud Build

• Added flag to specify substitutions in gcloud builds triggers run.
• Modified --branch, --tag, --sha flags to be optional in gcloud builds triggers run command.

Cloud Composer

• Added --enable-high-resilience to gcloud composer environments create to create environments with high resilience mode.
• Added gcloud composer environments database-failover to manually run a database failover for environments with high resilience enabled.
• Added gcloud composer environments fetch-database-properties to fetch airflow database properties for Composer environments.

Cloud Logging

• Added logging_service_account_id to settings describe response.

Cloud SQL

• Added --no-recovery, --bak-type and --recovery-only flags to gcloud sql import bak and added --bak-type and --differential-base flags to gcloud sql export bak to enable the differential import/export feature for SQL Server.

Cloud Workstations

• Added --accelerator-type and --accelerator-count flags to gcloud beta workstations configs create.

Compute Engine

• Fixed bug in handling quota exceeded error with gcloud compute commitments create command.
• Added --region flag to gcloud beta compute security-policies rules commands.
• Deprecated --no-client-ttl and --no-max-ttl arguments of gcloud compute [backend-services|backend-buckets] [create|update].

Kpt

• Updated kpt in Google Cloud CLI from 1.0.0-beta.33 to 1.0.0-beta.34.

Kubernetes Engine

• Added --enable-best-effort-provision and --min-provision-nodes to gcloud container node-pools create to turn on best effort provisioning for node pool creation.

Network Security

• Added network-security firewall-endpoint-associations commands to manage Cloud Firewall Plus endpoint associations, and promoted them to beta.
• Promoted commands under gcloud network-security address-groups to GA.
• Promoted commands under gcloud network-security org-address-groups to GA.

Security Command Center

• Added gcloud topic datetimes support for gcloud scc command group timestamp and duration flags.

Transfer

• Added --docker-network flag to gcloud transfer agents install to allow configuration of the underlying Docker container's network.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

432.0.0 (2023-05-23)

AI

• Added --public-endpoint-enabled flag to gcloud ai index-endpoints create to support public endpoint.
• Modified --network flag of gcloud ai index-endpoints create to be optional.

Anthos On-Prem

• Added --disable-control-plane-v2 flag to gcloud container vmware clusters create to explicitly disable the use of control plane v2 feature.
• --enable-control-plane-v2 in gcloud container vmware clusters create is by default set for version 1.15+.
• Added --ignore-errors flag to gcloud container bare-metal admin-clusters unenroll. If set, the unenrollment of a bare metal admin cluster resource will succeed even if errors occur during unenrollment.

Artifact Registry

• Changed IAM policy analysis scope to the root of project in gcloud beta artifacts docker upgrade print-iam-policy.

BigQuery

• Fixed bug to ensure show works with encrypted S3 managed tables.
  • Fixed bug to ensure spark properties can be updated to empty values.
  • Fixed RANGE<TIMESTAMP> to correctly display UNBOUNDED boundaries.
  • Fixed bug in the bq info command that caused it to always fail.
  • Fixed bug where a line of logging was always printed.
  • Added connections to get-iam-policy and set-iam-policy.

Cloud Build

• Modified (--repo, --repo-type) and --repository to be optional in gcloud builds triggers create manual, gcloud builds triggers create webhook and gcloud builds triggers create pubsub.

Cloud Storage

• Updated gsutil component to 5.24.

Compute Engine

• Added --http-keep-alive-timeout-sec flag to gcloud compute alpha/beta target-http-proxies/target-https-proxies create/update to configure http keep alive timeout sec field in target httpx proxy.
• Added --server-tls-policy and --clear-server-tls-policy flags to gcloud compute target-https-proxies create/update to attach/detach a server TLS policy to the target https proxy.
• Release pathTemplateMatch and pathTemplateRewrite fields in urlMaps to v1 API.
• Updated --consumer-accept-list and --consumer-reject-list of gcloud compute service-attachments create and gcloud compute service-attachments update to support networks.
• Promoted --provisioned-throughput flag of gcloud compute disks create and gcloud compute disks update to GA.
• Promoted --create-disk=provisioned-throughput for gcloud compute instances create and gcloud compute instance-templates create to GA.
• Promoted gcloud compute interconnects remote-locations <describe|list> to beta and GA.
• Promoted --remote-location flag of gcloud compute interconnects create to beta and GA.
• Promoted --subnet-length flag of gcloud compute interconnects attachments <dedicated|provider> create to beta and GA.

Container Registry

• Changed "gloud container images describe" to check existence of the digest.

Database Migration

• Updated gcloud database-migration connection-profiles create alloydb to support customer-managed encryption key(CMEK).
• Updated gcloud database-migration connection-profiles create cloudsql to support customer-managed encryption key(CMEK).

Kpt

• Updated kpt from v1.0.0-beta.31 to v1.0.0-beta.33. See https://github.com/GoogleContainerTools/kpt/releases/tag/v1.0.0-beta.33 and previous release notes for more details.

Kubernetes Engine

• Promoted fields gpu-driver-version within --accelerator flag to enable GPU driver auto installation.
• Updated default kubectl from 1.24.13 to 1.25.9.
• Additional kubectl versions:
  • kubectl.1.21 (1.21.14)
  • kubectl.1.22 (1.22.17)
  • kubectl.1.23 (1.23.17)
  • kubectl.1.24 (1.24.13)
  • kubectl.1.25 (1.25.9)
  • kubectl.1.26 (1.26.4)
  • kubectl.1.27 (1.27.1)

Network Security

• Promoted gcloud network-security security-profile-groups to beta.
• Added network-security firewall-endpoints commands to manage Cloud Firewall Plus endpoints, and promoted them to beta.
• Promoted gcloud network-security security-profiles threat-prevention to beta.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

431.0.0 (2023-05-16)

Breaking Changes

• (Anthos On-Prem) Modified --version flag to be required in gcloud container vmware clusters create.
• (Compute Engine) Added centos-stream-8 and centos-stream-9 options to --os flag for:
  • gcloud compute images import in GA,
  • gcloud compute instances import in GA
  • gcloud compute machine-images import in GA

Google Cloud CLI

• Fixed error when filtering was applied to date or time type keys and their values were None. Now, the resources will be excluded as when values were empty.
• Added warning message to indicate support for Python 3.5-3.7 will be deprecated on August 8th, 2023.

Anthos On-Prem

• Modified gcloud container bare-metal clusters list to return clusters in all locations of the specified project if --location is not specified and configuration container_bare_metal/location is not set.

Artifact Registry

• Changed IAM policy translation logic in gcloud beta artifacts docker upgrade print-iam-policy.

Batch

• Promoted Batch submit job optional job_id feature to beta and GA.

Cloud Build

• Added --repository flag to gcloud builds triggers create manual, gcloud builds triggers create webhook and gcloud builds triggers create pubsub which supports creating manual, webhook or Pub/Sub trigger with 2nd-gen repository resource.

Cloud Dataproc

• Added --staging-bucket flag to gcloud dataproc batches submit ... commands in GA. This sets staging bucket when creating batches.
• Added --staging-bucket flag to gcloud dataproc session create ... commands in Preview. This sets staging bucket when creating sessions.

Cloud Firestore

• Promoted firestore locations list to GA.

Cloud Run

• Promoted gcloud run jobs deploy to GA, which allows creating or updating a Cloud Run job from a container image or source to build.

Cloud Storage

• Added a preserve_symlinks option to gcloud storage cp and mv commands; when present, this option will cause file and directory symlinks to be represented by placeholder files in the cloud, and reconstructed as symlinks when downloaded.

Compute Engine

• Promoted gcloud compute addresses move to GA.

Compute Firewall Rules

• Added --bind-tags-to-instances flag to gcloud compute firewall-rules migrate to bind secure tags to VM instances.

Database Migration

• Updated gcloud database-migration migration-jobs create to support customer-managed encryption key(CMEK).

Dataproc Metastore

• Promoted gcloud metastore services alter-metadata-resource-location to GA.
• Promoted gcloud metastore services alter-table-properties to GA.
• Promoted gcloud metastore services move-table-to-database to GA.
• Promoted gcloud metastore services query-metadata to GA.

Events

• Removed gcloud beta events surface and all commands within. Please use gcloud eventarc instead.

Kubernetes Engine

• Deprecated --linux-sysctls flag since --system-config-from-file is now used to config nodes.

Notebooks

• Added --data-disk-type, --data-disk-size, --no-remove-data-disk to gcloud notebooks instances create to configure data disk.

Recaptcha

• Added --private-key-file, --team-id, --key-id to recaptcha keys create for iOS keys. Providing these fields allows reCAPTCHA Enterprise to provide more accurate risk scores.
• Added --private-key-file, --team-id, --key-id to recaptcha keys update for iOS keys. Providing these fields allows reCAPTCHA Enterprise to provide more accurate risk scores.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

430.0.0 (2023-05-09)

Breaking Changes

• (Distributed Cloud Edge) Changed default behavior of gcloud edge-cloud container clusters get-credentials to use kubectl exec auth. More info at https://cloud.google.com/blog/products/containers-kubernetes/kubectl-auth-changes-in-gke. If a user requires use of the deprecated in-tree-auth-plugin, they can revert back to previous behavior by setting an environment flag: USE_GKE_GCLOUD_AUTH_PLUGIN=false.

Google Cloud CLI

• Fixed issue where gcloud auth enterprise-certificate-config create used cert_issuer instead of issuer for Windows and MacOS configurations.

AlloyDB

• Added gcloud alloydb users <command> Users API to manage AlloyDB users.

Anthos On-Prem

• Modified gcloud container vmware clusters list to return clusters in all locations of the specified project if --location is not specified and configuration container_vmware/location is not set.

App Engine

• Updated the Python App Engine devappserver to set app.yaml build_env_variables when running pip.
• Updated the Python App Engine devappserver to fix php55 lost request bug.
• Updated the Java SDK to version 2.0.14 build from the open source project https://github.com/GoogleCloudPlatform/appengine-java-standard/releases/tag/v2.0.14.

Bare Metal Solution

• Promoted gcloud bms instance rename to GA.
• Promoted gcloud bms networks rename to GA.
• Promoted gcloud bms nfs-shares rename to GA.
• Promoted gcloud bms volumes rename to GA.

Cloud Bigtable

• Rebuilt cbt cli with go version 1.20.4 which fixed CVE-2022-41723.
• Add ability to count rows for a prefix.

Cloud Bigtable Emulator

• Rebuilt cbt emulator with go version 1.20.4 which fixed CVE-2022-41723.

Cloud Build

• Added --git-source-revision flag to gcloud builds submit.
• Added --git-source-dir flag to gcloud builds submit.

Cloud Firestore

• Promoted firestore locations list to beta.

Cloud IAM

• Added --web-sso-response-type and --web-sso-assertion-claims-behavior flag to gcloud iam workforce-pools providers create-oidc and gcloud iam workforce-pools providers update-oidc to allow user to setup web sso configuration.

Cloud Logging

• Added --custom-learned-route-priority and --set-custom-learned-route-ranges flags of gcloud compute routers add-bgp-peer in beta to specify the custom learned route configuration.
• Added --custom-learned-route-priority, --set-custom-learned-route-ranges, --add-custom-learned-route-ranges and --remove-custom-learned-route-ranges flags of gcloud compute routers update-bgp-peer in beta to specify the custom learned route configuration.

Cloud Pub/Sub

• The gcloud pubsub pull command now waits for messages by default.
  • The --wait flag has been deprecated from gcloud beta pubsub pull command.
  • The --return-immediately flag has been added to gcloud beta pubsub pull command to support the old behavior.

Cloud Run

• No longer sets the client.knative.dev/user-image annotation when deploying or updating Cloud Run Services and Jobs.
• Fixes issue in gcloud run deploy and gcloud run services update where changing --port would fail due to health check errors.

Compute Engine

• Update replica-zones support --create-disk=replica-zones for gcloud compute instances create.
• Promoted gcloud compute addresses move to beta.
• Added --user-ip-request-headers for gcloud compute security-policies update, and promoted it to beta.

Database Migration

• Added a set of commands for gcloud database-migration private-connections to perform common (create, list, describe, delete) operations on private connections.
• Updated gcloud database-migration connection-profiles create to support creating Oracle connection profiles.
• Updated gcloud database-migration connection-profiles create to support connectivity in creating Postgresql connection profiles.
• Added gcloud database-migrate conversion-workspaces that supports the following commands for creating and managing conversion workspaces: create, update, delete, list, describe, commit, rollback, seed, import-rules, convert, apply, list background jobs and describe entities.
• Updated gcloud database-migration migration-jobs create to support heterogeneous migration jobs.

Kubernetes Engine

• Added --enable-master-global-access flag of gcloud container clusters create-auto.

Looker

• Launch Looker (Google Cloud core) for General Availability to the public.

Network Connectivity

• Updated gcloud network-connectivity service-connection-policies create subnet flag field to accept resource arguments.

Network Services

• Updated GA schema for gcloud network-services gateways.
• This primarily impacts gateway import/export.
• It includes SWG-specific changes so gateways of type SWG can be created.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

429.0.0 (2023-05-02)

Breaking Changes

• (Compute Engine) Added rocky-9 option to --os flag for:
  • gcloud compute images import in GA,
  • gcloud compute instances import in GA
  • gcloud compute machine-images import in GA

Google Cloud CLI

• Updated bundled-python cryptography package to 39.0.1 and PyOpenSSL to 23.0.0.

AlloyDB

• Added --update-mode flag to gcloud alloydb instances update in alpha and beta tracks.

BigQuery

• Added bq info command to print debug information.
• Froze the request library to version '2.27.1' until python2 is removed.
• Removed excess line of logging to stderr that was printed on most commands.
• Improved error messaging for unsupported regions.
• Added support for an encoding when creating a JSON backed external table.
• Updated bundled urllib3.

Certificate Authority Service

• Added --ignore_dependent_resources flag to gcloud privateca roots disable to allow a root CA to be disabled even if it is the last CA in its CA Pool while its CA Pool is being depended on by another cloud resource.
• Added --ignore_dependent_resources flag to gcloud privateca subordinates disable to allow a subordinate CA to be disabled even if it is the last CA in its CA Pool while its CA Pool is being depended on by another cloud resource.
• Added --ignore_dependent_resources flag to gcloud privateca roots delete to allow a root CA to be deleted even if its CA Pool is being depended on by another cloud resource.
• Added --ignore_dependent_resources flag to gcloud privateca subordinates delete to allow a subordinate CA to be deleted even if its CA Pool is being depended on by another cloud resource.
• Added --ignore_dependent_resources flag to gcloud privateca pools delete to allow a CA Pool to be deleted even if it is being depended on by another cloud resource.

Cloud Bigtable

• Rebuilding cbt cli with go version 1.20.3 which fixed CVE-2022-41723.

Cloud Firestore Emulator

• Release Cloud Firestore emulator v1.17.4
  • Added support for eventarc triggers(2nd gen)
  • Fix ListDocuments to have page token

Cloud Identity-Aware Proxy

• Fixed a low throughput issue that appeared in some download cases for gcloud compute start-iap-tunnel.

Cloud Monitoring

• Promoted gcloud monitoring snoozes commands to beta and GA.

Cloud Pub/Sub

• Added --event-time flag to gcloud pubsub lite-topics publish to allow users to specify an event time when publishing a message.

Cloud Run

• Updated gcloud beta run integrations list to display integrations across all regions by default when --region flag is not specified.

Cloud SQL

• Promoted --threads-per-core flag for gcloud sql instances create and gcloud sql instances patch to GA.

Cloud Workstations

• Added the beta workstations list-usable command which lists a user's usable workstations under a given configuration.
• Added gcloud beta workstations get-iam-policy.
• Added gcloud beta workstations set-iam-policy.
• Added gcloud beta workstations configs get-iam-policy.
• Added gcloud beta workstations configs set-iam-policy.

Compute Engine

• Added "REGION" column in the output of gcloud compute ssl-certificates list.
• Promoted --gateway-ip-version flag of gcloud compute vpn-gateways create to beta. Flag defines the IP version of VPN Gateway.
• Allowed --interfaces flag to accept IPv6 addresses of gcloud beta compute external-vpn-gateways create.
• Promoted support of regional instance template for gcloud compute instance-groups managed create to beta and GA.
• Promoted support of regional instance template for gcloud compute instance-groups managed set-instance-template to beta and GA.
• Promoted support of regional instance template for gcloud compute instance-groups managed rolling-action start-update to beta and GA.
• Promoted --nat-name flag of gcloud compute routers get-nat-mapping-info to GA.

Distributed Cloud Edge

• Added --lro-timeout for gcloud edge-cloud container clusters create which allows specifying a custom duration for the gcloud CLI to wait on LROs.

Identity and Access Management

• Fixed issue with gcloud auth login --login-config=$LOGIN_CONFIG --no-browser not working on Linux machines due to terminal input limit.

Kpt

• Updated kpt from v1.0.0-beta.30 to v1.0.0-beta.31. See https://github.com/GoogleContainerTools/kpt/releases/tag/v1.0.0-beta.31 for more details.

Kubernetes Engine

• Added --enable-unstable-kubernetes-apis flag to gcloud containers cluster create and gcloud containers cluster update to facilitate enabling beta apis in kube-apiserver.

Network Connectivity

• Made network field accept both resource identifier and path.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

428.0.0 (2023-04-25)

Breaking Changes

• (Cloud Run) For gcloud beta run jobs deploy, gcloud run jobs create, and gcloud run jobs update, mark --execute-now and --async flags mutually exclusive.

Google Cloud CLI

• Added --lifetime flag to gcloud auth application-default print-access-token to configure service account impersonation access token lifetime.
• Duration flags now support fractional input.

Anthos Multi-Cloud

• Promoted --enable-managed-prometheus flag of gcloud container aws clusters create to GA.
• Promoted --enable-managed-prometheus and --disable-managed-prometheus flags of gcloud container aws clusters update to GA.
• Promoted --enable-managed-prometheus flag of gcloud container azure clusters create to GA.
• Promoted --enable-managed-prometheus and --disable-managed-prometheus flags of gcloud container azure clusters update to GA.
• Fixed issue where --max-nodes, --min-nodes, and --max-pods-per-node flags of gcloud container aws node-pools create and gcloud container azure node-pools create were incorrectly documented as optional.

Anthos On-Prem

• Added gcloud container bare-metal admin-clusters unenroll which removes Cluster API resources so that the cluster is no longer managed by the Anthos On-Prem API.
• Added support for annotations in the container bare-metal clusters update command.

Cloud Bigtable

• Rebuilding cbt cli with go version 1.20 which fixed cve-2023-24537.

Cloud Bigtable Emulator

• Rebuilding cbt emulator with go version 1.20 which fixed cve-2023-24537.

Cloud Run

• Added firebase-hosting integration type to gcloud beta run integrations command group.

Cloud Storage

• Updated gsutil component to 5.23.

Cloud Tasks

• Added gcloud beta tasks buffer which enables creation of an HTTP task without specifying the task body. It requires the parent queue to have an HTTP target override and is only enabled in the beta track.

Cloud Workstations

• Added -labels flag to gcloud beta workstations create and gcloud beta workstations cluster create.

Compute Engine

• Added --auto-network-tier flag of gcloud compute routers nats create and gcloud compute routers nats update in beta to select network tier to be used by NAT in auto mode.
• Promoted flag --enforce-on-key-configs of gcloud compute security-policies rules create|update to GA.
• Added --certificate-manager-certificates flag to gcloud compute target-https-proxies create/update to add a list of ssl certificates created in certificate-manager to the target https proxy.
• Added --allow-psc-global-access flag of gcloud compute forwarding-rules <create|update> to v1.

Compute Firewall Policies

• Promoted --src-threat-intelligence and --dest-threat-intelligence flags to GA in gcloud compute firewall-policies rules create , gcloud compute firewall-policies rules update , gcloud compute network-firewall-policies rules create and gcloud compute network-firewall-policies rules update commands.
• Promoted --src-region-codes and --dest-region-codes flags to GA in gcloud compute firewall-policies rules create , gcloud compute firewall-policies rules update , gcloud compute network-firewall-policies rules create and gcloud compute network-firewall-policies rules update commands.
• Promoted --src-fqdns and --dest-fqdns flags to GA in gcloud compute firewall-policies rules create/update and gcloud compute network-firewall-policies rules create/update commands.
• Promoted --src-address-groups and --dest-address-groups flags to GA in gcloud compute firewall-policies rules create/update and gcloud compute network-firewall-policies rules create/update commands.

Kubernetes Engine

• Added --location flag to clusters, node-pools, and operations surfaces as a simpler alternative to --zone or --region.
• Updated default kubectl from 1.24.12 to 1.24.13.
• Additional kubectl versions:
  • kubectl.1.21 (1.21.14)
  • kubectl.1.22 (1.22.17)
  • kubectl.1.23 (1.23.17)
  • kubectl.1.24 (1.24.13)
  • kubectl.1.25 (1.25.9)
  • kubectl.1.26 (1.26.4)

Network Security

• Added gcloud network-security server-tls-policies describe to alpha and beta.
• Promoted gcloud network-security gateway-security-policies to GA.
• Promoted gcloud network-security gateway-security-policies rules to GA.
• Promoted gcloud network-security url-lists to GA.
• Promoted gcloud network-security tls-inspection-policies to GA.

Public CA

• Promoted gcloud publicca to GA.

Security Command Center

• Fixed gcloud scc findings list to provide descriptive error message when parent argument is omitted.

Transcoder

• Added support for --mode flag when creating a new job.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

427.0.0 (2023-04-18)

Breaking Changes

• (Google Cloud CLI) Deprecated Python 2. The minimum supported Python version is Python 3.5.
• (Cloud Datastore) Remove gcloud datastore databases create after version 427.0.0. Please use gcloud firestore database update --type=datastore-mode instead.
• (Cloud Firestore) Switched firestore database create to use Firestore API.
• (Cloud Firestore) Deprecated --region in gcloud firestore database create. Use --location to specify the database location.

Google Cloud CLI

• Added --lifetime flag to gcloud auth print-access-token to configure service account impersonation access token lifetime.

App Engine

• Updated the Go SDK to version 1.9.75. Please visit the following release notes for details: https://cloud.google.com/appengine/docs/go/release-notes.
• Updated the Java SDK to version 2.0.13 build from the open source project https://github.com/GoogleCloudPlatform/appengine-java-standard/releases/tag/v2.0.13.
• Upgraded Jetty web server to version 9.4.51.v20230217.

Artifact Registry

• Promoted gcloud artifacts googet command group to GA.

BigQuery

• Removed restrictions to what locations can be used with --location when combined with --use_regional_endpoints.
• Improved Format RANGE<TIMESTAMP> formatting.

Certificate Authority Service

• Added ignore_dependent_resources parameter to disable CA, delete CA, and delete CA Pool. These commands would normally fail if the CA Pool would be in a state where it's not able to issue certificates while there's a resource that depends on it. This flag skips the check and may cause unintended and unrecoverable effects on any dependent resource(s) since the CA Pool would no longer be able to issue certificates.

Cloud Firestore

• Promoted firestore databases describe to beta.
• Promoted firestore databases update to beta.
• Promoted firestore databases list to beta.
• Promoted firestore databases describe to GA.
• Promoted firestore databases update to GA.
• Promoted firestore databases list to GA.

Cloud Firestore Emulator

• Release Cloud Firestore emulator v1.16.2
  • Fixed an issue where some http/1 headers were causing 400 errors.

Cloud On Demand Scanning

• Updated local-extract component to 1.5.8 to allow it to run in environments without glibc.

Cloud Run

• Promoted --session-affinity to GA for --platform=managed for gcloud run deploy and gcloud run services update.
• Promoted --add-custom-audiences, --clear-custom-audiences, --remove-custom-audiences and --set-custom-audiences to beta for --platform=managed for gcloud run deploy and gcloud run services update.

Cloud SQL

• Added PostgreSQL 15 to database versions.

Cloud Spanner

• Added database drop protection column to gcloud spanner databases list command.

Cloud Storage

• Promoted gcloud storage insights commands to GA.

Cloud TPU

• Add gcloud compute tpus topologies list to list available TPUs by chip topology.

Cloud Workstations

• Adding support for labels in the beta workstations config create and beta workstations config update commands.

Compute Engine

• Updated the scope flags --zone or --region of the primary disk, --secondary-disk-zone or --secondary-disk-region of the secondary disk to be required for gcloud compute disks start-async-replication.

Dataproc Metastore

• Added support for Dataproc Metastore admin interface. The following commands have been added to alpha/beta release tracks:
  • metastore services alter-table-properties

Events

• Deprecated gcloud beta events surface and all commands within. This surface will be removed in an upcoming release. Please use gcloud eventarc instead.

GKE Hub

• Added --location flag to gcloud container fleet memberships register and gcloud beta container fleet memberships register.
• If --location is not specified when registering GKE clusters, Membership region is selected to match to GKE cluster location by default.
• If --location is not specified when registering non-GKE clusters, Membership region is selected as "global" by default.

Kpt

• Updated kpt from v1.0.0-beta.29 to v1.0.0-beta.30. See https://github.com/GoogleContainerTools/kpt/releases/tag/v1.0.0-beta.30 for more details.

Kubernetes Engine

• Added --addons=GcsFuseCsiDriver to gcloud beta container clusters create and --update-addons=GcsFuseCsiDriver to gcloud beta container clusters update to enable/disable the Cloud Storage FUSE Container Storage Interface (CSI) Driver.
• Allow --enable-managed-prometheus or --disable-managed-prometheus flag to be passed with --logging and --monitoring flags at the same time in gcloud container clusters update.
• Added --additional-pod-ipv4-ranges and --remove-additional-pod-ipv4-ranges flags of gcloud container clusters update to GA.

Network Connectivity

• Renamed 'psc-subnetworks' field to 'subnets' based on review comments.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

426.0.0 (2023-04-11)

Breaking Changes

• (Cloud Firestore) Switched firestore database create to use Firestore API after version 427.0.0.
• (Cloud Firestore) Deprecated --region in gcloud firestore database create. Use --location to specify the database location. --region flag will be remove after version 427.0.0.

Anthos On-Prem

• Promoted gcloud container vmware to beta.
• Promoted gcloud container bare-metal to beta.

App Engine

• Updated the Go SDK to version 1.9.74. Please visit the following release notes for details: https://cloud.google.com/appengine/docs/go/release-notes.

Batch

• Added no-external-ip-address flag to gcloud batch job submit.

BigQuery

• Added warning when apilog flag is missing that the logging level is being lowered.

Cloud Bigtable

• Clarified the functionality of --transactional-writes flag in gcloud bigtable app-profiles update.

Cloud Build

• Hide --repository flag in gcloud builds triggers create manual, gcloud builds triggers create webhook and gcloud builds triggers create pubsub.

Cloud Dataflow

• Added JAVA17 to gcloud dataflow flex-template command SDK Language options, allowing users to submit Flex Template jobs using Java 17.

Cloud Filestore

• Added gcloud filestore instances revert command in GA to revert a filestore instance to specific snapshot.

Cloud Functions

• Updated gcloud functions deploy to no longer require the flag --gen2 when updating an existing 2nd gen function. This aligns with the existing behavior of other commands. You can disable this behavior and only work with 1st gen functions by either adding --no-gen2 to a command or by setting the functions/gen2 config property to off.

Cloud Memorystore

• Change to current default from latest for --maintenance-version flag in gcloud redis instances update to allow updating to the current default maintenance version.

Cloud Org Policy

• Added --update-mask flag to gcloud org-policies reset command to support partial reset of policies (e.g, reset only dry-run policy spec or live policy spec).

Cloud Run

• Promoted --cpu-boost to GA for --platform=managed for gcloud run deploy.

Cloud Workflows

• Added the call-log-level flag to gcloud workflows deploy, and add the log-none value to the call-log-level flag for gcloud workflows <execute|run>, to specify no call logging even if logging was specified at the workflow level.

Compute Engine

• Promoted --max-count-per-zone flag of gcloud compute instances bulk create to beta. Flag defines maximum number of instances that can be created per zone for regional bulk insert.
• Added SEV_LIVE_MIGRATABLE to the list of guestOsFeatures.
• Rearranged gcloud compute images import source flags by moving --source-file & --source-image to the beginning.

Network Connectivity

• Added gcloud network-connectivity service-connection-policies create and gcloud network-connectivity service-connection-policies delete commands.
• Added gcloud network-connectivity service-connection-policies list and gcloud network-connectivity service-connection-policies describe commands.

Security Command Center

• Promoted gcloud scc custom-modules sha to GA.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

425.0.0 (2023-04-04)

Breaking Changes

• (Compute Engine) Migrate single request gcloud compute commands from the compute batch
• (Compute Engine) endpoint to region-specific endpoints.

App Engine

• Removed InvalidInstanceIpModeError exception from gcloud.app.instances.ssh because SSH is now supported for all Instance Ip Modes.

Artifact Registry

• Added gcloud beta artifacts docker upgrade print-iam-policy.

Certificate Manager

• Promoted gcloud certificate-manager trust-configs delete to beta.
• Promoted gcloud certificate-manager trust-configs describe to beta.
• Promoted gcloud certificate-manager trust-configs export to beta.
• Promoted gcloud certificate-manager trust-configs import to beta.
• Promoted gcloud certificate-manager trust-configs list to beta.

Cloud Access Context Manager

• Added --dry-run-level flag to gcloud access-context-manager cloud-bindings to test cloud-binding before enforcing them.

Cloud Build

• Update wait timeout for gcloud builds worker-pools create and gcloud builds worker-pools delete commands to 1h.

Cloud Functions

• Updated gcloud functions add-iam-policy-binding, gcloud functions call, gcloud functions delete, gcloud functions get-iam-policy, gcloud functions remove-iam-policy-binding, and gcloud functions set-iam-policy to no longer require the flag --gen2 when operating on a 2nd gen function. This aligns with the existing behavior of gcloud functions describe. You can disable this behavior and only work with 1st gen functions by either adding --no-gen2 to a command or by setting the functions/gen2 config property to off.

Cloud IAM

• Added gcloud iam workload-identity-pools providers keys commands to manage workload identity pool provider keys.

Cloud Workstations

• Adding support for the customer managed encryption key and encryption key service account flags in the beta workstations config create command.

Compute Engine

• Enable "Uniform Bucket Level Access" by default for the temporary Cloud Storage buckets created in gcloud compute images import and gcloud compute images export.
• Promoted --source-ip-ranges flag of gcloud compute forwarding-rules [create|update] to GA.

Database Migration

• Added --allocated-ip-range flag to gcloud database-migration connection-profiles create cloudsql to allow selecting an allocated IP range for VPC peering.
• Added --alloydb-cluster flag to gcloud database-migration connection-profiles create to allow creating a connection profile with an existing AlloyDB cluster.
• Added --alloydb-cluster flag to gcloud database-migration connection-profiles update to allow configuring a connection profile with an existing AlloyDB cluster.

Network Security

• Promoted gcloud network-security tls-inspection-policies to beta.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

424.0.0 (2023-03-28)

Breaking Changes

• (Artifact Registry) Fixed issue where the default table format was used when --show-occurrences flag was passed in, even though that format prevented occurrences from being displayed. Changed to use the default format when the flag is used. Use the same command without --show-occurrences to get the old behavior.

Artifact Registry

• Allow using gcloud beta artifacts images describe with Artifact Registry repos that use gcr.io domain.
• Promoted artifacts settings describe artifacts settings enable-upgrade-redirection, and artifacts settings disable-upgrade-redirection commands to GA.

BigQuery

• Fixed issue storing --api flag in the .bigqueryrc file.
• Added the option for three-year capacity commitment plans.
• Updated wcwidth to version 0.2.6.

Certificate Manager

• Promoted gcloud certificate-manager issuance-configs to GA.

Cloud Build

• Added --default-buckets-behavior flag to gcloud builds submit.

Cloud Deploy

• Added gcloud deploy rollouts advance to alpha and beta.
• Added gcloud deploy rollouts cancel to alpha and beta.
• Added gcloud deploy rollouts ignore-job to alpha and beta.
• Added gcloud deploy job-runs terminate to alpha and beta.
• Added starting-phase-id flag to gcloud deploy targets redeploy.
• Added starting-phase-id flag to gcloud deploy targets rollback.
• Added starting-phase-id flag to gcloud deploy releases promote.
• Added initial-rollout-phase-id flag to gcloud deploy releases create.

Cloud Memorystore

• Added --maintenance-version flag to gcloud redis instances update to allow updating a maintenance version when updating an instance.

Cloud Run

• Promoted gcloud run jobs command group and its sub-commands to GA, except for the following commands:
  • gcloud beta run jobs deploy
  • gcloud beta run jobs logs
  • gcloud beta run jobs executions logs
• Promoted --encryption-key-shutdown-hours and --clear-encryption-key-shutdown-hours flags of gcloud run deploy and gcloud run services update to GA for --platform=managed.

Cloud SQL

• Added gcloud sql instances reencrypt, which re-encrypts a Cloud SQL CMEK instance with the current primary key version in alpha.

Cloud TPU

• Update gcloud compute tpus tpu-vm create to allow configuration of TPUs with chip topology using --type and --topology flags.

Compute Engine

• Promoted disk-consistency-group argument of gcloud compute resource-policies create to beta.
• Promoted --primary-disk, --primary-disk-project, --primary-disk-region, and --primary-disk-zone of gcloud compute disks create to beta.
• Promoted gcloud compute disks start-async-replication to beta.
• Promoted gcloud compute disks stop-async-replication to beta.
• Promoted gcloud compute disks stop-group-async-replication to beta.
• Promoted gcloud compute disks bulk create to beta.
• Fixed documentation for --update-policy-max-surge and --update-policy-replacement-method flags.
• Promoted --queue-count flag in --network-interface of gcloud compute instance-templates create to GA.
• Promoted --queue-count flag in --network-interface of gcloud compute instances bulk create to GA.

Database Migration

• Added demote-destination request to gcloud database-migration migration-jobs to allow demoting the destination of a migration job.

Dataproc Metastore

• Promoted the custom-routes-enabled boolean value to the network-config-from-file flag of gcloud metastore services create to v1alpha and v1beta.
• Fixed issue where commands including an --instance-size flag would fail if the user specified an enum value of EXTRA_SMALL or EXTRA_LARGE.

Eventarc

• Added --event-data-content-type flag to gcloud eventarc triggers create and gcloud eventarc triggers update to label the type of payload in MIME format that is expected from the CloudEvent data field.

Kpt

• Updated kpt from v1.0.0-beta.27 to v1.0.0-beta.29. See https://github.com/GoogleContainerTools/kpt/releases/tag/v1.0.0-beta.29 and previous release notes for more details.

Kubernetes Engine

• Updates default kubectl from 1.24.11 to 1.24.12.
• Additional kubectl versions:
  • kubectl.1.21 (1.21.14)
  • kubectl.1.22 (1.22.17)
  • kubectl.1.23 (1.23.17)
  • kubectl.1.24 (1.24.12)
  • kubectl.1.25 (1.25.8)
  • kubectl.1.26 (1.26.3)

Network Security

• Promoted gcloud network-security url-lists to beta.
• Promoted gcloud network-security gateway-security-policies to beta.
• Promoted gcloud network-security gateway-security-policy-rules to beta.

Recaptcha

• Added --support-non-google-app-store-distribution to recaptcha keys create that enables support for non-Google Play Store distributed applications for the key.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

423.0.0 (2023-03-21)

Google Cloud CLI

• Added gcloud auth enterprise-certificate-config to create enterprise-certificate configurations.
• Disabled mTLS during installation.
• Fixed crash that occurred when parsing certain repeated dictionary-type flags if duplicate keys were provided or if invalid choices for another flag were specified afterwards.
• Improved post-processing times during gcloud components update and gcloud components install on Windows.

App Engine

• Updated the Java SDK to version 2.0.12 build from the open source project https://github.com/GoogleCloudPlatform/appengine-java-standard/releases/tag/v2.0.12.
• Fixed a DevAppServer issue where in some scenarios, the class io.opencensus.trace.propagation.TextFormat could not be found.
• Added --tunnel-through-iap flag to gcloud app instances ssh. Using this flag lets you use an Identity-Aware Proxy (IAP) tunnel when attempting to SSH into an App Engine flexible environment instance without an external IP address.
• Updated the Go SDK to version 1.9.73. Please visit the following release notes for details: https://cloud.google.com/appengine/docs/go/release-notes.
• Added --tunnel-through-iap flag to gcloud app instances scp. Using this flag lets you use an Identity-Aware Proxy (IAP) tunnel when attempting to SCP to/from an App Engine flexible environment instance without an external IP address.

Artifact Registry

• Updated gcloud artifacts docker images describe and gcloud artifacts docker images list to return occurrences when an occurrence filter is used, even if the user does not explicitly say to show occurrences.

• Added --immutable-tags flag to gcloud artifacts repositories create and gcloud artifacts repositories update.

Bare Metal Solution

• Promoted gcloud bms ssh-keys list to GA.
• Promoted gcloud bms ssh-keys add to GA.
• Promoted gcloud bms ssh-keys remove to GA.

Cloud Build

• Added --repository flag to gcloud builds triggers create manual, gcloud builds triggers create webhook and gcloud builds triggers create pubsub.

Cloud Dataproc

• Added --ttl flag to gcloud dataproc batches submit commands in GA. This sets a workload TTL when creating batches.

Cloud Firestore Emulator

• Released Cloud Firestore emulator v1.16.1
  • Fixed: support read_time in ListCollectionIds

Cloud Healthcare

• Added gcloud healthcare fhir-stores metrics which allows users to retrieve metrics associated with a FHIR store.

Cloud Key Management Service

• Added --key-management-mode and --crypto-space-path to gcloud kms ekm-connections that is used when creating coordinated external keys.
• Added gcloud kms ekm-config commands which enables setting configuration values for EKM users.

Compute Engine

• Promoted --aws-* flags of gcloud compute images import to GA.
• Promoted gcloud compute sole-tenancy node-groups simulate-maintenance-event to GA.

Database Migration

• Added --availability-type flag to gcloud database-migration connection-profiles create to allow configuring the availability type on the destination Cloud SQL instance.
• Added --secondary-zone flag to gcloud database-migration connection-profiles create to allow configuring the secondary zone of the destination Cloud SQL instance when regional availability type is used.

Kubernetes Engine

• Added --enable-fleet flag to gcloud container clusters create, gcloud container clusters create-auto and gcloud container clusters update in alpha, beta track.
• Added --fleet-project flag to gcloud container clusters create, gcloud container clusters create-auto and gcloud container clusters update in alpha, beta track.
• Added --clear-fleet-project flag to gcloud container clusters update in alpha, beta track.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

422.0.0 (2023-03-14)

Breaking Changes

• (Cloud Pub/Sub) Fixed output format of gcloud schemas list and gcloud schemas list-revisions to remove the DEFINITION column if --view is not FULL.

Google Cloud CLI

• Added gcloud auth enterprise-certificate-config to create enterprise-certificate configurations.

Anthos Multi-Cloud

• Added --clear-client flag to gcloud container azure clusters update to clear the Azure client. This flag is required when updating to use Azure workload identity federation from Azure client to manage Azure resources.

App Engine

• Updated the Python App Engine devappserver to support a new flag --python_virtualenv_path. It is an optional directory that will be used to setup a Python 3 virtual env for the local devappserver execution environment for Python 3 applications. If the path does not exist it will be created and it will not be cleanup at the end of the devappserver execution, allowing for caching between invocations. If not defined, a temporary directory will be used and cleaned up at the end of the execution.

Artifact Registry

• gcloud beta artifacts settings enable-upgrade-redirection command no longer requires creating missing repos.

Bare Metal Solution

• Promoted gcloud bms instances enable-serial-console to GA.
• Promoted gcloud bms instances disable-serial-console to GA.

BigQuery

• Updated the bundled google auth libraries.
• Updated bundled libraries to use charset_normalizer with the request library.

Cloud Datastream

• Added the max_concurrent_backfill_tasks support to --mysql-source-config, --oracle-source-config, --postgresql-source-config flags in gcloud datastream streams.

Cloud Functions

• Preview of the CMEK support for Cloud Functions, 2nd Gen. In particular, promoted --docker-repository, --kms-key, --clear-docker-repository and --clear-kms-key flags of gcloud functions deploy --gen2 to beta.

Cloud Run

• Removed --condition flag from gcloud run {services,jobs} {add,remove}-iam-policy-binding.

Cloud Workflows

• Added --revision-id flag to gcloud workflows describe to allow retrieving the source code of a workflow at a specific revision.

Cloud Workstations

• Added gcloud beta workstations configs update which updates a specified
• Added gcloud beta workstations ssh which SSH's into a specified workstation. workstation configuration.

Compute Engine

• Added --plan to gcloud compute commitments update to support commitment term upgrade.
• Promoted gcloud compute security-policies rules add-preconfig-waf-exclusion|remove-preconfig-waf-exclusion to GA.
• Promoted --queue-count flag in --network-interface of gcloud compute instances create to GA.
• Promoted --internal-ipv6-address flag of gcloud compute instances create to GA.
• Promoted --internal-ipv6-prefix-length flag of gcloud compute instances create to GA.
• Added new ADVANCED_PREVIEW enum option to --network-ddos-protection flag of gcloud compute security-policies update in alpha and beta.

GKE Hub

• Changed gcloud container fleet memberships unregister command to assume membership region based on gke cluster region by default.

Network Connectivity

• Fixed issue where sort-by arguments in list spoke command produced type validation errors.

Recaptcha

• Support creating express enabled site keys using recaptcha keys create --waf-feature=express.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

421.0.0 (2023-03-07)

Artifact Registry

• Fixed an issue where gcloud artifacts docker images list does not return nested images.

BigQuery

• Extended third-party identity login to support a web-based 3-legged OAuth flow.
• Extended ls -p to page through all projects.
• Extended --format for load to support more formats.
• Removes some unneeded shipped libraries.
• Added logging support for all exceptions when --apilog is present.
• Added --encoding for load to support csv encodings.
• Updated the bundled cachetools library.

Cloud Filestore

• Added --instance-location flag to gcloud filestore instances snapshots create, which accepts either a zone or region and allows clients to create Enterprise and HighScale snapshots.
• Added --instance-location flag to gcloud filestore instances snapshots delete, which accepts either a zone or region and allows clients to delete Enterprise and HighScale snapshots.
• Added --instance-location flag to gcloud filestore instances snapshots list, which accepts either a zone or region and allows clients to list Enterprise and HighScale snapshots.
• Added --instance-location flag to gcloud filestore instances snapshots update, which accepts either a zone or region and allows clients to update Enterprise and HighScale snapshots.
• Added --instance-location flag to gcloud filestore instances snapshots describe, which accepts either a zone or region and allows clients to describe Enterprise and HighScale snapshots.

Cloud Pub/Sub

• Fixed gcloud schemas commit to raise an Invalid Argument error if --type is not equal to protocol-buffer, protocol_buffer, or avro.

Cloud Services

• Added key-string support for undelete command for api_keys in beta.

Cloud Spanner

• Promoted gcloud spanner databases roles list to GA.
• Promoted --database-role flag in gcloud spanner databases execute-sql to GA.

Cloud Storage

• Updated gsutil component to 5.21.

Cloud Workflows

• Added --labels flag to gcloud workflows <execute|run> to allow adding execution specific labels.

Cloud Workstations

• Fixed issue with the custom container image not being properly set in gcloud beta workstations configs create.

Compute Engine

• Added --encryption to gcloud compute interconnects attachments dedicated create to add encryption option for dedicated interconnect attachment (VLAN attachment).
• Added --encryption to gcloud compute interconnects attachments partner create to add encryption option for partner interconnect attachment (VLAN attachment).
• Added --ipsec-internal-addresses to gcloud compute interconnects attachments dedicated create to add list of addresses that have been reserved for dedicated interconnect attachment (VLAN attachment).
• Added --ipsec-internal-addresses to gcloud compute interconnects attachments partner create to add list of addresses that have been reserved for partner interconnect attachment (VLAN attachment).
• Added --encrypted-interconnect-router to gcloud compute routers create to indicate that the router is dedicated for use with encrypted interconnect attachments (VLANs).
• Added --interconnect-attachments to gcloud compute vpn-gateways create to add interconnect attachments (VLAN attachments) associated with the VPN gateway interfaces.
• Added 9 to allowed list of values for --version of gcloud beta compute instances ops-agents policies [create|update].
• Promoted --locality_lb_policy flag of gcloud compute backend-services create/update to GA.
• Added --max-run-duration and --termination-time flags in gcloud compute instances set-scheduling to beta.
• Added --clear-max-run-duration and --clear-termination-time flags in gcloud compute instances set-scheduling to beta.
• Promoted --endpoint-types flag in gcloud compute routers nats create to GA.

Dataproc Metastore

• Promoted --auxiliary-versions flag of gcloud metastore services create to GA. Modified flag to no longer be mutually exclusive with --consumer-subnetworks and --network-config-from-file.
• Promoted --auxiliary-versions-from-file flag of gcloud metastore services create to GA. Modified flag to no longer be mutually exclusive with --consumer-subnetworks and --network-config-from-file.
• Promoted --instance-size flag of gcloud metastore services create and gcloud metastore services update to GA.
• Added --instance-size flag to gcloud metastore services create and gcloud metastore services update to specify a service instance size.
• Promoted --scaling-factor flag of gcloud metastore services create and gcloud metastore services update to GA.
• Added --scaling-factor flag to gcloud metastore services create and gcloud metastore services update to specify a service scaling factor.
• Modified --tier flag of gcloud metastore services create and gcloud metastore services update to be mutually exclusive with --instance-size and --scaling-factor in all release tracks.

Identity and Access Management

• Added support for credential sharing with bq and gsutil when using browser-based sign-in with Workforce identity federation to authenticate with the Google Cloud CLI via gcloud auth login.

Kpt

• Updated kpt from v1.0.0-beta.24 to v1.0.0-beta.27. See https://github.com/GoogleContainerTools/kpt/releases/tag/v1.0.0-beta.27 and previous release notes for more details.

Kubernetes Engine

• Prevent overwriting directory permission when KUBECONFIG contains empty entry or a directory. Instead, raise an error.
• Updates default kubectl from 1.24.10 to 1.24.11.
• Additional kubectl versions:
  • kubectl.1.21 (1.21.14)
  • kubectl.1.22 (1.22.17)
  • kubectl.1.23 (1.23.17)
  • kubectl.1.24 (1.24.11)
  • kubectl.1.25 (1.25.7)
  • kubectl.1.26 (1.26.2)

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

420.0.0 (2023-02-28)

Breaking Changes

• (Cloud Firestore) Switched firestore beta database create to use Firestore API.
• (Cloud Firestore) Added --type, --location and --database to gcloud beta firestore database create.
• (Cloud Firestore) Removed --region in gcloud beta firestore database create. Use --location instead.

App Engine

• Added support for App Engine go runtime versions 116, 117, 118, 119, 120.

BigQuery

• Updated messaging for the use_legacy_sql flag.
• Added stack trace logging for errors when the apilog flag is used.
• Removed unnecessary fetches for data transfer commands.

Certificate Authority Service

• Added name constraints arguments to gcloud privateca roots create to allow configuring certificate authorities with name constraints.
• Added name constraints arguments to gcloud privateca subordinates create to allow configuring certificate authorities with name constraints.
• Added name constraints arguments to gcloud privateca certificates create to allow configuring certificate authorities with name constraints.

Cloud Composer

• Update warning message when running commands that use the default Cloud Composer version, which was changed recently from 1 to 2.

Cloud Functions

• Fixed issue where gcloud functions deploy would crash on updating an existing function with VPC Connector when --egress-settings flag was specified.
• Added warning and prompting to gcloud functions add-iam-policy-binding about needing to bind the roles/run.invoker role for 2nd gen functions.

Cloud Key Management Service

• Added gcloud beta kms inventory which allows viewing and tracking of keys across cloud resources.

Cloud Logging

• Promoted buckets create --enable-analytics to GA.
• Added buckets update --enable-analytics to GA track.
• Removed deprecated buckets update --enable-loglink from ALPHA track.
• Added --async option to the buckets create and buckets update commands.
• Added links command group implementation.

Compute Engine

• Promoted --queue-count flag in --network-interface of gcloud compute instances create to beta.
• Promoted --stack-type flag of gcloud compute instances bulk create to GA.
• Promoted gcloud compute disks update to GA.
• Promoted --provisioned-iops flag of gcloud compute disks update to GA.

GKE Hub

• Added gcloud container fleet scopes|namespaces which allows users to manage Fleet Tenancy.

Identity and Access Management

• Workforce identity federation now supports browser-based sign-in when authenticating with the Google Cloud CLI via gcloud auth login. To learn more, see Obtain short-lived tokens for workforce identity federation or the Azure AD or Okta-specific gcloud CLI sign-in instructions.

Pubsub Emulator

• Added support for updating schemas.
• Fixed the inability to create topics, subscriptions, and schemas when using the gcloud CLI.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

419.0.0 (2023-02-22)

App Engine

• Updated the Java SDK to version 2.0.11 build from the open source project https://github.com/GoogleCloudPlatform/appengine-java-standard/releases/tag/v2.0.11.

Artifact Registry

• Fix issue where artifacts repositories create failed unconditionally.

Cloud Datastream

• Added new --full-hierarchy and --hierarchy-depth flags for connection-profiles discover.
• Deprecated --recursive and --recursive-depth flags for connection-profiles-discover.

Cloud Functions

• Added support for Docker package format {location}-docker.pkg.dev/{project}/{repository} to --docker-repository flag of gcloud functions deploy.
• Fixed issue where gcloud functions deploy fails if the user doesn't have the permission serviceusage.services.get.

Cloud Logging

• Promote --logging-optional and --logging-optional-fields flags of gcloud compute backend-services create and gcloud compute backend-services update to GA.

Cloud Run

• Promoted gcloud beta run jobs executions logs read to beta, which reads logs from a selected resource.
• Promoted gcloud beta run jobs executions logs tail to beta, which tail logs from a selected resource.

Cloud Storage

• gcloud storage cp will now silently ignore the Content-MD5 header for parallel composite uploads.
• gcloud storage hash has been promoted to GA.

Firebase Test Lab

• Promoted --client-details flag of gcloud firebase test [android|ios] run to GA. This flag can be used to provide additional details to attach to the test matrix, including a matrixLabel to help you identify and locate your test in the Firebase console.

Recaptcha

• Support creating Fastly enabled site keys using recaptcha keys create --waf-service=fastly.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

418.0.0 (2023-02-14)

Breaking Changes

• (Cloud Dataproc) Modified --job-id and --yarn_application_id flags to --job-ids and --yarn-application-ids respectively in gcloud dataproc clusters diagnose command. These flags can now accept a comma separated list of job ids and yarn app ids instead of a single value.

Google Cloud CLI

• Defined "quota_project" in gcloud auth application-default set-quota-project command documentation.
• Launched the enterprise-certificate-proxy component. See more at $ gcloud topic client-certificate.

AI

• Added gcloud ai models copy which copies a model.

AlloyDB

• Added --clear-continuous-backup-encryption-key flag to gcloud beta alloydb clusters update to support clearing a custom encryption configuration for Continuous Backups.
• Added following flags of gcloud alloydb instances create and gcloud alloydb instances update to alpha, beta and GA:
  • --insights-config-query-string-length
  • --insights-config-query-plans-per-minute
  • --insights-config-record-application-tags
  • --insights-config-record-client-address

Artifact Registry

• Adding new command gcloud artifacts vpcsc-config allow --project=my-proj --location=us-west1.
• Adding new command gcloud artifacts vpcsc-config deny --project=my-proj --location=us-west1.
• Adding new command gcloud artifacts vpcsc-config describe --project=my-proj --location=us-west1.
• Adding new command gcloud artifacts repositories create my-repo --project=my-project --repository-format=maven --location=us-east1 --description="My test repo" --mode=virtual-repository --upstream-policy-file=policy.json.
• Adding new command gcloud artifacts repositories create my-repo --project=my-project --repository-format=python --location=us-east1 --description="My python repo" --mode=remote-repository --remote-repo-config-desc="test python remote repo" --remote-python-repo=PYPI.
• Adding new command gcloud artifacts repositories create my-repo --project=my-project --repository-format=npm --location=us-east1 --description="My npm repo" --mode=remote-repository --remote-repo-config-desc="test npm remote repo" --remote-npm-repo=NPMJS.
• Adding new command gcloud artifacts repositories create my-repo --project=my-project --repository-format=maven --location=us-east1 --description="My test repo" --mode=remote-repository --remote-repo-config-desc="test maven remote repo" --remote-mvn-repo=MAVEN-CENTRAL.
• Adding new command gcloud artifacts repositories create my-repo --project=my-project --repository-format=docker --location=us-east1 --description="no CRM permission" --mode=remote-repository --remote-repo-config-desc="test docker remote repo" --remote-docker-repo=DOCKER-HUB.

BigQuery

• Added SPARK reservation assignment.
• Added main class option for Spark procedures.
• Added support for bi-engine reservation paths.

Cloud DNS

• Fixed issue with gcloud dns response-policies being unable to update gkeclusters flag in GA.
• Updated gcloud dns record-sets create and gcloud dns record-sets update to allow referencing forwarding rules by their full resource path.

Cloud Datastream

• Modified Create/Update Stream flags that use a JSON/YAML file to use camelCase field naming instead of snake_case, to match the REST API. Old snake_case configuration files will still be supported.

Cloud Filestore

• Added --location flag to gcloud filestore instances snapshots create, which accepts either a zone or region and allows clients to create Enterprise and HighScale snapshots.
• Added --location flag to gcloud filestore instances snapshots delete, which accepts either a zone or region and allows clients to delete Enterprise and HighScale snapshots.
• Added --location flag to gcloud filestore instances snapshots list, which accepts either a zone or region and allows clients to list Enterprise and HighScale snapshots.
• Added --location flag to gcloud filestore instances snapshots update, which accepts either a zone or region and allows clients to update Enterprise and HighScale snapshots.
• Added --location flag to gcloud filestore instances snapshots describe, which accepts either a zone or region and allows clients to describe Enterprise and HighScale snapshots.

Cloud Firestore

• Added --api-scope and --query-scope support for Firestore Index Create.

Cloud Key Management Service

• Set --location and --keyring as required flags for commands set-primary-version, set-rotation-schedule, get-rotation-schedule, set-iam-policy, get-iam-policy.

Cloud Logging

• Allow for protocols TCP, UDP and UNSPECIFIED in gcloud compute backend-services create and gcloud compute backend-services update.
• Added --logging-optional and --logging-optional-fields flags of gcloud compute backend-services create and gcloud compute backend-services update in beta to specify the optional fields to be added to the reported logs.

Cloud Run

• Fixed an issue where gcloud run delete commands report error sometimes even though the deletion succeeded.

Cloud Storage

• Updated gsutil component to 5.20.
• All gcloud storage commands that accept JSON files now also support YAML.

Compute Engine

• Promoted --resource-policies flag for glcloud compute reservations createto to GA.

Distributed Cloud Edge

• Introduced the GDCE version for cluster, machine, and node-pool as output during list and describe operations.
• Added gcloud edge-cloud networking which allows users to configure the networking configurations on the ToRs to support customer workloads which are running in Google Distributed Cloud Edge Clusters.

Stackdriver Debugger

• Deprecated gcloud debug. Cloud Debugger is deprecated and will be shut down May 31, 2023. For more information, see https://cloud.google.com/debugger/docs/deprecations.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

417.0.1 (2023-02-08)

App Engine Flexible Environment

• Fixing issue where App Engine Flex users cannot deploy their PHP, Java or Python applications via gcloud 417.0.0.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

417.0.0 (2023-02-07)

Breaking Changes

• (Cloud IoT) Added --device-field-mask flag to gcloud iot devices list to have override possibility for device fieldMask. In case the API response does not include the blocked field for any of the devices, the BLOCKED column will disappear from the results table.

Google Cloud CLI

• Defined "quota_project" in gcloud auth application-default set-quota-project command documentation.

Anthos Multi-Cloud

• Modified gcloud container azure clients create to wait for the returned long-running operation. Use --async flag to get the old behavior.
• Modified gcloud container azure clients delete to wait for the returned long-running operation. Use --async flag to get the old behavior.

Cloud Composer

• Added warning message when running commands that use the default Cloud Composer version, which will be changed soon.

Cloud Logging

• Updated gcloud logging buckets list command to include CMEK enabled or disabled setting.

Cloud Run

• Promoted gcloud run jobs deploy to beta, which allows creating or updating a Cloud Run job from a container image or source to build.

Compute Engine

• Added REGION column to default output of gcloud compute target-https-proxies list.
• Promoted gcloud compute network-attachments to GA.

Distributed Cloud Edge

• Promoted --vpc-project to gcloud edge-cloud container vpn-connections create to create resources in a different GCP project than the GDCE cluster project.

Firebase Test Lab

• Promoted gcloud firebase test [android|ios] list-device-capacities to GA. This feature can inform your test decisions by letting you view the inventory level of device types in the Test Lab catalog. To access this information, run gcloud firebase test [android|ios] list-device-capacities, or gcloud firebase test [android|ios] models describe [MODEL_ID].

Identity and Access Management

• Added gcloud iam workforce-pools commands for Workforce Identity Federation management.

Notebooks

• Deprecate alpha and beta notebooks.

Security Command Center

• Updated gcloud scc custom-modules sha command group to allow custom modules feature.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

416.0.0 (2023-01-31)

Breaking Changes

• (Cloud Datalab) Removed gcloud datalab component (Originally removed in release 413.0.0).

AI

• Fixed an issue in gcloud ai hp-tuning-jobs that the values of --max-trial-count and --max-parallel-trial-count are not passed in the config.yaml file.

AlloyDB

• Updated gcloud beta alloydb clusters create and gcloud beta alloydb clusters update to support enabling continuous backups via new --enable-continuous-backup and --continuous-backup-recovery-window-days and --continuous-backup-encryption-key flags.

Anthos Identity Service

• Added --fleet-default-member-config flag to the following commands:

  • gcloud beta container fleet identity-service enable

  • gcloud beta container fleet identity-service delete

    These will make it possible to configure and delete fleet default membership configurations.

App Engine

• Added the --tunnel-through-iap flag to gcloud beta app instances scp. Using this flag lets you use an Identity-Aware Proxy (IAP) tunnel when attempting to SCP to/from an App Engine flexible environment instance without an external IP address.

Cloud Run

• Promotes gcloud beta run jobs logs read to beta, which reads logs from a selected resource.
• Promotes gcloud beta run jobs logs tail to beta, which tail logs from a selected resource.

Cloud SQL

• Promoted gcloud sql users describe command to GA.

Cloud Storage

• Updated gsutil component to 5.19.
  • Fixed an issue causing parallel transfer commands to require elevated permissions.

Compute Engine

• Modified gcloud compute instance-groups managed update to support relative path for regional health check.
• Added --allow-psc-global-access flag of gcloud compute forwarding-rules <create|update> to beta.
• Promoted gcloud compute resource-policies update snapshot-schedule to beta.

Config Controller

• Fixed issue where --full-management flag doesn't take effect.

Immersive Stream

• Promoted gcloud immersive-stream xr to GA.

Kubernetes Engine

• Updates default kubectl from 1.24.9 to 1.24.10.
• Additional kubectl versions:
  • kubectl.1.21 (1.21.14)
  • kubectl.1.22 (1.22.17)
  • kubectl.1.23 (1.23.16)
  • kubectl.1.24 (1.24.10)
  • kubectl.1.25 (1.25.6)
  • kubectl.1.26 (1.26.1)

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

415.0.0 (2023-01-24)

Google Cloud CLI

• Global --format flag now respects the core/default_format property when --format=default. If core/default_format is not set, then default format is yaml.

AI

• Modified --region flag of gcloud ai endpoints to include new online prediction regions.
• Modified --region flag of gcloud ai models to include new online prediction regions.
• Added --enable-dashboard-access flag to gcloud ai custom-jobs create and gcloud ai hp-tuning-jobs create to allow the access to the dashboard specified in custom container.

BigQuery

• Added support for using the auth/impersonate_service_account property in bq commands.

Cloud Build

• Added command groups for managing connections and repositories: gcloud beta builds connections and gcloud beta builds repositories.

Cloud Dataproc

• Added gcloud dataproc node-groups group with commands: describe and resize.
• Added --driver-pool-${X} flags to gcloud dataproc clusters create.

Cloud Firestore

• Added --database flag to gcloud firestore operations to add database support for Firestore operations.

Cloud On Demand Scanning

• Fixed issue with extracting packages from Go binaries built with newer versions of to the Go toolchain.

Cloud Org Policy

• Added --update-mask to gcloud org-policies set-policy to specify the fields to be overwritten in the policy.

Cloud Pub/Sub

• Added gcloud pubsub schemas commit to commit a revision for a Pub/Sub schema.
• Added gcloud pubsub schemas rollback to roll back a revision for a Pub/Sub schema.
• Added gcloud pubsub schemas delete-revision to delete a revision for a Pub/Sub schema.
• Added gcloud pubsub schemas list-revisions to list all revisions for a Pub/Sub schema.
• Added --first-revision-id and --last-revision-id flags to gcloud pubsub topics create to create schema settings for Pub/Sub topics.
• Added --clear-schema-settings, --schema, --message-encoding, --first-revision-id and --last-revision-id flags to gcloud pubsub topics update to update schema settings for a Pub/Sub topic.

Cloud SQL

• Promoted gcloud sql users describe command to beta.

Compute Engine

• Added --update-policy-<type|max-unavailable|max-surge|minimal-action|most-disrtuptive-action|replacement-method> flags of gcloud compute instance-groups managed <create|update> to GA.
• Added --update-policy-min-ready flag of gcloud compute instance-groups managed <create|update> to beta.
• Added --enforce-on-key-configs flag to gcloud beta compute security-policies rules create and gcloud beta compute security-policies rules update.

Dataproc Metastore

• Promoted gcloud metastore services import flag --dump-type to GA.
• Promoted gcloud metastore services export flag --dump-type to GA.

Declarative Workflows

• Make --storage-path, --resource-types and --resource-types-file mutually exclusive in gcloud beta resource-config bulk-export.

Kpt

• Updated kpt from v1.0.0-beta.19 to v1.0.0-beta.24. See https://github.com/GoogleContainerTools/kpt/releases/tag/v1.0.0-beta.24 and previous release notes for more details.

Recommender

• Added support for gcloud recommender recommendations mark-dismissed.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

414.0.0 (2023-01-18)

Anthos Multi-Cloud

• Added --azure-tenant-id and --azure-application-id flags to gcloud container azure clusters create and gcloud container azure clusters update to set authentication configuration for management of Azure resources. These flags replace --client flag.

Apigee

• Fixed issue where gcloud apigee apis describe would demand a non-existent --revision argument.

Cloud API Gateway

• Fixed issue where sort-by arguments in list commands produced type validation errors.

Cloud Build

• Added --peered-network-ip-range flag to gcloud builds worker-pools create.

Cloud Firestore

• Added database support for Firestore import/export.
• Added namespace_ids support for Firestore import/export.
• Added databaseId support for Firestore TTL.
• Added databaseId support for Firestore SFI.

Cloud Storage

• Add IAM and ACL-related flags.
• Updated gsutil component to 5.18.

Compute Engine

• Promoted --external-ipv6-address flag of gcloud compute instances network-interfaces update to GA.
• Promoted --external-ipv6-prefix-length flag of gcloud compute instances network-interfaces update to GA.
• Added keyword network-attachment for --network-interface in gcloud compute instance-templates create.
• Promoted --external-ipv6-address flag of gcloud compute instances create to GA.
• Promoted --external-ipv6-prefix-length flag of gcloud compute instances create to GA.
• Promoted --source-instance-template flag of gcloud compute reservations create to GA.

Database Migration

• Added gcloud database-migration conversion-workspaces seed which seeds from a connection profile for a database-migration conversion workspace.
• Added gcloud database-migration conversion-workspaces delete which deletes a database-migration conversion workspace.
• Added gcloud database-migration conversion-workspaces convert which converts source entities to draft entities in a database-migration conversion workspace.
• Added gcloud database-migration conversion-workspaces apply which applies a database-migration conversion workspace onto the destination database.
• Added gcloud database-migration conversion-workspaces list-background-jobs which lists the background jobs in a database-migration conversion workspaces.
• Added gcloud database-migration conversion-workspaces describe-entities which describes the database entities in a database-migration conversion workspaces.

Dataproc Metastore

• Promoted gcloud metastore services flag --database-type to GA.

Kubernetes Engine

• Updates default kubectl from 1.23.15 to 1.24.9.
• Additional kubectl versions:
  • kubectl.1.21 (1.21.14)
  • kubectl.1.22 (1.22.17)
  • kubectl.1.23 (1.23.15)
  • kubectl.1.24 (1.24.9)
  • kubectl.1.25 (1.25.5)
  • kubectl.1.26 (1.26.0)

Network Management

• Added appEngineVersion and cloudRunRevision arguments for source in gcloud network-management connectivity-tests. This allows the user to run tests using App Engine version and Cloud Run revision endpoint types as source.

Security Command Center

• Fixed gcloud scc findings create to require flag event-time.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

413.0.0 (2023-01-10)

Breaking Changes

• (Cloud Storage) Added --fetch-encrypted-object-hashes flag to ls and objects list commands. API requests to the LIST endpoint do not fetch the hashes for encrypted objects by default. If this flag is set, a GET request is sent for each encrypted object in order to fetch hashes. This can significantly increase the cost of the commands.
  • Previously, the fallback to GET was implemented for CSEK-encrypted objects as the default behavior. With this flag, both CSEK and CMEK are handled, and gcloud CLI checks if it has the necessary CSEK key before sending a GET request.
• (Kubernetes Engine) This change starts using the Client-Go Credential Plugin gke-gcloud-auth-plugin as noted in Client-go Credential Plugin changes.

Google Cloud CLI

• Fixed a crash during reauth when Enterprise Certificate is used.
• Fixed issue where the gcloud CLI would crash when invoked in PowerShell 7.3. This issue was reported at: https://issuetracker.google.com/issues/259295558.
• Added core/default_format and core/format properties to config in order enable setting a default print format. Print format is first determined by global flag --format. If --format flag is not defined, then CLI defaults to core/format value. If core/format is not defined, then CLI defaults to command specific output. If command specific output is undefined, then format is determined by core/default_format. core/default_format defaults to yaml format.

AI

• Modified --region flag of gcloud ai model-monitoring-jobs to include new model monitoring jobs regions.
• Modified --explanation-metadata-file flag of gcloud ai models upload from required to optional.
• Added optional output-image-uri field to --worker-pool-spec flag of gcloud ai custom-jobs create to name and store the custom image built with autopackaging in the specified Google Container Registry or Artifact Registry.

Anthos Multi-Cloud

• Updated gcloud container aws operations list to show the underlying action (create, update, delete, etc) associated with AWS long-running operations.
• Updated gcloud container azure operations list to show the underlying action (create, update, delete, etc) associated with Azure long-running operations.
• Added gcloud container azure operations cancel to cancel an ongoing LRO operation on Azure resources.
• Added gcloud container aws operations cancel to cancel an ongoing LRO operation on AWS resources.
• Added --tags flag to gcloud container aws node-pools update to update the tags assigned to AWS node pool resources.
• Added --clear-tags flag to gcloud container aws node-pools update to clear the tags assigned to AWS node pool resources.
• Added --autoscaling-metrics-granularity flag to gcloud container aws node-pools create to set granularity when enabling CloudWatch metrics collection of the autoscaling group of AWS node pools.
• Added --autoscaling-metrics flag to gcloud container aws node-pools create to enable collection of specific CloudWatch metrics of the autoscaling group of AWS node pools.
• Added --autoscaling-metrics-granularity flag to gcloud container aws node-pools update to update the granularity of CloudWatch metrics collection for the autoscaling group of AWS node pools.
• Added --autoscaling-metrics flag to gcloud container aws node-pools update to update the collection of specific CloudWatch metrics for the autoscaling group of AWS node pools.
• Added --clear-autoscaling-metrics flag to gcloud container aws node-pools update to clear the CloudWatch metrics collection associated with the autoscaling group of AWS node pools.
• Added gcloud container attached operations list to show the underlying action (create, update, delete, etc) associated with Attached clusters long-running operations.
• Added gcloud container attached operations describe to show detailed status of a provided Attached clusters long-running operation.
• Added gcloud container attached operations wait to wait for completion of a provided Attached clusters long-running operation.

BigQuery

• Fixed issue with timestamp normalization in Windows.
• Extended the insert flags to include a insert_id flag that's appended to the row number of the data to be inserted as the insertId field that's used for deduping newly inserted rows. This can be used to ensure repeat executions don't add unintended data.

Cloud Access Context Manager

• Promoted gcloud access-context-manager authorized-orgs to GA.

Cloud Build

• Removed --subscription-filter flag of gcloud builds triggers create manual.

Cloud Composer

• Added --enable-cloud-data-lineage-integration to gcloud composer environments create/update to enable Cloud Data Lineage integration.
• Added --disable-cloud-data-lineage-integration to gcloud composer environments update to disable Cloud Data Lineage integration.
• Enabled db check Airflow command executable via gcloud composer environments run for environments with Airflow 2.3 or newer.

Cloud Datalab

• Removed gcloud datalab component.

Cloud Run

• Added --env-vars-file to gcloud beta run jobs create to add environment variables to the job from a YAML file.
• Removed the call to action from gcloud beta run integrations describe for Redis integrations that are not ready for use.

Cloud SQL

• Added --striped and --stripe_count flags to gcloud sql import bak and added --striped flag to gcloud sql export bak to enable the striped import/export feature for SQL Server.
• Promoted --restore-database-name flag for gcloud sql instance clone --point-in-time to support single database PITR restore for SQL Server to beta and GA.
• Added gcloud sql users describe command, which describes a Cloud SQL user in an instance in alpha.

Cloud Services

• Promoted gcloud services api-keys list in beta.
  • Promoted gcloud services api-keys describe in beta.
  • Promoted gcloud services api-keys get-key-string in beta.
  • Promoted gcloud services api-keys create in beta.
  • Promoted gcloud services api-keys update in beta.

Cloud Storage

• Added gcloud storage buckets create --placement flag.
• Promoted gcloud storage objects update retention flags to GA.
  • --event-based-hold
  • --temporary-hold
• Removed gcloud storage buckets update --no-lock-retention-period flag.

Cloud Workstations

• Added gcloud beta workstations clusters create which creates a cluster under a specified region.
• Added gcloud beta workstations configs create which creates a workstation configuration under a specified cluster.
• Added gcloud beta workstations create which creates a workstation under a specified config.
• Added gcloud beta workstations delete which deletes the given workstation.
• Added gcloud beta workstations configs delete which deletes the given config.
• Added gcloud beta workstations clusters delete which deletes the given cluster.
• Added gcloud beta workstations describe which displays all fields for a given workstation.
• Added gcloud beta workstations configs describe which displays all fields for a given config.
• Added gcloud beta workstations clusters describe which displays all fields for a given cluster.
• Added gcloud beta workstations start which starts a specified workstation.
• Added gcloud beta workstations stop which stops a specified workstation.

Compute Engine

• Added -iam-policyand-iam-policy-bindingstogcloud beta compute backend-buckets`.
• Promoted --endpoint-type flag of gcloud compute addresses create to GA.
• Promoted gcloud compute sole-tenancy node-groups simulate-maintenance-event to beta.
• Added --all-instances-config-effective flag of gcloud compute instance-groups managed wait-until to beta.
• Modified gcloud compute forwarding-rules create to allow specifying --address and --ip-version at the same time.

Compute Firewall Policies

• Fixed gcloud compute network-firewall-policies rules update not sending an empty list to the API if a field is specified as empty.

Database Migration

• Added gcloud database-migration private-connections create which creates a database-migration private connection.
• Added gcloud database-migration private-connections list which lists the database-migration private connections.
• Added gcloud database-migration private-connections describe which describes a database-migration private connection.
• Added gcloud database-migration private-connections delete which deletes a database-migration private connection.
• Updated gcloud database-migration connection-profiles create to support creating Oracle connection profiles.
• Updated gcloud database-migration connection-profiles create to support connectivity in creating Postgresql connection profiles.
• Added gcloud database-migrate conversion-workspaces create which creates a database-migration conversion workspace.
• Added gcloud database-migrate conversion-workspaces update which updates a database-migration conversion workspace.
• Added gcloud database-migration conversion-workspaces list which lists the database-migration conversion workspaces.
• Added gcloud database-migration conversion-workspaces describe which describes a database-migration conversion workspace.
• Added gcloud database-migration conversion-workspaces commit which commits a database-migration conversion workspace.
• Added gcloud database-migration conversion-workspaces rollback which rollbacks a database-migration conversion workspace.

Kubernetes Engine

• Updates default kubectl from 1.23.14 to 1.23.15.
• Removes kubectl.1.20, since it is no longer needed.
• Additional kubectl versions:
  • kubectl.1.21 (1.21.14)
  • kubectl.1.22 (1.22.17)
  • kubectl.1.23 (1.23.15)
  • kubectl.1.24 (1.24.9)
  • kubectl.1.25 (1.25.5)

Pubsub Emulator

• Added support for Exactly-once Delivery.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

412.0.0 (2022-12-13)

Breaking Changes

• (Compute Engine) Modified concurrent operation quota errors to show additional information to user instead of just error message.

Google Cloud CLI

• Added property core/parse_error_details. If set, gcloud CLI will parse and display errors in a more human readable format, where available.

AI

• Modified --region flag of gcloud ai endpoints to include new online prediction regions.
• Modified --region flag of gcloud ai models to include new online prediction regions.
• Modified --region flag of gcloud ai custom-jobs to include new online training regions.
• Modified --region flag of gcloud ai hp-tuning-jobs to include new online training regions.

AlloyDB

• Introduced gcloud alloydb track.

Anthos Multi-Cloud

• Promoted gcloud container attached to GA.

App Engine

• Updated gcloud beta app instances ssh to use an IAP tunnel when attempting to SSH to an instance without an external IP.

Cloud Build

• Modified one of gcloud builds triggers run --branch, gcloud builds triggers run --tag, and gcloud builds triggers run --sha flag to be required.
• Make --region flag visible in builds triggers create command group. Set --dockerfile flag as required for builds triggers create command group.
• Ungroup --build-config flag and --inline-config flag for builds triggers create command group.
• Promoted gcloud builds triggers to GA.

Cloud Composer

• Added gcloud composer environments snapshots load - to load a snapshot into the environment.
• Added gcloud composer environments snapshots save - save a snapshot of the environment.
• Added --enable-scheduled-snapshot-creation to gcloud composer environments create/update to enable snapshots of the environment creation according to a schedule. Can be specified for Composer 2.0.32 or greater.
• Added --snapshot-creation-schedule to gcloud composer environments create/update to specify cron expression when snapshots of the environment should be created.
• Added --snapshot-location to gcloud composer environments create/update to specify the Cloud Storage location for storing automatically created snapshots.
• Added --snapshot-schedule-timezone to gcloud composer environments create/update to specify Timezone that sets the context to interpret snapshot_creation_schedule.
• Added --disable-scheduled-snapshot-creation to gcloud composer environments update to disable the automatic snapshots creation.

Cloud Datastream

• Fixed issue where gcloud datastream create failed for Postgresql source config.

Cloud Functions

• Added --cpu flag to gcloud beta functions deploy for 2nd Gen functions to alpha and beta.
• Added --concurrency flag to gcloud beta functions deploy for 2nd Gen functions to alpha and beta.

Cloud Pub/Sub

• Added --event-time and --publish-time flags to gcloud pubsub lite-subscriptions create to create Pub/Sub Lite subscriptions from a nominated timestamp.
• Added --export-pubsub-topic, --export-dead-letter-topic and --export-desired-state flags to gcloud pubsub lite-subscriptions create to create Pub/Sub Lite export subscriptions.
• Added --export-pubsub-topic, --export-dead-letter-topic and --export-desired-state flags to gcloud pubsub lite-subscriptions update to update Pub/Sub Lite export subscriptions.

Cloud SQL

• Added --enable-google-private-path flag to gcloud sql instances create and gcloud sql instances patch commands in Alpha, Beta, and GA. This field specifies whether the instance is accessible to internal Google Cloud services such as BigQuery. This is applicable only to MySQL and PostgreSQL instances that don't use public IP. Currently, SQL Server isn't supported.

Cloud Services

• Promoted gcloud services api-keys delete to beta.
• Promoted gcloud services api-keys undelete to beta.

Cloud Workstations

• Added gcloud beta workstations configs list which lists workstation configs under a specified cluster.

Config Controller

• Added --full-management flag to gcloud anthos config controller create to allow creating Config Controller on GKE Autopilot instances.

Database Migration

• Updated gcloud database-migration connection-profiles create to support creating AlloyDB connection profiles.

Firebase Test Lab

• Added --robo-script flag to gcloud firebase test ios run to customize an iOS Robo crawl with a Robo script.

Identity and Access Management

• Added --executable-interactive-timeout-millis flag to gcloud iam workforce pools create-cred-config. This enables using executable-sourced credentials with user interactivity with gcloud auth login --cred-file=/path/to/interactive/executable/config.json when using Workforce Identity Federation.

Kubernetes Engine

• Added --stack-type and --ipv6-access-type arguments to gcloud container clusters create command to support dual stack GKE clusters.
• Added --stack-type argument to gcloud container clusters update command to support changing stack type between IPv4 and dual stack GKE clusters.
• Added --ephemeral-storage-local-ssd to gcloud beta container clusters create, gcloud beta container node-pools create, gcloud container clusters create, gcloud container node-pools create. This flag is used to configure nodes' ephemeral storage to be backed by local SSDs.
• Added --local-nvme-ssd-block to gcloud beta container clusters create, gcloud beta container node-pools create, gcloud container clusters create, gcloud container node-pools create. This flag is used to initialize nodes in node-pool with raw-block local NVMe SSDs attached.

Notebooks

• Added support for Shielded VM configuration to gcloud notebooks instances create.
• Added support for reservation configuration to gcloud notebooks instances create.

Terraform

• Added zone and region option for gcloud beta terraform vet.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

411.0.0 (2022-12-06)

Breaking Changes

• (Compute Engine) Added rhel-9 and rhel-9-byol options to --os flag for:
  • gcloud compute images import in GA,
  • gcloud compute instances import in GA
  • gcloud compute machine-images import in GA

Google Cloud CLI

• Added gcloud topic command group to alpha and beta.

App Engine

• Add --service-account flag of gcloud app create to GA, which allows to create an app with a user-managed service account.
• Add --service-account flag of gcloud app update to GA, which allows to update the app with a user-managed service account.

App Engine Flexible Environment

• Add --service-account flag of gcloud app create to GA, which allows to create an app with a user-managed service account.
• Add --service-account flag of gcloud app update to GA, which allows to update the app with a user-managed service account.

BigQuery

• Expose enable_resumable_uploads flag in public bq.
• Formatting fix for bigquery_client.py.
• Changed "locking" Owned Test Accounts to "getting" to avoid overloading AccountProviderService.
• Extended api logging to include URIs of requests.
• Extends encodings supported during file upload.
• Messages and fails early when the user tries to upload with an invalid schema.
• Adds support for GOOGLE_CLOUD_QUOTA_PROJECT environment variable.
• Adds configuration for external accounts using token_uri.
• Dataset name validation and feedback.

Cloud Bigtable

• Promoted gcloud bigtable instances tables create to beta and GA.
• Promoted gcloud bigtable instances tables delete to beta and GA.
• Promoted gcloud bigtable instances tables update to beta and GA.
• Added include-stats option to cbt lookup and cbt read commands.
• Added cbt notices command, which displays licenses covering all direct and indirect dependencies.

Cloud Build

• Bugfix to enforce limits to be applied after filters.
• Added --enterprise-config flag to builds triggers create github to support creating GitHub Enterprise trigger.

Cloud Composer

• Added --enable-scheduled-snapshot-creation to gcloud beta composer environments create/update to enable snapshots of the environment creation according to a schedule. Can be specified for Composer 2.0.32 or greater.
• Added --snapshot-creation-schedule to gcloud beta composer environments create/update to specify cron expression when snapshots of the environment should be created.
• Added --snapshot-location to gcloud beta composer environments create/update to specify the Cloud Storage location for storing automatically created snapshots.
• Added --snapshot-schedule-timezone to gcloud beta composer environments create/update to specify Timezone that sets the context to interpret snapshot_creation_schedule.
• Added --disable-scheduled-snapshot-creation to gcloud beta composer environments update to disable the automatic snapshots creation.

Cloud Firestore

• Add apiScope output for Firestore index. ApiScope can be viewed in gcloud firestore indexes composite list and gcloud firestore indexes composite describe.
• Added databaseId support for Firestore index.

Cloud IDS

• Added --threat_exceptions flag to exclude certain threat types from being reported.

Cloud Key Management Service

• Modified gcloud kms import-jobs create to accept new SHA256 import methods rsa-oaep-3072-sha256, rsa-oaep-3072-sha256-aes-256, rsa-oaep-4096-sha256, and rsa-oaep-4096-sha256-aes-256.

Cloud Pub/Sub

• Promoted --enable-exactly-once-delivery flag of gcloud pubsub subscriptions create to GA.
• Promoted --enable-exactly-once-delivery flag of gcloud pubsub subscriptions update to GA.

Cloud Run

• Promoted --execution-environment of gcloud run from beta to GA.
• Fixed issue where gcloud beta run jobs execute with --wait flag, and other jobs commands to wait for an execution to complete, failed to wait more than 30 minutes.
• Fixed issue where gcloud beta run integrations delete failed when the associated Cloud Run service is deleted.

Cloud SQL

• Promoted --timeout flag for gcloud sql instances create to GA.
• Added --restore-database-name flag to gcloud sql instance clone --point-in-time to support single database PITR restore for SQL Server.

Cloud Services

• Updated gcloud services list to retry 429 errors.
• Set the default page size for gcloud services list to 200.
• Promoted gcloud services api-keys lookup to beta.

Cloud Spanner

• Added --skip-init flag to gcloud spanner samples run.

Cloud Storage

• Promoted gcloud storage buckets update retention flags to GA.
  • --default-event-based-hold
  • --retention-period
  • --clear-retention-period
  • --lock-retention-period
• Promoted gcloud storage buckets update --uniform-bucket-level-access to GA.
• Rebuilt gcloud-crc32c 1.0.0 on latest version of golang.
• Updated gsutil component to 5.17.

Compute Engine

• Added --merge-source-commitment to gcloud compute commitments create for beta and GA.
• Fixed issue where gcloud compute instance-groups unmanaged list-instances would fail to fall back to the compute/zone property when --zone was missing.
• Added customRequestHeaders and customResponseHeaders to modifiable fields list in gcloud compute backend-services edit.

Dataproc Metastore

• Added support for querying and mutating Dataproc Metastore metadata. The following commands have been added to the alpha and beta release tracks:
  • metastore services queryMetadata
  • metastore services alterLocation
  • metastore services moveTableToDatabase

Distributed Cloud Edge

• Added warning to long running operation metadata of gcloud edge-cloud container cluster create/update when the cluster has a maintenance window configuration that overlaps with other clusters' in the same project.

Firebase Test Lab

• Added --type=robo flag to gcloud firebase test ios run to support running iOS Robo tests.

GKE Hub

• Fixed bug in gcloud container fleet and gcloud container hub command groups where a membership with ambiguous location was not given default value global.

Kubernetes Engine

• Promoted --cluster-dns-scope=cluster flag of gcloud container clusters create and gcloud container clusters update to GA.
• Promoted --binauthz-evaluation-mode=MONITORING, binauthz-evaluation-mode=MONITORING_AND_PROJECT_SINGLETON_POLICY_ENFORCE, and --binauthz-policy flags of gcloud container clusters create, gcloud container clusters create-auto, and gcloud container clusters update to beta.
• Corrected outdated description help text of gcloud container node-pools delete.
• Promoted --placement-type flag for gcloud container clusters create command to GA.
• Promoted --placement-type flag for gcloud container node-pools create command to GA.
• Added --async flag to gcloud container node-pools create/update to allow the in-progress operation to be returned, instead of the node pool.
• Additionally, default formatting for gcloud container node-pools create/update/delete --async has been added to provide a more human-readable format of the operation; potentially impacting parsing of output. It is recommended to use --format when parsing gcloud CLI output.
• Updates default kubectl from 1.22.14 to 1.23.14.

• Additional kubectl versions:

  • kubectl.1.20 (1.20.15)
  • kubectl.1.21 (1.21.14)
  • kubectl.1.22 (1.22.15)
  • kubectl.1.23 (1.23.14)
  • kubectl.1.24 (1.24.8)
  • kubectl.1.25 (1.25.4)

• Added --windows-os-version flag to gcloud container node-pools create/update to allow create Windows node pools using Windows Server LTSC 2022 Containerd node image.

Media CDN

• Added gcloud edge-cache command group to enable configuration of Media CDN.

Network Connectivity

• Promoted gcloud network-connectivity internal-ranges command group to GA.

Network Security

• Promoting networksecurity firewall API to v1beta1.
• Promoted commands under gcloud network-security org-address-groups and gcloud network-security address-groups to beta.

Recommender

• Added billing account scope support for gcloud recommender recommender-config describe.
• Added billing account scope support for gcloud recommender recommender-config update.
• Added billing account scope support for gcloud recommender insight-type-config describe.
• Added billing account scope support for gcloud recommender insight-type-config update.

Terraform

• Added support for environment variables GOOGLE_PROJECT, GOOGLE_CLOUD_PROJECT, GCLOUD_PROJECT in gcloud beta terraform vet.
• Fixed an issue where gcloud beta terraform vet would fail while trying to format and output pre-formatted error strings.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

410.0.0 (2022-11-15)

Google Cloud CLI

• Added gcloud topic endpoint-override for details on overriding the default api URL.

AI

• Added asia-southeast2, europe-central2, and us-south1 options to --region flag of gcloud ai custom-jobs and gcloud ai hp-tuning-jobs.

AlloyDB

• Introduced the following commands: gcloud beta alloydb clusters create-secondary, gcloud beta alloydb instances create-secondary, gcloud beta alloydb clusters promote.

App Engine

• Updated the Java SDK to version 2.0.10 build from the open source project https://github.com/GoogleCloudPlatform/appengine-java-standard/releases/tag/v2.0.10.

Artifact Registry

• Update maven and gradle plugin versions to 2.2.0.

Assured Workloads

• Added SOVEREIGN_CONTROLS_BY_T_SYSTEMS as an option for --partner flag of gcloud assured workloads create command (available for both beta and GA).

Cloud Asset Inventory

• Promoted gcloud asset query command to GA.

Cloud Bigtable

• Added stats option to --view flag for bigtable instances tables describe.

Cloud Composer

• Added --enable-triggerer to gcloud beta composer environments create/update to allow usage of deferrable operators in dags.
• Added --triggerer-cpu to gcloud beta composer environments create/update to specify CPU allocated to Airflow triggerer.
• Added --triggerer-memory to gcloud beta composer environments create/update to specify memory allocated to Airflow triggerer.
• Added --disable-triggerer to gcloud beta composer environments update to disable Airflow triggerer.

Cloud Dataproc

• Added --async flag to gcloud dataproc jobs kill.

Cloud Datastream

• Added the max_concurrent_cdc_tasks support to --mysql-source-config and --oracle-source-config flags in gcloud datastream streams.
• Fixed issue where stream create using a mysql-source-config or oracle-source-config with column level filtering fails to create.

Cloud Functions

• Fixed issue where gcloud functions list would crash when a 2nd Gen-only region was specified using --regions.
• Updated gcloud function describe to look up both 1st Gen and 2nd Gen environments for the function. When --gen2 flag is specified, only 2nd Gen functions will be looked up.

Cloud Run

• Promoted gcloud run services logs read and gcloud run revisions logs read to beta, which reads logs from a selected resource.
• Promoted gcloud run services logs tail and gcloud run revisions logs tail to beta, which tail logs from a selected resource.
• Added --execute-now and --wait flags to gcloud beta run job update to immediately execute the job after update and wait for completion.
• Promoted gcloud beta run integrations command group and all sub-commands to beta.

Compute Engine

• Promoted --list-managed-instances-results flag for gcloud compute instance-groups managed create and gcloud compute instance-groups managed update to GA.
• Fixed --network-interface to mark the public IP as None when --no-address is specified.

GKE Hub

• Fixed issue where gcloud container fleet memberships commands did not output memberships with missing cluster.
• Fixed bug in gcloud container fleet config-management version where memberships were stuck with version "NA".

Identity and Access Management

• Added support for retrieving the token introspection endpoint through external account credentials.

Kubernetes Engine

• Added --labels flag to gcloud container node-pools create/update to allow creating and updating node pools with GCP labels.

VPC Access

• Promoted gcloud compute networks vpc-access connectors update to beta.
  • Enables updating of min-instances, max-instances and machine-type of already existing vpc-access connectors.

Vmware Engine

• Added commands for managing resources:
  • Locations
  • Operations
  • VMwareEngine networks
  • Network policies
  • Node types
  • Private clouds
  • Clusters
  • HCX activation keys
  • NSX credentials
  • VCenter credentials
  • Subnets

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

409.0.0 (2022-11-08)

Breaking Changes

• (Compute Engine) Modified stockout errors to show entire error object to user in yaml format instead of just error message.
• (Compute Engine) Modified quota exceeded errors to show additional information to user instead of just error message.

Google Cloud CLI

• Modified gcloud config list to accept both a section name and --all flag. The command will display all the set and unset properties when specifying both.

Anthos Multi-Cloud

• Added --allow-missing flag to the following command groups: gcloud container aws clusters delete, gcloud container aws node-pools delete, gcloud container azure clients delete, gcloud container azure clusters delete, gcloud container azure node-pools delete, to allow the delete request to succeed, even if the cluster, node-pool or client resource does not exist.

Cloud Composer

• Added --skip-airflow-overrides-setting to gcloud beta composer snapshots load to allow skipping setting Airflow overrides from the snapshot.
• Added --skip-environment-variables-setting to gcloud beta composer snapshots load to allow skipping setting environment variables from the snapshot.
• Added --skip-gcs-data-copying to gcloud beta composer snapshots load to allow skipping copying dags, plugins and data folders from the snapshot.

Cloud Datastream

• Added the max_concurrent_cdc_tasks support to --mysql-source-config and --oracle-source-config flags in gcloud datastream streams.

Cloud Filestore

• Fixed issue where --kms-key was being ignored in gcloud filestore backups create command.

Cloud Firestore Emulator

• Promoted gcloud emulators firestore to GA.
• Release Cloud Firestore emulator v1.15.1
  • feat: allow users to configure websocket port

Cloud Functions

• Fixed issue where gcloud functions list would crash when a 2nd Gen-only region was specified using --regions.

Cloud Logging

• Updated gcloud logging read to accept multiple resources to query using a new --resource-names flag.

Cloud SQL

• Added the following flags to gcloud sql instances create in BETA:
  • --timeout

Compute Engine

• Added --split-source-commitment to gcloud compute commitments create for beta and GA.
• Promoted any-single-zone value support for the flag --target-distribution-shape of gcloud compute instance-groups managed create / update to beta.
• Added keyword network-attachment for --network-interface in gcloud compute instances create.
• Promoted --max-run-duration flag of gcloud compute instances create to beta.
  • Allows specifying the duration of time after which the instance will terminate.
• Promoted --termination-time flag of gcloud compute instances create to beta.
  • Allows specifying the timestamp that the instance will terminate.
• Added 3 additional accepted values to --enforce-on-key for gcloud compute security-policies rules create|update and promoted it to GA.
• Promoted gcloud compute network-edge-security-services command group to GA.
• Promoted --region and '--global' flags of gcloud compute security-policies to GA.
• Promoted --network-ddos-protection flag of gcloud compute security-policies update to GA.

Distributed Cloud Edge

• Removed unsupported GPU_TYPE field from gcloud edge-cloud container machines list. This field will be restored once the API provides accurate GPU information.

GKE Hub

• Fixed a bug where gcloud container fleet memberships get-credentials and gcloud container hub memberships get-credentials would not return an error when the membership argument was left empty.

Kubernetes Engine

• Corrected outdated description help text of gcloud container node-pools delete.
• Added --private-endpoint-subnetwork and --enable-google-cloud-access flags to gcloud container clusters create and gcloud container clusters create-auto.
• Added --enable-google-cloud-access and --enable-private-endpoint flags to gcloud container clusters update.
• Added --enable-private-nodes flag to gcloud container node-pools create and gcloud container node-pools update.

Notebooks

• Added gcloud notebooks instances diagnose and gcloud notebooks runtimes diagnose commands to GA. These commands provide access to the AI Platform Notebooks new Diagnose API.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

408.0.1 (2022-11-02)

BigQuery

• Adds various fixes to PSC environments.
• Adds support for random forest models as part of BQML.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

408.0.0 (2022-11-01)

Breaking Changes

• (Cloud Storage) Lifecycle and CORS settings files now use camel case instead of snake case to match the API documentation. Example: http://cloud/storage/docs/json_api/v1/buckets#lifecycle.

AI

• Added more available regions to gcloud ai model-monitoring-jobs.
• Added --version-description flag to gcloud ai models upload to support setting model version description.

BigQuery

• Add missing open source licenses.
• Expose Iceberg for public preview.

Cloud Composer

• Added --connection-type flag to gcloud beta composer environments create and gcloud composer environments create command to allow forcing the use of VPC peerings for internal communication.

Cloud Deploy

• Added initial-rollout-labels and initial-rollout-annotations flags to gcloud deploy releases create command.

Cloud SQL

• Promoted --connector_enforcement flag for gcloud sql instances create and gcloud sql instances patch to GA.

Cloud Storage

• Updated gsutil component to 5.16.

Compute Engine

• Promoted --discard-local-ssd flag of gcloud compute instances stop to beta.
• Promoted --force-update-on-repair flag of gcloud compute instance-groups managed <create | update> to beta.
• Fixed missing ephemeral IP when neither --address nor --no-address keys are provided with --network-interface flag during instance template creation.

GKE Hub

• Changed membership-related flags in gcloud container fleet and gcloud container hub command groups to resource arguments, adding --location flag and LOCATION column in list commands.

Kubernetes Engine

• Promoted --enable-managed-prometheus flag of gcloud container clusters create/update to GA.
• Promoted --disable-managed-prometheus flag of gcloud container clusters update to GA.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

407.0.0 (2022-10-25)

Breaking Changes

• (Cloud Run) Now gcloud beta run jobs update command removes existing Binary Authorization breakglass justification if --breakglass flag is not set.
• (Cloud Run) In gcloud run deploy and gcloud run services update, --set-secrets, --remove-secrets, and --update-secrets flags now support mounting multiple versions of the same secret in the same directory.
• (Cloud Run)
  • If multiple different secrets are requested to be mounted in the same directory, including for secrets already set on the service in the case of --update-secrets, the operation will now fail instead of silently overriding all secret versions with the last one specified.
• (Compute Engine) Removed --csek-key-file flag of gcloud beta compute instances resume
  • Removing since instance suspend and resume do not support CSEK
  • If your instance with CSEK protection is suspended, please stop the instance then restart it and file a bug.

Assured Workloads

• Added ASSURED_WORKLOADS_FOR_PARTNERS as an option for --compliance-regime flag of gcloud assured workloads create command.
• Added --partner flag (optional) for gcloud assured workloads create command to enable creation of partner workload (workload managed by local trusted partners) through gCloud command.

Cloud DNS

• Promoted gcloud dns managed-zones get-iam-policy and gcloud dns managed-zones set-iam-policy to GA.

Cloud Dataplex

• Promoted Content command group to GA.
• Promoted Environment command group to GA.

Cloud Datastream

• Added postgresql type to --type flag of datastream connection-profiles <create/update>.
• Added postgresql type to --postgresql-rdbms-file flag of datastream connection-profiles discover.
• Added --postgresql-source-config flag to gcloud datastream streams <create/update>.
• Added postgresql type to --type flag of datastream connection-profiles <create/update>.

Cloud Filestore

• Added --kms-key flag to gcloud beta filestore backups create, which allows an Enterprise or High Scale backup to be created that is encrypted with a CMEK key." => "which creates a backup with an associated customer-managed encryption key (CMEK). Only available for Enterprise or High Scale tier instances.
• Added --location flag to gcloud beta filestore instances restore, which restores Enterprise instances." => "restore Basic HDD, Basic SSD, and Enterprise tier instances.
• Added --instance-location flag to gcloud beta filestore backups create, which accepts either a zone or region and allows clients to create Basic HDD, Basic SSD, and Enterprise tier backups.

Cloud SQL

• Added the following flags to gcloud sql instances create and gcloud sql instances patch in BETA:
  • --connector_enforcement

Cloud Storage

• Updated gsutil component to 5.15.

Cloud Workstations

• Promoted gcloud beta workstations commands to beta for Preview.

Compute Engine

• Promoted --source-machine-image, --source-machine-image-csek-key-file, and --erase-windows-vss-signature flags of compute instances create to GA.
• Fixed an issue with --create-disk and --disk flags that causes gcloud compute instance-templates create or gcloud compute instance-templates create-with-container to fail when attaching a boot disk.
• Promoted --region flag for compute target-tcp-proxies to GA.

Compute Firewall Policies

• Fixed bug in gcloud compute network-firewall-policies rules update that would cause src-secure-tags to not be updated.

GKE Hub

• Modified gcloud container fleet memberships register to skip Connect agent installation for GKE clusters by default. Use --install-connect-agent flag to get the old behavior.
• Modified gcloud container fleet memberships unregister to skip Connect agent uninstallation for GKE clusters by default. Use --uninstall-connect-agent flag to get the old behavior.
• Added --install-connect-agent flag to gcloud container fleet memberships register and gcloud container hub memberships register to install connect agent on GKE clusters.
• Added --uninstall-connect-agent flag to gcloud container fleet memberships unregister and gcloud container hub memberships unregister to uninstall Connect agent on GKE clusters.

Identity and Access Management

• Added gcloud iam policies create which creates a deny policy on the given attachment point with the given name.
• Added gcloud iam policies delete which deletes a deny policy on the given attachment point with the given name.
• Added gcloud iam policies get which gets a deny policy on the given attachment point with the given name.
• Added gcloud iam policies list which lists the deny policies on the given attachment point.
• Added gcloud iam policies update which updates the deny policy on the given attachment point with the given name.
• Updated External Account URL validation to allow PSC endpoints.

Kubernetes Engine

• Added --gateway-api flag to gcloud container clusters create and gcloud container clusters update which allows users to turn on the GKE Gateway controller for their cluster and to select the Gateway API release channel they want to use.

Security Command Center

• Updated gcloud scc notifications update to allow for project and folder parents.
• Updated gcloud scc notifications create to allow for project and folder parents.
• Updated gcloud scc notifications delete to allow for project and folder parents.
• Updated gcloud scc notifications list to allow for project and folder parents.
• Updated gcloud scc notifications describe to allow for project and folder parents.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

406.0.0 (2022-10-17)

Breaking Changes

• (Cloud Storage) Changed "Additional Properties" formatting for ls -L to print condensed JSON object instead of JSON list with key and value keys before every key and value.
• (Kubernetes Engine) Remove deprecated --istio-config flag of gcloud beta container clusters create and gcloud beta container clusters update.

Anthos Multi-Cloud

• Promoted --logging flag to gcloud container aws clusters create and gcloud container azure clusters create to update the logging config.
• Promoted --logging flag to gcloud container aws clusters update and gcloud container azure clusters update to update the logging config.
• Added --annotations flag to gcloud container azure node-pools create to set the annotations field when creating Azure node pools.
• Added --annotations flag to gcloud container azure node-pools update to update the annotations of Azure node pools.
• Added --clear-annotations flag to gcloud container azure node-pools update to clear the annotations of Azure node pools.

Bare Metal Solution

• Promoted gcloud bms nfs-shares create to GA.
• Promoted gcloud bms nfs-shares delete to GA.
• Promoted gcloud bms volumes restore to GA.
• Promoted gcloud bms volumes snapshot to GA.
• Promoted gcloud bms volumes snapshots describe to GA.
• Promoted gcloud bms volumes snapshots list to GA.
• Promoted gcloud bms volumes snapshots delete to GA.
• Promoted --add-allowed-client flag of gcloud bms nfs-shares update to GA.
• Promoted --remove-allowed-client flag of gcloud bms nfs-shares update to GA.
• Promoted --clear-allowed-clients flag of gcloud bms nfs-shares update to GA.
• Promoted gcloud bms instances stop to GA.

BigQuery

• Fixed issue with --api flag in external clients.
• Added support for the target_job_concurrency flag and begins deprecating the concurrency flag.
• Added the max_staleness flag for external tables.
• Added support for SIMPLE with the object_metadata flag.
• Added ZSTD as an extract option.

Certificate Manager

• Added gcloud certificate-manager issuance-configs command group to beta. Commands in this group allow for configuring Private Trust certificate issuance.
• Added --issuance-config flag for gcloud certificate-manager certificates create command to beta. The flag allows configuring managed certificates issuance with Private Trust.

Cloud Access Context Manager

• Changed --level flag of gcloud access-context-manager cloud-bindings create and gcloud access-context-manager cloud-bindings update to take a string input instead of a resource:
  • No change is required on any previous configurations as a result of this change.

Cloud Datastream

• Added BigQuery destination type support.

Cloud Firestore Emulator

• Promoted gcloud emulators firestore to GA.

Cloud SQL

• Added the following flags to gcloud sql instances create and gcloud sql instances patch for ALPHA:
  • --connector_enforcement

Cloud TPU

• Promoted --shielded-secure-boot flag of gcloud compute tpus tpu-vm to GA.

Compute Firewall Policies

• Updated gcloud compute firewall-policies rules create to include help text for src-threat-intelligence, src-fqdns, src-region-codes , src-address-groups, dest-threat-intelligence, dest-fqdns , dest-region-codes and dest-address-groups.
• Updated gcloud compute firewall-policies rules update to include help text for src-threat-intelligence, src-fqdns, src-region-codes , src-address-groups, dest-threat-intelligence, dest-fqdns , dest-region-codes and dest-address-groups.
• Updated gcloud compute network-firewall-policies rules create to include help text for src-threat-intelligence, src-fqdns, src-region-codes , src-address-groups, dest-threat-intelligence, dest-fqdns , dest-region-codes and dest-address-groups.
• Updated gcloud compute network-firewall-policies rules update to include help text for src-threat-intelligence, src-fqdns, src-region-codes , src-address-groups, dest-threat-intelligence, dest-fqdns , dest-region-codes and dest-address-groups.
• Promoted --src-address-groups and --dest-address-groups flags to beta in gcloud compute firewall-policies rules create , gcloud compute firewall-policies rules update , gcloud compute network-firewall-policies rules create and gcloud compute network-firewall-policies rules update commands.
• Promoted --src-fqdns and --dest-fqdns flags to beta in gcloud compute firewall-policies rules create , gcloud compute firewall-policies rules update , gcloud compute network-firewall-policies rules create and gcloud compute network-firewall-policies rules update commands.

Kpt

• Updated kpt from v1.0.0-beta.15 to v1.0.0-beta.19. https://github.com/GoogleContainerTools/kpt/releases.

Kubernetes Engine

• Promoted the GKE add-on BackupRestore of gcloud container clusters <create|update> to GA. This add-on is disabled by default.
  • Use --addons=BackupRestore to enable the add-on during cluster creation.
  • Use --update-addons=BackupRestore=ENABLED|DISABLED to enable/disable the add-on for existing GKE clusters.

Managed Active Directory

• Promoted gcloud active-directory domains extend-schema to GA.

Network Security

• Updated gcloud network-security address-groups list to include the TYPE, CAPACITY and USAGE columns in the output.
• Updated gcloud network-security org-address-groups list to include the TYPE, CAPACITY and USAGE columns in the output.

Security Command Center

• Updated gcloud scc notifications update to allow for project and folder parents.
• Updated gcloud scc notifications create to allow for project and folder parents.
• Updated gcloud scc notifications delete to allow for project and folder parents.
• Updated gcloud scc notifications list to allow for project and folder parents.

405.0.1 (2022-10-14)

GKE Hub

• Updated gke-gcloud-auth-plugin to 0.4.0.

Cloud Bigtable

• Updated the version of cbt to v1.12.1.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

405.0.0 (2022-10-04)

Google Cloud CLI

• Fixed issue where revoking impersonated ADC credentials caused a crash.
• Fixed issue where it was not possible to set a logging configuration when creating a regional backend service in alpha and beta.

Anthos Multi-Cloud

• Added --tags flag to gcloud container aws clusters update to update the tags assigned to control plane replicas.
• Added --clear-tags flag to gcloud container aws clusters update to clear the tags assigned to control plane replicas.

App Engine

• Updated the Java SDK to version 2.0.9 build from the open source project https://github.com/GoogleCloudPlatform/appengine-java-standard.
• Fixed https://github.com/GoogleCloudPlatform/app-maven-plugin/issues/480.

Artifact Registry

• Automatically creates missing repos for gcloud beta artifacts settings enable-upgrade-redirection command.

Batch

• Promoted gcloud batch to GA track.

Cloud Dataplex

• Updated gcloud dataplex tasks create to support scheduling notebooks.

Cloud Firestore

• Promoted gcloud firestore fields ttls command group to GA.

Cloud Spanner

• Promoted gcloud spanner instance-configs [create|update|delete] to GA.

Cloud SQL

• Promoted --time-zone flag of gcloud sql instances create command to GA.
• Provided a helpful error message when Cloud SQL Proxy fails to start during gcloud sql connect command.

Cloud Run

• Added gcloud beta run jobs replace to deploy a job from yaml.

Compute Engine

• Added ubuntu-2204 and windows-11-x64-byol options to --os flag for:
  • gcloud compute images import in GA,
  • gcloud compute instances import in GA
  • gcloud compute machine-images import in GA
• Updated gcloud compute instance-templates create not to crash if instantiate-from value is not specified in --configure-disk when using --source-instance flag.
• Promoted --md5-authentication-key flag of gcloud compute routers add-bgp-peer to GA.
• Promoted --md5-authentication-key and --clear-md5-authentication-key flags of gcloud compute routers update-bgp-peer to GA.

Firebase Test Lab

• Delayed displaying information about the number of devices used until after all executions are created.

Identity and Access Management

• Fixed an issue that would cause the Google Cloud CLI to crash when using invalid External Account Credentials.

Kubernetes Engine

• Added a prompt when passing --enable-binauthz to gcloud container clusters update that acknowledges the current version of Binary Authorization will be downgraded.
• Promoted --enable-cost-allocation flag of gcloud container clusters create to GA.
• Promoted --enable-cost-allocation flag of gcloud container clusters update to GA.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

404.0.0 (2022-09-27)

App Engine

• Updated the Java SDK to version 2.0.8 build from the open source project https://github.com/GoogleCloudPlatform/appengine-java-standard.
• Updated gcloud app instances ssh to explicitly error when attempting to SSH to an instance without an external IP.

Assured Workloads

• Promoted gcloud assured workloads violations commands to GA. This command provides the ability to create new Assured Workloads environment resources.

Batch

• Improved error message formats for gcloud batch jobs submit unparsable json config file, gcloud batch jobs describe job and gcloud batch tasks describe task that does not exist.
• Added new batch/location property that can be used to set a default location. To set the properties, run gcloud config set batch/location LOCATION.

BigQuery

• Add support for storage_billing_model flag for datasets.
• Allow users to log in with pluggable-auth based external account credentials.
• Add support for configuring the access token lifetime for service account impersonation when using external account credentials.
• Add session support for load jobs.

Cloud Asset Inventory

• Added --saved-analysis-query option to gcloud asset analyze-iam-policy, which runs a saved analysis query when specified.
• Added gcloud asset saved-queries commands, which creates, retrieves, updates and deletes saved queries in a specified project, folder or organization.

Cloud Memorystore

• Added --maintenance-version flag to gcloud beta redis instances update to allow updating a maintenance version when updating an instance.

Cloud Storage

• Added storage/key_store_path property for encryption/decryption keys.
• Updated gsutil component to 5.14.

Compute Engine

• Promoted --region for gcloud compute ssl-policies to GA.

Eventarc

• Updated gcloud eventarc triggers list to return the locations of triggers.

Identity and Access Management

• Fixed bug that occurs when switching external account credentials.

Kubernetes Engine

• Adds new kubectl v1.25 for GKE rapid channel.
• Removes old kubectl v1.19.
• Updates default kubectl from 1.22.12 to 1.22.14.
• Additional kubectl versions:
  • kubectl.1.20 (1.20.15)
  • kubectl.1.21 (1.21.14)
  • kubectl.1.22 (1.22.14)
  • kubectl.1.23 (1.23.11)
  • kubectl.1.24 (1.24.5)
  • kubectl.1.25 (1.25.1)

Managed Active Directory

• Added support for gcloud beta active-directory domains migration for enabling existing domain migration.

Policy Troubleshooter

• Updated gcloud policy-troubleshoot iam beta and GA Command to use V2Alpha1 API.

Stackdriver Monitoring

• Added --validate-only flag to gcloud monitoring dashboards create to allow validating dashboards without saving.

Terraform

• Fixed issue where http proxy environment variables were not used in gcloud beta terraform vet.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

403.0.0 (2022-09-20)

Breaking Changes

• (Assured Workloads) Removed AU_REGIONS_AND_US_SUPPORT as compliance regime options for gcloud assured workloads create command.
• (Assured Workloads) Removed messages related to 'Versioning' as they should not be used externally.
• (Assured Workloads) Removed v1beta1 messages from v1 api and vice-versa.
• (Assured Workloads) Updated violation acknowledge api to POST Request.

Google Cloud CLI

• Fixed issue where MTLS endpoints were not used when use_client_certificate was true.
• Fixed issue where gcloud auth application-default set-quota-project would fail if serviceusage.services.use permission was revoked from the active project.
• Added bundled Python 3 as a default component on x86_64 component-based Linux installs. The bundled Python 3 interpreter will be preferred over the system Python interpreter when invoking the gcloud command-line tool.
  • The bundled Python 3 interpreter should work on supported Linux systems, but a different interpreter can be specified by setting the CLOUDSDK_PYTHON environment variable. See gcloud topic startup and https://cloud.google.com/sdk/docs/install#linux for more information.

AI

• Added gcloud beta api indexes remove-datapoints and gcloud beta api indexes upsert-datapoints to support Matching Engine steaming update.

AlloyDB

• Added support to specify automated backup policy in gcloud beta alloydb clusters create.
• Updated gcloud beta alloydb clusters create to support PITR (point in time recovery) configuration via new --disable-pitr and --pitr-log-retention-window flags.

Artifact Registry

• Fixed a bug where the plus sign ("+") was not escaped properly, making it impossible to delete artifacts with a plus sign in their version.

Batch

• Improved error message formats for gcloud batch jobs submit unparsable json config file, gcloud batch jobs describe job and gcloud batch tasks describe task that does not exist.

BigQuery

• Expose object_metadata for private preview.
• Improve error message for unparseable parameters.

Binauthz

• Updated gcloud container binauthz attestations list to also return occurrences in cases where the artifact-url does not begin with https.

Cloud DNS

• Added Location flag to Cloud DNS Managed Zones, Response Policies GA commands. This flag can be specified to target Cloud DNS Zonal Servers.

Cloud Dataproc

• Fixed issue where gcloud beta dataproc sessions list would hang when large numbers of sessions are present.

Cloud Deploy

• Added new --from-run-manifest to gcloud deploy releases create command. When used, a Skaffold file will be generated using the Cloud Run manifest.

Cloud Run

• Added --encryption-key-shutdown-hours flag to gcloud beta run deploy and gcloud beta run services update to set the number of hours to wait before an automatic shutdown server after CMEK key revocation is detected.
• Added --clear-encryption-key-shutdown-hours flag to gcloud beta run deploy and gcloud beta run services update to clear the CMEK key shutdown hours setting.

Compute Engine

• Updated gcloud compute instance-templates create to throw error if --machine-type/--labels flags are used with --source-instance.
• Promoted --compression-mode flag to gcloud compute backend-services <create | update> to GA.
• Promoted --compression-mode flag to gcloud compute backend-buckets <create | update> to GA.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

402.0.0 (2022-09-13)

Breaking Changes

• (Google Cloud CLI) The gcloud command-line tool no longer overrides the scheme specified in the https_proxy environment variable. Previously, the scheme was silently ignored and the gcloud command-line tool would always attempt to connect to the proxy via HTTP, even if the proxy server URL specified HTTPS.
  • Note that the gcloud command-line tool does not currently support connecting to proxies via HTTPS (nor did it previously).
  • If attempting to connect to an HTTP proxy results in warnings or errors, ensure that the https_proxy environment variable looks like http://... as opposed to https://....
  • See https://cloud.google.com/sdk/docs/proxy-settings#proxy_configuration for more information.
• (Batch) Deprecated positional argument TASK_GROUP of gcloud batch tasks list.
• (Batch) Use --job as the required flag instead.

Anthos Multi-Cloud

• Added --annotations flag to gcloud container aws node-pools create to set the annotations field when creating AWS node pools.
• Added --annotations flag to gcloud container aws node-pools update to update the annotations of AWS node pools.
• Added --clear-annotations flag to gcloud container aws node-pools update to clear the annotations of AWS node pools.

Batch

• Updated --config flag to support job configs from Here Doc.

Cloud Dataproc

• Fixed issue where gcloud dataproc batches list would hang when large numbers of batches are present.

Cloud Deploy

• Added gcloud deploy targets redeploy command to redeploy a release to a given target.
• Added gcloud deploy rollouts retry-job, gcloud deploy job-runs list, and gcloud deploy job-runs describe commands for Deployment Verification Public Preview.

Cloud Run

• Fixed issue where job-level labels are not propagated to its execution.
• Added last updated message to gcloud beta run jobs describe output.

Cloud Storage

• Updated gsutil component to 5.13.
• Promoted gcloud storage to GA.

Compute Engine

• Added -iam-policyand-iam-policy-bindingstogcloud compute backend-services` for GA.
• Added gcloud compute security-policies rules add-preconfig-waf-exclusion|remove-preconfig-waf-exclusion in alpha and beta.

Config Connector

• Updated Google Cloud Config Connector to version 1.93.0. See Config Connector Overview for more details https://cloud.google.com/config-connector/docs/overview.

GKE Hub

• Added new argument to the following commands:
  • gcloud container hub mesh update --management automatic.
  • gcloud container fleet mesh update --management automatic.

Identity and Access Management

• Added support for executable-sourced external account credentials.
• Added support for configuring the access token lifetime for service account impersonation when using external account credentials.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

401.0.0 (2022-09-07)

Google Cloud CLI

• Added warning message to indicate support for Python 2 will soon be deprecated.

AlloyDB

• Added --view flag to gcloud alpha alloydb instances describe to get the view of AlloyDB instance. --view=BASIC will be the same response as describe instance without this flag, and --view=FULL for read pool instance will list the details of each node in the pool.

Anthos Multi-Cloud

• Added --description flag to gcloud container aws clusters update to update the description of AWS clusters.
• Added --clear-description flag to gcloud container aws clusters update to clear the description of AWS clusters.
• Added --annotations flag to gcloud container aws clusters update to update the annotations of AWS clusters.
• Added --clear-annotations flag to gcloud container aws clusters update to clear the annotations of AWS clusters.
• Added --description flag to gcloud container azure clusters create to set the description field when creating Azure clusters.
• Added --annotations flag to gcloud container azure clusters create to set the annotations field when creating Azure clusters.
• Added --description flag to gcloud container azure clusters update to update the description of Azure clusters.
• Added --clear-description flag to gcloud container azure clusters update to clear the description of Azure clusters.
• Added --annotations flag to gcloud container azure clusters update to update the annotations of Azure clusters.
• Added --clear-annotations flag to gcloud container azure clusters update to clear the annotations of Azure clusters.

Cloud Run

• Added execution log URI to gcloud beta run jobs executions describe output.

Compute Engine

• Promoted --snapshot-type flag of gcloud compute snapshots create to GA.
• Added --json-custom-content-types for gcloud compute security-policies update, and promoted it to beta and GA.
• Promoted --guest-os-features flag of gcloud compute images import to GA.
• Promoted gcloud compute firewall-rules migrate to beta.
• Added --share-setting and --share-with flags to gcloud compute sole-tenancy node-groups create|update for GA.
• Added --share-settings flag to gcloud compute sole-tenancy node-groups list for GA.
• Added --node-project flag to gcloud compute instances create for GA.

Network Management

• Added cloudFunction argument for source in gcloud network-management connectivity-tests. This allows the user to run tests using Cloud Function endpoint types as source.

Stackdriver Logging

• Promoted the following commands to beta and GA:

  • gcloud logging copy
  • gcloud logging settings get
  • gcloud logging settings update
  • gcloud logging operations cancel
  • gcloud logging operations describe
  • gcloud logging operations list

• Promoted --bucket-name flag of gcloud logging metrics to beta and GA.

• Promoted --cmke-kms-key-name flag of gcloud logging buckets to beta and GA.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

400.0.0 (2022-08-30)

Breaking Changes

• (Anthos Multi-Cloud) Removed aws/location property of gcloud container aws. Use container_aws/location to set the default Google Cloud location for gcloud container aws.
• (Anthos Multi-Cloud) Removed azure/location property of gcloud container azure. Use container_azure/location to set the default Google Cloud location for gcloud container azure.

Anthos Multi-Cloud

• Added --description flag to gcloud container aws clusters create to set the description field when creating AWS clusters.
• Added --annotations flag to gcloud container aws clusters create to set the annotations field when creating AWS clusters.

App Engine

• Use java17 as the default runtime for generated configuration. This is a behavior change with the command gcloud app deploy when there is no app.yaml configuration for Java projects (Maven, or Gradle, or simple jar). Instead of using a java11 runtime target, the application will be deployed now on a java17 runtime with a F2 instance class. If you want to stay on a java11 runtime, just create a simple app.yaml file with runtime: java11 in it.

Artifact Registry

• Fixed issue where gcloud artifacts repositories create requires excessive permission when a kms key is supplied.

BigQuery

• Add support for specifying vertex_ai_model_id when in the BigQuery ML update model AI.
• Add support for preserving embedded Ascii Control characters in CSV External tables.
• Add support for serving_default signature when exporting BigQuery trained Tensorflow models.
• Add support for reference file schema for AVRO, PARQUET, and ORC formats.
• Add support for BigSpark routines.
• Fix bug when api flag is used within a restricted network.
• Add support metadata_cache_mode and max_staleness for Query Acceleration on BigLake tables.
• Add support for BigSpark connections.

Cloud Asset Inventory

• Added gcloud beta asset query.
• Added --read-time, --start-time, --end-time, --bigquery-dataset, --bigquery-table, and --write-disposition flags to support point-in-time/range queries and export to BigQuery.

Cloud Run

• Changed the link in gcloud beta run jobs execute output to the UI of the resulted execution instead of its logging UI.
• Added elapsed time to gcloud beta run jobs executions describe output. This is between execution creation timestamp and execution completion timestamp.

Cloud Spanner

• Added --database-role flag to gcloud spanner databases to support role-based access control in Cloud Spanner.
• Added gcloud beta spanner databases roles list to list all roles in Cloud Spanner database.

Config Connector

• Updated Google Cloud Config Connector to version 1.92.0. See Config Connector Overview for more details https://cloud.google.com/config-connector/docs/overview.

Kubernetes Engine

• Added --logging-variant flag to gcloud container clusters create, gcloud container clusters update, gcloud container node-pools create and gcloud container node-pools update that allow users to set the logging variant used in the cluster or in the node pools. Selecting logging variant is available in clusters with version 1.24.2-gke.300+. --logging_variant is used to choose the desired logging agent that is deployed on GKE nodes. Valid options are MAX_THROUGHPUT and DEFAULT. For more details about configuring the logging agent to achieve desired throughput, see http://cloud/stackdriver/docs/solutions/gke/managing-logs#throughput.

Secret Manager

• Added --update-annotations flag to gcloud secrets update and gcloud secrets beta update to enable the addition of new annotations to secret versions.
• Added --remove-annotations flag to gcloud secrets update and gcloud secrets beta update to enable the removal of annotations to secret versions.
• Added --clear-annotations flag to gcloud secrets update and gcloud secrets beta update to enable the clearing of all annotations from a secret.
• Added --set-annotations flag to gcloud secrets create and gcloud secrets beta create to enable the setting of annotations on new secrets.
• Added --out-file flag to gcloud secrets versions access and gcloud beta secrets versions access to directly get the output in file.

Terraform

• Added support for the following resources in CAI-based policies:
  • google_cloudfunctions2_function_iam_binding
  • google_cloudfunctions2_function_iam_member
  • google_cloudfunctions2_function_iam_policy
  • google_gke_hub_membership_iam_binding
  • google_gke_hub_membership_iam_member
  • google_gke_hub_membership_iam_policy
• TF -> CAI resource conversion compiled against google provider version 4.33.0.
• Fixed asset names for the following resources:
  • google_compute_backend_service_iam
  • google_compute_instance_iam
  • google_compute_region_backend_service_iam
  • google_privateca_certificate_template_iam
• Added support for organizations/unknown in CAI-based policy match parameters.
• Enabled support for non-Google Terraform resources in TF-based policies.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

399.0.0 (2022-08-23)

AlloyDB

• Added --cluster flag to gcloud beta alloydb operations list to enable listing of operations pertaining to a given cluster.
• Updated gcloud beta alloydb clusters restore to support PITR (point in time recovery) via new --source-cluster and --point-in-time flags.

App Engine

• Updated the Java SDK to version 1.9.98.1 to address bug https://issuetracker.google.com/issues/240455023.

Cloud Asset Inventory

• Added gcloud asset get-effective-iam-policy command, which retrieves batch effective IAM policies for a specified list of resources within specified accessible scope.

Cloud Dataflow

• Added GO to gcloud flex-template build command SDK Language options, allowing users to submit Go Flex Template jobs.

Cloud Functions

• Move Python 3.10 for Cloud Functions to GA.

Cloud Org Policy

• Added gcloud org-policies {custom constraint} commands that allow users to create, update, list, describe, and delete org policy custom constraints.
• gcloud org-policies set-custom-constraint
• gcloud org-policies describe-custom-constraint
• gcloud org-policies delete-custom-constraint
• gcloud org-policies list-custom-constraints.

Cloud SQL

• Set the maximum allowed value for --storage-auto-increase-limit in gcloud beta sql instances create to the max value of int. This removes the hardcoded limit of 10230.

Cloud Spanner

• Promoted gcloud spanner samples to beta and GA. Commands in this group support creating sample databases and running open source sample applications.
• Added --instance-type, --expire-behavior flags to spanner instances create and spanner instances update to add ability to create free instances in GA.
• Added instance_type column for spanner instances list and free_instance_availability column for spanner instance-configs list.

Compute Engine

• Promoted --architecture flag of gcloud compute disks create to GA.
• Promoted --update-architecture flags of gcloud compute disks update to GA.
• Promoted --clear-architecture flags of gcloud compute disks update to GA.
• Promoted --architecture flag of gcloud compute images create and gcloud compute disks update to GA.

Network Services

• Promoted gcloud network-services tls-routes to GA.

Notebooks

• Added notebooks runtimes command group which provides access to AI Platform Notebooks' runtimes.

Transfer

• Added multipart copy feature to agent setup flags.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

398.0.0 (2022-08-16)

AI

• Promoted --autoscaling-metric-specs flag of gcloud ai endpoints deploy-model to GA.
• Added --encryption-kms-key-name flag to gcloud ai endpoints create and gcloud beta ai endpoints create.

Artifact Registry

• Updated gcloud artifacts docker images describe and gcloud artifacts docker images list to return occurrences of any Grafeas kind.
• Added gcloud artifacts repositories set-cleanup-policy to set a cleanup policy on a repository.
• Added gcloud artifacts repositories list-cleanup-policy to list cleanup policies on a repository.
• Added gcloud artifacts repositories delete-cleanup-policy to delete cleanup policies on a repository.

Cloud DNS

• Added support for the ALIAS record set type to beta. ALIAS record sets can be created/modified using --type flag in gcloud beta dns record-sets command group.

Cloud Dataproc

• Fixed issue where gcloud dataproc clusters enable-personal-auth-session-session did not successfully inject credentials.

Cloud Deploy

• Added support for absolute paths for "--skaffold-file flag of gcloud deploy releases create commmand".

Cloud Memorystore

• Promoted --customer-managed-key flags of gcloud redis instances create to GA.

Cloud Run

• Promoted --cpu-boost flag to beta.

Cloud SQL

• Added --deletion-protection flag to gcloud sql instances create and gcloud sql instances patch in alpha, beta and GA to provide Cloud SQL instances with protection against accidental deletion.

Cloud Spanner

• Updated default timeout for gcloud spanner databases execute-sql to 10 minutes.

Cloud Storage

• Updated gsutil component to 5.12.

Compute Engine

• Deprecated --load-balancing-scheme, --network, --subnet, and --subnet-region arguments of gcloud compute forwarding-rules set-target.
• Promoted --resource-policies flag for glcloud compute reservations createto beta.
• Promoted --region and --global flags for gcloud compute url-maps invalidate-cdn-cache and gcloud compute url-maps list-cdn-cache-invalidations to GA.
• Added region information to gcloud compute health-checks list output.
• Deprecated --no-serve-while-stale argument of gcloud compute [backend-services|backend-buckets] [create|update].
• Promoted --architecture flag of gcloud compute instances create and gcloud compute instanceTemplates create to GA.

Eventarc

• Updated WARNING text for trigger creation from 10 minutes to 2 minutes.

Network Services

• Promoted gcloud network-services gateways to GA.
  • Promoted gcloud network-services meshes to GA.
  • Promoted gcloud network-services tcp-routes to GA.
  • Promoted gcloud network-services grpc-routes to GA.
  • Promoted gcloud network-services http-routes to GA.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

397.0.0 (2022-08-09)

Breaking Changes

• (Cloud Datastore) Deprecated gcloud datastore database create. Use gcloud alpha firestore database update --type=datastore-mode instead.
• (Cloud Firestore) The gcloud firestore database create will be required to administer your database. Please enable the API and ensure you have the required permissions. See https://cloud.google.com/firestore/docs/app-engine-requirement.
• (Cloud Firestore) gcloud firestore database create will no longer support App Engine regions (us-central, europe-west). See https://cloud.google.com/firestore/docs/locations for available regions.

AI

• Added --request-response-logging-table and --request-response-logging-rate flags to gcloud ai endpoints create|update to allow config prediction endpoint request-response logging.

Artifact Registry

• Added gcloud artifacts versions describe command.
• Added gcloud artifacts settings to describe/modify project settings.

Batch

• Modified gcloud batch jobs list to use --location as an optional flag.

Cloud DNS

• Update record-sets create and update methods for health checked routing policies.

Cloud Datastore Emulator

• Release Cloud Datastore emulator v2.2.2
  • Fixed bug which caused failures when attempting to Export.

Cloud Identity-Aware Proxy

• Promoted host based flags to GA for surfacesgcloud compute ssh,gcloud compute scp and gcloud compute start-iap-tunnel.

Cloud Run

• Added Startup Probe and Liveness Probe fields to the output of gcloud run services describe [SERVICE].

Compute Engine

• Added 'network-firewall-policyand 'network-regional-firewall-policy to TYPE column of 'compute instances network-interfaces get-effective-firewalls` output.

Config Connector

• Updated Google Cloud Config Connector to version 1.91.0. See Config Connector Overview for more details https://cloud.google.com/config-connector/docs/overview.

Terraform

• Added support for the following resources in CAI-based policies:
  • google_artifact_registry_repository_iam_binding
  • google_artifact_registry_repository_iam_member
  • google_artifact_registry_repository_iam_policy
  • google_bigquery_connection_iam_binding
  • google_bigquery_connection_iam_member
  • google_bigquery_connection_iam_policy
  • google_cloud_tasks_queue_iam_binding
  • google_cloud_tasks_queue_iam_member
  • google_cloud_tasks_queue_iam_policy
  • google_cloudiot_registry_iam_binding
  • google_cloudiot_registry_iam_member
  • google_cloudiot_registry_iam_policy
  • google_compute_backend_bucket_iam_binding
  • google_compute_backend_bucket_iam_member
  • google_compute_backend_bucket_iam_policy
  • google_compute_snapshot_iam_binding
  • google_compute_snapshot_iam_member
  • google_compute_snapshot_iam_policy
  • google_dataproc_autoscaling_policy_iam_binding
  • google_dataproc_autoscaling_policy_iam_member
  • google_dataproc_autoscaling_policy_iam_policy
  • google_dataproc_metastore_service_iam_binding
  • google_dataproc_metastore_service_iam_member
  • google_dataproc_metastore_service_iam_policy
• TF -> CAI resource conversion compiled against google provider version 4.30.0.
• Resources without a known project, folder, or organization will have their ancestry set to organizations/unknown instead of throwing a 403 error that halts validation.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

396.0.0 (2022-08-02)

AI

• Added --labels flag to gcloud ai models upload to support setting labels. Use --labels flag to set metadata to organize your models and model versions. Label keys and values can be no longer than 64 characters (Unicode codepoints), can only contain lowercase letters, numeric characters, underscores and dashes. International characters are allowed. See https://goo.gl/xmQnxf for more information and examples of labels.

Cloud Identity-Aware Proxy

• Promoted gcloud iap tcp dest-groups to GA.

Cloud Logging

• Promoted --index flag of gcloud logging buckets create to GA.
• Promoted --clear-indexes flag of gcloud logging buckets update to GA.
• Promoted --remove-indexes flag of gcloud logging buckets update to GA.
• Promoted --add-index flag of gcloud logging buckets update to GA.
• Promoted --update-index flag of gcloud logging buckets update to GA.

Compute Engine

• Promoted --maintenance-interval flag of gcloud compute commitments create to beta.

Compute OS Config

• Promoted gcloud compute os-config troubleshoot to GA.
  • Troubleshoot common issues with VM Manager.

Config Connector

• Updated Google Cloud Config Connector to version 1.90.0. See Config Connector Overview for more details https://cloud.google.com/config-connector/docs/overview.

Database Migration

• Fixed issue where creation of a migration job in a project inside a VPC-SC perimeter constantly failed.
• Fixed issue where creation of a connection profile in a project inside a VPC-SC perimeter constantly failed.

Identity Groups

• Fixed issue where gcloud identity groups create will fail when specifying --group-type=security.

Identity and Access Management

• Added --service-account-token-lifetime-seconds flag to gcloud iam <workforce-pools|workload-identity-pools> create-cred-config command to allow configuring the access token lifespan for service account impersonation.

Recommender

• Added support for gcloud recommender recommender-config describe.
• Added support for gcloud recommender recommender-config update.
• Added support for gcloud recommender insight-type-config describe.
• Added support for gcloud recommender insight-type-config update.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

395.0.0 (2022-07-26)

AI

• Modified gcloud ai models upload to support model version aliases. Use --version-aliases flag to set version aliases so that a model version can be referenced via alias (i.e. projects/{project}/locations/{location}/models/{model_id}@{version_alias} instead of auto-generated version id (i.e. projects/{project}/locations/{location}/models/{model_id}@{version_id}). The format is [a-z][a-zA-Z0-9-]{0,126}[a-z0-9] to distinguish from version_id. The aliases set in the flag will replace the aliases set in the model.

App Engine

• Updated the Java SDK to version 1.9.98. Please visit the following release notes for details: https://cloud.google.com/appengine/docs/java/release-notes.

Artifact Registry

• Added gcloud artifacts packages describe command.

Cloud Deploy

• Added new --from-k8s-manifest to releases create command. When used, a Skaffold file will be generated.

Cloud Domains

• Implemented the following commands for gcloud domains registrations in alpha and beta.
  • import
  • list-importable-domains

Cloud Functions

• Updated gcloud functions list to return 2nd gen functions in addition to 1st gen functions.
• Fixed crash in gcloud beta functions deploy --gen2 failures causing the error message "This stage does not belong to this progress tracker".
• Promoted --gen2 flag of gcloud functions add-iam-policy-binding to GA.
• Promoted --gen2 flag of gcloud functions call to GA.
• Promoted --gen2 flag of gcloud functions delete to GA.
• Promoted --gen2 flag of gcloud functions deploy to GA.
• Promoted --gen2 flag of gcloud functions describe to GA.
• Promoted --gen2 flag of gcloud functions get-iam-policy to GA.
• Promoted --gen2 flag of gcloud functions remove-iam-policy-binding to GA.
• Promoted --gen2 flag of gcloud functions set-iam-policy to GA.
• Promoted --gen2 flag of gcloud functions event-types list to GA.
• Promoted --gen2 flag of gcloud functions logs read to GA.
• Promoted --gen2 flag of gcloud functions regions list to GA.
• Promoted gcloud functions add-invoker-policy-binding to GA.
• Promoted gcloud functions remove-invoker-policy-binding to GA.

Cloud Healthcare

• Added --schema-type value analytics_v2 to gcloud healthcare fhir-stores export bq.

Cloud Identity-Aware Proxy

• Renamed flag --group-name to --dest-group forgcloud iap tcp dest-groups IAM commands.

Cloud Pub/Sub

• Fixed issue where gcloud pubsub subscriptions create and gcloud pubsub subscriptions update will crash when specifying --min-retry-delay=0 and/or --max-retry-delay=0.
• Fixed issue where gcloud pubsub subscriptions create will crash when specifying --retention_duration=0.

Cloud Run

• Added --description flag in gcloud run deploy, and description field in gcloud run services describe [SERVICE].
  • Description is an optional, human-readable string of up to 512 characters.
  • Using the flag is functionally equivalent to adding service annotation "run.googleapis.com/description".

Compute Engine

• Added --update-user-licenses and --clear-user-licenses flags of gcloud compute images update to alpha and beta.
• Made global scope the default for gcloud compute security-policies.

Config Controller

• Added --man-blocks flag to gcloud anthos config controller create to allow specifying multiple master authorized network CIDR blocks for a CC instance.
• Deprecated --man-block flag of gcloud anthos config controller create. Use --man-blocks to set master authorized network CIDR block.
• Modified gcloud anthos config controller list to print out only the instance name instead of the fully specified name.
• Added --full-name flag to gcloud anthos config controller list to allow users printing out the fully specified name in the NAME column when needed.

GKE Hub

• Promote gcloud container hub memberships generate-gateway-rbac to GA.

Kubernetes Engine

• Add cgroupMode node system config option to allow switching nodes to cgroupv1 or cgroupv2.
• Updates default kubectl from 1.22.9 to 1.22.12
• Additional kubectl versions:
  • kubectl.1.19 (1.19.16)
  • kubectl.1.20 (1.20.15)
  • kubectl.1.21 (1.21.14)
  • kubectl.1.22 (1.22.12)
  • kubectl.1.23 (1.23.9)
  • kubectl.1.24 (1.24.3)

Pubsub Emulator

• Added support for creating BigQuery subscriptions.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

394.0.0 (2022-07-19)

AI

• Modified gcloud ai models describe to support model versioning.
• Added europe-west9 option to --region flag of gcloud ai custom-jobs and gcloud ai hp-tuning-jobs.
  • Provide the model version ID or version alias to retrieve a specific version of the model.
  • If no model version ID or alias is specified, the "default" model version will be used. The "default" version alias is created for the first version of the model, and can be moved to other versions later on. There will be exactly one default version.
• Added gcloud ai models delete-version which deletes an existing Vertex AI model version.

Anthos Multi-Cloud

• Added --ssh-public-key flag to gcloud container azure node-pools update to update the SSH public key for the Azure node pool nodes.

Artifact Registry

• Fixed a bug where the plus sign ("+") was not escaped properly, making it impossible to delete artifacts with a plus sign in their name.

Bare Metal Solution

• Started using v2.projects.locations.operations instead of v1.operations for the following commands:
  • gcloud bms instances start
  • gcloud bms instances reset
  • gcloud bms instances disable-serial-console
  • gcloud bms instances enable-serial-console
  • gcloud bms instances update
  • gcloud bms networks update
  • gcloud bms nfs-shares update
  • gcloud bms volumes update
  • gcloud bms volumes restore
  • gcloud bms operations describe
  • gcloud bms operations wait
• Promoted --os-image flag of gcloud bms instances update to GA.
• Promoted --[no-]enable-hyperthreading flag of gcloud bms instances update to GA.
• Promoted --add-ip-range-reservation flag of gcloud bms networks update to GA.
• Promoted --clear-ip-range-reservations flag of gcloud bms networks update to GA.
• Promoted --remove-ip-range-reservation flag of gcloud bms networks update to GA.
• Promoted gcloud bms networks list-ip-reservations to GA.

Batch

• Promoted gcloud batch to alpha and beta which enables the CLI to use Batch APIs.

Cloud Deploy

• Changed the default bucket name upload path on release create to use the pipeline UUID.
• Added mutex flags --enable-initial-rollout and --disable-initial-rollout.

Cloud Key Management Service

• Modified gcloud kms import-jobs create to accept new SHA-2 import methods rsa-oaep-3072-sha256, rsa-oaep-3072-sha256-aes-256, rsa-oaep-4096-sha256, and rsa-oaep-4096-sha256-aes-256 in beta.

Cloud SQL

• Added support for incremental addition of user password policies.

Cloud Storage

• Updated gsutil component to 5.11.

Compute Engine

• Added --layer7-ddos-defense-auto-deploy-load-threshold, --layer7-ddos-defense-auto-deploy-confidence-threshold, --layer7-ddos-defense-auto-deploy-impacted-baseline-threshold, and --layer7-ddos-defense-auto-deploy-expiration-sec to gcloud compute security-policies update to gcloud beta compute security-policies update.
• Promoted flags --enable-strong-affinity of gcloud compute backend-services create and gcloud compute backend-services update to GA.

Google Cloud CLI

• Replaced the default login flow when a browser is not detected from --no-browser to --no-launch-browser.

Identity and Access Management

• Removed etag flag from gcloud beta iam policies update command. The command will always use the etag in the policy file.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

393.0.0 (2022-07-12)

Breaking Changes

• (AlloyDB) Updated gcloud beta alloydb instances create and gcloud beta alloydb instances update to remove the unused --zone flag.
• (Cloud Datastore Emulator) Removed support for running the Datastore emulator (gcloud beta emulators datastore start) in environment with Java versions prior to 11. Users can upgrade to Java 11 or above to continue using the latest Datastore emulator. Alternatively, users can use gcloud command-line tool with version before 392.0.0 to continue using the previous Datastore emulator with Java 8 support.
• (Cloud Firestore Emulator) Removed support for running the Firestore emulator (gcloud beta emulators firestore start) in environment with Java versions prior to 11. Users can upgrade to Java 11 or above to continue using the latest Firestore emulator. Alternatively, users can use gcloud command-line tool with version before 392.0.0 to continue using the previous Firestore emulator with Java 8 support.

AI

• Added gcloud ai models delete-version which delete an existing Vertex AI model version.
• Modified gcloud ai models upload to support model versioning. Use --parent-model flag to specify the parent model of the model version to be uploaded. When this flag is specified, a new version of the parent model will be uploaded. Use --model-id flag to specify the model ID for the uploaded model.
• Fixed an issue for gcloud ai custom-jobs create that the value of the --args and --command flags are not passed when the --worker-pool-spec flag is left unspecified.

AlloyDB

• Updated gcloud beta alloydb instances create and gcloud beta alloydb instances update to allow --cpu-count of 2.

Artifact Registry

• Fixed issue where gcloud artifacts packages delete requires the package id unescaped.

Cloud Dataproc

• Added bootDiskKmsKey key in --pools flag to gcloud dataproc clusters gke create to allow creating Dataproc on GKE cluster with CMEK protected node pool.

Cloud Datastream

• Added --bigquery-destination-config flag to gcloud datastream streams <create/update>.
• Added bigquery type to --type flag of datastream connection-profiles <create/update>.

Cloud Deploy

• Added optional flags --labels and --annotations for users to add labels or annotations to apply to gcloud deploy targets rollback command.

Cloud Firestore Emulator

• Release Cloud Firestore emulator v1.14.4
  • Fix: Condition Normalization now correctly handles cartesian products and flattening in certain edge cases.

Cloud Functions

• Promoted --docker-registry flag of gcloud functions deploy to GA.
• Move PHP 8.1 for Cloud Functions to GA.
• Added gcloud functions runtimes list which displays the supported runtimes for both 1st & 2nd generation functions.

Cloud Key Management Service

• Promoted --wrapped-key-file flag of gcloud kms keys versions import to GA.
• Deprecated --rsa-aes-wrapped-key-file flag of gcloud kms keys versions import. Use --wrapped-key-file instead.

Cloud Memorystore

• Promoted --persistence-mode, --rdb-snapshot-period and --rdb-snapshot-start-time flags of gcloud redis instances create to GA.
• Promoted --persistence-mode, --rdb-snapshot-period and --rdb-snapshot-start-time flags of gcloud redis instances update to GA.

Cloud SQL

• Added flag --password-policy-enable-password-verification to gcloud sql users create and gcloud sql users set-password-policy for MySQL password validation.
• Added flags --discard-dual-password and --retain-password to gcloud sql users set-password to allow control over MySQL's dual password.

Cloud Speech API

• Added latest_short and latest_long options for gcloud ml speech <recognize | recognize-long-running> --model flag.

Cloud TPU

• Updated tpus tpu-vm ssh to return an error when users attempt to ssh into a TPU VM during a maintenance event.

Compute Engine

• Promoted --target-distribution-shape flag of gcloud compute instances bulk create to GA.
• Promoted --key-revocation-action-type flag to GA for gcloud compute instance-templates create.
• Promoted explicit scope requirement for gcloud compute security-policies to beta.
• Promoted --network-ddos-protection flag of gcloud compute security-policies create to beta.
• Promoted gcloud compute network-edge-security-services to beta.
• Promoted --key-reservation-action-type flag to GA for gcloud compute instances create.
• Promoted keyRevocationActionType property of gcloud compute instances update-from-file to GA.

Compute Firewall Policies

• Promoted --src-region-codes and --dest-region-codes flags to beta in gcloud compute firewall-policies rules create , gcloud compute firewall-policies rules update , gcloud compute network-firewall-policies rules create and gcloud compute network-firewall-policies rules update commands.
• Promoted --src-threat-intelligence and --dest-threat-intelligence flags to beta in gcloud compute firewall-policies rules create , gcloud compute firewall-policies rules update , gcloud compute network-firewall-policies rules create and gcloud compute network-firewall-policies rules update commands.

Config Connector

• Updated Google Cloud Config Connector to version 1.89.0. See Config Connector Overview for more details https://cloud.google.com/config-connector/docs/overview.

Config Controller

• Added --man-blocks flag to gcloud anthos config controller create to allow specifying multiple master authorized network CIDR blocks for a CC instance.
• Deprecated --man-block flag of gcloud anthos config controller create. Use --man-blocks to set master authorized network CIDR block.

Kubernetes Engine

• Added --binauthz-evaluation-mode flag to gcloud container clusters create command.
• Added --binauthz-evaluation-mode flag to gcloud container clusters create-auto command.
• Added --binauthz-evaluation-mode flag to gcloud container clusters update command.
• Added --total-max-nodes and --total-min-nodes to gcloud container cluster/node-pools create/update that allow users to set total size limits for autoscaled nodepools. The limits are available in clusters with version 1.24+.
• Added --location-policy to gcloud container cluster/node-pools create/update that allow users to set location policy for autoscaled nodepools. The location policy is available in clusters with version 1.24.1-gke.800+.

Transcoder

• added support for --labels flag when creating a new job/job template.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

392.0.0 (2022-06-28)

Anthos Multi-Cloud

• Added --iam-instance-profile flag to gcloud container aws clusters update and gcloud container aws node-pools update to update the name or ARN of the IAM instance profile associated with control plane or node pool.
• Added --ssh-public-key flag to gcloud container azure clusters update to update the SSH public key for the Azure control plane.
• Added --logging flag to gcloud container aws clusters update and gcloud container azure clusters update to update the logging config.

App Engine

• Updated the Java SDK to version 1.9.97. Please visit the following release notes for details: https://cloud.google.com/appengine/docs/java/release-notes.

Certificate Authority Service

• Added --unconstrained-chain-length flag to gcloud privateca subordinates create to allow creation of a subordinate CA with unconstrained chain length.
• Added --unconstrained-chain-length flag to gcloud privateca roots create to allow creation of a root CA with unconstrained chain length.
• Added --unconstrained-chain-length flag to gcloud privateca certificates create to allow creation of a CA with unconstrained chain length.

Certificate Manager

• Promoted gcloud certificate-manager to GA.
• Allowed using project number in gcloud certificate-manager commands.

Cloud Bigtable

• Promoted gcloud bigtable instances tables undelete to beta and GA.
• Added --autoscaling-storage-target flags to gcloud bigtable clusters create for alpha, beta and GA to let users create autoscaling clusters with configurable storage target.
• Added key autoscaling-storage-target to --cluster-config flag of gcloud bigtable instances create for alpha, beta and GA to let users create autoscaling clusters with configurable storage target.
• Added --autoscaling-storage-target flag to gcloud bigtable clusters update for alpha, beta and GA to let users configure autoscaling storage target when updating clusters.

Cloud Deploy

• Added new command gcloud deploy releases abandon to prevent new rollouts on a Cloud Deploy release.
• Added suspended field to the Delivery Pipeline resource. If this field is set, activity on a pipeline is prevented. The field can be set or unset in the Delivery Pipeline definition, and then applied using gcloud deploy apply.

Cloud TPU

• Fixed an issue with connection to TPU VMs when the 'compute.disableGuestAttributesAccess' Organization Policy Constraint is enforced.

Compute Engine

• Added --list-managed-instances-results flag to gcloud beta compute instance-groups managed create and gcloud beta compute instance-groups managed update.
• Promoted --certificate-map of 'compute target-https-proxies insert|update` to GA.
• Promoted --certificate-map of 'compute target-ssl-proxies insert|update` to GA.

Dataproc Metastore

• Promoted --network-config-from-file and --consumer-subnetworks flag to gcloud beta metastore services create to specify the subnetworks from which the Dataproc Metastore service can be accessed to GA.

Eventarc

• Added gcloud eventarc google-channels command group.
• Added gcloud eventarc channels update command to configure crypto keys on a channel.
• Added --crypto-key flag to gcloud eventarc channels create to configure crypto keys on a new channel.

Google Cloud CLI

• Updated login flow initiated by gcloud auth login --no-launch-browser and gcloud auth application-default login --no-launch-browser to address a security issue.

Kubernetes Engine

• Promoted --enable-cost-allocation flag of gcloud container clusters create to beta.
• Promoted --enable-cost-allocation flag of gcloud container clusters update to beta.
• Renamed --enable-cost-management flag of gcloud container clusters create to --enable-cost-allocation.
• Renamed --enable-cost-management flag of gcloud container clusters update to --enable-cost-allocation.
• Added --stack-type and --ipv6-access-type arguments to gcloud container clusters create command to support dual stack GKE clusters.

Terraform

• Added support for the following resources in CAI-based policies:
  • google_access_context_manager_access_policy
• TF -> CAI resource conversion compiled against google provider version 4.24.0.
• Fixed the ancestry used for resources that do not exist within a project. Users may need folders.get access to folders that have resources included in the plan.
• Simplified converter error messages and added resource address.
• Added support for ancestries/excludedAncestries match parameters for CAI-based constraints.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

391.0.0 (2022-06-22)

Breaking Changes

• (Anthos Multi-Cloud) Removed --instance-type flag of gcloud container aws node-pools update to disable updating the EC2 instance type of node pool nodes.

Assured Workloads

• Added ITAR as compliance regime options for gcloud assured workloads create command.

Cloud Dataflow

• Added a --force flag to gcloud dataflow jobs cancel which forcibly cancels (leaking VMs) Dataflow jobs that are stuck on normal cancellation.

Cloud Filestore

• Enable Filestore High-Scale tier for GA.

Cloud Identity-Aware Proxy

• Promoted flags for host based connetion for command gcloud compute start-iap-tunnel to beta.
• Promoted gcloud iap oauth-brands surface to GA.
• Promoted gcloud iap oauth-clients surface to GA.

Cloud SQL

• Promoted SQL Server Audit to GA.

Compute Engine

• Updated gcloud compute networks subnets list-usable list format to include PSC and IPv6 fields.

Dataproc Metastore

• Added support for managing Dataproc Metastore Federation. The following commands have been added to the alpha, beta and GA release tracks:

  • metastore federations create
  • metastore federations delete
  • metastore federations describe
  • metastore federations get
  • metastore federations list
  • metastore federations update

• Added support for managing IAM policy for Dataproc Metastore Federation. The following commands have been added to the GA release track:

  • metastore federations get-iam-policy
  • metastore federations set-iam-policy
  • metastore federations add-iam-policy-binding
  • metastore federations remove-iam-policy-binding

Identity and Access Management

• Added --executable-command flag to gcloud iam workload-identity-pools create-cred-config command to allow executable sourced credentials.

Managed Active Directory

• Adding support for gcloud beta active-directory domains extend-schema for initiating schema extension on domain.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

390.0.0 (2022-06-14)

Access Approval

• Added gcloud access-approval requests invalidate to invalidate an existing approval.

BigQuery

• Add support for partitioning_type with --time_partitioning_type flag in Scheduled Queries when a schedule is specified by --schedule in bq query.
• Added support for showing table clone info in bq show.
• Added support for both Workload and Workforce identity federation.
• Added --max_time_travel_hours flag to bq mk.
• Added --autodetect_schema flag to bq update.
• Added flag --preserve_ascii_control_characters to bq load to allow ASCII Control chars.
• Updated the comment on --restore flag in bq cp to reflect that it's deprecated.
• Added support for dataset tags.
• Minor bug fixes and dependency updates.
• Add --federated_app_client_id and --federated_azure flags to mk command.
• Add --federated_app_client_id flag to update command.
• Add support for LOAD DATA query.

Cloud Dataproc

• Added --metric-sources, --metric-overrides and --metric-overrides-file flags to gcloud beta dataproc clusters create to allow clusters to be created with a metric sources specified, override specific set of metrics using a list or a file as an input.
• Added --metric-sources, --metric-overrides and --metric-overrides-file flag to gcloud beta dataproc workflow-templates set-managed-cluster to allow managed clusters created with a metric sources specified, override specific set of metrics using a list or a file as an input.
• Modified gcloud dataproc clusters export to remove un-importable fields on Dataproc on GKE clusters.

Cloud Firestore

• Added gcloud beta firestore fields ttls command group.

Cloud Pub/Sub

• Fixed issue where gcloud --format=json beta pubsub subscriptions pull --auto-ack and gcloud --format=json alpha pubsub subscriptions pull --auto-ack output was backwards incompatible. This issue can be tracked at https://issuetracker.google.com/issues/222551623.

Cloud Run

• Added --description flag in gcloud beta run deploy, and description field in gcloud beta run services describe [SERVICE].
  • Description is an optional, human-readable string of up to 512 characters.
  • Using the flag is functionally equivalent to adding service annotation "run.googleapis.com/description".

Compute Engine

• Promoted network-firewall-policies command group to GA.
• Promoted gcloud compute instances create --visible_core_count to beta.

Config Connector

• Updated Google Cloud Config Connector to version 1.88.0. See Config Connector Overview for more details https://cloud.google.com/config-connector/docs/overview.

Kubernetes Engine

• Added --enable-confidential-nodes to gcloud container cluster create to enable cluster creation with nodes on Confidential VM. Added --enable-confidential-nodes flag to gcloud container node-pools create/update to allow creating node-pools with confidential nodes, and updating existing node pools to confidential nodes.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

389.0.0 (2022-06-07)

Anthos Multi-Cloud

• Added --instance-type flag to gcloud container aws node-pools update to update the EC2 instance type of node pool nodes.

Artifact Registry

• Added new command gcloud artifacts files list to list files in a specific repository.

Cloud Composer

• Added --enable-master-authorized-networks and --master-authorized-networks flags to gcloud composer environments create command.
• Added --enable-master-authorized-networks and --disable-master-authorized-networks and --master-authorized-networks to gcloud composer environments update command.
• Added --enable-ip-masq-agent flag to gcloud composer environments create command to enable IP address masquerading in the GKE cluster.

Cloud DNS

• Add setIamPolicy and getIamPolicy commands in beta.

Cloud Filestore

• Add support for Filestore's multi-share instances to gcloud beta filestore instances list. CAPACITY_GB will show the instance's capacity for multi-share instances instead of an empty string. FILE_SHARE_NAME will show "N/A" for multi-share instances instead of an empty string.

Cloud Identity-Aware Proxy

• Promoted gcloud iap tcp dest-groups command group to beta.

Cloud Run

• Promoted --session-affinity of gcloud run to beta.

Cloud SQL

• Add command gcloud sql generate-login-token to generate down-scoped OAuth2 access tokens for IAM database authentication.

Compute Engine

• Modified --ssl-certificates flag to be optional in gcloud compute target-https-proxies create.
• Updated the documentation for --mtu flag of compute networks create|update.
• Updated the validation for --enable-logging and --logging-sample-rate flags of beta compute backend-services create|update.
• Updated the documentation for --logging-sample-rate flag of compute backend-services create|update.

Config Connector

• Updated Google Cloud Config Connector to version 1.87.0. See Config Connector Overview for more details https://cloud.google.com/config-connector/docs/overview.

Database Migration

• Renamed --sync flag to --no-async flag to gcloud database-migrate migration-jobs create command to wait for the migration job creation operation to be completed before proceeding.
• Added --no-async flag to gcloud database-migrate migration-jobs update command to wait for the migration job updation operation to be completed before proceeding.
• Updated gcloud database-migration connection-profiles create cloudsql to support the flag root-password.
• Added --no-async flag to gcloud database-migrate migration-jobs create command to wait for the connection profile creation operation to be completed before proceeding.

Kpt

• Updated kpt from v1.0.0-beta.13 to v1.0.0-beta.15. See https://github.com/GoogleContainerTools/kpt/releases/tag/v1.0.0-beta.15 for more details.
• The kpt fn commands now includes Kptfile and functionConfig in the function input by default. Previously this behavior was controlled using --enable-meta-resources command-line flag. --enable-meta-resources flag is also deprecated. If this disrupts any of your config workflow, you can use exclude functionality to exclude resources from function inputs. This functionality was added in this release to minimize the disruption.
• The kpt website is overhauled to reflect the new scope of kpt project. New components package orchestrator, Configuration as Data UI and Config Sync are added to the project.
• Added package orchestrator (a.k.a. porch) CLI interface under alpha subgroup (kpt alpha rpkg, kpt alpha repo, kpt alpha sync).
• Added command-line flag --save to kpt fn eval to save evaluated function to package's Kptfile.
• Added capability to select resources using labelSelector and annotationSelector in kpt fn eval and kpt fn render.
• Added capability to exclude resources in kpt fn eval and kpt fn render.
• Added support for variant constructor pattern in kpt pkg init and kpt pkg get.
• Added capability to execute functions in a kubernetes cluster using porch.

Kubernetes Engine

• Added podPidLimits kubelet config option which controls per pod pid limits to gcloud container clusters create, gcloud container node-pools create, and gcloud container node-pools update.
• Updates default kubectl from 1.21 to 1.22.
• Additional kubectl versions:
  • kubectl.1.19 (1.19.16)
  • kubectl.1.20 (1.20.15)
  • kubectl.1.21 (1.21.13)
  • kubectl.1.22 (1.22.9)
  • kubectl.1.23 (1.23.6)
  • kubectl.1.24 (1.24.0)

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

388.0.0 (2022-06-01)

Google Cloud CLI

• Added Cloud SQL OAuth scope to Application Default Credential.

AI

• Fixed issue where unspecified --network and --service-account flags of gcloud ai hp-tuning-jobs create mistakenly overrode the corresponding values set via --config flag.

Apigee

• Promoted gcloud apigee operations to beta.

Bare Metal Solution

• Updated gcloud bms instances list to also return the IP addresses of instances that do not use the default network template.

Cloud Bigtable

• Removed NAME column output from bigtable hot-tablets list.

Cloud Datastore Emulator

• Release Cloud Datastore Emulator version 2.2.1
  • Fixes --firestore_in_datastore_mode flag parsing.

Cloud Deploy

• Fixed issue where gcloud deploy targets rollback redeployed to the current release instead of rolling back to the previous release. This occurred in cases where the name of the release to rollback to was not provided.

Cloud Functions

• Added --gen2 support for --set-secrets, --update-secrets, --remove-secrets and --clear-secrets flags of gcloud functions deploy to beta, alpha.

Cloud On Demand Scanning

• Fixed issue where scanning for Maven vulnerabilities would occasionally fail.

Compute Engine

• Promoted network-firewall-policies command group to GA.

Config Connector

• Updated Google Cloud Config Connector to version 1.86.0. See Config Connector Overview for more details https://cloud.google.com/config-connector/docs/overview.

Database Migration

• Added --sync- flag to gcloud database-migrate migration-jobs create command to wait for the migration job creation operation to be completed before proceeding.

Kubernetes Engine

• Added podPidLimits kubelet config option which controls per pod pid limits to gcloud container clusters create, gcloud container node-pools create, and gcloud container node-pools update.
• Updated the following GA commands to support IAM Conditions:
  • gcloud beta attestors get-iam-policy outputs conditions associated with each binding.
  • gcloud beta attestors set-iam-policy accepts policies with conditional bindings.
  • gcloud beta attestors <add|remove>-iam-policy-binding accepts conditional bindings via new --condition and --condition-from-file flags.
  • gcloud beta policy get-iam-policy outputs conditions associated with each binding.
  • gcloud beta policy set-iam-policy accepts policies with conditional bindings.
  • gcloud beta policy <add|remove>-iam-policy-binding accepts conditional bindings via new --condition and --condition-from-file flags.

Terraform

• Added support for the following resources in CAI-based policies:
  • google_access_context_manager_access_policy_iam_binding
  • google_access_context_manager_access_policy_iam_member
  • google_access_context_manager_access_policy_iam_policy
  • google_endpoints_service_consumers_iam_binding
  • google_endpoints_service_consumers_iam_member
  • google_endpoints_service_consumers_iam_policy
  • google_privateca_certificate_template_iam_binding
  • google_privateca_certificate_template_iam_member
  • google_privateca_certificate_template_iam_policy
• TF -> CAI resource conversion compiled against google provider version 4.20.0.
• Added output of logs based on configuration of log level.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

387.0.0 (2022-05-24)

Anthos Multi-Cloud

• Fixed issue where gcloud container aws clusters get-credentials --private-endpoint and gcloud container azure clusters get-credentials --private-endpoint commands do not work for clusters in a project different from the default project.

Cloud Composer

• Added --enable-privately-used-public-ips flag to gcloud composer environments create command to enable using privately used public IP address ranges feature in the GKE cluster.

Cloud Dataproc

• Added --properties-file flag to gcloud beta dataproc jobs submit.

Cloud Deploy

• Fixed gcloud deploy releases <create|promote> and gcloud deploy targets rollback to support --format flag.

Cloud Functions

• - Added --trigger-event-filters-path-pattern flag to gcloud beta functions deploy.

Cloud Pub/Sub

• Added --bigquery-table, --write-metadata, --use-topic-schema, and --drop-unknown-fields flags to gcloud pubsub subscriptions create to set BigQuery configuration options in Cloud Pub/Sub subscriptions.
• Added --bigquery-table, --write-metadata, --use-topic-schema, --drop-unknown-fields, and --clear-bigquery-config flags to gcloud pubsub subscriptions update to update BigQuery configuration options in Cloud Pub/Sub subscriptions.

Compute Engine

• Added 22.04 to allowed list of values for --version of gcloud beta compute instances ops-agents policies [create|update].
• Promoted delete command of gcloud compute instance-groups managed all-instances-config to beta.
• Promoted update command of gcloud compute instance-groups managed all-instances-config to beta.
• Promoted --region for gcloud compute ssl-policies to beta.
• Promoted --region flag for gcloud compute target-tcp-proxies to beta.
• Added --target-distribution-shape flag to gcloud compute instances bulk create to specify shape of distribution in regional bulk insert for alpha and beta.

Config Connector

• Updated Google Cloud Config Connector to version 1.85.0. See Config Connector Overview for more details https://cloud.google.com/config-connector/docs/overview.

Eventarc

• Added gcloud eventarc audit-logs-provider command group.

Stackdriver Monitoring

• Promoted gcloud monitoring metrics-scopes command group to beta.

Terraform

• Added support for the following resources in CAI-based policies:
  • google_access_context_manager_access_policy_iam_binding
  • google_access_context_manager_access_policy_iam_member
  • google_access_context_manager_access_policy_iam_policy
  • google_endpoints_service_consumers_iam_binding
  • google_endpoints_service_consumers_iam_member
  • google_endpoints_service_consumers_iam_policy
  • google_privateca_certificate_template_iam_binding
  • google_privateca_certificate_template_iam_member
  • google_privateca_certificate_template_iam_policy
• TF -> CAI resource conversion compiled against google provider version 4.20.0.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

386.0.0 (2022-05-17)

Google Cloud CLI

• Added Cloud SQL OAuth scope to gcloud auth login.

Anthos Identity Service

• Promoted gcloud container hub identity-service to GA.
• Promoted gcloud container fleet identity-service to GA.

App Engine

• Promoted --service-account flag of gcloud app deploy to GA.

App Engine Flexible Environment

• Promoted --service-account flag of gcloud app deploy to GA.

Cloud Build

• Add --include-logs-with-status flag to gcloud triggers create.

Cloud Composer

• Improve error message in case of lacking permissions in gcloud composer environments storage * delete commands.

Cloud IAM

• Added gcloud iam workload-identity-pools create-saml and gcloud iam workload-identity-pools update-saml commands to manage SAML workload identity pool providers.

Cloud Memorystore

• Promoted support for maintenance windows in gcloud memcache to GA.
• Promoted the command gcloud memcache reschedule-maintenance to GA.

Cloud Run

• Modified gcloud run services describe to include session affinity configuration.

Cloud SQL

• Changed the prompt generated by --prompt-for-password for gcloud sql users set-password from Instance Password: to New Password:, since set-password command changes a database user's password, not the instance's password.
• Setting max-login-attempts will also set enable-password-verification to true.

Compute Engine

• Promoted --service-bindings flag of gcloud compute backend-services create|update commands to GA.
• Promoted gcloud compute backend-services add-service-bindings and gcloud compute backend-services remove-service-bindings commands to GA.
• Promoted --provisioning-model and --instance-termination-action flags of gcloud compute instances set-scheduling to GA.
• Promoted sole tenancy flags of gcloud compute instances update to GA.
• Added --network-performance-configs flag to gcloud compute instances bulk create.
• Promoted --disable-automate-dns-zone flag of gcloud compute forwarding-rules create to GA.
• Promoted --stack-type flag to GA for gcloud compute networks peeerings <create|update>.
• Added windows-2022 & windows-2022-byol options to --os flag for:
  • gcloud compute images import in GA,
  • gcloud compute instances import in GA
  • gcloud compute machine-images import in GA

Config Connector

• Updated Google Cloud Config Connector to version 1.84.0. See Config Connector Overview for more details https://cloud.google.com/config-connector/docs/overview.

Database Migration

• Updated gcloud database-migration migration-jobs create command to create a migration job without any connectivity method (if connectivity isn't specified).
• Added gcloud database-migration migration-jobs create --static-ip command to create a migration job with static IP connectivity. This was the default behavior.
• Added gcloud database-migration migration-jobs update --static-ip command to update a migration job with static IP connectivity.

Distributed Cloud Edge

• Added --clear-maintenance-window flag to gcloud edge-cloud container clusters update which removes the maintenance window setting of a cluster.
• Updated gcloud edge-cloud container clusters node-pools list to make specifying a parent cluster optional. When --cluster is not specified, all node pools are listed.

Managed Active Directory

• Promoted gcloud active-directory domains backups and gcloud active-directory domains restore to GA.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

385.0.0 (2022-05-10)

Google Cloud CLI

• Updated bundled Python executable for Windows to Python 3.9.12.

AI

• Added --anomaly-cloud-logging flag to gcloud ai model-monitoring-jobs create|update to allow logging anomaly to Cloud Logging.

Anthos Multi-Cloud

• Added --ssh-ec2-key-pair flag to gcloud container aws clusters update and gcloud container aws node-pools update to update the name of the EC2 key pair to login into control plane or node pool nodes.
• Added --clear-ssh-ec2-key-pair flag to gcloud container aws clusters update and gcloud container aws node-pools update to clear the EC2 key pair to login into control plane or node pool nodes.

Cloud Run

• Fixed issue where some commands were missing from gcloud beta run jobs.

Cloud SQL

• Added --enable-password-policy flag to gcloud sql instances create and gcloud sql instances patch for GA.

Compute Engine

• Promoted --key-revocation-action-type flag to beta for gcloud compute instance-templates create.
• Promoted keyRevocationActionType flag of gcloud compute instances update-from-file to beta.
• Added FIXED_STANDARD to allowed list of values for --default-network-tier flag.

Config Controller

• Updated output of gcloud anthos config controller create to not include the default Config Connector identity upon creation.

Eventarc

• Added gcloud eventarc channels group to interact with third-party sources.
• Added gcloud eventarc channel-connections for event providers to create association with the user channel.
• Added --channel argument to gcloud eventarc triggers create to specify associated channel.

Network Services

• Promoted gcloud network-services service-bindings to GA.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

384.0.1 (2022-05-05)

Cloud Storage

• Updated gsutil component to 5.10. Google Cloud CLI version 384.0.0 included an older gsutil component (version 5.6) in deb, rpm, and snap packages. Version 384.0.1 includes gsutil component version 5.10 in the deb, rpm, and snap packages.

384.0.0 (2022-05-03)

Cloud Datastore Emulator

• Adds --use-firestore-in-datastore-mode flag to gcloud [alpha|beta] emulators datastore start command.

Cloud Resource Manager

• Promoted --condition flag to GA for the following commands:
  • gcloud resources-manager tags keys <add_iam_policy_binding|create|delete|describe|get_iam_policy|list|remove_iam_policy_binding|set_iam_policy|update>
  • gcloud resources-manager tags values <add_iam_policy_binding|create|delete|describe|get_iam_policy|list|remove_iam_policy_binding|set_iam_policy|update>
  • gcloud resources-manager tags bindings <create|delete|list>
  • gcloud resources-manager tags holds <create|delete|list>

Cloud Run

• Promoted gcloud beta run jobs command group and all sub-commands to beta.

Cloud Storage

• Updated gsutil component to 5.10.

Compute Engine

• Started showing error messages on use of gcloud compute ssl-certificates create with --domains and --region flags together. Previously --region flag was being ignored.
• Promoted --md5-authentication-key flag of gcloud compute routers add-bgp-peer to beta.
• Promoted --md5-authentication-key and --clear-md5-authentication-key flags of gcloud compute routers update-bgp-peer to beta.
• Updated import and export schemas for gcloud compute backend-services.
• Promoted --key-reservation-action-type flag to beta for gcloud compute instances create.

Config Connector

• Updated Google Cloud Config Connector to version 1.83.0. See Config Connector Overview for more details https://cloud.google.com/config-connector/docs/overview.

GKE Hub

• Fix a bug that RBAC policy produced by generate-gateway-rbac command could be removed unexpectedly.
• Promoted the following commands to GA:
  • gcloud container hub mesh update.
  • gcloud container fleet mesh update.

Kubernetes Engine

• Promoted fields gpu-sharing-strategy and max-shared-clients-per-gpu within --accelerator flag to enable GPU sharing support.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

383.0.1 (2022-04-26)

Google Cloud CLI

• Added back --[no-]launch-browser in gcloud auth login and gcloud auth application-default login. --no-browser is the preferred and more secure auth flow in comparison.
• Added back --console-only and --no-launch-browser in gcloud init. Use --no-browser as the replacement.

383.0.0 (2022-04-26)

Breaking Changes

• (Google Cloud CLI) Removed --[no-]launch-browser in gcloud auth login and gcloud auth application-default login. Use --no-browser as the replacement.
• (Google Cloud CLI) Removed --console-only and --no-launch-browser in gcloud init. Use --no-browser as the replacement.
• (Compute Engine) Removed --local-ssd=size=SIZE from gcloud beta compute instances create-with-container due to the parameter being nonfunctional.

AI

• Modified --region flag of gcloud ai endpoints to include new online prediction regions.
• Modified --region flag of gcloud ai models to include new online prediction regions.

Access Approval

• Added gcloud access-approval service-account get which retrieves the service account that is used by Access Approval to access KMS keys for signing approved approval requests.

App Engine

• Enables build environment variables to be set in app.yaml.

Artifact Registry

• Added new command gcloud artifacts files list to list files from a specified project and repository.

Cloud DNS

• Modified gcloud dns managed-zones update to allow detaching all networks from a private zone by setting --networks to an empty string.
• Modified gcloud beta dns managed-zones update to allow detaching all GKE clusters from a private zone by setting --gkeclusters to an empty string.
• Modified gcloud beta dns managed-zones update to allow updating the GKE clusters or networks bound to a private zone independently by setting only --gkeclusters or --networks.

Cloud Datastore Emulator

• Release Cloud Datastore Emulator version 2.2.0
  • Adds a flag to support Cloud Firestore in Datastore mode product mode in the emulator.

Cloud Firestore Emulator

• Released Cloud Firestore emulator v1.14.3.
  • Fixed exports throwing BufferOverflowException.

Cloud IAM

• Service Accounts SignJwt promoted to GA command.

Compute Engine

• Changed the default value of --image-family flag to debian-11 for gcloud compute instances create and gcloud compute instance-templates create commands.

Config Connector

• Updated Google Cloud Config Connector to version 1.82.0. See Config Connector Overview for more details https://cloud.google.com/config-connector/docs/overview.

Config Controller

• Let gcloud anthos config controller create print the default Config Connector identity, to allow easier subsequent permission grant.
• Added gcloud anthos config controller get-config-connector-identity which prints the default Config Connector identity, to allow easier subsequent permission grant.

Identity and Access Management

• Added --enable-imdsv2 flag to gcloud iam workload-identity-pools create-cred-config command to include AWS token Url to the credential source while generating AWS credentials config file.

Kubernetes Engine

• Added --node-labels, --node-taints and --tags flags to gcloud container node-pools update.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

382.0.0 (2022-04-19)

Access Approval

• Added --active_key_version flag to gcloud access-approval settings update to set the crypto key version to use for signing approval requests.

Anthos Multi-Cloud

• Added --proxy-secret-arn flag to gcloud container aws node-pools update to update the Amazon Resource Name (ARN) of the AWS Secrets Manager secret containing a proxy configuration.
• Added --proxy-secret-version-id flag to gcloud container aws node-pools update to update the version ID of the AWS Secrets Manager secret containing a proxy configuration.
• Added --clear-proxy-config flag to gcloud container aws node-pools update to clear the proxy configuration associated with the node pool.

Apigee

• Fixed issue where gcloud beta apigee archives list would only list the first 25 archive deployments, even if more existed in the environment.

Binauthz

• Updated the following beta commands to better support IAM Conditions:
  • gcloud beta attestors get-iam-policy outputs conditions associated with each binding.
  • gcloud beta attestors set-iam-policy accepts policies with conditional bindings.
  • gcloud beta attestors <add|remove>-iam-policy-binding accepts conditional bindings via new --condition and --condition-from-file flags.
  • gcloud beta policy get-iam-policy outputs conditions associated with each binding.
  • gcloud beta policy set-iam-policy accepts policies with conditional bindings.
  • gcloud beta policy <add|remove>-iam-policy-binding accepts conditional bindings via new --condition and --condition-from-file flags.

Cloud Composer

• Enabled nested Airflow commands for Airflow 1.10.14 and 1.10.15 in gcloud composer environments run.

Cloud Logging

• Added --location, --bucket, and --view flags t