Google Cloud CLI - Release Notes

Copyright 2014-2024 Google Inc. All rights reserved.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

502.0.0 (2024-11-19)

AI

  • Added machine-type to gcloud ai index-endpoints mutate-deployed-index.
  • Added --psc-automation-configs flag to gcloud ai index-endpoints deploy-index to support Private Service Connect automation.

AlloyDB

  • Added export command to support exporting data from an AlloyDB cluster to Google Cloud Storage in alpha and beta tracks.

Cloud Backup DR

  • Promoted gcloud backup-dr backup-vaults, gcloud backup-dr backup-plans, gcloud backup-dr backup-plan-associations, gcloud backup-dr backups and gcloud backup-dr data-sources command groups to GA.

Cloud Identity-Aware Proxy

  • Promoted gcloud iap web enable/disable to beta and GA. Added --region flag support to --resource-type=backend-services.

Cloud SQL

  • Added --failover-dr-replica-name and --clear-failover-dr-replica-name flags to gcloud sql instances patch command. These flags can be used to set and unset a disaster recovery replica for a Cloud SQL primary instance.
  • Add --[no-]enable-private-service-connect flag to gcloud beta sql instances patch command to support enabling and disabling Private Service Connect for Cloud SQL instances.

Compute Engine

  • Added --require-specific-reservation flag to gcloud beta compute reservations create and gcloud beta compute reservations update.
  • Added --reservation-name flag to gcloud beta compute reservations create and gcloud beta compute reservations update.
  • Added --deployment-type flag to gcloud beta compute reservations create and gcloud beta compute reservations update.
  • Added --scheduling-type flag to gcloud beta compute reservations create and gcloud beta compute reservations update.
  • Support --provisioning-model=reservation-bound in beta for gcloud compute instances create, gcloud compute instances bulk create, and gcloud compute instance-templates create commands.
  • Added gcloud compute disks convert command.

Eventarc

  • Added --labels to gcloud eventarc triggers create and gcloud eventarc triggers update to support labelling Eventarc triggers.
  • Added --labels to gcloud beta eventarc message-buses create and gcloud beta eventarc message-buses update to support labelling Eventarc message buses.
  • Added --labels to gcloud beta eventarc google-api-sources create and gcloud beta eventarc google-api-sources update to support labelling Eventarc Google API sources.

GKE Hub

  • Added support for stopping and resuming syncing configs to gcloud beta container fleet config-management apply through a new Boolean field configSync.stopSyncing in the config file specified in flag --config.

Identity and Access Management

  • Added gcloud iam oauth-clients commands for OAuth application integration to Workforce Identity Federation management.

Network Connectivity

  • Added --group flag for hybrid spokes.

Network Management

  • Added --destination-fqdn flag to gcloud network-management connectivity-tests to allow executing Connectivity tests to DNS endpoint of Google Kubernetes Engine cluster control plane.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

501.0.0 (2024-11-12)

Anthos On-Prem

  • Added --version flag to gcloud container vmware admin-clusters update to support admin cluster version upgrade.

Artifact Registry

  • Added an argument group of two flags allow-vulnerability-scanning and disable-vulnerability-scanning to gcloud artifacts repositories create, to set the vulnerability scanning config for the repository.
  • Added an argument group of two flags allow-vulnerability-scanning and disable-vulnerability-scanning to gcloud artifacts repositories update, to set the vulnerability scanning config for the repository.

Cloud Access Context Manager

  • Updated gcloud access-context-manager cloud-bindings create to create bindings with global session settings. Use --session-length and --session-reauth-method to specify these settings.
  • Updated gcloud access-context-manager cloud-bindings create --binding-file to support creating scoped access settings that include session settings.
  • Updated gcloud access-context-manager cloud-bindings update to update bindings with global session settings. Use --session-length and --session-reauth-method to specify these settings.
  • Updated gcloud access-context-manager cloud-bindings update --binding-file to support updating scoped access settings that include session settings.
  • Updated gcloud access-context-manager cloud-bindings list to display session settings on listed bindings.
  • Updated gcloud access-context-manager cloud-bindings describe to display session settings on returned bindings.

Cloud Managed Kafka

  • Promoted gcloud managed-kafka to GA.

Cloud NetApp

  • Unhiding hybrid replication commands and fields for OnPrem migration GA.

Cloud Run

  • Promoted volume type in-memory to GA in gcloud run deploy, gcloud run jobs deploy, gcloud run jobs update gcloud run jobs create, and gcloud run services update.
  • Added --startup-probe and --liveness-probe flags to gcloud beta run deploy and gcloud beta run services update to allow configuring health check probes for a Cloud Run Service.

Cloud SQL

  • Promoted gcloud sql instances switchover to the GA track for PostgreSQL.

Cloud Spanner

  • Added --default-backup-schedule-type flag to gcloud spanner instances create and gcloud spanner instances update commands to allow specifying the default backup schedule type while creating or updating instances.

Colab

  • Promote gcloud beta colab to GA.

Colab Enterprise

  • Deleted the deprecated gcloud beta colab_enterprise surface.

Compute Engine

  • Changed the default value of --image-family flag to debian-12 for gcloud compute instances create, gcloud compute instances bulk create, and gcloud compute instance-templates create commands.
  • Promoted --instance-selection and other corresponding flags of gcloud compute instance-groups managed <create | update> to GA.

Compute Firewall Policy Rules

  • Promote gcloud compute firewall-policies export-rules to beta.
  • Promote gcloud compute firewall-policies import-rules to beta.
  • Promote gcloud compute network-firewall-policies export-rules to beta.
  • Promote gcloud compute network-firewall-policies import-rules to beta.

Compute OS Config

  • Added --include-locations flag to gcloud compute os-config policy-orchestrators create.
  • Added --include-locations and --clear-locations flags to gcloud compute os-config policy-orchestrators update.

Kubernetes Engine

  • Added --autoprovisioning-cgroup-mode flag to migrate cgroup mode in auto-provisioned node pools.
  • Added flag option --hpa-profile=performance|none to gcloud container clusters create, gcloud container clusters create-auto and gcloud container clusters update commands. This flag allows specifying a Horizontal Pod Autoscaling profile for a cluster.
  • Updated default kubectl from 1.30.5 to 1.30.6
  • Additional kubectl versions:
    • kubectl.1.27 (1.27.16)
    • kubectl.1.28 (1.28.15)
    • kubectl.1.29 (1.29.10)
    • kubectl.1.30 (1.30.6)
    • kubectl.1.30 (1.31.2)

Network Connectivity

  • Added gcloud network-connectivity hubs query-status command to allow querying the status of a hub's Private Service Connect propagation.
  • Added --include-export-ranges flag to VPC spoke and producer VPC spoke update CLI to enable/disable exporting IPv6 subnets.

Network Security

  • Bug fix to change DEFAULT option for flag --action to DEFAULT_ACTION for Threat Prevention add-override and update-override commands.

Transfer

  • Fix a bug related to --id-prefix flag in transfer agents install command.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

500.0.0 (2024-11-05)

Breaking Changes

  • (Notebook Executor) Removed gcloud beta notebook-executor command group. Use gcloud beta colab to manage Colab Enterprise executions and schedules instead.

Google Cloud CLI

  • Updated gcloud CLI to support Python v3.13.

Audit Manager

  • Promoted the following commands to GA:
    • gcloud audit-manager audit-reports generate
    • gcloud audit-manager audit-scopes generate
    • gcloud audit-manager enrollments add
    • gcloud audit-manager operations describe

Cloud Backup DR

  • Marked --network flag of gcloud backup-dr management-servers create as optional.

Cloud Run

  • Added mount-options key when using --add-volume with type=cloud-storage in gcloud beta run deploy, gcloud beta run services update, gcloud beta run jobs deploy, gcloud beta run jobs update, or gcloud beta run jobs create to allow passing configuration flags to gcsfuse.

Colab

  • Added gcloud beta colab executions command group to replace gcloud beta notebook-executor executions.
  • Added gcloud beta colab schedules command group to replace gcloud beta notebook-executor schedules.
  • Add support for colab/region property in gcloud beta colab executions and gcloud beta colab schedules.

Compute Engine

  • Promoted gcloud compute instances list output format with IPv6 addresses to GA.

Compute OS Config

  • Promoted gcloud os-config policy-orchestrators to beta.

Kubernetes Engine

  • Added flag option --tier to gcloud container clusters create, gcloud container clusters create-auto and gcloud container clusters update commands. This flag enables clusters to be upgraded to GKE Enterprise.
  • Update validation for flag --database-encryption-key.

Network Connectivity

  • Updated gcloud network-connectivity internal-ranges update to allow editability of description.

Security Command Center

  • Made filter a required flag for gcloud scc bulk-mute command.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

499.0.0 (2024-10-29)

Breaking Changes

  • (Colab) Deprecated gcloud beta colab runtimes assign command. Use gcloud beta colab runtimes create instead.

Access Approval

  • Added --preferred-request-expiration-days flag to gcloud access-approval settings update to set the default expiration time for approval requests.
  • Added --prefer-no-broad-approval-requests flag to gcloud access-approval settings update to communicate the preference to Google personnel to request access with as targeted a resource scope as possible.
  • Added --notification-pubsub-topic flag to gcloud access-approval settings update for publishing notifications to the specified topic when approval requests are made.
  • Added --request-scope-max-width-preference flag to gcloud access-approval settings update to configure the broadest scope of access for access requests without a specific method.
  • Added --require-customer-visible-justification flag to gcloud access-approval settings update to configure if a customer visible justification (i.e. Vector Case) is required for a Googler to create an Access Ticket to send to the customer when attempting to access customer resources.

AlloyDB

  • Promoted --tags flag of gcloud alloydb clusters create and gcloud alloydb backups create to GA.

App Engine

Artifact Registry

  • Added --canary-reads flag for gcloud artifacts docker upgrade migrate.

Cloud Dataproc

  • Added --master-boot-disk-provisioned-iops, --master-boot-disk-provisioned-throughput, --worker-boot-disk-provisioned-iops, --worker-boot-disk-provisioned-throughput to configure IOPS and throughput for hyperdisk-balanced bootdisk for master and primary workers.

Cloud Memorystore

  • Add databases as supported redis_config for Redis instance creation.
  • Added gcloud redis clusters add-cluster-endpoints which appends more cluster endpoints to a redis cluster.
  • Added gcloud redis clusters remove-cluster-endpoints which removes cluster endpoints for a redis cluster.

Cloud Workstations

  • Added --grant-workstation-admin-role-on-create flag to gcloud workstations configs to support workstations port sharing.

Colab

  • Added gcloud beta colab runtimes create.

Compute Engine

  • Promoted flags related to custom-metrics to beta:
    • --custom-metrics of gcloud compute backend-service create.
    • --custom-metrics-file of gcloud compute backend-service create.
    • --custom-metrics of gcloud compute backend-service update.
    • --custom-metrics-file of gcloud compute backend-service update.
    • --clear-custom-metrics of gcloud compute backend-service update.
    • --custom-metrics of gcloud compute backend-service add-backend.
    • --custom-metrics-file of gcloud compute backend-service add-backend.
    • --custom-metrics of gcloud compute backend-service update-backend.
    • --custom-metrics-file of gcloud compute backend-service update-backend.
    • --clear-custom-metrics of gcloud compute backend-service update-backend.
  • Promoted ipv6 flag of gcloud compute network-endpoint-group update <neg-name> --add-endpoint to GA.
  • Promoted network-attachment flag of gcloud compute instance create <instance-name> --network-interface to GA.
  • Promoted network-attachment flag of gcloud compute instance create <instance-name> --network-interface to beta.
  • Promoted network-attachment flag of gcloud compute instance-templates create <name> --network-interface to GA.
  • Promoted network-attachment flag of gcloud compute instance-templates create <name> --network-interface to beta.

Eventarc

  • Added gcloud beta eventarc message-buses command group for Eventarc Advanced.
  • Added gcloud beta eventarc google-api-sources command group for Eventarc Advanced.
  • Added gcloud beta eventarc pipelines command group for Eventarc Advanced.
  • Added gcloud beta eventarc enrollments command group for Eventarc Advanced.

GKE Hub

  • Fixed issue where re-registering a GKE cluster with gcloud container fleet memberships register --enable-workload-identity did not enable Workload Identity.
  • Updated gcloud container fleet identity-service apply to accept configurations containing a Diagnostic Interface section.

Kubernetes Engine

  • Added flag option --ParallelstoreCsiDriver to add support for enabling the Parallelstore CSI Driver.
  • Added --auto-monitoring-scope flag to gcloud beta container clusters create, gcloud beta container clusters create-auto, and gcloud beta container clusters update for standard or autopilot clusters.

Network Connectivity

  • Added --producer-instance-location and --allowed-google-producers-resource-hierarchy-level to gcloud network-connectvity service-connection-policies create.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

498.0.0 (2024-10-22)

Breaking Changes

  • (Cloud Workstations) Fixed gcloud beta workstations configs create and
  • (Cloud Workstations) gcloud beta workstations configs create flag --boost-config. Before
  • (Cloud Workstations) when user specified --boost-config=enable-nested-virtualization=false,
  • (Cloud Workstations) enableNestedVirtualization was set to True. Fix enables user to set
  • (Cloud Workstations) enableNestedVirtualization to False by specifying
  • (Cloud Workstations) --boost-config=enable-nested-virtualization=false.
  • (Compute Engine) Deprecated default guest image family for --confidential-compute-type=TDX from ubuntu-2304-amd64 to ubuntu-2204-lts.

AlloyDB

  • Added --tags flag to
    • gcloud alloydb clusters create to support associating Tags while creating Cluster.

Anthos Multi-Cloud

  • Added --kubelet-config-cpu-manager-policy flag to gcloud container aws node-pools create for choosing which CPU manager policy to use in the kubeletConfig.
  • Added --kubelet-config-cpu-cfs-quota flag to gcloud container aws node-pools create for enabling or disabling CPU CFS throttling.
  • Added --kubelet-config-cpu-cfs-quota-period flag to gcloud container aws node-pools create for setting the period for throttling when CPU CFS throttling is enabled.
  • Added --kubelet-config-pod-pids-limit flag to gcloud container aws node-pools create for setting the maximum number of PIDs in any pod.

Cloud DNS

  • Fix response policy update command for zonal response policies.

Cloud Dataproc

  • Added worker-machine-types flag to gcloud dataproc clusters create to support flexible machine types for primary workers.

Cloud Datastore

  • Promoted changed to gcloud datastore indexes create and gcloud datastore indexes cleanup commands which uses the Firestore Admin API to GA.
  • promoted --database-id flag for gcloud datastore indexes cleanup to GA.

Cloud Logging

  • Promoted the following commands to GA:
    • gcloud logging scopes create
    • gcloud logging scopes list
    • gcloud logging scopes delete
    • gcloud logging scopes describe
    • gcloud logging scopes update

Cloud Run

  • Source deploy will respect the source bucket set on an existing Cloud Run service in the run.googleapis.com/source-location or the run.googleapis.com/build-source-location (giving preference to the latter).
  • Updated the output of gcloud run jobs executions tasks describe to include the exit code of the last task attempt if the task has run.
  • Fixed gcloud multi-region-services update crashing when called without --add-region or --remove-region.
  • Fixed gcloud beta multi-region-services update documentation, where ALPHA arguments were erroneously included.

Cloud SQL

  • Add --replication-lag-max-seconds-for-recreate flag to recreate MySQL read-replica after the replication lag on the instance exceeds the defined threshold.

Cloud Spanner

  • Added --kms-keys flag to
    • gcloud spanner databases create
    • gcloud spanner backups create
    • gcloud spanner backups copy
    • gcloud spanner databases restore to support Cloud Spanner Customer Managed Encryption(CMEK) with multiple KMS keys.

Colab

  • Add colab/region property to set default region for gcloud colab commands.

Compute Engine

  • Promoted --custom-end-time flag of gcloud compute commitments create and gcloud compute commitments update to GA.
  • Promoted --load-balancing-scheme flag of gcloud compute backend-buckets create to beta.
  • Promoted --propagated-connection-limit flag of gcloud compute service-attachments create and gcloud compute service-attachments update to GA.
  • Added --action-on-vm-failed-health-check flag of gcloud compute instance-groups managed create and gcloud compute instance-groups managed create to Alpha.
  • Promoted support for gcloud compute instance-groups managed resize-requests describe for regional igm to beta.
  • Promoted support for gcloud compute instance-groups managed resize-requests list for regional igm to beta.

GKE Hub

  • Migrated gcloud container fleet mesh update to use v2 MembershipFeature API for mutation.
  • Migrated gcloud container fleet policycontroller content bundles remove to use v2 MembershipFeature API for per membership spec mutation.
  • Migrated gcloud container fleet policycontroller content bundles set to use v2 MembershipFeature API for per membership spec mutation.
  • Migrated gcloud container fleet policycontroller content templates disable to use v2 MembershipFeature API for per membership spec mutation.
  • Migrated gcloud container fleet policycontroller content templates enable to use v2 MembershipFeature API for per membership spec mutation.
  • Migrated gcloud container fleet policycontroller content deployment remove to use v2 MembershipFeature API for per membership spec mutation.
  • Migrated gcloud container fleet policycontroller content deployment set to use v2 MembershipFeature API for per membership spec mutation.
  • Migrated gcloud container fleet policycontroller content detach to use v2 MembershipFeature API for per membership spec mutation.
  • Migrated gcloud container fleet policycontroller content enable to use v2 MembershipFeature API for per membership spec mutation.
  • Migrated gcloud container fleet policycontroller content suspend to use v2 MembershipFeature API for per membership spec mutation.
  • Migrated gcloud container fleet policycontroller content update to use v2 MembershipFeature API for per membership spec mutation.
  • Migrated gcloud beta container fleet config-management apply to use v2 MembershipFeature API for per membership spec mutation.
  • Migrated gcloud beta container fleet config-management unmange to use v2 MembershipFeature API for per membership spec mutation.
  • Migrated gcloud beta container fleet config-management upgrade to use v2 MembershipFeature API for per membership spec mutation.

Kubernetes Engine

  • Fixed issue where gcloud container clusters create with --cluster-dns=clouddns incorrectly shows a confirmation prompt about recreating node pools. Recreating node pools is only necessary when changing from a different DNS provider.
  • Added --enable-multi-networking flags to gcloud container clusters create-auto.

Network Management

  • Added --destination-redis-instance and --destination-redis-cluster flags to gcloud network-management connectivity-tests to allow executing Connectivity tests to Redis instances and Redis clusters.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

497.0.0 (2024-10-15)

Breaking Changes

  • (Colab Enterprise) Deprecated gcloud beta colab-enterprise command group. Use gcloud beta colab instead.

Cloud Dataproc

  • Added secondary-worker-standard-capacity-base and secondary-worker-standard-capacity-percent-above-base flags to gcloud dataproc clusters create to support mixing of spot and standard instances for secondary workers.

Cloud Datastore

  • Promoted changed to gcloud datastore indexes create and gcloud datastore indexes cleanup commands which uses the Firestore Admin API to beta.
  • Added --database-id flag to gcloud datastore indexes cleanup.

Cloud On Demand Scanning

  • Added support for scanning for new OS packages (Wolfi, Chainguard, Google Distroless, SUSE Linux Enterprise Server, Rocky Linux, Alma Linux).
  • Added support for scanning new language packages (NPM, Python, Rust, RubyGems, Composer, NuGet).
  • Changed the default behavior of gcloud artifacts docker images scan to scan for vulnerabilities in all supported language packages, and added --skip-package-types flag to skip scanning for specific language package types.
  • Deprecated --additional-package-types flag of gcloud artifacts docker images scan command. Scanning for all package types is now the default.

Cloud SQL

  • Added PostgreSQL 17 to supported database versions.

Cloud Storage

  • Promoted gcloud storage folders to GA.
  • Promoted gcloud storage buckets create --enable-hierarchical-namespace flag to GA.
  • Updated gsutil component to 5.31.

Colab

  • Added gcloud beta colab command group to replace gcloud beta colab-enterprise.

Compute Engine

  • Promoted --ip-address-selection-policy flag of gcloud compute backend-services create and gcloud compute backend-services update to GA.
  • Promoted IPv6-only support for gcloud compute instances create, gcloud compute instances bulk create, gcloud compute instance-templates create, and gcloud compute networks subnets create to GA.
  • Promoted support for gcloud compute instance-groups managed resize-requests create for regional igm to beta.
  • Promoted support for gcloud compute instance-groups managed resize-requests cancel for regional igm to beta.
  • Promoted support for gcloud compute instance-groups managed resize-requests delete for regional igm to beta.
  • Added path to cookie for STRONG_COOKIE_AFFINITY and HTTP_COOKIE sessionAffinity type in GA.

Database Migration

  • Added --database-version-name flag to gcloud database-migration connection-profiles create cloudsql.

Network Connectivity

  • Added effective-location argument to routes list CLI to filter hub routes effective at a specific location.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

496.0.0 (2024-10-08)

Breaking Changes

  • (Anthos Multi-Cloud) Removed --workload-vulnerability-scanning flag of gcloud container attached clusters.

Artifact Registry

  • Added support for download rules that control the downloading behaviors of packages in a repository.

BigQuery

  • Added --request_reason flag to support setting the X-Goog-Request-Reason HTTP request header.
  • Added --reservation_id flag to allow specifying reservation on a job.
  • Fixed the validation on --nouse_google_auth when GDU is set as the universe domain.
  • Updated default --api value to match newer guidelines.
  • Fixed a bug where special billing/quota_project values in --quota_project_id flag are not resolved when using legacy auth.
  • Added support for creating and updating row access policies. Support for showing and removing row access policies will be added in a future version.
  • Added validations for schedule options during creating or updating data transfer configurations.
  • Added --event_driven_schedule to support event driven transfers in Data Transfer Service.
  • Added messages to alert users when a default connection is created and/or their IAM policy is updated for the default connection.
  • Updates permissions for directories to be 755.

Cloud Bigtable

  • Added --backup-type flag to gcloud bigtable backups create to support hot backups.
  • Added --hot-to-standard-time flag to gcloud bigtable backups create and gcloud bigtable backups update to support hot backups.

Cloud Deploy

  • Added support for Deploy Policies public preview.

Cloud Firestore

  • Updated gcloud beta firestore bulk-delete to require confirmation.

Cloud Pub/Sub

  • Added flags to gcloud pubsub topics create for creating Cloud Pub/Sub Cloud Storage Import Topics.
    • Added --cloud-storage-ingestion-bucket
    • Added --cloud-storage-ingestion-input-format
    • Added --cloud-storage-ingestion-text-delimiter
    • Added --cloud-storage-ingestion-match-glob
    • Added --cloud-storage-ingestion-minimum-object-create-time
  • Added flags to gcloud pubsub topics update for updating Cloud Pub/Sub Cloud Storage Import Topics.
    • Added --cloud-storage-ingestion-bucket
    • Added --cloud-storage-ingestion-input-format
    • Added --cloud-storage-ingestion-text-delimiter
    • Added --cloud-storage-ingestion-match-glob
    • Added --cloud-storage-ingestion-minimum-object-create-time

Cloud Resource Manager

  • Added DATA_GOVERNANCE choice for --purpose argument in gcloud resource-manager tags keys create command.

Cloud Run

  • Promoted gcloud run multi-region-services to beta.
  • Added --regions to gcloud beta run deploy to support Multi-Region Services.
  • Deprecated gcloud run integrations commands.
  • Added --[no]invoker-iam-check flag to optionally disable invoker IAM checks. This feature is available by invitation only; more info at https://cloud.google.com/run/docs/securing/managing-access#invoker_check.

Cloud SQL

  • Add new enum TLOG to --bak-type, add --export-log-start-time and --export-log-end-time flags to gcloud sql export bak to enable the transaction log export feature for SQL Server.

Cloud Workstations

  • Added support for the maximum usable workstations for a user in gcloud workstations config create and gcloud workstations config update commands.

Compute Engine

  • gcloud compute ssh no longer consumes STDIN while polling for instance key propagation.
  • Made scope required for gcloud compute backend-services list-usable.
  • Promoted Percentage-based Request Mirroring in UrlMaps compute API to beta.
  • Adds support for STRONG_COOKIE_AFFINITY sessionAffinity type in beta.
  • Updated behaviour of gcloud compute instance-groups managed delete: it will throw error if instance.delete operation takes more than 70 minutes instead of 30 minutes previously.
  • Adds support for STRONG_COOKIE_AFFINITY sessionAffinity type in GA.

Database Migration

  • Added --sqlserver-promote-when-ready and --no-sqlserver-promote-when-ready flags to gcloud database-migrate migration-jobs create and gcloud database-migrate migration-jobs update. The flags enable or disable promote of ready databases in Database Migration Service migration jobs for homogeneous SQL Server to Cloud SQL for SQL Server migrations.

Distributed Cloud Edge

  • Added --control-plane-node-storage-schema flag to gcloud edge-cloud container clusters create commands to allow specifying the local storage configuration schema.
  • Added --node-storage-schema flag to gcloud edge-cloud container node-pools create commands to allow specifying the local storage configuration schema.

GKE Hub

  • Added gcloud container fleet scopes add-app-operator-binding to beta which sets up permissions required for an app operator in a fleet scope.
  • Added gcloud container fleet scopes remove-app-operator-binding to beta which unsets permissions of an app operator in a fleet scope.
  • Added gcloud container fleet scopes list-app-operator-bindings to beta which lists app operators and their roles in a fleet scope.

Identity Groups

  • Deprecated POSIX groups from gcloud beta identity groups.

Kubernetes Engine

  • Fixed a bug gcloud container node-pools update command where it was ignoring --accelerator command.
  • Updates default kubectl from 1.29.8 to 1.30.5.
  • Additional kubectl versions:
    • kubectl.1.27 (1.27.16)
    • kubectl.1.28 (1.28.14)
    • kubectl.1.29 (1.29.9)
    • kubectl.1.30 (1.30.5)
    • kubectl.1.31 (1.31.1)
  • Added a new command gcloud beta container clusters get-upgrade-info which returns upgrade information of the given cluster.
  • Added a new command gcloud beta container node-pools get-upgrade-info which returns upgrade information of the given node pool.
  • Added flag option --enable-ip-access to gcloud container clusters create and gcloud container clusters create commands. This flag enables IP address access to the cluster's control plane.
  • Added flag option --enable-dns-access to gcloud container clusters create and gcloud container clusters create commands. This flag enables DNS access to the cluster's control plane.
  • Added flag option --enable-private-endpoint-enforcement to gcloud container clusters create and gcloud container clusters create commands. This flag enforces authorized networks rules over cluster's private endpoint.
  • Added flag option --dns-endpoint to gcloud container clusters get-credentials command. This flag configures kubectl to point DNS endpoint of the cluster's control plane.

Network Services

  • Promoted the following Service Extensions Plugins command groups to beta:
    • gcloud service-extensions wasm-plugins
    • gcloud service-extensions wasm-plugin-versions

Notebook Executor

  • Added gcloud beta notebook-executor schedules surface and commands.

Security Command Center

  • Modified gcloud scc sources describe to call Security Command Center v2 api instead of v1.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

495.0.0 (2024-10-01)

Breaking Changes

  • (GKE Hub) Modified gcloud container fleet memberships get-credentials to require the permission gkehub.gateway.generateCredentials (automatically included in roles gkehub.gatewayReader, gkehub.gatewayEditor, and gkehub.gatewayAdmin), as well as network access to *connectgateway.googleapis.com.

Google Cloud CLI

  • Updated property core/parse_error_details default to be set to True, gcloud CLI will parse and display errors in a more human readable format, where available.

App Engine

  • Fixed customer bug (https://issuetracker.google.com/issues/364466911) for the local dev_appserver.py running go apps on Windows.
  • Added the new runtime go1.23 support for dev_appserver.py.

Artifact Registry

  • Added gcloud artifacts attachments create to support creating an Attachment for an artifact.
  • Added gcloud artifacts attachments download to support downloading an Attachment.
  • Added gcloud artifacts attachments list to support listing Attachments in a repository.
  • Added gcloud artifacts attachments delete to support deleting an Attachment.
  • Added location flag from artifacts sbom export, artifacts sbom list, artifacts sbom load, artifacts vulnerabilities list, and artifacts vulnerabilities load-vex.
  • Changed default answer for prompts in enable-upgrade-redirection and disable-upgrade-redirection to Y.

Cloud Access Context Manager

  • Added --binding-file flag to gcloud access-context-manager cloud-bindings for setting ScopedAccessSettings in GcpUserAccessBinding.

Cloud Firestore

  • Updated gcloud firestore backups list to return the unavailable locations.

Cloud Identity-Aware Proxy

  • Added --resource-type=cloud-run to gcloud iap setting and gcloud iap web iam in ALPHA.

Cloud Pub/Sub

  • Increased upper bound for --message-retention-duration flag of gcloud pubsub subscriptions create from 7 days to 31 days.
  • Increased upper bound for --message-retention-duration flag of gcloud pubsub subscriptions update from 7 days to 31 days.
  • Fixed --cloud-storage-max-bytes flag of gcloud pubsub subscriptions create to accept values down to 1000 bytes.
  • Fixed --cloud-storage-max-bytes flag of gcloud pubsub subscriptions update to accept values down to 1000 bytes.

Cloud Run

  • Promoted --service-min-instances flag of gcloud run deploy and gcloud run services update to GA.

Cloud SQL

  • Promote gcloud sql ssl server-ca-certs to GA.

Cloud Spanner

  • Promoted gcloud spanner backup-schedules to GA.
  • Added new columns to gcloud spanner backups list command.

Database Migration

  • Added --authorized-network-cidr-ranges, --enable-outbound-public-ip, and --enable-public-ip flags to gcloud database-migration connection-profiles create alloydb.

GKE Hub

  • Migrated gcloud container fleet memberships register from calling v1beta1 gkehub APIs to standard versions (v1, v1beta, v1alpha).
  • Migrated gcloud container fleet memberships unregister from calling v1beta1 gkehub APIs to standard versions (v1, v1beta, v1alpha).

Kubernetes Engine

  • Promoted --enable-confidential-storage flag on cluster/node-pool create to GA to enable creating boot disk with confidential mode.

Network Connectivity

  • Added FOR_MIGRATION usage type support to Internal Range.

Notebook Executor

  • Added gcloud beta notebook-executor executions surface and commands.

Policy Simulator

  • Added gcloud policy-intelligence simulate command group. Commands in this group simulate changes to organization policies.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

494.0.0 (2024-09-24)

Breaking Changes

  • (GKE Hub) gcloud beta container fleet memberships get-credentials now requires the permission gkehub.gateway.generateCredentials (automatically included in roles gkehub.gatewayReader, gkehub.gatewayEditor, and gkehub.gatewayAdmin), as well as network access to *connectgateway.googleapis.com.

Google Cloud CLI

  • Upgraded cryptography package to version 43.0.1.
  • Upgraded pyopenssl package to version 24.2.1.

AlloyDB

  • Added --outbound-public-ip flag to enable outbound public IP on an instance for the following commands in the GA track:
    • gcloud alloydb instances create
    • gcloud alloydb instances create-secondary
    • gcloud alloydb instances update

App Engine

Cloud Bigtable Emulator

  • Rebuilding cbt emulator with go version 1.23.0 which fixed CVE-2023-45288.

Cloud SQL

  • Updated gcloud beta sql ssl server-certs list to also return the CA certificates.
  • Promoted --time-zone flag of gcloud sql instances patch command to GA.

Colab Enterprise

  • Added gcloud beta colab-enterprise runtimes describe.
  • Added gcloud beta colab-enterprise runtimes list.
  • Added gcloud beta colab-enterprise runtimes delete.
  • Added gcloud beta colab-enterprise runtimes upgrade.
  • Added gcloud beta colab-enterprise runtimes start.

Compute Engine

  • Promote --confidential-compute-type=TDX flag of gcloud compute instances create to v1.
  • Added gce_vm_ip_portmap Network Endpoint Group for gcloud compute network-endpoint-groups GA support.
  • Fix crash when setting --session-affinity.
  • Added TDX_CAPABLE to the list of guestOsFeatures.

Database Migration

  • Updated gcloud database-migration connection-profiles create alloydb to support POSTGRES_16 version option for AlloyDB connection profiles.

Developer Connect

  • Promoted gcloud developer-connect to beta.

GKE Hub

  • Added support for fleet-default membership configuration of Config Sync to gcloud beta container fleet config-management command group.
    • Added --fleet-default-member-config flag to gcloud beta container fleet config-management enable to set the fleet-default membership configuration.
    • Added --origin flag to gcloud beta container fleet config-management apply to sync a membership to the fleet-default membership configuration.
    • Added --fleet-default-member-config flag to gcloud beta container fleet config-management disable to clear the fleet-default membership configuration.
    • Added column to gcloud beta container fleet config-management status output to indicate whether each membership configuration is synced to the fleet-default membership configuration.

Gemini

  • Added gcloud gemini code-repository-indexes API.
  • Added gcloud gemini code-repository-indexes repository-groups API.

Network Security

  • For commands network-security security-profile-groups create and update, changed subflags for --threat-prevention-policy from --security-profile-organization and --security-profile-location to the more consistent --threat-prevention-profile-organization and --threat-prevention-profile-location, while keeping the old flags as well for backwards compatibility.
  • Added support for creating Security Profile Groups linked to Custom Mirroring security profiles using network-security security-profile-groups create --custom-mirroring-profile=<...>.

Oracle Database

  • Added gcloud oracle-database group in GA with the following commands:
    • gcloud oracle-database autonomous-database-backups list command
    • gcloud oracle-database autonomous-databases commands group
    • gcloud oracle-database autonomous-db-versions list command
    • gcloud oracle-database cloud-exadata-infrastructures commands group
    • gcloud oracle-database cloud-exadata-infrastructures db-servers list
    • gcloud oracle-database cloud-vm-clusters commands group
    • gcloud oracle-database cloud-vm-clusters db-system-shapes list command
    • gcloud oracle-database entitlements list command
    • gcloud oracle-database gi-versions list command

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

493.0.0 (2024-09-17)

Breaking Changes

  • (Anthos Multi-Cloud) Renamed --security-posture flag as --workload-vulnerability-scanning.
  • (Compute Engine) Removed gcloud compute future-reservations command group from GA.
  • (Security Command Center) Removed gcloud scc slz-overwatch command group.

Google Cloud CLI

  • gcloud auth application-default print-access-token now supports context_aware access.

AlloyDB

  • Added --node-ids flag to gcloud alloydb instances restart command to the GA track. This flag allows users to allow users to specify a comma-separated list of read pool node IDs to perform the restart on. Without specifying this flag, every node in the read pool will be restarted.

Cloud Firestore Emulator

  • Release Cloud Firestore emulator v1.19.9
    • Fix missing version data on non-transactional and transactional deletes

Cloud Identity-Aware Proxy

  • Promoted --resource-type=forwarding-rule from ALPHA to beta.
  • Fixed issue UDF jars are mishandled for SQL jobs in some cases.
  • SQL jobs will always produce script output to improve spotting errors.

Cloud NetApp

  • Added --allow-auto-tiering flag to gcloud netapp storagepools.
  • Added --tiering-policy flag to gcloud netapp volumes.

Cloud Pub/Sub

  • Modified --message-retention-duration flag of gcloud pubsub subscriptions create to enforce lower bound of 10 minutes and upper bound of 7 days.
  • Modified --message-retention-duration flag of gcloud pubsub subscriptions update to enforce lower bound of 10 minutes and upper bound of 7 days.

Cloud SQL

  • Added support for restoring backups across projects.

Cloud Spanner

  • Added --edition flag to gcloud spanner instances create and gcloud spanner instances update commands to allow specifying the Spanner edition while creating or updating instances.

Colab Enterprise

  • Added gcloud beta colab-enterprise runtimes.
  • Added gcloud beta colab-enterprise runtimes assign.
  • Update gcloud beta colab-enterprise runtime-templates create to set default disk type and size if neither flag is specified, instead of no disk.

Compute Engine

  • Added --reservation-sharing-policy flag to gcloud compute commitments create command to specify the reservation sharing policy for the commitment.
  • Promote --turbo-mode in gcloud compute instances create to GA.

Compute Firewall Policy Rules

  • Promoted --src-network-scope flag of gcloud compute firewall-policies rules to beta.
  • Promoted --src-networks flag of gcloud compute firewall-policies rules to beta.
  • Promoted --dest-network-scope flag of gcloud compute firewall-policies rules to beta.
  • Promoted --src-network-scope flag of gcloud compute network-firewall-policies rules to beta.
  • Promoted --src-networks flag of gcloud compute network-firewall-policies rules to beta.
  • Promoted --dest-network-scope flag of gcloud compute network-firewall-policies rules to beta.

GKE Hub

  • Modified gcloud beta container fleet memberships update to call gkehub API version v1beta instead of v1beta1.
  • Modified gcloud beta container fleet memberships create to call gkehub API version v1beta instead of v1beta1.

Migrate to Virtual Machines

  • Promoted gcloud migration vms image-imports commands to GA.

Network Security

  • Simplified the network-security mirroring-deployment-groups create command by accepting just the networkID for network specification.
  • Changed subflags for --threat-prevention-policy in network-security security-profile-groups create and update from --security-profile-organization and --security-profile-location to the more consistent --threat-prevention-profile-organization and --threat-prevention-profile-location, while keeping the old flags as well for backwards compatibility.

Recaptcha

  • Update reCAPTCHA Express support in CreateKey API.

Security Command Center

  • Modified gcloud scc sources describe to accept parent (organization|folder|project) as positional argument instead of only organization.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

492.0.0 (2024-09-10)

Anthos Multi-Cloud

  • Added --security-posture flag to gcloud container attached clusters to set the mode of the Kubernetes security posture API's off-cluster features.

Artifact Registry

  • Supported --filter and --sort-by on resource list apis.
  • Added update commands for annotations on Files, Packages and Package Versions.

Assured Workloads

  • Added SOVEREIGN_CONTROLS_BY_SIA_MINSAIT and SOVEREIGN_CONTROLS_BY_PSN as options for --partner flag of gcloud assured workloads create for both beta and GA.
  • Added support for the following Compliance Regimes for gcloud assured workloads create: AU_REGIONS_AND_US_SUPPORT, ISR_REGIONS, ISR_REGIONS_AND_SUPPORT, CA_PROTECTED_B, IL5, IL2, JP_REGIONS_AND_SUPPORT, KSA_REGIONS_AND_SUPPORT_WITH_SOVEREIGNTY_CONTROLS, and REGIONAL_CONTROLS.
  • The gcloud assured workloads create command will now automatically receive new Compliance Regime and Partner options as they are added to the Assured Workloads API.

Cloud Filestore

  • Added --deletion-protection and --deletion-protection-reason flags to gcloud filestore instances create.
  • Added --deletion-protection, --no-deletion-protection and --deletion-protection-reason flags to gcloud filestore instances update.

Cloud Functions

  • Changed gcloud functions deploy to deploy new functions via Cloud Functions (2nd gen) by default. 1st gen functions can still be created by specifying --no-gen2 or by setting the functions/gen2 property to off. This change will be applied in the GA release track to match beta and alpha.

Cloud NetApp

  • Added --zone and --replica-zone flag to gcloud netapp [volumes|storage-pools] create commands.

Cloud Run

  • Promoted gcloud run services logs read and gcloud run jobs logs read to GA.

Cloud SQL

  • Added --server_ca_mode flag to gcloud beta sql instances create for creation of instances using CAS server CA.
  • Added sql ssl server_certs group for CAS server cert management and rotation with the commands create, list, rotate, and rollback.

Colab Enterprise

  • Fixed output in gcloud beta colab-enterprise runtime-templates commands involving LROs to correctly show resource name rather than operation name.

Compute Engine

  • Promoting --turbo-mode in gcloud compute instances create to beta. It lets instances run at supported turbo frequency. Only supported on C4 VM families with possible value "ALL_CORE_MAX".

Database Migration

  • Added --username and --password flags to gcloud database-migration connection-profiles create sqlserver.
  • Added gcloud database-migrate connection-profiles test to validate a Database Migration Service connection profile.

GKE Hub

  • Removed --description flag of gcloud beta container fleet memberships create.

Kubernetes Engine

  • Updates default kubectl from 1.28.12 to 1.29.8.
  • Additional kubectl versions:
    • kubectl.1.27 (1.27.16)
    • kubectl.1.28 (1.28.13)
    • kubectl.1.29 (1.29.8)
    • kubectl.1.30 (1.30.4)
    • kubectl.1.31 (1.31.0)
  • Added --accelerators flag to gcloud container node-pools update to enable accelerator config update on nodepools.

Network Management

  • Added gcloud beta network-management vpc-flow-logs-configs command group which is manage the VPC Flow Logs configurations.

Network Security

  • New commands for network-security resources - AuthzPolicy.
  • Added security-profiles custom-mirroring commands to manage custom mirroring security profiles and promoted them to beta.

Service Extensions

  • New commands for service-extensions resources - AuthzExtensions.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

491.0.0 (2024-09-04)

Breaking Changes

  • (GKE Hub) gcloud container fleet scopes namespaces get-credentials now requires the permission gkehub.gateway.generateCredentials (automatically included in roles gkehub.gatewayReader, gkehub.gatewayEditor, and gkehub.gatewayAdmin), as well as network access to *connectgateway.googleapis.com.
  • (Kubernetes Engine) Changed gcloud container clusters update to use current cluster DNS config as base for changes rather than default DNS config. In addition, the user will only be prompted about the necessary node pool upgrade when specified cluster DNS provider is different than the current value in the cluster.

Google Cloud CLI

  • Updated Windows bundled Python for the gcloud CLI to 3.11.9.

Artifact Registry

  • Fixed issue where gcloud artifacts docker images describe fails when no metadata flag is specified and API enablement check is denied.

Cloud Dataflow

  • Allow JAVA21 in --flex-template-base-image option for gcloud dataflow flex-template build.

Cloud Firestore

  • Promoted --encryption-type and --kms-key-name flag of gcloud firestore databases restore command to beta and GA.

Cloud Identity-Aware Proxy

  • Added --resource-type=forwarding-rule to gcloud iap setting and gcloud iap web in ALPHA.

Cloud NetApp

  • Added --hybrid-replication-parameters flag to gcloud netapp volumes {create}.

Cloud Workstations

  • Deprecated --disable-ssh-to-vm flag in gcloud workstations config create command. Use --enable-ssh-to-vm flag instead.

Compute Engine

  • Fix incorrect padding issues for gcloud add_signed_url_key method.

Kpt

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

490.0.0 (2024-08-27)

App Hub

  • Added gcloud apphub locationscommand group. Commands in this group manage apphub locations.

Assured Workloads

  • Added SOVEREIGN_CONTROLS_BY_CNTXT and SOVEREIGN_CONTROLS_BY_CNTXT_NO_EKM as options for --partner for gcloud assured workloads create.
  • Added partner-services-billing-account flag for gcloud assured workloads create.

BigQuery

  • Enabled Google Auth by default.

Cloud Bigtable

  • Added support for more aggregate types to the cbt CLI.

Cloud Run

  • Added --mesh flag to gcloud beta run deploy and gcloud beta run services update. Use gloud beta run deploy --mesh=[MESH] ... to enable Cloud Service Mesh for a Cloud Run Service.
  • Promoted --add-volume, --remove-volume, --clear-volumes, --add-volume-mount, --remove-volume-mount, and --clear volume mounts flags of gcloud run deploy, gcloud run services update, gcloud run jobs deploy, gcloud run jobs create, and gcloud run jobs update to GA for NFS and Cloud Storage volumes.

Colab Enterprise

  • Added gcloud beta colab-enterprise runtime-templates add-iam-policy-binding.
  • Added gcloud beta colab-enterprise runtime-templates get-iam-policy.
  • Added gcloud beta colab-enterprise runtime-templates set-iam-policy.
  • Added gcloud beta colab-enterprise runtime-templates remove-iam-policy-binding.

Compute Engine

  • Promoted flags related to external-managed migration to beta:
    • '--external-managed-backend-bucket-migration-state' of gcloud compute forwarding-rules update.
    • '--external-managed-backend-bucket-migration-testing-percentage' of gcloud compute forwarding-rules update.
    • '--load-balancing-scheme' of gcloud compute forwarding-rules update.
    • '--external-managed-migration-state' of gcloud compute backend-services update.
    • '--external-managed-migration-testing-percentage' of gcloud compute backend-services update.
    • '--load-balancing-scheme' of gcloud compute backend-services update.
  • Promoted gcloud compute future-reservations command group to GA.

Database Migration

  • Added --sqlserver-diff-backup and --no-sqlserver-diff-backup flags to gcloud database-migrate migration-jobs create and gcloud database-migrate migration-jobs update. The flags enable or disable differential backups in Database Migration Service migration jobs for homogeneous SQL Server to Cloud SQL for SQL Server migrations.
  • Updated gcloud database-migration connection-profiles create cloudsql to support MySQL_8_4 major version option for Cloud SQL connection profiles.

GKE Hub

  • Modified gcloud beta container fleet memberships register to not populate membership description.
  • Removed --description flag of gcloud beta container fleet memberships update.

Kubernetes Engine

  • Added flag option --[no]-enable-insecure-binding-system-authenticated to allow/block System RBAC bindings group system:authenticated binds to any role.
  • Added flag option --[no]-enable-insecure-binding-system-unauthenticated to allow/block System RBAC bindings group system:unauthenticated and user system:anonymous binds to any role.

Memorystore

  • Added memorystore command group. Commands in this group allow creating and managing Memorystore instances.

Notebooks

  • Added NVIDIA_H100_80GB and NVIDIA_H100_MEGA_80GB option to --accelerator-type flag of gcloud notebooks instances create and gcloud notebooks instances update.

Workbench

  • Added workbench instances restore to restore the workbench instance to an existing backup state.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

489.0.0 (2024-08-20)

Cloud Dataplex

  • Adjusted gcloud dataplex entries search page-size limit to match the public API documentation.

Cloud Filestore

  • Added MAX_READ_IOPS column to gcloud beta filestore instances list and gcloud filestore instances list.

Cloud Firestore

  • Promoted vector-config flag of gcloud firestore indexes composite create command to beta and GA.
  • Added firestore bulk-delete command in alpha and beta to delete data in bulk.

Cloud Firestore Emulator

Cloud Run

  • Added --build-env-vars, --function, --base-image, --automatic-updates, --build-worker-pool, --delegate-builds, --build-service-account to improve --source deployments on beta.

Cloud Storage

  • Fix missing hash validation for CMEK encrypted downloads via rsync.

Colab Enterprise

  • Added gcloud beta colab-enterprise to manage colab enterprise resources.
  • Added gcloud beta colab-enterprise runtime-templates.
  • Added gcloud beta colab-enterprise runtime-templates create.
  • Added gcloud beta colab-enterprise runtime-templates delete.
  • Added gcloud beta colab-enterprise runtime-templates describe.
  • Added gcloud beta colab-enterprise runtime-templates list.

Compute Engine

  • Promoted flags related to the nat64 feature to alpha:
    • nat64-all-v6-subnet-ip-ranges of gcloud compute routers nats (create|update).
    • nat64-custom-v6-subnet-ip-ranges of gcloud compute routers nats (create|update).
    • clear-nat64-v6-subnet-ip-ranges of gcloud compute routers nats update.
    • clear-nat-subnet-ip-ranges of gcloud compute routers nats update.
  • Added update command for instance-schedule policy: gcloud compute resource-policies update instance-schedule.
  • Added --reservation-sharing-policy flag to gcloud beta compute reservations create and gcloud beta compute reservations update.

Kubernetes Engine

  • Added --storage-pools flag on node-pool update.
  • Promoted --storage-pools flag on cluster / node-pool create to GA.

Looker

  • Launched Private Services Connect for Looker (Google Cloud core) with General Availability.

Network Security

  • Added network-security mirroring-endpoint-group-associations commands to manage packet-mirroring endpoint group associations, and promoted them to beta.

Workbench

  • Added --min-cpu-platform flag to gcloud workbench instances create.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

488.0.0 (2024-08-13)

BigQuery

  • Fixed logging when --use_google_auth is used.
  • Added a retry for server-side errors.
  • Sorted ls response for projects.

Certificate Manager

  • Added command gcloud certificate-manager issuance-configs update.

Cloud Filestore

  • Added --clear-performance flag to gcloud beta filestore instances update and gcloud filestore instances update to support unsetting of performance configurations for filestore instances.

Cloud Firestore

  • Added support for VECTOR_CONFIG options in gcloud firestore indexes composite list command.
  • Added support for VECTOR_CONFIG options in gcloud firestore indexes composite describe command.

Cloud Memorystore

  • Added --cross-cluster-replication-role and --primary-cluster flags to gcloud redis clusters create for creating secondary clusters.
  • Added gcloud redis clusters switchover, gcloud redis clusters detach and gcloud redis clusters detach-secondaries commands for Cross Cluster Replication failover CUJs.

Cloud Run

  • Added --gpu and --gpu-type to gcloud beta run deploy and gcloud beta run services update which allow deploying a service with GPU.

Cloud Workstations

  • Added --allowed-ports flag support for gcloud workstations configs create.

Compute Engine

  • Updating --session-affinity to a value other than STRONG_COOKIE_AFFINITY clears the value of strongSessionAffinityCookie.
  • Added support for specifying multiple instances in gcloud compute instances perform-maintenance.
  • Promoted --bgp-best-path-selection-mode and related flags in gcloud compute networks create and update to beta.
  • gcloud compute instances ops-agents policies create/update no longer supports Centos 7, Centos 8 and Debian 10.

Database Migration

  • Updated gcloud database-migration connection-profiles create cloudsql to support MySQL_8_0_37 minor version option for Cloud SQL connection profiles.

GKE Hub

  • Modified gcloud beta container fleet memberships describe to call gkehub API version v1beta instead of v1beta1.
  • Modified gcloud beta container fleet memberships delete to call gkehub API version v1beta instead of v1beta1.
  • Modified gcloud beta container fleet memberships list to call gkehub API version v1beta instead of v1beta1.

Identity and Access Management

  • Added --credential-cert-path, --credential-key-path, and --credential-cert-config-path flags to gcloud iam workload pools create-cred-config. This enables using X509 certificate-sourced credentials with gcloud auth login --cred-file=/path/to/credential/config.json when using Workload Identity Federation.

Network Security

  • Promoted gcloud network-security address-groups --purpose field to GA.
  • Added network-security mirroring-deployment-groups commands to manage packet-mirroring deployment groups, and promoted them to beta.
  • Added network-security mirroring-deployments commands to manage packet-mirroring deployments, and promoted them to beta.
  • Added network-security mirroring-endpoint-groups commands to manage packet-mirroring endpoint groups, and promoted them to beta.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

487.0.0 (2024-08-06)

Breaking Changes

  • (Cloud Storage) Remove '-' in error message for non-matching GCloud buckets. Currently, when
  • (Cloud Storage) listing buckets, all buckets that don't match are prefixed with '-', which might
  • (Cloud Storage) confuse readers of the bucket URLs.
  • (Compute Engine) Changed behavior of --local-ssd flag so that unknown interfaces trigger an exception rather than defaulting to SCSI.

Google Cloud CLI

  • Updated linux bundled python for the gcloud CLI to 3.11.9.
  • Updated setuptools package to version 70.3.0.
  • Updated openssl package to version 3.0.14.

Cloud DNS

  • Added support to allow specifying Network Proxy load balancers as health checked targets for Routing Policies.

Cloud Dataproc

  • Use the cluster-pool name as the identifier of the staging directory path when using a cluster pool. This change applies to gcloud dataproc clusters create and gcloud dataproc clusters update commands.

Cloud Filestore

  • Added --performance flag to gcloud filestore instances create and gcloud filestore instances update to support performance configuration of filestore instances.

Cloud Firestore

  • Promoted --show-deleted flag of gcloud firestore databases list command to beta and GA.
  • Promoted --kms-key-name flag of gcloud firestore databases create command to beta and GA.

Cloud NetApp

  • Added --large-capacity and --multiple-endpoints flag to gcloud netapp volumes {create}.

Cloud On Demand Scanning

  • Added support for parsing RPM package databases in SQLite format.
  • Fixed issue where local-extract would return an error when running it in a container without the user manually overriding the gid and uid values.

Cloud Run

  • Modified the api enablement default prompt value to be Y for gcloud run deploy command.

Cloud SQL

  • Added gcloud sql instances switchover, which switches over a Cloud SQL instance to one of its replicas.

Cloud Storage

  • Fixed a bug in where IAM policies with conditional bindings were not supported because of version issue in gcloud storage buckets add-iam-policy-binding command.
  • Fixed a bug in objects update command where it was ignoring --clear-content-type flag.

Compute Engine

  • Promoted --source-regions flag of gcloud compute health-checks to GA.
  • Promoted --availability-domain flag of gcloud compute instances create to GA.
  • Added interface support to gcloud compute instances create, gcloud compute instances attach-disk and gcloud compute instance-templates create for persistent disks.

Distributed Cloud Edge

  • Fixed issue in gcloud edge-cloud container clusters create command where it was ignoring --offline-reboot-ttl flag.

GKE Hub

  • Modified --description flag of gcloud beta container fleet memberships create to be optional.

Security Command Center

  • Added UNDEFINED option to --mute flag of gcloud scc findings set-mute to reset finding mute state.
  • Added --mute-state flag to gcloud scc findings bulk-mute to facilitate resetting 'static' mute state.
  • Added --type flag to gcloud scc muteconfigs create to support creation of dynamically evaluated ('dynamic') mute configs.
  • Added --expiry-time flag to gcloud scc muteconfigs create and gcloud scc muteconfigs update to support creation and update of expiry time for temporary mute configs ('dynamic' only).
  • Promoted gcloud scc iac-validation-reports describe command to GA.
  • Promoted gcloud scc iac-validation-reports list command to GA.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

486.0.0 (2024-07-30)

Cloud DNS

  • Added alpha support for creating health-checked routing policies in public zones. Use --health-check to indicate that all IP addresses should be health checked.

Cloud Filestore

  • Added --performance flag to gcloud beta filestore instances create and gcloud beta filestore instances update to support performance configuration of filestore instances.

Cloud Functions

  • Added --binary-authorization and --clear-binary-authorization flags for 2nd gen function.

Cloud Pub/Sub

Cloud SQL

  • Added --switch-transaction-logs-to-cloud-storage flag to gcloud sql instances patch to switch the transaction logs used for PITR from disk to Cloud Storage. Added show-transactional-log-storage-state flag to gcloud sql instances list to display the transaction logs storage location for all the instances under the project.

Cloud Workstations

  • Adding support for the source workstation flag in the beta workstations create command.

Compute Engine

  • Beta support for STRONG_COOKIE_AFFINITY sessionAffinity type.
  • Promoted --server-tls-policy and --clear-server-tls-policy for gcloud compute target-https-proxies create and gcloud compute target-https-proxies update to GA.

Compute Firewall Policy Mirroring Rules

  • Promoted gcloud compute firewall-policies mirroring-rules to beta.
  • Promoted gcloud compute network-firewall-policies mirroring-rules to beta.

GKE Hub

  • Promoted gcloud container fleet memberships support-access to GA.

Kubernetes Engine

  • Updated default kubectl from 1.27.15 to 1.28.12
  • Additional kubectl versions:
    • kubectl.1.27 (1.27.16)
    • kubectl.1.28 (1.28.12)
    • kubectl.1.29 (1.29.7)
    • kubectl.1.30 (1.30.3)

Privileged Access Manager

  • Promoted gcloud pam commands to GA.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

485.0.0 (2024-07-23)

Breaking Changes

  • (Security Command Center) Removed rapid-vulnerability-detection service from "Google Cloud CLI" as it is deprecated.

AlloyDB

  • Added flag --allowed-psc-projects to gcloud alloydb instances create-secondary. This flag specifies a list of allowed consumer projects on a secondary instance in a cluster with Private Service Connect enabled.
  • Added --node-ids flag to gcloud alloydb instances restart command to the beta track. This flag allows users to allow users to specify a comma-separated list of read pool node IDs to perform the restart on. Without specifying, this flag every node in the read pool will be restarted.
  • Added --outbound-public-ip flag to gcloud alloydb instances create, gcloud alloydb instances create-secondary andgcloud alloydb instances update commands in the beta track. This flag allows users to allow users to enable public outbound connections within their primary instance. To disable public outbound IP you can use --no-outbound-public-ip.

Cloud Build

  • Promote Cloud Build gen2 commands under gcloud builds ... to beta status.

Cloud Deploy

  • Added gcloud deploy deploy-policies command group.

Cloud Functions

  • Validated iam permission of default build service account for both 1st gen and 2nd gen function in gcloud functions deploy. Warning will be prompted when roles/cloudbuild.builds.builder is missing.

Cloud Storage

  • Fixed a bug in sign-url command.

Cloud Workstations

  • Adding support for enabling unauthenticated CORS preflight requests in the gcloud beta workstations config commands.

Compute Engine

  • Fix issue with Google Compute Engine list commands that were slow when used with --limit.

Kubernetes Engine

  • Revert the default value of --max-nodes-per-pool from 2000 to 1000 and update the upper bound this value to be 2000.

Network Connectivity

  • Added updating include-import-ranges flag support for hybrid spokes.

Network Services

  • Clarify failover-health-threshold usage to remove the notion of an unsupported product.

Vmware Engine

  • Added --autoscaling-min-cluster-node-count, --autoscaling-max-cluster-node-count, --autoscaling-cool-down-period, --update-autoscaling-policy, --autoscaling-settings-from-file and --remove-autoscaling-policy to gcloud vmware private-clouds clusters update command to support autoscaling feature on update cluster.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

484.0.0 (2024-07-16)

Breaking Changes

  • (GKE Hub) gcloud container fleet memberships get-credentials now requires the permission gkehub.gateway.generateCredentials (automatically included in roles gkehub.gatewayReader, gkehub.gatewayEditor, and gkehub.gatewayAdmin), as well as network access to *connectgateway.googleapis.com.

AlloyDB

  • Added --node-ids flag to gcloud alloydb instances restart command in the alpha and beta tracks. This flag allows users to allow users to specify a comma-separated list of read pool node IDs to perform the restart on. Without specifying this flag, every node in the read pool will be restarted.

App Engine

Artifact Registry

  • Fixed error codes for gcloud artifacts docker upgrade migrate.

Batch

  • Fixed the --filter flag of gcloud batch list command to match gcloud topic filters syntax.

BigQuery

  • Added support for non-ASCII characters in the field mask when updating Connections.
  • Added support for configuration.authentication.profile_id in the field mask when updating Connections.
  • Fixed a bug where bq init would be called even when --use_google_auth is specified.

Cloud Build

  • Add support in gcloud builds worker-pools commands for default region set in config.

Cloud Data Fusion

  • Added three new optional arguments to gcloud beta data-fusion instances create command:
    • --maintenance-window-start
    • --maintenance-window-end
    • --maintenance-window-recurrence
    • These arguments allow users to specify the start time, end time, and recurrence of the maintenance window for their Data Fusion instance.
  • Add four new optional arguments to gcloud beta data-fusion instances update command:
    • --maintenance-window-start
    • --maintenance-window-end
    • --maintenance-window-recurrence
    • --clear-maintenance-window
    • These arguments allow users to update maintenance window for their Data Fusion instance by specifying the start time, end time, and recurrence, or clear the maintenance window using --clear-maintenance-window.

Cloud Run

  • Allows --revision-suffix to be specified with empty string to clear client-set revision naming.

Cloud SQL

  • Added --[no-]enable-dataplex-integration flag to gcloud sql instances create and gcloud sql instances patch to support Dataplex Integration for Cloud SQL.
  • Added support for MySQL 8.4.

Cloud Spanner

  • Promoted --type=DATABASE_CHANGE_QUORUM option in gcloud spanner operations list to GA.
  • Fixed the DATABASE_CHANGE_QUORUM type filter string in gcloud spanner operations list.

Cloud Workstations

  • Adding disable_ssl_validation support for workstations start-tcp-tunnel and workstations ssh.

Compute Engine

  • Added gcloud compute routers add-route-policy-term which adds policy term to a Route Policy in Cloud Router.
  • Promoted gcloud compute routers add-route-policy-term to beta.
  • Added gcloud compute routers update-route-policy-term which updates policy term in a Route Policy in Cloud Router.
  • Promoted gcloud compute routers update-route-policy-term to beta.
  • Added gcloud compute routers remove-route-policy-term which removes policy term from Route Policy in Cloud Router.
  • Promoted gcloud compute routers remove-route-policy-term to beta.
  • Fixed a bug in gcloud beta compute ssh where a third-party identity subject bearing an '@' sign wouldn't be URL-escaped in the way the OS Login API expects, causing spurious rejection.
  • Promoted support of flags to --detection-load-threshold, detection-absolute-qps, detection-relative-to-baseline-qps, and traffic-granularity-configs in gcloud compute security-policies add-layer7-ddos-defense-threshold-config to GA.

Dataproc Metastore

  • Promoted --min-scaling-factor, --max-scaling-factor, and --autoscaling-enabled flag of gcloud metastore services create and gcloud metastore services update to GA.

Distributed Cloud Edge

  • Added --offline-reboot-ttl flag to gcloud edge-cloud container clusters create and gcloud edge-cloud container clusters update commands. This flag specifies the maximum duration a node can reboot offline (without connection to Google) and then rejoin its cluster to resume its designated workloads.

Kubernetes Engine

  • Added flag option --addons=RayOperator to enable/disable the Ray Operator addon for GKE Standard clusters.
  • Added flag --[no]-enable-ray-operator to enable/disable the Ray Operator addon for GKE Autopilot clusters.
  • Added flag --[no]-enable-ray-cluster-logging to enable/disable automatic log collection for Ray clusters when the Ray Operator addon is enabled.
  • Added flag --[no]-enable-ray-cluster-monitoring to enable/disable automatic metrics collection for Ray clusters when the Ray Operator addon is enabled.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

483.0.0 (2024-07-02)

Google Cloud CLI

  • Enabled faster component update mode by default on Linux. This avoids making a backup copy of the installation directory when running certain gcloud components commands, which should significantly improve the time taken by these operations (including installation and updates).
  • Fixed issue where gcloud components update would leave installation in an unusable state when downloading certain components failed.

AlloyDB

  • Added the following flags to gcloud alloydb instances create and gcloud alloydb instances update in alpha and beta:
    • --observability-config-enabled
    • --observability-config-preserve-comments
    • --observability-config-track-wait-events
    • --observability-config-max-query-string-length
    • --observability-config-record-application-tags
    • --observability-config-query-plans-per-minute
    • --observability-config-track-active-queries
  • Promoted AlloyDB Cross Region Replication commands to beta and GA track. Modified commands include: alloydb clusters switchover.
  • Added creating cross region and project backups support to gcloud alloydb backups create command.
  • Added ability to create clusters with database_version POSTGRES_16 in beta track.

Batch

  • Release resource-allowances commands to the alpha track.

Cloud Access Context Manager

  • Promoted gcloud access-context-manager supported-services to GA.

Cloud Filestore

  • Enable Filestore promote-replica command in GA track.

Cloud Functions

  • Added --binary-authorization and --clear-binary-authorization flags for 2nd gen function in alpha and beta track.

Cloud NetApp

  • Updated psa-range comments on gcloud netapp storage-pools and gcloud netapp volumes to indicate that the psa-range key is not used and will be ignored.

Cloud SQL

  • Adding support for clean and if-exists flags to parallel import and single-threaded-export.

Cloud Workstations

  • Added --vm-tags flag to gcloud workstations config create to add tags to the workstation's underlying VM.

Compute Engine

  • Promoted --preference flag of gcloud compute backend-services add-backend and gcloud compute backend-services update-backend to GA.
  • Promoted --service-lb-policy flag of gcloud compute backend-services create and gcloud compute backend-services update to GA.
  • Promote gcloud compute instances ops-agents to GA.
  • Added IDPF to the list of guestOsFeatures.
  • Promoted --max-run-duration flag of gcloud compute instances create to v1.
    • Allows specifying the duration of time after which the instance will terminate.
  • Promoted --termination-time flag of gcloud compute instances create to v1.
    • Allows specifying the timestamp that the instance will terminate.
  • Promoted --discard-local-ssds-at-termination-timestamp flag of gcloud compute instances create to v1.
    • Allows specifying the option to whether discard attached local SSDs when automatically stopping this VM

Network Security

  • Renamed FIREWALL_POLICY column to SOURCE_RESOURCE column in gcloud networksecurity address-groups list-references command.
  • Added --purpose flag to gcloud alpha/beta network-security address-groups create/update commands.

Secret Manager

  • Added flag --location and --regional-kms-key-name for secrets to use the regional secrets.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

482.0.0 (2024-06-25)

App Engine

  • Removed unused python2 dependencies that have CVEs.

Cloud Bigtable

  • Adds force option to cbt setgcpolicy.

Cloud Dataflow

  • Elevate jinja variables to top-level flag in dataflow yaml run.

Cloud Functions

  • Added --clear-build-service-account flag for gcloud functions deploy.

Cloud Key Management Service

  • Added --allowed-access-reasons flag to gcloud kms keys create to create a key with a Key Access Justifications policy configured.
  • Added --allowed-access-reasons flag to gcloud kms keys update to update the Key Access Justifications policy on a key.
  • Added --remove-key-access-justifications-policy flag to gcloud kms keys update to remove the Key Access Justifications policy on a key.

Cloud Services

  • Promoted gcloud services policies add-enable-rules to beta.
  • Promoted gcloud services policies remove-enable-rules to beta.
  • Promoted gcloud services policies get to beta.
  • Promoted gcloud services policies get-effective to beta.
  • Promoted gcloud services policies test-enabled to beta.
  • Promoted gcloud services groups list-ancestor-groups to beta.
  • Promoted gcloud services groups list-descendant-services to beta.
  • Promoted gcloud services groups list-members to beta.

Compute Engine

  • Added --size flag to gcloud compute instance-groups managed update for v1.
  • Promoted --confidential-compute-type flag for the command gcloud compute instance create to GA.
  • Promoted --performance-monitoring-unit flag for the command gcloud compute instance-templates create to GA.
  • Promoted --performance-monitoring-unit flag for the command gcloud compute instances bulk create to GA.
  • Promoted --performance-monitoring-unit flag for the command gcloud compute instances create to GA.

Kubernetes Engine

  • Updated default kubectl from 1.27.14 to 1.27.15.
  • Additional kubectl versions:
    • kubectl.1.27 (1.27.15)
    • kubectl.1.28 (1.28.11)
    • kubectl.1.25 (1.29.6)
    • kubectl.1.30 (1.30.2)

Network Connectivity

  • Added include-import-ranges flag to hybrid spoke creation to support importing hub subnets.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

481.0.0 (2024-06-18)

Breaking Changes

  • (Cloud Dataflow) Deprecated gcloud dataflow sql command group. The command group will be removed by 2025-01-31. See Beam YAML and Beam notebooks for alternatives.

AlloyDB

  • Added another option ASSIGN_IPV4 to flag --assign-inbound-public-ip to enable public IP for an instance to gcloud alloydb instances create and gcloud alloydb instances create-secondary.
  • Added flag --authorized-external-networks to set a list of authorized external networks on an instance to gcloud alloydb instances create and gcloud alloydb instances create-secondary.
  • Added switchover command.

Artifact Registry

  • Fixed a bug where gcloud artifacts files download and gcloud artifacts generic download would crash.

BigQuery

  • Added undelete command for datasets.
  • Updated google-auth to version 2.29.0.
  • Improved authentication error messaging.

Cloud Domains

  • Implemented the following commands for gcloud domains registrations google-domains-dns
    • get-forwarding-config
    • export-dns-record-sets

Cloud Filestore

  • Added --source-instance flag to gcloud filestore instances create and gcloud beta filestore instances create command to specify the instance will be created as a Standby replica of the source-instance.
  • Added promote-replica verb for filestore instances. promote-replica promotes a standby replication instance to a regular instance.

Cloud Functions

  • Promoted --build-service-account flag for gcloud functions deploy to GA.

Cloud Identity-Aware Proxy

  • Promoted gcloud iap regional command to beta and GA.

Cloud Pub/Sub

Cloud Spanner

  • Added gcloud beta spanner instance-partitions command group.
  • Added --instance-partition flag to gcloud beta spanner operations list, gcloud beta spanner operations describe, and gcloud beta spanner operations cancel.

Cloud Storage

  • Added commands for creating, listing, describing, and deleting folders in buckets with hierarchical namespace enabled:
    • Added gcloud alpha storage folders create which creates folders.
    • Added gcloud alpha storage folders list which lists folders in buckets.
    • Added gcloud alpha storage folders describe which gets the folder's metadata.
    • Added gcloud alpha storage folders delete which deletes folders.
  • Updated gsutil component to 5.30.

Compute Engine

  • Promoted --confidential-compute-type flag for the command gcloud compute instance create to GA.
  • Added --size flag to gcloud compute instance-groups managed update for v1.

Network Connectivity

  • Updated gcloud network-connectivity internal-ranges update to support setting and clearing labels.
  • Added support for include-export-ranges to support include filters for VPC spokes.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

480.0.0 (2024-06-11)

App Engine

Artifact Registry

  • gcloud artifacts docker upgrade migrate now automatically creates repos for pkg.dev-based migration.
    • Added gcloud artifacts files delete command.

Cloud Datastream

  • Added --type and --sqlserver-* flags to gcloud datastream connection-profiles create|update and gcloud datastream objects lookup commands to support SQL server source.
  • Added --type and --sqlserver-* flags to gcloud datastream streams create|update commands to support SQL server source.
  • Added --sqlserver-rdbms-file flag and support for SQL Server profile to --connection-profile-object-file to gcloud datastream connection-profiles discover commands to support SQL server source.

Cloud Domains

  • Implemented the following commands for gcloud domains registrations
    • renew-domain
    • initiate-push-transfer

Cloud Functions

  • Added support for --execution-id flag when used together with --gen2 flag for gcloud functions logs read.

Cloud Healthcare

  • Added beta flag --enable-history-modifications to the fhir-stores create and fhir-stores update commands.

Cloud IAM

  • Updated iam service-accounts keys list to return additional properties, namely:
    • disable_reason: The reason the Service Account Key as been disabled (if applicable)
    • extended_status: Additional metadata about the Service Account Key

Cloud Memorystore

  • Added --zone-distribution-mode and --zone flags to gcloud redis clusters create for creating single zone clusters.

Cloud Pub/Sub

  • Added --bigquery-service-account-email and --cloud-storage-service-account-email flags to gcloud pubsub subscriptions create to set the service account for writing messages to BigQuery and Cloud Storage, respectively.
  • Added --bigquery-service-account-email and --cloud-storage-service-account-email flags to gcloud pubsub subscriptions create to update the service account for writing messages to BigQuery and Cloud Storage, respectively.

Cloud Spanner

  • Added --proto-descriptors-file to gcloud spanner databases create command to allow creating database with proto and enum type columns.
  • Added --proto-descriptors-file to gcloud spanner databases ddl update command to allow updating database with proto and enum type columns.
  • Added --include-proto-descriptors to gcloud spanner databases ddl describe command to allow proto descriptors for a database with proto and enum type columns.
  • Promoted gcloud spanner databases change-quorum command to GA.

Cloud Storage

  • Adds support of Cross Bucket Replication Feature in alpha track of gcloud transfer command group.

Cloud Workstations

  • Added --allowed-ports flag to gcloud beta workstations configs create and gcloud beta workstations configs update commands.
  • Added enable-nested-virtualization pool-size and boot-disk-size to --boost-configs flag in beta workstations configs create and beta workstations configs update.

Compute Engine

  • Added support for version=24.04 and short-name=ubuntu in --os-types for gcloud beta compute instances ops-agents policies [create|update].
  • Promoted Tls Early Data in TargetHttpsProxy compute API to v1.
  • Added gce_vm_ip_portmap Network Endpoint Group for gcloud compute network-endpoint-groups beta support.
  • Added --access-mode flag to gcloud compute disks create and gcloud compute disks update.
  • Added --tls-early-data flag to gcloud compute v1 target-https-proxies create/update to Tls Early Data field in Target Https Proxy.

Secret Manager

  • Added --version-destroy-ttl flag to gcloud secrets create to let users enable secret version delayed destruction on a secret.
  • Added --version-destroy-ttl flag to gcloud secrets update to let users enable/update secret version delayed destruction on a secret.
  • Added --remove-version-destroy-ttl flag to gcloud secrets update to let users disable secret version delayed destruction on a secret.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

479.0.0 (2024-06-04)

Breaking Changes

  • (Cloud Dataflow) gcloud dataflow flex-template build for Dataflow Flex Templates in Python with --env FLEX_TEMPLATE_PYTHON_REQUIREMENTS_FILE=/path/to/requirements.txt defined will run pip check after pip install while building the container image. This will break the build process if newly installed packages override pre-installed packages with a version that is known to be incompatible with other pre-installed packages. See https://cloud.google.com/dataflow/docs/guides/templates/configuring-flex-templates for alternative methods to build a container image without pip check.

Artifact Registry

  • Updated gcloud artifacts docker images command to include tags as list instead of string to enable use of --filter=tags=<SearchTerm>.

Cloud Composer

  • Added gcloud composer environments check-upgrade command. It checks that an environment upgrade does not fail because of PyPI module conflicts.
  • Added gcloud composer environments list-upgrades command. It lists all possible target versions that an existing environment can be upgraded to.

Cloud Dataproc

  • Updated gcloud dataproc session-templates export to filter out additional output only fields.

Cloud NetApp

  • Added --administrators flag to gcloud netapp active-directories create and gcloud netapp active-directories update.

Cloud SQL

  • Added --preferred-secondary-zone flag to gcloud sql instances clone command.

Compute Engine

  • Updated import and export schemas for gcloud compute forwarding-rules.
  • Promoted --ip-collection flag of gcloud compute forwarding-rules create to GA.
  • Promoted --ip-collection-region flag of gcloud compute forwarding-rules create to GA.

Compute OS Config

  • Added --allow-missing flag to gcloud compute os-config os-policy-assignments update to allow for creation of a new OS policy assignment resource if it does not exist.

Database Migration

  • Updated gcloud database-migration connection-profiles create cloudsql to support POSTGRES_16 version option for Cloud SQL connection profiles.

Distributed Cloud Edge

  • Added add/remove exclusion window flags for gcloud edge-cloud container clusters update to allow users to add/remove exclusion windows where automatic upgrades will be blocked within.

Service Extensions

  • Added the metadata field to the DEP extensions.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

478.0.0 (2024-05-29)

Google Cloud CLI

  • Improved error message for authentication errors.
  • Improved error message for service account impersonation refresh errors.
  • Fixed issue where some commands with a --uri flag would produce no output.

App Engine

  • Enable fetch_instance_after_connect_error for compute start-iap-tunnel in GA.
  • Allow IAP tunneling for instances with external IP when explicitly enabled via flag.

App Engine Flexible Environment

  • Enable fetch_instance_after_connect_error for compute start-iap-tunnel in GA.
  • Allow IAP tunneling for instances with external IP when explicitly enabled via flag.

Artifact Registry

  • Added gcloud artifacts files describe command.

Backup For GKE

  • Added --volume-data-restore-policy-bindings flag to gcloud container backup-restore restore-plans create and gcloud container backup-restore restore-plans update to enhance volume restore flexibility.
  • Added --volume-data-restore-policy-overrides-file flag to gcloud container backup-restore restores create to enhance volume restore flexibility.
  • Added --permissive-mode flag to gcloud container backup-restore backup-plans create and gcloud container backup-restore backup-plans update to enable bypassing the new backup-time restorability enforcement.
  • Added --filter-file flag to gcloud container backup-restore restores create to support Backup for GKE fine-grained restore.
  • Added --restore-order-file flag to gcloud <alpha|beta> container backup-restore restore-plans create and gcloud <alpha|beta> container backup-restore restore-plans update to support custom ordering while performing restore as part of Backup for GKE.
  • Added the following enum values for the flag --namespaced-resource-restore-mode to gcloud <alpha|beta> container backup-restore restore-plans create and gcloud <alpha|beta> container backup-restore restore-plans update to expand namespaced resource restore mode options:
    • merge-skip-on-conflict
    • merge-replace-volume-on-conflict
    • merge-replace-on-conflict
  • Deprecated --substitution-rules-file flag. Use --transformation-rules-file instead.

BigQuery

  • Added support for map_target_type with external parquet tables.
  • Added support for column_name_character_map to map special characters in column names during load jobs.
  • Added a printout of unreachable locations when datasets and jobs are listed and a region is down.

Cloud Dataplex

  • Promoted gcloud dataplex aspect-types command group to GA.
  • Promoted gcloud dataplex entry-groups command group to GA.
  • Promoted gcloud dataplex entry-types command group to GA.

Cloud Deploy

  • Fixed issue where skaffold files generated from deploy releases create flags did not include all profiles in the release's Delivery Pipeline.

Cloud Firestore

  • Promoted Cloud Firestore Backups and Restore gcloud CLI changes to beta.
    • Promoted gcloud firestore backups list command to beta.
    • Promoted gcloud firestore backups describe command to beta.
    • Promoted gcloud firestore backups delete command to beta.
    • Promoted gcloud firestore backups schedules create command to beta.
    • Promoted gcloud firestore backups schedules update command to beta.
    • Promoted gcloud firestore backups schedules describe command to beta.
    • Promoted gcloud firestore backups schedules delete command to beta.
    • Promoted gcloud firestore backups schedules list command to beta.
    • Promoted gcloud firestore databases restore command to beta.
  • Promoted Cloud Firestore Backups and Restore gcloud CLI changes to GA.
    • Promoted gcloud firestore backups list command to GA.
    • Promoted gcloud firestore backups describe command to GA.
    • Promoted gcloud firestore backups delete command to GA.
    • Promoted gcloud firestore backups schedules create command to GA.
    • Promoted gcloud firestore backups schedules update command to GA.
    • Promoted gcloud firestore backups schedules describe command to GA.
    • Promoted gcloud firestore backups schedules delete command to GA.
    • Promoted gcloud firestore backups schedules list command to GA.
    • Promoted gcloud firestore databases restore command to GA.

Cloud Firestore Emulator

  • Release Cloud Firestore emulator v1.19.7
    • Fixes unexpected responses from nested queries in Datastore Mode.
    • Add Auth Context support for Firestore triggers (2nd gen) in Firestore Emulator

Cloud Functions

  • Added validation to --runtime-update-policy argument.

Cloud SQL

  • Added PostgreSQL 16 to database versions.
  • Fixed issue where gcloud sql instances export and gcloud sql instances import would display only the operation selfLink field instead of the whole operation when run asynchronously with --async, regardless of the --format flag specified.
    • This behavior is now consistent with other gcloud sql instances commands.
    • To display only the selfLink field, use --format="value(selfLink)".

Cloud Workstations

  • Adding --env flag to gcloud workstations create.

Compute Engine

  • Added IPV6_ONLY option to --stack-type flag of gcloud compute vpn-gateways create command to create an IPv6-only VPN gateway.

Config Connector

Database Migration

  • Updated gcloud database-migrate connection-profiles update to update Database Migration Service connection profile for SQL Server to Cloud SQL-SQL Server migrations.
  • Updated gcloud database-migrate migration-jobs update to update Database Migration Service migration job for SQL Server to Cloud SQL-SQL Server migrations.

Dataproc Metastore

  • Added --deletion-protection flags to gcloud metastore services create GA release track to allow creating a Dataproc Metastore instance with delete protection.
  • Added --deletion-protection and --no-deletion-protection flags to gcloud metastore services update GA release track to allow updating a Dataproc Metastore instance with delete protection.

Security Command Center

  • Added --filter-modules flag in gcloud scc manage services describe ... api to filter response by modules.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

477.0.0 (2024-05-21)

Anthos

  • To support second device login in gcloud anthos auth command.

Cloud Functions

  • Fixed issue where gcloud functions deploy would crash on disconnecting vpc connector when --clear-vpc-connector flag was specified.

Cloud Memorystore

  • Added --[no-]deletion-protection flag to gcloud redis clusters create and gcloud redis clusters updateto allow enabling/disabling deletion protection for Redis Clusters.

Cloud SQL

  • When creating a replica instance with gcloud sql instances create --edition=enterprise-plus, infer --tier from the primary instance if --tier is not provided for new database types.

Compute Engine

  • Added support for adding labels to the disk in the following commands:
    • gcloud beta compute instances create
    • gcloud beta compute instance-templates create
    • gcloud beta compute instances create-with-container
    • gcloud beta compute instance-templates create-with-container.
  • Added support for --resource-policies in the following commands:
    • gcloud compute instances create-with-container
    • gcloud compute instance-templates create-with-container.
  • Changed all gcloud compute list commands to log a warning instead of raising an exception when receiving an empty response from AggregatedList requests, even if there are partial errors.

Declarative Workflows

  • Fixed issue where using gcloud beta resource-config bulk-export with certain --resource-types values (e.g. ComputeVPNTunnel, ComputeURLMap) would fail with INVALID_ARGUMENT when looking up the resources in Cloud Asset Inventory.

GKE Hub

  • Support --security-posture=enterprise flag in gcloud container fleet create, gcloud container fleet update in beta and GA track.
  • Support --security-posture=enterprise flag in gcloud container hub create, gcloud container hub update in beta and GA track.

Kubernetes Engine

  • Added flags --[no]-enable-insecure-kubelet-readonly-port and--[no]-autoprovisioning-enable-insecure-kubelet-readonly-port` to enable/disable the insecure Kubelet readonly port on clusters and node-pools.
  • Increased maximum argument to --num-nodes flag of gcloud container clusters create from 1000 to 2000.
  • Updated default kubectl from 1.27.13 to 1.27.14.
  • Additional kubectl versions:
    • kubectl.1.27 (1.27.14)
    • kubectl.1.28 (1.28.10)
    • kubectl.1.25 (1.29.5)
    • kubectl.1.30 (1.30.1)

Network Connectivity

  • Added gcloud network-connectivity policy-based-routes to beta.
  • Added IPV6 option to --protocol-version flag of gcloud network-connectivity policy-based-routes.

Network Security

  • Renamed FIREWALL_POLICY column to SOURCE_RESOURCE column in gcloud beta networksecurity address-groups list-references command.
  • Added security policies in the output of gcloud beta networksecurity address-groups list-references command.

Vmware Engine

  • Added GOOGLE_CLOUD_NETAPP_VOLUMES option to --peer-network-type flag of gcloud vmware network-peerings create to allow peering with Google Cloud NetApp Volumes projects.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

476.0.0 (2024-05-14)

Google Cloud CLI

  • Updated pyopenssl package to version 24.0.0 to enable cryptography version 42.0.5.

AlloyDB

  • Added flag --assign-inbound-public-ip to enable or disable public IP for an instance to gcloud alloydb instances create-secondary.
  • Added flag --ssl-mode to configure an instance's SSL mode to gcloud alloydb instances create-secondary.
  • Added flag --require-connectors to enforce whether or not all connections need to come from connectors (e.g. AlloyDB Auth Proxy) to gcloud alloydb instances create-secondary.

App Engine

  • Use java21 as the default runtime for app.yaml generated configuration. This change is compatible with gcloud app deploy command, when there is no app.yaml configuration for Java projects (Maven, or Gradle, or simple jar). Instead of using a java17 runtime target, App Engine deploys the application using the java21 runtime with an F2 instance class. To continue using the java17 runtime, create an app.yaml file, and specify runtime: java17.
  • Updated the Java SDK to version 2.0.27 build from the open source project https://github.com/GoogleCloudPlatform/appengine-java-standard/releases/tag/v2.0.27.

Cloud Bigtable

  • Rebuilding cbt cli with golang.org/x/net 0.24.0 which fixed CVE-2023-45288.
  • Added Authorized Views feature.

Cloud Dataplex

  • Added gcloud dataplex entries commands which allow manipulating Dataplex Catalog Entries.

Cloud Infrastructure Manager

  • Added --annotations flag for gcloud infra-manager previews create and gcloud infra-manager deployments apply commands.

Cloud Key Management Service

  • Added a new value ec-sign-ed25519 to the flag default-algorithm to support the asymmetric signing algorithm ED25529 through gcloud kms keys create|update and gcloud kms keys versions import.

Cloud Logging

  • Promoted gcloud logging views get-iam-policy command to GA.
  • Promoted gcloud logging views set-iam-policy command to GA.
  • Promoted gcloud logging views add-iam-policy-binding command to GA.
  • Promoted gcloud logging views remove-iam-policy-binding command to GA.

Cloud NetApp

  • Added --allow-auto-tiering to gcloud beta netapp storagepools to allow storage pool enable auto tiering.
  • Added --tiering-policy to gcloud beta netapp volumes to allow volume enable auto tiering.

Cloud Run

  • gcloud run jobs deploy --source has been fixed.

Cloud Storage

  • Updated gsutil component to 5.29.

Compute Engine

  • Deprecated gcloud compute instances move. See https://cloud.google.com/compute/docs/instances/moving-instance-across-zones for an alternative method.
  • Fixed inconsistency in IPv6 flag support for gcloud compute instances create-with-container and gcloud compute instance-templates create-with-container commands. Changes include added support for --internal-ipv6-address and --internal-ipv6-prefix-length flags, as well as stack-type, and ipv6-network-tier arguments for --network-interface flag.
  • Fixed inconsistency in reservation flag support for gcloud compute instances create-with-container and gcloud compute instance-templates create-with-container commands. Changes include added support for --reservation and --reservation-affinity flags.
  • Added specific-then-any-reservation and specific-then-no-reservation to the flag --reservation-affinity for alpha and beta in gcloud compute instances create and gcloud compute instance-templates create-with-container commands.
  • Promoted --mode flag of gcloud compute public-delegated-prefixes create to GA.
  • Promoted --allocatable-prefix-length flag of gcloud compute public-delegated-prefixes create to GA.
  • Promoted --mode flag of gcloud compute public-delegated-prefixes delegated-sub-prefixes create to GA.
  • Promoted --allocatable-prefix-length flag of gcloud compute public-delegated-prefixes delegated-sub-prefixes create to GA.
  • Added gcloud compute routers add-route-policy which creates an empty Route Policy in Cloud Router.
  • Promoted gcloud compute routers add-route-policy to beta.
  • Added gcloud compute routers get-route-policy which describe Route Policy from Cloud Router.
  • Promoted gcloud compute routers get-route-policy to beta.
  • Added gcloud compute routers download-route-policy which downloads Cloud Router's Route Policy into a file.
  • Promoted gcloud compute routers download-route-policy to beta.
  • Added gcloud compute routers list-bgp-routes which lists the routes advertised and learned on individual BGP sessions, both pre- and post-policy evaluation.
  • Promoted gcloud compute routers list-bgp-routes to beta.
  • Added gcloud compute routers list-route-policies which lists all Route Policy within Cloud Router.
  • Promoted gcloud compute routers list-route-policies to beta.
  • Added gcloud compute routers remove-route-policy which removes Cloud Router's Route Policy.
  • Promoted gcloud compute routers remove-route-policy to beta.
  • Added gcloud compute routers upload-route-policy which uploads Route Policy from a file and adds it to Cloud Router.
  • Promoted gcloud compute routers upload-route-policy to beta.
  • Added --import-policies and --export-policies flags to gcloud compute routers add-bgp-peer and gcloud compute routers update-bgp-peer to apply Cloud Router's Route Policies to Cloud Router Bgp Peer.
  • Promoted --import-policies and --export-policies flags of gcloud compute routers add-bgp-peer and gcloud compute routers update-bgp-peer to beta.
  • Added --bgp-identifier-range flag to gcloud compute routers create and gcloud compute routers update.
  • Added --enable-ipv4, --ipv4-nexthop-address, and --peer-ipv4-nexthop-address flags to gcloud compute routers add-bgp-peer and gcloud compute routers update-bgp-peer.
  • Added --ip-version flag to gcloud compute routers add-interface and gcloud compute routers update-interface. Additionally, --ip-address flag of these commands will now accept IPv6 addresses.
  • Promoted --maintenance-interval flag for gcloud compute sole-tenancy node-groups create to GA.
  • Promoted gcloud compute sole-tenancy node-groups perform-maintenance to GA.
  • Added --terraform-script-output-file, --exclusion-patterns-file and --export-exclusion-patterns flags to gcloud (alpha|beta) compute firewall-rules migrate commands.

Database Migration

  • Updated gcloud database-migration connection-profiles create cloudsql to support MySQL_8_0_36 minor version option for Cloud SQL connection profiles.

Eventarc

  • Removed gcloud beta eventarc, including warnings and errors. User are expected to use gcloud eventarc instead.

Kpt

Kubernetes Engine

  • Updated default kubectl from 1.26.15 to 1.27.13.
  • Additional kubectl versions:
    • kubectl.1.27 (1.27.13)
    • kubectl.1.28 (1.28.9)
    • kubectl.1.29 (1.29.4)
    • kubectl.1.30 (1.30.0)

Network Connectivity

  • Added --policy-mode and --preset-topology flags to gcloud network-connectivity hubs create.
  • Added gcloud network-connectivity hubs groups update.

Security Command Center

  • Deprecated read-time and compare-duration flags from the findings list and findings group commands.
  • Promoted management api gcloud scc manage services ... commands to GA.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

475.0.0 (2024-05-07)

Google Cloud CLI

  • Enabled faster component update mode by default on macOS. This avoids making a backup copy of the installation directory when running certain gcloud components commands, which should significantly improve the time taken by these operations (including installation and updates).
    • If for some reason this change causes problems, please file a bug report. One can temporarily revert to the legacy update mode via gcloud config set experimental/fast_component_update False or by setting the environment variable CLOUDSDK_EXPERIMENTAL_FAST_COMPONENT_UPDATE=False (it may be necessary to first reinstall the gcloud CLI either from scratch or by running gcloud components reinstall). Note that the faster update mode will eventually become the default on all platforms at which point the fast_component_update mode property will be removed.
    • Since the gcloud CLI no longer makes a full copy of the installation directory to allow for this performance improvement, gcloud components restore has been deprecated. However, equivalent functionality can be achieved via gcloud components update --version=<previous version> or gcloud components reinstall, depending on whether one needs to restore an earlier version or reinstall the current version, respectively.

Anthos Multi-Cloud

  • Updated gcloud container attached clusters register to fail when using --has-private-issuer with --distribution=eks.

Artifact Registry

  • Fixed bug where gcloud artifacts docker upgrade migrate sometimes excluded bucket auth from generated IAM policies.

Cloud Build

  • Modified gcloud builds submit to support submitting a build with a Developer Connect GitRepositoryLink resource.

Cloud Dataflow

  • Promoted gcloud dataflow yaml run to GA.

Cloud Datastream

  • Fix bug where append only flag not recognized in BiQueryDestinationConfig.

Cloud Firestore Emulator

  • Release Cloud Firestore emulator v1.19.6
    • Added --import-data and --export-on-exit flags.
    • Fixed few bugs regarding transactions, including: read only commits, retriable transactions and contention errors on commits.

Cloud NetApp

  • Added flex as a --service-level option during gcloud netapp storage-pools create.

Compute Engine

  • Promoted dual stack IPv6 support for gcloud compute instances create-with-container and gcloud compute instance-templates create-with-container to GA.

Network Connectivity

  • Promote Regional API Endpoints to GA.
  • Added --export-psc and --no-export-psc flags to gcloud network-connectivity hubs create and gcloud network-connectivity hubs update.

Network Security

  • Fixed gcloud network-security tls-inspection-policies import not recognizing minTlsVersion and tlsFeatureProfile.
  • Fixed gcloud network-security tls-inspection-policies export not recognizing minTlsVersion and tlsFeatureProfile.

Security Command Center

  • Removed misleading documentation in gcloud scc findings create command that imply findings can be created at folder and project level. This command only allows findings to be created under an organization.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

474.0.0 (2024-04-30)

Breaking Changes

  • (Cloud Run) gcloud run jobs deploy is not working with source builds in this release. Run gcloud builds submit and then gcloud run jobs deploy with the generated image, or use Google Cloud CLI version 472 or earlier.

AI

  • Added more choice options to --region flag of gcloud ai custom-jobs and gcloud ai hp-tunining-jobs, including: africa-south1, europe-west12, me-central1, me-central2 and us-east5.

AlloyDB

  • Updated gcloud beta alloydb clusters create-secondary to support automated backup policy.
  • Added flags --maintenance-window-day and --maintenance-window-hour to configure preferred maintenance window for a cluster to commands gcloud alloydb clusters create and gcloud alloydb clusters update.
  • Added flag --maintenance-window-any to remove preferred maintenance window for a cluster to gcloud alloydb clusters update.

Artifact Registry

  • Added gcloud artifacts generic upload to support uploading to a Generic Repository.
  • Added gcloud artifacts generic download to support downloading to a Generic Repository.

Cloud DNS

  • Modified --description flag of gcloud dns managed-zones create to be optional instead of required. If not set, the managed zone's description will be empty.

Cloud Monitoring

  • Added --service-agent-auth flag to gcloud monitoring uptime commands.

Compute Engine

  • Added --tls-early-data flag to gcloud compute alpha/beta target-https-proxies create/update to Tls Early Data field in Target Https Proxy.
  • Added gcloud compute project-zonal-metadata for managing project zonal metadata. Documentation of this feature is available at https://cloud.google.com/compute/docs/metadata/setting-custom-metadata#set-custom-project-zonal-metadata.
  • Promoted --stack-type flag of gcloud compute interconnects attachments partner create to GA. Flag defines the stack type of partner interconnect attachment.
  • Promoted --stack-type flag of gcloud compute interconnects attachments partner update to GA. Flag defines the stack type of interconnect attachment.
  • Added producer-port argument when creating PSC NEGs. This is an optional field, and used to specify the port the PSC NEG will consume traffic from the PSC Producer.
  • Promoted the flag of --partner-metadata and --partner-metadata-from-file to beta in:
    • gcloud compute instance-templates create.
    • gcloud compute instances create.
    • gcloud compute instances update.
  • Promoted gcloud compute instances add-partner-metadata command to beta.
  • Promoted gcloud compute instances patch-partner-metadata command to beta.
  • Promoted gcloud compute instances remove-partner-metadata command to beta.
  • Promoted the flag of --view to beta in:
    • gcloud compute instance-templates list
    • gcloud compute instance-templates describe.
    • gcloud compute instances list
    • gcloud compute instances describe.

Firebase Test Lab

  • Promoted --resign flag of gcloud firebase test android run to GA. This flag allows clients to specify if Robo should re-sign the app-under-test APK.

Kubernetes Engine

  • Updated kubectl versions:
    • kubectl.1.26 (1.26.15)
    • kubectl.1.27 (1.27.13)
    • kubectl.1.28 (1.28.9)
    • kubectl.1.29 (1.29.4)
    • kubectl.1.30 (1.30.0)
  • Updated help text for --cluster-ipv4-cidr to clarify that this flag is not applicable in a Shared VPC setup.

Network Services

  • Promoted gcloud network-services service-lb-policies to GA.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

473.0.0 (2024-04-23)

Breaking Changes

  • (Cloud Domains) Changed the default setting of DNSSEC to disabled when using the Cloud DNS Zone in gcloud domains registrations configure dns command. It's unsafe to enable it by default.

Google Cloud CLI

  • Enabled faster component update mode by default on Windows. This avoids making a backup copy of the installation directory when running certain gcloud components commands, which should significantly improve the time taken by these operations (including installation and updates).
    • If for some reason this change causes problems, please file a bug report. One can temporarily revert to the legacy update mode via gcloud config set experimental/fast_component_update False or by setting the environment variable CLOUDSDK_EXPERIMENTAL_FAST_COMPONENT_UPDATE=False (it may be necessary to first reinstall the gcloud CLI either from scratch or by running gcloud components reinstall). Note that the faster update mode will eventually become the default on all platforms at which point the fast_component_update mode property will be removed.
    • Since the gcloud CLI no longer makes a full copy of the installation directory to allow for this performance improvement, gcloud components restore has been deprecated. However, equivalent functionality can be achieved via gcloud components update --version=<previous version> or gcloud components reinstall, depending on whether one needs to restore an earlier version or reinstall the current version, respectively.
  • Updated Windows PuTTY executables to version 0.81.

Artifact Registry

  • Added file name to gcloud artifacts files download progress message.

Backup For GKE

  • Added a new command gcloud container backup-restore backups get-backup-index-download-url.

Cloud Composer

  • Added --image-version to gcloud composer environments update to upgrade composer environment to a newer composer version.

Cloud Domains

  • Deprecated --unsafe-dns-update flag from gcloud domains registrations configure dns command.

Cloud IAM

  • Added --extra-attributes-client-id flag to gcloud iam workforce-pools providers create-oidc and gcloud iam workforce-pools providers update-oidc which allow user to setup client id for extra attributes oauth2 flow.
  • Added --extra-attributes-client-secret-value flag to gcloud iam workforce-pools providers create-oidc and gcloud iam workforce-pools providers update-oidc which allow user to setup client secret for extra attributes oauth2 flow.
  • Added --extra-attributes-issuer-uri flag to gcloud iam workforce-pools providers create-oidc and gcloud iam workforce-pools providers update-oidc which allow user to setup issuer uri for extra attributes oauth2 flow.
  • Added --extra-attributes-type flag to gcloud iam workforce-pools providers create-oidc and gcloud iam workforce-pools providers update-oidc which allow user to setup attributes type for extra attributes oauth2 flow.
  • Added --extra-attributes-filter flag to gcloud iam workforce-pools providers create-oidc and gcloud iam workforce-pools providers update-oidc which allow user to setup filter for extra attributes oauth2 flow.
  • Added --clear-extra-attributes-config flag to gcloud iam workforce-pools providers update-oidc which allow user to clear extra attributes oauth2 config.

Cloud NetApp

Cloud Run

  • Promoted --network, --subnet, --network-tags, --clear-network and --clear-network-tags flags in all commands to GA.

Compute Engine

  • Fixed a bug where an incorrect error message shown when attempting to specify multiple storage locations on gcloud compute snapshot-settings update command.
  • Added commands <get|set>-iam-policy and <add|remove>-iam-policy-bindings to gcloud compute backend-buckets for GA.

Kubernetes Engine

  • Promote --containerd-config-from-file flags to GA in container cluster and node-pools creation.

Privileged Access Manager

  • Added gcloud beta pam command group which helps manage Privileged Access Manager (PAM) entitlements and grants.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

472.0.0 (2024-04-16)

AI

  • Promoted gcloud ai persistent-resources to GA.
  • Added gcloud ai persistent-resources reboot which allows a user to reboot a Persistent Resource.
  • Promoted --persistent-resource-id flag of gcloud ai custom-jobs create to GA.

AlloyDB

  • Added flag --enable-private-service-connect to enable Private Service Connect for a cluster to the following commands in the GA track:

    • gcloud alloydb clusters create
    • gcloud alloydb clusters restore
  • Added flag --allowed-psc-projects to set a list of allowed consumer projects on an instance in a cluster with Private Service Connect enabled to the following commands in the GA track:

    • gcloud alloydb instances create
    • gcloud alloydb instances update

App Engine

  • Updated dependencies to latest versions.
  • Removed obsolete python2 support code fragments.
  • Fixed an issue with local images API emulator in devappserver.

Artifact Registry

  • Added support for domain-scoped projects to gcloud artifacts docker upgrade migrate.

BigQuery

  • Fixed incorrect help text of mk and update.
  • Added --null_marker flag for creating external tables.
  • Fixed a bug when using --use_google_auth on Windows.
  • Switched to using Google Auth by default for users authenticating with P12 service account keys. To revert to the old behavior, run the command with --nouse_google_auth. Note that the P12 key format has been deprecated and the new JSON key format is recommended. For more information, see https://cloud.google.com/sdk/crypto.

Certificate Manager

  • Added --allowlisted-certificates flag to gcloud certificate-manager trust-configs create.
  • Added --add-allowlisted-certificates, --remove-allowlisted-certificates and --clear-allowlisted-certificates flags to gcloud certificate-manager trust-configs update.

Cloud Build

  • Added --polling-interval argument to gcloud builds submit.

Cloud Datastream

  • Fix list connection profiles to show all connection profile types.
  • Updated BigQueryDestinationConfig with new fields (currently experimental).
  • Updated schemas.

Cloud Firestore Emulator

  • Release Cloud Firestore emulator v1.19.5
    • Import and export entities now supported in gcloud CLI for Datastore Mode.

Cloud Infrastructure Manager

  • Added --file flag to gcloud infra-manager deployments import-statefile to upload statefile for a deployment.

Cloud NetApp

  • Fixed bug during gcloud netapp volumes update --backup-config=enable-scheduled-backups=false that wasn't correctly updating update mask.

Cloud SQL

  • Published Cloud SQL Auth Proxy v2 binary as new cloud-sql-proxy Cloud SDK component. cloud-sql-proxy contains utilities for connecting securely to your Cloud SQL instances. It may be installed with gcloud components install cloud-sql-proxy and is recommended over cloud_sql_proxy (v1) which will be removed at a later date. See https://github.com/GoogleCloudPlatform/cloud-sql-proxy/blob/main/migration-guide.md for help migrating.

Cloud Spanner

  • Added flag target-config to support moving instance to a different instance config in gcloud CLI and introduced gcloud spanner instances move command. Promoted the same to GA.

Compute Engine

  • Modified location flag from gcloud compute connect-to-serial-port command to use region from zone flag as location if location is unspecified.
  • Added target-service argument when creating PSC service attachments and treated as a mutually exclusive group with the existing argument producer-forwarding-rule.
  • Promoted --gateway-ip-version flag of gcloud compute vpn-gateways create to GA.
  • Promoted --interface to use IPv6 address flag of gcloud compute external-vpn-gateways create to GA.
  • Now all gcloud compute commands allow regions down and return the partial results by default when sending an AggregatedList requests. Users can turn off this feature by setting compute/allow_partial_error property to false.

Database Migration

  • Added --skip-validation param to gcloud database-migration migration-jobs resume to allow resuming migration jobs without running validations.

Dataproc Metastore

  • Added gcloud metastore services migrations command group to manage the migration to a Dataproc Metastore service.

    • gcloud metastore services migrations start
    • gcloud metastore services migrations complete
    • gcloud metastore services migrations cancel
    • gcloud metastore services migrations describe
    • gcloud metastore services migrations list
    • gcloud metastore services migrations delete
  • Added --min-scaling-factor, --max-scaling-factor, and --autoscaling-enabled flags to gcloud metastore services create and gcloud metastore services update alpha and beta release track to allow updating the autoscaling configuration of a Dataproc Metastore instance.

  • Updated --scaling-factor help text.

Eventarc

  • Removed gcloud beta eventarc. User are expected to use gcloud eventarc instead.

Workbench

  • Added NVIDIA_L4 option to --accelerator-type flag of workbench instances.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

471.0.0 (2024-04-02)

AI

  • Modified --region flag of gcloud ai endpoints to include new online prediction regions.
  • Modified --region flag of gcloud ai models to include new online prediction regions.

AlloyDB

  • Added flag --assign-inbound-public-ip to enable or disable public IP for an instance to the following commands in the GA track:

    • gcloud alloydb instances create
    • gcloud alloydb instances update
  • Added flag --authorized-external-networks to set a list of authorized external networks on an instance to gcloud alloydb instances update in the GA track.

App Engine

BigQuery

  • Downgraded urllib3 to version 1.26.9 be compatible with the request lib.

Certificate Authority Service

  • Added Subject Key Id field to arguments gcloud privateca roots create to allow usage of a custom subject key id for root certificate authorities.
  • Added Subject Key Id field to arguments gcloud privateca subordinates create to allow usage of a custom subject key id for subordinate certificate authorities.
  • Added Subject Key Id field to arguments gcloud privateca certificates create to allow usage of a custom subject key id for certificates.
  • Added maximum lifetime argument to gcloud privateca templates create to allow configuring maximum lifetime restriction using certificate templates.

Certificate Manager

  • Added allowlistedCertificates property to certificate-manager trust-configs import and certificate-manager trust-configs export.

Cloud Bigtable

  • Rebuilt cbt cli with google.golang.org/protobuf version 1.33.0 which fixed CVE-2024-24786.

Cloud Bigtable Emulator

  • Rebuilt cbt cli with google.golang.org/protobuf version 1.33.0 which fixed CVE-2024-24786.

Cloud Composer

  • Added gcloud beta composer environments list-workloads to display Composer workloads list.
  • Added gcloud beta composer environments user-workloads-config-maps create to create a user workloads ConfigMap.
  • Added gcloud beta composer environments user-workloads-config-maps delete to delete a user workloads ConfigMap.
  • Added gcloud beta composer environments user-workloads-config-maps describe to get details about a user workloads ConfigMap.
  • Added gcloud beta composer environments user-workloads-config-maps list to list user workloads ConfigMaps.
  • Added gcloud beta composer environments user-workloads-config-maps update to update a user workloads ConfigMap.
  • Added gcloud beta composer environments user-workloads-secrets create to create a user workloads Secret.
  • Added gcloud beta composer environments user-workloads-secrets delete to delete a user workloads Secret.
  • Added gcloud beta composer environments user-workloads-secrets describe to get details about a user workloads Secret.
  • Added gcloud beta composer environments user-workloads-secrets list to list user user workloads Secrets.
  • Added gcloud beta composer environments user-workloads-secrets update to update a user workloads Secret.

Cloud Deploy

  • Updated gcloud deploy apply to accept the Automation resource YAML configuration with the field names in the API proto.

Cloud Infrastructure Manager

  • Added --file flag to gcloud infra-manager deployments export-statefile to download statefile with a custom file name/path or by default to a file named statefile if only file path is provided.

Cloud Memorystore

  • Add --node-type flag to redis clusters create to add the ability to create clusters with different node types.

Cloud NetApp

  • Added --backup-config and --source-backup to gcloud netapp volumes to allow scheduled backups and create volume from backup workflow.

Cloud Pub/Sub

Cloud Run

  • Updated integration name generation logic to use the integration type followed by 4 digit hash.

Cloud SQL

  • Support for designating a disaster recovery replica in gcloud sql instances patch command using --failover-dr-replica-name flag is in beta.

Compute Engine

Compute OS Config

  • Added gcloud compute os-config project-feature-settings commands that allow to view and change the project feature settings.

Database Migration

  • Added gcloud database-migrate connection-profiles create sqlserver which creates a Database Migration Service connection profile for SQL Server.
  • Updated gcloud database-migrate migration-jobs create to create Database Migration Service migration job for SQL Server to Cloud SQL-SQL Server migrations.
  • Added --dump-type to gcloud database-migrate migration-jobs create to allow creating a migration job with PHYSICAL or LOGICAL dump type.
  • Added --dump-type to gcloud database-migrate migration-jobs update to allow updating a migration job with PHYSICAL or LOGICAL dump type.

GKE Hub

  • Updated gcloud container fleet scopes list to return Fleet Scopes permitted to be viewed by the caller.
  • Added gcloud container fleet scopes list-memberships SCOPE to return Fleet Memberships bound to SCOPE.

Kubernetes Engine

  • Added --additive-vpc-scope-dns-domain and --disable-additive-vpc-scope flags to gcloud container clusters create, create-auto and update.
  • Added --security-posture=enterprise flag to gcloud container clusters create, gcloud container clusters create-auto, and gcloud container clusters update to enable GKE Threat Detection.

Regional Endpoints

  • Add optional address input flag to gcloud beta networkconnectivity regional-endpoints create.

Workbench

  • Fixed issue with gcloud workbench instances failing when accelerator-type flag is set to NVIDIA_A100_80GB.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

470.0.0 (2024-03-26)

Breaking Changes

  • (App Hub) Fixed issue where gcloud apphub discovered-services lookup --location=LOCATION --uri=URI was formatting result as list to stdout.
  • (App Hub) Fixed issue where gcloud apphub discovered-workloads lookup --location=LOCATION --uri=URI was formatting result as list to stdout.

AlloyDB

  • Updated gcloud beta alloydb clusters create-secondary to support continuous backup configuration.

App Engine

  • Updated the Python devappserver to version 1.9.111.

Artifact Registry

  • Fixed issue where gcloud artifacts docker upgrade migrate returned wrong IAM policy bindings.

BigQuery

  • Added use_google_auth to use the Google Auth libraries for authentication.

Cloud Bigtable

  • Promoted gcloud bigtable authorized-views create to GA.
  • Promoted gcloud bigtable authorized-views describe to GA.
  • Promoted gcloud bigtable authorized-views list to GA.
  • Promoted gcloud bigtable authorized-views update to GA.
  • Promoted gcloud bigtable authorized-views delete to GA.
  • Promoted gcloud bigtable authorized-views get-iam-policy to GA.
  • Promoted gcloud bigtable authorized-views set-iam-policy to GA.
  • Promoted gcloud bigtable authorized-views add-iam-policy-binding to GA.
  • Promoted gcloud bigtable authorized-views remove-iam-policy-binding to GA.

Cloud Build

  • Add --service-account option to gcloud builds submit.

Cloud Composer

  • Added --network-attachment to gcloud composer beta environments create to specify network attachment.
  • Added --support-web-server-plugins to gcloud composer beta environments create to enable/disable the support for web server plugins.
  • Added --enable-private-builds-only to gcloud composer beta environments create/update to enable only private connectivity to Google services for Python packages.
  • Added --disable-private-builds-only to gcloud composer beta environments create/update to disable only private connectivity to Google services for Python packages.
  • Added --disable-vpc-connectivity to gcloud composer beta environments create/update to disable connectivity with a user's VPC network.
  • Added --enable-private-environment to gcloud composer beta environments create/update to disable internet connection from any Composer component.
  • Added --disable-private-environment to gcloud composer beta environments create/update to enable internet connection from any Composer component.
  • Added --composer-internal-ipv4-cidr-block to gcloud composer beta environments create/update to specify the IP range in CIDR notation to use internally by Cloud Composer.
  • Added --clear-maintenance-window to gcloud composer beta environments update to clear the maintenance window settings.
  • Added --dag-processor-storage to gcloud composer beta environments create/update to specify the storage allocated to Airflow dag processor.
  • Added --dag-processor-count to gcloud composer beta environments create/update to specify the number of dag processors.
  • Added --dag-processor-cpu to gcloud composer beta environments create/update to specify the CPU allocated to Airflow dag processor.
  • Added --dag-processor-memory to gcloud composer beta environments create/update to specify the memory allocated to Airflow dag processor.

Cloud Firestore Emulator

  • Release Cloud Firestore emulator v1.19.4
    • Fixes minor reserve ids bug in Datastore Mode
    • Add reset endpoint for Datastore Mode

Cloud Logging

  • Add include-children flag to gcloud logging sinks update command to export logs from descendant resources.
  • Add intercept-children flag to gcloud logging sinks create command to intercept logs from descendant resources.
  • Add intercept-children flag to gcloud logging sinks update command to intercept logs from descendant resources.
  • Add sink-filter flag to gcloud logging sinks list command.

Cloud Memorystore

  • Add redis_7_2 enum to gcloud redis instances create and gcloud redis instances upgrade to support redis version 7.2 instance create/upgrade.
  • Add --redis-config flag to redis clusters create to add the ability to specify Redis config when creating a redis cluster.
  • Add --update-redis-config flag to redis clusters update to update Redis config for existing clusters.
  • Add --remove-redis-config flag to redis clusters update to remove Redis config for existing clusters.

Cloud Run

  • Added vertex-genai integration type to gcloud beta run integrations command group.
  • Added cloudsql integration type to gcloud beta run integrations command group.

Cloud SQL

  • Added --[no-]enable-google-ml-integration flag to gcloud sql instances create and gcloud sql instances patch to support Vertex AI Integration for Cloud SQL. This is currently only supported in Postgres instances.

Cloud Storage

  • Promoted managed-folders command group to GA.
  • Promoted --include-managed-folders flag for cp, mv, and rsync to GA.
  • Promoted --exclude-managed-folders flag for rm to GA.

Cloud Workstations

  • Added --boost-configs flag to beta workstations configs create and beta workstations configs update and --boost flag to beta workstations start.
  • Promoted --accelerator-count and --accelerator-type flags of gcloud workstations configs create and gcloud workstations configs update to GA.

Compute Engine

  • Promoted --resource-manager-tags flag of compute instance-groups managed create to beta. Flag allows creating Managed Instance Group with Resource Manager Tags.
  • Promoted --image-zone flag of gcloud compute images list to beta.
  • Changed OS Login metadata for certificates to enable-oslogin-certificates instead of require-oslogin-certificates.
  • Promoted --no-address flag in --network-interface of gcloud compute instances bulk create to GA.
  • Fixed a bug when parsing the scope of the disk type if replica-zones contains two values in --create-disk flag of gcloud compute instances create.

Kubernetes Engine

  • Updated default kubectl from 1.26.14 to 1.26.15.
  • Additional kubectl versions:
    • kubectl.1.26 (1.26.15)
    • kubectl.1.27 (1.27.12)
    • kubectl.1.28 (1.28.8)
    • kubectl.1.29 (1.29.3)

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

469.0.0 (2024-03-19)

Google Cloud CLI

  • Updated bundled-python for windows to version 3.11.8.
  • Updated openssl package to version 3.0.13.

Anthos Multi-Cloud

  • Added --ignore-errors flag to the following command groups: gcloud container aws clusters delete, gcloud container aws node-pools delete, gcloud container azure clusters delete, gcloud container azure node-pools delete, to allow the delete request to succeed, even if errors occur while deleting in-cluster resources.

Artifact Registry

  • Modified gcloud docker images list and gcloud artifacts versions describe to display image size.
  • Fixed issue where gcloud artifacts versions describe formatted extra metadata incorrectly.

BigQuery

  • Began internal refactoring that will continue for this minor version number.
  • Added copy_files_only to load commands targeting BigLake tables.
  • Added universe_domain, use_lep and use_rep as alternatives to using api and use_regional_endpoints.
  • Added support for DELTA_LAKE external table types.
  • Added support to load some configuration that has been set in gcloud config.
  • Exposed more information to the bq info command.
  • Exposes connector_configuration options when creating a connection.

Cloud Bigtable

  • Added support for types and aggregates to the cbt CLI.
  • Added support for Standard Isolation and Data Boost in gcloud beta bigtable app-profiles {create,update,list}.

Cloud Dataproc

  • Updated gcloud dataproc session-templates export to filter out additional output only fields.

Cloud Pub/Sub

  • Added flags to gcloud pubsub topics create to support creating Cloud Pub/Sub Import Topics.
    • Added --kinesis-ingestion-consumer-arn
    • Added --kinesis-ingestion-role-arn
    • Added --kinesis-ingestion-service-account
    • Added --kinesis-ingestion-stream-arn
  • Added flags to gcloud pubsub topics update to support updating Cloud Pub/Sub Import Topics.
    • Added --clear-ingestion-data-source-settings
    • Added --kinesis-ingestion-consumer-arn
    • Added --kinesis-ingestion-role-arn
    • Added --kinesis-ingestion-service-account
    • Added --kinesis-ingestion-stream-arn

Cloud Run

  • Support volumes with type=nfs in gcloud beta run deploy, gcloud beta run services update, gcloud beta run jobs deploy and gcloud beta run jobs update.

Cloud Workstations

  • Added disable-ssh-to-vm flag support for gcloud CLI workstations GA.

Compute Engine

  • Modified location flag from gcloud compute connect-to-serial-port beta command to use region from zone flag as location if location is unspecified.

Database Migration

  • Updated gcloud database-migrate migration-jobs create to support the type of data dump for MySQL to Cloud SQL-MySQL migrations.
  • Updated gcloud database-migrate migration-jobs update to support the type of data dump for MySQL to Cloud SQL-MySQL migrations.

Kubernetes Engine

  • Updated default kubectl from 1.26.13 to 1.26.14.
  • Additional kubectl versions:
    • kubectl.1.26 (1.26.14)
    • kubectl.1.27 (1.27.11)
    • kubectl.1.28 (1.28.7)
    • kubectl.1.28 (1.29.2)

Network Security

  • Promoted gcloud network-security firewall-endpoints to GA track.
  • Promoted gcloud network-security firewall-endpoint-associations to GA track.
  • Promoted gcloud network-security security-profiles to GA track.
  • Promoted gcloud network-security security-profile-groups to GA track.

Recaptcha

  • Add akamai option to --waf-service flag from gcloud recaptcha keys create command to support creating Akamai enabled site keys.

Workbench

  • Added workbench instances get-config to describe the valid configurations for workbench instances.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

468.0.0 (2024-03-12)

App Engine

App Hub

  • Promoted gcloud apphub to GA.

Artifact Registry

  • Added gcloud artifacts files download which downloads a file to the local environment.
  • Allowed --remote-mvn-repo, --remote-docker-repo, --remote-npm-repo, and --remote-python-repo flags to be a custom registry uri (ex: https://registry-1.docker.io) as well as the already-supported registry enum (ex: docker-hub) for artifacts repositories create.
  • Added --disable-remote-validation flag for artifacts repositories create and artifacts repositories update.
  • Added gcloud artifacts docker upgrade migrate.

Cloud Bigtable

  • Added --enable-automated-backup flag to gcloud bigtable instances tables create and gcloud bigtable instances tables update.
  • Added --disable-automated-backup flag to gcloud bigtable instances tables update.

Cloud Build

  • Unhidedgcloud builds connections create bitbucket-cloud, gcloud builds connections create bitbucket-data-center, gcloud builds connections update bitbucket-cloud, gcloud builds connections create bitbucket-data-center, gcloud builds triggers create bitbucket-cloud, gcloud builds triggers update bitbucket-cloud, gcloud builds triggers create bitbucket-data-center, gcloud builds triggers update bitbucket-data-center.

Cloud Firestore Emulator

  • Release Cloud Firestore emulator v1.19.3
    • Includes fix for ancestor queries and namespace scoped queries in Datastore Mode.

Cloud Resource Manager

  • Added support for --tags flag in gcloud projects create command.
  • Added support for --tags flag in gcloud resource-manager folders create command.

Cloud Run

  • Added --no-deploy-health-check to gcloud beta run deploy and gcloud beta run services update which allows disabling the deployment health check behavior.

Cloud SQL

  • Added gcloud sql instances acquire-ssrs-lease to acquire a lease for SQL Server Reporting Services setup in Cloud SQL for SQL Server.
  • Added gcloud sql instances release-ssrs-lease to release a lease for SQL Server Reporting Services setup in Cloud SQL for SQL Server.

Cloud TPU

  • Added --reserved flag to gcloud compute tpus queued-resources create.

Cloud Tasks

  • Promoting gcloud tasks buffer to GA which enables creation of an HTTP task without specifying the task body. It requires the parent queue to have an HTTP target override.

Compute Engine

  • Added support for OS Login SSH certificates for first-party users in alpha and beta tracks of gcloud compute ssh.
  • Promoted --source-regions flag of gcloud compute health-checks to beta.
  • Added --cloud-armor-tier flag to gcloud compute project-info update command.

Dataproc Metastore

  • Promoted --scheduled-backup-configs-from-file, enable-scheduled-backup, scheduled-backup-cron and scheduled-backup-location flag of gcloud metastore services create and gcloud metastore services update to GA.

Distributed Cloud Edge

  • Added --node-labels flag to gcloud edge-cloud container clusters node-pools create and gcloud edge-cloud container clusters node-pools update commands to allow assigning labels to individual nodes in a node pool.

Kubernetes Engine

Notebooks

  • Added NVIDIA_L4 option to --accelerator-type flag of gcloud notebooks instances create and gcloud notebooks instances update.

Pubsub Emulator

  • Add support for topic ingestion settings.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

467.0.0 (2024-03-05)

Google Cloud CLI

  • Updated linux bundled python for the gcloud CLI to 3.11.8.
  • Updated cryptography package to version 42.0.5.
  • Updated openssl package to version 3.0.13.

Backup For GKE

  • Removed --cluster-resource-restore-scope flag from gcloud container backup-restore restore-plans create and gcloud container backup-restore restore-plans update. Use --cluster-resource-selected-group-kinds instead.

Cloud Bigtable

  • Added gcloud bigtable tables command group identical to existing gcloud bigtable instances tables.

Cloud Firestore Emulator

  • Release Cloud Firestore emulator v1.19.2
    • Fix few bugs affecting client SDKs for DS Mode.

Cloud Functions

  • Added --build-service-account flag to gcloud functions deploy for 1st Gen functions to alpha and beta.

Cloud Run

  • Add --service-min-instances flag to gcloud beta run deploy and gcloud beta run services update to update min instances on a service without redeploying.
  • Promote --dry-run flag of gcloud run services replace to GA.

Cloud TPU

  • Promoted gcloud compute tpus queued-resources create, gcloud compute tpus queued-resources delete, gcloud compute tpus queued-resources describe, gcloud compute tpus queued-resources list, gcloud compute tpus queued-resources reset to GA.

Cloud Workstations

  • Fixed flag descriptions for grouped enabled/disabled flags.
  • Removed default values for grouped enabled/disabled flags.

Compute Engine

  • Promoted --announce-prefix flag of gcloud compute public-advertised-prefixes update to GA.
  • Promoted --withdraw-prefix flag of gcloud compute public-advertised-prefixes update to GA.
  • Promoted --pdp-scope flag of gcloud compute public-advertised-prefixes create to GA.
  • Promoted --announce-prefix flag of gcloud compute public-delegated-prefixes update to GA.
  • Promoted --withdraw-prefix flag of gcloud compute public-delegated-prefixes update to GA.

Container Registry

  • Added gcloud container images list-gcr-usage which lists Container Registry usage within your Google Cloud project, folder, or organization.

Kubernetes Engine

  • Added --enable-multi-networking flag to gcloud container clusters update.
  • Fixed issue where --respect-pdb flag was not working with gcloud container node-pools rollback.

Network Security

  • Promoted --[no-]disabled flag to gcloud <beta> network-security firewall-endpoint-associations update command to enable/disable a firewall endpoint association without removing it.

Pubsub Emulator

  • Fixes exactly once delivery and message ordering compatibility with the Java client library.

Service Extensions

  • Added additional values to the supported events. Updated comments.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

466.0.0 (2024-02-27)

Google Cloud CLI

  • Updated gcloud auth application-default login --no-launch-browser to work with Context Aware Access.

Cloud Build

  • Hidedgcloud builds connections create bitbucket-cloud, gcloud builds connections create bitbucket-data-center, gcloud builds connections update bitbucket-cloud, gcloud builds connections create bitbucket-data-center, gcloud builds triggers create bitbucket-cloud, gcloud builds triggers update bitbucket-cloud, gcloud builds triggers create bitbucket-data-center, gcloud builds triggers update bitbucket-data-center.

Cloud Infrastructure Manager

  • Fixed issue where gcloud infra-manager previews export directly downloads files when --file flag is not provided.

Compute Engine

  • Promoted delete command of gcloud compute instance-groups managed all-instances-config to GA.
  • Promoted update command of gcloud compute instance-groups managed all-instances-config to GA.
  • Promoted --default-action-on-vm-failure flag of gcloud compute instance-groups managed <create | update> to GA.
  • Promoted gcloud compute instant-snapshots create to GA.
  • Promoted gcloud compute instant-snapshots delete to GA.
  • Promoted gcloud compute instant-snapshots describe to GA.
  • Promoted gcloud compute instant-snapshots list to GA.
  • Promoted gcloud compute instant-snapshots add-labels to GA.
  • Promoted --source-instant-snapshot flag of gcloud compute disks create to GA.
  • Promoted --source-instant-snapshot, --source-instant-snapshot-zone, --source-instant-snapshot-region and --source-instant-snapshot-key-file flags of gcloud compute snapshots create to GA.

Kubernetes Engine

  • Removed --dataplane-v2-observability-mode flag of gcloud container clusters create|update|create-auto command. Users are expected to use --enable-dataplane-v2-flow-observability and --disable-dataplane-v2-flow-observability flags now.

Network Security

  • Added --[no-]disabled flag to gcloud <alpha> network-security firewall-endpoint-associations update command to enable/disable a firewall endpoint association without removing it.

Security Command Center

  • Added --location flag to gcloud scc findings, gcloud scc muteconfigs, gcloud scc bqexports and gcloud scc notifications commands to provide data residency for scc resources.

Workbench

  • Fixed gcloud workbench instances commands failing when all three --shielded-secure-boot, --shielded-integrity-monitoring, --shielded-vtpm flags are not passed.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

465.0.0 (2024-02-21)

AI

  • Added update-mask to gcloud ai indexes upsert-datapoints command for dynamic metadata update.

App Engine

  • Enable devappserver support for Go 1.22 runtime.

Certificate Manager

  • Added --type flag to gcloud certificate-manager dns-authorizations create.

Cloud Build

  • Promoted gcloud builds connections create bitbucket-cloud, gcloud builds connections create bitbucket-data-center, gcloud builds connections update bitbucket-cloud, gcloud builds connections create bitbucket-data-center, gcloud builds triggers create bitbucket-cloud, gcloud builds triggers update bitbucket-cloud, gcloud builds triggers create bitbucket-data-center, gcloud builds triggers update bitbucket-data-center command to beta and GA.

Cloud Composer

  • Add --enable-cloud-data-lineage-integration and --disable-cloud-data-lineage-integration to gcloud composer environments create to explicitly enable or disable the integration on creations.
  • Add --enable-cloud-data-lineage-integration and --disable-cloud-data-lineage-integration to gcloud composer environments update to explicitly enable or disable the integration on updates.

Cloud Firestore Emulator

  • Release Cloud Firestore emulator v1.19.1
    • Adds support for Datastore Mode to the Firstore Emulator. Adds --database-mode flag to gcloud emulator firestore start command. Note that this is a preview feature and if you find any bugs, please file them here: https://github.com/firebase/firebase-tools/issues.

Cloud Functions

Cloud Infrastructure Manager

  • Added --file flag to gcloud infra-manager previews export to download export artifacts to a custom file name or by default to files named preview if one is not provided.

Cloud NetApp

  • Added --large-capacity and --multiple-endpoints flag to gcloud beta netapp volumes {create}.

Cloud Run

  • Added firestore integration type to gcloud alpha/beta run integrations command groups.

Cloud TPU

  • Fixed race condition bug in SSH and SCP commands that may affect large TPUs.

Compute Engine

  • Promoted --security-profile-group and --[no-]tls-inspect flags for gcloud compute [network-]firewall-policies rules [create|update] to v1.

Database Migration

  • Added heterogeneous migration job update filter and commit id support via gcloud database-migration migration-jobs update.

Kubernetes Engine

  • Updated default kubectl from 1.27.9 to 1.26.13.
  • Additional kubectl versions:
    • kubectl.1.26 (1.26.13)
    • kubectl.1.27 (1.27.10)
    • kubectl.1.28 (1.28.6)
    • kubectl.1.28 (1.29.1)
  • Added --enable-queued-provisioning flag to gcloud container node-pools update for enabling queued provisioning on existing node pools. For more information see https://cloud.google.com/kubernetes-engine/docs/how-to/provisioningrequest.
  • Made --enable-queued-provisioning GA in gcloud container node-pools create. For more information see https://cloud.google.com/kubernetes-engine/docs/how-to/provisioningrequest.
  • Added --enable-cilium-clusterwide-network-policy flag to gcloud container clusters create and gcloud container clusters update.
  • Promoted gcloud container binauthz policy evaluate to beta.
  • Updated help text for --services-ipv4-cidr, --create-subnetwork, --cluster-secondary-range-name, --services-secondary-range-name options to have consistent text noting the requirement of --enable-ip-alias option for gcloud container create.
  • Updated help text for --services-ipv4-cidr, --create-subnetwork, --cluster-secondary-range-name, --services-secondary-range-name options to remove the note requiring --enable-ip-alias option for gcloud container create-auto. Autopilot clusters always use alias IPs for pods, so --enable-ip-alias option is always set for create-auto and cannot be specified by the user.

Security Command Center

  • Fixed issue that caused gcloud scc muteconfigs update to crash when an --update-mask is provided.
  • Promoted management api gcloud scc manage ... commands to GA.

Service Extensions

  • Promoted gcloud service-extensions lb-route-extensions and gcloud service-extensions lb-traffic-extensions to GA.

Vmware Engine

  • Added --vmware-engine-network-project flag to gcloud vmware network-peerings create to allow peering with VMware Engine network of different project.
  • Expanded logging server gcloud vmware private-clouds logging-servers capabilities with TLS, RELP, and SSL protocol support.

Workbench

  • Added gcloud workbench instances resize-disk to update workbench instances disk size.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

464.0.0 (2024-02-13)

Google Cloud CLI

  • Introduced ACCOUNT as a positional parameter to gcloud auth application-default login. This parameter can be used to specify the account that should be used for creating application default credentials.

Bare Metal Solution

  • Promoted gcloud bms os-images describe to GA.

Cloud Run

  • Added --no-default-url to gcloud beta run deploy and gcloud beta run services update which allows disabling the default service URL. This may be useful in combination with the internal and internal-and-cloud-load-balancing ingress settings where the default http ingress point is not desired.

Cloud TPU

  • Promoted --spot flag of gcloud compute tpus tpu-vm create to GA.

Cloud Workstations

  • Adding global fallback to gcloud workstations list, gcloud workstations list-usable, gcloud workstations configs list, and gcloud workstations cluster list commands. This allows the command to be used without any resource flags to list all of the specified resources under a project. It can also be used with a subset of the previously required flags for more granular results e.g. gcloud workstations list --cluster=cluster-1 --region=us-central1 list all workstations in 'us-central1' that use a configuration created under the 'cluster-1' cluster.
  • Adding --disable-ssh-to-vm flag to gcloud workstations configs to disallow SSH access to the workstations root VM.

Compute Engine

  • Promoted --stack-type flag of compute interconnects attachments partner create to beta. Flag defines the stack type of partner interconnect attachment.
  • Promoted --stack-type flag of compute interconnects attachments partner update to beta. Flag defines the stack type of interconnect attachment.

Notebooks

  • Added tags flag to notebook instances.
  • Fixed a bug where vm-image defaults are not populated when no environment flags are specified.

Pubsub Emulator

  • Add support for push payload unwrapping (no_wrapper).

Secure Source Manager

  • Added gcloud source-manager command group which includes gcloud source-manager instances, gcloud source-manager locations, gcloud source-manager operations to beta.

Security Command Center

  • Fixed issue that caused gcloud scc muteconfigs update to crash when an --update-mask is provided.

Workbench

  • Fixed boolean flags --shielded-secure-boot, --shielded-vtpm, and --shielded-integrity-monitoring in gcloud workbench instances commands always parsing as true.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

463.0.0 (2024-02-06)

AlloyDB

  • Added option for --cpu-count=128 in instances create and instances update commands.

Cloud Deploy

  • Added IAM policy commands to gcloud deploy custom-target-types.

Cloud Functions

  • Changed gcloud alpha functions deploy and gcloud beta functions deploy to deploy new functions via Cloud Functions (2nd gen) by default. 1st gen functions can still be created by specifying --no-gen2 or by setting the functions/gen2 property to off. This change will be applied in the GA release track in a future release.

Cloud Run

  • Promoted --container flag of gcloud run deploy and gcloud run services update to GA to allow deploying multi-container Services.

Cloud SQL

  • Fixed and added back support for parallel import and export.

Cloud Workflows

  • gcloud workflows run to avoid backlogging the execution when the

Cloud Workstations

  • Adding a region column to the tables in gcloud workstations list, gcloud workstations list-usable, gcloud workstations configs list, and gcloud workstations clusters list.

Compute Engine

  • Added support of flags to --detection-load-threshold, detection-absolute-qps, detection-relative-to-baseline-qps, and traffic-granularity-configs to gcloud compute security-policies add-layer7-ddos-defense-threshold-config in alpha/beta.
  • Added gcloud compute instance-groups managed resize-requests which provides capability to create, describe, list, cancel, and delete resize requests in a zonal MIG to beta.
  • Promoted --existing-reservation flag of gcloud compute commitments create to GA.

GKE Hub

  • Promoted Fleet operations commands to beta and GA.
    • Promoted gcloud container fleet operations describe to beta and GA.
    • Promoted gcloud container fleet operations list to beta and GA.
    • Promoted gcloud container fleet operations wait to beta and GA.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

462.0.1 (2024-01-31)

Cloud SQL

  • Rolled back gcloud support for parallel import and export as it was breaking default behavior for the customers.

Cloud Workflows

  • Added --disable-concurrency-quota-overflow-buffering flag to concurrency quota is exhausted.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

462.0.0 (2024-01-30)

Google Cloud CLI

  • Updated linux bundled python for the gcloud CLI to 3.11.7.
  • Updated pip package to version 23.3.2.

Binauthz

  • Updated gcloud container binauthz attestations create and sign-and-create to make --attestor optional, allowing creation of attestations on a specified --note. Note that --validate can only be used with --attestor.

Cloud Asset Inventory

  • Promoted Cloud assets analysis commands gcloud asset analyze-org-policies, gcloud asset analyze-org-policy-governed-containers and gcloud asset analyze-org-policy-governed-assets to GA.

Cloud DNS

  • Added support to allow importing RecordSets with routing policies from YAML.

Cloud Dataflow

  • Added dataflow yaml command gcloud beta dataflow yaml run.

Cloud Pub/Sub

  • Promoted --message-storage-policy-enforce-in-transit flag of gcloud pubsub topics create and gcloud pubsub topics update to GA. This allows users to enable enforcement for in-transit guarantees.

Cloud Run

  • Reverted regionalized builds for Cloud Run source deploys.
  • Add --service-account flag to specify deployment service account for Cloud Run integrations deployments.

Cloud SQL

  • Added support for parallel import and export.

Cloud Speech API

  • Added telephony and telephony_short options for gcloud ml speech <recognize | recognize-long-running> --model flag.

Cloud TPU

  • Promoted --queue-count flag of gcloud compute tpus tpu-vm create to GA.

Cloud Workflows

  • Added --disable-concurrency-quota-overflow-buffering flag to gcloud workflows execute to avoid backlogging the execution when the concurrency quota is exhausted.

Compute Engine

  • Promoted gcloud compute networks subnet --reserved-internal-ranges to GA.
  • Promoted gcloud compute networks subnet --secondary-range_with-reserved-internal-ranges to GA.

Database Migration

  • Added gcloud database-migration migration-job demote-destination which allows demoting the destination of a migration job.
  • Added alloydb-cluster flag to gcloud database-migration connection-profiles to allow creating connection profiles that link to existing AlloyDB clusters.

Distributed Cloud Edge

  • Added --offline-credential flags to gcloud edge-cloud container clusters get-credentials command to retrieve the credential used under disconnectivity to Google.
  • Added --release-channel argument to gcloud edge-cloud container clusters update to allow updating release channel for local control plane clusters.

Kubernetes Engine

  • Promoted --enable-fqdn-network-policy flag to gcloud container clusters create and gcloud container clusters update.

Security Command Center

  • Renamed gcloud alpha scc securityposture-operations command group to gcloud alpha scc posture-operations.
  • Also, promoted the above renamed command group gcloud alpha scc posture-operations to GA as gcloud scc posture-operations.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

461.0.0 (2024-01-23)

Breaking Changes

AlloyDB

  • Added flag --assign-inbound-public-ip to enable or disable public IP for an instance to the following commands in the alpha and beta track:

    • gcloud alloydb instances create
    • gcloud alloydb instances update
  • Added flag --authorized-external-networks to set a list of authorized external networks on an instance to gcloud alloydb instances update in the alpha and beta track.

Batch

  • Promoted Batch submit job config YAML support from alpha to beta and GA.

Binauthz

  • Updated gcloud container binauthz attestations list, create, and sign-and-create commands to support image URLs with both a tag and a digest. Attestations with these URLs are supported only in Continuous Validation with check-based policies for GKE.

Cloud Functions

Cloud Storage

  • Updated gcloud storage sign-url to allow using impersonation specified through configuration.

Cloud Workstations

  • Added --local-host-port flag to the workstations ssh command.

Compute Engine

  • Promoted --confidential-compute-type=TDX flag of gcloud compute instances create to beta.
  • Added IPV6_ONLY option to --stack-type flag of gcloud beta compute vpn-gateways create command to create an IPv6-only VPN gateway.
  • Promoted --location flag of gcloud compute connect-to-serial-port to GA.
  • Updated behaviour of gcloud instances delete: it will throw error if instance.delete operation takes more than 70 minutes instead of 30 minutes previously.

Distributed Cloud Edge

  • Added IPv6 support for --ip-address flag of gcloud edge-cloud networking routers add-interface subcommand.

Kubernetes Engine

  • Restored original maximum argument to --max-nodes-per-pool flag of gcloud container clusters create from 2000 to 1000, as this unintentionally changed the default value.

Recaptcha

  • Add gcloud recaptcha firewall-policies reorder command.

Security Command Center

  • Promoted gcloud scc postures commands to GA.
  • Promoted gcloud scc posture-templates commands to GA.
  • Promoted gcloud scc posture-deployments commands to GA.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

460.0.0 (2024-01-17)

Cloud Bigtable

  • Rebuilt cbt cli with golang.org/x/crypto version 0.17.0 which fixed CVE-2023-48795.

Cloud Bigtable Emulator

  • Rebuilt cbt cli with golang.org/x/crypto version 0.17.0 which fixed CVE-2023-48795.

Cloud Billing

  • Added ownership-scope flag to gcloud billing budget CLI to select scope of ownership for a budget.

Cloud Domains

Cloud Functions

  • Hid --gen2 flag in gcloud functions add-iam-policy-binding, gcloud functions add-invoker-policy-binding, gcloud functions call, gcloud functions delete, gcloud functions describe, gcloud functions get-iam-policy, gcloud functions remove-iam-policy-binding, gcloud functions remove-invoker-policy-binding, and gcloud functions set-iam-policy-binding. The --gen2 flag is unnecessary for these commands and will eventually be removed from them in a future release.

Cloud Healthcare

  • Added gcloud healthcare dicom-stores metrics command which allows users to retrieve metrics associated with a DICOM store.

Cloud Monitoring

  • Promoted gcloud monitoring uptime commands to beta and GA.

Cloud Org Policy

  • Update the error message that mentions the 'update-mask' flag name incorrectly.

Cloud Run

  • Reverted regionalized builds for Cloud Run source deploys.

Cloud SQL

  • Added -i flag to provide the instance for gcloud sql generate-login-token command.

Cloud Workstations

  • Added --disable-tcp-connections flag to gcloud workstations configs` to support disabling plain TCP connections in workstations.

Dataproc Diagnose

  • Added --tarball-access flag to gcloud dataproc clusters diagnose for enabling Google support to access the diagnostic tar file, which supports the following values:-
    1. GOOGLE_DATAPROC_DIAGNOSE : This value transfers the tar file automatically to Google support.
    2. GOOGLE_CLOUD_SUPPORT : This flag doesn't transfer the tar file automatically to Google support but provides the necessary read access for Google support to read or download the tar file.
  • Added --start-time and --end-time flags to gcloud dataproc clusters diagnose to specify a time range, in %Y-%m-%dT%H:%M:%S.%fZ format, for the collection of diagnostic data within this timeframe.
  • Added --job-ids flag to gcloud dataproc clusters diagnose to collect job driver, Spark event, YARN application, and Sparklens output logs, in addition to the default log files, for a specified comma-separated list of dataproc job IDs.
  • Added --yarn-application-ids flag to gcloud dataproc clusters diagnose to collect job driver, Spark event, YARN application, and Sparklens output logs in addition to the default log files, for a specified comma-separated list of YARN application IDs.

Eventarc

  • Deprecated gcloud beta eventarc. Users are expected to use gcloud eventarc instead.

Identity and Access Management

  • Added --include-deny flag to gcloud projects get-ancestors-iam-policy and gcloud resource-manager folders get-ancestors-iam-policy to specify if it should return deny policies on the hierarchy.

Immersive Stream

  • Added --mode flag to gcloud immersive-stream xr instances create to allow specifying 3D/AR or 3D-only experience modes.
  • Added --gpu-class flag to gcloud immersive-stream xr instances create to allow specifying the type of underlying GPU used by the stream instance.

Network Security

  • In gcloud network-security firewall-endpoint-associations create, the ASSOCIATION_ID argument is no longer mandatory, and a UUID will be auto-generated on the server if not specified.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

459.0.0 (2024-01-09)

Google Cloud CLI

  • Removed the warning about --update-adc deprecation.

AI

  • Added --notification-channels flag to gcloud ai model-monitoring-jobs create|update to allow sending alerts to notification channels.

App Engine

Assured Workloads

  • Promote assured workloads enable-resource-monitoring to GA.

Binauthz

  • Updated gcloud container binauthz attestations create to make --attestor optional, allowing creation of attestations on a specified --note. Note that --validate can only be used with --attestor.

Cloud Composer

  • Fixed gcloud beta composer environments list-upgrades for Composer 2 environments.
  • Added --enable-logs-in-cloud-logging-only flag to gcloud composer environments create to enable writing and reading task logs only from cloud logging and disable using gcs buckets for logs.
  • Added --disable-logs-in-cloud-logging-only flag to gcloud composer environments create to disable writing and reading task logs only from cloud logging and disable using gcs buckets for logs.
  • Added --enable-logs-in-cloud-logging-only flag to gcloud composer environments update to enable logs in cloud logging only feature for environments.
  • Added --disable-logs-in-cloud-logging-only flag to gcloud composer environments update to disable logs in cloud logging only feature for environments.

Cloud Datastore

  • Promoted --database flag of gcloud datastore indexes create command to beta.
  • Promoted --database flag of gcloud datastore indexes create command to GA.

Cloud Firestore

  • Promoted firestore databases delete to beta.
  • Promoted firestore databases delete to GA.
  • Promoted --delete-protection and --no-delete-protection flag of gcloud firestore databases create and gcloud firestore databases update command to beta.
  • Promoted --delete-protection and --no-delete-protection flag of gcloud firestore databases create and gcloud firestore databases update command to GA.

Cloud Functions

  • Fixed file check issue with gcloud functions deploy for gradle-based Java deployments.
  • Added --build-service-account flag to gcloud beta functions deploy for 2nd Gen functions to alpha and beta.

Cloud Memorystore

  • Allowed using project numbers in command arguments.

Cloud Org Policy

  • Updated etag field in the output of gcloud org-policies list command to show a top-level etag which better reflects the current state of the policy.
  • Added --etag to gcloud org-policies delete to support etag on policy deletion that will ensure the client has an up-to-date value before proceeding.

Cloud Run

  • add --add-volume, --remove-volume and --clear-volumes flags to gcloud beta run deploy, gcloud beta run services update, gcloud beta run jobs deploy, and gcloud beta run jobs update to support managing volumes in your Cloud Run Services and Jobs.
  • add -add-volume-mount, --remove-volume-mount, and --clear-volume-mount flags to gcloud beta run deploy, gcloud beta run services update, gcloud beta run jobs deploy, and gcloud beta run jobs update to support mounting volumes within containers.

Cloud SQL

  • Rename the positional argument of gcloud sql backups restore command from BACKUP_ID to ID.
  • Allowed using project numbers in command arguments.

Cloud Services

  • Promoted gcloud services vpc-peerings get-vpc-service-controls to GA.

Cloud Workstations

  • Added --domain flag to gcloud workstations clusters to enable using custom domains.

Compute Engine

  • Promoted --server-tls-policy and --clear-server-tls-policy for gcloud compute target-https-proxies create and gcloud compute target-https-proxies update to beta.

Compute Firewall Policy Rules

  • Fixed issue where gcloud firewall-policies rules update didn't allow clearing list fields.
  • Fixed issue where gcloud firewall-policies rules update set disabled and enabledLogging to false if it was not specified by the user.
  • Fixed issue where gcloud beta firewall-policies rules update and gcloud beta network-firewall-policies rules update required providing --security-profile-group even if it was not changed.
  • Fixed issue where gcloud beta firewall-policies rules update and gcloud beta network-firewall-policies rules update didn't allow clearing securityProfileGroup (--security-profile-group='').

Database Migration

  • Added MySQL_8_0_35 minor version option when creating Cloud SQL connection profile using gcloud database-migration connection-profiles create cloudsql command.

Kubernetes Engine

  • Updated default kubectl from 1.27.8 to 1.27.9.
  • Additional kubectl versions:
    • kubectl.1.24 (1.24.17)
    • kubectl.1.25 (1.25.16)
    • kubectl.1.26 (1.26.12)
    • kubectl.1.27 (1.27.9)
    • kubectl.1.28 (1.28.5)
    • kubectl.1.28 (1.29.0)
  • Added --enable-secret-manager flags to gcloud container clusters create, gcloud container clusters create-auto and gcloud container clusters update in alpha and beta.
  • Deprecated --dataplane-v2-observability-mode flag of gcloud container clusters create|update|create-auto command. Users are expected to use --enable-dataplane-v2-flow-observability and --disable-dataplane-v2-flow-observability flags now.
  • Increased maximum argument to --num-nodes flag of gcloud container clusters create from 1000 to 2000.

Network Services

  • Updated gcloud network-services gateways to show a new ipVersion field for v1 version.
  • Added envoyHeaders field to gcloud network-services <meshes|gateways> <import|export|describe> commands to inject envoy internal debug headers into upstream requests.
  • Added idleTimeout field to gcloud network-services <http-routes|grpc-routes|tcp-routes|tls-routes> <import|export|describe> to configure idle timeouts for the upstream and downstream connections.
  • Added mirrorPercent to gcloud network-services http-routes <import|export|describe> to configure fractional mirror percentage.
  • Added directResponse to gcloud network-services http-routes <import|export|describe> which returns a static HTTP response for all requests.
  • Added requestHeaderModifier to gcloud network-services http-routes <import|export|describe> to modify request headers to a particular destination.
  • Added responseHeaderModifier to gcloud network-services http-routes <import|export|describe> to modify response headers from a particular destination.

Service Directory

  • Allowed using project numbers in command arguments.

Transcoder

  • Allowed using project numbers in command arguments.

telco automation

  • Promoted gcloud telco-automation orchestration-cluster to GA.
  • Promoted gcloud telco-automation operations to GA.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

458.0.1 (2023-12-20)

Google Cloud CLI

  • Fixed error 'ython'' is not recognized as an internal or external command, operable program or batch file. when updating gcloud on Windows.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

458.0.0 (2023-12-19)

Breaking Changes

  • (Compute Engine) Updated behaviour of gcloud instances stop: it will not throw error if
  • (Compute Engine) instance gets deleted during polling on the stopping operation.
  • (GKE Hub) Changed output of gcloud container fleet memberships list to display the UUID of the memberships instead of external_id. The external_id is still available in the json-formatted output.

Google Cloud CLI

  • Updated cryptography package to version 41.0.7.

App Engine

  • Updated the Go SDK to version 1.9.76. Please visit the following release notes for details: https://cloud.google.com/appengine/docs/go/release-notes.
  • Promoted command gcloud app runtimes list --environment=standard to GA. The command displays the runtimes for the App Engine standard environment.

BigQuery

  • Fixed a bug in 2.0.99 and 2.0.100 that causes any command to fail if initialization is required.

Cloud Bigtable

  • Adds reversed flag to cbt read command to enable reverse scans.
  • Rebuild with golang 1.21.5.

Cloud Bigtable Emulator

  • Rebuild with golang 1.21.5.

Cloud Run

  • Promoted --condition flag for gcloud run services {add,remove}-iam-policy-binding from alpha to beta.
  • Enabled --cpu-boost by default for run deploy on new services if not otherwise specified.

Cloud Services

  • Promoted gcloud services vpc-peerings get-vpc-service-controls to beta.

Compute Engine

  • Promoted --with-extended-notifications flag of gcloud compute instances simulate-maintenance-event to beta and GA.
  • Promoted --confidential-compute flag of gcloud compute disks create to GA.
  • Promoted --create-disk=confidential-compute for gcloud compute instances create to GA.
  • Promoted Instance API Perform Maintenance to beta and GA.

Kpt

  • Updated kpt in Google Cloud CLI from 1.0.0-beta.48 to 1.0.0-beta.49.

Kubernetes Engine

  • gcloud container clusters create and gcloud container clusters update now allow multiple binauthz policies to be bound to a cluster using --binauthz-policy-bindings.
  • Updated default kubectl from 1.27.7 to 1.27.8.
  • Additional kubectl versions:
    • kubectl.1.24 (1.24.17)
    • kubectl.1.25 (1.25.16)
    • kubectl.1.26 (1.26.11)
    • kubectl.1.27 (1.27.8)
    • kubectl.1.28 (1.28.4)
  • Added enterprise option to --workload-vulnerability-scanning flag of gcloud container clusters create|update|create-auto commands to enable Advanced vulnerability insights mode in the GA track.
  • Promote --in-transit-encryption flag to gcloud container clusters create and gcloud container clusters update to GA.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

457.0.0 (2023-12-12)

Breaking Changes

  • (Network Actions) Removed network-actions surface.

Google Cloud CLI

  • Added deprecation warning to gcloud components restore. To revert gcloud to a previous version, please run gcloud components update --version=<previous_version>.

AI

  • Added --container-deployment-timeout-seconds flag to gcloud ai models upload and gcloud beta ai models upload.
  • Added --container-shared-memory-size-mb flag to gcloud ai models upload and gcloud beta ai models upload.
  • Added --container-startup-probe-exec flag to gcloud ai models upload and gcloud beta ai models upload.
  • Added --container-startup-probe-period-seconds flag to gcloud ai models upload and gcloud beta ai models upload.
  • Added --container-startup-probe-timeout-seconds flag to gcloud ai models upload and gcloud beta ai models upload.
  • Added --container-health-probe-exec flag to gcloud ai models upload and gcloud beta ai models upload.
  • Added --container-health-probe-period-seconds flag to gcloud ai models upload and gcloud beta ai models upload.
  • Added --container-health-probe-timeout-seconds flag to gcloud ai models upload and gcloud beta ai models upload.
  • Added --container-grpc-ports flag to gcloud ai models upload and gcloud beta ai models upload.

Anthos Multi-Cloud

  • Added gcloud container aws node-pools rollback to rollback failed AWS node pool update operations. This allows customers to revert the node pool back to its original state.

App Engine

BigQuery

  • Added the ability to update table tags by using add_tags, remove_tags and clear_all_tags.

Certificate Manager

  • Added command certificate-manager trust-configs update.

Cloud Composer

  • Add --disable-cloud-data-lineage-integration to gcloud composer environments create (alpha and beta) to explicitly disable the integration.

Cloud Deploy

  • Added gcloud deploy custom-target-types command group.

Cloud Functions

  • Added --runtime-update-policy flag to gcloud beta functions deploy for 1st Gen functions to alpha and beta.
  • Added --runtime-update-policy flag to gcloud functions deploy for 1st Gen functions to GA.

Cloud Logging

  • Allow for using the logging feature with protocol SSL in gcloud compute backend-services create and gcloud compute backend-services update.

Cloud Pub/Sub

  • Promoted --use-table-schema flag of gcloud pubsub subscriptions [create|update] to GA. This option allows Pub/Sub to use the schema of the BigQuery table to write the fields of a JSON message to the corresponding columns.

Cloud Services

  • Promoted gcloud services api-keys undelete to GA.

Compute Engine

  • Added support for version=23.10 and short-name=ubuntu in --os-types for gcloud beta compute instances ops-agents policies [create|update].
  • Promoted gcloud compute instances set-name command to GA.
  • Promoted --recaptcha-action-site-keys and --recaptcha-session-site-keys in gcloud compute security-policies rules create|update to GA.
  • Added tls-ja3-fingerprint and user-ip as valid rate limit key types in gcloud compute security-policies rules.

Distributed Cloud Edge

  • Made flag --ipv4-range optional for gcloud edge-cloud networking subnets create.

GKE Hub

  • Promoted gcloud container fleet clusterupgrade and gcloud container hub clusterupgrade to beta and GA.

Kubernetes Engine

  • gcloud container clusters create and gcloud container clusters update now allow multiple binauthz policies to be bound to a cluster using --binauthz-policy-bindings.
  • Added --autoprovisioning-resource-manager-tags flag to gcloud container clusters create, gcloud container clusters create-auto and gcloud container clusters update in GA track.
  • Added --resource-manager-tags flag to gcloud container clusters create, gcloud container node-pools create and gcloud container node-pools update in GA track.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

456.0.0 (2023-12-05)

Breaking Changes

  • (AlloyDB) Modified gcloud alloydb instances update to be asynchronous by default. Use
  • (AlloyDB) --no-async flag to get the old behavior.

Google Cloud CLI

  • Updated gcloud CLI to support Python v3.11 and v3.12.

AlloyDB

  • Added support for specifying --database-version in clusters create command in GA track.

Anthos

  • Support new flag server for gcloud anthos auth login command.
  • 'server' flag obviates the need to download login-config file.

Anthos Multi-Cloud

  • Added --proxy-secret-name and --proxy-secret-namespace flags to gcloud container attached clusters import to configure an HTTP/HTTPS proxy for outbound traffic.
  • Promoted --max-surge-update and --max-unavailable-update flags to GA (General Availability) for gcloud container aws node-pools create and gcloud container aws node-pools update commands. These flags let you specify or modify surge update parameters during node pool creation and updating.

App Engine

  • Added gcloud beta app runtimes list --environment=standard which displays the supported runtimes for App Engine Standard.

Artifact Registry

  • Added domain as a config option to use a different domain endpoint for artifacts docker.

BigQuery

  • Added python 3.12 support.
  • Added support for kms_key_name to connections.
  • Added concurrent requests when looking up IAM information.
  • Added support to show replica table information.
  • Updated quotes library used.
  • Fixed bug in cp to ensure all regions are being checked.
  • Ensured bq ls -p only displays the first page of results by default to align with other list methods.
  • Added messaging for DDL statements modifying vector indexes.
  • Improved error messaging for tag updates.
  • Added improved error messaging when project lookups are aborted.

Certificate Manager

  • Added command certificate-manager trust-configs create.

Cloud Backup DR

  • Promoted gcloud backup-dr command group which includes gcloud backup-dr management-servers, gcloud backup-dr locations and gcloud backup-dr operations to GA.

Cloud Datastore

  • Updated gcloud datastore operations list to respect a --limit set to >100.

Cloud Domains

  • Added support for disabling and enabling automatic renewal of domains using the Cloud Domains gcloud domains registrations configure management method (with the preferred-renewal-method flag or in the interactive flow).

Cloud Firestore

  • Updated gcloud firestore operations list to respect a --limit set to >100.

Cloud Healthcare

  • Added gcloud healthcare hl7v2-stores metrics which allows users to retrieve metrics associated with a HL7v2 store.

Cloud NetApp

  • Removed netapp/region as a property since netapp/location can be either region or zone depending on SO or PO.

Cloud Pub/Sub

  • Fix missing error message for commands under gcloud pubsub.

Cloud Run

  • Added the information of whether the job to be deleted has running executions to the confirm message of gcloud run jobs delete.
  • Regionalize builds for Cloud Run source deploys.

Cloud Services

  • Promoted gcloud services api-keys create to GA.
  • Promoted gcloud services api-keys delete to GA.
  • Promoted gcloud services api-keys get-key-string to GA.
  • Promoted gcloud services api-keys update to GA.

Cloud TPU

  • Promoted --update-metadata, --clear-metadata, --remove-metadata and --metadata-from-file flags of gcloud compute tpus tpu-vm update to GA.

Cloud Workstations

  • Added --enable-audit-agent flag to workstations configs create and workstations configs update.

Compute Engine

  • Promoted --confidential-compute-type flag of gcloud compute instance create to beta.
  • Promoted flag --user-ip-request-headers of gcloud compute security-policies update to GA.
  • Fixed issue where gcloud compute ssh and gcloud compute scp commands would fail on Windows when PuTTY prompted in certain situations, such as when using --plain or when connecting to an instance with OS Login 2FA enabled.
  • Fixed crash in gcloud compute diagnose routes when specifying --reverse-traceroute.
  • Promoted location flag for gcloud compute connect-to-serial-port to beta.
  • Promoted --type flag of gcloud compute routers nats create to GA.
  • Promoted --source-nat-active-ranges, --source-nat-active-ranges-region, --source-nat-drain-ranges, --clear-source-nat-drain-ranges and --source-nat-drain-ranges-region flags of gcloud compute routers nats rule update to GA.
  • Promoted --source-nat-active-ranges and --source-nat-active-ranges-region flags of gcloud compute routers nats rule create to GA.
  • Promoted new allowed value: PRIVATE_NAT for --purpose flag of gcloud compute networks subnets create to GA.
  • Promoted new :ALL range option for subnets passed to --nat-custom-subnet-ip-ranges flag of gcloud compute routers nats (create|update) to GA.

Compute Firewall Rules

  • Added --export-terraform-script flag to gcloud compute firewall-rules migrate to prepare a terraform script for migrated Network Firewall Policy.
  • Added disabled column to default view of gcloud compute networks get-effective-firewalls and gcloud compute network-firewall-policies get-effective-firewalls.

Database Migration

  • Updated gcloud database-migration to show error details on command failure when used with --no-async flag.
  • Adding support for choosing Alloy DB database version using --database-version flag in gcloud database-migration connection-profiles create alloydb.

GKE Hub

  • Promoted gcloud container fleet dataplane-v2-encryption {describe, disable, enable} to GA.
  • Added property pod-affinity to gcloud container fleet policycontroller deployment set and gcloud container fleet policycontroller deployment remove so that users can configure high availability on Policy Controller deployments.
  • Added --binauthz-evaluation-mode flag to gcloud container fleet create, gcloud container fleet update in alpha, beta and GA track.
  • Added --binauthz-evaluation-mode flag to gcloud container hub create, gcloud container hub update in alpha, beta and GA track.
  • Added --binauthz-policy-bindings flag to gcloud container fleet create, gcloud container fleet update in alpha, beta and GA track.
  • Added --binauthz-policy-bindings flag to gcloud container hub create, gcloud container hub update in alpha, beta and GA track.

Kpt

Kubernetes Engine

  • Added --enable-dataplane-v2-flow-observability and --disable-dataplane-v2-flow-observability flags for toggling DPv2 Flow Observability feature.

Network Security

  • Add --billing-project required flag to gcloud network-security firewall-endpoints create command to provide Google Cloud project ID for API enablement check, quota, and endpoint uptime billing.
  • Add --update-billing-project flag to gcloud network-security firewall-endpoints update command to update the Google Cloud project used for API enablement check, quota, and endpoint uptime billing.

Recaptcha

  • Support creating Fastly enabled site keys using recaptcha keys create --waf-service=cloudfare.

Regional Endpoints

  • Unhid regional-endpoints as a subgroup of gcloud beta networkconnectivity.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

455.0.0 (2023-11-14)

Breaking Changes

  • (Network Connectivity) Removed gcloud network-connectivity spokes accept and gcloud network-connectivity spokes reject commands. Use gcloud network-connectivity hubs accept-spoke and gcloud network-connectivity hubs reject-spoke commands instead.

Google Cloud CLI

  • Updated bundled python for the gcloud CLI to 3.11.6.
  • Updated cryptography package to version 41.0.5.
  • Updated openssl to version 3.1.4 for cryptography.

AI

  • Added more choice options to --region flag of gcloud ai custom-jobs and gcloud ai hp-tuning-jobs, including: asia-northeast2, australia-southeast2, europe-north1, europe-southwest1, europe-west8, and southamerica-west1.

App Engine

Binauthz

  • Updated gcloud container binauthz attestations list to make --attestor optional, allowing listing from any project.
  • Modified gcloud container binauthz attestations sign-and-create to allow --validate to work with --pae-encode-payload.

Cloud Bigtable

  • Fixed issue where cbt createtable would create column families with a MaxVersions(1) GC policy. As per our documentation (https://cloud.google.com/bigtable/docs/garbage-collection#everything-else), tables created by the cbt cli should retain an infinite number of versions by default.

Cloud Data Fusion

  • Added --patch_revision optional argument to
    gcloud beta data-fusion instances create to create a Cloud Data Fusion
    instance with the provided patch revision version.
  • Added --patch_revision optional argument to
    gcloud beta data-fusion instances update to perform patch revision
    update of the Cloud Data Fusion instance.

Cloud Filestore

  • Added --tier=REGIONAL flag to gcloud filestore instances create to support a regional filestore instance creation.

Cloud Functions

  • Promoted --concurrency flag of gcloud functions deploy to GA.
  • Promoted --cpu flag of gcloud functions deploy to GA.

Cloud Run

  • Promoted gcloud run jobs executions cancel to GA. This command allows cancelling a running Cloud Run job execution.

Cloud SQL

  • Added --show-sql-network-architecture and --upgrade-sql-network-architecture flags to gcloud sql instances list and gcloud sql instances patch to support New Network Architecture self upgrade for Cloud SQL.

Cloud Storage

  • Released object lock feature and per-object retention settings.
  • Added storage/multipart_chunksize and storage/multipart_threshold for adjusting settings of Boto3 client uploads via S3 or the other XML APIs.

Cloud TPU

  • Promoted --attach-disk and --detach-disk flags of gcloud compute tpus tpu-vm update to GA.

Dataproc Metastore

  • Promoted --data-catalog-sync flag of gcloud metastore services create and gcloud metastore services update to GA.

GKE Hub

  • Added --security-posture flag to gcloud container fleet create, gcloud container fleet update in alpha, beta and GA track.
  • Added --security-posture flag to gcloud container hub create, gcloud container hub update in alpha, beta and GA track.
  • Added --workload-vulnerability-scanning flag to gcloud container fleet create, gcloud container fleet update in alpha, beta and GA track.
  • Added --workload-vulnerability-scanning flag to gcloud container hub create, gcloud container hub update in alpha, beta and GA track.
  • Added support for fleet-default-member-config command to Service Mesh in alpha, beta and GA tracks.
  • Promoted --fleet-default-member-config flag of the following commands to GA:

    • gcloud container fleet identity-service enable
    • gcloud container hub identity-service enable
    • gcloud container fleet identity-service delete
    • gcloud container hub identity-service delete
  • Added --fleet-default-member-config flag to the following commands in alpha, beta, and GA tracks:

    • gcloud container fleet identity-service apply
    • gcloud container hub identity-service apply

    to modify a fleet-level default membership configuration.

  • Added --origin flag to the following commands in alpha, beta, and GA tracks:

    • gcloud container fleet identity-service apply
    • gcloud container hub identity-service apply

    to apply a fleet-level default membership configuration to a membership.

  • Added support for fleet-default-member-config command to Service Mesh in alpha, beta and GA tracks.

Kubernetes Engine

  • Fixed a bug where if --artifact-url was passed to gcloud container binauthz attestations list only attestations over the full artifact url would be returned instead of attestations over the artifact digest.

Security Command Center

  • Promoted gcloud scc custom-modules sha simulate to GA.

Vmware Engine

  • Added commands for managing new types of resources:
    • Added gcloud vmware dns-bind-permission which manages DNS bind permission resources.
    • Added gcloud vmware private-clouds dns-forwarding which manages DNS forwarding resources.
    • Added gcloud vmware network-policies external-access-rules which manages external access rule resources.
    • Added gcloud vmware private-clouds external-addresses which manages external address resources.
    • Added gcloud vmware private-clouds logging-servers which manages logging server resources.
    • Added gcloud vmware private-clouds management-dns-zone-bindings which manages management DNS zone binding resources.
    • Added gcloud vmware network-peerings which manages network peering resources.
    • Added gcloud vmware network-peering routes which manages network peering route resources.
    • Added gcloud vmware private-clouds clusters nodes which allows cluster node resources.
  • Added --type, --preferred-zone, and --secondary-zone to gcloud vmware private-clouds create command to support stretched private clouds creation.
  • Added clusterCoreCount, clusterVirtualCpuCount, clusterStorageGb and clusterMemoryGb fields in gcloud vmware private-clouds clusters describe command output.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

454.0.0 (2023-11-07)

AI

  • Added deployment-group, enable-access-logging,audiences,allowed-issuers to gcloud ai index-endpoints mutate-deployed-index.

Anthos Multi-Cloud

  • Updated container attached clusters register and container attached clusters import to check for proper deployment of the install agent before attempting to register/import.

Artifact Registry

  • Updated gcloud artifacts sbom load to have the newly created bucket have Uniform Bucket Level Access set to true.

Binauthz

  • Fixed issue with gcloud container binauthz attestations sign-and-create where --validate is not supported with --pae-encode-payload.

Certificate Manager

  • Added --update-mask flag to gcloud certificate-manager trust-configs import.

Cloud Bigtable

  • Rebuilt cbt cli with go version 1.21.3 which fixed CVE-2023-39323.

Cloud Bigtable Emulator

  • Rebuilding cbt emulator with go version 1.21.3 which fixed CVE-2023-39323.

Cloud Build

  • Added --clear-subscription-filter to gcloud builds triggers update pubsub command.

Cloud Dataproc

  • Added --min-secondary-worker-fraction flags to gcloud dataproc clusters create and gcloud dataproc clusters update.

Cloud Deploy

  • Added gcloud deploy automations and gcloud deploy automation-runs command groups.

Cloud IAM

  • Added --allowed-services flag to gcloud iam workforce-pools providers create-oidc, which allows the user to setup domains that can be accessed by users in a workforce pool.
  • Added --disable-programmatic-signin flag to gcloud iam workforce-pools providers create-oidc and gcloud iam workforce-pools providers update-oidc, which lets the administrator disable programmatic sign-in for users in a workforce pool.

Cloud Run

  • Added --container, --remove-containers, and --depends-on flags to gcloud beta run deploy and gcloud beta run services update to allow deploying and updating multi-container Services.

Cloud SQL

  • Added --cascadable-replica flag to gcloud sql instances create to enable cascadable replica creation for SQL Server.
  • Added gcloud sql instances switchover in alpha and beta to enable switchover in Cloud SQL for SQL Server.
  • Added --failover flag to gcloud sql instances promote-replica to enable unmanaged failover in Cloud SQL for SQL Server.

Cloud Storage

  • Fixed "Completed" progress count incrementing for uploads with errors.
  • Fixed an issue where --content-md5 flag was showing up for gcloud storage objects update command. MD5 Hash is a read only field so cannot be updated. Removed --content-md5 flag from the update command and removed --clear-content-md5 flag from gcloud storage {cp|mv|rsync|objects update} commands.
  • Added --autoclass-terminal-storage-class flag to gcloud storage buckets {create|update} to set the terminal storage class for Autoclass buckets.
  • Updated gsutil component to 5.27.
  • Releases soft delete feature, including restore command and various flags across other commands.
  • Removes un-implemented operations list flags: --uri and --page-size. These flags didn't do anything and there are no operations public users could have been using them on yet.

Cloud TPU

  • Promote --update-labels, --clear-labels, and --remove-labels flags of gcloud compute tpus tpu-vm update to GA.

Compute Engine

  • Promoted Standby Policy flags for gcloud compute instance-groups managed create in beta.
  • Promoted Standby Policy flags for gcloud compute instance-groups managed update in beta.
  • Promoted gcloud compute snapshot-settings to GA. Documentation of this feature is available at https://cloud.google.com/compute/docs/disks/snapshot-settings.
  • Updated enum name for --managed-protection-tier flag for gcloud compute project-info update from CAMP_PLUS_MONTHLY to CAMP_PLUS_PAYGO.
  • Added --network-user-defined-fields, --network-src-ip-ranges, --network-dest-ip-ranges, --network-ip-protocols, --network-src-ports, --network-dest-ports, --network-src-region-codes, and --network-src-asns to gcloud compute security-policies rules create|update.
  • Added gcloud compute security-policies add-user-defined-fields and gcloud compute security-policies remove-user-defined-fields commands.
  • Added --region to gcloud compute backend-services update.
  • Added --security-policy and --security-policy-region to gcloud compute instances network-interfaces update.
  • Added gcloud compute target-pools update and gcloud compute target-instances update commands.

Distributed Cloud Edge

  • Added upgrade command to gcloud edge-cloud container clusters to allow manually upgrading local control plane clusters.
  • Promoted --router to gcloud edge-cloud container vpn-connections create to allow users to define Cloud Router to use when creating the VPN connection.

GKE Hub

  • Promoted gcloud container fleet policycontroller group to GA.

Kubernetes Engine

  • Fixed issue where gcloud container clusters create-auto would prefer compute/zone over compute/region if both configs were set. Now prioritizes using compute/region.
  • Updated default kubectl from 1.27.5 to 1.27.7.
  • Additional kubectl versions:
    • kubectl.1.24 (1.24.17)
    • kubectl.1.25 (1.25.15)
    • kubectl.1.26 (1.26.10)
    • kubectl.1.27 (1.27.7)
    • kubectl.1.28 (1.28.3)
  • Added --labels flag to gcloud container clusters create-auto to enable applying labels on Autopilot clusters at creation time.

Looker

  • Added gcloud looker regions list which displays all available regions to deploy a Looker instance.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

453.0.0 (2023-10-31)

Breaking Changes

  • (Cloud Infrastructure Manager) Removed support for blueprints/location property, in favor of infra-manager/location property.

AI

  • Added --encryption-kms-key-name flag to gcloud ai indexes create to support encryption spec.

Artifact Registry

  • Added --remote-username and --remote-password-secret-version flags for artifacts repositories create and artifacts repositories update.

Cloud Build

  • Renamed Google Cloud Build to Cloud Build in the help text of gcloud builds command group.

Cloud Infrastructure Manager

  • Added infra-manager/location property to set the default Infra Manager region.

Cloud NetApp

  • Added gcloud beta netapp backup-vaults backups surface command, and made help text public.

Cloud Run

  • Added --args, --task-timeout, --tasks and --update-env-vars flags to gcloud run jobs execute to allow executing a Cloud Run job with runtime overrides.
  • Promoted --add-custom-audiences, --clear-custom-audiences, --remove-custom-audiences and --set-custom-audiences flags of gcloud run deploy and gcloud run services update to GA.

Cloud Storage

  • Added --autoclass-terminal-storage-class flag to gcloud storage buckets {create|update} to set the terminal storage class for Autoclass buckets.
  • Updated gsutil component to 5.27.
  • Fixed broken objects update clear flags.

Cloud Tasks

  • Added gcloud tasks cmek-config to [alpha|beta|GA] which enables creation of CMEK configuration for a given project in a particular location.

Cloud Workstations

  • Added --domain flag to gcloud beta workstations clusters to enable using custom domains.

Compute Engine

  • Promoted --default-action-on-vm-failure flag of gcloud compute instance-groups managed <create | update> to beta.
  • Promoted --source-disk-for-recovery-checkpoint and --source-disk-for-recovery-checkpoint-region flags of gcloud compute snapshots create to GA.

GKE Hub

  • Added policycontroller group which provides configuration commands for GKE Hub Policy Controller.

Kpt

Kubernetes Engine

  • Fixed issue where gcloud container clusters create-auto would prefer compute/zone over compute/region if both configs were set. Now prioritizes using compute/region.

Notebooks

  • Added gcloud notebooks runtimes migrate command. This command migrates a Google-Managed Notebook to a Workbench Instance.
  • Added gcloud notebooks instances migrate command. This commands migrates a User-Managed Notebook to a Workbench Instance.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

452.0.1 (2023-10-25)

Google Cloud CLI

  • gcloud will prefer using a supported version of Python if one is available on PATH.
    • This only affects environments where gcloud does not already manage a Python interpreter via bundled Python or virtualenv.
    • Currently supported versions are 3.8, 3.9, 3.10.

Cloud Storage

  • Updated gsutil component to 5.27.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

452.0.0 (2023-10-24)

AI

  • Added deployment-group, enable-access-logging,audiences,allowed-issuers to gcloud ai index-endpoints deploy-index.
  • Added enable-private-service-connect, project-allowlist, encryption-kms-key-name to gcloud ai index-endpoints create.

Anthos On-Prem

  • Renamed --upgrade-control-plane flag of gcloud container vmware clusters create and gcloud container vmware clusters update to --upgrade-policy. Promoted --upgrade-policy flag to GA.

App Engine

Artifact Registry

  • Fixed Registry URL in the output of artifacts repositories describe.

Cloud BCE App Connector

Cloud Bigtable

  • Added --priority flag to gcloud bigtable app-profiles create and gcloud bigtable app-profiles update.

Cloud Composer

  • Added --cloud-preferred-zone to gcloud composer environments create to select preferred zone for sql database creation.
  • Added --storage-bucket to gcloud composer environments create to specify the Cloud Storage bucket to be used by the environment.
  • Added --storage-bucket to gcloud beta composer environments create to specify the Cloud Storage bucket to be used by the environment.

Cloud Dataproc

  • Added --driver-required-memory-mb and --driver-required-vcores flags to gcloud dataproc jobs submit.

Cloud Domains

Cloud IAM

  • Promoted optional --recommend flag to beta for the following command:
    • gcloud iam service-account delete

Cloud NetApp

  • Added gcloud beta netapp backup-vaults surface command, and made help text public.

Cloud Resource Manager

  • Promoted optional --recommend flag to beta for the following commands:
    • gcloud projects remove-iam-policy-binding
    • gcloud projects delete

Cloud SQL

  • Support --ssl-mode flag for gcloud sql instances create and gcloud sql instances patch.

Cloud Spanner

  • Added the flags --autoscaling-min-nodes, --autoscaling-max-nodes, --autoscaling-min-processing-units, --autoscaling-max-processing-units, --autoscaling-high-priority-cpu-target and --autoscaling-storage-target to support creating an autoscaled instance in gcloud spanner instances create, or updating the autoscaling config of an instance in gcloud spanner instances update.

Cloud Storage

  • Releases storage operations command group for managing long-running operations. However, there is currently no way to create these operations.

Cloud TPU

  • Promote --add-tags, --clear-tags, and --remove-tags flags of gcloud compute tpus tpu-vm update to GA.

Cloud Workstations

  • Added config set workstations/region REGION, config set workstations/cluster CLUSTER_ID, config set workstations/config CONFIG_ID, and config set workstations/workstation WORKSTATIONS_ID commands.

Compute Engine

  • Promoted regional INTERNET_IP_PORT and INTERNET_FQDN_PORT Network Endpoint Groups in gcloud compute network-endpoint-groups to GA. Affected commands:
    • gcloud compute network-endpoint-groups create
    • gcloud compute network-endpoint-groups list-network-endpoints
    • gcloud compute network-endpoint-groups update <RESOURCE_NAME> --add-endpoint
    • gcloud compute network-endpoint-groups update <RESOURCE_NAME> --remove-endpoint
  • Promoted ENDPOINT_TYPE_MANAGED_PROXY_LB enum option of --endpoint-types flag in gcloud compute routers nats create to GA.
  • Added gcloud beta compute project-zonal-metadata for managing project zonal metadata. Documentation of this feature is available at https://cloud.google.com/compute/docs/metadata/setting-custom-metadata#set-custom-project-zonal-metadata.
  • Promoted gcloud compute network-attachments update to GA.

Firebase Test Lab

  • Increased the maximum number of test shards allowed for Arm virtual devices from 100 to 200 shards when using --num-uniform-shards or --test-targets-for-shard with gcloud firebase test android run.

Kubernetes Engine

Notebooks

  • Added gcloud notebooks runtimes migrate command. This command migrates a Google-Managed Notebook to a Workbench Instance.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

451.0.1 (2023-10-19)

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

451.0.0 (2023-10-17)

Google Cloud CLI

  • Bump cryptography to 41.0.4 and pyopenssl to 23.2.0.

App Engine

  • Enable devappserver support for Python 3.12 runtime.

Assured Workloads

  • Added --acknowledge-type flag (optional) for gcloud assured workloads violations acknowledge to acknowledge violation with type through gcloud command.

Cloud Filestore

  • Added --tier=ZONAL flag to gcloud filestore instances create to support a zonal filestore instance creation.

Cloud Run

  • Added volumes and volume mounts to gcloud run jobs describe, gcloud run jobs executions describe, and gcloud run jobs executions tasks describe.

Cloud SQL

  • Add new enum TLOG to --bak-type and added --stop-at and --stop-at-mark flag to gcloud sql import bak to support transaction log import on Cloud SQL for SQL Server.

Cloud Storage

  • Updated gcloud storage sign-url to allow using service account credentials to create signed URLs. Omit --private-key-file flag to use the active service account or account specified with --impersonate-service-account flag.

Compute Engine

  • Added SEV_LIVE_MIGRATABLE_V2 to the list of --guest-os-features for gcloud compute images create.
  • Promoted gcloud compute backend-services list-usable to GA.
  • Updated gcloud compute images import to handle exceptions in case of failure in fetching the cloud build logs.
  • Updated gcloud compute images import to check the storage permissions required for cloud build service account.

Kubernetes Engine

  • Updated default kubectl from 1.26.7 to 1.27.4.
  • Additional kubectl versions:
    • kubectl.1.23 (1.23.17)
    • kubectl.1.24 (1.24.16)
    • kubectl.1.25 (1.25.12)
    • kubectl.1.26 (1.26.7)
    • kubectl.1.27 (1.27.4)
  • Deprecate --enable-workload-config-audit, --enable-workload-vulnerability-scanning, and enable-security-posture flags in gcloud container clusters {create, create-auto, update}. The replacements for these are:
    • --enable-workload-config-audit -> --security-posture=standard
    • --enable-security-posture -> --security-posture=standard
    • --enable-workload-vulnerability-scanning -> --workload-vulnerability-scanning=standard
  • Added enterprise value to the available modes for --workload-vulnerability-scanning flag in the alpha and beta tracks.
  • Added --in-transit-encryption flag to gcloud container clusters create and gcloud container clusters update.

Service Extensions

  • New commands for service-extensions resources - LbTrafficExtensions and LbRouteExtensions.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

450.0.0 (2023-10-10)

AI

  • Promoted gcloud ai indexes upsert-datapoints and gcloud ai indexes remove-datapointsto GA.

App Engine

Cloud Bigtable

  • Rebuilt cbt cli with go version 1.21.1 which fixed CVE-2023-39319.

Cloud Bigtable Emulator

  • Rebuilding cbt emulator with go version 1.21.1 which fixed CVE-2023-29409.

Cloud Composer

  • Added --triggerer-count to gcloud composer environments create/update to specify number of Airflow triggerers.
  • Added --triggerer-cpu to gcloud composer environments create/update to specify CPU allocated to Airflow triggerer.
  • Added --triggerer-memory to gcloud composer environments create/update to specify memory allocated to Airflow triggerer.

Cloud Firestore

  • Promoted Cloud Firestore PiTR gcloud CLI changes to beta and GA.
  • Promoted --enable-pitr and --no-enable-pitr flag of gcloud firestore databases create command to GA.
  • Promoted --enable-pitr and --no-enable-pitr flag of gcloud firestore databases create command to beta.
  • Promoted --enable-pitr and --no-enable-pitr flag of gcloud firestore databases update command to GA.
  • Promoted --enable-pitr and --no-enable-pitr flag of gcloud firestore databases update command to beta.

Cloud Run

  • Show container dependencies in gcloud run services describe and gcloud run revisions describe.

Cloud Storage

  • Added option to read from stdin to ls command.

Compute Engine

  • Promoted --requested-features flag of gcloud compute interconnects create to GA.
  • Promoted gcloud compute interconnects macsec get-config to GA.
  • Promoted gcloud compute interconnects macsec update to GA.
  • Promoted gcloud compute interconnects macsec add-key to GA.
  • Promoted gcloud compute interconnects macsec remove-key to GA.
  • Promoted gcloud compute interconnects macsec update-key to GA.
  • Promoted the following flags of gcloud compute instance-groups managed create, gcloud compute instance-groups managed create-instance, and gcloud compute instance-groups managed instance-configs create to GA:
    • --stateful-internal-ip,
    • --stateful-external-ip.
  • Promoted the following flags of gcloud compute instance-groups managed update and gcloud compute instance-groups managed instance-configs update to GA:
    • --stateful-internal-ip,
    • --remove-stateful-internal-ips,
    • --stateful-external-ip,
    • --remove-stateful-external-ips.
  • Promoted --maintenance-interval flag for gcloud compute sole-tenancy node-groups create to beta.
  • Promoted gcloud compute sole-tenancy node-groups perform-maintenance to beta.
  • Promoted --delete-at-time and --delete-after-durationflags forgcloud compute reservations create|update` surfaces to beta.

Database Migration

  • Added the ability to specify an empty password when creating MySQL connection profiles using gcloud database-migration connection-profiles create mysql command.

Dataproc Metastore

  • Added --endpoint-protocol flag to gcloud metastore services update to specify the Customer-managed KMS key name to use for encrypting the Dataproc Metastore service.

Distributed Cloud Edge

  • Added --lro-timeout flag for gcloud edge-cloud container clusters node-pools create and gcloud edge-cloud container clusters node-pools create to allow specifying a custom duration for the gcloud CLI to wait on LROs.

GKE Hub

  • Fixed the issue of applying generated RBAC policies for third-party identities using the command gcloud container fleet memberships generate-gateway-rbac.

Kpt

Kubernetes Engine

  • Modified local ssd count value of --ephemeral-storage-local-ssd, --ephemeral-storage, and --local-nvme-ssd-block flags from gcloud container cluster create/update to be optional to support third generation machine types, which specify a static count. Pre-Gen3 behavior is unchanged.

Network Services

  • Updated gcloud network-services gateways to show a new ipVersion field for alpha version.

Workbench

  • Fixed issues with boot-disk-kms-key and data-disk-kms-key flags from gcloud workbench instances create command not working properly.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

449.0.0 (2023-10-03)

Breaking Changes

  • (Compute Engine) Modified gcloud beta compute future-reservations update to replace the paths query parameter with update_mask.

App Engine

  • Enable devappserver support for Go 1.21 runtime.

Cloud Dataproc

  • Fixed a bug that caused Instance Flexibility Policy to be disabled if a user only specified --secondary-worker-machine-types in dataproc clusters create command for the secondary workers flags.

Cloud Functions

  • Updated gcloud functions add-invoker-policy-binding and gcloud functions remove-invoker-policy-binding to support Cloud Functions (1st gen).

Cloud Run

  • Show mounted volumes in gcloud run services describe and gcloud run revisions describe.
  • Updated display format for task timeout in gcloud run jobs describe and gcloud run jobs executions describe. Timeouts larger than 1 minute will now show the duration in hours, minutes, and seconds.

Cloud Storage

  • Updated gsutil component to 5.26.
  • Resolved an issue where metadata flags were disregarded when interacting with the Google Cloud Storage and S3 XML APIs.

Cloud TPU

  • Promote --internal-ips flag of gcloud compute tpus tpu-vm update to GA.

Cloud Workstations

  • Added --service-account-scopes flag to workstations configs create and workstations configs update.

Compute Engine

  • Added --public-delegated-prefix flag to gcloud compute public-delegated-prefixes create and promoted the new flag to GA.
  • Added boot-disk-provisioned-throughput support to gcloud compute instances create and gcloud compute instance-templates create.

Distributed Cloud Edge

  • Add gcloud edge-cloud container get-server-configcommand with --location flag to get server config in target location.

Kubernetes Engine

  • Added --enable-fleet flag to gcloud container clusters create, gcloud container clusters create-auto and gcloud container clusters update in GA track.
  • Added --fleet-project flag to gcloud container clusters create, gcloud container clusters create-auto and gcloud container clusters update in GA track.
  • Added --clear-fleet-project flag to gcloud container clusters update in GA track.
  • Added --resource-manager-tags flag to gcloud container clusters create, gcloud container node-pools create, and gcloud container node-pools update to manage tags on the underlying Compute Engine VMs of GKE Nodes which can be used to selectively enforce Cloud Firewall network firewall policies.
  • Added --autoprovisioning-resource-manager-tags flag to gcloud container clusters create, gcloud container clusters create-auto, and gcloud container clusters update to manage tags on the underlying Compute Engine VMs of GKE Nodes which can be used to selectively enforce Cloud Firewall network firewall policies.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

448.0.0 (2023-09-26)

Breaking Changes

  • (Google Cloud CLI) Deprecated Python 3.5-3.7. The minimum supported Python version is Python 3.8.

Google Cloud CLI

  • Updated Mac installer to prompt to install Python 3.10.11.

Anthos On-Prem

  • Promoted gcloud container vmware admin-clusters to GA.
  • Promoted gcloud container vmware clusters to GA.
  • Promoted gcloud container vmware node-pools to GA.
  • Promoted gcloud container vmware operations to GA.
  • Promoted gcloud container bare-metal admin-clusters to GA.
  • Promoted gcloud container bare-metal clusters to GA.
  • Promoted gcloud container bare-metal node-pools to GA.
  • Promoted gcloud container bare-metal operations to GA.

App Engine

  • Fixed "https://github.com/GoogleCloudPlatform/java-docs-samples/issues/8659".

Artifact Registry

  • Improved error reporting for artifacts repositories set-cleanup-policies.
  • Added Registry URL to the output of artifacts repositories describe.
  • Added VEX_SCOPE column to gcloud artifact vulnerabilities list results.

Cloud Deploy

  • Fixed an issue where you couldn't create a release without clouddeploy.config.get permission.

Cloud Healthcare

  • Added --parser-version flag to gcloud healthcare hl7v2-stores create to enable specifying parser config version.
  • Updated gcloud healthcare hl7v2-stores list to include PARSER_VER header.

Cloud NetApp

  • Added --source-backup flag to gcloud beta netapp volumes {create,update} in order to introduce a source backup resource to restore to during disaster recovery.

Cloud Workstations

  • Added support for the replica zones flag in the beta workstations config create command.

Distributed Cloud Edge

  • Added --control-plane-kms-key flags to gcloud edge-cloud container clusters create command to allow specify a KMS key for the control plane data encryption of remote control plane clusters.
  • Fixed parsing of new cluster creation properties --system-addons-confg, --external-lb-ipv4-address-pools, --control-plane-node-count, --control-plane-machine-filter, --control-plane-shared-deployment-policy, --version, --release-channel, --version, and --release-channel.

Eventarc

  • Added destination-http-endpoint-uri, destination-http-endpoint-forward-dns-requests and network-attachment flags to gcloud eventarc triggers create as part of Eventarc integration with Message Streams.

Network Security

  • New flag to add description for Firewall Endpoint in create and update commands.

Vmware Engine

  • Deprecated --node-type-config flag from gcloud vmware private-clouds clusters update command.
  • Added --update-nodes-config and --remove-nodes-config flags in gcloud vmware private-clouds clusters update command.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

447.0.0 (2023-09-19)

Breaking Changes

  • (GKE Hub) Removed gcloud {alpha, beta} fleet namespaces. Use gcloud fleet scopes namespaces instead.
  • (GKE Hub) Removed gcloud {alpha, beta} fleet namespaces rbacrolebindings. Use gcloud fleet scopes rbacrolebindings instead.
  • (Network Connectivity) Deprecated gcloud network-connectivity spokes accept and gcloud network-connectivity spokes reject commands. Use gcloud network-connectivity hubs accept-spoke and gcloud network-connectivity hubs reject-spoke commands instead.

Google Cloud CLI

  • Improved post-processing times during gcloud components update and gcloud components install on macOS and Linux.
  • Fixed write permission check for gcloud auth enterprise-certificate-config create.

Anthos On-Prem

  • Added --vcenter-resource-pool, --vcenter-datastore, --vcenter-datacenter, --vcenter-cluster, --vcenter-folder, --vcenter-ca-cert-data, --vcenter-storage-policy-name to gcloud container vmware clusters create to specify vCenter configurations that are different from its admin cluster.

App Engine

Binauthz

  • Added flag --pae-encode-payload in command gcloud container binauthz attestations sign-and-create to generate DSSE format attestations.
  • Added flag --dsse-type in command gcloud container binauthz attestations sign-and-create to allow specifying the DSSE type for the attestations.

Cloud Dataproc

  • Added --secondary-worker-machine-types flags to gcloud dataproc clusters create.

Cloud Datastream

  • Fixed a bug updating the backfill policy of a stream.

Cloud Firestore Emulator

  • Release Cloud Firestore emulator v1.18.2
    • Remove nanosecond precision of event timestamp in the Firestore eventarc integration(2nd gen).
    • Fix a bug to make emulator consistent with production for queries.

Cloud Memorystore

  • Updated gcloud memcache instances create command to include MEMCACHE_1_6_15 as an allowed value for memcached-version flag.
  • Promoted the command gcloud memcache instances upgrade to GA.

Cloud NetApp

  • Fixed a crash when creating NetApp snapshots, backup policies, backup vaults.

Cloud Storage

  • Added the storage/parallel_composite_upload_prefix config option, which allows adjusting the paths of temporary components created during composite uploads.

Cloud TPU

  • Promote gcloud compute tpus tpu-vm update command and its --description flag to GA.

Compute Engine

  • Promoted --purpose=global-managed-proxy flag of gcloud compute networks subnets create to GA.

  • Added 'STANDARD_WITH_GRAPHQL' enum value to gcloud compute security-policies update --json-parsing and promoted it to beta.

  • Added specific-then-any-reservation and specific-then-no-reservation to the flag --reservation-affinity for alpha and beta in:

    • gcloud compute instances create
    • gcloud compute instances bulk create
    • gcloud compute instances-templates create

Database Migration

  • Added POSTGRES_15 database version option for --database-version flag to database-migration connection-profiles create cloudsql.
  • Added server side SSL support using --ca-certificate flag in database-migration connection-profiles create oracle.
  • Added oracle connection update support via database-migration connection-profiles update oracle.

Kpt

  • Updated kpt in Google Cloud CLI from 1.0.0-beta.43 to 1.0.0-beta.44.

Kubernetes Engine

  • Added --enable-backup-restore flag to gcloud container clusters create-auto to allow enabling Backup for GKE agent on Autopilot clusters at creation time.

Network Connectivity

  • Added gcloud network-connectivity hubs accept-spoke and gcloud network-connectivity hubs reject-spoke commands.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

446.0.1 (2023-09-14)

Cloud Run

  • Fixed race condition where tags could go to different Revisions than expected

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

446.0.0 (2023-09-12)

AlloyDB

  • Added the ability to specify a backup or source cluster using its full resource path when creating a restored cluster. This enables restoring across projects.

Anthos Multi-Cloud

  • Added --instance-type flag to gcloud container aws node-pools update to update the EC2 instance type of node pool nodes.

BigQuery

  • Added --external_source flag for dataset creation.
    • Updated bq show to display tags on a table.
    • Fixed an issue where a command could fail with little to no messaging. Other uncaught cases will need --debug_mode to get more information.
    • Fixed a bug when updating kms_key_name on a connection.
    • Improved logging for discovery doc load and authentication.
    • Utilized new python features with breaking changes for python 2.

Certificate Manager

  • Promoted gcloud certificate-manager trust-configs delete to GA.
  • Promoted gcloud certificate-manager trust-configs describe to GA.
  • Promoted gcloud certificate-manager trust-configs export to GA.
  • Promoted gcloud certificate-manager trust-configs import to GA.
  • Promoted gcloud certificate-manager trust-configs list to GA.

Cloud Billing

  • Added filter-resource-ancestors flag to gcloud billing budget CLI to include folders and organizations filter.

Cloud Composer

  • Added maintenance window flags for environment update:
    • --maintenance-window-start
    • --maintenance-window-end
    • --maintenance-window-recurrence
    • --clear-maintenance-window.

Cloud Dataplex

  • Added snake case support for dataplex datascans spec file.

Cloud Filestore

  • Updated --capacity flag description with High Scale tier capacity range.

Cloud Monitoring

  • Updated the format of gcloud beta monitoring metrics-scopes list <PROJECT_ID> to gcloud beta monitoring metrics-scopes list projects/<PROJECT_ID>.
  • Updated the format of gcloud beta monitoring metrics-scopes create <PROJECT_ID> to gcloud beta monitoring metrics-scopes create projects/<PROJECT_ID>.
  • Updated the format of gcloud beta monitoring metrics-scopes delete <PROJECT_ID> to gcloud beta monitoring metrics-scopes delete projects/<PROJECT_ID>.

Cloud NetApp

  • Add Standard service level to gcloud (alpha|beta) netapp storage-pools command group.
  • Removed explicit check on --volume in gcloud netapp volumes replications stop command.

Compute Engine

  • Added support for --cloudbuild-service-account flag for:

    • gcloud compute images import in GA;
    • gcloud compute instances import in GA;
    • gcloud compute machine_images import in GA.
  • Added alpha and beta versions of a new API named snapshot settings. Documentation of this feature will be available at https://cloud.google.com/compute/docs/disks/snapshot-settings following shortly after the release of this version of gcloud CLI.

Distributed Cloud Edge

  • Added --version and --release-channel flags to gcloud edge-cloud container clusters create command to allow specifying the cluster version and release channel.
  • Promoted --system-addons-confg, --external-lb-ipv4-address-pools, --control-plane-node-count, --control-plane-machine-filter, --control-plane-shared-deployment-policy, --version, and --release-channel flags from ALPHA to GA.

Network Security

  • Promoted gcloud network-security server-tls-policies delete to GA.
  • Promoted gcloud network-security server-tls-policies describe to GA.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

445.0.0 (2023-09-06)

Breaking Changes

  • (GKE Hub) Removed --security-posture and --workload-vulnerability-scanning flags of gcloud container fleet and gcloud beta container fleet.
    • --security-posture and --workload-vulnerability-scanning flags are not supported yet.
  • (GKE Hub) Updated anthos-support and users flags to be mutually exclusive in adding groups support to gcloud container fleet memberships generate-gateway-rbac command.

Google Cloud CLI

  • Fixed issue where the gcloud CLI would crash on unknown platforms.
  • Added a warning that --update-adc is now deprecated for 1st-party user credentials and replaced by gcloud auth application-default login.

Anthos Multi-Cloud

  • Promoted --enable-autorepair and --no-enable-autorepair of gcloud container aws node-pools create to GA.
  • Promoted --enable-autorepair and --no-enable-autorepair of gcloud container aws node-pools update to GA.
  • Promoted --enable-autorepair and --no-enable-autorepair of gcloud container azure node-pools create to GA.
  • Promoted --enable-autorepair and --no-enable-autorepair of gcloud container azure node-pools update to GA.
  • Added --admin-groups flag to gcloud container aws clusters create for setting groups as admins.
  • Added --admin-groups flag to gcloud container aws clusters update for setting groups as admins.
  • Added --admin-groups flag to gcloud container azure clusters create for setting groups as admins.
  • Added --admin-groups flag to gcloud container azure clusters update for setting groups as admins.
  • Added --admin-groups flag to gcloud container attached clusters create for setting groups as admins.
  • Added --admin-groups flag to gcloud container attached clusters register for setting groups as admins.
  • Added --admin-groups flag to gcloud container attached clusters update for setting groups as admins.
  • Added --proxy-secret-name and --proxy-secret-namespace flags to gcloud container attached clusters to configure an HTTP/HTTPS proxy for outbound traffic.
  • Added --binauthz-evaluation-mode flag to gcloud container aws clusters create to configure Binary Authorization evaluation mode.
  • Added --binauthz-evaluation-mode flag to gcloud container aws clusters update to configure Binary Authorization evaluation mode.
  • Added --binauthz-evaluation-mode flag to gcloud container attached clusters register to configure Binary Authorization evaluation mode.
  • Added --binauthz-evaluation-mode flag to gcloud container attached clusters update to configure Binary Authorization evaluation mode.
  • Added --clear-admin-groups and --clear-admin-users flags to gcloud container attached clusters update to clear admin users and groups from the cluster.

Cloud Billing

Cloud Build

  • Modified gcloud builds submit to support submitting a build with 2nd-gen repository resource.
  • Added --dir and --revision flag in gcloud builds submit command.

Cloud Deploy

  • Added support to fail fast when using an unsupported Skaffold version in the create release command.
  • Added a new command deploy get-config which gets the config for the specified region and project.

Cloud Firestore

  • Added Firestore backups feature support to Alpha.

Cloud NetApp

  • Added --restricted-actions flag to gcloud netapp volumes and gcloud beta netapp volumes during create and update.

Cloud Run

  • Added --dry_run flag to gcloud beta run services replace, which will validate the YAML service specification without applying it.
  • Modified the output format of gcloud run services describe and gcloud run revisions describe to support multiple containers.

Cloud SQL

  • Promoted --password-policy-disallow-compromised-credentials flag for gcloud sql instances create and gcloud sql instances patch to GA.

Cloud TPU

  • Fixed issue where gcloud compute tpus tpu-vm ssh is unable to login when project-level enable-oslogin:TRUE is configured and instance-level enable-oslogin is unset.

Compute Engine

  • Promoted the flag of --instance-template-region to GA in gcloud compute instance-templates create.
  • Promoted the flag of --region to GA in:
    • gcloud compute instance-templates list
    • gcloud compute instance-templates delete
    • gcloud compute instance-templates describe.

Distributed Cloud Edge

  • Added --version and --release-channel flags to gcloud edge-cloud container clusters create command to allow specifying the cluster version and release channel.

GKE Hub

  • Updated gcloud container fleet memberships generate-gateway-rbac to include handling for first-party groups (email) and third-party groups of the format principalSet://iam.googleapis.com/locations/global/workforcePools/example-pool/group/third party group.

Kpt

  • Updated kpt to v1.0.0-beta.43 release. Refer to release notes for more details.

Kubernetes Engine

  • Deprecate --enable-workload-config-audit, --enable-workload-vulnerability-scanning, and enable-security-posture flags in gcloud container clusters {create, create-auto, update}. The replacements for these are:
    • --enable-workload-config-audit -> --security-posture=standard
    • --enable-security-posture -> --security-posture=standard
    • --enable-workload-vulnerability-scanning -> --workload-vulnerability-scanning=standard
  • Added enterprise value to the available modes for --workload-vulnerability-scanning flag in the alpha and beta tracks.
  • Updated default kubectl from 1.27.4 to 1.27.5.
  • Additional kubectl versions:
    • kubectl.1.23 (1.23.17)
    • kubectl.1.24 (1.24.17)
    • kubectl.1.25 (1.25.13)
    • kubectl.1.26 (1.26.8)
    • kubectl.1.27 (1.27.5)
    • kubectl.1.28 (1.28.1)

Network Connectivity

  • Added gcloud network-connectivity hubs groups command group.
  • Added gcloud network-connectivity service-connection-policies update command.

Notebooks

  • Added --timeout-minutes to the following commands to allow specifying custom timeout for the diagnose operation.
    • gcloud notebooks instances diagnose
    • gcloud notebooks runtimes diagnose

Policy Troubleshooter

  • Promoted gcloud policy-intelligence troubleshoot-policy iam to GA.

Workbench

  • Fixed workbench instances diagnose flags.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

444.0.0 (2023-08-22)

AI

  • Added gcloud beta ai persistent-resources command group which supports creating and managing persistent resources for running custom training jobs.

AlloyDB

  • Added flag --availability-type to specify availability-type for an instance to the following commands:

    • gcloud alloydb instances create
    • gcloud alloydb instances update
    • gcloud alloydb instances create-secondary
  • Added the following flags of gcloud alloydb instances create and gcloud alloydb instances update to alpha, beta and GA:

    • --ssl-mode
    • --require-connectors
  • Added flag --allocated-ip-range-name to specify the allocated IP range for a cluster to the following commands:

    • gcloud alloydb clusters create
    • gcloud alloydb clusters restore
    • gcloud alloydb clusters create-secondary

Anthos Multi-Cloud

  • Added --node-labels flag to gcloud container aws node-pools update to update the labels assigned to node pool nodes.
  • Added --clear-node-labels flag to gcloud container aws node-pools update to clear the labels assigned to node pool nodes.

App Engine

BigQuery

  • Added --quota_project_id flag to force the quota project of a request.

Cloud Billing

  • Promoted gcloud billing accounts and gcloud billing projects to GA.

Cloud Dataplex

  • Promoted resource-read-access-mode flag in assets command group to GA.
  • Added export-results-table flag in datascans create data-profile command.

Cloud Dataproc

  • Added --min-num-workers flags to gcloud dataproc clusters create.
  • Added gcloud beta dataproc sessions to create and manage Dataproc interactive sessions.
  • Added gcloud beta dataproc session-templates to create and manage Dataproc session templates.

Cloud NetApp

  • Added gcloud netapp operations and gcloud netapp locations command group.

Cloud Run

  • Added gcloud beta run jobs executions cancel to allow cancelling a running Cloud Run job execution.

Compute Engine

  • Promoted support for Standby Policy for gcloud compute instance-groups managed create in Alpha.
  • Promoted support for Standby Policy for gcloud compute instance-groups managed update in Alpha.
  • Promoted compute routers get-nat-ip-info to GA.
  • Promoted gcloud compute future-reservations command group to beta.

Connectors

  • Added gcloud connectors command group. Commands in this group provide ways to interact with Integration Connectors resources.

Dataproc Metastore

  • Promoted gcloud metastore operations cancel to GA.

GKE Hub

  • Promoted GkeHub tenancy commands to GA.
    • Promoted gcloud container fleet methods to GA.
    • Promoted gcloud container fleet memberships bindings to GA.
    • Promoted gcloud container fleet scopes to GA.
    • Promoted gcloud container fleet scopes namespaces to GA.
    • Promoted gcloud container fleet scopes rbacrolebindings to GA.

Network Connectivity

  • Updated gcloud network-connectivity internal-ranges to support overlap-existing-subnet-range enum value for --overlaps flag during create and update.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

443.0.0 (2023-08-15)

AI

  • Added --notification-channels flag to gcloud beta ai model-monitoring-jobs create|update to allow sending alerts to notification channels.

AlloyDB

  • Added option for --cpu-count=96 in instances create and instances update commands.
  • Added support for specifying --database-version in clusters create command in alpha and beta tracks.

Anthos Multi-Cloud

  • Promoted --spot-instance-types flag of gcloud container aws node-pools create to GA.

Anthos On-Prem

  • Promoted gcloud vmware admin-clusters unenroll to beta.

Artifact Registry

  • Added --remote-apt-repo and --remote-apt-repo-path to gcloud artifacts repositories create to support Apt remote repos.
  • Added --remote-yum-repo and --remote-yum-repo-path to gcloud artifacts repositories create to support Yum remote repos.
  • Fixed issue where gcloud artifacts versions delete --delete-tags errors, when the package name has slashes.
  • Updated to use the project from URI of gcloud artifacts sbom export for requests.
  • Include InTotoSlsaProvenanceV1 in the process of computing SLSA build level.

Cloud Bigtable

  • Promoted gcloud bigtable backups copy to beta and GA.

Cloud Build

  • Remove gcloud builds triggers create gitlab-enterprise command.

Cloud DNS

  • Added support to allow specifying Global internal Application load balancers as health checked targets for Routing Policies.

Cloud Dataflow

  • Promoted gcloud dataflow jobs update-options from beta to GA.

Cloud Deploy

  • Enable "Uniform Bucket Level Access" by default for the Cloud Storage buckets created in gcloud deploy releases create.

Cloud Domains

  • Added information about an agreement between Google and Squarespace, Inc. to Cloud Domains gcloud domains registrations command group.

Cloud On Demand Scanning

  • Fixed issue with extracting packages from Go binaries with invalid dependency versions.

Cloud Storage

  • Fixed --uri flag for buckets list and objects list commands.

Compute Engine

  • Promoted AWS Origin Authentication in BackendService compute API to v1.
  • Added --managed-protection-tier flag to gcloud beta compute project-info update command.

Kubernetes Engine

  • Added --tpu-topology flag to gcloud container node-pools create for creating TPU node pools with a TPU topology. For more information on TPU topologies, see https://cloud.google.com/tpu/docs/types-topologies#tpu_topologies. flag when create a cluster.
  • Added hugepage related options inside existing --system-config-from-file flag for users to configure hugepages to clusters/nodepools.

Network Management

  • Updated gcloud network-management connectivity-tests list command to print details about Google-managed endpoints, networks, and forwarding rules.
  • Updated help text for the ipAddress argument in gcloud network-management connectivity-tests to keep it consistent with the currently supported scenarios.

Workbench

  • Fixed issue with metadata flag for gcloud workbench instances create.
  • Fixed issue with service-account-email flag for gcloud workbench instances create.
  • Fixed issue with machine_type flag for gcloud workbench instances update.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

442.0.0 (2023-08-08)

Artifact Registry

  • Added an argument group of two flags allow-sbom-generation and disable-sbom-generation to gcloud artifacts repositories create, to set the SBOM generation config of the repository.
  • Added an argument group of two flags allow-sbom-generation and disable-sbom-generation to gcloud artifacts repositories update, to set the SBOM generation config of the repository.
  • Added gcloud artifacts sbom export command to export SBOM into Google Cloud Storage.
  • Added gcloud artifacts sbom list command to list SBOMs.
  • Added gcloud artifacts sbom load command to upload a custom SBOM for an artifact.
  • Added gcloud artifacts vulnerabilities load-vex command to upload a vex statement.
  • Added gcloud artifacts vulnerabilities list command to list vulnerabilities for an artifact.

Bare Metal Solution

  • Promoted gcloud bms os-images list to GA.

BigQuery

  • Fixed a bug in discovery doc load when caching is used.
  • Fixed a bug that caused a crash in some common actions like bq show.

Cloud Dataflow

  • Added gcloud beta dataflow jobs update-options which updates properties of running dataflow jobs.

Cloud Functions

Cloud Memorystore

  • Added MEMCACHED_VERSION field to the output of the command gcloud memcache instances list to specify memcached version of the instance.

Cloud Run

  • Added --network, --subnet, --network-tags, --clear-network and --clear-network-tags flags to the following commands to allow enabling or disabling Direct VPC egress for a Cloud Run service or job:
    • gcloud beta run deploy
    • gcloud beta run services update
    • gcloud beta run jobs create
    • gcloud beta run jobs deploy
    • gcloud beta run jobs update
  • Added --args, --task-timeout, --tasks and --update-env-vars flags to gcloud beta run jobs execute to allow executing a Cloud Run job with runtime overrides.

Cloud SQL

  • Added --enable-private-service-connect, --allowed-psc-projects and --clear-allowed-psc-projects flags to gcloud sql instances create and gcloud sql instances patch to support Private Service Connect for Cloud SQL.
  • Added gcloud sql instances reencrypt, which re-encrypts a Cloud SQL CMEK instance with the current primary key version.

Cloud Services

  • Promoted gcloud services api-keys lookup to GA.

Compute Engine

  • Added support for version=12 and short-name=debian in --os-types for gcloud beta compute instances ops-agents policies [create|update].
  • Promoted --auto-network-tier flag of gcloud compute routers nats create and gcloud compute routers nats update to GA.
  • Added --local-ssd-recovery-timeout to specify the timeout to recover Local SSD to GA for:
    • gcloud compute instances create
    • gcloud compute instances create-with-container
    • gcloud compute instance-templates create
    • gcloud compute instances bulk create
    • gcloud compute instances set-scheduling
    • gcloud compute instances update-from-file
  • Added gcloud compute security-policies add/remove-layer7-ddos-defense-threshold-config.
  • Added --maintenance-interval to specify the frequency of planned maintenance events to beta for:
    • gcloud compute instance-templates create
  • Promoted --resource-policies flag for glcloud compute commitments createto to beta.
  • Promoted --resource-policies flag for glcloud compute commitments createto to GA.

Database Migration

  • Modified gcloud database-migration connection-profiles --help to specify what the host field value should be when --psc-service-attachment is also specified.
  • Added --edition to gcloud database-migration connection-profiles create cloudsql to allow creating a connection profile with the edition of the given Cloud SQL instance.
  • Added skip-validation param to gcloud database-migration migration-jobs start and gcloud database-migration migration-jobs restart to allow starting/restarting migration jobs without running validations.

Kpt

  • Updated kpt in Google Cloud CLI from 1.0.0-beta.37 to 1.0.0-beta.41.

Kubernetes Engine

  • flag when create a cluster.
  • Fixed issue of gcloud container cluster update --dataplane-v2-observability-mode resetting dataplane-v2-metrics to false.
  • Updated help-text by adding hyperdisk types to --disk-type choices.

Network Management

  • Added forwardingRule argument for destination in gcloud network-management connectivity-tests. This allows the user to run tests using a Forwarding Rule endpoint as a source.

Network Security

  • Added labels support for Security Profile create, add-override, delete-override and update-override commands.

Recommender

  • Added a list command for locations that lists all locations.

Transcoder

  • Added support for --batch-mode-priority flag when creating a new job.

Transfer

  • Log info about agent delete delays.
  • Fix bug for users mounting root with --mount-directories.

Workbench

  • Added gcloud workbench instances rollback to rollback workbench instances.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

441.0.0 (2023-08-01)

Artifact Registry

  • Include InTotoSlsaProvenanceV1 in the provenance output of gcloud artifacts docker images describe when using --show-provenance flag.
  • Deprecated artifacts repositories set-cleanup-policies --overwrite. The overwrite action is now the default behavior.

BigQuery

  • Fixed bug where local discovery docs were not loaded locally.
  • Added file_set_spec_type flag to support manifest Files in load jobs and external tables.

Cloud Bigtable

  • Updated --transactional-writes behavior in gcloud bigtable app-profile update to no longer silently disable transactional writes, if not specified. --no-transactional-writes must be used to disable transactional writes, as opposed to the previous behavior, which only required omitting --transactional-writes.

Cloud Build

  • Fixed issue where gcloud builds triggers update pubsub command returned invalid request when not providing pubsub topic.

Cloud Composer

  • Fixed an issue where using comments in the requirements.txt file broke updating Python packages.

Cloud Dataplex

  • Promoted datascans command group to GA.

Cloud Key Management Service

  • Added gcloud kms raw-encrypt and gcloud kms raw-decrypt commands to support raw symmetric encryption algorithms AES-128-GCM, AES-256-GCM, AES-128-CBC, AES-256-CBC, AES-128-CTR, and AES-256-CTR.

Cloud NetApp

  • Removed some extra fields in gcloud {beta, alpha} netapp {storage-pools, volumes, kms-configs} list due to messy output when too many fields.

Cloud Storage

  • Fixed behavior when preserving both symlinks and POSIX metadata on an OS with limited symlink support.
  • Fixed an issue clobbering an existing file on download if the file is a broken symlink.
  • Fixed an issue causing some hidden files to be skipped or transferred multiple times.
  • Added name field to objects and buckets list and describe commands.
  • Added bucket field to objects list and describe commands.

Cloud Workstations

  • Added --enable-nested-virtualization flag to gcloud workstations configs to enable nested virtualization on new or existing Cloud Workstation Configurations.

Compute Engine

  • Added new ENDPOINT_TYPE_MANAGED_PROXY_LB enum option to --endpoint-types flag of gcloud compute routers nats create in beta.
  • Promoted any-single-zone target distribution shape for regional managed instance groups to GA.
  • Promoted regional INTERNET_IP_PORT and INTERNET_FQDN_PORT Network Endpoint Groups in gcloud compute network-endpoint-groups to beta. Affected commands:
    • gcloud compute network-endpoint-groups create - support for Internet NEG types in regional scopes
    • gcloud compute network-endpoint-groups list-network-endpoints
    • gcloud compute network-endpoint-groups update <RESOURCE_NAME> --add-endpoint
    • gcloud compute network-endpoint-groups update <RESOURCE_NAME> --remove-endpoint
  • Update replica-zones support --create-disk=replica-zones for gcloud compute instance-templates create.
  • Promoted --purpose=global-managed-proxy flag of gcloud compute networks subnets create to beta.

Database Migration

  • Added gcloud database-migration conversion-workspaces describe-ddls which describes DDLs in a Database Migration Service conversion workspace.
  • Added gcloud database-migration conversion-workspaces describe-issues which describes issues in a Database Migration Service conversion workspace.
  • Added gcloud database-migration migration-jobs create to allow creating a migration job with a dump parallelization level.
  • Added gcloud database-migration migration-jobs update to allow configuring a migration job with a dump parallelization level.
  • Added --allocated-ip-range to gcloud connection-profiles create cloudsql to allow using an allocated subnet range when creating the destination Cloud SQL instance with a private connection.

GKE Hub

  • Updated gcloud container fleet memberships generate-gateway-rbac to include handling for third-party principals of the format principal://iam.googleapis.com/locations/global/workforcePools/example-pool/subject/third party user.

Kubernetes Engine

  • Updated default kubectl from 1.25.11 to 1.26.7.
  • Additional kubectl versions:
    • kubectl.1.21 (1.21.14)
    • kubectl.1.22 (1.22.17)
    • kubectl.1.23 (1.23.17)
    • kubectl.1.24 (1.24.16)
    • kubectl.1.25 (1.25.12)
    • kubectl.1.26 (1.26.7)
    • kubectl.1.27 (1.27.4)
  • Removed prerequisite for using --enable-master-global-access

Network Connectivity

  • Updated gcloud network-connectivity internal-ranges update to support setting and clearing overlaps.

Network Security

  • Added labels support for Security Profile Group create and update commands.

Policy Simulator

  • Added gcloud beta policy-intelligence simulate orgpolicy which runs a Simulation for OrgPolicy.

Pubsub Emulator

  • Fixed issue where messages may not be delivered in order when using unary pull.

Workbench

  • Added gcloud workbench to manage workbench instances.
  • Added gcloud workbench instances add-iam-policy-binding to add iam policy for workbench instances.
  • Added gcloud workbench instances delete to delete workbench instances.
  • Added gcloud workbench instances describe to describe workbench instances.
  • Added gcloud workbench instances get-iam-policy to get the iam policy for workbench instances.
  • Added gcloud workbench instances remove-iam-policy-binding to remove the iam policy binding for workbench instances.
  • Added gcloud workbench instances set-iam-policy to set the iam policy for workbench instances.
  • Added gcloud workbench instances reset to reset workbench instances.
  • Added gcloud workbench instances stop to stop workbench instances.
  • Added gcloud workbench instances start to start workbench instances.
  • Added gcloud workbench instances diagnose to diagnose workbench instances.
  • Added gcloud workbench instances upgrade to upgrade workbench instances.
  • Added gcloud workbench instances check-instance-upgradability to check upgradability of workbench instances.
  • Added gcloud workbench instances create to create workbench instances.
  • Added gcloud workbench instances update to update workbench instances.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

440.0.0 (2023-07-25)

Cloud Build

  • Updated help text for --comment-control flag in gcloud builds triggers bitbucket-server, gcloud builds triggers gitlab and gcloud builds triggers gitlab-enterprise to describe the allowed values.

Cloud Composer

  • Added --enable-high-resilience to gcloud composer environments update to enable high resilience mode for environments.
  • Added --disable-high-resilience to gcloud composer environments update to disable high resilience mode for environments.

Cloud DNS

  • Added support to allow specifying regional L7 forwarding rules as health checked targets for Routing Policies.

Cloud Healthcare

  • Added support for --stream-configs and --send-for-bulk-import flags to the following commands:
    • gcloud healthcare dicom-stores create
    • gcloud healthcare dicom-stores update
    • gcloud beta healthcare dicom-stores list
    • gcloud healthcare dicom-stores list

Cloud NetApp

  • Added LOCATION to fields to be listed in structured output during gcloud beta netapp volumes list.

Cloud Pub/Sub

  • Added a warning when --push-auth-token-audience and --push-auth-service-account flags are ignored due to missing dependent flags in gcloud pubsub subscriptions [create|update|modify-push-config] commands.

Cloud Storage

  • Modified buckets create so that multiple buckets can be created with a single command.

Compute Engine

  • Promoted --service-lb-policy flag of gcloud compute backend-services create and gcloud compute backend-services update to beta.
  • Promoted --type flag of gcloud compute routers nats create to beta.
  • Promoted --source-nat-active-ranges, --source-nat-active-ranges-region, --source-nat-drain-ranges, --clear-source-nat-drain-ranges and --source-nat-drain-ranges-region flags of gcloud compute routers nats rule update to beta.
  • Promoted --source-nat-active-ranges and --source-nat-active-ranges-region flags of gcloud compute routers nats rule create to beta.
  • Promoted new allowed value: PRIVATE_NAT for --purpose flag of gcloud compute networks subnets create to beta.
  • Promoted new :ALL range option for subnets passed to --nat-custom-subnet-ip-ranges flag of gcloud compute routers nats (create|update).
  • Promoted --security-profile-group and --[no-]tls-inspect flags for gcloud compute <network->firewall-policies rules <create|update> to beta.
  • Promoted gcloud compute resource-policies update snapshot-schedule to GA.
  • Promoted --force-update-on-repair flag of gcloud compute instance-groups managed <create | update> to GA.
  • Promoted --confidential-compute flag of gcloud compute disks create to beta.
  • Promoted --create-disk=confidential-compute for gcloud compute instances create to beta.

Container Registry

  • Fixed gcloud container images describe for gcr.io repos in Artifact Registry.

Kubernetes Engine

  • Updated broken links in gcloud container get-credentials help text.
  • Added --network-performance-configs=total-egress-bandwidth-tier=[DEFAULT|TIER_1] to gcloud container clusters create and gcloud container clusters update to allow setting default network performance tier for new node-pools. See gcloud container node-pools create.
  • Added --enable-multi-networking to gcloud container clusters create and added --additional-node-network and --additional-pod-network to gcloud container node-pools create to allow creation of multi-networking enabled clusters with additional node and pod networks.
  • Added --placement-policy flag to gcloud container clusters create command.
  • Added --placement-policy flag to gcloud container node-pools create command.
  • Disabled --enable-insecure-kubelet-readonly-port flag.
  • Updated help-text by removing --release-channel=NONE option for gcloud container create-auto. This option is not available for create-auto since Autopilot cluster must be subscribed to a release-channel.

Transcoder

  • Added support for --optimization flag when creating a new job.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

439.0.0 (2023-07-18)

Breaking Changes

  • (Kubernetes Engine) Renamed --binauthz-policy to --binauthz-policy-bindings in gcloud beta container clusters commands.

App Engine

Assured Workloads

  • Added --partner-permissions flag (optional) for gcloud assured workloads create command to enable setting the partner permissions parameter for creation of partner workload (workload managed by local trusted partners) through gcloud command.

BigQuery

  • Updated bundled discovery docs to revision 20230614.
  • Fixed bug stopping httplib2_debuglevel from being used.
  • Added file_set_spec_type flag to support manifest Files in load jobs and external tables.
  • Added destination_kms_key to create / update transfer configs.

Cloud Bigtable

  • Added --change-stream-retention-period flag to gcloud bigtable instances tables create and gcloud bigtable instances tables update.
  • Added --clear-change-stream-retention-period flag to gcloud bigtable instances tables update.
  • Rebuilt with golang 1.20.6 to address CVEs present in prior versions.

Cloud Bigtable Emulator

  • Rebuilt with golang 1.20.6 to address multiple CVEs in prior versions of golang.
  • Added support for reverse scans.

Cloud Build

  • Promoted gcloud builds triggers update to GA.

Cloud Datastream

  • Fixed issue where creating an oracle profile with streamLargeObjects field returned an error.

Cloud Functions

  • Updated gcloud functions deploy to prompt to allow unauthenticated invocations for new 2nd gen functions before deploying. This aligns with the behavior for new 1st gen functions.

Cloud IAM

  • Added --web-sso-additional-scopes flag to gcloud iam workforce-pools providers create-oidc and gcloud iam workforce-pools providers update-oidc which allows specification of additional OIDC scopes for web sign-in.

Cloud Memorystore

  • Added --reserved-ip-range-id flag to gcloud memcache instances create to allow specifying named allocations while creating an instance.

Cloud Pub/Sub

  • Promoted --push-no-wrapper and --push-no-wrapper-write-metadata flags of gcloud pubsub subscriptions [create|update|modify-push-config] to GA. Adds the ability to set and update payload unwrapping properties for push subscriptions. For more information, see the https://cloud.google.com/pubsub/docs/payload-unwrapping.

Cloud SQL

  • Added --[no-]recreate-replicas-on-primary-crash flag to gcloud sql instances create and gcloud sql instances patch to enable/disable replica recreation when a Mysql primary instance operating in reduced durability mode crashes.

Cloud Spanner

  • Added --priority flag to gcloud spanner databases execute-sql to allow setting request priority for the query to convey the relative importance of workloads.

Cloud Storage

  • Fixed gcloud storage buckets update --clear-log-bucket behavior so it now clears the entire logging configuration.
  • Promoted gcloud storage du command to GA.
  • Promoted gcloud storage hmac command group to GA.
  • Promoted gcloud sign-url command to GA.
  • Standardized resource format for describe and list commands across API providers. Use --raw flag to get the old API-specific format.

Compute Engine

  • Promoted --custom-learned-route-priority and --set-custom-learned-route-ranges flags of gcloud compute routers add-bgp-peer to GA.
  • Promoted --custom-learned-route-priority, --set-custom-learned-route-ranges, --add-custom-learned-route-ranges and --remove-custom-learned-route-ranges flags of gcloud compute routers update-bgp-peer to GA.
  • Promoted --http-keep-alive-timeout-sec flag for gcloud compute <target-http-proxies|target-https-proxies> <create|update> to GA.
  • Promoted --clear-http-keep-alive-timeout-sec flag for gcloud compute <target-http-proxies|target-https-proxies> update to GA.
  • Added --local-ssd-recovery-timeout to specify the timeout to recover Local SSD to beta for:
    • gcloud compute instances create
    • gcloud compute instances create-with-container
    • gcloud compute instance-templates create
    • gcloud compute instances bulk create
    • gcloud compute instances set-scheduling
    • gcloud compute instances update-from-file
  • Added --requested-features flag to gcloud compute interconnects create to allow requesting MACSec support for an Interconnect.
  • Promoted --requested-features flag of gcloud compute interconnects create to beta.
  • Promoted gcloud compute interconnects macsec get-config to beta.
  • Promoted gcloud compute interconnects macsec update to beta.
  • Promoted gcloud compute interconnects macsec add-key to beta.
  • Promoted gcloud compute interconnects macsec remove-key to beta.
  • Added gcloud compute interconnects macsec update-key to allow updating MACSec pre-shared keys.
  • Promoted gcloud compute interconnects macsec update-key to beta.
  • Custom machine type validation in regional gcloud compute instances bulk create command has been fixed.

GKE Hub

  • Promoted gcloud container fleet fleetobservability to GA.

Kubernetes Engine

  • Updated broken links in gcloud container get-credentials help text.
  • Added --enable-dataplane-v2-metrics and --dataplane-v2-observability-mode flags to gcloud container clusters create, gcloud container clusters create-auto and gcloud container clusters update.

Network Security

  • Updated import/export schema for gcloud network-security tls-inspection-policies with new fields in beta.
  • Security Profile Groups and Security Profiles only supports global location. --location flag now takes default global as location.
  • Updated Firewall Endpoint Associations resource to accept TLS inspection policy with an optional flag.

Security Command Center

  • Add deprecation notices to gcloud scc assets commands which are being deprecated in favor of Cloud Asset Inventory APIs.

Workbench

  • Added gcloud workbench to manage workbench instances.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

438.0.0 (2023-07-11)

Breaking Changes

  • (AI) Modified gcloud ai index-endpoints create to create public endpoint by default. Set --network flag to create private endpoint.
  • (Cloud IAM) Make --web-sso-response-type and --web-sso-assertion-claims-behaviorflag required in gcloud iam workforce-pools providers create-oidc.
  • (Stackdriver Debugger) Deleted gcloud deploy. Cloud Debugger is deprecated and was shut down May 31, 2023. For more information, see https://cloud.google.com/debugger/docs/deprecations.

Artifact Registry

  • Added artifacts repositories set-cleanup-policies.
  • Added artifacts repositories list-cleanup-policies.
  • Added artifacts repositories delete-cleanup-policies.

Backup For GKE

  • Added the following flags to gcloud container backup-restore restore-plans create and gcloud container backup-restore restore-plans update to expand cluster resource restore scope options:
    • --cluster-resource-scope-all-group-kinds
    • --cluster-resource-scope-selected-group-kinds
    • --cluster-resource-scope-excluded-group-kinds
    • --cluster-resource-scope-no-group-kinds
  • Deprecated --cluster-resource-restore-scope. Use --cluster-resource-selected-group-kinds instead.
  • Added the following flags to gcloud container backup-restore restore-plans create and gcloud container backup-restore restore-plans update to expand namespaced resourced restore scope options:
    • --no-namespaces
    • --excluded-namespaces

Cloud Build

  • Add E2_MEDIUM machine type.
  • Promoted gcloud builds connections and gcloud builds repositories to GA.
  • Promoted gcloud builds triggers create gitlab to GA.

Cloud Datastore Emulator

  • Released Cloud Datastore emulator v2.3.1
    • Fixed bug which caused /reset to never return a response.

Cloud Functions

  • Added warning and prompting to gcloud functions get-iam-policy and gcloud functions remove-iam-policy-binding about needing to bind the roles/run.invoker role for 2nd gen functions.

Cloud Healthcare

  • Added --stream-configs flag to the following commands:
    • gcloud beta healthcare dicom-stores create
    • gcloud beta healthcare dicom-stores update

Cloud IAM

  • Added --client-secret-value flag to gcloud iam workforce-pools providers create-oidc and gcloud iam workforce-pools providers update-oidc which allow user to setup client secret for authorization code flow.
  • Added --clear-client-secret flag to gcloud iam workforce-pools providers update-oidc which allow user to clear client secret setup for authorization code flow.
  • Added code as value for --web-sso-response-type flag to gcloud iam workforce-pools providers create-oidc and gcloud iam workforce-pools providers update-oidc which allow user to setup authorization code flow.
  • Added merge-user-info-over-id-token-claims as value for --web-sso-assertion-claims-behavior flag to gcloud iam workforce-pools providers create-oidc and gcloud iam workforce-pools providers update-oidc which allow user to merge the UserInfo Endpoint Claims with ID Token Claims, preferring UserInfo Claim Values for the same Claim Name.

Cloud Pub/Sub

  • Promoted --cloud-storage-bucket, --cloud-storage-file-prefix, --cloud-storage-file-suffix, --cloud-storage-max-bytes, --cloud-storage-max-duration, --cloud-storage-output-format and --cloud-storage-write-metadata flags of gcloud pubsub subscriptions create to GA. Adds the ability to set Cloud Storage configuration options in Cloud Pub/Sub subscriptions. For more information, see the https://cloud.google.com/pubsub/docs/cloudstorage.
  • Promoted --cloud-storage-bucket, --cloud-storage-file-prefix, --cloud-storage-file-suffix, --cloud-storage-max-bytes, --cloud-storage-max-duration, --cloud-storage-output-format, --cloud-storage-write-metadata, and --clear-cloud-storage-config flags of gcloud pubsub subscriptions update to GA. Adds the ability to update Cloud Storage configuration options in Cloud Pub/Sub subscriptions. For more information, see the https://cloud.google.com/pubsub/docs/cloudstorage.

Cloud SQL

  • Added gcloud sql operations cancel to cancel an operation running on a Cloud SQL instance.
  • Added edition and enable-data-cache flags to gcloud sql instances create and gcloud sql instances patch to support Edition and Data Cache.
  • Added show-edition flag to gcloud sql instances list and gcloud sql tiers list to display Edition.

  • Added --password-policy-disallow-compromised-credentials flag to gcloud sql instances create and gcloud sql instances patch for ALPHA and BETA.

Cloud Storage

  • Updated gsutil component to 5.25.
  • Fix a bug preventing nested directory symlinks from being preserved when uploading a directory recursively.

Cloud Workstations

  • Updated --machine-type flag for configs command to accept any string.

Compute Engine

  • Added 23.04 to allowed list of values for --version of gcloud beta compute instances ops-agents policies [create|update].
  • Promote --instance-kms-key flag of gcloud compute instance create to GA.
  • Promoted --preference flag of gcloud compute backend-services add-backend and gcloud compute backend-services update-backend to beta.
  • Added --allow-cidr-routes-overlap flag to gcloud beta compute networks subnets update command.
  • Added SEV_SNP_CAPABLE to the list of guestOsFeatures.
  • Added support for clearing fields to gcloud beta compute security-policies remove-user-defined-field and gcloud beta compute security-policies rules update.

GKE Hub

  • Modified gcloud container fleet memberships register command to validate that the --manifest-output-file flag is only used with the --install-connect-agent flag.

Kpt

  • Updated kpt in Google Cloud CLI from 1.0.0-beta.35 to 1.0.0-beta.37.

Kubernetes Engine

  • Added new kubedns option to --cluster-dns to allow KubeDNS to be explicitly specified as the cluster DNS provider.
  • Added GcsFuseCsiDriver option to --addons flag of gcloud container clusters create to enable the Cloud Storage FUSE Container Storage Interface (CSI) Driver.
  • Added GcsFuseCsiDriver option to --update-addons flag of gcloud container clusters update to enable/disable the Cloud Storage FUSE Container Storage Interface (CSI) Driver.
  • Updated default kubectl from 1.25.9 to 1.25.11.
  • Additional kubectl versions:
    • kubectl.1.21 (1.21.14)
    • kubectl.1.22 (1.22.17)
    • kubectl.1.23 (1.23.17)
    • kubectl.1.24 (1.24.15)
    • kubectl.1.25 (1.25.11)
    • kubectl.1.26 (1.26.6)
    • kubectl.1.27 (1.27.3)

Network Connectivity

  • Added gcloud network-connectivity hubs add-iam-policy-binding, gcloud network-connectivity hubs remove-iam-policy-binding, gcloud network-connectivity hubs get-iam-policy, and gcloud network-connectivity hubs set-iam-policy commands.
  • Added gcloud network-connectivity hubs list-spokes command which supports listing all spokes associated with a hub.
  • Added gcloud network-connectivity hubs route-tables command group which supports listing and describing route tables.
  • Added gcloud network-connectivity hubs route-tables routes command group which supports listing and describing routes.
  • Added gcloud network-connectivity spokes accept and gcloud network-connectivity spokes reject commands.
  • Added --global flag to gcloud network-connectivity spokes delete, gcloud network-connectivity spokes describe, and gcloud network-connectivity spokes list commands.
  • Added gcloud network-connectivity spokes linked-vpc-network command group which supports creating and updating VPC spokes.

Network Security

  • Added gcloud network-security firewall-endpoint-associations update to alpha and beta. This command updates the labels and TLS inspection policy of Cloud Firewall Plus associations.

Network Services

  • Promoted gcloud network-services service-lb-policies to beta.

Recaptcha

  • Added --skip-billing-check to recaptcha keys migrate. If usage is under the free quota, the billing check can be safely skipped.

Recommender

  • Added list insight-types to beta for recommender surface.
  • Added list recommenders to beta for recommender surface.
  • Updated list insights to use beta list insight-types command.
  • Updated list recommendations to use beta list recommenders command.

Security Command Center

  • Updated gcloud scc findings documentation to fix an invalid finding id used in examples.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

437.0.1 (2023-06-30)

Cloud Storage

  • Reverted change that broke gcloud storage cp with relative path characters.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

437.0.0 (2023-06-27)

Anthos Multi-Cloud

  • Modified gcloud container aws node-pools list and gcloud container azure node-pools list to fetch server configurations and to give a warning when any of the node pools are running an end-of-life version.

App Engine

Artifact Registry

  • Updated the output of gcloud artifacts docker images describe to include SBOM location information.
  • Added flag --show-sbom-references to gcloud artifacts docker images describe to list SBOM reference occurrences.
  • Updated the output of gcloud artifacts docker images describe with flag --show-all-metadata to include SBOM reference occurrences.
  • Added Go as an option of --repository-format flag of gcloud artifacts repositories create to create Go repositories.
  • Added gcloud artifacts go upload command to upload Go modules.

Cloud Bigtable

  • The maximum retention period for a Cloud Bigtable backup has been increased from 30 days to 90 days, giving you more robust data protection and data quality control. For more information on how Bigtable backups work, see https://cloud.google.com/bigtable/docs/backups.

Cloud Build

  • Added gcloud beta builds connections create gitlab and gcloud beta builds connections update gitlab.

Cloud Filestore

  • Added --tier=ZONAL flag to gcloud beta filestore instances create to support a zonal filestore instance creation.

Cloud NetApp

  • Removed a print statement that led to messy output during gcloud beta netapp volumes replications create.

Cloud SQL

  • Added gcloud beta sql instances reencrypt, which re-encrypts a Cloud SQL CMEK instance with the current primary key version in beta.

Cloud Storage

  • Release rsync command

Compute Engine

  • Gcloud compute will now retry two times if its follow-up Operations.Wait|Get requests return 503 error.

GKE Hub

  • Added gcloud container fleet memberships support-access which allows users to manage Support access.

Network Security

  • Added gcloud network-security firewall-endpoints update to alpha and beta. This command updates the labels of Cloud Firewall Plus endpoints.

Recaptcha

  • Removed gcloud recaptcha firewallpolicies surface and all commands within. Please use gcloud recaptcha firewall-policies instead.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

436.0.0 (2023-06-21)

AlloyDB

  • Promoted AlloyDB Inject Fault commands to GA track. Modified commands include: alloydb instances inject-fault.

Anthos Multi-Cloud

  • Modified gcloud container aws node-pools describe and gcloud container azure node-pools describe to fetch server configurations and to give a warning when the nodepool is running an end-of-life version.
  • Modified gcloud container aws clusters list and gcloud container azure clusters list to fetch server configurations and to give a warning when any of the clusters are running an end-of-life version.

Batch

  • Promoted Batch submit job optional prefix feature to beta and GA.

Cloud Deploy

  • Added new --deploy-parameters to gcloud deploy releases create command. When used, deploy parameters will be set for the release.
  • Added gcloud deploy rollouts advance, gcloud deploy rollouts cancel, gcloud deploy rollouts ignore-job, and gcloud deploy job-runs terminate commands for the Deployment Strategies GA launch.

Cloud Firestore Emulator

  • Release Cloud Firestore emulator v1.18.1
    • Added a new emulator configuration to start with experimental mode.

Cloud Functions

  • Fixed issue where gcloud functions deploy could fail in certain cases if the caller was missing permissions to get the project IAM policy.

Cloud IAM

  • Added flags --folder and --organization to gcloud beta services identity create.
    • Support folder and organization level service agents creation, in addition to project level service agents.

Cloud NetApp

  • Added --force parameter to gcloud beta netapp volumes replications stop to force stop a replication during a data transfer.

Cloud SQL

  • Added --preferred-zone flag to gcloud sql instances clone --point-in-time to support point in time recovery to a specified zone for PostgreSQL.
  • Added gcloud sql instances get-latest-recovery-time command to get the latest recovery time for a PostgreSQL instance.

Cloud Spanner

  • Promoted spanner databases update command to beta and GA tracks.

Cloud Storage

  • Fixed issue where certain gcloud storage commands would fail to load when the PATH environment variable was not set.

Cloud Workstations

  • Promoting workstations, workstations configs, and workstations clusters commands to GA.

Compute Engine

  • Promoted --instance-kms-key flag of gcloud compute instance create to beta.
  • Promoted --max-count-per-zone flag of gcloud compute instances bulk create to v1. Flag defines maximum number of instances that can be created per zone for regional bulk insert.
  • Promoted disk-consistency-group argument of gcloud compute resource-policies create to GA.
  • Promoted --primary-disk, --primary-disk-project, --primary-disk-region, and --primary-disk-zone of gcloud compute disks create to GA.
  • Promoted gcloud compute disks start-async-replication to GA.
  • Promoted gcloud compute disks stop-async-replication to GA.
  • Promoted gcloud compute disks stop-group-async-replication to GA.
  • Promoted gcloud compute disks bulk create to GA.
  • Added deny as a choice for --action and--exceed-action of gcloud compute security-policies rules create|update.

Kubernetes Engine

  • Added --sole-tenant-node-affinity-file flag to gcloud container node-pools create for creating node pools backed by sole tenant node groups. For more information see https://cloud.google.com/kubernetes-engine/docs/how-to/sole-tenancy.
  • Added --security-posture and --workload-vulnerability-scanning flags to gcloud container clusters create, gcloud container clusters create-auto, and gcloud container clusters update for controlling GKE Security Posture features.

  • Added --workload-policies flag to gcloud container clusters create-auto and gcloud container clusters update for enabling NET_ADMIN privilege. Added --remove-workload-policies flag to gcloud container clusters update for disabling NET_ADMIN privilege.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

435.0.1 (2023-06-14)

Cloud Firestore

  • Removed the --enable-pitr flag from gcloud firestore databases <create|update> which was causing firestore database creation failures.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

435.0.0 (2023-06-13)

Breaking Changes

  • (Compute Engine) Modified quota exceeded errors to show future limit and rollout status information to user in addition to original error message.

Anthos Multi-Cloud

  • Modified gcloud container aws clusters describe and gcloud container azure clusters describe to fetch server configurations and to give a warning when the cluster is running an end-of-life version.
  • Added --root-volume-throughput flag to gcloud container aws clusters and gcloud container aws node-pools to support customizable EBS root volume throughput.
  • Added --main-volume-throughput flag to gcloud container aws clusters create to support customizable EBS main volume throughput.
  • Added --disable-per-node-pool-sg-rules flag to gcloud container aws clusters create and gcloud container aws clusters update to disable the default security group rules provisioned for each node pool.
  • Added --enable-per-node-pool-sg-rules flag to gcloud container aws container clusters update to re-enable the default security group rules provisioned for each node pool.

Cloud Bigtable

  • Add ability to count rows for a prefix.

Cloud Filestore

  • Added --kms-key flag to gcloud filestore backups create, which allows an Enterprise or High Scale backup to be created that is encrypted with a CMEK key." => "which creates a backup with an associated customer-managed encryption key (CMEK). Only available for Enterprise or High Scale tier instances.
  • Added --instance-location flag to gcloud filestore backups create, which accepts either a zone or region and allows clients to restore Basic HDD, Basic SSD, and Enterprise tier backups.

Cloud Functions

  • Promoted --docker-repository, --kms-key, clear-docker-repository, and --clear-kms-key flags of gcloud functions deploy --gen2 to GA, which bring CMEK support for Cloud Functions 2nd Gen.

Cloud NetApp

  • Added gcloud beta netapp group which includes gcloud beta netapp storage-pools, gcloud beta netapp volumes, gcloud beta netapp active-directories, gcloud beta netapp kms-configs, gcloud beta netapp locations, gcloud beta netapp operations, gcloud beta netapp volumes snapshots, and gcloud beta netapp volumes replications.

Cloud Run

  • Promoted gcloud run services proxy to GA. This command allows you to proxy a service or a revision to localhost. Requests will be authenticated as the current SDK account, or with a provided token.

Cloud TPU

  • Fixed bug so that gcloud compute tpus tpu-vm ssh respects instance preference of setting enable-oslogin to false.

Compute Engine

  • Promoted source-instant-snapshot flag of gcloud compute disks create to beta.
  • Promoted --source-instant-snapshot, --source-instant-snapshot-zone and --source-instant-snapshot-region flags of gcloud compute snapshots create to beta.
  • Promoted gcloud compute instant-snapshots create to beta.
  • Promoted gcloud compute instant-snapshots delete to beta.
  • Promoted gcloud compute instant-snapshots describe to beta.
  • Promoted gcloud compute instant-snapshots list to beta.
  • Promoted gcloud compute instant-snapshots add-labels to beta.
  • Fixed bug in handling quota exceeded error with gcloud compute commitments create command.
  • Added force-attach support to gcloud compute instances create.
  • Added --recaptcha-action-site-keys and --recaptcha-session-site-keys to gcloud beta compute security-policies rules create|update.
  • Added --network-user-defined-fields, --network-src-ip-ranges, --network-dest-ip-ranges, --network-ip-protocols, --network-src-ports, --network-dest-ports, --network-src-region-codes, and --network-src-asns to gcloud beta compute security-policies rules create|update.
  • Added gcloud beta compute security-policies add-user-defined-fields and gcloud beta compute security-policies remove-user-defined-fields commands.
  • Added --security-policy and --security-policy-region to gcloud beta compute instances network-interfaces update.
  • Added gcloud beta compute target-pools update and gcloud beta compute target-instances update commands.

Kpt

  • Updated kpt in Google Cloud CLI from 1.0.0-beta.34 to 1.0.0-beta.35.

Kubernetes Engine

  • Undeprecated and unhid --logging and --monitoring flags from gcloud container clusters create-auto.

  • Added a new command gcloud container clusters check-autopilot-compatibility which returns a list of autopilot compatibility issues of the given cluster.

Vmware Engine

  • Added commands for managing resources:

    • Private connections:
    • Added commands to perform CRUD
    • Retrieving exchanged routes

    • Subnets:

    • Added commands to describe and update a subnet

    • Private clouds:

    • Added ability to create a time limited PC

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

434.0.0 (2023-06-06)

AlloyDB

  • Promote Continuous Backups related commands to the GA track, which include changes to gcloud alloydb clusters create, gcloud alloydb clusters update and gcloud alloydb clusters restore.

Anthos On-Prem

  • Modified gcloud container vmware admin-clusters list. When specifying --location=-, or when both --location and gcloud configuration container_vmware/location are not specified, return admin clusters in all locations of the specified project.

Cloud Functions

  • Updated gcloud functions logs read to read function logs from both 1st gen and 2nd gen functions when no function name is provided unless --gen2 or --no-gen2 is set.

Cloud Key Management Service

  • Promoted gcloud kms inventory which allows viewing and tracking of keys across cloud resources.

Cloud Logging

  • Promoted --custom-writer-identity flag of gcloud logging sinks create to beta and GA.
  • Promoted --custom-writer-identity flag of gcloud logging sinks update to beta and GA.

Compute Engine

  • Updated the Interconnect attachment Bring Your Own IP (BYOIP) IPv6 fields to be unavailable.
  • Added --size flag to gcloud compute disks update to support size update.
  • Added hyperdisk-balanced support to gcloud compute disks create and gcloud compute instances create.
  • Added --per-instance-hostnames flag to gcloud compute instances bulk create for alpha and beta.
  • Promoted --http-keep-alive-timeout-sec flag for gcloud compute <target-http-proxies|target-https-proxies> <create|update> and --clear-http-keep-alive-timeout-sec flag for gcloud compute <target-http-proxies|target-https-proxies> update to beta.

Dataproc Metastore

  • Promoted --endpoint-protocol flag to GA.

Kubernetes Engine

  • Added --enable-fqdn-network-policy flag to gcloud beta container clusters create and gcloud beta container clusters update.

Recommender

  • Added a list command for insights that lists all available insight types.
  • Added a list command for recommenders that lists all available recommenders.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

433.0.1 (2023-06-1)

Google Cloud CLI

  • Disabled self-signed jwt usage for service accounts.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

433.0.0 (2023-05-31)

Breaking Changes

  • (Cloud Run) Added --[no-]async flags to gcloud run jobs delete and gcloud run jobs executions delete with a default value of --no-async. Changed these two commands to wait for delete operation by default.

Google Cloud CLI

  • Fixed issue where running the install script from within the root google-cloud-sdk directory would crash with an unactionable error when new versions of certain components were made available prior to installation.

AlloyDB

  • Promoted AlloyDB Cross Region Replication commands to GA track. Modified commands include: alloydb clusters create-secondary, alloydb clusters promote, alloydb instances create-secondary.

Anthos On-Prem

  • Modified gcloud container bare-metal admin-clusters list. When specifying --location=-, or when both --location and gcloud configuration container_bare_metal/location are not specified, return admin clusters in all locations of the specified project.

Artifact Registry

  • Updated the output of gcloud artifacts docker images list with flag --show-occurrences to include SBOM reference occurrences.

Certificate Authority Service

  • Added --publishing-encoding-format flag to gcloud privateca pools create and gcloud privateca pools update to allow users to optionally publish DER encoded CA certificates and CRLs to Google Cloud Storage buckets.

Cloud Build

  • Added flag to specify substitutions in gcloud builds triggers run.
  • Modified --branch, --tag, --sha flags to be optional in gcloud builds triggers run command.

Cloud Composer

  • Added --enable-high-resilience to gcloud composer environments create to create environments with high resilience mode.
  • Added gcloud composer environments database-failover to manually run a database failover for environments with high resilience enabled.
  • Added gcloud composer environments fetch-database-properties to fetch airflow database properties for Composer environments.

Cloud Logging

  • Added logging_service_account_id to settings describe response.

Cloud SQL

  • Added --no-recovery, --bak-type and --recovery-only flags to gcloud sql import bak and added --bak-type and --differential-base flags to gcloud sql export bak to enable the differential import/export feature for SQL Server.

Cloud Workstations

  • Added --accelerator-type and --accelerator-count flags to gcloud beta workstations configs create.

Compute Engine

  • Fixed bug in handling quota exceeded error with gcloud compute commitments create command.
  • Added --region flag to gcloud beta compute security-policies rules commands.
  • Deprecated --no-client-ttl and --no-max-ttl arguments of gcloud compute [backend-services|backend-buckets] [create|update].

Kpt

  • Updated kpt in Google Cloud CLI from 1.0.0-beta.33 to 1.0.0-beta.34.

Kubernetes Engine

  • Added --enable-best-effort-provision and --min-provision-nodes to gcloud container node-pools create to turn on best effort provisioning for node pool creation.

Network Security

  • Added network-security firewall-endpoint-associations commands to manage Cloud Firewall Plus endpoint associations, and promoted them to beta.
  • Promoted commands under gcloud network-security address-groups to GA.
  • Promoted commands under gcloud network-security org-address-groups to GA.

Security Command Center

  • Added gcloud topic datetimes support for gcloud scc command group timestamp and duration flags.

Transfer

  • Added --docker-network flag to gcloud transfer agents install to allow configuration of the underlying Docker container's network.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

432.0.0 (2023-05-23)

AI

  • Added --public-endpoint-enabled flag to gcloud ai index-endpoints create to support public endpoint.
  • Modified --network flag of gcloud ai index-endpoints create to be optional.

Anthos On-Prem

  • Added --disable-control-plane-v2 flag to gcloud container vmware clusters create to explicitly disable the use of control plane v2 feature.
  • --enable-control-plane-v2 in gcloud container vmware clusters create is by default set for version 1.15+.
  • Added --ignore-errors flag to gcloud container bare-metal admin-clusters unenroll. If set, the unenrollment of a bare metal admin cluster resource will succeed even if errors occur during unenrollment.

Artifact Registry

  • Changed IAM policy analysis scope to the root of project in gcloud beta artifacts docker upgrade print-iam-policy.

BigQuery

  • Fixed bug to ensure show works with encrypted S3 managed tables.
    • Fixed bug to ensure spark properties can be updated to empty values.
    • Fixed RANGE<TIMESTAMP> to correctly display UNBOUNDED boundaries.
    • Fixed bug in the bq info command that caused it to always fail.
    • Fixed bug where a line of logging was always printed.
    • Added connections to get-iam-policy and set-iam-policy.

Cloud Build

  • Modified (--repo, --repo-type) and --repository to be optional in gcloud builds triggers create manual, gcloud builds triggers create webhook and gcloud builds triggers create pubsub.

Cloud Storage

  • Updated gsutil component to 5.24.

Compute Engine

  • Added --http-keep-alive-timeout-sec flag to gcloud compute alpha/beta target-http-proxies/target-https-proxies create/update to configure http keep alive timeout sec field in target httpx proxy.
  • Added --server-tls-policy and --clear-server-tls-policy flags to gcloud compute target-https-proxies create/update to attach/detach a server TLS policy to the target https proxy.
  • Release pathTemplateMatch and pathTemplateRewrite fields in urlMaps to v1 API.
  • Updated --consumer-accept-list and --consumer-reject-list of gcloud compute service-attachments create and gcloud compute service-attachments update to support networks.
  • Promoted --provisioned-throughput flag of gcloud compute disks create and gcloud compute disks update to GA.
  • Promoted --create-disk=provisioned-throughput for gcloud compute instances create and gcloud compute instance-templates create to GA.
  • Promoted gcloud compute interconnects remote-locations <describe|list> to beta and GA.
  • Promoted --remote-location flag of gcloud compute interconnects create to beta and GA.
  • Promoted --subnet-length flag of gcloud compute interconnects attachments <dedicated|provider> create to beta and GA.

Container Registry

  • Changed "gloud container images describe" to check existence of the digest.

Database Migration

  • Updated gcloud database-migration connection-profiles create alloydb to support customer-managed encryption key(CMEK).
  • Updated gcloud database-migration connection-profiles create cloudsql to support customer-managed encryption key(CMEK).

Kpt

Kubernetes Engine

  • Promoted fields gpu-driver-version within --accelerator flag to enable GPU driver auto installation.
  • Updated default kubectl from 1.24.13 to 1.25.9.
  • Additional kubectl versions:
    • kubectl.1.21 (1.21.14)
    • kubectl.1.22 (1.22.17)
    • kubectl.1.23 (1.23.17)
    • kubectl.1.24 (1.24.13)
    • kubectl.1.25 (1.25.9)
    • kubectl.1.26 (1.26.4)
    • kubectl.1.27 (1.27.1)

Network Security

  • Promoted gcloud network-security security-profile-groups to beta.
  • Added network-security firewall-endpoints commands to manage Cloud Firewall Plus endpoints, and promoted them to beta.
  • Promoted gcloud network-security security-profiles threat-prevention to beta.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

431.0.0 (2023-05-16)

Breaking Changes

  • (Anthos On-Prem) Modified --version flag to be required in gcloud container vmware clusters create.
  • (Compute Engine) Added centos-stream-8 and centos-stream-9 options to --os flag for:
    • gcloud compute images import in GA,
    • gcloud compute instances import in GA
    • gcloud compute machine-images import in GA

Google Cloud CLI

  • Fixed error when filtering was applied to date or time type keys and their values were None. Now, the resources will be excluded as when values were empty.
  • Added warning message to indicate support for Python 3.5-3.7 will be deprecated on August 8th, 2023.

Anthos On-Prem

  • Modified gcloud container bare-metal clusters list to return clusters in all locations of the specified project if --location is not specified and configuration container_bare_metal/location is not set.

Artifact Registry

  • Changed IAM policy translation logic in gcloud beta artifacts docker upgrade print-iam-policy.

Batch

  • Promoted Batch submit job optional job_id feature to beta and GA.

Cloud Build

  • Added --repository flag to gcloud builds triggers create manual, gcloud builds triggers create webhook and gcloud builds triggers create pubsub which supports creating manual, webhook or Pub/Sub trigger with 2nd-gen repository resource.

Cloud Dataproc

  • Added --staging-bucket flag to gcloud dataproc batches submit ... commands in GA. This sets staging bucket when creating batches.
  • Added --staging-bucket flag to gcloud dataproc session create ... commands in Preview. This sets staging bucket when creating sessions.

Cloud Firestore

  • Promoted firestore locations list to GA.

Cloud Run

  • Promoted gcloud run jobs deploy to GA, which allows creating or updating a Cloud Run job from a container image or source to build.

Cloud Storage

  • Added a preserve_symlinks option to gcloud storage cp and mv commands; when present, this option will cause file and directory symlinks to be represented by placeholder files in the cloud, and reconstructed as symlinks when downloaded.

Compute Engine

  • Promoted gcloud compute addresses move to GA.

Compute Firewall Rules

  • Added --bind-tags-to-instances flag to gcloud compute firewall-rules migrate to bind secure tags to VM instances.

Database Migration

  • Updated gcloud database-migration migration-jobs create to support customer-managed encryption key(CMEK).

Dataproc Metastore

  • Promoted gcloud metastore services alter-metadata-resource-location to GA.
  • Promoted gcloud metastore services alter-table-properties to GA.
  • Promoted gcloud metastore services move-table-to-database to GA.
  • Promoted gcloud metastore services query-metadata to GA.

Events

  • Removed gcloud beta events surface and all commands within. Please use gcloud eventarc instead.

Kubernetes Engine

  • Deprecated --linux-sysctls flag since --system-config-from-file is now used to config nodes.

Notebooks

  • Added --data-disk-type, --data-disk-size, --no-remove-data-disk to gcloud notebooks instances create to configure data disk.

Recaptcha

  • Added --private-key-file, --team-id, --key-id to recaptcha keys create for iOS keys. Providing these fields allows reCAPTCHA Enterprise to provide more accurate risk scores.
  • Added --private-key-file, --team-id, --key-id to recaptcha keys update for iOS keys. Providing these fields allows reCAPTCHA Enterprise to provide more accurate risk scores.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

430.0.0 (2023-05-09)

Breaking Changes

Google Cloud CLI

  • Fixed issue where gcloud auth enterprise-certificate-config create used cert_issuer instead of issuer for Windows and MacOS configurations.

AlloyDB

  • Added gcloud alloydb users <command> Users API to manage AlloyDB users.

Anthos On-Prem

  • Modified gcloud container vmware clusters list to return clusters in all locations of the specified project if --location is not specified and configuration container_vmware/location is not set.

App Engine

Bare Metal Solution

  • Promoted gcloud bms instance rename to GA.
  • Promoted gcloud bms networks rename to GA.
  • Promoted gcloud bms nfs-shares rename to GA.
  • Promoted gcloud bms volumes rename to GA.

Cloud Bigtable

  • Rebuilt cbt cli with go version 1.20.4 which fixed CVE-2022-41723.
  • Add ability to count rows for a prefix.

Cloud Bigtable Emulator

  • Rebuilt cbt emulator with go version 1.20.4 which fixed CVE-2022-41723.

Cloud Build

  • Added --git-source-revision flag to gcloud builds submit.
  • Added --git-source-dir flag to gcloud builds submit.

Cloud Firestore

  • Promoted firestore locations list to beta.

Cloud IAM

  • Added --web-sso-response-type and --web-sso-assertion-claims-behavior flag to gcloud iam workforce-pools providers create-oidc and gcloud iam workforce-pools providers update-oidc to allow user to setup web sso configuration.

Cloud Logging

  • Added --custom-learned-route-priority and --set-custom-learned-route-ranges flags of gcloud compute routers add-bgp-peer in beta to specify the custom learned route configuration.
  • Added --custom-learned-route-priority, --set-custom-learned-route-ranges, --add-custom-learned-route-ranges and --remove-custom-learned-route-ranges flags of gcloud compute routers update-bgp-peer in beta to specify the custom learned route configuration.

Cloud Pub/Sub

  • The gcloud pubsub pull command now waits for messages by default.
    • The --wait flag has been deprecated from gcloud beta pubsub pull command.
    • The --return-immediately flag has been added to gcloud beta pubsub pull command to support the old behavior.

Cloud Run

  • No longer sets the client.knative.dev/user-image annotation when deploying or updating Cloud Run Services and Jobs.
  • Fixes issue in gcloud run deploy and gcloud run services update where changing --port would fail due to health check errors.

Compute Engine

  • Update replica-zones support --create-disk=replica-zones for gcloud compute instances create.
  • Promoted gcloud compute addresses move to beta.
  • Added --user-ip-request-headers for gcloud compute security-policies update, and promoted it to beta.

Database Migration

  • Added a set of commands for gcloud database-migration private-connections to perform common (create, list, describe, delete) operations on private connections.
  • Updated gcloud database-migration connection-profiles create to support creating Oracle connection profiles.
  • Updated gcloud database-migration connection-profiles create to support connectivity in creating Postgresql connection profiles.
  • Added gcloud database-migrate conversion-workspaces that supports the following commands for creating and managing conversion workspaces: create, update, delete, list, describe, commit, rollback, seed, import-rules, convert, apply, list background jobs and describe entities.
  • Updated gcloud database-migration migration-jobs create to support heterogeneous migration jobs.

Kubernetes Engine

  • Added --enable-master-global-access flag of gcloud container clusters create-auto.

Looker

  • Launch Looker (Google Cloud core) for General Availability to the public.

Network Connectivity

  • Updated gcloud network-connectivity service-connection-policies create subnet flag field to accept resource arguments.

Network Services

  • Updated GA schema for gcloud network-services gateways.
  • This primarily impacts gateway import/export.
  • It includes SWG-specific changes so gateways of type SWG can be created.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

429.0.0 (2023-05-02)

Breaking Changes

  • (Compute Engine) Added rocky-9 option to --os flag for:
    • gcloud compute images import in GA,
    • gcloud compute instances import in GA
    • gcloud compute machine-images import in GA

Google Cloud CLI

  • Updated bundled-python cryptography package to 39.0.1 and PyOpenSSL to 23.0.0.

AlloyDB

  • Added --update-mode flag to gcloud alloydb instances update in alpha and beta tracks.

BigQuery

  • Added bq info command to print debug information.
  • Froze the request library to version '2.27.1' until python2 is removed.
  • Removed excess line of logging to stderr that was printed on most commands.
  • Improved error messaging for unsupported regions.
  • Added support for an encoding when creating a JSON backed external table.
  • Updated bundled urllib3.

Certificate Authority Service

  • Added --ignore_dependent_resources flag to gcloud privateca roots disable to allow a root CA to be disabled even if it is the last CA in its CA Pool while its CA Pool is being depended on by another cloud resource.
  • Added --ignore_dependent_resources flag to gcloud privateca subordinates disable to allow a subordinate CA to be disabled even if it is the last CA in its CA Pool while its CA Pool is being depended on by another cloud resource.
  • Added --ignore_dependent_resources flag to gcloud privateca roots delete to allow a root CA to be deleted even if its CA Pool is being depended on by another cloud resource.
  • Added --ignore_dependent_resources flag to gcloud privateca subordinates delete to allow a subordinate CA to be deleted even if its CA Pool is being depended on by another cloud resource.
  • Added --ignore_dependent_resources flag to gcloud privateca pools delete to allow a CA Pool to be deleted even if it is being depended on by another cloud resource.

Cloud Bigtable

  • Rebuilding cbt cli with go version 1.20.3 which fixed CVE-2022-41723.

Cloud Firestore Emulator

  • Release Cloud Firestore emulator v1.17.4
    • Added support for eventarc triggers(2nd gen)
    • Fix ListDocuments to have page token

Cloud Identity-Aware Proxy

  • Fixed a low throughput issue that appeared in some download cases for gcloud compute start-iap-tunnel.

Cloud Monitoring

  • Promoted gcloud monitoring snoozes commands to beta and GA.

Cloud Pub/Sub

  • Added --event-time flag to gcloud pubsub lite-topics publish to allow users to specify an event time when publishing a message.

Cloud Run

  • Updated gcloud beta run integrations list to display integrations across all regions by default when --region flag is not specified.

Cloud SQL

  • Promoted --threads-per-core flag for gcloud sql instances create and gcloud sql instances patch to GA.

Cloud Workstations

  • Added the beta workstations list-usable command which lists a user's usable workstations under a given configuration.
  • Added gcloud beta workstations get-iam-policy.
  • Added gcloud beta workstations set-iam-policy.
  • Added gcloud beta workstations configs get-iam-policy.
  • Added gcloud beta workstations configs set-iam-policy.

Compute Engine

  • Added "REGION" column in the output of gcloud compute ssl-certificates list.
  • Promoted --gateway-ip-version flag of gcloud compute vpn-gateways create to beta. Flag defines the IP version of VPN Gateway.
  • Allowed --interfaces flag to accept IPv6 addresses of gcloud beta compute external-vpn-gateways create.
  • Promoted support of regional instance template for gcloud compute instance-groups managed create to beta and GA.
  • Promoted support of regional instance template for gcloud compute instance-groups managed set-instance-template to beta and GA.
  • Promoted support of regional instance template for gcloud compute instance-groups managed rolling-action start-update to beta and GA.
  • Promoted --nat-name flag of gcloud compute routers get-nat-mapping-info to GA.

Distributed Cloud Edge

  • Added --lro-timeout for gcloud edge-cloud container clusters create which allows specifying a custom duration for the gcloud CLI to wait on LROs.

Identity and Access Management

  • Fixed issue with gcloud auth login --login-config=$LOGIN_CONFIG --no-browser not working on Linux machines due to terminal input limit.

Kpt

Kubernetes Engine

  • Added --enable-unstable-kubernetes-apis flag to gcloud containers cluster create and gcloud containers cluster update to facilitate enabling beta apis in kube-apiserver.

Network Connectivity

  • Made network field accept both resource identifier and path.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

428.0.0 (2023-04-25)

Breaking Changes

  • (Cloud Run) For gcloud beta run jobs deploy, gcloud run jobs create, and gcloud run jobs update, mark --execute-now and --async flags mutually exclusive.

Google Cloud CLI

  • Added --lifetime flag to gcloud auth application-default print-access-token to configure service account impersonation access token lifetime.
  • Duration flags now support fractional input.

Anthos Multi-Cloud

  • Promoted --enable-managed-prometheus flag of gcloud container aws clusters create to GA.
  • Promoted --enable-managed-prometheus and --disable-managed-prometheus flags of gcloud container aws clusters update to GA.
  • Promoted --enable-managed-prometheus flag of gcloud container azure clusters create to GA.
  • Promoted --enable-managed-prometheus and --disable-managed-prometheus flags of gcloud container azure clusters update to GA.
  • Fixed issue where --max-nodes, --min-nodes, and --max-pods-per-node flags of gcloud container aws node-pools create and gcloud container azure node-pools create were incorrectly documented as optional.

Anthos On-Prem

  • Added gcloud container bare-metal admin-clusters unenroll which removes Cluster API resources so that the cluster is no longer managed by the Anthos On-Prem API.
  • Added support for annotations in the container bare-metal clusters update command.

Cloud Bigtable

  • Rebuilding cbt cli with go version 1.20 which fixed cve-2023-24537.

Cloud Bigtable Emulator

  • Rebuilding cbt emulator with go version 1.20 which fixed cve-2023-24537.

Cloud Run

  • Added firebase-hosting integration type to gcloud beta run integrations command group.

Cloud Storage

  • Updated gsutil component to 5.23.

Cloud Tasks

  • Added gcloud beta tasks buffer which enables creation of an HTTP task without specifying the task body. It requires the parent queue to have an HTTP target override and is only enabled in the beta track.

Cloud Workstations

  • Added -labels flag to gcloud beta workstations create and gcloud beta workstations cluster create.

Compute Engine

  • Added --auto-network-tier flag of gcloud compute routers nats create and gcloud compute routers nats update in beta to select network tier to be used by NAT in auto mode.
  • Promoted flag --enforce-on-key-configs of gcloud compute security-policies rules create|update to GA.
  • Added --certificate-manager-certificates flag to gcloud compute target-https-proxies create/update to add a list of ssl certificates created in certificate-manager to the target https proxy.
  • Added --allow-psc-global-access flag of gcloud compute forwarding-rules <create|update> to v1.

Compute Firewall Policies

  • Promoted --src-threat-intelligence and --dest-threat-intelligence flags to GA in gcloud compute firewall-policies rules create , gcloud compute firewall-policies rules update , gcloud compute network-firewall-policies rules create and gcloud compute network-firewall-policies rules update commands.
  • Promoted --src-region-codes and --dest-region-codes flags to GA in gcloud compute firewall-policies rules create , gcloud compute firewall-policies rules update , gcloud compute network-firewall-policies rules create and gcloud compute network-firewall-policies rules update commands.
  • Promoted --src-fqdns and --dest-fqdns flags to GA in gcloud compute firewall-policies rules create/update and gcloud compute network-firewall-policies rules create/update commands.
  • Promoted --src-address-groups and --dest-address-groups flags to GA in gcloud compute firewall-policies rules create/update and gcloud compute network-firewall-policies rules create/update commands.

Kubernetes Engine

  • Added --location flag to clusters, node-pools, and operations surfaces as a simpler alternative to --zone or --region.
  • Updated default kubectl from 1.24.12 to 1.24.13.
  • Additional kubectl versions:
    • kubectl.1.21 (1.21.14)
    • kubectl.1.22 (1.22.17)
    • kubectl.1.23 (1.23.17)
    • kubectl.1.24 (1.24.13)
    • kubectl.1.25 (1.25.9)
    • kubectl.1.26 (1.26.4)

Network Security

  • Added gcloud network-security server-tls-policies describe to alpha and beta.
  • Promoted gcloud network-security gateway-security-policies to GA.
  • Promoted gcloud network-security gateway-security-policies rules to GA.
  • Promoted gcloud network-security url-lists to GA.
  • Promoted gcloud network-security tls-inspection-policies to GA.

Public CA

  • Promoted gcloud publicca to GA.

Security Command Center

  • Fixed gcloud scc findings list to provide descriptive error message when parent argument is omitted.

Transcoder

  • Added support for --mode flag when creating a new job.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

427.0.0 (2023-04-18)

Breaking Changes

  • (Google Cloud CLI) Deprecated Python 2. The minimum supported Python version is Python 3.5.
  • (Cloud Datastore) Remove gcloud datastore databases create after version 427.0.0. Please use gcloud firestore database update --type=datastore-mode instead.
  • (Cloud Firestore) Switched firestore database create to use Firestore API.
  • (Cloud Firestore) Deprecated --region in gcloud firestore database create. Use --location to specify the database location.

Google Cloud CLI

  • Added --lifetime flag to gcloud auth print-access-token to configure service account impersonation access token lifetime.

App Engine

Artifact Registry

  • Promoted gcloud artifacts googet command group to GA.

BigQuery

  • Removed restrictions to what locations can be used with --location when combined with --use_regional_endpoints.
  • Improved Format RANGE<TIMESTAMP> formatting.

Certificate Authority Service

  • Added ignore_dependent_resources parameter to disable CA, delete CA, and delete CA Pool. These commands would normally fail if the CA Pool would be in a state where it's not able to issue certificates while there's a resource that depends on it. This flag skips the check and may cause unintended and unrecoverable effects on any dependent resource(s) since the CA Pool would no longer be able to issue certificates.

Cloud Firestore

  • Promoted firestore databases describe to beta.
  • Promoted firestore databases update to beta.
  • Promoted firestore databases list to beta.
  • Promoted firestore databases describe to GA.
  • Promoted firestore databases update to GA.
  • Promoted firestore databases list to GA.

Cloud Firestore Emulator

  • Release Cloud Firestore emulator v1.16.2
    • Fixed an issue where some http/1 headers were causing 400 errors.

Cloud On Demand Scanning

  • Updated local-extract component to 1.5.8 to allow it to run in environments without glibc.

Cloud Run

  • Promoted --session-affinity to GA for --platform=managed for gcloud run deploy and gcloud run services update.
  • Promoted --add-custom-audiences, --clear-custom-audiences, --remove-custom-audiences and --set-custom-audiences to beta for --platform=managed for gcloud run deploy and gcloud run services update.

Cloud SQL

  • Added PostgreSQL 15 to database versions.

Cloud Spanner

  • Added database drop protection column to gcloud spanner databases list command.

Cloud Storage

  • Promoted gcloud storage insights commands to GA.

Cloud TPU

  • Add gcloud compute tpus topologies list to list available TPUs by chip topology.

Cloud Workstations

  • Adding support for labels in the beta workstations config create and beta workstations config update commands.

Compute Engine

  • Updated the scope flags --zone or --region of the primary disk, --secondary-disk-zone or --secondary-disk-region of the secondary disk to be required for gcloud compute disks start-async-replication.

Dataproc Metastore

  • Added support for Dataproc Metastore admin interface. The following commands have been added to alpha/beta release tracks:
    • metastore services alter-table-properties

Events

  • Deprecated gcloud beta events surface and all commands within. This surface will be removed in an upcoming release. Please use gcloud eventarc instead.

GKE Hub

  • Added --location flag to gcloud container fleet memberships register and gcloud beta container fleet memberships register.
  • If --location is not specified when registering GKE clusters, Membership region is selected to match to GKE cluster location by default.
  • If --location is not specified when registering non-GKE clusters, Membership region is selected as "global" by default.

Kpt

Kubernetes Engine

  • Added --addons=GcsFuseCsiDriver to gcloud beta container clusters create and --update-addons=GcsFuseCsiDriver to gcloud beta container clusters update to enable/disable the Cloud Storage FUSE Container Storage Interface (CSI) Driver.
  • Allow --enable-managed-prometheus or --disable-managed-prometheus flag to be passed with --logging and --monitoring flags at the same time in gcloud container clusters update.
  • Added --additional-pod-ipv4-ranges and --remove-additional-pod-ipv4-ranges flags of gcloud container clusters update to GA.

Network Connectivity

  • Renamed 'psc-subnetworks' field to 'subnets' based on review comments.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

426.0.0 (2023-04-11)

Breaking Changes

  • (Cloud Firestore) Switched firestore database create to use Firestore API after version 427.0.0.
  • (Cloud Firestore) Deprecated --region in gcloud firestore database create. Use --location to specify the database location. --region flag will be remove after version 427.0.0.

Anthos On-Prem

  • Promoted gcloud container vmware to beta.
  • Promoted gcloud container bare-metal to beta.

App Engine

Batch

  • Added no-external-ip-address flag to gcloud batch job submit.

BigQuery

  • Added warning when apilog flag is missing that the logging level is being lowered.

Cloud Bigtable

  • Clarified the functionality of --transactional-writes flag in gcloud bigtable app-profiles update.

Cloud Build

  • Hide --repository flag in gcloud builds triggers create manual, gcloud builds triggers create webhook and gcloud builds triggers create pubsub.

Cloud Dataflow

  • Added JAVA17 to gcloud dataflow flex-template command SDK Language options, allowing users to submit Flex Template jobs using Java 17.

Cloud Filestore

  • Added gcloud filestore instances revert command in GA to revert a filestore instance to specific snapshot.

Cloud Functions

  • Updated gcloud functions deploy to no longer require the flag --gen2 when updating an existing 2nd gen function. This aligns with the existing behavior of other commands. You can disable this behavior and only work with 1st gen functions by either adding --no-gen2 to a command or by setting the functions/gen2 config property to off.

Cloud Memorystore

  • Change to current default from latest for --maintenance-version flag in gcloud redis instances update to allow updating to the current default maintenance version.

Cloud Org Policy

  • Added --update-mask flag to gcloud org-policies reset command to support partial reset of policies (e.g, reset only dry-run policy spec or live policy spec).

Cloud Run

  • Promoted --cpu-boost to GA for --platform=managed for gcloud run deploy.

Cloud Workflows

  • Added the call-log-level flag to gcloud workflows deploy, and add the log-none value to the call-log-level flag for gcloud workflows <execute|run>, to specify no call logging even if logging was specified at the workflow level.

Compute Engine

  • Promoted --max-count-per-zone flag of gcloud compute instances bulk create to beta. Flag defines maximum number of instances that can be created per zone for regional bulk insert.
  • Added SEV_LIVE_MIGRATABLE to the list of guestOsFeatures.
  • Rearranged gcloud compute images import source flags by moving --source-file & --source-image to the beginning.

Network Connectivity

  • Added gcloud network-connectivity service-connection-policies create and gcloud network-connectivity service-connection-policies delete commands.
  • Added gcloud network-connectivity service-connection-policies list and gcloud network-connectivity service-connection-policies describe commands.

Security Command Center

  • Promoted gcloud scc custom-modules sha to GA.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

425.0.0 (2023-04-04)

Breaking Changes

  • (Compute Engine) Migrate single request gcloud compute commands from the compute batch
  • (Compute Engine) endpoint to region-specific endpoints.

App Engine

  • Removed InvalidInstanceIpModeError exception from gcloud.app.instances.ssh because SSH is now supported for all Instance Ip Modes.

Artifact Registry

  • Added gcloud beta artifacts docker upgrade print-iam-policy.

Certificate Manager

  • Promoted gcloud certificate-manager trust-configs delete to beta.
  • Promoted gcloud certificate-manager trust-configs describe to beta.
  • Promoted gcloud certificate-manager trust-configs export to beta.
  • Promoted gcloud certificate-manager trust-configs import to beta.
  • Promoted gcloud certificate-manager trust-configs list to beta.

Cloud Access Context Manager

  • Added --dry-run-level flag to gcloud access-context-manager cloud-bindings to test cloud-binding before enforcing them.

Cloud Build

  • Update wait timeout for gcloud builds worker-pools create and gcloud builds worker-pools delete commands to 1h.

Cloud Functions

  • Updated gcloud functions add-iam-policy-binding, gcloud functions call, gcloud functions delete, gcloud functions get-iam-policy, gcloud functions remove-iam-policy-binding, and gcloud functions set-iam-policy to no longer require the flag --gen2 when operating on a 2nd gen function. This aligns with the existing behavior of gcloud functions describe. You can disable this behavior and only work with 1st gen functions by either adding --no-gen2 to a command or by setting the functions/gen2 config property to off.

Cloud IAM

  • Added gcloud iam workload-identity-pools providers keys commands to manage workload identity pool provider keys.

Cloud Workstations

  • Adding support for the customer managed encryption key and encryption key service account flags in the beta workstations config create command.

Compute Engine

  • Enable "Uniform Bucket Level Access" by default for the temporary Cloud Storage buckets created in gcloud compute images import and gcloud compute images export.
  • Promoted --source-ip-ranges flag of gcloud compute forwarding-rules [create|update] to GA.

Database Migration

  • Added --allocated-ip-range flag to gcloud database-migration connection-profiles create cloudsql to allow selecting an allocated IP range for VPC peering.
  • Added --alloydb-cluster flag to gcloud database-migration connection-profiles create to allow creating a connection profile with an existing AlloyDB cluster.
  • Added --alloydb-cluster flag to gcloud database-migration connection-profiles update to allow configuring a connection profile with an existing AlloyDB cluster.

Network Security

  • Promoted gcloud network-security tls-inspection-policies to beta.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

424.0.0 (2023-03-28)

Breaking Changes

  • (Artifact Registry) Fixed issue where the default table format was used when --show-occurrences flag was passed in, even though that format prevented occurrences from being displayed. Changed to use the default format when the flag is used. Use the same command without --show-occurrences to get the old behavior.

Artifact Registry

  • Allow using gcloud beta artifacts images describe with Artifact Registry repos that use gcr.io domain.
  • Promoted artifacts settings describe artifacts settings enable-upgrade-redirection, and artifacts settings disable-upgrade-redirection commands to GA.

BigQuery

  • Fixed issue storing --api flag in the .bigqueryrc file.
  • Added the option for three-year capacity commitment plans.
  • Updated wcwidth to version 0.2.6.

Certificate Manager

  • Promoted gcloud certificate-manager issuance-configs to GA.

Cloud Build

  • Added --default-buckets-behavior flag to gcloud builds submit.

Cloud Deploy

  • Added gcloud deploy rollouts advance to alpha and beta.
  • Added gcloud deploy rollouts cancel to alpha and beta.
  • Added gcloud deploy rollouts ignore-job to alpha and beta.
  • Added gcloud deploy job-runs terminate to alpha and beta.
  • Added starting-phase-id flag to gcloud deploy targets redeploy.
  • Added starting-phase-id flag to gcloud deploy targets rollback.
  • Added starting-phase-id flag to gcloud deploy releases promote.
  • Added initial-rollout-phase-id flag to gcloud deploy releases create.

Cloud Memorystore

  • Added --maintenance-version flag to gcloud redis instances update to allow updating a maintenance version when updating an instance.

Cloud Run

  • Promoted gcloud run jobs command group and its sub-commands to GA, except for the following commands:
    • gcloud beta run jobs deploy
    • gcloud beta run jobs logs
    • gcloud beta run jobs executions logs
  • Promoted --encryption-key-shutdown-hours and --clear-encryption-key-shutdown-hours flags of gcloud run deploy and gcloud run services update to GA for --platform=managed.

Cloud SQL

  • Added gcloud sql instances reencrypt, which re-encrypts a Cloud SQL CMEK instance with the current primary key version in alpha.

Cloud TPU

  • Update gcloud compute tpus tpu-vm create to allow configuration of TPUs with chip topology using --type and --topology flags.

Compute Engine

  • Promoted disk-consistency-group argument of gcloud compute resource-policies create to beta.
  • Promoted --primary-disk, --primary-disk-project, --primary-disk-region, and --primary-disk-zone of gcloud compute disks create to beta.
  • Promoted gcloud compute disks start-async-replication to beta.
  • Promoted gcloud compute disks stop-async-replication to beta.
  • Promoted gcloud compute disks stop-group-async-replication to beta.
  • Promoted gcloud compute disks bulk create to beta.
  • Fixed documentation for --update-policy-max-surge and --update-policy-replacement-method flags.
  • Promoted --queue-count flag in --network-interface of gcloud compute instance-templates create to GA.
  • Promoted --queue-count flag in --network-interface of gcloud compute instances bulk create to GA.

Database Migration

  • Added demote-destination request to gcloud database-migration migration-jobs to allow demoting the destination of a migration job.

Dataproc Metastore

  • Promoted the custom-routes-enabled boolean value to the network-config-from-file flag of gcloud metastore services create to v1alpha and v1beta.
  • Fixed issue where commands including an --instance-size flag would fail if the user specified an enum value of EXTRA_SMALL or EXTRA_LARGE.

Eventarc

  • Added --event-data-content-type flag to gcloud eventarc triggers create and gcloud eventarc triggers update to label the type of payload in MIME format that is expected from the CloudEvent data field.

Kpt

Kubernetes Engine

  • Updates default kubectl from 1.24.11 to 1.24.12.
  • Additional kubectl versions:
    • kubectl.1.21 (1.21.14)
    • kubectl.1.22 (1.22.17)
    • kubectl.1.23 (1.23.17)
    • kubectl.1.24 (1.24.12)
    • kubectl.1.25 (1.25.8)
    • kubectl.1.26 (1.26.3)

Network Security

  • Promoted gcloud network-security url-lists to beta.
  • Promoted gcloud network-security gateway-security-policies to beta.
  • Promoted gcloud network-security gateway-security-policy-rules to beta.

Recaptcha

  • Added --support-non-google-app-store-distribution to recaptcha keys create that enables support for non-Google Play Store distributed applications for the key.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

423.0.0 (2023-03-21)

Google Cloud CLI

  • Added gcloud auth enterprise-certificate-config to create enterprise-certificate configurations.
  • Disabled mTLS during installation.
  • Fixed crash that occurred when parsing certain repeated dictionary-type flags if duplicate keys were provided or if invalid choices for another flag were specified afterwards.
  • Improved post-processing times during gcloud components update and gcloud components install on Windows.

App Engine

  • Updated the Java SDK to version 2.0.12 build from the open source project https://github.com/GoogleCloudPlatform/appengine-java-standard/releases/tag/v2.0.12.
  • Fixed a DevAppServer issue where in some scenarios, the class io.opencensus.trace.propagation.TextFormat could not be found.
  • Added --tunnel-through-iap flag to gcloud app instances ssh. Using this flag lets you use an Identity-Aware Proxy (IAP) tunnel when attempting to SSH into an App Engine flexible environment instance without an external IP address.
  • Updated the Go SDK to version 1.9.73. Please visit the following release notes for details: https://cloud.google.com/appengine/docs/go/release-notes.
  • Added --tunnel-through-iap flag to gcloud app instances scp. Using this flag lets you use an Identity-Aware Proxy (IAP) tunnel when attempting to SCP to/from an App Engine flexible environment instance without an external IP address.

Artifact Registry

  • Updated gcloud artifacts docker images describe and gcloud artifacts docker images list to return occurrences when an occurrence filter is used, even if the user does not explicitly say to show occurrences.

  • Added --immutable-tags flag to gcloud artifacts repositories create and gcloud artifacts repositories update.

Bare Metal Solution

  • Promoted gcloud bms ssh-keys list to GA.
  • Promoted gcloud bms ssh-keys add to GA.
  • Promoted gcloud bms ssh-keys remove to GA.

Cloud Build

  • Added --repository flag to gcloud builds triggers create manual, gcloud builds triggers create webhook and gcloud builds triggers create pubsub.

Cloud Dataproc

  • Added --ttl flag to gcloud dataproc batches submit commands in GA. This sets a workload TTL when creating batches.

Cloud Firestore Emulator

  • Released Cloud Firestore emulator v1.16.1
    • Fixed: support read_time in ListCollectionIds

Cloud Healthcare

  • Added gcloud healthcare fhir-stores metrics which allows users to retrieve metrics associated with a FHIR store.

Cloud Key Management Service

  • Added --key-management-mode and --crypto-space-path to gcloud kms ekm-connections that is used when creating coordinated external keys.
  • Added gcloud kms ekm-config commands which enables setting configuration values for EKM users.

Compute Engine

  • Promoted --aws-* flags of gcloud compute images import to GA.
  • Promoted gcloud compute sole-tenancy node-groups simulate-maintenance-event to GA.

Database Migration

  • Added --availability-type flag to gcloud database-migration connection-profiles create to allow configuring the availability type on the destination Cloud SQL instance.
  • Added --secondary-zone flag to gcloud database-migration connection-profiles create to allow configuring the secondary zone of the destination Cloud SQL instance when regional availability type is used.

Kubernetes Engine

  • Added --enable-fleet flag to gcloud container clusters create, gcloud container clusters create-auto and gcloud container clusters update in alpha, beta track.
  • Added --fleet-project flag to gcloud container clusters create, gcloud container clusters create-auto and gcloud container clusters update in alpha, beta track.
  • Added --clear-fleet-project flag to gcloud container clusters update in alpha, beta track.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

422.0.0 (2023-03-14)

Breaking Changes

  • (Cloud Pub/Sub) Fixed output format of gcloud schemas list and gcloud schemas list-revisions to remove the DEFINITION column if --view is not FULL.

Google Cloud CLI

  • Added gcloud auth enterprise-certificate-config to create enterprise-certificate configurations.

Anthos Multi-Cloud

  • Added --clear-client flag to gcloud container azure clusters update to clear the Azure client. This flag is required when updating to use Azure workload identity federation from Azure client to manage Azure resources.

App Engine

  • Updated the Python App Engine devappserver to support a new flag --python_virtualenv_path. It is an optional directory that will be used to setup a Python 3 virtual env for the local devappserver execution environment for Python 3 applications. If the path does not exist it will be created and it will not be cleanup at the end of the devappserver execution, allowing for caching between invocations. If not defined, a temporary directory will be used and cleaned up at the end of the execution.

Artifact Registry

  • gcloud beta artifacts settings enable-upgrade-redirection command no longer requires creating missing repos.

Bare Metal Solution

  • Promoted gcloud bms instances enable-serial-console to GA.
  • Promoted gcloud bms instances disable-serial-console to GA.

BigQuery

  • Updated the bundled google auth libraries.
  • Updated bundled libraries to use charset_normalizer with the request library.

Cloud Datastream

  • Added the max_concurrent_backfill_tasks support to --mysql-source-config, --oracle-source-config, --postgresql-source-config flags in gcloud datastream streams.

Cloud Functions

  • Preview of the CMEK support for Cloud Functions, 2nd Gen. In particular, promoted --docker-repository, --kms-key, --clear-docker-repository and --clear-kms-key flags of gcloud functions deploy --gen2 to beta.

Cloud Run

  • Removed --condition flag from gcloud run {services,jobs} {add,remove}-iam-policy-binding.

Cloud Workflows

  • Added --revision-id flag to gcloud workflows describe to allow retrieving the source code of a workflow at a specific revision.

Cloud Workstations

  • Added gcloud beta workstations configs update which updates a specified
  • Added gcloud beta workstations ssh which SSH's into a specified workstation. workstation configuration.

Compute Engine

  • Added --plan to gcloud compute commitments update to support commitment term upgrade.
  • Promoted gcloud compute security-policies rules add-preconfig-waf-exclusion|remove-preconfig-waf-exclusion to GA.
  • Promoted --queue-count flag in --network-interface of gcloud compute instances create to GA.
  • Promoted --internal-ipv6-address flag of gcloud compute instances create to GA.
  • Promoted --internal-ipv6-prefix-length flag of gcloud compute instances create to GA.
  • Added new ADVANCED_PREVIEW enum option to --network-ddos-protection flag of gcloud compute security-policies update in alpha and beta.

GKE Hub

  • Changed gcloud container fleet memberships unregister command to assume membership region based on gke cluster region by default.

Network Connectivity

  • Fixed issue where sort-by arguments in list spoke command produced type validation errors.

Recaptcha

  • Support creating express enabled site keys using recaptcha keys create --waf-feature=express.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

421.0.0 (2023-03-07)

Artifact Registry

  • Fixed an issue where gcloud artifacts docker images list does not return nested images.

BigQuery

  • Extended third-party identity login to support a web-based 3-legged OAuth flow.
  • Extended ls -p to page through all projects.
  • Extended --format for load to support more formats.
  • Removes some unneeded shipped libraries.
  • Added logging support for all exceptions when --apilog is present.
  • Added --encoding for load to support csv encodings.
  • Updated the bundled cachetools library.

Cloud Filestore

  • Added --instance-location flag to gcloud filestore instances snapshots create, which accepts either a zone or region and allows clients to create Enterprise and HighScale snapshots.
  • Added --instance-location flag to gcloud filestore instances snapshots delete, which accepts either a zone or region and allows clients to delete Enterprise and HighScale snapshots.
  • Added --instance-location flag to gcloud filestore instances snapshots list, which accepts either a zone or region and allows clients to list Enterprise and HighScale snapshots.
  • Added --instance-location flag to gcloud filestore instances snapshots update, which accepts either a zone or region and allows clients to update Enterprise and HighScale snapshots.
  • Added --instance-location flag to gcloud filestore instances snapshots describe, which accepts either a zone or region and allows clients to describe Enterprise and HighScale snapshots.

Cloud Pub/Sub

  • Fixed gcloud schemas commit to raise an Invalid Argument error if --type is not equal to protocol-buffer, protocol_buffer, or avro.

Cloud Services

  • Added key-string support for undelete command for api_keys in beta.

Cloud Spanner

  • Promoted gcloud spanner databases roles list to GA.
  • Promoted --database-role flag in gcloud spanner databases execute-sql to GA.

Cloud Storage

  • Updated gsutil component to 5.21.

Cloud Workflows

  • Added --labels flag to gcloud workflows <execute|run> to allow adding execution specific labels.

Cloud Workstations

  • Fixed issue with the custom container image not being properly set in gcloud beta workstations configs create.

Compute Engine

  • Added --encryption to gcloud compute interconnects attachments dedicated create to add encryption option for dedicated interconnect attachment (VLAN attachment).
  • Added --encryption to gcloud compute interconnects attachments partner create to add encryption option for partner interconnect attachment (VLAN attachment).
  • Added --ipsec-internal-addresses to gcloud compute interconnects attachments dedicated create to add list of addresses that have been reserved for dedicated interconnect attachment (VLAN attachment).
  • Added --ipsec-internal-addresses to gcloud compute interconnects attachments partner create to add list of addresses that have been reserved for partner interconnect attachment (VLAN attachment).
  • Added --encrypted-interconnect-router to gcloud compute routers create to indicate that the router is dedicated for use with encrypted interconnect attachments (VLANs).
  • Added --interconnect-attachments to gcloud compute vpn-gateways create to add interconnect attachments (VLAN attachments) associated with the VPN gateway interfaces.
  • Added 9 to allowed list of values for --version of gcloud beta compute instances ops-agents policies [create|update].
  • Promoted --locality_lb_policy flag of gcloud compute backend-services create/update to GA.
  • Added --max-run-duration and --termination-time flags in gcloud compute instances set-scheduling to beta.
  • Added --clear-max-run-duration and --clear-termination-time flags in gcloud compute instances set-scheduling to beta.
  • Promoted --endpoint-types flag in gcloud compute routers nats create to GA.

Dataproc Metastore

  • Promoted --auxiliary-versions flag of gcloud metastore services create to GA. Modified flag to no longer be mutually exclusive with --consumer-subnetworks and --network-config-from-file.
  • Promoted --auxiliary-versions-from-file flag of gcloud metastore services create to GA. Modified flag to no longer be mutually exclusive with --consumer-subnetworks and --network-config-from-file.
  • Promoted --instance-size flag of gcloud metastore services create and gcloud metastore services update to GA.
  • Added --instance-size flag to gcloud metastore services create and gcloud metastore services update to specify a service instance size.
  • Promoted --scaling-factor flag of gcloud metastore services create and gcloud metastore services update to GA.
  • Added --scaling-factor flag to gcloud metastore services create and gcloud metastore services update to specify a service scaling factor.
  • Modified --tier flag of gcloud metastore services create and gcloud metastore services update to be mutually exclusive with --instance-size and --scaling-factor in all release tracks.

Identity and Access Management

  • Added support for credential sharing with bq and gsutil when using browser-based sign-in with Workforce identity federation to authenticate with the Google Cloud CLI via gcloud auth login.

Kpt

Kubernetes Engine

  • Prevent overwriting directory permission when KUBECONFIG contains empty entry or a directory. Instead, raise an error.
  • Updates default kubectl from 1.24.10 to 1.24.11.
  • Additional kubectl versions:
    • kubectl.1.21 (1.21.14)
    • kubectl.1.22 (1.22.17)
    • kubectl.1.23 (1.23.17)
    • kubectl.1.24 (1.24.11)
    • kubectl.1.25 (1.25.7)
    • kubectl.1.26 (1.26.2)

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

420.0.0 (2023-02-28)

Breaking Changes

  • (Cloud Firestore) Switched firestore beta database create to use Firestore API.
  • (Cloud Firestore) Added --type, --location and --database to gcloud beta firestore database create.
  • (Cloud Firestore) Removed --region in gcloud beta firestore database create. Use --location instead.

App Engine

  • Added support for App Engine go runtime versions 116, 117, 118, 119, 120.

BigQuery

  • Updated messaging for the use_legacy_sql flag.
  • Added stack trace logging for errors when the apilog flag is used.
  • Removed unnecessary fetches for data transfer commands.

Certificate Authority Service

  • Added name constraints arguments to gcloud privateca roots create to allow configuring certificate authorities with name constraints.
  • Added name constraints arguments to gcloud privateca subordinates create to allow configuring certificate authorities with name constraints.
  • Added name constraints arguments to gcloud privateca certificates create to allow configuring certificate authorities with name constraints.

Cloud Composer

  • Update warning message when running commands that use the default Cloud Composer version, which was changed recently from 1 to 2.

Cloud Functions

  • Fixed issue where gcloud functions deploy would crash on updating an existing function with VPC Connector when --egress-settings flag was specified.
  • Added warning and prompting to gcloud functions add-iam-policy-binding about needing to bind the roles/run.invoker role for 2nd gen functions.

Cloud Key Management Service

  • Added gcloud beta kms inventory which allows viewing and tracking of keys across cloud resources.

Cloud Logging

  • Promoted buckets create --enable-analytics to GA.
  • Added buckets update --enable-analytics to GA track.
  • Removed deprecated buckets update --enable-loglink from ALPHA track.
  • Added --async option to the buckets create and buckets update commands.
  • Added links command group implementation.

Compute Engine

  • Promoted --queue-count flag in --network-interface of gcloud compute instances create to beta.
  • Promoted --stack-type flag of gcloud compute instances bulk create to GA.
  • Promoted gcloud compute disks update to GA.
  • Promoted --provisioned-iops flag of gcloud compute disks update to GA.

GKE Hub

  • Added gcloud container fleet scopes|namespaces which allows users to manage Fleet Tenancy.

Identity and Access Management

Pubsub Emulator

  • Added support for updating schemas.
  • Fixed the inability to create topics, subscriptions, and schemas when using the gcloud CLI.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

419.0.0 (2023-02-22)

App Engine

Artifact Registry

  • Fix issue where artifacts repositories create failed unconditionally.

Cloud Datastream

  • Added new --full-hierarchy and --hierarchy-depth flags for connection-profiles discover.
  • Deprecated --recursive and --recursive-depth flags for connection-profiles-discover.

Cloud Functions

  • Added support for Docker package format {location}-docker.pkg.dev/{project}/{repository} to --docker-repository flag of gcloud functions deploy.
  • Fixed issue where gcloud functions deploy fails if the user doesn't have the permission serviceusage.services.get.

Cloud Logging

  • Promote --logging-optional and --logging-optional-fields flags of gcloud compute backend-services create and gcloud compute backend-services update to GA.

Cloud Run

  • Promoted gcloud beta run jobs executions logs read to beta, which reads logs from a selected resource.
  • Promoted gcloud beta run jobs executions logs tail to beta, which tail logs from a selected resource.

Cloud Storage

  • gcloud storage cp will now silently ignore the Content-MD5 header for parallel composite uploads.
  • gcloud storage hash has been promoted to GA.

Firebase Test Lab

  • Promoted --client-details flag of gcloud firebase test [android|ios] run to GA. This flag can be used to provide additional details to attach to the test matrix, including a matrixLabel to help you identify and locate your test in the Firebase console.

Recaptcha

  • Support creating Fastly enabled site keys using recaptcha keys create --waf-service=fastly.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

418.0.0 (2023-02-14)

Breaking Changes

  • (Cloud Dataproc) Modified --job-id and --yarn_application_id flags to --job-ids and --yarn-application-ids respectively in gcloud dataproc clusters diagnose command. These flags can now accept a comma separated list of job ids and yarn app ids instead of a single value.

Google Cloud CLI

  • Defined "quota_project" in gcloud auth application-default set-quota-project command documentation.
  • Launched the enterprise-certificate-proxy component. See more at $ gcloud topic client-certificate.

AI

  • Added gcloud ai models copy which copies a model.

AlloyDB

  • Added --clear-continuous-backup-encryption-key flag to gcloud beta alloydb clusters update to support clearing a custom encryption configuration for Continuous Backups.
  • Added following flags of gcloud alloydb instances create and gcloud alloydb instances update to alpha, beta and GA:
    • --insights-config-query-string-length
    • --insights-config-query-plans-per-minute
    • --insights-config-record-application-tags
    • --insights-config-record-client-address

Artifact Registry

  • Adding new command gcloud artifacts vpcsc-config allow --project=my-proj --location=us-west1.
  • Adding new command gcloud artifacts vpcsc-config deny --project=my-proj --location=us-west1.
  • Adding new command gcloud artifacts vpcsc-config describe --project=my-proj --location=us-west1.
  • Adding new command gcloud artifacts repositories create my-repo --project=my-project --repository-format=maven --location=us-east1 --description="My test repo" --mode=virtual-repository --upstream-policy-file=policy.json.
  • Adding new command gcloud artifacts repositories create my-repo --project=my-project --repository-format=python --location=us-east1 --description="My python repo" --mode=remote-repository --remote-repo-config-desc="test python remote repo" --remote-python-repo=PYPI.
  • Adding new command gcloud artifacts repositories create my-repo --project=my-project --repository-format=npm --location=us-east1 --description="My npm repo" --mode=remote-repository --remote-repo-config-desc="test npm remote repo" --remote-npm-repo=NPMJS.
  • Adding new command gcloud artifacts repositories create my-repo --project=my-project --repository-format=maven --location=us-east1 --description="My test repo" --mode=remote-repository --remote-repo-config-desc="test maven remote repo" --remote-mvn-repo=MAVEN-CENTRAL.
  • Adding new command gcloud artifacts repositories create my-repo --project=my-project --repository-format=docker --location=us-east1 --description="no CRM permission" --mode=remote-repository --remote-repo-config-desc="test docker remote repo" --remote-docker-repo=DOCKER-HUB.

BigQuery

  • Added SPARK reservation assignment.
  • Added main class option for Spark procedures.
  • Added support for bi-engine reservation paths.

Cloud DNS

  • Fixed issue with gcloud dns response-policies being unable to update gkeclusters flag in GA.
  • Updated gcloud dns record-sets create and gcloud dns record-sets update to allow referencing forwarding rules by their full resource path.

Cloud Datastream

  • Modified Create/Update Stream flags that use a JSON/YAML file to use camelCase field naming instead of snake_case, to match the REST API. Old snake_case configuration files will still be supported.

Cloud Filestore

  • Added --location flag to gcloud filestore instances snapshots create, which accepts either a zone or region and allows clients to create Enterprise and HighScale snapshots.
  • Added --location flag to gcloud filestore instances snapshots delete, which accepts either a zone or region and allows clients to delete Enterprise and HighScale snapshots.
  • Added --location flag to gcloud filestore instances snapshots list, which accepts either a zone or region and allows clients to list Enterprise and HighScale snapshots.
  • Added --location flag to gcloud filestore instances snapshots update, which accepts either a zone or region and allows clients to update Enterprise and HighScale snapshots.
  • Added --location flag to gcloud filestore instances snapshots describe, which accepts either a zone or region and allows clients to describe Enterprise and HighScale snapshots.

Cloud Firestore

  • Added --api-scope and --query-scope support for Firestore Index Create.

Cloud Key Management Service

  • Set --location and --keyring as required flags for commands set-primary-version, set-rotation-schedule, get-rotation-schedule, set-iam-policy, get-iam-policy.

Cloud Logging

  • Allow for protocols TCP, UDP and UNSPECIFIED in gcloud compute backend-services create and gcloud compute backend-services update.
  • Added --logging-optional and --logging-optional-fields flags of gcloud compute backend-services create and gcloud compute backend-services update in beta to specify the optional fields to be added to the reported logs.

Cloud Run

  • Fixed an issue where gcloud run delete commands report error sometimes even though the deletion succeeded.

Cloud Storage

  • Updated gsutil component to 5.20.
  • All gcloud storage commands that accept JSON files now also support YAML.

Compute Engine

  • Promoted --resource-policies flag for glcloud compute reservations createto to GA.

Distributed Cloud Edge

  • Introduced the GDCE version for cluster, machine, and node-pool as output during list and describe operations.
  • Added gcloud edge-cloud networking which allows users to configure the networking configurations on the ToRs to support customer workloads which are running in Google Distributed Cloud Edge Clusters.

Stackdriver Debugger

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

417.0.1 (2023-02-08)

App Engine Flexible Environment

  • Fixing issue where App Engine Flex users cannot deploy their PHP, Java or Python applications via gcloud 417.0.0.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

417.0.0 (2023-02-07)

Breaking Changes

  • (Cloud IoT) Added --device-field-mask flag to gcloud iot devices list to have override possibility for device fieldMask. In case the API response does not include the blocked field for any of the devices, the BLOCKED column will disappear from the results table.

Google Cloud CLI

  • Defined "quota_project" in gcloud auth application-default set-quota-project command documentation.

Anthos Multi-Cloud

  • Modified gcloud container azure clients create to wait for the returned long-running operation. Use --async flag to get the old behavior.
  • Modified gcloud container azure clients delete to wait for the returned long-running operation. Use --async flag to get the old behavior.

Cloud Composer

  • Added warning message when running commands that use the default Cloud Composer version, which will be changed soon.

Cloud Logging

  • Updated gcloud logging buckets list command to include CMEK enabled or disabled setting.

Cloud Run

  • Promoted gcloud run jobs deploy to beta, which allows creating or updating a Cloud Run job from a container image or source to build.

Compute Engine

  • Added REGION column to default output of gcloud compute target-https-proxies list.
  • Promoted gcloud compute network-attachments to GA.

Distributed Cloud Edge

  • Promoted --vpc-project to gcloud edge-cloud container vpn-connections create to create resources in a different GCP project than the GDCE cluster project.

Firebase Test Lab

  • Promoted gcloud firebase test [android|ios] list-device-capacities to GA. This feature can inform your test decisions by letting you view the inventory level of device types in the Test Lab catalog. To access this information, run gcloud firebase test [android|ios] list-device-capacities, or gcloud firebase test [android|ios] models describe [MODEL_ID].

Identity and Access Management

  • Added gcloud iam workforce-pools commands for Workforce Identity Federation management.

Notebooks

  • Deprecate alpha and beta notebooks.

Security Command Center

  • Updated gcloud scc custom-modules sha command group to allow custom modules feature.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

416.0.0 (2023-01-31)

Breaking Changes

  • (Cloud Datalab) Removed gcloud datalab component (Originally removed in release 413.0.0).

AI

  • Fixed an issue in gcloud ai hp-tuning-jobs that the values of --max-trial-count and --max-parallel-trial-count are not passed in the config.yaml file.

AlloyDB

  • Updated gcloud beta alloydb clusters create and gcloud beta alloydb clusters update to support enabling continuous backups via new --enable-continuous-backup and --continuous-backup-recovery-window-days and --continuous-backup-encryption-key flags.

Anthos Identity Service

  • Added --fleet-default-member-config flag to the following commands:

    • gcloud beta container fleet identity-service enable
    • gcloud beta container fleet identity-service delete

      These will make it possible to configure and delete fleet default membership configurations.

App Engine

  • Added the --tunnel-through-iap flag to gcloud beta app instances scp. Using this flag lets you use an Identity-Aware Proxy (IAP) tunnel when attempting to SCP to/from an App Engine flexible environment instance without an external IP address.

Cloud Run

  • Promotes gcloud beta run jobs logs read to beta, which reads logs from a selected resource.
  • Promotes gcloud beta run jobs logs tail to beta, which tail logs from a selected resource.

Cloud SQL

  • Promoted gcloud sql users describe command to GA.

Cloud Storage

  • Updated gsutil component to 5.19.
    • Fixed an issue causing parallel transfer commands to require elevated permissions.

Compute Engine

  • Modified gcloud compute instance-groups managed update to support relative path for regional health check.
  • Added --allow-psc-global-access flag of gcloud compute forwarding-rules <create|update> to beta.
  • Promoted gcloud compute resource-policies update snapshot-schedule to beta.

Config Controller

  • Fixed issue where --full-management flag doesn't take effect.

Immersive Stream

  • Promoted gcloud immersive-stream xr to GA.

Kubernetes Engine

  • Updates default kubectl from 1.24.9 to 1.24.10.
  • Additional kubectl versions:
    • kubectl.1.21 (1.21.14)
    • kubectl.1.22 (1.22.17)
    • kubectl.1.23 (1.23.16)
    • kubectl.1.24 (1.24.10)
    • kubectl.1.25 (1.25.6)
    • kubectl.1.26 (1.26.1)

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

415.0.0 (2023-01-24)

Google Cloud CLI

  • Global --format flag now respects the core/default_format property when --format=default. If core/default_format is not set, then default format is yaml.

AI

  • Modified --region flag of gcloud ai endpoints to include new online prediction regions.
  • Modified --region flag of gcloud ai models to include new online prediction regions.
  • Added --enable-dashboard-access flag to gcloud ai custom-jobs create and gcloud ai hp-tuning-jobs create to allow the access to the dashboard specified in custom container.

BigQuery

  • Added support for using the auth/impersonate_service_account property in bq commands.

Cloud Build

  • Added command groups for managing connections and repositories: gcloud beta builds connections and gcloud beta builds repositories.

Cloud Dataproc

  • Added gcloud dataproc node-groups group with commands: describe and resize.
  • Added --driver-pool-${X} flags to gcloud dataproc clusters create.

Cloud Firestore

  • Added --database flag to gcloud firestore operations to add database support for Firestore operations.

Cloud On Demand Scanning

  • Fixed issue with extracting packages from Go binaries built with newer versions of to the Go toolchain.

Cloud Org Policy

  • Added --update-mask to gcloud org-policies set-policy to specify the fields to be overwritten in the policy.

Cloud Pub/Sub

  • Added gcloud pubsub schemas commit to commit a revision for a Pub/Sub schema.
  • Added gcloud pubsub schemas rollback to roll back a revision for a Pub/Sub schema.
  • Added gcloud pubsub schemas delete-revision to delete a revision for a Pub/Sub schema.
  • Added gcloud pubsub schemas list-revisions to list all revisions for a Pub/Sub schema.
  • Added --first-revision-id and --last-revision-id flags to gcloud pubsub topics create to create schema settings for Pub/Sub topics.
  • Added --clear-schema-settings, --schema, --message-encoding, --first-revision-id and --last-revision-id flags to gcloud pubsub topics update to update schema settings for a Pub/Sub topic.

Cloud SQL

  • Promoted gcloud sql users describe command to beta.

Compute Engine

  • Added --update-policy-<type|max-unavailable|max-surge|minimal-action|most-disrtuptive-action|replacement-method> flags of gcloud compute instance-groups managed <create|update> to GA.
  • Added --update-policy-min-ready flag of gcloud compute instance-groups managed <create|update> to beta.
  • Added --enforce-on-key-configs flag to gcloud beta compute security-policies rules create and gcloud beta compute security-policies rules update.

Dataproc Metastore

  • Promoted gcloud metastore services import flag --dump-type to GA.
  • Promoted gcloud metastore services export flag --dump-type to GA.

Declarative Workflows

  • Make --storage-path, --resource-types and --resource-types-file mutually exclusive in gcloud beta resource-config bulk-export.

Kpt

Recommender

  • Added support for gcloud recommender recommendations mark-dismissed.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

414.0.0 (2023-01-18)

Anthos Multi-Cloud

  • Added --azure-tenant-id and --azure-application-id flags to gcloud container azure clusters create and gcloud container azure clusters update to set authentication configuration for management of Azure resources. These flags replace --client flag.

Apigee

  • Fixed issue where gcloud apigee apis describe would demand a non-existent --revision argument.

Cloud API Gateway

  • Fixed issue where sort-by arguments in list commands produced type validation errors.

Cloud Build

  • Added --peered-network-ip-range flag to gcloud builds worker-pools create.

Cloud Firestore

  • Added database support for Firestore import/export.
  • Added namespace_ids support for Firestore import/export.
  • Added databaseId support for Firestore TTL.
  • Added databaseId support for Firestore SFI.

Cloud Storage

  • Add IAM and ACL-related flags.
  • Updated gsutil component to 5.18.

Compute Engine

  • Promoted --external-ipv6-address flag of gcloud compute instances network-interfaces update to GA.
  • Promoted --external-ipv6-prefix-length flag of gcloud compute instances network-interfaces update to GA.
  • Added keyword network-attachment for --network-interface in gcloud compute instance-templates create.
  • Promoted --external-ipv6-address flag of gcloud compute instances create to GA.
  • Promoted --external-ipv6-prefix-length flag of gcloud compute instances create to GA.
  • Promoted --source-instance-template flag of gcloud compute reservations create to GA.

Database Migration

  • Added gcloud database-migration conversion-workspaces seed which seeds from a connection profile for a database-migration conversion workspace.
  • Added gcloud database-migration conversion-workspaces delete which deletes a database-migration conversion workspace.
  • Added gcloud database-migration conversion-workspaces convert which converts source entities to draft entities in a database-migration conversion workspace.
  • Added gcloud database-migration conversion-workspaces apply which applies a database-migration conversion workspace onto the destination database.
  • Added gcloud database-migration conversion-workspaces list-background-jobs which lists the background jobs in a database-migration conversion workspaces.
  • Added gcloud database-migration conversion-workspaces describe-entities which describes the database entities in a database-migration conversion workspaces.

Dataproc Metastore

  • Promoted gcloud metastore services flag --database-type to GA.

Kubernetes Engine

  • Updates default kubectl from 1.23.15 to 1.24.9.
  • Additional kubectl versions:
    • kubectl.1.21 (1.21.14)
    • kubectl.1.22 (1.22.17)
    • kubectl.1.23 (1.23.15)
    • kubectl.1.24 (1.24.9)
    • kubectl.1.25 (1.25.5)
    • kubectl.1.26 (1.26.0)

Network Management

  • Added appEngineVersion and cloudRunRevision arguments for source in gcloud network-management connectivity-tests. This allows the user to run tests using App Engine version and Cloud Run revision endpoint types as source.

Security Command Center

  • Fixed gcloud scc findings create to require flag event-time.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

413.0.0 (2023-01-10)

Breaking Changes

  • (Cloud Storage) Added --fetch-encrypted-object-hashes flag to ls and objects list commands. API requests to the LIST endpoint do not fetch the hashes for encrypted objects by default. If this flag is set, a GET request is sent for each encrypted object in order to fetch hashes. This can significantly increase the cost of the commands.
    • Previously, the fallback to GET was implemented for CSEK-encrypted objects as the default behavior. With this flag, both CSEK and CMEK are handled, and gcloud CLI checks if it has the necessary CSEK key before sending a GET request.
  • (Kubernetes Engine) This change starts using the Client-Go Credential Plugin gke-gcloud-auth-plugin as noted in Client-go Credential Plugin changes.

Google Cloud CLI

  • Fixed a crash during reauth when Enterprise Certificate is used.
  • Fixed issue where the gcloud CLI would crash when invoked in PowerShell 7.3. This issue was reported at: https://issuetracker.google.com/issues/259295558.
  • Added core/default_format and core/format properties to config in order enable setting a default print format. Print format is first determined by global flag --format. If --format flag is not defined, then CLI defaults to core/format value. If core/format is not defined, then CLI defaults to command specific output. If command specific output is undefined, then format is determined by core/default_format. core/default_format defaults to yaml format.

AI

  • Modified --region flag of gcloud ai model-monitoring-jobs to include new model monitoring jobs regions.
  • Modified --explanation-metadata-file flag of gcloud ai models upload from required to optional.
  • Added optional output-image-uri field to --worker-pool-spec flag of gcloud ai custom-jobs create to name and store the custom image built with autopackaging in the specified Google Container Registry or Artifact Registry.

Anthos Multi-Cloud

  • Updated gcloud container aws operations list to show the underlying action (create, update, delete, etc) associated with AWS long-running operations.
  • Updated gcloud container azure operations list to show the underlying action (create, update, delete, etc) associated with Azure long-running operations.
  • Added gcloud container azure operations cancel to cancel an ongoing LRO operation on Azure resources.
  • Added gcloud container aws operations cancel to cancel an ongoing LRO operation on AWS resources.
  • Added --tags flag to gcloud container aws node-pools update to update the tags assigned to AWS node pool resources.
  • Added --clear-tags flag to gcloud container aws node-pools update to clear the tags assigned to AWS node pool resources.
  • Added --autoscaling-metrics-granularity flag to gcloud container aws node-pools create to set granularity when enabling CloudWatch metrics collection of the autoscaling group of AWS node pools.
  • Added --autoscaling-metrics flag to gcloud container aws node-pools create to enable collection of specific CloudWatch metrics of the autoscaling group of AWS node pools.
  • Added --autoscaling-metrics-granularity flag to gcloud container aws node-pools update to update the granularity of CloudWatch metrics collection for the autoscaling group of AWS node pools.
  • Added --autoscaling-metrics flag to gcloud container aws node-pools update to update the collection of specific CloudWatch metrics for the autoscaling group of AWS node pools.
  • Added --clear-autoscaling-metrics flag to gcloud container aws node-pools update to clear the CloudWatch metrics collection associated with the autoscaling group of AWS node pools.
  • Added gcloud container attached operations list to show the underlying action (create, update, delete, etc) associated with Attached clusters long-running operations.
  • Added gcloud container attached operations describe to show detailed status of a provided Attached clusters long-running operation.
  • Added gcloud container attached operations wait to wait for completion of a provided Attached clusters long-running operation.

BigQuery

  • Fixed issue with timestamp normalization in Windows.
  • Extended the insert flags to include a insert_id flag that's appended to the row number of the data to be inserted as the insertId field that's used for deduping newly inserted rows. This can be used to ensure repeat executions don't add unintended data.

Cloud Access Context Manager

  • Promoted gcloud access-context-manager authorized-orgs to GA.

Cloud Build

  • Removed --subscription-filter flag of gcloud builds triggers create manual.

Cloud Composer

  • Added --enable-cloud-data-lineage-integration to gcloud composer environments create/update to enable Cloud Data Lineage integration.
  • Added --disable-cloud-data-lineage-integration to gcloud composer environments update to disable Cloud Data Lineage integration.
  • Enabled db check Airflow command executable via gcloud composer environments run for environments with Airflow 2.3 or newer.

Cloud Datalab

  • Removed gcloud datalab component.

Cloud Run

  • Added --env-vars-file to gcloud beta run jobs create to add environment variables to the job from a YAML file.
  • Removed the call to action from gcloud beta run integrations describe for Redis integrations that are not ready for use.

Cloud SQL

  • Added --striped and --stripe_count flags to gcloud sql import bak and added --striped flag to gcloud sql export bak to enable the striped import/export feature for SQL Server.
  • Promoted --restore-database-name flag for gcloud sql instance clone --point-in-time to support single database PITR restore for SQL Server to beta and GA.
  • Added gcloud sql users describe command, which describes a Cloud SQL user in an instance in alpha.

Cloud Services

  • Promoted gcloud services api-keys list in beta.
    • Promoted gcloud services api-keys describe in beta.
    • Promoted gcloud services api-keys get-key-string in beta.
    • Promoted gcloud services api-keys create in beta.
    • Promoted gcloud services api-keys update in beta.

Cloud Storage

  • Added gcloud storage buckets create --placement flag.
  • Promoted gcloud storage objects update retention flags to GA.
    • --event-based-hold
    • --temporary-hold
  • Removed gcloud storage buckets update --no-lock-retention-period flag.

Cloud Workstations

  • Added gcloud beta workstations clusters create which creates a cluster under a specified region.
  • Added gcloud beta workstations configs create which creates a workstation configuration under a specified cluster.
  • Added gcloud beta workstations create which creates a workstation under a specified config.
  • Added gcloud beta workstations delete which deletes the given workstation.
  • Added gcloud beta workstations configs delete which deletes the given config.
  • Added gcloud beta workstations clusters delete which deletes the given cluster.
  • Added gcloud beta workstations describe which displays all fields for a given workstation.
  • Added gcloud beta workstations configs describe which displays all fields for a given config.
  • Added gcloud beta workstations clusters describe which displays all fields for a given cluster.
  • Added gcloud beta workstations start which starts a specified workstation.
  • Added gcloud beta workstations stop which stops a specified workstation.

Compute Engine

  • Added -iam-policyand-iam-policy-bindingstogcloud beta compute backend-buckets`.
  • Promoted --endpoint-type flag of gcloud compute addresses create to GA.
  • Promoted gcloud compute sole-tenancy node-groups simulate-maintenance-event to beta.
  • Added --all-instances-config-effective flag of gcloud compute instance-groups managed wait-until to beta.
  • Modified gcloud compute forwarding-rules create to allow specifying --address and --ip-version at the same time.

Compute Firewall Policies

  • Fixed gcloud compute network-firewall-policies rules update not sending an empty list to the API if a field is specified as empty.

Database Migration

  • Added gcloud database-migration private-connections create which creates a database-migration private connection.
  • Added gcloud database-migration private-connections list which lists the database-migration private connections.
  • Added gcloud database-migration private-connections describe which describes a database-migration private connection.
  • Added gcloud database-migration private-connections delete which deletes a database-migration private connection.
  • Updated gcloud database-migration connection-profiles create to support creating Oracle connection profiles.
  • Updated gcloud database-migration connection-profiles create to support connectivity in creating Postgresql connection profiles.
  • Added gcloud database-migrate conversion-workspaces create which creates a database-migration conversion workspace.
  • Added gcloud database-migrate conversion-workspaces update which updates a database-migration conversion workspace.
  • Added gcloud database-migration conversion-workspaces list which lists the database-migration conversion workspaces.
  • Added gcloud database-migration conversion-workspaces describe which describes a database-migration conversion workspace.
  • Added gcloud database-migration conversion-workspaces commit which commits a database-migration conversion workspace.
  • Added gcloud database-migration conversion-workspaces rollback which rollbacks a database-migration conversion workspace.

Kubernetes Engine

  • Updates default kubectl from 1.23.14 to 1.23.15.
  • Removes kubectl.1.20, since it is no longer needed.
  • Additional kubectl versions:
    • kubectl.1.21 (1.21.14)
    • kubectl.1.22 (1.22.17)
    • kubectl.1.23 (1.23.15)
    • kubectl.1.24 (1.24.9)
    • kubectl.1.25 (1.25.5)

Pubsub Emulator

  • Added support for Exactly-once Delivery.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

412.0.0 (2022-12-13)

Breaking Changes

  • (Compute Engine) Modified concurrent operation quota errors to show additional information to user instead of just error message.

Google Cloud CLI

  • Added property core/parse_error_details. If set, gcloud CLI will parse and display errors in a more human readable format, where available.

AI

  • Modified --region flag of gcloud ai endpoints to include new online prediction regions.
  • Modified --region flag of gcloud ai models to include new online prediction regions.
  • Modified --region flag of gcloud ai custom-jobs to include new online training regions.
  • Modified --region flag of gcloud ai hp-tuning-jobs to include new online training regions.

AlloyDB

  • Introduced gcloud alloydb track.

Anthos Multi-Cloud

  • Promoted gcloud container attached to GA.

App Engine

  • Updated gcloud beta app instances ssh to use an IAP tunnel when attempting to SSH to an instance without an external IP.

Cloud Build

  • Modified one of gcloud builds triggers run --branch, gcloud builds triggers run --tag, and gcloud builds triggers run --sha flag to be required.
  • Make --region flag visible in builds triggers create command group. Set --dockerfile flag as required for builds triggers create command group.
  • Ungroup --build-config flag and --inline-config flag for builds triggers create command group.
  • Promoted gcloud builds triggers to GA.

Cloud Composer

  • Added gcloud composer environments snapshots load - to load a snapshot into the environment.
  • Added gcloud composer environments snapshots save - save a snapshot of the environment.
  • Added --enable-scheduled-snapshot-creation to gcloud composer environments create/update to enable snapshots of the environment creation according to a schedule. Can be specified for Composer 2.0.32 or greater.
  • Added --snapshot-creation-schedule to gcloud composer environments create/update to specify cron expression when snapshots of the environment should be created.
  • Added --snapshot-location to gcloud composer environments create/update to specify the Cloud Storage location for storing automatically created snapshots.
  • Added --snapshot-schedule-timezone to gcloud composer environments create/update to specify Timezone that sets the context to interpret snapshot_creation_schedule.
  • Added --disable-scheduled-snapshot-creation to gcloud composer environments update to disable the automatic snapshots creation.

Cloud Datastream

  • Fixed issue where gcloud datastream create failed for Postgresql source config.

Cloud Functions

  • Added --cpu flag to gcloud beta functions deploy for 2nd Gen functions to alpha and beta.
  • Added --concurrency flag to gcloud beta functions deploy for 2nd Gen functions to alpha and beta.

Cloud Pub/Sub

  • Added --event-time and --publish-time flags to gcloud pubsub lite-subscriptions create to create Pub/Sub Lite subscriptions from a nominated timestamp.
  • Added --export-pubsub-topic, --export-dead-letter-topic and --export-desired-state flags to gcloud pubsub lite-subscriptions create to create Pub/Sub Lite export subscriptions.
  • Added --export-pubsub-topic, --export-dead-letter-topic and --export-desired-state flags to gcloud pubsub lite-subscriptions update to update Pub/Sub Lite export subscriptions.

Cloud SQL

  • Added --enable-google-private-path flag to gcloud sql instances create and gcloud sql instances patch commands in Alpha, Beta, and GA. This field specifies whether the instance is accessible to internal Google Cloud services such as BigQuery. This is applicable only to MySQL and PostgreSQL instances that don't use public IP. Currently, SQL Server isn't supported.

Cloud Services

  • Promoted gcloud services api-keys delete to beta.
  • Promoted gcloud services api-keys undelete to beta.

Cloud Workstations

  • Added gcloud beta workstations configs list which lists workstation configs under a specified cluster.

Config Controller

  • Added --full-management flag to gcloud anthos config controller create to allow creating Config Controller on GKE Autopilot instances.

Database Migration

  • Updated gcloud database-migration connection-profiles create to support creating AlloyDB connection profiles.

Firebase Test Lab

  • Added --robo-script flag to gcloud firebase test ios run to customize an iOS Robo crawl with a Robo script.

Identity and Access Management

  • Added --executable-interactive-timeout-millis flag to gcloud iam workforce pools create-cred-config. This enables using executable-sourced credentials with user interactivity with gcloud auth login --cred-file=/path/to/interactive/executable/config.json when using Workforce Identity Federation.

Kubernetes Engine

  • Added --stack-type and --ipv6-access-type arguments to gcloud container clusters create command to support dual stack GKE clusters.
  • Added --stack-type argument to gcloud container clusters update command to support changing stack type between IPv4 and dual stack GKE clusters.
  • Added --ephemeral-storage-local-ssd to gcloud beta container clusters create, gcloud beta container node-pools create, gcloud container clusters create, gcloud container node-pools create. This flag is used to configure nodes' ephemeral storage to be backed by local SSDs.
  • Added --local-nvme-ssd-block to gcloud beta container clusters create, gcloud beta container node-pools create, gcloud container clusters create, gcloud container node-pools create. This flag is used to initialize nodes in node-pool with raw-block local NVMe SSDs attached.

Notebooks

  • Added support for Shielded VM configuration to gcloud notebooks instances create.
  • Added support for reservation configuration to gcloud notebooks instances create.

Terraform

  • Added zone and region option for gcloud beta terraform vet.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

411.0.0 (2022-12-06)

Breaking Changes

  • (Compute Engine) Added rhel-9 and rhel-9-byol options to --os flag for:
    • gcloud compute images import in GA,
    • gcloud compute instances import in GA
    • gcloud compute machine-images import in GA

Google Cloud CLI

  • Added gcloud topic command group to alpha and beta.

App Engine

  • Add --service-account flag of gcloud app create to GA, which allows to create an app with a user-managed service account.
  • Add --service-account flag of gcloud app update to GA, which allows to update the app with a user-managed service account.

App Engine Flexible Environment

  • Add --service-account flag of gcloud app create to GA, which allows to create an app with a user-managed service account.
  • Add --service-account flag of gcloud app update to GA, which allows to update the app with a user-managed service account.

BigQuery

  • Expose enable_resumable_uploads flag in public bq.
  • Formatting fix for bigquery_client.py.
  • Changed "locking" Owned Test Accounts to "getting" to avoid overloading AccountProviderService.
  • Extended api logging to include URIs of requests.
  • Extends encodings supported during file upload.
  • Messages and fails early when the user tries to upload with an invalid schema.
  • Adds support for GOOGLE_CLOUD_QUOTA_PROJECT environment variable.
  • Adds configuration for external accounts using token_uri.
  • Dataset name validation and feedback.

Cloud Bigtable

  • Promoted gcloud bigtable instances tables create to beta and GA.
  • Promoted gcloud bigtable instances tables delete to beta and GA.
  • Promoted gcloud bigtable instances tables update to beta and GA.
  • Added include-stats option to cbt lookup and cbt read commands.
  • Added cbt notices command, which displays licenses covering all direct and indirect dependencies.

Cloud Build

  • Bugfix to enforce limits to be applied after filters.
  • Added --enterprise-config flag to builds triggers create github to support creating GitHub Enterprise trigger.

Cloud Composer

  • Added --enable-scheduled-snapshot-creation to gcloud beta composer environments create/update to enable snapshots of the environment creation according to a schedule. Can be specified for Composer 2.0.32 or greater.
  • Added --snapshot-creation-schedule to gcloud beta composer environments create/update to specify cron expression when snapshots of the environment should be created.
  • Added --snapshot-location to gcloud beta composer environments create/update to specify the Cloud Storage location for storing automatically created snapshots.
  • Added --snapshot-schedule-timezone to gcloud beta composer environments create/update to specify Timezone that sets the context to interpret snapshot_creation_schedule.
  • Added --disable-scheduled-snapshot-creation to gcloud beta composer environments update to disable the automatic snapshots creation.

Cloud Firestore

  • Add apiScope output for Firestore index. ApiScope can be viewed in gcloud firestore indexes composite list and gcloud firestore indexes composite describe.
  • Added databaseId support for Firestore index.

Cloud IDS

  • Added --threat_exceptions flag to exclude certain threat types from being reported.

Cloud Key Management Service

  • Modified gcloud kms import-jobs create to accept new SHA256 import methods rsa-oaep-3072-sha256, rsa-oaep-3072-sha256-aes-256, rsa-oaep-4096-sha256, and rsa-oaep-4096-sha256-aes-256.

Cloud Pub/Sub

  • Promoted --enable-exactly-once-delivery flag of gcloud pubsub subscriptions create to GA.
  • Promoted --enable-exactly-once-delivery flag of gcloud pubsub subscriptions update to GA.

Cloud Run

  • Promoted --execution-environment of gcloud run from beta to GA.
  • Fixed issue where gcloud beta run jobs execute with --wait flag, and other jobs commands to wait for an execution to complete, failed to wait more than 30 minutes.
  • Fixed issue where gcloud beta run integrations delete failed when the associated Cloud Run service is deleted.

Cloud SQL

  • Promoted --timeout flag for gcloud sql instances create to GA.
  • Added --restore-database-name flag to gcloud sql instance clone --point-in-time to support single database PITR restore for SQL Server.

Cloud Services

  • Updated gcloud services list to retry 429 errors.
  • Set the default page size for gcloud services list to 200.
  • Promoted gcloud services api-keys lookup to beta.

Cloud Spanner

  • Added --skip-init flag to gcloud spanner samples run.

Cloud Storage

  • Promoted gcloud storage buckets update retention flags to GA.
    • --default-event-based-hold
    • --retention-period
    • --clear-retention-period
    • --lock-retention-period
  • Promoted gcloud storage buckets update --uniform-bucket-level-access to GA.
  • Rebuilt gcloud-crc32c 1.0.0 on latest version of golang.
  • Updated gsutil component to 5.17.

Compute Engine

  • Added --merge-source-commitment to gcloud compute commitments create for beta and GA.
  • Fixed issue where gcloud compute instance-groups unmanaged list-instances would fail to fall back to the compute/zone property when --zone was missing.
  • Added customRequestHeaders and customResponseHeaders to modifiable fields list in gcloud compute backend-services edit.

Dataproc Metastore

  • Added support for querying and mutating Dataproc Metastore metadata. The following commands have been added to the alpha and beta release tracks:
    • metastore services queryMetadata
    • metastore services alterLocation
    • metastore services moveTableToDatabase

Distributed Cloud Edge

  • Added warning to long running operation metadata of gcloud edge-cloud container cluster create/update when the cluster has a maintenance window configuration that overlaps with other clusters' in the same project.

Firebase Test Lab

  • Added --type=robo flag to gcloud firebase test ios run to support running iOS Robo tests.

GKE Hub

  • Fixed bug in gcloud container fleet and gcloud container hub command groups where a membership with ambiguous location was not given default value global.

Kubernetes Engine

  • Promoted --cluster-dns-scope=cluster flag of gcloud container clusters create and gcloud container clusters update to GA.
  • Promoted --binauthz-evaluation-mode=MONITORING, binauthz-evaluation-mode=MONITORING_AND_PROJECT_SINGLETON_POLICY_ENFORCE, and --binauthz-policy flags of gcloud container clusters create, gcloud container clusters create-auto, and gcloud container clusters update to beta.
  • Corrected outdated description help text of gcloud container node-pools delete.
  • Promoted --placement-type flag for gcloud container clusters create command to GA.
  • Promoted --placement-type flag for gcloud container node-pools create command to GA.
  • Added --async flag to gcloud container node-pools create/update to allow the in-progress operation to be returned, instead of the node pool.
  • Additionally, default formatting for gcloud container node-pools create/update/delete --async has been added to provide a more human-readable format of the operation; potentially impacting parsing of output. It is recommended to use --format when parsing gcloud CLI output.
  • Updates default kubectl from 1.22.14 to 1.23.14.
  • Additional kubectl versions:

    • kubectl.1.20 (1.20.15)
    • kubectl.1.21 (1.21.14)
    • kubectl.1.22 (1.22.15)
    • kubectl.1.23 (1.23.14)
    • kubectl.1.24 (1.24.8)
    • kubectl.1.25 (1.25.4)
  • Added --windows-os-version flag to gcloud container node-pools create/update to allow create Windows node pools using Windows Server LTSC 2022 Containerd node image.

Media CDN

  • Added gcloud edge-cache command group to enable configuration of Media CDN.

Network Connectivity

  • Promoted gcloud network-connectivity internal-ranges command group to GA.

Network Security

  • Promoting networksecurity firewall API to v1beta1.
  • Promoted commands under gcloud network-security org-address-groups and gcloud network-security address-groups to beta.

Recommender

  • Added billing account scope support for gcloud recommender recommender-config describe.
  • Added billing account scope support for gcloud recommender recommender-config update.
  • Added billing account scope support for gcloud recommender insight-type-config describe.
  • Added billing account scope support for gcloud recommender insight-type-config update.

Terraform

  • Added support for environment variables GOOGLE_PROJECT, GOOGLE_CLOUD_PROJECT, GCLOUD_PROJECT in gcloud beta terraform vet.
  • Fixed an issue where gcloud beta terraform vet would fail while trying to format and output pre-formatted error strings.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

410.0.0 (2022-11-15)

Google Cloud CLI

  • Added gcloud topic endpoint-override for details on overriding the default api URL.

AI

  • Added asia-southeast2, europe-central2, and us-south1 options to --region flag of gcloud ai custom-jobs and gcloud ai hp-tuning-jobs.

AlloyDB

  • Introduced the following commands: gcloud beta alloydb clusters create-secondary, gcloud beta alloydb instances create-secondary, gcloud beta alloydb clusters promote.

App Engine

Artifact Registry

  • Update maven and gradle plugin versions to 2.2.0.

Assured Workloads

  • Added SOVEREIGN_CONTROLS_BY_T_SYSTEMS as an option for --partner flag of gcloud assured workloads create command (available for both beta and GA).

Cloud Asset Inventory

  • Promoted gcloud asset query command to GA.

Cloud Bigtable

  • Added stats option to --view flag for bigtable instances tables describe.

Cloud Composer

  • Added --enable-triggerer to gcloud beta composer environments create/update to allow usage of deferrable operators in dags.
  • Added --triggerer-cpu to gcloud beta composer environments create/update to specify CPU allocated to Airflow triggerer.
  • Added --triggerer-memory to gcloud beta composer environments create/update to specify memory allocated to Airflow triggerer.
  • Added --disable-triggerer to gcloud beta composer environments update to disable Airflow triggerer.

Cloud Dataproc

  • Added --async flag to gcloud dataproc jobs kill.

Cloud Datastream

  • Added the max_concurrent_cdc_tasks support to --mysql-source-config and --oracle-source-config flags in gcloud datastream streams.
  • Fixed issue where stream create using a mysql-source-config or oracle-source-config with column level filtering fails to create.

Cloud Functions

  • Fixed issue where gcloud functions list would crash when a 2nd Gen-only region was specified using --regions.
  • Updated gcloud function describe to look up both 1st Gen and 2nd Gen environments for the function. When --gen2 flag is specified, only 2nd Gen functions will be looked up.

Cloud Run

  • Promoted gcloud run services logs read and gcloud run revisions logs read to beta, which reads logs from a selected resource.
  • Promoted gcloud run services logs tail and gcloud run revisions logs tail to beta, which tail logs from a selected resource.
  • Added --execute-now and --wait flags to gcloud beta run job update to immediately execute the job after update and wait for completion.
  • Promoted gcloud beta run integrations command group and all sub-commands to beta.

Compute Engine

  • Promoted --list-managed-instances-results flag for gcloud compute instance-groups managed create and gcloud compute instance-groups managed update to GA.
  • Fixed --network-interface to mark the public IP as None when --no-address is specified.

GKE Hub

  • Fixed issue where gcloud container fleet memberships commands did not output memberships with missing cluster.
  • Fixed bug in gcloud container fleet config-management version where memberships were stuck with version "NA".

Identity and Access Management

  • Added support for retrieving the token introspection endpoint through external account credentials.

Kubernetes Engine

  • Added --labels flag to gcloud container node-pools create/update to allow creating and updating node pools with GCP labels.

VPC Access

  • Promoted gcloud compute networks vpc-access connectors update to beta.
    • Enables updating of min-instances, max-instances and machine-type of already existing vpc-access connectors.

Vmware Engine

  • Added commands for managing resources:
    • Locations
    • Operations
    • VMwareEngine networks
    • Network policies
    • Node types
    • Private clouds
    • Clusters
    • HCX activation keys
    • NSX credentials
    • VCenter credentials
    • Subnets

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

409.0.0 (2022-11-08)

Breaking Changes

  • (Compute Engine) Modified stockout errors to show entire error object to user in yaml format instead of just error message.
  • (Compute Engine) Modified quota exceeded errors to show additional information to user instead of just error message.

Google Cloud CLI

  • Modified gcloud config list to accept both a section name and --all flag. The command will display all the set and unset properties when specifying both.

Anthos Multi-Cloud

  • Added --allow-missing flag to the following command groups: gcloud container aws clusters delete, gcloud container aws node-pools delete, gcloud container azure clients delete, gcloud container azure clusters delete, gcloud container azure node-pools delete, to allow the delete request to succeed, even if the cluster, node-pool or client resource does not exist.

Cloud Composer

  • Added --skip-airflow-overrides-setting to gcloud beta composer snapshots load to allow skipping setting Airflow overrides from the snapshot.
  • Added --skip-environment-variables-setting to gcloud beta composer snapshots load to allow skipping setting environment variables from the snapshot.
  • Added --skip-gcs-data-copying to gcloud beta composer snapshots load to allow skipping copying dags, plugins and data folders from the snapshot.

Cloud Datastream

  • Added the max_concurrent_cdc_tasks support to --mysql-source-config and --oracle-source-config flags in gcloud datastream streams.

Cloud Filestore

  • Fixed issue where --kms-key was being ignored in gcloud filestore backups create command.

Cloud Firestore Emulator

  • Promoted gcloud emulators firestore to GA.
  • Release Cloud Firestore emulator v1.15.1
    • feat: allow users to configure websocket port

Cloud Functions

  • Fixed issue where gcloud functions list would crash when a 2nd Gen-only region was specified using --regions.

Cloud Logging

  • Updated gcloud logging read to accept multiple resources to query using a new --resource-names flag.

Cloud SQL

  • Added the following flags to gcloud sql instances create in BETA:
    • --timeout

Compute Engine

  • Added --split-source-commitment to gcloud compute commitments create for beta and GA.
  • Promoted any-single-zone value support for the flag --target-distribution-shape of gcloud compute instance-groups managed create / update to beta.
  • Added keyword network-attachment for --network-interface in gcloud compute instances create.
  • Promoted --max-run-duration flag of gcloud compute instances create to beta.
    • Allows specifying the duration of time after which the instance will terminate.
  • Promoted --termination-time flag of gcloud compute instances create to beta.
    • Allows specifying the timestamp that the instance will terminate.
  • Added 3 additional accepted values to --enforce-on-key for gcloud compute security-policies rules create|update and promoted it to GA.
  • Promoted gcloud compute network-edge-security-services command group to GA.
  • Promoted --region and '--global' flags of gcloud compute security-policies to GA.
  • Promoted --network-ddos-protection flag of gcloud compute security-policies update to GA.

Distributed Cloud Edge

  • Removed unsupported GPU_TYPE field from gcloud edge-cloud container machines list. This field will be restored once the API provides accurate GPU information.

GKE Hub

  • Fixed a bug where gcloud container fleet memberships get-credentials and gcloud container hub memberships get-credentials would not return an error when the membership argument was left empty.

Kubernetes Engine

  • Corrected outdated description help text of gcloud container node-pools delete.
  • Added --private-endpoint-subnetwork and --enable-google-cloud-access flags to gcloud container clusters create and gcloud container clusters create-auto.
  • Added --enable-google-cloud-access and --enable-private-endpoint flags to gcloud container clusters update.
  • Added --enable-private-nodes flag to gcloud container node-pools create and gcloud container node-pools update.

Notebooks

  • Added gcloud notebooks instances diagnose and gcloud notebooks runtimes diagnose commands to GA. These commands provide access to the AI Platform Notebooks new Diagnose API.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

408.0.1 (2022-11-02)

BigQuery

  • Adds various fixes to PSC environments.
  • Adds support for random forest models as part of BQML.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

408.0.0 (2022-11-01)

Breaking Changes

AI

  • Added more available regions to gcloud ai model-monitoring-jobs.
  • Added --version-description flag to gcloud ai models upload to support setting model version description.

BigQuery

  • Add missing open source licenses.
  • Expose Iceberg for public preview.

Cloud Composer

  • Added --connection-type flag to gcloud beta composer environments create and gcloud composer environments create command to allow forcing the use of VPC peerings for internal communication.

Cloud Deploy

  • Added initial-rollout-labels and initial-rollout-annotations flags to gcloud deploy releases create command.

Cloud SQL

  • Promoted --connector_enforcement flag for gcloud sql instances create and gcloud sql instances patch to GA.

Cloud Storage

  • Updated gsutil component to 5.16.

Compute Engine

  • Promoted --discard-local-ssd flag of gcloud compute instances stop to beta.
  • Promoted --force-update-on-repair flag of gcloud compute instance-groups managed <create | update> to beta.
  • Fixed missing ephemeral IP when neither --address nor --no-address keys are provided with --network-interface flag during instance template creation.

GKE Hub

  • Changed membership-related flags in gcloud container fleet and gcloud container hub command groups to resource arguments, adding --location flag and LOCATION column in list commands.

Kubernetes Engine

  • Promoted --enable-managed-prometheus flag of gcloud container clusters create/update to GA.
  • Promoted --disable-managed-prometheus flag of gcloud container clusters update to GA.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

407.0.0 (2022-10-25)

Breaking Changes

  • (Cloud Run) Now gcloud beta run jobs update command removes existing Binary Authorization breakglass justification if --breakglass flag is not set.
  • (Cloud Run) In gcloud run deploy and gcloud run services update, --set-secrets, --remove-secrets, and --update-secrets flags now support mounting multiple versions of the same secret in the same directory.
  • (Cloud Run)
    • If multiple different secrets are requested to be mounted in the same directory, including for secrets already set on the service in the case of --update-secrets, the operation will now fail instead of silently overriding all secret versions with the last one specified.
  • (Compute Engine) Removed --csek-key-file flag of gcloud beta compute instances resume
    • Removing since instance suspend and resume do not support CSEK
    • If your instance with CSEK protection is suspended, please stop the instance then restart it and file a bug.

Assured Workloads

  • Added ASSURED_WORKLOADS_FOR_PARTNERS as an option for --compliance-regime flag of gcloud assured workloads create command.
  • Added --partner flag (optional) for gcloud assured workloads create command to enable creation of partner workload (workload managed by local trusted partners) through gcloud command.

Cloud DNS

  • Promoted gcloud dns managed-zones get-iam-policy and gcloud dns managed-zones set-iam-policy to GA.

Cloud Dataplex

  • Promoted Content command group to GA.
  • Promoted Environment command group to GA.

Cloud Datastream

  • Added postgresql type to --type flag of datastream connection-profiles <create/update>.
  • Added postgresql type to --postgresql-rdbms-file flag of datastream connection-profiles discover.
  • Added --postgresql-source-config flag to gcloud datastream streams <create/update>.
  • Added postgresql type to --type flag of datastream connection-profiles <create/update>.

Cloud Filestore

  • Added --kms-key flag to gcloud beta filestore backups create, which allows an Enterprise or High Scale backup to be created that is encrypted with a CMEK key." => "which creates a backup with an associated customer-managed encryption key (CMEK). Only available for Enterprise or High Scale tier instances.
  • Added --location flag to gcloud beta filestore instances restore, which restores Enterprise instances." => "restore Basic HDD, Basic SSD, and Enterprise tier instances.
  • Added --instance-location flag to gcloud beta filestore backups create, which accepts either a zone or region and allows clients to create Basic HDD, Basic SSD, and Enterprise tier backups.

Cloud SQL

  • Added the following flags to gcloud sql instances create and gcloud sql instances patch in BETA:
    • --connector_enforcement

Cloud Storage

  • Updated gsutil component to 5.15.

Cloud Workstations

  • Promoted gcloud beta workstations commands to beta for Preview.

Compute Engine

  • Promoted --source-machine-image, --source-machine-image-csek-key-file, and --erase-windows-vss-signature flags of compute instances create to GA.
  • Fixed an issue with --create-disk and --disk flags that causes gcloud compute instance-templates create or gcloud compute instance-templates create-with-container to fail when attaching a boot disk.
  • Promoted --region flag for compute target-tcp-proxies to GA.

Compute Firewall Policies

  • Fixed bug in gcloud compute network-firewall-policies rules update that would cause src-secure-tags to not be updated.

GKE Hub

  • Modified gcloud container fleet memberships register to skip Connect agent installation for GKE clusters by default. Use --install-connect-agent flag to get the old behavior.
  • Modified gcloud container fleet memberships unregister to skip Connect agent uninstallation for GKE clusters by default. Use --uninstall-connect-agent flag to get the old behavior.
  • Added --install-connect-agent flag to gcloud container fleet memberships register and gcloud container hub memberships register to install connect agent on GKE clusters.
  • Added --uninstall-connect-agent flag to gcloud container fleet memberships unregister and gcloud container hub memberships unregister to uninstall Connect agent on GKE clusters.

Identity and Access Management

  • Added gcloud iam policies create which creates a deny policy on the given attachment point with the given name.
  • Added gcloud iam policies delete which deletes a deny policy on the given attachment point with the given name.
  • Added gcloud iam policies get which gets a deny policy on the given attachment point with the given name.
  • Added gcloud iam policies list which lists the deny policies on the given attachment point.
  • Added gcloud iam policies update which updates the deny policy on the given attachment point with the given name.
  • Updated External Account URL validation to allow PSC endpoints.

Kubernetes Engine

  • Added --gateway-api flag to gcloud container clusters create and gcloud container clusters update which allows users to turn on the GKE Gateway controller for their cluster and to select the Gateway API release channel they want to use.

Security Command Center

  • Updated gcloud scc notifications update to allow for project and folder parents.
  • Updated gcloud scc notifications create to allow for project and folder parents.
  • Updated gcloud scc notifications delete to allow for project and folder parents.
  • Updated gcloud scc notifications list to allow for project and folder parents.
  • Updated gcloud scc notifications describe to allow for project and folder parents.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

406.0.0 (2022-10-17)

Breaking Changes

  • (Cloud Storage) Changed "Additional Properties" formatting for ls -L to print condensed JSON object instead of JSON list with key and value keys before every key and value.
  • (Kubernetes Engine) Remove deprecated --istio-config flag of gcloud beta container clusters create and gcloud beta container clusters update.

Anthos Multi-Cloud

  • Promoted --logging flag to gcloud container aws clusters create and gcloud container azure clusters create to update the logging config.
  • Promoted --logging flag to gcloud container aws clusters update and gcloud container azure clusters update to update the logging config.
  • Added --annotations flag to gcloud container azure node-pools create to set the annotations field when creating Azure node pools.
  • Added --annotations flag to gcloud container azure node-pools update to update the annotations of Azure node pools.
  • Added --clear-annotations flag to gcloud container azure node-pools update to clear the annotations of Azure node pools.

Bare Metal Solution

  • Promoted gcloud bms nfs-shares create to GA.
  • Promoted gcloud bms nfs-shares delete to GA.
  • Promoted gcloud bms volumes restore to GA.
  • Promoted gcloud bms volumes snapshot to GA.
  • Promoted gcloud bms volumes snapshots describe to GA.
  • Promoted gcloud bms volumes snapshots list to GA.
  • Promoted gcloud bms volumes snapshots delete to GA.
  • Promoted --add-allowed-client flag of gcloud bms nfs-shares update to GA.
  • Promoted --remove-allowed-client flag of gcloud bms nfs-shares update to GA.
  • Promoted --clear-allowed-clients flag of gcloud bms nfs-shares update to GA.
  • Promoted gcloud bms instances stop to GA.

BigQuery

  • Fixed issue with --api flag in external clients.
  • Added support for the target_job_concurrency flag and begins deprecating the concurrency flag.
  • Added the max_staleness flag for external tables.
  • Added support for SIMPLE with the object_metadata flag.
  • Added ZSTD as an extract option.

Certificate Manager

  • Added gcloud certificate-manager issuance-configs command group to beta. Commands in this group allow for configuring Private Trust certificate issuance.
  • Added --issuance-config flag for gcloud certificate-manager certificates create command to beta. The flag allows configuring managed certificates issuance with Private Trust.

Cloud Access Context Manager

  • Changed --level flag of gcloud access-context-manager cloud-bindings create and gcloud access-context-manager cloud-bindings update to take a string input instead of a resource:
    • No change is required on any previous configurations as a result of this change.

Cloud Datastream

  • Added BigQuery destination type support.

Cloud Firestore Emulator

  • Promoted gcloud emulators firestore to GA.

Cloud SQL

  • Added the following flags to gcloud sql instances create and gcloud sql instances patch for ALPHA:
    • --connector_enforcement

Cloud TPU

  • Promoted --shielded-secure-boot flag of gcloud compute tpus tpu-vm to GA.

Compute Firewall Policies

  • Updated gcloud compute firewall-policies rules create to include help text for src-threat-intelligence, src-fqdns, src-region-codes , src-address-groups, dest-threat-intelligence, dest-fqdns , dest-region-codes and dest-address-groups.
  • Updated gcloud compute firewall-policies rules update to include help text for src-threat-intelligence, src-fqdns, src-region-codes , src-address-groups, dest-threat-intelligence, dest-fqdns , dest-region-codes and dest-address-groups.
  • Updated gcloud compute network-firewall-policies rules create to include help text for src-threat-intelligence, src-fqdns, src-region-codes , src-address-groups, dest-threat-intelligence, dest-fqdns , dest-region-codes and dest-address-groups.
  • Updated gcloud compute network-firewall-policies rules update to include help text for src-threat-intelligence, src-fqdns, src-region-codes , src-address-groups, dest-threat-intelligence, dest-fqdns , dest-region-codes and dest-address-groups.
  • Promoted --src-address-groups and --dest-address-groups flags to beta in gcloud compute firewall-policies rules create , gcloud compute firewall-policies rules update , gcloud compute network-firewall-policies rules create and gcloud compute network-firewall-policies rules update commands.
  • Promoted --src-fqdns and --dest-fqdns flags to beta in gcloud compute firewall-policies rules create , gcloud compute firewall-policies rules update , gcloud compute network-firewall-policies rules create and gcloud compute network-firewall-policies rules update commands.

Kpt

Kubernetes Engine

  • Promoted the GKE add-on BackupRestore of gcloud container clusters <create|update> to GA. This add-on is disabled by default.
    • Use --addons=BackupRestore to enable the add-on during cluster creation.
    • Use --update-addons=BackupRestore=ENABLED|DISABLED to enable/disable the add-on for existing GKE clusters.

Managed Active Directory

  • Promoted gcloud active-directory domains extend-schema to GA.

Network Security

  • Updated gcloud network-security address-groups list to include the TYPE, CAPACITY and USAGE columns in the output.
  • Updated gcloud network-security org-address-groups list to include the TYPE, CAPACITY and USAGE columns in the output.

Security Command Center

  • Updated gcloud scc notifications update to allow for project and folder parents.
  • Updated gcloud scc notifications create to allow for project and folder parents.
  • Updated gcloud scc notifications delete to allow for project and folder parents.
  • Updated gcloud scc notifications list to allow for project and folder parents.

405.0.1 (2022-10-14)

GKE Hub

  • Updated gke-gcloud-auth-plugin to 0.4.0.

Cloud Bigtable

  • Updated the version of cbt to v1.12.1.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

405.0.0 (2022-10-04)

Google Cloud CLI

  • Fixed issue where revoking impersonated ADC credentials caused a crash.
  • Fixed issue where it was not possible to set a logging configuration when creating a regional backend service in alpha and beta.

Anthos Multi-Cloud

  • Added --tags flag to gcloud container aws clusters update to update the tags assigned to control plane replicas.
  • Added --clear-tags flag to gcloud container aws clusters update to clear the tags assigned to control plane replicas.

App Engine

Artifact Registry

  • Automatically creates missing repos for gcloud beta artifacts settings enable-upgrade-redirection command.

Batch

  • Promoted gcloud batch to GA track.

Cloud Dataplex

  • Updated gcloud dataplex tasks create to support scheduling notebooks.

Cloud Firestore

  • Promoted gcloud firestore fields ttls command group to GA.

Cloud Spanner

  • Promoted gcloud spanner instance-configs [create|update|delete] to GA.

Cloud SQL

  • Promoted --time-zone flag of gcloud sql instances create command to GA.
  • Provided a helpful error message when Cloud SQL Proxy fails to start during gcloud sql connect command.

Cloud Run

  • Added gcloud beta run jobs replace to deploy a job from yaml.

Compute Engine

  • Added ubuntu-2204 and windows-11-x64-byol options to --os flag for:
    • gcloud compute images import in GA,
    • gcloud compute instances import in GA
    • gcloud compute machine-images import in GA
  • Updated gcloud compute instance-templates create not to crash if instantiate-from value is not specified in --configure-disk when using --source-instance flag.
  • Promoted --md5-authentication-key flag of gcloud compute routers add-bgp-peer to GA.
  • Promoted --md5-authentication-key and --clear-md5-authentication-key flags of gcloud compute routers update-bgp-peer to GA.

Firebase Test Lab

  • Delayed displaying information about the number of devices used until after all executions are created.

Identity and Access Management

  • Fixed an issue that would cause the Google Cloud CLI to crash when using invalid External Account Credentials.

Kubernetes Engine

  • Added a prompt when passing --enable-binauthz to gcloud container clusters update that acknowledges the current version of Binary Authorization will be downgraded.
  • Promoted --enable-cost-allocation flag of gcloud container clusters create to GA.
  • Promoted --enable-cost-allocation flag of gcloud container clusters update to GA.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

404.0.0 (2022-09-27)

App Engine

Assured Workloads

  • Promoted gcloud assured workloads violations commands to GA. This command provides the ability to create new Assured Workloads environment resources.

Batch

  • Improved error message formats for gcloud batch jobs submit unparsable json config file, gcloud batch jobs describe job and gcloud batch tasks describe task that does not exist.
  • Added new batch/location property that can be used to set a default location. To set the properties, run gcloud config set batch/location LOCATION.

BigQuery

  • Add support for storage_billing_model flag for datasets.
  • Allow users to log in with pluggable-auth based external account credentials.
  • Add support for configuring the access token lifetime for service account impersonation when using external account credentials.
  • Add session support for load jobs.

Cloud Asset Inventory

  • Added --saved-analysis-query option to gcloud asset analyze-iam-policy, which runs a saved analysis query when specified.
  • Added gcloud asset saved-queries commands, which creates, retrieves, updates and deletes saved queries in a specified project, folder or organization.

Cloud Memorystore

  • Added --maintenance-version flag to gcloud beta redis instances update to allow updating a maintenance version when updating an instance.

Cloud Storage

  • Added storage/key_store_path property for encryption/decryption keys.
  • Updated gsutil component to 5.14.

Compute Engine

  • Promoted --region for gcloud compute ssl-policies to GA.

Eventarc

  • Updated gcloud eventarc triggers list to return the locations of triggers.

Identity and Access Management

  • Fixed bug that occurs when switching external account credentials.

Kubernetes Engine

  • Adds new kubectl v1.25 for GKE rapid channel.
  • Removes old kubectl v1.19.
  • Updates default kubectl from 1.22.12 to 1.22.14.
  • Additional kubectl versions:
    • kubectl.1.20 (1.20.15)
    • kubectl.1.21 (1.21.14)
    • kubectl.1.22 (1.22.14)
    • kubectl.1.23 (1.23.11)
    • kubectl.1.24 (1.24.5)
    • kubectl.1.25 (1.25.1)

Managed Active Directory

  • Added support for gcloud beta active-directory domains migration for enabling existing domain migration.

Policy Troubleshooter

  • Updated gcloud policy-troubleshoot iam beta and GA Command to use V2Alpha1 API.

Stackdriver Monitoring

  • Added --validate-only flag to gcloud monitoring dashboards create to allow validating dashboards without saving.

Terraform

  • Fixed issue where http proxy environment variables were not used in gcloud beta terraform vet.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

403.0.0 (2022-09-20)

Breaking Changes

  • (Assured Workloads) Removed AU_REGIONS_AND_US_SUPPORT as compliance regime options for gcloud assured workloads create command.
  • (Assured Workloads) Removed messages related to 'Versioning' as they should not be used externally.
  • (Assured Workloads) Removed v1beta1 messages from v1 api and vice-versa.
  • (Assured Workloads) Updated violation acknowledge api to POST Request.

Google Cloud CLI

  • Fixed issue where MTLS endpoints were not used when use_client_certificate was true.
  • Fixed issue where gcloud auth application-default set-quota-project would fail if serviceusage.services.use permission was revoked from the active project.
  • Added bundled Python 3 as a default component on x86_64 component-based Linux installs. The bundled Python 3 interpreter will be preferred over the system Python interpreter when invoking the gcloud command-line tool.
    • The bundled Python 3 interpreter should work on supported Linux systems, but a different interpreter can be specified by setting the CLOUDSDK_PYTHON environment variable. See gcloud topic startup and https://cloud.google.com/sdk/docs/install#linux for more information.

AI

  • Added gcloud beta api indexes remove-datapoints and gcloud beta api indexes upsert-datapoints to support Matching Engine steaming update.

AlloyDB

  • Added support to specify automated backup policy in gcloud beta alloydb clusters create.
  • Updated gcloud beta alloydb clusters create to support PITR (point in time recovery) configuration via new --disable-pitr and --pitr-log-retention-window flags.

Artifact Registry

  • Fixed a bug where the plus sign ("+") was not escaped properly, making it impossible to delete artifacts with a plus sign in their version.

Batch

  • Improved error message formats for gcloud batch jobs submit unparsable json config file, gcloud batch jobs describe job and gcloud batch tasks describe task that does not exist.

BigQuery

  • Expose object_metadata for private preview.
  • Improve error message for unparseable parameters.

Binauthz

  • Updated gcloud container binauthz attestations list to also return occurrences in cases where the artifact-url does not begin with https.

Cloud DNS

  • Added Location flag to Cloud DNS Managed Zones, Response Policies GA commands. This flag can be specified to target Cloud DNS Zonal Servers.

Cloud Dataproc

  • Fixed issue where gcloud beta dataproc sessions list would hang when large numbers of sessions are present.

Cloud Deploy

  • Added new --from-run-manifest to gcloud deploy releases create command. When used, a Skaffold file will be generated using the Cloud Run manifest.

Cloud Run

  • Added --encryption-key-shutdown-hours flag to gcloud beta run deploy and gcloud beta run services update to set the number of hours to wait before an automatic shutdown server after CMEK key revocation is detected.
  • Added --clear-encryption-key-shutdown-hours flag to gcloud beta run deploy and gcloud beta run services update to clear the CMEK key shutdown hours setting.

Compute Engine

  • Updated gcloud compute instance-templates create to throw error if --machine-type/--labels flags are used with --source-instance.
  • Promoted --compression-mode flag to gcloud compute backend-services <create | update> to GA.
  • Promoted --compression-mode flag to gcloud compute backend-buckets <create | update> to GA.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

402.0.0 (2022-09-13)

Breaking Changes

  • (Google Cloud CLI) The gcloud command-line tool no longer overrides the scheme specified in the https_proxy environment variable. Previously, the scheme was silently ignored and the gcloud command-line tool would always attempt to connect to the proxy via HTTP, even if the proxy server URL specified HTTPS.
    • Note that the gcloud command-line tool does not currently support connecting to proxies via HTTPS (nor did it previously).
    • If attempting to connect to an HTTP proxy results in warnings or errors, ensure that the https_proxy environment variable looks like http://... as opposed to https://....
    • See https://cloud.google.com/sdk/docs/proxy-settings#proxy_configuration for more information.
  • (Batch) Deprecated positional argument TASK_GROUP of gcloud batch tasks list.
  • (Batch) Use --job as the required flag instead.

Anthos Multi-Cloud

  • Added --annotations flag to gcloud container aws node-pools create to set the annotations field when creating AWS node pools.
  • Added --annotations flag to gcloud container aws node-pools update to update the annotations of AWS node pools.
  • Added --clear-annotations flag to gcloud container aws node-pools update to clear the annotations of AWS node pools.

Batch

  • Updated --config flag to support job configs from Here Doc.

Cloud Dataproc

  • Fixed issue where gcloud dataproc batches list would hang when large numbers of batches are present.

Cloud Deploy

  • Added gcloud deploy targets redeploy command to redeploy a release to a given target.
  • Added gcloud deploy rollouts retry-job, gcloud deploy job-runs list, and gcloud deploy job-runs describe commands for Deployment Verification Public Preview.

Cloud Run

  • Fixed issue where job-level labels are not propagated to its execution.
  • Added last updated message to gcloud beta run jobs describe output.

Cloud Storage

  • Updated gsutil component to 5.13.
  • Promoted gcloud storage to GA.

Compute Engine

  • Added -iam-policyand-iam-policy-bindingstogcloud compute backend-services` for GA.
  • Added gcloud compute security-policies rules add-preconfig-waf-exclusion|remove-preconfig-waf-exclusion in alpha and beta.

Config Connector

GKE Hub

  • Added new argument to the following commands:
    • gcloud container hub mesh update --management automatic.
    • gcloud container fleet mesh update --management automatic.

Identity and Access Management

  • Added support for executable-sourced external account credentials.
  • Added support for configuring the access token lifetime for service account impersonation when using external account credentials.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

401.0.0 (2022-09-07)

Google Cloud CLI

  • Added warning message to indicate support for Python 2 will soon be deprecated.

AlloyDB

  • Added --view flag to gcloud alpha alloydb instances describe to get the view of AlloyDB instance. --view=BASIC will be the same response as describe instance without this flag, and --view=FULL for read pool instance will list the details of each node in the pool.

Anthos Multi-Cloud

  • Added --description flag to gcloud container aws clusters update to update the description of AWS clusters.
  • Added --clear-description flag to gcloud container aws clusters update to clear the description of AWS clusters.
  • Added --annotations flag to gcloud container aws clusters update to update the annotations of AWS clusters.
  • Added --clear-annotations flag to gcloud container aws clusters update to clear the annotations of AWS clusters.
  • Added --description flag to gcloud container azure clusters create to set the description field when creating Azure clusters.
  • Added --annotations flag to gcloud container azure clusters create to set the annotations field when creating Azure clusters.
  • Added --description flag to gcloud container azure clusters update to update the description of Azure clusters.
  • Added --clear-description flag to gcloud container azure clusters update to clear the description of Azure clusters.
  • Added --annotations flag to gcloud container azure clusters update to update the annotations of Azure clusters.
  • Added --clear-annotations flag to gcloud container azure clusters update to clear the annotations of Azure clusters.

Cloud Run

  • Added execution log URI to gcloud beta run jobs executions describe output.

Compute Engine

  • Promoted --snapshot-type flag of gcloud compute snapshots create to GA.
  • Added --json-custom-content-types for gcloud compute security-policies update, and promoted it to beta and GA.
  • Promoted --guest-os-features flag of gcloud compute images import to GA.
  • Promoted gcloud compute firewall-rules migrate to beta.
  • Added --share-setting and --share-with flags to gcloud compute sole-tenancy node-groups create|update for GA.
  • Added --share-settings flag to gcloud compute sole-tenancy node-groups list for GA.
  • Added --node-project flag to gcloud compute instances create for GA.

Network Management

  • Added cloudFunction argument for source in gcloud network-management connectivity-tests. This allows the user to run tests using Cloud Function endpoint types as source.

Stackdriver Logging

  • Promoted the following commands to beta and GA:

    • gcloud logging copy
    • gcloud logging settings get
    • gcloud logging settings update
    • gcloud logging operations cancel
    • gcloud logging operations describe
    • gcloud logging operations list
  • Promoted --bucket-name flag of gcloud logging metrics to beta and GA.

  • Promoted --cmke-kms-key-name flag of gcloud logging buckets to beta and GA.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

400.0.0 (2022-08-30)

Breaking Changes

  • (Anthos Multi-Cloud) Removed aws/location property of gcloud container aws. Use container_aws/location to set the default Google Cloud location for gcloud container aws.
  • (Anthos Multi-Cloud) Removed azure/location property of gcloud container azure. Use container_azure/location to set the default Google Cloud location for gcloud container azure.

Anthos Multi-Cloud

  • Added --description flag to gcloud container aws clusters create to set the description field when creating AWS clusters.
  • Added --annotations flag to gcloud container aws clusters create to set the annotations field when creating AWS clusters.

App Engine

  • Use java17 as the default runtime for generated configuration. This is a behavior change with the command gcloud app deploy when there is no app.yaml configuration for Java projects (Maven, or Gradle, or simple jar). Instead of using a java11 runtime target, the application will be deployed now on a java17 runtime with a F2 instance class. If you want to stay on a java11 runtime, just create a simple app.yaml file with runtime: java11 in it.

Artifact Registry

  • Fixed issue where gcloud artifacts repositories create requires excessive permission when a kms key is supplied.

BigQuery

  • Add support for specifying vertex_ai_model_id when in the BigQuery ML update model AI.
  • Add support for preserving embedded Ascii Control characters in CSV External tables.
  • Add support for serving_default signature when exporting BigQuery trained Tensorflow models.
  • Add support for reference file schema for AVRO, PARQUET, and ORC formats.
  • Add support for BigSpark routines.
  • Fix bug when api flag is used within a restricted network.
  • Add support metadata_cache_mode and max_staleness for Query Acceleration on BigLake tables.
  • Add support for BigSpark connections.

Cloud Asset Inventory

  • Added gcloud beta asset query.
  • Added --read-time, --start-time, --end-time, --bigquery-dataset, --bigquery-table, and --write-disposition flags to support point-in-time/range queries and export to BigQuery.

Cloud Run

  • Changed the link in gcloud beta run jobs execute output to the UI of the resulted execution instead of its logging UI.
  • Added elapsed time to gcloud beta run jobs executions describe output. This is between execution creation timestamp and execution completion timestamp.

Cloud Spanner

  • Added --database-role flag to gcloud spanner databases to support role-based access control in Cloud Spanner.
  • Added gcloud beta spanner databases roles list to list all roles in Cloud Spanner database.

Config Connector

Kubernetes Engine

  • Added --logging-variant flag to gcloud container clusters create, gcloud container clusters update, gcloud container node-pools create and gcloud container node-pools update that allow users to set the logging variant used in the cluster or in the node pools. Selecting logging variant is available in clusters with version 1.24.2-gke.300+. --logging_variant is used to choose the desired logging agent that is deployed on GKE nodes. Valid options are MAX_THROUGHPUT and DEFAULT. For more details about configuring the logging agent to achieve desired throughput, see http://cloud/stackdriver/docs/solutions/gke/managing-logs#throughput.

Secret Manager

  • Added --update-annotations flag to gcloud secrets update and gcloud secrets beta update to enable the addition of new annotations to secret versions.
  • Added --remove-annotations flag to gcloud secrets update and gcloud secrets beta update to enable the removal of annotations to secret versions.
  • Added --clear-annotations flag to gcloud secrets update and gcloud secrets beta update to enable the clearing of all annotations from a secret.
  • Added --set-annotations flag to gcloud secrets create and gcloud secrets beta create to enable the setting of annotations on new secrets.
  • Added --out-file flag to gcloud secrets versions access and gcloud beta secrets versions access to directly get the output in file.

Terraform

  • Added support for the following resources in CAI-based policies:
    • google_cloudfunctions2_function_iam_binding
    • google_cloudfunctions2_function_iam_member
    • google_cloudfunctions2_function_iam_policy
    • google_gke_hub_membership_iam_binding
    • google_gke_hub_membership_iam_member
    • google_gke_hub_membership_iam_policy
  • TF -> CAI resource conversion compiled against google provider version 4.33.0.
  • Fixed asset names for the following resources:
    • google_compute_backend_service_iam
    • google_compute_instance_iam
    • google_compute_region_backend_service_iam
    • google_privateca_certificate_template_iam
  • Added support for organizations/unknown in CAI-based policy match parameters.
  • Enabled support for non-Google Terraform resources in TF-based policies.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

399.0.0 (2022-08-23)

AlloyDB

  • Added --cluster flag to gcloud beta alloydb operations list to enable listing of operations pertaining to a given cluster.
  • Updated gcloud beta alloydb clusters restore to support PITR (point in time recovery) via new --source-cluster and --point-in-time flags.

App Engine

Cloud Asset Inventory

  • Added gcloud asset get-effective-iam-policy command, which retrieves batch effective IAM policies for a specified list of resources within specified accessible scope.

Cloud Dataflow

  • Added GO to gcloud flex-template build command SDK Language options, allowing users to submit Go Flex Template jobs.

Cloud Functions

  • Move Python 3.10 for Cloud Functions to GA.

Cloud Org Policy

  • Added gcloud org-policies {custom constraint} commands that allow users to create, update, list, describe, and delete org policy custom constraints.
  • gcloud org-policies set-custom-constraint
  • gcloud org-policies describe-custom-constraint
  • gcloud org-policies delete-custom-constraint
  • gcloud org-policies list-custom-constraints.

Cloud SQL

  • Set the maximum allowed value for --storage-auto-increase-limit in gcloud beta sql instances create to the max value of int. This removes the hardcoded limit of 10230.

Cloud Spanner

  • Promoted gcloud spanner samples to beta and GA. Commands in this group support creating sample databases and running open source sample applications.
  • Added --instance-type, --expire-behavior flags to spanner instances create and spanner instances update to add ability to create free instances in GA.
  • Added instance_type column for spanner instances list and free_instance_availability column for spanner instance-configs list.

Compute Engine

  • Promoted --architecture flag of gcloud compute disks create to GA.
  • Promoted --update-architecture flags of gcloud compute disks update to GA.
  • Promoted --clear-architecture flags of gcloud compute disks update to GA.
  • Promoted --architecture flag of gcloud compute images create and gcloud compute disks update to GA.

Network Services

  • Promoted gcloud network-services tls-routes to GA.

Notebooks

  • Added notebooks runtimes command group which provides access to AI Platform Notebooks' runtimes.

Transfer

  • Added multipart copy feature to agent setup flags.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

398.0.0 (2022-08-16)

AI

  • Promoted --autoscaling-metric-specs flag of gcloud ai endpoints deploy-model to GA.
  • Added --encryption-kms-key-name flag to gcloud ai endpoints create and gcloud beta ai endpoints create.

Artifact Registry

  • Updated gcloud artifacts docker images describe and gcloud artifacts docker images list to return occurrences of any Grafeas kind.
  • Added gcloud artifacts repositories set-cleanup-policy to set a cleanup policy on a repository.
  • Added gcloud artifacts repositories list-cleanup-policy to list cleanup policies on a repository.
  • Added gcloud artifacts repositories delete-cleanup-policy to delete cleanup policies on a repository.

Cloud DNS

  • Added support for the ALIAS record set type to beta. ALIAS record sets can be created/modified using --type flag in gcloud beta dns record-sets command group.

Cloud Dataproc

  • Fixed issue where gcloud dataproc clusters enable-personal-auth-session-session did not successfully inject credentials.

Cloud Deploy

  • Added support for absolute paths for "--skaffold-file flag of gcloud deploy releases create command".

Cloud Memorystore

  • Promoted --customer-managed-key flags of gcloud redis instances create to GA.

Cloud Run

  • Promoted --cpu-boost flag to beta.

Cloud SQL

  • Added --deletion-protection flag to gcloud sql instances create and gcloud sql instances patch in alpha, beta and GA to provide Cloud SQL instances with protection against accidental deletion.

Cloud Spanner

  • Updated default timeout for gcloud spanner databases execute-sql to 10 minutes.

Cloud Storage

  • Updated gsutil component to 5.12.

Compute Engine

  • Deprecated --load-balancing-scheme, --network, --subnet, and --subnet-region arguments of gcloud compute forwarding-rules set-target.
  • Promoted --resource-policies flag for glcloud compute reservations createto beta.
  • Promoted --region and --global flags for gcloud compute url-maps invalidate-cdn-cache and gcloud compute url-maps list-cdn-cache-invalidations to GA.
  • Added region information to gcloud compute health-checks list output.
  • Deprecated --no-serve-while-stale argument of gcloud compute [backend-services|backend-buckets] [create|update].
  • Promoted --architecture flag of gcloud compute instances create and gcloud compute instanceTemplates create to GA.

Eventarc

  • Updated WARNING text for trigger creation from 10 minutes to 2 minutes.

Network Services

  • Promoted gcloud network-services gateways to GA.
    • Promoted gcloud network-services meshes to GA.
    • Promoted gcloud network-services tcp-routes to GA.
    • Promoted gcloud network-services grpc-routes to GA.
    • Promoted gcloud network-services http-routes to GA.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

397.0.0 (2022-08-09)

Breaking Changes

  • (Cloud Datastore) Deprecated gcloud datastore database create. Use gcloud alpha firestore database update --type=datastore-mode instead.
  • (Cloud Firestore) The gcloud firestore database create will be required to administer your database. Please enable the API and ensure you have the required permissions. See https://cloud.google.com/firestore/docs/app-engine-requirement.
  • (Cloud Firestore) gcloud firestore database create will no longer support App Engine regions (us-central, europe-west). See https://cloud.google.com/firestore/docs/locations for available regions.

AI

  • Added --request-response-logging-table and --request-response-logging-rate flags to gcloud ai endpoints create|update to allow config prediction endpoint request-response logging.

Artifact Registry

  • Added gcloud artifacts versions describe command.
  • Added gcloud artifacts settings to describe/modify project settings.

Batch

  • Modified gcloud batch jobs list to use --location as an optional flag.

Cloud DNS

  • Update record-sets create and update methods for health checked routing policies.

Cloud Datastore Emulator

  • Release Cloud Datastore emulator v2.2.2
    • Fixed bug which caused failures when attempting to Export.

Cloud Identity-Aware Proxy

  • Promoted host based flags to GA for surfacesgcloud compute ssh,gcloud compute scp and gcloud compute start-iap-tunnel.

Cloud Run

  • Added Startup Probe and Liveness Probe fields to the output of gcloud run services describe [SERVICE].

Compute Engine

  • Added 'network-firewall-policyand 'network-regional-firewall-policy to TYPE column of 'compute instances network-interfaces get-effective-firewalls` output.

Config Connector

Terraform

  • Added support for the following resources in CAI-based policies:
    • google_artifact_registry_repository_iam_binding
    • google_artifact_registry_repository_iam_member
    • google_artifact_registry_repository_iam_policy
    • google_bigquery_connection_iam_binding
    • google_bigquery_connection_iam_member
    • google_bigquery_connection_iam_policy
    • google_cloud_tasks_queue_iam_binding
    • google_cloud_tasks_queue_iam_member
    • google_cloud_tasks_queue_iam_policy
    • google_cloudiot_registry_iam_binding
    • google_cloudiot_registry_iam_member
    • google_cloudiot_registry_iam_policy
    • google_compute_backend_bucket_iam_binding
    • google_compute_backend_bucket_iam_member
    • google_compute_backend_bucket_iam_policy
    • google_compute_snapshot_iam_binding
    • google_compute_snapshot_iam_member
    • google_compute_snapshot_iam_policy
    • google_dataproc_autoscaling_policy_iam_binding
    • google_dataproc_autoscaling_policy_iam_member
    • google_dataproc_autoscaling_policy_iam_policy
    • google_dataproc_metastore_service_iam_binding
    • google_dataproc_metastore_service_iam_member
    • google_dataproc_metastore_service_iam_policy
  • TF -> CAI resource conversion compiled against google provider version 4.30.0.
  • Resources without a known project, folder, or organization will have their ancestry set to organizations/unknown instead of throwing a 403 error that halts validation.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

396.0.0 (2022-08-02)

AI

  • Added --labels flag to gcloud ai models upload to support setting labels. Use --labels flag to set metadata to organize your models and model versions. Label keys and values can be no longer than 64 characters (Unicode codepoints), can only contain lowercase letters, numeric characters, underscores and dashes. International characters are allowed. See https://goo.gl/xmQnxf for more information and examples of labels.

Cloud Identity-Aware Proxy

  • Promoted gcloud iap tcp dest-groups to GA.

Cloud Logging

  • Promoted --index flag of gcloud logging buckets create to GA.
  • Promoted --clear-indexes flag of gcloud logging buckets update to GA.
  • Promoted --remove-indexes flag of gcloud logging buckets update to GA.
  • Promoted --add-index flag of gcloud logging buckets update to GA.
  • Promoted --update-index flag of gcloud logging buckets update to GA.

Compute Engine

  • Promoted --maintenance-interval flag of gcloud compute commitments create to beta.

Compute OS Config

  • Promoted gcloud compute os-config troubleshoot to GA.
    • Troubleshoot common issues with VM Manager.

Config Connector

Database Migration

  • Fixed issue where creation of a migration job in a project inside a VPC-SC perimeter constantly failed.
  • Fixed issue where creation of a connection profile in a project inside a VPC-SC perimeter constantly failed.

Identity Groups

  • Fixed issue where gcloud identity groups create will fail when specifying --group-type=security.

Identity and Access Management

  • Added --service-account-token-lifetime-seconds flag to gcloud iam <workforce-pools|workload-identity-pools> create-cred-config command to allow configuring the access token lifespan for service account impersonation.

Recommender

  • Added support for gcloud recommender recommender-config describe.
  • Added support for gcloud recommender recommender-config update.
  • Added support for gcloud recommender insight-type-config describe.
  • Added support for gcloud recommender insight-type-config update.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

395.0.0 (2022-07-26)

AI

  • Modified gcloud ai models upload to support model version aliases. Use --version-aliases flag to set version aliases so that a model version can be referenced via alias (i.e. projects/{project}/locations/{location}/models/{model_id}@{version_alias} instead of auto-generated version id (i.e. projects/{project}/locations/{location}/models/{model_id}@{version_id}). The format is [a-z][a-zA-Z0-9-]{0,126}[a-z0-9] to distinguish from version_id. The aliases set in the flag will replace the aliases set in the model.

App Engine

Artifact Registry

  • Added gcloud artifacts packages describe command.

Cloud Deploy

  • Added new --from-k8s-manifest to releases create command. When used, a Skaffold file will be generated.

Cloud Domains

  • Implemented the following commands for gcloud domains registrations in alpha and beta.
    • import
    • list-importable-domains

Cloud Functions

  • Updated gcloud functions list to return 2nd gen functions in addition to 1st gen functions.
  • Fixed crash in gcloud beta functions deploy --gen2 failures causing the error message "This stage does not belong to this progress tracker".
  • Promoted --gen2 flag of gcloud functions add-iam-policy-binding to GA.
  • Promoted --gen2 flag of gcloud functions call to GA.
  • Promoted --gen2 flag of gcloud functions delete to GA.
  • Promoted --gen2 flag of gcloud functions deploy to GA.
  • Promoted --gen2 flag of gcloud functions describe to GA.
  • Promoted --gen2 flag of gcloud functions get-iam-policy to GA.
  • Promoted --gen2 flag of gcloud functions remove-iam-policy-binding to GA.
  • Promoted --gen2 flag of gcloud functions set-iam-policy to GA.
  • Promoted --gen2 flag of gcloud functions event-types list to GA.
  • Promoted --gen2 flag of gcloud functions logs read to GA.
  • Promoted --gen2 flag of gcloud functions regions list to GA.
  • Promoted gcloud functions add-invoker-policy-binding to GA.
  • Promoted gcloud functions remove-invoker-policy-binding to GA.

Cloud Healthcare

  • Added --schema-type value analytics_v2 to gcloud healthcare fhir-stores export bq.

Cloud Identity-Aware Proxy

  • Renamed flag --group-name to --dest-group forgcloud iap tcp dest-groups IAM commands.

Cloud Pub/Sub

  • Fixed issue where gcloud pubsub subscriptions create and gcloud pubsub subscriptions update will crash when specifying --min-retry-delay=0 and/or --max-retry-delay=0.
  • Fixed issue where gcloud pubsub subscriptions create will crash when specifying --retention_duration=0.

Cloud Run

  • Added --description flag in gcloud run deploy, and description field in gcloud run services describe [SERVICE].
    • Description is an optional, human-readable string of up to 512 characters.
    • Using the flag is functionally equivalent to adding service annotation "run.googleapis.com/description".

Compute Engine

  • Added --update-user-licenses and --clear-user-licenses flags of gcloud compute images update to alpha and beta.
  • Made global scope the default for gcloud compute security-policies.

Config Controller

  • Added --man-blocks flag to gcloud anthos config controller create to allow specifying multiple master authorized network CIDR blocks for a CC instance.
  • Deprecated --man-block flag of gcloud anthos config controller create. Use --man-blocks to set master authorized network CIDR block.
  • Modified gcloud anthos config controller list to print out only the instance name instead of the fully specified name.
  • Added --full-name flag to gcloud anthos config controller list to allow users printing out the fully specified name in the NAME column when needed.

GKE Hub

  • Promote gcloud container hub memberships generate-gateway-rbac to GA.

Kubernetes Engine

  • Add cgroupMode node system config option to allow switching nodes to cgroupv1 or cgroupv2.
  • Updates default kubectl from 1.22.9 to 1.22.12
  • Additional kubectl versions:
    • kubectl.1.19 (1.19.16)
    • kubectl.1.20 (1.20.15)
    • kubectl.1.21 (1.21.14)
    • kubectl.1.22 (1.22.12)
    • kubectl.1.23 (1.23.9)
    • kubectl.1.24 (1.24.3)

Pubsub Emulator

  • Added support for creating BigQuery subscriptions.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

394.0.0 (2022-07-19)

AI

  • Modified gcloud ai models describe to support model versioning.
  • Added europe-west9 option to --region flag of gcloud ai custom-jobs and gcloud ai hp-tuning-jobs.
    • Provide the model version ID or version alias to retrieve a specific version of the model.
    • If no model version ID or alias is specified, the "default" model version will be used. The "default" version alias is created for the first version of the model, and can be moved to other versions later on. There will be exactly one default version.
  • Added gcloud ai models delete-version which deletes an existing Vertex AI model version.

Anthos Multi-Cloud

  • Added --ssh-public-key flag to gcloud container azure node-pools update to update the SSH public key for the Azure node pool nodes.

Artifact Registry

  • Fixed a bug where the plus sign ("+") was not escaped properly, making it impossible to delete artifacts with a plus sign in their name.

Bare Metal Solution

  • Started using v2.projects.locations.operations instead of v1.operations for the following commands:
    • gcloud bms instances start
    • gcloud bms instances reset
    • gcloud bms instances disable-serial-console
    • gcloud bms instances enable-serial-console
    • gcloud bms instances update
    • gcloud bms networks update
    • gcloud bms nfs-shares update
    • gcloud bms volumes update
    • gcloud bms volumes restore
    • gcloud bms operations describe
    • gcloud bms operations wait
  • Promoted --os-image flag of gcloud bms instances update to GA.
  • Promoted --[no-]enable-hyperthreading flag of gcloud bms instances update to GA.
  • Promoted --add-ip-range-reservation flag of gcloud bms networks update to GA.
  • Promoted --clear-ip-range-reservations flag of gcloud bms networks update to GA.
  • Promoted --remove-ip-range-reservation flag of gcloud bms networks update to GA.
  • Promoted gcloud bms networks list-ip-reservations to GA.

Batch

  • Promoted gcloud batch to alpha and beta which enables the CLI to use Batch APIs.

Cloud Deploy

  • Changed the default bucket name upload path on release create to use the pipeline UUID.
  • Added mutex flags --enable-initial-rollout and --disable-initial-rollout.

Cloud Key Management Service

  • Modified gcloud kms import-jobs create to accept new SHA-2 import methods rsa-oaep-3072-sha256, rsa-oaep-3072-sha256-aes-256, rsa-oaep-4096-sha256, and rsa-oaep-4096-sha256-aes-256 in beta.

Cloud SQL

  • Added support for incremental addition of user password policies.

Cloud Storage

  • Updated gsutil component to 5.11.

Compute Engine

  • Added --layer7-ddos-defense-auto-deploy-load-threshold, --layer7-ddos-defense-auto-deploy-confidence-threshold, --layer7-ddos-defense-auto-deploy-impacted-baseline-threshold, and --layer7-ddos-defense-auto-deploy-expiration-sec to gcloud compute security-policies update to gcloud beta compute security-policies update.
  • Promoted flags --enable-strong-affinity of gcloud compute backend-services create and gcloud compute backend-services update to GA.

Google Cloud CLI

  • Replaced the default login flow when a browser is not detected from --no-browser to --no-launch-browser.

Identity and Access Management

  • Removed etag flag from gcloud beta iam policies update command. The command will always use the etag in the policy file.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

393.0.0 (2022-07-12)

Breaking Changes

  • (AlloyDB) Updated gcloud beta alloydb instances create and gcloud beta alloydb instances update to remove the unused --zone flag.
  • (Cloud Datastore Emulator) Removed support for running the Datastore emulator (gcloud beta emulators datastore start) in environment with Java versions prior to 11. Users can upgrade to Java 11 or above to continue using the latest Datastore emulator. Alternatively, users can use gcloud command-line tool with version before 392.0.0 to continue using the previous Datastore emulator with Java 8 support.
  • (Cloud Firestore Emulator) Removed support for running the Firestore emulator (gcloud beta emulators firestore start) in environment with Java versions prior to 11. Users can upgrade to Java 11 or above to continue using the latest Firestore emulator. Alternatively, users can use gcloud command-line tool with version before 392.0.0 to continue using the previous Firestore emulator with Java 8 support.

AI

  • Added gcloud ai models delete-version which delete an existing Vertex AI model version.
  • Modified gcloud ai models upload to support model versioning. Use --parent-model flag to specify the parent model of the model version to be uploaded. When this flag is specified, a new version of the parent model will be uploaded. Use --model-id flag to specify the model ID for the uploaded model.
  • Fixed an issue for gcloud ai custom-jobs create that the value of the --args and --command flags are not passed when the --worker-pool-spec flag is left unspecified.

AlloyDB

  • Updated gcloud beta alloydb instances create and gcloud beta alloydb instances update to allow --cpu-count of 2.

Artifact Registry

  • Fixed issue where gcloud artifacts packages delete requires the package id unescaped.

Cloud Dataproc

  • Added bootDiskKmsKey key in --pools flag to gcloud dataproc clusters gke create to allow creating Dataproc on GKE cluster with CMEK protected node pool.

Cloud Datastream

  • Added --bigquery-destination-config flag to gcloud datastream streams <create/update>.
  • Added bigquery type to --type flag of datastream connection-profiles <create/update>.

Cloud Deploy

  • Added optional flags --labels and --annotations for users to add labels or annotations to apply to gcloud deploy targets rollback command.

Cloud Firestore Emulator

  • Release Cloud Firestore emulator v1.14.4
    • Fix: Condition Normalization now correctly handles cartesian products and flattening in certain edge cases.

Cloud Functions

  • Promoted --docker-registry flag of gcloud functions deploy to GA.
  • Move PHP 8.1 for Cloud Functions to GA.
  • Added gcloud functions runtimes list which displays the supported runtimes for both 1st & 2nd generation functions.

Cloud Key Management Service

  • Promoted --wrapped-key-file flag of gcloud kms keys versions import to GA.
  • Deprecated --rsa-aes-wrapped-key-file flag of gcloud kms keys versions import. Use --wrapped-key-file instead.

Cloud Memorystore

  • Promoted --persistence-mode, --rdb-snapshot-period and --rdb-snapshot-start-time flags of gcloud redis instances create to GA.
  • Promoted --persistence-mode, --rdb-snapshot-period and --rdb-snapshot-start-time flags of gcloud redis instances update to GA.

Cloud SQL

  • Added flag --password-policy-enable-password-verification to gcloud sql users create and gcloud sql users set-password-policy for MySQL password validation.
  • Added flags --discard-dual-password and --retain-password to gcloud sql users set-password to allow control over MySQL's dual password.

Cloud Speech API

  • Added latest_short and latest_long options for gcloud ml speech <recognize | recognize-long-running> --model flag.

Cloud TPU

  • Updated tpus tpu-vm ssh to return an error when users attempt to ssh into a TPU VM during a maintenance event.

Compute Engine

  • Promoted --target-distribution-shape flag of gcloud compute instances bulk create to GA.
  • Promoted --key-revocation-action-type flag to GA for gcloud compute instance-templates create.
  • Promoted explicit scope requirement for gcloud compute security-policies to beta.
  • Promoted --network-ddos-protection flag of gcloud compute security-policies create to beta.
  • Promoted gcloud compute network-edge-security-services to beta.
  • Promoted --key-reservation-action-type flag to GA for gcloud compute instances create.
  • Promoted keyRevocationActionType property of gcloud compute instances update-from-file to GA.

Compute Firewall Policies

  • Promoted --src-region-codes and --dest-region-codes flags to beta in gcloud compute firewall-policies rules create , gcloud compute firewall-policies rules update , gcloud compute network-firewall-policies rules create and gcloud compute network-firewall-policies rules update commands.
  • Promoted --src-threat-intelligence and --dest-threat-intelligence flags to beta in gcloud compute firewall-policies rules create , gcloud compute firewall-policies rules update , gcloud compute network-firewall-policies rules create and gcloud compute network-firewall-policies rules update commands.

Config Connector

Config Controller

  • Added --man-blocks flag to gcloud anthos config controller create to allow specifying multiple master authorized network CIDR blocks for a CC instance.
  • Deprecated --man-block flag of gcloud anthos config controller create. Use --man-blocks to set master authorized network CIDR block.

Kubernetes Engine

  • Added --binauthz-evaluation-mode flag to gcloud container clusters create command.
  • Added --binauthz-evaluation-mode flag to gcloud container clusters create-auto command.
  • Added --binauthz-evaluation-mode flag to gcloud container clusters update command.
  • Added --total-max-nodes and --total-min-nodes to gcloud container cluster/node-pools create/update that allow users to set total size limits for autoscaled nodepools. The limits are available in clusters with version 1.24+.
  • Added --location-policy to gcloud container cluster/node-pools create/update that allow users to set location policy for autoscaled nodepools. The location policy is available in clusters with version 1.24.1-gke.800+.

Transcoder

  • added support for --labels flag when creating a new job/job template.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

392.0.0 (2022-06-28)

Anthos Multi-Cloud

  • Added --iam-instance-profile flag to gcloud container aws clusters update and gcloud container aws node-pools update to update the name or ARN of the IAM instance profile associated with control plane or node pool.
  • Added --ssh-public-key flag to gcloud container azure clusters update to update the SSH public key for the Azure control plane.
  • Added --logging flag to gcloud container aws clusters update and gcloud container azure clusters update to update the logging config.

App Engine

Certificate Authority Service

  • Added --unconstrained-chain-length flag to gcloud privateca subordinates create to allow creation of a subordinate CA with unconstrained chain length.
  • Added --unconstrained-chain-length flag to gcloud privateca roots create to allow creation of a root CA with unconstrained chain length.
  • Added --unconstrained-chain-length flag to gcloud privateca certificates create to allow creation of a CA with unconstrained chain length.

Certificate Manager

  • Promoted gcloud certificate-manager to GA.
  • Allowed using project number in gcloud certificate-manager commands.

Cloud Bigtable

  • Promoted gcloud bigtable instances tables undelete to beta and GA.
  • Added --autoscaling-storage-target flags to gcloud bigtable clusters create for alpha, beta and GA to let users create autoscaling clusters with configurable storage target.
  • Added key autoscaling-storage-target to --cluster-config flag of gcloud bigtable instances create for alpha, beta and GA to let users create autoscaling clusters with configurable storage target.
  • Added --autoscaling-storage-target flag to gcloud bigtable clusters update for alpha, beta and GA to let users configure autoscaling storage target when updating clusters.

Cloud Deploy

  • Added new command gcloud deploy releases abandon to prevent new rollouts on a Cloud Deploy release.
  • Added suspended field to the Delivery Pipeline resource. If this field is set, activity on a pipeline is prevented. The field can be set or unset in the Delivery Pipeline definition, and then applied using gcloud deploy apply.

Cloud TPU

  • Fixed an issue with connection to TPU VMs when the 'compute.disableGuestAttributesAccess' Organization Policy Constraint is enforced.

Compute Engine

  • Added --list-managed-instances-results flag to gcloud beta compute instance-groups managed create and gcloud beta compute instance-groups managed update.
  • Promoted --certificate-map of 'compute target-https-proxies insert|update` to GA.
  • Promoted --certificate-map of 'compute target-ssl-proxies insert|update` to GA.

Dataproc Metastore

  • Promoted --network-config-from-file and --consumer-subnetworks flag to gcloud beta metastore services create to specify the subnetworks from which the Dataproc Metastore service can be accessed to GA.

Eventarc

  • Added gcloud eventarc google-channels command group.
  • Added gcloud eventarc channels update command to configure crypto keys on a channel.
  • Added --crypto-key flag to gcloud eventarc channels create to configure crypto keys on a new channel.

Google Cloud CLI

  • Updated login flow initiated by gcloud auth login --no-launch-browser and gcloud auth application-default login --no-launch-browser to address a security issue.

Kubernetes Engine

  • Promoted --enable-cost-allocation flag of gcloud container clusters create to beta.
  • Promoted --enable-cost-allocation flag of gcloud container clusters update to beta.
  • Renamed --enable-cost-management flag of gcloud container clusters create to --enable-cost-allocation.
  • Renamed --enable-cost-management flag of gcloud container clusters update to --enable-cost-allocation.
  • Added --stack-type and --ipv6-access-type arguments to gcloud container clusters create command to support dual stack GKE clusters.

Terraform

  • Added support for the following resources in CAI-based policies:
    • google_access_context_manager_access_policy
  • TF -> CAI resource conversion compiled against google provider version 4.24.0.
  • Fixed the ancestry used for resources that do not exist within a project. Users may need folders.get access to folders that have resources included in the plan.
  • Simplified converter error messages and added resource address.
  • Added support for ancestries/excludedAncestries match parameters for CAI-based constraints.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

391.0.0 (2022-06-22)

Breaking Changes

  • (Anthos Multi-Cloud) Removed --instance-type flag of gcloud container aws node-pools update to disable updating the EC2 instance type of node pool nodes.

Assured Workloads

  • Added ITAR as compliance regime options for gcloud assured workloads create command.

Cloud Dataflow

  • Added a --force flag to gcloud dataflow jobs cancel which forcibly cancels (leaking VMs) Dataflow jobs that are stuck on normal cancellation.

Cloud Filestore

  • Enable Filestore High-Scale tier for GA.

Cloud Identity-Aware Proxy

  • Promoted flags for host based connetion for command gcloud compute start-iap-tunnel to beta.
  • Promoted gcloud iap oauth-brands surface to GA.
  • Promoted gcloud iap oauth-clients surface to GA.

Cloud SQL

  • Promoted SQL Server Audit to GA.

Compute Engine

  • Updated gcloud compute networks subnets list-usable list format to include PSC and IPv6 fields.

Dataproc Metastore

  • Added support for managing Dataproc Metastore Federation. The following commands have been added to the alpha, beta and GA release tracks:

    • metastore federations create
    • metastore federations delete
    • metastore federations describe
    • metastore federations get
    • metastore federations list
    • metastore federations update
  • Added support for managing IAM policy for Dataproc Metastore Federation. The following commands have been added to the GA release track:

    • metastore federations get-iam-policy
    • metastore federations set-iam-policy
    • metastore federations add-iam-policy-binding
    • metastore federations remove-iam-policy-binding

Identity and Access Management

  • Added --executable-command flag to gcloud iam workload-identity-pools create-cred-config command to allow executable sourced credentials.

Managed Active Directory

  • Adding support for gcloud beta active-directory domains extend-schema for initiating schema extension on domain.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

390.0.0 (2022-06-14)

Access Approval

  • Added gcloud access-approval requests invalidate to invalidate an existing approval.

BigQuery

  • Add support for partitioning_type with --time_partitioning_type flag in Scheduled Queries when a schedule is specified by --schedule in bq query.
  • Added support for showing table clone info in bq show.
  • Added support for both Workload and Workforce identity federation.
  • Added --max_time_travel_hours flag to bq mk.
  • Added --autodetect_schema flag to bq update.
  • Added flag --preserve_ascii_control_characters to bq load to allow ASCII Control chars.
  • Updated the comment on --restore flag in bq cp to reflect that it's deprecated.
  • Added support for dataset tags.
  • Minor bug fixes and dependency updates.
  • Add --federated_app_client_id and --federated_azure flags to mk command.
  • Add --federated_app_client_id flag to update command.
  • Add support for LOAD DATA query.

Cloud Dataproc

  • Added --metric-sources, --metric-overrides and --metric-overrides-file flags to gcloud beta dataproc clusters create to allow clusters to be created with a metric sources specified, override specific set of metrics using a list or a file as an input.
  • Added --metric-sources, --metric-overrides and --metric-overrides-file flag to gcloud beta dataproc workflow-templates set-managed-cluster to allow managed clusters created with a metric sources specified, override specific set of metrics using a list or a file as an input.
  • Modified gcloud dataproc clusters export to remove un-importable fields on Dataproc on GKE clusters.

Cloud Firestore

  • Added gcloud beta firestore fields ttls command group.

Cloud Pub/Sub

  • Fixed issue where gcloud --format=json beta pubsub subscriptions pull --auto-ack and gcloud --format=json alpha pubsub subscriptions pull --auto-ack output was backwards incompatible. This issue can be tracked at https://issuetracker.google.com/issues/222551623.

Cloud Run

  • Added --description flag in gcloud beta run deploy, and description field in gcloud beta run services describe [SERVICE].
    • Description is an optional, human-readable string of up to 512 characters.
    • Using the flag is functionally equivalent to adding service annotation "run.googleapis.com/description".

Compute Engine

  • Promoted network-firewall-policies command group to GA.
  • Promoted gcloud compute instances create --visible_core_count to beta.

Config Connector

Kubernetes Engine

  • Added --enable-confidential-nodes to gcloud container cluster create to enable cluster creation with nodes on Confidential VM. Added --enable-confidential-nodes flag to gcloud container node-pools create/update to allow creating node-pools with confidential nodes, and updating existing node pools to confidential nodes.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

389.0.0 (2022-06-07)

Anthos Multi-Cloud

  • Added --instance-type flag to gcloud container aws node-pools update to update the EC2 instance type of node pool nodes.

Artifact Registry

  • Added new command gcloud artifacts files list to list files in a specific repository.

Cloud Composer

  • Added --enable-master-authorized-networks and --master-authorized-networks flags to gcloud composer environments create command.
  • Added --enable-master-authorized-networks and --disable-master-authorized-networks and --master-authorized-networks to gcloud composer environments update command.
  • Added --enable-ip-masq-agent flag to gcloud composer environments create command to enable IP address masquerading in the GKE cluster.

Cloud DNS

  • Add setIamPolicy and getIamPolicy commands in beta.

Cloud Filestore

  • Add support for Filestore's multi-share instances to gcloud beta filestore instances list. CAPACITY_GB will show the instance's capacity for multi-share instances instead of an empty string. FILE_SHARE_NAME will show "N/A" for multi-share instances instead of an empty string.

Cloud Identity-Aware Proxy

  • Promoted gcloud iap tcp dest-groups command group to beta.

Cloud Run

  • Promoted --session-affinity of gcloud run to beta.

Cloud SQL

  • Add command gcloud sql generate-login-token to generate down-scoped OAuth2 access tokens for IAM database authentication.

Compute Engine

  • Modified --ssl-certificates flag to be optional in gcloud compute target-https-proxies create.
  • Updated the documentation for --mtu flag of compute networks create|update.
  • Updated the validation for --enable-logging and --logging-sample-rate flags of beta compute backend-services create|update.
  • Updated the documentation for --logging-sample-rate flag of compute backend-services create|update.

Config Connector

Database Migration

  • Renamed --sync flag to --no-async flag to gcloud database-migrate migration-jobs create command to wait for the migration job creation operation to be completed before proceeding.
  • Added --no-async flag to gcloud database-migrate migration-jobs update command to wait for the migration job updation operation to be completed before proceeding.
  • Updated gcloud database-migration connection-profiles create cloudsql to support the flag root-password.
  • Added --no-async flag to gcloud database-migrate migration-jobs create command to wait for the connection profile creation operation to be completed before proceeding.

Kpt

  • Updated kpt from v1.0.0-beta.13 to v1.0.0-beta.15. See https://github.com/GoogleContainerTools/kpt/releases/tag/v1.0.0-beta.15 for more details.
  • The kpt fn commands now includes Kptfile and functionConfig in the function input by default. Previously this behavior was controlled using --enable-meta-resources command-line flag. --enable-meta-resources flag is also deprecated. If this disrupts any of your config workflow, you can use exclude functionality to exclude resources from function inputs. This functionality was added in this release to minimize the disruption.
  • The kpt website is overhauled to reflect the new scope of kpt project. New components package orchestrator, Configuration as Data UI and Config Sync are added to the project.
  • Added package orchestrator (a.k.a. porch) CLI interface under alpha subgroup (kpt alpha rpkg, kpt alpha repo, kpt alpha sync).
  • Added command-line flag --save to kpt fn eval to save evaluated function to package's Kptfile.
  • Added capability to select resources using labelSelector and annotationSelector in kpt fn eval and kpt fn render.
  • Added capability to exclude resources in kpt fn eval and kpt fn render.
  • Added support for variant constructor pattern in kpt pkg init and kpt pkg get.
  • Added capability to execute functions in a kubernetes cluster using porch.

Kubernetes Engine

  • Added podPidLimits kubelet config option which controls per pod pid limits to gcloud container clusters create, gcloud container node-pools create, and gcloud container node-pools update.
  • Updates default kubectl from 1.21 to 1.22.
  • Additional kubectl versions:
    • kubectl.1.19 (1.19.16)
    • kubectl.1.20 (1.20.15)
    • kubectl.1.21 (1.21.13)
    • kubectl.1.22 (1.22.9)
    • kubectl.1.23 (1.23.6)
    • kubectl.1.24 (1.24.0)

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

388.0.0 (2022-06-01)

Google Cloud CLI

  • Added Cloud SQL OAuth scope to Application Default Credential.

AI

  • Fixed issue where unspecified --network and --service-account flags of gcloud ai hp-tuning-jobs create mistakenly overrode the corresponding values set via --config flag.

Apigee

  • Promoted gcloud apigee operations to beta.

Bare Metal Solution

  • Updated gcloud bms instances list to also return the IP addresses of instances that do not use the default network template.

Cloud Bigtable

  • Removed NAME column output from bigtable hot-tablets list.

Cloud Datastore Emulator

  • Release Cloud Datastore Emulator version 2.2.1
    • Fixes --firestore_in_datastore_mode flag parsing.

Cloud Deploy

  • Fixed issue where gcloud deploy targets rollback redeployed to the current release instead of rolling back to the previous release. This occurred in cases where the name of the release to rollback to was not provided.

Cloud Functions

  • Added --gen2 support for --set-secrets, --update-secrets, --remove-secrets and --clear-secrets flags of gcloud functions deploy to beta, alpha.

Cloud On Demand Scanning

  • Fixed issue where scanning for Maven vulnerabilities would occasionally fail.

Compute Engine

  • Promoted network-firewall-policies command group to GA.

Config Connector

Database Migration

  • Added --sync- flag to gcloud database-migrate migration-jobs create command to wait for the migration job creation operation to be completed before proceeding.

Kubernetes Engine

  • Added podPidLimits kubelet config option which controls per pod pid limits to gcloud container clusters create, gcloud container node-pools create, and gcloud container node-pools update.
  • Updated the following GA commands to support IAM Conditions:
    • gcloud beta attestors get-iam-policy outputs conditions associated with each binding.
    • gcloud beta attestors set-iam-policy accepts policies with conditional bindings.
    • gcloud beta attestors <add|remove>-iam-policy-binding accepts conditional bindings via new --condition and --condition-from-file flags.
    • gcloud beta policy get-iam-policy outputs conditions associated with each binding.
    • gcloud beta policy set-iam-policy accepts policies with conditional bindings.
    • gcloud beta policy <add|remove>-iam-policy-binding accepts conditional bindings via new --condition and --condition-from-file flags.

Terraform

  • Added support for the following resources in CAI-based policies:
    • google_access_context_manager_access_policy_iam_binding
    • google_access_context_manager_access_policy_iam_member
    • google_access_context_manager_access_policy_iam_policy
    • google_endpoints_service_consumers_iam_binding
    • google_endpoints_service_consumers_iam_member
    • google_endpoints_service_consumers_iam_policy
    • google_privateca_certificate_template_iam_binding
    • google_privateca_certificate_template_iam_member
    • google_privateca_certificate_template_iam_policy
  • TF -> CAI resource conversion compiled against google provider version 4.20.0.
  • Added output of logs based on configuration of log level.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

387.0.0 (2022-05-24)

Anthos Multi-Cloud

  • Fixed issue where gcloud container aws clusters get-credentials --private-endpoint and gcloud container azure clusters get-credentials --private-endpoint commands do not work for clusters in a project different from the default project.

Cloud Composer

  • Added --enable-privately-used-public-ips flag to gcloud composer environments create command to enable using privately used public IP address ranges feature in the GKE cluster.

Cloud Dataproc

  • Added --properties-file flag to gcloud beta dataproc jobs submit.

Cloud Deploy

  • Fixed gcloud deploy releases <create|promote> and gcloud deploy targets rollback to support --format flag.

Cloud Functions

  • - Added --trigger-event-filters-path-pattern flag to gcloud beta functions deploy.

Cloud Pub/Sub

  • Added --bigquery-table, --write-metadata, --use-topic-schema, and --drop-unknown-fields flags to gcloud pubsub subscriptions create to set BigQuery configuration options in Cloud Pub/Sub subscriptions.
  • Added --bigquery-table, --write-metadata, --use-topic-schema, --drop-unknown-fields, and --clear-bigquery-config flags to gcloud pubsub subscriptions update to update BigQuery configuration options in Cloud Pub/Sub subscriptions.

Compute Engine

  • Added 22.04 to allowed list of values for --version of gcloud beta compute instances ops-agents policies [create|update].
  • Promoted delete command of gcloud compute instance-groups managed all-instances-config to beta.
  • Promoted update command of gcloud compute instance-groups managed all-instances-config to beta.
  • Promoted --region for gcloud compute ssl-policies to beta.
  • Promoted --region flag for gcloud compute target-tcp-proxies to beta.
  • Added --target-distribution-shape flag to gcloud compute instances bulk create to specify shape of distribution in regional bulk insert for alpha and beta.

Config Connector

Eventarc

  • Added gcloud eventarc audit-logs-provider command group.

Stackdriver Monitoring

  • Promoted gcloud monitoring metrics-scopes command group to beta.

Terraform

  • Added support for the following resources in CAI-based policies:
    • google_access_context_manager_access_policy_iam_binding
    • google_access_context_manager_access_policy_iam_member
    • google_access_context_manager_access_policy_iam_policy
    • google_endpoints_service_consumers_iam_binding
    • google_endpoints_service_consumers_iam_member
    • google_endpoints_service_consumers_iam_policy
    • google_privateca_certificate_template_iam_binding
    • google_privateca_certificate_template_iam_member
    • google_privateca_certificate_template_iam_policy
  • TF -> CAI resource conversion compiled against google provider version 4.20.0.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

386.0.0 (2022-05-17)

Google Cloud CLI

  • Added Cloud SQL OAuth scope to gcloud auth login.

Anthos Identity Service

  • Promoted gcloud container hub identity-service to GA.
  • Promoted gcloud container fleet identity-service to GA.

App Engine

  • Promoted --service-account flag of gcloud app deploy to GA.

App Engine Flexible Environment

  • Promoted --service-account flag of gcloud app deploy to GA.

Cloud Build

  • Add --include-logs-with-status flag to gcloud triggers create.

Cloud Composer

  • Improve error message in case of lacking permissions in gcloud composer environments storage * delete commands.

Cloud IAM

  • Added gcloud iam workload-identity-pools create-saml and gcloud iam workload-identity-pools update-saml commands to manage SAML workload identity pool providers.

Cloud Memorystore

  • Promoted support for maintenance windows in gcloud memcache to GA.
  • Promoted the command gcloud memcache reschedule-maintenance to GA.

Cloud Run

  • Modified gcloud run services describe to include session affinity configuration.

Cloud SQL

  • Changed the prompt generated by --prompt-for-password for gcloud sql users set-password from Instance Password: to New Password:, since set-password command changes a database user's password, not the instance's password.
  • Setting max-login-attempts will also set enable-password-verification to true.

Compute Engine

  • Promoted --service-bindings flag of gcloud compute backend-services create|update commands to GA.
  • Promoted gcloud compute backend-services add-service-bindings and gcloud compute backend-services remove-service-bindings commands to GA.
  • Promoted --provisioning-model and --instance-termination-action flags of gcloud compute instances set-scheduling to GA.
  • Promoted sole tenancy flags of gcloud compute instances update to GA.
  • Added --network-performance-configs flag to gcloud compute instances bulk create.
  • Promoted --disable-automate-dns-zone flag of gcloud compute forwarding-rules create to GA.
  • Promoted --stack-type flag to GA for gcloud compute networks peeerings <create|update>.
  • Added windows-2022 & windows-2022-byol options to --os flag for:
    • gcloud compute images import in GA,
    • gcloud compute instances import in GA
    • gcloud compute machine-images import in GA

Config Connector

Database Migration

  • Updated gcloud database-migration migration-jobs create command to create a migration job without any connectivity method (if connectivity isn't specified).
  • Added gcloud database-migration migration-jobs create --static-ip command to create a migration job with static IP connectivity. This was the default behavior.
  • Added gcloud database-migration migration-jobs update --static-ip command to update a migration job with static IP connectivity.

Distributed Cloud Edge

  • Added --clear-maintenance-window flag to gcloud edge-cloud container clusters update which removes the maintenance window setting of a cluster.
  • Updated gcloud edge-cloud container clusters node-pools list to make specifying a parent cluster optional. When --cluster is not specified, all node pools are listed.

Managed Active Directory

  • Promoted gcloud active-directory domains backups and gcloud active-directory domains restore to GA.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

385.0.0 (2022-05-10)

Google Cloud CLI

  • Updated bundled Python executable for Windows to Python 3.9.12.

AI

  • Added --anomaly-cloud-logging flag to gcloud ai model-monitoring-jobs create|update to allow logging anomaly to Cloud Logging.

Anthos Multi-Cloud

  • Added --ssh-ec2-key-pair flag to gcloud container aws clusters update and gcloud container aws node-pools update to update the name of the EC2 key pair to login into control plane or node pool nodes.
  • Added --clear-ssh-ec2-key-pair flag to gcloud container aws clusters update and gcloud container aws node-pools update to clear the EC2 key pair to login into control plane or node pool nodes.

Cloud Run

  • Fixed issue where some commands were missing from gcloud beta run jobs.

Cloud SQL

  • Added --enable-password-policy flag to gcloud sql instances create and gcloud sql instances patch for GA.

Compute Engine

  • Promoted --key-revocation-action-type flag to beta for gcloud compute instance-templates create.
  • Promoted keyRevocationActionType flag of gcloud compute instances update-from-file to beta.
  • Added FIXED_STANDARD to allowed list of values for --default-network-tier flag.

Config Controller

  • Updated output of gcloud anthos config controller create to not include the default Config Connector identity upon creation.

Eventarc

  • Added gcloud eventarc channels group to interact with third-party sources.
  • Added gcloud eventarc channel-connections for event providers to create association with the user channel.
  • Added --channel argument to gcloud eventarc triggers create to specify associated channel.

Network Services

  • Promoted gcloud network-services service-bindings to GA.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

384.0.1 (2022-05-05)

Cloud Storage

  • Updated gsutil component to 5.10. Google Cloud CLI version 384.0.0 included an older gsutil component (version 5.6) in deb, rpm, and snap packages. Version 384.0.1 includes gsutil component version 5.10 in the deb, rpm, and snap packages.

384.0.0 (2022-05-03)

Cloud Datastore Emulator

  • Adds --use-firestore-in-datastore-mode flag to gcloud [alpha|beta] emulators datastore start command.

Cloud Resource Manager

  • Promoted --condition flag to GA for the following commands:
    • gcloud resources-manager tags keys <add_iam_policy_binding|create|delete|describe|get_iam_policy|list|remove_iam_policy_binding|set_iam_policy|update>
    • gcloud resources-manager tags values <add_iam_policy_binding|create|delete|describe|get_iam_policy|list|remove_iam_policy_binding|set_iam_policy|update>
    • gcloud resources-manager tags bindings <create|delete|list>
    • gcloud resources-manager tags holds <create|delete|list>

Cloud Run

  • Promoted gcloud beta run jobs command group and all sub-commands to beta.

Cloud Storage

  • Updated gsutil component to 5.10.

Compute Engine

  • Started showing error messages on use of gcloud compute ssl-certificates create with --domains and --region flags together. Previously --region flag was being ignored.
  • Promoted --md5-authentication-key flag of gcloud compute routers add-bgp-peer to beta.
  • Promoted --md5-authentication-key and --clear-md5-authentication-key flags of gcloud compute routers update-bgp-peer to beta.
  • Updated import and export schemas for gcloud compute backend-services.
  • Promoted --key-reservation-action-type flag to beta for gcloud compute instances create.

Config Connector

GKE Hub

  • Fix a bug that RBAC policy produced by generate-gateway-rbac command could be removed unexpectedly.
  • Promoted the following commands to GA:
    • gcloud container hub mesh update.
    • gcloud container fleet mesh update.

Kubernetes Engine

  • Promoted fields gpu-sharing-strategy and max-shared-clients-per-gpu within --accelerator flag to enable GPU sharing support.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

383.0.1 (2022-04-26)

Google Cloud CLI

  • Added back --[no-]launch-browser in gcloud auth login and gcloud auth application-default login. --no-browser is the preferred and more secure auth flow in comparison.
  • Added back --console-only and --no-launch-browser in gcloud init. Use --no-browser as the replacement.

383.0.0 (2022-04-26)

Breaking Changes

  • (Google Cloud CLI) Removed --[no-]launch-browser in gcloud auth login and gcloud auth application-default login. Use --no-browser as the replacement.
  • (Google Cloud CLI) Removed --console-only and --no-launch-browser in gcloud init. Use --no-browser as the replacement.
  • (Compute Engine) Removed --local-ssd=size=SIZE from gcloud beta compute instances create-with-container due to the parameter being nonfunctional.

AI

  • Modified --region flag of gcloud ai endpoints to include new online prediction regions.
  • Modified --region flag of gcloud ai models to include new online prediction regions.

Access Approval

  • Added gcloud access-approval service-account get which retrieves the service account that is used by Access Approval to access KMS keys for signing approved approval requests.

App Engine

  • Enables build environment variables to be set in app.yaml.

Artifact Registry

  • Added new command gcloud artifacts files list to list files from a specified project and repository.

Cloud DNS

  • Modified gcloud dns managed-zones update to allow detaching all networks from a private zone by setting --networks to an empty string.
  • Modified gcloud beta dns managed-zones update to allow detaching all GKE clusters from a private zone by setting --gkeclusters to an empty string.
  • Modified gcloud beta dns managed-zones update to allow updating the GKE clusters or networks bound to a private zone independently by setting only --gkeclusters or --networks.

Cloud Datastore Emulator

  • Release Cloud Datastore Emulator version 2.2.0
    • Adds a flag to support Cloud Firestore in Datastore mode product mode in the emulator.

Cloud Firestore Emulator

  • Released Cloud Firestore emulator v1.14.3.
    • Fixed exports throwing BufferOverflowException.

Cloud IAM

  • Service Accounts SignJwt promoted to GA command.

Compute Engine

  • Changed the default value of --image-family flag to debian-11 for gcloud compute instances create and gcloud compute instance-templates create commands.

Config Connector

Config Controller

  • Let gcloud anthos config controller create print the default Config Connector identity, to allow easier subsequent permission grant.
  • Added gcloud anthos config controller get-config-connector-identity which prints the default Config Connector identity, to allow easier subsequent permission grant.

Identity and Access Management

  • Added --enable-imdsv2 flag to gcloud iam workload-identity-pools create-cred-config command to include AWS token Url to the credential source while generating AWS credentials config file.

Kubernetes Engine

  • Added --node-labels, --node-taints and --tags flags to gcloud container node-pools update.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

382.0.0 (2022-04-19)

Access Approval

  • Added --active_key_version flag to gcloud access-approval settings update to set the crypto key version to use for signing approval requests.

Anthos Multi-Cloud

  • Added --proxy-secret-arn flag to gcloud container aws node-pools update to update the Amazon Resource Name (ARN) of the AWS Secrets Manager secret containing a proxy configuration.
  • Added --proxy-secret-version-id flag to gcloud container aws node-pools update to update the version ID of the AWS Secrets Manager secret containing a proxy configuration.
  • Added --clear-proxy-config flag to gcloud container aws node-pools update to clear the proxy configuration associated with the node pool.

Apigee

  • Fixed issue where gcloud beta apigee archives list would only list the first 25 archive deployments, even if more existed in the environment.

Binauthz

  • Updated the following beta commands to better support IAM Conditions:
    • gcloud beta attestors get-iam-policy outputs conditions associated with each binding.
    • gcloud beta attestors set-iam-policy accepts policies with conditional bindings.
    • gcloud beta attestors <add|remove>-iam-policy-binding accepts conditional bindings via new --condition and --condition-from-file flags.
    • gcloud beta policy get-iam-policy outputs conditions associated with each binding.
    • gcloud beta policy set-iam-policy accepts policies with conditional bindings.
    • gcloud beta policy <add|remove>-iam-policy-binding accepts conditional bindings via new --condition and --condition-from-file flags.

Cloud Composer

  • Enabled nested Airflow commands for Airflow 1.10.14 and 1.10.15 in gcloud composer environments run.

Cloud Logging

  • Added --location, --bucket, and --view flags to gcloud logging logs list to add the ability to limit the results to a view.

Cloud TPU

  • Promoted gcloud compute tpus tpu-vm to GA. Commands in this group allow creation and management of Cloud TPU VMs.

Compute Engine

  • Added INTERNAL as a choice for --ipv6-access-type flag in compute networks subnets create and compute networks subnets update.
  • Promoted unspecified value for --protocol flag of gcloud compute backend-services <create|update> to GA.
  • Promoted l3_default value for --ip-protocol flag of gcloud compute forwarding-rules create to GA.

Config Connector

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

381.0.0 (2022-04-12)

App Engine

Artifact Registry

  • *Added repository size to gcloud artifacts repositories describe and gcloud artifacts repositories list responses to GA.

Cloud Bigtable

  • Added "pretty-print" formatting to cbt lookup and cbt read commands. Column encodings and types can be provided using a YAML file, which is passed to the commands using format-file argument.
  • Added "keys-only" filtering to cbt lookup and cbt read commands by providing keys-only=true argument.
  • Promoted gcloud bigtable hot-tablets list to beta and GA.

Cloud Dataflow

  • Added --image-repository-username-secret-id, --image-repository-password-secret-id and --image-repository-cert-path flags to gcloud dataflow flex-template build command to allow users to provide credentials to pull template images from private registries.

Cloud Dataproc

  • Promoted gcloud dataproc clusters gke create to GA.

Cloud Datastream

Cloud Firestore Emulator

  • Release Cloud Firestore emulator v1.14.2
    • Fix: transaction expires after 270s or 60s window
    • Fix: dead transaction reused bug
    • Fix: deadlock for up to 30s. #2452

Cloud Healthcare

  • Added --schema-type value analytics_v2 to the following command gcloud beta healthcare fhir-stores export bq.
  • Added --resource-type flag to gcloud healthcare fhir-stores export bq and gcloud healthcare fhir-stores export gcs which limits the export to specific types of FHIR resources on export.
  • Added --since flag to gcloud healthcare fhir-stores export bq and gcloud healthcare fhir-stores export gcs which limits the export to FHIR resources that were updated since the value passed in.

Cloud Spanner

  • Added --processing-units flag to spanner instances create and spanner instances update to add ability to create granular instances in GA.

Cloud Storage

  • Updated gsutil component to 5.9.

Compute Engine

  • Added --region flag for updating Regional Target HTTPS Proxies via gcloud compute target-https-proxies import.
  • Changed the list format field label of gcloud compute networks subnets list to include updated IPv6 fields.
  • Added --provisioning-model and --instance-termination-action flags to gcloud compute instances set-scheduling surface for beta.
  • Updated gcloud compute instances set-scheduling documentation to include --no-preemptible flag.

Config Connector

Database Migration

  • Updated gcloud database-migration connection-profiles list to list all region connection profiles when region not specified.

GKE Hub

  • Added Kubernetes resource labels for RBAC policies produced by generate-gateway-rbac command.

Kubernetes Engine

  • Added --network-performance-configs flag to gcloud container node-pools create/update to allow node pools to enable higher performance bandwidth for VM to VM traffic.
  • Promoted maxSurge default to GA for node-pool upgrade settings.
  • Require values for both --shielded-secure-boot and --shielded-integrity-monitoring when either one is set.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

380.0.0 (2022-04-05)

Google Cloud CLI

  • Updated gcloud auth login --cred-file=external-account-creds.json to authorize bq with the External Account Credentials in the passed credential file.

Cloud Composer

  • Added support for 1 and 2 aliases in --airflow-version flag, and airflow-1 and airflow-2 aliases in Airflow part of --image-version flag, in gcloud composer environments create, gcloud beta composer environments update, gcloud beta composer environments check-upgrade.
  • Implemented gcloud beta composer environments snapshots command group.

Cloud Spanner

  • Promoted --condition flag on Cloud Spanner add-iam-policy-binding and remove-iam-policy-binding commands to GA. This allows setting conditional IAM policies on Cloud Spanner resources (instances, databases, and backups) via gcloud.
  • Promoted gcloud spanner backups copy to beta and GA.

Compute Engine

  • Promoted --certificate-map of 'compute target-ssl-proxies insert|update` to beta.

Distributed Cloud Edge

  • Added gcloud edge-cloud container which allows users to manage their Distributed Cloud Edge clusters.

Kubernetes Engine

  • Added --network-performance-configs flag to gcloud container node-pools create/update to allow node pools to enable higher performance bandwidth for VM to VM traffic.
  • Promoted maxSurge default to GA for node-pool upgrade settings.

Terraform

  • Added gcloud terraform vet to beta, which allows enforcing policy compliance as part of an infrastructure CI/CD pipeline.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

379.0.0 (2022-03-29)

Breaking Changes

  • (Cloud Services) Replace --deleted flag with --show-deleted flag to gcloud services api-keys list. With --show-deleted, keys soft-deleted within 30 days will be returned.
  • (Cloud Services) Change the default output format from tabular to row-based of gcloud services api-keys list.

Google Cloud CLI

  • Updated gcloud auth login --cred-file=external-account-creds.json to authorize gsutil with the External Account Credentials in the passed credential file.

AI

  • Added more choice options to --region flag of gcloud ai custom-jobs and gcloud ai hp-tunining-jobs, including: southamerica-east1 and us-west4.

Artifact Registry

  • Changed com.google.cloud.artifactregistry.gradle-plugin from 2.1.1 to 2.1.5 in gcloud print-settings.
  • Promoted gcloud artifacts apt and artifacts yum commands to GA.

Cloud Firestore Emulator

  • Release Cloud Firestore emulator v1.14.1
    • Chore: prepare for aggregate support.
    • Chore: add support of x-goog-request-params http header for routing.
    • Fix: change read-past-max-staleness error code to align with production implementation.
    • Fix: update readtime-in-the-future error message.
    • Fix: support importing exports from Windows on UNIX systems.

Cloud Functions

  • Promoted --docker-repository, --kms-key, --clear-docker-repository and --clear-kms-key flag of gcloud functions deploy to GA.
  • Promoted --docker-registry flag of gcloud functions deploy to beta.

Cloud On Demand Scanning

  • Added ARM support for local-extract on Linux.

Cloud Run

  • Promoted gcloud run services proxy to beta. This command allows you to proxy a service or revision to localhost. Requests will be authenticated as the current SDK account, or with a provided token.

Compute Engine

  • Fixed an issue with --create-disk and --disk flags that causes gcloud compute instances create to fail when attaching a boot disk.
  • Promoted --enable-ula-internal-ipv6 and --internal-ipv6-range flags to GA for gcloud compute networks <create|update>.
  • Updated --protocol flag to permit values of TCP or SSL when --enable-logging or --logging-sample-rate flags are set for gcloud compute backend-services create and gcloud compute backend-services update for beta.

Config Connector

Database Migration

  • Updated gcloud database-migration connection-profiles list --region=us-central1 to return correct structure for connection profiles based on format.
  • Updated gcloud database-migration connection-profiles create mysql to return error on invalid hostname.
  • Updated gcloud database-migration connection-profiles create postgresql to return error on invalid hostname.

Eventarc

  • Added gcloud eventarc providers which allows for the discovery of event providers.

Kubernetes Engine

  • Deprecated --autoprovisioning-min-cpu-platform flag from gcloud container clusters create/update.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

378.0.0 (2022-03-22)

Breaking Changes

  • (Bare Metal Solution) Modified gcloud bms volumes update, gcloud bms instances update, gcloud bms networks update, and gcloud bms nfs-shares update to be synchronous by default. Use --async flag to get the old behavior.

Google Cloud CLI

  • Updated --scopes flag in gcloud auth application-default print-access-token to support print down-scoped access token for user accounts.