Google Cloud CLI - Release Notes

Copyright 2014-2024 Google Inc. All rights reserved.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

466.0.0 (2024-02-27)

Google Cloud CLI

  • Updated gcloud auth application-default login --no-launch-browser to work with Context Aware Access.

Cloud Build

  • Hidedgcloud builds connections create bitbucket-cloud, gcloud builds connections create bitbucket-data-center, gcloud builds connections update bitbucket-cloud, gcloud builds connections create bitbucket-data-center, gcloud builds triggers create bitbucket-cloud, gcloud builds triggers update bitbucket-cloud, gcloud builds triggers create bitbucket-data-center, gcloud builds triggers update bitbucket-data-center.

Cloud Infrastructure Manager

  • Fixed issue where gcloud infra-manager previews export directly downloads files when --file flag is not provided.

Compute Engine

  • Promoted delete command of gcloud compute instance-groups managed all-instances-config to GA.
  • Promoted update command of gcloud compute instance-groups managed all-instances-config to GA.
  • Promoted --default-action-on-vm-failure flag of gcloud compute instance-groups managed <create | update> to GA.
  • Promoted gcloud compute instant-snapshots create to GA.
  • Promoted gcloud compute instant-snapshots delete to GA.
  • Promoted gcloud compute instant-snapshots describe to GA.
  • Promoted gcloud compute instant-snapshots list to GA.
  • Promoted gcloud compute instant-snapshots add-labels to GA.
  • Promoted --source-instant-snapshot flag of gcloud compute disks create to GA.
  • Promoted --source-instant-snapshot, --source-instant-snapshot-zone, --source-instant-snapshot-region and --source-instant-snapshot-key-file flags of gcloud compute snapshots create to GA.

Kubernetes Engine

  • Removed --dataplane-v2-observability-mode flag of gcloud container clusters create|update|create-auto command. Users are expected to use --enable-dataplane-v2-flow-observability and --disable-dataplane-v2-flow-observability flags now.

Network Security

  • Added --[no-]disabled flag to gcloud <alpha> network-security firewall-endpoint-associations update command to enable/disable a firewall endpoint association without removing it.

Security Command Center

  • Added --location flag to gcloud scc findings, gcloud scc muteconfigs, gcloud scc bqexports and gcloud scc notifications commands to provide data residency for scc resources.

Workbench

  • Fixed gcloud workbench instances commands failing when all three --shielded-secure-boot, --shielded-integrity-monitoring, --shielded-vtpm flags are not passed.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

465.0.0 (2024-02-21)

AI

  • Added update-mask to gcloud ai indexes upsert-datapoints command for dynamic metadata update.

App Engine

  • Enable devappserver support for Go 1.22 runtime.

Certificate Manager

  • Added --type flag to gcloud certificate-manager dns-authorizations create.

Cloud Build

  • Promoted gcloud builds connections create bitbucket-cloud, gcloud builds connections create bitbucket-data-center, gcloud builds connections update bitbucket-cloud, gcloud builds connections create bitbucket-data-center, gcloud builds triggers create bitbucket-cloud, gcloud builds triggers update bitbucket-cloud, gcloud builds triggers create bitbucket-data-center, gcloud builds triggers update bitbucket-data-center command to beta and GA.

Cloud Composer

  • Add --enable-cloud-data-lineage-integration and --disable-cloud-data-lineage-integration to gcloud composer environments create to explicitly enable or disable the integration on creations.
  • Add --enable-cloud-data-lineage-integration and --disable-cloud-data-lineage-integration to gcloud composer environments update to explicitly enable or disable the integration on updates.

Cloud Firestore Emulator

  • Release Cloud Firestore emulator v1.19.1
    • Adds support for Datastore Mode to the Firstore Emulator. Adds --database-mode flag to gcloud emulator firestore start command. Note that this is a preview feature and if you find any bugs, please file them here: https://github.com/firebase/firebase-tools/issues.

Cloud Functions

Cloud Infrastructure Manager

  • Added --file flag to gcloud infra-manager previews export to download export artifacts to a custom file name or by default to files named preview if one is not provided.

Cloud NetApp

  • Added --large-capacity and --multiple-endpoints flag to gcloud beta netapp volumes {create}.

Cloud Run

  • Added firestore integration type to gcloud alpha/beta run integrations command groups.

Cloud TPU

  • Fixed race condition bug in SSH and SCP commands that may affect large TPUs.

Compute Engine

  • Promoted --security-profile-group and --[no-]tls-inspect flags for gcloud compute [network-]firewall-policies rules [create|update] to v1.

Database Migration

  • Added heterogeneous migration job update filter and commit id support via gcloud database-migration migration-jobs update.

Kubernetes Engine

  • Updated default kubectl from 1.27.9 to 1.26.13.
  • Additional kubectl versions:
    • kubectl.1.26 (1.26.13)
    • kubectl.1.27 (1.27.10)
    • kubectl.1.28 (1.28.6)
    • kubectl.1.28 (1.29.1)
  • Added --enable-queued-provisioning flag to gcloud container node-pools update for enabling queued provisioning on existing node pools. For more information see https://cloud.google.com/kubernetes-engine/docs/how-to/provisioningrequest.
  • Made --enable-queued-provisioning GA in gcloud container node-pools create. For more information see https://cloud.google.com/kubernetes-engine/docs/how-to/provisioningrequest.
  • Added --enable-cilium-clusterwide-network-policy flag to gcloud container clusters create and gcloud container clusters update.
  • Promoted gcloud container binauthz policy evaluate to beta.
  • Updated help text for --services-ipv4-cidr, --create-subnetwork, --cluster-secondary-range-name, --services-secondary-range-name options to have consistent text noting the requirement of --enable-ip-alias option for gcloud container create.
  • Updated help text for --services-ipv4-cidr, --create-subnetwork, --cluster-secondary-range-name, --services-secondary-range-name options to remove the note requiring --enable-ip-alias option for gcloud container create-auto. Autopilot clusters always use alias IPs for pods, so --enable-ip-alias option is always set for create-auto and cannot be specified by the user.

Security Command Center

  • Fixed issue that caused gcloud scc muteconfigs update to crash when an --update-mask is provided.
  • Promoted management api gcloud scc manage ... commands to GA.

Service Extensions

  • Promoted gcloud service-extensions lb-route-extensions and gcloud service-extensions lb-traffic-extensions to GA.

Vmware Engine

  • Added --vmware-engine-network-project flag to gcloud vmware network-peerings create to allow peering with VMware Engine network of different project.
  • Expanded logging server gcloud vmware private-clouds logging-servers capabilities with TLS, RELP, and SSL protocol support.

Workbench

  • Added gcloud workbench instances resize-disk to update workbench instances disk size.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

464.0.0 (2024-02-13)

Google Cloud CLI

  • Introduced ACCOUNT as a positional parameter to gcloud auth application-default login. This parameter can be used to specify the account that should be used for creating application default credentials.

Bare Metal Solution

  • Promoted gcloud bms os-images describe to GA.

Cloud Run

  • Added --no-default-url to gcloud beta run deploy and gcloud beta run services update which allows disabling the default service URL. This may be useful in combination with the internal and internal-and-cloud-load-balancing ingress settings where the default http ingress point is not desired.

Cloud TPU

  • Promoted --spot flag of gcloud compute tpus tpu-vm create to GA.

Cloud Workstations

  • Adding global fallback to gcloud workstations list, gcloud workstations list-usable, gcloud workstations configs list, and gcloud workstations cluster list commands. This allows the command to be used without any resource flags to list all of the specified resources under a project. It can also be used with a subset of the previously required flags for more granular results e.g. gcloud workstations list --cluster=cluster-1 --region=us-central1 list all workstations in 'us-central1' that use a configuration created under the 'cluster-1' cluster.
  • Adding --disable-ssh-to-vm flag to gcloud workstations configs to disallow SSH access to the workstations root VM.

Compute Engine

  • Promoted --stack-type flag of compute interconnects attachments partner create to beta. Flag defines the stack type of partner interconnect attachment.
  • Promoted --stack-type flag of compute interconnects attachments partner update to beta. Flag defines the stack type of interconnect attachment.

Notebooks

  • Added tags flag to notebook instances.
  • Fixed a bug where vm-image defaults are not populated when no environment flags are specified.

Pubsub Emulator

  • Add support for push payload unwrapping (no_wrapper).

Secure Source Manager

  • Added gcloud source-manager command group which includes gcloud source-manager instances, gcloud source-manager locations, gcloud source-manager operations to beta.

Security Command Center

  • Fixed issue that caused gcloud scc muteconfigs update to crash when an --update-mask is provided.

Workbench

  • Fixed boolean flags --shielded-secure-boot, --shielded-vtpm, and --shielded-integrity-monitoring in gcloud workbench instances commands always parsing as true.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

463.0.0 (2024-02-06)

AlloyDB

  • Added option for --cpu-count=128 in instances create and instances update commands.

Cloud Deploy

  • Added IAM policy commands to gcloud deploy custom-target-types.

Cloud Functions

  • Changed gcloud alpha functions deploy and gcloud beta functions deploy to deploy new functions via Cloud Functions (2nd gen) by default. 1st gen functions can still be created by specifying --no-gen2 or by setting the functions/gen2 property to off. This change will be applied in the GA release track in a future release.

Cloud Run

  • Promoted --container flag of gcloud run deploy and gcloud run services update to GA to allow deploying multi-container Services.

Cloud SQL

  • Fixed and added back support for parallel import and export.

Cloud Workflows

  • gcloud workflows run to avoid backlogging the execution when the

Cloud Workstations

  • Adding a region column to the tables in gcloud workstations list, gcloud workstations list-usable, gcloud workstations configs list, and gcloud workstations clusters list.

Compute Engine

  • Added support of flags to --detection-load-threshold, detection-absolute-qps, detection-relative-to-baseline-qps, and traffic-granularity-configs to gcloud compute security-policies add-layer7-ddos-defense-threshold-config in alpha/beta.
  • Added gcloud compute instance-groups managed resize-requests which provides capability to create, describe, list, cancel, and delete resize requests in a zonal MIG to beta.
  • Promoted --existing-reservation flag of gcloud compute commitments create to GA.

GKE Hub

  • Promoted Fleet operations commands to beta and GA.
    • Promoted gcloud container fleet operations describe to beta and GA.
    • Promoted gcloud container fleet operations list to beta and GA.
    • Promoted gcloud container fleet operations wait to beta and GA.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

462.0.1 (2024-01-31)

Cloud SQL

  • Rolled back gcloud support for parallel import and export as it was breaking default behavior for the customers.

Cloud Workflows

  • Added --disable-concurrency-quota-overflow-buffering flag to concurrency quota is exhausted.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

462.0.0 (2024-01-30)

Google Cloud CLI

  • Updated linux bundled python for the gcloud CLI to 3.11.7.
  • Updated pip package to version 23.3.2.

Binauthz

  • Updated gcloud container binauthz attestations create and sign-and-create to make --attestor optional, allowing creation of attestations on a specified --note. Note that --validate can only be used with --attestor.

Cloud Asset Inventory

  • Promoted Cloud assets analysis commands gcloud asset analyze-org-policies, gcloud asset analyze-org-policy-governed-containers and gcloud asset analyze-org-policy-governed-assets to GA.

Cloud DNS

  • Added support to allow importing RecordSets with routing policies from YAML.

Cloud Dataflow

  • Added dataflow yaml command gcloud beta dataflow yaml run.

Cloud Pub/Sub

  • Promoted --message-storage-policy-enforce-in-transit flag of gcloud pubsub topics create and gcloud pubsub topics update to GA. This allows users to enable enforcement for in-transit guarantees.

Cloud Run

  • Reverted regionalized builds for Cloud Run source deploys.
  • Add --service-account flag to specify deployment service account for Cloud Run integrations deployments.

Cloud SQL

  • Added support for parallel import and export.

Cloud Speech API

  • Added telephony and telephony_short options for gcloud ml speech <recognize | recognize-long-running> --model flag.

Cloud TPU

  • Promoted --queue-count flag of gcloud compute tpus tpu-vm create to GA.

Cloud Workflows

  • Added --disable-concurrency-quota-overflow-buffering flag to gcloud workflows execute to avoid backlogging the execution when the concurrency quota is exhausted.

Compute Engine

  • Promoted gcloud compute networks subnet --reserved-internal-ranges to GA.
  • Promoted gcloud compute networks subnet --secondary-range_with-reserved-internal-ranges to GA.

Database Migration

  • Added gcloud database-migration migration-job demote-destination which allows demoting the destination of a migration job.
  • Added alloydb-cluster flag to gcloud database-migration connection-profiles to allow creating connection profiles that link to existing AlloyDB clusters.

Distributed Cloud Edge

  • Added --offline-credential flags to gcloud edge-cloud container clusters get-credentials command to retrieve the credential used under disconnectivity to Google.
  • Added --release-channel argument to gcloud edge-cloud container clusters update to allow updating release channel for local control plane clusters.

Kubernetes Engine

  • Promoted --enable-fqdn-network-policy flag to gcloud container clusters create and gcloud container clusters update.

Security Command Center

  • Renamed gcloud alpha scc securityposture-operations command group to gcloud alpha scc posture-operations.
  • Also, promoted the above renamed command group gcloud alpha scc posture-operations to GA as gcloud scc posture-operations.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

461.0.0 (2024-01-23)

Breaking Changes

AlloyDB

  • Added flag --assign-inbound-public-ip to enable or disable public IP for an instance to the following commands in the alpha and beta track:

    • gcloud alloydb instances create
    • gcloud alloydb instances update
  • Added flag --authorized-external-networks to set a list of authorized external networks on an instance to gcloud alloydb instances update in the alpha and beta track.

Batch

  • Promoted Batch submit job config YAML support from alpha to beta and GA.

Binauthz

  • Updated gcloud container binauthz attestations list, create, and sign-and-create commands to support image URLs with both a tag and a digest. Attestations with these URLs are supported only in Continuous Validation with check-based policies for GKE.

Cloud Functions

Cloud Storage

  • Updated gcloud storage sign-url to allow using impersonation specified through configuration.

Cloud Workstations

  • Added --local-host-port flag to the workstations ssh command.

Compute Engine

  • Promoted --confidential-compute-type=TDX flag of gcloud compute instances create to beta.
  • Added IPV6_ONLY option to --stack-type flag of gcloud beta compute vpn-gateways create command to create an IPv6-only VPN gateway.
  • Promoted --location flag of gcloud compute connect-to-serial-port to GA.
  • Updated behaviour of gcloud instances delete: it will throw error if instance.delete operation takes more than 70 minutes instead of 30 minutes previously.

Distributed Cloud Edge

  • Added IPv6 support for --ip-address flag of gcloud edge-cloud networking routers add-interface subcommand.

Kubernetes Engine

  • Restored original maximum argument to --max-nodes-per-pool flag of gcloud container clusters create from 2000 to 1000, as this unintentionally changed the default value.

Recaptcha

  • Add gcloud recaptcha firewall-policies reorder command.

Security Command Center

  • Promoted gcloud scc postures commands to GA.
  • Promoted gcloud scc posture-templates commands to GA.
  • Promoted gcloud scc posture-deployments commands to GA.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

460.0.0 (2024-01-17)

Cloud Bigtable

  • Rebuilt cbt cli with golang.org/x/crypto version 0.17.0 which fixed CVE-2023-48795.

Cloud Bigtable Emulator

  • Rebuilt cbt cli with golang.org/x/crypto version 0.17.0 which fixed CVE-2023-48795.

Cloud Billing

  • Added ownership-scope flag to gcloud billing budget CLI to select scope of ownership for a budget.

Cloud Domains

Cloud Functions

  • Hid --gen2 flag in gcloud functions add-iam-policy-binding, gcloud functions add-invoker-policy-binding, gcloud functions call, gcloud functions delete, gcloud functions describe, gcloud functions get-iam-policy, gcloud functions remove-iam-policy-binding, gcloud functions remove-invoker-policy-binding, and gcloud functions set-iam-policy-binding. The --gen2 flag is unnecessary for these commands and will eventually be removed from them in a future release.

Cloud Healthcare

  • Added gcloud healthcare dicom-stores metrics command which allows users to retrieve metrics associated with a DICOM store.

Cloud Monitoring

  • Promoted gcloud monitoring uptime commands to beta and GA.

Cloud Org Policy

  • Update the error message that mentions the 'update-mask' flag name incorrectly.

Cloud Run

  • Reverted regionalized builds for Cloud Run source deploys.

Cloud SQL

  • Added -i flag to provide the instance for gcloud sql generate-login-token command.

Cloud Workstations

  • Added --disable-tcp-connections flag to gcloud workstations configs` to support disabling plain TCP connections in workstations.

Dataproc Diagnose

  • Added --tarball-access flag to gcloud dataproc clusters diagnose for enabling Google support to access the diagnostic tar file, which supports the following values:-
    1. GOOGLE_DATAPROC_DIAGNOSE : This value transfers the tar file automatically to Google support.
    2. GOOGLE_CLOUD_SUPPORT : This flag doesn't transfer the tar file automatically to Google support but provides the necessary read access for Google support to read or download the tar file.
  • Added --start-time and --end-time flags to gcloud dataproc clusters diagnose to specify a time range, in %Y-%m-%dT%H:%M:%S.%fZ format, for the collection of diagnostic data within this timeframe.
  • Added --job-ids flag to gcloud dataproc clusters diagnose to collect job driver, Spark event, YARN application, and Sparklens output logs, in addition to the default log files, for a specified comma-separated list of dataproc job IDs.
  • Added --yarn-application-ids flag to gcloud dataproc clusters diagnose to collect job driver, Spark event, YARN application, and Sparklens output logs in addition to the default log files, for a specified comma-separated list of YARN application IDs.

Eventarc

  • Deprecated gcloud beta eventarc. Users are expected to use gcloud eventarc instead.

Identity and Access Management

  • Added --include-deny flag to gcloud projects get-ancestors-iam-policy and gcloud resource-manager folders get-ancestors-iam-policy to specify if it should return deny policies on the hierarchy.

Immersive Stream

  • Added --mode flag to gcloud immersive-stream xr instances create to allow specifying 3D/AR or 3D-only experience modes.
  • Added --gpu-class flag to gcloud immersive-stream xr instances create to allow specifying the type of underlying GPU used by the stream instance.

Network Security

  • In gcloud network-security firewall-endpoint-associations create, the ASSOCIATION_ID argument is no longer mandatory, and a UUID will be auto-generated on the server if not specified.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

459.0.0 (2024-01-09)

Google Cloud CLI

  • Removed the warning about --update-adc deprecation.

AI

  • Added --notification-channels flag to gcloud ai model-monitoring-jobs create|update to allow sending alerts to notification channels.

App Engine

Assured Workloads

  • Promote assured workloads enable-resource-monitoring to GA.

Binauthz

  • Updated gcloud container binauthz attestations create to make --attestor optional, allowing creation of attestations on a specified --note. Note that --validate can only be used with --attestor.

Cloud Composer

  • Fixed gcloud beta composer environments list-upgrades for Composer 2 environments.
  • Added --enable-logs-in-cloud-logging-only flag to gcloud composer environments create to enable writing and reading task logs only from cloud logging and disable using gcs buckets for logs.
  • Added --disable-logs-in-cloud-logging-only flag to gcloud composer environments create to disable writing and reading task logs only from cloud logging and disable using gcs buckets for logs.
  • Added --enable-logs-in-cloud-logging-only flag to gcloud composer environments update to enable logs in cloud logging only feature for environments.
  • Added --disable-logs-in-cloud-logging-only flag to gcloud composer environments update to disable logs in cloud logging only feature for environments.

Cloud Datastore

  • Promoted --database flag of gcloud datastore indexes create command to beta.
  • Promoted --database flag of gcloud datastore indexes create command to GA.

Cloud Firestore

  • Promoted firestore databases delete to beta.
  • Promoted firestore databases delete to GA.
  • Promoted --delete-protection and --no-delete-protection flag of gcloud firestore databases create and gcloud firestore databases update command to beta.
  • Promoted --delete-protection and --no-delete-protection flag of gcloud firestore databases create and gcloud firestore databases update command to GA.

Cloud Functions

  • Fixed file check issue with gcloud functions deploy for gradle-based Java deployments.
  • Added --build-service-account flag to gcloud beta functions deploy for 2nd Gen functions to alpha and beta.

Cloud Memorystore

  • Allowed using project numbers in command arguments.

Cloud Org Policy

  • Updated etag field in the output of gcloud org-policies list command to show a top-level etag which better reflects the current state of the policy.
  • Added --etag to gcloud org-policies delete to support etag on policy deletion that will ensure the client has an up-to-date value before proceeding.

Cloud Run

  • add --add-volume, --remove-volume and --clear-volumes flags to gcloud beta run deploy, gcloud beta run services update, gcloud beta run jobs deploy, and gcloud beta run jobs update to support managing volumes in your Cloud Run Services and Jobs.
  • add -add-volume-mount, --remove-volume-mount, and --clear-volume-mount flags to gcloud beta run deploy, gcloud beta run services update, gcloud beta run jobs deploy, and gcloud beta run jobs update to support mounting volumes within containers.

Cloud SQL

  • Rename the positional argument of gcloud sql backups restore command from BACKUP_ID to ID.
  • Allowed using project numbers in command arguments.

Cloud Services

  • Promoted gcloud services vpc-peerings get-vpc-service-controls to GA.

Cloud Workstations

  • Added --domain flag to gcloud workstations clusters to enable using custom domains.

Compute Engine

  • Promoted --server-tls-policy and --clear-server-tls-policy for gcloud compute target-https-proxies create and gcloud compute target-https-proxies update to beta.

Compute Firewall Policy Rules

  • Fixed issue where gcloud firewall-policies rules update didn't allow clearing list fields.
  • Fixed issue where gcloud firewall-policies rules update set disabled and enabledLogging to false if it was not specified by the user.
  • Fixed issue where gcloud beta firewall-policies rules update and gcloud beta network-firewall-policies rules update required providing --security-profile-group even if it was not changed.
  • Fixed issue where gcloud beta firewall-policies rules update and gcloud beta network-firewall-policies rules update didn't allow clearing securityProfileGroup (--security-profile-group='').

Database Migration

  • Added MySQL_8_0_35 minor version option when creating Cloud SQL connection profile using gcloud database-migration connection-profiles create cloudsql command.

Kubernetes Engine

  • Updated default kubectl from 1.27.8 to 1.27.9.
  • Additional kubectl versions:
    • kubectl.1.24 (1.24.17)
    • kubectl.1.25 (1.25.16)
    • kubectl.1.26 (1.26.12)
    • kubectl.1.27 (1.27.9)
    • kubectl.1.28 (1.28.5)
    • kubectl.1.28 (1.29.0)
  • Added --enable-secret-manager flags to gcloud container clusters create, gcloud container clusters create-auto and gcloud container clusters update in alpha and beta.
  • Deprecated --dataplane-v2-observability-mode flag of gcloud container clusters create|update|create-auto command. Users are expected to use --enable-dataplane-v2-flow-observability and --disable-dataplane-v2-flow-observability flags now.
  • Increased maximum argument to --num-nodes flag of gcloud container clusters create from 1000 to 2000.

Network Services

  • Updated gcloud network-services gateways to show a new ipVersion field for v1 version.
  • Added envoyHeaders field to gcloud network-services <meshes|gateways> <import|export|describe> commands to inject envoy internal debug headers into upstream requests.
  • Added idleTimeout field to gcloud network-services <http-routes|grpc-routes|tcp-routes|tls-routes> <import|export|describe> to configure idle timeouts for the upstream and downstream connections.
  • Added mirrorPercent to gcloud network-services http-routes <import|export|describe> to configure fractional mirror percentage.
  • Added directResponse to gcloud network-services http-routes <import|export|describe> which returns a static HTTP response for all requests.
  • Added requestHeaderModifier to gcloud network-services http-routes <import|export|describe> to modify request headers to a particular destination.
  • Added responseHeaderModifier to gcloud network-services http-routes <import|export|describe> to modify response headers from a particular destination.

Service Directory

  • Allowed using project numbers in command arguments.

Transcoder

  • Allowed using project numbers in command arguments.

telco automation

  • Promoted gcloud telco-automation orchestration-cluster to GA.
  • Promoted gcloud telco-automation operations to GA.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

458.0.1 (2023-12-20)

Google Cloud CLI

  • Fixed error 'ython'' is not recognized as an internal or external command, operable program or batch file. when updating gcloud on Windows.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

458.0.0 (2023-12-19)

Breaking Changes

  • (Compute Engine) Updated behaviour of gcloud instances stop: it will not throw error if
  • (Compute Engine) instance gets deleted during polling on the stopping operation.
  • (GKE Hub) Changed output of gcloud container fleet memberships list to display the UUID of the memberships instead of external_id. The external_id is still available in the json-formatted output.

Google Cloud CLI

  • Updated cryptography package to version 41.0.7.

App Engine

  • Updated the Go SDK to version 1.9.76. Please visit the following release notes for details: https://cloud.google.com/appengine/docs/go/release-notes.
  • Promoted command gcloud app runtimes list --environment=standard to GA. The command displays the runtimes for the App Engine standard environment.

BigQuery

  • Fixed a bug in 2.0.99 and 2.0.100 that causes any command to fail if initialization is required.

Cloud Bigtable

  • Adds reversed flag to cbt read command to enable reverse scans.
  • Rebuild with golang 1.21.5.

Cloud Bigtable Emulator

  • Rebuild with golang 1.21.5.

Cloud Run

  • Promoted --condition flag for gcloud run services {add,remove}-iam-policy-binding from alpha to beta.
  • Enabled --cpu-boost by default for run deploy on new services if not otherwise specified.

Cloud Services

  • Promoted gcloud services vpc-peerings get-vpc-service-controls to beta.

Compute Engine

  • Promoted --with-extended-notifications flag of gcloud compute instances simulate-maintenance-event to beta and GA.
  • Promoted --confidential-compute flag of gcloud compute disks create to GA.
  • Promoted --create-disk=confidential-compute for gcloud compute instances create to GA.
  • Promoted Instance API Perform Maintenance to beta and GA.

Kpt

  • Updated kpt in Google Cloud CLI from 1.0.0-beta.48 to 1.0.0-beta.49.

Kubernetes Engine

  • gcloud container clusters create and gcloud container clusters update now allow multiple binauthz policies to be bound to a cluster using --binauthz-policy-bindings.
  • Updated default kubectl from 1.27.7 to 1.27.8.
  • Additional kubectl versions:
    • kubectl.1.24 (1.24.17)
    • kubectl.1.25 (1.25.16)
    • kubectl.1.26 (1.26.11)
    • kubectl.1.27 (1.27.8)
    • kubectl.1.28 (1.28.4)
  • Added enterprise option to --workload-vulnerability-scanning flag of gcloud container clusters create|update|create-auto commands to enable Advanced vulnerability insights mode in the GA track.
  • Promote --in-transit-encryption flag to gcloud container clusters create and gcloud container clusters update to GA.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

457.0.0 (2023-12-12)

Breaking Changes

  • (Network Actions) Removed network-actions surface.

Google Cloud CLI

  • Added deprecation warning to gcloud components restore. To revert gcloud to a previous version, please run gcloud components update --version=<previous_version>.

AI

  • Added --container-deployment-timeout-seconds flag to gcloud ai models upload and gcloud beta ai models upload.
  • Added --container-shared-memory-size-mb flag to gcloud ai models upload and gcloud beta ai models upload.
  • Added --container-startup-probe-exec flag to gcloud ai models upload and gcloud beta ai models upload.
  • Added --container-startup-probe-period-seconds flag to gcloud ai models upload and gcloud beta ai models upload.
  • Added --container-startup-probe-timeout-seconds flag to gcloud ai models upload and gcloud beta ai models upload.
  • Added --container-health-probe-exec flag to gcloud ai models upload and gcloud beta ai models upload.
  • Added --container-health-probe-period-seconds flag to gcloud ai models upload and gcloud beta ai models upload.
  • Added --container-health-probe-timeout-seconds flag to gcloud ai models upload and gcloud beta ai models upload.
  • Added --container-grpc-ports flag to gcloud ai models upload and gcloud beta ai models upload.

Anthos Multi-Cloud

  • Added gcloud container aws node-pools rollback to rollback failed AWS node pool update operations. This allows customers to revert the node pool back to its original state.

App Engine

BigQuery

  • Added the ability to update table tags by using add_tags, remove_tags and clear_all_tags.

Certificate Manager

  • Added command certificate-manager trust-configs update.

Cloud Composer

  • Add --disable-cloud-data-lineage-integration to gcloud composer environments create (alpha and beta) to explicitly disable the integration.

Cloud Deploy

  • Added gcloud deploy custom-target-types command group.

Cloud Functions

  • Added --runtime-update-policy flag to gcloud beta functions deploy for 1st Gen functions to alpha and beta.
  • Added --runtime-update-policy flag to gcloud functions deploy for 1st Gen functions to GA.

Cloud Logging

  • Allow for using the logging feature with protocol SSL in gcloud compute backend-services create and gcloud compute backend-services update.

Cloud Pub/Sub

  • Promoted --use-table-schema flag of gcloud pubsub subscriptions [create|update] to GA. This option allows Pub/Sub to use the schema of the BigQuery table to write the fields of a JSON message to the corresponding columns.

Cloud Services

  • Promoted gcloud services api-keys undelete to GA.

Compute Engine

  • Added support for version=23.10 and short-name=ubuntu in --os-types for gcloud beta compute instances ops-agents policies [create|update].
  • Promoted gcloud compute instances set-name command to GA.
  • Promoted --recaptcha-action-site-keys and --recaptcha-session-site-keys in gcloud compute security-policies rules create|update to GA.
  • Added tls-ja3-fingerprint and user-ip as valid rate limit key types in gcloud compute security-policies rules.

Distributed Cloud Edge

  • Made flag --ipv4-range optional for gcloud edge-cloud networking subnets create.

GKE Hub

  • Promoted gcloud container fleet clusterupgrade and gcloud container hub clusterupgrade to beta and GA.

Kubernetes Engine

  • gcloud container clusters create and gcloud container clusters update now allow multiple binauthz policies to be bound to a cluster using --binauthz-policy-bindings.
  • Added --autoprovisioning-resource-manager-tags flag to gcloud container clusters create, gcloud container clusters create-auto and gcloud container clusters update in GA track.
  • Added --resource-manager-tags flag to gcloud container clusters create, gcloud container node-pools create and gcloud container node-pools update in GA track.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

456.0.0 (2023-12-05)

Breaking Changes

  • (AlloyDB) Modified gcloud alloydb instances update to be asynchronous by default. Use
  • (AlloyDB) --no-async flag to get the old behavior.

Google Cloud CLI

  • Updated gcloud CLI to support Python v3.11 and v3.12.

AlloyDB

  • Added support for specifying --database-version in clusters create command in GA track.

Anthos

  • Support new flag server for gcloud anthos auth login command.
  • 'server' flag obviates the need to download login-config file.

Anthos Multi-Cloud

  • Added --proxy-secret-name and --proxy-secret-namespace flags to gcloud container attached clusters import to configure an HTTP/HTTPS proxy for outbound traffic.
  • Promoted --max-surge-update and --max-unavailable-update flags to GA (General Availability) for gcloud container aws node-pools create and gcloud container aws node-pools update commands. These flags let you specify or modify surge update parameters during node pool creation and updating.

App Engine

  • Added gcloud beta app runtimes list --environment=standard which displays the supported runtimes for App Engine Standard.

Artifact Registry

  • Added domain as a config option to use a different domain endpoint for artifacts docker.

BigQuery

  • Added python 3.12 support.
  • Added support for kms_key_name to connections.
  • Added concurrent requests when looking up IAM information.
  • Added support to show replica table information.
  • Updated quotes library used.
  • Fixed bug in cp to ensure all regions are being checked.
  • Ensured bq ls -p only displays the first page of results by default to align with other list methods.
  • Added messaging for DDL statements modifying vector indexes.
  • Improved error messaging for tag updates.
  • Added improved error messaging when project lookups are aborted.

Certificate Manager

  • Added command certificate-manager trust-configs create.

Cloud Backup DR

  • Promoted gcloud backup-dr command group which includes gcloud backup-dr management-servers, gcloud backup-dr locations and gcloud backup-dr operations to GA.

Cloud Datastore

  • Updated gcloud datastore operations list to respect a --limit set to >100.

Cloud Domains

  • Added support for disabling and enabling automatic renewal of domains using the Cloud Domains gcloud domains registrations configure management method (with the preferred-renewal-method flag or in the interactive flow).

Cloud Firestore

  • Updated gcloud firestore operations list to respect a --limit set to >100.

Cloud Healthcare

  • Added gcloud healthcare hl7v2-stores metrics which allows users to retrieve metrics associated with a HL7v2 store.

Cloud NetApp

  • Removed netapp/region as a property since netapp/location can be either region or zone depending on SO or PO.

Cloud Pub/Sub

  • Fix missing error message for commands under gcloud pubsub.

Cloud Run

  • Added the information of whether the job to be deleted has running executions to the confirm message of gcloud run jobs delete.
  • Regionalize builds for Cloud Run source deploys.

Cloud Services

  • Promoted gcloud services api-keys create to GA.
  • Promoted gcloud services api-keys delete to GA.
  • Promoted gcloud services api-keys get-key-string to GA.
  • Promoted gcloud services api-keys update to GA.

Cloud TPU

  • Promoted --update-metadata, --clear-metadata, --remove-metadata and --metadata-from-file flags of gcloud compute tpus tpu-vm update to GA.

Cloud Workstations

  • Added --enable-audit-agent flag to workstations configs create and workstations configs update.

Compute Engine

  • Promoted --confidential-compute-type flag of gcloud compute instance create to beta.
  • Promoted flag --user-ip-request-headers of gcloud compute security-policies update to GA.
  • Fixed issue where gcloud compute ssh and gcloud compute scp commands would fail on Windows when PuTTY prompted in certain situations, such as when using --plain or when connecting to an instance with OS Login 2FA enabled.
  • Fixed crash in gcloud compute diagnose routes when specifying --reverse-traceroute.
  • Promoted location flag for gcloud compute connect-to-serial-port to beta.
  • Promoted --type flag of gcloud compute routers nats create to GA.
  • Promoted --source-nat-active-ranges, --source-nat-active-ranges-region, --source-nat-drain-ranges, --clear-source-nat-drain-ranges and --source-nat-drain-ranges-region flags of gcloud compute routers nats rule update to GA.
  • Promoted --source-nat-active-ranges and --source-nat-active-ranges-region flags of gcloud compute routers nats rule create to GA.
  • Promoted new allowed value: PRIVATE_NAT for --purpose flag of gcloud compute networks subnets create to GA.
  • Promoted new :ALL range option for subnets passed to --nat-custom-subnet-ip-ranges flag of gcloud compute routers nats (create|update) to GA.

Compute Firewall Rules

  • Added --export-terraform-script flag to gcloud compute firewall-rules migrate to prepare a terraform script for migrated Network Firewall Policy.
  • Added disabled column to default view of gcloud compute networks get-effective-firewalls and gcloud compute network-firewall-policies get-effective-firewalls.

Database Migration

  • Updated gcloud database-migration to show error details on command failure when used with --no-async flag.
  • Adding support for choosing Alloy DB database version using --database-version flag in gcloud database-migration connection-profiles create alloydb.

GKE Hub

  • Promoted gcloud container fleet dataplane-v2-encryption {describe, disable, enable} to GA.
  • Added property pod-affinity to gcloud container fleet policycontroller deployment set and gcloud container fleet policycontroller deployment remove so that users can configure high availability on Policy Controller deployments.
  • Added --binauthz-evaluation-mode flag to gcloud container fleet create, gcloud container fleet update in alpha, beta and GA track.
  • Added --binauthz-evaluation-mode flag to gcloud container hub create, gcloud container hub update in alpha, beta and GA track.
  • Added --binauthz-policy-bindings flag to gcloud container fleet create, gcloud container fleet update in alpha, beta and GA track.
  • Added --binauthz-policy-bindings flag to gcloud container hub create, gcloud container hub update in alpha, beta and GA track.

Kpt

Kubernetes Engine

  • Added --enable-dataplane-v2-flow-observability and --disable-dataplane-v2-flow-observability flags for toggling DPv2 Flow Observability feature.

Network Security

  • Add --billing-project required flag to gcloud network-security firewall-endpoints create command to provide Google Cloud project ID for API enablement check, quota, and endpoint uptime billing.
  • Add --update-billing-project flag to gcloud network-security firewall-endpoints update command to update the Google Cloud project used for API enablement check, quota, and endpoint uptime billing.

Recaptcha

  • Support creating Fastly enabled site keys using recaptcha keys create --waf-service=cloudfare.

Regional Endpoints

  • Unhid regional-endpoints as a subgroup of gcloud beta networkconnectivity.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

455.0.0 (2023-11-14)

Breaking Changes

  • (Network Connectivity) Removed gcloud network-connectivity spokes accept and gcloud network-connectivity spokes reject commands. Use gcloud network-connectivity hubs accept-spoke and gcloud network-connectivity hubs reject-spoke commands instead.

Google Cloud CLI

  • Updated bundled python for the gcloud CLI to 3.11.6.
  • Updated cryptography package to version 41.0.5.
  • Updated openssl to version 3.1.4 for cryptography.

AI

  • Added more choice options to --region flag of gcloud ai custom-jobs and gcloud ai hp-tuning-jobs, including: asia-northeast2, australia-southeast2, europe-north1, europe-southwest1, europe-west8, and southamerica-west1.

App Engine

Binauthz

  • Updated gcloud container binauthz attestations list to make --attestor optional, allowing listing from any project.
  • Modified gcloud container binauthz attestations sign-and-create to allow --validate to work with --pae-encode-payload.

Cloud Bigtable

  • Fixed issue where cbt createtable would create column families with a MaxVersions(1) GC policy. As per our documentation (https://cloud.google.com/bigtable/docs/garbage-collection#everything-else), tables created by the cbt cli should retain an infinite number of versions by default.

Cloud Data Fusion

  • Added --patch_revision optional argument to
    gcloud beta data-fusion instances create to create a Cloud Data Fusion
    instance with the provided patch revision version.
  • Added --patch_revision optional argument to
    gcloud beta data-fusion instances update to perform patch revision
    update of the Cloud Data Fusion instance.

Cloud Filestore

  • Added --tier=REGIONAL flag to gcloud filestore instances create to support a regional filestore instance creation.

Cloud Functions

  • Promoted --concurrency flag of gcloud functions deploy to GA.
  • Promoted --cpu flag of gcloud functions deploy to GA.

Cloud Run

  • Promoted gcloud run jobs executions cancel to GA. This command allows cancelling a running Cloud Run job execution.

Cloud SQL

  • Added --show-sql-network-architecture and --upgrade-sql-network-architecture flags to gcloud sql instances list and gcloud sql instances patch to support New Network Architecture self upgrade for Cloud SQL.

Cloud Storage

  • Released object lock feature and per-object retention settings.
  • Added storage/multipart_chunksize and storage/multipart_threshold for adjusting settings of Boto3 client uploads via S3 or the other XML APIs.

Cloud TPU

  • Promoted --attach-disk and --detach-disk flags of gcloud compute tpus tpu-vm update to GA.

Dataproc Metastore

  • Promoted --data-catalog-sync flag of gcloud metastore services create and gcloud metastore services update to GA.

GKE Hub

  • Added --security-posture flag to gcloud container fleet create, gcloud container fleet update in alpha, beta and GA track.
  • Added --security-posture flag to gcloud container hub create, gcloud container hub update in alpha, beta and GA track.
  • Added --workload-vulnerability-scanning flag to gcloud container fleet create, gcloud container fleet update in alpha, beta and GA track.
  • Added --workload-vulnerability-scanning flag to gcloud container hub create, gcloud container hub update in alpha, beta and GA track.
  • Added support for fleet-default-member-config command to Service Mesh in alpha, beta and GA tracks.
  • Promoted --fleet-default-member-config flag of the following commands to GA:

    • gcloud container fleet identity-service enable
    • gcloud container hub identity-service enable
    • gcloud container fleet identity-service delete
    • gcloud container hub identity-service delete
  • Added --fleet-default-member-config flag to the following commands in alpha, beta, and GA tracks:

    • gcloud container fleet identity-service apply
    • gcloud container hub identity-service apply

    to modify a fleet-level default membership configuration.

  • Added --origin flag to the following commands in alpha, beta, and GA tracks:

    • gcloud container fleet identity-service apply
    • gcloud container hub identity-service apply

    to apply a fleet-level default membership configuration to a membership.

  • Added support for fleet-default-member-config command to Service Mesh in alpha, beta and GA tracks.

Kubernetes Engine

  • Fixed a bug where if --artifact-url was passed to gcloud container binauthz attestations list only attestations over the full artifact url would be returned instead of attestations over the artifact digest.

Security Command Center

  • Promoted gcloud scc custom-modules sha simulate to GA.

Vmware Engine

  • Added commands for managing new types of resources:
    • Added gcloud vmware dns-bind-permission which manages DNS bind permission resources.
    • Added gcloud vmware private-clouds dns-forwarding which manages DNS forwarding resources.
    • Added gcloud vmware network-policies external-access-rules which manages external access rule resources.
    • Added gcloud vmware private-clouds external-addresses which manages external address resources.
    • Added gcloud vmware private-clouds logging-servers which manages logging server resources.
    • Added gcloud vmware private-clouds management-dns-zone-bindings which manages management DNS zone binding resources.
    • Added gcloud vmware network-peerings which manages network peering resources.
    • Added gcloud vmware network-peering routes which manages network peering route resources.
    • Added gcloud vmware private-clouds clusters nodes which allows cluster node resources.
  • Added --type, --preferred-zone, and --secondary-zone to gcloud vmware private-clouds create command to support stretched private clouds creation.
  • Added clusterCoreCount, clusterVirtualCpuCount, clusterStorageGb and clusterMemoryGb fields in gcloud vmware private-clouds clusters describe command output.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

454.0.0 (2023-11-07)

AI

  • Added deployment-group, enable-access-logging,audiences,allowed-issuers to gcloud ai index-endpoints mutate-deployed-index.

Anthos Multi-Cloud

  • Updated container attached clusters register and container attached clusters import to check for proper deployment of the install agent before attempting to register/import.

Artifact Registry

  • Updated gcloud artifacts sbom load to have the newly created bucket have Uniform Bucket Level Access set to true.

Binauthz

  • Fixed issue with gcloud container binauthz attestations sign-and-create where --validate is not supported with --pae-encode-payload.

Certificate Manager

  • Added --update-mask flag to gcloud certificate-manager trust-configs import.

Cloud Bigtable

  • Rebuilt cbt cli with go version 1.21.3 which fixed CVE-2023-39323.

Cloud Bigtable Emulator

  • Rebuilding cbt emulator with go version 1.21.3 which fixed CVE-2023-39323.

Cloud Build

  • Added --clear-subscription-filter to gcloud builds triggers update pubsub command.

Cloud Dataproc

  • Added --min-secondary-worker-fraction flags to gcloud dataproc clusters create and gcloud dataproc clusters update.

Cloud Deploy

  • Added gcloud deploy automations and gcloud deploy automation-runs command groups.

Cloud IAM

  • Added --allowed-services flag to gcloud iam workforce-pools providers create-oidc, which allows the user to setup domains that can be accessed by users in a workforce pool.
  • Added --disable-programmatic-signin flag to gcloud iam workforce-pools providers create-oidc and gcloud iam workforce-pools providers update-oidc, which lets the administrator disable programmatic sign-in for users in a workforce pool.

Cloud Run

  • Added --container, --remove-containers, and --depends-on flags to gcloud beta run deploy and gcloud beta run services update to allow deploying and updating multi-container Services.

Cloud SQL

  • Added --cascadable-replica flag to gcloud sql instances create to enable cascadable replica creation for SQL Server.
  • Added gcloud sql instances switchover in alpha and beta to enable switchover in Cloud SQL for SQL Server.
  • Added --failover flag to gcloud sql instances promote-replica to enable unmanaged failover in Cloud SQL for SQL Server.

Cloud Storage

  • Fixed "Completed" progress count incrementing for uploads with errors.
  • Fixed an issue where --content-md5 flag was showing up for gcloud storage objects update command. MD5 Hash is a read only field so cannot be updated. Removed --content-md5 flag from the update command and removed --clear-content-md5 flag from gcloud storage {cp|mv|rsync|objects update} commands.
  • Added --autoclass-terminal-storage-class flag to gcloud storage buckets {create|update} to set the terminal storage class for Autoclass buckets.
  • Updated gsutil component to 5.27.
  • Releases soft delete feature, including restore command and various flags across other commands.
  • Removes un-implemented operations list flags: --uri and --page-size. These flags didn't do anything and there are no operations public users could have been using them on yet.

Cloud TPU

  • Promote --update-labels, --clear-labels, and --remove-labels flags of gcloud compute tpus tpu-vm update to GA.

Compute Engine

  • Promoted Standby Policy flags for gcloud compute instance-groups managed create in beta.
  • Promoted Standby Policy flags for gcloud compute instance-groups managed update in beta.
  • Promoted gcloud compute snapshot-settings to GA. Documentation of this feature is available at https://cloud.google.com/compute/docs/disks/snapshot-settings.
  • Updated enum name for --managed-protection-tier flag for gcloud compute project-info update from CAMP_PLUS_MONTHLY to CAMP_PLUS_PAYGO.
  • Added --network-user-defined-fields, --network-src-ip-ranges, --network-dest-ip-ranges, --network-ip-protocols, --network-src-ports, --network-dest-ports, --network-src-region-codes, and --network-src-asns to gcloud compute security-policies rules create|update.
  • Added gcloud compute security-policies add-user-defined-fields and gcloud compute security-policies remove-user-defined-fields commands.
  • Added --region to gcloud compute backend-services update.
  • Added --security-policy and --security-policy-region to gcloud compute instances network-interfaces update.
  • Added gcloud compute target-pools update and gcloud compute target-instances update commands.

Distributed Cloud Edge

  • Added upgrade command to gcloud edge-cloud container clusters to allow manually upgrading local control plane clusters.
  • Promoted --router to gcloud edge-cloud container vpn-connections create to allow users to define Cloud Router to use when creating the VPN connection.

GKE Hub

  • Promoted gcloud container fleet policycontroller group to GA.

Kubernetes Engine

  • Fixed issue where gcloud container clusters create-auto would prefer compute/zone over compute/region if both configs were set. Now prioritizes using compute/region.
  • Updated default kubectl from 1.27.5 to 1.27.7.
  • Additional kubectl versions:
    • kubectl.1.24 (1.24.17)
    • kubectl.1.25 (1.25.15)
    • kubectl.1.26 (1.26.10)
    • kubectl.1.27 (1.27.7)
    • kubectl.1.28 (1.28.3)
  • Added --labels flag to gcloud container clusters create-auto to enable applying labels on Autopilot clusters at creation time.

Looker

  • Added gcloud looker regions list which displays all available regions to deploy a Looker instance.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

453.0.0 (2023-10-31)

Breaking Changes

  • (Cloud Infrastructure Manager) Removed support for blueprints/location property, in favor of infra-manager/location property.

AI

  • Added --encryption-kms-key-name flag to gcloud ai indexes create to support encryption spec.

Artifact Registry

  • Added --remote-username and --remote-password-secret-version flags for artifacts repositories create and artifacts repositories update.

Cloud Build

  • Renamed Google Cloud Build to Cloud Build in the help text of gcloud builds command group.

Cloud Infrastructure Manager

  • Added infra-manager/location property to set the default Infra Manager region.

Cloud NetApp

  • Added gcloud beta netapp backup-vaults backups surface command, and made help text public.

Cloud Run

  • Added --args, --task-timeout, --tasks and --update-env-vars flags to gcloud run jobs execute to allow executing a Cloud Run job with runtime overrides.
  • Promoted --add-custom-audiences, --clear-custom-audiences, --remove-custom-audiences and --set-custom-audiences flags of gcloud run deploy and gcloud run services update to GA.

Cloud Storage

  • Added --autoclass-terminal-storage-class flag to gcloud storage buckets {create|update} to set the terminal storage class for Autoclass buckets.
  • Updated gsutil component to 5.27.
  • Fixed broken objects update clear flags.

Cloud Tasks

  • Added gcloud tasks cmek-config to [alpha|beta|GA] which enables creation of CMEK configuration for a given project in a particular location.

Cloud Workstations

  • Added --domain flag to gcloud beta workstations clusters to enable using custom domains.

Compute Engine

  • Promoted --default-action-on-vm-failure flag of gcloud compute instance-groups managed <create | update> to beta.
  • Promoted --source-disk-for-recovery-checkpoint and --source-disk-for-recovery-checkpoint-region flags of gcloud compute snapshots create to GA.

GKE Hub

  • Added policycontroller group which provides configuration commands for GKE Hub Policy Controller.

Kpt

Kubernetes Engine

  • Fixed issue where gcloud container clusters create-auto would prefer compute/zone over compute/region if both configs were set. Now prioritizes using compute/region.

Notebooks

  • Added gcloud notebooks runtimes migrate command. This command migrates a Google-Managed Notebook to a Workbench Instance.
  • Added gcloud notebooks instances migrate command. This commands migrates a User-Managed Notebook to a Workbench Instance.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

452.0.1 (2023-10-25)

Google Cloud CLI

  • gcloud will prefer using a supported version of Python if one is available on PATH.
    • This only affects environments where gcloud does not already manage a Python interpreter via bundled Python or virtualenv.
    • Currently supported versions are 3.8, 3.9, 3.10.

Cloud Storage

  • Updated gsutil component to 5.27.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

452.0.0 (2023-10-24)

AI

  • Added deployment-group, enable-access-logging,audiences,allowed-issuers to gcloud ai index-endpoints deploy-index.
  • Added enable-private-service-connect, project-allowlist, encryption-kms-key-name to gcloud ai index-endpoints create.

Anthos On-Prem

  • Renamed --upgrade-control-plane flag of gcloud container vmware clusters create and gcloud container vmware clusters update to --upgrade-policy. Promoted --upgrade-policy flag to GA.

App Engine

Artifact Registry

  • Fixed Registry URL in the output of artifacts repositories describe.

Cloud BCE App Connector

Cloud Bigtable

  • Added --priority flag to gcloud bigtable app-profiles create and gcloud bigtable app-profiles update.

Cloud Composer

  • Added --cloud-preferred-zone to gcloud composer environments create to select preferred zone for sql database creation.
  • Added --storage-bucket to gcloud composer environments create to specify the Cloud Storage bucket to be used by the environment.
  • Added --storage-bucket to gcloud beta composer environments create to specify the Cloud Storage bucket to be used by the environment.

Cloud Dataproc

  • Added --driver-required-memory-mb and --driver-required-vcores flags to gcloud dataproc jobs submit.

Cloud Domains

Cloud IAM

  • Promoted optional --recommend flag to beta for the following command:
    • gcloud iam service-account delete

Cloud NetApp

  • Added gcloud beta netapp backup-vaults surface command, and made help text public.

Cloud Resource Manager

  • Promoted optional --recommend flag to beta for the following commands:
    • gcloud projects remove-iam-policy-binding
    • gcloud projects delete

Cloud SQL

  • Support --ssl-mode flag for gcloud sql instances create and gcloud sql instances patch.

Cloud Spanner

  • Added the flags --autoscaling-min-nodes, --autoscaling-max-nodes, --autoscaling-min-processing-units, --autoscaling-max-processing-units, --autoscaling-high-priority-cpu-target and --autoscaling-storage-target to support creating an autoscaled instance in gcloud spanner instances create, or updating the autoscaling config of an instance in gcloud spanner instances update.

Cloud Storage

  • Releases storage operations command group for managing long-running operations. However, there is currently no way to create these operations.

Cloud TPU

  • Promote --add-tags, --clear-tags, and --remove-tags flags of gcloud compute tpus tpu-vm update to GA.

Cloud Workstations

  • Added config set workstations/region REGION, config set workstations/cluster CLUSTER_ID, config set workstations/config CONFIG_ID, and config set workstations/workstation WORKSTATIONS_ID commands.

Compute Engine

  • Promoted regional INTERNET_IP_PORT and INTERNET_FQDN_PORT Network Endpoint Groups in gcloud compute network-endpoint-groups to GA. Affected commands:
    • gcloud compute network-endpoint-groups create
    • gcloud compute network-endpoint-groups list-network-endpoints
    • gcloud compute network-endpoint-groups update <RESOURCE_NAME> --add-endpoint
    • gcloud compute network-endpoint-groups update <RESOURCE_NAME> --remove-endpoint
  • Promoted ENDPOINT_TYPE_MANAGED_PROXY_LB enum option of --endpoint-types flag in gcloud compute routers nats create to GA.
  • Added gcloud beta compute project-zonal-metadata for managing project zonal metadata. Documentation of this feature is available at https://cloud.google.com/compute/docs/metadata/setting-custom-metadata#set-custom-project-zonal-metadata.
  • Promoted gcloud compute network-attachments update to GA.

Firebase Test Lab

  • Increased the maximum number of test shards allowed for Arm virtual devices from 100 to 200 shards when using --num-uniform-shards or --test-targets-for-shard with gcloud firebase test android run.

Kubernetes Engine

Notebooks

  • Added gcloud notebooks runtimes migrate command. This command migrates a Google-Managed Notebook to a Workbench Instance.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

451.0.1 (2023-10-19)

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

451.0.0 (2023-10-17)

Google Cloud CLI

  • Bump cryptography to 41.0.4 and pyopenssl to 23.2.0.

App Engine

  • Enable devappserver support for Python 3.12 runtime.

Assured Workloads

  • Added --acknowledge-type flag (optional) for gcloud assured workloads violations acknowledge to acknowledge violation with type through gCloud command.

Cloud Filestore

  • Added --tier=ZONAL flag to gcloud filestore instances create to support a zonal filestore instance creation.

Cloud Run

  • Added volumes and volume mounts to gcloud run jobs describe, gcloud run jobs executions describe, and gcloud run jobs executions tasks describe.

Cloud SQL

  • Add new enum TLOG to --bak-type and added --stop-at and --stop-at-mark flag to gcloud sql import bak to support transaction log import on Cloud SQL for SQL Server.

Cloud Storage

  • Updated gcloud storage sign-url to allow using service account credentials to create signed URLs. Omit --private-key-file flag to use the active service account or account specified with --impersonate-service-account flag.

Compute Engine

  • Added SEV_LIVE_MIGRATABLE_V2 to the list of --guest-os-features for gcloud compute images create.
  • Promoted gcloud compute backend-services list-usable to GA.
  • Updated gcloud compute images import to handle exceptions in case of failure in fetching the cloud build logs.
  • Updated gcloud compute images import to check the storage permissions required for cloud build service account.

Kubernetes Engine

  • Updated default kubectl from 1.26.7 to 1.27.4.
  • Additional kubectl versions:
    • kubectl.1.23 (1.23.17)
    • kubectl.1.24 (1.24.16)
    • kubectl.1.25 (1.25.12)
    • kubectl.1.26 (1.26.7)
    • kubectl.1.27 (1.27.4)
  • Deprecate --enable-workload-config-audit, --enable-workload-vulnerability-scanning, and enable-security-posture flags in gcloud container clusters {create, create-auto, update}. The replacements for these are:
    • --enable-workload-config-audit -> --security-posture=standard
    • --enable-security-posture -> --security-posture=standard
    • --enable-workload-vulnerability-scanning -> --workload-vulnerability-scanning=standard
  • Added enterprise value to the available modes for --workload-vulnerability-scanning flag in the alpha and beta tracks.
  • Added --in-transit-encryption flag to gcloud container clusters create and gcloud container clusters update.

Service Extensions

  • New commands for service-extensions resources - LbTrafficExtensions and LbRouteExtensions.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

450.0.0 (2023-10-10)

AI

  • Promoted gcloud ai indexes upsert-datapoints and gcloud ai indexes remove-datapointsto GA.

App Engine

Cloud Bigtable

  • Rebuilt cbt cli with go version 1.21.1 which fixed CVE-2023-39319.

Cloud Bigtable Emulator

  • Rebuilding cbt emulator with go version 1.21.1 which fixed CVE-2023-29409.

Cloud Composer

  • Added --triggerer-count to gcloud composer environments create/update to specify number of Airflow triggerers.
  • Added --triggerer-cpu to gcloud composer environments create/update to specify CPU allocated to Airflow triggerer.
  • Added --triggerer-memory to gcloud composer environments create/update to specify memory allocated to Airflow triggerer.

Cloud Firestore

  • Promoted Cloud Firestore PiTR gcloud CLI changes to beta and GA.
  • Promoted --enable-pitr and --no-enable-pitr flag of gcloud firestore databases create command to GA.
  • Promoted --enable-pitr and --no-enable-pitr flag of gcloud firestore databases create command to beta.
  • Promoted --enable-pitr and --no-enable-pitr flag of gcloud firestore databases update command to GA.
  • Promoted --enable-pitr and --no-enable-pitr flag of gcloud firestore databases update command to beta.

Cloud Run

  • Show container dependencies in gcloud run services describe and gcloud run revisions describe.

Cloud Storage

  • Added option to read from stdin to ls command.

Compute Engine

  • Promoted --requested-features flag of gcloud compute interconnects create to GA.
  • Promoted gcloud compute interconnects macsec get-config to GA.
  • Promoted gcloud compute interconnects macsec update to GA.
  • Promoted gcloud compute interconnects macsec add-key to GA.
  • Promoted gcloud compute interconnects macsec remove-key to GA.
  • Promoted gcloud compute interconnects macsec update-key to GA.
  • Promoted the following flags of gcloud compute instance-groups managed create, gcloud compute instance-groups managed create-instance, and gcloud compute instance-groups managed instance-configs create to GA:
    • --stateful-internal-ip,
    • --stateful-external-ip.
  • Promoted the following flags of gcloud compute instance-groups managed update and gcloud compute instance-groups managed instance-configs update to GA:
    • --stateful-internal-ip,
    • --remove-stateful-internal-ips,
    • --stateful-external-ip,
    • --remove-stateful-external-ips.
  • Promoted --maintenance-interval flag for gcloud compute sole-tenancy node-groups create to beta.
  • Promoted gcloud compute sole-tenancy node-groups perform-maintenance to beta.
  • Promoted --delete-at-time and --delete-after-durationflags forgcloud compute reservations create|update` surfaces to beta.

Database Migration

  • Added the ability to specify an empty password when creating MySQL connection profiles using gcloud database-migration connection-profiles create mysql command.

Dataproc Metastore

  • Added --endpoint-protocol flag to gcloud metastore services update to specify the Customer-managed KMS key name to use for encrypting the Dataproc Metastore service.

Distributed Cloud Edge

  • Added --lro-timeout flag for gcloud edge-cloud container clusters node-pools create and gcloud edge-cloud container clusters node-pools create to allow specifying a custom duration for the gcloud CLI to wait on LROs.

GKE Hub

  • Fixed the issue of applying generated RBAC policies for third-party identities using the command gcloud container fleet memberships generate-gateway-rbac.

Kpt

Kubernetes Engine

  • Modified local ssd count value of --ephemeral-storage-local-ssd, --ephemeral-storage, and --local-nvme-ssd-block flags from gcloud container cluster create/update to be optional to support third generation machine types, which specifiy a static count. Pre-Gen3 behavior is unchanged.

Network Services

  • Updated gcloud network-services gateways to show a new ipVersion field for alpha version.

Workbench

  • Fixed issues with boot-disk-kms-key and data-disk-kms-key flags from gcloud workbench instances create command not working properly.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

449.0.0 (2023-10-03)

Breaking Changes

  • (Compute Engine) Modified gcloud beta compute future-reservations update to replace the paths query parameter with update_mask.

App Engine

  • Enable devappserver support for Go 1.21 runtime.

Cloud Dataproc

  • Fixed a bug that caused Instance Flexibility Policy to be disabled if a user only specified --secondary-worker-machine-types in dataproc clusters create command for the secondary workers flags.

Cloud Functions

  • Updated gcloud functions add-invoker-policy-binding and gcloud functions remove-invoker-policy-binding to support Cloud Functions (1st gen).

Cloud Run

  • Show mounted volumes in gcloud run services describe and gcloud run revisions describe.
  • Updated display format for task timeout in gcloud run jobs describe and gcloud run jobs executions describe. Timeouts larger than 1 minute will now show the duration in hours, minutes, and seconds.

Cloud Storage

  • Updated gsutil component to 5.26.
  • Resolved an issue where metadata flags were disregarded when interacting with the Google Cloud Storage and S3 XML APIs.

Cloud TPU

  • Promote --internal-ips flag of gcloud compute tpus tpu-vm update to GA.

Cloud Workstations

  • Added --service-account-scopes flag to workstations configs create and workstations configs update.

Compute Engine

  • Added --public-delegated-prefix flag to gcloud compute public-delegated-prefixes create and promoted the new flag to GA.
  • Added boot-disk-provisioned-throughput support to gcloud compute instances create and gcloud compute instance-templates create.

Distributed Cloud Edge

  • Add gcloud edge-cloud container get-server-configcommand with --location flag to get server config in target location.

Kubernetes Engine

  • Added --enable-fleet flag to gcloud container clusters create, gcloud container clusters create-auto and gcloud container clusters update in GA track.
  • Added --fleet-project flag to gcloud container clusters create, gcloud container clusters create-auto and gcloud container clusters update in GA track.
  • Added --clear-fleet-project flag to gcloud container clusters update in GA track.
  • Added --resource-manager-tags flag to gcloud container clusters create, gcloud container node-pools create, and gcloud container node-pools update to manage tags on the underlying Compute Engine VMs of GKE Nodes which can be used to selectively enforce Cloud Firewall network firewall policies.
  • Added --autoprovisioning-resource-manager-tags flag to gcloud container clusters create, gcloud container clusters create-auto, and gcloud container clusters update to manage tags on the underlying Compute Engine VMs of GKE Nodes which can be used to selectively enforce Cloud Firewall network firewall policies.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

448.0.0 (2023-09-26)

Breaking Changes

  • (Google Cloud CLI) Deprecated Python 3.5-3.7. The minimum supported Python version is Python 3.8.

Google Cloud CLI

  • Updated Mac installer to prompt to install Python 3.10.11.

Anthos On-Prem

  • Promoted gcloud container vmware admin-clusters to GA.
  • Promoted gcloud container vmware clusters to GA.
  • Promoted gcloud container vmware node-pools to GA.
  • Promoted gcloud container vmware operations to GA.
  • Promoted gcloud container bare-metal admin-clusters to GA.
  • Promoted gcloud container bare-metal clusters to GA.
  • Promoted gcloud container bare-metal node-pools to GA.
  • Promoted gcloud container bare-metal operations to GA.

App Engine

  • Fixed "https://github.com/GoogleCloudPlatform/java-docs-samples/issues/8659".

Artifact Registry

  • Improved error reporting for artifacts repositories set-cleanup-policies.
  • Added Registry URL to the output of artifacts repositories describe.
  • Added VEX_SCOPE column to gcloud artifact vulnerabilities list results.

Cloud Deploy

  • Fixed an issue where you couldn't create a release without clouddeploy.config.get permission.

Cloud Healthcare

  • Added --parser-version flag to gcloud healthcare hl7v2-stores create to enable specifying parser config version.
  • Updated gcloud healthcare hl7v2-stores list to include PARSER_VER header.

Cloud NetApp

  • Added --source-backup flag to gcloud beta netapp volumes {create,update} in order to introduce a source backup resource to restore to during disaster recovery.

Cloud Workstations

  • Added support for the replica zones flag in the beta workstations config create command.

Distributed Cloud Edge

  • Added --control-plane-kms-key flags to gcloud edge-cloud container clusters create command to allow specify a KMS key for the control plane data encryption of remote control plane clusters.
  • Fixed parsing of new cluster creation properties --system-addons-confg, --external-lb-ipv4-address-pools, --control-plane-node-count, --control-plane-machine-filter, --control-plane-shared-deployment-policy, --version, --release-channel, --version, and --release-channel.

Eventarc

  • Added destination-http-endpoint-uri, destination-http-endpoint-forward-dns-requests and network-attachment flags to gcloud eventarc triggers create as part of Eventarc integration with Message Streams.

Network Security

  • New flag to add description for Firewall Endpoint in create and update commands.

Vmware Engine

  • Deprecated --node-type-config flag from gcloud vmware private-clouds clusters update command.
  • Added --update-nodes-config and --remove-nodes-config flags in gcloud vmware private-clouds clusters update command.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

447.0.0 (2023-09-19)

Breaking Changes

  • (GKE Hub) Removed gcloud {alpha, beta} fleet namespaces. Use gcloud fleet scopes namespaces instead.
  • (GKE Hub) Removed gcloud {alpha, beta} fleet namespaces rbacrolebindings. Use gcloud fleet scopes rbacrolebindings instead.
  • (Network Connectivity) Deprecated gcloud network-connectivity spokes accept and gcloud network-connectivity spokes reject commands. Use gcloud network-connectivity hubs accept-spoke and gcloud network-connectivity hubs reject-spoke commands instead.

Google Cloud CLI

  • Improved post-processing times during gcloud components update and gcloud components install on macOS and Linux.
  • Fixed write permission check for gcloud auth enterprise-certificate-config create.

Anthos On-Prem

  • Added --vcenter-resource-pool, --vcenter-datastore, --vcenter-datacenter, --vcenter-cluster, --vcenter-folder, --vcenter-ca-cert-data, --vcenter-storage-policy-name to gcloud container vmware clusters create to specify vCenter configurations that are different from its admin cluster.

App Engine

Binauthz

  • Added flag --pae-encode-payload in command gcloud container binauthz attestations sign-and-create to generate DSSE format attestations.
  • Added flag --dsse-type in command gcloud container binauthz attestations sign-and-create to allow specifying the DSSE type for the attestations.

Cloud Dataproc

  • Added --secondary-worker-machine-types flags to gcloud dataproc clusters create.

Cloud Datastream

  • Fixed a bug updating the backfill policy of a stream.

Cloud Firestore Emulator

  • Release Cloud Firestore emulator v1.18.2
    • Remove nanosecond precision of event timestamp in the Firestore eventarc integration(2nd gen).
    • Fix a bug to make emulator consistent with production for queries.

Cloud Memorystore

  • Updated gcloud memcache instances create command to include MEMCACHE_1_6_15 as an allowed value for memcached-version flag.
  • Promoted the command gcloud memcache instances upgrade to GA.

Cloud NetApp

  • Fixed a crash when creating NetApp snapshots, backup policies, backup vaults.

Cloud Storage

  • Added the storage/parallel_composite_upload_prefix config option, which allows adjusting the paths of temporary components created during composite uploads.

Cloud TPU

  • Promote gcloud compute tpus tpu-vm update command and its --description flag to GA.

Compute Engine

  • Promoted --purpose=global-managed-proxy flag of gcloud compute networks subnets create to GA.

  • Added 'STANDARD_WITH_GRAPHQL' enum value to gcloud compute security-policies update --json-parsing and promoted it to beta.

  • Added specific-then-any-reservation and specific-then-no-reservation to the flag --reservation-affinity for alpha and beta in:

    • gcloud compute instances create
    • gcloud compute instances bulk create
    • gcloud compute instances-templates create

Database Migration

  • Added POSTGRES_15 database version option for --database-version flag to database-migration connection-profiles create cloudsql.
  • Added server side SSL support using --ca-certificate flag in database-migration connection-profiles create oracle.
  • Added oracle connection update support via database-migration connection-profiles update oracle.

Kpt

  • Updated kpt in Google Cloud CLI from 1.0.0-beta.43 to 1.0.0-beta.44.

Kubernetes Engine

  • Added --enable-backup-restore flag to gcloud container clusters create-auto to allow enabling Backup for GKE agent on Autopilot clusters at creation time.

Network Connectivity

  • Added gcloud network-connectivity hubs accept-spoke and gcloud network-connectivity hubs reject-spoke commands.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

446.0.1 (2023-09-14)

Cloud Run

  • Fixed race condition where tags could go to different Revisions than expected

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

446.0.0 (2023-09-12)

AlloyDB

  • Added the ability to specify a backup or source cluster using its full resource path when creating a restored cluster. This enables restoring across projects.

Anthos Multi-Cloud

  • Added --instance-type flag to gcloud container aws node-pools update to update the EC2 instance type of node pool nodes.

BigQuery

  • Added --external_source flag for dataset creation.
    • Updated bq show to display tags on a table.
    • Fixed an issue where a command could fail with little to no messaging. Other uncaught cases will need --debug_mode to get more information.
    • Fixed a bug when updating kms_key_name on a connection.
    • Improved logging for discovery doc load and authentication.
    • Utilized new python features with breaking changes for python 2.

Certificate Manager

  • Promoted gcloud certificate-manager trust-configs delete to GA.
  • Promoted gcloud certificate-manager trust-configs describe to GA.
  • Promoted gcloud certificate-manager trust-configs export to GA.
  • Promoted gcloud certificate-manager trust-configs import to GA.
  • Promoted gcloud certificate-manager trust-configs list to GA.

Cloud Billing

  • Added filter-resource-ancestors flag to gcloud billing budget CLI to include folders and organizations filter.

Cloud Composer

  • Added maintenance window flags for environment update:
    • --maintenance-window-start
    • --maintenance-window-end
    • --maintenance-window-recurrence
    • --clear-maintenance-window.

Cloud Dataplex

  • Added snake case support for dataplex datascans spec file.

Cloud Filestore

  • Updated --capacity flag description with High Scale tier capacity range.

Cloud Monitoring

  • Updated the format of gcloud beta monitoring metrics-scopes list <PROJECT_ID> to gcloud beta monitoring metrics-scopes list projects/<PROJECT_ID>.
  • Updated the format of gcloud beta monitoring metrics-scopes create <PROJECT_ID> to gcloud beta monitoring metrics-scopes create projects/<PROJECT_ID>.
  • Updated the format of gcloud beta monitoring metrics-scopes delete <PROJECT_ID> to gcloud beta monitoring metrics-scopes delete projects/<PROJECT_ID>.

Cloud NetApp

  • Add Standard service level to gcloud (alpha|beta) netapp storage-pools command group.
  • Removed explicit check on --volume in gcloud netapp volumes replications stop command.

Compute Engine

  • Added support for --cloudbuild-service-account flag for:

    • gcloud compute images import in GA;
    • gcloud compute instances import in GA;
    • gcloud compute machine_images import in GA.
  • Added alpha and beta versions of a new API named snapshot settings. Documentation of this feature will be available at https://cloud.google.com/compute/docs/disks/snapshot-settings following shortly after the release of this version of gcloud CLI.

Distributed Cloud Edge

  • Added --version and --release-channel flags to gcloud edge-cloud container clusters create command to allow specifying the cluster version and release channel.
  • Promoted --system-addons-confg, --external-lb-ipv4-address-pools, --control-plane-node-count, --control-plane-machine-filter, --control-plane-shared-deployment-policy, --version, and --release-channel flags from ALPHA to GA.

Network Security

  • Promoted gcloud network-security server-tls-policies delete to GA.
  • Promoted gcloud network-security server-tls-policies describe to GA.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

445.0.0 (2023-09-06)

Breaking Changes

  • (GKE Hub) Removed --security-posture and --workload-vulnerability-scanning flags of gcloud container fleet and gcloud beta container fleet.
    • --security-posture and --workload-vulnerability-scanning flags are not supported yet.
  • (GKE Hub) Updated anthos-support and users flags to be mutually exclusive in adding groups support to gcloud container fleet memberships generate-gateway-rbac command.

Google Cloud CLI

  • Fixed issue where the gcloud CLI would crash on unknown platforms.
  • Added a warning that --update-adc is now deprecated for 1st-party user credentials and replaced by gcloud auth application-default login.

Anthos Multi-Cloud

  • Promoted --enable-autorepair and --no-enable-autorepair of gcloud container aws node-pools create to GA.
  • Promoted --enable-autorepair and --no-enable-autorepair of gcloud container aws node-pools update to GA.
  • Promoted --enable-autorepair and --no-enable-autorepair of gcloud container azure node-pools create to GA.
  • Promoted --enable-autorepair and --no-enable-autorepair of gcloud container azure node-pools update to GA.
  • Added --admin-groups flag to gcloud container aws clusters create for setting groups as admins.
  • Added --admin-groups flag to gcloud container aws clusters update for setting groups as admins.
  • Added --admin-groups flag to gcloud container azure clusters create for setting groups as admins.
  • Added --admin-groups flag to gcloud container azure clusters update for setting groups as admins.
  • Added --admin-groups flag to gcloud container attached clusters create for setting groups as admins.
  • Added --admin-groups flag to gcloud container attached clusters register for setting groups as admins.
  • Added --admin-groups flag to gcloud container attached clusters update for setting groups as admins.
  • Added --proxy-secret-name and --proxy-secret-namespace flags to gcloud container attached clusters to configure an HTTP/HTTPS proxy for outbound traffic.
  • Added --binauthz-evaluation-mode flag to gcloud container aws clusters create to configure Binary Authorization evaluation mode.
  • Added --binauthz-evaluation-mode flag to gcloud container aws clusters update to configure Binary Authorization evaluation mode.
  • Added --binauthz-evaluation-mode flag to gcloud container attached clusters register to configure Binary Authorization evaluation mode.
  • Added --binauthz-evaluation-mode flag to gcloud container attached clusters update to configure Binary Authorization evaluation mode.
  • Added --clear-admin-groups and --clear-admin-users flags to gcloud container attached clusters update to clear admin users and groups from the cluster.

Cloud Billing

Cloud Build

  • Modified gcloud builds submit to support submitting a build with 2nd-gen repository resource.
  • Added --dir and --revision flag in gcloud builds submit command.

Cloud Deploy

  • Added support to fail fast when using an unsupported Skaffold version in the create release command.
  • Added a new command deploy get-config which gets the config for the specified region and project.

Cloud Firestore

  • Added Firestore backups feature support to Alpha.

Cloud NetApp

  • Added --restricted-actions flag to gcloud netapp volumes and gcloud beta netapp volumes during create and update.

Cloud Run

  • Added --dry_run flag to gcloud beta run services replace, which will validate the YAML service specification without applying it.
  • Modified the output format of gcloud run services describe and gcloud run revisions describe to support multiple containers.

Cloud SQL

  • Promoted --password-policy-disallow-compromised-credentials flag for gcloud sql instances create and gcloud sql instances patch to GA.

Cloud TPU

  • Fixed issue where gcloud compute tpus tpu-vm ssh is unable to login when project-level enable-oslogin:TRUE is configured and instance-level enable-oslogin is unset.

Compute Engine

  • Promoted the flag of --instance-template-region to GA in gcloud compute instance-templates create.
  • Promoted the flag of --region to GA in:
    • gcloud compute instance-templates list
    • gcloud compute instance-templates delete
    • gcloud compute instance-templates describe.

Distributed Cloud Edge

  • Added --version and --release-channel flags to gcloud edge-cloud container clusters create command to allow specifying the cluster version and release channel.

GKE Hub

  • Updated gcloud container fleet memberships generate-gateway-rbac to include handling for first-party groups (email) and third-party groups of the format principalSet://iam.googleapis.com/locations/global/workforcePools/example-pool/group/third party group.

Kpt

  • Updated kpt to v1.0.0-beta.43 release. Refer to release notes for more details.

Kubernetes Engine

  • Deprecate --enable-workload-config-audit, --enable-workload-vulnerability-scanning, and enable-security-posture flags in gcloud container clusters {create, create-auto, update}. The replacements for these are:
    • --enable-workload-config-audit -> --security-posture=standard
    • --enable-security-posture -> --security-posture=standard
    • --enable-workload-vulnerability-scanning -> --workload-vulnerability-scanning=standard
  • Added enterprise value to the available modes for --workload-vulnerability-scanning flag in the alpha and beta tracks.
  • Updated default kubectl from 1.27.4 to 1.27.5.
  • Additional kubectl versions:
    • kubectl.1.23 (1.23.17)
    • kubectl.1.24 (1.24.17)
    • kubectl.1.25 (1.25.13)
    • kubectl.1.26 (1.26.8)
    • kubectl.1.27 (1.27.5)
    • kubectl.1.28 (1.28.1)

Network Connectivity

  • Added gcloud network-connectivity hubs groups command group.
  • Added gcloud network-connectivity service-connection-policies update command.

Notebooks

  • Added --timeout-minutes to the following commands to allow specifying custom timeout for the diagnose operation.
    • gcloud notebooks instances diagnose
    • gcloud notebooks runtimes diagnose

Policy Troubleshooter

  • Promoted gcloud policy-intelligence troubleshoot-policy iam to GA.

Workbench

  • Fixed workbench instances diagnose flags.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

444.0.0 (2023-08-22)

AI

  • Added gcloud beta ai persistent-resources command group which supports creating and managing persistent resources for running custom training jobs.

AlloyDB

  • Added flag --availability-type to specify availability-type for an instance to the following commands:

    • gcloud alloydb instances create
    • gcloud alloydb instances update
    • gcloud alloydb instances create-secondary
  • Added the following flags of gcloud alloydb instances create and gcloud alloydb instances update to alpha, beta and GA:

    • --ssl-mode
    • --require-connectors
  • Added flag --allocated-ip-range-name to specify the allocated IP range for a cluster to the following commands:

    • gcloud alloydb clusters create
    • gcloud alloydb clusters restore
    • gcloud alloydb clusters create-secondary

Anthos Multi-Cloud

  • Added --node-labels flag to gcloud container aws node-pools update to update the labels assigned to node pool nodes.
  • Added --clear-node-labels flag to gcloud container aws node-pools update to clear the labels assigned to node pool nodes.

App Engine

BigQuery

  • Added --quota_project_id flag to force the quota project of a request.

Cloud Billing

  • Promoted gcloud billing accounts and gcloud billing projects to GA.

Cloud Dataplex

  • Promoted resource-read-access-mode flag in assets command group to GA.
  • Added export-results-table flag in datascans create data-profile command.

Cloud Dataproc

  • Added --min-num-workers flags to gcloud dataproc clusters create.
  • Added gcloud beta dataproc sessions to create and manage Dataproc interactive sessions.
  • Added gcloud beta dataproc session-templates to create and manage Dataproc session templates.

Cloud NetApp

  • Added gcloud netapp operations and gcloud netapp locations command group.

Cloud Run

  • Added gcloud beta run jobs executions cancel to allow cancelling a running Cloud Run job execution.

Compute Engine

  • Promoted support for Standby Policy for gcloud compute instance-groups managed create in Alpha.
  • Promoted support for Standby Policy for gcloud compute instance-groups managed update in Alpha.
  • Promoted compute routers get-nat-ip-info to GA.
  • Promoted gcloud compute future-reservations command group to beta.

Connectors

  • Added gcloud connectors command group. Commands in this group provide ways to interact with Integration Connectors resources.

Dataproc Metastore

  • Promoted gcloud metastore operations cancel to GA.

GKE Hub

  • Promoted GkeHub tenancy commands to GA.
    • Promoted gcloud container fleet methods to GA.
    • Promoted gcloud container fleet memberships bindings to GA.
    • Promoted gcloud container fleet scopes to GA.
    • Promoted gcloud container fleet scopes namespaces to GA.
    • Promoted gcloud container fleet scopes rbacrolebindings to GA.

Network Connectivity

  • Updated gcloud network-connectivity internal-ranges to support overlap-existing-subnet-range enum value for --overlaps flag during create and update.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

443.0.0 (2023-08-15)

AI

  • Added --notification-channels flag to gcloud beta ai model-monitoring-jobs create|update to allow sending alerts to notification channels.

AlloyDB

  • Added option for --cpu-count=96 in instances create and instances update commands.
  • Added support for specifying --database-version in clusters create command in alpha and beta tracks.

Anthos Multi-Cloud

  • Promoted --spot-instance-types flag of gcloud container aws node-pools create to GA.

Anthos On-Prem

  • Promoted gcloud vmware admin-clusters unenroll to beta.

Artifact Registry

  • Added --remote-apt-repo and --remote-apt-repo-path to gcloud artifacts repositories create to support Apt remote repos.
  • Added --remote-yum-repo and --remote-yum-repo-path to gcloud artifacts repositories create to support Yum remote repos.
  • Fixed issue where gcloud artifacts versions delete --delete-tags errors, when the package name has slashes.
  • Updated to use the project from URI of gcloud artifacts sbom export for requests.
  • Include InTotoSlsaProvenanceV1 in the process of computing SLSA build level.

Cloud Bigtable

  • Promoted gcloud bigtable backups copy to beta and GA.

Cloud Build

  • Remove gcloud builds triggers create gitlab-enterprise command.

Cloud DNS

  • Added support to allow specifying Global internal Application load balancers as health checked targets for Routing Policies.

Cloud Dataflow

  • Promoted gcloud dataflow jobs update-options from beta to GA.

Cloud Deploy

  • Enable "Uniform Bucket Level Access" by default for the Cloud Storage buckets created in gcloud deploy releases create.

Cloud Domains

  • Added information about an agreement between Google and Squarespace, Inc. to Cloud Domains gcloud domains registrations command group.

Cloud On Demand Scanning

  • Fixed issue with extracting packages from Go binaries with invalid dependency versions.

Cloud Storage

  • Fixed --uri flag for buckets list and objects list commands.

Compute Engine

  • Promoted AWS Origin Authentication in BackendService compute API to v1.
  • Added --managed-protection-tier flag to gcloud beta compute project-info update command.

Kubernetes Engine

  • Added --tpu-topology flag to gcloud container node-pools create for creating TPU node pools with a TPU topology. For more information on TPU topologies, see https://cloud.google.com/tpu/docs/types-topologies#tpu_topologies. flag when create a cluster.
  • Added hugepage related options inside existing --system-config-from-file flag for users to configure hugepages to clusters/nodepools.

Network Management

  • Updated gcloud network-management connectivity-tests list command to print details about Google-managed endpoints, networks, and forwarding rules.
  • Updated help text for the ipAddress argument in gcloud network-management connectivity-tests to keep it consistent with the currently supported scenarios.

Workbench

  • Fixed issue with metadata flag for gcloud workbench instances create.
  • Fixed issue with service-account-email flag for gcloud workbench instances create.
  • Fixed issue with machine_type flag for gcloud workbench instances update.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

442.0.0 (2023-08-08)

Artifact Registry

  • Added an argument group of two flags allow-sbom-generation and disable-sbom-generation to gcloud artifacts repositories create, to set the SBOM generation config of the repository.
  • Added an argument group of two flags allow-sbom-generation and disable-sbom-generation to gcloud artifacts repositories update, to set the SBOM generation config of the repository.
  • Added gcloud artifacts sbom export command to export SBOM into Google Cloud Storage.
  • Added gcloud artifacts sbom list command to list SBOMs.
  • Added gcloud artifacts sbom load command to upload a custom SBOM for an artifact.
  • Added gcloud artifacts vulnerabilities load-vex command to upload a vex statement.
  • Added gcloud artifacts vulnerabilities list command to list vulnerabilities for an artifact.

Bare Metal Solution

  • Promoted gcloud bms os-images list to GA.

BigQuery

  • Fixed a bug in discovery doc load when caching is used.
  • Fixed a bug that caused a crash in some common actions like bq show.

Cloud Dataflow

  • Added gcloud beta dataflow jobs update-options which updates properties of running dataflow jobs.

Cloud Functions

Cloud Memorystore

  • Added MEMCACHED_VERSION field to the output of the command gcloud memcache instances list to specify memcached version of the instance.

Cloud Run

  • Added --network, --subnet, --network-tags, --clear-network and --clear-network-tags flags to the following commands to allow enabling or disabling Direct VPC egress for a Cloud Run service or job:
    • gcloud beta run deploy
    • gcloud beta run services update
    • gcloud beta run jobs create
    • gcloud beta run jobs deploy
    • gcloud beta run jobs update
  • Added --args, --task-timeout, --tasks and --update-env-vars flags to gcloud beta run jobs execute to allow executing a Cloud Run job with runtime overrides.

Cloud SQL

  • Added --enable-private-service-connect, --allowed-psc-projects and --clear-allowed-psc-projects flags to gcloud sql instances create and gcloud sql instances patch to support Private Service Connect for Cloud SQL.
  • Added gcloud sql instances reencrypt, which re-encrypts a Cloud SQL CMEK instance with the current primary key version.

Cloud Services

  • Promoted gcloud services api-keys lookup to GA.

Compute Engine

  • Added support for version=12 and short-name=debian in --os-types for gcloud beta compute instances ops-agents policies [create|update].
  • Promoted --auto-network-tier flag of gcloud compute routers nats create and gcloud compute routers nats update to GA.
  • Added --local-ssd-recovery-timeout to specify the timeout to recover Local SSD to GA for:
    • gcloud compute instances create
    • gcloud compute instances create-with-container
    • gcloud compute instance-templates create
    • gcloud compute instances bulk create
    • gcloud compute instances set-scheduling
    • gcloud compute instances update-from-file
  • Added gcloud compute security-policies add/remove-layer7-ddos-defense-threshold-config.
  • Added --maintenance-interval to specify the frequency of planned maintenance events to beta for:
    • gcloud compute instance-templates create
  • Promoted --resource-policies flag for glcloud compute commitments createto to beta.
  • Promoted --resource-policies flag for glcloud compute commitments createto to GA.

Database Migration

  • Modified gcloud database-migration connection-profiles --help to specify what the host field value should be when --psc-service-attachment is also specified.
  • Added --edition to gcloud database-migration connection-profiles create cloudsql to allow creating a connection profile with the edition of the given Cloud SQL instance.
  • Added skip-validation param to gcloud database-migration migration-jobs start and gcloud database-migration migration-jobs restart to allow starting/restarting migration jobs without running validations.

Kpt

  • Updated kpt in Google Cloud CLI from 1.0.0-beta.37 to 1.0.0-beta.41.

Kubernetes Engine

  • flag when create a cluster.
  • Fixed issue of gcloud container cluster update --dataplane-v2-observability-mode resetting dataplane-v2-metrics to false.
  • Updated help-text by adding hyperdisk types to --disk-type choices.

Network Management

  • Added forwardingRule argument for destination in gcloud network-management connectivity-tests. This allows the user to run tests using a Forwarding Rule endpoint as a source.

Network Security

  • Added labels support for Security Profile create, add-override, delete-override and update-override commands.

Recommender

  • Added a list command for locations that lists all locations.

Transcoder

  • Added support for --batch-mode-priority flag when creating a new job.

Transfer

  • Log info about agent delete delays.
  • Fix bug for users mounting root with --mount-directories.

Workbench

  • Added gcloud workbench instances rollback to rollback workbench instances.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

441.0.0 (2023-08-01)

Artifact Registry

  • Include InTotoSlsaProvenanceV1 in the provenance output of gcloud artifacts docker images describe when using --show-provenance flag.
  • Deprecated artifacts repositories set-cleanup-policies --overwrite. The overwrite action is now the default behavior.

BigQuery

  • Fixed bug where local discovery docs were not loaded locally.
  • Added file_set_spec_type flag to support manifest Files in load jobs and external tables.

Cloud Bigtable

  • Updated --transactional-writes behavior in gcloud bigtable app-profile update to no longer silently disable transactional writes, if not specified. --no-transactional-writes must be used to disable transactional writes, as opposed to the previous behavior, which only required omitting --transactional-writes.

Cloud Build

  • Fixed issue where gcloud builds triggers update pubsub command returned invalid request when not providing pubsub topic.

Cloud Composer

  • Fixed an issue where using comments in the requirements.txt file broke updating Python packages.

Cloud Dataplex

  • Promoted datascans command group to GA.

Cloud Key Management Service

  • Added gcloud kms raw-encrypt and gcloud kms raw-decrypt commands to support raw symmetric encryption algorithms AES-128-GCM, AES-256-GCM, AES-128-CBC, AES-256-CBC, AES-128-CTR, and AES-256-CTR.

Cloud NetApp

  • Removed some extra fields in gcloud {beta, alpha} netapp {storage-pools, volumes, kms-configs} list due to messy output when too many fields.

Cloud Storage

  • Fixed behavior when preserving both symlinks and POSIX metadata on an OS with limited symlink support.
  • Fixed an issue clobbering an existing file on download if the file is a broken symlink.
  • Fixed an issue causing some hidden files to be skipped or transferred multiple times.
  • Added name field to objects and buckets list and describe commands.
  • Added bucket field to objects list and describe commands.

Cloud Workstations

  • Added --enable-nested-virtualization flag to gcloud workstations configs to enable nested virtualization on new or existing Cloud Workstation Configurations.

Compute Engine

  • Added new ENDPOINT_TYPE_MANAGED_PROXY_LB enum option to --endpoint-types flag of gcloud compute routers nats create in beta.
  • Promoted any-single-zone target distribution shape for regional managed instance groups to GA.
  • Promoted regional INTERNET_IP_PORT and INTERNET_FQDN_PORT Network Endpoint Groups in gcloud compute network-endpoint-groups to beta. Affected commands:
    • gcloud compute network-endpoint-groups create - support for Internet NEG types in regional scopes
    • gcloud compute network-endpoint-groups list-network-endpoints
    • gcloud compute network-endpoint-groups update <RESOURCE_NAME> --add-endpoint
    • gcloud compute network-endpoint-groups update <RESOURCE_NAME> --remove-endpoint
  • Update replica-zones support --create-disk=replica-zones for gcloud compute instance-templates create.
  • Promoted --purpose=global-managed-proxy flag of gcloud compute networks subnets create to beta.

Database Migration

  • Added gcloud database-migration conversion-workspaces describe-ddls which describes DDLs in a Database Migration Service conversion workspace.
  • Added gcloud database-migration conversion-workspaces describe-issues which describes issues in a Database Migration Service conversion workspace.
  • Added gcloud database-migration migration-jobs create to allow creating a migration job with a dump parallelization level.
  • Added gcloud database-migration migration-jobs update to allow configuring a migration job with a dump parallelization level.
  • Added --allocated-ip-range to gcloud connection-profiles create cloudsql to allow using an allocated subnet range when creating the destination Cloud SQL instance with a private connection.

GKE Hub

  • Updated gcloud container fleet memberships generate-gateway-rbac to include handling for third-party principals of the format principal://iam.googleapis.com/locations/global/workforcePools/example-pool/subject/third party user.

Kubernetes Engine

  • Updated default kubectl from 1.25.11 to 1.26.7.
  • Additional kubectl versions:
    • kubectl.1.21 (1.21.14)
    • kubectl.1.22 (1.22.17)
    • kubectl.1.23 (1.23.17)
    • kubectl.1.24 (1.24.16)
    • kubectl.1.25 (1.25.12)
    • kubectl.1.26 (1.26.7)
    • kubectl.1.27 (1.27.4)
  • Removed prerequisite for using --enable-master-global-access

Network Connectivity

  • Updated gcloud network-connectivity internal-ranges update to support setting and clearing overlaps.

Network Security

  • Added labels support for Security Profile Group create and update commands.

Policy Simulator

  • Added gcloud beta policy-intelligence simulate orgpolicy which runs a Simulation for OrgPolicy.

Pubsub Emulator

  • Fixed issue where messages may not be delivered in order when using unary pull.

Workbench

  • Added gcloud workbench to manage workbench instances.
  • Added gcloud workbench instances add-iam-policy-binding to add iam policy for workbench instances.
  • Added gcloud workbench instances delete to delete workbench instances.
  • Added gcloud workbench instances describe to describe workbench instances.
  • Added gcloud workbench instances get-iam-policy to get the iam policy for workbench instances.
  • Added gcloud workbench instances remove-iam-policy-binding to remove the iam policy binding for workbench instances.
  • Added gcloud workbench instances set-iam-policy to set the iam policy for workbench instances.
  • Added gcloud workbench instances reset to reset workbench instances.
  • Added gcloud workbench instances stop to stop workbench instances.
  • Added gcloud workbench instances start to start workbench instances.
  • Added gcloud workbench instances diagnose to diagnose workbench instances.
  • Added gcloud workbench instances upgrade to upgrade workbench instances.
  • Added gcloud workbench instances check-instance-upgradability to check upgradability of workbench instances.
  • Added gcloud workbench instances create to create workbench instances.
  • Added gcloud workbench instances update to update workbench instances.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

440.0.0 (2023-07-25)

Cloud Build

  • Updated help text for --comment-control flag in gcloud builds triggers bitbucket-server, gcloud builds triggers gitlab and gcloud builds triggers gitlab-enterprise to describe the allowed values.

Cloud Composer

  • Added --enable-high-resilience to gcloud composer environments update to enable high resilience mode for environments.
  • Added --disable-high-resilience to gcloud composer environments update to disable high resilience mode for environments.

Cloud DNS

  • Added support to allow specifying regional L7 forwarding rules as health checked targets for Routing Policies.

Cloud Healthcare

  • Added support for --stream-configs and --send-for-bulk-import flags to the following commands:
    • gcloud healthcare dicom-stores create
    • gcloud healthcare dicom-stores update
    • gcloud beta healthcare dicom-stores list
    • gcloud healthcare dicom-stores list

Cloud NetApp

  • Added LOCATION to fields to be listed in structured output during gcloud beta netapp volumes list.

Cloud Pub/Sub

  • Added a warning when --push-auth-token-audience and --push-auth-service-account flags are ignored due to missing dependent flags in gcloud pubsub subscriptions [create|update|modify-push-config] commands.

Cloud Storage

  • Modified buckets create so that multiple buckets can be created with a single command.

Compute Engine

  • Promoted --service-lb-policy flag of gcloud compute backend-services create and gcloud compute backend-services update to beta.
  • Promoted --type flag of gcloud compute routers nats create to beta.
  • Promoted --source-nat-active-ranges, --source-nat-active-ranges-region, --source-nat-drain-ranges, --clear-source-nat-drain-ranges and --source-nat-drain-ranges-region flags of gcloud compute routers nats rule update to beta.
  • Promoted --source-nat-active-ranges and --source-nat-active-ranges-region flags of gcloud compute routers nats rule create to beta.
  • Promoted new allowed value: PRIVATE_NAT for --purpose flag of gcloud compute networks subnets create to beta.
  • Promoted new :ALL range option for subnets passed to --nat-custom-subnet-ip-ranges flag of gcloud compute routers nats (create|update).
  • Promoted --security-profile-group and --[no-]tls-inspect flags for gcloud compute <network->firewall-policies rules <create|update> to beta.
  • Promoted gcloud compute resource-policies update snapshot-schedule to GA.
  • Promoted --force-update-on-repair flag of gcloud compute instance-groups managed <create | update> to GA.
  • Promoted --confidential-compute flag of gcloud compute disks create to beta.
  • Promoted --create-disk=confidential-compute for gcloud compute instances create to beta.

Container Registry

  • Fixed gcloud container images describe for gcr.io repos in Artifact Registry.

Kubernetes Engine

  • Updated broken links in gcloud container get-credentials help text.
  • Added --network-performance-configs=total-egress-bandwidth-tier=[DEFAULT|TIER_1] to gcloud container clusters create and gcloud container clusters update to allow setting default network performance tier for new node-pools. See gcloud container node-pools create.
  • Added --enable-multi-networking to gcloud container clusters create and added --additional-node-network and --additional-pod-network to gcloud container node-pools create to allow creation of multi-networking enabled clusters with additional node and pod networks.
  • Added --placement-policy flag to gcloud container clusters create command.
  • Added --placement-policy flag to gcloud container node-pools create command.
  • Disabled --enable-insecure-kubelet-readonly-port flag.
  • Updated help-text by removing --release-channel=NONE option for gcloud container create-auto. This option is not available for create-auto since Autopilot cluster must be subscribed to a release-channel.

Transcoder

  • Added support for --optimization flag when creating a new job.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

439.0.0 (2023-07-18)

Breaking Changes

  • (Kubernetes Engine) Renamed --binauthz-policy to --binauthz-policy-bindings in gcloud beta container clusters commands.

App Engine

Assured Workloads

  • Added --partner-permissions flag (optional) for gcloud assured workloads create command to enable setting the partner permissions parameter for creation of partner workload (workload managed by local trusted partners) through gCloud command.

BigQuery

  • Updated bundled discovery docs to revision 20230614.
  • Fixed bug stopping httplib2_debuglevel from being used.
  • Added file_set_spec_type flag to support manifest Files in load jobs and external tables.
  • Added destination_kms_key to create / update transfer configs.

Cloud Bigtable

  • Added --change-stream-retention-period flag to gcloud bigtable instances tables create and gcloud bigtable instances tables update.
  • Added --clear-change-stream-retention-period flag to gcloud bigtable instances tables update.
  • Rebuilt with golang 1.20.6 to address CVEs present in prior versions.

Cloud Bigtable Emulator

  • Rebuilt with golang 1.20.6 to address multiple CVEs in prior versions of golang.
  • Added support for reverse scans.

Cloud Build

  • Promoted gcloud builds triggers update to GA.

Cloud Datastream

  • Fixed issue where creating an oracle profile with streamLargeObjects field returned an error.

Cloud Functions

  • Updated gcloud functions deploy to prompt to allow unauthenticated invocations for new 2nd gen functions before deploying. This aligns with the behavior for new 1st gen functions.

Cloud IAM

  • Added --web-sso-additional-scopes flag to gcloud iam workforce-pools providers create-oidc and gcloud iam workforce-pools providers update-oidc which allows specification of additional OIDC scopes for web sign-in.

Cloud Memorystore

  • Added --reserved-ip-range-id flag to gcloud memcache instances create to allow specifying named allocations while creating an instance.

Cloud Pub/Sub

  • Promoted --push-no-wrapper and --push-no-wrapper-write-metadata flags of gcloud pubsub subscriptions [create|update|modify-push-config] to GA. Adds the ability to set and update payload unwrapping properties for push subscriptions. For more information, see the https://cloud.google.com/pubsub/docs/payload-unwrapping.

Cloud SQL

  • Added --[no-]recreate-replicas-on-primary-crash flag to gcloud sql instances create and gcloud sql instances patch to enable/disable replica recreation when a Mysql primary instance operating in reduced durability mode crashes.

Cloud Spanner

  • Added --priority flag to gcloud spanner databases execute-sql to allow setting request priority for the query to convey the relative importance of workloads.

Cloud Storage

  • Fixed gcloud storage buckets update --clear-log-bucket behavior so it now clears the entire logging configuration.
  • Promoted gcloud storage du command to GA.
  • Promoted gcloud storage hmac command group to GA.
  • Promoted gcloud sign-url command to GA.
  • Standardized resource format for describe and list commands across API providers. Use --raw flag to get the old API-specific format.

Compute Engine

  • Promoted --custom-learned-route-priority and --set-custom-learned-route-ranges flags of gcloud compute routers add-bgp-peer to GA.
  • Promoted --custom-learned-route-priority, --set-custom-learned-route-ranges, --add-custom-learned-route-ranges and --remove-custom-learned-route-ranges flags of gcloud compute routers update-bgp-peer to GA.
  • Promoted --http-keep-alive-timeout-sec flag for gcloud compute <target-http-proxies|target-https-proxies> <create|update> to GA.
  • Promoted --clear-http-keep-alive-timeout-sec flag for gcloud compute <target-http-proxies|target-https-proxies> update to GA.
  • Added --local-ssd-recovery-timeout to specify the timeout to recover Local SSD to beta for:
    • gcloud compute instances create
    • gcloud compute instances create-with-container
    • gcloud compute instance-templates create
    • gcloud compute instances bulk create
    • gcloud compute instances set-scheduling
    • gcloud compute instances update-from-file
  • Added --requested-features flag to gcloud compute interconnects create to allow requesting MACSec support for an Interconnect.
  • Promoted --requested-features flag of gcloud compute interconnects create to beta.
  • Promoted gcloud compute interconnects macsec get-config to beta.
  • Promoted gcloud compute interconnects macsec update to beta.
  • Promoted gcloud compute interconnects macsec add-key to beta.
  • Promoted gcloud compute interconnects macsec remove-key to beta.
  • Added gcloud compute interconnects macsec update-key to allow updating MACSec pre-shared keys.
  • Promoted gcloud compute interconnects macsec update-key to beta.
  • Custom machine type validation in regional gcloud compute instances bulk create command has been fixed.

GKE Hub

  • Promoted gcloud container fleet fleetobservability to GA.

Kubernetes Engine

  • Updated broken links in gcloud container get-credentials help text.
  • Added --enable-dataplane-v2-metrics and --dataplane-v2-observability-mode flags to gcloud container clusters create, gcloud container clusters create-auto and gcloud container clusters update.

Network Security

  • Updated import/export schema for gcloud network-security tls-inspection-policies with new fields in beta.
  • Security Profile Groups and Security Profiles only supports global location. --location flag now takes default global as location.
  • Updated Firewall Endpoint Associations resource to accept TLS inspection policy with an optional flag.

Security Command Center

  • Add deprecation notices to gcloud scc assets commands which are being deprecated in favor of Cloud Asset Inventory APIs.

Workbench

  • Added gcloud workbench to manage workbench instances.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

438.0.0 (2023-07-11)

Breaking Changes

  • (AI) Modified gcloud ai index-endpoints create to create public endpoint by default. Set --network flag to create private endpoint.
  • (Cloud IAM) Make --web-sso-response-type and --web-sso-assertion-claims-behaviorflag required in gcloud iam workforce-pools providers create-oidc.
  • (Stackdriver Debugger) Deleted gcloud deploy. Cloud Debugger is deprecated and was shut down May 31, 2023. For more information, see https://cloud.google.com/debugger/docs/deprecations.

Artifact Registry

  • Added artifacts repositories set-cleanup-policies.
  • Added artifacts repositories list-cleanup-policies.
  • Added artifacts repositories delete-cleanup-policies.

Backup For GKE

  • Added the following flags to gcloud container backup-restore restore-plans create and gcloud container backup-restore restore-plans update to expand cluster resource restore scope options:
    • --cluster-resource-scope-all-group-kinds
    • --cluster-resource-scope-selected-group-kinds
    • --cluster-resource-scope-excluded-group-kinds
    • --cluster-resource-scope-no-group-kinds
  • Deprecated --cluster-resource-restore-scope. Use --cluster-resource-selected-group-kinds instead.
  • Added the following flags to gcloud container backup-restore restore-plans create and gcloud container backup-restore restore-plans update to expand namespaced resourced restore scope options:
    • --no-namespaces
    • --excluded-namespaces

Cloud Build

  • Add E2_MEDIUM machine type.
  • Promoted gcloud builds connections and gcloud builds repositories to GA.
  • Promoted gcloud builds triggers create gitlab to GA.

Cloud Datastore Emulator

  • Released Cloud Datastore emulator v2.3.1
    • Fixed bug which caused /reset to never return a response.

Cloud Functions

  • Added warning and prompting to gcloud functions get-iam-policy and gcloud functions remove-iam-policy-binding about needing to bind the roles/run.invoker role for 2nd gen functions.

Cloud Healthcare

  • Added --stream-configs flag to the following commands:
    • gcloud beta healthcare dicom-stores create
    • gcloud beta healthcare dicom-stores update

Cloud IAM

  • Added --client-secret-value flag to gcloud iam workforce-pools providers create-oidc and gcloud iam workforce-pools providers update-oidc which allow user to setup client secret for authorization code flow.
  • Added --clear-client-secret flag to gcloud iam workforce-pools providers update-oidc which allow user to clear client secret setup for authorization code flow.
  • Added code as value for --web-sso-response-type flag to gcloud iam workforce-pools providers create-oidc and gcloud iam workforce-pools providers update-oidc which allow user to setup authorization code flow.
  • Added merge-user-info-over-id-token-claims as value for --web-sso-assertion-claims-behavior flag to gcloud iam workforce-pools providers create-oidc and gcloud iam workforce-pools providers update-oidc which allow user to merge the UserInfo Endpoint Claims with ID Token Claims, preferring UserInfo Claim Values for the same Claim Name.

Cloud Pub/Sub

  • Promoted --cloud-storage-bucket, --cloud-storage-file-prefix, --cloud-storage-file-suffix, --cloud-storage-max-bytes, --cloud-storage-max-duration, --cloud-storage-output-format and --cloud-storage-write-metadata flags of gcloud pubsub subscriptions create to GA. Adds the ability to set Cloud Storage configuration options in Cloud Pub/Sub subscriptions. For more information, see the https://cloud.google.com/pubsub/docs/cloudstorage.
  • Promoted --cloud-storage-bucket, --cloud-storage-file-prefix, --cloud-storage-file-suffix, --cloud-storage-max-bytes, --cloud-storage-max-duration, --cloud-storage-output-format, --cloud-storage-write-metadata, and --clear-cloud-storage-config flags of gcloud pubsub subscriptions update to GA. Adds the ability to update Cloud Storage configuration options in Cloud Pub/Sub subscriptions. For more information, see the https://cloud.google.com/pubsub/docs/cloudstorage.

Cloud SQL

  • Added gcloud sql operations cancel to cancel an operation running on a Cloud SQL instance.
  • Added edition and enable-data-cache flags to gcloud sql instances create and gcloud sql instances patch to support Edition and Data Cache.
  • Added show-edition flag to gcloud sql instances list and gcloud sql tiers list to display Edition.

  • Added --password-policy-disallow-compromised-credentials flag to gcloud sql instances create and gcloud sql instances patch for ALPHA and BETA.

Cloud Storage

  • Updated gsutil component to 5.25.
  • Fix a bug preventing nested directory symlinks from being preserved when uploading a directory recursively.

Cloud Workstations

  • Updated --machine-type flag for configs command to accept any string.

Compute Engine

  • Added 23.04 to allowed list of values for --version of gcloud beta compute instances ops-agents policies [create|update].
  • Promote --instance-kms-key flag of gcloud compute instance create to GA.
  • Promoted --preference flag of gcloud compute backend-services add-backend and gcloud compute backend-services update-backend to beta.
  • Added --allow-cidr-routes-overlap flag to gcloud beta compute networks subnets update command.
  • Added SEV_SNP_CAPABLE to the list of guestOsFeatures.
  • Added support for clearing fields to gcloud beta compute security-policies remove-user-defined-field and gcloud beta compute security-policies rules update.

GKE Hub

  • Modified gcloud container fleet memberships register command to validate that the --manifest-output-file flag is only used with the --install-connect-agent flag.

Kpt

  • Updated kpt in Google Cloud CLI from 1.0.0-beta.35 to 1.0.0-beta.37.

Kubernetes Engine

  • Added new kubedns option to --cluster-dns to allow KubeDNS to be explicitly specified as the cluster DNS provider.
  • Added GcsFuseCsiDriver option to --addons flag of gcloud container clusters create to enable the Cloud Storage FUSE Container Storage Interface (CSI) Driver.
  • Added GcsFuseCsiDriver option to --update-addons flag of gcloud container clusters update to enable/disable the Cloud Storage FUSE Container Storage Interface (CSI) Driver.
  • Updated default kubectl from 1.25.9 to 1.25.11.
  • Additional kubectl versions:
    • kubectl.1.21 (1.21.14)
    • kubectl.1.22 (1.22.17)
    • kubectl.1.23 (1.23.17)
    • kubectl.1.24 (1.24.15)
    • kubectl.1.25 (1.25.11)
    • kubectl.1.26 (1.26.6)
    • kubectl.1.27 (1.27.3)

Network Connectivity

  • Added gcloud network-connectivity hubs add-iam-policy-binding, gcloud network-connectivity hubs remove-iam-policy-binding, gcloud network-connectivity hubs get-iam-policy, and gcloud network-connectivity hubs set-iam-policy commands.
  • Added gcloud network-connectivity hubs list-spokes command which supports listing all spokes associated with a hub.
  • Added gcloud network-connectivity hubs route-tables command group which supports listing and describing route tables.
  • Added gcloud network-connectivity hubs route-tables routes command group which supports listing and describing routes.
  • Added gcloud network-connectivity spokes accept and gcloud network-connectivity spokes reject commands.
  • Added --global flag to gcloud network-connectivity spokes delete, gcloud network-connectivity spokes describe, and gcloud network-connectivity spokes list commands.
  • Added gcloud network-connectivity spokes linked-vpc-network command group which supports creating and updating VPC spokes.

Network Security

  • Added gcloud network-security firewall-endpoint-associations update to alpha and beta. This command updates the labels and TLS inspection policy of Cloud Firewall Plus associations.

Network Services

  • Promoted gcloud network-services service-lb-policies to beta.

Recaptcha

  • Added --skip-billing-check to recaptcha keys migrate. If usage is under the free quota, the billing check can be safely skipped.

Recommender

  • Added list insight-types to beta for recommender surface.
  • Added list recommenders to beta for recommender surface.
  • Updated list insights to use beta list insight-types command.
  • Updated list recommendations to use beta list recommenders command.

Security Command Center

  • Updated gcloud scc findings documentation to fix an invalid finding id used in examples.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

437.0.1 (2023-06-30)

Cloud Storage

  • Reverted change that broke gcloud storage cp with relative path characters.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

437.0.0 (2023-06-27)

Anthos Multi-Cloud

  • Modified gcloud container aws node-pools list and gcloud container azure node-pools list to fetch server configurations and to give a warning when any of the node pools are running an end-of-life version.

App Engine

Artifact Registry

  • Updated the output of gcloud artifacts docker images describe to include SBOM location information.
  • Added flag --show-sbom-references to gcloud artifacts docker images describe to list SBOM reference occurrences.
  • Updated the output of gcloud artifacts docker images describe with flag --show-all-metadata to include SBOM reference occurrences.
  • Added Go as an option of --repository-format flag of gcloud artifacts repositories create to create Go repositories.
  • Added gcloud artifacts go upload command to upload Go modules.

Cloud Bigtable

  • The maximum retention period for a Cloud Bigtable backup has been increased from 30 days to 90 days, giving you more robust data protection and data quality control. For more information on how Bigtable backups work, see https://cloud.google.com/bigtable/docs/backups.

Cloud Build

  • Added gcloud beta builds connections create gitlab and gcloud beta builds connections update gitlab.

Cloud Filestore

  • Added --tier=ZONAL flag to gcloud beta filestore instances create to support a zonal filestore instance creation.

Cloud NetApp

  • Removed a print statement that led to messy output during gcloud beta netapp volumes replications create.

Cloud SQL

  • Added gcloud beta sql instances reencrypt, which re-encrypts a Cloud SQL CMEK instance with the current primary key version in beta.

Cloud Storage

  • Release rsync command

Compute Engine

  • Gcloud compute will now retry two times if its follow-up Operations.Wait|Get requests return 503 error.

GKE Hub

  • Added gcloud container fleet memberships support-access which allows users to manage Support access.

Network Security

  • Added gcloud network-security firewall-endpoints update to alpha and beta. This command updates the labels of Cloud Firewall Plus endpoints.

Recaptcha

  • Removed gcloud recaptcha firewallpolicies surface and all commands within. Please use gcloud recaptcha firewall-policies instead.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

436.0.0 (2023-06-21)

AlloyDB

  • Promoted AlloyDB Inject Fault commands to GA track. Modified commands include: alloydb instances inject-fault.

Anthos Multi-Cloud

  • Modified gcloud container aws node-pools describe and gcloud container azure node-pools describe to fetch server configurations and to give a warning when the nodepool is running an end-of-life version.
  • Modified gcloud container aws clusters list and gcloud container azure clusters list to fetch server configurations and to give a warning when any of the clusters are running an end-of-life version.

Batch

  • Promoted Batch submit job optional prefix feature to beta and GA.

Cloud Deploy

  • Added new --deploy-parameters to gcloud deploy releases create command. When used, deploy parameters will be set for the release.
  • Added gcloud deploy rollouts advance, gcloud deploy rollouts cancel, gcloud deploy rollouts ignore-job, and gcloud deploy job-runs terminate commands for the Deployment Strategies GA launch.

Cloud Firestore Emulator

  • Release Cloud Firestore emulator v1.18.1
    • Added a new emulator configuration to start with experimental mode.

Cloud Functions

  • Fixed issue where gcloud functions deploy could fail in certain cases if the caller was missing permissions to get the project IAM policy.

Cloud IAM

  • Added flags --folder and --organization to gcloud beta services identity create.
    • Support folder and organization level service agents creation, in addition to project level service agents.

Cloud NetApp

  • Added --force parameter to gcloud beta netapp volumes replications stop to force stop a replication during a data transfer.

Cloud SQL

  • Added --preferred-zone flag to gcloud sql instances clone --point-in-time to support point in time recovery to a specified zone for PostgreSQL.
  • Added gcloud sql instances get-latest-recovery-time command to get the latest recovery time for a PostgreSQL instance.

Cloud Spanner

  • Promoted spanner databases update command to beta and GA tracks.

Cloud Storage

  • Fixed issue where certain gcloud storage commands would fail to load when the PATH environment variable was not set.

Cloud Workstations

  • Promoting workstations, workstations configs, and workstations clusters commands to GA.

Compute Engine

  • Promoted --instance-kms-key flag of gcloud compute instance create to beta.
  • Promoted --max-count-per-zone flag of gcloud compute instances bulk create to v1. Flag defines maximum number of instances that can be created per zone for regional bulk insert.
  • Promoted disk-consistency-group argument of gcloud compute resource-policies create to GA.
  • Promoted --primary-disk, --primary-disk-project, --primary-disk-region, and --primary-disk-zone of gcloud compute disks create to GA.
  • Promoted gcloud compute disks start-async-replication to GA.
  • Promoted gcloud compute disks stop-async-replication to GA.
  • Promoted gcloud compute disks stop-group-async-replication to GA.
  • Promoted gcloud compute disks bulk create to GA.
  • Added deny as a choice for --action and--exceed-action of gcloud compute security-policies rules create|update.

Kubernetes Engine

  • Added --sole-tenant-node-affinity-file flag to gcloud container node-pools create for creating node pools backed by sole tenant node groups. For more information see https://cloud.google.com/kubernetes-engine/docs/how-to/sole-tenancy.
  • Added --security-posture and --workload-vulnerability-scanning flags to gcloud container clusters create, gcloud container clusters create-auto, and gcloud container clusters update for controlling GKE Security Posture features.

  • Added --workload-policies flag to gcloud container clusters create-auto and gcloud container clusters update for enabling NET_ADMIN privilege. Added --remove-workload-policies flag to gcloud container clusters update for disabling NET_ADMIN privilege.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

435.0.1 (2023-06-14)

Cloud Firestore

  • Removed the --enable-pitr flag from gcloud firestore databases <create|update> which was causing firestore database creation failures.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

435.0.0 (2023-06-13)

Breaking Changes

  • (Compute Engine) Modified quota exceeded errors to show future limit and rollout status information to user in addition to original error message.

Anthos Multi-Cloud

  • Modified gcloud container aws clusters describe and gcloud container azure clusters describe to fetch server configurations and to give a warning when the cluster is running an end-of-life version.
  • Added --root-volume-throughput flag to gcloud container aws clusters and gcloud container aws node-pools to support customizable EBS root volume throughput.
  • Added --main-volume-throughput flag to gcloud container aws clusters create to support customizable EBS main volume throughput.
  • Added --disable-per-node-pool-sg-rules flag to gcloud container aws clusters create and gcloud container aws clusters update to disable the default security group rules provisioned for each node pool.
  • Added --enable-per-node-pool-sg-rules flag to gcloud container aws container clusters update to re-enable the default security group rules provisioned for each node pool.

Cloud Bigtable

  • Add ability to count rows for a prefix.

Cloud Filestore

  • Added --kms-key flag to gcloud filestore backups create, which allows an Enterprise or High Scale backup to be created that is encrypted with a CMEK key." => "which creates a backup with an associated customer-managed encryption key (CMEK). Only available for Enterprise or High Scale tier instances.
  • Added --instance-location flag to gcloud filestore backups create, which accepts either a zone or region and allows clients to restore Basic HDD, Basic SSD, and Enterprise tier backups.

Cloud Functions

  • Promoted --docker-repository, --kms-key, clear-docker-repository, and --clear-kms-key flags of gcloud functions deploy --gen2 to GA, which bring CMEK support for Cloud Functions 2nd Gen.

Cloud NetApp

  • Added gcloud beta netapp group which includes gcloud beta netapp storage-pools, gcloud beta netapp volumes, gcloud beta netapp active-directories, gcloud beta netapp kms-configs, gcloud beta netapp locations, gcloud beta netapp operations, gcloud beta netapp volumes snapshots, and gcloud beta netapp volumes replications.

Cloud Run

  • Promoted gcloud run services proxy to GA. This command allows you to proxy a service or a revision to localhost. Requests will be authenticated as the current SDK account, or with a provided token.

Cloud TPU

  • Fixed bug so that gcloud compute tpus tpu-vm ssh respects instance preference of setting enable-oslogin to false.

Compute Engine

  • Promoted source-instant-snapshot flag of gcloud compute disks create to beta.
  • Promoted --source-instant-snapshot, --source-instant-snapshot-zone and --source-instant-snapshot-region flags of gcloud compute snapshots create to beta.
  • Promoted gcloud compute instant-snapshots create to beta.
  • Promoted gcloud compute instant-snapshots delete to beta.
  • Promoted gcloud compute instant-snapshots describe to beta.
  • Promoted gcloud compute instant-snapshots list to beta.
  • Promoted gcloud compute instant-snapshots add-labels to beta.
  • Fixed bug in handling quota exceeded error with gcloud compute commitments create command.
  • Added force-attach support to gcloud compute instances create.
  • Added --recaptcha-action-site-keys and --recaptcha-session-site-keys to gcloud beta compute security-policies rules create|update.
  • Added --network-user-defined-fields, --network-src-ip-ranges, --network-dest-ip-ranges, --network-ip-protocols, --network-src-ports, --network-dest-ports, --network-src-region-codes, and --network-src-asns to gcloud beta compute security-policies rules create|update.
  • Added gcloud beta compute security-policies add-user-defined-fields and gcloud beta compute security-policies remove-user-defined-fields commands.
  • Added --security-policy and --security-policy-region to gcloud beta compute instances network-interfaces update.
  • Added gcloud beta compute target-pools update and gcloud beta compute target-instances update commands.

Kpt

  • Updated kpt in Google Cloud CLI from 1.0.0-beta.34 to 1.0.0-beta.35.

Kubernetes Engine

  • Undeprecated and unhid --logging and --monitoring flags from gcloud container clusters create-auto.

  • Added a new command gcloud container clusters check-autopilot-compatibility which returns a list of autopilot compatibility issues of the given cluster.

Vmware Engine

  • Added commands for managing resources:

    • Private connections:
    • Added commands to perform CRUD
    • Retrieving exchanged routes

    • Subnets:

    • Added commands to describe and update a subnet

    • Private clouds:

    • Added ability to create a time limited PC

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

434.0.0 (2023-06-06)

AlloyDB

  • Promote Continuous Backups related commands to the GA track, which include changes to gcloud alloydb clusters create, gcloud alloydb clusters update and gcloud alloydb clusters restore.

Anthos On-Prem

  • Modified gcloud container vmware admin-clusters list. When specifying --location=-, or when both --location and gcloud configuration container_vmware/location are not specified, return admin clusters in all locations of the specified project.

Cloud Functions

  • Updated gcloud functions logs read to read function logs from both 1st gen and 2nd gen functions when no function name is provided unless --gen2 or --no-gen2 is set.

Cloud Key Management Service

  • Promoted gcloud kms inventory which allows viewing and tracking of keys across cloud resources.

Cloud Logging

  • Promoted --custom-writer-identity flag of gcloud logging sinks create to beta and GA.
  • Promoted --custom-writer-identity flag of gcloud logging sinks update to beta and GA.

Compute Engine

  • Updated the Interconnect attachment Bring Your Own IP (BYOIP) IPv6 fields to be unavailable.
  • Added --size flag to gcloud compute disks update to support size update.
  • Added hyperdisk-balanced support to gcloud compute disks create and gcloud compute instances create.
  • Added --per-instance-hostnames flag to gcloud compute instances bulk create for alpha and beta.
  • Promoted --http-keep-alive-timeout-sec flag for gcloud compute <target-http-proxies|target-https-proxies> <create|update> and --clear-http-keep-alive-timeout-sec flag for gcloud compute <target-http-proxies|target-https-proxies> update to beta.

Dataproc Metastore

  • Promoted --endpoint-protocol flag to GA.

Kubernetes Engine

  • Added --enable-fqdn-network-policy flag to gcloud beta container clusters create and gcloud beta container clusters update.

Recommender

  • Added a list command for insights that lists all available insight types.
  • Added a list command for recommenders that lists all available recommenders.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

433.0.1 (2023-06-1)

Google Cloud CLI

  • Disabled self-signed jwt usage for service accounts.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

433.0.0 (2023-05-31)

Breaking Changes

  • (Cloud Run) Added --[no-]async flags to gcloud run jobs delete and gcloud run jobs executions delete with a default value of --no-async. Changed these two commands to wait for delete operation by default.

Google Cloud CLI

  • Fixed issue where running the install script from within the root google-cloud-sdk directory would crash with an unactionable error when new versions of certain components were made available prior to installation.

AlloyDB

  • Promoted AlloyDB Cross Region Replication commands to GA track. Modified commands include: alloydb clusters create-secondary, alloydb clusters promote, alloydb instances create-secondary.

Anthos On-Prem

  • Modified gcloud container bare-metal admin-clusters list. When specifying --location=-, or when both --location and gcloud configuration container_bare_metal/location are not specified, return admin clusters in all locations of the specified project.

Artifact Registry

  • Updated the output of gcloud artifacts docker images list with flag --show-occurrences to include SBOM reference occurrences.

Certificate Authority Service

  • Added --publishing-encoding-format flag to gcloud privateca pools create and gcloud privateca pools update to allow users to optionally publish DER encoded CA certificates and CRLs to Google Cloud Storage buckets.

Cloud Build

  • Added flag to specify substitutions in gcloud builds triggers run.
  • Modified --branch, --tag, --sha flags to be optional in gcloud builds triggers run command.

Cloud Composer

  • Added --enable-high-resilience to gcloud composer environments create to create environments with high resilience mode.
  • Added gcloud composer environments database-failover to manually run a database failover for environments with high resilience enabled.
  • Added gcloud composer environments fetch-database-properties to fetch airflow database properties for Composer environments.

Cloud Logging

  • Added logging_service_account_id to settings describe response.

Cloud SQL

  • Added --no-recovery, --bak-type and --recovery-only flags to gcloud sql import bak and added --bak-type and --differential-base flags to gcloud sql export bak to enable the differential import/export feature for SQL Server.

Cloud Workstations

  • Added --accelerator-type and --accelerator-count flags to gcloud beta workstations configs create.

Compute Engine

  • Fixed bug in handling quota exceeded error with gcloud compute commitments create command.
  • Added --region flag to gcloud beta compute security-policies rules commands.
  • Deprecated --no-client-ttl and --no-max-ttl arguments of gcloud compute [backend-services|backend-buckets] [create|update].

Kpt

  • Updated kpt in Google Cloud CLI from 1.0.0-beta.33 to 1.0.0-beta.34.

Kubernetes Engine

  • Added --enable-best-effort-provision and --min-provision-nodes to gcloud container node-pools create to turn on best effort provisioning for node pool creation.

Network Security

  • Added network-security firewall-endpoint-associations commands to manage Cloud Firewall Plus endpoint associations, and promoted them to beta.
  • Promoted commands under gcloud network-security address-groups to GA.
  • Promoted commands under gcloud network-security org-address-groups to GA.

Security Command Center

  • Added gcloud topic datetimes support for gcloud scc command group timestamp and duration flags.

Transfer

  • Added --docker-network flag to gcloud transfer agents install to allow configuration of the underlying Docker container's network.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

432.0.0 (2023-05-23)

AI

  • Added --public-endpoint-enabled flag to gcloud ai index-endpoints create to support public endpoint.
  • Modified --network flag of gcloud ai index-endpoints create to be optional.

Anthos On-Prem

  • Added --disable-control-plane-v2 flag to gcloud container vmware clusters create to explicitly disable the use of control plane v2 feature.
  • --enable-control-plane-v2 in gcloud container vmware clusters create is by default set for version 1.15+.
  • Added --ignore-errors flag to gcloud container bare-metal admin-clusters unenroll. If set, the unenrollment of a bare metal admin cluster resource will succeed even if errors occur during unenrollment.

Artifact Registry

  • Changed IAM policy analysis scope to the root of project in gcloud beta artifacts docker upgrade print-iam-policy.

BigQuery

  • Fixed bug to ensure show works with encrypted S3 managed tables.
    • Fixed bug to ensure spark properties can be updated to empty values.
    • Fixed RANGE<TIMESTAMP> to correctly display UNBOUNDED boundaries.
    • Fixed bug in the bq info command that caused it to always fail.
    • Fixed bug where a line of logging was always printed.
    • Added connections to get-iam-policy and set-iam-policy.

Cloud Build

  • Modified (--repo, --repo-type) and --repository to be optional in gcloud builds triggers create manual, gcloud builds triggers create webhook and gcloud builds triggers create pubsub.

Cloud Storage

  • Updated gsutil component to 5.24.

Compute Engine

  • Added --http-keep-alive-timeout-sec flag to gcloud compute alpha/beta target-http-proxies/target-https-proxies create/update to configure http keep alive timeout sec field in target httpx proxy.
  • Added --server-tls-policy and --clear-server-tls-policy flags to gcloud compute target-https-proxies create/update to attach/detach a server TLS policy to the target https proxy.
  • Release pathTemplateMatch and pathTemplateRewrite fields in urlMaps to v1 API.
  • Updated --consumer-accept-list and --consumer-reject-list of gcloud compute service-attachments create and gcloud compute service-attachments update to support networks.
  • Promoted --provisioned-throughput flag of gcloud compute disks create and gcloud compute disks update to GA.
  • Promoted --create-disk=provisioned-throughput for gcloud compute instances create and gcloud compute instance-templates create to GA.
  • Promoted gcloud compute interconnects remote-locations <describe|list> to beta and GA.
  • Promoted --remote-location flag of gcloud compute interconnects create to beta and GA.
  • Promoted --subnet-length flag of gcloud compute interconnects attachments <dedicated|provider> create to beta and GA.

Container Registry

  • Changed "gloud container images describe" to check existence of the digest.

Database Migration

  • Updated gcloud database-migration connection-profiles create alloydb to support customer-managed encryption key(CMEK).
  • Updated gcloud database-migration connection-profiles create cloudsql to support customer-managed encryption key(CMEK).

Kpt

Kubernetes Engine

  • Promoted fields gpu-driver-version within --accelerator flag to enable GPU driver auto installation.
  • Updated default kubectl from 1.24.13 to 1.25.9.
  • Additional kubectl versions:
    • kubectl.1.21 (1.21.14)
    • kubectl.1.22 (1.22.17)
    • kubectl.1.23 (1.23.17)
    • kubectl.1.24 (1.24.13)
    • kubectl.1.25 (1.25.9)
    • kubectl.1.26 (1.26.4)
    • kubectl.1.27 (1.27.1)

Network Security

  • Promoted gcloud network-security security-profile-groups to beta.
  • Added network-security firewall-endpoints commands to manage Cloud Firewall Plus endpoints, and promoted them to beta.
  • Promoted gcloud network-security security-profiles threat-prevention to beta.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

431.0.0 (2023-05-16)

Breaking Changes

  • (Anthos On-Prem) Modified --version flag to be required in gcloud container vmware clusters create.
  • (Compute Engine) Added centos-stream-8 and centos-stream-9 options to --os flag for:
    • gcloud compute images import in GA,
    • gcloud compute instances import in GA
    • gcloud compute machine-images import in GA

Google Cloud CLI

  • Fixed error when filtering was applied to date or time type keys and their values were None. Now, the resources will be excluded as when values were empty.
  • Added warning message to indicate support for Python 3.5-3.7 will be deprecated on August 8th, 2023.

Anthos On-Prem

  • Modified gcloud container bare-metal clusters list to return clusters in all locations of the specified project if --location is not specified and configuration container_bare_metal/location is not set.

Artifact Registry

  • Changed IAM policy translation logic in gcloud beta artifacts docker upgrade print-iam-policy.

Batch

  • Promoted Batch submit job optional job_id feature to beta and GA.

Cloud Build

  • Added --repository flag to gcloud builds triggers create manual, gcloud builds triggers create webhook and gcloud builds triggers create pubsub which supports creating manual, webhook or Pub/Sub trigger with 2nd-gen repository resource.

Cloud Dataproc

  • Added --staging-bucket flag to gcloud dataproc batches submit ... commands in GA. This sets staging bucket when creating batches.
  • Added --staging-bucket flag to gcloud dataproc session create ... commands in Preview. This sets staging bucket when creating sessions.

Cloud Firestore

  • Promoted firestore locations list to GA.

Cloud Run

  • Promoted gcloud run jobs deploy to GA, which allows creating or updating a Cloud Run job from a container image or source to build.

Cloud Storage

  • Added a preserve_symlinks option to gcloud storage cp and mv commands; when present, this option will cause file and directory symlinks to be represented by placeholder files in the cloud, and reconstructed as symlinks when downloaded.

Compute Engine

  • Promoted gcloud compute addresses move to GA.

Compute Firewall Rules

  • Added --bind-tags-to-instances flag to gcloud compute firewall-rules migrate to bind secure tags to VM instances.

Database Migration

  • Updated gcloud database-migration migration-jobs create to support customer-managed encryption key(CMEK).

Dataproc Metastore

  • Promoted gcloud metastore services alter-metadata-resource-location to GA.
  • Promoted gcloud metastore services alter-table-properties to GA.
  • Promoted gcloud metastore services move-table-to-database to GA.
  • Promoted gcloud metastore services query-metadata to GA.

Events

  • Removed gcloud beta events surface and all commands within. Please use gcloud eventarc instead.

Kubernetes Engine

  • Deprecated --linux-sysctls flag since --system-config-from-file is now used to config nodes.

Notebooks

  • Added --data-disk-type, --data-disk-size, --no-remove-data-disk to gcloud notebooks instances create to configure data disk.

Recaptcha

  • Added --private-key-file, --team-id, --key-id to recaptcha keys create for iOS keys. Providing these fields allows reCAPTCHA Enterprise to provide more accurate risk scores.
  • Added --private-key-file, --team-id, --key-id to recaptcha keys update for iOS keys. Providing these fields allows reCAPTCHA Enterprise to provide more accurate risk scores.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

430.0.0 (2023-05-09)

Breaking Changes

Google Cloud CLI

  • Fixed issue where gcloud auth enterprise-certificate-config create used cert_issuer instead of issuer for Windows and MacOS configurations.

AlloyDB

  • Added gcloud alloydb users <command> Users API to manage AlloyDB users.

Anthos On-Prem

  • Modified gcloud container vmware clusters list to return clusters in all locations of the specified project if --location is not specified and configuration container_vmware/location is not set.

App Engine

Bare Metal Solution

  • Promoted gcloud bms instance rename to GA.
  • Promoted gcloud bms networks rename to GA.
  • Promoted gcloud bms nfs-shares rename to GA.
  • Promoted gcloud bms volumes rename to GA.

Cloud Bigtable

  • Rebuilt cbt cli with go version 1.20.4 which fixed CVE-2022-41723.
  • Add ability to count rows for a prefix.

Cloud Bigtable Emulator

  • Rebuilt cbt emulator with go version 1.20.4 which fixed CVE-2022-41723.

Cloud Build

  • Added --git-source-revision flag to gcloud builds submit.
  • Added --git-source-dir flag to gcloud builds submit.

Cloud Firestore

  • Promoted firestore locations list to beta.

Cloud IAM

  • Added --web-sso-response-type and --web-sso-assertion-claims-behavior flag to gcloud iam workforce-pools providers create-oidc and gcloud iam workforce-pools providers update-oidc to allow user to setup web sso configuration.

Cloud Logging

  • Added --custom-learned-route-priority and --set-custom-learned-route-ranges flags of gcloud compute routers add-bgp-peer in beta to specify the custom learned route configuration.
  • Added --custom-learned-route-priority, --set-custom-learned-route-ranges, --add-custom-learned-route-ranges and --remove-custom-learned-route-ranges flags of gcloud compute routers update-bgp-peer in beta to specify the custom learned route configuration.

Cloud Pub/Sub

  • The gcloud pubsub pull command now waits for messages by default.
    • The --wait flag has been deprecated from gcloud beta pubsub pull command.
    • The --return-immediately flag has been added to gcloud beta pubsub pull command to support the old behavior.

Cloud Run

  • No longer sets the client.knative.dev/user-image annotation when deploying or updating Cloud Run Services and Jobs.
  • Fixes issue in gcloud run deploy and gcloud run services update where changing --port would fail due to health check errors.

Compute Engine

  • Update replica-zones support --create-disk=replica-zones for gcloud compute instances create.
  • Promoted gcloud compute addresses move to beta.
  • Added --user-ip-request-headers for gcloud compute security-policies update, and promoted it to beta.

Database Migration

  • Added a set of commands for gcloud database-migration private-connections to perform common (create, list, describe, delete) operations on private connections.
  • Updated gcloud database-migration connection-profiles create to support creating Oracle connection profiles.
  • Updated gcloud database-migration connection-profiles create to support connectivity in creating Postgresql connection profiles.
  • Added gcloud database-migrate conversion-workspaces that supports the following commands for creating and managing conversion workspaces: create, update, delete, list, describe, commit, rollback, seed, import-rules, convert, apply, list background jobs and describe entities.
  • Updated gcloud database-migration migration-jobs create to support heterogeneous migration jobs.

Kubernetes Engine

  • Added --enable-master-global-access flag of gcloud container clusters create-auto.

Looker

  • Launch Looker (Google Cloud core) for General Availability to the public.

Network Connectivity

  • Updated gcloud network-connectivity service-connection-policies create subnet flag field to accept resource arguments.

Network Services

  • Updated GA schema for gcloud network-services gateways.
  • This primarily impacts gateway import/export.
  • It includes SWG-specific changes so gateways of type SWG can be created.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

429.0.0 (2023-05-02)

Breaking Changes

  • (Compute Engine) Added rocky-9 option to --os flag for:
    • gcloud compute images import in GA,
    • gcloud compute instances import in GA
    • gcloud compute machine-images import in GA

Google Cloud CLI

  • Updated bundled-python cryptography package to 39.0.1 and PyOpenSSL to 23.0.0.

AlloyDB

  • Added --update-mode flag to gcloud alloydb instances update in alpha and beta tracks.

BigQuery

  • Added bq info command to print debug information.
  • Froze the request library to version '2.27.1' until python2 is removed.
  • Removed excess line of logging to stderr that was printed on most commands.
  • Improved error messaging for unsupported regions.
  • Added support for an encoding when creating a JSON backed external table.
  • Updated bundled urllib3.

Certificate Authority Service

  • Added --ignore_dependent_resources flag to gcloud privateca roots disable to allow a root CA to be disabled even if it is the last CA in its CA Pool while its CA Pool is being depended on by another cloud resource.
  • Added --ignore_dependent_resources flag to gcloud privateca subordinates disable to allow a subordinate CA to be disabled even if it is the last CA in its CA Pool while its CA Pool is being depended on by another cloud resource.
  • Added --ignore_dependent_resources flag to gcloud privateca roots delete to allow a root CA to be deleted even if its CA Pool is being depended on by another cloud resource.
  • Added --ignore_dependent_resources flag to gcloud privateca subordinates delete to allow a subordinate CA to be deleted even if its CA Pool is being depended on by another cloud resource.
  • Added --ignore_dependent_resources flag to gcloud privateca pools delete to allow a CA Pool to be deleted even if it is being depended on by another cloud resource.

Cloud Bigtable

  • Rebuilding cbt cli with go version 1.20.3 which fixed CVE-2022-41723.

Cloud Firestore Emulator

  • Release Cloud Firestore emulator v1.17.4
    • Added support for eventarc triggers(2nd gen)
    • Fix ListDocuments to have page token

Cloud Identity-Aware Proxy

  • Fixed a low throughput issue that appeared in some download cases for gcloud compute start-iap-tunnel.

Cloud Monitoring

  • Promoted gcloud monitoring snoozes commands to beta and GA.

Cloud Pub/Sub

  • Added --event-time flag to gcloud pubsub lite-topics publish to allow users to specify an event time when publishing a message.

Cloud Run

  • Updated gcloud beta run integrations list to display integrations across all regions by default when --region flag is not specified.

Cloud SQL

  • Promoted --threads-per-core flag for gcloud sql instances create and gcloud sql instances patch to GA.

Cloud Workstations

  • Added the beta workstations list-usable command which lists a user's usable workstations under a given configuration.
  • Added gcloud beta workstations get-iam-policy.
  • Added gcloud beta workstations set-iam-policy.
  • Added gcloud beta workstations configs get-iam-policy.
  • Added gcloud beta workstations configs set-iam-policy.

Compute Engine

  • Added "REGION" column in the output of gcloud compute ssl-certificates list.
  • Promoted --gateway-ip-version flag of gcloud compute vpn-gateways create to beta. Flag defines the IP version of VPN Gateway.
  • Allowed --interfaces flag to accept IPv6 addresses of gcloud beta compute external-vpn-gateways create.
  • Promoted support of regional instance template for gcloud compute instance-groups managed create to beta and GA.
  • Promoted support of regional instance template for gcloud compute instance-groups managed set-instance-template to beta and GA.
  • Promoted support of regional instance template for gcloud compute instance-groups managed rolling-action start-update to beta and GA.
  • Promoted --nat-name flag of gcloud compute routers get-nat-mapping-info to GA.

Distributed Cloud Edge

  • Added --lro-timeout for gcloud edge-cloud container clusters create which allows specifying a custom duration for the gcloud CLI to wait on LROs.

Identity and Access Management

  • Fixed issue with gcloud auth login --login-config=$LOGIN_CONFIG --no-browser not working on Linux machines due to terminal input limit.

Kpt

Kubernetes Engine

  • Added --enable-unstable-kubernetes-apis flag to gcloud containers cluster create and gcloud containers cluster update to facilitate enabling beta apis in kube-apiserver.

Network Connectivity

  • Made network field accept both resource identifier and path.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

428.0.0 (2023-04-25)

Breaking Changes

  • (Cloud Run) For gcloud beta run jobs deploy, gcloud run jobs create, and gcloud run jobs update, mark --execute-now and --async flags mutually exclusive.

Google Cloud CLI

  • Added --lifetime flag to gcloud auth application-default print-access-token to configure service account impersonation access token lifetime.
  • Duration flags now support fractional input.

Anthos Multi-Cloud

  • Promoted --enable-managed-prometheus flag of gcloud container aws clusters create to GA.
  • Promoted --enable-managed-prometheus and --disable-managed-prometheus flags of gcloud container aws clusters update to GA.
  • Promoted --enable-managed-prometheus flag of gcloud container azure clusters create to GA.
  • Promoted --enable-managed-prometheus and --disable-managed-prometheus flags of gcloud container azure clusters update to GA.
  • Fixed issue where --max-nodes, --min-nodes, and --max-pods-per-node flags of gcloud container aws node-pools create and gcloud container azure node-pools create were incorrectly documented as optional.

Anthos On-Prem

  • Added gcloud container bare-metal admin-clusters unenroll which removes Cluster API resources so that the cluster is no longer managed by the Anthos On-Prem API.
  • Added support for annotations in the container bare-metal clusters update command.

Cloud Bigtable

  • Rebuilding cbt cli with go version 1.20 which fixed cve-2023-24537.

Cloud Bigtable Emulator

  • Rebuilding cbt emulator with go version 1.20 which fixed cve-2023-24537.

Cloud Run

  • Added firebase-hosting integration type to gcloud beta run integrations command group.

Cloud Storage

  • Updated gsutil component to 5.23.

Cloud Tasks

  • Added gcloud beta tasks buffer which enables creation of an HTTP task without specifying the task body. It requires the parent queue to have an HTTP target override and is only enabled in the beta track.

Cloud Workstations

  • Added -labels flag to gcloud beta workstations create and gcloud beta workstations cluster create.

Compute Engine

  • Added --auto-network-tier flag of gcloud compute routers nats create and gcloud compute routers nats update in beta to select network tier to be used by NAT in auto mode.
  • Promoted flag --enforce-on-key-configs of gcloud compute security-policies rules create|update to GA.
  • Added --certificate-manager-certificates flag to gcloud compute target-https-proxies create/update to add a list of ssl certificates created in certificate-manager to the target https proxy.
  • Added --allow-psc-global-access flag of gcloud compute forwarding-rules <create|update> to v1.

Compute Firewall Policies

  • Promoted --src-threat-intelligence and --dest-threat-intelligence flags to GA in gcloud compute firewall-policies rules create , gcloud compute firewall-policies rules update , gcloud compute network-firewall-policies rules create and gcloud compute network-firewall-policies rules update commands.
  • Promoted --src-region-codes and --dest-region-codes flags to GA in gcloud compute firewall-policies rules create , gcloud compute firewall-policies rules update , gcloud compute network-firewall-policies rules create and gcloud compute network-firewall-policies rules update commands.
  • Promoted --src-fqdns and --dest-fqdns flags to GA in gcloud compute firewall-policies rules create/update and gcloud compute network-firewall-policies rules create/update commands.
  • Promoted --src-address-groups and --dest-address-groups flags to GA in gcloud compute firewall-policies rules create/update and gcloud compute network-firewall-policies rules create/update commands.

Kubernetes Engine

  • Added --location flag to clusters, node-pools, and operations surfaces as a simpler alternative to --zone or --region.
  • Updated default kubectl from 1.24.12 to 1.24.13.
  • Additional kubectl versions:
    • kubectl.1.21 (1.21.14)
    • kubectl.1.22 (1.22.17)
    • kubectl.1.23 (1.23.17)
    • kubectl.1.24 (1.24.13)
    • kubectl.1.25 (1.25.9)
    • kubectl.1.26 (1.26.4)

Network Security

  • Added gcloud network-security server-tls-policies describe to alpha and beta.
  • Promoted gcloud network-security gateway-security-policies to GA.
  • Promoted gcloud network-security gateway-security-policies rules to GA.
  • Promoted gcloud network-security url-lists to GA.
  • Promoted gcloud network-security tls-inspection-policies to GA.

Public CA

  • Promoted gcloud publicca to GA.

Security Command Center

  • Fixed gcloud scc findings list to provide descriptive error message when parent argument is omitted.

Transcoder

  • Added support for --mode flag when creating a new job.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

427.0.0 (2023-04-18)

Breaking Changes

  • (Google Cloud CLI) Deprecated Python 2. The minimum supported Python version is Python 3.5.
  • (Cloud Datastore) Remove gcloud datastore databases create after version 427.0.0. Please use gcloud firestore database update --type=datastore-mode instead.
  • (Cloud Firestore) Switched firestore database create to use Firestore API.
  • (Cloud Firestore) Deprecated --region in gcloud firestore database create. Use --location to specify the database location.

Google Cloud CLI

  • Added --lifetime flag to gcloud auth print-access-token to configure service account impersonation access token lifetime.

App Engine

Artifact Registry

  • Promoted gcloud artifacts googet command group to GA.

BigQuery

  • Removed restrictions to what locations can be used with --location when combined with --use_regional_endpoints.
  • Improved Format RANGE<TIMESTAMP> formatting.

Certificate Authority Service

  • Added ignore_dependent_resources parameter to disable CA, delete CA, and delete CA Pool. These commands would normally fail if the CA Pool would be in a state where it's not able to issue certificates while there's a resource that depends on it. This flag skips the check and may cause unintended and unrecoverable effects on any dependent resource(s) since the CA Pool would no longer be able to issue certificates.

Cloud Firestore

  • Promoted firestore databases describe to beta.
  • Promoted firestore databases update to beta.
  • Promoted firestore databases list to beta.
  • Promoted firestore databases describe to GA.
  • Promoted firestore databases update to GA.
  • Promoted firestore databases list to GA.

Cloud Firestore Emulator

  • Release Cloud Firestore emulator v1.16.2
    • Fixed an issue where some http/1 headers were causing 400 errors.

Cloud On Demand Scanning

  • Updated local-extract component to 1.5.8 to allow it to run in environments without glibc.

Cloud Run

  • Promoted --session-affinity to GA for --platform=managed for gcloud run deploy and gcloud run services update.
  • Promoted --add-custom-audiences, --clear-custom-audiences, --remove-custom-audiences and --set-custom-audiences to beta for --platform=managed for gcloud run deploy and gcloud run services update.

Cloud SQL

  • Added PostgreSQL 15 to database versions.

Cloud Spanner

  • Added database drop protection column to gcloud spanner databases list command.

Cloud Storage

  • Promoted gcloud storage insights commands to GA.

Cloud TPU

  • Add gcloud compute tpus topologies list to list available TPUs by chip topology.

Cloud Workstations

  • Adding support for labels in the beta workstations config create and beta workstations config update commands.

Compute Engine

  • Updated the scope flags --zone or --region of the primary disk, --secondary-disk-zone or --secondary-disk-region of the secondary disk to be required for gcloud compute disks start-async-replication.

Dataproc Metastore

  • Added support for Dataproc Metastore admin interface. The following commands have been added to alpha/beta release tracks:
    • metastore services alter-table-properties

Events

  • Deprecated gcloud beta events surface and all commands within. This surface will be removed in an upcoming release. Please use gcloud eventarc instead.

GKE Hub

  • Added --location flag to gcloud container fleet memberships register and gcloud beta container fleet memberships register.
  • If --location is not specified when registering GKE clusters, Membership region is selected to match to GKE cluster location by default.
  • If --location is not specified when registering non-GKE clusters, Membership region is selected as "global" by default.

Kpt

Kubernetes Engine

  • Added --addons=GcsFuseCsiDriver to gcloud beta container clusters create and --update-addons=GcsFuseCsiDriver to gcloud beta container clusters update to enable/disable the Cloud Storage FUSE Container Storage Interface (CSI) Driver.
  • Allow --enable-managed-prometheus or --disable-managed-prometheus flag to be passed with --logging and --monitoring flags at the same time in gcloud container clusters update.
  • Added --additional-pod-ipv4-ranges and --remove-additional-pod-ipv4-ranges flags of gcloud container clusters update to GA.

Network Connectivity

  • Renamed 'psc-subnetworks' field to 'subnets' based on review comments.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

426.0.0 (2023-04-11)

Breaking Changes

  • (Cloud Firestore) Switched firestore database create to use Firestore API after version 427.0.0.
  • (Cloud Firestore) Deprecated --region in gcloud firestore database create. Use --location to specify the database location. --region flag will be remove after version 427.0.0.

Anthos On-Prem

  • Promoted gcloud container vmware to beta.
  • Promoted gcloud container bare-metal to beta.

App Engine

Batch

  • Added no-external-ip-address flag to gcloud batch job submit.

BigQuery

  • Added warning when apilog flag is missing that the logging level is being lowered.

Cloud Bigtable

  • Clarified the functionality of --transactional-writes flag in gcloud bigtable app-profiles update.

Cloud Build

  • Hide --repository flag in gcloud builds triggers create manual, gcloud builds triggers create webhook and gcloud builds triggers create pubsub.

Cloud Dataflow

  • Added JAVA17 to gcloud dataflow flex-template command SDK Language options, allowing users to submit Flex Template jobs using Java 17.

Cloud Filestore

  • Added gcloud filestore instances revert command in GA to revert a filestore instance to specific snapshot.

Cloud Functions

  • Updated gcloud functions deploy to no longer require the flag --gen2 when updating an existing 2nd gen function. This aligns with the existing behavior of other commands. You can disable this behavior and only work with 1st gen functions by either adding --no-gen2 to a command or by setting the functions/gen2 config property to off.

Cloud Memorystore

  • Change to current default from latest for --maintenance-version flag in gcloud redis instances update to allow updating to the current default maintenance version.

Cloud Org Policy

  • Added --update-mask flag to gcloud org-policies reset command to support partial reset of policies (e.g, reset only dry-run policy spec or live policy spec).

Cloud Run

  • Promoted --cpu-boost to GA for --platform=managed for gcloud run deploy.

Cloud Workflows

  • Added the call-log-level flag to gcloud workflows deploy, and add the log-none value to the call-log-level flag for gcloud workflows <execute|run>, to specify no call logging even if logging was specified at the workflow level.

Compute Engine

  • Promoted --max-count-per-zone flag of gcloud compute instances bulk create to beta. Flag defines maximum number of instances that can be created per zone for regional bulk insert.
  • Added SEV_LIVE_MIGRATABLE to the list of guestOsFeatures.
  • Rearranged gcloud compute images import source flags by moving --source-file & --source-image to the beginning.

Network Connectivity

  • Added gcloud network-connectivity service-connection-policies create and gcloud network-connectivity service-connection-policies delete commands.
  • Added gcloud network-connectivity service-connection-policies list and gcloud network-connectivity service-connection-policies describe commands.

Security Command Center

  • Promoted gcloud scc custom-modules sha to GA.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

425.0.0 (2023-04-04)

Breaking Changes

  • (Compute Engine) Migrate single request gcloud compute commands from the compute batch
  • (Compute Engine) endpoint to region-specific endpoints.

App Engine

  • Removed InvalidInstanceIpModeError exception from gcloud.app.instances.ssh because SSH is now supported for all Instance Ip Modes.

Artifact Registry

  • Added gcloud beta artifacts docker upgrade print-iam-policy.

Certificate Manager

  • Promoted gcloud certificate-manager trust-configs delete to beta.
  • Promoted gcloud certificate-manager trust-configs describe to beta.
  • Promoted gcloud certificate-manager trust-configs export to beta.
  • Promoted gcloud certificate-manager trust-configs import to beta.
  • Promoted gcloud certificate-manager trust-configs list to beta.

Cloud Access Context Manager

  • Added --dry-run-level flag to gcloud access-context-manager cloud-bindings to test cloud-binding before enforcing them.

Cloud Build

  • Update wait timeout for gcloud builds worker-pools create and gcloud builds worker-pools delete commands to 1h.

Cloud Functions

  • Updated gcloud functions add-iam-policy-binding, gcloud functions call, gcloud functions delete, gcloud functions get-iam-policy, gcloud functions remove-iam-policy-binding, and gcloud functions set-iam-policy to no longer require the flag --gen2 when operating on a 2nd gen function. This aligns with the existing behavior of gcloud functions describe. You can disable this behavior and only work with 1st gen functions by either adding --no-gen2 to a command or by setting the functions/gen2 config property to off.

Cloud IAM

  • Added gcloud iam workload-identity-pools providers keys commands to manage workload identity pool provider keys.

Cloud Workstations

  • Adding support for the customer managed encryption key and encryption key service account flags in the beta workstations config create command.

Compute Engine

  • Enable "Uniform Bucket Level Access" by default for the temporary Cloud Storage buckets created in gcloud compute images import and gcloud compute images export.
  • Promoted --source-ip-ranges flag of gcloud compute forwarding-rules [create|update] to GA.

Database Migration

  • Added --allocated-ip-range flag to gcloud database-migration connection-profiles create cloudsql to allow selecting an allocated IP range for VPC peering.
  • Added --alloydb-cluster flag to gcloud database-migration connection-profiles create to allow creating a connection profile with an existing AlloyDB cluster.
  • Added --alloydb-cluster flag to gcloud database-migration connection-profiles update to allow configuring a connection profile with an existing AlloyDB cluster.

Network Security

  • Promoted gcloud network-security tls-inspection-policies to beta.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

424.0.0 (2023-03-28)

Breaking Changes

  • (Artifact Registry) Fixed issue where the default table format was used when --show-occurrences flag was passed in, even though that format prevented occurrences from being displayed. Changed to use the default format when the flag is used. Use the same command without --show-occurrences to get the old behavior.

Artifact Registry

  • Allow using gcloud beta artifacts images describe with Artifact Registry repos that use gcr.io domain.
  • Promoted artifacts settings describe artifacts settings enable-upgrade-redirection, and artifacts settings disable-upgrade-redirection commands to GA.

BigQuery

  • Fixed issue storing --api flag in the .bigqueryrc file.
  • Added the option for three-year capacity commitment plans.
  • Updated wcwidth to version 0.2.6.

Certificate Manager

  • Promoted gcloud certificate-manager issuance-configs to GA.

Cloud Build

  • Added --default-buckets-behavior flag to gcloud builds submit.

Cloud Deploy

  • Added gcloud deploy rollouts advance to alpha and beta.
  • Added gcloud deploy rollouts cancel to alpha and beta.
  • Added gcloud deploy rollouts ignore-job to alpha and beta.
  • Added gcloud deploy job-runs terminate to alpha and beta.
  • Added starting-phase-id flag to gcloud deploy targets redeploy.
  • Added starting-phase-id flag to gcloud deploy targets rollback.
  • Added starting-phase-id flag to gcloud deploy releases promote.
  • Added initial-rollout-phase-id flag to gcloud deploy releases create.

Cloud Memorystore

  • Added --maintenance-version flag to gcloud redis instances update to allow updating a maintenance version when updating an instance.

Cloud Run

  • Promoted gcloud run jobs command group and its sub-commands to GA, except for the following commands:
    • gcloud beta run jobs deploy
    • gcloud beta run jobs logs
    • gcloud beta run jobs executions logs
  • Promoted --encryption-key-shutdown-hours and --clear-encryption-key-shutdown-hours flags of gcloud run deploy and gcloud run services update to GA for --platform=managed.

Cloud SQL

  • Added gcloud sql instances reencrypt, which re-encrypts a Cloud SQL CMEK instance with the current primary key version in alpha.

Cloud TPU

  • Update gcloud compute tpus tpu-vm create to allow configuration of TPUs with chip topology using --type and --topology flags.

Compute Engine

  • Promoted disk-consistency-group argument of gcloud compute resource-policies create to beta.
  • Promoted --primary-disk, --primary-disk-project, --primary-disk-region, and --primary-disk-zone of gcloud compute disks create to beta.
  • Promoted gcloud compute disks start-async-replication to beta.
  • Promoted gcloud compute disks stop-async-replication to beta.
  • Promoted gcloud compute disks stop-group-async-replication to beta.
  • Promoted gcloud compute disks bulk create to beta.
  • Fixed documentation for --update-policy-max-surge and --update-policy-replacement-method flags.
  • Promoted --queue-count flag in --network-interface of gcloud compute instance-templates create to GA.
  • Promoted --queue-count flag in --network-interface of gcloud compute instances bulk create to GA.

Database Migration

  • Added demote-destination request to gcloud database-migration migration-jobs to allow demoting the destination of a migration job.

Dataproc Metastore

  • Promoted the custom-routes-enabled boolean value to the network-config-from-file flag of gcloud metastore services create to v1alpha and v1beta.
  • Fixed issue where commands including an --instance-size flag would fail if the user specified an enum value of EXTRA_SMALL or EXTRA_LARGE.

Eventarc

  • Added --event-data-content-type flag to gcloud eventarc triggers create and gcloud eventarc triggers update to label the type of payload in MIME format that is expected from the CloudEvent data field.

Kpt

Kubernetes Engine

  • Updates default kubectl from 1.24.11 to 1.24.12.
  • Additional kubectl versions:
    • kubectl.1.21 (1.21.14)
    • kubectl.1.22 (1.22.17)
    • kubectl.1.23 (1.23.17)
    • kubectl.1.24 (1.24.12)
    • kubectl.1.25 (1.25.8)
    • kubectl.1.26 (1.26.3)

Network Security

  • Promoted gcloud network-security url-lists to beta.
  • Promoted gcloud network-security gateway-security-policies to beta.
  • Promoted gcloud network-security gateway-security-policy-rules to beta.

Recaptcha

  • Added --support-non-google-app-store-distribution to recaptcha keys create that enables support for non-Google Play Store distributed applications for the key.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

423.0.0 (2023-03-21)

Google Cloud CLI

  • Added gcloud auth enterprise-certificate-config to create enterprise-certificate configurations.
  • Disabled mTLS during installation.
  • Fixed crash that occurred when parsing certain repeated dictionary-type flags if duplicate keys were provided or if invalid choices for another flag were specified afterwards.
  • Improved post-processing times during gcloud components update and gcloud components install on Windows.

App Engine

  • Updated the Java SDK to version 2.0.12 build from the open source project https://github.com/GoogleCloudPlatform/appengine-java-standard/releases/tag/v2.0.12.
  • Fixed a DevAppServer issue where in some scenarios, the class io.opencensus.trace.propagation.TextFormat could not be found.
  • Added --tunnel-through-iap flag to gcloud app instances ssh. Using this flag lets you use an Identity-Aware Proxy (IAP) tunnel when attempting to SSH into an App Engine flexible environment instance without an external IP address.
  • Updated the Go SDK to version 1.9.73. Please visit the following release notes for details: https://cloud.google.com/appengine/docs/go/release-notes.
  • Added --tunnel-through-iap flag to gcloud app instances scp. Using this flag lets you use an Identity-Aware Proxy (IAP) tunnel when attempting to SCP to/from an App Engine flexible environment instance without an external IP address.

Artifact Registry

  • Updated gcloud artifacts docker images describe and gcloud artifacts docker images list to return occurrences when an occurrence filter is used, even if the user does not explicitly say to show occurrences.

  • Added --immutable-tags flag to gcloud artifacts repositories create and gcloud artifacts repositories update.

Bare Metal Solution

  • Promoted gcloud bms ssh-keys list to GA.
  • Promoted gcloud bms ssh-keys add to GA.
  • Promoted gcloud bms ssh-keys remove to GA.

Cloud Build

  • Added --repository flag to gcloud builds triggers create manual, gcloud builds triggers create webhook and gcloud builds triggers create pubsub.

Cloud Dataproc

  • Added --ttl flag to gcloud dataproc batches submit commands in GA. This sets a workload TTL when creating batches.

Cloud Firestore Emulator

  • Released Cloud Firestore emulator v1.16.1
    • Fixed: support read_time in ListCollectionIds

Cloud Healthcare

  • Added gcloud healthcare fhir-stores metrics which allows users to retrieve metrics associated with a FHIR store.

Cloud Key Management Service

  • Added --key-management-mode and --crypto-space-path to gcloud kms ekm-connections that is used when creating coordinated external keys.
  • Added gcloud kms ekm-config commands which enables setting configuration values for EKM users.

Compute Engine

  • Promoted --aws-* flags of gcloud compute images import to GA.
  • Promoted gcloud compute sole-tenancy node-groups simulate-maintenance-event to GA.

Database Migration

  • Added --availability-type flag to gcloud database-migration connection-profiles create to allow configuring the availability type on the destination Cloud SQL instance.
  • Added --secondary-zone flag to gcloud database-migration connection-profiles create to allow configuring the secondary zone of the destination Cloud SQL instance when regional availability type is used.

Kubernetes Engine

  • Added --enable-fleet flag to gcloud container clusters create, gcloud container clusters create-auto and gcloud container clusters update in alpha, beta track.
  • Added --fleet-project flag to gcloud container clusters create, gcloud container clusters create-auto and gcloud container clusters update in alpha, beta track.
  • Added --clear-fleet-project flag to gcloud container clusters update in alpha, beta track.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

422.0.0 (2023-03-14)

Breaking Changes

  • (Cloud Pub/Sub) Fixed output format of gcloud schemas list and gcloud schemas list-revisions to remove the DEFINITION column if --view is not FULL.

Google Cloud CLI

  • Added gcloud auth enterprise-certificate-config to create enterprise-certificate configurations.

Anthos Multi-Cloud

  • Added --clear-client flag to gcloud container azure clusters update to clear the Azure client. This flag is required when updating to use Azure workload identity federation from Azure client to manage Azure resources.

App Engine

  • Updated the Python App Engine devappserver to support a new flag --python_virtualenv_path. It is an optional directory that will be used to setup a Python 3 virtual env for the local devappserver execution environment for Python 3 applications. If the path does not exist it will be created and it will not be cleanup at the end of the devappserver execution, allowing for caching between invocations. If not defined, a temporary directory will be used and cleaned up at the end of the execution.

Artifact Registry

  • gcloud beta artifacts settings enable-upgrade-redirection command no longer requires creating missing repos.

Bare Metal Solution

  • Promoted gcloud bms instances enable-serial-console to GA.
  • Promoted gcloud bms instances disable-serial-console to GA.

BigQuery

  • Updated the bundled google auth libraries.
  • Updated bundled libraries to use charset_normalizer with the request library.

Cloud Datastream

  • Added the max_concurrent_backfill_tasks support to --mysql-source-config, --oracle-source-config, --postgresql-source-config flags in gcloud datastream streams.

Cloud Functions

  • Preview of the CMEK support for Cloud Functions, 2nd Gen. In particular, promoted --docker-repository, --kms-key, --clear-docker-repository and --clear-kms-key flags of gcloud functions deploy --gen2 to beta.

Cloud Run

  • Removed --condition flag from gcloud run {services,jobs} {add,remove}-iam-policy-binding.

Cloud Workflows

  • Added --revision-id flag to gcloud workflows describe to allow retrieving the source code of a workflow at a specific revision.

Cloud Workstations

  • Added gcloud beta workstations configs update which updates a specified
  • Added gcloud beta workstations ssh which SSH's into a specified workstation. workstation configuration.

Compute Engine

  • Added --plan to gcloud compute commitments update to support commitment term upgrade.
  • Promoted gcloud compute security-policies rules add-preconfig-waf-exclusion|remove-preconfig-waf-exclusion to GA.
  • Promoted --queue-count flag in --network-interface of gcloud compute instances create to GA.
  • Promoted --internal-ipv6-address flag of gcloud compute instances create to GA.
  • Promoted --internal-ipv6-prefix-length flag of gcloud compute instances create to GA.
  • Added new ADVANCED_PREVIEW enum option to --network-ddos-protection flag of gcloud compute security-policies update in alpha and beta.

GKE Hub

  • Changed gcloud container fleet memberships unregister command to assume membership region based on gke cluster region by default.

Network Connectivity

  • Fixed issue where sort-by arguments in list spoke command produced type validation errors.

Recaptcha

  • Support creating express enabled site keys using recaptcha keys create --waf-feature=express.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

421.0.0 (2023-03-07)

Artifact Registry

  • Fixed an issue where gcloud artifacts docker images list does not return nested images.

BigQuery

  • Extended third-party identity login to support a web-based 3-legged OAuth flow.
  • Extended ls -p to page through all projects.
  • Extended --format for load to support more formats.
  • Removes some unneeded shipped libraries.
  • Added logging support for all exceptions when --apilog is present.
  • Added --encoding for load to support csv encodings.
  • Updated the bundled cachetools library.

Cloud Filestore

  • Added --instance-location flag to gcloud filestore instances snapshots create, which accepts either a zone or region and allows clients to create Enterprise and HighScale snapshots.
  • Added --instance-location flag to gcloud filestore instances snapshots delete, which accepts either a zone or region and allows clients to delete Enterprise and HighScale snapshots.
  • Added --instance-location flag to gcloud filestore instances snapshots list, which accepts either a zone or region and allows clients to list Enterprise and HighScale snapshots.
  • Added --instance-location flag to gcloud filestore instances snapshots update, which accepts either a zone or region and allows clients to update Enterprise and HighScale snapshots.
  • Added --instance-location flag to gcloud filestore instances snapshots describe, which accepts either a zone or region and allows clients to describe Enterprise and HighScale snapshots.

Cloud Pub/Sub

  • Fixed gcloud schemas commit to raise an Invalid Argument error if --type is not equal to protocol-buffer, protocol_buffer, or avro.

Cloud Services

  • Added key-string support for undelete command for api_keys in beta.

Cloud Spanner

  • Promoted gcloud spanner databases roles list to GA.
  • Promoted --database-role flag in gcloud spanner databases execute-sql to GA.

Cloud Storage

  • Updated gsutil component to 5.21.

Cloud Workflows

  • Added --labels flag to gcloud workflows <execute|run> to allow adding execution specific labels.

Cloud Workstations

  • Fixed issue with the custom container image not being properly set in gcloud beta workstations configs create.

Compute Engine

  • Added --encryption to gcloud compute interconnects attachments dedicated create to add encryption option for dedicated interconnect attachment (VLAN attachment).
  • Added --encryption to gcloud compute interconnects attachments partner create to add encryption option for partner interconnect attachment (VLAN attachment).
  • Added --ipsec-internal-addresses to gcloud compute interconnects attachments dedicated create to add list of addresses that have been reserved for dedicated interconnect attachment (VLAN attachment).
  • Added --ipsec-internal-addresses to gcloud compute interconnects attachments partner create to add list of addresses that have been reserved for partner interconnect attachment (VLAN attachment).
  • Added --encrypted-interconnect-router to gcloud compute routers create to indicate that the router is dedicated for use with encrypted interconnect attachments (VLANs).
  • Added --interconnect-attachments to gcloud compute vpn-gateways create to add interconnect attachments (VLAN attachments) associated with the VPN gateway interfaces.
  • Added 9 to allowed list of values for --version of gcloud beta compute instances ops-agents policies [create|update].
  • Promoted --locality_lb_policy flag of gcloud compute backend-services create/update to GA.
  • Added --max-run-duration and --termination-time flags in gcloud compute instances set-scheduling to beta.
  • Added --clear-max-run-duration and --clear-termination-time flags in gcloud compute instances set-scheduling to beta.
  • Promoted --endpoint-types flag in gcloud compute routers nats create to GA.

Dataproc Metastore

  • Promoted --auxiliary-versions flag of gcloud metastore services create to GA. Modified flag to no longer be mutually exclusive with --consumer-subnetworks and --network-config-from-file.
  • Promoted --auxiliary-versions-from-file flag of gcloud metastore services create to GA. Modified flag to no longer be mutually exclusive with --consumer-subnetworks and --network-config-from-file.
  • Promoted --instance-size flag of gcloud metastore services create and gcloud metastore services update to GA.
  • Added --instance-size flag to gcloud metastore services create and gcloud metastore services update to specify a service instance size.
  • Promoted --scaling-factor flag of gcloud metastore services create and gcloud metastore services update to GA.
  • Added --scaling-factor flag to gcloud metastore services create and gcloud metastore services update to specify a service scaling factor.
  • Modified --tier flag of gcloud metastore services create and gcloud metastore services update to be mutually exclusive with --instance-size and --scaling-factor in all release tracks.

Identity and Access Management

  • Added support for credential sharing with bq and gsutil when using browser-based sign-in with Workforce identity federation to authenticate with the Google Cloud CLI via gcloud auth login.

Kpt

Kubernetes Engine

  • Prevent overwriting directory permission when KUBECONFIG contains empty entry or a directory. Instead, raise an error.
  • Updates default kubectl from 1.24.10 to 1.24.11.
  • Additional kubectl versions:
    • kubectl.1.21 (1.21.14)
    • kubectl.1.22 (1.22.17)
    • kubectl.1.23 (1.23.17)
    • kubectl.1.24 (1.24.11)
    • kubectl.1.25 (1.25.7)
    • kubectl.1.26 (1.26.2)

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

420.0.0 (2023-02-28)

Breaking Changes

  • (Cloud Firestore) Switched firestore beta database create</