Google Cloud CLI - Release Notes

Stay organized with collections Save and categorize content based on your preferences.

Copyright 2014-2023 Google Inc. All rights reserved.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

423.0.0 (2023-03-21)

Google Cloud CLI

  • Added gcloud auth enterprise-certificate-config to create enterprise-certificate configurations.
  • Disabled mTLS during installation.
  • Fixed crash that occurred when parsing certain repeated dictionary-type flags if duplicate keys were provided or if invalid choices for another flag were specified afterwards.
  • Improved post-processing times during gcloud components update and gcloud components install on Windows.

App Engine

  • Updated the Java SDK to version 2.0.12 build from the open source project https://github.com/GoogleCloudPlatform/appengine-java-standard/releases/tag/v2.0.12.
  • Fixed a DevAppServer issue where in some scenarios, the class io.opencensus.trace.propagation.TextFormat could not be found.
  • Added --tunnel-through-iap flag to gcloud app instances ssh. Using this flag lets you use an Identity-Aware Proxy (IAP) tunnel when attempting to SSH into an App Engine flexible environment instance without an external IP address.
  • Updated the Go SDK to version 1.9.73. Please visit the following release notes for details: https://cloud.google.com/appengine/docs/go/release-notes.
  • Added --tunnel-through-iap flag to gcloud app instances scp. Using this flag lets you use an Identity-Aware Proxy (IAP) tunnel when attempting to SCP to/from an App Engine flexible environment instance without an external IP address.

Artifact Registry

  • Updated gcloud artifacts docker images describe and gcloud artifacts docker images list to return occurrences when an occurrence filter is used, even if the user does not explicitly say to show occurrences.

  • Added --immutable-tags flag to gcloud artifacts repositories create and gcloud artifacts repositories update.

Bare Metal Solution

  • Promoted gcloud bms ssh-keys list to GA.
  • Promoted gcloud bms ssh-keys add to GA.
  • Promoted gcloud bms ssh-keys remove to GA.

Cloud Build

  • Added --repository flag to gcloud builds triggers create manual, gcloud builds triggers create webhook and gcloud builds triggers create pubsub.

Cloud Dataproc

  • Added --ttl flag to gcloud dataproc batches submit commands in GA. This sets a workload TTL when creating batches.

Cloud Firestore Emulator

  • Released Cloud Firestore emulator v1.16.1
    • Fixed: support read_time in ListCollectionIds

Cloud Healthcare

  • Added gcloud healthcare fhir-stores metrics which allows users to retrieve metrics associated with a FHIR store.

Cloud Key Management Service

  • Added --key-management-mode and --crypto-space-path to gcloud kms ekm-connections that is used when creating coordinated external keys.
  • Added gcloud kms ekm-config commands which enables setting configuration values for EKM users.

Compute Engine

  • Promoted --aws-* flags of gcloud compute images import to GA.
  • Promoted gcloud compute sole-tenancy node-groups simulate-maintenance-event to GA.

Database Migration

  • Added --availability-type flag to gcloud database-migration connection-profiles create to allow configuring the availability type on the destination Cloud SQL instance.
  • Added --secondary-zone flag to gcloud database-migration connection-profiles create to allow configuring the secondary zone of the destination Cloud SQL instance when regional availability type is used.

Kubernetes Engine

  • Added --enable-fleet flag to gcloud container clusters create, gcloud container clusters create-auto and gcloud container clusters update in alpha, beta track.
  • Added --fleet-project flag to gcloud container clusters create, gcloud container clusters create-auto and gcloud container clusters update in alpha, beta track.
  • Added --clear-fleet-project flag to gcloud container clusters update in alpha, beta track.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

422.0.0 (2023-03-14)

Breaking Changes

  • (Cloud Pub/Sub) Fixed output format of gcloud schemas list and gcloud schemas list-revisions to remove the DEFINITION column if --view is not FULL.

Google Cloud CLI

  • Added gcloud auth enterprise-certificate-config to create enterprise-certificate configurations.

Anthos Multi-Cloud

  • Added --clear-client flag to gcloud container azure clusters update to clear the Azure client. This flag is required when updating to use Azure workload identity federation from Azure client to manage Azure resources.

App Engine

  • Updated the Python App Engine devappserver to support a new flag --python_virtualenv_path. It is an optional directory that will be used to setup a Python 3 virtual env for the local devappserver execution environment for Python 3 applications. If the path does not exist it will be created and it will not be cleanup at the end of the devappserver execution, allowing for caching between invocations. If not defined, a temporary directory will be used and cleaned up at the end of the execution.

Artifact Registry

  • gcloud beta artifacts settings enable-upgrade-redirection command no longer requires creating missing repos.

Bare Metal Solution

  • Promoted gcloud bms instances enable-serial-console to GA.
  • Promoted gcloud bms instances disable-serial-console to GA.

BigQuery

  • Updated the bundled google auth libraries.
  • Updated bundled libraries to use charset_normalizer with the request library.

Cloud Datastream

  • Added the max_concurrent_backfill_tasks support to --mysql-source-config, --oracle-source-config, --postgresql-source-config flags in gcloud datastream streams.

Cloud Functions

  • Preview of the CMEK support for Cloud Functions, 2nd Gen. In particular, promoted --docker-repository, --kms-key, --clear-docker-repository and --clear-kms-key flags of gcloud functions deploy --gen2 to beta.

Cloud Run

  • Removed --condition flag from gcloud run {services,jobs} {add,remove}-iam-policy-binding.

Cloud Workflows

  • Added --revision-id flag to gcloud workflows describe to allow retrieving the source code of a workflow at a specific revision.

Cloud Workstations

  • Added gcloud beta workstations configs update which updates a specified
  • Added gcloud beta workstations ssh which SSH's into a specified workstation. workstation configuration.

Compute Engine

  • Added --plan to gcloud compute commitments update to support commitment term upgrade.
  • Promoted gcloud compute security-policies rules add-preconfig-waf-exclusion|remove-preconfig-waf-exclusion to GA.
  • Promoted --queue-count flag in --network-interface of gcloud compute instances create to GA.
  • Promoted --internal-ipv6-address flag of gcloud compute instances create to GA.
  • Promoted --internal-ipv6-prefix-length flag of gcloud compute instances create to GA.
  • Added new ADVANCED_PREVIEW enum option to --network-ddos-protection flag of gcloud compute security-policies update in alpha and beta.

GKE Hub

  • Changed gcloud container fleet memberships unregister command to assume membership region based on gke cluster region by default.

Network Connectivity

  • Fixed issue where sort-by arguments in list spoke command produced type validation errors.

Recaptcha

  • Support creating express enabled site keys using recaptcha keys create --waf-feature=express.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

421.0.0 (2023-03-07)

Artifact Registry

  • Fixed an issue where gcloud artifacts docker images list does not return nested images.

BigQuery

  • Extended third-party identity login to support a web-based 3-legged OAuth flow.
  • Extended ls -p to page through all projects.
  • Extended --format for load to support more formats.
  • Removes some unneeded shipped libraries.
  • Added logging support for all exceptions when --apilog is present.
  • Added --encoding for load to support csv encodings.
  • Updated the bundled cachetools library.

Cloud Filestore

  • Added --instance-location flag to gcloud filestore instances snapshots create, which accepts either a zone or region and allows clients to create Enterprise and HighScale snapshots.
  • Added --instance-location flag to gcloud filestore instances snapshots delete, which accepts either a zone or region and allows clients to delete Enterprise and HighScale snapshots.
  • Added --instance-location flag to gcloud filestore instances snapshots list, which accepts either a zone or region and allows clients to list Enterprise and HighScale snapshots.
  • Added --instance-location flag to gcloud filestore instances snapshots update, which accepts either a zone or region and allows clients to update Enterprise and HighScale snapshots.
  • Added --instance-location flag to gcloud filestore instances snapshots describe, which accepts either a zone or region and allows clients to describe Enterprise and HighScale snapshots.

Cloud Pub/Sub

  • Fixed gcloud schemas commit to raise an Invalid Argument error if --type is not equal to protocol-buffer, protocol_buffer, or avro.

Cloud Services

  • Added key-string support for undelete command for api_keys in beta.

Cloud Spanner

  • Promoted gcloud spanner databases roles list to GA.
  • Promoted --database-role flag in gcloud spanner databases execute-sql to GA.

Cloud Storage

  • Updated gsutil component to 5.21.

Cloud Workflows

  • Added --labels flag to gcloud workflows <execute|run> to allow adding execution specific labels.

Cloud Workstations

  • Fixed issue with the custom container image not being properly set in gcloud beta workstations configs create.

Compute Engine

  • Added --encryption to gcloud compute interconnects attachments dedicated create to add encryption option for dedicated interconnect attachment (VLAN attachment).
  • Added --encryption to gcloud compute interconnects attachments partner create to add encryption option for partner interconnect attachment (VLAN attachment).
  • Added --ipsec-internal-addresses to gcloud compute interconnects attachments dedicated create to add list of addresses that have been reserved for dedicated interconnect attachment (VLAN attachment).
  • Added --ipsec-internal-addresses to gcloud compute interconnects attachments partner create to add list of addresses that have been reserved for partner interconnect attachment (VLAN attachment).
  • Added --encrypted-interconnect-router to gcloud compute routers create to indicate that the router is dedicated for use with encrypted interconnect attachments (VLANs).
  • Added --interconnect-attachments to gcloud compute vpn-gateways create to add interconnect attachments (VLAN attachments) associated with the VPN gateway interfaces.
  • Added 9 to allowed list of values for --version of gcloud beta compute instances ops-agents policies [create|update].
  • Promoted --locality_lb_policy flag of gcloud compute backend-services create/update to GA.
  • Added --max-run-duration and --termination-time flags in gcloud compute instances set-scheduling to beta.
  • Added --clear-max-run-duration and --clear-termination-time flags in gcloud compute instances set-scheduling to beta.
  • Promoted --endpoint-types flag in gcloud compute routers nats create to GA.

Dataproc Metastore

  • Promoted --auxiliary-versions flag of gcloud metastore services create to GA. Modified flag to no longer be mutually exclusive with --consumer-subnetworks and --network-config-from-file.
  • Promoted --auxiliary-versions-from-file flag of gcloud metastore services create to GA. Modified flag to no longer be mutually exclusive with --consumer-subnetworks and --network-config-from-file.
  • Promoted --instance-size flag of gcloud metastore services create and gcloud metastore services update to GA.
  • Added --instance-size flag to gcloud metastore services create and gcloud metastore services update to specify a service instance size.
  • Promoted --scaling-factor flag of gcloud metastore services create and gcloud metastore services update to GA.
  • Added --scaling-factor flag to gcloud metastore services create and gcloud metastore services update to specify a service scaling factor.
  • Modified --tier flag of gcloud metastore services create and gcloud metastore services update to be mutually exclusive with --instance-size and --scaling-factor in all release tracks.

Identity and Access Management

  • Added support for credential sharing with bq and gsutil when using browser-based sign-in with Workforce identity federation to authenticate with the Google Cloud CLI via gcloud auth login.

Kpt

Kubernetes Engine

  • Prevent overwriting directory permission when KUBECONFIG contains empty entry or a directory. Instead, raise an error.
  • Updates default kubectl from 1.24.10 to 1.24.11.
  • Additional kubectl versions:
    • kubectl.1.21 (1.21.14)
    • kubectl.1.22 (1.22.17)
    • kubectl.1.23 (1.23.17)
    • kubectl.1.24 (1.24.11)
    • kubectl.1.25 (1.25.7)
    • kubectl.1.26 (1.26.2)

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

420.0.0 (2023-02-28)

Breaking Changes

  • (Cloud Firestore) Switched firestore beta database create to use Firestore API.
  • (Cloud Firestore) Added --type, --location and --database to gcloud beta firestore database create.
  • (Cloud Firestore) Removed --region in gcloud beta firestore database create. Use --location instead.

App Engine

  • Added support for App Engine go runtime versions 116, 117, 118, 119, 120.

BigQuery

  • Updated messaging for the use_legacy_sql flag.
  • Added stack trace logging for errors when the apilog flag is used.
  • Removed unnecessary fetches for data transfer commands.

Certificate Authority Service

  • Added name constraints arguments to gcloud privateca roots create to allow configuring certificate authorities with name constraints.
  • Added name constraints arguments to gcloud privateca subordinates create to allow configuring certificate authorities with name constraints.
  • Added name constraints arguments to gcloud privateca certificates create to allow configuring certificate authorities with name constraints.

Cloud Composer

  • Update warning message when running commands that use the default Cloud Composer version, which was changed recently from 1 to 2.

Cloud Functions

  • Fixed issue where gcloud functions deploy would crash on updating an existing function with VPC Connector when --egress-settings flag was specified.
  • Added warning and prompting to gcloud functions add-iam-policy-binding about needing to bind the roles/run.invoker role for 2nd gen functions.

Cloud Key Management Service

  • Added gcloud beta kms inventory which allows viewing and tracking of keys across cloud resources.

Cloud Logging

  • Promoted buckets create --enable-analytics to GA.
  • Added buckets update --enable-analytics to GA track.
  • Removed deprecated buckets update --enable-loglink from ALPHA track.
  • Added --async option to the buckets create and buckets update commands.
  • Added links command group implementation.

Compute Engine

  • Promoted --queue-count flag in --network-interface of gcloud compute instances create to beta.
  • Promoted --stack-type flag of gcloud compute instances bulk create to GA.
  • Promoted gcloud compute disks update to GA.
  • Promoted --provisioned-iops flag of gcloud compute disks update to GA.

GKE Hub

  • Added gcloud container fleet scopes|namespaces which allows users to manage Fleet Tenancy.

Identity and Access Management

Pubsub Emulator

  • Added support for updating schemas.
  • Fixed the inability to create topics, subscriptions, and schemas when using the gcloud CLI.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

419.0.0 (2023-02-22)

App Engine

Artifact Registry

  • Fix issue where artifacts repositories create failed unconditionally.

Cloud Datastream

  • Added new --full-hierarchy and --hierarchy-depth flags for connection-profiles discover.
  • Deprecated --recursive and --recursive-depth flags for connection-profiles-discover.

Cloud Functions

  • Added support for Docker package format {location}-docker.pkg.dev/{project}/{repository} to --docker-repository flag of gcloud functions deploy.
  • Fixed issue where gcloud functions deploy fails if the user doesn't have the permission serviceusage.services.get.

Cloud Logging

  • Promote --logging-optional and --logging-optional-fields flags of gcloud compute backend-services create and gcloud compute backend-services update to GA.

Cloud Run

  • Promoted gcloud beta run jobs executions logs read to beta, which reads logs from a selected resource.
  • Promoted gcloud beta run jobs executions logs tail to beta, which tail logs from a selected resource.

Cloud Storage

  • gcloud storage cp will now silently ignore the Content-MD5 header for parallel composite uploads.
  • gcloud storage hash has been promoted to GA.

Firebase Test Lab

  • Promoted --client-details flag of gcloud firebase test [android|ios] run to GA. This flag can be used to provide additional details to attach to the test matrix, including a matrixLabel to help you identify and locate your test in the Firebase console.

Recaptcha

  • Support creating Fastly enabled site keys using recaptcha keys create --waf-service=fastly.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

418.0.0 (2023-02-14)

Breaking Changes

  • (Cloud Dataproc) Modified --job-id and --yarn_application_id flags to --job-ids and --yarn-application-ids respectively in gcloud dataproc clusters diagnose command. These flags can now accept a comma separated list of job ids and yarn app ids instead of a single value.

Google Cloud CLI

  • Defined "quota_project" in gcloud auth application-default set-quota-project command documentation.
  • Launched the enterprise-certificate-proxy component. See more at $ gcloud topic client-certificate.

AI

  • Added gcloud ai models copy which copies a model.

AlloyDB

  • Added --clear-continuous-backup-encryption-key flag to gcloud beta alloydb clusters update to support clearing a custom encryption configuration for Continuous Backups.
  • Added following flags of gcloud alloydb instances create and gcloud alloydb instances update to alpha, beta and GA:
    • --insights-config-query-string-length
    • --insights-config-query-plans-per-minute
    • --insights-config-record-application-tags
    • --insights-config-record-client-address

Artifact Registry

  • Adding new command gcloud artifacts vpcsc-config allow --project=my-proj --location=us-west1.
  • Adding new command gcloud artifacts vpcsc-config deny --project=my-proj --location=us-west1.
  • Adding new command gcloud artifacts vpcsc-config describe --project=my-proj --location=us-west1.
  • Adding new command gcloud artifacts repositories create my-repo --project=my-project --repository-format=maven --location=us-east1 --description="My test repo" --mode=virtual-repository --upstream-policy-file=policy.json.
  • Adding new command gcloud artifacts repositories create my-repo --project=my-project --repository-format=python --location=us-east1 --description="My python repo" --mode=remote-repository --remote-repo-config-desc="test python remote repo" --remote-python-repo=PYPI.
  • Adding new command gcloud artifacts repositories create my-repo --project=my-project --repository-format=npm --location=us-east1 --description="My npm repo" --mode=remote-repository --remote-repo-config-desc="test npm remote repo" --remote-npm-repo=NPMJS.
  • Adding new command gcloud artifacts repositories create my-repo --project=my-project --repository-format=maven --location=us-east1 --description="My test repo" --mode=remote-repository --remote-repo-config-desc="test maven remote repo" --remote-mvn-repo=MAVEN-CENTRAL.
  • Adding new command gcloud artifacts repositories create my-repo --project=my-project --repository-format=docker --location=us-east1 --description="no CRM permission" --mode=remote-repository --remote-repo-config-desc="test docker remote repo" --remote-docker-repo=DOCKER-HUB.

BigQuery

  • Added SPARK reservation assignment.
  • Added main class option for Spark procedures.
  • Added support for bi-engine reservation paths.

Cloud DNS

  • Fixed issue with gcloud dns response-policies being unable to update gkeclusters flag in GA.
  • Updated gcloud dns record-sets create and gcloud dns record-sets update to allow referencing forwarding rules by their full resource path.

Cloud Datastream

  • Modified Create/Update Stream flags that use a JSON/YAML file to use camelCase field naming instead of snake_case, to match the REST API. Old snake_case configuration files will still be supported.

Cloud Filestore

  • Added --location flag to gcloud filestore instances snapshots create, which accepts either a zone or region and allows clients to create Enterprise and HighScale snapshots.
  • Added --location flag to gcloud filestore instances snapshots delete, which accepts either a zone or region and allows clients to delete Enterprise and HighScale snapshots.
  • Added --location flag to gcloud filestore instances snapshots list, which accepts either a zone or region and allows clients to list Enterprise and HighScale snapshots.
  • Added --location flag to gcloud filestore instances snapshots update, which accepts either a zone or region and allows clients to update Enterprise and HighScale snapshots.
  • Added --location flag to gcloud filestore instances snapshots describe, which accepts either a zone or region and allows clients to describe Enterprise and HighScale snapshots.

Cloud Firestore

  • Added --api-scope and --query-scope support for Firestore Index Create.

Cloud Key Management Service

  • Set --location and --keyring as required flags for commands set-primary-version, set-rotation-schedule, get-rotation-schedule, set-iam-policy, get-iam-policy.

Cloud Logging

  • Allow for protocols TCP, UDP and UNSPECIFIED in gcloud compute backend-services create and gcloud compute backend-services update.
  • Added --logging-optional and --logging-optional-fields flags of gcloud compute backend-services create and gcloud compute backend-services update in beta to specify the optional fields to be added to the reported logs.

Cloud Run

  • Fixed an issue where gcloud run delete commands report error sometimes even though the deletion succeeded.

Cloud Storage

  • Updated gsutil component to 5.20.
  • All gcloud storage commands that accept JSON files now also support YAML.

Compute Engine

  • Promoted --resource-policies flag for glcloud compute reservations createto to GA.

Distributed Cloud Edge

  • Introduced the GDCE version for cluster, machine, and node-pool as output during list and describe operations.
  • Added gcloud edge-cloud networking which allows users to configure the networking configurations on the ToRs to support customer workloads which are running in Google Distributed Cloud Edge Clusters.

Stackdriver Debugger

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

417.0.1 (2023-02-08)

App Engine Flexible Environment

  • Fixing issue where App Engine Flex users cannot deploy their PHP, Java or Python applications via gcloud 417.0.0.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

417.0.0 (2023-02-07)

Breaking Changes

  • (Cloud IoT) Added --device-field-mask flag to gcloud iot devices list to have override possibility for device fieldMask. In case the API response does not include the blocked field for any of the devices, the BLOCKED column will disappear from the results table.

Google Cloud CLI

  • Defined "quota_project" in gcloud auth application-default set-quota-project command documentation.

Anthos Multi-Cloud

  • Modified gcloud container azure clients create to wait for the returned long-running operation. Use --async flag to get the old behavior.
  • Modified gcloud container azure clients delete to wait for the returned long-running operation. Use --async flag to get the old behavior.

Cloud Composer

  • Added warning message when running commands that use the default Cloud Composer version, which will be changed soon.

Cloud Logging

  • Updated gcloud logging buckets list command to include CMEK enabled or disabled setting.

Cloud Run

  • Promoted gcloud run jobs deploy to beta, which allows creating or updating a Cloud Run job from a container image or source to build.

Compute Engine

  • Added REGION column to default output of gcloud compute target-https-proxies list.
  • Promoted gcloud compute network-attachments to GA.

Distributed Cloud Edge

  • Promoted --vpc-project to gcloud edge-cloud container vpn-connections create to create resources in a different GCP project than the GDCE cluster project.

Firebase Test Lab

  • Promoted gcloud firebase test [android|ios] list-device-capacities to GA. This feature can inform your test decisions by letting you view the inventory level of device types in the Test Lab catalog. To access this information, run gcloud firebase test [android|ios] list-device-capacities, or gcloud firebase test [android|ios] models describe [MODEL_ID].

Identity and Access Management

  • Added gcloud iam workforce-pools commands for Workforce Identity Federation management.

Notebooks

  • Deprecate alpha and beta notebooks.

Security Command Center

  • Updated gcloud scc custom-modules sha command group to allow custom modules feature.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

416.0.0 (2023-01-31)

Breaking Changes

  • (Cloud Datalab) Removed gcloud datalab component (Originally removed in release 413.0.0).

AI

  • Fixed an issue in gcloud ai hp-tuning-jobs that the values of --max-trial-count and --max-parallel-trial-count are not passed in the config.yaml file.

AlloyDB

  • Updated gcloud beta alloydb clusters create and gcloud beta alloydb clusters update to support enabling continuous backups via new --enable-continuous-backup and --continuous-backup-recovery-window-days and --continuous-backup-encryption-key flags.

Anthos Identity Service

  • Added --fleet-default-member-config flag to the following commands:

    • gcloud beta container fleet identity-service enable

    • gcloud beta container fleet identity-service delete

      These will make it possible to configure and delete fleet default membership configurations.

App Engine

  • Added the --tunnel-through-iap flag to gcloud beta app instances scp. Using this flag lets you use an Identity-Aware Proxy (IAP) tunnel when attempting to SCP to/from an App Engine flexible environment instance without an external IP address.

Cloud Run

  • Promotes gcloud beta run jobs logs read to beta, which reads logs from a selected resource.
  • Promotes gcloud beta run jobs logs tail to beta, which tail logs from a selected resource.

Cloud SQL

  • Promoted gcloud sql users describe command to GA.

Cloud Storage

  • Updated gsutil component to 5.19.
    • Fixed an issue causing parallel transfer commands to require elevated permissions.

Compute Engine

  • Modified gcloud compute instance-groups managed update to support relative path for regional health check.
  • Added --allow-psc-global-access flag of gcloud compute forwarding-rules <create|update> to beta.
  • Promoted gcloud compute resource-policies update snapshot-schedule to beta.

Config Controller

  • Fixed issue where --full-management flag doesn't take effect.

Immersive Stream

  • Promoted gcloud immersive-stream xr to GA.

Kubernetes Engine

  • Updates default kubectl from 1.24.9 to 1.24.10.
  • Additional kubectl versions:
    • kubectl.1.21 (1.21.14)
    • kubectl.1.22 (1.22.17)
    • kubectl.1.23 (1.23.16)
    • kubectl.1.24 (1.24.10)
    • kubectl.1.25 (1.25.6)
    • kubectl.1.26 (1.26.1)

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

415.0.0 (2023-01-24)

Google Cloud CLI

  • Global --format flag now respects the core/default_format property when --format=default. If core/default_format is not set, then default format is yaml.

AI

  • Modified --region flag of gcloud ai endpoints to include new online prediction regions.
  • Modified --region flag of gcloud ai models to include new online prediction regions.
  • Added --enable-dashboard-access flag to gcloud ai custom-jobs create and gcloud ai hp-tuning-jobs create to allow the access to the dashboard specified in custom container.

BigQuery

  • Added support for using the auth/impersonate_service_account property in bq commands.

Cloud Build

  • Added command groups for managing connections and repositories: gcloud beta builds connections and gcloud beta builds repositories.

Cloud Dataproc

  • Added gcloud dataproc node-groups group with commands: describe and resize.
  • Added --driver-pool-${X} flags to gcloud dataproc clusters create.

Cloud Firestore

  • Added --database flag to gcloud firestore operations to add database support for Firestore operations.

Cloud On Demand Scanning

  • Fixed issue with extracting packages from Go binaries built with newer versions of to the Go toolchain.

Cloud Org Policy

  • Added --update-mask to gcloud org-policies set-policy to specify the fields to be overwritten in the policy.

Cloud Pub/Sub

  • Added gcloud pubsub schemas commit to commit a revision for a Pub/Sub schema.
  • Added gcloud pubsub schemas rollback to roll back a revision for a Pub/Sub schema.
  • Added gcloud pubsub schemas delete-revision to delete a revision for a Pub/Sub schema.
  • Added gcloud pubsub schemas list-revisions to list all revisions for a Pub/Sub schema.
  • Added --first-revision-id and --last-revision-id flags to gcloud pubsub topics create to create schema settings for Pub/Sub topics.
  • Added --clear-schema-settings, --schema, --message-encoding, --first-revision-id and --last-revision-id flags to gcloud pubsub topics update to update schema settings for a Pub/Sub topic.

Cloud SQL

  • Promoted gcloud sql users describe command to beta.

Compute Engine

  • Added --update-policy-<type|max-unavailable|max-surge|minimal-action|most-disrtuptive-action|replacement-method> flags of gcloud compute instance-groups managed <create|update> to GA.
  • Added --update-policy-min-ready flag of gcloud compute instance-groups managed <create|update> to beta.
  • Added --enforce-on-key-configs flag to gcloud beta compute security-policies rules create and gcloud beta compute security-policies rules update.

Dataproc Metastore

  • Promoted gcloud metastore services import flag --dump-type to GA.
  • Promoted gcloud metastore services export flag --dump-type to GA.

Declarative Workflows

  • Make --storage-path, --resource-types and --resource-types-file mutually exclusive in gcloud beta resource-config bulk-export.

Kpt

Recommender

  • Added support for gcloud recommender recommendations mark-dismissed.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

414.0.0 (2023-01-18)

Anthos Multi-Cloud

  • Added --azure-tenant-id and --azure-application-id flags to gcloud container azure clusters create and gcloud container azure clusters update to set authentication configuration for management of Azure resources. These flags replace --client flag.

Apigee

  • Fixed issue where gcloud apigee apis describe would demand a non-existent --revision argument.

Cloud API Gateway

  • Fixed issue where sort-by arguments in list commands produced type validation errors.

Cloud Build

  • Added --peered-network-ip-range flag to gcloud builds worker-pools create.

Cloud Firestore

  • Added database support for Firestore import/export.
  • Added namespace_ids support for Firestore import/export.
  • Added databaseId support for Firestore TTL.
  • Added databaseId support for Firestore SFI.

Cloud Storage

  • Add IAM and ACL-related flags.
  • Updated gsutil component to 5.18.

Compute Engine

  • Promoted --external-ipv6-address flag of gcloud compute instances network-interfaces update to GA.
  • Promoted --external-ipv6-prefix-length flag of gcloud compute instances network-interfaces update to GA.
  • Added keyword network-attachment for --network-interface in gcloud compute instance-templates create.
  • Promoted --external-ipv6-address flag of gcloud compute instances create to GA.
  • Promoted --external-ipv6-prefix-length flag of gcloud compute instances create to GA.
  • Promoted --source-instance-template flag of gcloud compute reservations create to GA.

Database Migration

  • Added gcloud database-migration conversion-workspaces seed which seeds from a connection profile for a database-migration conversion workspace.
  • Added gcloud database-migration conversion-workspaces delete which deletes a database-migration conversion workspace.
  • Added gcloud database-migration conversion-workspaces convert which converts source entities to draft entities in a database-migration conversion workspace.
  • Added gcloud database-migration conversion-workspaces apply which applies a database-migration conversion workspace onto the destination database.
  • Added gcloud database-migration conversion-workspaces list-background-jobs which lists the background jobs in a database-migration conversion workspaces.
  • Added gcloud database-migration conversion-workspaces describe-entities which describes the database entities in a database-migration conversion workspaces.

Dataproc Metastore

  • Promoted gcloud metastore services flag --database-type to GA.

Kubernetes Engine

  • Updates default kubectl from 1.23.15 to 1.24.9.
  • Additional kubectl versions:
    • kubectl.1.21 (1.21.14)
    • kubectl.1.22 (1.22.17)
    • kubectl.1.23 (1.23.15)
    • kubectl.1.24 (1.24.9)
    • kubectl.1.25 (1.25.5)
    • kubectl.1.26 (1.26.0)

Network Management

  • Added appEngineVersion and cloudRunRevision arguments for source in gcloud network-management connectivity-tests. This allows the user to run tests using App Engine version and Cloud Run revision endpoint types as source.

Security Command Center

  • Fixed gcloud scc findings create to require flag event-time.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

413.0.0 (2023-01-10)

Breaking Changes

  • (Cloud Storage) Added --fetch-encrypted-object-hashes flag to ls and objects list commands. API requests to the LIST endpoint do not fetch the hashes for encrypted objects by default. If this flag is set, a GET request is sent for each encrypted object in order to fetch hashes. This can significantly increase the cost of the commands.
    • Previously, the fallback to GET was implemented for CSEK-encrypted objects as the default behavior. With this flag, both CSEK and CMEK are handled, and gcloud CLI checks if it has the necessary CSEK key before sending a GET request.
  • (Kubernetes Engine) This change starts using the Client-Go Credential Plugin gke-gcloud-auth-plugin as noted in Client-go Credential Plugin changes.

Google Cloud CLI

  • Fixed a crash during reauth when Enterprise Certificate is used.
  • Fixed issue where the gcloud CLI would crash when invoked in PowerShell 7.3. This issue was reported at: https://issuetracker.google.com/issues/259295558.
  • Added core/default_format and core/format properties to config in order enable setting a default print format. Print format is first determined by global flag --format. If --format flag is not defined, then CLI defaults to core/format value. If core/format is not defined, then CLI defaults to command specific output. If command specific output is undefined, then format is determined by core/default_format. core/default_format defaults to yaml format.

AI

  • Modified --region flag of gcloud ai model-monitoring-jobs to include new model monitoring jobs regions.
  • Modified --explanation-metadata-file flag of gcloud ai models upload from required to optional.
  • Added optional output-image-uri field to --worker-pool-spec flag of gcloud ai custom-jobs create to name and store the custom image built with autopackaging in the specified Google Container Registry or Artifact Registry.

Anthos Multi-Cloud

  • Updated gcloud container aws operations list to show the underlying action (create, update, delete, etc) associated with AWS long-running operations.
  • Updated gcloud container azure operations list to show the underlying action (create, update, delete, etc) associated with Azure long-running operations.
  • Added gcloud container azure operations cancel to cancel an ongoing LRO operation on Azure resources.
  • Added gcloud container aws operations cancel to cancel an ongoing LRO operation on AWS resources.
  • Added --tags flag to gcloud container aws node-pools update to update the tags assigned to AWS node pool resources.
  • Added --clear-tags flag to gcloud container aws node-pools update to clear the tags assigned to AWS node pool resources.
  • Added --autoscaling-metrics-granularity flag to gcloud container aws node-pools create to set granularity when enabling CloudWatch metrics collection of the autoscaling group of AWS node pools.
  • Added --autoscaling-metrics flag to gcloud container aws node-pools create to enable collection of specific CloudWatch metrics of the autoscaling group of AWS node pools.
  • Added --autoscaling-metrics-granularity flag to gcloud container aws node-pools update to update the granularity of CloudWatch metrics collection for the autoscaling group of AWS node pools.
  • Added --autoscaling-metrics flag to gcloud container aws node-pools update to update the collection of specific CloudWatch metrics for the autoscaling group of AWS node pools.
  • Added --clear-autoscaling-metrics flag to gcloud container aws node-pools update to clear the CloudWatch metrics collection associated with the autoscaling group of AWS node pools.
  • Added gcloud container attached operations list to show the underlying action (create, update, delete, etc) associated with Attached clusters long-running operations.
  • Added gcloud container attached operations describe to show detailed status of a provided Attached clusters long-running operation.
  • Added gcloud container attached operations wait to wait for completion of a provided Attached clusters long-running operation.

BigQuery

  • Fixed issue with timestamp normalization in Windows.
  • Extended the insert flags to include a insert_id flag that's appended to the row number of the data to be inserted as the insertId field that's used for deduping newly inserted rows. This can be used to ensure repeat executions don't add unintended data.

Cloud Access Context Manager

  • Promoted gcloud access-context-manager authorized-orgs to GA.

Cloud Build

  • Removed --subscription-filter flag of gcloud builds triggers create manual.

Cloud Composer

  • Added --enable-cloud-data-lineage-integration to gcloud composer environments create/update to enable Cloud Data Lineage integration.
  • Added --disable-cloud-data-lineage-integration to gcloud composer environments update to disable Cloud Data Lineage integration.
  • Enabled db check Airflow command executable via gcloud composer environments run for environments with Airflow 2.3 or newer.

Cloud Datalab

  • Removed gcloud datalab component.

Cloud Run

  • Added --env-vars-file to gcloud beta run jobs create to add environment variables to the job from a YAML file.
  • Removed the call to action from gcloud beta run integrations describe for Redis integrations that are not ready for use.

Cloud SQL

  • Added --striped and --stripe_count flags to gcloud sql import bak and added --striped flag to gcloud sql export bak to enable the striped import/export feature for SQL Server.
  • Promoted --restore-database-name flag for gcloud sql instance clone --point-in-time to support single database PITR restore for SQL Server to beta and GA.
  • Added gcloud sql users describe command, which describes a Cloud SQL user in an instance in alpha.

Cloud Services

  • Promoted gcloud services api-keys list in beta.
    • Promoted gcloud services api-keys describe in beta.
    • Promoted gcloud services api-keys get-key-string in beta.
    • Promoted gcloud services api-keys create in beta.
    • Promoted gcloud services api-keys update in beta.

Cloud Storage

  • Added gcloud storage buckets create --placement flag.
  • Promoted gcloud storage objects update retention flags to GA.
    • --event-based-hold
    • --temporary-hold
  • Removed gcloud storage buckets update --no-lock-retention-period flag.

Cloud Workstations

  • Added gcloud beta workstations clusters create which creates a cluster under a specified region.
  • Added gcloud beta workstations configs create which creates a workstation configuration under a specified cluster.
  • Added gcloud beta workstations create which creates a workstation under a specified config.
  • Added gcloud beta workstations delete which deletes the given workstation.
  • Added gcloud beta workstations configs delete which deletes the given config.
  • Added gcloud beta workstations clusters delete which deletes the given cluster.
  • Added gcloud beta workstations describe which displays all fields for a given workstation.
  • Added gcloud beta workstations configs describe which displays all fields for a given config.
  • Added gcloud beta workstations clusters describe which displays all fields for a given cluster.
  • Added gcloud beta workstations start which starts a specified workstation.
  • Added gcloud beta workstations stop which stops a specified workstation.

Compute Engine

  • Added -iam-policyand-iam-policy-bindingstogcloud beta compute backend-buckets`.
  • Promoted --endpoint-type flag of gcloud compute addresses create to GA.
  • Promoted gcloud compute sole-tenancy node-groups simulate-maintenance-event to beta.
  • Added --all-instances-config-effective flag of gcloud compute instance-groups managed wait-until to beta.
  • Modified gcloud compute forwarding-rules create to allow specifying --address and --ip-version at the same time.

Compute Firewall Policies

  • Fixed gcloud compute network-firewall-policies rules update not sending an empty list to the API if a field is specified as empty.

Database Migration

  • Added gcloud database-migration private-connections create which creates a database-migration private connection.
  • Added gcloud database-migration private-connections list which lists the database-migration private connections.
  • Added gcloud database-migration private-connections describe which describes a database-migration private connection.
  • Added gcloud database-migration private-connections delete which deletes a database-migration private connection.
  • Updated gcloud database-migration connection-profiles create to support creating Oracle connection profiles.
  • Updated gcloud database-migration connection-profiles create to support connectivity in creating Postgresql connection profiles.
  • Added gcloud database-migrate conversion-workspaces create which creates a database-migration conversion workspace.
  • Added gcloud database-migrate conversion-workspaces update which updates a database-migration conversion workspace.
  • Added gcloud database-migration conversion-workspaces list which lists the database-migration conversion workspaces.
  • Added gcloud database-migration conversion-workspaces describe which describes a database-migration conversion workspace.
  • Added gcloud database-migration conversion-workspaces commit which commits a database-migration conversion workspace.
  • Added gcloud database-migration conversion-workspaces rollback which rollbacks a database-migration conversion workspace.

Kubernetes Engine

  • Updates default kubectl from 1.23.14 to 1.23.15.
  • Removes kubectl.1.20, since it is no longer needed.
  • Additional kubectl versions:
    • kubectl.1.21 (1.21.14)
    • kubectl.1.22 (1.22.17)
    • kubectl.1.23 (1.23.15)
    • kubectl.1.24 (1.24.9)
    • kubectl.1.25 (1.25.5)

Pubsub Emulator

  • Added support for Exactly-once Delivery.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

412.0.0 (2022-12-13)

Breaking Changes

  • (Compute Engine) Modified concurrent operation quota errors to show additional information to user instead of just error message.

Google Cloud CLI

  • Added property core/parse_error_details. If set, gcloud CLI will parse and display errors in a more human readable format, where available.

AI

  • Modified --region flag of gcloud ai endpoints to include new online prediction regions.
  • Modified --region flag of gcloud ai models to include new online prediction regions.
  • Modified --region flag of gcloud ai custom-jobs to include new online training regions.
  • Modified --region flag of gcloud ai hp-tuning-jobs to include new online training regions.

AlloyDB

  • Introduced gcloud alloydb track.

Anthos Multi-Cloud

  • Promoted gcloud container attached to GA.

App Engine

  • Updated gcloud beta app instances ssh to use an IAP tunnel when attempting to SSH to an instance without an external IP.

Cloud Build

  • Modified one of gcloud builds triggers run --branch, gcloud builds triggers run --tag, and gcloud builds triggers run --sha flag to be required.
  • Make --region flag visible in builds triggers create command group. Set --dockerfile flag as required for builds triggers create command group.
  • Ungroup --build-config flag and --inline-config flag for builds triggers create command group.
  • Promoted gcloud builds triggers to GA.

Cloud Composer

  • Added gcloud composer environments snapshots load - to load a snapshot into the environment.
  • Added gcloud composer environments snapshots save - save a snapshot of the environment.
  • Added --enable-scheduled-snapshot-creation to gcloud composer environments create/update to enable snapshots of the environment creation according to a schedule. Can be specified for Composer 2.0.32 or greater.
  • Added --snapshot-creation-schedule to gcloud composer environments create/update to specify cron expression when snapshots of the environment should be created.
  • Added --snapshot-location to gcloud composer environments create/update to specify the Cloud Storage location for storing automatically created snapshots.
  • Added --snapshot-schedule-timezone to gcloud composer environments create/update to specify Timezone that sets the context to interpret snapshot_creation_schedule.
  • Added --disable-scheduled-snapshot-creation to gcloud composer environments update to disable the automatic snapshots creation.

Cloud Datastream

  • Fixed issue where gcloud datastream create failed for Postgresql source config.

Cloud Functions

  • Added --cpu flag to gcloud beta functions deploy for 2nd Gen functions to alpha and beta.
  • Added --concurrency flag to gcloud beta functions deploy for 2nd Gen functions to alpha and beta.

Cloud Pub/Sub

  • Added --event-time and --publish-time flags to gcloud pubsub lite-subscriptions create to create Pub/Sub Lite subscriptions from a nominated timestamp.
  • Added --export-pubsub-topic, --export-dead-letter-topic and --export-desired-state flags to gcloud pubsub lite-subscriptions create to create Pub/Sub Lite export subscriptions.
  • Added --export-pubsub-topic, --export-dead-letter-topic and --export-desired-state flags to gcloud pubsub lite-subscriptions update to update Pub/Sub Lite export subscriptions.

Cloud SQL

  • Added --enable-google-private-path flag to gcloud sql instances create and gcloud sql instances patch commands in Alpha, Beta, and GA. This field specifies whether the instance is accessible to internal Google Cloud services such as BigQuery. This is applicable only to MySQL and PostgreSQL instances that don't use public IP. Currently, SQL Server isn't supported.

Cloud Services

  • Promoted gcloud services api-keys delete to beta.
  • Promoted gcloud services api-keys undelete to beta.

Cloud Workstations

  • Added gcloud beta workstations configs list which lists workstation configs under a specified cluster.

Config Controller

  • Added --full-management flag to gcloud anthos config controller create to allow creating Config Controller on GKE Autopilot instances.

Database Migration

  • Updated gcloud database-migration connection-profiles create to support creating AlloyDB connection profiles.

Firebase Test Lab

  • Added --robo-script flag to gcloud firebase test ios run to customize an iOS Robo crawl with a Robo script.

Identity and Access Management

  • Added --executable-interactive-timeout-millis flag to gcloud iam workforce pools create-cred-config. This enables using executable-sourced credentials with user interactivity with gcloud auth login --cred-file=/path/to/interactive/executable/config.json when using Workforce Identity Federation.

Kubernetes Engine

  • Added --stack-type and --ipv6-access-type arguments to gcloud container clusters create command to support dual stack GKE clusters.
  • Added --stack-type argument to gcloud container clusters update command to support changing stack type between IPv4 and dual stack GKE clusters.
  • Added --ephemeral-storage-local-ssd to gcloud beta container clusters create, gcloud beta container node-pools create, gcloud container clusters create, gcloud container node-pools create. This flag is used to configure nodes' ephemeral storage to be backed by local SSDs.
  • Added --local-nvme-ssd-block to gcloud beta container clusters create, gcloud beta container node-pools create, gcloud container clusters create, gcloud container node-pools create. This flag is used to initialize nodes in node-pool with raw-block local NVMe SSDs attached.

Notebooks

  • Added support for Shielded VM configuration to gcloud notebooks instances create.
  • Added support for reservation configuration to gcloud notebooks instances create.

Terraform

  • Added zone and region option for gcloud beta terraform vet.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

411.0.0 (2022-12-06)

Breaking Changes

  • (Compute Engine) Added rhel-9 and rhel-9-byol options to --os flag for:
    • gcloud compute images import in GA,
    • gcloud compute instances import in GA
    • gcloud compute machine-images import in GA

Google Cloud CLI

  • Added gcloud topic command group to alpha and beta.

App Engine

  • Add --service-account flag of gcloud app create to GA, which allows to create an app with a user-managed service account.
  • Add --service-account flag of gcloud app update to GA, which allows to update the app with a user-managed service account.

App Engine Flexible Environment

  • Add --service-account flag of gcloud app create to GA, which allows to create an app with a user-managed service account.
  • Add --service-account flag of gcloud app update to GA, which allows to update the app with a user-managed service account.

BigQuery

  • Expose enable_resumable_uploads flag in public bq.
  • Formatting fix for bigquery_client.py.
  • Changed "locking" Owned Test Accounts to "getting" to avoid overloading AccountProviderService.
  • Extended api logging to include URIs of requests.
  • Extends encodings supported during file upload.
  • Messages and fails early when the user tries to upload with an invalid schema.
  • Adds support for GOOGLE_CLOUD_QUOTA_PROJECT environment variable.
  • Adds configuration for external accounts using token_uri.
  • Dataset name validation and feedback.

Cloud Bigtable

  • Promoted gcloud bigtable instances tables create to beta and GA.
  • Promoted gcloud bigtable instances tables delete to beta and GA.
  • Promoted gcloud bigtable instances tables update to beta and GA.
  • Added include-stats option to cbt lookup and cbt read commands.
  • Added cbt notices command, which displays licenses covering all direct and indirect dependencies.

Cloud Build

  • Bugfix to enforce limits to be applied after filters.
  • Added --enterprise-config flag to builds triggers create github to support creating GitHub Enterprise trigger.

Cloud Composer

  • Added --enable-scheduled-snapshot-creation to gcloud beta composer environments create/update to enable snapshots of the environment creation according to a schedule. Can be specified for Composer 2.0.32 or greater.
  • Added --snapshot-creation-schedule to gcloud beta composer environments create/update to specify cron expression when snapshots of the environment should be created.
  • Added --snapshot-location to gcloud beta composer environments create/update to specify the Cloud Storage location for storing automatically created snapshots.
  • Added --snapshot-schedule-timezone to gcloud beta composer environments create/update to specify Timezone that sets the context to interpret snapshot_creation_schedule.
  • Added --disable-scheduled-snapshot-creation to gcloud beta composer environments update to disable the automatic snapshots creation.

Cloud Firestore

  • Add apiScope output for Firestore index. ApiScope can be viewed in gcloud firestore indexes composite list and gcloud firestore indexes composite describe.
  • Added databaseId support for Firestore index.

Cloud IDS

  • Added --threat_exceptions flag to exclude certain threat types from being reported.

Cloud Key Management Service

  • Modified gcloud kms import-jobs create to accept new SHA256 import methods rsa-oaep-3072-sha256, rsa-oaep-3072-sha256-aes-256, rsa-oaep-4096-sha256, and rsa-oaep-4096-sha256-aes-256.

Cloud Pub/Sub

  • Promoted --enable-exactly-once-delivery flag of gcloud pubsub subscriptions create to GA.
  • Promoted --enable-exactly-once-delivery flag of gcloud pubsub subscriptions update to GA.

Cloud Run

  • Promoted --execution-environment of gcloud run from beta to GA.
  • Fixed issue where gcloud beta run jobs execute with --wait flag, and other jobs commands to wait for an execution to complete, failed to wait more than 30 minutes.
  • Fixed issue where gcloud beta run integrations delete failed when the associated Cloud Run service is deleted.

Cloud SQL

  • Promoted --timeout flag for gcloud sql instances create to GA.
  • Added --restore-database-name flag to gcloud sql instance clone --point-in-time to support single database PITR restore for SQL Server.

Cloud Services

  • Updated gcloud services list to retry 429 errors.
  • Set the default page size for gcloud services list to 200.
  • Promoted gcloud services api-keys lookup to beta.

Cloud Spanner

  • Added --skip-init flag to gcloud spanner samples run.

Cloud Storage

  • Promoted gcloud storage buckets update retention flags to GA.
    • --default-event-based-hold
    • --retention-period
    • --clear-retention-period
    • --lock-retention-period
  • Promoted gcloud storage buckets update --uniform-bucket-level-access to GA.
  • Rebuilt gcloud-crc32c 1.0.0 on latest version of golang.
  • Updated gsutil component to 5.17.

Compute Engine

  • Added --merge-source-commitment to gcloud compute commitments create for beta and GA.
  • Fixed issue where gcloud compute instance-groups unmanaged list-instances would fail to fall back to the compute/zone property when --zone was missing.
  • Added customRequestHeaders and customResponseHeaders to modifiable fields list in gcloud compute backend-services edit.

Dataproc Metastore

  • Added support for querying and mutating Dataproc Metastore metadata. The following commands have been added to the alpha and beta release tracks:
    • metastore services queryMetadata
    • metastore services alterLocation
    • metastore services moveTableToDatabase

Distributed Cloud Edge

  • Added warning to long running operation metadata of gcloud edge-cloud container cluster create/update when the cluster has a maintenance window configuration that overlaps with other clusters' in the same project.

Firebase Test Lab

  • Added --type=robo flag to gcloud firebase test ios run to support running iOS Robo tests.

GKE Hub

  • Fixed bug in gcloud container fleet and gcloud container hub command groups where a membership with ambiguous location was not given default value global.

Kubernetes Engine

  • Promoted --cluster-dns-scope=cluster flag of gcloud container clusters create and gcloud container clusters update to GA.
  • Promoted --binauthz-evaluation-mode=MONITORING, binauthz-evaluation-mode=MONITORING_AND_PROJECT_SINGLETON_POLICY_ENFORCE, and --binauthz-policy flags of gcloud container clusters create, gcloud container clusters create-auto, and gcloud container clusters update to beta.
  • Corrected outdated description help text of gcloud container node-pools delete.
  • Promoted --placement-type flag for gcloud container clusters create command to GA.
  • Promoted --placement-type flag for gcloud container node-pools create command to GA.
  • Added --async flag to gcloud container node-pools create/update to allow the in-progress operation to be returned, instead of the node pool.
  • Additionally, default formatting for gcloud container node-pools create/update/delete --async has been added to provide a more human-readable format of the operation; potentially impacting parsing of output. It is recommended to use --format when parsing gcloud CLI output.
  • Updates default kubectl from 1.22.14 to 1.23.14.

  • Additional kubectl versions:

    • kubectl.1.20 (1.20.15)
    • kubectl.1.21 (1.21.14)
    • kubectl.1.22 (1.22.15)
    • kubectl.1.23 (1.23.14)
    • kubectl.1.24 (1.24.8)
    • kubectl.1.25 (1.25.4)

  • Added --windows-os-version flag to gcloud container node-pools create/update to allow create Windows node pools using Windows Server LTSC 2022 Containerd node image.

Media CDN

  • Added gcloud edge-cache command group to enable configuration of Media CDN.

Network Connectivity

  • Promoted gcloud network-connectivity internal-ranges command group to GA.

Network Security

  • Promoting networksecurity firewall API to v1beta1.
  • Promoted commands under gcloud network-security org-address-groups and gcloud network-security address-groups to beta.

Recommender

  • Added billing account scope support for gcloud recommender recommender-config describe.
  • Added billing account scope support for gcloud recommender recommender-config update.
  • Added billing account scope support for gcloud recommender insight-type-config describe.
  • Added billing account scope support for gcloud recommender insight-type-config update.

Terraform

  • Added support for environment variables GOOGLE_PROJECT, GOOGLE_CLOUD_PROJECT, GCLOUD_PROJECT in gcloud beta terraform vet.
  • Fixed an issue where gcloud beta terraform vet would fail while trying to format and output pre-formatted error strings.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

410.0.0 (2022-11-15)

Google Cloud CLI

  • Added gcloud topic endpoint-override for details on overriding the default api URL.

AI

  • Added asia-southeast2, europe-central2, and us-south1 options to --region flag of gcloud ai custom-jobs and gcloud ai hp-tuning-jobs.

AlloyDB

  • Introduced the following commands: gcloud beta alloydb clusters create-secondary, gcloud beta alloydb instances create-secondary, gcloud beta alloydb clusters promote.

App Engine

Artifact Registry

  • Update maven and gradle plugin versions to 2.2.0.

Assured Workloads

  • Added SOVEREIGN_CONTROLS_BY_T_SYSTEMS as an option for --partner flag of gcloud assured workloads create command (available for both beta and GA).

Cloud Asset Inventory

  • Promoted gcloud asset query command to GA.

Cloud Bigtable

  • Added stats option to --view flag for bigtable instances tables describe.

Cloud Composer

  • Added --enable-triggerer to gcloud beta composer environments create/update to allow usage of deferrable operators in dags.
  • Added --triggerer-cpu to gcloud beta composer environments create/update to specify CPU allocated to Airflow triggerer.
  • Added --triggerer-memory to gcloud beta composer environments create/update to specify memory allocated to Airflow triggerer.
  • Added --disable-triggerer to gcloud beta composer environments update to disable Airflow triggerer.

Cloud Dataproc

  • Added --async flag to gcloud dataproc jobs kill.

Cloud Datastream

  • Added the max_concurrent_cdc_tasks support to --mysql-source-config and --oracle-source-config flags in gcloud datastream streams.
  • Fixed issue where stream create using a mysql-source-config or oracle-source-config with column level filtering fails to create.

Cloud Functions

  • Fixed issue where gcloud functions list would crash when a 2nd Gen-only region was specified using --regions.
  • Updated gcloud function describe to look up both 1st Gen and 2nd Gen environments for the function. When --gen2 flag is specified, only 2nd Gen functions will be looked up.

Cloud Run

  • Promoted gcloud run services logs read and gcloud run revisions logs read to beta, which reads logs from a selected resource.
  • Promoted gcloud run services logs tail and gcloud run revisions logs tail to beta, which tail logs from a selected resource.
  • Added --execute-now and --wait flags to gcloud beta run job update to immediately execute the job after update and wait for completion.
  • Promoted gcloud beta run integrations command group and all sub-commands to beta.

Compute Engine

  • Promoted --list-managed-instances-results flag for gcloud compute instance-groups managed create and gcloud compute instance-groups managed update to GA.
  • Fixed --network-interface to mark the public IP as None when --no-address is specified.

GKE Hub

  • Fixed issue where gcloud container fleet memberships commands did not output memberships with missing cluster.
  • Fixed bug in gcloud container fleet config-management version where memberships were stuck with version "NA".

Identity and Access Management

  • Added support for retrieving the token introspection endpoint through external account credentials.

Kubernetes Engine

  • Added --labels flag to gcloud container node-pools create/update to allow creating and updating node pools with GCP labels.

VPC Access

  • Promoted gcloud compute networks vpc-access connectors update to beta.
    • Enables updating of min-instances, max-instances and machine-type of already existing vpc-access connectors.

Vmware Engine

  • Added commands for managing resources:
    • Locations
    • Operations
    • VMwareEngine networks
    • Network policies
    • Node types
    • Private clouds
    • Clusters
    • HCX activation keys
    • NSX credentials
    • VCenter credentials
    • Subnets

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

409.0.0 (2022-11-08)

Breaking Changes

  • (Compute Engine) Modified stockout errors to show entire error object to user in yaml format instead of just error message.
  • (Compute Engine) Modified quota exceeded errors to show additional information to user instead of just error message.

Google Cloud CLI

  • Modified gcloud config list to accept both a section name and --all flag. The command will display all the set and unset properties when specifying both.

Anthos Multi-Cloud

  • Added --allow-missing flag to the following command groups: gcloud container aws clusters delete, gcloud container aws node-pools delete, gcloud container azure clients delete, gcloud container azure clusters delete, gcloud container azure node-pools delete, to allow the delete request to succeed, even if the cluster, node-pool or client resource does not exist.

Cloud Composer

  • Added --skip-airflow-overrides-setting to gcloud beta composer snapshots load to allow skipping setting Airflow overrides from the snapshot.
  • Added --skip-environment-variables-setting to gcloud beta composer snapshots load to allow skipping setting environment variables from the snapshot.
  • Added --skip-gcs-data-copying to gcloud beta composer snapshots load to allow skipping copying dags, plugins and data folders from the snapshot.

Cloud Datastream

  • Added the max_concurrent_cdc_tasks support to --mysql-source-config and --oracle-source-config flags in gcloud datastream streams.

Cloud Filestore

  • Fixed issue where --kms-key was being ignored in gcloud filestore backups create command.

Cloud Firestore Emulator

  • Promoted gcloud emulators firestore to GA.
  • Release Cloud Firestore emulator v1.15.1
    • feat: allow users to configure websocket port

Cloud Functions

  • Fixed issue where gcloud functions list would crash when a 2nd Gen-only region was specified using --regions.

Cloud Logging

  • Updated gcloud logging read to accept multiple resources to query using a new --resource-names flag.

Cloud SQL

  • Added the following flags to gcloud sql instances create in BETA:
    • --timeout

Compute Engine

  • Added --split-source-commitment to gcloud compute commitments create for beta and GA.
  • Promoted any-single-zone value support for the flag --target-distribution-shape of gcloud compute instance-groups managed create / update to beta.
  • Added keyword network-attachment for --network-interface in gcloud compute instances create.
  • Promoted --max-run-duration flag of gcloud compute instances create to beta.
    • Allows specifying the duration of time after which the instance will terminate.
  • Promoted --termination-time flag of gcloud compute instances create to beta.
    • Allows specifying the timestamp that the instance will terminate.
  • Added 3 additional accepted values to --enforce-on-key for gcloud compute security-policies rules create|update and promoted it to GA.
  • Promoted gcloud compute network-edge-security-services command group to GA.
  • Promoted --region and '--global' flags of gcloud compute security-policies to GA.
  • Promoted --network-ddos-protection flag of gcloud compute security-policies update to GA.

Distributed Cloud Edge

  • Removed unsupported GPU_TYPE field from gcloud edge-cloud container machines list. This field will be restored once the API provides accurate GPU information.

GKE Hub

  • Fixed a bug where gcloud container fleet memberships get-credentials and gcloud container hub memberships get-credentials would not return an error when the membership argument was left empty.

Kubernetes Engine

  • Corrected outdated description help text of gcloud container node-pools delete.
  • Added --private-endpoint-subnetwork and --enable-google-cloud-access flags to gcloud container clusters create and gcloud container clusters create-auto.
  • Added --enable-google-cloud-access and --enable-private-endpoint flags to gcloud container clusters update.
  • Added --enable-private-nodes flag to gcloud container node-pools create and gcloud container node-pools update.

Notebooks

  • Added gcloud notebooks instances diagnose and gcloud notebooks runtimes diagnose commands to GA. These commands provide access to the AI Platform Notebooks new Diagnose API.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

408.0.1 (2022-11-02)

BigQuery

  • Adds various fixes to PSC environments.
  • Adds support for random forest models as part of BQML.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

408.0.0 (2022-11-01)

Breaking Changes

AI

  • Added more available regions to gcloud ai model-monitoring-jobs.
  • Added --version-description flag to gcloud ai models upload to support setting model version description.

BigQuery

  • Add missing open source licenses.
  • Expose Iceberg for public preview.

Cloud Composer

  • Added --connection-type flag to gcloud beta composer environments create and gcloud composer environments create command to allow forcing the use of VPC peerings for internal communication.

Cloud Deploy

  • Added initial-rollout-labels and initial-rollout-annotations flags to gcloud deploy releases create command.

Cloud SQL

  • Promoted --connector_enforcement flag for gcloud sql instances create and gcloud sql instances patch to GA.

Cloud Storage

  • Updated gsutil component to 5.16.

Compute Engine

  • Promoted --discard-local-ssd flag of gcloud compute instances stop to beta.
  • Promoted --force-update-on-repair flag of gcloud compute instance-groups managed <create | update> to beta.
  • Fixed missing ephemeral IP when neither --address nor --no-address keys are provided with --network-interface flag during instance template creation.

GKE Hub

  • Changed membership-related flags in gcloud container fleet and gcloud container hub command groups to resource arguments, adding --location flag and LOCATION column in list commands.

Kubernetes Engine

  • Promoted --enable-managed-prometheus flag of gcloud container clusters create/update to GA.
  • Promoted --disable-managed-prometheus flag of gcloud container clusters update to GA.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

407.0.0 (2022-10-25)

Breaking Changes

  • (Cloud Run) Now gcloud beta run jobs update command removes existing Binary Authorization breakglass justification if --breakglass flag is not set.
  • (Cloud Run) In gcloud run deploy and gcloud run services update, --set-secrets, --remove-secrets, and --update-secrets flags now support mounting multiple versions of the same secret in the same directory.
  • (Cloud Run)
    • If multiple different secrets are requested to be mounted in the same directory, including for secrets already set on the service in the case of --update-secrets, the operation will now fail instead of silently overriding all secret versions with the last one specified.
  • (Compute Engine) Removed --csek-key-file flag of gcloud beta compute instances resume
    • Removing since instance suspend and resume do not support CSEK
    • If your instance with CSEK protection is suspended, please stop the instance then restart it and file a bug.

Assured Workloads

  • Added ASSURED_WORKLOADS_FOR_PARTNERS as an option for --compliance-regime flag of gcloud assured workloads create command.
  • Added --partner flag (optional) for gcloud assured workloads create command to enable creation of partner workload (workload managed by local trusted partners) through gCloud command.

Cloud DNS

  • Promoted gcloud dns managed-zones get-iam-policy and gcloud dns managed-zones set-iam-policy to GA.

Cloud Dataplex

  • Promoted Content command group to GA.
  • Promoted Environment command group to GA.

Cloud Datastream

  • Added postgresql type to --type flag of datastream connection-profiles <create/update>.
  • Added postgresql type to --postgresql-rdbms-file flag of datastream connection-profiles discover.
  • Added --postgresql-source-config flag to gcloud datastream streams <create/update>.
  • Added postgresql type to --type flag of datastream connection-profiles <create/update>.

Cloud Filestore

  • Added --kms-key flag to gcloud beta filestore backups create, which allows an Enterprise or High Scale backup to be created that is encrypted with a CMEK key." => "which creates a backup with an associated customer-managed encryption key (CMEK). Only available for Enterprise or High Scale tier instances.
  • Added --location flag to gcloud beta filestore instances restore, which restores Enterprise instances." => "restore Basic HDD, Basic SSD, and Enterprise tier instances.
  • Added --instance-location flag to gcloud beta filestore backups create, which accepts either a zone or region and allows clients to create Basic HDD, Basic SSD, and Enterprise tier backups.

Cloud SQL

  • Added the following flags to gcloud sql instances create and gcloud sql instances patch in BETA:
    • --connector_enforcement

Cloud Storage

  • Updated gsutil component to 5.15.

Cloud Workstations

  • Promoted gcloud beta workstations commands to beta for Preview.

Compute Engine

  • Promoted --source-machine-image, --source-machine-image-csek-key-file, and --erase-windows-vss-signature flags of compute instances create to GA.
  • Fixed an issue with --create-disk and --disk flags that causes gcloud compute instance-templates create or gcloud compute instance-templates create-with-container to fail when attaching a boot disk.
  • Promoted --region flag for compute target-tcp-proxies to GA.

Compute Firewall Policies

  • Fixed bug in gcloud compute network-firewall-policies rules update that would cause src-secure-tags to not be updated.

GKE Hub

  • Modified gcloud container fleet memberships register to skip Connect agent installation for GKE clusters by default. Use --install-connect-agent flag to get the old behavior.
  • Modified gcloud container fleet memberships unregister to skip Connect agent uninstallation for GKE clusters by default. Use --uninstall-connect-agent flag to get the old behavior.
  • Added --install-connect-agent flag to gcloud container fleet memberships register and gcloud container hub memberships register to install connect agent on GKE clusters.
  • Added --uninstall-connect-agent flag to gcloud container fleet memberships unregister and gcloud container hub memberships unregister to uninstall Connect agent on GKE clusters.

Identity and Access Management

  • Added gcloud iam policies create which creates a deny policy on the given attachment point with the given name.
  • Added gcloud iam policies delete which deletes a deny policy on the given attachment point with the given name.
  • Added gcloud iam policies get which gets a deny policy on the given attachment point with the given name.
  • Added gcloud iam policies list which lists the deny policies on the given attachment point.
  • Added gcloud iam policies update which updates the deny policy on the given attachment point with the given name.
  • Updated External Account URL validation to allow PSC endpoints.

Kubernetes Engine

  • Added --gateway-api flag to gcloud container clusters create and gcloud container clusters update which allows users to turn on the GKE Gateway controller for their cluster and to select the Gateway API release channel they want to use.

Security Command Center

  • Updated gcloud scc notifications update to allow for project and folder parents.
  • Updated gcloud scc notifications create to allow for project and folder parents.
  • Updated gcloud scc notifications delete to allow for project and folder parents.
  • Updated gcloud scc notifications list to allow for project and folder parents.
  • Updated gcloud scc notifications describe to allow for project and folder parents.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

406.0.0 (2022-10-17)

Breaking Changes

  • (Cloud Storage) Changed "Additional Properties" formatting for ls -L to print condensed JSON object instead of JSON list with key and value keys before every key and value.
  • (Kubernetes Engine) Remove deprecated --istio-config flag of gcloud beta container clusters create and gcloud beta container clusters update.

Anthos Multi-Cloud

  • Promoted --logging flag to gcloud container aws clusters create and gcloud container azure clusters create to update the logging config.
  • Promoted --logging flag to gcloud container aws clusters update and gcloud container azure clusters update to update the logging config.
  • Added --annotations flag to gcloud container azure node-pools create to set the annotations field when creating Azure node pools.
  • Added --annotations flag to gcloud container azure node-pools update to update the annotations of Azure node pools.
  • Added --clear-annotations flag to gcloud container azure node-pools update to clear the annotations of Azure node pools.

Bare Metal Solution

  • Promoted gcloud bms nfs-shares create to GA.
  • Promoted gcloud bms nfs-shares delete to GA.
  • Promoted gcloud bms volumes restore to GA.
  • Promoted gcloud bms volumes snapshot to GA.
  • Promoted gcloud bms volumes snapshots describe to GA.
  • Promoted gcloud bms volumes snapshots list to GA.
  • Promoted gcloud bms volumes snapshots delete to GA.
  • Promoted --add-allowed-client flag of gcloud bms nfs-shares update to GA.
  • Promoted --remove-allowed-client flag of gcloud bms nfs-shares update to GA.
  • Promoted --clear-allowed-clients flag of gcloud bms nfs-shares update to GA.
  • Promoted gcloud bms instances stop to GA.

BigQuery

  • Fixed issue with --api flag in external clients.
  • Added support for the target_job_concurrency flag and begins deprecating the concurrency flag.
  • Added the max_staleness flag for external tables.
  • Added support for SIMPLE with the object_metadata flag.
  • Added ZSTD as an extract option.

Certificate Manager

  • Added gcloud certificate-manager issuance-configs command group to beta. Commands in this group allow for configuring Private Trust certificate issuance.
  • Added --issuance-config flag for gcloud certificate-manager certificates create command to beta. The flag allows configuring managed certificates issuance with Private Trust.

Cloud Access Context Manager

  • Changed --level flag of gcloud access-context-manager cloud-bindings create and gcloud access-context-manager cloud-bindings update to take a string input instead of a resource:
    • No change is required on any previous configurations as a result of this change.

Cloud Datastream

  • Added BigQuery destination type support.

Cloud Firestore Emulator

  • Promoted gcloud emulators firestore to GA.

Cloud SQL

  • Added the following flags to gcloud sql instances create and gcloud sql instances patch for ALPHA:
    • --connector_enforcement

Cloud TPU

  • Promoted --shielded-secure-boot flag of gcloud compute tpus tpu-vm to GA.

Compute Firewall Policies

  • Updated gcloud compute firewall-policies rules create to include help text for src-threat-intelligence, src-fqdns, src-region-codes , src-address-groups, dest-threat-intelligence, dest-fqdns , dest-region-codes and dest-address-groups.
  • Updated gcloud compute firewall-policies rules update to include help text for src-threat-intelligence, src-fqdns, src-region-codes , src-address-groups, dest-threat-intelligence, dest-fqdns , dest-region-codes and dest-address-groups.
  • Updated gcloud compute network-firewall-policies rules create to include help text for src-threat-intelligence, src-fqdns, src-region-codes , src-address-groups, dest-threat-intelligence, dest-fqdns , dest-region-codes and dest-address-groups.
  • Updated gcloud compute network-firewall-policies rules update to include help text for src-threat-intelligence, src-fqdns, src-region-codes , src-address-groups, dest-threat-intelligence, dest-fqdns , dest-region-codes and dest-address-groups.
  • Promoted --src-address-groups and --dest-address-groups flags to beta in gcloud compute firewall-policies rules create , gcloud compute firewall-policies rules update , gcloud compute network-firewall-policies rules create and gcloud compute network-firewall-policies rules update commands.
  • Promoted --src-fqdns and --dest-fqdns flags to beta in gcloud compute firewall-policies rules create , gcloud compute firewall-policies rules update , gcloud compute network-firewall-policies rules create and gcloud compute network-firewall-policies rules update commands.

Kpt

Kubernetes Engine

  • Promoted the GKE add-on BackupRestore of gcloud container clusters <create|update> to GA. This add-on is disabled by default.
    • Use --addons=BackupRestore to enable the add-on during cluster creation.
    • Use --update-addons=BackupRestore=ENABLED|DISABLED to enable/disable the add-on for existing GKE clusters.

Managed Active Directory

  • Promoted gcloud active-directory domains extend-schema to GA.

Network Security

  • Updated gcloud network-security address-groups list to include the TYPE, CAPACITY and USAGE columns in the output.
  • Updated gcloud network-security org-address-groups list to include the TYPE, CAPACITY and USAGE columns in the output.

Security Command Center

  • Updated gcloud scc notifications update to allow for project and folder parents.
  • Updated gcloud scc notifications create to allow for project and folder parents.
  • Updated gcloud scc notifications delete to allow for project and folder parents.
  • Updated gcloud scc notifications list to allow for project and folder parents.

405.0.1 (2022-10-14)

GKE Hub

  • Updated gke-gcloud-auth-plugin to 0.4.0.

Cloud Bigtable

  • Updated the version of cbt to v1.12.1.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

405.0.0 (2022-10-04)

Google Cloud CLI

  • Fixed issue where revoking impersonated ADC credentials caused a crash.
  • Fixed issue where it was not possible to set a logging configuration when creating a regional backend service in alpha and beta.

Anthos Multi-Cloud

  • Added --tags flag to gcloud container aws clusters update to update the tags assigned to control plane replicas.
  • Added --clear-tags flag to gcloud container aws clusters update to clear the tags assigned to control plane replicas.

App Engine

Artifact Registry

  • Automatically creates missing repos for gcloud beta artifacts settings enable-upgrade-redirection command.

Batch

  • Promoted gcloud batch to GA track.

Cloud Dataplex

  • Updated gcloud dataplex tasks create to support scheduling notebooks.

Cloud Firestore

  • Promoted gcloud firestore fields ttls command group to GA.

Cloud Spanner

  • Promoted gcloud spanner instance-configs [create|update|delete] to GA.

Cloud SQL

  • Promoted --time-zone flag of gcloud sql instances create command to GA.
  • Provided a helpful error message when Cloud SQL Proxy fails to start during gcloud sql connect command.

Cloud Run

  • Added gcloud beta run jobs replace to deploy a job from yaml.

Compute Engine

  • Added ubuntu-2204 and windows-11-x64-byol options to --os flag for:
    • gcloud compute images import in GA,
    • gcloud compute instances import in GA
    • gcloud compute machine-images import in GA
  • Updated gcloud compute instance-templates create not to crash if instantiate-from value is not specified in --configure-disk when using --source-instance flag.
  • Promoted --md5-authentication-key flag of gcloud compute routers add-bgp-peer to GA.
  • Promoted --md5-authentication-key and --clear-md5-authentication-key flags of gcloud compute routers update-bgp-peer to GA.

Firebase Test Lab

  • Delayed displaying information about the number of devices used until after all executions are created.

Identity and Access Management

  • Fixed an issue that would cause the Google Cloud CLI to crash when using invalid External Account Credentials.

Kubernetes Engine

  • Added a prompt when passing --enable-binauthz to gcloud container clusters update that acknowledges the current version of Binary Authorization will be downgraded.
  • Promoted --enable-cost-allocation flag of gcloud container clusters create to GA.
  • Promoted --enable-cost-allocation flag of gcloud container clusters update to GA.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

404.0.0 (2022-09-27)

App Engine

Assured Workloads

  • Promoted gcloud assured workloads violations commands to GA. This command provides the ability to create new Assured Workloads environment resources.

Batch

  • Improved error message formats for gcloud batch jobs submit unparsable json config file, gcloud batch jobs describe job and gcloud batch tasks describe task that does not exist.
  • Added new batch/location property that can be used to set a default location. To set the properties, run gcloud config set batch/location LOCATION.

BigQuery

  • Add support for storage_billing_model flag for datasets.
  • Allow users to log in with pluggable-auth based external account credentials.
  • Add support for configuring the access token lifetime for service account impersonation when using external account credentials.
  • Add session support for load jobs.

Cloud Asset Inventory

  • Added --saved-analysis-query option to gcloud asset analyze-iam-policy, which runs a saved analysis query when specified.
  • Added gcloud asset saved-queries commands, which creates, retrieves, updates and deletes saved queries in a specified project, folder or organization.

Cloud Memorystore

  • Added --maintenance-version flag to gcloud beta redis instances update to allow updating a maintenance version when updating an instance.

Cloud Storage

  • Added storage/key_store_path property for encryption/decryption keys.
  • Updated gsutil component to 5.14.

Compute Engine

  • Promoted --region for gcloud compute ssl-policies to GA.

Eventarc

  • Updated gcloud eventarc triggers list to return the locations of triggers.

Identity and Access Management

  • Fixed bug that occurs when switching external account credentials.

Kubernetes Engine

  • Adds new kubectl v1.25 for GKE rapid channel.
  • Removes old kubectl v1.19.
  • Updates default kubectl from 1.22.12 to 1.22.14.
  • Additional kubectl versions:
    • kubectl.1.20 (1.20.15)
    • kubectl.1.21 (1.21.14)
    • kubectl.1.22 (1.22.14)
    • kubectl.1.23 (1.23.11)
    • kubectl.1.24 (1.24.5)
    • kubectl.1.25 (1.25.1)

Managed Active Directory

  • Added support for gcloud beta active-directory domains migration for enabling existing domain migration.

Policy Troubleshooter

  • Updated gcloud policy-troubleshoot iam beta and GA Command to use V2Alpha1 API.

Stackdriver Monitoring

  • Added --validate-only flag to gcloud monitoring dashboards create to allow validating dashboards without saving.

Terraform

  • Fixed issue where http proxy environment variables were not used in gcloud beta terraform vet.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

403.0.0 (2022-09-20)

Breaking Changes

  • (Assured Workloads) Removed AU_REGIONS_AND_US_SUPPORT as compliance regime options for gcloud assured workloads create command.
  • (Assured Workloads) Removed messages related to 'Versioning' as they should not be used externally.
  • (Assured Workloads) Removed v1beta1 messages from v1 api and vice-versa.
  • (Assured Workloads) Updated violation acknowledge api to POST Request.

Google Cloud CLI

  • Fixed issue where MTLS endpoints were not used when use_client_certificate was true.
  • Fixed issue where gcloud auth application-default set-quota-project would fail if serviceusage.services.use permission was revoked from the active project.
  • Added bundled Python 3 as a default component on x86_64 component-based Linux installs. The bundled Python 3 interpreter will be preferred over the system Python interpreter when invoking the gcloud command-line tool.
    • The bundled Python 3 interpreter should work on supported Linux systems, but a different interpreter can be specified by setting the CLOUDSDK_PYTHON environment variable. See gcloud topic startup and https://cloud.google.com/sdk/docs/install#linux for more information.

AI

  • Added gcloud beta api indexes remove-datapoints and gcloud beta api indexes upsert-datapoints to support Matching Engine steaming update.

AlloyDB

  • Added support to specify automated backup policy in gcloud beta alloydb clusters create.
  • Updated gcloud beta alloydb clusters create to support PITR (point in time recovery) configuration via new --disable-pitr and --pitr-log-retention-window flags.

Artifact Registry

  • Fixed a bug where the plus sign ("+") was not escaped properly, making it impossible to delete artifacts with a plus sign in their version.

Batch

  • Improved error message formats for gcloud batch jobs submit unparsable json config file, gcloud batch jobs describe job and gcloud batch tasks describe task that does not exist.

BigQuery

  • Expose object_metadata for private preview.
  • Improve error message for unparseable parameters.

Binauthz

  • Updated gcloud container binauthz attestations list to also return occurrences in cases where the artifact-url does not begin with https.

Cloud DNS

  • Added Location flag to Cloud DNS Managed Zones, Response Policies GA commands. This flag can be specified to target Cloud DNS Zonal Servers.

Cloud Dataproc

  • Fixed issue where gcloud beta dataproc sessions list would hang when large numbers of sessions are present.

Cloud Deploy

  • Added new --from-run-manifest to gcloud deploy releases create command. When used, a Skaffold file will be generated using the Cloud Run manifest.

Cloud Run

  • Added --encryption-key-shutdown-hours flag to gcloud beta run deploy and gcloud beta run services update to set the number of hours to wait before an automatic shutdown server after CMEK key revocation is detected.
  • Added --clear-encryption-key-shutdown-hours flag to gcloud beta run deploy and gcloud beta run services update to clear the CMEK key shutdown hours setting.

Compute Engine

  • Updated gcloud compute instance-templates create to throw error if --machine-type/--labels flags are used with --source-instance.
  • Promoted --compression-mode flag to gcloud compute backend-services <create | update> to GA.
  • Promoted --compression-mode flag to gcloud compute backend-buckets <create | update> to GA.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

402.0.0 (2022-09-13)

Breaking Changes

  • (Google Cloud CLI) The gcloud command-line tool no longer overrides the scheme specified in the https_proxy environment variable. Previously, the scheme was silently ignored and the gcloud command-line tool would always attempt to connect to the proxy via HTTP, even if the proxy server URL specified HTTPS.
    • Note that the gcloud command-line tool does not currently support connecting to proxies via HTTPS (nor did it previously).
    • If attempting to connect to an HTTP proxy results in warnings or errors, ensure that the https_proxy environment variable looks like http://... as opposed to https://....
    • See https://cloud.google.com/sdk/docs/proxy-settings#proxy_configuration for more information.
  • (Batch) Deprecated positional argument TASK_GROUP of gcloud batch tasks list.
  • (Batch) Use --job as the required flag instead.

Anthos Multi-Cloud

  • Added --annotations flag to gcloud container aws node-pools create to set the annotations field when creating AWS node pools.
  • Added --annotations flag to gcloud container aws node-pools update to update the annotations of AWS node pools.
  • Added --clear-annotations flag to gcloud container aws node-pools update to clear the annotations of AWS node pools.

Batch

  • Updated --config flag to support job configs from Here Doc.

Cloud Dataproc

  • Fixed issue where gcloud dataproc batches list would hang when large numbers of batches are present.

Cloud Deploy

  • Added gcloud deploy targets redeploy command to redeploy a release to a given target.
  • Added gcloud deploy rollouts retry-job, gcloud deploy job-runs list, and gcloud deploy job-runs describe commands for Deployment Verification Public Preview.

Cloud Run

  • Fixed issue where job-level labels are not propagated to its execution.
  • Added last updated message to gcloud beta run jobs describe output.

Cloud Storage

  • Updated gsutil component to 5.13.
  • Promoted gcloud storage to GA.

Compute Engine

  • Added -iam-policyand-iam-policy-bindingstogcloud compute backend-services` for GA.
  • Added gcloud compute security-policies rules add-preconfig-waf-exclusion|remove-preconfig-waf-exclusion in alpha and beta.

Config Connector

GKE Hub

  • Added new argument to the following commands:
    • gcloud container hub mesh update --management automatic.
    • gcloud container fleet mesh update --management automatic.

Identity and Access Management

  • Added support for executable-sourced external account credentials.
  • Added support for configuring the access token lifetime for service account impersonation when using external account credentials.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

401.0.0 (2022-09-07)

Google Cloud CLI

  • Added warning message to indicate support for Python 2 will soon be deprecated.

AlloyDB

  • Added --view flag to gcloud alpha alloydb instances describe to get the view of AlloyDB instance. --view=BASIC will be the same response as describe instance without this flag, and --view=FULL for read pool instance will list the details of each node in the pool.

Anthos Multi-Cloud

  • Added --description flag to gcloud container aws clusters update to update the description of AWS clusters.
  • Added --clear-description flag to gcloud container aws clusters update to clear the description of AWS clusters.
  • Added --annotations flag to gcloud container aws clusters update to update the annotations of AWS clusters.
  • Added --clear-annotations flag to gcloud container aws clusters update to clear the annotations of AWS clusters.
  • Added --description flag to gcloud container azure clusters create to set the description field when creating Azure clusters.
  • Added --annotations flag to gcloud container azure clusters create to set the annotations field when creating Azure clusters.
  • Added --description flag to gcloud container azure clusters update to update the description of Azure clusters.
  • Added --clear-description flag to gcloud container azure clusters update to clear the description of Azure clusters.
  • Added --annotations flag to gcloud container azure clusters update to update the annotations of Azure clusters.
  • Added --clear-annotations flag to gcloud container azure clusters update to clear the annotations of Azure clusters.

Cloud Run

  • Added execution log URI to gcloud beta run jobs executions describe output.

Compute Engine

  • Promoted --snapshot-type flag of gcloud compute snapshots create to GA.
  • Added --json-custom-content-types for gcloud compute security-policies update, and promoted it to beta and GA.
  • Promoted --guest-os-features flag of gcloud compute images import to GA.
  • Promoted gcloud compute firewall-rules migrate to beta.
  • Added --share-setting and --share-with flags to gcloud compute sole-tenancy node-groups create|update for GA.
  • Added --share-settings flag to gcloud compute sole-tenancy node-groups list for GA.
  • Added --node-project flag to gcloud compute instances create for GA.

Network Management

  • Added cloudFunction argument for source in gcloud network-management connectivity-tests. This allows the user to run tests using Cloud Function endpoint types as source.

Stackdriver Logging

  • Promoted the following commands to beta and GA:

    • gcloud logging copy
    • gcloud logging settings get
    • gcloud logging settings update
    • gcloud logging operations cancel
    • gcloud logging operations describe
    • gcloud logging operations list

  • Promoted --bucket-name flag of gcloud logging metrics to beta and GA.

  • Promoted --cmke-kms-key-name flag of gcloud logging buckets to beta and GA.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

400.0.0 (2022-08-30)

Breaking Changes

  • (Anthos Multi-Cloud) Removed aws/location property of gcloud container aws. Use container_aws/location to set the default Google Cloud location for gcloud container aws.
  • (Anthos Multi-Cloud) Removed azure/location property of gcloud container azure. Use container_azure/location to set the default Google Cloud location for gcloud container azure.

Anthos Multi-Cloud

  • Added --description flag to gcloud container aws clusters create to set the description field when creating AWS clusters.
  • Added --annotations flag to gcloud container aws clusters create to set the annotations field when creating AWS clusters.

App Engine

  • Use java17 as the default runtime for generated configuration. This is a behavior change with the command gcloud app deploy when there is no app.yaml configuration for Java projects (Maven, or Gradle, or simple jar). Instead of using a java11 runtime target, the application will be deployed now on a java17 runtime with a F2 instance class. If you want to stay on a java11 runtime, just create a simple app.yaml file with runtime: java11 in it.

Artifact Registry

  • Fixed issue where gcloud artifacts repositories create requires excessive permission when a kms key is supplied.

BigQuery

  • Add support for specifying vertex_ai_model_id when in the BigQuery ML update model AI.
  • Add support for preserving embedded Ascii Control characters in CSV External tables.
  • Add support for serving_default signature when exporting BigQuery trained Tensorflow models.
  • Add support for reference file schema for AVRO, PARQUET, and ORC formats.
  • Add support for BigSpark routines.
  • Fix bug when api flag is used within a restricted network.
  • Add support metadata_cache_mode and max_staleness for Query Acceleration on BigLake tables.
  • Add support for BigSpark connections.

Cloud Asset Inventory

  • Added gcloud beta asset query.
  • Added --read-time, --start-time, --end-time, --bigquery-dataset, --bigquery-table, and --write-disposition flags to support point-in-time/range queries and export to BigQuery.

Cloud Run

  • Changed the link in gcloud beta run jobs execute output to the UI of the resulted execution instead of its logging UI.
  • Added elapsed time to gcloud beta run jobs executions describe output. This is between execution creation timestamp and execution completion timestamp.

Cloud Spanner

  • Added --database-role flag to gcloud spanner databases to support role-based access control in Cloud Spanner.
  • Added gcloud beta spanner databases roles list to list all roles in Cloud Spanner database.

Config Connector

Kubernetes Engine

  • Added --logging-variant flag to gcloud container clusters create, gcloud container clusters update, gcloud container node-pools create and gcloud container node-pools update that allow users to set the logging variant used in the cluster or in the node pools. Selecting logging variant is available in clusters with version 1.24.2-gke.300+. --logging_variant is used to choose the desired logging agent that is deployed on GKE nodes. Valid options are MAX_THROUGHPUT and DEFAULT. For more details about configuring the logging agent to achieve desired throughput, see http://cloud/stackdriver/docs/solutions/gke/managing-logs#throughput.

Secret Manager

  • Added --update-annotations flag to gcloud secrets update and gcloud secrets beta update to enable the addition of new annotations to secret versions.
  • Added --remove-annotations flag to gcloud secrets update and gcloud secrets beta update to enable the removal of annotations to secret versions.
  • Added --clear-annotations flag to gcloud secrets update and gcloud secrets beta update to enable the clearing of all annotations from a secret.
  • Added --set-annotations flag to gcloud secrets create and gcloud secrets beta create to enable the setting of annotations on new secrets.
  • Added --out-file flag to gcloud secrets versions access and gcloud beta secrets versions access to directly get the output in file.

Terraform

  • Added support for the following resources in CAI-based policies:
    • google_cloudfunctions2_function_iam_binding
    • google_cloudfunctions2_function_iam_member
    • google_cloudfunctions2_function_iam_policy
    • google_gke_hub_membership_iam_binding
    • google_gke_hub_membership_iam_member
    • google_gke_hub_membership_iam_policy
  • TF -> CAI resource conversion compiled against google provider version 4.33.0.
  • Fixed asset names for the following resources:
    • google_compute_backend_service_iam
    • google_compute_instance_iam
    • google_compute_region_backend_service_iam
    • google_privateca_certificate_template_iam
  • Added support for organizations/unknown in CAI-based policy match parameters.
  • Enabled support for non-Google Terraform resources in TF-based policies.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

399.0.0 (2022-08-23)

AlloyDB

  • Added --cluster flag to gcloud beta alloydb operations list to enable listing of operations pertaining to a given cluster.
  • Updated gcloud beta alloydb clusters restore to support PITR (point in time recovery) via new --source-cluster and --point-in-time flags.

App Engine

Cloud Asset Inventory

  • Added gcloud asset get-effective-iam-policy command, which retrieves batch effective IAM policies for a specified list of resources within specified accessible scope.

Cloud Dataflow

  • Added GO to gcloud flex-template build command SDK Language options, allowing users to submit Go Flex Template jobs.

Cloud Functions

  • Move Python 3.10 for Cloud Functions to GA.

Cloud Org Policy

  • Added gcloud org-policies {custom constraint} commands that allow users to create, update, list, describe, and delete org policy custom constraints.
  • gcloud org-policies set-custom-constraint
  • gcloud org-policies describe-custom-constraint
  • gcloud org-policies delete-custom-constraint
  • gcloud org-policies list-custom-constraints.

Cloud SQL

  • Set the maximum allowed value for --storage-auto-increase-limit in gcloud beta sql instances create to the max value of int. This removes the hardcoded limit of 10230.

Cloud Spanner

  • Promoted gcloud spanner samples to beta and GA. Commands in this group support creating sample databases and running open source sample applications.
  • Added --instance-type, --expire-behavior flags to spanner instances create and spanner instances update to add ability to create free instances in GA.
  • Added instance_type column for spanner instances list and free_instance_availability column for spanner instance-configs list.

Compute Engine

  • Promoted --architecture flag of gcloud compute disks create to GA.
  • Promoted --update-architecture flags of gcloud compute disks update to GA.
  • Promoted --clear-architecture flags of gcloud compute disks update to GA.
  • Promoted --architecture flag of gcloud compute images create and gcloud compute disks update to GA.

Network Services

  • Promoted gcloud network-services tls-routes to GA.

Notebooks

  • Added notebooks runtimes command group which provides access to AI Platform Notebooks' runtimes.

Transfer

  • Added multipart copy feature to agent setup flags.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

398.0.0 (2022-08-16)

AI

  • Promoted --autoscaling-metric-specs flag of gcloud ai endpoints deploy-model to GA.
  • Added --encryption-kms-key-name flag to gcloud ai endpoints create and gcloud beta ai endpoints create.

Artifact Registry

  • Updated gcloud artifacts docker images describe and gcloud artifacts docker images list to return occurrences of any Grafeas kind.
  • Added gcloud artifacts repositories set-cleanup-policy to set a cleanup policy on a repository.
  • Added gcloud artifacts repositories list-cleanup-policy to list cleanup policies on a repository.
  • Added gcloud artifacts repositories delete-cleanup-policy to delete cleanup policies on a repository.

Cloud DNS

  • Added support for the ALIAS record set type to beta. ALIAS record sets can be created/modified using --type flag in gcloud beta dns record-sets command group.

Cloud Dataproc

  • Fixed issue where gcloud dataproc clusters enable-personal-auth-session-session did not successfully inject credentials.

Cloud Deploy

  • Added support for absolute paths for "--skaffold-file flag of gcloud deploy releases create commmand".

Cloud Memorystore

  • Promoted --customer-managed-key flags of gcloud redis instances create to GA.

Cloud Run

  • Promoted --cpu-boost flag to beta.

Cloud SQL

  • Added --deletion-protection flag to gcloud sql instances create and gcloud sql instances patch in alpha, beta and GA to provide Cloud SQL instances with protection against accidental deletion.

Cloud Spanner

  • Updated default timeout for gcloud spanner databases execute-sql to 10 minutes.

Cloud Storage

  • Updated gsutil component to 5.12.

Compute Engine

  • Deprecated --load-balancing-scheme, --network, --subnet, and --subnet-region arguments of gcloud compute forwarding-rules set-target.
  • Promoted --resource-policies flag for glcloud compute reservations createto beta.
  • Promoted --region and --global flags for gcloud compute url-maps invalidate-cdn-cache and gcloud compute url-maps list-cdn-cache-invalidations to GA.
  • Added region information to gcloud compute health-checks list output.
  • Deprecated --no-serve-while-stale argument of gcloud compute [backend-services|backend-buckets] [create|update].
  • Promoted --architecture flag of gcloud compute instances create and gcloud compute instanceTemplates create to GA.

Eventarc

  • Updated WARNING text for trigger creation from 10 minutes to 2 minutes.

Network Services

  • Promoted gcloud network-services gateways to GA.
    • Promoted gcloud network-services meshes to GA.
    • Promoted gcloud network-services tcp-routes to GA.
    • Promoted gcloud network-services grpc-routes to GA.
    • Promoted gcloud network-services http-routes to GA.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

397.0.0 (2022-08-09)

Breaking Changes

  • (Cloud Datastore) Deprecated gcloud datastore database create. Use gcloud alpha firestore database update --type=datastore-mode instead.
  • (Cloud Firestore) The gcloud firestore database create will be required to administer your database. Please enable the API and ensure you have the required permissions. See https://cloud.google.com/firestore/docs/app-engine-requirement.
  • (Cloud Firestore) gcloud firestore database create will no longer support App Engine regions (us-central, europe-west). See https://cloud.google.com/firestore/docs/locations for available regions.

AI

  • Added --request-response-logging-table and --request-response-logging-rate flags to gcloud ai endpoints create|update to allow config prediction endpoint request-response logging.

Artifact Registry

  • Added gcloud artifacts versions describe command.
  • Added gcloud artifacts settings to describe/modify project settings.

Batch

  • Modified gcloud batch jobs list to use --location as an optional flag.

Cloud DNS

  • Update record-sets create and update methods for health checked routing policies.

Cloud Datastore Emulator

  • Release Cloud Datastore emulator v2.2.2
    • Fixed bug which caused failures when attempting to Export.

Cloud Identity-Aware Proxy

  • Promoted host based flags to GA for surfacesgcloud compute ssh,gcloud compute scp and gcloud compute start-iap-tunnel.

Cloud Run

  • Added Startup Probe and Liveness Probe fields to the output of gcloud run services describe [SERVICE].

Compute Engine

  • Added 'network-firewall-policyand 'network-regional-firewall-policy to TYPE column of 'compute instances network-interfaces get-effective-firewalls` output.

Config Connector

Terraform

  • Added support for the following resources in CAI-based policies:
    • google_artifact_registry_repository_iam_binding
    • google_artifact_registry_repository_iam_member
    • google_artifact_registry_repository_iam_policy
    • google_bigquery_connection_iam_binding
    • google_bigquery_connection_iam_member
    • google_bigquery_connection_iam_policy
    • google_cloud_tasks_queue_iam_binding
    • google_cloud_tasks_queue_iam_member
    • google_cloud_tasks_queue_iam_policy
    • google_cloudiot_registry_iam_binding
    • google_cloudiot_registry_iam_member
    • google_cloudiot_registry_iam_policy
    • google_compute_backend_bucket_iam_binding
    • google_compute_backend_bucket_iam_member
    • google_compute_backend_bucket_iam_policy
    • google_compute_snapshot_iam_binding
    • google_compute_snapshot_iam_member
    • google_compute_snapshot_iam_policy
    • google_dataproc_autoscaling_policy_iam_binding
    • google_dataproc_autoscaling_policy_iam_member
    • google_dataproc_autoscaling_policy_iam_policy
    • google_dataproc_metastore_service_iam_binding
    • google_dataproc_metastore_service_iam_member
    • google_dataproc_metastore_service_iam_policy
  • TF -> CAI resource conversion compiled against google provider version 4.30.0.
  • Resources without a known project, folder, or organization will have their ancestry set to organizations/unknown instead of throwing a 403 error that halts validation.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

396.0.0 (2022-08-02)

AI

  • Added --labels flag to gcloud ai models upload to support setting labels. Use --labels flag to set metadata to organize your models and model versions. Label keys and values can be no longer than 64 characters (Unicode codepoints), can only contain lowercase letters, numeric characters, underscores and dashes. International characters are allowed. See https://goo.gl/xmQnxf for more information and examples of labels.

Cloud Identity-Aware Proxy

  • Promoted gcloud iap tcp dest-groups to GA.

Cloud Logging

  • Promoted --index flag of gcloud logging buckets create to GA.
  • Promoted --clear-indexes flag of gcloud logging buckets update to GA.
  • Promoted --remove-indexes flag of gcloud logging buckets update to GA.
  • Promoted --add-index flag of gcloud logging buckets update to GA.
  • Promoted --update-index flag of gcloud logging buckets update to GA.

Compute Engine

  • Promoted --maintenance-interval flag of gcloud compute commitments create to beta.

Compute OS Config

  • Promoted gcloud compute os-config troubleshoot to GA.
    • Troubleshoot common issues with VM Manager.

Config Connector

Database Migration

  • Fixed issue where creation of a migration job in a project inside a VPC-SC perimeter constantly failed.
  • Fixed issue where creation of a connection profile in a project inside a VPC-SC perimeter constantly failed.

Identity Groups

  • Fixed issue where gcloud identity groups create will fail when specifying --group-type=security.

Identity and Access Management

  • Added --service-account-token-lifetime-seconds flag to gcloud iam <workforce-pools|workload-identity-pools> create-cred-config command to allow configuring the access token lifespan for service account impersonation.

Recommender

  • Added support for gcloud recommender recommender-config describe.
  • Added support for gcloud recommender recommender-config update.
  • Added support for gcloud recommender insight-type-config describe.
  • Added support for gcloud recommender insight-type-config update.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

395.0.0 (2022-07-26)

AI

  • Modified gcloud ai models upload to support model version aliases. Use --version-aliases flag to set version aliases so that a model version can be referenced via alias (i.e. projects/{project}/locations/{location}/models/{model_id}@{version_alias} instead of auto-generated version id (i.e. projects/{project}/locations/{location}/models/{model_id}@{version_id}). The format is [a-z][a-zA-Z0-9-]{0,126}[a-z0-9] to distinguish from version_id. The aliases set in the flag will replace the aliases set in the model.

App Engine

Artifact Registry

  • Added gcloud artifacts packages describe command.

Cloud Deploy

  • Added new --from-k8s-manifest to releases create command. When used, a Skaffold file will be generated.

Cloud Domains

  • Implemented the following commands for gcloud domains registrations in alpha and beta.
    • import
    • list-importable-domains

Cloud Functions

  • Updated gcloud functions list to return 2nd gen functions in addition to 1st gen functions.
  • Fixed crash in gcloud beta functions deploy --gen2 failures causing the error message "This stage does not belong to this progress tracker".
  • Promoted --gen2 flag of gcloud functions add-iam-policy-binding to GA.
  • Promoted --gen2 flag of gcloud functions call to GA.
  • Promoted --gen2 flag of gcloud functions delete to GA.
  • Promoted --gen2 flag of gcloud functions deploy to GA.
  • Promoted --gen2 flag of gcloud functions describe to GA.
  • Promoted --gen2 flag of gcloud functions get-iam-policy to GA.
  • Promoted --gen2 flag of gcloud functions remove-iam-policy-binding to GA.
  • Promoted --gen2 flag of gcloud functions set-iam-policy to GA.
  • Promoted --gen2 flag of gcloud functions event-types list to GA.
  • Promoted --gen2 flag of gcloud functions logs read to GA.
  • Promoted --gen2 flag of gcloud functions regions list to GA.
  • Promoted gcloud functions add-invoker-policy-binding to GA.
  • Promoted gcloud functions remove-invoker-policy-binding to GA.

Cloud Healthcare

  • Added --schema-type value analytics_v2 to gcloud healthcare fhir-stores export bq.

Cloud Identity-Aware Proxy

  • Renamed flag --group-name to --dest-group forgcloud iap tcp dest-groups IAM commands.

Cloud Pub/Sub

  • Fixed issue where gcloud pubsub subscriptions create and gcloud pubsub subscriptions update will crash when specifying --min-retry-delay=0 and/or --max-retry-delay=0.
  • Fixed issue where gcloud pubsub subscriptions create will crash when specifying --retention_duration=0.

Cloud Run

  • Added --description flag in gcloud run deploy, and description field in gcloud run services describe [SERVICE].
    • Description is an optional, human-readable string of up to 512 characters.
    • Using the flag is functionally equivalent to adding service annotation "run.googleapis.com/description".

Compute Engine

  • Added --update-user-licenses and --clear-user-licenses flags of gcloud compute images update to alpha and beta.
  • Made global scope the default for gcloud compute security-policies.

Config Controller

  • Added --man-blocks flag to gcloud anthos config controller create to allow specifying multiple master authorized network CIDR blocks for a CC instance.
  • Deprecated --man-block flag of gcloud anthos config controller create. Use --man-blocks to set master authorized network CIDR block.
  • Modified gcloud anthos config controller list to print out only the instance name instead of the fully specified name.
  • Added --full-name flag to gcloud anthos config controller list to allow users printing out the fully specified name in the NAME column when needed.

GKE Hub

  • Promote gcloud container hub memberships generate-gateway-rbac to GA.

Kubernetes Engine

  • Add cgroupMode node system config option to allow switching nodes to cgroupv1 or cgroupv2.
  • Updates default kubectl from 1.22.9 to 1.22.12
  • Additional kubectl versions:
    • kubectl.1.19 (1.19.16)
    • kubectl.1.20 (1.20.15)
    • kubectl.1.21 (1.21.14)
    • kubectl.1.22 (1.22.12)
    • kubectl.1.23 (1.23.9)
    • kubectl.1.24 (1.24.3)

Pubsub Emulator

  • Added support for creating BigQuery subscriptions.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

394.0.0 (2022-07-19)

AI

  • Modified gcloud ai models describe to support model versioning.
  • Added europe-west9 option to --region flag of gcloud ai custom-jobs and gcloud ai hp-tuning-jobs.
    • Provide the model version ID or version alias to retrieve a specific version of the model.
    • If no model version ID or alias is specified, the "default" model version will be used. The "default" version alias is created for the first version of the model, and can be moved to other versions later on. There will be exactly one default version.
  • Added gcloud ai models delete-version which deletes an existing Vertex AI model version.

Anthos Multi-Cloud

  • Added --ssh-public-key flag to gcloud container azure node-pools update to update the SSH public key for the Azure node pool nodes.

Artifact Registry

  • Fixed a bug where the plus sign ("+") was not escaped properly, making it impossible to delete artifacts with a plus sign in their name.

Bare Metal Solution

  • Started using v2.projects.locations.operations instead of v1.operations for the following commands:
    • gcloud bms instances start
    • gcloud bms instances reset
    • gcloud bms instances disable-serial-console
    • gcloud bms instances enable-serial-console
    • gcloud bms instances update
    • gcloud bms networks update
    • gcloud bms nfs-shares update
    • gcloud bms volumes update
    • gcloud bms volumes restore
    • gcloud bms operations describe
    • gcloud bms operations wait
  • Promoted --os-image flag of gcloud bms instances update to GA.
  • Promoted --[no-]enable-hyperthreading flag of gcloud bms instances update to GA.
  • Promoted --add-ip-range-reservation flag of gcloud bms networks update to GA.
  • Promoted --clear-ip-range-reservations flag of gcloud bms networks update to GA.
  • Promoted --remove-ip-range-reservation flag of gcloud bms networks update to GA.
  • Promoted gcloud bms networks list-ip-reservations to GA.

Batch

  • Promoted gcloud batch to alpha and beta which enables the CLI to use Batch APIs.

Cloud Deploy

  • Changed the default bucket name upload path on release create to use the pipeline UUID.
  • Added mutex flags --enable-initial-rollout and --disable-initial-rollout.

Cloud Key Management Service

  • Modified gcloud kms import-jobs create to accept new SHA-2 import methods rsa-oaep-3072-sha256, rsa-oaep-3072-sha256-aes-256, rsa-oaep-4096-sha256, and rsa-oaep-4096-sha256-aes-256 in beta.

Cloud SQL

  • Added support for incremental addition of user password policies.

Cloud Storage

  • Updated gsutil component to 5.11.

Compute Engine

  • Added --layer7-ddos-defense-auto-deploy-load-threshold, --layer7-ddos-defense-auto-deploy-confidence-threshold, --layer7-ddos-defense-auto-deploy-impacted-baseline-threshold, and --layer7-ddos-defense-auto-deploy-expiration-sec to gcloud compute security-policies update to gcloud beta compute security-policies update.
  • Promoted flags --enable-strong-affinity of gcloud compute backend-services create and gcloud compute backend-services update to GA.

Google Cloud CLI

  • Replaced the default login flow when a browser is not detected from --no-browser to --no-launch-browser.

Identity and Access Management

  • Removed etag flag from gcloud beta iam policies update command. The command will always use the etag in the policy file.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

393.0.0 (2022-07-12)

Breaking Changes

  • (AlloyDB) Updated gcloud beta alloydb instances create and gcloud beta alloydb instances update to remove the unused --zone flag.
  • (Cloud Datastore Emulator) Removed support for running the Datastore emulator (gcloud beta emulators datastore start) in environment with Java versions prior to 11. Users can upgrade to Java 11 or above to continue using the latest Datastore emulator. Alternatively, users can use gcloud command-line tool with version before 392.0.0 to continue using the previous Datastore emulator with Java 8 support.
  • (Cloud Firestore Emulator) Removed support for running the Firestore emulator (gcloud beta emulators firestore start) in environment with Java versions prior to 11. Users can upgrade to Java 11 or above to continue using the latest Firestore emulator. Alternatively, users can use gcloud command-line tool with version before 392.0.0 to continue using the previous Firestore emulator with Java 8 support.

AI

  • Added gcloud ai models delete-version which delete an existing Vertex AI model version.
  • Modified gcloud ai models upload to support model versioning. Use --parent-model flag to specify the parent model of the model version to be uploaded. When this flag is specified, a new version of the parent model will be uploaded. Use --model-id flag to specify the model ID for the uploaded model.
  • Fixed an issue for gcloud ai custom-jobs create that the value of the --args and --command flags are not passed when the --worker-pool-spec flag is left unspecified.

AlloyDB

  • Updated gcloud beta alloydb instances create and gcloud beta alloydb instances update to allow --cpu-count of 2.

Artifact Registry

  • Fixed issue where gcloud artifacts packages delete requires the package id unescaped.

Cloud Dataproc

  • Added bootDiskKmsKey key in --pools flag to gcloud dataproc clusters gke create to allow creating Dataproc on GKE cluster with CMEK protected node pool.

Cloud Datastream

  • Added --bigquery-destination-config flag to gcloud datastream streams <create/update>.
  • Added bigquery type to --type flag of datastream connection-profiles <create/update>.

Cloud Deploy

  • Added optional flags --labels and --annotations for users to add labels or annotations to apply to gcloud deploy targets rollback command.

Cloud Firestore Emulator

  • Release Cloud Firestore emulator v1.14.4
    • Fix: Condition Normalization now correctly handles cartesian products and flattening in certain edge cases.

Cloud Functions

  • Promoted --docker-registry flag of gcloud functions deploy to GA.
  • Move PHP 8.1 for Cloud Functions to GA.
  • Added gcloud functions runtimes list which displays the supported runtimes for both 1st & 2nd generation functions.

Cloud Key Management Service

  • Promoted --wrapped-key-file flag of gcloud kms keys versions import to GA.
  • Deprecated --rsa-aes-wrapped-key-file flag of gcloud kms keys versions import. Use --wrapped-key-file instead.

Cloud Memorystore

  • Promoted --persistence-mode, --rdb-snapshot-period and --rdb-snapshot-start-time flags of gcloud redis instances create to GA.
  • Promoted --persistence-mode, --rdb-snapshot-period and --rdb-snapshot-start-time flags of gcloud redis instances update to GA.

Cloud SQL

  • Added flag --password-policy-enable-password-verification to gcloud sql users create and gcloud sql users set-password-policy for MySQL password validation.
  • Added flags --discard-dual-password and --retain-password to gcloud sql users set-password to allow control over MySQL's dual password.

Cloud Speech API

  • Added latest_short and latest_long options for gcloud ml speech <recognize | recognize-long-running> --model flag.

Cloud TPU

  • Updated tpus tpu-vm ssh to return an error when users attempt to ssh into a TPU VM during a maintenance event.

Compute Engine

  • Promoted --target-distribution-shape flag of gcloud compute instances bulk create to GA.
  • Promoted --key-revocation-action-type flag to GA for gcloud compute instance-templates create.
  • Promoted explicit scope requirement for gcloud compute security-policies to beta.
  • Promoted --network-ddos-protection flag of gcloud compute security-policies create to beta.
  • Promoted gcloud compute network-edge-security-services to beta.
  • Promoted --key-reservation-action-type flag to GA for gcloud compute instances create.
  • Promoted keyRevocationActionType property of gcloud compute instances update-from-file to GA.

Compute Firewall Policies

  • Promoted --src-region-codes and --dest-region-codes flags to beta in gcloud compute firewall-policies rules create , gcloud compute firewall-policies rules update , gcloud compute network-firewall-policies rules create and gcloud compute network-firewall-policies rules update commands.
  • Promoted --src-threat-intelligence and --dest-threat-intelligence flags to beta in gcloud compute firewall-policies rules create , gcloud compute firewall-policies rules update , gcloud compute network-firewall-policies rules create and gcloud compute network-firewall-policies rules update commands.

Config Connector

Config Controller

  • Added --man-blocks flag to gcloud anthos config controller create to allow specifying multiple master authorized network CIDR blocks for a CC instance.
  • Deprecated --man-block flag of gcloud anthos config controller create. Use --man-blocks to set master authorized network CIDR block.

Kubernetes Engine

  • Added --binauthz-evaluation-mode flag to gcloud container clusters create command.
  • Added --binauthz-evaluation-mode flag to gcloud container clusters create-auto command.
  • Added --binauthz-evaluation-mode flag to gcloud container clusters update command.
  • Added --total-max-nodes and --total-min-nodes to gcloud container cluster/node-pools create/update that allow users to set total size limits for autoscaled nodepools. The limits are available in clusters with version 1.24+.
  • Added --location-policy to gcloud container cluster/node-pools create/update that allow users to set location policy for autoscaled nodepools. The location policy is available in clusters with version 1.24.1-gke.800+.

Transcoder

  • added support for --labels flag when creating a new job/job template.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

392.0.0 (2022-06-28)

Anthos Multi-Cloud

  • Added --iam-instance-profile flag to gcloud container aws clusters update and gcloud container aws node-pools update to update the name or ARN of the IAM instance profile associated with control plane or node pool.
  • Added --ssh-public-key flag to gcloud container azure clusters update to update the SSH public key for the Azure control plane.
  • Added --logging flag to gcloud container aws clusters update and gcloud container azure clusters update to update the logging config.

App Engine

Certificate Authority Service

  • Added --unconstrained-chain-length flag to gcloud privateca subordinates create to allow creation of a subordinate CA with unconstrained chain length.
  • Added --unconstrained-chain-length flag to gcloud privateca roots create to allow creation of a root CA with unconstrained chain length.
  • Added --unconstrained-chain-length flag to gcloud privateca certificates create to allow creation of a CA with unconstrained chain length.

Certificate Manager

  • Promoted gcloud certificate-manager to GA.
  • Allowed using project number in gcloud certificate-manager commands.

Cloud Bigtable

  • Promoted gcloud bigtable instances tables undelete to beta and GA.
  • Added --autoscaling-storage-target flags to gcloud bigtable clusters create for alpha, beta and GA to let users create autoscaling clusters with configurable storage target.
  • Added key autoscaling-storage-target to --cluster-config flag of gcloud bigtable instances create for alpha, beta and GA to let users create autoscaling clusters with configurable storage target.
  • Added --autoscaling-storage-target flag to gcloud bigtable clusters update for alpha, beta and GA to let users configure autoscaling storage target when updating clusters.

Cloud Deploy

  • Added new command gcloud deploy releases abandon to prevent new rollouts on a Cloud Deploy release.
  • Added suspended field to the Delivery Pipeline resource. If this field is set, activity on a pipeline is prevented. The field can be set or unset in the Delivery Pipeline definition, and then applied using gcloud deploy apply.

Cloud TPU

  • Fixed an issue with connection to TPU VMs when the 'compute.disableGuestAttributesAccess' Organization Policy Constraint is enforced.

Compute Engine

  • Added --list-managed-instances-results flag to gcloud beta compute instance-groups managed create and gcloud beta compute instance-groups managed update.
  • Promoted --certificate-map of 'compute target-https-proxies insert|update` to GA.
  • Promoted --certificate-map of 'compute target-ssl-proxies insert|update` to GA.

Dataproc Metastore

  • Promoted --network-config-from-file and --consumer-subnetworks flag to gcloud beta metastore services create to specify the subnetworks from which the Dataproc Metastore service can be accessed to GA.

Eventarc

  • Added gcloud eventarc google-channels command group.
  • Added gcloud eventarc channels update command to configure crypto keys on a channel.
  • Added --crypto-key flag to gcloud eventarc channels create to configure crypto keys on a new channel.

Google Cloud CLI

  • Updated login flow initiated by gcloud auth login --no-launch-browser and gcloud auth application-default login --no-launch-browser to address a security issue.

Kubernetes Engine

  • Promoted --enable-cost-allocation flag of gcloud container clusters create to beta.
  • Promoted --enable-cost-allocation flag of gcloud container clusters update to beta.
  • Renamed --enable-cost-management flag of gcloud container clusters create to --enable-cost-allocation.
  • Renamed --enable-cost-management flag of gcloud container clusters update to --enable-cost-allocation.
  • Added --stack-type and --ipv6-access-type arguments to gcloud container clusters create command to support dual stack GKE clusters.

Terraform

  • Added support for the following resources in CAI-based policies:
    • google_access_context_manager_access_policy
  • TF -> CAI resource conversion compiled against google provider version 4.24.0.
  • Fixed the ancestry used for resources that do not exist within a project. Users may need folders.get access to folders that have resources included in the plan.
  • Simplified converter error messages and added resource address.
  • Added support for ancestries/excludedAncestries match parameters for CAI-based constraints.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

391.0.0 (2022-06-22)

Breaking Changes

  • (Anthos Multi-Cloud) Removed --instance-type flag of gcloud container aws node-pools update to disable updating the EC2 instance type of node pool nodes.

Assured Workloads

  • Added ITAR as compliance regime options for gcloud assured workloads create command.

Cloud Dataflow

  • Added a --force flag to gcloud dataflow jobs cancel which forcibly cancels (leaking VMs) Dataflow jobs that are stuck on normal cancellation.

Cloud Filestore

  • Enable Filestore High-Scale tier for GA.

Cloud Identity-Aware Proxy

  • Promoted flags for host based connetion for command gcloud compute start-iap-tunnel to beta.
  • Promoted gcloud iap oauth-brands surface to GA.
  • Promoted gcloud iap oauth-clients surface to GA.

Cloud SQL

  • Promoted SQL Server Audit to GA.

Compute Engine

  • Updated gcloud compute networks subnets list-usable list format to include PSC and IPv6 fields.

Dataproc Metastore

  • Added support for managing Dataproc Metastore Federation. The following commands have been added to the alpha, beta and GA release tracks:

    • metastore federations create
    • metastore federations delete
    • metastore federations describe
    • metastore federations get
    • metastore federations list
    • metastore federations update

  • Added support for managing IAM policy for Dataproc Metastore Federation. The following commands have been added to the GA release track:

    • metastore federations get-iam-policy
    • metastore federations set-iam-policy
    • metastore federations add-iam-policy-binding
    • metastore federations remove-iam-policy-binding

Identity and Access Management

  • Added --executable-command flag to gcloud iam workload-identity-pools create-cred-config command to allow executable sourced credentials.

Managed Active Directory

  • Adding support for gcloud beta active-directory domains extend-schema for initiating schema extension on domain.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

390.0.0 (2022-06-14)

Access Approval

  • Added gcloud access-approval requests invalidate to invalidate an existing approval.

BigQuery

  • Add support for partitioning_type with --time_partitioning_type flag in Scheduled Queries when a schedule is specified by --schedule in bq query.
  • Added support for showing table clone info in bq show.
  • Added support for both Workload and Workforce identity federation.
  • Added --max_time_travel_hours flag to bq mk.
  • Added --autodetect_schema flag to bq update.
  • Added flag --preserve_ascii_control_characters to bq load to allow ASCII Control chars.
  • Updated the comment on --restore flag in bq cp to reflect that it's deprecated.
  • Added support for dataset tags.
  • Minor bug fixes and dependency updates.
  • Add --federated_app_client_id and --federated_azure flags to mk command.
  • Add --federated_app_client_id flag to update command.
  • Add support for LOAD DATA query.

Cloud Dataproc

  • Added --metric-sources, --metric-overrides and --metric-overrides-file flags to gcloud beta dataproc clusters create to allow clusters to be created with a metric sources specified, override specific set of metrics using a list or a file as an input.
  • Added --metric-sources, --metric-overrides and --metric-overrides-file flag to gcloud beta dataproc workflow-templates set-managed-cluster to allow managed clusters created with a metric sources specified, override specific set of metrics using a list or a file as an input.
  • Modified gcloud dataproc clusters export to remove un-importable fields on Dataproc on GKE clusters.

Cloud Firestore

  • Added gcloud beta firestore fields ttls command group.

Cloud Pub/Sub

  • Fixed issue where gcloud --format=json beta pubsub subscriptions pull --auto-ack and gcloud --format=json alpha pubsub subscriptions pull --auto-ack output was backwards incompatible. This issue can be tracked at https://issuetracker.google.com/issues/222551623.

Cloud Run

  • Added --description flag in gcloud beta run deploy, and description field in gcloud beta run services describe [SERVICE].
    • Description is an optional, human-readable string of up to 512 characters.
    • Using the flag is functionally equivalent to adding service annotation "run.googleapis.com/description".

Compute Engine

  • Promoted network-firewall-policies command group to GA.
  • Promoted gcloud compute instances create --visible_core_count to beta.

Config Connector

Kubernetes Engine

  • Added --enable-confidential-nodes to gcloud container cluster create to enable cluster creation with nodes on Confidential VM. Added --enable-confidential-nodes flag to gcloud container node-pools create/update to allow creating node-pools with confidential nodes, and updating existing node pools to confidential nodes.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

389.0.0 (2022-06-07)

Anthos Multi-Cloud

  • Added --instance-type flag to gcloud container aws node-pools update to update the EC2 instance type of node pool nodes.

Artifact Registry

  • Added new command gcloud artifacts files list to list files in a specific repository.

Cloud Composer

  • Added --enable-master-authorized-networks and --master-authorized-networks flags to gcloud composer environments create command.
  • Added --enable-master-authorized-networks and --disable-master-authorized-networks and --master-authorized-networks to gcloud composer environments update command.
  • Added --enable-ip-masq-agent flag to gcloud composer environments create command to enable IP address masquerading in the GKE cluster.

Cloud DNS

  • Add setIamPolicy and getIamPolicy commands in beta.

Cloud Filestore

  • Add support for Filestore's multi-share instances to gcloud beta filestore instances list. CAPACITY_GB will show the instance's capacity for multi-share instances instead of an empty string. FILE_SHARE_NAME will show "N/A" for multi-share instances instead of an empty string.

Cloud Identity-Aware Proxy

  • Promoted gcloud iap tcp dest-groups command group to beta.

Cloud Run

  • Promoted --session-affinity of gcloud run to beta.

Cloud SQL

  • Add command gcloud sql generate-login-token to generate down-scoped OAuth2 access tokens for IAM database authentication.

Compute Engine

  • Modified --ssl-certificates flag to be optional in gcloud compute target-https-proxies create.
  • Updated the documentation for --mtu flag of compute networks create|update.
  • Updated the validation for --enable-logging and --logging-sample-rate flags of beta compute backend-services create|update.
  • Updated the documentation for --logging-sample-rate flag of compute backend-services create|update.

Config Connector

Database Migration

  • Renamed --sync flag to --no-async flag to gcloud database-migrate migration-jobs create command to wait for the migration job creation operation to be completed before proceeding.
  • Added --no-async flag to gcloud database-migrate migration-jobs update command to wait for the migration job updation operation to be completed before proceeding.
  • Updated gcloud database-migration connection-profiles create cloudsql to support the flag root-password.
  • Added --no-async flag to gcloud database-migrate migration-jobs create command to wait for the connection profile creation operation to be completed before proceeding.

Kpt

  • Updated kpt from v1.0.0-beta.13 to v1.0.0-beta.15. See https://github.com/GoogleContainerTools/kpt/releases/tag/v1.0.0-beta.15 for more details.
  • The kpt fn commands now includes Kptfile and functionConfig in the function input by default. Previously this behavior was controlled using --enable-meta-resources command-line flag. --enable-meta-resources flag is also deprecated. If this disrupts any of your config workflow, you can use exclude functionality to exclude resources from function inputs. This functionality was added in this release to minimize the disruption.
  • The kpt website is overhauled to reflect the new scope of kpt project. New components package orchestrator, Configuration as Data UI and Config Sync are added to the project.
  • Added package orchestrator (a.k.a. porch) CLI interface under alpha subgroup (kpt alpha rpkg, kpt alpha repo, kpt alpha sync).
  • Added command-line flag --save to kpt fn eval to save evaluated function to package's Kptfile.
  • Added capability to select resources using labelSelector and annotationSelector in kpt fn eval and kpt fn render.
  • Added capability to exclude resources in kpt fn eval and kpt fn render.
  • Added support for variant constructor pattern in kpt pkg init and kpt pkg get.
  • Added capability to execute functions in a kubernetes cluster using porch.

Kubernetes Engine

  • Added podPidLimits kubelet config option which controls per pod pid limits to gcloud container clusters create, gcloud container node-pools create, and gcloud container node-pools update.
  • Updates default kubectl from 1.21 to 1.22.
  • Additional kubectl versions:
    • kubectl.1.19 (1.19.16)
    • kubectl.1.20 (1.20.15)
    • kubectl.1.21 (1.21.13)
    • kubectl.1.22 (1.22.9)
    • kubectl.1.23 (1.23.6)
    • kubectl.1.24 (1.24.0)

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

388.0.0 (2022-06-01)

Google Cloud CLI

  • Added Cloud SQL OAuth scope to Application Default Credential.

AI

  • Fixed issue where unspecified --network and --service-account flags of gcloud ai hp-tuning-jobs create mistakenly overrode the corresponding values set via --config flag.

Apigee

  • Promoted gcloud apigee operations to beta.

Bare Metal Solution

  • Updated gcloud bms instances list to also return the IP addresses of instances that do not use the default network template.

Cloud Bigtable

  • Removed NAME column output from bigtable hot-tablets list.

Cloud Datastore Emulator

  • Release Cloud Datastore Emulator version 2.2.1
    • Fixes --firestore_in_datastore_mode flag parsing.

Cloud Deploy

  • Fixed issue where gcloud deploy targets rollback redeployed to the current release instead of rolling back to the previous release. This occurred in cases where the name of the release to rollback to was not provided.

Cloud Functions

  • Added --gen2 support for --set-secrets, --update-secrets, --remove-secrets and --clear-secrets flags of gcloud functions deploy to beta, alpha.

Cloud On Demand Scanning

  • Fixed issue where scanning for Maven vulnerabilities would occasionally fail.

Compute Engine

  • Promoted network-firewall-policies command group to GA.

Config Connector

Database Migration

  • Added --sync- flag to gcloud database-migrate migration-jobs create command to wait for the migration job creation operation to be completed before proceeding.

Kubernetes Engine

  • Added podPidLimits kubelet config option which controls per pod pid limits to gcloud container clusters create, gcloud container node-pools create, and gcloud container node-pools update.
  • Updated the following GA commands to support IAM Conditions:
    • gcloud beta attestors get-iam-policy outputs conditions associated with each binding.
    • gcloud beta attestors set-iam-policy accepts policies with conditional bindings.
    • gcloud beta attestors <add|remove>-iam-policy-binding accepts conditional bindings via new --condition and --condition-from-file flags.
    • gcloud beta policy get-iam-policy outputs conditions associated with each binding.
    • gcloud beta policy set-iam-policy accepts policies with conditional bindings.
    • gcloud beta policy <add|remove>-iam-policy-binding accepts conditional bindings via new --condition and --condition-from-file flags.

Terraform

  • Added support for the following resources in CAI-based policies:
    • google_access_context_manager_access_policy_iam_binding
    • google_access_context_manager_access_policy_iam_member
    • google_access_context_manager_access_policy_iam_policy
    • google_endpoints_service_consumers_iam_binding
    • google_endpoints_service_consumers_iam_member
    • google_endpoints_service_consumers_iam_policy
    • google_privateca_certificate_template_iam_binding
    • google_privateca_certificate_template_iam_member
    • google_privateca_certificate_template_iam_policy
  • TF -> CAI resource conversion compiled against google provider version 4.20.0.
  • Added output of logs based on configuration of log level.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

387.0.0 (2022-05-24)

Anthos Multi-Cloud

  • Fixed issue where gcloud container aws clusters get-credentials --private-endpoint and gcloud container azure clusters get-credentials --private-endpoint commands do not work for clusters in a project different from the default project.

Cloud Composer

  • Added --enable-privately-used-public-ips flag to gcloud composer environments create command to enable using privately used public IP address ranges feature in the GKE cluster.

Cloud Dataproc

  • Added --properties-file flag to gcloud beta dataproc jobs submit.

Cloud Deploy

  • Fixed gcloud deploy releases <create|promote> and gcloud deploy targets rollback to support --format flag.

Cloud Functions

  • - Added --trigger-event-filters-path-pattern flag to gcloud beta functions deploy.

Cloud Pub/Sub

  • Added --bigquery-table, --write-metadata, --use-topic-schema, and --drop-unknown-fields flags to gcloud pubsub subscriptions create to set BigQuery configuration options in Cloud Pub/Sub subscriptions.
  • Added --bigquery-table, --write-metadata, --use-topic-schema, --drop-unknown-fields, and --clear-bigquery-config flags to gcloud pubsub subscriptions update to update BigQuery configuration options in Cloud Pub/Sub subscriptions.

Compute Engine

  • Added 22.04 to allowed list of values for --version of gcloud beta compute instances ops-agents policies [create|update].
  • Promoted delete command of gcloud compute instance-groups managed all-instances-config to beta.
  • Promoted update command of gcloud compute instance-groups managed all-instances-config to beta.
  • Promoted --region for gcloud compute ssl-policies to beta.
  • Promoted --region flag for gcloud compute target-tcp-proxies to beta.
  • Added --target-distribution-shape flag to gcloud compute instances bulk create to specify shape of distribution in regional bulk insert for alpha and beta.

Config Connector

Eventarc

  • Added gcloud eventarc audit-logs-provider command group.

Stackdriver Monitoring

  • Promoted gcloud monitoring metrics-scopes command group to beta.

Terraform

  • Added support for the following resources in CAI-based policies:
    • google_access_context_manager_access_policy_iam_binding
    • google_access_context_manager_access_policy_iam_member
    • google_access_context_manager_access_policy_iam_policy
    • google_endpoints_service_consumers_iam_binding
    • google_endpoints_service_consumers_iam_member
    • google_endpoints_service_consumers_iam_policy
    • google_privateca_certificate_template_iam_binding
    • google_privateca_certificate_template_iam_member
    • google_privateca_certificate_template_iam_policy
  • TF -> CAI resource conversion compiled against google provider version 4.20.0.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

386.0.0 (2022-05-17)

Google Cloud CLI

  • Added Cloud SQL OAuth scope to gcloud auth login.

Anthos Identity Service

  • Promoted gcloud container hub identity-service to GA.
  • Promoted gcloud container fleet identity-service to GA.

App Engine

  • Promoted --service-account flag of gcloud app deploy to GA.

App Engine Flexible Environment

  • Promoted --service-account flag of gcloud app deploy to GA.

Cloud Build

  • Add --include-logs-with-status flag to gcloud triggers create.

Cloud Composer

  • Improve error message in case of lacking permissions in gcloud composer environments storage * delete commands.

Cloud IAM

  • Added gcloud iam workload-identity-pools create-saml and gcloud iam workload-identity-pools update-saml commands to manage SAML workload identity pool providers.

Cloud Memorystore

  • Promoted support for maintenance windows in gcloud memcache to GA.
  • Promoted the command gcloud memcache reschedule-maintenance to GA.

Cloud Run

  • Modified gcloud run services describe to include session affinity configuration.

Cloud SQL

  • Changed the prompt generated by --prompt-for-password for gcloud sql users set-password from Instance Password: to New Password:, since set-password command changes a database user's password, not the instance's password.
  • Setting max-login-attempts will also set enable-password-verification to true.

Compute Engine

  • Promoted --service-bindings flag of gcloud compute backend-services create|update commands to GA.
  • Promoted gcloud compute backend-services add-service-bindings and gcloud compute backend-services remove-service-bindings commands to GA.
  • Promoted --provisioning-model and --instance-termination-action flags of gcloud compute instances set-scheduling to GA.
  • Promoted sole tenancy flags of gcloud compute instances update to GA.
  • Added --network-performance-configs flag to gcloud compute instances bulk create.
  • Promoted --disable-automate-dns-zone flag of gcloud compute forwarding-rules create to GA.
  • Promoted --stack-type flag to GA for gcloud compute networks peeerings <create|update>.
  • Added windows-2022 & windows-2022-byol options to --os flag for:
    • gcloud compute images import in GA,
    • gcloud compute instances import in GA
    • gcloud compute machine-images import in GA

Config Connector

Database Migration

  • Updated gcloud database-migration migration-jobs create command to create a migration job without any connectivity method (if connectivity isn't specified).
  • Added gcloud database-migration migration-jobs create --static-ip command to create a migration job with static IP connectivity. This was the default behavior.
  • Added gcloud database-migration migration-jobs update --static-ip command to update a migration job with static IP connectivity.

Distributed Cloud Edge

  • Added --clear-maintenance-window flag to gcloud edge-cloud container clusters update which removes the maintenance window setting of a cluster.
  • Updated gcloud edge-cloud container clusters node-pools list to make specifying a parent cluster optional. When --cluster is not specified, all node pools are listed.

Managed Active Directory

  • Promoted gcloud active-directory domains backups and gcloud active-directory domains restore to GA.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

385.0.0 (2022-05-10)

Google Cloud CLI

  • Updated bundled Python executable for Windows to Python 3.9.12.

AI

  • Added --anomaly-cloud-logging flag to gcloud ai model-monitoring-jobs create|update to allow logging anomaly to Cloud Logging.

Anthos Multi-Cloud

  • Added --ssh-ec2-key-pair flag to gcloud container aws clusters update and gcloud container aws node-pools update to update the name of the EC2 key pair to login into control plane or node pool nodes.
  • Added --clear-ssh-ec2-key-pair flag to gcloud container aws clusters update and gcloud container aws node-pools update to clear the EC2 key pair to login into control plane or node pool nodes.

Cloud Run

  • Fixed issue where some commands were missing from gcloud beta run jobs.

Cloud SQL

  • Added --enable-password-policy flag to gcloud sql instances create and gcloud sql instances patch for GA.

Compute Engine

  • Promoted --key-revocation-action-type flag to beta for gcloud compute instance-templates create.
  • Promoted keyRevocationActionType flag of gcloud compute instances update-from-file to beta.
  • Added FIXED_STANDARD to allowed list of values for --default-network-tier flag.

Config Controller

  • Updated output of gcloud anthos config controller create to not include the default Config Connector identity upon creation.

Eventarc

  • Added gcloud eventarc channels group to interact with third-party sources.
  • Added gcloud eventarc channel-connections for event providers to create association with the user channel.
  • Added --channel argument to gcloud eventarc triggers create to specify associated channel.

Network Services

  • Promoted gcloud network-services service-bindings to GA.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

384.0.1 (2022-05-05)

Cloud Storage

  • Updated gsutil component to 5.10. Google Cloud CLI version 384.0.0 included an older gsutil component (version 5.6) in deb, rpm, and snap packages. Version 384.0.1 includes gsutil component version 5.10 in the deb, rpm, and snap packages.

384.0.0 (2022-05-03)

Cloud Datastore Emulator

  • Adds --use-firestore-in-datastore-mode flag to gcloud [alpha|beta] emulators datastore start command.

Cloud Resource Manager

  • Promoted --condition flag to GA for the following commands:
    • gcloud resources-manager tags keys <add_iam_policy_binding|create|delete|describe|get_iam_policy|list|remove_iam_policy_binding|set_iam_policy|update>
    • gcloud resources-manager tags values <add_iam_policy_binding|create|delete|describe|get_iam_policy|list|remove_iam_policy_binding|set_iam_policy|update>
    • gcloud resources-manager tags bindings <create|delete|list>
    • gcloud resources-manager tags holds <create|delete|list>

Cloud Run

  • Promoted gcloud beta run jobs command group and all sub-commands to beta.

Cloud Storage

  • Updated gsutil component to 5.10.

Compute Engine

  • Started showing error messages on use of gcloud compute ssl-certificates create with --domains and --region flags together. Previously --region flag was being ignored.
  • Promoted --md5-authentication-key flag of gcloud compute routers add-bgp-peer to beta.
  • Promoted --md5-authentication-key and --clear-md5-authentication-key flags of gcloud compute routers update-bgp-peer to beta.
  • Updated import and export schemas for gcloud compute backend-services.
  • Promoted --key-reservation-action-type flag to beta for gcloud compute instances create.

Config Connector

GKE Hub

  • Fix a bug that RBAC policy produced by generate-gateway-rbac command could be removed unexpectedly.
  • Promoted the following commands to GA:
    • gcloud container hub mesh update.
    • gcloud container fleet mesh update.

Kubernetes Engine

  • Promoted fields gpu-sharing-strategy and max-shared-clients-per-gpu within --accelerator flag to enable GPU sharing support.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

383.0.1 (2022-04-26)

Google Cloud CLI

  • Added back --[no-]launch-browser in gcloud auth login and gcloud auth application-default login. --no-browser is the preferred and more secure auth flow in comparison.
  • Added back --console-only and --no-launch-browser in gcloud init. Use --no-browser as the replacement.

383.0.0 (2022-04-26)

Breaking Changes

  • (Google Cloud CLI) Removed --[no-]launch-browser in gcloud auth login and gcloud auth application-default login. Use --no-browser as the replacement.
  • (Google Cloud CLI) Removed --console-only and --no-launch-browser in gcloud init. Use --no-browser as the replacement.
  • (Compute Engine) Removed --local-ssd=size=SIZE from gcloud beta compute instances create-with-container due to the parameter being nonfunctional.

AI

  • Modified --region flag of gcloud ai endpoints to include new online prediction regions.
  • Modified --region flag of gcloud ai models to include new online prediction regions.

Access Approval

  • Added gcloud access-approval service-account get which retrieves the service account that is used by Access Approval to access KMS keys for signing approved approval requests.

App Engine

  • Enables build environment variables to be set in app.yaml.

Artifact Registry

  • Added new command gcloud artifacts files list to list files from a specified project and repository.

Cloud DNS

  • Modified gcloud dns managed-zones update to allow detaching all networks from a private zone by setting --networks to an empty string.
  • Modified gcloud beta dns managed-zones update to allow detaching all GKE clusters from a private zone by setting --gkeclusters to an empty string.
  • Modified gcloud beta dns managed-zones update to allow updating the GKE clusters or networks bound to a private zone independently by setting only --gkeclusters or --networks.

Cloud Datastore Emulator

  • Release Cloud Datastore Emulator version 2.2.0
    • Adds a flag to support Cloud Firestore in Datastore mode product mode in the emulator.

Cloud Firestore Emulator

  • Released Cloud Firestore emulator v1.14.3.
    • Fixed exports throwing BufferOverflowException.

Cloud IAM

  • Service Accounts SignJwt promoted to GA command.

Compute Engine

  • Changed the default value of --image-family flag to debian-11 for gcloud compute instances create and gcloud compute instance-templates create commands.

Config Connector

Config Controller

  • Let gcloud anthos config controller create print the default Config Connector identity, to allow easier subsequent permission grant.
  • Added gcloud anthos config controller get-config-connector-identity which prints the default Config Connector identity, to allow easier subsequent permission grant.

Identity and Access Management

  • Added --enable-imdsv2 flag to gcloud iam workload-identity-pools create-cred-config command to include AWS token Url to the credential source while generating AWS credentials config file.

Kubernetes Engine

  • Added --node-labels, --node-taints and --tags flags to gcloud container node-pools update.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

382.0.0 (2022-04-19)

Access Approval

  • Added --active_key_version flag to gcloud access-approval settings update to set the crypto key version to use for signing approval requests.

Anthos Multi-Cloud

  • Added --proxy-secret-arn flag to gcloud container aws node-pools update to update the Amazon Resource Name (ARN) of the AWS Secrets Manager secret containing a proxy configuration.
  • Added --proxy-secret-version-id flag to gcloud container aws node-pools update to update the version ID of the AWS Secrets Manager secret containing a proxy configuration.
  • Added --clear-proxy-config flag to gcloud container aws node-pools update to clear the proxy configuration associated with the node pool.

Apigee

  • Fixed issue where gcloud beta apigee archives list would only list the first 25 archive deployments, even if more existed in the environment.

Binauthz

  • Updated the following beta commands to better support IAM Conditions:
    • gcloud beta attestors get-iam-policy outputs conditions associated with each binding.
    • gcloud beta attestors set-iam-policy accepts policies with conditional bindings.
    • gcloud beta attestors <add|remove>-iam-policy-binding accepts conditional bindings via new --condition and --condition-from-file flags.
    • gcloud beta policy get-iam-policy outputs conditions associated with each binding.
    • gcloud beta policy set-iam-policy accepts policies with conditional bindings.
    • gcloud beta policy <add|remove>-iam-policy-binding accepts conditional bindings via new --condition and --condition-from-file flags.

Cloud Composer

  • Enabled nested Airflow commands for Airflow 1.10.14 and 1.10.15 in gcloud composer environments run.

Cloud Logging

  • Added --location, --bucket, and --view flags to gcloud logging logs list to add the ability to limit the results to a view.

Cloud TPU

  • Promoted gcloud compute tpus tpu-vm to GA. Commands in this group allow creation and management of Cloud TPU VMs.

Compute Engine

  • Added INTERNAL as a choice for --ipv6-access-type flag in compute networks subnets create and compute networks subnets update.
  • Promoted unspecified value for --protocol flag of gcloud compute backend-services <create|update> to GA.
  • Promoted l3_default value for --ip-protocol flag of gcloud compute forwarding-rules create to GA.

Config Connector

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

381.0.0 (2022-04-12)

App Engine

Artifact Registry

  • *Added repository size to gcloud artifacts repositories describe and gcloud artifacts repositories list responses to GA.

Cloud Bigtable

  • Added "pretty-print" formatting to cbt lookup and cbt read commands. Column encodings and types can be provided using a YAML file, which is passed to the commands using format-file argument.
  • Added "keys-only" filtering to cbt lookup and cbt read commands by providing keys-only=true argument.
  • Promoted gcloud bigtable hot-tablets list to beta and GA.

Cloud Dataflow

  • Added --image-repository-username-secret-id, --image-repository-password-secret-id and --image-repository-cert-path flags to gcloud dataflow flex-template build command to allow users to provide credentials to pull template images from private registries.

Cloud Dataproc

  • Promoted gcloud dataproc clusters gke create to GA.

Cloud Datastream

Cloud Firestore Emulator

  • Release Cloud Firestore emulator v1.14.2
    • Fix: transaction expires after 270s or 60s window
    • Fix: dead transaction reused bug
    • Fix: deadlock for up to 30s. #2452

Cloud Healthcare

  • Added --schema-type value analytics_v2 to the following command gcloud beta healthcare fhir-stores export bq.
  • Added --resource-type flag to gcloud healthcare fhir-stores export bq and gcloud healthcare fhir-stores export gcs which limits the export to specific types of FHIR resources on export.
  • Added --since flag to gcloud healthcare fhir-stores export bq and gcloud healthcare fhir-stores export gcs which limits the export to FHIR resources that were updated since the value passed in.

Cloud Spanner

  • Added --processing-units flag to spanner instances create and spanner instances update to add ability to create granular instances in GA.

Cloud Storage

  • Updated gsutil component to 5.9.

Compute Engine

  • Added --region flag for updating Regional Target HTTPS Proxies via gcloud compute target-https-proxies import.
  • Changed the list format field label of gcloud compute networks subnets list to include updated IPv6 fields.
  • Added --provisioning-model and --instance-termination-action flags to gcloud compute instances set-scheduling surface for beta.
  • Updated gcloud compute instances set-scheduling documentation to include --no-preemptible flag.

Config Connector

Database Migration

  • Updated gcloud database-migration connection-profiles list to list all region connection profiles when region not specified.

GKE Hub

  • Added Kubernetes resource labels for RBAC policies produced by generate-gateway-rbac command.

Kubernetes Engine

  • Added --network-performance-configs flag to gcloud container node-pools create/update to allow node pools to enable higher performance bandwidth for VM to VM traffic.
  • Promoted maxSurge default to GA for node-pool upgrade settings.
  • Require values for both --shielded-secure-boot and --shielded-integrity-monitoring when either one is set.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

380.0.0 (2022-04-05)

Google Cloud CLI

  • Updated gcloud auth login --cred-file=external-account-creds.json to authorize bq with the External Account Credentials in the passed credential file.

Cloud Composer

  • Added support for 1 and 2 aliases in --airflow-version flag, and airflow-1 and airflow-2 aliases in Airflow part of --image-version flag, in gcloud composer environments create, gcloud beta composer environments update, gcloud beta composer environments check-upgrade.
  • Implemented gcloud beta composer environments snapshots command group.

Cloud Spanner

  • Promoted --condition flag on Cloud Spanner add-iam-policy-binding and remove-iam-policy-binding commands to GA. This allows setting conditional IAM policies on Cloud Spanner resources (instances, databases, and backups) via gcloud.
  • Promoted gcloud spanner backups copy to beta and GA.

Compute Engine

  • Promoted --certificate-map of 'compute target-ssl-proxies insert|update` to beta.

Distributed Cloud Edge

  • Added gcloud edge-cloud container which allows users to manage their Distributed Cloud Edge clusters.

Kubernetes Engine

  • Added --network-performance-configs flag to gcloud container node-pools create/update to allow node pools to enable higher performance bandwidth for VM to VM traffic.
  • Promoted maxSurge default to GA for node-pool upgrade settings.

Terraform

  • Added gcloud terraform vet to beta, which allows enforcing policy compliance as part of an infrastructure CI/CD pipeline.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

379.0.0 (2022-03-29)

Breaking Changes

  • (Cloud Services) Replace --deleted flag with --show-deleted flag to gcloud services api-keys list. With --show-deleted, keys soft-deleted within 30 days will be returned.
  • (Cloud Services) Change the default output format from tabular to row-based of gcloud services api-keys list.

Google Cloud CLI

  • Updated gcloud auth login --cred-file=external-account-creds.json to authorize gsutil with the External Account Credentials in the passed credential file.

AI

  • Added more choice options to --region flag of gcloud ai custom-jobs and gcloud ai hp-tunining-jobs, including: southamerica-east1 and us-west4.

Artifact Registry

  • Changed com.google.cloud.artifactregistry.gradle-plugin from 2.1.1 to 2.1.5 in gcloud print-settings.
  • Promoted gcloud artifacts apt and artifacts yum commands to GA.

Cloud Firestore Emulator

  • Release Cloud Firestore emulator v1.14.1
    • Chore: prepare for aggregate support.
    • Chore: add support of x-goog-request-params http header for routing.
    • Fix: change read-past-max-staleness error code to align with production implementation.
    • Fix: update readtime-in-the-future error message.
    • Fix: support importing exports from Windows on UNIX systems.

Cloud Functions

  • Promoted --docker-repository, --kms-key, --clear-docker-repository and --clear-kms-key flag of gcloud functions deploy to GA.
  • Promoted --docker-registry flag of gcloud functions deploy to beta.

Cloud On Demand Scanning

  • Added ARM support for local-extract on Linux.

Cloud Run

  • Promoted gcloud run services proxy to beta. This command allows you to proxy a service or revision to localhost. Requests will be authenticated as the current SDK account, or with a provided token.

Compute Engine

  • Fixed an issue with --create-disk and --disk flags that causes gcloud compute instances create to fail when attaching a boot disk.
  • Promoted --enable-ula-internal-ipv6 and --internal-ipv6-range flags to GA for gcloud compute networks <create|update>.
  • Updated --protocol flag to permit values of TCP or SSL when --enable-logging or --logging-sample-rate flags are set for gcloud compute backend-services create and gcloud compute backend-services update for beta.

Config Connector

Database Migration

  • Updated gcloud database-migration connection-profiles list --region=us-central1 to return correct structure for connection profiles based on format.
  • Updated gcloud database-migration connection-profiles create mysql to return error on invalid hostname.
  • Updated gcloud database-migration connection-profiles create postgresql to return error on invalid hostname.

Eventarc

  • Added gcloud eventarc providers which allows for the discovery of event providers.

Kubernetes Engine

  • Deprecated --autoprovisioning-min-cpu-platform flag from gcloud container clusters create/update.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

378.0.0 (2022-03-22)

Breaking Changes

  • (Bare Metal Solution) Modified gcloud bms volumes update, gcloud bms instances update, gcloud bms networks update, and gcloud bms nfs-shares update to be synchronous by default. Use --async flag to get the old behavior.

Google Cloud CLI

  • Updated --scopes flag in gcloud auth application-default print-access-token to support print down-scoped access token for user accounts.

Anthos Multi-Cloud

  • Added --root-volume-type flag to gcloud container aws node-pools update to update the type of the root volume.
  • Added --root-volume-size flag to gcloud container aws node-pools update to update the size of the root volume.
  • Added --root-volume-iops flag to gcloud container aws node-pools update to update the number of I/O operations per second (IOPS) to provision for the root volume.
  • Added --root-volume-kms-key-arn flag to gcloud container aws node-pools update to update the Amazon Resource Name (ARN) of the AWS KMS key to encrypt the root volume.
  • Added --config-encryption-kms-key-arn flag to gcloud container aws node-pools update to update the Amazon Resource Name (ARN) of the AWS KMS key to encrypt the user data.
  • Added --clear-proxy-config flag to gcloud container aws clusters update to clear the proxy configuration associated with the cluster.
  • Added --clear-security-group-ids flag to gcloud container aws clusters update to clear the additional security groups associated with the control plane replicas.
  • Added --root-volume-type flag to gcloud container aws clusters update to update the type of the root control plane volume.
  • Added --root-volume-size flag to gcloud container aws clusters update to update the size of the root control plane volume.
  • Added --root-volume-iops flag to gcloud container aws clusters update to update the number of I/O operations per second (IOPS) to provision for the root control plane volume.
  • Added --root-volume-kms-key-arn flag to gcloud container aws clusters update to update the Amazon Resource Name (ARN) of the AWS KMS key to encrypt the root control plane volume.
  • Added --clear-security-group-ids flag to gcloud container aws node-pools update to clear the additional security groups associated with the node pool nodes.

Bare Metal Solution

  • Added --async flag to gcloud bms volumes update, gcloud bms instances update, gcloud bms networks update, and gcloud bms nfs-shares update.

Certificate Authority Service

  • Enabled --sort-by flag for gcloud privateca templates list.

Cloud Memorystore

  • Promoted --maintenance-window-day and --maintenance-window-hour flags of gcloud redis instances create to GA.
  • Promoted --maintenance-window-day, --maintenance-window-hour, and --maintenance-window-any flags of gcloud redis instances update to GA.
  • Promoted gcloud redis instances reschedule-maintenance to GA.
  • Promoted support for maintenance windows in gcloud memcache to beta.
    • Added maintenance window flags to create and update commands.
    • --maintenance-window-day
    • --maintenance-window-start-time
    • --maintenance-window-duration
    • Added the flag --maintenance-window-any to update to remove a previously selected maintenance window.
  • Promoted the command gcloud beta memcache reschedule-maintenance.

Cloud On Demand Scanning

  • Fixed an issue where extraction would occasionally fail while scanning Maven packages.

Cloud SQL

  • Expanded --database-version flag choices to gcloud beta sql instance patch to enable major version upgrade on Cloud SQL instances.

Compute Engine

  • Added --load-balancing-scheme flag to gcloud compute url-maps validate for alpha, beta and v1.
  • Updated import and export schemas for:
    • gcloud compute forwarding-rules.
    • gcloud compute backend-services.
  • Promoted locality_lb_policy flag of gcloud compute backend-services create/update to beta.
  • Added --share-setting and --share-with flags to gcloud beta compute sole-tenancy node-groups create|update for beta.
  • Added --share-settings flag to gcloud beta compute sole-tenancy node-groups list for beta.
  • Added --node-project flag to gcloud beta compute instances create for beta.
  • Promoted gcloud compute instances suspend and gcloud compute instances resume to v1.

Config Connector

Config Controller

  • Added --use-private-endpoint flag to gcloud anthos config controller create to restrict access to the master's private endpoint IP of a config controller instance.

GKE Hub

  • Promote gcloud container hub memberships generate-gateway-rbac command from alpha to beta.

Secret Manager

  • Added --update-version-aliases flag to gcloud secrets update and gcloud secrets beta update to enable the addition of new aliases to secret versions.
  • Added --remove-version-aliases flag to gcloud secrets update and gcloud secrets beta update to enable the removal of aliases to secret versions.
  • Added --clear-version-aliases flag to gcloud secrets update and gcloud secrets beta update to enable the clearing of all aliases from a secret.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

377.0.0 (2022-03-15)

Google Cloud CLI

  • Promoted --no-browser in gcloud auth login and gcloud auth application-default login to be the default flow if gcloud cannot launch a web browser. You can still use --no-launch-browser flow by explicitly specifying it. Note that --no-launch-browser will be removed in version 383.0.0 on April 26, 2022.

Anthos Multi-Cloud

  • Added --security-group-ids flag to gcloud container aws node-pools update to update the IDs of additional security groups to add to node pool nodes.

Artifact Registry

  • Fixed issue where gcloud artifacts repositories create requires exessive permission when a kms key is supplied.

Bare Metal Solution

  • Promoted gcloud bms instances start to GA.
  • Promoted gcloud bms instances update to GA.
  • Promoted gcloud bms networks update to GA.
  • Promoted gcloud bms nfs-shares describe to GA.
  • Promoted gcloud bms nfs-shares list to GA.
  • Promoted gcloud bms nfs-shares update to GA.
  • Promoted gcloud bms volumes update to GA.
  • Added --filter flag to gcloud bms instances list.
  • Added --filter flag to gcloud bms volumes list.

Certificate Manager

  • Improved output of gcloud beta certificate-manager dns-authorizations create command. The output does not contain details of a created resource anymore.

Cloud Composer

  • Added support for composer-1 and composer-2 aliases in Composer part of --image-version flag in gcloud beta composer environments create, gcloud beta composer environments update, gcloud beta composer environments check-upgrade.
  • Fixed support for X.Y aliases in --airflow-version flag and airflow-X.Y aliases in Airflow part of --image-version flag in gcloud beta composer environments update and gcloud beta composer environments check-upgrade.

Cloud DNS

  • Add setIampolicy and getIamPolicy Alpha commands.

Cloud Dataproc

  • Added support for Clusters without cluster.config to gcloud dataproc jobs submit.

Cloud Domains

  • Allow specifying Project numbers in gcloud domains methods.

Cloud IAM

  • Service Accounts Undelete promoted to GA command.

Cloud Memorystore

  • Promoted --read-replicas-mode and --replica-count flags of gcloud redis instances create to GA.
  • Promoted --read-replicas-mode, --replica-count, and --secondary-ip-range flags of gcloud redis instances update to GA.

Cloud Storage

  • Updated gsutil component to 5.8.

Config Connector

Kubernetes Engine

  • Added --disable-pod-cidr-overprovision flag to gcloud beta container clusters/node-pools create to allow disabling overprovisioning of pod IPs during clusters and node-pools create.

Network Connectivity

  • Added gcloud network-connectivity locations describe and gcloud network-connectivity locations list. These commands return information about locations that support site-to-site data transfer.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

376.0.0 (2022-03-08)

Certificate Authority Service

  • Added --skip-grace-period flag to gcloud privateca roots delete and gcloud privateca subordinates delete to delete a certificate authority without waiting for the 30-day grace period that allows undeletion.

Cloud Build

  • Modified gcloud builds submit --pack to pass --network=cloudbuild to pack.

Cloud Identity-Aware Proxy

  • Add warning message to gcloud compute start-iap-tunnel telling users about installing NumPy.

Cloud Run

  • Added --env-vars-file to gcloud beta run deploy and gcloud run deploy to specify environment variables for Cloud Run deployments.
  • Added --env-vars-file to gcloud beta run services update and gcloud run services update to update environment variables for Cloud Run deployments.

Compute Engine

  • Added --split-source-commitment flag to gcloud compute commitments create for alpha.

Database Migration

  • Some changes in gcloud connection profile create cloudsql:
    • Fixed boolean flags to support --flag for setting it to true and --no-flag for false.

Firebase Test Lab

  • Promoted --app flag of gcloud firebase test ios run to GA.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

375.0.0 (2022-03-01)

Breaking Changes

  • (Miscellaneous) Updated .gcloudignore pattern matching to ensure that a leading wildcard does not match multiple path parts, for improved consistency with .gitignore.
    • For example, */baz will no longer match foo/bar/baz. Use **/baz for the previous behavior.

App Engine

Cloud Key Management Service

  • Add gcloud kms ekm-connections commands to GA.

Cloud Pub/Sub

  • Added --enable-exactly-once-delivery flag to gcloud pubsub subscriptions create to beta to set exactly once delivery preference in Cloud Pub/Sub subscriptions.
  • Added --enable-exactly-once-delivery flag to gcloud pubsub subscriptions update to beta to update exactly once delivery preference for Cloud Pub/Sub subscriptions.

Cloud Security Command Center

  • Added gcloud scc bqexports command group to support BigQueryExport features.

Cloud Speech API

  • Added medical_conversation and medical_dictation options for gcloud ml speech <recognize | recognize-long-running> --model flag.

Compute Engine

  • Modified --filter to add support for server-side zone and region filtering to gcloud compute list commands.
    • Filtering will only be applied server-side if an exact match (=) is used in the filter expression (e.g. --filter="zone=us-central1-a"). Otherwise, the existing client-side filtering will be applied.

Identity and Access Management

  • Added gcloud beta iam policies create which creates a policy on the given attachment point with the given name.
  • Added gcloud beta iam policies delete which deletes a policy on the given attachment point with the given name.
  • Added gcloud beta iam policies get which gets a policy on the given attachment point with the given name.
  • Added gcloud beta iam policies listwhich lists the policies on the given attachment point.
  • Added gcloud beta iam policies update which updates the policy on the given attachment point with the given name.

Kubernetes Engine

  • Promoted --enable-identity-service flag to GA for gcloud container cluster create|update.
  • Added --enable-confidential-nodes flag to gcloud beta container node-pools create/update to allow creating node-pools with confidential nodes, and updating existing node pools to confidential nodes.

Miscellaneous

  • Updated gcloud info to display the source for each property value in parenthesis after the value, to help understand if the property is set by a command-line flag, an environment variable, the properties file, etc.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

374.0.0 (2022-02-23)

Breaking Changes

  • (Google Cloud CLI) Updated gcloud auth application-default login to use --no-browser in place of --no-launch-browser when using --client-id-file.

Google Cloud CLI

  • Added gcloud config configurations rename which allows for renaming of existing configurations.

Anthos Multi-Cloud

  • Added --security-group-ids flag to gcloud container aws clusters update to update the IDs of additional security groups to add to control plane replicas.
  • Added --proxy-secret-arn flag to gcloud container aws clusters update to update the Amazon Resource Name (ARN) of the AWS Secrets Manager secret containing a proxy configuration.
  • Added --proxy-secret-version-id flag to gcloud container aws clusters update to update the version ID of the AWS Secrets Manager secret containing a proxy configuration.
  • Deprecated aws/location property of gcloud container aws. Use container_aws/location to set the default Google Cloud location for gcloud container aws.
  • Deprecated azure/location property of gcloud container azure. Use container_azure/location to set the default Google Cloud location for gcloud container azure.

App Engine

  • Fixed bug in devappserver causing "ImportError: cannot import name apiproxy" errors.

BigQuery

  • Fix 'collections' error for Python 3.10.
  • Add --concurrency flag for reservations. Mark --max_concurrency as deprecated.
  • Minor bug fixes and dependency updates.

Cloud DNS

  • Added Location flag to Cloud DNS Managed Zones, Response Policies beta commands. This flag can be specified to target Cloud DNS Zonal Servers.

Compute Engine

  • Added --compression-mode flag to gcloud beta compute backend-services <create | update>.
  • Added --compression-mode flag to gcloud beta compute backend-buckets <create | update>.
  • Promoted --resource-manager-tags flag of gcloud compute instances create, gcloud compute instance-templates create and gcloud compute instances bulk create to GA.
  • Added project-number as an option for --service-proxy of gcloud beta compute instance-templates create.
  • Promoted enum CLIENT_IP_NO_DESTINATION of --session-affinity of gcloud backend-services <create | update> to Beta and GA.
  • Modified --load-balancing-scheme flag of gcloud compute backend-services create and gcloud compute forwarding-rules create to accept choice 'EXTERNAL_MANAGED' in GA.

Compute OS Config

  • Added gcloud compute osconfig pause and gcloud compute os-config resume` commands.

Config Connector

Eventarc

  • Added --event-filters-path-pattern flag to gcloud eventarc triggers create and gcloud eventarc triggers update to allow path pattern matching in Cloud Audit Log resource name filter.

Kubernetes Engine

  • Added --autoprovisioning-network-tags flag of gcloud container clusters create, gcloud container clusters create-autoand gcloud container clusters update to beta, GA.

Miscellaneous

  • Updated gcloud config get-value to gcloud config get per user feedback. The get-value command will remain as a hidden alias for get.
  • Updated gcloud config set to prompt when attempting to set a project, zone, or region to an invalid value. If --quiet is provided, or the command is not run interactively, the warning is still printed and the specified value is set.
  • Updated gcloud init to allow selection of an unverified project ID.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

373.0.0 (2022-02-15)

Breaking Changes

  • (Cloud Filestore) Undeprecate --locations flag to gcloud filestore.
  • (Cloud Pubsub Emulator) Changed the default hostname to IPv6 localhost [::1] for all environments.
    • For IPv4-only environments, pass a IPv4 address to --host:port.
  • (Cloud Pubsublite Emulator) Changed the default hostname to IPv6 localhost [::1] for all environments.
    • For IPv4-only environments, pass a IPv4 address to --host:port.
  • (Transcoder) Removed support for gcloud beta transcoder command group.

Google Cloud CLI

  • Added --scopes flag to gcloud auth application-default print-access-token command to print an access token with the given scopes.

AI Platform

  • Fixed issue where gcloud ai-platform local train mistakenly overrode it to the default value when the flag --worker-count or --parameter-server-count is specified to be 0.

Anthos Multi-Cloud

  • Added --config-encryption-kms-key-arn flag to gcloud container aws clusters update to update the Amazon Resource Name (ARN) of the AWS KMS key to encrypt user data.

Bare Metal Solution

  • Removed gcloud bms volumes snapshot and gcloud bms volumes restore from GA.

Cloud Dataplex

  • Promoted lakes command group to GA.
  • Promoted zones command group to GA.
  • Promoted assets command group to GA.
  • Promoted tasks command group to GA.

Cloud Datastream

  • Fix bug with gcloud datastream connection-profiles create command when specify --private-connection flag.

Cloud Memorystore

  • Added --read-replica-mode and --secondary-ip-range to gcloud beta redis instances update.
  • Updated gcloud beta redis instances describe to include secondary-ip-range.

Cloud On Demand Scanning

  • Added GO option to --additional-package-types flag for gcloud artifacts docker images scan to enable scanning of Go third-party and standard library packages in Go binaries.

Cloud SQL

  • Added --maintenance-version flag to gcloud sql instances patch.

Cloud Spanner

  • Promoted the database dialect flag to beta and GA in gcloud spanner databases create command.

Cloud Speech API

  • Added --min-diarization-speaker-count and --max-diarization-speaker-count to gcloud beta ml speech command, replacing --diarization-speaker-count which used to set both of the new flags to same value.

Compute Engine

  • Added --provisioning-model and --instance-termination-action flags for gcloud compute create-with-container command.
  • Modified the API calls to use correct (RFC7396) null semantics in Patch for removing stateful IPs that were made by using the following flags of gcloud beta compute instance-groups managed update and gcloud beta compute instance-groups managed instance-configs update:
    • --remove-stateful-internal-ips,
    • --remove-stateful-external-ips.
  • Promoted --provisioning-model and --instance-termination-action flags for gcloud compute <instances|instance-templates|instances bulk> create commands.

Config Connector

Dataproc Metastore

  • Added the following alpha and beta commands to work with Dataproc Metastore service databases and tables:
    • metastore services databases get-iam-policy
    • metastore services databases set-iam-policy
    • metastore services databases add-iam-policy-binding
    • metastore services databases remove-iam-policy-binding
    • metastore services databases tables get-iam-policy
    • metastore services databases tables set-iam-policy
    • metastore services databases tables add-iam-policy-binding
    • metastore services databases tables remove-iam-policy-binding

Identity and Access Management

  • Added --include-aws-session-token-url flag to gcloud iam workload-identity-pools create-cred-config command to include AWS token url to the credential source while generating AWS credentials config file.
  • Added --include-deny flag to gcloud beta projects get-ancestors-iam-policy and gcloud beta resource-manager folders get-ancestors-iam-policy to specify if it should return deny policies on the hierarchy.

Kubernetes Engine

  • Added --spot flag to gcloud container clusters/node-pools create to allow creating spot VM for node pools.
  • Adds support for linux/arm version of kubectl.
  • Additional kubectl versions:
    • kubectl.1.18 (1.18.20)
    • kubectl.1.19 (1.19.14)
    • kubectl.1.20 (1.20.15)
    • kubectl.1.21 (1.21.9)
    • kubectl.1.22 (1.22.6)
    • kubectl.1.23 (1.23.3)

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

372.0.0 (2022-02-08)

Breaking Changes

  • (Kpt) The kpt live apply and kpt live destroy default behavior changed to wait forever
  • (Kpt) for reconciliation if no timeouts are specified.
  • (Kpt) The kpt live output for events and json printer is changed to omit resource-specific
  • (Kpt) health information by default.
  • (Kpt) The default image-pull-policy for kpt fn render and kpt fn eval changed
  • (Kpt) from AlwaysPull to IfNotPresent.

Cloud SDK

  • Deprecated --[no-]launch-browser flags and added --no-browser to gcloud auth login and gcloud auth application-default login commands. Use --no-browser to authorize gcloud on machines which cannot launch a web browser.
  • Deprecated --no-launch-browser and --console-only flags and added --no-browser flag to gcloud init. Use --no-browser to initialize gcloud command-line tool on machines which cannot launch a web browser.

Anthos Multi-Cloud

  • Added --role-arn flag to gcloud container aws clusters update command to update the IAM role to assume when managing AWS resources.
  • Added --role-session-name flag to gcloud container aws clusters update command to update the identifier for the assumed role session.
  • Added --instance-type flag to gcloud container aws clusters update command to update the AWS ec2 instance type for the control plane.
  • Added --admin-users flag to gcloud container aws clusters update and gcloud container azure clusters update to update the users that can perform operations as a cluster administrator.
  • Added --vm-size flag to gcloud container azure clusters update to update the Azure Virtual Machine size for the control plane.

Certificate Manager

  • Unified usage of --location flag in gcloud certificate-manager subcommands.

Cloud Composer

  • Added --connection-subnetwork flag to gcloud composer environments create command to enable using Private Service Connect for internal communication.

Cloud Identity-Aware Proxy

  • Promoted gcloud iap oauth-clients from alpha to beta.
  • Promoted gcloud iap oauth-brands from alpha to beta.

Cloud Key Management Service

  • Add kms ekm-connections commands to alpha, beta.
  • Add support for external-vpc crypto keys.
  • Added support for the following "raw" PKCS#1 signing algorithms to gcloud kms keys create|update and gcloud kms keys versions import:
    • rsa-sign-raw-pkcs1-2048
    • rsa-sign-raw-pkcs1-3072
    • rsa-sign-raw-pkcs1-4096

Cloud On Demand Scanning

  • Upgrade local-extract to version 1.4.0 to improve the stability and quality of extraction.

Cloud SQL

  • Promoted --network flag of gcloud sql instances create to GA.
  • Promoted --network flag of gcloud sql instances patch to GA.

Config Connector

Dataproc Metastore

  • Added --update-auxiliary-versions-from-file, --add-auxiliary-versions and --clear-auxiliary-versions flags to gcloud metastore services update beta release track to allow updating a Dataproc Metastore with auxiliary versions.

Kpt

  • Updated kpt from v1.0.0-beta.9 to v1.0.0-beta.13. Refer to OSS releases page https://github.com/GoogleContainerTools/kpt/releases for detailed release notes.
  • Improved the merge handling for pipeline section of the Kptfile.
  • Added exec support for running functions in kpt fn render.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

371.0.0 (2022-02-01)

Cloud SDK

  • Added support for specifying an OAuth 2.0 access token via the environment variable CLOUDSDK_AUTH_ACCESS_TOKEN.

Anthos Multi-Cloud

  • Added --admin-users flag to gcloud container aws clusters create and gcloud container azure clusters create to add users that can perform operations as a cluster administrator.

App Engine

Cloud DataPipelines

  • Added gcloud beta datapipelines pipeline job list which lists all jobs for a given pipeline in a specific project and region.

Cloud Deploy

  • Add --description flag to gcloud deploy targets rollback.
  • Modified gcloud deploy targets describe to make --delivery-pipeline an optional flag.
    • When --delivery-pipeline is not specified, displays deployment information of the associated pipeline with the most recent successful rollout.
    • Added --list-all-pipelines to list deployment information of all associated pipelines.

Cloud Speech API

  • Added --enable-automatic-punctuation to gcloud ml speech recognize commands.

Compute Engine

  • Added --guest-os-features (only UEFI_COMPATIBLE is supported) for:
    • gcloud compute images import in beta;
    • gcloud compute instances import in beta;
    • gcloud compute machine_images import in beta.
  • Added a new key type http-cookie to --enforce-on-key in gcloud compute security-policies rules.
  • Added --recaptcha-redirect-site-key for gcloud compute security-policies update, and promoted it to beta and GA.
  • Added --exceed-redirect-type and --exceed-redirect-target for gcloud compute security-policies rules create|update, and promoted them to beta and GA.
  • Added support for version=8 and short-name=rocky in --os-types for gcloud beta compute instances ops-agents policies [create|update].

Config Connector

Dataproc Metastore

  • Added --auxiliary-versions and --auxiliary-versions-from-file flags to gcloud metastore services create beta release track to allow creating a Dataproc Metastore with auxiliary versions.
  • Added --endpoint-protocol flag to gcloud beta metastore services create and gcloud beta metastore services update to specify the protocol to use for the metastore service endpoint.

Kubernetes Engine

  • Updates default kubectl from 1.20 to 1.21.
  • Adds support for Mac M1 (darwin/arm64) version of kubectl (version 1.21 and greater).
  • Additional kubectl versions:
    • kubectl.1.18 (1.18.20)
    • kubectl.1.19 (1.19.14)
    • kubectl.1.20 (1.20.14)
    • kubectl.1.21 (1.21.9)
    • kubectl.1.22 (1.22.5)
    • kubectl.1.23 (1.23.1)

Miscellaneous

  • Added configuration property core/console_log_format to support alternative logging formats. Use gcloud config set core/console_log_format detailed to include timestamps in messages logged to the console.

Subscribe to these release notes at https://groups.google.com/forum/#!forum/google-cloud-sdk-announce.

370.0.0 (2022-01-25)

AI

  • Added more choice options to --region flag of gcloud ai custom-jobs and gcloud ai hp-tunining-jobs, including: asia-east2, asia-south1, europe-west3, europe-west6, northamerica-northeast2 and us-west2.

Bare Metal Solution

  • Added gcloud bms instances reset which hard resets Bare Metal Solution instances.

BigQuery

  • Add support for --clone flag for table clones.
  • Add support for --multi_region_auxiliary flag for reservations.
  • Fix 'bq show -d' to support authorized routines.
  • Minor bug fixes and dependency updates.

Cloud Composer

  • Fixed issues in creation of Cloud Composer 2 environments that didn't properly pass on the secondary range names/CIDRs.

Cloud Functions

  • Promoted --set-secrets, --update-secrets, --remove-secrets and --clear-secrets flags of gcloud functions deploy to GA.

Compute Engine

  • Promoted --enable-ipv6, --ipv6-nexthop-address, and --peer-ipv6-nexthop-address flags of gcloud compute router update-bgp-peer to GA.
  • Promoted --enable-ipv6, --ipv6-nexthop-address, and --peer-ipv6-nexthop-address flags of gcloud compute router add-bgp-peer to GA.
  • Promoted --stack-type, --candidate-ipv6-subnet, --cloud-router-ipv6-interface-id, and --customer-router-ipv6-interface-id flags of gcloud compute interconnects attachments dedicated create to GA.
  • Promoted --stack-type, --candidate-ipv6-subnet, --cloud-router-ipv6-interface-id, and --customer-router-ipv6-interface-id flags of gcloud compute interconnects attachments dedicated update to GA.
  • Promoted --enable-uefi-networking flag of gcloud compute instances create, gcloud compute instance-templates create and gcloud compute instances bulk create to GA.
  • Added mesh as an option for --service-proxy of gcloud beta compute instance-templates create.

Compute OS Config

  • Add --mig-instances-allowed flag to gcloud compute os-config patch-jobs execute.

Config Connector

  • Updated Google Cloud Config Connector to version 1.71.0. See Co