Google Cloud release notes

HubSpot trigger is now available in preview.

Jobs enhancement

The following features have been added:

• Ability to sort the job execution table by time or status
• Indication in the jobs queue for each failed job iteration

Confidential Space: You can now use the Split-Trust Encryption Tool (STET) with Confidential Space.

Datastream now supports SSL/TLS encryption for connections to PostgreSQL sources that don't require client certificates.

Release 1.14.11

Anthos clusters on bare metal 1.14.11 is now available for download. To upgrade, see Upgrading Anthos on bare metal. Anthos clusters on bare metal 1.14.11 runs on Kubernetes 1.25.

The following Connector Event triggers are available in preview:

• IBM MQ trigger
• Rabbit MQ trigger

SAP HANA databases running in Compute Engine instances can now be backed up as Persistent Disk snapshots of the Compute Engine instance. This feature is in Private Preview.

Added basic connector support for the following OSes. See Support matrix.

• OEL 8.8, 9.1, and 9.2
• RHEL 8.8 and 9.2
• RHEL for SAP 8.8, 9.0, and 9.2
• Rocky Linux 8.8, 9.0, 9.1, and 9.2
• Rocky Linux Optimised for Google Cloud 8.8 and 9.2
• SLES 15 SP5
• SLES for SAP 15 SP5

Cloud Spanner emulator support for the PostgreSQL dialect is now generally available. To learn more about the emulator, see Emulate Cloud Spanner locally.

The Object Retention Lock feature is now available.

• Using this feature, you can place a retention configuration on individual objects.

• A retention configuration defines a date prior to which the object cannot be deleted or overwritten.

• A retention configuration can optionally be locked to prevent the retention date from being shortened or removed.

Network edge security polices (custom rules) are now available to allowlisted users. For more information about network edge policies, see Types of security policies. In addition, you can learn how to Configure network edge security policies.

Release 1.15.7

Anthos clusters on bare metal 1.15.7 is now available for download. To upgrade, see Upgrading Anthos on bare metal. Anthos clusters on bare metal 1.15.7 runs on Kubernetes 1.26.

The following resource types are now publicly available through the ExportAssets, ListAssets, BatchGetAssetsHistory, QueryAssets, Feed and Search (SearchAllResources, SearchAllIamPolicies) APIs.

• Financial Services
  • financialservices.googleapis.com/Dataset
  • financialservices.googleapis.com/BacktestResult
  • financialservices.googleapis.com/EngineConfig
  • financialservices.googleapis.com/Model
  • financialservices.googleapis.com/PredictionResult

Regional endpoints are now available in Preview. Regional endpoints let you run your workloads in a manner that complies with data residency and data sovereignty requirements, where your request traffic is routed directly to the region specified in the endpoint.

Confidential Space. Support for VPC Service Controls is released to General Availability.

You can now protect Confidential Space using VPC Service Controls perimeters. For more information, see VPC Service Controls supported products.

General availability support for the following integration:

• Confidential Space

You can use Private Service Connect backends to access published services that are hosted on regional internal Application Load Balancers and regional internal proxy Network Load Balancers.

Helm charts management for Apigee hybrid

Starting in version v1.11.0, you have the choice of installing and managing your clusters with either Helm or apigeectl. You cannot manage a cluster with both. Apigee recommends using Helm for new hybrid installations. See Apigee hybrid Helm charts reference.

Vault integration for Cassandra credentials (preview)

Starting in version v1.11.0, you can store Cassandra credentials in Hashicorp Vault.
Note: Using Vault requires Helm management of your Apigee installation.
See Storing Cassandra credentials in Hashicorp Vault.

Vault integration is in preview as of the Apigee hybrid 1.11.0 release.

Apigee Advance API Security Actions for Apigee hybrid

Advanced API Security's new Security Actions feature is now available in Apigee hybrid.

Observability for Google Kubernetes Engine: The Observability tab for a GKE cluster adds a dashboard for GPU metrics. The charts on this dashboard are populated only if the cluster has GPU nodes. For more information, see View observability metrics.

For services with cold start times exceeding 10 seconds, requests are now queued for at least the cold start time before timing out while waiting for instances to start.

The demote API is now available. This API demotes an existing standalone instance to be a Cloud SQL read replica for an external database server.

Cloud SQL for MySQL now supports minor version 8.0.35. To upgrade your existing instance to the new version, see Upgrade the database minor version.

The demote API is now available. This API demotes an existing standalone instance to be a Cloud SQL read replica for an external database server.

You can now run workloads on L4 GPUs in Autopilot clusters that use GKE version 1.28.3-gke.1203000 and later. For instructions, see Deploy GPU workloads in Autopilot.

Vertex AI Feature Store

The following features of the new and improved Vertex AI Feature Store are now generally available (GA):

• Feature Registry: Register your feature data sources in BigQuery by creating feature groups and features. For more information, see Create a feature group and Create a feature.

• Cloud Bigtable online serving: Serve features from one or more BigQuery data sources. You can set up Cloud Bigtable online serving by defining online serving clusters called online store instances and creating feature views within the online store instances.

Note that the following features of Vertex AI Feature Store are still in Preview:

• Serve features at ultra-low latencies with Optimized online serving.
• Sync data in a feature view within an online store.
• Retrieve vector embeddings for real-time serving.

For more information, see About Vertex AI Feature Store.

Support for a Kubernetes API connector is available in Preview. The connector allows you to interact with Kubernetes objects in a Google Kubernetes Engine cluster. For more information, see Access Kubernetes API objects using a connector.

The IL4 compliance program now supports the following products. See Supported products for more information:

• Cloud DNS
• Cloud Interconnect
• Cloud Monitoring
• Cloud Router
• Cloud SQL
• Cloud VPN
• Pub/Sub

The following BigQuery ML features for Vertex AI large language models (LLMs) are now generally available (GA):

• The SQL syntax for remote models has been updated to provide access to all text generation and text embedding LLMs (for example, text-bison-32k and textembedding-gecko-multilingual) and also to provide support for different LLM versions.

• Region support for text-bison* LLM models has been expanded to include the following locations in addition to us and us-central1:

  • asia-northeast3
  • asia-southeast1
  • eu
  • europe-west1
  • europe-west2
  • europe-west3
  • europe-west4
  • europe-west9
  • us-west4

Cloud Spanner now supports automatic cleanup of long running transactions (in Preview). To enable this feature, use the Java or Go client library to automatically remove long running transactions that might cause session leaks and receive warning logs about problematic transactions. For more information, see Automatic cleanup of session leaks.

Cloud Spanner now supports Hibernate ORM 6.3 in GoogleSQL Hibernate dialect. For more information, see Integrate Spanner with Hibernate ORM (GoogleSQL dialect).

M113 release

• Miscellaneous bug fixes and improvements in Python 3.10 container images.

M113 release

• Miscellaneous bug fixes and improvements in Python 3.10 images.

You can now configure alerts for Cloud Deploy release render failures.

M113 release

The M113 release of Vertex AI Workbench instances includes the following:

• Added the Dataproc JupyterLab plugin to Vertex AI Workbench instances. To get started, see Create a Dataproc-enabled instance.
• When using an instance's Google Cloud CLI, gcloud config is preset with the following defaults:
  • project is set to your instance's project.
  • Your compute region is set to your instance's region.
  • Your Dataproc region is set to your instance's region.
• Fixed an issue that prevented Dataproc kernels from working.
• Fixed a CORS (cross-origin resource sharing) error.

The M113 release of Vertex AI Workbench user-managed notebooks includes the following:

• Miscellaneous bug fixes and improvements in Python 3.10 notebooks.

You can now restrict an OAuth 2.0 access token so that it works only for AlloyDB authentication.

You can now configure the AlloyDB Auth Proxy to automatically authenticate IAM-based database logins. This works only with the IAM account that you use to run the proxy client.

The AlloyDB Omni Kubernetes Operator version 0.2.0 is available in Preview. This update adds support for AlloyDB Omni version 15.2.2, and includes various bug fixes and improvements. For more information about upgrading AlloyDB using the Kubernetes operator, see Upgrade AlloyDB Omni.

Cloud SQL supports the bulk insert functionality of SQL Server for importing data. This functionality is supported only on SQL Server 2022.

For more information, see Use bulk insert for importing data.

Cloud Spanner now provides an integration workflow with Vertex AI Vector Search to enable vector similarity search on data stored in Spanner. For more information, see Export embeddings from Spanner to Vector Search.

Dynamic Workload Scheduler support on GKE through the Provisioning Request API launched in Preview in version 1.28. Use the Dynamic Workload Scheduler to get large atomic sets of available GPU models in GKE Standard clusters. For more information, see Deploy GPUs for batch workloads with ProvisioningRequest.

Vertex AI Search: Autocomplete denylist (Preview with allowlist)

Importing an autocomplete denylist is available as a preview with allowlist feature. To use this feature, contact your Google account team.

For information about autocomplete denylists, see Use an autocomplete denylist.

Batch video and image support in Vertex AI Vision Warehouse is Generally Available. Vertex AI Vision Warehouse now supports semantic searches and similarity searches on video and images. For more information, see Vision Warehouse overview

You can now see query performance insights about partition skew. This feature is in preview.

Cancelling a currently running job execution is now at general availability (GA).

Google Cloud console experience for VMware Engine: You can use the Google Cloud console to manage your VMware Engine environments without opening another tab. For more information on migrating to this refreshed experience, see What's new with VMware Engine.

VMware Engine network: Further simplification of the networking architecture and experience in VMware Engine removes the need for private service networking. With VMware Engine networks, you can create multiple isolated networks within the same project and connect them as needed to consumer VPCs to deliver complex topologies.

Integrated networking: Private cloud deployment is now just one simple step. VMware Engine network and initial VPC peering to your VPC can be done at the time of private cloud creation.

Advanced VPC Peering: Virtual Private Cloud network peerings define network connectivity between VMware Engine networks, Google VPCs, and other services. You can now create a complex set of VPC peerings within the Google Cloud console.

Increase to the default VPC Peer count: Any standard VMware Engine network now supports 25 VPC Peers by default.

Integrated Cloud DNS for workloads (DNS Bindings): Bi-directional Cloud DNS capabilities that enable DNS resolution for VMware Engine workloads, delivering enterprise needs in a simplified and more streamlined manner. Cloud DNS administrators can bind the VMware Engine network just as any other VPC.

DNS Server IP: Workloads within your private cloud can now use native Cloud DNS for DNS resolution.

Management DNS for private clouds: Automatic Management DNS Peering is now Automatic Management DNS for Private Clouds. You can now view and manage the DNS bindings for the private cloud management zone.

External access rules: Control access to external IP addresses. We have simplified the rule creation process to no longer require creation of a table and attachment to a subnet. External access rules now support one or more external IP address within a single rule.

(Legacy Networks) DNS forwarding rules: Allows configuration of management appliance DNS resolution for private clouds attached to legacy VMware Engine networks.

ESXi (NSX-T Distributed Log Forwarding): You can now configure both ESXi logs, including NSX-T Distributed Firewall (DFW) Logs, to a remote syslog server.

Finer-grained access controls for additional resources: VMware Engine provides finer-grained, per-action access controls for actions performed on new resources added. To view a comprehensive list of permissions for VMware Engine, go to the Permissions reference and search for the prefix vmwareengine.

Additional Google Cloud CLI and VMware Engine API Endpoints: More capabilities delivered using VMware Engine API and Google Cloud CLI enables you to programmatically manage VMware Engine environments, including VMware Engine API and Google Cloud CLI functions for managing the new networking model, network peering, external access rules and external IP service, consumer DNS, and more.

Preview: You can now use Customer-Managed Encryption Keys (CMEK) in Migrate to Virtual Machines to do the following:

• Protect data stored by Migrate to Virtual Machines during the migration process.
• Protect data of the migrated VMs created by clone and cut-over operations for all sources - AWS, Azure, and VMware.

Vertex AI Search: Additional languages supported

Extractive answers are now supported in the following languages:

• Arabic
• Chinese (Simplified)
• Japanese

See Languages.

The following BigQuery ML point-in-time lookup functions are now generally available (GA). These functions let you specify a point-in-time cutoff when retrieving features for training a model or running inference, in order to avoid data leakage.

• Use the ML.FEATURES_AT_TIME function to use the same point-in-time cutoff for all entities when retrieving features.
• Use the ML.ENTITY_FEATURES_AT_TIME function to retrieve features from multiple points in time for multiple entities.

The following AI features in BigQuery are now in preview:

• The ability to process documents from BigQuery object tables by doing the following:

  • Creating a remote model based on the Document AI API, including specifying a document processor to use.
  • Using the ML.PROCESS_DOCUMENT function with a Document AI-based remote model to process the documents.
    
    Try this feature with the Process documents with the ML.PROCESS_DOCUMENT function how-to.
    
    

• The ability to transcribe audio files from BigQuery object tables by doing the following:

  • Creating a remote model based on the Speech-to-Text API, including specifying a speech recognizer to use.
  • Using the ML.TRANSCRIBE function with a Speech-to-Text-based remote model to transcribe the audio files.
    
    Try this feature with the Transcribe audio files with the ML.TRANSCRIBE function how-to.

Deploying sidecar containers to your Cloud Run service is now at general availability (GA). Console UI and CLI are also now available for this feature.

Managed autoscaling for compute capacity on Cloud Spanner instances is now in preview. With managed autoscaling, Spanner automatically increases or decreases compute capacity on the instance in response to changing workload or storage needs and user defined goals. For more information, see Managed autoscaling for Spanner.

Preview: When creating or modifying an on-demand reservation, you can configure reservations to be automatically deleted at a specific date and time. Automatically deleting reservations makes it easier to prevent charges from unused reservations when you no longer need them.

For more information, see the documentation for creating on-demand reservations.

The Cloud Spanner to Vertex AI Vector Search template is generally available (GA).

Dataflow jobs now scale to 4,000 worker VMs.

Cloud Deploy now supports delivery pipeline automation, including automated release promotion and automated rollout phase advancement, in preview.

Numerical filtering available in Vertex AI Vector Search

With Vector Search you can restrict results by "filtering" your index results. In addition to filtering by using categorical restrictions, you can now use numeric filtering. To learn more, see Filter vector matches.

This release includes the public preview of integrated portal APIs which allow you to manage your integrated portal APIs and reference documentation using API calls.

The catalog items list view now uses pagination when making requests to the portals service, examples have been added to Publishing your APIs, and new reference documentation is available:

• Publishing your APIs
• API categories reference documentation
• API documents reference documentation

Apigee is now available in a new region: Middle East - Dammam (me-central2).

See Apigee locations for more information about available regions.

Database Migration Service now supports data cache in Cloud SQL for PostgreSQL Enterprise Plus edition instance creation.

You can enable data cache in the destination database when you create a migration job. To learn more about data cache in Cloud SQL for PostgreSQL, see Data cache overview.

You can now upgrade Enterprise edition instances to Enterprise Plus edition in place with minimal disruption. Similarly, you can also switch from Enterprise Plus edition to Enterprise edition in place. For more information, see Upgrade an instance by using in-place upgrade.

You can now upgrade Enterprise edition instances to Enterprise Plus edition in place with minimal disruption. Similarly, you can also switch from Enterprise Plus edition to Enterprise edition in place. For more information, see Upgrade an instance by using in-place upgrade.

Cloud Spanner now supports batch-oriented scans. For certain queries, Spanner chooses a batch-oriented processing mode to help improve scan throughput and performance. For more information, see Optimize scans.

Preview: In a managed instance group (MIG), you can turn off repairs to inspect failed and unhealthy VMs, to implement your own repair logic, or to monitor the application health without triggering repairs by MIG. For more information, see Turn off repairs in a MIG.

You can now stream the following large object data types for Oracle sources:

• BLOB
• CLOB
• NCLOB

Support for Firestore point-in-time recovery (PITR) feature that provides protection against accidental deletion or writes is now generally available (GA).

Support for Firestore in Datastore mode point-in-time recovery (PITR) feature that provides protection against accidental deletion or writes is now generally available (GA).

The Observability tab for a GKE deployment now shows application performance metrics if the metrics are available. The supported metric sources include Istio, GKE Ingress, NGINX Ingress and gRPC, and HTTP metrics collected by using Google Managed Service for Prometheus. For more information, see Use application performance metrics.

Policy Controller integration now in Preview

The integration of Policy Controller for Kubernetes clusters with Security Command Center is released to Preview. Violation alerts from Policy Controller now appear in Security Command Center as misconfiguration findings.

For more information, see Policy Controller.

Generative AI on Vertex AI

Security controls are available for additional Generative AI on Vertex AI features.

Release 6.2.39 - Preview

Dynamic mode instance support

When a playbook is built for more than one environment, you need to use dynamic mode which picks the relevant instance configuration from the target environment. When using dynamic mode within environments that contain multiple instances, the playbook needs to stop and wait for the analyst to pick the right instance by the context of the alert.

In this release, we have added a new option to the playbook designer, such that the analyst can specify an instance for the dynamic mode to use within the target environment by entering a name or a pattern in a new Specify Instance Name field. This feature is in Preview.

Jobs enhancement

The Jobs page in the platform has been enhanced to provide more information at a glance for the security analyst. The following is a list of the added features:

• Filter jobs according to success or failure.
• Click View Details to open a side bar with full details.
• Export the log details in raw text format.
• View all job iterations with extra pagination support.

This feature is in Preview.

Update SiemplifyUtils to support Python 3 (ID #45825896).

This feature is in Preview

You can now display events, such as the crash of a GKE pod, on your dashboards. This feature is in Public Preview.

• For a list of supported events, see Events overview.
• For information about enabling events, see Show events on a dashboard.

Data cache is now available for Cloud SQL for PostgreSQL Enterprise Plus edition instances.

You can now recover a permanently failed stream. For more information, see Recover a stream.

You can now start a stream from a specific binary log position for MySQL sources using the Datastream API. For more information, see Start a stream from a specific binary log position.

GKE Infrastructure Dashboards and Metrics Packages are now generally available for both GKE Autopilot and Standard clusters with control plane version 1.27.2-gke.1200 and later.

You can now configure your Autopilot or Standard clusters to export a predefined list of metrics emitted by GKE managed kube-state-metrics (KSM) for workloads state and persistent storage. The component will run in the GKE system namespace "gke-managed-cim" to collect the metrics using Google Cloud Managed Service for Prometheus and send them to Cloud Monitoring. You can view the metrics in the new Persistent and Workloads State dashboards in the Observability tab.

The extension oracle_fdw is added to the extensions supported by AlloyDB. The extension provides a foreign data wrapper for accessing Oracle databases.

Detection Engine has added support for rule statuses for Chronicle YARA-L rules running on live data. In addition to being in Enabled or Disabled state, rules can also have Limited or Paused status depending on their resource usage.

Cloud Bigtable app profiles now let you configure request priorities to prioritize certain workload data requests over others. This feature is available in Preview.

Cloud Functions now supports on-deployment security updates (1st gen and 2nd gen) and fully automatic security updates (1st gen only). For details, see Execution environment security.

Setting custom audiences on your Cloud Run services is now at general availability (GA).

Confidential Space. Support for VPC Service Controls is released to Preview.

You can now protect Confidential Space using VPC Service Controls perimeters. For more information, see VPC Service Controls supported products.

You can now use Dataproc Serverless autoscaling V2 to help you manage Dataproc Serverless workloads, improve workload performance, and save costs.

Configuring Google Cloud operations suite alerts is now supported in the Cloud Deploy console.

New inference-focused Cloud Tensor Processing Unit (TPU) v5e machine types are available in GKE. These single-host TPU VMs are designed for inference workloads and contain one, four, or eight TPU v5e chips. These three new TPU v5e machine types (ct5l-hightpu-1t, ct5l-hightpu-4t, and ct5l-hightpu-8t) are currently available in the us-central1-a and europe-west4-b zones.

Cloud Tensor Processing Unit (TPU) v5e is generally available in clusters running GKE version 1.27.2-gke.2100 and later.

TPU v5e is purpose-built to bring the cost-efficiency and performance required for medium- and large-scale training and inference. TPU v5e delivers up to 2x higher training performance per dollar and up to 2.5x inference performance per dollar for LLMs and gen AI models compared to Cloud TPU v4. At less than half the cost of TPU v4, TPU v5e makes it possible for more organizations to train and deploy larger, more complex AI models.

Admins can now restrict non-admins from accessing the dashboard auto-refresh option.

Users can now move dashboard tiles to the left or the right side and also resize them to standard sizes.

Quick Layout for dashboard editors has been added behind the dashboard_layout_accelerator feature flag, which is set to ON by default for all customers besides core instances.

Support for VPC Service Controls released to Preview

You can now protect Security Command Center using VPC Service Controls perimeters. For more information, see VPC Service Controls supported products.

Traffic Director advanced load balancing, which is in Preview, is updated to include failover health threshold configuration.

The batch SQL translator has added enhancements when viewing SQL translation reports. You can now see a log summary of all issues during a translation job, as well as a code tab that displays a side-by-side comparison of your input and output files from a translation. This feature is in preview.

The following resource types are now publicly available through the Search APIs (SearchAllResources, SearchAllIamPolicies):

• autoscaling.k8s.io/HorizontalPodAutoscaler
• k8s.io/ServiceAccount

Observability for Google Kubernetes Engine: The Observability tab for a GKE deployment now shows application performance metrics if the metrics are available. The supported metric sources include Istio, GKE Ingress, NGINX Ingress and gRPC and HTTP metrics collected by using Google Managed Service for Prometheus. For more information, see Use application performance metrics.

Cloud Spanner now supports the Go programming language ORM, GORM, with GoogleSQL-dialect databases. For more information, see Integrate Spanner with GORM (GoogleSQL dialect).

Cloud Workstations is available in the asia-east2 region (Hong Kong, APAC). For more information, see Locations.

Generally available: A replica recovery checkpoint of a regional Persistent Disk volume represents the most recent crash-consistent point in time of the fully replicated disk. For disks that are not fully replicated, you can use the checkpoint to create disk snapshots from an incomplete zonal replica. You can create and use these snapshots to recover disk data in the rare scenario where your synced replica goes down before your incomplete replica catches up.

Learn more about Regional Persistent Disk replica recovery checkpoints and how to use checkpoints to recover a degraded disk.

Campaigns, Do Not Call (DNC) list: You can now create your own Do Not Call (DNC) list for campaign calls. You can enable the Company DNC at Settings > Campaigns > Company Do Not Call (DNC) List. The DNC list is managed using the dedicated DNC API endpoints. Depending on configuration the DNC list can block direct, manual, and outbound calls as well as outbound and scheduled calls created by the Apps API.

Campaigns, time zone management: This release includes new time zone settings to simplify management of different time zones and calling time standards. You can now set up different time zone schemas and apply a specific time zone schema for each campaign. For example, you can use this feature to apply customized schemas to regions that have strict rules about when telemarketing calls are allowed.

You can configure time zone settings at Settings > Campaigns > Timezone Management.

Kustomer bi-directional agent status: The Kustomer integration now offers bi-directional agent status syncing.

Virtual Agent, signed and unsigned data parameters: You can now pass signed and unsigned (secured/unsecured) data parameters for Virtual Agent calls and chats using Mobile SDK in addition to the Web SDK.

Pass voice and chat channel parameter to Virtual Agent: Virtual Agents can now pass channel-specific parameters to CCAI Platform when invoking an Dialogflow Agent. This update applies to Voice Virtual Agents in IVR and Mobile channels.

Localization country code setting for calls: A country code based on outgoing or dialed number has been added to the dial dialog and add party dialog.

You can use the Google Cloud console to analyze organization policies. This feature is available in Preview.

You can use the Google Cloud console to analyze organization policies. This feature is available in Preview.

Release 1.14.10

Anthos clusters on bare metal 1.14.10 is now available for download. To upgrade, see Upgrading Anthos on bare metal. Anthos clusters on bare metal 1.14.10 runs on Kubernetes 1.25.

Python 3.12 is now generally available.

Python 3.12 is now generally available.

The BigQuery Data Transfer Service can now transfer campaign reporting and configuration data from Display & Video 360 into BigQuery. This feature is in preview.

The following BigQuery ML features for time series forecasting are now generally available (GA):

• Ensure forecasted values fall within specified limits. The FORECAST_LIMIT_LOWER_BOUND and FORECAST_LIMIT_UPPER_BOUND options of the CREATE MODEL statement let you set the lower and upper bounds of the forecasted values returned by the model.

  Try this feature with the Limit forecasted values for a time series model tutorial.

• Custom holiday modeling:

  • CREATE MODEL syntax lets you specify custom holiday modeling for time series models.
  • The ML.HOLIDAY_INFO function returns the list of holidays being modeled by an ARIMA_PLUS or ARIMA_PLUS_XREG time series forecasting model.
  • The updated ML.EXPLAIN_FORECAST function includes an explanation of the holiday effect for each holiday included in the model.

  Try this feature with the Use custom holidays in a time-series forecasting model tutorial.

The following resource types are now publicly available through the ExportAssets, ListAssets, BatchGetAssetsHistory, QueryAssets, and Feed APIs:

• ContactCenter AI Insights
  • contactcenterinsights.googleapis.com/IssueModel
  • contactcenterinsights.googleapis.com/PhraseMatcher
  • contactcenterinsights.googleapis.com/View

Cloud Functions now supports the Python 3.12 runtime at the General Availability release level.

Configuring Blob storage settings is now available in Preview. With this feature you can do the following:

• Specify a storage class to import DICOM objects
• Specify a storage class to store DICOM instances
• Change DICOM storage classes

Cloud SQL Enterprise Plus edition now supports asia-southeast2 (Jakarta).

Cloud SQL Enterprise Plus edition now supports asia-southeast2 (Jakarta).

The Data Catalog Sync feature is generally available (GA). With this launch, Data Catalog also now supports syncing metadata from Dataproc Metastore services using the Spanner Database.

Speech-to-Text has launched two models, named telephony and telephony_short. The two models are customized to recognize audio that originates from a phone call and corresponds to the most recent versions of the existing phone_call model. For more information, see Speech-to-Text supported languages.

Vertex AI Search: Multi-region support for US and EU locations is GA

The US multi-region and the EU multi-region APIs are generally available (GA).

For more information about multi-regions including limitations, see Vertex AI Search locations.

Connecting to applications using SMART on FHIR in the Cloud Healthcare API is available in Preview.

Support for custom domains is available in preview through the gcloud CLI and REST API. To access your workstations, you can specify a trusted, custom domain rather than using the default cloudworkstations.dev domain.

The h3-node-88-352 sole-tenant node type is now Generally Available.

(New guide) Google Cloud deployment archetypes: Overview and comparative analysis of the zonal, regional, multi-regional, global, hybrid, and multicloud deployment archetypes.

The following models have been added to Model Garden:

• ImageBind: Multimodal embedding model.
• Vicuna v1.5: LLM finetuned based on llama2.
• OWL-ViT v2: SoTA Open Vocabulary Object Detection model.
• DITO: SoTA Open Vocabulary Object Detection model.
• NLLB: Multi-language translation model.
• Mistral-7B: SoTA LLM at small size.
• BioGPT: LLM finetuned for biomedical domain.
• BiomedCILP: Multimodal foundational model finetuned for biomedical domain.

To see a list of all available models, see Explore models in Model Garden.

BigQuery now supports text analysis configuration options for the following:

• CREATE SEARCH INDEX DDL
• Existing LOG_ANALYZER and new PATTERN_ANALYZER analyzers, which are used in various functions, including SEARCH
• New TEXT_ANALYZE function

BigQuery now also provides support for the following advanced processing functions:

• ML.BAG_OF_WORDS
• ML.TF_IDF
• BAG_OF_WORDS
• TF_IDF
• COSINE_DISTANCE
• EUCLIDEAN_DISTANCE
• EDIT_DISTANCE

These features are now in preview.

Table and index operations statistics are now generally available. This feature helps you get insights and monitor usages of your tables and indexes in your database. For more information, see Table operations statistics.

Retail API: Configure logging

You can configure which service logs are written to Cloud Logging. Logging configuration provides a way to set the severity levels at which to write logs, turn logging on or off, and override default logging settings for specific services. For information on how to change Logging configurations, see Configure Logging.

Public preview of Advanced API Security custom profiles in the Apigee UI

With this release, you can now create and edit custom security profiles in the Apigee UI. Custom profiles let you specify the security categories that your security scores are based on.

The Security scores page in the Apigee UI has been renamed to the Risk assessment page, and the page now has tabs for security scores and security profiles.

The following INFORMATION_SCHEMA views that show metadata for table storage usage are now in preview:

• Use the TABLE_STORAGE_USAGE_TIMELINE view to get total billable bytes per table per day at the project level.
• Use the TABLE_STORAGE_USAGE_TIMELINE_BY_ORGANIZATION view to get total billable bytes per table per day at the organization level.

You can now use cached results from the same query issued by other users in the same project when you use Enterprise or Enterprise Plus edition. This feature is generally available (GA).

Summarizing log entries with Duet AI assistance is now generally available.

Duet AI for Cloud Shell is now available. Use Duet AI, your AI-powered collaborator, to accomplish tasks more effectively and efficiently. Duet AI provides contextualized responses to your prompts to help guide you on what you're trying to do with your code. It also shares source citations regarding which documentation and code samples the assistant used to generate its responses.

If you use the latest version of the Cloud Shell editor, which is Code - OSS based, you can use Duet AI for Cloud Shell. For more information, see the Duet AI in Google Cloud overview and Code with Duet AI assistance.

Duet AI for Cloud Workstations is available. Use Duet AI, your AI-powered collaborator, to accomplish tasks more effectively and efficiently. Duet AI provides contextualized responses to your prompts to help guide you on what you're trying to do with your code. It also shares source citations regarding which documentation and code samples the assistant used to generate its responses.

If you use the Code - OSS base image, you can use Duet AI in the Cloud Workstations base editor. For more information, see the Duet AI in Google Cloud overview and Code with Duet AI assistance.

Inline code completion with Duet AI assistance is now generally available (GA). For more information, see Write code in a Colab Enterprise notebook with Duet AI assistance.

Generally available: When assigning a custom queue count for the receive and transmit queues for a vNIC, under certain conditions, you can configure a number of custom queue counts that exceeds the number of vCPUs allocated to the VM.

Data store agents now support additional languages and regions.

Dialogflow CX now supports the DIVIDE and MULTIPLY system functions.

Troubleshooting errors with Duet AI assistance is now generally available.

General availability support for the following integration:

• Duet AI in Google Cloud

Artifact Registry remote repositories now support authentication to Docker Hub upstream repositories.

To create a Docker Hub remote repository, take the quickstart.

Backup for GKE now supports transformation rules that allow for the modification of resources during restore. This is an improvement over the existing substitution rules. For more information, see Modify resources during restoration.

Terraform now supports managing Backup for GKE RestorePlan resources. For more information, see google_gke_backup_restore_plan.

BigQuery support for change data capture (CDC) by processing and applying streamed changes in real-time to existing data using the BigQuery Storage Write API is now generally available (GA).

You can now use data manipulation language (DML) to modify rows that have been recently written by the Storage Write API. This feature is in preview.

The following resource types are now publicly available through the ExportAssets, ListAssets, BatchGetAssetsHistory, QueryAssets, and Feed APIs.

• Identity and Access Management
  • iam.googleapis.com/PolicyV2

Job overrides are now at general availability (GA). This feature lets you override the arguments, environment variables, number of tasks, and task timeouts already configured for a job when you execute a job.

The Cloud Spanner ExecuteBatchDml API now applies optimizations to groups of statements within a batch to enable faster and more efficient data updates. For more information, see Improve latency with batch DML.

Preview: Advanced maintenance control for sole-tenancy lets you control planned maintenance events for sole-tenant node groups and minimise maintenance-related disruptions. This feature is available only for sole-tenant node groups. To use this feature with your existing virtual machines, you must first move your VMs to sole-tenant node groups that have advanced maintenance control enabled.

The advanced maintenance control for sole-tenancy feature lets you:

• Check for maintenance events scheduled for a sole-tenant node 28 days in advance.
• Trigger maintenance immediately or schedule it for later. Note that if you trigger maintenance immediately, the maintenance takes place within 24-hours from the time you trigger the request.

For more information, see Advanced maintenance control for sole-tenancy.

Dataproc Metastore is available in the following multi-regional configurations, nam11 and eur5.

GKE multi-cluster Gateway is now generally available in GKE versions 1.24 and later for GKE Standard clusters, and versions 1.26 and later for GKE Autopilot clusters. Use the Gateway API to express the intent of your inbound HTTP(S) traffic into your fleet of GKE clusters. The multi-cluster Gateway controller deploys and manages the Application Load Balancers that forward traffic to your applications. To learn more, see Enable multi-cluster Gateways. For the list of supported Cloud Load Balancers and their features, refer to GatewayClass capabilities.

For more information, refer to the overview of Key Access Justifcations.

Transfer Appliance now has alpha-level support in the gcloud CLI (gcloud alpha transfer appliances) allowing you to view in-progress transfer results, work with draft orders, clone existing orders, and more. See the reference documentation for full details.

Access Transparency supports Agent Assist in the GA stage.

1.25.0-gke.8, 1.26.0-gke.6, and 1.27.0-gke.3

Added support for attaching any CNCF-conformant Kubernetes cluster, in addition to EKS and AKS clusters. To attach a cluster, specify the distribution type as "generic".

Release 1.15.6

Anthos clusters on bare metal 1.15.6 is now available for download. To upgrade, see Upgrading Anthos on bare metal. Anthos clusters on bare metal 1.15.6 runs on Kubernetes 1.26.

Release 1.16.2

Anthos clusters on bare metal 1.16.2 is now available for download. To upgrade, see Upgrading Anthos on bare metal. Anthos clusters on bare metal 1.16.2 runs on Kubernetes 1.27.

The BigQuery Data Transfer Service can now transfer data from Azure Blob Storage into BigQuery. This feature is now generally available (GA).

The administrative resource charts now supports the following features in preview:

• View your resource utilization chart at the project level.
• Filter your resource utilization data based on different billing models.

Bring your own bucket feature is now generally available (GA). You can now use a custom Cloud Storage bucket as an environment's bucket.

The rollout of the following items is complete:

• The oracle_fdw extension, version 1.2
• The minor versions, extension versions, and plugin versions listed in the September 21 release note

Enable portmapper registration reporting for lsof. This also fixes an issue where lsof is missing from SOS reports.

Add compiler mitigations to mitigate memory corruption vulnerabilities.

Sequence named before nss-lookup.target.

Enable portmapper registration reporting for lsof. This also fixes an issue where lsof is missing from SOS reports.

Enable portmapper registration reporting for lsof. This also fixes an issue where lsof is missing from SOS reports.

Enable portmapper registration reporting for lsof. This also fixes an issue where lsof is missing from SOS reports.

Enable portmapper registration reporting for lsof. This also fixes an issue where lsof is missing from SOS reports.

Added spark.dataproc.scaling.version=2 config to let customers control the Dataproc Serverless for Spark autoscaling version.

Artifact Registry remote repositories are now generally available.

Remote repositories store artifacts from external sources such as Docker Hub or PyPI. A remote repository acts as a proxy for the external source so that you have more control over your external dependencies. The first time that you request a version of a package, Artifact Registry downloads and caches the package in the remote repository. The next time you request the same package version, Artifact Registry serves the cached copy.

To get started with remote repositories, try the quickstart.

Artifact Registry virtual repositories are now generally available.

Virtual repositories act as a single access point to download, install, or deploy artifacts in the same format from one or more upstream repositories. An upstream repository can be an Artifact Registry standard or remote repository.

To get started with virtual repositories, create a virtual repository, or see an example of how to use the different repository modes together in the repository overview usage example.

The Japan Regions compliance program is now generally available. For a list of Google Cloud products compliant with Japan Regions, see the Supported products page.

Google has added Frankfurt (Germany) and Zurich (Switzerland) as new regions for Chronicle customers. Chronicle can now store customer data in these regions. This also adds new regional endpoints for Chronicle APIs at https://europe-west3-backstory.googleapis.com and https://europe-west6-backstory.googleapis.com.

New searchable fields are now available.

The following resource types are now publicly available through the ExportAssets, ListAssets, BatchGetAssetsHistory, QueryAssets, Feed API, and Search APIs (SearchAllResources, SearchAllIamPolicies).

• netapp.googleapis.com/StoragePool
• netapp.googleapis.com/Volume
• netapp.googleapis.com/Snapshot
• netapp.googleapis.com/ActiveDirectory
• netapp.googleapis.com/KmsConfig
• netapp.googleapis.com/Replication

You can now specify the SSL mode of your Cloud SQL instances, which gives you more accurate SSL encryption. To use SSL mode, you must use the maintenance version [PostgreSQL version].R20230530.01_00 or newer. For more information, see Enforce SSL/TLS encryption.

Preview: Hyperdisk Balanced is now available in preview with H3 VMs. Hyperdisk Balanced is a good fit for a wide range of use cases such as LOB applications, web applications, and medium-tier databases that don't require the performance of Hyperdisk Extreme. For more information, see About Hyperdisk.

Added support for ContainerAttachedCluster (v1beta1) resource.

Added support for AlloyDBCluster (v1beta1) resource.

Added support for AlloyDBInstance (v1beta1) resource.

Added support for AlloyDBBackup (v1beta1) resource.

Added name validation for ValidatingWebhookConfigurationCustomization and MutatingWebhookConfigurationCustomization CRDs.

Added validation for duplicate webhooks in spec.webhooks list of the customizable ControllerResource and NamespacedControllerResource CRDs.

Added errors on invalid webhook names into status of ValidatingWebhookConfigurationCustomization and MutatingWebhookConfigurationCustomization custom resources.

Graduated ValidatingWebhookConfigurationCustomization, MutatingWebhookConfigurationCustomization, ControllerResource and NamespacedControllerResource CRDs to v1beta1.

Resource AlloyDBCluster(v1beta1):

• Added spec.networkConfig field.

Resource ComputeSubnetwork(v1beta1):

• Added status.internalIpv6Prefix field.

Resource ComputeTargetHTTPSProxy(v1beta1):

• Added spec.serverTlsPolicyRef field.

Resource ContainerCluster(v1beta1):

• Added spec.nodeConfig.fastSocket field.

Resource ContainerNodePool(v1beta1):

• Added spec.nodeConfig.fastSocket field.

Resource NetworkConnectivitySpoke(v1beta1):

• Added spec.linkedVPCNetwork field.

Resource RunJob(v1beta1):

• Added spec.template.template.vpcAccess.networkInterfaces field.

Resource RunService(v1beta1):

• Added spec.template.vpcAccess.networkInterfaces field.

Resource SecretManagerSecretVersion(v1beta1):

• Added spec.isSecretDataBase64 field.

Batch workspace deletion is available.

Vertex AI Search: Create media recommendations in Vertex AI Search

You can now create apps for media recommendations in Vertex AI Search. Media recommendations include content such as videos, news, and music. For more information, see Vertex AI Search.

Important: If you are using Discovery for Media for media recommendations, you need to switch to the media recommendations capability of Vertex AI Search. All of the existing data and models that you created with Discovery for Media will automatically appear in the Vertex AI Search and Conversation console, with the models appearing as apps. For more information, see Migrate from Discovery for Media to media recommendations.

Recover FHIR resources with point-in-time recovery (PITR) is available in Preview.

Cloud Spanner now supports FULL JOIN with USING in PostgreSQL-dialect databases. For information about PostgreSQL queries in Spanner, see PostgreSQL queries.

Managed folders are now available in Preview. When using managed folders, you can organize your objects by group and set IAM policies that offer more granular access control over data segments within a bucket.

File search is available in workspaces.

Access Transparency supports Vertex AI Workbench instances in the GA stage.

Certificate Authority Service is now available in the following region:

• europe-west10

For more information, see Certificate Authority Service locations.

Release Notes 6.2.37

Beta - 29th October, 2023

GA - 5th November, 2023

A new Explore containing case-related fields has been added to the Advanced Reports module in the platform. This Explore allows you to find fields and build visualizations for your report. We recommend using this new Explore in new widgets.

Cloud Workstations is available in the northamerica-northeast1 region (Montréal, Québec, North America). For more information, see Locations.

Preview: Project zonal metadata is custom project metadata that you can set exclusively for VMs in a specific zone in a project. Project zonal metadata helps you with fault isolation and provides greater reliability. By setting custom project zonal metadata, you gain more control over the project metadata for your VMs and limit the impact of any incorrect metadata updates to VMs within the specific zone.

Learn more about VM metadata and how to set custom project zonal metadata.

Dataproc Metastore is now available in the me-central2 (Dammam) region. For more information, see Dataproc Metastore locations.

Styles are now supported in Neural2 voices through SSML. The following styles are supported

• <google:emotion name="apologetic">
• <google:emotion name="calm">
• <google:emotion name="empathetic">
• <google:emotion name="firm">
• <google:emotion name="lively">

for the following voices:

• en-us-Neural2-F
• en-us-Neural2-J

With this release, the HeaderName element is available as a child element of Authentication. This element appears in the ServiceCallout and ExternalCallout policies, and in the TargetEndpoint proxy configuration.

By default, when an Authentication configuration is present, Apigee generates and injects a bearer token into the Authorization header, in the message sent to the target system. The new HeaderName element allows the configuration to specify the name of a different header to hold that bearer token.

Remote Agents 1.4.4

• Added support for all SDK calls over remote agents
• Improved managing integrations over the remote agent leading to a more overall stable product experience
• Publisher Python version upgraded to Python 3.11

Ops Agent version 2.43.0 introduces support for Compute Engine Arm VMs that are running SLES 15 and OpenSUSE Leap 15. For more information, see Support for Compute Engine Arm VMs.

Ops Agent version 2.43.0 introduces support for Compute Engine Arm VMs that are running SLES 15 and OpenSUSE Leap 15. For more information, see Support for Compute Engine Arm VMs.

Sync TCPX changes to commit da99a91cffb1

Long Audio Synthesis now supports Studio voices.

Long Audio Synthesis now supports SSML inputs.

Custom data masking now supports an expanded list of functions, including SHA hash functions with salt. This feature is in preview.

Control access to single-project budgets

If you are a billing account-level user and are creating a budget for a single project, you can now prevent project users such as Project Owners and Project Editors from making changes to the budget. This prevents inadvertent changes to budgets that you might be tracking at the Cloud Billing account level.

Learn more about creating Google Cloud budgets.

Budgets for project users is now Generally Available

Project users such as Project Owners, Project Editors, and Project Viewers in Google Cloud can now create budgets and stay on top of their cloud costs, without needing additional permissions to access Cloud Billing accounts. Budgets for project users enables project users to take ownership of their costs, plan for the spend in the projects that they own, and proactively manage cost exceptions.

You can now assign custom roles to users who can create, modify and delete single-project budgets for the projects they have access to.

Project users can use the Google Cloud console or the Cloud Billing Budget API to manage budgets for projects.

• Take a 10-minute tutorial to get started with budgets for project users
• View the documentation to learn more about Google Cloud budgets

Cloud Spanner PostgreSQL now supports the SELECT DISTINCT statement. For more information, see SELECT.

The Cloud Spanner to BigQuery template for batch pipelines is available in preview.

Dataproc now collects the dataproc.googleapis.com/job/yarn/vcore_seconds and dataproc.googleapis.com/job/yarn/memory_seconds job-level resource attribution metrics to track YARN application vcore and memory usage during job execution. These metrics are collected by default and are not chargeable to customers.

Dataproc now collects a dataproc.googleapis.com/node/yarn/nodemanager/health health metric to track the health of individual YARN node managers running on VMs. This metric is written against the gce_instance monitored resource to help you find suspect nodes. It is collected by default and is not chargeable to customers.

Dialogflow CX has added the following prebuilt components:

• Account balance

• Account statement

• Alphanumeric collection

• Arrange appointment

• Authentication

• Credit card enrollment

• Credit card statement

• Disputes

• Financial services steering

• Lock card

• Lost and stolen card

• Make a payment

• Open account

• Transaction history

You can now deploy Cloud Run jobs, in addition to Cloud Run services.

Added support for Committed use discounts for Memorystore for Redis Cluster.

Workforce identity federation is available.

Support for the PostgreSQL ARRAY data type is now added in Datastream.

Eventarc support for internal HTTP endpoints as event destinations is available in Preview. For more information, see the guide and the tutorial.

Cloud Armor for regional HTTP(S) load balancers is now Generally Available. For more information, see the Security policy overview.

You can now use the GKE API to apply Resource Manager tags to your GKE resources. GKE attaches these tags to the underlying Compute Engine VMs. You can use these tags to selectively enforce Cloud Firewall network firewall policies. This feature is available in Public Preview in GKE version 1.28 and later.

The constraint template library includes a new template: K8sAvoidUseOfSystemMastersGroup. For reference, see the Constraint template library.

The constraint template library includes a new template: K8sPSPWindowsHostProcess. For reference, see the Constraint template library.

Looker Studio Integration

This release includes the public preview of Looker Studio Integration, which connects Apigee data to Google's Looker Studio. Looker Studio is a powerful and flexible tool that you can use to display Apigee data in fully customizable dashboards and reports.

Security Command Center Premium adds real-time threat detection for Google Cloud Backup and DR Service.

Event Threat Detection, a Security Command Center Premium service, released new rules for Google Cloud Backup and DR Service. Security Command Center can now do the following:

• Detect Backup and DR actions that result in data destruction.
• Detect Backup and DR actions that inhibit inhibit system recovery.

These new rules are available now to all Security Command Center Premium customers. For more information, see Security Command Center Premium for Backup and DR Service.

Stored procedures for Apache Spark are now available without enrollment. This feature is in preview.

View granular cost data from Dataflow usage in Cloud Billing exports to BigQuery

You can now view granular Dataflow cost data in the Google Cloud Billing detailed export. Use the resource.name or resource.global_name field in the export to view and filter your detailed Dataflow usage.

Review the schema of the Detailed cost data export.

View granular cost data from BigQuery usage in Cloud Billing exports to BigQuery

View granular cost data from BigQuery in Cloud Billing exports to BigQuery You can now view granular BigQuery cost data in the Google Cloud Billing detailed export. Use the resource.name or resource.global_name field in the export to view and filter your BigQuery Dataset and Jobs costs.

Review the schema of the Detailed cost data export.

Compute resources can now be reserved in advance for use with GKE. Create a future reservation to request assurance of important or difficult-to-obtain capacity in advance. There are no additional costs for creating future reservation requests. You only start to pay when Compute Engine provisions the reserved resources, and you're charged at the same cost as on-demand reservations.

Backup and DR Service threat detectors available in Security Command Center Premium

Event Threat Detection, a built-in service of Security Command Center, released new rules for the Google Cloud Backup and DR service to Preview. Security Command Center can now detect the following:

• Backup and DR actions that inhibit system recovery
• Backup and DR actions that result in data destruction

For more information, see:

• Backup and DR in Event Threat Detection rules
• What is Backup and DR Service?

The BigQuery migration assessment is now available for Apache Hive in preview. You can use this feature to assess the complexity of migrating data from your Apache Hive data warehouse to BigQuery.

Support for Customer Managed Encryption Keys (CMEK) is now available for Cloud Tasks. To learn more, see the documentation on using CMEK with Cloud Tasks.

For documents with many fields that don't require indexing, you can now add collection-level index exemptions on all fields in a collection group. To learn more, see Add a collection-level exemption. This feature is generally available (GA).

Container Threat Detection, a built-in service of Security Command Center Premium, has launched a new detector, Unexpected Child Shell, in Preview.

The detector monitors all process executions and generates a finding if a process that does not normally invoke shells spawns a shell process.

For more information, see Container Threat Detection detectors.

Service Extensions callouts are available for Google Cloud Application Load Balancers, excluding Classic.

By using this feature, you can direct your load balancers to make gRPC calls to user-managed or partner-hosted applications from within the Cloud Load Balancing data processing path. These applications can then apply various policies or functions, such as header or payload manipulation, security screening, or custom logging on the traffic before returning the traffic to the load balancer for further processing.

For details, see the following topics in the Service Extensions documentation:

• Cloud Load Balancing extensions overview
• Configure a callout extension

Service Extensions is in Preview.

You can now view error groups on your custom dashboards. This feature is GA. For information when using the Cloud Console, see Display logs and errors on a custom dashboard. For information about using the API, see Dashboard with an ErrorReportingPanel widget.

Cloud SQL supports InnoDB page compression for MySQL 5.7 and MySQL 8.0 and later.

You can now import transaction log backups. This can help you reduce downtime when migrating to Cloud SQL using backups.

Query Optimizer version 6 is generally available, and is the default optimizer version.

Generally available: c3d-standard, c3d-highmem, c3d-highcpu, and c3d-standard-lssd machine types for general-purpose C3D VMs are generally available.

Voice Virtual Agent assignment, transfers to parent queue: You can now assign voice Virtual Agent transfers to top-level queues. In the IVR, the end-user will hear all of the sub and leaf queue options below the top-level queue as long as they are active. See the Virtual Agents documentation for details.

New permissions added to call recordings and chat transcripts: A new role permission External Storage is now available. This role offers you the ability to define whether users should have access to call recordings and/or chat transcripts when they are stored in external storage and without a CRM. When inactive, users won't be able to access these files from either the Completed Calls or Chats monitoring pages or associated downloadable reports. Shared links to these files fall under the same permissions. See the Agent & team configuration page for more information.

New language support: Polish, Czech, Australian English, Hungarian is now supported for all channels. You can set up these new languages on the Settings > Languages & Messages page. See the language support page for a complete list of supported languages.

Kustomer API rate limit improvements: The API rate limits for customers integrating with Kustomer have been improved. see the Kustomer documentation for more information.

Call management: Agent status breakthrough: New feature Agent Status Breakthrough is now available. This feature allows you to to route incoming calls to agents, even when they are in a status that traditionally did not support receiving calls. This setting can be enabled at Operations Management > Agent Status. To designate a status as a breakthrough status, use the Edit function in the Agent Status List. The breakthrough status feature can be configured at the queue level as well as for specific DAPs. See the documentation for details.

Custom Notification Tones: You can now upload custom audio files for incoming call and chat notifications, as well as new chat messages. See the documentation for details.

Call recording: Third party recording without agent: You can now record calls if an agent leaves after adding a third party. This can be configured at Settings > Calls > Call Details > Call Recording. See the documentation for details.

Virtual Agent pass data parameters updates: CCAI Platform has enhanced the ability to pass session-based contextual data to Virtual Agents (VA). You can now leverage valuable real-time information during call routing and Dialogflow sessions. The following dynamic parameters are now available: DNIS / TFN (the number the user dialed), Latest Agent ID, Latest Agent Email, Queue Language, Latest Sentiment Score, and Overall Sentiment Score. Additionally, you can now configure static or dynamic CCAI Platform metadata parameters at the mobile queue level. See the data parameters page for details.

ssh_authentication_config and service_account fields are available in the google_dataform_repository Dataform Terraform resource.

You can now view error groups on your custom dashboards. This feature is GA. For information when using the Cloud Console, see Display logs and errors on a custom dashboard. For information about using the API, see Dashboard with an ErrorReportingPanel widget.

The sum() and average() aggregation functions are now available.

Service Extensions callouts are available for Google Cloud Application Load Balancers, excluding Classic.

With the introduction of this feature, users instruct load balancers to forward traffic from within the Cloud Load Balancing data processing path through gRPC to user-managed or partner-hosted applications. These applications can apply various policies or functions, such as header or payload manipulation, security screening, or custom logging on the traffic before returning the traffic to the load balancer for further processing.

For details, see Cloud Load Balancing extensions overview.

New Vertex AI Vector Search Console

Vector Search has launched a console experience in Google Cloud for creating and deploying indexes, now available in Preview. From the console, you can create indexes, and create public or VPC endpoints for your indexes, and deploy. For more information, see Manage indexes.

Python 3.12 is now available in preview.

Python 3.12 is now available in preview.

You can now use DLP functions to support encryption and decryption between BigQuery and DLP, using AES-SIV. This feature is in preview.

Airflow 2.6.3 is available in Cloud Composer images.

Cloud Functions now supports the Python 3.12 runtime at the Preview release level.

Dataproc Metastore now supports multi-regional configurations.

Filestore enterprise singleshare backups for GKE are now generally available.

Filestore Enterprise now supports backups on GKE, allowing you to make reliable copies of your data to be stored for later use. To trigger backups on Filestore Enterprise, use Kubernetes volume snapshots. Backups are currently not supported for Filestore Enterprise instances with multishares enabled.

Public preview: Pub/Sub BigQuery subscriptions now support BigQuery change data capture.

The Long Audio Synthesis API now supports the following languages: English, Spanish, French, German, Japanese, Hindi, Italian, Korean, Portuguese, Thai, Vietnamese, Danish, Filipino.

Generally available: C3 VMs support Compute Engine flexible committed use discounts (CUDs).

Compute Engine flexible CUDs allow you to commit to a minimum hourly spend amount and use vCPUs and/or memory in any of the projects within your Cloud Billing account, across any region, and belonging to any eligible machine types. Learn more about Compute Engine Flexible CUDs and how to purchase flexible commitments.

Preview: You can now use workforce identity federation with OS Login.

Formatting of Dataform core and JavaScript code is available.

Starting in GKE 1.28.1-gke.1066000, two new TPU usage metrics are available: TensorCore utilization and Memory Bandwidth utilization.

Vertex AI Search: Customer-managed encryption key integration for the EU

Customer-managed encryption keys (CMEK) is available in the EU as an allowlisted preview feature.

If you store your data in an EU multi-region data store, you can provide your own encryption key to protect your data at rest.

For information, see Customer-managed encryption keys.

The following geography functions are now generally available (GA):

• ST_LINESUBSTRING: Gets a segment of a single linestring at a specific starting and ending fraction.
• ST_HAUSDORFFDISTANCE: Gets the discrete Hausdorff distance between two geometries.

New searchable fields are now available.

The following searchable fields are now publicly available through the resource search API (SearchAllResources).

• effectiveTagKeys
• effectiveTagValues
• effectiveTagValueIds

The following search result fields are now publicly available through the resource search API (SearchAllResources).

• tags
• effectiveTags

The Node.js and Python client libraries now have parallelized upload and download options, improving their performance.

• Both client libraries have improved bulk uploads, bulk downloads, large object uploads, and large object downloads.

Preview: The following metrics are now available to help you monitor your Persistent Disk and Hyperdisk volume performance:

• Average I/O latency (compute.googleapis.com/instance/disk/average_io_latency)

• Average I/O queue depth (compute.googleapis.com/instance/disk/average_io_queue_depth)

To learn more about these metrics and how to view them, see Review disk metrics.

Dialogflow CX generative feedback now supports more languages.

Dialogflow CX launched generative playbooks with restricted access.

You can now transfer data from Amazon S3 via your CloudFront domain. Learn more.