GCP releases
Google Cloud releases and Terraform Google provider. New features, breaking changes, security advisories and deprecations - each summarised in plain English and updated continuously.
Tracking 330 GCP releases · Updated
- Google Cloud release notes securitygcpengineer ·
Secure Source Manager removes legacy SSH algorithms for enhanced security
Secure Source Manager has removed support for several legacy and insecure SSH algorithms to enhance security and address vulnerabilities. Clients must now support modern algorithms like curve25519-sha256 for key exchange and chacha20-poly1305 for ciphers to connect via SSH. Users with outdated SSH clients may be unable to connect and are advised to update.
breaking - Google Cloud release notes datagovernanceaws ·
Cloud Storage Lifecycle Management to Delete Empty Folders
Starting August 26, 2026, Cloud Storage will automatically delete empty folders in buckets with hierarchical namespace enabled when they meet Object Lifecycle Management conditions. This change impacts users managing object lifecycles who rely on empty folders remaining intact. The update aims to simplify data cleanup and reduce storage costs for hierarchical namespace buckets.
breaking - Google Cloud release notes infrapreviewdeprecation ·
Google Cloud Managed Airflow Updates: Tags, Secrets, and Deprecations
Google Cloud's Managed Service for Apache Airflow now supports resource tagging for environments, enabling policy enforcement based on annotations. Additionally, Gen 3 environments can now manage Kubernetes Secrets of type kubernetes.io/dockerconfigjson via the beta Cloud Composer API. This release also includes log filtering fixes in the Airflow UI and announces end-of-support for several older Airflow versions and builds.
deprecation feature patch - Google Cloud release notes infradeprecation ·
GKE Updates: New Versions and Deprecations Across Channels
Google Kubernetes Engine (GKE) has released new cluster versions across its Rapid, Regular, Stable, and Extended channels. These updates offer new default versions for cluster creation and introduce new minor and patch versions available for upgrades, impacting users managing GKE clusters. Additionally, several older versions are being deprecated and will be removed within 90 days, requiring users to plan for upgrades.
security patch - Google Cloud release notes aigcpdeprecationengineer ·
Vertex AI Extensions Deprecated on Google Cloud
Vertex AI Extensions are being deprecated and will be shut down after November 26, 2026. This change affects users of Vertex AI Extensions, who are advised to migrate to Agent Platform. The deprecation necessitates action to avoid service disruptions for generative AI applications.
deprecation - Google Cloud release notes aigcppreviewdeprecationengineer ·
Gemini Enterprise updates: Site filters, PagerDuty integration, and Flash control
Gemini Enterprise now supports filtering Google Sites data stores and connecting PagerDuty data stores, both in public preview. The Gemini Enterprise assist feature has been deprecated and shut down. Administrators can control Gemini 3.5 Flash visibility, with changes to default availability planned for June 2026.
deprecation feature announcement - Google Cloud release notes securityinfragcpsecurity-advisoryengineer ·
Container Optimized OS Updates Address Security Vulnerabilities
This release of Google Container Optimized OS includes multiple package upgrades and patches to address numerous security vulnerabilities, primarily in the Linux kernel, Go, and curl. The updates ensure system security and stability for users running COS. The changes are available now for all users.
security patch announcement - Google Cloud release notes infragcpengineer ·
Apigee hybrid v1.14.5 includes security fixes and UI improvements
Google Cloud has released Apigee hybrid version 1.14.5, which incorporates various security and CVE fixes, alongside updates to the Apigee UI. This release also marks the independent versioning of the Apigee Emulator, decoupling its updates from the hybrid release cycle. The update is available now for users managing Apigee hybrid instances.
security announcement - Google Cloud release notes securitygcpsecurity-advisoryengineer ·
Apigee Emulator v2.0.0 improves security and decouples releases
Apigee Emulator has been updated to version 2.0.0, independently versioned from Apigee hybrid for faster security updates. This release addresses 78 security vulnerabilities across various components, including Jackson Databind, SnakeYAML, Guava, and Go standard library. The updated emulator is available now and can be accessed via Google Artifact Registry, with instructions provided for updating VS Code Cloud Code settings.
security feature announcement - Google Cloud release notes securityinfragcpsecurity-advisoryengineer ·
Container Optimized OS Updates: Kernel, Drivers, and Security Fixes
Container Optimized OS (COS) has been updated with a new Linux kernel version (6.18.32) and numerous security patches, including fixes for CVE-2025-38584 and CVE-2026-43060. The update also introduces support for new NVIDIA driver branches and adds the `cos_kernel_args` tool for manipulating kernel command line arguments. These changes are relevant for users running workloads on Google Cloud's Container Optimized OS, particularly those utilizing GPUs.
security feature patch announcement - Google Cloud release notes securitygcppreviewdeprecationengineer ·
Security Command Center updates and deprecations
Google Cloud's Security Command Center has updated several compliance frameworks, including CIS Controls and ISO 27001. The Security Command Center Enterprise tier is being deprecated and will be shut down on May 21, 2027, with organizations automatically migrating to the Premium tier. New features, Artifact Guard and Risk Engine for Cloud Build, are now available in preview.
deprecation feature patch - Google Cloud release notes infrapreviewdeprecation ·
Google Kubernetes Engine Updates Include New Versions and Security Fixes
Google Kubernetes Engine (GKE) has released updated cluster versions across its Rapid, Regular, Stable, and Extended channels. These updates provide access to newer Kubernetes versions and include crucial security fixes through updated Container-Optimized OS images. The new versions are available for new clusters and for manual upgrades of existing control planes and nodes, with rollouts progressing across Google Cloud zones.
security patch - Google Cloud release notes aigcpgadeprecationengineer ·
Gemini Enterprise Deprecates NotebookLM Enterprise, Podcast API
Gemini Enterprise is deprecating NotebookLM Enterprise and the Podcast API. This deprecation means no new customers will be allowlisted for the Podcast API, which was previously GA with allowlist. This change affects users of these specific Gemini Enterprise features.
deprecation - Google Cloud release notes securitygcpsecurity-advisory ·
Apigee X Security Bulletin: SSRF Vulnerability
A security bulletin has been published for Apigee X detailing a Server-Side Request Forgery (SSRF) vulnerability (CVE-2026-2264). The vulnerability arises from insufficient validation of the IntegrationRegion parameter in the SetIntegrationRequest policy, potentially allowing service account token exfiltration. This impacts users who can manipulate flow variables controlling the IntegrationRegion parameter.
security - Google Cloud release notes datagcpengineer ·
Managed Service for Apache Spark: Shuffle Partition Config Type Change
Google Cloud has updated the Managed Service for Apache Spark, formerly Dataproc on Compute Engine, by changing the configuration type for Spark shuffle partitions from integer to string for versions 2.2.82+ and 2.3.30+. This change requires users programmatically setting this configuration to update their code to use string literals for compatibility. Users setting the configuration via command-line, properties files, or Spark SQL commands are unaffected. This adjustment impacts specific subminor cluster image versions and aims to ensure consistent configuration handling.
breaking announcement - Google Cloud release notes securitygcpgadeprecationengineer ·
Google SecOps SIEM Data Export API GA with Enhancements
Google SecOps SIEM's enhanced Data Export API is now generally available, offering improved security and scalability for exporting security data to Google Cloud Storage. Key new features include advanced data filtering, zero-trust encryption with customer-managed keys, and identity-aware extraction via RBAC. Legacy export APIs and specific endpoints are deprecated with an end-of-life date of June 18, 2026, requiring users to update their API calls to the new v1 endpoint.
deprecation feature - Google Cloud release notes securitygcpgadeprecationengineer ·
Google SecOps Enhanced Data Export API GA with Security Improvements
The Google SecOps Data Export API is now generally available with enhanced security and data filtering capabilities, allowing bulk export of security data to customer-controlled Google Cloud Storage buckets. This upgrade provides a more secure and scalable archival experience with features like customer-managed encryption keys and RBAC integration. Users must update their API settings to use the new v1 endpoint, and legacy endpoints will be deprecated by June 18, 2026.
deprecation feature - Terraform Google Provider Releases terraforminfra ·
Terraform Google Provider v7.30.0: New resources, improvements, and bug fixes
Terraform Google Provider version 7.30.0 introduces new resources for Data Lineage, Artifact Registry, and Document AI, alongside significant improvements across services like BigQuery, Cloud Run, and Compute Engine. A breaking change affects the Apigee provider, requiring the 'name' field for `google_apigee_env_keystore`. These updates provide enhanced capabilities and stability for managing GCP resources via Terraform, impacting users across various GCP services.
breaking feature patch announcement - Terraform Google Provider Releases terraforminfragcpengineer ·
Terraform Google Provider v7.27.0: New features and breaking changes
This release of the Terraform Google Provider introduces several new data sources and resources, including support for Google Discovery Engine and Chronicle dashboards. It also includes improvements to compute, container, and dataproc resources, alongside bug fixes for permadiffs and panics. A breaking change requires the `weekly_maintenance_windows` field to be set for `google_lustre_instance` resources, impacting users of Lustre instances.
breaking feature patch