AI Platform Training runtime version 2.2 now supports training with TPUs using TensorFlow 2.2.

The histogram panel in the Logs Viewer (Preview) now contains a viewport to help you quickly understand the time range of the log entries you're viewing within the Query results pane. To learn more, go to the Histogram panel.

NVIDIA® T4 GPUs are now available in the following additional regions and zones:

• Sydney, Australia: australia-southeast1-a

For information about using T4 GPUs on Compute Engine, see GPUs on Compute Engine.

AI Platform Notebooks API is now Generally Available. The API now includes an isUpgradable endpoint and adds manual and auto-upgrade functionality to notebooks instances created using the API.

Cloud Audit Logging for AI Platform Notebooks is now Generally Available.

Granular IAM permissions for AI Platform Notebooks is now Generally Available.

AI Platform Notebooks now supports E2 machine types.

The following new regions have been added:

• europe-west2 (London, UK)
• europe-west3 (Frankfurt, Germany)
• europe-west6 (Zürich, Switzerland)

The following time-unit partitioning features are now Generally Available (GA):

• Creating partitions using hourly, monthly, and yearly time-unit granularities.
• Using a DATETIME column as the partitioning column.

Cloud SQL has upgraded Replicating from an external server to version 1.1. You can now:

• Replicate from sources where GTID is not enabled.
• Allow Cloud SQL to copy data directly from an external server to a Cloud SQL replica.
• Use new APIs that give you greater control to verify replication requirements, retry after making external server configuration changes, and remove the 30-minute limit for successful connectivity to an external server.

Cloud SQL for SQL Server enables you to set a default collation value for databases in an instance. This collation value is a default for sorting rules, case, and accent sensitivity. You can set this value through the Cloud Console, the gcloud command, and the Cloud SQL Admin API.

You can now use workload identity federation, available in beta, to grant access to Google Cloud resources from on-premises and multi-cloud workloads.

Running Connectivity Tests to and from Google-managed services is available in Alpha. This release includes support for Google Kubernetes Engine (GKE) cluster masters and Cloud SQL instances.

Events for Cloud Run for Anthos is now available in beta.

Anthos 1.4.3 is now available.

Updated components:

• Anthos GKE on-prem release notes

Anthos 1.3.4 is now available.

Updated components:

• Anthos GKE on-prem release notes

Anthos GKE on-prem 1.4.3-gke.3 is now available. To upgrade, see Upgrading GKE on-prem. GKE on-prem 1.4.3-gke.3 clusters run on Kubernetes 1.16.11-gke.11.

Anthos GKE on-prem 1.3.4-gke.3 is now available. To upgrade, see Upgrading GKE on-prem. GKE on-prem 1.3.4-gke.3 clusters run on Kubernetes 1.15.12-gke.15.

• Airflow 1.10.10 is now available.
• You can now securely store Airflow connections and secrets by configuring Composer environments with Secret Manager.
• All new Environments now use Zonal DNS names.

You can now configure a ParserVersion in an HL7v2 store, which allows you to set the version of the unschematized parser. A new parser version, V2, has been added, which allows parsedData to include every given non-empty message field. This version parses the MSH segment starting with the MSH-1 field and is in accordance with the HL7v2 standard.

In the Logs Viewer (Preview), you can now pin log entries within the Query results and Histogram panes. To learn more, go to Pinning logs.

In the Logs Viewer (Preview), you can now view a log entry in its resource context. To learn more, go to Viewing a pinned log entry in its resource context.

You can now copy a link to a log entry in the Logs Viewer (Preview). To learn more, go to Copy a link to a log entry.

You can now migrate a VM instance from one network to another. This feature is available in Beta.

Troubleshoot VMs by capturing a screenshot from the VM. This is Generally Available.

You can now use the goog-firestoremanaged billing report label to view costs related to export and import operations.

You can now use the goog-firestoremanaged billing report label to view costs related to import and export operations.

Added total latency to external HTTP(S) load balancer Cloud Logging entries. Total latency measures from when the external HTTP(S) load balancer receives the first bytes of the incoming request headers until the external HTTP(S) load balancer finishes proxying the backend's response to the client. This feature is now available in General Availability.

Cloud SQL now offers serverless export. With serverless export, Cloud SQL performs the export from a temporary instance. Offloading the export operation allows databases on the primary instance to continue to serve queries and perform other operations at the usual performance rate.

Cloud SQL now offers serverless export. With serverless export, Cloud SQL performs the export from a temporary instance. Offloading the export operation allows databases on the primary instance to continue to serve queries and perform other operations at the usual performance rate.

The following PostgreSQL minor versions have been upgraded:

• PostgreSQL 9.6.16 is upgraded to 9.6.18.
• PostgreSQL 10.11 is upgraded to 10.13.
• PostgreSQL 11.6 is upgraded to 11.8.
• PostgreSQL 12.1 is upgraded to 12.3.

Cache Modes, TTL overrides and custom response headers are now supported on backend buckets and backend services, and are available in beta.

Cache modes allow Cloud CDN to automatically cache static content types, including web assets like CSS, JavaScript and fonts, as well as image and video content.

TTL overrides support fine-tuning how long Cloud CDN caches your responses, and custom response headers introduce a new {cdn_cache_status} variable that is populated with the cache status response.

External HTTP(S) Load Balancing now supports setting custom response headers on backend buckets and services. This feature is available in beta.

Custom response headers make it easier to set common web security headers and/or override response headers from your application at the load balancer.

The External HTTP(S) Load Balancer now supports setting custom response headers on backend buckets and services. This feature is available in Beta.

Custom response headers make it easier to set common web security headers and override response headers from your application at the load balancer.

Cloud Logging now offers the ability to view a history of your ran queries through the Recent queries tab. To learn more, go to the Recent queries section on the Building queries page.

Compute-optimized (C2) machine types are now available in Sydney, Australia australia-southeast1-a. See VM instance pricing for details.

You can now use the BQ.JOBS.CANCEL system procedure to cancel a job. For more information, see Canceling jobs.

Compute Engine TPU Metrics and Logs In-Context

New Monitoring tab for TPUs provides key TPU Metrics and access to logs at a glance. You can see a variety of key TPU metrics including MXU utilization, CPU, memory, sent/received traffic, and more. In addition, it provides instant access to TPU logs which give insight into important events.

You can build highly available deployments of stateful workloads on VM instances using stateful managed instance groups (stateful MIGs). A stateful MIG preserves the unique state of each instance (instance name, attached persistent disks, and/or metadata) on machine restart, recreation, autohealing, or update. Stateful MIGs are Generally available.

You can now view your Firestore Security Rules in the Cloud Console.

Cloud Spanner introduces a new introspection tool that provides insights into queries that are currently running in your database. Use Oldest Active Queries to analyze what queries are running and how they are impacting database performance characteristics.

Two new permissions, healthcare.locations.get and healthcare.locations.list, have been added to the IAM permissions. These permissions are checked whenever the new GetLocation and ListLocations methods are called.

New conditions available for Object Lifecycle Management:

• Noncurrent time conditions allow you to define lifecycle actions based on when an object became noncurrent.
• Custom time conditions allow you to define lifecycle actions based on a custom time that you define for objects.

Custom time metadata is now available for objects.

• Custom time metadata allows you to associate an arbitrary date and time with objects.

Security Command Center Premium is now in general availability (Container Threat Detection remains in beta). Read these notes to learn about updates, usability improvements, and new features.

Improved Summary Dashboard

• A new set of interactive charts and tables provide a high-level overview of all threats and vulnerabilities.
• An updated time selector lets you choose preset and customizable time ranges for reviewing findings and creating reports.
• New page headers provide users with more page-specific context.

Learn more about Using the Security Command Center dashboard.

Onboarding and configuration upgrades

• A streamlined interface lets you manage organization-wide service enablement settings.
• A dedicated settings page for integrated services has been added to the configuration interface.

Learn more about Setting up Security Command Center.

Managed Web Security Scans are now available to all Security Command Center Premium users. Learn more about managed scans in our Overview of Web Security Scanner.

gcloud integration with new, simplified Beta APIs (Alpha)

• The gcloud command line interface can now access configuration functionality through new Beta APIs. The Beta APIs provide stable, programmatic interaction equivalent in functionality to the Security Command Center interface. Learn to use gcloud to manage Security Command Center settings.

Documentation

• New documentation includes details on onboarding and enablement in the Security Command Center latency overview and updates on billing tiers. For more information, read our Pricing guide and visit product pages.

Data Catalog is now available in Jakarta (asia-southeast2).

BigtableInstance: numNodes on resources is now optional. You can then programmatically scale your Bigtable instances. You cannot add the numNodes field after creating a BigtableInstance.

For production instances where the numNodes will be managed by Config Connector, this field is required with a minimum of 1. For a development instance or for an existing instance where the numNodes is managed outside of Config Connector, this field must be left unset.

Traffic Director can now be set up for GKE Pods with automatic Envoy injection.

Firewall Rules Logging metadata controls is now available in General Availability.

Assured Workloads for Government is now generally available for the FedRAMP Moderate compliance regime.

Beta launch of Dialogflow CX. Dialogflow CX provides a new way of designing agents, taking a state machine approach to agent design. This gives you clear and explicit control over a conversation, a better end-user experience, and a better development workflow.

Filestore Troubleshooting page published. Now you can troubleshoot common Filestore issues.

Beta stage support for the following integration:

• Speech-to-Text

Google Cloud internal HTTP(S) load balancers have native support for the WebSocket protocol when you use HTTP or HTTPS as the protocol to the backend. The load balancer does not need any configuration to proxy WebSocket connections.

Cloud SQL for SQL Server supports cloning using the Cloud Console, the gcloud command, and the Cloud SQL Admin API. When you clone an instance, you create an independent copy of the source instance.

Google Cloud Armor Managed Protection Plus Tier is in Beta. Managed Protection Plus Tier offers a monthly subscription that includes all of the features of Standard Tier, and bundles Google Cloud Armor WAF policy, rules, HTTP request usage, and named IP lists.

In the details pane for a connection, under View flows in BigQuery, Network Topology now provides a table that lists the subnets relevant to the currently selected connection and whether those subnets have VPC Flow Logs enabled. For more information, see Using generated queries to retrieve detailed logs.

Runtime version 2.2 is now available. You can use runtime version 2.2 to serve online predictions with TensorFlow 2.2.0, scikit-learn 0.23.1, or XGBoost 1.1.1. Runtime version 2.2 does not currently support batch prediction.

See the full list of updated dependencies in runtime version 2.2.

Runtime version 2.2 is now available. You can use runtime version 2.2 to train with TensorFlow 2.2.0, scikit-learn 0.23.1, or XGBoost 1.1.1. See the full list of updated dependencies in runtime version 2.2.

Risk analysis job creation is now available in the Cloud DLP UI in Cloud Console.

Added additional infoType detectors:

• STORAGE_SIGNED_URL
• STORAGE_SIGNED_POLICY_DOCUMENT

Cloud Trace exemplars can now be viewing in Cloud Monitoring. For more information about Trace exemplars, see Cloud Trace exemplars. For more information about viewing exemplars, see Exploring charted data.

Cloud Trace exemplars can now be viewing in Cloud Monitoring. For more information about Trace exemplars, see Cloud Trace exemplars. For more information about viewing exemplars, see Exploring charted data.

Launched Dataproc Workflow Timeout feature, which allows users to set a timeout on their graph of jobs and automatically cancel their workflow after a specified period.

Dataproc Metastore integration, which allows users to create a cluster using a Dataproc Metastore service as an external metastore, is now available for Alpha release testing.

New features are available for Credential Access Boundaries, currently in beta:

• You can now manage permissions for Cloud Storage objects, in addition to buckets.
• You can now use IAM Conditions to control which permissions are available in a short-lived OAuth 2.0 access token. For an example, see Limit permissions for specific objects.
• You can now use Credential Access Boundaries with a Cloud Storage bucket that does not use uniform bucket-level access.

Pub/Sub subscription detachment is now generally available.

Anthos Config Management now includes Config Connector v1.15.1.

Anthos Policy Controller has been updated to include a more recent build of OPA Gatekeeper (hash: 1de87b6).

1.6.8-asm.9 is now available

Adds beta support for joining multiple clusters from different projects into a single Anthos Service Mesh on Google Kubernetes Engine.

Adds Citadel CA support for gcp profiles.

Time series model support is now Generally Available (GA). This release includes a new training option: AUTO_ARIMA_MAX_ORDER.

For more information about time series model support, see the following documentation:

• CREATE MODEL statement for time series models

• ML.FORECAST function

• ML.ARIMA_COEFFICIENTS function

• Single time-series forecasting from Google Analytics data

• Multiple time-series forecasting with a single query

INFORMATION_SCHEMA views for BigQuery reservations are now Generally Available (GA).

The Organization policy constraint for Cloud NAT has launched into beta.

Traffic Director supports advanced traffic management features with proxyless gRPC applications in General Availability. This release includes path- and header-based routing, as well as weight-based traffic splitting.

The Go 1.14 runtime for the App Engine standard environment is now generally available.

INFORMATION_SCHEMA views for jobs metadata by timeslice are now available.

Cloud SQL for MySQL 8.0 is now generally available. If you have not used MySQL 8.0, familiarize yourself with the What is new in MySQL 8.0 and Changes in MySQL 8.0.

For information about the implementation of MySQL 8.0 on Cloud SQL, see the following topics:

• MySQL 8.0 authentication
• Differences between Cloud SQL and standard MySQL functionality
• Unsupported Cloud SQL feature in MySQL 8.0 for Cloud SQL

To get started using MySQL 8.0 on Cloud SQL, see Creating instances.

Speech-to-Text has launched the new On-Prem API. Speech-to-Text On-Prem enables easy integration of Google speech recognition technologies into your on-premises solution.

Beta launch of Workflows.