AlloyDB for PostgreSQL
Feature
You can now use Gemini 3.0 Flash
(Preview)
when you call generative AI functions in AlloyDB, such as AI.GENERATE. Use the
model name gemini-3-flash-preview. For more information, see
Use Gemini 3.0 models.
Feature
You can build data agents that interact with the data in your database using conversational language. Use these data agents as tools to empower your applications. For more information, see Data agents overview. This feature is available in Preview, and access to it requires a sign-up.
Apigee API hub
Feature
Advanced API Security for multi-gateway projects
Apigee Advanced API Security can now centrally manage and govern the security posture of your APIs across multiple Apigee projects, environments, and gateways. This enhancement leverages API hub to provide a single, unified view of your API security, helping you to identify risks and enforce standards consistently across your entire organization.
This enhancement introduces the following key capabilities:
- Unified risk assessment: view and manage security scores for all your APIs in a centralized dashboard, regardless of which project, environment, or gateway they are deployed in.
- Customizable security profiles: create and manage custom security profiles and apply them consistently across your multi-gateway landscape.
Supported gateways:
- Apigee X
- Apigee hybrid
- Apigee Edge Public Cloud
To enable this feature, navigate to the Add-on management page in API hub and enable the Apigee Advanced API Security add-on.
Advanced API Security currently has limited support for VPC Service Controls (VPC-SC). To avoid potential feature limitations, we recommend enabling this add-on for API hub instances associated with Apigee organizations that don’t have VPC-SC enabled.
For more information, see Advanced API Security for multiple Apigee organizations and gateways.
Apigee Advanced API Security
Feature
General availability of Risk Assessment v2 and support for assessments using additional policies
Announcing the general availability of Risk Assessment v2 and support for assessments using the VerifyIAM policy and these three AI policies: SanitizeUserPrompt, SanitizeModelResponse, and SemanticCacheLookup.
Note: The Risk Assessment v2 monitoring conditions feature remains in preview.
For usage information, see Risk Assessment overview and UI in the documentation.
Announcement
On December 17, 2025 we released an updated version of Advanced API Security Risk Assessment
Note: Rollouts of this release to production instances will begin within two business days and may take four or more business days to complete across all Google Cloud zones. Your instances may not have the feature available until the rollout is complete.
Feature
New risk assessment type field when creating or updating a risk assessment version 2 custom security profile
The API for creating and updating a version 2 risk assessment custom security
profile now includes a risk_assessment_type field to specify
whether the custom security profile applies to an Apigee/Apigee hybrid instance
or to API hub multi-gateway.
This field is optional and defaults to APIGEE; this is not a
breaking change for existing risk assessment users.
See REST Resource: organizations.securityProfilesV2 for information on the new functionality.
Apigee UI
Announcement
On December 17, 2025, we announced that Debug v1 will be shutdown on January 15, 2026. Use Debug v2 instead of Debug v1.
Cloud Composer
Feature
Extra Large environments are now generally available (GA) in Cloud Composer 3:
You can now use the extra large environment size for new and existing Cloud Composer 3 environments.
The new Extra Large environment preset is available in the Google Cloud console. This preset sets the initial scale and performance configuration for an environment that can support up to several thousand DAGs. For more information about the estimated number of supported DAGs, DAG runs, and tasks, see Environment presets.
Cloud Key Management Service
Feature
Single-tenant Cloud HSM is now generally available. With Single-tenant Cloud HSM, you can create and manage dedicated single-tenant instances. Each instance is a cluster of partitions on HSMs in a single Cloud KMS region. Google manages the HSMs, but you have administrative control over your instance.
Single-tenant Cloud HSM is available in the following locations:
us-central1us-east4europe-west1europe-west4
Creating a managing an instance requires quorum approval with two-factor authentication using keys that you create and secure outside of Google Cloud. Single-tenant Cloud HSM instances incur additional costs.
For more information about Single-tenant Cloud HSM, see Single-tenant Cloud HSM. To learn how to create and maintain a Single-tenant Cloud HSM instance, see Create and manage a Single-tenant Cloud HSM instance. To see pricing details for Single-tenant Cloud HSM, see Pricing for Single-tenant Cloud HSM.
Cloud Load Balancing
Feature
Starting December 17, 2025, requests with request methods that aren’t compliant with RFC 9110, Section 5.6.2 will be rejected by a first-layer Google Front End (GFE) before reaching your load balancer or its backends. Previously, such non-compliant requests would have been rejected by the load balancer or its backends with a variety of error codes. With the GFE now handling such requests, you might observe a small decrease in error rates.
This change applies only to global external Application Load Balancers and classic Application Load Balancers.
Cloud SQL for MySQL
Feature
You can build data agents that interact with the data in your database using conversational language. Use these data agents as tools to empower your applications. For more information, see Data agents overview. This feature is available in Preview, and access to it requires a sign-up.
Cloud SQL for PostgreSQL
Feature
You can build data agents that interact with the data in your database using conversational language. Use these data agents as tools to empower your applications. For more information, see Data agents overview. This feature is available in Preview, and access to it requires a sign-up.
Colab Enterprise
Feature
Post-startup scripts
Generally available (GA): You can use a post-startup script to perform tasks after the startup process of your Colab Enterprise runtime. For example, you can use a post-startup script to install specific packages or make specific changes to your runtime’s VM. For more information, see Use a post-startup script.
Compute Engine
Feature
Generally available: You can create future reservation requests in calendar mode to reserve GPU, TPU, or H4D resources for your virtual machine (VM) instances. Use these requests to obtain high-demand resources for creating VMs that you plan to run for up to 90 days, such as when you want to run model pre-training, model fine-tuning, or high performance computing (HPC) jobs. For more information, see About future reservation requests in calendar mode.
Cortex Framework
Fixed
- SAP: Added support for future dates to
currency_conversion. - Cloud Build Image: Updated gcloud SDK to v541 and Python library dependencies used during Cloud Build deployment.
- Composer DAG: Corrected propagation of location parameterization.
- Cortex for Marketing: Updated references to Google Ads API v22.
Changed
- SAP: The column
DUMMY_SDDOCPARTNER_INCL_EEW_PShas been removed from SalesOrderPartnerFunction (ECC and S/4) as it is a non-standard column not used for reporting.
Deprecated
- SAP: Cortex’s Data Mesh functionality has been deprecated. This change is prompted by the evolution of Google Cloud data management services. The Data Mesh solution was built using Data Catalog for metadata management, which is now being replaced by the more advanced Dataplex Universal Catalog. Dataplex Universal Catalog provides a unified API, enhanced metadata capabilities, and new features for a more comprehensive data governance experience. For existing Cortex Framework users who have implemented the Data Mesh feature, we recommend transitioning to Dataplex Universal Catalog to ensure continued support and access to the latest features. For a detailed migration guide, see Transition to Dataplex Universal Catalog.
Announcement
Release 6.3.3
Gemini Enterprise
Feature
Gemini Enterprise: Use Gemini 3 Flash (Preview)
You can use Gemini 3 Flash in Preview with Gemini Enterprise. To make Gemini 3 Flash available to users in your Gemini Enterprise app, a Gemini Enterprise admin must enable the Gemini 3 Flash (Preview) toggle in the Model availability feature control. For more information on feature controls, see Manage features on the web app.
Generative AI on Vertex AI
Feature
Gemini 3 Flash
Gemini 3 Flash is now available in public preview. This model is designed to tackle the most challenging agentic problems with strong coding and state-of-the-art reasoning capabilities, and is our best model for complex multimodal understanding.
For more information, see Gemini 3 Flash.
Google SecOps
Announcement
The Change views per alert feature has been rolled back.
Google SecOps SIEM
Announcement
The Change views per alert feature has been rolled back.
Network Connectivity Center
Feature
Support for privately used public IPv4 addresses is generally available in Network Connectivity Center.
This feature lets you exchange privately used public IPv4 addresses with VPC spokes and producer VPC spokes.
Spanner
Feature
You can build data agents that interact with the data in your database using conversational language. Use these data agents as tools to empower your applications. For more information, see Data agents overview. This feature is available in Preview, and access to it requires a sign-up.
Source: Google Cloud Platform
