BigQuery
Feature
You can now create a remote model based on an open embedding model from Vertex Model Garden or Hugging Face that is deployed to Vertex AI. Options include E5 Embedding and other leading open embedding generation models. You can then use the ML.GENERATE_EMBEDDING
function with this remote model to generate embeddings.
Try this feature with the Generate text embeddings by using an open model and the ML.GENERATE_EMBEDDING
function tutorial.
This feature is in Preview.
Feature
You can now create a remote model based on the Vertex AI gemini-embedding-001
model. You can then use the ML.GENERATE_EMBEDDING
function with this remote model to generate embeddings. This feature is in Preview.
Feature
You can now reference BigQuery ML and DataFrames in your prompts when you use the Data Science Agent in a BigQuery notebook. The Data Science Agent is in Preview.
Feature
You can now configure listings for multiple regions for shared datasets and linked dataset replicas in BigQuery sharing. For more information, see Create a listing. This feature is in preview.
Feature
You can now enable the automatic selection of a processing location in your pipeline configurations. For more information, see Create pipelines. This feature is generally available (GA).
Cloud Build
Feature
Dark theme is now available for Cloud Build. To enable the dark theme, in the Google Cloud console, click Settings and utilities > Preferences. In the navigation menu, click Appearance, and then select your color theme and click Save.
Cloud Deploy
Feature
You can now use custom constraints with Organization Policy to provide more granular control over specific fields for some Cloud Deploy resources. For more information, see Use custom organization policies.
Cloud Service Mesh
Security
1.26.4-asm.1 is now available for in-cluster Cloud Service Mesh.
This patch release contains a fix for a use-after-free (UAF) vulnerability in the DNS cache. For more information, see the security bulletin.
Only clusters running in-cluster Cloud Service Mesh version 1.26 are affected. If you are running an earlier in-cluster version or managed Cloud Service Mesh, you are not affected and do not need to take any action.
For details on upgrading Cloud Service Mesh, refer to Upgrade Cloud Service Mesh.
Dataform
Feature
Dataform now automatically selects a processing location based on the datasets referenced in your SQL queries. This makes setting the default location optional in your workflow configurations. For more information, see About repository settings. This feature is generally available (GA).
Dataproc
Feature
Multi-tenant clusters are now available in Preview. Many data engineers and scientists can share a multi-tenant cluster to execute their workloads in isolation from each other.
Gemini Code Assist
Feature
Create and manage multiple chats in IntelliJ
You can create and manage multiple chats in IntelliJ Gemini Code Assist. Each chat contains its own context separate from other chats.
Google Cloud Contact Center as a Service
Announcement
Mobile SDK 2.14 is released
Mobile SDK 2.14 includes the following updates:
Android SDK and iOS SDK:
Support for virtual agent to virtual agent chat transfers by queue.
Support for hiding the download transcript button in the options menu, the post-chat screen, or both. For the Android SDK, see SDK configuration. For the iOS SDK, see Show or hide the download transcript button.
Improved accessibility, including better navigation and screen reader support.
Android SDK:
Support for hiding the SDK using the
Ujet.hideSDK()
method. For more information, see Hide the SDK.New event types:
MessageLinkClicked
andQuickReplyClicked
.
To support the new virtual agent chat transfer capabilities of this release, we've added a new configuration setting in the Google Cloud CCaaS portal. You can use this setting to hide transfer system messages in chat sessions with virtual agent to virtual agent transfers.
Administrators: In the Settings > Chat > Web & Mobile Chat Settings pane, there's a new Transfers checkbox.
For more information, see Hide transfer messages in chat sessions.
Google Cloud Managed Service for Apache Kafka
Feature
Managed Service for Apache Kafka now supports HIPAA Compliance on Google Cloud.
Google Distributed Cloud (software only) for VMware
Announcement
Google Distributed Cloud (software only) for VMware 1.33.0-gke.799 is now available for download. To upgrade, see Upgrade a cluster. Google Distributed Cloud 1.33.0-gke.799 runs on Kubernetes v1.33.2-gke.700.
If you are using a third-party storage vendor, check the GDC Ready storage partners document to make sure the storage vendor has already passed the qualification for this release.
After a release, it takes approximately 7 to 14 days for the version to become available for use with GKE On-Prem API clients: the Google Cloud console, the gcloud CLI, and Terraform.
Changed
- GA: Changed the cluster creation process so that all new clusters are advanced clusters. Additionally, all cluster upgrades to 1.33 are automatically converted to advanced clusters.
- Upgraded the
etcd
component to version 3.4.33.
Feature
- GA: Enabled the
vsphere-metrics-exporter
component for advanced clusters. This exporter provides greater visibility into the VMware vSphere environment by collecting key performance and health metrics. - GA: Added support for VM-Host affinity groups in advanced clusters. This feature allows for the creation of rules that constrain cluster nodes to run on specific, predefined groups of hosts.
- GA: Added support for automatic node resizing in advanced clusters. This feature optimizes resource use by automatically adjusting the CPU and memory allocated to control plane nodes in response to workload demands.
- Public Preview: Added support for Virtual Machine (VM) tracking using vSphere tags in advanced clusters. This feature simplifies resource management by automatically applying identifying tags to cluster VMs.
- GA: Introduced an Envoy proxy sidecar to the GKE Identity Service for clusters that use Controlplane V2. This change enhances the security, reliability, and performance of the authentication service.
Fixed
The following issues were fixed in 1.33.0-gke.799:
- Fixed vulnerabilities listed in Vulnerability fixes.
Google Distributed Cloud (software only) for bare metal
Announcement
Google Distributed Cloud for bare metal 1.33.0-gke.799 is now available for download. To upgrade, see Upgrade clusters. Google Distributed Cloud for bare metal 1.33.0-gke.799 runs on Kubernetes v1.33.2-gke.700.
After a release, it takes approximately 7 to 14 days for the version to become available for installations or upgrades with the GKE On-Prem API clients: the Google Cloud console, the gcloud CLI, and Terraform.
If you use a third-party storage vendor, check the Ready storage partners document to make sure the storage vendor has already passed the qualification for this release of Google Distributed Cloud for bare metal.
Feature
The following features were added in 1.33.0-gke.799:
GA: Introduced an Envoy sidecar into the GKE Identity Service to increase security, reliability, and performance.
GA: Added support for the Ubuntu 24.04 LTS operating system with the 6.8 kernel.
GA: Added the ability to override the cluster-level pod density setting for individual node pools.
Preview: Added Node Agent to give you the ability to transition from using Ansible over SSH for cluster operations to a more secure, agent-based model. Added
bmctl nodeagent
commands to provide a straightforward and reliable process of migrating existing clusters to use Node Agent.Preview: Added a bundled version of the NVIDIA GPU Operator (version 25.3.1). The bundled operator is an open-source solution for managing the NVIDIA software components needed to provision and manage GPU devices.
Preview: Added Dynamic Resource Allocation, a Kubernetes API that lets you request and share generic resources, such as GPUs, among pods and containers. When enabled, this capability helps you run AI workloads by dynamically and precisely allocating the GPU resources within your bare metal clusters, improving resource utilization and performance for demanding workloads.
Preview: Added vertical Pod autoscaling, which lets you analyze and set CPU and memory resources required by Pods. Instead of having to set up-to-date CPU requests and limits and memory requests and limits for the containers in your Pods, you can configure vertical Pod autoscaling to provide recommended values for CPU and memory requests and limits that you can use to manually update your Pods, or you can configure vertical Pod autoscaling to automatically update the values.
Preview: Added support for skip minor version cluster upgrades. You can directly upgrade your cluster control plane nodes (and entire cluster if worker node pools aren't pinned at a lower version) to two minor versions above the current version. Added the
bmctl upgrade intermediate-version
to print the intermediate version for a skip minor version upgrade.Surface failures from node pool status to the
RecentFailures
field in cluster status.Surface failures from failed preflight checks triggered by the cluster controller to the
RecentFailures
field in cluster status.
Changed
The following functional changes were made in 1.33.0-gke.799:
Changed logging behavior so that kubeadm logs show up in the journald of the node machine where kubeadm runs.
To help prevent stale ARP cache issues,
iptables-persistent
is installed in Debian nodes.Cluster manifests are deployed using a Kubernetes job, allowing the cluster operator to be more responsive to cluster events.
Updated the validation checks for cluster upgrades to enforce the cluster version skew rules for user clusters. If the upgrade version information for a user cluster doesn't comply with the version skew rules, the upgrade is halted.
Updated health checks and upgrade preflight checks to inspect for kubeadm certificate expiration.
Updated etcd version to 3.5.21.
Removed support for Red Hat Enterprise Linux 8.8 as it is beyond the Red Hat support window.
Removed support for Ubuntu 20.04 LTS as it has reached the end of standard security maintenance in May 2025.
Upgraded
ansible-core
to 2.16.4 to support Python 3.12.Increased the RSA key size for Cluster API certifications to 4096 bits for improved security.
Fixed
The following issues were fixed in 1.33.0-gke.799:
Fixed an issue where restoring a cluster that has a node with a GPU causes instability of pods on the nodes.
Fixed an issue that caused the Ansible playbook for handling Cloud Audit Logging to fail and not complete.
Fixed an issue that caused nodes to get stuck in maintenance mode. Health checks have been updated so that the network check job skips connectivity checks for nodes that are in maintenance mode.
Fixed an issue where the CronJob for periodic health checks wasn't updating after configuration changes.
Fixed vulnerabilities listed in Vulnerability fixes.
Issue
For information about the latest known issues, see Google Distributed Cloud for bare metal known issues in the Troubleshooting section.
Google Kubernetes Engine
Announcement
Features that were part of GKE Enterprise are now available as part of the standard GKE offering, or offered as standalone SKUs.
The following advanced multi-cluster management and networking features are included in the GKE offering at no additional cost:
- Fleet dashboard
- Multi-team Management
- Config Sync
- Config Controller
- Managed Policy Controller
- Connect Gateway
- Network Function Optimizer
- Fully Qualified Domain Name (FQDN) Network Policy
- Inter-node Transparent Encryption
The following GKE Enterprise features continue to be available using their current standalone SKUs. If you are using any of these features, your billing is automatically transitioned to the corresponding standalone SKU.
- Managed Cloud Service Mesh
- Multicluster Gateways; Multicluster Ingress
- Binary Authorization
- Advanced Vulnerability Scanning
- GKE Extended Support (LTS)
Security Command Center
Feature
Vulnerability assessment for Google Cloud supports scanning disks configured with customer-managed encryption keys (CMEK) for projects that are outside of VPC Service Control perimeters. For more information about how to scan disks configured with CMEK, see Run Vulnerability Scans for CMEK disks.
Source: Google Cloud Platform
Latest Posts
- GCP Release Notes: September 02, 2025
- Microsoft Teams | Customize live captions on mobile for improved accessibility [MC1146825]
- Microsoft Viva: Copilot Analytics – Unified Exclusion list [MC1146822]
- Microsoft Teams | Enhanced privacy and improved stability for live captions and transcripts [MC1146824]