Posted inUncategorized

GCP Release Notes: March 23, 2026

No CommentsPosted inUncategorized

BigQuery

Feature

You can clean, transform, and enrich data from files in Cloud Storage and Google Drive in your BigQuery data preparations. For more information, see Prepare data with Gemini. This feature is generally available (GA).

Feature

The following functions are now generally available (GA):

  • AI.EMBED: create embeddings from text or image data.
  • AI.SIMILARITY: compute the semantic similarity between pairs of text, pairs of images, or across text and images.

Cloud Deploy

Feature

You can now analyze the performance of your deployed applications using the monitoring platform of your choice and automatically trigger actions such as rollbacks. This feature is generally available.

Feature

You can now provide user-defined actions using tasks. This includes deploy hooks, deployment verification, analysis, and custom target types. This feature is generally available.

Cloud NGFW

Feature

Secure tags with a purpose-data attribute specifying a VPC network or an organization now support VPC networks that are connected using VPC Network Peering. For more information, see Secure tags for firewalls. This feature is available in General Availability.

Document AI

Feature

Custom classifier models pretrained-classifier-v1.6-2026-03-09 and pretrained-classifier-v1.6-pro-2026-03-09 are available in Preivew.

Feature

Custom splitter models pretrained-splitter-v1.6-2026-03-09 and pretrained-splitter-v1.6-pro-2026-03-09 are available in Preview.

Firestore

Feature

Regional and Multi-Regional endpoints for the Firestore API are now Generally Available (GA). You can use a Regional or a Multi-Regional endpoint to ensure that your application’s requests are transmitted, stored and processed in the same region or multi-region as your database’s location.

To learn more, see the Firestore regional endpoints guide.

You can also use Private Service Connect regional endpoints and Private Service Connect backends to connect to the regional and the multi-regional endpoints of the Firestore API.

Firestore in Datastore mode

Feature

Regional and Multi-Regional endpoints for the Datastore API are now Generally Available (GA). You can use a Regional or a Multi-Regional endpoint to ensure that your application’s requests are transmitted, stored and processed in the same region or multi-region as your database’s location.

To learn more, see the Datastore regional endpoints guide.

You can also use Private Service Connect regional endpoints and Private Service Connect backends to connect to the regional and the multi-regional endpoints of the Datastore API.

Gemini Enterprise

Feature

Gemini Enterprise: Data connector for Docusign (Preview)

You can connect Docusign data stores to Gemini Enterprise.

Support for Docusign data stores is in Public Preview. For more information, see Connect Docusign.

Google Distributed Cloud (software only) for VMware

Fixed

The following issues were fixed in 1.33.600-gke.39:

  • Fixed vulnerabilities listed in Vulnerability fixes.
  • Fixed an issue where the node-problem-detector was incorrectly deployed onto non-Advanced (V1) VMware clusters, causing the containerd runtime to continuously restart on affected nodes, leading to ETCD/CRI failures and unsuccessful cluster upgrades.
  • Fixed an issue where setting the deprecated stackdriver.enableVPC field to true in a cluster configuration file would block upgrades to an Advanced Cluster. The stackdriver.enableVPC field has been deprecated and its setting is now ignored during the upgrade validation process.
  • Fixes an issue where Advanced Clusters incorrectly deployed the node problem detector onto non-Advanced clusters, which caused containerd to continuously restart and led to cluster upgrade failures.
  • Fixed an issue where retrying the gkectl upgrade admin command after a previous failure could fail with “AlreadyExists” errors in the bootstrap cluster.
  • Fixed an issue where cluster creation or upgrade failed if the proxy or noProxy configuration fields contained extraneous whitespaces. These spaces interfered with internal command-line argument parsing, causing the control plane load balancer initialization to fail.
  • Fixed an issue where the system certificate pool was ignored when a custom CA certificate was configured for a registry mirror.

Announcement

Google Distributed Cloud (software only) for VMware 1.33.600-gke.39 is now available for download. To upgrade, see Upgrade clusters. Google Distributed Cloud 1.33.600-gke.39 runs on Kubernetes v1.33.5-gke.2200.

If you are using a third-party storage vendor, check the Google Distributed Cloud-ready storage partners document to make sure the storage vendor has already passed the qualification for this release.

After a release, it takes approximately 7 to 14 days for the version to become available for use with GKE On-Prem API clients: the Google Cloud console, the gcloud CLI, and Terraform.

Google Distributed Cloud (software only) for bare metal

Announcement

Google Distributed Cloud (software only) for bare metal 1.33.600-gke.39 is now available for download. To upgrade, see Upgrade clusters. Google Distributed Cloud for bare metal 1.33.600-gke.39 runs on Kubernetes v1.33.5-gke.2200.

After a release, it takes approximately 7 to 14 days for the version to become available for installations or upgrades with the GKE On-Prem API clients: the Google Cloud console, the gcloud CLI, and Terraform.

If you use a third-party storage vendor, check the Google Distributed Cloud-ready storage partners document to make sure the storage vendor has already passed the qualification for this release of Google Distributed Cloud for bare metal.

Fixed

The following issues were fixed in 1.33.600-gke.39:

  • Fixed vulnerabilities listed in Vulnerability fixes.
  • Resolved an issue where Certificate Authority (CA) rotation became stuck on self-managed clusters (admin, hybrid, or standalone). This fix resolves an internal resource synchronization error that previously prevented the rotation process from completing successfully.
  • Allow the metrics-server-operator to clean up legacy resources (secrets, certificates, issuers) for the CA to support rotation.

Google SecOps

Announcement

New parser documentation now available

New parser documentation is available to help you ingest and normalize logs from the following sources:

Google SecOps SIEM

Announcement

New parser documentation now available

New parser documentation is available to help you ingest and normalize logs from the following sources:

Looker

Announcement

To enhance security, the Looker language SDKs and the Looker API /login endpoint are being modified. They will exclusively accept passing credentials in the HTTP request body and will no longer support using URL query parameters.

Release date: This update is expected to take effect with the Looker 26.18 release in October 2026.

Potential impact: Any scripts or applications currently passing credentials in the URL query parameters in the Looker SDK libraries, or directly calling the /login API endpoint, will fail after this update.

Who is affected: All customers using Looker SDKs, custom scripts, or applications that call the /login API endpoint directly.

Action required:

We have sent a message to your affected customers. However, to help avoid service disruptions, please recommend that they evaluate their environment and take the following actions before October 2026:

  • Upgrade SDKs: Upgrade the Looker SDKs to version 26.4 or later as soon as possible.
  • Update custom scripts: Modify any scripts or applications that rely on passing Looker API credentials in URL query parameters so that they will pass credentials in the HTTP request body.
  • Test the environment: Validate these changes in an environment that can identify these potential misconfigurations.

Source: Google Cloud Platform

Latest Posts

Pass It On
Leave a Comment

Comments

No comments yet. Why don’t you start the discussion?

Leave a Reply