API Gateway
Change
New validations on paths in API configurations
API Gateway now enforces stricter syntax validations on templated paths when you create new API configurations and gateways.
See path templating syntax rules and limits for more information.
Apigee hybrid
Announcement
v1.14.4
On April 27, 2026 we released an updated version of the Apigee hybrid software, v1.14.4.
- For information on upgrading, see Upgrading Apigee hybrid to version v1.14.4.
- For information on new installations, see The big picture.
Feature
Sidecar authentication for Workload Identity Federation on non-GKE platforms
Starting in version v1.14.4, you can now use a sidecar along with Workload Identity Federation on non-GKE platforms to mount security tokens from your preferred identity provider (IDP) for service account authentication. See Use sidecar authentication for Workload Identity Federation on non-GKE platforms.
Security
| Bug ID | Description |
|---|---|
| 471527485, 471173296, 471172082, 471171833 | Security fixes for apigee-synchronizer. This addresses the following vulnerabilities: |
| 471290390, 471199955, 471197958, 470990914 | Security fixes for apigee-runtime. This addresses the following vulnerabilities: |
| 470992132, 470991089, 470989623, 470989232, 470988977 | Security fixes for apigee-mart-server. This addresses the following vulnerabilities: |
| 470953507, 470953254, 470952893 | Security fixes for apigee-hybrid-cassandra. This addresses the following vulnerabilities: |
| 451224723, 451224123 | Security fixes for apigee-fluent-bit. This addresses the following vulnerabilities:
|
| N/A | Security fixes for apigee-asm-ingress. This addresses the following vulnerabilities: |
| N/A | Security fixes for apigee-asm-istiod. This addresses the following vulnerabilities: |
| N/A | Security fixes for apigee-connect-agent. This addresses the following vulnerabilities: |
| N/A | Security fixes for apigee-envoy. This addresses the following vulnerabilities: |
| N/A | Security fixes for apigee-hybrid-cassandra-client. This addresses the following vulnerabilities: |
| N/A | Security fixes for apigee-kube-rbac-proxy. This addresses the following vulnerabilities: |
| N/A | Security fixes for apigee-mint-task-scheduler. This addresses the following vulnerabilities: |
| N/A | Security fixes for apigee-open-telemetry-collector. This addresses the following vulnerabilities: |
| N/A | Security fixes for apigee-operators. This addresses the following vulnerability: |
| N/A | Security fixes for apigee-prom-prometheus. This addresses the following vulnerabilities: |
| N/A | Security fixes for apigee-prometheus-adapter. This addresses the following vulnerabilities: |
| N/A | Security fixes for apigee-redis. This addresses the following vulnerabilities: |
| N/A | Security fixes for apigee-stackdriver-logging-agent. This addresses the following vulnerabilities:
|
| N/A | Security fixes for apigee-udca. This addresses the following vulnerabilities: |
| N/A | Security fixes for apigee-watcher. This addresses the following vulnerability: |
Cloud Service Mesh
Announcement
Managed Cloud Service Mesh using the TRAFFIC_DIRECTOR implementation in the
regular channel now supports a limited implementation of the EnvoyFilter API.
To learn about the supported fields, extensions, and how to use EnvoyFilter
for features like local rate limiting see
Data plane extensibility with EnvoyFilter.
To troubleshoot any issue while configuring, see Resolving data plane extensibility issues.
Cloud Storage
Feature
Cloud Storage now offers support for AI zones. To learn more, see AI zones.
Cloud Trace
Feature
Cloud Trace is a service covered by the Cloud Observability (Monitoring, Logging, Trace) Service Level Agreement (SLA).
Cloud Workstations
Feature
The preconfigured base images
include a notification when the running_timeout for the workstation is
close to being reached.
Compute Engine
Feature
Generally available: Compute Engine now offers support for AI zones. To learn more, see AI zones.
Google Kubernetes Engine
Feature
Google Kubernetes Engine now offers support for AI zones. To learn more, see AI zones.
Google SecOps
Announcement
New parser documentation now available
New parser documentation is available to help you ingest and normalize logs from the following sources:
- Collect Group-IB Threat Intelligence logs
- Collect Microsoft System Center Endpoint Protection (SCEP) logs
- Collect Nagios XI logs
- Collect Neo4j Aura logs
- Collect Nucleus Security – Nucleus Unified Vulnerability Management logs
- Collect Nyansa Voyance / VMware Edge Network Intelligence logs
- Collect Okera Dynamic Access Platform (ODAP) audit logs
- Collect Okta Advanced Server Access logs
- Collect Onapsis Platform logs
- Collect One Identity TPAM logs
- Collect Oracle Cloud Infrastructure – Oracle Cloud Guard logs
- Collect Cisco Identity Intelligence logs
- Collect Microsoft SharePoint (Office 365) logs
- Collect NetApp Console (formerly BlueXP) audit logs
- Collect Netwrix Auditor logs
- Collect Nokia VitalQIP DDI logs
- Collect OpenAI Audit logs
- Collect OpenTelemetry Netflow Receiver logs
- Collect Oracle Fusion Cloud Applications logs
- Collect Oracle NetSuite – NetSuite Applications Suite logs
- Collect Oracle NetSuite logs
- Collect Vectra Alerts logs
- Collect Vectra XDR logs
- Collect Windows Event logs (XML format)
- Collect WinSCP logs
- Collect Workday User Activity logs
- Collect WP Engine logs
- Collect XAMS by Xiting logs
- Collect Yubico OTP logs
- Collect Zero Networks logs
- Collect Zix Email Encryption logs
- Collect Zscaler NSS Feeds for Alerts logs
- Collect ZyXEL ZyWALL logs
Source: Google Cloud Platform
