Google Cloud Updates on December 14, 2021

Anthos Service Mesh

  • Anthos Service Mesh 1.7-1.9 are no longer supported. For more information, see Supported versions.

Anthos on bare metal

BigQuery BI Engine

Compute Engine

Config Connector

  • Config Connector 1.69.0 is now available
  • Added support for VPCAccessConnector resource
  • Added support for ComputePacketMirroring resource
  • Added support for PrivateCACAPool resource
  • Added support for IAMWorkloadIdentityPool resource
  • Added support for IAMWorkloadIdentityPoolProvider resource
  • Added support for CloudIdentityMembership resource
  • Rollout support for state-into-spec: absent to ContainerCluster resource (Issue #576)
  • Add billgProject flag in ConfigConnectorContext to specify a quota project to send along with user_project_override header, used for all requests sent from Config Connector. If set on a resource that supports sending the resource project, this value will supersede the resource project. This field can only be set if requestProjectPolicy takes BILLING_PROJECT value
  • Fixed the issues in config-connector export that the exported YAML now include zero primitives to match the Google Cloud resource live state
  • Fixed the issues in ContainerCluster with creating autopilot clusters

Dataproc Metastore

  • An Apache Log4j 2 vulnerability. that impacted Dataproc clusters has been addressed (see Recreate and update a cluster, which provides guidance to Dataproc users). Dataproc Metastore users do not need to take any action; the fix applied by Dataproc Metastore is sufficient to address the issue.


  • Datastream now supports customer-managed encryption keys (CMEK). Click here to access the documentation.


  • Added buildDisableIstioSidecar configuration feature.
  • Added buildPodResources configuration feature.
  • Added controllerCACerts configuration feature.
  • Added buildRetentionCount configuration feature.
  • Added V3 Google stack as build option.
  • Added V3 kf-v2-to-v3-shim stack as build option.
  • Fixed an issue that could prevent SIGTERM from reaching an app.
  • Fixed an issue that caused extra reconciliation loops and logs.
  • Improved CLI performance.
  • Improved subresource API server resilience.
  • Updated Config Connect to v1.66.0.
  • Updated Tekton to v0.29.0.
  • Support for Anthos Service Mesh (ASM) v1.11+, which recommends ingress gateways be outside of the istio-system namespace.
  • Changed build ImagePullPolicy default from always download to prefer cached.
  • Improved Workload Identity reliability.

Service Directory