This page documents production updates to all Apigee software in 2022 and later. We recommend that users periodically check this list for any new announcements, or subscribe to this page using a feed reader to get notifications of updates.
What is a feed reader?
Really simple syndication (RSS) feed readers aggregate content from websites that you specify.
Feed reader notifications can be email-, browser-, desktop-, or mobile-based. Some readers are free, or have free versions, and some require a subscription.
A few examples:
More information on RSS:
See also:
You can see the latest product updates for all of Google Cloud on the Google Cloud page, browse and filter all release notes in the Google Cloud console, or programmatically access release notes in BigQuery.
To get the latest product updates delivered to you, add the URL of this page to your feed reader, or add the feed URL directly.
December 20, 2024
Apigee Advanced API SecurityOn December 20, 2024 we released an updated version of Apigee.
Note: Rollouts of this release to production instances will begin within two business days and may take four or more business days to complete across all Google Cloud zones. Your instances may not have the feature available until the rollout is complete.
Support for environment-level client IP address resolution
This release introduces the ability to specify, per environment, how to capture the client IP address on API requests from the X-Forwarded-For header. When configured for the environment, the specified client IP address is used to apply security actions, populate the ax_resolved_client_ip
Analytics variable and the new client.resolved.ip
flow variable. The new configuration option can be used to specify the request IP address used in Advanced API Security.
This functionality is not available in Apigee hybrid at this time.
For more information and usage instructions, see the Client IP resolution customer documentation, Analytics dimensions, and client flow variable.
On December 20, 2024 we released an updated version of Apigee.
Note: Rollouts of this release to production instances will begin within two business days and may take four or more business days to complete across all Google Cloud zones. Your instances may not have the feature available until the rollout is complete.
Support for environment-level client IP address resolution
This release introduces the ability to specify, per environment, how to capture the client IP address on API requests from the X-Forwarded-For header. When configured for the environment, the specified client IP address is used to apply security actions, populate the ax_resolved_client_ip
Analytics variable and the new client.resolved.ip
flow variable. The new configuration option can be used to specify the request IP address used in Advanced API Security.
This functionality is not available in Apigee hybrid at this time.
For more information and usage instructions, see the Client IP resolution customer documentation, Analytics dimensions, and client flow variable.
Dynamic Backend Authentication support for Connectors
Application Integration now supports dynamic backend authentication for connectors. Enable Authentication Override in Integration Connectors to allow your connections to seamlessly switch between authentication methods during runtime.
For more information, see Configure authentication override.
December 19, 2024
Apigee XOn December 19, 2024, we released an updated version of Apigee (1-14-0-apigee-3) for trial organizations only.
Bug ID | Description |
---|---|
N/A | Updates to security infrastructure and libraries. |
You can now build and publish custom connectors for Google Cloud Marketplace. This feature is in preview.
The following connectors built by partners are available in the Google Cloud Marketplace. You can use these connectors to create connections and use them in Application Integration.
- Exact HR
- Openlegacy IBMi/AS/400 API
- Salesforce Commerce Cloud B2B
December 17, 2024
Apigee XOn December 17, 2024, we released a new version of Apigee.
With this release, the maximum number of apps per AppGroup is increased from 500 to 30,000.
For more information, see the Apigee Limits page.
December 16, 2024
Apigee hybridhybrid v1.14.0
On December 16, 2024 we released an updated version of the Apigee hybrid software, v1.14.0.
- For information on upgrading, see Upgrading Apigee hybrid to version v1.14.
- For information on new installations, see The big picture.
Enhanced Proxy Limits in Hybrid environments
Starting in version v1.14, new Apigee hybrid organizations can be provisioned with the ability to deploy more than 50 proxies per environment enabled. This feature is already available for Apigee X.
Starting with Apigee hybrid version 1.14, the limits for Apigee hybrid organizations have increased:
- The maximum number of deployed API proxies and shared flows per organization is 6000.
- The maximum number of proxy deployment units per Apigee instance is 6000.
- The maximum number of API base paths per Apigee organization is 3000.
When more than 50 proxies are deployed in an environment, Apigee will automatically partition the environment into several distinct replica sets, each containing a subset of proxies deployed in the environment. These replica subsets are equivalent in behavior to a single environment in the way it loads and runs a set of proxies and other environment resources. This will be transparent to the user, and you can continue to use the environment as you would a single environment.
Cassandra credential rotation
Starting in version v1.14, you can rotate Cassandra credentials in Kubernetes secrets. In addition, you can now roll back credential rotation before the cleanup job is initiated in both Vault and Kubernetes secrets. See:
Enable and disable metrics-based scaling with customAutoscaling.enabled
Starting in version v1.14, you can enable and disable metrics-based auto-scaling with the customAutoscaling.enabled
configuration property. See:
New analytics and debug data pipeline for hybrid orgs
Starting with version 1.14, all newly created Apigee hybrid orgs created can use a new data pipeline to collect analytics and debug data and allow various runtime components to write data directly to our control plane. See:
Forward Proxy allowlist access
Starting in version v1.14, forward proxies pass through access to allowlisted URLs. Therefore you only need to configure allowlists to googleapis.com URLs on the server on which the forward proxy is configured. See:
Guardrails checks to ensure backups before upgrade
Starting in version 1.14 new guardrails checks have been added to ensure a backup is enabled and has been made before proceeding with an upgrade. See:
Bug ID | Description |
---|---|
382323427 | Added a guardrails check that requires backup to be enabled for Apigee Hybrid upgrades. Backups are required prior to upgrading to support restoring to the previous version, if necessary. |
380346557 | Added a guardrails check that requires the backup within the last 24 hours to be present if the CSI backup is enabled. This will minimize potential data loss if a restore to the previous version is needed. |
377573589 | Fix a bug where manually created rollbacks would interfere with existing rotations instead of cancelling them. |
362305438 | Users can now add additional env variables to the runtime component. See runtime.envVars |
319152386 | Fix AccessTokenGenerationFailure in runtime when using a forward proxy. |
335357961 | Fixed an issue where Apigee hybrid could claim uploads of backups with the Cloud provider when no bucket had been configured |
290183372 | The need to whitelist oauth2 and iamcredentials.googleapis.com directly from MP in fwd proxy setup is removed. |
237656263 | Resolved issue with ServiceCallout policy not working in async mode as expected. |
373722434 | Fixed support for backups to Google Cloud Storage buckets with retention policies. (Fixed in v1.13.2) |
368646378 | Fixed an issue affecting control Plane connectivity testing in Guardrails. (Fixed in v1.12.3) |
364282883 | Remove check for dc-expansion flag and add timeout to multi-region seed host connection test. (Fixed in v1.13.1) |
362979563 | Fix for Ingress Health Check failure /healthz/ingress - route_not_found . (Fixed in 1.13.0-hotfix.1) |
362690729 | Fix for aggressive scaling of runtime pods & cpu spike. (Fixed in 1.13.0-hotfix.1) |
362305438 | You can now add additional env variables to the runtime component. (Fixed in v1.13.1) |
361044374 | Fixes assign message not correctly highlighting the set payload action in the debug trace. (Fixed in v1.13.2) |
355122464 | This release contains a few error-handling fixes for CSI backup and restore. (Fixed in v1.13.2) |
353527851 | WebSocket connection drops when using VerifyJwt or OAuthV2 VerifyJWTAccessToken operations. (Fixed in v1.13.1) |
351440306 | An issue was fixed where trace could not be viewed in the UI for orgs with DRZ enabled. (Fixed in v1.13.1) |
347798999 | You can now configure forward proxy for opentelemetry pods in Apigee hybrid. (Fixed in v1.12.2) |
338638343 | An ID is now added at the end of apigee-env and virtualhost guardrails pods to make the pod names unique. (Fixed in v1.13.1) |
237656263 | Fix added to make use of asynchronous ServiceCallout execution when the ServiceCallout policy <Response> element is not present (Fixed in v1.13.2) |
181569113 | Fixed an issue in new debug session creation. (Fixed in v1.12.3) |
Bug ID | Description |
---|---|
N/A | Security fixes for apigee-redis . This addresses the following vulnerabilities: |
N/A | Security fixes for livenessprobe . This addresses the following vulnerability: |
376104926 | Security fixes for apigee-kube-rbac-proxy . (Fixed in v1.12.3) This addresses the following vulnerabilities: |
N/A | Security fixes for apigee-redis . (Fixed in v1.13.2) This addresses the following vulnerabilities: |
N/A | Security fixes for apigee-open-telemetry-collector . (Fixed in v1.13.1) This addresses the following vulnerability: |
N/A | Security fixes for apigee-open-telemetry-collector . (Fixed in v1.12.3) This addresses the following vulnerability: |
N/A | Security fixes for apigee-cassandra-backup-utility and apigee-hybrid-cassandra . (Fixed in v1.12.2) This addresses the following vulnerability: |
December 13, 2024
Application IntegrationIntegration templates (Preview)
Save time and effort building integrations with integration templates. These pre-defined blueprints provide a starting point for common integration flows, allowing you to quickly create and customize integrations without starting from scratch.
For more information, see Templates.
Generate and view OpenAPI Specification (Preview)
You can now generate and view the OpenAPI Specification for any published integration that uses API triggers. This allows for greater understanding and analysis of your integration's API interactions.
For more information, see View OpenAPI Specification for your integration.
API trigger input and output variables
You can now set request and response payloads for an API trigger using trigger specific input and output variables. For more information, see API trigger.
December 10, 2024
Apigee Integrated PortalOn December 10, 2024, we released a new version of the Apigee integrated portal.
Bug ID | Description |
---|---|
381086551 | Fixed an issue that caused the page list view to fail for some portals with large numbers of pages. |
On December 10, 2024, we released an updated version of Apigee (1-14-0-apigee-2).
Bug ID | Description |
---|---|
357880539 | Resolved issue with missing span in the Apigee UI for distributed trace. |
237656263 | Resolved issue with ServiceCallout policy not working in async mode as expected. |
N/A | Updates to security infrastructure and libraries. |
November 22, 2024
Apigee UIOn November 22, 2024, we released an updated version of the Apigee UI.
This release includes an improved Apps page for Apigee API Management in the Google Cloud console, making it easier to manage API products that are assigned to app credentials.
With this release:
- Products can be added to an app from a single multi-select list box.
- Products can be approved, revoked, and removed from a credential by selecting products in the credential product table and using one of the available action buttons.
- Clicking the Add Credential button adds an empty credential to the list.
- Credential approval and expiry configuration fields are located in the credential card.
- A warning appears to users if they attempt to leave the Apps page when un-saved changes are present.
Bug ID | Description |
---|---|
357165778 | Refactored app credential management experience Resolved issue causing the Apps page in the Apigee UI in Cloud console to crash when working with apps that have a large amount of products assigned to app credentials. |
November 18, 2024
Application IntegrationJavaScript task using Gemini
If your integration flow requires any complex data mapping logic, Gemini can now recommend a JavaScript task. For more information, see Create an integration using Gemini.
You can add a JavaScript task, edit an existing task, or use Gemini to help understand the JavaScript code. For more information, see Configure JavaScript tasks.
November 15, 2024
Apigee UIOn November 15, 2024, we released an updated version of the Apigee UI.
Bug ID | Description |
---|---|
376257906 | Fixed issue with custom report editing Resolved issue where customer reports without properties that were created using the API could not be rendered with the Edit option. |
November 14, 2024
Apigee Advanced API SecurityOn November 14, 2024 we released a new version of Advanced API Security
IP address drill down details are now available in the preview release of Advanced API Security Abuse Detection Incidents.
This new functionality allows viewing details of detected abuse by source IP.
For usage information, see the Abuse Detection customer documentation.
November 12, 2024
Apigee hybridhybrid v1.13.2
On November 12, 2024 we released an updated version of the Apigee hybrid software, 1.13.2.
- For information on upgrading, see Upgrading Apigee hybrid to version 1.13.2.
- For information on new installations, see The big picture.
Bug ID | Description |
---|---|
373722434 | Fixed support for backups to GCS buckets with retention policies. |
361044374 | Fixes assign message not correctly highlighting the set payload action in the debug trace. |
355122464 | This release contains a few error-handling fixes for CSI backup and restore. |
237656263 | Fix added to make use of asynchronous ServiceCallout execution when the ServiceCallout policy <Response> element is not present.
Procedure:
|
Bug ID | Description |
---|---|
N/A | Security fixes for apigee-redis . This addresses the following vulnerabilities: |
November 01, 2024
Apigee hybridhybrid v1.12.3
On November 1, 2024 we released an updated version of the Apigee hybrid software, 1.12.3.
- For information on upgrading, see Upgrading Apigee hybrid to version 1.12.3.
- For information on new installations, see The big picture.
Bug ID | Description |
---|---|
368646378 | Fixed an issue affecting control Plane connectivity testing in Guardrails. |
361044374 | Fixes assign message not correctly highlighting the set payload action in the debug trace. |
335357961 | Fixed an issue where Apigee hybrid could claim uploads of backups with the Cloud provider when no bucket had been configured |
181569113 | Fixed an issue in new debug session creation. |
Bug ID | Description |
---|---|
376104926 | Security fixes for apigee-kube-rbac-proxy . This addresses the following vulnerabilities: |
N/A | Security fixes for apigee-open-telemetry-collector . This addresses the following vulnerability: |
October 28, 2024
Application IntegrationAdd failure policy (Generally available (GA))
You can now configure more complicated retry strategies for tasks, such as retries based on the error codes or the variable values during the execution:
- Configure multiple ordered conditional failure policies for each task.
- Configure a default failure policy that will be applied if no conditional failure policies matches.
- Use system auto-generated variables in the failure policies. For example,
ExecutionMode
andErrorInfo
.
For more information, see Example for error handling.
October 23, 2024
Apigee XOn October 23, 2024, we released an updated version of Apigee (1-14-0-apigee-1).
Bug ID | Description |
---|---|
N/A | Updates to security infrastructure and libraries. |
October 22, 2024
Apigee XOn October 22, 2024, we released a new version of Apigee.
With this release, the following limits for Apigee organizations have changed:
- The maximum number of deployed API proxies and shared flows per (non-hybrid) organizations is 6000.
- The maximum number of proxy deployment units per Apigee instance is 6000.
- The maximum number of API base paths per Apigee organization is 6000.
For more information, see the Apigee Limits page.
October 18, 2024
Apigee API hubOn October 18, 2024, Apigee announced the an update to Apigee API hub.
In addition to us-central1
and europe-west1
, Apigee API hub now supports the following new hosting regions:
Region Description | Region name |
---|---|
Northern Virginia | us-east4 |
Oregon | us-west1 |
London | europe-west2 |
Singapore | asia-southeast1 |
Mumbai | asia-south |
Sao Paulo | southamerica-east1 |
Sydney | australia-southeast1 |
See Provision API hub.
October 11, 2024
Apigee UIOn October 11, 2024, we released an updated version of the Apigee UI.
Bug ID | Description |
---|---|
357165778 | VerifyIAM policy selection removed for hybrid organizations. The VerifyIAM policy is not supported for hybrid-enabled Apigee organizations. It has been removed as an option in the Proxy Editor. |
372224845 | Offline debug page not loading Fixed issue where the offline debug page would not load if a debug session was loaded elsewhere in the UI previously. |
October 10, 2024
Apigee XOn October 10, 2024, we released an updated version of Apigee.
Apigee no longer limits the number of Cloud projects that can connect to an Apigee instance. Previously, the limit was 50 projects. For each project, you can now create up to 100 Private Service Connect Network Endpoint Groups. The previous limit was 20. For any Apigee instances created before October 10, 2024, you must perform an update to the consumer accept list for an Apigee instance if you want to take advantage of these new limits. See Updating the consumer accept list for an Apigee instance. See also Limits.
October 08, 2024
Apigee Advanced API SecurityOn October 8, 2024 we released an updated version of Advanced API Security.
Note: Rollouts of this release to production instances will begin within two business days and may take four or more business days to complete across all Google Cloud zones. Your instances may not have the feature available until the rollout is complete.
New features added to the Risk Assessment v2 preview
This release introduces new features to the Risk Assessment v2 preview:
- Support for custom security profiles. You can create your own security profiles, with unique combinations of risk assessment checks and weights, to use for proxy risk assessment.
- New assessment checks. We've added additional checks you can use when assessing proxy risk.
- Assess proxies across multiple profiles. You can now switch between security profiles to see differences in scoring across profiles.
For usage information and a list of all features in Risk Assessment v2, see the Risk Assessment v2 customer documentation.
On October 8, 2024, we released an updated version of Apigee (1-13-0-apigee-6).
This release addresses the security concerns in GCP-2024-052 from Google Anthos Service Mesh.
Bug ID | Description |
---|---|
361714906 | Fixed synchronization issue with Cloud KMS keys Implemented recovery mechanism for the Apigee dataplane in the event of an extended disruption in the CloudKMS key service. |
361044374 | Resolved issue with incorrect payloads shown in debug trace When using debug trace with the AssignMessage policy, the UI now displays the correct request and response payloads. |
N/A | Updates to security infrastructure and libraries. |
Build integrations with Gemini Code Assist (GA)
Building integrations with Gemini Code Assist is now generally available (GA).
Additionally, if you have API Hub enabled in your project, then Gemini can assist you to provide contextually appropriate Call REST Endpoint tasks and task configuration recommendations based on the logical flow of your existing integration. For more information see, Configure Call REST API tasks.
October 06, 2024
Application IntegrationLocal logging in async mode (Generally available (GA))
By default, local logging for new integrations is now enabled in async mode. With this change, the log data is persisted (written) at fixed intervals or after the completion of the integration's execution, whichever is earlier. You can change the default settings by editing the integration details.
For more information, see Local logging.
Test cases (Preview)
You can now test if your integration is working as intended by creating and running test cases on your complex integrations.
For information about test case, see Introduction to test cases. Learn how to do the following:
Diagram mode in the Data Transformer Task (Preview)
The Diagram mode provides a console-based experience to select the input and output variables and perform transformations in the data transformation editor. For more information, see the Data Transformer task.
Replay execution (Preview)
You can now rerun a failed integration with the same parameters as the previous execution. For more information, see Replay executions.
Cancel execution (Preview)
If you have executions that are suspended due to an approval task or a technical issue, you can now choose to cancel those executions. For more information, see Cancel executions.
October 04, 2024
Apigee Advanced API SecurityOn October 4, 2024 we released an updated version of Advanced API Security.
Fixed: Delay in score generation for Risk Assessment v2 with VPC-SC-enabled organizations only
In Risk Assessment v2, which is in preview, this issue has been resolved:
With VPC-SC-enabled organizations only, when generating scores for new organizations or scoring changes to included proxies, shared flows, and target server configurations, score generation could have take as much as three hours.
See the Risk Assessment v2 customer documentation for information on the functionality.
Risk Assessment v2 is now available in the me-central2
region. See Available Apigee API Analytics Regions for region information.
hybrid v1.13.1
On October 4, 2024 we released an updated version of the Apigee hybrid software, 1.13.1.
- For information on upgrading, see Upgrading Apigee hybrid to version 1.13.1.
- For information on new installations, see The big picture.
Cassandra credential rotation in Vault
Starting in version v1.3.1, You can set up automatic Cassandra credential rotation when your credentials are stored in Hashicorp Vault. See Rotating Cassandra credentials in Hashicorp Vault.
New analytics and debug data pipeline for data residency-enabled orgs
Newly created Apigee hybrid v1.13.1 orgs created with data residency enabled can use a new data pipeline to collect analytics and debug data and allow various runtime components to write data directly to our control plane. You cannot use the new data pipeline with non data residency-enabled orgs; only new orgs created on hybrid v1.13.1 can use this new feature. For details, see Using data residency with Apigee hybrid.
Bug ID | Description |
---|---|
364282883 | Remove check for dc-expansion flag and add timeout to multi-region seed host connection test. |
362305438 | You can now add additional env variables to the runtime component. |
353527851 | WebSocket connection drops when using VerifyJwt or OAuthV2 VerifyJWTAccessToken operations. |
351440306 | An issue was fixed where trace could not be viewed in the UI for orgs with DRZ enabled. |
338638343 | An ID is now added at the end of apigee-env and virtualhost guardrails pods to make the pod names unique. |
Bug ID | Description |
---|---|
N/A | Security fixes for apigee-open-telemetry-collector . This addresses the following vulnerability: |
October 03, 2024
Apigee UIOn October 3, 2024, we released an updated version of the Apigee UI.
Bug ID | Description |
---|---|
369647749 | Proxy deployment units counts include shared flows Fixed issue where proxy deployment unit counts in the UI did not take into account shared flow deployments. |
369385955 | Fixed the display of the Apigee apps list Resolved an issue causing Apigee apps to display incorrectly in the Apps list when the search bar is used for filtering. |
361497390 | Updated the description and calculation of Apigee deployment quotas The deployment quota displayed on the Apigee overview page now correctly describes and calculates the value of all proxy deployment units, including both API proxy and shared flow deployments across all environments./p> |
October 02, 2024
Apigee XOn October 2, 2024, we released an updated version of Apigee.
With this release, all remaining Apigee API Management organizations with Subscription 2021 contracts have been upgraded to introduce standard and extensible API proxy features.
To learn more about:
- Standard and Extensible API Proxy types, see API Proxy types.
- Viewing proxy deployment count, see View proxy deployment usage.
Subscription Apigee organizations (without hybrid entitlements) upgraded in this release will see changes to the user experience in the Classic Apigee UI. To support management of the upgraded functionality now available to these organizations, a number of feature administration pages are now only available in the Apigee UI in Cloud console.
For more information, see Apigee UI in Cloud console navigation.
September 26, 2024
Apigee API hubOn September 26, 2024, Apigee announced the GA launch of Apigee API hub.
A new "Get started with API hub" page was added to the user interface. This new page includes valuable getting started information, including a new FAQ, to help you get the most out of API hub.
We added a new Supply chain page where you can create, view and manage your dependencies across API operations. The same dependencies can also be created from the API operations page. See Manage dependencies.
The Semantic Search (formerly Smart Search) user interface has been improved, and search results are shown across all API hub entities, such as APIs, deployments, specifications, and versions. See Search and filter APIs.
We added support for GMEK and CMEK in the provisioning steps. While provisioning, you can also choose to host your Vertex search data in a different location or disable Vertex search altogether. See Provision API hub.
We added support for Cloud audit logging.
The List APIs for specifications, dependencies, and external APIs have been enhanced to return a complete response, including user-defined attributes.
While you can use API hub by making direct REST over HTTP requests, we now provide client libraries for several popular languages. See API hub client libraries.
Significant user interface improvements were made, such as standardization of cards on the API details page, unlinking of deployments, various performance fixes, and more.
On September 26, 2024 we released an updated version of Apigee.
If you have CMEK org policy constraints on your Google Cloud project, Apigee will enforce compliance with those constraints and guide you in choosing valid configuration, and prevent you from using Apigee features that are not CMEK-compliant.
The following documents are new and explain how to use CMEK with Apigee:
The following documents have been updated with the relevant CMEK information:
A known issue was added: Apigee does not support Cloud External Key Manager.
A known issue was added: Apigee does not support key re-encryption, which means even after rotation, the old key version will still be used and you cannot change the CMEK key after org creation.
September 25, 2024
Application IntegrationView logs in Cloud Logging
Viewing integration execution logs in Cloud Logging is now generally available (GA). For more information, see View logs in Cloud Logging
September 24, 2024
Application IntegrationThe Resolve JSON Path data transformer function is now available. This function resolves a JSON path on a given JSON object by using the JSONPath
reference.
September 20, 2024
Apigee XOn September 20, 2024, we released an updated version of Apigee (1-13-0-apigee-5).
Bug ID | Description |
---|---|
366039324 | Fixed PEM parsing error in JWT/JWS policies Resolved a PEM parsing error in JWT/JWS policy execution caused by a problematic PEM format. |
353527851 | Resolved dropped WebSocket connection Fixed issue causing a dropped WebSocket connection when using the OAuthV2 policy and the |
361166073 | Fixed issue with JWKS rejection in GenerateJWT policy Fixed an issue where valid JWKS used to sign encrypted JWTs with the GenerateJWT Policy are incorrectly rejected with |
352593965 | Resolved SSL enforcement bug in proxies using the <SSLInfo> block This release fixes an SSL enforcement bug in proxies where an |
N/A | Updates to security infrastructure and libraries. |
September 18, 2024
Apigee UIOn September 18, 2024, we released an updated version of the Apigee UI.
Bug ID | Description |
---|---|
349284447 | All API products associated with a key now displayed in the UI All API products associated with a key can now be viewed in the App detail page of the UI using pagination. Previously, a maximum of 50 API products could be displayed. |
On September 18, 2024 we released an updated version of Apigee
Release of Cloud IAM-based authorization and authentication and the VerifyIAM policy.
This release introduces Cloud IAM-based authorization and authentication for Apigee API access. With this IAM-based solution, access to invoke an API requires the API consumer to have a specific Google Cloud IAM role or permissions.
For information, see IAM-based API authentication overview and VerifyIAM policy.
September 13, 2024
Apigee hybridhybrid v1.12.2
On September 13, 2024 we released an updated version of the Apigee hybrid software, 1.12.2.
- For information on upgrading, see Upgrading Apigee hybrid to version 1.12.2.
- For information on new installations, see The big picture.
Bug ID | Description |
---|---|
362305438 | You can now add additional env variables to the runtime component. |
347798999 | You can now configure forward proxy for opentelemetry pods in Apigee hybrid. |
Bug ID | Description |
---|---|
N/A | Security fixes for apigee-cassandra-backup-utility and apigee-hybrid-cassandra . This addresses the following vulnerability: |
September 12, 2024
Apigee XOn September 12, 2024, we released an updated version of Apigee.
With this release, Apigee supports Workforce Identity Federation.
Workforce Identity Federation lets you use an external identity provider (IdP) to authenticate and authorize a workforce — a group of users, such as employees, partners, and contractors — using Identity and Access Management (IAM) to access Apigee services.
See Access Apigee using Workforce Identity Federation for more information.
Bug ID | Description |
---|---|
338285095 | Fixed a problem where apps associated with an AppGroup did not appear in the Apps list in the Apigee UI in Cloud Console. As a result, users could not access the app's App Detail page in the console. Using search in the console with a partial app name or API key search for the app was not available. With this fix, users can now view apps associated with an AppGroup in the Apps list, and view details for each app or delete the app. Users will still not be able to create or edit AppGroup apps. Apigee hybrid organizations were not impacted by this problem, as they use the Classic UI to view the app details. |
PEM parsing error in JWT/JWS policies due to non-standard format
For Apigee and Apigee hybrid versions 1.13 and higher, any deviations in the required PEM format of keys used in Apigee JWS or JWT policies may result in a parsing error.
For more information, see Apigee known issues.
The XSLT Transform data transformer function is now available. This function transforms the specified XML string using the specified XSL string.
September 11, 2024
Apigee Advanced API SecurityDelay in score generation for Risk Assessment v2 with VPC-SC-enabled organizations only
This issue impacts Risk Assessment v2 only, which is in preview.
With VPC-SC-enabled organizations only, when generating scores for new organizations or scoring changes to included proxies, shared flows, and target server configurations, score generation could take as much as three hours.
See the Risk Assessment v2 customer documentation for information on the functionality.
September 10, 2024
Apigee Advanced API SecurityOn September 10, 2024 we released an updated version of Advanced API Security.
Proxy-specific security actions
You can now create security actions that apply only to one or more specified proxies.
This new functionality is not available with Apigee hybrid at this time.
See Security actions to learn more about proxy-specific security actions.
September 05, 2024
Apigee UIOn September 5, 2024, we released an updated version of the Apigee UI.
An informational message was added to the action creation flow for Apigee Security actions, informing users that actions can't be edited or deleted.
Bug ID | Description |
---|---|
349284447 | Correct sorting for revisions in Duplicate Proxy The Duplicate Proxy experience now correctly sorts the list of existing revisions. |
359475166 | Fixed issue with Analytics Error Analysis Resolved issue with the Error Composition page that interchanged the proxy error and target error legend. |
hybrid 1.13.0-hotfix.1
On September 5, 2024 we released an updated version of the Apigee hybrid software, 1.13.0-hotfix.1.
Apply this hotfix following the steps in Upgrading Apigee hybrid to version 1.13:
- For information on upgrading, see Upgrading Apigee hybrid to version 1.13.
- For information on new installations, see The big picture.
Bug ID | Description |
---|---|
362690729 | Fix for aggressive scaling of runtime pods & cpu spike. |
362979563 | Fix for Ingress Health Check failure /healthz/ingress - route_not_found . |
August 30, 2024
Apigee XOn August 30, 2024, we released an updated version of Apigee (1-13-0-apigee-4).
Bug ID | Description |
---|---|
N/A | Updates to security infrastructure and libraries. |
August 27, 2024
Apigee XClarification: On July 26 we announced monetization support with data residency. Please note that monetization support with data residency is for non-hybrid organizations only at this time.
For more information, see Introduction to data residency.
August 26, 2024
Apigee XOn, August 26, 2024, Apigee announced the GA launch of its non-VPC provisioning option.
With the non-VPC peering provisioning approach, you are not required to provide networks and IP ranges during the Apigee provisioning process. Instead, you use Private Service Connect (PSC) for routing northbound traffic to Apigee and southbound traffic to target services running in your Google Cloud projects. Non-VPC peering is supported for command-line (CLI) steps only. You can perform non-VPC provisioning for subscription, Pay-as-you-go, and evaluation installations of Apigee.
To learn more, see Apigee networking options.
August 23, 2024
Apigee API hubOn August 23, 2024, we updated the Preview release of Apigee API hub.
You can now edit an uploaded API specification's metadata through the Cloud console. See Edit specification metadata.
You can now choose in the Cloud console to restrict the upload of an API specification file that contains errors. By default, specs containing errors are uploaded. See Add a spec to an existing version.
When an Apigee API proxy is auto-registered, its deployment type is now labeled either Apigee X or Apigee hybrid. Existing Apigee proxy deployments registered with API hub will also be labeled with the appropriate type. See Auto-register Apigee proxies.
All API proxy endpoints auto-registered from Apigee will be prefixed with https://
by default. Endpoints for existing API proxies that were added to API hub will be updated.
A validation check has been added to reject an API specification style guide upload if the style guide's extends
property contains a URL. See Upload a new style guide.
User interface and performance improvements were made.
Provisioning improvements were made to address potential failures.
hybrid v1.13.0
On August 23, 2024 we released an updated version of the Apigee hybrid software, v1.13.0.
- For information on upgrading, see Upgrading Apigee hybrid to version v1.13.0.
- For information on new installations, see The big picture.
Storing additional secrets in an external secret store
Starting in version v1.13, You can now store AX Hash Salt, Redis password, and Encryption keys in an external secret store like Hashicorp Vault. See Storing Secrets in Vault.
Apigee Operator now runs in the Apigee Kubernetes namespace
Starting in version v1.13, apigee-operator
runs in the same name space as the other Apigee hybrid components instead of the apigee-system
namespace. You can use apigee
or your own custom Apigee namespace. See Upgrading Apigee hybrid to version v1.13.0 and Step 3: Create the apigee namespace.
Improved backup and restore
Starting in version v1.13.0, Apigee hybrid introduces a new backup and restore system. The new system removes the need for pod exec permission and use of a Kubernetes ClusterRole, and requires fewer Kubernetes Service Accounts when using Workload Identity. The new system replaces use of the apigee-cassandra-backup-utility image by using the apigee-hybrid-cassandra-client image. The apigee-cassandra-backup-utility image will no longer be provided starting with this release. See Scheduling backups in a remote server.
Leader election enabled for apigee-watcher
component
Starting in version v1.13.0, leader election is enabled for the apigee-watcher
component. For proper functioning of the leader election, make sure that the apigee-watcher
component uses only one replica set.
Bug ID | Description |
---|---|
352070616 | Update Go language version. |
351868444 | Tolerations are now working for Redis's Envoy pod. (Fixed in 1.12.1-hotfix.1) |
347997965 | Upgrading to Apigee Hybrid 1.11.2 and 1.10.5 can cause missing metrics. (Fixed in 1.11.2-hotfix.1) |
347798999 | Fixed issue preventing configuration of forward proxy for opentelemetry pods. (Fixed in Apigee hybrid v 1.12.1) |
346589998 | Check Cassandra DNS hostname resolution during Hybrid region expansion. |
345501069 | Fixed issue with Hybrid Guardrails resource configuration preventing the Guardails pod from starting. (Fixed in Apigee hybrid v 1.12.1) |
341797795 | Autofill the Hybrid Guardrails checkpoint value if a checkpoint is not provided. (Fixed in Apigee hybrid v 1.12.1) |
340889560 | Added csi to the apigee-logger SCC. (Fixed in Apigee hybrid v 1.12.0-hotfix.1) |
340248314 | Added support for targetCPUUtilizationPercentage to apigeeIngressGateway and ingressGateways . The default value is 75. (Fixed in Apigee hybrid v 1.12.1) |
339849002 | Hashicorp Vault integration issues fixed for Google Service Account for Cassandra Backup/Restore. (Fixed in Apigee hybrid v 1.12.0-hotfix.1) |
324779388 | Improved error handling for backup and restore. (Fixed in Apigee hybrid v 1.12.1) |
311489774 | Removed inclusion of Java in Cassandra client image.. (Fixed in Apigee hybrid v 1.12.1) |
310338146 | Fixed invalid download directory output from the create-service-account tool. (Fixed in Apigee hybrid v 1.12.1) |
300135626 | Removed inclusion of Java in Cassandra Backup Utility image. (Fixed in Apigee hybrid v 1.12.1) |
297539870 | HTTPTargetConnection property io.timeout.millis is now honored correctly when using websockets. (Fixed in 1.11.2-hotfix.2) |
239523766 | Remove "Unable to evaluate jsonVariable, returning null" logging string from ExtractVariables Policy (Fixed in Apigee hybrid v 1.12.1) |
181569113 | Fixed an issue in new debug session creation. (Fixed in Apigee hybrid v 1.11.2) |
Bug ID | Description |
---|---|
N/A | Security fixes for apigee-asm-istiod . This addresses the following vulnerability: |
N/A | Security fixes for apigee-cassandra-backup-utility . This addresses the following vulnerability: |
N/A | Security fixes for apigee-connect-agent . This addresses the following vulnerabilities: |
N/A | Security fixes for apigee-envoy . This addresses the following vulnerability: |
N/A | Security fixes for apigee-fluent-bit . This addresses the following vulnerability: |
N/A | Security fixes for apigee-hybrid-cassandra . This addresses the following vulnerabilities: |
N/A | Security fixes for apigee-hybrid-cassandra-client . This addresses the following vulnerability: |
N/A | Security fixes for apigee-mart-server . This addresses the following vulnerabilities: |
N/A | Security fixes for apigee-mint-task-scheduler . This addresses the following vulnerabilities: |
N/A | Security fixes for apigee-operators . This addresses the following vulnerabilities: |
N/A | Security fixes for apigee-prom-prometheus . This addresses the following vulnerability: |
N/A | Security fixes for apigee-prometheus-adapter . This addresses the following vulnerability: |
N/A | Security fixes for apigee-redis . This addresses the following vulnerabilities: |
N/A | Security fixes for apigee-udca . This addresses the following vulnerability: |
N/A | Security fixes for apigee-watcher . This addresses the following vulnerability: |
N/A | Security fixes for cassandra-backup-utility . This addresses the following vulnerability: |
August 22, 2024
Apigee Integrated PortalOn August 22, 2024 we released a new version of the Apigee integrated portal.
Bug ID | Description |
---|---|
350546059 | Fixed an issue when displaying OpenAPI Specs in the portal that caused the Example button to show even when no example was present. |
New canvas view
In the integration editor layout, you can try the new canvas view to create integration flows. This feature is in preview. The canvas view offers the following benefits:
- Improved responsiveness of the canvas interaction
- Clearer view of your integration
- Minimap view
- Easier to build integrations
August 19, 2024
Apigee XTimeouts when deploying API proxies and shared flows
The following endpoints may experience timeouts when used with a high volume of queries per second (QPS):
- organizations.environments.apis.revisions.
deployments.deploy - organizations.environments.apis.revisions.
deployments.undeploy - organizations.environments.sharedflows.revisions.
deployments.deploy - organizations.environments.sharedflows.revisions.
deployments.undeploy
To reduce the likelihood of timeouts, we recommend a target of three QPS when using these endpoints.
To track the status of this issue, see Apigee Known Issues.
August 18, 2024
Application IntegrationIn the Application Integration editor, you can now search, browse, and select tasks and connectors in the Tasks list. For more information, see Add a Connectors task.
August 16, 2024
Apigee XOn August 16, 2024, we released an updated version of Apigee (1-13-0-apigee-3).
Bug ID | Description |
---|---|
324418891 | Added improvements to the MessageLogging policy to avoid potential downtime and deployment failures. |
351068926 | Updated the error format, fault status, and status code returned (from 500 to 404 ) in cases where an invalid authorization code causes an error. |
August 15, 2024
Apigee UIOn August 15, 2024, we released an updated version of the Apigee UI.
Bug ID | Description |
---|---|
356453519 | Fixed issue with the display of shared flow detail pages. In some cases, detail pages for shared flows with names containing a space (" ") would not display and resulted in UI errors. |
355674677 | Fixed infinite redirect loop after Subscription org provisioning. Clicking the Continue button in the final step of the Subscription organization provisioning flow resulted in an infinite redirect loop. |
On August 15, 2024 documentation was added describing how to provision Apigee in the Google Cloud console.
See Get started in the Google Cloud console for more information.
Apigee provisioning for Subscription orgs is now performed in the Google Cloud console.
August 13, 2024
Apigee Advanced API SecurityOn August 13, 2024 we released an updated version of Advanced API Security.
Note: Rollouts of this release to production instances will begin within two business days and may take four or more business days to complete across all Google Cloud zones. Your instances may not have the feature available until the rollout is complete.
Note: This functionality is not available in the me-central2
region at this time. See Available Apigee API Analytics Regions for region information. We will announce with a release note when that region is supported.
Public preview of Risk Assessment v2
This release introduces Risk Assessment v2 in preview. Risk Assessment v2 includes these improvements:
- Improved reliability: Faster score calculations with recent proxy data.
- Simplified score display: The new score is a percentage, where 100% means full alignment with the security profile.
For usage information and a list of all improvements and changes in v2, see Risk Assessment v2.
August 12, 2024
Apigee XOn August 12, 2024, we released a new version of Apigee.
We changed the maximum number of Apps per developer from 10 to 100. See the Limits page for more detail.
Note that using more than 10 apps per developer will result in latency when accessing flow variables referencing developer.apps
.
With this release, Apigee expanded its support for data residency to additional regions in Japan:
asia-northeast1
(Tokyo)asia-northeast2
(Osaka)
Data residency for Apigee meets compliance and regulatory requirements by allowing you to specify the geographic locations (regions) where Apigee data is stored.
For more information, see Introduction to data residency.
August 08, 2024
Apigee XOn August 8, 2024, we announced an increase in the recommended number of API basepaths per Apigee environment or environment group.
The recommended limit of API proxy basepaths per Apigee environment or environment group increased from 1,000 to 3,000. For more information, see the Environment and organization section of the Limits page.
Bug ID | Description |
---|---|
329304975, 301845257 | Limit on number of basepaths per environment Fixed issue with the number of total basepaths per environment causing potential failures when deploying API proxy revisions. |
August 07, 2024
Apigee XOn August 7, 2024, we published new documentation explaining how to integrate Apigee with a Security Information and Event Management (SIEM) solution. See Integrate Apigee with your SIEM solution for more information.
August 05, 2024
Apigee Advanced API SecurityOn August 5, 2024 we released an updated version of Advanced API Security.
Shadow API Discovery, which is in preview, now supports the use of tags to label and organize observation results.
For usage information, see Use tags.
August 02, 2024
Apigee Advanced API SecurityThe preview release of generative AI summaries and recommendations for Advanced API Security Abuse Detection incidents is now re-enabled after resolution of the known issue noted on July 19.
For usage instructions, see the Incident details documentation.
Redirecting from Apigee Integration to Application Integration
We are converging Apigee Integration and Application Integration. This change involves the following updates:
- You will now be redirected to Application Integration from the Apigee portal.
- Apigee Integration will not support configuring connector tasks in the Apigee portal. You will have to open Application Integration in the Google cloud console to configure connector tasks in your integration.
For more information, see Use Application Integration.
August 01, 2024
Apigee XOn August 1, 2024, we released an updated version of Apigee (1-13-0-apigee-1).
New flow variables are now available:
request.headers.names.string
request.queryparams.names.string
request.formparams.names.string
message.headers.names.string
message.queryparams.names.string
message.formparams.names.string
response.headers.names.string
These context variables can be used to return header, query parameter, and form parameter names in string
format that can be used in API proxy logic. Each variable returns a comma-separated list of names.
For more information, see the Flow variables reference.
Bug ID | Description |
---|---|
308583363, 332464869 | Security fix for apigee-mart . This addresses the following vulnerabilities: |
332465218 | Security fix for apigee-runtime .This addresses the following vulnerabilities: |
341994213, 333971421 | Security fixes for Cassandra emulator .These address the following vulnerabilities: |
329762216 | Security fix for This addresses the following vulnerability: CVE-2024-24786 |
342630443, 342714341, 343202829 | Security fixes to address the following vulnerabilities: |
Bug ID | Description |
---|---|
293150694 | <HTTPMonitor> now supports the <UseTargetServerSSLInfo> element and can trust TLS certs from non-public CAs. |
329874359 | Decreased the default value of <CacheLookupTimeoutInSeconds> from 30 seconds to 12 seconds. |
334442202 | Added specific and informative error messaging for App query failures resulting from discrepancies between developers and apps. |
333919279 | Improved reliability for Developer, App and API products APIs. |
339169651 | Fixed potential HTTP request smuggling vulnerability when using the OPTIONS method. |
297539870 | <HTTPTargetConnection> property io.timeout.millis is honored when used with WebSockets. |
N/A | Updated infrastructure and libraries. |
July 31, 2024
Apigee hybridhybrid 1.11.2-hotfix.2
On July 31, 2024 we released an updated version of the Apigee hybrid software, 1.11.2-hotfix.2.
Note: This release reflects a change to the component images and not the Helm chart templates. If your hybrid installation is currently on Apigee hybrid v1.11.2, Apply this hotfix with the following steps:
In your overrides file, update the
image.url
andimage.tag
properties ofao
andruntime
:ao: image: url: "gcr.io/apigee-release/hybrid/apigee-operators" tag: "1.11.2-hotfix.2" runtime: image: url: "gcr.io/apigee-release/hybrid/apigee-runtime" tag: "1.11.2-hotfix.2"
Install the hotfix release:
For Helm-managed releases, update the
apigee-operator
with thehelm upgrade
command and your current overrides files:helm upgrade operator apigee-operator/ \ --namespace apigee-system \ --atomic \ -f overrides.yaml
For each environment in your Apigee org:
helm upgrade ENV_NAME apigee-env/ \ --namespace apigee \ --atomic \ -f overrides.yaml
For
apigeectl
-managed releases:install the hotfix release with
apigeectl init
using your updated overrides file:${APIGEECTL_HOME}/apigeectl init -f OVERRIDES_FILE --dry-run=client
Followed by:
${APIGEECTL_HOME}/apigeectl init -f OVERRIDES_FILE
Apply the hotfix release with
apigeectl apply
:${APIGEECTL_HOME}/apigeectl apply -f OVERRIDES_FILE --all-envs --dry-run=client
Followed by:
${APIGEECTL_HOME}/apigeectl apply -f OVERRIDES_FILE --all-envs
- For information on upgrading, see Upgrading Apigee hybrid to version 1.11.
- For information on new installations, see The big picture.
Bug ID | Description |
---|---|
351868444 | Tolerations are now working for Redis's Envoy pod. |
297539870 | HTTPTargetConnection property io.timeout.millis is now honored correctly when using websockets. |
July 30, 2024
Apigee XOn July 30, 2024, we released an updated version of Apigee.
With this release, Apigee expanded its support for data residency to an additional region in Europe: europe-west6
(Zurich).
Data residency for Apigee meets compliance and regulatory requirements by allowing you to specify the geographic locations (regions) where Apigee data is stored.
For more information, see Introduction to data residency.
For a list of supported geographic locations, see Apigee locations.
hybrid 1.12.1-hotfix.1
On July 30, 2024 we released an updated version of the Apigee hybrid software, 1.12.1-hotfix.1.
Note: This release reflects a change to the component images and not the Helm chart templates. If your hybrid installation is currently on Apigee hybrid v1.12.1, Apply this hotfix with the following steps:
In your overrides file, update the
ao.image.url
andao.image.tag
properties:ao: image: url: "gcr.io/apigee-release/hybrid/apigee-operators" tag: "1.12.1-hotfix.1"
Install the hotfix release. Update the
apigee-operator
component with thehelm upgrade
command and your current overrides files:helm upgrade operator apigee-operator/ \ --namespace apigee-system \ --atomic \ -f overrides.yaml
- For information on upgrading, see Upgrading Apigee hybrid to version 1.12.
- For information on new installations, see The big picture.
Bug ID | Description |
---|---|
351868444 | Tolerations are now working for Redis's Envoy pod. |
July 26, 2024
Apigee Advanced API SecurityOn July 26, 2024, we released an updated version of Advanced API Security.
Advanced API Security now supports data residency. Data residency meets compliance and regulatory requirements by allowing you to specify the geographic locations (regions) where Advanced API Security data is stored. For more information, see Introduction to data residency.
On July 26, 2024, we released an updated version of Apigee Monetization.
Monetization functionality, including rate plan creation and managing rate plans for API Products, is now available in the Apigee UI in Cloud Console.
For information, see Manage Rate Plans and Create API Products.
Monetization now supports data residency. Data residency meets compliance and regulatory requirements by allowing you to specify the geographic locations (regions) where Monetization data is stored. For more information, see Introduction to data residency.
July 25, 2024
Apigee XOn July 25, 2024, we released an updated version of Apigee.
This release includes an update to Advanced API Operations Anomaly Detection functionality: the Anomaly Detection functionality is now available in the Apigee UI in Cloud Console and is renamed to "Operations Anomalies."
For information, see the Operations Anomalies overview for information on the functionality in Apigee UI in Cloud Console.
Operations Anomalies supports data residency. Data residency meets compliance and regulatory requirements by allowing you to specify the geographic locations (regions) where Operations Anomalies data is stored. For more information, see Introduction to data residency.
July 22, 2024
Application IntegrationThe Solace trigger is now available in preview.
July 19, 2024
Apigee Advanced API SecurityThe preview release of generative AI summaries and recommendations for Advanced API Security Abuse Detection incidents has been temporarily disabled due to a known issue. We will announce in a release note when the functionality is re-enabled.
July 16, 2024
Apigee Integrated PortalOn July 16, 2024 we released a new version of the Apigee integrated portal.
This release includes general improvements to performance and availability.
July 15, 2024
Application IntegrationYou can now share custom connectors between different Google Cloud projects by exporting and importing the connector specification. This feature is in preview.
July 11, 2024
Apigee XOn July 11, 2024, we released an updated version of Apigee (1-12-0-apigee-8).
This release addresses the security concerns in GCP-2024-032 from Google Anthos Service Mesh.
Bug ID | Description |
---|---|
330175485 | Security fix for apigee-ingress. This addresses the following vulnerabilities: |
Bug ID | Description |
---|---|
N/A | Updated libraries and infrastructure. |
The following Connector Event triggers are generally available:
July 09, 2024
Apigee XUpdated: Limit on number of basepaths per environment
Apigee is raising the temporary limit of 1000 basepaths per environment to avoid potential failures when deploying API proxy revisions.
While this limit is in place, you can deploy up to 1000 API proxy revisions (each containing a single basepath) per environment. If your API proxies or revisions contain more than one basepath, the total number of basepaths per environment must not exceed 1000.
To track the status of this issue, see Apigee Known Issues.
July 02, 2024
Apigee XOn July 2, 2024, we published a security bulletin for Apigee.
A remote code execution vulnerability, CVE-2024-6387, was recently discovered in OpenSSH. The vulnerability exploits a race condition that could be used to obtain access to a remote shell, enabling attackers to gain root access to GKE or VM nodes.
Security bulletin published: GCP-2024-040
June 28, 2024
Apigee hybridhybrid v1.12.1
On June 28, 2024 we released an updated version of the Apigee hybrid software, 1.12.1.
- For information on upgrading, see Upgrading Apigee hybrid to version 1.12.1.
- For information on new installations, see The big picture.
Bug ID | Description |
---|---|
347798999 | Fixed an issue preventing configuration of forward proxies for OpenTelemetry collector pods. |
345501069 | Fixed issue with Hybrid Guardrails resource configuration preventing the Guardails pod from starting. |
341797795 | Autofill the Hybrid Guardrails checkpoint value if a checkpoint is not provided. |
340248314 | Added support for targetCPUUtilizationPercentage to apigeeIngressGateway and ingressGateways . The default value is 75. |
324779388 | Improved error handling for backup and restore. |
311489774 | Removed inclusion of Java in Cassandra client image.. |
310338146 | Fixed invalid download directory output from the create-service-account tool. |
300135626 | Removed inclusion of Java in Cassandra Backup Utility image. |
239523766 | Remove "Unable to evaluate jsonVariable, returning null" logging string from ExtractVariables Policy |
Bug ID | Description |
---|---|
345791712 | Security fix for fluent-bit . This addresses the following vulnerability: |
335910066 | Security fixes for apigee-kube-rbac-proxy . This addresses the following vulnerability: |
335909737 | Security fixes for apigee-asm-ingress . This addresses the following vulnerabilities: |
335909397 | Security fixes for apigee-open-telemetry-collector . This addresses the following vulnerability: |
335908990 | Security fixes for apigee-asm-istiod . This addresses the following vulnerabilities: |
335908985 | Security fix for apigee-prometheus-adapter . This addresses the following vulnerabilities: . |
335908657 | Security fixes for apigee-prom-prometheus . This addresses the following vulnerabilities: |
335908139 | Security fix for fluent-bit . This addresses the following vulnerability: |
332821083 | Security fix for apigee-operators . This addresses the following vulnerability: |
317528509 | Security fixes for apigee-synchronizer . This addresses the following vulnerabilities: |
308835165 | Security fix for apigee-synchronizer . This addresses the following vulnerability: |
N/A | Security fixes for apigee-asm-ingress . This addresses the following vulnerabilities: |
N/A | Security fixes for apigee-asm-istiod . This addresses the following vulnerabilities: |
N/A | Security fixes for apigee-cassandra-backup-utility . This addresses the following vulnerabilities: |
N/A | Security fixes for apigee-fluent-bit . This addresses the following vulnerabilities: |
N/A | Security fixes for apigee-hybrid-cassandra . This addresses the following vulnerabilities: |
N/A | Security fixes for apigee-kube-rbac-proxy . This addresses the following vulnerabilities: |
N/A | Security fixes for apigee-prometheus-adapter . This addresses the following vulnerabilities: |
N/A | Security fixes for apigee-stackdriver-prometheus-sidecar . This addresses the following vulnerabilities:
|
hybrid 1.11.2-hotfix.1
On June 28, 2024 we released an updated version of the Apigee hybrid software, 1.11.2-hotfix.1.
Note: This release reflects a change to the Helm chart templates and not a change to the images. If your hybrid installation is currently on Apigee hybrid v1.11.2, Apply this hotfix with the following steps:
In your overrides file, update the
ao.image
url
andtag
:ao: image: url: "gcr.io/apigee-release/hybrid/apigee-operators" tag: "1.11.2-hotfix.1"
Install the hotfix release:
For Helm-managed releases, update the
apigee-operator
with thehelm upgrade
command and your current overrides files:helm upgrade operator apigee-operator/ \ --namespace apigee-system \ --atomic \ -f overrides.yaml
For
apigeectl
-managed releases, install the hotfix release withapigeectl init
using your updated overrides files:${APIGEECTL_HOME}/apigeectl init -f OVERRIDES_FILE --dry-run=client
Followed by:
${APIGEECTL_HOME}/apigeectl init -f OVERRIDES_FILE
- For information on upgrading, see Upgrading Apigee hybrid to version 1.11.2-hotfix.1.
- For information on new installations, see The big picture.
Bug ID | Description |
---|---|
347997965 | Upgrading to Apigee Hybrid 1.11.2 and 1.10.5 can cause missing metrics. |
hybrid 1.10.5-hotfix.1
On June 28, 2024 we released an updated version of the Apigee hybrid software, 1.10.5-hotfix.1.
Note: This release reflects a change to the Helm chart templates and not a change to the images. If your hybrid installation is currently on Apigee hybrid v1.10.5, Apply this hotfix with the following steps:
In your overrides file, update the
ao.image
url
andtag
:ao: image: url: "gcr.io/apigee-release/hybrid/apigee-operators" tag: "1.10.5-hotfix.1"
Install the hotfix release with
apigeectl init
using your updated overrides files:${APIGEECTL_HOME}/apigeectl init -f OVERRIDES_FILE --dry-run=client
Followed by:
${APIGEECTL_HOME}/apigeectl init -f OVERRIDES_FILE
- For information on upgrading, see Upgrading Apigee hybrid to version 1.10.5-hotfix.1.
- For information on new installations, see The big picture.
Bug ID | Description |
---|---|
347997965 | Upgrading to Apigee Hybrid 1.11.2 and 1.10.5 can cause missing metrics. |
June 27, 2024
Apigee Advanced API SecurityOn June 27, 2024 we released a new version of Advanced API Security
Rollouts of this feature are ongoing and will take multiple days to complete across all Google Cloud zones. You might not be able to use the functionality until the rollout is complete.
Preview release of generative AI incident report summaries
This release introduces the preview release of generative AI summaries and recommendations for Advanced API Security Abuse Detection incidents. The new generative AI features are available for all Advanced API Security-enabled projects and do not require the Gemini Code Assist add-on.
For usage information, see the Abuse Detection customer documentation.
On June 27, 2024, we released an updated version of Apigee.
Apigee is now available in new regions:
- Europe - Berlin (
europe-west10
) - Africa - Johannesburg (
africa-south1
)
See Apigee locations for more information about available regions.
June 26, 2024
Apigee XOn June 26, 2024, we released an updated version of Apigee (1-12-0-apigee-7).
Bug ID | Description |
---|---|
N/A | Upgraded infrastructure and libraries. |
These issues were fixed in 1-12-0-apigee-4-hotfix and are included in this release:
Bug ID | Description |
---|---|
337876238, 330314128, 333762214 | Resolved issues resulting in an increase in 404/503 responses.Upgraded storage for the Apigee router to the latest version to resolve Adjusted traffic weight and delays in the older replica set to handle traffic divergence during the release process to address any |
335832119 | Fixed 404 errors caused during Apigee instance update/rollback. |
255772956 | Turned off asynchronous services callout when the <Response> element is not present due to inconsistent scaling of runtime pods. |
338717278 | Reverted problematic commit to address thread pool exhaustion. |
June 20, 2024
Apigee XOn June 20, 2024, we released an updated version of Apigee.
This release includes a change in the user experience of selecting a physical location for control plane hosting when provisioning a Subscription or Pay-as-you-go Apigee organization with data regionalization enabled.
The new provisioning experience provides the opportunity to select a control plane hosting jurisdiction that refers to a location within a geopolitical boundary that may span more than one region. For more information, see Select an Apigee API control plane hosting jurisdiction.
June 17, 2024
Apigee Advanced API SecurityOn June 17, 2024 we released an updated version of Advanced API Security.
Shadow API Discovery, which is in preview, no longer requires separate creation of P4SA permissions in order to enable the functionality.
For usage information, see the Shadow API Discovery documentation.
On June 17, 2024, we released an updated version of Apigee.
Update Pay-as-you-go environment types using the Apigee UI in the Google Cloud console
Apigee Pay-as-you-go customers can modify the type of an existing environment using the Apigee UI in the Cloud console. This feature allows you to add or remove feature capabilities for your environments from the UI.
For more information, see Update your environment type. To learn more about environment types, see Apigee Pay-as-you-go environment types.
hybrid v1.10.5
On June 17, 2024 we released an updated version of the Apigee hybrid software, 1.10.5.
- For information on upgrading, see Upgrading Apigee hybrid to version 1.10.5.
- For information on new installations, see The big picture.
June 12, 2024
Apigee XOn June 12, 2024, we released an updated version of Apigee
Feature: Preview release of Google Cloud-based mock servers for API Management features in Gemini Code Assist.
This release introduces the ability to easily deploy a Google Cloud-based remote mock server for Gemini Code Assist API management, which allows interaction with the designed API by anyone with access to the mock server, helping with testing and validating the APIs.
For more information and usage instructions, see Use Gemini Code Assist.
June 11, 2024
Apigee API hubVertex AI extensions
You can create Vertex AI extensions for the APIs registered in API hub. These extensions can be integrated with Large Language Models (LLMs) to process real-time data. For more information, see Create a Vertex AI extension.
Eventarc triggers
API hub is integrated with Google Cloud's Eventarc. You can now create Eventarc triggers to listen for specific events in API hub, and then trigger custom workflows based on the event. For more information, see Create an Eventarc trigger.
Multi-level delete
By default, you can delete an API only if all underlying versions are deleted. Starting with this release, you can use the force option to delete an API and its child resources in a single step. For more information, see Delete an API resource.
June 10, 2024
Apigee hybridhybrid v1.11.2
On June 10, 2024 we released an updated version of the Apigee hybrid software, 1.11.2.
- For information on upgrading, see Upgrading Apigee hybrid to version 1.11.2.
- For information on new installations, see The big picture.
Bug ID | Description |
---|---|
340248314 | Added support for targetCPUUtilizationPercentage to apigeeIngressGateway and ingressGateways for hybrid installations managed with Helm. The default value is 75. Note: targetCPUUtilizationPercentage is not supported for apigeectl . |
324779388 | Improved error handling for backup and restore. |
311489774 | Removed inclusion of Java and Python installations in Cassandra client image. |
300135626 | Removed inclusion of Java and Python installations in Cassandra Backup Utility image. |
181569113 | Fixed an issue in new debug session creation. |
May 31, 2024
Apigee Integrated PortalOn May 31, 2024 we released an updated version of Apigee integrated portal.
This release includes the general availability (GA) of integrated portal APIs which allow you to manage your integrated portal APIs and reference documentation using API calls. The available functionality has not changed since the public preview release.
The catalog items list view now uses pagination when making requests to the portals service, examples have been added to Publishing your APIs, and new reference documentation is available:
May 29, 2024
Apigee Advanced API SecurityOn May 29, 2024 we released a new version of Advanced API Security
NOTE: Rollouts of this feature are ongoing and will take multiple days to complete across all Google Cloud zones. You might not be able to use the functionality until the rollout is complete.
Preview release of Shadow API Discovery
This release introduces Shadow API Discovery in preview. Shadow API Discovery finds shadow APIs (also known as undocumented or unmanaged APIs) in your existing cloud infrastructure. Shadow APIs pose a security risk to your system, since they might be unsecured, unmonitored, and unmaintained.
For a feature overview and usage information, see Shadow API Discovery.
On May 29, 2024 we released an updated version of Apigee
Preview release of API Management features in Gemini Code Assist: generative AI API spec creation with enterprise context and Apigee policy code explanation. This release also includes the preview release of enhanced API hub interaction in Cloud Code.
This release introduces features for Gemini Code Assist API management:
- Use Gemini Code Assist to facilitate API design including OpenAPI spec generation with enterprise context from natural language prompts and built in visual API designer to further refine the specification.
- Code explain for Apigee policies: When adding or editing a proxy policy, highlight part of the policy XML code, such as an element or attribute, to see Gemini Assist-generated information and guidance about the selection.
For more information and usage instructions, see Use Gemini Code Assist.
This release also includes updates to API hub interaction from Cloud Code: An update to the Cloud Code extension enables you to interact with any API in your API hub using a mock server in Cloud Code, make changes to the API, and publish it back to API hub. For information and usage instructions, see Edit APIs.
On May 29, 2024 we released an updated version of Gemini Code Assist features for use with Apigee
Preview release of API Management features in Gemini Code Assist: generative AI API spec creation with enterprise context and Apigee policy code explanation.
This release introduces features for Gemini Code Assist API management:
- Use Gemini Code Assist to facilitate API design including OpenAPI spec generation with enterprise context from natural language prompts and built in visual API designer to further refine the specification.
- Code explain for Apigee policies: When adding or editing a proxy policy, highlight part of the policy XML code, such as an element or attribute, to see Gemini Assist-generated information and guidance about the selection.
For more information and usage instructions, see Use Gemini Code Assist.
May 28, 2024
Apigee hybridANNOUNCEMENT
hybrid 1.12.0-hotfix.1
On May 28, 2024 we released an updated version of the Apigee hybrid software, 1.12.0-hotfix.1.
Note: This release reflects a change to the Helm chart templates and not a change to the images. If your hybrid installation is currently on Apigee hybrid v1.12.0, you can install this hotfix release by downloading the charts with the version tag 1.12.0-hotfix.1
and updating the apigee-operator
and apigee-datastore
charts with the helm upgrade
command and your current overrides files.
For example:
export CHART_REPO=oci://us-docker.pkg.dev/apigee-release/apigee-hybrid-helm-charts
export CHART_VERSION=1.12.0-hotfix.1
helm pull $CHART_REPO/apigee-operator --version $CHART_VERSION --untar
helm pull $CHART_REPO/apigee-datastore --version $CHART_VERSION --untar
helm upgrade operator apigee-operator/ \
--namespace apigee-system \
--atomic \
-f overrides.yaml
helm upgrade datastore apigee-datastore/ \
--namespace apigee \
--atomic \
-f overrides.yaml
- For information on upgrading, see Upgrading Apigee hybrid to version 1.12.0-hotfix.1.
- For information on new installations, see The big picture.
Bug ID | Description |
---|---|
340889560 | Added csi to the apigee-logger SCC. |
339849002 | Hashicorp Vault integration issues fixed for Google Service Account for Cassandra Backup/Restore. |
May 26, 2024
Application IntegrationThe TIBCO EMS trigger is now available in preview.
May 21, 2024
Application IntegrationApplication Integration is now available in Milan (europe-west8
). For a list of supported regions, see Application Integration locations.
May 20, 2024
Application IntegrationTerraform support
You can now use Terraform to provision new regions and create authentication profiles. For a detailed reference document about terraform resources, see google_integrations_client
and google_integrations_auth_config
.
May 17, 2024
Apigee XOn May 17, 2024, we released an updated version of Apigee (1-12-0-apigee-4-hotfix, 1-12-0-apigee-5).
Bug ID | Description |
---|---|
337876238, 330314128, 333762214 | Resolved issues resulting in an increase in 404/503 responses.Upgraded storage for the Apigee router to the latest version to resolve Adjusted traffic weight and delays in the older replica set to handle traffic divergence during the release process to address any |
335832119 | Fixed 404 errors caused during Apigee instance update/rollback. |
255772956 | Turned off asynchronous services callout when the <Response> element is not present due to inconsistent scaling of runtime pods. |
338717278 | Reverted problematic commit to address thread pool exhaustion. |
Navigation menus in the Classic Apigee UI have been restored to support the transition from the Classic console to Apigee in the Google Cloud console.
Each menu item in the Classic console now directs you to the corresponding feature location in the Cloud console where you can carry out your task. Please see Apigee UI in Cloud console navigation for more details.
Correction: Apigee hybrid entitlements are available in Apigee Subscription 2024 plans. For more information, see Apigee Subscription 2024 entitlements.
May 16, 2024
Apigee Integrated PortalOn May 16, 2024 we released a new version of the Apigee integrated portal.
This release includes general improvements to performance and availability.
May 14, 2024
Apigee Advanced API SecurityOn May 14, 2024 we released an updated version of Advanced API Security.
NOTE: Rollouts of this feature are ongoing and will take multiple days to complete across all Google Cloud zones. You may not be able to use the functionality until the rollout is complete.
Addition of autonomous system numbers (ASN), HTTP methods, and region codes as supported security action rule condition types.
This new functionality is not available with Apigee hybrid at this time.
See Create a security action to learn more.
May 09, 2024
Apigee Advanced API SecurityOn May 9, 2024 we released an updated version of Advanced API Security.
Addition of CIDR range support when specifying IPv4 addresses for security action rules.
Apigee Advanced API Security now includes support for CIDR range specification when creating security action rules that restrict access based on IP addresses.
This new functionality is not available with Apigee hybrid at this time.
See Create a security action to learn more.
Limit on number of basepaths per environment
Apigee is enforcing a temporary limit of 500 basepaths per environment to avoid potential failures when deploying API proxy revisions.
While this limit is in place, you can deploy up to 500 API proxy revisions (each containing a single basepath) per environment. If your API proxies or revisions contain more than one basepath, the total number of basepaths per environment must not exceed 500.
To track the status of this issue, see Apigee Known Issues.
May 08, 2024
Apigee XOn May 8, 2024, we released an updated version of Apigee X.
This release contains the General Availability (GA) release of AppGroups for Apigee and Apigee hybrid (version 1.10.0 and later).
AppGroups represent a relationship between one or more apps that are managed by the same set of people. For information, see Using AppGroups to organize app ownership. Client support for AppGroups is available with the latest Drupal Teams module.
May 07, 2024
Apigee XOn May 7, 2024, we released an updated version of Apigee.
Target server SSL enforcement
With this release, Apigee customers can specify strict SSL
southbound enforcement in TargetServer configurations using the object's enforce
key. If set to true
, SSL enforcement is applied to service callouts.
The option to specify this behavior is analogous to usage of the <Enforce>
tag in the <SSLInfo>
block of the TargetEndpoint configuration.
For more information, see Configure strict SSL enforcement .
Environment-level flag for SSL enforcement
Apigee customers can specify strict SSL southbound enforcement across an Apigee environment, using the SSLInfo.Enforce
flag.
If SSLInfo.Enforce
is set to true
or false
, the value specified overrides any granular enforcement options specified in <SSLInfo>
blocks in TargetEndpoint or TargetServer configurations.
If SSLInfo.Enforce
is unset, SSL enforcement is determined by any values specified using the <Enforce>
element within individual <SSLInfo>
blocks.
For more information, see TLS/SSL TargetEndpoint configuration.
Two-way HTTPS health monitor support
Apigee health monitors using <HTTPMonitor>
can now use all SSL parameters available in the <SSLInfo>
block of their TargetServer configurations when performing health checks.
To enable access, set <UseTargetServerSSLInfo>
to true
in the <Request>
block of the HTTPMonitor configuration.
For more information, see Health monitor using HTTP monitor .
May 06, 2024
Apigee API hubApigee API hub is available in preview.
With Apigee API hub, you can consolidate and organize critical information about your APIs in one place. Use API hub to accelerate the consistency, use, reuse, and governance of your API portfolio.
Use API hub to:
- Create and manage a complete catalog of your APIs and API resources.
- Add rich attributes to your APIs for tracking, organizing, and filtering.
- Link to one or more Apigee projects to automatically fetch and store Apigee API proxy information.
- Find APIs with powerful free-form semantic search capabilities.
- Track compliance for your API specification files using Linting functionality.
To learn more about the features and functionality available, see What is Apigee API hub?
NOTE: Rollouts of this feature will begin on May 6, 2024, and may take four or more business days to be completed across all Google Cloud zones. You may not be able to provision API hub until the rollout is complete.
May 03, 2024
Application IntegrationLoop Metadata variables are changing
In the For each loop and While loop tasks, there's a Loop metadata
variable in which you will find duplicate keys for the output variable–for example, Current Iteration Count
and current_iteration_count
. We recommend you to use the variables that contain the underscore (_
) symbol because the other keys are being deprecated.
For more information, see Known issue: Duplicate keys in the Loop metadata.
May 01, 2024
Apigee Integrated PortalOn May 1, 2024 we released an updated version of Apigee integrated portal.
This release contains multiple security fixes.
April 29, 2024
Application IntegrationWith Gemini, you can now build integrations in Application Integration:
- Create and build integrations
- Configure connector tasks in an integration
- Add edge conditions and append additional tasks to an integration
- Generate integration description
This feature is in preview.
April 28, 2024
Application IntegrationWhile configuring a Cloud Pub/Sub trigger, you can now add a config variable for your service account. Config variables let you externalize configuration for integrations.
April 26, 2024
Apigee XOn April 26, 2024, we released an updated version of Apigee.
Logging Apigee access logs
Apigee Subscription and Pay-as-you-go customers can now enable Cloud Logging ingress access logs for each Apigee instance in their organization. Once enabled, this feature allows you to view the logs generated by ingress gateways in your Apigee infrastructure, such as an external Application Load Balancer or an Anthos gateway, to assist in troubleshooting Apigee API calls.
For more information, see Logging Apigee access logs.
April 24, 2024
Application IntegrationFor Cloud Pub/Sub triggers, the default value of the expiration period option for subscriptions is changed from 31 days
to never expire
. If you want to change the value of the expiration period, then you must update the Cloud Pub/Sub subscription in the Google Cloud console.
April 21, 2024
Application IntegrationApache Kafka trigger is now in preview.
April 19, 2024
Apigee XOn April 19, 2024, we released an updated version of Apigee.
With this release, Apigee API Management organizations with Subscription 2021 contracts have been upgraded to introduce standard and extensible API proxy features and expanded limits on deployments.
With this upgrade:
- Standard and extensible API proxy calls are counted equally when calculating overall API call entitlement for Subscription 2021 contracts.
- The maximum number of shared flow deployments is 75 per environment.
- There are no limits on the total number of API proxy deployments per environment.
- The maximum limit of total deployment units (API proxies or shared flows) per organization is 4250.
Note: The fleetwide upgrade is complete for the majority of Subscription 2021 contract organizations. Organization administrators for the remaining 5% of organizations have been contacted by Apigee representatives regarding timelines for the release.
To learn more about:
- Standard and Extensible API Proxy types, see API Proxy types.
- Expanded limits for API proxy and shared flow deployments, see Limits.
- Account level deployment limits, see Subscription 2021 entitlements.
- Viewing proxy deployment count, see View proxy deployment usage.
Subscription Apigee organizations (without hybrid entitlements) upgraded in this release will see changes to the user experience in the Classic Apigee UI. To support management of the upgraded functionality now available to these organizations, a number of feature administration pages are now only available in the Apigee UI in Cloud console.
For more information, see Apigee UI in Cloud console navigation.
April 17, 2024
Apigee hybridhybrid v1.12.0
On April 17, 2024 we released an updated version of the Apigee hybrid software, v1.12.0.
For information on upgrading, see Upgrading Apigee hybrid to version v1.12.0. For information on new installations, see The big picture.
A new suite of metrics for monitoring Apigee proxies and target endpoints is now available for Hybrid 1.12.
You can now add your own contractEncryptionKey
for new Apigee hybrid installations. For details, see Data encryption.
The JAR file dependencies required to create a Java callout are now hosted securely in Artifact Registry.
For more information on downloading the JAR dependencies from Artifact Regsitry, see Compile your code with Maven.
Hybrid 1.12 validates required conditions are satisfied before allowing Runtime services to be created. See Diagnosing issues with guardrails.
Apigee hybrid now supports Workload Identity Federation for component authentication on AKS and EKS installations. See Enabling Workload Identity Federation on AKS and EKS.
Hybrid v1.12 now supports storing service account keys in Hashicorp Vault. See Storing service account keys in Hashicorp Vault.
The apigeectl
command-line tool is deprecated. as of April 17, 2024. The apigeectl
tool is not supported for Apigee hybrid v1.12. Support for apigeectl
for hybrid v1.10 and v1.11 will end on April 17, 2025. For more information, see apigeectl deprecation.
The Proxyv2
and targetv2
metrics suite is deprecated. The Apigee hybrid v1.12 release supports the new proxy and target metrics by default. Support for Proxyv2
and targetv2
metrics in hybrid v 1.10 and v1.11 will end on April 17, 2025. For more information, see ProxyV2 and TargetV2 deprecation.
Bug ID | Description |
---|---|
284034011 | Modified Apigee Watcher and Apigee Ingress to leverage a sidecar instead of pod/exec for collecting ingress routing status. |
298202120 | The Datastore component now uses Cassandra 4. |
311705715 | Use a non-default service account for the remove-dc component. (Fixed in Apigee hybrid 1.10.3-hotfix.4, 1.10.4, and 1.11.1) |
306341401 | Fixed regression where virtualhost cipherSuites overrides weren't being used. (Fixed in Apigee hybrid 1.10.4 and 1.11.1) |
302186503 | Added the missing HTTP proxy template settings to the Apigee Hybrid Helm datastore component. (Fixed in Apigee hybrid 1.10.4) |
300542690 | Added dedicated service accounts for Apigee Connect, Redis, and UDCA to prevent Kubernetes from automatically injecting credentials for a specified Service Account or the default Service Account. (Fixed in Apigee hybrid 1.10.4) |
277353680 | Fixed issue causing target server HealthMonitors to continue beyond revision or deletion of the proxy. Target health checks are now terminated as soon as the proxy is removed from the runtime (undeployed or deleted). Note: There may be a delay between removal of the proxy and termination of the target server health checks. (Fixed in Apigee hybrid 1.10.4) |
These security bugs were fixed in Apigee hybrid v1.12.0
These security bugs were fixed in Apigee hybrid v1.10.4.
Bug ID | Description |
---|---|
315034009 | Security fixes: apigee-asm-ingress and apigee-asm-istiod (ingressgateway and ingressgateway-controller ) are upgraded to Service Mesh version 1.17.8-asm.4. This addresses the following vulnerabilities:
|
311167948 | A security issue was addressed. |
303460289 | Security fixes for apigee-prometheus-adapter . This addresses the following vulnerabilities: |
303459588 | Security fixes for apigee-prom-prometheus . This addresses the following vulnerabilities: |
300319489 | Security fixes for fluentd . This addresses the following vulnerabilities: |
294892189 | Security fixes for apigee-diagnostics-collector . This addresses the Guava vulnerability: |
N/A | Security fixes for apigee-cassandra-backup-utility and apigee-prom-prometheus . This addresses the following vulnerabilities:
|
N/A | Security fixes for apigee-fluent-bit . This addresses the following vulnerabilities: |
N/A | Security fixes for apigee-hybrid-cassandra and apigee-hybrid-cassandra-client . This addresses the following vulnerabilities:
|
N/A | Security fixes for apigee-installer , apigee-operators , and apigee-watcher . This addresses the following vulnerabilities:
|
N/A | Security fixes for apigee-kube-rbac-proxy . This addresses the following vulnerabilities: |
These security bugs were fixed in Apigee hybrid v1.11.1.
Bug ID | Description |
---|---|
315034009 | Security fixes: apigee-asm-ingress and apigee-asm-istiod (ingressgateway and ingressgateway-controller ) are upgraded to Service Mesh version 1.17.8-asm.4. This addresses the following vulnerabilities:
|
303460289 | Security fixes to apigee-prometheus-adapter . This addresses the following vulnerabilities: |
303459588 | Security fixes to apigee-prom-prometheus . This addresses the following vulnerabilities: |
303292806 | Restrict connections from the Cassandra backup utility to Cassandra server pods in the apigee namespace. |
N/A | Security fixes to apigee-cassandra-backup-utility . This addresses the following vulnerabilities: |
N/A | Security fixes to apigee-fluent-bit . This addresses the following vulnerabilities: |
N/A | Security fixes to apigee-hybrid-cassandra . This addresses the following vulnerabilities: |
N/A | Security fixes to apigee-hybrid-cassandra-client . This addresses the following vulnerabilities: |
N/A | Security fixes to apigee-kube-rbac-proxy . This addresses the following vulnerabilities: |
N/A | Security fixes to apigee-installer , apigee-operators , and apigee-watcher . This addresses the following vulnerabilities:
|
These security bugs were fixed in Apigee hybrid v1.11.1-hotfix.1.
Bug ID | Description |
---|---|
324460830 | Security fix for apigee-ingress. This addresses the following vulnerabilities: |
These security bugs were fixed in Apigee hybrid v1.10.4-hotfix.1.
Bug ID | Description |
---|---|
324460830 | Security fix for apigee-ingress. This addresses the following vulnerabilities: |
April 15, 2024
Apigee XOn April 15, 2024, we released an updated version of Apigee (1-12-0-apigee-4).
Bug ID | Description |
---|---|
332981542 | Optimized VerifyAPI policy execution time for high count of API products. |
April 03, 2024
Apigee XOn April 3, 2024, we released an updated version of Apigee.
With this release, Apigee expanded its support for data residency to additional regions in Asia-Pacific and the Middle East. Data residency for Apigee meets compliance and regulatory requirements by allowing you to specify the geographic locations (regions) where Apigee data is stored.
For more information, see Introduction to data residency.
For a list of supported geographic locations, see Apigee locations.
April 02, 2024
Apigee XOn April 2, 2024, we announced an increase in the rate limits for the Spike Arrest policy.
The limit on the rate you can specify increased from 1,000 requests per second, 60,000 requests per minute to 4,000 requests per second, 240,000 requests per minute.
See the Spike Arrest section of the Limits page for information on Spike Arrest limits.
April 01, 2024
Apigee XOn April 1, 2024, we released an updated version of Apigee.
With this release, Apigee expanded its support for data residency to additional regions in Canada. Data residency for Apigee meets compliance and regulatory requirements by allowing you to specify the geographic locations (regions) where Apigee data is stored.
For more information, see Introduction to data residency.
For a list of supported geographic locations, see Apigee locations.
March 29, 2024
Apigee XOn March 29, 2024, we released an updated version of Apigee (1-12-0-apigee-2).
With this release, Apigee expanded its support for data residency to additional regions in the European Union. Data residency for Apigee meets compliance and regulatory requirements by allowing you to specify the geographic locations (regions) where Apigee data is stored.
For more information, see Introduction to data residency.
For a list of supported geographic locations, see Apigee locations.
New Apigee API Monitoring Metrics
An new suite of metrics for monitoring Apigee proxies and target endpoints is now available. With improved scalability and accuracy, the new suite can support large workloads and withstand underlying infrastructure changes.
Apigee's API Monitoring tables and dashboards have been updated to include the following new metrics, which can be used to configure alerts and create custom dashboards:
proxy/request_count
proxy/response_count
proxy/latencies
target/request_count
target/response_count
target/latencies
Bug ID | Description |
---|---|
322843888 | Fixed issue with incorrect proxy routing when using base paths in proxy chaining. |
293933387 | KVM list operation now permits entries with null or empty values. |
239523766 | Removed Unable to evaluate jsonVariable, returning null error string from ExtractVariable Policy logging. |
285592278 | Fixed issue with deduction of recurring fees from prepaid balances. |
237656263 | Resolved issue with async mode in the ServiceCallout policy when the <Response> element is removed.This note is incorrect; this fix is not included in this release. |
321744310 | Added support for caching JSON results retrieved from the ExtractVariables policy. |
295341973 | Resolved issue causing delay in updating southbound SSL certificates in truststore and keystore references. |
March 28, 2024
Apigee Integrated PortalOn March 28, 2024 we released an updated version of Apigee integrated portal.
Bug ID | Description |
---|---|
324872865 | Fixed scrolling issue with API documentation display when navigating to the overview page. |
March 26, 2024
Apigee XOn March 26, 2024, we released an updated version of Apigee (1-12-0-apigee-1).
New Apigee API Monitoring Metrics
An new suite of metrics for monitoring Apigee proxies and target endpoints is now available. With improved scalability and accuracy, the new suite can support large workloads and withstand underlying infrastructure changes.
Apigee's API Monitoring tables and dashboards have been updated to include the following new metrics, which can be used to configure alerts and create custom dashboards:
proxy/request_count
proxy/response_count
proxy/latencies
target/request_count
target/response_count
target/latencies
Bug ID | Description |
---|---|
322843888 | Fixed issue with incorrect proxy routing when using base paths in proxy chaining. |
293933387 | KVM list operation now permits entries with null or empty values. |
239523766 | Removed Unable to evaluate jsonVariable, returning null error string from ExtractVariable Policy logging. |
285592278 | Fixed issue with deduction of recurring fees from prepaid balances. |
237656263 | Resolved issue with async mode in the ServiceCallout policy when the <Response> element is removed.This note is incorrect; this fix is not included in this release. |
321744310 | Added support for caching JSON results retrieved from the ExtractVariables policy. |
295341973 | Resolved issue causing delay in updating southbound SSL certificates in truststore and keystore references. |
March 14, 2024
Apigee UIOn March 14, 2024 we released an updated version of the Apigee UI.
Bug ID | Description |
---|---|
320739232 | An issue was fixed where an incorrect error message was displayed after an API proxy or shared flow was undeployed. |
March 13, 2024
Apigee XAs of March 13, 2024, the conversion of Apigee API Management organizations with Pay-as-you-go pricing provisioned before October 1, 2023, to Pay-as-you-go organizations that use updated attributes for pricing is complete, with the exception of one organization that requires customer action.
The Apigee API Analytics add-on is enabled in converted organizations.The Analytics add-on can be disabled if it is not required. In addition, you can update your Pay-as-you-go environment types using the API.
For more information on the updated pricing and enhanced features now available for these organizations, see Pay-as-you-go (updated attributes) overview.
Updated pricing attributes will be reflected in March invoices. For billing questions related to this change, contact Google Cloud Billing support.
March 06, 2024
Application IntegrationApplication Integration now supports config variables. Config variables let you to build CICD for your integration. This feature is in preview.
March 04, 2024
Apigee Advanced API SecurityOn March 4, 2024 we released an updated version of Advanced API Security.
New conditions for security actions
You can now create security actions based on the following condition types (in addition to the condition types for Detection rules and IP addresses that were already available):
- API keys
- API products
- Access tokens
- Developers
- Developer apps
- User agents
These new conditions are not available with Apigee hybrid at this time.
See Create a security action to learn more.
February 23, 2024
Application IntegrationApplication Integration now supports private triggers that enable you to break large flows into various subflows. This feature is in preview.
February 19, 2024
Application IntegrationData masking in logs
You can now prevent sensitive data from appearing the integration execution logs. For more information, see Mask sensitive data in logs.
February 12, 2024
Apigee XOn February 12, 2024, we released an updated version of Apigee (1-11-0-apigee-17).
This release addresses the security concerns in GCP-2024-007 from Google Anthos Service Mesh.
Bug ID | Description |
---|---|
322389251 | Security fix for apigee-ingress. This addresses the following vulnerabilities: |
Bug ID | Description |
---|---|
230082910 | Fixed issue causing null values for system.timestamp and system.time.millisecond proxy variables. |
This note is incorrect; this fix is not included in this release.
| 285592278 | Fixed issue with deduction of recurring fees from prepaid balances.
This note is incorrect; see entry for March 26, 2024.
You can now also view the integration execution logs in Cloud Logging. For more information, see View logs in Cloud Logging.
February 09, 2024
Apigee hybridhybrid 1.11.1-hotfix.1
On February 9, 2024 we released an updated version of the Apigee hybrid software, v1.11.1-hotfix.1.
This release addresses the security concerns in GCP-2024-007 from Google Anthos Service Mesh.
- To install the hotfix, follow the instructions in Upgrading Apigee hybrid to version 1.11.
- For information on new installations, see The big picture.
Bug ID | Description |
---|---|
324460830 | Security fix for apigee-ingress. This addresses the following vulnerabilities: |
hybrid 1.10.4-hotfix.1
On February 9, 2024 we released an updated version of the Apigee hybrid software, v1.10.4-hotfix.1.
This release addresses the security concerns in GCP-2024-007 from Google Anthos Service Mesh.
- To install the hotfix, follow the instructions in Upgrading Apigee hybrid to version 1.10.
- For information on new installations, see The big picture.
Bug ID | Description |
---|---|
324460830 | Security fix for apigee-ingress. This addresses the following vulnerabilities: |
February 08, 2024
Apigee XOn February 8, 2024 we released an updated version of the Apigee APIs.
API support for update operations on KeyValueMap entries
Starting with this release, the Apigee APIs support update operations for KeyValueMap entries. See the API reference page for REST Resource: organizations.environments.keyvaluemaps.entries for information.
February 07, 2024
Apigee Integrated PortalOn February 07, 2024 we released an updated version of Apigee integrated portal.
Bug ID | Description |
---|---|
323278335 | A security issue was fixed. |
192987085 | Fixed an issue where switching API spec pages in the public developer portal resulted in an error. Note, this issue was erroneously mentioned in the 12/7/23 release notes. |
February 02, 2024
Apigee XOn February 2, 2024, we released an updated version of Apigee.
We modified or added these limits:
- Changed the maximum API proxy endpoints per API proxy from 5 to 10
- Specified the maximum API base paths per organization as 21,250
See the Limits page for details.
February 01, 2024
Apigee XOn February 1, 2024, we released an updated version of Apigee.
With this release, Apigee API Management organizations with Pay-as-you-go pricing provisioned before October 1, 2023, will be converted to Pay-as-you-go organizations that use updated attributes for pricing.
Prior to the conversion, these organizations were billed for API runtimes based on Apigee gateway node usage and the total number of API requests processed by Apigee analytics.
Once converted, these organizations will be billed for the following:
- Volume of API calls processed by a given proxy type
- Usage of deployment environments (per hour per region)
- Usage of additional deployment units (API proxies or shared flows)
- Any additional add-on capabilities (Advanced API security, Monetization, Analytics)
The conversion process is expected to last about 5 minutes and traffic will continue to be processed normally during this time. If proxy revision deployments are interrupted during this time frame, revisions can be deployed after conversion completes.
The Apigee API Analytics add-on will be enabled by default in converted organizations.The Analytics add-on can be disabled after the pricing change if it is not required.
For more information on the updated pricing and enhanced features now available for these organizations, see Pay-as-you-go (updated attributes) overview.
Updated pricing attributes will be reflected in March invoices. For billing questions related to this change, contact Google Cloud Billing support.
January 24, 2024
Application IntegrationCustom connectors [Preview]
Application Integration now supports custom connectors. The custom connectors feature (based on the Open API specification) lets you create your own connectors that aren't a part of the standard connectors provided by Integration Connectors. You can use these connectors in your integrations. For more information, see Custom connectors.
January 23, 2024
Apigee UIOn January 23, 2024 we released an updated version of the Apigee UI.
Bug ID | Description |
---|---|
317739341 | In some cases the navigation menu for Monetization was hidden when Monetization was enabled in the Apigee organization. This has been fixed. |
The following new data transformer functions are available:
getIntegrationVersionId ()
: Get the integration version ID of the current integration.getIntegrationVersionNumber()
: Get the version number of the current integration.
January 22, 2024
Apigee Integrated PortalOn January 22, 2024 we released an updated version of Apigee integrated portal.
Bug ID | Description |
---|---|
311491188 | API requests to add a category to a catalog item now validate that the category ID exists. |
On January 22, 2023, we released an updated version of Apigee (1-11-0-apigee-14).
Note: Rollouts of this release to production instances will begin within two business days and may take four or more business days to be completed across all Google Cloud zones. Your instances may not have the features and fixes available until the rollout is complete.
Bug ID | Description |
---|---|
316093865 | Fixed issue where empty LoadBalancer configuration in the Target Endpoint results in a failed proxy deployment with NullPointerException . |
312966965 | Resolved proxy chaining issue resulting in incorrect post-target service callout hostnames. |
318909276 | Fixed issue withLookupCache policy failures under certain circumstances. |
262071551 | Resolved issue with the use of combinators such as allOf in the OASValidation Policy. |
311049371 | Resolved issue causing SSL error in proxy chaining and path chaining flows. |
308196929 | Use of target.header.host flow variable with gRPC targets is now fixed. |
January 16, 2024
Apigee Advanced API SecurityOn January 16, 2024 we released an updated version of Advanced API Security.
Training machine learning models for abuse detection on your data
You now have the option to allow Apigee to train your organization's machine learning models for abuse detection on your data. Training the models on your data helps improve their accuracy for detecting security incidents.
Webhook triggers are now supported in preview. With webhook triggers, you can build integrations for your data sources that don't have specific triggers but support webhook for event listening.
December 21, 2023
Apigee hybridhybrid v1.11.1
On December 21, 2023 we released an updated version of the Apigee hybrid software, 1.11.1.
- For information on upgrading, see Upgrading Apigee hybrid to version 1.11.1.
- For information on new installations, see The big picture.
Bug ID | Description |
---|---|
311705715 | Use a non-default service account for the remove-dc component. |
306341401 | Fixed regression where virtualhost cipherSuites overrides weren't being used. |
Bug ID | Description |
---|---|
315034009 | Security fixes: apigee-asm-ingress and apigee-asm-istiod (ingressgateway and ingressgateway-controller ) are upgraded to Service Mesh version 1.17.8-asm.4. This addresses the following vulnerabilities:
|
303460289 | Security fixes to apigee-prometheus-adapter . This addresses the following vulnerabilities: |
303459588 | Security fixes to apigee-prom-prometheus . This addresses the following vulnerabilities: |
303292806 | Restrict connections from the Cassandra backup utility to Cassandra server pods in the apigee namespace. |
N/A | Security fixes to apigee-cassandra-backup-utility . This addresses the following vulnerabilities: |
N/A | Security fixes to apigee-fluent-bit . This addresses the following vulnerabilities: |
N/A | Security fixes to apigee-hybrid-cassandra . This addresses the following vulnerabilities: |
N/A | Security fixes to apigee-hybrid-cassandra-client . This addresses the following vulnerabilities: |
N/A | Security fixes to apigee-kube-rbac-proxy . This addresses the following vulnerabilities: |
N/A | Security fixes to apigee-installer , apigee-operators , and apigee-watcher . This addresses the following vulnerabilities:
|
December 18, 2023
Apigee hybridhybrid v1.10.4
On December 18, 2023 we released an updated version of the Apigee hybrid software, 1.10.4.
- For information on upgrading, see Upgrading Apigee hybrid to version 1.10.4.
- For information on new installations, see The big picture.
Bug ID | Description |
---|---|
311705715 | Use a non-default service account for the remove-dc component. |
306341401 | Fixed regression where virtualhost cipherSuites overrides weren't being used. |
302186503 | Add the missing HTTP proxy template settings to the Apigee Hybrid Helm datastore component. |
300542690 | Added dedicated service accounts for Apigee Connect, Redis, and UDCA to prevent Kubernetes from automatically injecting credentials for a specified Service Account or the default Service Account. |
277353680 | Fixed issue causing target server HealthMonitors to continue beyond revision or deletion of the proxy. Target health checks are now terminated as soon as the proxy is removed from the runtime (undeployed or deleted). Note: There may be a delay between removal of the proxy and termination of the target server health checks. |
Bug ID | Description |
---|---|
315034009 | Security fixes: apigee-asm-ingress and apigee-asm-istiod (ingressgateway and ingressgateway-controller ) are upgraded to Service Mesh version 1.17.8-asm.4. This addresses the following vulnerabilities:
|
311167948 | A security issue was addressed. |
303460289 | Security fixes for apigee-prometheus-adapter . This addresses the following vulnerabilities: |
303459588 | Security fixes for apigee-prom-prometheus . This addresses the following vulnerabilities: |
300319489 | Security fixes for fluentd . This addresses the following vulnerabilities: |
294892189 | Security fixes for apigee-diagnostics-collector . This addresses the Guava vulnerability: |
N/A | Security fixes for apigee-cassandra-backup-utility and apigee-prom-prometheus . This addresses the following vulnerabilities:
|
N/A | Security fixes for apigee-fluent-bit . This addresses the following vulnerabilities: |
N/A | Security fixes for apigee-hybrid-cassandra and apigee-hybrid-cassandra-client . This addresses the following vulnerabilities:
|
N/A | Security fixes for apigee-installer , apigee-operators , and apigee-watcher . This addresses the following vulnerabilities:
|
N/A | Security fixes for apigee-kube-rbac-proxy . This addresses the following vulnerabilities: |
December 15, 2023
Apigee XOn December 15, 2023, we released an updated version of Apigee.
Update Pay-as-you-go environment types with Apigee APIs.
Use Apigee APIs to upgrade or downgrade the type of an existing environment to add or remove feature capabilities and manage your Apigee Pay-as-you-go billing and resource usage. For more information, see Update Pay-as-you-go environment types.
Apigee Advanced API Security add-on for Pay-as-you-go organizations is generally available (GA).
With this release, Apigee Advanced API Security is available as a paid add-on capability for Pay-as-you-go organizations. The add-on can be enabled in any Apigee Intermediate or Comprehensive environment from the Apigee UI in Cloud Console or using the Apigee APIs. For more information, see Manage the Advanced API Security add-on.
December 13, 2023
Apigee Advanced API SecurityOn December 13, 2023 we released an updated version of Advanced API Security.
Public preview of archiving security incidents
With this release, you can now archive security incidents that you no longer want to see displayed in the incidents list. For example, you might want to archive incidents that you have already dealt with and no longer need to track. Archiving incidents can help you focus on those incidents that still require your attention. Archiving does not delete the incident: you can always unarchive it whenever you want.
Performance improvements to Risk Assessment security scores
Risk Assessment security scores now load faster in the Apigee UI, due to improved server side caching of scores.
On December 13, 2023, we released an updated version of Apigee.
Note: Rollouts of this release to production instances will begin within two business days and may take four or more business days to be completed across all Google Cloud zones. Your instances may not have the features and fixes available until the rollout is complete.
You can now restrict the creation of Apigee location based resources (Organization, Instances and EndpointAttachments) to specific locations using an Organization Policy Service constraint. This feature is generally available. To learn more, see Restricting Resource Locations.
Apigee now supports data residency. Data residency for Apigee meets compliance and regulatory requirements by allowing you to specify the geographic locations (regions) where Apigee data is stored. See Introduction to data residency.
Apigee now supports Forward Proxying. Forward Proxying provides the ability to forward traffic received in a particular environment to a specified URI. See Forward proxying.
Apigee now supports CMEK for the control plane. If you have specific compliance or regulatory requirements related to the keys that protect your data, you can use customer-managed encryption keys (CMEK). See Introduction to CMEK.
Application Integration is now available in the following regions:
asia-east2
(Taiwan)asia-northeast2
(Osaka)asia-northeast3
(Seoul)asia-south2
(Delhi)asia-southeast2
(Jakarta)europe-central2
(Warsaw)europe-west10
(Berlin)europe-west12
(Turin)northamerica-northeast2
(Toronto)southamerica-west1
(Santiago)us-east5
(Columbus)us-west3
(Salt Lake City)us-west4
(Las Vegas)us-south1
(Dallas)
For the list of all the supported regions, see Locations.
December 07, 2023
Apigee Integrated PortalOn December 7, 2023 we released an updated version of Apigee integrated portal.
Bug ID | Description |
---|---|
313803133 | Fixed an issue where switching API spec pages in the public developer portal resulted in an error. |
310865440 | Fixed an issue where updating the documentation of a CatalogItem could timeout. |
On December 7, 2023, we released an updated version of Apigee X.
General Availability (GA) of Apigee gRPC passthrough
Apigee's gRPC proxy passthrough functionality provides the ability to create proxies which receive gRPC client requests and pass them through to a gRPC target server.
For information, see Creating gRPC API proxies.
December 06, 2023
Apigee Advanced API SecurityOn December 6, 2023 we released an updated version of Advanced API Security.
New button to create a security action is now in several places in the Abuse detection and Risk assessment pages
The new button links directly to the Security actions page from the Abuse detection or Risk assessment pages, so you can easily create a security action for the environment you are currently viewing. The button is in the following locations:
- The Source assessment view in the Risk assessment page
- The Detected Traffic, Incident, and Incident details views in the Abuse detection page
December 05, 2023
Apigee Advanced API SecurityOn December 5, 2023 we released an updated version of Advanced API Security.
Changes to proxy security scores
The following changes have been made to the way proxy security scores are calculated:
Previously, adding a policy to a proxy or shared flow, but not attaching the policy to any flow (preflow, postflow or conditional flow), could affect the proxy's score.
With this release, you must attach a policy in a flow in order for the policy to affect the proxy's score. A policy that is not attached in a flow is treated as if no policy were present for scoring.
Previously, proxies with no policies were not considered in scoring.
With this release, proxies with no policies are considered in scoring.
See How policies affect proxy security scores to learn more.
December 01, 2023
Apigee XOn December 1, 2023, we released an updated version of Apigee (1-11-0-apigee-8).
Note: Rollouts of this release to production instances will begin within two business days and may take four or more business days to be completed across all Google Cloud zones. Your instances may not have the features and fixes available until the rollout is complete.
Dynamic endpoint target metrics aggregated into a single metric.
With this release, all request, response, and latency target metrics for dynamically-configured endpoints are aggregated and presented as a single metric per proxy, using the endpoint
label Dynamic Target
. This feature does not change monitoring behavior for statically configured endpoints.
Bug ID | Description |
---|---|
294882858 | Fixed issue with ServiceCallout policy overriding target_ip value in proxy. |
279037851 | Improved performance when running debug sessions with masked payload. |
312026988 | Resolved possible usage counting issue for monetization prepaid developers using proxies with multiple proxy endpoints configured. |
hybrid 1.10.3-hotfix.4
On December 1, 2023 we released an updated version of the Apigee hybrid software, v1.10.3-hotfix.4.
- To install the hotfix, follow the instructions in Upgrading Apigee hybrid to version 1.10.
- For information on new installations, see The big picture.
Bug ID | Description |
---|---|
311705715 | Mount a dedicated service account to the remove-dc component. |
Bug ID | Description |
---|---|
311167948 | A security issue was addressed. |
Cloud Pub/Sub trigger supports cross-project topics
You can now configure your Cloud Pub/Sub trigger for a Pub/Sub topic that isn't in the same Google Cloud project as your integration. The Pub/Sub topic can be in any Google Cloud project.
Starting with this release, you must specify a service account when configuring the Cloud Pub/Sub trigger. Your existing Cloud Pub/Sub triggers, that don't have any service account associated with them, will continue to work as before. However, if you want to modify the Pub/Sub topic in any of the existing Cloud Pub/Sub triggers, you must also configure a service account for those triggers to continue using them.
November 29, 2023
Application IntegrationThe Database persistence feature is now renamed to Local logging, which also supports logging in ASYNC mode. For more information, see Local logging.
Application Integration is now available in the Dammam (me-central2
) region.
For the list of all the supported regions, see Locations.
November 23, 2023
Application IntegrationHubSpot trigger is now available in preview.
November 21, 2023
Application IntegrationThe following Connector Event triggers are available in preview:
November 17, 2023
Apigee hybridhybrid v1.11.0
On November 17, 2023 we released an updated version of the Apigee hybrid software, v1.11.0.
- For information on upgrading, see Upgrading Apigee hybrid to version v1.11.0.
- For information on new installations, see The big picture.
Helm charts management for Apigee hybrid
Starting in version v1.11.0, you have the choice of installing and managing your clusters with either Helm or apigeectl
. You cannot manage a cluster with both. Apigee recommends using Helm for new hybrid installations. See Apigee hybrid Helm charts reference.
Vault integration for Cassandra credentials (preview)
Starting in version v1.11.0, you can store Cassandra credentials in Hashicorp Vault.
Note: Using Vault requires Helm management of your Apigee installation.
See Storing Cassandra credentials in Hashicorp Vault.
Vault integration is in preview as of the Apigee hybrid 1.11.0 release.
Apigee Advance API Security Actions for Apigee hybrid
Advanced API Security's new Security Actions feature is now available in Apigee hybrid.
With this release, the HeaderName
element is available as a child element of Authentication
. This element appears in the ServiceCallout and ExternalCallout policies, and in the TargetEndpoint proxy configuration.
By default, when an Authentication
configuration is present, Apigee generates and injects a bearer token into the Authorization
header, in the message sent to the target system. The new HeaderName
element allows you to specify the name of a different header to hold that bearer token.
Bug ID | Description |
---|---|
295929616 | Installation of Hybrid 1.10.x would fail on OpenShift due to out of memory issues. (Fixed in Apigee hybrid v1.10.3) |
294069799 | Updated the security context settings for the Apigee Hybrid Backup and Restore pod. |
292571089 | An error with support for CSI backup and restore for Cassandra was fixed. (Fixed in Apigee hybrid v1.10.3) |
292118812 | Fixed UDCA regression in Hybrid 1.10.1 where UDCA would ignore forward proxy configuration. (Fixed in Apigee hybrid v1.10.2) |
289254725 | Implemented a fix to prevent failure of proxy deployments that include the OASValidation policy. (Fixed in Apigee hybrid v1.10.1) |
287321226 | Security context has been corrected for apigee-prom-prometheus to avoid privilege escalation. (Fixed in Apigee hybrid v1.10.3) |
277353680 | Fixed issue causing target server HealthMonitors to continue beyond revision or deletion of the proxy. Target health checks are now terminated as soon as the proxy is removed from the runtime (undeployed or deleted). Note: There may be a delay between removal of the proxy and termination of the target server health checks. (Fixed in Apigee X) |
240180122 | Disable privilege escalation on the cassandra container by moving the ulimit settings to the newly introduced initContainer "apigee-cassandra-ulimit-init". If you are using security controls with gatekeeper, ensure that apigee-cassandra-ulimit-init initContainer can runAs user, group as 0 and allow capabilities IPC_LOCK and SYS_RESOURCES. (Fixed in Apigee hybrid v1.11.0) |
205666368 | Fixed issue with default validation of TLS target endpoint certificates. To enable strict SSL on southbound connections to a proxy target endpoint, add the tag See About setting TLS options in a target endpoint or target server. See also Known Issue #205666368. (Fixed in Apigee hybrid v1.10.3-hotfix.1) |
158132963 | Added improvements to capture relevant target flow variables in trace and analytics in case of target timeouts. (Fixed in Apigee hybrid v1.10.2) |
Bug ID | Description |
---|---|
303292806 | Set backup utility to only connect to Cassandra server pods in the apigee namespace. (Fixed in Apigee hybrid v1.10.3-hotfix.3) |
300542690 | Added dedicated service accounts for Apigee Connect, Redis, and UDCA to prevent Kubernetes from automatically injecting credentials for a specified ServiceAccount or the default ServiceAccount. (Fixed in Apigee hybrid v1.10.3-hotfix.3) |
297938600, 297938559, 297938486, 294892344 |
Security fixes for apigee-diagnostics-collector . (Fixed in Apigee hybrid v1.10.3) This addresses the following vulnerabilities: |
297938498, 297938487 |
Security fixes for apigee-fluent-bit .(Fixed in Apigee hybrid v1.10.3) This addresses the following vulnerabilities: |
297938441 | Security fixes for apigee-runtime . (Fixed in Apigee hybrid v1.10.3) This addresses the following vulnerabilities: |
297286274 | Security fixes for apigee-installer . (Fixed in Apigee hybrid v1.10.3) This addresses the following vulnerabilities: |
296719459, 296719400, 296719348, 296719307, 296719306, 296719188, 296719187, 296719186, 296719115, 296719018, 296718937, 296718918, 296718917, 296718916, 296716670, 296716669, 296716472, 296716471, 296715155 |
Security fixes for apigee-hybrid-cassandra . (Fixed in Apigee hybrid v1.10.3) This addresses the following vulnerabilities: |
296717666, 296717283, 296716668, 296716667, 296716650, 296716635, 296716634, 296716633, 296716470, 296716234, 296715734, 296715733, 296715154, 296715153 |
Security fixes for apigee-hybrid-cassandra-client . (Fixed in Apigee hybrid v1.10.3) This addresses the following vulnerabilities: |
296717665, 296717664, 296717663, 296717662, 296717185, 296716666, 296716649, 296716632, 296716468, 296716467, 296716232, 296715152, 296715151, 296714218 |
Security fixes for apigee-cassandra-backup-utility . (Fixed in Apigee hybrid v1.10.3) This addresses the following vulnerabilities: |
295936113 | Security fixes for apigee-mart-server . (Fixed in Apigee hybrid v1.10.3) This addresses the following vulnerability: |
294906706 | Security fixes for apigee-prom-prometheus . (Fixed in Apigee hybrid v1.10.3) This addresses the following vulnerabilities:
|
293925856 | Security fixes for apigee-prometheus-adapter . (Fixed in Apigee hybrid v1.10.3) This addresses the following vulnerabilities: |
293348130 | Security fixes for apigee-udca . (Fixed in Apigee hybrid v1.10.2) This addresses the following vulnerabilities: |
291994501 | Security fixes for apigee-operator and apigee-watcher . (Fixed in Apigee hybrid v1.10.2) This addresses the following vulnerabilities: |
291994501 | Security fixes for apigee-installer . (Fixed in Apigee hybrid v1.10.2) This addresses the following vulnerabilities:
|
290829031 | Security fixes for apigee-hybrid-cassandra , apigee-cassandra-client , and cassandra-backup-utility . (Fixed in Apigee hybrid v1.10.2) This addresses the following vulnerabilities: |
290829028 | Security fixes for Apigee Connect and apigee-connect-agent and apigee-redis . (Fixed in Apigee hybrid v1.10.2) This addresses the following vulnerabilities: |
290068742 | Security fixes for apigee-udca . (Fixed in Apigee hybrid v1.10.1) This addresses the following vulnerability: |
290067464, 297938583 | Security fixes for apigee-stackdriver-logging-agent . (Fixed in Apigee hybrid v1.10.1) This addresses the following vulnerabilities: |
290065830 | Security fixes for apigee-udca . (Fixed in Apigee hybrid v1.10.1) This addresses the following vulnerability: |
281561243 | Security fixes for apigee-diagnostics-collector , apigee-mart-server , apigee-mint-task-scheduler , apigee-runtime , and apigee-synchronizer . (Fixed in Apigee hybrid v1.10.1) This addresses the following vulnerability: |
N/A | Security fixes for apigee-prometheus-adapter . (Fixed in Apigee hybrid hybrid v1.11) This addresses the following vulnerabilities: |
N/A | Security fixes for apigee-prom-prometheus/master . (Fixed in Apigee hybrid v1.11) This addresses the following vulnerabilities: |
N/A | Security fixes for apigee-kube-rbac-proxy . (Fixed in Apigee hybrid hybrid v1.11) This addresses the following vulnerabilities: |
N/A | Security fixes for apigee-hybrid-cassandra . (Fixed in Apigee hybrid hybrid v1.11) This addresses the following vulnerabilities: |
N/A | Security fixes for apigee-fluent-bit . (Fixed in Apigee hybrid hybrid v1.11) This addresses the following vulnerabilities: |
N/A | Security fixes for apigee-diagnostics-collector , apigee-mart-server , apigee-mint-task-scheduler , apigee-runtime , and apigee-synchronizer . (Fixed in Apigee hybrid hybrid v1.11) This addresses the following vulnerabilities: |
N/A | Security fixes for apigee-cassandra-backup-utility , apigee-hybrid-cassandra-client , and apigee-connect-agent . (Fixed in Apigee hybrid v1.11) This addresses the following vulnerabilities: |
N/A | Security fixes for apigee-asm-ingress and apigee-asm-istiod . (Fixed in Apigee hybrid v1.11) This addresses the following vulnerabilities: |
November 10, 2023
Apigee Integrated PortalOn November 10, 2023 we released an updated version of Apigee integrated portal.
This release includes the public preview of integrated portal APIs which allow you to manage your integrated portal APIs and reference documentation using API calls.
The catalog items list view now uses pagination when making requests to the portals service, examples have been added to Publishing your APIs, and new reference documentation is available:
As of November 10, 2023, Configurable API Proxies (preview) is no longer available. For more information, see Configurable API Proxies (preview) deprecation.
On November 10, 2023 we released an updated version of Apigee.
Apigee is now available in a new region: Middle East - Dammam (me-central2
).
See Apigee locations for more information about available regions.
November 08, 2023
Apigee Integrated PortalOn November 8, 2023 we released an updated version of Apigee integrated portal.
Bug ID | Description |
---|---|
305287906 | Fixed links to an API product from the API details, User account details, or Team details page in the Apigee UI. |
307600672 | Fixed issue where the name of the documentation was not populated in the Documentation column on the Apigee UI, API catalog page. |
307599975 | Improved pagination through large API catalogs on the Apigee UI, API catalog page. |
November 03, 2023
Apigee XOn November 3, 2023, we updated the following security bulletin:
Bug ID | Description |
---|---|
304599411 | Security bulletin updated GCP-2023-32 A Denial-of-Service (DoS) vulnerability was recently discovered in multiple implementations of the HTTP/2 protocol (CVE-2023-44487), including the Apigee Ingress (Anthos Service Mesh) server used by Apigee X. The vulnerability could lead to a DoS of Apigee API management functionality. |
The shutdown of the Configurable API Proxy (Preview) feature is approaching. On or after November 10, 2023, the preview feature will no longer be available. For more information, see Configurable API proxies (preview) deprecation.
November 01, 2023
Apigee Advanced API SecurityOn December 6, 2024 we release an updated version of Advanced API Security.
Public preview of Advanced API Security custom profiles in the Apigee UI
With this release, you can now create and edit custom security profiles in the Apigee UI. Custom profiles let you specify the security categories that your security scores are based on.
The Security scores page in the Apigee UI has been renamed to the Risk assessment page, and the page now has tabs for security scores and security profiles.
October 26, 2023
Apigee Integrated PortalOn October 26, 2023 we released an updated version of Apigee integrated portal.
Bug ID | Description |
---|---|
5400261 | Improve confirmation dialog text when user clicks the button to revoke an app key from the portal UI. This dialog is displayed when you:
|
On October 26, 2023 we released an updated version of the Apigee UI.
Bug ID | Description |
---|---|
287028804, 291942702 | Fixed issue where customers with a mismatched with Google Cloud project and Apigee organization ID would be presented with the Apigee welcome screen instead of the management UI in the Apigee UI in Google Cloud console. |
The above fix requires a change in permissions for users managing Apigee through the Google Cloud console with a custom role.
Custom roles must now include the apigee.projectorganizations.get
role for users who manage Apigee organizations via the Apigee UI in Cloud console. Without this role, users see a provisioning prompt in the console rather than the standard UI actions.
See UI-based Apigee management permissions for instructions.
October 24, 2023
Apigee UIOn October 24, 2023 we released an updated version of the Apigee UI.
Bug ID | Description |
---|---|
301458133 | Fixed an issue in which saving a previously deployed proxy or shared flow revision resulted in the error "revision revision_name is immutable." You are now prompted to create a new revision in this case. |
On October 24, 2023, we released an updated version of Apigee (1-11-0-apigee-7).
Note: Rollouts of this release to production instances will begin within two business days and may take four or more business days to be completed across all Google Cloud zones. Your instances may not have the features and fixes available until the rollout is complete.
With this release, the HeaderName
element is available as a child element of Authentication
. This element appears in the ServiceCallout and ExternalCallout policies, and in the TargetEndpoint proxy configuration.
By default, when an Authentication
configuration is present, Apigee generates and injects a bearer token into the Authorization
header, in the message sent to the target system. The new HeaderName
element allows the configuration to specify the name of a different header to hold that bearer token.
Bug ID | Description |
---|---|
294293907 | Fixed issue with Google authentication for gRPC-based target servers. |
292454825 | Fixed issue causing Null Pointer Exception when creating or updating an API product. |
291784631 | Implemented fix to permit the use of hyphens (-) in flow variables used to define target URLs in <HTTPTargetConnection> . |
267229604 | Fixed issue where updates to a TLS truststore reference were not reflected for in-use southbound target server connections. |
277353680 | Fixed issue causing target server HealthMonitors to continue beyond revision or deletion of the proxy.Target health checks are now terminated as soon as the proxy is removed from the runtime (undeployed or deleted). Note: There may be a delay between removal of the proxy and termination of the target server health checks. |
N/A | Upgraded infrastructure and libraries. |
October 19, 2023
Apigee IntegrationThe maximum memory available for script evaluation in the Data Transformer Script task is 300 MB. For the list of all the applicable limits, see Quotas and Limits.
On October 19, 2023, we released an updated version of Apigee
Looker Studio Integration
This release includes the public preview of Looker Studio Integration, which connects Apigee data to Google's Looker Studio. Looker Studio is a powerful and flexible tool that you can use to display Apigee data in fully customizable dashboards and reports.
The maximum memory available for script evaluation in the Data Transformer Script task is 300 MB. For the list of all the applicable limits, see Quotas and Limits.
October 17, 2023
Apigee hybridhybrid v1.10.3-hotfix.3
On October 17, 2023 we released an updated version of the Apigee hybrid software, v1.10.3-hotfix.3.
- To install the hotfix, follow the instructions in Upgrading Apigee hybrid to version 1.10.
- For information on new installations, see The big picture.
Bug ID | Description |
---|---|
303292806 | Set backup utility to only connect to Cassandra server pods in the apigee namespace. |
300542690 | Added dedicated service accounts for Apigee Connect, Redis, and UDCA to prevent Kubernetes from automatically injecting credentials for a specified ServiceAccount or the default ServiceAccount. |
October 13, 2023
Apigee XOn October 13, 2023, we released an updated version of Apigee (1-11-0-apigee-6).
Bug ID | Description |
---|---|
304681330 | Security fix for apigee-ingress. This addresses the following vulnerability: CVE-2023-44487 |
305127632 | Security bulletin published. GCP-2023-032 |
Description
A Denial-of-Service (DoS) vulnerability was recently discovered in multiple implementations of the HTTP/2 protocol (CVE-2023-44487), including the Apigee Ingress (Anthos Service Mesh) server used by Apigee X. The vulnerability could lead to a DoS of Apigee API management functionality.
Affected Products
Deployments of Apigee X that are accessible through a Google Cloud Network Load Balancer (Layer 4), or a custom layer 4 load balancer, are affected. A hotfix is being applied to all Apigee X instances. Your Apigee X instances will be automatically updated within the next few days.
Unaffected products
Apigee X instances which are accessed only via Google Cloud Application Load Balancers (Layer 7) are not affected. This includes deployments that have HTTP/2 enabled for gRPC proxies.
What Should I Do?
All Apigee X instances will be automatically updated within the next few days. Customers do not need to take any actions.
What Vulnerabilities Are Addressed By These Patches?
The vulnerability, CVE-2023-44487, allows an attacker to execute a denial-of-service attack on Apigee ingresses.
hybrid v1.10.3-hotfix.2
On October 13, 2023 we released an updated version of the Apigee hybrid software, v1.10.3-hotfix.2.
- To install the hotfix, follow the instructions in Upgrading Apigee hybrid to version 1.10.
- For information on new installations, see The big picture.
Bug ID | Description |
---|---|
304681330 | Security fix for apigee-ingress. This addresses the following vulnerability: CVE-2023-44487 |
305127632 | Security bulletin published. GCP-2023-032 |
hybrid v1.9.4-hotfix.1
On October 13, 2023 we released an updated version of the Apigee hybrid software, v1.9.4-hotfix.1.
- To install the hotfix, follow the instructions in Upgrading Apigee hybrid to version 1.9.
- For information on new installations, see The big picture.
Bug ID | Description |
---|---|
304681330 | Security fix for apigee-ingress. This addresses the following vulnerability: CVE-2023-44487 |
305127632 | Security bulletin published. GCP-2023-032 |
Description
A Denial-of-Service (DoS) vulnerability was recently discovered in multiple implementations of the HTTP/2 protocol (CVE-2023-44487), including the Apigee Ingress (Anthos Service Mesh) server used by Apigee hybrid. The vulnerability could lead to a DoS of Apigee API management functionality.
Affected Products
Apigee hybrid instances that allow HTTP/2 requests to reach the Apigee Ingress are affected. Customers should verify if the load balancers fronting their Apigee hybrid ingresses allow for HTTP/2 requests to reach the Apigee Ingress service.
What Should I Do?
Apigee hybrid customers will need to upgrade to one of the following patch versions:
- v1.10.3-hotfix.2 which will be released by Friday, October 13, 2023
- v1.9.4-hotfix.1 which will be released by Friday, October 13, 2023
What Vulnerabilities Are Addressed By These Patches?
The vulnerability, CVE-2023-44487, allows an attacker to execute a denial-of-service attack on Apigee ingresses.
October 10, 2023
Apigee IntegrationThe following new data transformer functions are available:
Manifest XML - Converts the specified input JSON object into an XML string.
Parse XML - Parses the specified input XML string into a JSON object.
IAM Conditions for fine-grained access
IAM Conditions lets you define and enforce conditional, attribute-based access control for Google Cloud resources, including Application Integration resources. For more information, see Add IAM conditions.
You can now view the detailed summary of an integration from the Integration designer. For more information, see View integration details.
The following new data transformer functions are available:
Manifest XML - Converts the specified input JSON object into an XML string.
Parse XML - Parses the specified input XML string into a JSON object.
IAM Conditions for fine-grained access
IAM Conditions lets you define and enforce conditional, attribute-based access control for Google Cloud resources, including Application Integration resources. For more information, see Add IAM conditions.
You can now view the detailed summary of an integration from the Integration designer. For more information, see View integration details.
Support for user-defined service account
You can now configure a service account of your choice for an integration. The option to select a service account is displayed to you during the integration creation step.
October 06, 2023
Apigee Advanced API SecurityOn October 6, 2023, we released an updated version of Advanced API Security.
Public Preview of Advanced API Security Actions
Advanced API Security's new Security Actions feature lets you create security actions that define how Apigee handles detected traffic. You can create the following security actions:
Deny actions, which deny requests that meet specified conditions, for example, originating at an IP address that has been identified as a source of abuse.
Flag actions, which let requests pass through, but add headers to requests to identify them as suspicious.
Allow actions, which are used to override deny actions in specific cases when the request is trusted.
October 05, 2023
Apigee Integrated PortalOn October 5, 2023 we released an updated version of Apigee integrated portal. This release includes general improvements to performance and availability.
September 29, 2023
Apigee XOn September 29, 2023, we released an updated version of Apigee.
New attributes for Pay-as-you-go pricing are generally available (GA).
Apigee updated its Pay-as-you-go pricing model, making it possible for customers to onboard at a significantly reduced initial cost and right-size their ongoing expenses to usage.
To learn more about the updated Pay-as-you-go pricing experience, see Pay-as-you-go (updated attributes) pricing overview.
Standard and extensible API proxies are generally available (GA).
Standard and extensible API proxies are generally available for use with Apigee organizations.
For more information about standard and extensible API proxies, see API proxy types.
HTTPModifier and ReadPropertySet policies and templating support for message
The HTTPModifier policy can change an existing request or response message and provides a subset of the functionality already available in the AssignMessage policy. See HTTPModifier policy.
The ReadPropertySet policy reads property sets and populates flow variables with the results. See ReadPropertySet policy.
HTTPModifier and ReadPropertySet are standard policies. Proxies built exclusively with standard policies are called standard proxies and can be deployed to any environment type. See Pay-as-you-go (updated attributes) pricing overview.
With this release, template support for message
New environment types are generally available (GA).
With this release, Apigee introduces three distinct environments that have access to varying degrees of Apigee capabilities and costs: Base, Intermediate, and Comprehensive.
For more information, see Apigee Pay-as-you-go environment types.
Apigee API Analytics add-on for Pay-as-you-go organizations is generally available (GA).
With this release, Apigee API Analytics is available as a paid add-on capability for Pay-as-you-go organizations. The add-on can be enabled in any Apigee Intermediate or Comprehensive environment. For more information, see Manage the Apigee API Analytics add-on.
One click provisioning for Apigee Pay-as-you-go organizations is generally available (GA).
Simplify your onboarding experience with one click provisioning for new Pay-as-you-go organizations, using smart default configurations. To learn more, see Provision Apigee with one click.
Updated pricing attributes in Subscription plans are available.
To get started with subscription plans that include new pricing attributes (consistent with Pay-as-you-go pricing), contact your Google Cloud sales specialist.
For more information, see Apigee Subscription 2024 entitlements. Apigee hybrid is not available in the new subscription plan at this time.
This note is incorrect; see entry for May 17, 2024.
September 27, 2023
Apigee Advanced API SecurityOn September 27, 2023, we released an updated version of Advanced API Security.
Public preview of Advanced API Security Alerting
Advanced API Security's new alerting feature lets you create alerts for events related to API security using Google Cloud Monitoring, such as changes to your security scores or incidents involving detected API abuse. You can configure alerts to send you notifications by email or other channels when these events occur, so you can take action to counteract them.
September 25, 2023
Apigee Advanced API SecurityOn September 25, 2023 we release an updated version of Advanced API Security.
If a flow hook contains any FlowCallout policies, Advanced API Security scores now processes all policies from the shared flows that the flow callouts are pointing to for scoring. Further callout chaining is not supported.
Bug ID | Description |
---|---|
300849647 | Fixed a bug in Security scores for proxies that don't contain any policies in the categories authorization, mediation, threat or CORS . |
On September 25, 2023, we released an updated version of the Apigee UI.
This release includes a new Overview page for Apigee API Management in the Google Cloud console.
From the Overview page, you can:
- Get started as a new Apigee user
- Test your Apigee runtime
- View key resource usage metrics
- Explore Apigee API management features
For more information, see UI overview.
September 22, 2023
Apigee IntegrationVertex AI - Predict task
Starting with this release, Apigee Integration provides the Vertex AI - Predict task that lets you perform online predictions on your ML models.
Vertex AI - Predict task
Starting with this release, Application Integration provides the Vertex AI - Predict task that lets you perform online predictions on your ML models.
September 20, 2023
Apigee IntegrationApplication Integration is now available for your Google Cloud project. You can now use both Apigee Integration and Application Integration within the same Google Cloud project. For more information, see Using Application Integration.
September 19, 2023
Apigee UIOn September 19, 2023, we released an updated version of the Apigee UI.
GA release of the Apigee UI in Cloud console
This is the GA release of the Apigee UI in Cloud console, a new version of the Apigee UI that is integrated with the Google Cloud console. The new UI makes it easier to use Apigee, while also performing related tasks in the Cloud console.
On September 19, 2023, we released an updated version of Apigee X (1-11-0-apigee-5).
Bug ID | Description |
---|---|
296296456 | Implemented fix to ensure that continueOnError is honored in the SpikeArest policy. |
229615887 | The flow variable target.scheme is now set consistently with the target server URL. |
78106145 | Fixed issue in the RegularExpressionProtection policy to ensure that multiple JSONPaths elements in a JSON payload are checked. |
294090782 | Implemented fix to allow the Apigee runtime to connect to a target server using a wildcard CNAME that references a wildcard A record. |
285592278 | Fixed issue with deduction of recurring fees from prepaid balances. This note is incorrect; see entry for March 26, 2024. |
N/A | Upgraded infrastructure and libraries. |
Bug ID | Description |
---|---|
296506425, 295936113, 295925991, 295688738, 296110120, 281112632 | Security fix for apigee-runtime . This addresses the following vulnerabilities: |
287218068 | Fixed security vulnerability to prevent header injection using flow variables. |
September 18, 2023
Apigee UIOn September 18, 2023, we released an updated version of the Apigee UI.
This release includes improvements to the Create Environment experience in the Apigee UI in the Cloud console.
With this release, users can create a new environment, attach the environment to an Apigee instance, and assign the environment to an environment group within the same creation flow.
In addition, users can edit or remove environment group assignments from the environment detail page in the Apigee UI, simplifying management of their Apigee implementation.
For more information, see Working with environments.
September 14, 2023
Apigee hybridhybrid 1.10.3-hotfix.1
On September 14, 2023 we released an updated version of the Apigee hybrid software, 1.10.3-hotfix.1.
- To install the hotfix, follow the instructions in Install 1.10.3-hotfix.1.
- For new installations, see The big picture and then apply the hotfix to the new installation with the instructions in Install 1.10.3-hotfix.1.
Bug ID | Description |
---|---|
205666368 | Fixed issue with default validation of TLS target endpoint certificates. To enable strict SSL on southbound connections to a proxy target endpoint, add the tag See About setting TLS options in a target endpoint or target server. See also Known Issue #205666368. |
September 07, 2023
Apigee Integrated PortalOn September 7, 2023 we released an updated version of Apigee integrated portal. This release includes general improvements to performance and availability.
September 06, 2023
Application IntegrationApplication Integration Quick setup (GA)
Application Integration Quick setup is now generally available in all the supported Google Cloud locations.
Quick setup is a single-click operation that automatically provisions Application Integration with the default configurations needed to get you started with the product.
For more information, see Set up Application Integration.
August 31, 2023
Apigee hybridhybrid v1.10.3
On August 31, 2023 we released an updated version of the Apigee hybrid software, v1.10.3.
- For information on upgrading, see Upgrading Apigee hybrid to version 1.10.
- For information on new installations, see The big picture.
Bug ID | Description |
---|---|
295929616 | Installation of Hybrid 1.10.x would fail on OpenShift due to out of memory issues. |
292571089 | An error with support for CSI backup and restore for Cassandra was fixed. |
287321226 | Security context has been corrected for apigee-prom-prometheus to avoid privilege escalation. |
Bug ID | Description |
---|---|
296717665, 296717664, 296717663, 296717662, 296717185, 296716666, 296716649, 296716632, 296716468, 296716467, 296716232, 296715152, 296715151, 296714218 |
Security fixes for apigee-cassandra-backup-utility . This addresses the following vulnerabilities: |
297938600, 297938559, 297938486, 294892344 |
Security fixes for apigee-diagnostics-collector . This addresses the following vulnerabilities: |
297938498, 297938487 |
Security fixes for apigee-fluent-bit . This addresses the following vulnerabilities: |
296719459, 296719400, 296719348, 296719307, 296719306, 296719188, 296719187, 296719186, 296719115, 296719018, 296718937, 296718918, 296718917, 296718916, 296716670, 296716669, 296716472, 296716471, 296715155 |
Security fixes for apigee-hybrid-cassandra . This addresses the following vulnerabilities: |
296717666, 296717283, 296716668, 296716667, 296716650, 296716635, 296716634, 296716633, 296716470, 296716234, 296715734, 296715733, 296715154, 296715153 |
Security fixes for apigee-hybrid-cassandra-client . This addresses the following vulnerabilities: |
297286274 | Security fixes for apigee-installer . This addresses the following vulnerabilities: |
295936113 | Security fixes for apigee-mart-server . This addresses the following vulnerability: |
297938441 | Security fixes for apigee-runtime . This addresses the following vulnerabilities: |
294906706 | Security fixes for apigee-prom-prometheus . This addresses the following vulnerabilities:
|
293925856 | Security fixes for apigee-prometheus-adapter . This addresses the following vulnerabilities: |
August 25, 2023
Apigee Advanced API SecurityOn August 25, 2023, we released an updated version of Apigee Advanced API Security.
This release includes custom profiles for Advanced API Security scores. Custom profiles let you specify the security categories you want your security scores to be based on. In this release, you must create a security profile in the security scores API. However, you can view scores for the profile in the security scores UI.
August 15, 2023
Apigee XOn August 15, 2023, we released an updated version of Apigee X (1-11-0-apigee-1).
Bug ID | Description |
---|---|
155498623 | XPaths in maskconfigs now mask values with special characters. |
291746838 | Implemented fix to prevent service callouts from overwriting timeouts on clients used by other policies or target endpoints. |
274663992 | Fixed issue in AccessControl policy to avoid race condition. |
294441215 | Implemented fix to resolve quota count in the Quota policy. |
287659763 | Fixed issue causing incorrect target endpoint URLs to display in debug sessions. |
283285631 | Fixed issue where base environment debug sessions were not recorded for Pay-as-you-go (updated attributes) organizations. |
196216798 | Fixed issue with access to monetization flow variables in the post client flow. |
N/A | Upgraded infrastructure and libraries. |
Bug ID | Description |
---|---|
281112632, 294892189 | Security fix for apigee-runtime . This addresses the following vulnerability: |
294891556 | Security fix for apigee-emulator , apigee-mock-server , and apigee-runtime . This addresses the following vulnerability: |
287207717 | Fixed sandbox bypass vulnerability. |
286993631 | Fixed message template injection vulnerability. |
August 14, 2023
Apigee XOn August 14, 2023, we released an updated version of Apigee X.
This release includes a major redesign of the Advanced API Security scores page in the Apigee UI in Cloud console. The Security scores page now:
- Highlights the top recommendations for improving security scores.
- Links directly to the Apigee UI Proxy Editor and Target Server tabs , where you can implement recommended changes to your API proxies and target servers.
August 09, 2023
Apigee XThe Apigee documentation site navigation has been updated to be more consistent with other Google Cloud product documentation sites. The changes include:
August 07, 2023
Apigee XOn August 7, 2023, we released an updated version of Apigee X (1-10-0-apigee-7).
Bug ID | Description |
---|---|
N/A | Upgraded infrastructure and libraries. |
August 03, 2023
Apigee Advanced API SecurityOn August 3, 2023, we released an updated version of Apigee Advanced API Security.
Previously, Advanced API Security scores didn't evaluate proxies calling shared flows via flow hooks and the FlowCallout policy in the proxy. With this release, security scores take into account proxies calling shared flows this way. As a result, your security scores may change because they now factor in the shared flows in the environment.
On August 3, 2023, we released an updated version of Apigee X.
Previously, Advanced API Security scores didn't evaluate proxies calling shared flows via flow hooks and the FlowCallout policy in the proxy. With this release, security scores take into account proxies calling shared flows this way. As a result, your security scores may change because they now factor in the shared flows in the environment.
July 31, 2023
Apigee hybridhybrid v1.10.2
On July 31, 2023 we released an updated version of the Apigee hybrid software, v1.10.2.
- To install the hotfix, follow the instructions in Upgrading Apigee hybrid to version 1.10.
- For information on new installations, see The big picture.
Bug ID | Description |
---|---|
292118812 | Fixed UDCA regression in Hybrid 1.10.1 where UDCA would ignore forward proxy configuration. |
205666368 | Fixed issue with default validation of TLS target endpoint certificates. To enable strict SSL on southbound connections to a proxy target endpoint, add the tag See About setting TLS options in a target endpoint or target server. See also Known Issue #205666368. |
158132963 | Added improvements to capture relevant target flow variables in trace and analytics in case of target timeouts. |
Bug ID | Description |
---|---|
293348130 | Security fixes for apigee-udca . This addresses the following vulnerabilities: |
291994501 | Security fixes for apigee-operator and apigee-watcher . This addresses the following vulnerabilities: |
291994501 | Security fixes for apigee-installer . This addresses the following vulnerabilities:
|
290829031 | Security fixes for apigee-hybrid-cassandra , apigee-cassandra-client , and cassandra-backup-utility . This addresses the following vulnerabilities: |
290829028 | Security fixes for Apigee Connect and apigee-connect-agent and apigee-redis . This addresses the following vulnerabilities: |
July 24, 2023
Apigee XOn July 24, 2023, we released an updated version of Apigee X.
Public preview of Apigee gRPC passthrough
Apigee's new gRPC proxy passthrough functionality provides the ability to create proxies which receive gRPC client requests and pass them through to a gRPC target server.
For information, see Creating gRPC API proxies.
July 21, 2023
Apigee XOn July 21, 2023, we released an updated version of Apigee X.
The Advanced API Security Abuse detection Incident details page now displays unique IP addresses, even if more than one incident corresponds to the same IP address. Previously, the Incident details page could display the same IP address more than once for different incidents.
Also, the Attributes tab of the Incident details page no longer displays the following attributes:
- Top App Key
- Detected Rules
- Top URL
hybrid v1.9.4
On July 21, 2023 we released an updated version of the Apigee hybrid software, v1.9.4.
- For information on upgrading, see Upgrading Apigee hybrid to version v1.9.
- For information on new installations, see The big picture.
Bug ID | Description |
---|---|
289254725 | Implemented a fix to prevent failure of proxy deployments that include the OASValidation policy. |
279712107 | Added the ability to annotate apigee-ingressgateway-manager pods through overrides.yaml file. See istiod.annotations for details. |
272212164 | Cassandra CSI backup could clash with Azure default configuration. The CSI backup script has been fixed to prevent a resource naming issue that could cause backups to fail. |
158132963 | Added improvements to capture relevant target flow variables in trace and analytics in case of target timeouts. |
Bug ID | Description |
---|---|
290709899 | Security fixes for apigee-diagnostics-collector , apigee-mart-server , apigee-mint-task-scheduler , apigee-runtime , and apigee-synchronizer . This addresses the following vulnerability: |
290829028 | Security fixes for Apigee Connect and apigee-connect-agent and apigee-redis . This addresses the following vulnerabilities: |
July 20, 2023
Apigee XOn July 20, 2023, we released an updated version of Apigee X (1-10-0-apigee-6).
Bug ID | Description |
---|---|
290943249 | Fixed latency issue between Istio and runtime container. |
205666368 | Fixed issue with default validation of TLS target endpoint certificates. To enable strict SSL on southbound connections to a proxy target endpoint, add the tag For more information about using |
Bug ID | Description |
---|---|
290709899 | Security fix for apigee-runtime . This addresses the following vulnerability: |
N/A | Security fixes for apigee-redis and apigee-connect-agent . These address the following vulnerabilities: |
N/A | Security fixes for apigee-connect-agent . These address the following vulnerabilities: |
Connector Event triggers (Preview)
Application Integration introduces Connector Event triggers; specialized triggers that let you invoke an integration based on the event subscriptions created in various business applications using Integration Connectors.
The following Connector Event triggers are available in preview:
For more information, see Connector Event triggers.
Known issues
- Integration fails to publish when duplicate Connector Event triggers are configured
- Event subscription error when an integration containing Connector Event triggers is uploaded
For more information, see Application Integration known issues.
July 19, 2023
Apigee RegistryOn July 19, 2023 Apigee API hub released a new version of the software.
Lint result artifacts, or conformance reports, represent how conformant an API is with respect to the specified lint rules. Results in conformance report artifacts attached to an API spec revision are now displayed in the right pane of the API spec revision detail page. One of the following is displayed:
- No information to display.
No style guide conformance information has been generated for this spec. - No issues found.
Style guide conformance scans found no issues with this spec. - Warnings and Errors.
Any errors or warnings are explained.
An indicator also marks the corresponding line in the spec.
See also:
July 13, 2023
Apigee hybridhybrid v1.10.1
On July 13, 2023 we released an updated version of the Apigee hybrid software, v1.10.1.
- For information on upgrading, see Upgrading Apigee hybrid to version v1.10.1.
- For information on new installations, see The big picture.
Bug ID | Description |
---|---|
289254725 | Implemented a fix to prevent failure of proxy deployments that include the OASValidation policy. |
Bug ID | Description |
---|---|
281561243 | Security fixes for apigee-diagnostics-collector , apigee-mart-server , apigee-mint-task-scheduler , apigee-runtime , and apigee-synchronizer . This addresses the following vulnerability: |
290067464 | Security fixes for apigee-stackdriver-logging-agent . This addresses the following vulnerability: |
290068742 | Security fixes for apigee-udca . This addresses the following vulnerability: |
290065830 | Security fixes for apigee-udca . This addresses the following vulnerability: |
July 12, 2023
Apigee XOn July 12, 2023, we released an updated version of Apigee X.
Preview release of non-VPC peering option for Apigee provisioning Apigee now supports a provisioning option that does not require VPC peering. With this approach, you are not required to provide networks and IP ranges during the Apigee provisioning process. Instead, you use Private Service Connect (PSC) for routing northbound traffic to Apigee and southbound traffic to target services running in your Google Cloud projects.
Non-VPC peering is supported for command-line (CLI) provisioning steps only. You can perform non-VPC provisioning for subscription, Pay-as-you-go, and evaluation installations of Apigee.
To learn more, see Apigee networking options.
July 10, 2023
Apigee XOn July 10, 2023, we released an updated version of Apigee X (1-10-0-apigee-5).
Bug ID | Description |
---|---|
289254725 | Implemented fix to prevent failure of proxy deployments that include the OASValidation policy. |
N/A | Upgraded infrastructure and libraries. |
Bug ID | Description |
---|---|
273693152 | Fixed SAMLAssertion policy parsing to limit the number of entities that will be parsed to 10000. Any attempt to parse more than 10000 entities will generate an error. |
273695718 | Fixed DataCapture policy to avoid evaluation of external entities during XML parsing for variable collection. |
273929507 | Fixed issue with potential Java security bypass in LookupCache policy. Certain objects which implement |
273950705 | Fixed issue in PythonScript policy to prevent execution of arbitrary Java code. With this fix, the runtime does not allow execution of python code added to a |
July 07, 2023
Apigee Adapter for Envoyv2.1.1
On June 7, 2023, we released version 2.1.1 of Apigee Adapter for Envoy.
An issue was fixed where quotas were being improperly duplicated between operations instead of being shared at the Product level.
July 06, 2023
Apigee XOn July 6, 2023, we released an updated version of Apigee X.
Preview release of Pay-as-you-go pricing with updated attributes
Apigee is updating its Pay-as-you-go pricing model, making it possible to start using Apigee at a significantly reduced initial cost and right-size ongoing expenses to match precise usage.
To learn how to get started with the updated Pay-as-you-go pricing experience, see Pay-as-you-go (updated attributes) pricing overview.
Preview release of new environment types
Apigee announces the Preview release of three distinct environment types: Base, Intermediate, and Comprehensive. Each environment type offers varying degrees of capabilities and costs; you can tailor pricing to suit your needs.
For more information, see Apigee Pay-as-you-go environment types.
Preview release of standard and extensible API proxies
Apigee announces the Preview release of standard and extensible API proxies, available for use with preview organizations using Pay-as-you-go (updated attributes) pricing.
For more information about standard and extensible API proxies, see API proxy types.
Preview release of new HTTPModifier and ReadPropertySet policies and templating support for message <URL> elements
Apigee announces the Preview release of the HTTPModifier and ReadPropertySet policies.
The HTTPModifier policy can change an existing request or response message and provides a subset of the functionality already available in the AssignMessage policy. See HTTPModifier policy.
The ReadPropertySet policy reads property sets and populates flow variables with the results. See ReadPropertySet policy.
HTTPModifier and ReadPropertySet are standard policies. Proxies built exclusively with standard policies are called standard proxies and can be deployed to any environment type. See Pay-as-you-go (updated attributes) pricing overview.
This release also includes template support for message <URL> elements. See URL templating.
July 05, 2023
Application IntegrationThe issue relating to Application Integration setup failure in a new Google Cloud project has been resolved.
June 30, 2023
Apigee hybridhybrid v1.10
On June 30, 2023 we released an updated version of the Apigee hybrid software, v1.10.0.
- For information on upgrading, see Upgrading Apigee hybrid to version 1.10.
- For information on new installations, see The big picture.
Pre-install Cluster Check Kubernetes job
Starting in version 1.10, Apigee hybrid offers a new tool that examines the hybrid cluster before you install the hybrid runtime. See Step 8: Check cluster readiness .
Automated Issue Surfacing (AIS)
Starting with Apigee hybrid 1.10, Apigee hybrid offers a new tool that examines the hybrid runtime and surfaces issues by running a kubectl
command. If the tool detects errors in the cluster, it returns a detailed error message. The error message contains a link to the troubleshooting guide for that specific error. See Automated issue surfacing and Configuration property reference, watcher
.
Support for AppGroups (preview)
Starting in version 1.10, Apigee hybrid supports AppGroups, which represent a relationship between one or more apps that are managed by the same set of people. For information, see Using AppGroups to organize app ownership.
AppGroups is in preview as of the Apigee hybrid 1.10 release. See the AppGroups preview launch announcement for details.
Support for environment-level scaling
Starting in version 1.9.3, Apigee hybrid added the following environment configuration properties that enable you to specify environment-specific scaling in the overrides.yaml
file:
envs[].runtime.replicaCountMax
envs[].runtime.replicaCountMin
envs[].synchronizer.replicaCountMax
envs[].synchronizer.replicaCountMin
envs[].udca.replicaCountMax
envs[].udca.replicaCountMin
Documentation: Environment-based scaling
Bug ID | Description |
---|---|
181569522 | You can now create a new environment with the same name as a deleted environment without needing to perform manual clean-up tasks first. (Fixed in Apigee hybrid v1.8.5 and v1.7.6) |
209509030 | Apigee Ingressgateway cannot access K8s secret from another namespace. |
218567150 | The ingress gateway is now configured to consistently preserve UUID in the x-request-id header. Note: This setting does have some impact on tracing in the ingress gateway. For more information, see pack_trace_reason in "UUID (proto)" in the envoy documentation. (Fixed in Apigee hybrid v1.7.6 and v1.8.3) |
223320630 | mTLS-related client variables are now set by the Apigee runtime. (Fixed in Apigee hybrid v1.8.6) |
245619397 | In Apigee hybrid, fluentbit support now includes the NO_PROXY environment variable. (Fixed in Apigee hybrid v1.8.5, v1.8.6, and v1.9.1) |
259264961 | Added support for ASM v1.15. Please see Known issue 266452840 (Fixed in Apigee hybrid v1.7.6) |
260342163 | Fixed a narrow scenario where threads in runtime pods ended up consuming 100% CPU. (Fixed in Apigee hybrid v1.9.1) |
260372012 | Requests failed with 500 response and keyvaluemap.service.ErrorDuringDecryption error after upgrade to Hybrid 1.8. Note: Fixed in Apigee hybrid 1.8.4 and newer. (Fixed in Apigee hybrid v1.8.5) |
262699558 | The watcher component no longer fails when using Kubernetes Secret to store hybrid service account secret. (Fixed in Apigee hybrid v1.7.6) |
263840644 | Fixed a conflict with an existing ASM on the cluster. (Fixed in Apigee hybrid v1.8.6) |
265374889 | Fixed an issue where in some circumstances the Java Callout would to fail due with the following error: Failed to execute JavaCallout. Could not initialize class org.jose4j.jwa.AlgorithmFactoryFactory2. (Fixed in Apigee hybrid v1.9.1) |
266411394 | Add support for Azure Front Door request headers to /healthz health check. (Fixed in Apigee hybrid v1.8.5 and v1.9.1) |
266594584 | Websocket was failing in asm 1.15. This was due to incompatible capitalization in variable names between the Anthos Service Mesh overlay.yaml file and the and the Envoy filter apigee-envoyfilter.yaml file. (Fixed in Apigee hybrid v1.8.5 and v1.9.1) |
266814873 | In certain circumstances, retrieving encrypted KVM entries could fail with an error. This fix ensures that MART will be able to successfully function for environment-scoped KVM entries, even if the encryption key is used in the Org Env configuration or when the keys contain non-UTF8 characters. There is no change to KVM data. (Fixed in Apigee hybrid v1.8.6 and v1.9.1) |
266989915 266919136 |
In some circumstances, Apigee could return incorrect developer credentials for an app, unless the specific app was selected when requesting the credentials. (Fixed in Apigee hybrid v1.9.1) |
267666187 | When using a custom Kubernetes service for the Apigee ingress gateway, you can disable the creation of a default load balancer. See Managing Apigee ingress gateway. (Fixed in Apigee hybrid v1.8.6 and v1.9.1) |
267691299 265295406 |
The Apigee controller uses a dedicated apigee-manager Kubernetes service account, instead of using the default SA. (Fixed in Apigee hybrid v1.8.6 and v1.9.1) |
268445095 | The validateOrg flag can be set to false to bypass upgrade validation errors when configuration includes HTTP Forward proxy. You can use this to avoid upgrade errors caused by HTTP proxy settings. (Fixed in Apigee hybrid v1.7.6) |
268696297 | Providing a Kubernetes secret for Cassandra and Redis components is now supported. See cassandra.auth.secret and redis.auth.secret in the Configuration properties reference. (Fixed in Apigee hybrid v1.9.1) |
269451743 | In certain circumstances, upgrading from Apigee hybrid v1.8.3 to v1.9.0 could fail with an error message when creating the virtual hosts. (Fixed in Apigee hybrid v1.9.1) |
269738951 | The example network policies are now included in the apigeectl/examples/network-policies directory. see Configuring Kubernetes network policies. (Fixed in Apigee hybrid v1.9.1) |
270371160 | In Apigee hybrid v1.8.7, we removed certain insecure TLS ciphers. Apigee hybrid supports the TLS cipher suites supported by the Boring FIPS build of Envoy. You can now specify specific cipher suites with the virtualhosts.cipherSuites configuration property in your overrides. (Fixed in Apigee hybrid v1.8.7) Note: Apigee hybrid only supports the RSA ciphers listed. ECDSA ciphers are not supported. |
270371160 | In Apigee hybrid v1.9.0, we removed certain insecure TLS ciphers. Apigee hybrid supports the TLS cipher suites supported by the Boring FIPS build of Envoy. You can now specify specific cipher suites with the virtualhosts.cipherSuites configuration property in your overrides. (Fixed in Apigee hybrid v1.9.2) Note: Apigee hybrid only supports the RSA ciphers listed. ECDSA ciphers are not supported. |
271266079 | Removed port 80 from the default Kubernetes service of Apigee Ingress Gateway. (Fixed in Apigee hybrid v1.8.6 and v1.9.1) |
272212164 | Cassandra CSI backup could clash with Azure default configuration. The CSI backup script has been fixed to prevent a resource naming issue that could cause backups to fail. (Fixed in Apigee hybrid v1.9.4 and v1.10.0) |
273561434 | Some projects were unable to run debug sessions. (Fixed in Apigee hybrid v1.8.8 and v1.9.3) |
274292101 | In certain circumstances, environment-scoped KVMs in hybrid could cause rollback issues for MART. (Fixed in Apigee hybrid v1.8.6) |
274999014 | Restrict watcher RBAC to a single K8s namespace |
278646149 | In certain circumstances, the logger.livenessProbe.timeoutSeconds configuration property was not working as expected. See logger.livenessProbe.timeoutSeconds in the Configuration property reference. (Fixed in Apigee hybrid v1.8.7 and v1.9.2) |
279053612 | x-forwarded-client-cert (XFCC) HTTP headers handled with the istiod.forwardClientCertDetails configuration property. (Fixed in Apigee hybrid v1.8.7 and v1.9.2) See the Configuration properties reference for details: |
279193831 | Envoy has been updated to v1.25.6.. (Fixed in Apigee hybrid v1.8.8) |
279712107 | Added the ability to annotate apigee-ingressgateway-manager pods through overrides.yaml file . (Fixed in Apigee hybrid v1.8.8) |
280544499 | Request headers were not seen in debug sessions. (Fixed in Apigee hybrid v1.8.8) |
284488296 | Removed an unneeded Workload Identity on the Cassandra Schema Validation cron job. (Fixed in Apigee hybrid v1.8.8 and v1.9.3) |
Bug ID | Description |
---|---|
270371160 | In Apigee hybrid v1.9.0, we removed certain insecure TLS ciphers. Apigee hybrid supports the TLS cipher suites supported by the Boring FIPS build of Envoy. Note: Apigee hybrid only supports the RSA ciphers listed. ECDSA ciphers are not supported. |
271266079 | Removed port 80 from the default Kubernetes service of Apigee Ingress Gateway. Port 80 is not supported by Apigee ingress gateway. If you are migrating from ASM to Apigee ingress gateway, and followed the instructions in the community post to enable Port 80, it will not work with Apigee Ingress gateway. (Fixed in Apigee hybrid v1.8.6 and v1.9.1) |
Bug ID | Description |
---|---|
262576079 | Security fix for for apigee-envoy . (Fixed in Apigee hybrid v1.10)This addresses the following vulnerability: |
273797045 | Security fix for for apigee-diagnostics-collector apigee-synchronizer apigee-udca . (Fixed in Apigee hybrid v1.8.8)This addresses the following vulnerability: |
273800345, 281572616 | Security fixes for apigee-diagnostics-collector , apigee-mart-server , apigee-mint-task-scheduler , apigee-runtime , apigee-synchronizer , and apigee-udca . (Fixed in Apigee hybrid v1.8.8 and v1.9.3This addresses the following vulnerabilities: |
273800717 | Security fixes for apigee-emulator , apigee-diagnostics-collector , apigee-mart-server , apigee-mint-task-scheduler , apigee-mock-server , apigee-runtime , and apigee-synchronizer . (Fixed in Apigee hybrid v1.8.7 and v1.9.2)This addresses the following vulnerabilities: |
273800965 | Security fix for apigee-diagnostics-collector , apigee-mart-server , apigee-mint-task-scheduler , apigee-runtime , and apigee-synchronizer . (Fixed in Apigee hybrid v1.8.7, v1.9.2, and v1.9.3)This addresses the following vulnerability: |
273801301 | Security fixes for apigee-mart-server and apigee-runtime .(Fixed in Apigee hybrid v1.8.8 and v1.9.3)This addresses the following vulnerability: |
274112103 | Security fixes to the Apigee Controller and Apigee Watcher. (Fixed in Apigee hybrid v1.8.6 and v1.9.1) This addresses the following vulnerabilities: |
275002360 | Security fixes for fluent-bit . (Fixed in Apigee hybrid v1.8.6 and v1.9.1)This addresses the following vulnerabilities: |
277367440 | Security fixes for Apigee Controller, Watcher, and apigeectl . (Fixed in Apigee hybrid v1.8.7 and v1.9.2)This addresses the following vulnerabilities: |
278313047 | Security fixes for apigee-stackdriver-logging-agent . (Fixed in Apigee hybrid v1.9.2)This addresses the following vulnerabilities: |
279194142 | Fixes build issues to achieve FIPS compliance. (Fixed in Apigee hybrid v1.8.7 and v1.9.2) |
281561243 | Security fix for apigee-diagnostics-collector , apigee-mint-task-scheduler , apigee-runtime , and apigee-synchronizer . (Fixed in Apigee hybrid v1.8.8 and v1.9.3)This addresses the following vulnerability: |
283826216 | Security fixes for apigee-ingressgateway . (Fixed in Apigee hybrid v1.9.3)This addresses the following vulnerabilities: |
283826785 | Security fixes for istiod . (Fixed in Apigee hybrid v1.9.3)This addresses the following vulnerabilities: |
June 27, 2023
Apigee XOn June 27, 2023 we released an updated version of Apigee X.
Public preview of AppGroups
Introduces the concept of AppGroups, which represent a relationship between one or more apps that are managed by the same set of people. For information, see Using AppGroups to organize app ownership.
Note that the purpose of this release is to support upgrades from Apigee Edge customers who used company-apps without monetization; however, it is available to any Apigee X/hybrid customer during the public preview stage.
June 26, 2023
Apigee RegistryOn June 26, 2023 Apigee API hub released a new version of the software.
API hub has been upgraded to use a later version of the Registry API open-sourced project. See v0.6.13 on GitHub for changes and links to previous revisions that are also included in this update. Note that this update (like all previous updates), overwrites project-level artifacts that configure API hub displays including display settings, taxonomies, and lifecycles. In future releases, we will no longer overwrite project-level artifacts.
Data Transformer Script task (Preview)
The Data Transformer Script task is a template engine based data mapping feature available in Application Integration. With the Data Transformer Script task and the supported Data Transformer functions, you can create and evaluate custom Jsonnet templates in order to perform data mapping in your integration.
For more information, see Data Transformer Script task.
June 23, 2023
Apigee Integrated PortalOn April 20, 2023 we released an updated version of Apigee integrated portal. The fix below was not reported in a release note at the time. This update corrects the record.
Bug ID | Description |
---|---|
275578252 | Addressed an issue where an account could be created even though the built-in identity provider (IdP) had been disabled. For any portal with a disabled IdP, you can review the user accounts on the Portals > Portal name > Accounts > Users page. Select an account and then change the Status to Inactive to prevent login. Documentation: Deactivating user accounts |
June 20, 2023
Apigee XOn June 20, 2023, we released an updated version of Apigee X (1-10-0-apigee-4).
Bug ID | Description |
---|---|
284114575 | Implemented fix to prevent the execution of untrusted code in Apigee policies. |
279092925 | Modified Cloud Logging policy to improve runtime performance. |
186885918 | Disabled access to external entities in XML parsing. |
270764083 | Default expiration for refresh tokens set to 30 days if not explicitly set in the OAuth policy. |
N/A | Upgraded infrastructure and libraries. |
Bug ID | Description |
---|---|
273801301 | Security fix for apigee-diagnostics-collector , apigee-mart-server , apigee-runtime , and apigee-synchronizer . This addresses the following vulnerabilities: |
281561243 | Security fix for apigee-diagnostics-collector , apigee-mart-server , apigee-runtime , and apigee-synchronizer . This addresses the following vulnerabilities: |
June 16, 2023
Apigee RegistryOn June 16, 2023 Apigee API hub released a new version of the software.
API hub has been upgraded to use a later version of the Registry API open-sourced project. See v0.6.12 on GitHub for changes and links to previous revisions that are also included in this update.
Note that artifacts associated with API spec and deployment resources are now associated with the revisions of those resources. This allows artifacts that represent lint results and other revision-specific characteristics to be associated with those revisions. When artifacts are applied directly to the parent resource (spec or deployment), these artifacts are associated with the latest revisions of these resources. For more details, see this GitHub issue.
Migration of pre-existing spec- and deployment-related artifacts is not guaranteed in this update. In most cases, these artifacts are generated automatically by the registry controller and will be automatically recreated. If you find that manually-added artifacts are missing after the update, those will need to be reapplied with the same mechanisms that were available previously.
June 14, 2023
Apigee hybridhybrid v1.8.8
On June 14, 2023 we released an updated version of the Apigee hybrid software, v1.8.8.
- For information on upgrading, see Upgrading Apigee hybrid to version v1.8.
- For information on new installations, see The big picture.
Bug ID | Description |
---|---|
273561434 | Some projects were unable to run debug sessions.. |
279193831 | Envoy has been updated to v1.25.6.. |
279712107 | Added the ability to annotate apigee-ingressgateway-manager pods through overrides.yaml file . |
280544499 | Request headers were not seen in debug sessions. |
284488296 | Removed an unneeded Workload Identity on the Cassandra Schema Validation cron job. |
Bug ID | Description |
---|---|
281561243 | Security fix for apigee-diagnostics-collector , apigee-mint-task-scheduler , apigee-runtime , and apigee-synchronizer . This addresses the following vulnerability: |
273797045 | Security fix for for apigee-diagnostics-collector apigee-synchronizer apigee-udca . This addresses the following vulnerability: |
273800345, 281572616 | Security fixes for apigee-diagnostics-collector , apigee-mart-server , apigee-mint-task-scheduler , apigee-runtime , apigee-synchronizer , and apigee-udca . This addresses the following vulnerabilities: |
273801301 | Security fixes for apigee-mart-server and apigee-runtime . This addresses the following vulnerability: |
June 13, 2023
Apigee IntegrationThe following preview features are now generally available (GA):
Application Integration is now generally available (GA)
Application Integration is now generally available in all the supported Google Cloud locations.
Preview features such as Cloud Scheduler trigger, Error catcher trigger, JavaScript task, Return task, and Google-managed encryption keys are now moved to GA.
The following new features are added in this GA release:
Cloud Monitoring
Application Integration is integrated with Cloud Monitoring to provide visibility into the usage, performance, alerts, and the overall health of your integration resources.
For more information, see Monitor Application Integration resources.
Inline connection creation
You can now use the Connectors task in Application Integration to directly create a new connection in the Integration Connectors platform.
For more information, see Connectors task.
Integration designer changes
Several styling and user experience enhancements have been made to the integration designer layout and user interface. The new enhancements include a new variable pane that lets you create and manage all your integration variables in one place, a revamped designer toolbar and navigation bar design, and a refreshed Integration designer canvas.
For more information, see Integration designer.
Application Integration v2 REST API is available in preview.
For more information, see REST API reference (v2).
Known issues
- Application Integration fails to set up in a new Google Cloud project
- Integration designer screen compatibility issue
For more information, see Application Integration known issues.
June 09, 2023
Apigee AnalyticsOn June 9, 2023 we released an updated version of Apigee X.
Bug ID | Description |
---|---|
286452898 | Previously, the Apigee Analytics topk query parameter, which returns the top k results for a query, always returned the results in descending order, even when the order parameter was ASC . This has been fixed: results are now sorted according to the order parameter before returning the top k entries. |
June 05, 2023
Apigee Adapter for Envoyv2.1.0
On June 5, 2023, we released version 2.1.0 of Apigee Adapter for Envoy.
The application_id
claim was added to the /verifyApiKey
response.
ANNOUNCEMENT
hybrid v1.9.3
On June 5, 2023 we released an updated version of the Apigee hybrid software, v1.9.3.
- For information on upgrading, see Upgrading Apigee hybrid to version 1.9.
- For information on new installations, see The big picture.
Bug ID | Description |
---|---|
284488296 | Removed an unneeded Workload Identity on the Cassandra Schema Validation cron job. |
273561434 | Some projects were unable to run debug sessions. |
Bug ID | Description |
---|---|
273800965 | Security fix for apigee-diagnostics-collector , apigee-mart-server , apigee-mint-task-scheduler , apigee-runtime , and apigee-synchronizer . This addresses the following vulnerability: |
273800345, 281572616 | Security fixes for apigee-diagnostics-collector , apigee-mart-server , apigee-mint-task-scheduler , apigee-runtime , apigee-synchronizer , and apigee-udca . This addresses the following vulnerabilities: |
273801301 | Security fixes for apigee-mart-server and apigee-runtime . This addresses the following vulnerability: |
283826216 | Security fixes for apigee-ingressgateway . This addresses the following vulnerabilities: |
283826785 | Security fixes for istiod . This addresses the following vulnerabilities: |
281561243 | Security fix for apigee-diagnostics-collector , apigee-mint-task-scheduler , apigee-runtime , and apigee-synchronizer . This addresses the following vulnerability: |
May 30, 2023
Apigee UIOn May, 30, 2023, we released an updated version of the Apigee UI.
The following labels in the Advanced API Security abuse detection view have been changed:
- Detection type has been changed to Detection rules.
- Suspected bot traffic has been changed to Detected traffic.
- Percent bot traffic has been changed to % of detected traffic.
- Bot count has been changed to Detected IP address count.
- Top API key has been changed to: Top app key.
- Bot reason has been changed to Detected rules.
- Total calls made has been changed to Detected traffic.
- First detection time has been changed to First event detected.
- Last detection time has been changed to Last event detected.
May 23, 2023
Apigee IntegrationNew tasks for Google Cloud services
The following new integration tasks are available in preview:
- AI Platform - Prediction
- Cloud KMS - encrypt
- Cloud KMS - decrypt
- Dataflow - Create Job
- Drive - List
- Doc AI - Batch Process
- Doc AI - Process
- Doc AI - Operation
- Firestore - Batch Get
- Firestore - Batch Write
- Firestore - Document Get
- Language - Annotate Text
- Language - Classify Text
- Sheets - Append
- Sheets - Batch Get
- Sheets - Get
- Translate - Document
- Translate - Text
- Workflows - Execute
New tasks for Google Cloud services
The following new integration tasks are available in preview:
- AI Platform - Prediction
- Cloud KMS - encrypt
- Cloud KMS - decrypt
- Dataflow - Create Job
- Drive - List
- Doc AI - Batch Process
- Doc AI - Process
- Doc AI - Operation
- Firestore - Batch Get
- Firestore - Batch Write
- Firestore - Document Get
- Language - Annotate Text
- Language - Classify Text
- Sheets - Append
- Sheets - Batch Get
- Sheets - Get
- Translate - Document
- Translate - Text
- Workflows - Execute
May 22, 2023
Apigee Integrated PortalOn May 22, 2023 we released an updated version of Apigee integrated portal.
Bug ID | Description |
---|---|
274916981 | Fixed issue where an API specification set via URL could fail. |
277265034 | App names can start with numeric characters as described in Naming guidelines. |
Error catcher trigger
The Error Catcher trigger lets you invoke an error catcher that is defined or customized to handle the failure of an identified trigger, task, or edge condition in your integration.
For more information, see Error catcher trigger.
Return task
The Return task lets you customize the error messages corresponding to the HTTP response codes that are returned during an integration execution failure.
For more information, see Return task.
Support for Google-managed encryption keys
Application Integration now uses Google-managed encryption keys as the default method of data encryption for your provisioned regions. You can optionally modify your encryption method with customer-managed encryption keys (CMEK).
For more information, see Encryption methods.
Error catcher trigger
The Error Catcher trigger lets you invoke an error catcher that is defined or customized to handle the failure of an identified trigger, task, or edge condition in your integration.
For more information, see Error catcher trigger.
Return task
The Return task lets you customize the error messages corresponding to the HTTP response codes that are returned during an integration execution failure.
For more information, see Return task.
May 17, 2023
Apigee XOn May 17, 2023, we released an updated version of Apigee X (1-10-0-apigee-1).
Bug ID | Description |
---|---|
N/A | Upgraded infrastructure and libraries. |
280695936 | Fixed issue with incomplete removal of form parameters when using the <Remove> element in the Assign Message policy to delete headers and form parameters simultaneously. |
271217050 | Fixed issue resulting in missing execution records in debug sessions for the JavaCallout policy. |
271894110, 273568673, 273571029 | Fix enables support for TLS 1.3 for southbound targets. |
271539836 | Fixed intermittent Cloud Logging failures. |
277090269 | Fixed encryption of internal proxy chaining headers to avoid proxy invocation misuse. |
273561434 | Fixed issue with incomplete debug session information for proxies deployed in the same environment. |
158132963 | Improved capture of relevant target flow variables in trace and analytics in the event of target timeouts. |
271093461 | Fixed issue with heap exhaustion when using OASValidation policy. |
269514256 | Fixed issue causing GoogleTokenGeneration failure. |
261924658 | Optimization to reduce latency in Quota policy. |
252864240 | Fixed issue to support bot detection with Analytics obfuscation enabled. |
222024484 | CORS policy now returns Access-Control-Allow-Credentials header in preflight response when <AllowCredentials> is set to true. |
261205290 | Optimization to reduce resource usage on Cassandra connections. |
266814873 | Fixed issue with retrieval of environment-scoped KVM entries containing encryption keys with non-UTF-8 characters. |
260342163 | Fixed issue causing 100% CPU usage by runtime pod threads under specific circumstances. |
273800523, 273800717 | Security fixes for Apigee. The fixes address the following vulnerabilities: |
Fixed issue with incomplete removal of form parameters when using the <Remove>
element in the Assign Message policy to delete headers and form parameters simultaneously.
This fix may result in a breaking change for any customer employing an antipattern that attempts to access a form parameter after using the <Remove>
element to delete the same form parameter and headers simultaneously in the policy flow.
For more information on the recommended steps for setting and removing form parameters and headers using the Assign Message policy, see the updated documentation for the Assign Message policy examples.
May 11, 2023
Apigee UIOn May 11, 2023 we released an updated version of the Apigee UI.
This release includes new Permissions Pre-check functionality and UI messaging, which is available when provisioning Apigee with Pay-as-you-go pricing in the Google Cloud console. With the release of this feature, users are alerted when any permissions required to complete the provisioning operations are missing. The missing permissions and the steps to resolve are now identified in the UI messaging.
May 09, 2023
Apigee IntegrationCloud logs support for Connectors tasks
You can now view the execution logs of a failed Connectors task in Apigee Integration.
For more information, see Execution Logs.
The issue relating to the validation of incorrect variable assignments in an integration has been resolved.
Cloud logs support for Connectors tasks
You can now view the execution logs of a failed Connectors task in Application Integration.
For more information, see Execution Logs.
The issue relating to the validation of incorrect variable assignments in an integration has been resolved.
May 08, 2023
Apigee hybridhybrid v1.8.7
On May 8, 2023 we released an updated version of the Apigee hybrid software, v1.8.7.
- For information on upgrading, see Upgrading Apigee hybrid to version 1.8.
- For information on new installations, see The big picture.
Bug ID | Description |
---|---|
279053612 | x-forwarded-client-cert (XFCC) HTTP headers handled with the istiod.forwardClientCertDetails configuration property. See istiod.forwardClientCertDetails in the Configuration properties reference for details. |
278646149 | In certain circumstances, the logger.livenessProbe.timeoutSeconds configuration property was not working as expected. See logger.livenessProbe.timeoutSeconds in the Configuration property reference. |
270371160 | In Apigee hybrid v1.8.7, we removed certain insecure TLS ciphers. Apigee hybrid supports the TLS cipher suites supported by the Boring FIPS build of Envoy. You can now specify specific cipher suites with the virtualhosts.cipherSuites configuration property in your overrides. Note: Apigee hybrid only supports the RSA ciphers listed. ECDSA ciphers are not supported. |
Bug ID | Description |
---|---|
279194142 | Fixes build issues to achieve FIPS compliance. |
277367440 | Security fixes for Apigee Controller, Watcher, and apigeectl . This addresses the following vulnerabilities: |
273800965 | Security fixes for apigee-diagnostics-collector , apigee-mart-server , apigee-runtime , and synchronizer . This addresses the following vulnerabilities: |
273800717 | Security fixes for apigee-emulator , apigee-diagnostics-collector , apigee-mart-serve , apigee-mint-task-scheduler , apigee-mock-server , apigee-runtime , and apigee-synchronizer . This addresses the following vulnerabilities: |
May 02, 2023
Apigee hybridhybrid v1.9.2
On May 2, 2023 we released an updated version of the Apigee hybrid software, v1.9.2.
- For information on upgrading, see Upgrading Apigee hybrid to version 1.9.
- For information on new installations, see The big picture.
Bug ID | Description |
---|---|
279053612 | x-forwarded-client-cert (XFCC) HTTP headers handled with the istiod.forwardClientCertDetails configuration property. See istiod.forwardClientCertDetails in the Configuration properties reference for details. |
278646149 | In certain circumstances, the logger.livenessProbe.timeoutSeconds configuration property was not working as expected. See logger.livenessProbe.timeoutSeconds in the Configuration property reference. |
270371160 | In Apigee hybrid v1.9.0, we removed certain insecure TLS ciphers. Apigee hybrid supports the TLS cipher suites supported by the Boring FIPS build of Envoy. You can now specify specific cipher suites with the virtualhosts.cipherSuites configuration property in your overrides. Note: Apigee hybrid only supports the RSA ciphers listed. ECDSA ciphers are not supported. |
Bug ID | Description |
---|---|
279194142 | Fixes build issues to achieve FIPS compliance. |
278313047 | Security fixes for apigee-stackdriver-logging-agent . This addresses the following vulnerabilities: |
277367440 | Security fixes for Apigee Controller, Watcher, and apigeectl . This addresses the following vulnerabilities: |
273800965 | Security fixes for apigee-diagnostics-collector , apigee-mart-server , apigee-runtime , and synchronizer . This addresses the following vulnerabilities: |
273800717 | Security fixes for apigee-emulator , apigee-diagnostics-collector , apigee-mart-server , apigee-mint-task-scheduler , apigee-mock-server , apigee-runtime , and apigee-synchronizer . This addresses the following vulnerabilities: |
May 01, 2023
Apigee IntegrationOn May 1, 2023 we released an updated version of the Apigee Integration.
Apigee Integrations is now available in the following locations:
- Melbourne (
australia-southeast2
) - Finland (
europe-north1
) - Paris (
europe-west9
) - Madrid (
europe-southwest1
) - Doha (
me-central1
) - Tel Aviv (
me-west1
)
For more information about the supported locations, see Apigee Integration supported regions.
Application Integration is now available in the following locations:
- Melbourne (
australia-southeast2
) - Finland (
europe-north1
) - Paris (
europe-west9
) - Madrid (
europe-southwest1
) - Doha (
me-central1
) - Tel Aviv (
me-west1
)
For more information about the supported locations, see Application Integration locations.
April 26, 2023
Apigee XEffective May 31, 2023, the default value for the OAuthv2 policy RefreshTokenExpiresIn
element has new behavior. Starting May 31, RefreshTokenExpiresIn
defaults to 2592000000 ms (30 days) for all policies where this element is not set.
For information on this element, see RefreshTokenExpiresIn.
April 20, 2023
Apigee Advanced API SecurityOn April 20, 2023 we released an updated version of Apigee Advanced API Security.
This release contains a new Advanced API Security Detected Traffic view, which displays information about API traffic originating from detected bots. This information was previously displayed in the Abuse metrics section of the Security scores view.
Apigee Integration fails to validate incorrect variable assignments in an integration. For example, you can currently assign a JSON value to an unassigned variable of String data type. This behaviour might cause data mapping and integration failures.
Until this issue is resolved, we recommend that you do the following:
- Assign values to an integration variable as per the variable data type.
- Verify and update existing integration variable values as per its respective variable data type.
On April 20, 2023 we released an updated version of Apigee.
This release contains a new Advanced API Security Detected Traffic view, which displays information about API traffic originating from detected bots. This information was previously displayed in the Abuse metrics section of the Security scores view.
Application Integration fails to validate incorrect variable assignments in an integration. For example, you can currently assign a JSON value to an unassigned variable of String data type. This behaviour might cause data mapping and integration failures.
Until this issue is resolved, we recommend that you do the following:
- Assign values to an integration variable as per the variable data type.
- Verify and update existing integration variable values as per its respective variable data type.
April 17, 2023
Apigee XOn April 17, 2023, we released an updated version of Apigee X (1-9-0-apigee-25).
Bug ID | Description |
---|---|
N/A | Upgraded infrastructure and libraries. |
April 13, 2023
Apigee XOn April 13, 2023, we released an updated version of Apigee.
New features now supported in Apigee in VS Code for local development
The following features are now supported with Apigee in VS Code for local development as part of the Insiders build (as of v1.22.1-insiders.3):
- Create multi-repository workspaces - Choose individual storage locations for artifacts, such as API proxies that are stored as individual SCMs, but develop them together using a single workspace. You no longer have to create a single repository that contains all of your API proxies. See Understanding the structure of an Apigee multi-repository workspace.
- Use keystore - Introduces a new environment-level setting for creating the required keystores in the Apigee Emulator by using locally available keys. See Configuring the keystrokes (keystores.json).
- Test API proxies that require service accounts (for example, calling a cloud logging process as part of an API proxy flow) - Set up your Apigee Emulators with a service account key to enable service accounts, add policies and targets that rely on service accounts, and deploy the API proxies to the Apigee Emulator to test them. See Customizing the Apigee Emulator to support service account-based authentication.
April 03, 2023
Apigee IntegrationOn April 3, 2023 we released an updated version of the Apigee Integration.
Secret Manager - Access task (Preview)
The Secret Manager - Access task lets you access secret versions that are stored in Cloud Secret Manager from your integration.
For more information, see Secret Manager - Access task.
hybrid v1.8.6
On April 3, 2023 we released an updated version of the Apigee hybrid software, v1.8.6.
- For information on upgrading, see Upgrading Apigee hybrid to version 1.8.
- For information on new installations, see The big picture.
Bug ID | Description |
---|---|
274292101 | In certain circumstances, environment-scoped KVMs in hybrid could cause rollback issues for MART. |
271266079 | Removed port 80 from the default Kubernetes service of Apigee Ingress Gateway. |
267691299 | The Apigee controller uses a dedicated apigee-manager Kubernetes service account, instead of using the default SA. |
267666187 | When using a custom Kubernetes service for the Apigee ingress gateway, you can disable the creation of a default load balancer. See Managing Apigee ingress gateway. |
266814873 | In certain circumstances, retrieving encrypted KVM entries could fail with an error. This fix ensures that MART will be able to successfully function for environment-scoped KVM entries, even if the encryption key is used in the Org Env configuration or when the keys contain non-UTF8 characters. There is no change to KVM data. |
263840644 | Fixed a conflict with an existing ASM on the cluster. |
245619397 | In Apigee hybrid, fluentbit support now includes the NO_PROXY environment variable. |
223320630 | mTLS-related client variables are now set by the Apigee runtime. |
Bug ID | Description |
---|---|
275002360 | Security fixes for fluent-bit . This addresses the following vulnerabilities: |
274112103 | Security fixes to the Apigee Controller and Apigee Watcher. This addresses the following vulnerabilities: |
Bug ID | Description |
---|---|
271266079 | Removed port 80 from the default Kubernetes service of Apigee Ingress Gateway. Port 80 is not supported by Apigee ingress gateway. If you are migrating from ASM to Apigee ingress gateway, and followed the instructions in the community post to enable Port 80, it will not work with Apigee Ingress gateway. |
Secret Manager - Access task
The Secret Manager - Access task lets you access secret versions that are stored in Cloud Secret Manager from your integration.
For more information, see Secret Manager - Access task.
March 27, 2023
Apigee hybridhybrid v1.9.1
On March 27, 2023 we released an updated version of the Apigee hybrid software, v1.9.1.
- For information on upgrading, see Upgrading Apigee hybrid to version 1.9.
- For information on new installations, see The big picture.
Bug ID | Description |
---|---|
269738951 | The example network policies are now included in the apigeectl/examples/network-policies directory. see Configuring Kubernetes network policies. |
271266079 | Removed port 80 from the default Kubernetes service of Apigee Ingress Gateway. |
269451743 | In certain circumstances, upgrading from Apigee hybrid v1.8.3 to v1.9.0 could fail with an error message when creating the virtual hosts. |
268696297 | Providing a Kubernetes secret for Cassandra and Redis components is now supported. See cassandra.auth.secret and redis.auth.secret in the Configuration properties reference. |
267691299 | The Apigee controller uses a dedicated apigee-manager Kubernetes service account, instead of using the default SA. |
267666187 | When using a custom Kubernetes service for the Apigee ingress gateway, you can disable the creation of a default load balancer. See Managing Apigee ingress gateway. |
266989915 266919136 |
In some circumstances, Apigee could return incorrect developer credentials for an app, unless the specific app was selected when requesting the credentials. |
266814873 | In certain circumstances, retrieving encrypted KVM entries could fail with an error. This fix ensures that MART will be able to successfully function for environment-scoped KVM entries, even if the encryption key is used in the Org Env configuration or when the keys contain non-UTF8 characters. There is no change to KVM data. |
266594584 | Websocket was failing in asm 1.15. This was due to incompatible capitalization in variable names between the Anthos Service Mesh overlay.yaml file and the and the Envoy filter apigee-envoyfilter.yaml file. |
266411394 | Added support for Azure Front Door request headers to /healthz health check. |
265374889 | Fixed an issue where in some circumstances the Java Callout would to fail due with the following error: Failed to execute JavaCallout. Could not initialize class org.jose4j.jwa.AlgorithmFactoryFactory2. |
260342163 | Fixed a narrow scenario where threads in runtime pods ended up consuming 100% CPU. |
245619397 | In Apigee hybrid, fluentbit support now includes the NO_PROXY environment variable. |
Bug ID | Description |
---|---|
275002360 | Security fixes for fluent-bit . This addresses the following vulnerabilities: |
274112103 | **Security fixes to the Apigee Controller and Apigee Watcher. This addresses the following vulnerabilities: |
Bug ID | Description |
---|---|
271266079 | Removed port 80 from the default Kubernetes service of Apigee Ingress Gateway. Port 80 is not supported by Apigee ingress gateway. If you are migrating from ASM to Apigee ingress gateway, and followed the instructions in the community post to enable Port 80, it will not work with Apigee Ingress gateway. |
March 23, 2023
Apigee Advanced API SecurityOn March 23, 2023, we released an updated version of Apigee Advanced API Security.
Public preview release of Advanced API Security abuse detection
Advanced API Security's new abuse detection feature lets you view security incidents involving your APIs. Abuse detection uses Google's machine learning algorithms to detect API traffic patterns that are a sign of malicious activity targeting your APIs.
Abuse detection includes two new types of detection rules powered by machine learning models:
- Advanced Anomaly Detection: Detects unusual patterns of API traffic.
- Advanced API scraper: Detects attempts to extract information from APIs for malicious purposes.
The two new detection rules, Advanced Anomaly Detection and Advanced API Scraper, are not available for organizations with VPC Service Controls. We are actively working to resolve this issue.
On March 23, 2023 we released an updated version of Apigee integrated portal.
Users are now able to enable the content security policy feature for their portal for Apigee and Apigee hybrid. Previously, this feature was available in Apigee Edge only.
Bug ID | Description |
---|---|
272794133 | When setting a user account to Inactive, a notice is now displayed indicating that this setting affects the login behavior only for built-in identity provider accounts. |
267502391 | Improved error messages for invalid input to various endpoints. |
265051231 | Default assets (images) added to a newly created portal used to show up as size 0px x 0px . Now they show their proper size. |
253037871 | Users are now able to enable the content security policy feature for their portal for Apigee and Apigee hybrid. Previously, this feature was available in Apigee Edge only. |
On March 23, 2023, we released an updated version of Apigee.
Public preview release of Advanced API Security abuse detection
Advanced API Security's new abuse detection feature lets you view security incidents involving your APIs. Abuse detection uses Google's machine learning algorithms to detect API traffic patterns that are a sign of malicious activity targeting your APIs.
Abuse detection includes two new types of detection rules powered by machine learning models:
- Advanced Anomaly Detection: Detects unusual patterns of API traffic.
- Advanced API scraper: Detects attempts to extract information from APIs for malicious purposes.
The two new detection rules, Advanced Anomaly Detection and Advanced API Scraper, are not available for organizations with VPC Service Controls. We are actively working to resolve this issue.
March 22, 2023
Apigee XOn March 22, we released an updated version of Apigee X.
Customize SSL certs for access routing when provisioning Apigee Pay-as-you-go organizations.
Users can now select existing self-managed SSL certs when customizing access routing during Apigee Pay-as-you-go provisioning. For more information, see Step 4: Customize access routing .
Receive Cloud console notifications when Pay-as-you-go provisioning completes.
While provisioning is in progress, users can navigate away from the Apigee provisioning page and monitor notifications in the Cloud console for updates when provisioning completes.
March 17, 2023
Apigee XOn March 17, we released an updated version of Apigee X (1-9-0-apigee-23).
With this release we removed certain insecure TLS ciphers for northbound traffic. You can find the full list of supported ciphers in the FIPS build of Envoy.
Note: Apigee only supports the RSA ciphers listed. ECDSA ciphers are not supported.
Bug ID | Description |
---|---|
N/A | Upgraded infrastructure and libraries. |
March 13, 2023
Apigee RegistryOn March 13, 2023 Apigee API hub released a new version of the software.
FieldSet artifacts that are attached to an API are now displayed in the API overview page.
March 09, 2023
Apigee Adapter for Envoyv2.0.7
On March 9, 2023, we released version 2.0.7 of Apigee Adapter for Envoy.
Note: If you are upgrading an existing Apigee Adapter for Envoy, you must add the --force-proxy-install
flag to the provision command. This flag forces the Apigee proxy to be replaced with the latest proxy. See Apigee hybrid example.
JWTs can now add a claim named customattributes
that will pass the value on to the target in a header called x-apigee-customattributes
(if append_metadata_headers
is configured to be true).
- An issue was fixed where an invalid api key could create spurious log entries and analytics records.
- A deprecated version check was removed in a proxy that caused issues in newer versions of Apigee.
March 08, 2023
Apigee RegistryOn March 8, 2023, the Apigee Registry API documents were updated to include the Google APIs Explorer panel.
The Google APIs Explorer has been added to the Apigee Registry API documents. The Try this method panel acts on real data and lets you try Google API methods without writing code.
March 02, 2023
Apigee UIOn March 2, 2023, we released an updated provisioning experience for Apigee users creating Pay-as-you-go organizations from the Apigee UI. All Apigee users creating new organizations with Pay-as-you-go billing can access the simplified onboarding experience, whether they are provisioning from the Apigee UI or the Google Cloud console.
March 01, 2023
Apigee ConnectorsOn March 1, 2023, we released updates to connectors for Apigee.
The IBM MQ connector now supports requestReply messages.
The Cloud Storage connector now supports the following actions for file operations:
- UploadObject
- DownloadObject
- MoveObject
- CopyObject
- DeleteObject
The MongoDB connector now supports the following actions:
- InsertDocument
- UpdateDocument
- DeleteDocument
- GetDocument
On March 1, 2023, we released an updated version of the Apigee UI.
Public preview release of the Apigee UI in the Google Cloud console
This release includes a new version of the Apigee UI that is integrated with the Google Cloud console. The new UI makes it easier to perform Apigee tasks that are managed in the Cloud console. We welcome your feedback on the new UI: click Send Feedback at the top of the UI.
For now, you can continue to use the classic Apigee UI if you wish: just click Back to Classic Apigee in the new UI.
The following tabs in the classic Apigee UI have not yet been implemented in the Apigee UI in the Cloud console, but they will be available there soon:
- Develop > Integrations
- API Security
- Monetization
- Analyze > API Metrics > Cache Performance,
- Analyze > API Metrics > Target Performance
- Analyze > Developers
- Analyze > End Users
- Publish > Portals
If you need to use these features, you can do so by switching to the classic Apigee UI.
This release will be rolled out over the next week, so you might not be able to view the new Apgee UI until the rollout is complete.
February 24, 2023
Apigee hybridhybrid v1.8.5
On February 24, 2023 we released an updated version of the Apigee hybrid software, v1.8.5.
For information on upgrading, see Upgrading Apigee hybrid to version 1.8.
Bug ID | Description |
---|---|
266594584 | Websocket was failing in asm 1.15. This was due to incompatible capitalization in variable names between the Anthos Service Mesh overlay.yaml file and the and the Envoy filter apigee-envoyfilter.yaml file. |
266411394 | Add support for Azure Front Door request headers to /healthz health check. |
260372012 | Requests failed with 500 response and keyvaluemap.service.ErrorDuringDecryption error after upgrade to Hybrid 1.8. Note: Fixed in Apigee hybrid 1.8.4 and newer. |
245619397 | In Apigee hybrid, fluentbit support now includes the NO_PROXY environment variable. |
181569522 | You can now create a new environment with the same name as a deleted environment without needing to perform manual clean-up tasks first. |
February 20, 2023
Apigee RegistryOn February 20, 2023 Apigee API hub released a new version of the software.
Bug ID | Description |
---|---|
264686707 | Vertical scrollbars would not appear if the taxonomy and lifecycle stage tables overflowed the page. |
264409346 | The API list failed to load if there were over 1,000 APIs registered. |
February 14, 2023
Apigee hybridhybrid v1.7.6
On February 14, 2023 we released an updated version of the Apigee hybrid software, v1.7.6.
For information on upgrading, see Upgrading Apigee hybrid to version 1.7.
Bug ID | Description |
---|---|
268445095 | The validateOrg flag can be set to false to bypass upgrade validation errors when configuration includes HTTP Forward proxy. You can use this to avoid upgrade errors caused by HTTP proxy settings. |
262699558 | The watcher component no longer fails when using Kubernetes Secret to store hybrid service account secret. |
181569522 | You can now create a new environment with the same name as a deleted environment without needing to perform manual clean-up tasks first. |
218567150 | The ingress gateway is now configured to consistently preserve UUID in the x-request-id header. Note: This setting does have some impact on tracing in the ingress gateway. For more information, see pack_trace_reason in "UUID (proto)" in the envoy documentation. (Also fixed in Apigee hybrid v1.8.3) |
259264961 | Added support for ASM v1.15. Please see Known issue 266452840 |
February 09, 2023
Apigee IntegrationOn February 9, 2023 we released an updated version of the Apigee Integration.
Data Mapping Editor improvements
Transform expression changes:
- You can now add, modify, or remove a function or a function parameter in-between an existing transform expression without losing the subsequent transform functions in the expression.
- When applying a pre-defined transform function to a variable in the Data Mapping Editor, the function selection menu now displays the list of functions as per the return type of the preceding function or the data type of the preceding parameter.
Data Mapping Editor UI changes:
- Input rows are updated to display indent guides to improve readability and structure recognition.
- Mapping validation errors are now highlighted for each function in an Input row.
For more information, see Data Mapping editor.
Data Mapping Editor improvements
Transform expression changes:
- You can now add, modify, or remove a function or a function parameter in-between an existing transform expression without losing the subsequent transform functions in the expression.
- When applying a pre-defined transform function to a variable in the Data Mapping Editor, the function selection menu now displays the list of functions as per the return type of the preceding function or the data type of the preceding parameter.
Data Mapping Editor UI changes:
- Input rows are updated to display indent guides to improve readability and structure recognition.
- Mapping validation errors are now highlighted for each function in an Input row.
For more information, see Data Mapping editor.
February 08, 2023
Apigee XOn February 8, we released an updated version of Apigee X (1-9-0-apigee-21).
The VerifyAPIKey policy and the VerifyAccessToken
action of the OAuth2 policy now support CacheExpiryInSeconds
. Setting this variable enforces TTL on the cache and enables customization of the time period for cached token expiry.
Bug ID | Description |
---|---|
181569522 | Fixed the environment recreate scenario without manual cleanup. |
217173784 | The HMAC.policy-name.error variable is populated for HMAC failing policies. |
257268790 | Fixed bug where invalid proxy configuration halted Message Processor boot up. |
250638658 | Fixed the SetIntegrationRequest policy that fails if the JSON payload contains {foo} . |
265204739 | Set externalTrafficPolicy:local as default for Apigee X instances to mitigate 502 errors. |
N/A | Upgraded infrastructure and libraries. |
February 06, 2023
Apigee IntegrationOn February 6, 2023 we released an updated version of the Apigee Integration.
JavaScript task (Preview)
The JavaScript task lets you write custom JavaScript code snippets for your integration.
Using the JavaScript Editor, you can code complex data mapping logic for your integration, perform variable assignments, and add or modify integration variables.
For more information, see JavaScript task.
Delete integration
You can now delete an entire integration without the need to individually delete all the respective integration versions.
When you delete an integration, you permanently delete all the versions of that integration, including all the integration variables, configured triggers, tasks, and data mappings.
For more information, see Delete integrations.
JavaScript task
The JavaScript task lets you write custom JavaScript code snippets for your integration.
Using the JavaScript Editor, you can code complex data mapping logic for your integration, perform variable assignments, and add or modify integration variables.
For more information, see JavaScript task.
Delete integration
You can now delete an entire integration without the need to individually delete all the respective integration versions.
When you delete an integration, you permanently delete all the versions of that integration, including all the integration variables, configured triggers, tasks, and data mappings.
For more information, see Delete integrations.
New Overview page
A new Overview page is now introduced in Application Integration. It's the first place you land when opening Application Integration in your Google Cloud console, and helps you understand and get started with setting up Application Integration in your Google Cloud project.
February 01, 2023
Apigee hybridhybrid v1.9.0
On February 1, 2023 we released an updated version of the Apigee hybrid software, v1.9.0.
- For information on upgrading, see Upgrading Apigee hybrid to version 1.9.
- For information on new installations, see The big picture.
Kubernetes network policies
Starting in version 1.9, Apigee hybrid offers new Kubernetes network policies to secure Cassandra and Redis pods within an Apigee Hybrid cluster. See Configuring Kubernetes network policies.
CSI Backup and Restore
Starting with Apigee hybrid 1.9, you can back up and restore your hybrid data using CSI (Container Storage Interface) snapshots. CSI backup generates disk snapshots and stores them as encrypted data in cloud storage. See Cassandra CSI backup and restore.
Custom ingress access logs
Starting in version 1.9, Apigee hybrid offers custom log formats for the Apigee Ingress gateway. See Customize Ingress access logs.
Target separate ingress gateways to virtual hosts
Starting in version 1.9, Apigee hybrid you can control how separate Apigee Ingress gateways map to specific virtual hosts. See Targeting an Apigee ingress to a virtual host.
Support for customer-installed Anthos Service Mesh deprecated
Starting in version 1.9, Apigee hybrid only supports the Apigee Ingress gateway for ingress, and no longer supports customer-installed Anthos Service Mesh. See:
Bug ID | Description |
---|---|
266356206 | A jackson-databind library error was causing OAS Validation errors when loading applications. The jackson-databind libraries have been updated to correctly parse null vs NullMode values. (Fixed in Apigee hybrid v1.9.0) |
262616276 | Apigee hybrid v1.9 adds support for Kubernetes in AKS v1.24+. Also fixed in Apigee hybrid v1.8.4 and newer (Fixed in Apigee hybrid v1.9.0 and v1.8.4) |
260372012 | Requests failed with 500 response and keyvaluemap.service.ErrorDuringDecryption error after upgrade to Hybrid 1.8. Also fixed in Apigee hybrid v1.8.4 and newer (Fixed in Apigee hybrid v1.9.0 and v1.8.4) |
260324159 | Solved up to 30 minute delay proxy deployment due to socket closed error in synchronizer. (Fixed in Apigee hybrid v1.9.0) |
259738092 | Intermittent 404's were seen at the Apigee Ingress Gateway due to an inconsistent configuration delivery mechanism. (Fixed in Apigee hybrid v1.8.3) |
258699204 | The default memory requests and limits for metrics pods that were inadvertently changed in 1.8.x. have been fixed. Also fixed in Apigee hybrid v1.8.4 and newer (Fixed in Apigee hybrid v1.9.0 and v1.8.4) |
255677576 | In fresh installations with Apigee Ingress (instead of user-installed Anthos Service Mesh), the Apigee UI would sometimes show red (not working) status. This is because in certain circumstances Watcher did not send the correct deployment status due to using the wrong selector for the Apigee Ingress Gateway. (Fixed in Apigee hybrid v1.8.3) |
251435916 | Fixed an issue where in certain circumstances, MP pods would scale without traffic. (Fixed in Apigee hybrid v1.7.5) |
249144084 | Reuse existing target IPs if DNS resolution fail on DNS cache refresh. (Fixed in Apigee hybrid v1.8.1) |
245664917 | During the upgrade to Apigee hybrid 1.8.x, after running apigeectl init and confirming that check-ready succeeded, the Cassandra schema validation job was in an error state. Also fixed in Apigee hybrid v1.8.4 and newer (Fixed in Apigee hybrid v1.9.0 and v1.8.4) |
243880171 | Upgrade from Apigee hybrid v1.7 to v1.8 could fail when http_proxy was configured to DENY internal network traffic. (Fixed in Apigee hybrid v1.8.1) |
243717191 | Container restart no longer conflicts with the existing certificates. |
243599452 | Fixed indentation issue with ingress gateway annotations. (Fixed in Apigee hybrid v1.8.2) |
243167389 | Apigee now validates the length of ingressGateways[].name in overrides.yaml . TThe value of ingressGateways:name must meet the following requirements:
ingressGateways[].name in the Configuration property reference. (Fixed in Apigee hybrid v1.8.1) |
243158304 | 'ApigeeRouteConfig' no longer looks for a cert in the istio-system namespace. (Fixed in Apigee hybrid v1.9.0) |
241959053 | Fixed apigeectl parsing error for serviceaccountRef . (Fixed in Apigee hybrid v1.8.2) |
232529030 | Replaced the Logging fluentbit container environment variable http_proxy with HTTP__PROXY to maintain compatibility with fluentbit 1.8. (Fixed in Apigee hybrid v1.8.1) |
227212728 | Cassandra scripts now avoid writing data to the Pod Filesystem. (Fixed in Apigee hybrid v1.8.1) |
218567150 | The ingress gateway is now configured to consistently preserve UUID in the x-request-id header. This applies to both Apigee Ingress gateway and to the Istio ingress gateway when are using customer-installed Anthos Service Mesh. Note: This setting does have some impact on tracing in the ingress gateway. For more information, see pack_trace_reason in the "UUID (proto)" page in the envoy documentation. (Fixed in Apigee hybrid v1.8.3) |
Bug ID | Description |
---|---|
270371160 | In Apigee hybrid v1.9.0, we removed certain insecure TLS ciphers. Apigee hybrid supports the TLS cipher suites supported by the Boring FIPS build of Envoy. Note: Apigee hybrid only supports the RSA ciphers listed. ECDSA ciphers are not supported. |
Bug ID | Description |
---|---|
N/A | Upgraded to ASM 1.12.9 to address Istio and Go language vulnerabilities in an earlier version (CVE-2022-39278). For more information, see the Service Mesh security bulletin. (Fixed in Apigee hybrid v1.8.2) |
N/A | Upgraded to ASM 1.12.9 to address Istio and Go language vulnerabilities in an earlier version (CVE-2022-39278). For more information, see the Service Mesh security bulletin. (Fixed in Apigee hybrid v1.7.5) |
N/A | Miscellaneous Security updates and fixes. (Fixed in Apigee hybrid v1.7.4) |
262576073 | Security fix for apigee-watcher. Also fixed in Apigee hybrid v1.8.4 and newer (Fixed in Apigee hybrid v1.9.0 and v1.8.4) This addresses the following vulnerabilities: |
262574571 | Security fix for apigee-operators. Also fixed in Apigee hybrid v1.8.4 and newer (Fixed in Apigee hybrid v1.9.0 and v1.8.4) This addresses the following vulnerabilities: |
259290668 | Update Kubectl in the backup utility. (Fixed in Apigee hybrid v1.8.3) This addresses the following vulnerabilities:
|
256019598 | Security fix for Cassandra. Also fixed in Apigee hybrid v1.8.4 and newer (Fixed in Apigee hybrid v1.9.0 and v1.8.4) This addresses the following vulnerabilities: |
254862745, 249630685 | Security fix for apigee-diagnostics-runner and apigee-envoy . (Fixed in Apigee hybrid v1.8.3) This addresses the following vulnerabilities: |
254774193, 254773110 | Fix for vulnerability in apigee-diagnostics-collector , apigee-mart-server , and apigee-mint-task-scheduler . (Fixed in Apigee hybrid v1.8.3) This addresses the following vulnerability: |
254774167 | Fix for apigee-mart-server , apigee-mint-task-scheduler , apigee-runtime , and apigee-synchronizer . (Fixed in Apigee hybrid v1.8.3) This addresses the following vulnerabilities: |
254773838, 254773636, 254772551, 254771693 | Fix for vulnerability in apigee-diagnostics-collector , apigee-mart-server , apigee-mint-task-scheduler , apigee-runtime , and apigee-synchronizer . (Fixed in Apigee hybrid v1.8.3) This addresses the following vulnerabilities: |
254770883, 249633275, 249629782 | Security fixes for apigee-diagnostics-collector , apigee-mart-server , apigee-runtime , and apigee-synchronizer . (Fixed in Apigee hybrid v1.8.3) This addresses the following vulnerabilities:
|
253693906 | Upgraded Prometheus to 2.39.1 to address vulnerabilities in an earlier version. (Fixed in Apigee hybrid v1.8.2) This addresses the following vulnerabilities: |
253498057 | Upgraded Fluent Bit to 1.9.9 to address vulnerabilities in an earlier version. (Fixed in Apigee hybrid v1.8.2) This addresses the following vulnerabilities: |
249635718, 249629771 | Security fixes for Apigee Connect and apigee-redis . (Fixed in Apigee hybrid v1.8.3) This addresses the following vulnerabilities: |
249633289 | Fix for apigee-prometheus-adapter . (Fixed in Apigee hybrid v1.8.3) This addresses the following vulnerabilities: |
248288668 | Fixes to address apigee-installer vulnerabilities. (Fixed in Apigee hybrid v1.8.2) |
247864229 | upgraded kube-rbac-proxy to v0.13.0 to address vulnerabilities in an earlier version. (Fixed in Apigee hybrid v1.8.2) |
240833499 | Security fix for gopkg.in/yaml.v3. (Fixed in Apigee hybrid v1.7.4) |
230369447 | Security fix for commons-codec (Fixed in Apigee hybrid v1.7.4) |
230368838 | Security fix for CVE-2018-10237, auto-value:guava. (Fixed in Apigee hybrid v1.7.4) |
230366823 | Security fix for jackson-databind. (Fixed in Apigee hybrid v1.7.4) |
230366589 | Security fix for CVE-2021-22696-cxf in cxf. (Fixed in Apigee hybrid v1.7.4) |
230366276 | Security fix for CVE-2021-22569. (Fixed in Apigee hybrid v1.7.4) |
229804717 | Security fix for apigee-envoy. (Fixed in Apigee hybrid v1.7.4) |
222772470, 220169963, 210116413 | Security fix for CVE-2021-38297: Updated Go language version. (Fixed in Apigee hybrid v1.8.1) |
222772341, 222772333, 222772261, 222771839 | Security fix for CVE-2022-23806: Updated Go language version. (Fixed in Apigee hybrid v1.8.2) |
202174499 | Fixed Vulnerability for protobuf-java and protobuf-java-util packages. (Fixed in Apigee hybrid v1.8.2) |
January 26, 2023
Apigee hybridhybrid v1.8.4
On January 26, 2023 we released an updated version of the Apigee hybrid software, v1.8.4. For information on upgrading, see Upgrading Apigee hybrid to version 1.8.
Bug ID | Description |
---|---|
262699558 | The watcher component failed when using Kubernetes Secret to store hybrid service account secret. |
262616276 | Added support for Kubernetes v1.24 and v1.25 |
260372012 | Requests failed with 500 response and keyvaluemap.service.ErrorDuringDecryption error after upgrade to Hybrid 1.8. |
258699204 | The default memory requests and limits for metrics pods that were inadvertently changed in 1.8.x. have been fixed. |
245664917 | During the upgrade to Apigee hybrid 1.8.x, after running apigeectl init and confirming that check-ready succeeded, the Cassandra schema validation job was in an error state. |
Bug ID | Description |
---|---|
262576073 | Security fix for apigee-watcher. This addresses the following vulnerabilities: ∙ CVE-2022-41716 ∙ CVE-2022-41715 ∙ CVE-2022-2880 ∙ CVE-2022-2879 |
262574571 | Security fix for apigee-operators. This addresses the following vulnerabilities: ∙ CVE-2022-41716 |
January 17, 2023
Apigee Integrated PortalOn January 17, 2023 we released an updated version of Apigee integrated portal.
Bug ID | Description |
---|---|
262260756 | We have updated the new account notification to administrators to read: "A new account was created by {{firstname}} {{lastname}} ({{email}}), for site {{siteurl}}. If you have enabled manual approval for new user accounts, this user will not be able to log in until you approve their account creation request by setting their status to 'active'." This is to highlight that they need to manually activate new accounts ONLY if they have enabled manual approval for new accounts. |
261788412 | Updated the version of GraphiQL used in the portal. |
January 11, 2023
Apigee UIOn January 11, 2023, we released an updated version of the Apigee UI.
GA release of the new Proxy Editor
The new Proxy Editor simplifies the process of adding policies to an API proxy, configuring those policies, and then deploying the proxy.
January 10, 2023
Apigee IntegrationOn January 10, 2023 we released an updated version of the Apigee Integrations software.
Cloud Scheduler trigger (Preview)
The Cloud Scheduler trigger lets you schedule your integration executions for defined time periods or regular intervals across multiple regions. Cloud Scheduler triggers leverage the Cloud Scheduler services to provide a fully managed enterprise-grade cron job scheduler within Apigee Integration.
For more information, see Cloud Scheduler trigger.
Cloud Scheduler trigger
The Cloud Scheduler trigger lets you schedule your integration executions for defined time periods or regular intervals across multiple regions. Cloud Scheduler triggers leverage the Cloud Scheduler services to provide a fully managed enterprise-grade cron job scheduler within Application Integration.
For more information, see Cloud Scheduler trigger.
January 09, 2023
Apigee UIOn January 9, 2023, we released an updated version of the Apigee UI.
Specify an IP range with prefix /28 when creating a new instance
Previously, you could only specify an IP range with prefix /22 when creating an instance. This change makes it possible to specify /28 ranges as well as /22 ranges when creating an Apigee instance in the instance manager or the provisioning wizard.
Bug ID | Description |
---|---|
255609921 | Advanced API Security table rows now use links or span tags |
January 04, 2023
Apigee ConnectorsOn January 04, 2023, we released the preview version of new connectors for Apigee.
December 26, 2022
Apigee IntegrationOn December 26, 2022 we released an updated version of the Apigee Integrations software.
Test without publishing an integration
You can now test your integration without the need to publish or create a new integration version. Testing an integration lets you experiment with the integration input variable values, and helps in identifying any faults in the integration connection flow before you finalize and publish the integration.
For more information, see Test and publish integrations.
Test without publishing an integration
You can now test your integration without the need to publish or create a new integration version. Testing an integration lets you experiment with the integration input variable values, and helps in identifying any faults in the integration connection flow before you finalize and publish the integration.
For more information, see Test and publish integrations.
December 22, 2022
Apigee ConnectorsOn December 22, 2022, we released the preview version of new connectors for Apigee.
The following new connectors are available in preview:
Connectors for Google services
Connectors for other applications
December 14, 2022
Apigee Integrated PortalOn December 14, 2022 we released an updated version of Apigee integrated portal.
Bug ID | Description |
---|---|
260725456 | The x-xss-protection header on portal runtime loading changed from value of "1;" to be "1; mode=block". |
254053443 | Fixed a bug to ensure that a Not found page is displayed whenever an invalid document path is navigated to in a portal. |
December 08, 2022
Apigee XOn December 8, we released an updated version of Apigee X.
GA release of Simplified Onboarding for Apigee X (Pay-as-you-go) in the Google Cloud console.
With this release, new Apigee customers using Pay-as-you-go pricing can quickly configure Apigee using a simplified onboarding flow accessible from the Google Cloud console.
- The new onboarding UI provides stepped navigation consistent with other products available in the console.
- Apigee X (Pay-as-you-go) provisioning is simplified but remains flexible. Default settings are provided, with the option to customize as needed.
- Improved contextual help streamlines decision-making during onboarding.
See Before you begin and Get started in the Cloud Console for more details on provisioning Apigee X with Pay-as-you-go pricing from the Google Cloud console.
December 05, 2022
Apigee hybridhybrid v1.8.3
On December 5, 2022 we released an updated version of the Apigee hybrid software, v1.8.3.
For information on upgrading, see Upgrading Apigee hybrid to version 1.8.
Bug ID | Description |
---|---|
259738092 | Intermittent 404's were seen at the Apigee Ingress Gateway due to an inconsistent configuration delivery mechanism. |
255677576 | In fresh installations with Apigee Ingress (instead of user-installed Anthos Service Mesh), the Apigee UI would sometimes show red (not working) status. This is because in certain circumstances Watcher did not send the correct deployment status due to using the wrong selector for the Apigee Ingress Gateway. |
218567150 | The ingress gateway is now configured to consistently preserve UUID in the x-request-id header. This applies to both Apigee Ingress gateway and to the Istio ingress gateway when are using customer-installed Anthos Service Mesh. Note: This setting does have some impact on tracing in the ingress gateway. For more information, see pack_trace_reason in the "UUID (proto)" page in the envoy documentation. |
Bug ID | Description |
---|---|
259290668 | Update Kubectl in the backup utility. This addresses the following vulnerabilities: ∙ CVE-2022-42004 ∙ CVE-2022-42003 ∙ CVE-2022-32189 ∙ CVE-2022-30635 ∙ CVE-2022-30633 ∙ CVE-2022-30632 ∙ CVE-2022-30631 ∙ CVE-2022-30630 ∙ CVE-2022-30580 ∙ CVE-2022-28327 ∙ CVE-2022-28131 ∙ CVE-2022-27664 ∙ CVE-2022-25857 ∙ CVE-2022-24921 ∙ CVE-2022-24675 ∙ CVE-2022-23773 ∙ CVE-2022-23772 ∙ CVE-2022-23635 ∙ CVE-2022-0391 ∙ CVE-2021-39156 ∙ CVE-2021-39155 ∙ CVE-2021-37137 ∙ CVE-2021-37136 ∙ CVE-2021-29482 ∙ CVE-2021-20190 ∙ CVE-2021-3121 ∙ CVE-2020-36518 ∙ CVE-2020-36189 ∙ CVE-2020-36188 ∙ CVE-2020-36187 ∙ CVE-2020-36186 ∙ CVE-2020-36185 ∙ CVE-2020-36184 ∙ CVE-2020-36183 ∙ CVE-2020-36182 ∙ CVE-2020-36181 ∙ CVE-2020-36180 ∙ CVE-2020-36179 ∙ CVE-2020-35728 ∙ CVE-2020-35491 ∙ CVE-2020-35490 ∙ CVE-2020-29652 ∙ CVE-2020-25649 ∙ CVE-2020-24750 ∙ CVE-2020-24616 ∙ CVE-2020-17516 ∙ CVE-2020-16845 ∙ CVE-2020-14195 ∙ CVE-2020-14062 ∙ CVE-2020-14061 ∙ CVE-2020-14060 ∙ CVE-2019-16869 ∙ CVE-2019-9674 ∙ CVE-2019-0205 ∙ CVE-2018-1320 ∙ CVE-2017-18640 ∙ CVE-2016-5397 |
254862745, 249630685 | Security fix for apigee-diagnostics-runner and apigee-envoy . This addresses the following vulnerabilities: ∙ CVE-2021-3999 ∙ CVE-2022-2068 |
254774167 | Fix for apigee-mart-server , apigee-mint-task-scheduler , apigee-runtime , and apigee-synchronizer . This addresses the following vulnerabilities: ∙ CVE-2022-42004 ∙ CVE-2022-42003 |
254773838, 254773636, 254772551, 254771693 | Fix for vulnerability in apigee-diagnostics-collector , apigee-mart-server , apigee-mint-task-scheduler , apigee-runtime , and apigee-synchronizer . This addresses the following vulnerabilities: ∙ CVE-2022-25857 ∙ CVE-2022-0239 ∙ CVE-2021-37136 ∙ CVE-2021-30468 ∙ CVE-2017-18640 |
254774193, 254773110 | Fix for vulnerability in apigee-diagnostics-collector , apigee-mart-server , and apigee-mint-task-scheduler . This addresses the following vulnerability: ∙ CVE-2022-2048 |
254770883, 249633275, 249629782 | Security fixes for apigee-diagnostics-collector , apigee-mart-server , apigee-runtime , and apigee-synchronizer . This addresses the following vulnerabilities: ∙ CVE-2022-42889 ∙ CVE-2022-42004 ∙ CVE-2022-42003 ∙ CVE-2022-40150 ∙ CVE-2022-40149 ∙ CVE-2022-38752 ∙ CVE-2022-38751 ∙ CVE-2022-38750 ∙ CVE-2022-38749 ∙ CVE-2022-25857 ∙ CVE-2022-3171 ∙ CVE-2022-2097 ∙ CVE-2022-2068 ∙ CVE-2022-2048 ∙ CVE-2022-2047 ∙ CVE-2022-1292 ∙ CVE-2021-31684 ∙ CVE-2021-29425 ∙ CVE-2021-27568 ∙ CVE-2020-13936 ∙ CVE-2020-8908 ∙ CVE-2019-18276 ∙ CVE-2018-10237 ∙ CVE-2017-18640 |
249635718, 249629771 | Security fixes for Apigee Connect and apigee-redis . This addresses the following vulnerabilities: ∙ CVE-2022-32189 ∙ CVE-2022-30635 ∙ CVE-2022-30633 ∙ CVE-2022-30632 ∙ CVE-2022-30631 ∙ CVE-2022-30630 ∙ CVE-2022-30580 ∙ CVE-2022-28327 ∙ CVE-2022-28131 ∙ CVE-2022-27664 ∙ CVE-2022-24921 ∙ CVE-2022-24675 ∙ CVE-2022-23773 ∙ CVE-2022-23772 |
249633289 | Fix for apigee-prometheus-adapter . This addresses the following vulnerabilities: ∙ CVE-2022-21698 ∙ CVE-2022-1996 |
November 29, 2022
Apigee IntegrationOn November 29, 2022 we released an updated version of the Apigee Integrations software.
Integration variable color code
The color codes of all the integration variable data types is removed and now changed to a single uniform color. Integration variables will no longer be color coded (green, blue, orange) based on their data type.
See Format of an integration variable.
Data Mapping editor
- The background color of the Input and Output row is changed to a single uniform color.
- Input rows are updated to add line breaks and indentations according to the use of mapping functions to improve readability and structure recognition.
- A confirmation dialog is displayed before proceeding to delete an entire Input row.
See Data Mapping editor.
November 23, 2022
Apigee IntegrationOn November 23, 2022 we released an updated version of the Apigee Integrations software.
Bug ID | Description |
---|---|
250638658 | Updated the behaviour of the SetIntegrationRequest policy to identify payload parameter strings enclosed within $# and #$ as flow variables. SetIntegrationRequest policy payload parameter strings enclosed within |
November 18, 2022
Apigee XOn November 18, 2022, we released an updated version of Apigee X (1-9-0-apigee-16).
Bug ID | Description |
---|---|
257268790 | There is an edge case scenario where an invalid resource or bundle configuration resulting in unhandled exception will result in failure that leads to restart of runtime pods or bootup of new runtime pods. |
November 14, 2022
Apigee MonetizationOn November 14, 2022 we released an updated version of the Apigee Monetization software.
Added support for a new recurring fees
Apigee X now supports optional recurring fees charged to API developers. For more information on fees, see Understanding billing.
November 10, 2022
Apigee Integrated PortalOn November 10, 2022 we released an updated version of Apigee integrated portal.
Bug ID | Description |
---|---|
246636016 | Updated the handling of linked or uploaded empty specification files for API catalog items, and added a meaningful error message. |
226406073 | In the portal list view, changed column Last Published to Created. Sorting is by oldest portal at top. |
182687440 | Updated the file filter for icon upload so you can choose and upload .ico files. |
153886771 | Fixed an issue with identity provider configuration where SAML certificate data would not correctly render after initial upload. |
On November 10, 2022 we released an updated version of the Apigee Monetization software.
Added support for a new setup fee
Apigee X now supports an optional setup fee charged to new API developers. For more information on fees, see Understanding billing.
November 04, 2022
Apigee IntegrationOn November 4, 2022 we released an updated version of the Apigee Integration software.
US multi-region (us) for Apigee Integration is deprecated. Use us-east1, us-west1, or us-central1 locations instead
As of November 10, 2022, you can no longer create an integration in the US multi-region (us) location. Any existing integration running in US multi-region (us) will be stopped on or after January 10, 2023.
It's recommended that you perform the following actions before January 10, 2023:
Clone your existing integrations to us-east1, us-west1, us-central1, or any of the supported regions. For information about how to clone an integration, see Clone integrations.
Migrate your existing integration proxies to us-east1, us-west1, us-central1, or any of the supported regions. You can do this by manually updating the
IntegrationRegion
child element in the SetIntegrationRequest policy.
On November 4, 2022 we released an updated version of Apigee X.
Apigee support for using Private Service Connect (PSC) for client-to-Apigee (northbound) traffic is now GA. In addition, we now support using PSC for northbound routing in multi-region configurations. For details, see Expanding Apigee to multiple regions. See also Northbound networking with Private Service Connect and Migrate northbound routing to Private Service Connect.
November 02, 2022
Apigee hybridhybrid v1.7.5
On November 2, 2022 we released an updated version of the Apigee hybrid software, v1.7.5.
For information on upgrading, see Upgrading Apigee hybrid to version 1.7.
Bug ID | Description |
---|---|
251435916 | Fixed an issue where in certain circumstances, MP pods would scale without traffic. |
241959053 | Fixed apigeectl parsing error for serviceaccountRef . |
Bug ID | Description |
---|---|
253693906 | Upgraded Prometheus to 2.39.1 to address vulnerabilities in an earlier version. This change addresses the following vulnerabilities: ∙ CVE-2022-24675 ∙ CVE-2022-27664 ∙ CVE-2022-28131 ∙ CVE-2022-28327 ∙ CVE-2022-30580 ∙ CVE-2022-30630 ∙ CVE-2022-30631 ∙ CVE-2022-30632 ∙ CVE-2022-30633 ∙ CVE-2022-30635 ∙ CVE-2022-32189 |
253498057 | Upgraded Fluent Bit to 1.9.9 to address vulnerabilities in an earlier version. This change addresses the following vulnerabilities: ∙ CVE-2022-1292 ∙ CVE-2022-2068 ∙ CVE-2021-3999 ∙ CVE-2022-23218 ∙ CVE-2022-23219 ∙ CVE-2022-25013 ∙ CVE-2021-33574 ∙ CVE-2018-12886 ∙ CVE-2022-0778 |
248288668 | Fixes to address apigee-installer vulnerabilities. |
247864229 | upgraded kube-rbac-proxy to v0.13.0 to address vulnerabilities in an earlier version. |
N/A | Upgraded to ASM 1.12.9 to address Istio and Go language vulnerabilities in an earlier version (CVE-2022-39278). For more information, see the Service Mesh security bulletin. |
October 27, 2022
Apigee RegistryOn October 27, 2022 Apigee API hub released a new version of the software.
A link to the Settings page has been added to the APIs list page.
Bug ID | Description |
---|---|
254505866 | Provisioning API hub using the UI failed if you selected a region other than the following: asia-east1 , asia-southeast1 , europe-west1 , europe-west4 , us-central1 , us-east1 , us-west1 , us-west4 . |
On October 27, 2022 we released an updated version of Apigee X.
This release contains the General Acceptance (GA) release of Advanced API Security, which:
- Detects unwanted requests sent to your APIs, including attacks by bots or other malicious agents.
- Evaluates the security of your API configurations and provides recommendations for improvements.
Advanced API Security is a paid add-on to Apigee. You can try out Advanced API Security for free in any trial org—follow the procedure described in Enable Advanced API Security. Contact Apigee to learn more.
hybrid v1.8.2
On October 27, 2022 we released an updated version of the Apigee hybrid software, v1.8.2.
For information on upgrading, see Upgrading Apigee hybrid to version 1.8.
Bug ID | Description |
---|---|
253693906 | Upgraded Prometheus to 2.39.1 to address vulnerabilities in an earlier version. This change addresses the following vulnerabilities: ∙ CVE-2022-24675 ∙ CVE-2022-27664 ∙ CVE-2022-28131 ∙ CVE-2022-28327 ∙ CVE-2022-30580 ∙ CVE-2022-30630 ∙ CVE-2022-30631 ∙ CVE-2022-30632 ∙ CVE-2022-30633 ∙ CVE-2022-30635 ∙ CVE-2022-32189 |
253498057 | Upgraded Fluent Bit to 1.9.9 to address vulnerabilities in an earlier version. This change addresses the following vulnerabilities: ∙ CVE-2022-1292 ∙ CVE-2022-2068 ∙ CVE-2021-3999 ∙ CVE-2022-23218 ∙ CVE-2022-23219 ∙ CVE-2022-25013 ∙ CVE-2021-33574 ∙ CVE-2018-12886 ∙ CVE-2022-0778 |
248288668 | Fixes to address apigee-installer vulnerabilities. |
247864229 | upgraded kube-rbac-proxy to v0.13.0 to address vulnerabilities in an earlier version. |
N/A | Upgraded to ASM 1.12.9 to address Istio and Go language vulnerabilities in an earlier version (CVE-2022-39278). For more information, see the Service Mesh security bulletin. |
October 24, 2022
Apigee XOn October 24, 2022, we released an updated version of Apigee X (1-9-0-apigee-5).
Some runtime error messages have been improved with a reason code. To display only the error codes with a reason code, scroll down to Search and type reason
. The error catalog filters the view.
Bug ID | Description |
---|---|
252818300 | Fixed issue with failing web socket connections. |
249580739 | This feature introduces a new filter-based mechanism to display API products. |
249521773 | Endpoint attachment ID naming convention change. The ID must start with a lowercase letter followed by up to 31 lowercase letters, numbers, or hyphens, and cannot end with a hyphen. The minimum length is 2. See Create an endpoint attachment. |
249069616 | Fixed issue where error in DebugSession could interrupt runtime flow. |
248631925 | The Developer List API has been enhanced to support pagination in a Google-wide consistent pattern. |
247540503 | Race condition with encryption key lookup causing KVM lookup failures. |
246774745 | io.timeout.millis not honored, causing 504 Gateway timeout for dynamic targets. |
246193561 | Disabling/Destroying of customer cloud KMS key impacted the runtime after 5 minutes and data that was encrypted with the key could not be accessed by Apigee data plane. |
241786534 | MART is able to send logs to UDCA successfully now. |
240618523 | Dynamically setting target.url now supports websocket protocols (ws and wss ) |
218567150 | X-request-id headers modified at 14th character. |
206879901 | Fixed issue where Response headers were not visible from debug screen. |
173566787 | Message Processors behavior is changed. Message Processors will now reuse existing target IP addresses once if DNS resolution fails during DNS cache refresh |
159599332 | The flow variable servicecallout.requesturi reflects appropriately if the URI is constructed using multiple variables. |
N/A | Upgraded infrastructure and libraries |
Bug ID | Description |
---|---|
204965286 | Security fix for CVE-2022-25647 |
193613381 | Security fix for CVE-2021-21290 in netty-transport |
Known issue: 257268790 - Unhandled exception results in failure that leads to restart or bootup of new runtime pods.
October 19, 2022
Apigee Integrated PortalOn October 19, 2022 we released an updated version of Apigee integrated portal.
Bug ID | Description |
---|---|
239424786 | When reusing your portal custom domain with other sites, the cookies for the domain can get larger. This fix allows you to send cookies up to 16K in size, up from the previous 8K limit. |
237181283 | Pressing the enter button in the input field of Portals > Accounts > Authentication > Account creation & sign in no longer opens a file explorer window. |
233933177 | The email notification field for new account creation can be only a single email address, and not multiple email addresses separated by a delimiter (ie , space or tab). This fix adds validation on the client side to enforce this limitation. |
October 18, 2022
Apigee Adapter for Envoyv2.0.6
On October 18, 2022, we released version 2.0.6 of Apigee Adapter for Envoy.
Security release to address a Denial of Service (DoS) vulnerability in a dependency library. See CVE-2022-28948.
October 17, 2022
Apigee RegistryOn October 17, 2022 Apigee API hub released a new version of the software.
New UI provisioning wizard
Added a wizard to the API hub UI to provide a simpler provisioning process.
Updated the layout of the score card display in the API overview tab.
See: Scorecard
October 06, 2022
Apigee XOn October 6, 2022, Apigee announced the GA launch of Cloud Monitoring for Apigee gateway node usage for Pay-as-you-go customers.
The availability of Apigee gateway node usage metrics in Cloud Monitoring enables Pay-as-you-go customers to view node usage, create dashboards, and configure alerting policies using Cloud Monitoring interfaces. For more information, see View usage and estimate your bill.
October 04, 2022
Apigee IntegrationOn October 4, 2022 we released an updated version of the Apigee Integration software.
Apigee Integration trials
Starting with this release, Apigee Integration trials (eval org) is available in Application Integration. Users in a newly provisioned Apigee eval org will be redirected to Application Integration when they open Integrations in Apigee. You can continue using the Apigee proxies (created in the eval org) with the integrations created in Application Integration.
October 01, 2022
Apigee hybridhybrid new installation experience public preview
On September 30, 2022 we released the public preview of the new Apigee hybrid installation experience.
Overview
The new Apigee hybrid installation experience provides a Kubernetes way of installing Apigee components using kubectl
. The enhanced validations and visibility of the components being installed provides better debuggability and improves the overall install process.
An install script, apigee-hybrid-setup.sh
, provides an easy tool for basic installation. You can use that to create your hybrid installation and then modify it to fit your needs with kubectl
, or you can create your hybrid installation from scratch using kubectl
. All Apigee hybrid configuration properties are stored in yaml files, one for each major component. This allows much more granular control of your hybrid installation on your Kubernetes environment.
Links
Preview release
The new Apigee hybrid installation experience and its documentation are part of a preview release. Apigee does not warranty the software or the procedures in this preview. The software and documentation are subject to change without notice.
September 29, 2022
Apigee hybridhybrid v1.8.1
On September 29, 2022 we released an updated version of the Apigee hybrid software, v1.8.1.
For information on upgrading, see Upgrading Apigee hybrid to version 1.8.
Bug ID | Description |
---|---|
249144084 | Reuse existing target IPs if DNS resolution fail on DNS cache refresh. |
243880171 | Upgrade from Apigee hybrid v1.7 to v1.8 could fail when http_proxy was configured to DENY internal network traffic. |
243717191 | Container restart no longer conflicts with the existing certificates. |
243599452 | Fixed indentation issue with ingress gateway annotations. |
243167389 | Apigee now validates the length of ingressGateways[].name in overrides.yaml . TThe value of ingressGateways:name must meet the following requirements:
ingressGateways[].name in the Configuration property reference. |
241959053 | Fixed apigeectl parsing error for serviceaccountRef . |
232529030 | Replaced the Logging fluentbit container environment variable http_proxy with HTTP__PROXY to maintain compatibility with fluentbit 1.8. |
227212728 | Cassandra scripts now avoid writing data to the Pod Filesystem. |
Bug ID | Description |
---|---|
222772470, 220169963, 210116413 | Security fix for CVE-2021-38297: Updated Go language version. |
222772341, 222772333, 222772261, 222771839 | Security fix for CVE-2022-23806: Updated Go language version. |
202174499 | Fixed Vulnerability for protobuf-java and protobuf-java-util packages. |
September 28, 2022
Application IntegrationApplication Integration Preview Release
Application Integration is now available in preview. Application Integration is an Integration-Platform-as-a-Service (iPaaS) solution in Google Cloud that offers a comprehensive set of core integration tools to connect and manage the multitude of applications and data required to support various business operations.
For more information about the Application Integration features and functionalities, see Application Integration documentation.
September 26, 2022
Apigee RegistryOn September 26, 2022 Apigee API hub released a new version of the software.
Bug ID | Description |
---|---|
248598430 | Scorecard display did not select the latest spec by default when the recommended deployment pointed to a spec with no scorecard. |
Availability of scripts to recreate Apigee instances created before January 25, 2022.
If you have an Apigee instance that was created before January 25, 2022, Apigee recommends that you replace it with a new instance. If you do not recreate the older instance, you may experience scaling issues and the number of environments you can add to an instance will continue to be limited to 10.
For more information and detailed instructions, see Recreating an Apigee instance with zero downtime
September 19, 2022
Apigee RegistryOn September 19, 2022 Apigee API hub released a new version of the software.
Scorecard added to Apigee API hub API overview page
The scorecard allows you to display score or health information about your APIs on the API overview page.
The default scorecard configuration uses OpenAPI v2 and OpenAPI v3 specs and is analyzed using the Spectral linter to generate a Lint summary.
Specify whether the scorecard is displayed or hidden on the Settings page.
Help links added to Apigee API hub blank APIs list page
If there are no APIs registered, the APIs list page will display links pointing to API registration documentation.
September 14, 2022
Apigee XOn September 14, 2022 we released an updated version of the Apigee X software.
When using local development with Apigee in VS Code, the following pre-release features are available as part of the Insiders build (v1.21.0 and higher):
September 12, 2022
Apigee Integrated PortalOn September 12, 2022 we released an updated version of Apigee integrated portal.
Bug ID | Description |
---|---|
237412458 | Fixed an issue where some SMTP settings were not migrated to an upgraded portal. |
235634994 | Implemented a minor security fix to block content spoofing in the API search page. |
233407912 | When creating a new App key for products that have been set to manual approval, but have already been approved, the new key will "auto" approve and not have to go through the approval process again. |
September 09, 2022
Apigee XOn September 09, 2022, we released an updated version of Apigee X.
With this release, Apigee support for Private Service Connect (PSC) is GA. PSC allows you to privately connect Apigee to target services running across VPC networks in addition to the peered network. For more information, see Southbound networking patterns.
September 06, 2022
Apigee RegistryOn September 6, 2022 Apigee hub released a new version of the software.
API hub has been upgraded to use a later version of the Registry API open-sourced project. See v0.5.6 on GitHub for details.
Bug ID | Description |
---|---|
N/A | Multiple fixes as listed at v0.5.6 Changelog on GitHub. |
September 02, 2022
Apigee hybridhybrid v1.7.4
On September 2, 2022 we released an updated version of the Apigee hybrid software, v1.7.4.
For information on upgrading, see Upgrading Apigee hybrid to version 1.7.
Bug ID | Description |
---|---|
232529030 | Replaced the Logging fluentbit container environment variable http_proxy with HTTP_PROXY to maintain compatibility with fluentbit 1.8. |
Bug ID | Description |
---|---|
240833499 | Security fix for gopkg.in/yaml.v3. |
230369447 | Security fix for commons-codec |
230368838 | Security fix for CVE-2018-10237, auto-value:guava. |
230366823 | Security fix for jackson-databind. |
230366589 | Security fix for CVE-2021-22696-cxf in cxf. |
230366276 | Security fix for CVE-2021-22569. |
229804717 | Security fix for apigee-envoy. |
N/A | Miscellaneous Security updates and fixes. |
September 01, 2022
Apigee IntegrationOn September 01, 2022 we released an updated version of the Apigee Integration software.
Region support for integration endpoint
Region support when creating an integration using a proxy. You can now specify the region of the integration in a proxy and use that region to generate a regionalised integration endpoint. For more information, see Getting started with Apigee Integration and Apigee proxy Integration targets.
Region support in SetIntegrationRequest policy. Using the <IntegrationRegion> element, you can now specify the region of your integration in the SetIntegrationRequest policy.
Note: <IntegrationRegion> is a mandatory element in the SetIntegrationRequest policy and applies to any new proxies that are created from this release onwards. If there is no <IntegrationRegion> provided in the policy, Apigee will throw an error and continue execution using the Apigee runtime region.
For more information, see SetIntegrationRequest policy.
August 30, 2022
Apigee XOn August 30, 2022, Apigee announced the GA launch of Pay-as-you-go pricing, a consumption-based model for Google's Apigee Platform.
When you use Pay-as-you-go pricing for Apigee, you are charged for the following:
- The number of Apigee gateway nodes in the Apigee organization
- The number of API requests processed by Apigee Analytics services
- The amount of network usage
For more information, see the Pay-as-you-go overview and the Pay-as-you-go Example pricing.
With this release, the Apigee Pay-as-you-go pricing model includes a maximum Apigee gateway node count of 1,000 across all environments in a region.
August 25, 2022
Apigee RegistryOn August 25, 2022 Apigee hub released a new version of the software.
API hub has been upgraded to use a later version of the Registry API open-sourced project. See v0.5.5 on GitHub for details.
Bug ID | Description |
---|---|
N/A | Multiple fixes as listed at v0.5.5 Changelog on GitHub. |
August 23, 2022
Apigee RegistryOn August 23, 2022 Apigee hub released a new version of the software.
API hub has been upgraded to use a later version of the Registry API open-sourced project. See v0.5.4 on GitHub for details.
Bug ID | Description |
---|---|
N/A | Multiple fixes as listed at v0.5.4 Changelog on GitHub. |
On August 23, 2022, we released an updated version of the Apigee UI.
With this release, the Apigee UI will display the new version of the Proxy Editor by default.
In this release, you can view both the visual editor and the text editor at the same time in the Develop view, without having to manually switch between the two. You can also resize the display area of either editor to view it more easily. See Change the target endpoint for a description of the changes to the editor layout.
August 22, 2022
Apigee XOn August 22, 2022, we released an updated version of Apigee X (1-8-0-apigee-33).
Bug ID | Description |
---|---|
N/A | Upgraded infrastructure and libraries |
Value of io.timeout.millis
is not honored when used with multiple dynamic targets.
If a proxy sets two or more io.timeout.millis
values in two or more flows using the same target host, only one io.timeout.millis
value is honored.
hybrid v1.8.0
On August 22, 2022 we released an updated version of the Apigee hybrid software, v1.8.0.
For information on upgrading, see Upgrading Apigee hybrid to version 1.8.
Apigee Ingress gateway
Starting in version 1.8, Apigee hybrid offers a new feature to manage the ingress gateway for your hybrid installation, Apigee ingress gateway. Anthos Service Mesh is no longer a prerequisite for hybrid installation. With Apigee ingress gateway, Apigee will stop supplying routing configuration to Anthos Service Mesh. See Managing Apigee ingress.
ORG-level UDCA
Apigee hybrid now supports setting UDCA at the org level instead of at the environment level. See orgScopedUDCA
in the Configuration property reference.
Support for newer versions of Anthos, Anthos Service Mesh, and Kubernetes
Starting in version 1.8, Apigee hybrid supports Anthos version 1.12, Anthos Service Mesh version 1.13, and Kubernetes version 1.23 on specific platforms. See Apigee hybrid supported platforms and versions for details.
KVM pagination
The Key Value Map (KVM) CRUD APIs with pagination support are now available in Hybrid (introduced in Apigee X on March 10, 2022). See REST Resource: organizations.keyvaluemaps
and REST Resource: v1.organizations.environments.keyvaluemaps
.
apigeectl
now supports the --v
option to set the log verbosity level
Starting in version 1.8, apigeectl
includes a --v
option to set log verbosity levels in the format --v=int
, for example apigeectl apply --v=5
. This option replaces the --verbose
option (now deprecated). This is the same as the kubectl
--v
option. See apigeectl
for details.
tools/apigee-pull-push.sh
includes a –list
option to list all images
Starting in version 1.8, The tools/apigee-pull-push.sh
utility has a --list
or -l
option that will list all images in the gcr repo. See apigee-pull-push.sh
for details.
Bug ID | Description |
---|---|
239854141 | apigee-pull-push.sh now uses gcr source repositories. (Fixed in Apigee hybrid v1.8.0) |
238370197 | Fixed an issue where the timeTaken variable's value could sometimes be calculated incorrectly. (Fixed in Apigee hybrid v1.7.3) |
236399482 | Added support for ASM v1.13. (Fixed in Apigee hybrid v1.7.2) |
236129944 | Fixed the controller crashloopbackoff due to null pointer issue. (Fixed in Apigee hybrid v1.6.9) |
236129944 | Fixed the controller crashloopbackoff resulting from null pointer. (Fixed in Apigee hybrid v1.7.2) |
234620567 | Fix logger issue in Anthos BareMetal with CentOS. (Fixed in Apigee hybrid v1.6.9) |
234355351 | Fixed issue with message processor pods restarting frequently. Added backoff polling task for Cloud KMS key listener. The listener is paused only when the flush policy is met. (Fixed in Apigee X, June 21, 2022) |
233349518 | Fixed "Invalid Resource" error generated for job/apigee-resources-install . (Fixed in Apigee hybrid v1.7.1) |
233094108 | Fixed Stacktrace truncation in runtime containers to support proxy diagnosis. (Fixed in Apigee hybrid v1.7.2) |
232977937 | Fixed an issue where deployment would become stuck on "Applying routing changes on" for multiple ingress gateways. (Fixed in Apigee hybrid v1.7.1) |
231313050 | Fixed issue causing Apigee logger pod to remain in crashloopbackoff state. (Fixed in Apigee hybrid v1.7.2) |
229824389 | Fixed an issue in hybrid 1.7.0 where the output apigeectl init could be generated in the wrong order. (Fixed in Apigee hybrid v1.7.1) |
229804717 | Fixed upgrade envoy to use distroless v1.22.0. (Fixed in Apigee hybrid v1.7.1) |
229639530 | Fixed an error harmonizing the container process ID to use Apigee ID for Hybrid on OpenShift. (Fixed in Apigee hybrid v1.7.1) |
228855520 | Upgraded support for ASM version 1.13. (Fixed in Apigee X, May 9, 2022) |
227600373 | Fixed an installation issue with Cassandra. (Fixed in Apigee hybrid v1.6.7) |
227538469 | Fixed an issue where configuration actions would write logs to the pod file system. (Fixed in Apigee hybrid v1.7.1) |
226964206 | MART, runtime and synchronizer would write to the pod file system. (Fixed in Apigee hybrid v1.7.1) |
226464960 | Apigee hybrid fresh installations on OpenShift 4.6 and 4.8 would fail. (Fixed in Apigee hybrid v1.6.7) |
225939342 | Fixed an error where deployment status would show as "Applying routing changes on {env}". (Fixed in Apigee hybrid v1.7.1) |
225198475 | Fixed an issue where resource reference changes could not be detected. (Fixed in Apigee hybrid v1.7.1) |
225169066 | Cassandra database backup and restore was not working when http_proxy is enabled under certain circumstances. (Fixed in Apigee hybrid v1.5.10) |
225081332 | Fixed allow privileged pods issue. (Fixed in Apigee hybrid v1.7.1) |
224620542 | On some Kubernetes platforms, logging would fail without adding an empty directory for the logs. (Fixed in Apigee hybrid v1.6.7) |
223081301 | Fixed organization-level UDCA incorrect http-proxy secret name. (Fixed in Apigee hybrid v1.6.7) |
222649295 | Organization-level UDCA would hang. (Fixed in Apigee hybrid v1.6.7) |
221885751 | Hybrid logging functionality has been reworked. This should resolve issues with excessive log volume generation, frequent logger restarts, and ensure correct logger functionality with both docker and containerd runtimes. (Fixed in Apigee hybrid v1.5.8) |
221292104 | Fix to address failure to capture requests in Debug sessions involving PostClientFlow ServiceCallouts. (Fixed in Apigee X, May 9, 2022) |
221266789 | Hybrid logging functionality has been reworked. This should resolve issues with excessive log volume generation, frequent logger restarts, and ensure correct logger functionality with both docker and containerd runtimes. (Fixed in Apigee hybrid v1.6.7) |
219622478 | Fixed the CPS property token so that when set to true , it will allow the instance to shutdown and reboot when cassandra connection failures occur. (Fixed in Apigee hybrid v1.7.3) |
216018530 | Fixed an issue where the apigee-logger-apigee-telemetry DaemonSet could still be left running after turning off logger. (Fixed in Apigee hybrid v1.7.1) |
213261445 | Fixed reliance on keystore generated by cert manager for metrics endpoint and removed the need for a custom generate_cert script. (Fixed in Apigee hybrid v1.6.7) |
211716827 | Fixed an issue where a non-default gateway could cause routing errors in certain circumstances. (Fixed in Apigee hybrid v1.7.1) |
205616792 | Fixed core dump on running user schema setup. (Fixed in Apigee hybrid v1.7.1) |
202950533 | Remove the server header from all responses. This will be consistent with CG SaaS and OPDK. (Fixed in Apigee hybrid v1.8.0) |
202403896 | Upgrade to Apigee hybrid v1.6 from v1.5 could fail due to annotation size. (Fixed in Apigee hybrid v1.5.8) |
Bug ID | Description |
---|---|
230369447 | Security fix for commons-codec (Fixed in Apigee hybrid v1.8) |
230368838 | Security fix for CVE-2018-10237, auto-value:guava (Fixed in Apigee hybrid v1.8) |
230366823 | Security fix for jackson-databind (Fixed in Apigee hybrid v1.8) |
230366589 | Security fix for CVE-2021-22696-cxf in cxf (Fixed in Apigee hybrid v1.8) |
229804717 | Security fix for CVE-2021-3711 (Fixed in Apigee hybrid v1.8, v1.7, v1.6) |
229804942 | Security fix for CVE-2022-0778 (Fixed in Apigee hybrid v1.8) |
N/A | Miscellaneous Security updates and fixes. |
The apigeectl
--verbose
option has been deprecated. It is replaced with the --v
option which lets you specify the log verbosity level in the format --v=int
, for example apigeectl apply --v=5
. See apigeectl
for details.
August 18, 2022
Apigee ConnectorsSupport for private connectivity through Private Service Connect (PSC)
On August 18, 2022, we released PSC support for hostname configuration in Apigee Connectors.
For all the connectors that require a hostname and port configuration, you can now see a Destinations section when creating the connector. In this section, you must enter the details of the remote host (backend system) you want to connect. You can now specify the destination details either as a host address or a service attachment.
August 15, 2022
Apigee ConnectorsPreview release of new Connectors for Apigee
On August 15, 2022, we released the preview version of the Oracle DB connector for Apigee. For more information, see Create a Oracle DB connection.
August 11, 2022
Apigee XOn August 11, 2022 we released an updated version of Apigee X.
This release contains the new Abuse page in Advanced API Security, which displays information about bots that have been detected by analysis of your API traffic. The Abuse page displays the IP addresses of detected bots, as well as their locations, the bot rules that led to their detection, and other details.
August 10, 2022
Apigee IntegrationOn August 10, 2022 we released an updated version of the Apigee Integration software.
Support for VPC Service Controls (Preview)
VPC Service Controls lets you define a security perimeter around the Apigee Integration Google Cloud service. For more information, see Set up VPC Service Controls for Apigee Integration.
August 03, 2022
Apigee RegistryOn August 3, 2022 Apigee hub released a new version of the software.
Bug ID | Description |
---|---|
241241073 | Changed API hub UI route prefix from apigee/api-registry to apigee/hub . The previous apigee/api-registry path will still continue to work, but will redirect to apigee/hub automatically. |
July 29, 2022
Apigee hybridhybrid v1.7.3
On July 29, 2022 we released an updated version of the Apigee hybrid software, v1.7.3.
For information on upgrading, see Upgrading Apigee hybrid to version 1.7.
Bug ID | Description |
---|---|
219622478 | Fixed the CPS property token so that when set to true , it will allow the instance to shutdown and reboot when cassandra connection failures occur. |
238370197 | Fixed an issue where the timeTaken variable's value could sometimes be calculated incorrectly. |
Bug ID | Description |
---|---|
N/A | Security fix for CVE-2022-22963. |
July 27, 2022
Apigee RegistryOn July 27, 2022 Apigee hub released a new version of the software.
Bug ID | Description |
---|---|
230374510 | Mitigated issue where specs over 900KB (uncompressed) in size caused timeouts when trying to view their contents, and in turn caused instability with future requests for a short period of time. A warning message is now displayed when attempting to view specs that exceed 900KB. |
230374510 | Fixed issue where viewing spec files that had a file extension of .gz would allow only download of the file and would not display the contents of the file, if supported. |
July 25, 2022
Apigee XOn July 25, 2022, we released an updated version of Apigee X (1-8-0-apigee-23).
Bug ID | Description |
---|---|
N/A | Upgraded infrastructure and libraries |
July 21, 2022
Apigee XOn July 21, 2022 we released an updated version of Apigee X.
The Advanced API Security's target assessment, which evaluates the security of target servers in your API, is now available. See Security scores in the Apigee UI to learn more.
July 19, 2022
Apigee UIOn July 19, 2022 we released an updated version of the Apigee UI.
The Needs Attention Table in Advanced API Security Scores now use links instead of buttons. This fixes font and alignment issues inside the table rows.
Bug ID | Description |
---|---|
238248377 | The Needs Attention Table in Advanced API Security Scores was not showing target components. This has been fixed. |
July 09, 2022
Apigee IntegrationOn July 09, 2022 we released an updated version of the Apigee Integration software.
Data Mapping task enhancements
The Data Mapping task in Apigee Integrations now provides the following enhancements:
- Nested function support. You can pass one or more transformation functions as input parameters to another function.
New transformation functions. You can use the following new transform functions for array-type variables:
Subfield mapping support for JSON variables. You can view and search all the subfields of a JSON variable in the data mapping editor variable list.
For more information, see the Data Mapping task.
July 08, 2022
Apigee hybridhybrid v1.6.9
On July 8, 2022 we released an updated version of the Apigee hybrid software, v1.6.9.
For information on upgrading, see Upgrading Apigee hybrid to version 1.6.
Bug ID | Description |
---|---|
236129944 | Fixed the controller crashloopbackoff due to null pointer issue. |
234620567 | Fix logger issue in Anthos BareMetal with CentOS. |
231313050 | Fixed issue causing Apigee logger pod to remain in crashloopbackoff state. |
233094108 | Fixed Stacktrace truncation in runtime containers to support proxy diagnosis. |
July 06, 2022
Apigee RegistryOn July 6, 2022 Apigee hub released a new version of the software.
Bug ID | Description |
---|---|
229852942 | The error message displayed has been clarified for the case where the uploaded spec file type was not gzip, but the mime type selected was gzip. |
July 01, 2022
Apigee UIOn July 1, 2022, we released an updated version of the Apigee UI.
This release contains a new version of the Debug tab in the Apigee Proxy Editor. Following previous releases of new versions of the Overview and Develop tabs, this completes the initial release of the new Proxy Editor.
To view the new Debug tab, see Using Debug.
June 30, 2022
Apigee ConnectorsPreview release of new Connectors for Apigee
On June 30, 2022 we released the preview version of new connectors for Apigee.
The following new connectors are available for Apigee:
On June 30, 2022 we released an updated version of Apigee X.
This release contains the Public Preview of Advanced API Security, which protects your APIs from unwanted requests, including attacks by malicious clients such as bots, and evaluates the security level of your API configurations.
Advanced API Security lets you:
- Create security reports to detect bots and other threats to your APIs.
- View security scores, which rate the security of your APIs and provide recommendations for improving security.
June 27, 2022
Apigee RegistryOn June 27, 2022 Apigee hub released a new version of the software.
Bug ID | Description |
---|---|
227334287 | An improved error dialog is displayed when an error occurs on API delete. |
229852889 | Reference lists now filter out their parent API to prevent self-references. |
232250641 | Resource IDs generated from names are now automatically truncated or padded to conform to length requirements. |
236744313 | Fixed an issue where the spinning progress indicator would not go away. |
June 24, 2022
Apigee hybridhybrid v1.7.2
On June 24, 2022 we released an updated version of the Apigee hybrid software, v1.7.2.
For information on upgrading, see Upgrading Apigee hybrid to version 1.7.
Bug ID | Description |
---|---|
233094108 | Fixed Stacktrace truncation in runtime containers to support proxy diagnosis. |
236129944 | Fixed the controller crashloopbackoff resulting from null pointer. |
231313050 | Fixed issue causing Apigee logger pod to remain in crashloopbackoff state. |
236399482 | Added support for ASM v1.13. |
June 23, 2022
Apigee IntegrationOn June 23, 2022 we released an updated version of the Apigee Integrations software.
Apigee Integration trials
Starting with this release, Apigee Integrations is available in an Apigee Eval org which lets you try out the integrations feature without getting billed for the usage. For information, see Enable integrations in an eval org.
Updates to SetIntegrationRequest policy
The SetIntegrationRequest policy has the following updates:
Support for ref attribute in the <Parameter>, <ParameterArray>, and <Value> elements. By using this attribute, you can assign flow variable values to the parameters.
Empty <Parameter> and <ParameterArray> elements are supported. However, if these elements are empty, Apigee treats the element value as null.
Empty <Value> element is not supported. If the element is empty, Apigee reports an error.
June 21, 2022
Apigee Integrated PortalOn June 21, we released an updated version of Apigee integrated portal.
Added the ability to sort by Name and Created fields in the Apps and Teams tables. Click the column heading to sort.
On June 21, 2022 we released an updated version of the Apigee UI,
The Data Collectors UI is now generally available.
A search bar has been added to the new Proxy Editor Develop view. This lets you search for items within a proxy or sharedflow bundle.
On June 21, 2022, we released an updated version of Apigee X (1-8-0-apigee-18).
Bug ID | Description |
---|---|
234355351 | Fixed issue with message processor pods restarting frequently. Added backoff polling task for Cloud KMS key listener. The listener is paused only when the flush policy is met. |
N/A | Upgraded infrastructure and libraries. |
June 14, 2022
Apigee Integrated PortalOn June 14, we released an updated version of Apigee integrated portal.
Use a GraphQL schema to publish your APIs to an integrated portal.
For details, see:
June 06, 2022
Apigee RegistryOn June 6, 2022 Apigee hub released a new version of the software
Bug ID | Description |
---|---|
234772624 | Fixed an issue where an API could not be deleted if it had deployments. |
June 02, 2022
Apigee XOn June 2, 2022, we released an updated version of Apigee X.
Apigee X APIs for managing key value entries in a key value map scoped to an organization, environment, or API proxy are now available. For more information, see the Apigee API reference documentation.
hybrid v1.7.1
On June 2, 2022 we released an updated version of the Apigee hybrid software, v1.7.1.
For information on upgrading, see Upgrading Apigee hybrid to version 1.7.
Bug ID | Description |
---|---|
233349518 | Fixed "Invalid Resource" error generated for job/apigee-resources-install . |
232977937 | Fixed an issue where deployment would become stuck on "Applying routing changes on" for multiple ingress gateways. |
216018530 | Fixed an issue where the apigee-logger-apigee-telemetry DaemonSet could still be left running after turning off logger. |
226964206 | MART, runtime and synchronizer would write to the pod file system. |
211716827 | Fixed an issue where a non-default gateway could cause routing errors in certain circumstances. |
225198475 | Fixed an issue where resource reference changes could not be detected. |
225939342 | Fixed an error where deployment status would show as "Applying routing changes on {env}". |
229824389 | Fixed an issue in hybrid 1.7.0 where the output apigeectl init could be generated in the wrong order. |
229639530 | Fixed an error harmonizing the container process ID to use Apigee ID for Hybrid on OpenShift |
229804717 | Fixed upgrade envoy to use distroless v1.22.0. |
227538469 | Fixed an issue where configuration actions would write logs to the pod file system. |
205616792 | Fixed core dump on running user schema setup. |
225081332 | Fixed allow privileged pods issue. |
May 31, 2022
Apigee UIOn May 31, 2022 we released an updated version of the Apigee UI.
API Monitoring Timeline charts were not displayed correctly in the Timeline view.
Previously, you needed to navigate to another API Monitoring view (such as Investigate) and then return to the Timeline view to see charts. This has been fixed: now you can go directly to the Timeline view to see charts.
hybrid v1.6.8
On May 31, 2022 we released an updated version of the Apigee hybrid software, v1.6.8.
For information on upgrading, see Upgrading Apigee hybrid to version 1.6.
Bug ID | Description |
---|---|
233349518 | Fixed "Invalid Resource" error generated for job/apigee-resources-install . |
225939342 | Fixed an error where deployment status would show as "Applying routing changes on {env}". |
225198475 | Fixed an issue where resource reference changes could not be detected. |
232977937 | Fixed an issue where deployment would become stuck on "Applying routing changes on" for multiple ingress gateways. |
229804717 | Fixed upgrade envoy to use distroless v1.22.0. |
May 25, 2022
Apigee ConnectorsPreview release of new Connectors for Apigee
On May 20, 2022, we released the preview version of the Connectors for Apigee.
The Zendesk connector is available for Apigee. For more information, see Zendesk connection.
You can now create and manage Private Service Connect (PSC) endpoint attachments in the Apigee UI. For details, see Creating an endpoint attachment.
May 23, 2022
Apigee XOn May 23, 2022, we released an updated version of Apigee X (1-8-0-apigee-9).
Bug ID | Description |
---|---|
N/A | Upgraded infrastructure and libraries |
May 18, 2022
Apigee MonetizationOn May 18, 2022 we released an updated version of the Apigee Monetization software.
Apigee X now supports export of additional fee-based values for organizations using monetization. For more information, see Generating monetization reports.
On May 18, 2022, we released an updated version of the Apigee UI.
May 16, 2022
Apigee RegistryOn May 16, 2022 Apigee hub released a new version of the software.
Bug ID | Description |
---|---|
232129385 | Users without artifact write permission encountered errors when loading various pages if the default API hub artifacts were not yet initialized by the system. |
May 12, 2022
Apigee ConnectorsPreview release of new Connectors for Apigee
On May 12, 2022, we released the preview version of new Connectors for Apigee.
The following new connectors are available for Apigee:
May 11, 2022
Apigee Integrated PortalOn May 11, 2022 we released an updated version of the Apigee Integrated Portal software.
Bug ID | Description |
---|---|
228603948 | Fixed an issue that prevented users from editing custom fields for account creation and signup. |
228339667 | Documentation now reflects support for the STARTTLS SMTP authorization type. |
227511014 | Fixed an issue that prevented V1 Portals from being upgraded to V2. |
224991572 | Improvements to the Get Started documentation bundled with a new portal. Create a new portal and then click Get Started to see the new content. |
220980189 | Fixed issue with publishing API Products on a Portal when the organization has over 1,000 API Products. |
218320618 | Page descriptions are now limited to 1,000 characters. Page content is now limited to 1 MB. |
210651558 | Fixed issue where adding a new API Product subscription to an App would remove all scopes on the Apps credentials. |
hybrid v1.6.7
On May 11, 2022 we released an updated version of the Apigee hybrid v1.6.7 software.
For information on upgrading, see Upgrading Apigee hybrid to version 1.6.
Bug ID | Description |
---|---|
227600373 | Fixed an installation issue with Cassandra. |
227538469 | Configuration actions would write logs to the pod file system. |
226964206 | MART, runtime and synchronizer would write to the pod file system. |
226464960 | Apigee hybrid fresh installations on OpenShift 4.6 and 4.8 would fail. |
225081332 | Allow privileged pods issue. |
224620542 | On some Kubernetes platforms, logging would fail without adding an empty directory for the logs. |
223081301 | Fixed organization-level UDCA incorrect http-proxy secret name. |
222649295 | Organization-level UDCA would hang. |
221266789 | Hybrid logging functionality has been reworked. This should resolve issues with excessive log volume generation, frequent logger restarts, and ensure correct logger functionality with both docker and containerd runtimes. |
213261445 | Fixed reliance on keystore generated by cert manager for metrics endpoint and removed the need for a custom generate_cert script. |
205616792 | Fixed core dump on running user schema setup. |
May 10, 2022
Apigee hybridhybrid v1.6.7/1.5.10/1.7.0
Known Issue: 231758700 - Apigee Hybrid Dockerhub customers unable to pull images with Docker Content Trust enabled
May 09, 2022
Apigee RegistryOn May 9, 2022 Apigee hub released a new version of the software.
Bug ID | Description |
---|---|
231715589 | When viewing the API hub getting started page in the Google Cloud console, if you switched to another un-provisioned project, the browser encountered a redirect loop. |
On May 9, 2022 we released an updated version of the Apigee X software (1-8-0-apigee-5).
The GoogleIDToken.Audience
tag now includes the useTargetUrl
attribute to simplify audience configuration of Google ID tokens for Apigee policies.
Bug ID | Description |
---|---|
221292104 | Fix to address failure to capture requests in Debug sessions involving PostClientFlow ServiceCallouts. |
228855520 | Upgraded ASM to the latest version. |
Bug ID | Description |
---|---|
217497793 | A security issue was addressed. |
May 04, 2022
Apigee Integrated PortalOn May 4, 2022 we released an updated version of the Apigee Integrated Portal software.
Error messages for rejected logins for an inactive user are now more informative to the user.
Emails from portal-sso
will either be the email address of the sender that the user sets up in the custom smtp
settings, or it will be no-reply@google.com
, instead of the human-readable name orgname-portalname
. This screenshot illustrates emails sent from portal-sso
in e2e
. It shows one email with custom smtp
settings (tsnow-custom-smtp
) and one email with the default settings (no-reply
).
Bug ID | Description |
---|---|
220993729 | Portal SSO showed the Apigee domain when hovering over footer links in third-party web pages. |
220188030 | Reset password was not working for LDAP configurations. |
214146121 | An authentication issue with Apigee SSO has been fixed. |
204952689 | Fixed miscellaneous logback error. |
194469693 | Enabled SAML config error so that it is visible. |
194053231 | Added server-side validation for the password field. If the password is non-compliant, the response is 422:Unprocessable Entity . |
190609332 | Improved error output for failures while enabling SSO for Apigee |
157131343 | Added support for the parenthesis () and plus + characters for built-in IDP custom fields. Other special characters will continue to be blocked due to security reasons. |
ID | Description |
---|---|
200604177 | Upgraded jQuery and Bootstrap |
On May 4, 2022 Apigee API hub began the release of a new version of the software for Public Preview.
At Public Preview, products or features are ready for testing by customers. Preview offerings are often publicly announced, but are not necessarily feature-complete, and no SLAs or technical support commitments are provided for these. Unless stated otherwise by Google, Preview offerings are intended for use in test environments only.
On May 4, 2022 Apigee API hub began the release of a new version of the software for Public Preview.
At Public Preview, products or features are ready for testing by customers. Preview offerings are often publicly announced, but are not necessarily feature-complete, and no SLAs or technical support commitments are provided for these. Unless stated otherwise by Google, Preview offerings are intended for use in test environments only.
Added the API Hub
label in the Apigee community.
Added the API Hub
label in the Apigee community.
Added provisioning instructions.
Documentation: Provision API hub
Added instructions on how to get support.
Documentation: Get support
Action buttons in the UI are now disabled if you do not have appropriate permissions to perform the action.
Added provisioning instructions.
Documentation: Provision API hub
On May 4, 2022 we released an updated version of the Apigee UI.
We have released a new version of the Develop tab in the Proxy Editor. See Introducing the new Proxy Editor.
April 27, 2022
Apigee RegistryOn April 27, 2022 Apigee hub released a new version of the software.
All system taxonomy descriptions are now editable.
April 22, 2022
Apigee XOn April 22, 2022 we released an updated version of the Apigee X software (1-7-0-apigee-34).
Bug ID | Description |
---|---|
N/A | Upgraded infrastructure and libraries |
hybrid v1.5.10
On April 22, 2022 we released an updated version of the Apigee hybrid v1.5.10 software.
For information on upgrading, see Upgrading Apigee hybrid to version 1.5.
Bug ID | Description |
---|---|
225169066 | Cassandra database backup and restore was not working when http_proxy is enabled under certain circumstances. |
221885751 | Hybrid logging functionality has been reworked. This should resolve issues with excessive log volume generation, frequent logger restarts, and ensure correct logger functionality with both docker and containerd runtimes. |
202403896 | Upgrade to Apigee hybrid v1.6 from v1.5 could fail due to annotation size. |
221885751 | Multiple issues with the Hybrid logging functionality have been addressed. |
April 20, 2022
Apigee RegistryOn April 20, 2022 Apigee hub released a new version of the software.
Changed columns in the History table:
- Changed Date & time to Updated
- Changed Comment to Commit history
- Added ID, which is the ID of the revision as it appears in the registry API.
April 18, 2022
Apigee UIOn April 18, 2022, we released an updated version of the Apigee UI.
The UI for managing Apigee instances has been updated and improved:
- You can now specify a list of accepted Cloud projects that can privately connect to the instance's service attachment.
- The New Instance dialog is replaced by a dedicated Create new instance configuration page with fields for specifying or creating a disk encryption key and for editing the list of accepted projects.
- The Edit instance dialog is replaced by a dedicated page that lets you add or remove environments and edit the list of accepted projects that can privately connect to the instance's service attachment.
- The UI now lets you select the disk encryption key from a list and provides a convenient flow if you want to create a new key.
- The UI for deleting an instance has changed. There is now a DELETE button on the Instance details page.
For more information, see Managing instances.
Bug ID | Description |
---|---|
229008583 | When opening the Apigee UI in multiple tabs with different orgs, some cache entries were not being synched. This has been fixed. |
204429957 | Make ClientSpecificResourceService and ClientResourceNamePipe return plain values. Previously, methods on those classes returned observables. Now they return values. |
Apigee hybrid v1.7.0
On April 18, 2022 we released Apigee hybrid v1.7.0.
For information on upgrading, see Upgrading Apigee hybrid to version 1.7.
mTLS communication between Cassandra clients and Cassandra nodes
Apigee hybrid now supports mTLS communication between Cassandra clients (MART, Sync, and MP) and Cassandra nodes. For related ports used, see feedbackSecure ports usage. (Implemented in Apigee hybrid v1.7.0)
Custom metrics scaling
Apigee hybrid v1.7.0 now supports custom metrics scaling using the metrics:appStackdriverExporter
and metrics:proxyStackdriverExporter
configuration properties. See metrics in the Configuration properties reference. (Implemented in Apigee hybrid v1.7.0)
OAuth JWT access tokens
Apigee hybrid v1.7.0 now supports JWT operations that allow the OAuthV2 policy to generate, verify, and refresh access tokens that conform to the JWT token standard. See Using JWT OAuth tokens. (Implemented in Apigee hybrid v1.7.0)
Cloud Logging
Apigee hybrid v1.7.0 now supports the <CloudLogging>
element in the MessageLogging policy that lets you log messages to Cloud Logging. (Implemented in Apigee hybrid v1.7.0)
PublishMessage policy
Apigee hybrid v1.7.0 now supports the PublishMessage policy that lets you publish your API proxy flow information to a Google Cloud Pub/Sub topic.
Policy document: PublishMessage policy
(Implemented in Apigee hybrid v1.7.0)
GraphQL policy now supports JSON-encoded payloads. (Implemented in Apigee X, March 15, 2022)
Bug ID | Description |
---|---|
224577096 | Support Added for Anthos Service Mesh 1.12 (Fixed in Apigee hybrid v1.6.6) |
219523719 | Fix to address CPU and memory consumption when debug-session is enabled with response-status as the filtering criteria. (Fixed in Apigee X, March 15, 2022) |
217386412 | Change the property set logging level to fine when property is not found. (Fixed in Apigee hybrid v1.6.5) |
215773113 | Setting the securityPolicy appeared to have no effect for specific configurations. (Fixed in Apigee hybrid v1.6.5) |
214960081 | HTTPS endpoints could be called as HTTP resulting in an "EOF unexpected" error. (Fixed in Apigee hybrid v1.6.4) |
211787541 | Errors displayed in synchronizer logs for stale contracts. (Fixed in Apigee hybrid v1.6.5) |
210590135 | Invalid protocol in proxy.url flow variable in Apigee X. The proxy.url flow variable could show as http even when the request is https . (Fixed in Apigee hybrid v1.6.4) |
210314786 | The backup utility did not work with workload identity. (Fixed in Apigee hybrid v1.6.4) |
209622008 | Dynamic updates to rate in spike arrest are now reflected immediately. (Fixed in Apigee X, March 15, 2022) |
209484701 | Invalid client IP sent to analytics. (Fixed in Apigee hybrid v1.6.5) |
209097822 | Fixed and issue where SpikeArrest was not reflecting updated rate (Fixed in Apigee hybrid v1.6.3) |
208474799 | Apigee hybrid now supports ASM version 1.12. See Supported platforms for ASM version support for each supported version of Apigee Hybrid. (Fixed in Apigee hybrid v1.7.0) |
208322185 | Apigee hybrid Cassandra backup and restore can now use either a user-provided custom secret or a generated secret (Fixed in Apigee hybrid v1.6.3) |
207762842 | Hybrid logging functionality has been reworked. This should resolve issues with excessive log volume generation, frequent logger restarts, and ensure correct logger functionality with both docker and containerd runtimes.(Fixed in Apigee hybrid v1.7.0) |
207618262 | Fixed an issue where SpikeArrest opened too many connections to redis-envoy. (Fixed in Apigee hybrid v1.6.3) |
207400645 | Allow direct reads from API server to API client when enabled. (Fixed in Apigee hybrid v1.6.3) |
205820658 | Fixed an issue where Apigee X/hybrid Debug could show the authorization header. (Fixed in Apigee hybrid v1.6.3) |
205810988 | Resolve suspension dialog displayed "user not authorized" message for regions other than US This has been fixed. Location information is now added into the suspension URL from Apigee. (Fixed in Apigee X, December 02,2021) |
205732137 | Handle Quota correctly when the Operation group is set with empty string params (Fixed in Apigee hybrid v1.6.3) |
205148816 | Product Level Quota Info now available in Proxy. (Fixed in Apigee hybrid v1.6.3) |
204943895 | Quota Policy in Shared Flow now working properly. (Fixed in Apigee hybrid v1.6.3) |
204943880 | Fixed issue where SpikeArrest in Shared Flow did not have context of API Proxy. (Fixed in Apigee hybrid v1.6.3) |
204905727 | GenerateResponse was hanging on response flow when enabled=true . (Fixed in Apigee hybrid v1.6.5) |
204368970 | TLS variables are now set by Apigee Runtime. (Fixed in Apigee hybrid v1.6.3) |
204146857 | Fixed an issue where new environments were not created in Apigee hybrid deployment. (Fixed in Apigee hybrid v1.6.3) |
203785814 | A transient error could occur when calling conversion webhook for Apigee Telemetry. The error would occur when Apigee CRD is installed too early in the sequence. The installer job now checks for the correct sequence. (Fixed in Apigee hybrid v1.6.4) |
203468593 | Corrected the storageclass property name. (Fixed in Apigee hybrid v1.5.5) |
203462573 | The StorageClass set in overrides was not honored. (Fixed in Apigee hybrid v1.6.1) |
202560276 | AKS - containerd broke apigee-logger . (Fixed in Apigee hybrid v1.6.1) |
202309278 | Monetization: Eliminated a race condition that could make a prepaid developer's balance appear incorrect. (Fixed in Apigee hybrid v1.6.2) |
202299966 | Added new remote-address-related headers and modified the headers to be RFC compliant. (Fixed in Apigee hybrid v1.6.3) |
200918549 | There was an issue when using forward proxy with the ApigeeConnect agent. (Fixed in Apigee hybrid v1.6.1) |
200700375 | Fixed API products sorting issue in UI. Previously, sorting was disabled on the API products page. Sorting is now enabled. (Fixed in Apigee X, September 23, 2021) |
200648523 | Trace Variable, is_request_blocked, was showing incorrect information. (Fixed in Apigee hybrid v1.6.2) |
199952038 | The apigeectl command uses the new --restore flag to restore Cassandra to a previously saved snapshot. For more information, see Restoring in a single region. (Fixed in Apigee hybrid v1.6.6) |
199807323 | Updating Developer would reset the Developer billing type attribute (Fixed in Apigee hybrid v1.6.2) |
199541025 | Transaction ID is now required to be unique when used with prepaid developer balance credit API. (Fixed in Apigee hybrid v1.6.2) |
198549304, 197730687, 196937143, 188370635, 187890034 | Error state for conflicting dates is now correct. (Fixed in Apigee hybrid v1.6.2) |
198036824 | The securityContext was empty when it should have been populated. (Fixed in Apigee hybrid v1.6.1) |
197945951 | Stale DNS record in MP memory could cause an outage for a proxy. (Fixed in Apigee hybrid v1.6.4) |
197910247 | SetDialogflowResponse Policy - JSONPath expressions were not working. (Fixed in Apigee hybrid v1.6.1) |
197711066 | Cluster upgrade failed due to PDB (PodDisruptionBudget) policy not being met. (Fixed in Apigee hybrid v1.6.1) |
196095557 | Fixed proxy high response times. (Fixed in Apigee hybrid v1.5.4) |
196024622 | Hybrid images contained keys. (Fixed in Apigee hybrid v1.6.1) |
196024483 | Hybrid images did not set USER instruction when building the container. (Fixed in Apigee hybrid v1.6.1) |
193799009 | Fixed wrong status code shown on trace with ServiceCallout in PostClientflow. (Fixed in Apigee hybrid v1.5.4) |
193520269 | Fixed Apigee UI not showing the trace UI. (Fixed in Apigee hybrid v1.5.4) |
193041253 | Cassandra upgraded to v3.11.9 The Cassandra database in Apigee hybrid v1.7.0 has been upgraded to version 3.11.9. (Fixed in Apigee hybrid v1.7.0) |
192987085 | Fixed the ApiProductNotFound exception, which occurred when you deleted an API product but the deletion of associated rate plans was pending. (Fixed in Apigee X Monetization, November 3, 2021) |
191853747 | Apigee Workload Identities not working for specific configurations. (Fixed in Apigee hybrid v1.6.5) |
190679584 | There was an Incorrect error message on deploying AssertCondition policy with invalid condition. (Fixed in Apigee hybrid v1.6.1) |
189341334 | Fixed an issue to eliminate the potential for connection leaks for the watcher component. (Fixed in Apigee hybrid v1.6.3) |
188407113 | Invalid value in the ConsumptionPricingType during rate plan creation displayed the 500 status code. Now the status code for an invalid value is 4xx. (Fixed in Apigee X Monetization, November 3, 2021) |
181259284 | Fixed unresolved flow variables system.region.name and system.pod.name . (Fixed in Apigee hybrid v1.5.4) |
180672249 | FlowCallout succeeded, although SharedFlow had errors in deployment. (Fixed in Apigee hybrid v1.6.1) |
173738907 | Fixed support resource request/limit in override.yaml in apigee-metrics . (Fixed in Apigee hybrid v1.5.4) |
173566787 | Reuse existing target IPs if DNS resolution fail on DNS cache refresh. (Fixed in Apigee hybrid v1.6.5) |
111777025 | LookupCache: cachehit was shown false in trace when the actual value was true. (Fixed in Apigee hybrid v1.6.5)N/A |
N/A | If there is more than one SpikeArrest policy in a bundle, 502 errors will occur. (Fixed in Apigee X, December 12, 2021) |
N/A | If ServiceCallout is "fire and forget" (no tag), a race condition can occur if there is another policy that occurs after it. (Fixed in Apigee X, December 12, 2021) |
N/A | Fix bug delete dialog does not open Previously, on click of delete dialog, the dialog was not appearing, this fixes it (Fixed in Apigee X, October 05, 2021) |
N/A | Dynamic updates to rate in SpikeArrest may not reflect immediately. (Fixed in Apigee X, December 12, 2021) |
Bug ID | Description |
---|---|
217743790 | ** Cassandra backup would run as privileged.** |
204994504 | Container Vulnerability fixed: CVE-2018-12934. (Fixed in Apigee hybrid v1.6.5) |
N/A | Multiple security fixes including CVE-2019-5021. (Fixed in Apigee hybrid v1.6.5) |
N/A | Miscellaneous Security updates and fixes. (Fixed in Apigee X, December 12, 2021) |
205820658 | A security issue was addressed. (Fixed in Apigee hybrid v1.6.2-hotfix.1) |
"Apigee Deployer" role deprecated and replaced by "Apigee Environment Admin" The environment role "Apigee Deployer" has been deprecated, and replaced by "Apigee Environment Admin". (Implemented in Apigee X, December 2, 2022)
April 11, 2022
Apigee ConnectorsPreview release of new Connectors for Apigee
On April 12, 2022, we released the preview version of new Connectors for Apigee.
The following new connectors are available for Apigee:
April 05, 2022
Apigee Integrated PortalOn April 5, 2022 we released an updated version of the Apigee Integrated Portal software.
Bug ID | Description |
---|---|
220377670 | Fixed an issue that prevented users from uploading svg and ico files. |
217600695 | Menus will scroll when they don't fit on the page. |
174476355 | When adding a custom registration field in the accounts-authentication UI for creating/editing a portal, the allowed characters for a custom field has been limited to letters, numbers, and spaces. |
April 04, 2022
Apigee RegistryOn April 4, 2022 Apigee hub released a new version of the software.
Delete dialogs will now remain open while the delete operation is being processed.
Bug ID | Description |
---|---|
226195254 | Lifecycle replacements did not take effect on lifecycles that were assigned to versions. |
March 31, 2022
Apigee RegistryOn March 31, 2022 Apigee hub released a new version of the software.
Added ability to specify the MIME type of the initial spec file when registering a new API.
Documentation: Register APIs
Added ability to specify the MIME type of the spec file when uploading a new revision.
Documentation: Manage revisions
On March 31, 2022, we released an updated version of Apigee X.
You can now use Private Service Connect (PSC) to connect to Apigee. This architectural pattern eliminates the need to create managed instance groups to forward requests from the global load balancer to Apigee. For details, see Using Private Service Connect.
March 29, 2022
Apigee XOn March 29, 2022, we released an updated version of Apigee X (1-7-0-apigee-28).
Bug ID | Description |
---|---|
N/A | Upgraded infrastructure and libraries |
March 28, 2022
Apigee RegistryOn March 28, 2022 Apigee hub released a new version of the software.
Bug ID | Description |
---|---|
226194605 | The design style was not saved on API update. |
226184510 | The related and dependencies edit forms were blank when opened. |
On March 28, 2022 we released an updated version of Apigee X.
You can now use Private Service Connect (PSC) to connect Apigee with backend target services running in VPC networks other than the one that is peered with your Apigee organization. For details, see Southbound networking patterns.
March 24, 2022
Apigee AnalyticsOn March 24, 2022, we released a new version of the Apigee Analytics software.
We welcome your feedback about the anomaly events feature in Advanced API Operations. If you have received an anomaly alert, you can send feedback about the alert in the API Monitoring Investigate dashboard by clicking the Anomaly Feedback button at the top of the Anomaly Event Details pane.
hybrid v1.6.6
On March 24, 2022 we released an updated version of the Apigee hybrid v1.6.6 software.
For information on upgrading, see Upgrading Apigee hybrid to version 1.6.
Bug ID | Description |
---|---|
224577096 | Support Added for Anthos Service Mesh 1.12 |
204368970 | Fixed a bug in TLS variables population |
199952038 | The apigeectl command uses the new --restore flag to restore Cassandra to a previously saved snapshot. For more information, see Restoring in a single region. |
hybrid v1.5.9
On March 24, 2022 we released an updated version of the Apigee hybrid v1.5.9 software.
For information on upgrading, see Upgrading Apigee hybrid to version 1.5.
Bug ID | Description |
---|---|
224577096 | Support Added for Anthos Service Mesh 1.12 |
204368970 | Fixed the bug in TLS variables population |
March 22, 2022
Apigee XOn March 22, 2022, we released an updated version of the Apigee X software.
Support for conditions in IAM policies
You can add resource conditions in your IAM policies. A resource condition lets you have granular control over your Apigee resources. For more information, see Adding resource conditions in IAM policies.
March 17, 2022
Apigee RegistryOn March 17, 2022 Apigee API hub released a new version of the software.
Added Related and Dependencies reference list cards to the API detail page.
Added ability to edit the links in the Related and Dependencies reference list cards.
Added title to the APIs list page.
Documentation: Customize the display
Updated the API History table to use the filename as the link to the spec detail page, instead of the timestamp, and swapped the order of the Filename and Date/Time columns.
Documentation: Manage revisions
Changed the label of the "Revision History" tab on the API detail page to "History".
Documentation: Manage revisions
Changed the System icon from a
Lock to a Check and changed the Search filter from a Circled Check to a Check on the Taxonomies page.Documentation: Manage taxonomies
Bug ID | Description |
---|---|
224570429 | Some pages did not set a proper page title. |
223927791 | There was a typo in the API Edit deployment form. |
222122131 | The API Document buttons in the API Deployments table did not update when a version was deleted or updated. |
219989013 | Line breaks did not render in API descriptions. |
218682838 | Could not delete the last revision of a spec if it had artifacts attached. |
210991828 | On the Taxonomy edit form, if an element name generated an ID that was too short or too long, a submit error occurred. |
201782973 | The API Filter form on the APIs list page did not take focus when opened. |
March 15, 2022
Apigee XOn March15, we released version 1.7x of Apigee X (1-7-0-apigee-22).
GraphQL policy now supports JSON-encoded payloads.
KVM pagination support now available (via the API only).
Note: When using the GraphQL policy, you can only provide one graphQL schema for verification in an environment.
Bug ID | Description |
---|---|
209622008 | Dynamic updates to rate in spike arrest are now reflected immediately. |
219523719 | Fix to address CPU and memory consumption when debug-session is enabled with response-status as the filtering criteria. |
March 07, 2022
Apigee RegistryOn March 7, 2022 Apigee API hub released a new version of the software.
Added ability to mark a deployment as the recommended deployment for an API.
Added tag to the Deployments table to identify which deployment is currently set as the recommended deployment for the API.
Added a button to the Deployments table that displays the version of the documentation revision that is currently assigned to the deployment and navigates to the documentation view of the revision, when clicked.
Added a button to the APIs list and API detail page that displays the version of the documentation revision that is currently assigned to the recommended deployment and navigates to the documentation view of the revision, when clicked.
Added button to the API detail page that opens the access information panel for the recommended deployment of the API, when clicked.
Changed the "Version" column in the Deployments table to "Documentation".
Added tab for display settings to the Settings page.
Added ability to define an organization name that will be used in the UI to identify APIs owned by the user's organization.
Items in the Deployment selection field in the Get Access side panel now signify if the deployment does not have any access information defined.
Bug ID | Description |
---|---|
221265023 | Fixed issue where the Get Access button in the Deployment list was visible even if the deployment had no access information. |
221265023 | Fixed issue where the Deployment selection field in the Get Access side panel would allow you to select deployments that had no access information defined. |
March 03, 2022
Apigee Adapter for EnvoyEnvoy adapter v2.0.5
On March 3, 2022 we released a new version of Apigee Adapter for Envoy v2.0.5.
Security release to address a Denial of Service (DoS) risk in the prometheus library. See CVE-2022-21698.
On March 3, 2022, we released new features for the Public Preview of configurable API proxies. To learn more, see Introduction to configurable API proxies.
HTTP request transforms are now available for use with configurable API proxies.
With HTTP request transforms, configurable API proxy developers can quickly rewrite HTTP request paths, header, and query parameters using HTTP Request Transforms. Rewriting is enabled using a simple configuration that can reference incoming path template segments, header values, or query parameter values.
For more information, see HTTP request transforms for configurable proxies.
Google authentication for securing targets is now supported when using configurable API proxies.
With this feature, configurable API proxy developers can secure their Google backend services using Google OAuth and automatically grant access to authorized API consumers. This offers the advantage of seamless integration with other Google services, without requiring API producers to manage private keys.
For more information, see Securing targets for configurable proxies.
Southbound mTLS can be enabled for use with configurable API proxies .
By adding south bound mTLS functionality to configurable proxies, Apigee customers can seamlessly maintain their current usage of mTLS when transitioning to the use of configurable proxies, or increase security for communications between existing configurable proxies and their backends.
For more information, see Enable south bound mTLS for configurable proxies.
Configurable API proxies now support the use of template variables.
Apigee property sets can be used to specify template variables for configurable API proxies in archive deployments. This feature enables customers to use string templates in their proxy configuration YAML files.
For more information, see Template variables for configurable proxies.
March 01, 2022
Apigee hybridhybrid v1.5.8
On March 1, 2022 we released an updated version of the Apigee hybrid v1.5.8 software.
For information on upgrading, see Upgrading Apigee hybrid to version 1.5.
Bug ID | Description |
---|---|
219523719 | Fix to address the CPU and memory consumption when debug-session is enabled with response-status as the filtering criteria. |
217386412 | Change the property set logging level to fine when property is not found. |
215773113 | Setting the securityPolicy appeared to have no effect for specific configurations. |
209484701 | Invalid client IP sent to analytics. |
189233354 | Distributed tracing with Jaeger would error out. |
Bug ID | Description |
---|---|
N/A | Multiple security fixes including CVE-2019-5021. |
February 28, 2022
Apigee hybridhybrid v1.6.5
On February 28, 2022 we released an updated version of the Apigee hybrid v1.6.5 software.
For information on upgrading, see Upgrading Apigee hybrid to version 1.6.
Bug ID | Description |
---|---|
217386412 | Change the property set logging level to fine when property is not found. |
215773113 | Setting the securityPolicy appeared to have no effect for specific configurations. |
211787541 | Errors displayed in synchronizer logs for stale contracts. |
209484701 | Invalid client IP sent to analytics. |
204905727 | GenerateResponse was hanging on response flow when enabled=true . |
191853747 | Apigee Workload Identities not working for specific configurations. |
173566787 | Reuse existing target IPs if DNS resolution fail on DNS cache refresh. |
111777025 | LookupCache: cachehit was shown false in trace when the actual value was true. |
Bug ID | Description |
---|---|
217743790 | ** Cassandra backup would run as privileged.** |
204994504 | Container Vulnerability fixed: CVE-2018-12934. |
N/A | Multiple security fixes including CVE-2019-5021. |
February 24, 2022
Apigee Integrated PortalOn February 24, 2022 we released an updated version of the Apigee Integrated Portal software.
Bug ID | Description |
---|---|
216299743 | Inconsistent button icon for delete in Pages. Updated the page delete button from | (circle with x) to (trash can).
210539825 | CSS compiler should gracefully handle errors with unexpected form. Fixed a rare issue where some custom CSS payloads would result in an Internal Server Error . |
205579028 | 500s caused by could not get auth token for GCP . Periodically, under high load, GCP Authentication would fail on the backend and return a 500 internal exception . |
194226935 | Update site pages to link to Quickstart documentation. The Quick Start tutorial is no longer embedded in the portal. See Build your first portal in the Apigee documentation. |
February 22, 2022
Apigee UIOn February 22, 2022 we released an updated version of the Apigee UI software.
The following accessibility improvements have been made in the Apigee UI:
- In the Develop > API Proxies view, the screen reader now reads "Create new proxy" for the Create New button
- In the Traffic column of the API Proxies view, the screen reader now reads the traffic tooltip text, and the tooltip has been removed.
- In the Last Modified column, the screen reader now reads a message like "5 months ago on Sep 17, 2021 6:21 PM," and the tooltip has been removed.
- Hovering the mouse in the Action column now displays a menu showing the Delete item, to make it accessible.
Bug ID | Description |
---|---|
170748813 | The help text in the project selector menu at the top of the UI was out of date. The information has now been updated. |
220188457 | Proxy/sharedflow undeployment was failing in the new Proxy Editor. This has been fixed. |
February 21, 2022
Apigee IntegrationOn February 21, 2022 we released an updated version of the Apigee Integration software.
Bug ID | Description |
---|---|
N/A | Cloud Pub/Sub trigger having same topic in multiple region fails. You can now create a Cloud Pub/Sub trigger for the same topic in multiple regions. Because of this fix, your already existing Cloud Pub/Sub trigger may now execute multiple times. Contact Apigee support if you notice this problem. However, if you haven't used the Cloud Pub/Sub trigger in your integrations, you can ignore this fix. |
February 15, 2022
Apigee RegistryOn February 15, 2022 Apigee API hub released a new version of the software.
Added Deployment List to API detail page.
Documentation: Deployments and Manage deployments
Added ability to create new deployments for an API.
Added ability to edit existing deployments for an API.
Added ability to delete existing deployments for an API.
Added ability to view access information for a deployment of an API.
On February 15, 2022 we released an updated version of the Apigee UI software.
New Overview Tab in Proxy Editor
We have released a new version of the Overview tab in the Proxy Editor. See Introducing the new Proxy Editor.
Note: The new features in this release will be rolled out over the next week, so you might not be able to view them until the rollout is complete.
The UI now shows a warning when an API Product is in legacy format, stating that some of the displayed fields might be legacy fields.
Bug ID | Description |
---|---|
201759530 | Operations that did not have methods defined were not appearing in the operations table in the API Products UI |
199814779 | The test button in Admin > Environments > Keystores was not working correctly. The button has been temporarily removed from the UI. |
On February 15, 2022 we released an updated version of the Apigee X software.
Backend target routing with Private Service Connect
You can now use Private Service Connect (PSC) to connect Apigee with backend target services running in VPC networks other than the one that is peered with your Apigee organization. For details, see Southbound networking patterns.
February 09, 2022
Apigee RegistryOn February 9, 2022 Apigee API hub released a new version of the software.
Changed "Add API" to "Register API" across the application.
API search now matches description text.
Bug ID | Description |
---|---|
216809912 | Gateway taxonomy has been removed from the API edit form. |
218092962 | The filter button did not close the API filter. |
February 08, 2022
Apigee Integrated PortalOn February 8, 2022 we released an updated version of the Apigee Integrated Portal software.
Bug ID | Description |
---|---|
212421254 | Consumers can access teams in a portal for which they have no IDP account. Before, a consumer could access a team as long as they were added to the team and had an IDP account in the same organization as the team. Now they can only access the team if they are added as a member and have an IDP account in the same portal as the team. |
209436418 | Display asset file sizes in megabytes. Asset file size was being incorrectly displayed in mebibytes and is now shown in megabytes. |
207130598 | Improve asset upload error messages. Improved an error message when an unsupported image type was uploaded. |
205963075 | New portal name rules are not enforced on backend. The same portal name rules that were already enforced on the front end are now also enforced on the backend. |
205881764 | Cannot delete mobile logo/favicon in Apigee X/Hybrid. Fixed a bug where Apigee X and Hybrid customers could not delete mobile logos or favicons. |
205629978 | Broken HTML after portals v2 migration. The live portal of the upgraded portal will not be displayed correctly after migrating a portal from v1 to v2. |
205581372 | Users endpoint should not crash when passed an invalid Enum value. Passing an invalid sortBy value to the providers/{scope}/users endpoint is now handled gracefully. |
196875216 | Team does not exist exceptions should not be reported as 500s . When API producers attempted to retrieve a team which does not exist, they got an uniformative 500 . Now they get an easy-to-read 404 . |
On February 8, 2022 we released an updated version of the Apigee UI software.
Bug ID | Description |
---|---|
212782769 | An issue prevented editing a new target server that used a keystore reference, and selecting a key alias when using a keystore. |
On February 8, 2022 we released an updated version of the Apigee X software.
Bug ID | Description |
---|---|
N/A | Upgraded infrastructure and libraries |
February 02, 2022
Apigee UIOn February 2, 2022 we released an updated version of the Apigee UI software.
The Apigee provisioning wizard can now auto-allocate /22 and /28 IP address ranges, instead of the larger /21 range
This feature makes it easier to allocate IP address ranges when you are provisioning Apigee. The feature is an enhancement to the IP range feature released on Jan. 24, 2022.
Bug ID | Description |
---|---|
205810610 | Products couldn't be removed from an app if the product's name contained a trailing space |
January 31, 2022
Apigee RegistryOn January 31, 2022 Apigee API hub released a new version of the software.
Bug ID | Description |
---|---|
216513294 | API hub pages did not refresh after switching projects. |
hybrid v1.6.4
On January 31, 2022 we released an updated version of the Apigee hybrid v1.6.4 software
For information on upgrading, see Upgrading Apigee hybrid to version 1.6.
Bug ID | Description |
---|---|
214960081 | HTTPS endpoints could be called as HTTP resulting in an "EOF unexpected" error. |
210590135 | Invalid protocol in proxy.url flow variable in Apigee X. The proxy.url flow variable could show as http even when the request is https . |
203785814 | A transient error could occur when calling conversion webhook for Apigee Telemetry. The error would occur when Apigee CRD is installed too early in the sequence. The installer job now checks for the correct sequence. |
197945951 | Stale DNS record in MP memory could cause an outage for a proxy. |
210314786 | The backup utility did not work with workload identity. |
January 28, 2022
Apigee XOn January 28, 2022 we released an updated version of the Apigee X software.
UI updates for service networking and instance creation
UI updates were made to support changes to network IP CIDR range requirements for service networking and instance creation. These changes simplify Apigee provisioning.
hybrid v1.5.7
On January 28, 2022 we released an updated version of the Apigee hybrid v1.5.7 software
For information on upgrading, see Upgrading Apigee hybrid to version 1.5.
Bug ID | Description |
---|---|
214960081 | HTTPS endpoints could be called as HTTP resulting in an EOF unexpected error. |
204368970 | TLS variables were not being set by Apigee Runtime. |
189341334 | Fixed potential connection leaks for watcher component. |
January 26, 2022
Apigee RegistryOn January 26, 2022 Apigee API hub released a new version of the software.
Added the ability to view the contents of spec revisions.
Added the ability to download spec revision files.
January 24, 2022
Apigee XOn January 24, 2022 we released an updated version of the Apigee X software.
Reduce the IP range required to peer your VPC network
The required IP range needed to peer your VPC network to the Apigee network is now limited to a non-overlapping CIDR range of /22. This change simplifies Apigee provisioning. Note that the provisioning step for service network configuration has been updated to reflect this change. For more information, see Understanding peering ranges.
January 21, 2022
Apigee RegistryOn January 21, 2022 Apigee API hub released a new version of the software.
Added API spec Revision history tab to the API detail page.
Added the ability to upload new API spec revisions from the API spec Revision history tab.
Added the ability to add new versions from the API spec Revision history tab.
January 19, 2022
Apigee IntegrationOn January 19, 2022 we released an updated version of the Apigee Integration software.
Filter clause in the Connectors task
You can add a filter to restrict the amount of data processed by an entity operation. For more information, see Add a filter for an operation.
Upload and download integrations
The Upload/download menu button in the integration designer lets you upload and download integrations in a JSON file format. For more information, see Upload and download integrations.
January 17, 2022
Apigee UIOn January 17, 2022 we released an updated version of the Apigee UI software.
Bug ID | Description |
---|---|
211983110 | Product link in app detail page was broken. |
December 15, 2021
Apigee RegistryOn December 15, 2021, Apigee API hub launched as private preview.
Private preview is available by invitation to a small set of customers for testing and feedback before becoming more broadly available.
At private preview, products or features are ready for testing by customers. Preview offerings are often publicly announced, but are not necessarily feature-complete, and no SLAs or technical support commitments are provided for these. Unless stated otherwise by Google, private preview offerings are intended for use in test environments only.
December 03, 2021
Apigee Adapter for Envoyv2.0.4
On December 3, 2021 we released an updated version of the Apigee Adapter for Envoy v2.0.4 software.
▶ Click to see the list of supported platforms.
We publish binaries for MacOS, Linux, and Windows, and in this version, we support the following platforms:
- Apigee hybrid version 1.4.x, 1.5.x, 1.6.x
- Apigee X
- Apigee Edge for Public Cloud
- Apigee Edge for Private Cloud
- Istio versions 1.10, 1.11, 1.12
Envoy versions 1.17, 1.18, 1.19, 1.20
Bug ID | Description |
---|---|
360 | A nil-check was added for the PEM block private key loading to avoid panic. |
104 | Remote service authorization errors are now logged at the Debug level. An exception to this categorization is made for token fetching errors for API keys. In that case, errors are logged at the Error level so that they are visible even if Debug log level for apigee-remote-service-envoy is disabled. See also Setting remote service log levels. |
The list of supported Envoy and Istio versions for the CLI samples command has been updated. These versions are now supported for samples:
- Envoy versions 1.18 to 1.20
- Istio versions 1.10 to 1.12
November 03, 2021
Apigee MonetizationOn November 3, 2021 we released an updated version of the Apigee Monetization software.
DataCapture policy captures monetization variables
You can configure the DataCapture policy to capture a transaction's monetization information such as revenue, currency, price multiplier, and status. For more information, see Monetization variables.
Prepaid billing
Apigee now supports the prepaid billing of developers, as well as postpaid billing. In prepaid billing, app developers pay in advance even before using your API products. The upfront payment made by the developers is available in the developer's wallet, which can have different currencies. You can track a developer's balance in real time and block API calls if a developer has insufficient funds.
Revenue sharing with developers
The revenue sharing feature enables developers to receive a percentage of the total revenue generated. As an API provider, you can configure Revenue share in your rate plan to share a specific percentage of the revenue with your developer partners.
Volume banded consumption pricing
Rate plan supports the new Banded type of consumption based fees. You can configure variable fees for each monetized transaction based on a band. A band refers to an API consumption range, and you can configure a different fee for each band.
Dynamic consumption pricing
To calculate the cost of a transaction, you can specify a multiplier (perUnitPriceMultiplier) value on top of the pre-configured base price in your DataCapture policy.
Criteria for successful transaction
You can specify if a transaction must be monetized or not by configuring the transactionSuccess monetization variable in your DataCapture policy.
Bug ID | Description |
---|---|
199807323 | A prepaid developer is set as a postpaid developer after updates to the prepaid developer. |
198549304, 197730687, 196937143, 188370635, 187890034 | Apigee displays improved error messages during rate plan creation. |
192987085 | Fixed the ApiProductNotFound exception, which occurred when you deleted an API product but the deletion of associated rate plans was pending. |
188407113 | Invalid value in the ConsumptionPricingType during rate plan creation displayed the 500 status code. Now the status code for an invalid value is 4xx . |
The rateplans
API doesn't support the paymentFundingModel
field.
October 06, 2021
Apigee ConnectorsGA release
On October 6, 2021 we released the GA version of the Apigee Connectors software.
Support for display names in the Connectors UI
Connectors now supports the addition of a display name for connections in the Connectors UI.
Service Account authentication for Connection workloads
With this release, Connectors now supports the use of customer Service Accounts as an authentication option for most Connectors workloads.
Support for pagination in LIST calls to Entity APIs
Connectors now supports the option to paginate LIST calls to Entity APIs from Apigee Integration. With the pagination option, Apigee Integration can now request lists of entities in batches using the Connector task.
September 21, 2021
Apigee Adapter for Envoyv2.0.3
On September 21, 2021 we released an updated version of the Apigee Adapter for Envoy v2.0.3 software.
▶ Click to see the list of supported platforms.
We publish binaries for MacOS, Linux, and Windows, and in this version, we support the following platforms:
- Apigee hybrid version 1.4.x, 1.5.x, 1.6.x
- Apigee X
- Apigee Edge for Public Cloud
- Apigee Edge for Private Cloud
- Istio versions 1.10, 1.11, 1.12
Envoy versions 1.17, 1.18, 1.19
Bug ID | Description |
---|---|
N/A | An analytics logging issue with direct responses was fixed. The issue only occurred under certain circumstances. For example: a) For requests not requiring authn/z check, no authContext was generated and dynamic metadata was nil causing the access log entry to be ignored. b) The denied response used RPC code instead of HTTP code, causing records to be shown in the Apigee UI as success. |
September 08, 2021
Apigee ConnectorsPrivate preview release
This is a Private preview of the Connectors feature for Apigee Integration on Apigee X. With the release of Connectors, Apigee Integration customers can connect to business applications, technologies, and other data sources using the native protocols of each target application. With Connectors, both Google Cloud services and third-party business applications are exposed to Apigee Integration through a transparent, standard interface. Apigee Integration users can quickly connect to a growing pool of applications and systems of record without the need for protocol-specific knowledge or the use of custom code.
With this release, the Connectors platform is now available within the Cloud console under Apigee > Connectors. Users with Apigee credentials, Apigee X orgs, and Connectors entitlement can use the Connectors UI to create new connections for use in Apigee Integration.
Connectors supported in this release:
- BigQuery (Preview) connection
- Salesforce connection
- CloudSQL for MySQL connection
- CloudSQL for PostgreSQL connection
- Cloud Pub/Sub connection
Learn more:
March 24, 2021
Apigee AnalyticsOn March 24, 2021 we released an updated version of the Apigee Analytics software.
Advanced API Operations
This is the GA release of Apigee's Advanced API Operations (AAPI Ops), which provides tools to help you ensure that your APIs stay up and running as intended. AAPI Ops automatically detects unusual patterns in API traffic—called anomalies—such as spikes in latency or error rate.
AAPI Ops enables you to:
February 05, 2021
Apigee AnalyticsOn February 5, 2021 we released an updated version of the Apigee Analytics software.
Recent view
The new API Monitoring Recent view displays treemaps of API traffic by proxy. A treemap displays traffic data for each proxy as a rectangle, whose size is proportional to the amount of traffic in the proxy. The colors of the rectangle indicate the relative sizes of the following variables:
- Number of incidents triggered by alerts.
- Error rate
- Maximum latency 50th percentile (median)
Additional channels for sending alert notifications
Apigee API Monitoring now supports the following channels for sending alert notifications:
- PagerDuty
- Slack
- Webhooks