This document explains how to upgrade certified and custom integrations in the Google Security Operations Marketplace to the latest Python version. As older Python versions are deprecated, integrations using unsupported versions must be updated to facilitate continued operation.
If your certified or custom integration code uses a deprecated Python version, you must manually update it. Use IDE Staging mode to update integration code without impacting production environments.
Before you begin
Make sure that your permission group includes All Environments access.
For more information, refer to
Work with permission groups.
Upgrade integrations
Go to Response > IDE; if any integrations are using outdated Python versions, a banner appears in the IDE, Marketplace, and Playbooks pages.
Click View Integration to see a list of integrations.
Click Close to dismiss the banner.
In the integrations list, select the integration to upgrade.
Click
more_vert
More
> Push to staging. This step creates a copy of the integration for testing.
Click the Production toggle from Production to Staging.
On the same integration, click
more_vert
More
> Configure instance.
Continue with either of the following upgrade paths:
For information on how to configure instances,
read
Configure instances. This creates a staging instance that does not appear in the main configuration list. Only one staging instance is allowed per integration.
Upgrade certified integrations to the latest Python version
In Response > IDE, click Upgrade to switch the integration and its dependencies to the latest Python version.
If this integration includes custom elements, update their code accordingly.
In the Testing section, enter the required parameters,
including the staging instance that you configured earlier.
Verify that there are no errors in the Debug Output.
On the same integration, click
more_vert More > Push to production.
Click the Production toggle back to Production mode, if needed.
Upgrade custom integrations to the latest Python version
Follow this procedure to update the Script Dependencies in custom integrations.
In the dialog Running on Python field, change the Running on Python field to the latest Python version (for example, Python 3.11).
Under Script Dependencies, copy and save the dependency names locally.
Delete these dependencies from the list, and click Save
Copy each of the dependency names (without the version or target OS) from your
file to the Libraries field and click Add. For example, change requests-2.27.1-none-any.whl
to requests and then add it to the Libraries field. The platform downloads each dependency with the latest Python version already configured.
Upgrade remote agents
If you're working with Remote Agents, you need to upgrade both the agent and its
integrations, running on them as follows:
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-08-29 UTC."],[[["\u003cp\u003eThe Google SecOps platform is upgrading to Python 3.11 for improved security and performance, which will deprecate older Python versions.\u003c/p\u003e\n"],["\u003cp\u003eCustom code in certified or custom Python 2 integrations must be manually updated to Python 3.11 using the IDE staging mode to avoid production disruptions.\u003c/p\u003e\n"],["\u003cp\u003eThe new \u003cstrong\u003ePy2to3\u003c/strong\u003e community integration is available to assist in refactoring custom code from Python 2 to Python 3.11 and is accessible through the Marketplace and IDE.\u003c/p\u003e\n"],["\u003cp\u003eCertified integrations can be upgraded to Python 3.11 directly through the IDE, while custom integrations require manual dependency updates to ensure compatibility.\u003c/p\u003e\n"],["\u003cp\u003eA CLI script is provided with the \u003cstrong\u003ePy2to3\u003c/strong\u003e integration allowing for local refactoring of code and then updating the staged integration to python 3.11, with options for testing and pushing changes to production, and remote agents also require updates.\u003c/p\u003e\n"]]],[],null,["# Upgrade the Python version\n==========================\n\nSupported in: \nGoogle secops [SOAR](/chronicle/docs/secops/google-secops-soar-toc)\n\nThis document explains how to upgrade certified and custom integrations in the Google Security Operations Marketplace to the latest Python version. As older Python versions are deprecated, integrations using unsupported versions must be updated to facilitate continued operation.\n\nIf your certified or custom integration code uses a deprecated Python version, you must manually update it. Use **IDE Staging** mode to update integration code without impacting production environments.\n| **Note:** After a Python version reaches end of life, integrations using it will stop running on the platform. For more information and deprecation dates, refer to [Feature deprecations](/chronicle/docs/deprecations).\n| **Note:** Updating code in staging does not automatically update production connectors or jobs. You must upgrade each connector and job individually after deploying new code to production.\n\nBefore you begin\n----------------\n\nMake sure that your permission group includes **All Environments** access. For more information, refer to [Work with permission groups](/chronicle/docs/soar/admin-tasks/permissions/working-with-permission-groups).\n\nUpgrade integrations\n--------------------\n\n1. Go to **Response \\\u003e IDE**; if any integrations are using outdated Python versions, a banner appears in the IDE, Marketplace, and Playbooks pages.\n2. Click **View Integration** to see a list of integrations.\n3. Click **Close** to dismiss the banner.\n4. In the integrations list, select the integration to upgrade.\n5. Click more_vert **More\n \\\u003e Push to staging**. This step creates a copy of the integration for testing.\n6. Click the **Production** toggle from **Production** to **Staging**.\n7. On the same integration, click more_vert **More\n \\\u003e Configure instance**.\n8. Continue with either of the following upgrade paths:\n - [Upgrade certified integrations to the latest Python version](#upgrade-certified-integrations-to-python)\n - [Upgrade custom integrations to the latest Python version](#upgrade-custom-integrations-to-python)\n\nFor information on how to configure instances,\nread [Configure instances](/chronicle/docs/soar/respond/integrations-setup/supporting-multiple-instances). This creates a staging instance that does not appear in the main configuration list. Only one staging instance is allowed per integration.\n\nUpgrade certified integrations to the latest Python version\n-----------------------------------------------------------\n\n1. In **Response \\\u003e IDE** , click **Upgrade** to switch the integration and its dependencies to the latest Python version.\n2. If this integration includes custom elements, update their code accordingly.\n3. In the **Testing** section, enter the required parameters, including the staging instance that you configured earlier.\n4. Verify that there are no errors in the **Debug Output**.\n5. On the same integration, click more_vert **More \\\u003e Push to production**.\n6. Click the **Production** toggle back to **Production** mode, if needed.\n\nUpgrade custom integrations to the latest Python version\n--------------------------------------------------------\n\nFollow this procedure to update the **Script Dependencies** in custom integrations.\n\n1. Click more_vert **More** \\\u003e **Configure custom integration**.\n2. In the dialog **Running on Python** field, change the **Running on Python** field to the latest Python version (for example, **Python 3.11**).\n3. Under **Script Dependencies**, copy and save the dependency names locally.\n4. Delete these dependencies from the list, and click **Save**\n5. Copy each of the dependency names (without the version or target OS) from your file to the **Libraries** field and click **Add** . For example, change `requests-2.27.1-none-any.whl` to `requests` and then add it to the **Libraries** field. The platform downloads each dependency with the latest Python version already configured.\n\nUpgrade remote agents\n---------------------\n\nIf you're working with Remote Agents, you need to upgrade both the agent and its\nintegrations, running on them as follows:\n\n1. Go to **SOAR Settings \\\u003e Advanced \\\u003e Remote Agents**.\n2. Click **Update Available**.\n3. Upgrade the agent using the appropriate method:\n - Docker: Follow [Perform a major upgrade of a Docker image](/chronicle/docs/soar/working-with-remote-agents/upgrade-agent-docker-image).\n - Red Hat (RHEL): See [Perform a major upgrade using installer for RHEL](/chronicle/docs/soar/working-with-remote-agents/upgrade-agent-requirements-for-rhel).\n - CentOS: See [Perform a major upgrade using installer for CentOS](/chronicle/docs/soar/working-with-remote-agents/upgrade-agent-requirements-for-centos).\n4. After upgrading the agent, follow the integration upgrade steps described in this document.\n\n\u003cbr /\u003e\n\n**Need more help?** [Get answers from Community members and Google SecOps professionals.](https://security.googlecloudcommunity.com/google-security-operations-2)"]]
