([#64706](https://github.com/kubernetes/kubernetes/pull/64706), [@liztio](https://github.com/liztio))

/docs/concepts/services-networking/network-policies/#targeting-a-range-of-ports) to GA. Network Policy providers that support `endPort` field now can use it to specify a range of ports to apply a Network Policy. Previously, each Network Policy could only target a single port.

Please be aware that `endPort` field **MUST BE SUPPORTED** by the Network Policy provider. If your provider does not support `endPort`, and this field is specified in a Network Policy, the Network Policy will be...

- The in-tree cloud provider for AWS (and the EBS storage plugin) has now been removed. Please use the external cloud provider and CSI driver from https://github.com/kubernetes/cloud-provider-aws instead. ([#115838](https://github.com/kubernetes/kubernetes/pull/115838), [@torredil](https://github.com/torredil)) [SIG API Machinery,...

- Kubelet, when using cloud provider external, initializes temporary the node addresses using the --node-ip flag values if set, until the cloud provider overrides it. ([#121028](https://github.com/kubernetes/kubernetes/pull/121028), [@aojea](https://github.com/aojea)) [SIG Cloud Provider and Node]

* The AWS credential provider can now obtain ECR credentials even without the AWS cloud provider or being on an EC2 instance. Additionally, AWS credential provider caching has been improved to honor the ECR credential timeout. ([#75587](https://github.com/kubernetes/kubernetes/pull/75587), [@tiffanyfay](https://github.com/tiffanyfay))

        // Verify it's the same instance for all provider instances
        FessUserTimeZoneProcessProvider provider1 = new FessUserTimeZoneProcessProvider();
        FessUserTimeZoneProcessProvider provider2 = new FessUserTimeZoneProcessProvider();

        TimeZone tz1 = provider1.getRequestedTimeZone(requestManager);
        TimeZone tz2 = provider2.getRequestedTimeZone(requestManager);

        assertSame(tz1, tz2);

- Fix: consolidate logs for instance not found error (#105364, @nilo19) [SIG Cloud Provider]
- Fix: ignore not a VMSS error for VMAS nodes in EnsureBackendPoolDeleted. (#105404, @ialidzhikov) [SIG Cloud Provider]
- Fix: ignore the case when updating Azure tags (#104687, @nilo19) [SIG Cloud Provider]

* Fix space issue in volumePath with vSphere Cloud Provider ([#38338](https://github.com/kubernetes/kubernetes/pull/38338), [@BaluDontu](https://github.com/BaluDontu))
* Fix issue when attempting to unmount a wrong vSphere volume ([#37413](https://github.com/kubernetes/kubernetes/pull/37413), [@BaluDontu](https://github.com/BaluDontu))

        FessJsonResourceProvider provider1 = new FessJsonResourceProvider();
        FessJsonResourceProvider provider2 = new FessJsonResourceProvider();

        assertNotSame(provider1, provider2);

        // Both instances should have the same behavior
        assertEquals(provider1.isNullsSuppressed(), provider2.isNullsSuppressed());
        assertEquals(provider1.isPrettyPrintSuppressed(), provider2.isPrettyPrintSuppressed());

- The in-tree cloud provider for OpenStack (and the cinder volume provider) has been removed. Please use the external cloud provider and csi driver from [cloud-provider-openstack](https://github.com/kubernetes/cloud-provider-openstack) instead. ([#67782](https://github.com/kubernetes/kubernetes/pull/67782), [@dims](https://github.com/dims))