Welcome to issue #340 April 3rd, 2023

News

Infrastructure Official Blog

Hayyakom, Doha! New Google Cloud region now open in Qatar - The new Doha region provides low-latency, highly available cloud services to help Qatari customers accelerate digital transformation.

AI Data Analytics Machine Learning Official Blog

Solving for the next era of innovation and efficiency with data and AI - Announcing new products to help optimize price-performance, embrace open ecosystems, securely set data standards, and add AI and ML to existing data.

AI Gen App Builder Official Blog

Build new generative AI powered search & conversational experiences with Gen App Builder - Google Cloud’s Generative AI App Builder brings the power of generative AI to developers, businesses, and governments.

BigQuery Billing Data Analytics Official Blog

New BigQuery editions: flexibility and predictability for your data cloud - New BigQuery pricing editions and autoscaling let you choose the right price-performance for your workloads, and pay for only what you use.

BigQuery Machine Learning Official Blog

Announcing new BigQuery inference engine to bring ML closer to your data - We are announcing BigQuery ML inference engine, which allows you to run predictions on a broad range of models hosted across multiple locations.

BigQuery Data Analytics Official Blog

Secure and privacy-centric sharing with data clean rooms in BigQuery - BigQuery data clean rooms can help organizations create and manage secure environments for privacy-centric data sharing, analysis, and collaboration.

Data Analytics Looker Official Blog

Introducing Looker Modeler: a single source of truth for BI metrics - By defining metrics and storing them in Looker Modeler, users can consume metrics based on fresh data across popular BI tools and cloud databases.

AlloyDB Official Blog

Run AlloyDB anywhere - in your data center, your laptop, or in any cloud - Today, we’re excited to announce the technology preview of AlloyDB Omni, a downloadable edition of AlloyDB designed to run on premises, at the edge, across clouds, or even on developer laptops.

AlloyDB Official Blog

Accelerate database modernization with Google Cloud Ready - AlloyDB validated partners - Google Cloud announces the public launch of Google Cloud Ready - AlloyDB, to help customers discover trusted partner products that work well with AlloyDB.

Confidential Computing Official Blog

Confidential Space: The future of privacy-preserving collaboration - Confidential Space, which builds on our confidential computing portfolio, has reached general availability.

Contact Center AI Official Blog

Google Cloud Contact Center AI reimagines the customer and agent experience - How Google Cloud’s updated CCA platform helps companies to create more powerful customer service experiences powered by generative AI.

HPC Official Blog

IBM Spectrum Scale is now available in Google Cloud - Google Cloud and Sycomp are introducing Sycomp Storage Fueled by IBM Spectrum Scale for HPC, AI/ML, and Big Data workloads.

AI GPU Official Blog

Google Cloud and NVIDIA bring next-generation AI infrastructure and software for large scale models and generative AI applications to enterprises - NVIDIA and Google Cloud help companies accelerate generative AI and other modern AI workloads.

Cloud Deploy Official Blog

Distributing software everywhere, all at once - a look at Cloud Deploy multi-target - Cloud Deploy now supports multiple target deployments, allowing updates to run at the same time; faster and easier.

Sponsor

Articles, Tutorials

Infrastructure, Networking, Security, Kubernetes

CISO Official Blog Security

Cloud CISO Perspectives: March 2023 - This month, Google Cloud CISO Phil Venables reviews his thoughts on the Biden Administration’s National Cybersecurity Strategy released earlier in the month.

CISO Official Blog Security

Helping U.S.-based financial services firms manage third-party due diligence requirements when using Google Cloud - FSI customers are concerned about effectively meeting their public cloud regulatory requirements. Google Cloud understands the compliance requirements and can help FSI customers meet them throughout their cloud journey.

Google Kubernetes Engine Official Blog

Workload Identity for GKE made easy with open source tools - Kaniko allows limited credential exposure to help GKE workloads authenticate to other services safely.

Chronicle Official Blog

How to optimize SLA execution with Chronicle SOAR - As SLA adoption grows, so will the need for security tools that make meeting SLAs more about quality than speed. Enter: Chronicle SOAR.

Infrastructure

The Cloud is speaking CO2? - The best in class of CO2 emission is really the one you think ? And What about the money ?

Infrastructure Network Connectivity Center Networking

Troubleshooting Reachability with Network Intelligence Center Connectivity Test - Troubleshooting potential network issues with Connectivity Tests.

Data Loss Prevention API

Cloud DLP as an essential security tool - An overview of Cloud DLP.

IAM Security

Organization Policy Administrator: How to Delegate the Organizational Policy Administrator role - This article demonstrates how to delegate Organization Policy Administrator role.

App Development, Serverless, Databases, DevOps

AlloyDB Official Blog

How do I start using AlloyDB Omni? - How and why should you care about our new run-anywhere product, AlloyDB Omni and how it’s different from Cloud AlloyDB.

AlloyDB Cloud SQL Official Blog

Process to drop partitions concurrently within PostgreSQL (Cloud SQL or AlloyDB) - Automating partition management and maintenance, for efficient data management within PostgreSQL in Cloud SQL and AlloyDB.

NoSQL

Firestore: A Powerful NoSQL Database for Your App - Mastering Firestore: Tips, Tricks, and Best Practices.

Cloud Firestore Firebase Kotlin

How to use OR queries in Firestore? - A solution for mastering logical OR queries in Firestore. Tips and Tricks for efficient Firestore queries.

Big Data, Analytics, ML&AI

Data Analytics Official Blog

Accelerate time to value with Google’s Data Cloud for your industry - Learn the latest data solutions and frameworks for building a modern data cloud for your industry with Google’s Data Cloud.

Billing Cloud Composer

Reduce your Cloud Composer bills (Part 2) - Use Scheduled CICD pipelines to shut down environments and restore them to their previous state.

Cloud Dataflow Terraform

Enabling private IPs only on GCP Dataflow with Terraform - Running Dataflow with private IPs.

BigQuery Billing

BigQuery Editions and What You Need to Know - Comprehensive Guide to the Changes on BigQuery Compute from BigQuery Editions Announcement.

BigQuery Billing

Compressed storage pricing - This blog is part of a larger series of articles covering the recent announcement of BigQuery Editions.

BigQuery

How comprehensive are the new Primary Keys and Foreign Keys in BigQuery? - Exploring Foreign Keys functionality in BigQuery.

Distributed Hyperparameter Tuning in Vertex AI Pipeline - A path to enable the distributed hyperparameter tuning in GCP Vertex AI pipeline.

AI Official Blog Vertex AI

Your guide to Generative AI support in Vertex AI - Organizations can build with the generative AI models they need with Vertex AI’s Model Garden and fine-tune models with Generative AI Studio.

AI Official Blog TensorFlow

How do I speed up my Tensorflow Transformer models? - Speeding up model inference for transformer models with optimized Tensorflow runtime and Vertex AI.

Various

GCP Certification Official Blog

Jump start your future career with Google Cloud certifications - With businesses using the cloud in new ways come new and expanded roles — and certifications to help you gain the right training and experience.

Google Cloud Platform Official Blog

Alicia Abella has a PhD and 29 patents to her name — now she’s helping telcos transform and creating opportunities for others to join tech - Cuban Googler Alicia Abella is a trailblazer, bringing transformation to global telco companies and creating opportunities for others in STEM.

Google Maps Platform Official Blog

What five women mapmakers think of the future of geospatial services - As Women’s History Month comes to a close, we’re proud to shine a light on these women making a difference in the industry and on the Google Maps Platform team.

Google Cloud Platform Official Blog

Google chip design team benefits from move to Google Cloud - By migrating to Google Cloud, Google’s chip design team removed infrastructure limitations keeping them from their main goal: designing chipsets.

GCP Certification Official Blog

The Google Cloud Innovators Program: Everything you need to know to get started, build, and grow - Whether you're a student, researcher, developer, practitioner, or influencer, there’s a Google Cloud Innovators program level that’s right for you.

Slides, Videos, Audio

Kubernetes Podcast - #198 Breaking Kubernetes For Fun and Profit, with David Flanagan.

Security Podcast - #114 Minimal Viable Secure Product (MVSP) - Is That a Thing?

 

Releases

Access Approval - Access Approval supports Cloud Composer in the GA stage.

AlloyDB - AlloyDB Omni is available in Preview.

Anthos Config Management - Config Controller now uses the following versions of its included products: Config Connector v1.101.0, release notes.

Anthos clusters on bare metal - 1.13 & 1.14. Cluster lifecycle improvements 1.13.1 and later Starting with Anthos clusters on bare metal release 1.13.1, you can use the Google Cloud console or the gcloud CLI to create admin clusters. 1.12. Release 1.12.9 Anthos clusters on bare metal 1.12.9 is now available for download. FIxes: The following container image security vulnerabilities have been fixed: CVE-2021-41990 CVE-2021-41991 CVE-2021-45079 CVE-2022-40617 CVE-2023-23916. Known issues: For information about the latest known issues, see Anthos clusters on bare metal known issues in the Troubleshooting section.

Anthos clusters on VMware - Anthos clusters on VMware 1.12.7-gke.19 is now available. Added admin cluster CA certificate validation to the admin cluster upgrade preflight check. Fixed an issue where using gkectl update to enable Cloud Audit Logs did not work.

Artifact Registry - v1. Artifact Registry is now available in the me-central1 region (Doha, Qatar). v1. Artifact Registry is now available in the europe-west12 region (Turin, Italy). v1. Artifact Registry repositories with gcr.io domain support are now generally available.

Bare Metal Solution - You can now view Bare Metal Solution infrastructure metrics in the Google Cloud console.

BigQuery - BigQuery ML documentation is now integrated with BigQuery documentation to unify resources for data analysis and machine learning tasks such as inference. BigQuery Partner Center, which can be used to discover and try validated partner applications, is now generally available (GA). Compute (analysis) is now generally available (GA) in three new BigQuery editions: Standard, Enterprise, and Enterprise Plus. Autoscaling slots are now generally available (GA). You can now use the tf_version training option to specify the Tensorflow (TF) version during model training. You can now import model artifacts saved in ONNX, XGBoost, and TensorFlow Lite formats into BigQuery for inference, allowing you to leverage models built in popular frameworks directly within the BigQuery ML inference engine. A weekly digest of client library updates from across the Cloud SDK. BigQuery now supports change data capture (CDC) by processing and applying streamed changes in real-time to existing data using the BigQuery Storage Write API.

BigTable - Cloud Bigtable instance and table metadata is now automatically synced to Data Catalog, a feature of Dataplex, for improved data discovery and governance. You can now use Key Visualizer for Cloud Bigtable to analyze tables that are at least 1 GB.

Chronicle - UDM Search - Grouped fields Grouped fields are aliases for groups of related UDM fields. The following supported default parsers have changed.

Key Access Justifications - v1. Access Approval supports Cloud Composer in the GA stage.

Cloud Composer - Cloud Composer 2 now supports access with external identities through workforce identity federation. Fixed a problem where upgrade checks were failing for some Cloud Composer 2 environments. The default value for the dag_dir_list_interval Airflow configuration option is changed from 30 to 120 seconds. Increased the timeout for environment operations performed by Cloud Build to 35 minutes. Cloud Composer 2.1.11 and 1.20.11 images are available: composer-2.1.11-airflow-2.4.3 (default) composer-2.1.11-airflow-2.3.4 composer-1.20.11-airflow-1.10.15 composer-1.20.11-airflow-2.4.3 composer-1.20.11-airflow-2.3.4.

Confidential VM - Confidential Space is now generally available.

Compute Engine - Generally available: You can use the Regional disk replica state metric in Cloud Monitoring to track the states of your regional Persistent Disk zonal replicas. Generally available: Doha, Qatar, Middle East me-central1-a,b,c has launched with E2 and N2 VMs available in all three zones. Preview: Persistent Disk Asynchronous Replication (PD Async Replication) provides low recovery point objective (RPO) and low recovery time objective (RTO) block storage replication for cross-region active-passive disaster recovery. Generally Available: You can test how workloads running on sole-tenant nodes behave during a host maintenance event, and see the effects of the sole-tenant VM's host maintenance policy on the applications running on the VMs.

Config Connector - Config Connector version 1.102.0 is now available. Added support for IAMAccessBoundaryPolicy resource. Introduced configurable reconciliation interval feature. Fixed a bug causing diff detection on reservedIpRange field in RedisInstance. Added mode, remoteRepositoryConfig, virtualRepositoryConfig fields to ArtifactRegistryRepository. Added scheduling.maintenanceInterval field to ComputeInstance. Added scheduling.maintenanceInterval field to ComputeInstanceTemplate. Added groupPlacementPolicy.maxDistance field to ComputeResourcePolicy. Added deletionPolicy field to ComputeSharedVPCServiceProject. Added protectConfig field to ContainerCluster. Added transferSpec.sinkAgentPoolName, transferSpec.sourceAgentPoolName fields to StorageTransferJob. Added spec.bitbucketServerTriggerConfig, spec.github.enterpriseConfigResourceNameRef fields to CloudBuildTrigger. Added spec.diskEncryptionKey.rsaEncryptedKey field to ComputeDisk. Added spec.rateLimitOptions.enforceOnKeyConfigs field to ComputeSecurityPolicy. Added spec.kubeletConfig.podPidsLimit field to ContainerCluster. Added spec.kubeletConfig.podPidsLimit field to ContainerNodePool. Added spec.instanceType field to SQLInstance.

Dataflow - Dataflow is now available in Doha (me-central1). The Dataflow VM image has been updated to include mitigations for multiple vulnerabilities by upgrading to cos-97-16919-235-30. Vertical Autoscaling now supports batch jobs.

Dataproc Metastore - v1beta1. Metadata federation now supports Dataplex lakes as a metadata source (in preview).

Dataproc Serverless - Dataproc is now available in the me-central1 region (Doha). Dataproc cluster creation now supports the pd-extreme disk type. Dataproc on GKE now disallows update operations. Dataproc on GKE diagnose operation now verifies that master agent is running. New sub-minor versions of Dataproc images: 1.5.86-debian10, 1.5.86-rocky8, 1.5.86-ubuntu18 2.0.60-debian10, 2.0.60-rocky8, 2.0.60-ubuntu18 2.1.8-debian11, 2.1.8-rocky8, 2.1.8-ubuntu20.

Dataproc - Dataproc is now available in the me-central1 region (Doha). Dataproc cluster creation now supports the pd-extreme disk type. Dataproc on GKE now disallows update operations. Dataproc on GKE diagnose operation now verifies that master agent is running. New sub-minor versions of Dataproc images: 1.5.86-debian10, 1.5.86-rocky8, 1.5.86-ubuntu18 2.0.60-debian10, 2.0.60-rocky8, 2.0.60-ubuntu18 2.1.8-debian11, 2.1.8-rocky8, 2.1.8-ubuntu20.

Datastore - Firestore in Datastore mode no longer limits the number of entities that can be passed to a Commit operation.

Dialogflow - Dialogflow CX now provides the TO_NUMBER system function.

Cloud Data Loss Prevention - The legacy version of the STREET_ADDRESS infoType detection model will stay available until further notice.

Eventarc - Eventarc support for creating triggers for direct events from Cloud Dataflow is available in Preview.

Cloud Firestore - Firestore no longer limits the number of writes that can be passed to a Commit operation or performed in a transaction.

Cloud Functions - Cloud Functions has added support for a new runtime, Go 1.20, at the General Availability release level.

Cloud Healthcare API - v1beta1 & v1 & v1alpha2. FHIR search results are limited by the response size. v1beta1 & v1 & v1alpha2. A release was made. v1beta1 & v1 & v1alpha2. The Cloud Healthcare API offers single-region support in the me-west1 (Tel Aviv, Israel) region.

Identity Platform - Play Integrity is now supported for client-side authentication on Android applications.

Networking Interconnect - Dedicated Cloud Interconnect support is available in the following colocation facilities: Ooredoo QDC5 (Qatar Data Center Ooredoo), Doha Quantum Switch (QSDC), Doha For more information, see the Locations table.

KMS - Cloud KMS is available in the following region: me-central1 For more information, see Cloud KMS locations.

Google Kubernetes Engine - (2023-R08) Version updates GKE cluster versions have been updated. The me-central1 region in Doha, Qatar is now available. Starting from GKE 1.26, cluster autoscaler can drain Pods from multiple nodes in parallel.

GKE - (2023-R08) Version updates The following control plane versions are now available: 1.22.17-gke.7500 1.23.17-gke.1700 1.24.12-gke.500 1.25.8-gke.500 The following node versions are now available: 1.22.17-gke.7500 1.23.17-gke.1700 1.24.12-gke.500 1.25.8-gke.500 1.26.1-gke.1500 1.26.3-gke.400 Version 1.24.10-gke.2300 is now the default version.

Google Kubernetes Engine Rapid - (2023-R08) Version updates The following versions are now available in the Rapid channel: 1.22.17-gke.7500 1.23.17-gke.1700 1.24.12-gke.500 1.25.8-gke.500 1.26.3-gke.400 Version 1.26.2-gke.1000 is now the default version in the Rapid channel.

Google Kubernetes Engine Regular - (2023-R08) Version updates The following versions are now available in the Regular channel: 1.21.14-gke.18800 1.22.17-gke.6100 1.24.11-gke.1000 1.25.7-gke.1000 Version 1.24.10-gke.2300 is now the default version in the Regular channel.

Google Kubernetes Engine Stable - (2023-R08) Version updates The following versions are now available in the Stable channel: 1.21.14-gke.18100 1.22.17-gke.5400 Version 1.24.10-gke.2300 is now the default version in the Stable channel.

Cloud Logging - Effective 1 April 2023, storage costs apply to logs data retained longer than 30 days. When you create a log view and use the source() function in your filter, the argument to the function is now validated to ensure that it is a single string representing a project, folder, billing account or organization. The Cloud Logging API now supports the following region: Doha: me-central1.

Cloud Memorystore - Self-service maintenance is now Generally Available for Memorystore for Redis.

Cloud Monitoring - The link for the Managed Prometheus page in Cloud Monitoring now goes to the PromQL tab on the Metrics Explorer page.

Cloud Interconnect - Dedicated Cloud Interconnect support is available in the following colocation facilities: Ooredoo QDC5 (Qatar Data Center Ooredoo), Doha Quantum Switch (QSDC), Doha For more information, see the Locations table.

Cloud VPN - Cloud VPN is now available in region me-central1 (Doha, Qatar).

Network Intelligence Center - Network Topology now supports TCP and UDP traffic for certain traffic paths.

Cloud PubSub - Pub/Sub is now available in Doha, Qatar (me-central1).

reCAPTCHA Enterprise - reCAPTCHA Enterprise Mobile SDK v18.1.2 is now available for iOS.

Cloud Run - The following new region is now available: me-central1.

Secret Manager - Secret Manager is now available in the following region: me-central1 For more information, see Secret Manager locations.

Security Command Center - Security Command Center supports CIS Google Cloud Computing Foundations Benchmark v1.3.0.

Service Mesh - Managed Anthos Service Mesh. The control_plane field in the service mesh fleet feature API (for example, gcloud container fleet mesh update --control-plane ...) is deprecated.

Anthos Service Mesh - Managed Anthos Service Mesh. The control_plane field in the service mesh fleet feature API (for example, gcloud container fleet mesh update --control-plane ...) is deprecated.

SAP Solutions - Google Cloud's Agent for SAP version 1.2 Version 1.2 of the Google Cloud's Agent for SAP is now available.

Cloud Spanner - Cloud Spanner integration with Data Catalog is now available in Preview. You can create Cloud Spanner regional instances in Doha, Qatar (me-central1).

Cloud SQL MySQL - Support for me-central1 (Doha) region. The changes in the September 15, 2022 Release Notes entry for read replica maintenance are now available.

Cloud SQL Postgres - Support for me-central1 (Doha) region. The rollout of the following PostgreSQL minor versions, extension versions, and plugin versions is currently underway: Minor versions 10.21 is upgraded to 10.22. The changes in the September 15, 2022 Release Notes entry for read replica maintenance are now available.

Cloud SQL SQL Server - Support for me-central1 (Doha) region. Cloud SQL supports the SqlPackage utility of SQL Server for importing and exporting data. Cloud SQL supports the bcp utility of SQL Server for importing and exporting data. The changes in the September 15, 2022 Release Notes entry for read replica maintenance are now available. Cloud SQL now exposes 38 new metrics. Cloud SQL now supports the Linked Servers functionality of SQL Server. The Cloud SQL Active Directory (AD) Diagnosis tool helps you troubleshoot issues that you might face while connecting to AD-enabled Cloud SQL for SQL Server instances, using an on-premises AD domain.

Cloud Storage - All announced pricing changes for Cloud Storage are now in effect. Cloud Storage is now available in Doha, Qatar (me-central1 region).

Cloud TPU - Cloud TPU now supports Tensorflow 2.11.1. Cloud TPU now supports Tensorflow 2.12.0.

Vertex AI - Vertex AI Pipelines cost showback with billing labels is now generally available (GA). M105 Release The M105 release of Vertex AI Workbench managed notebooks includes the following: Fixed an issue wherein a runtime with idle shutdown enabled doesn't detect activity and shuts down.

VMware Engine - VMware Engine nodes are now available in the following additional region: Santiago (southamerica-west1). VMware Engine nodes are now available in the following additional zone: London, England (europe-west2-b).

VPC Service Controls - Preview stage support for the following integration: Dataflow Data Pipelines.

Virtual Private Cloud - For auto mode VPC networks, added a new subnet 10.212.0.0/20 for the Doha me-central1 region.

 

Latest Issues




Contact

Zdenko Hrček
Třebanická 183
Prague, Czech Republic
Phone: +420 777 283 075
Email: [email protected]