Welcome to issue #412 August 19th, 2024

News

Assured workloads Official Blog

What’s New in Assured Workloads: Enable updates and new control packages - Assured Workloads, Google Cloud's compliance solution, introduces Compliance Updates, allowing customers to evaluate and upgrade their folder configurations to the latest control packages.

Networking Official Blog Partners

Meet the nine new web delivery partner integrations coming via Service Extensions - Google Cloud has announced nine new web delivery partner integrations coming via Service Extensions. These partners will enhance application security, experience, and observability for Google Cloud customers.

Data Analytics Looker Official Blog

Looker opens semantic layer via new SQL Interface and connectors for Tableau & others - Looker, a business intelligence platform, introduces new BI connectors, including a custom-built connector for Tableau, and an Open SQL Interface for easier integration with SQL-based tools.

AI GCP Certification Official Blog

The top AI courses for a summer of learning with Google Cloud - Google Cloud offers a range of AI courses for summer learning. These courses cover topics such as generative AI, AI engineering, machine learning, and more.

Official Blog Partners

Deliver sovereign cloud solutions with the new Google Distributed Cloud initiative - Google Cloud introduces the Managed Google Distributed Cloud Provider (MGP) initiative, enabling select partners to deploy, operate, and manage Google Distributed Cloud services as a fully managed offering. This simplifies the deployment of solutions in various environments, reducing technical complexity and accelerating adoption for customers with high sovereignty needs.

Cloud SQL Databases Official Blog

Query your data in seconds with Cloud SQL Studio - Cloud SQL Studio, a lightweight tool to query your database directly from the console, is now generally available for MySQL, PostgreSQL, and SQL Server. It offers a consistent and intuitive user interface, simplifies connectivity and security, and enhances productivity with features like an AI assistant for query writing.

Articles, Tutorials

Infrastructure, Networking, Security, Kubernetes

Google Kubernetes Engine Infrastructure Networking

GKE and the Dreaded IP_SPACE_EXHAUSTED Error: Understanding the Culprit - The hidden trap in your GKE cluster: Unraveling the IP exhaustion mystery.

Cloud NAT Networking Official Blog

Advanced networking demos - Cloud NAT and NGFW edition - Google Cloud's Cloud NAT and Cloud NGFW are distributed cloud-managed network security services that offer a comprehensive network security solution. Their integration allows for granular control of egress traffic, including allowing or denying access based on destination address and ports.

CISO Official Blog Security

Cloud CISO Perspectives: Why we need to get ready for PQC - Post-quantum cryptography (PQC) is a cryptographic system that is designed to be secure against attacks from quantum computers. Quantum computers are a new type of computer that uses quantum mechanics to solve complex mathematical problems that can stump today's computers. If powerful enough, quantum computers could potentially crack the codes, or encryption, that protect our online communications and sensitive data.

Official Blog Threat Intelligence

Hacking Beyond .com — Enumerating Private TLDs - The article discusses a new tool called tldfinder, developed in collaboration with ProjectDiscovery, for discovering TLDs (top-level domains), associated subdomains, and related domain names.

Gemini Official Blog Security

Experimenting with Gemini 1.5 Pro and vulnerability detection - Google Cloud's experiment with Gemini 1.5 Pro explores the potential of generative AI in code vulnerability detection and remediation. By leveraging Gemini's extended context window, the approach aims to efficiently scan large codebases, analyze multiple files, and identify vulnerabilities beyond surface-level flaws.

Deep-dive into Cloud DNS Routing Policies - Introduction.

Infrastructure VMware Engine

For VMware Admins: Why Google Cloud VMware Engine (GCVE) Should Be on Your Radar - Reduce Risk by Migrating Your VMware Workloads to Google Cloud with Ease.

Certificate Manager Google Kubernetes Engine Kubernetes

GKE: Gateway API using DNS authorization and certificate manager - This article explores how to set up a Gateway API in Google Kubernetes Engine (GKE) using DNS authorization and Google Cloud’s Certificate Manager.

App Development, Serverless, Databases, DevOps

Cloud Run Generative AI

Develop GenAI Apps with Gemini and Streamlit: Google Cloud Challenge Lab Walkthrough - Walkthrough using Google Gemini Pro, Streamlit, Vertex AI Workbench notebooks, Artifact Registry, and deploying to Cloud Run.

Migration

Simplifying Asset Collection with Google Cloud MCDC v6.3 - Google Cloud Migration Center (MCDC) v6.3 simplifies asset collection and provides detailed analysis of resource utilization, right-sizing recommendations, and total cost of ownership. To set up MCDC, you'll need to determine the deployment location, assign IAM roles, activate the service, and install the Discovery Client.

Cloud Functions DevOps Gitlab Vertex AI

GitLab Code Reviews with Gemini Pro 1.5: - A Student Developer’s Guide to Automating Code Reviews and Documentation in GitLab.

AlloyDB Vertex AI

LangChain integration for the smart retail shopping assistant - LangChain integration for AlloyDB enables developers to easily connect their applications to AlloyDB and execute natural language queries directly from their code. This integration simplifies the development of AI-driven applications that interact naturally with users.

Cloud Functions

RabbitGCF: Optimizing your Google Cloud Functions one hop at a time - RabbitGCF is a new Open Source developer tool that tracks performance and forecast costs of your Google Cloud Functions.

Apigee gRPC Official Blog

From gRPC to RESTful APIs: Expose your gRPC services to the REST of the world - This blog post discusses the benefits of using gRPC for inter-service communication and the challenges of exposing gRPC services to a wider audience. It proposes a solution that leverages an automatically generated gRPC gateway to translate gRPC requests to HTTP requests, and then uses Apigee API management platform to expose a clean RESTful API facade.

HPC Official Blog

Boosting Google Cloud HPC performance with optimized Intel MPI - Google Cloud and Intel have collaborated to optimize the Intel MPI Library for Google Cloud's H3 VMs with Titanium technology, delivering enhanced performance for HPC workloads.

Cloud Spanner Databases Official Blog

Farewell to overprovisioning: How to unlock cost-effective elasticity with Spanner - Explanation of Cloud Spanner auto-scaling functionality.

DevOps Official Blog SRE

Hakuhodo Technologies: The transformative impact of SRE - Hakuhodo Technologies, a specialized technology company, transformed its organization with Site Reliability Engineering (SRE) practices to enhance software development, deliver new value, and improve collaboration within the Hakuhodo DY Group. By implementing the "SRE Core" program, they revitalized communication between application and infrastructure teams, established critical user journeys, and learned the importance of observability.

Cloud Marketplace

Sell your SaaS on Google Marketplace - This article is a high-level guide for engineers to create and sell solutions in Marketplace.

AI Machine Learning Python

Step-by-Step Guide: Deploying Streamlit Apps on Google Cloud Platform (GCP) - This article provides a step-by-step guide on testing and deploying Python web applications, specifically Streamlit apps, on Google Cloud Platform.

Big Data, Analytics, ML&AI

Cloud Dataflow Data Analytics GCP Experience Official Blog Streaming

Yahoo compares Dataflow vs. self-managed Apache Flink for two streaming use-cases - Yahoo compared the cost and performance of Apache Flink in a self-managed environment and Google Cloud Dataflow for two streaming use cases: writing Avro to Parquet and data enrichment and calculation. Dataflow was found to be around 1.5 - 2 times more cost-effective than Flink, primarily due to the Streaming Engine's ability to handle heavy computations, resulting in fewer required vCPUs and more consistent throughput.

Data Analytics Official Blog Streaming

Try the new Managed Service for Apache Kafka and take cluster management off your todo list - Google Cloud has launched a new Managed Service for Apache Kafka, which simplifies the process of running an Apache Kafka cluster. The service takes care of infrastructure management, security, networking, and scaling, allowing users to focus on building and running their applications. It offers built-in security features, automated network design, and flexible sizing options.

BigQuery Google Analytics

Creating a Pageviews-Based Recommendation System Using GA4 Data in BigQuery - Introduction.

API BigQuery

Large Results from a GraphQL API and Google BigQuery - In this article, we explore a strategy for efficiently returning large datasets from a GraphQL API using Python, the Strawberry framework, and Google BigQuery.

BigQuery

9 BigQuery SEO Models to Transform Your SEO and Grow Your Business - Feel the impact of data-driven decisions — learn how to harness BigQuery to turn your SEO efforts into measurable business success.

BigQuery Dataform GCP Experience Looker

Running a Modern Data Platform at Nando’s — Part 1/2— Overview - Nando's runs a modern data platform using Google Cloud's data mesh architecture, with each domain team owning their data in a data pond. Data is ingested into BigQuery and transformed using Dataform, ensuring it is clean, consistent, and fresh.

Cloud Dataflow Cloud Pub/Sub Cloud Storage

Processing arriving GCS files with PubSub triggers - This article describes how to process Google Cloud Storage files through Apache Beam, where the content is inserted into BigQuery.

Generative AI LLM Vertex AI

DeepEval and Vertex AI - DeepEval is an open-source evaluation framework for Large Language Models (LLMs) that allows "unit testing" LLM outputs. It can be configured to work with Vertex AI, Google's machine learning platform.

Slides, Videos, Audio

Kubernetes Podcast - #233 Kubernetes v1.31: "Elli", with Angelos Kolaitis.

Security Podcast - #185 SAIF-powered Collaboration to Secure AI: CoSAI and Why It Matters to You.

 

Releases

Access Approval - Access Approval supports Cloud Armor in the GA stage.

Agent Assist - Customer Manager Encryption Key support is now available in preview for all Agent Assist features in regionalized environments, including all generative AI features.

AlloyDB - The AlloyDB Omni Kubernetes Operator version 1.1.0 lets you configure a load balancer using annotations. The AlloyDB Omni Kubernetes Operator version 1.0.0 and later lets you schedule matching new database Pods to nodes to balance node distribution across the AlloyDB Omni cluster and help optimize performance.

GDCV for VMware - Google Distributed Cloud for VMware 1.29.400-gke.81 is now available for download. Existing Seesaw load balancers now require TLS 1.2. The following vulnerabilities are fixed in 1.29.400-gke.81: High-severity container vulnerabilities: CVE-2024-0567 CVE-2021-43816 CVE-2022-23648 CVE-2021-33194 CVE-2021-30465 CVE-2019-16884 CVE-2022-48622 CVE-2020-22218 Ubuntu vulnerabilities: CVE-2023-52752 CVE-2024-25742 CVE-2024-26886 CVE-2024-26952 CVE-2024-27017 CVE-2024-36016 CVE-2022-38096 CVE-2023-52488 CVE-2023-52699 CVE-2023-52880 CVE-2024-23307 CVE-2024-24857 CVE-2024-24858 CVE-2024-24859 CVE-2024-24861 CVE-2024-25739 CVE-2024-26629 CVE-2024-26642 CVE-2024-26654 CVE-2024-26687 CVE-2024-26810 CVE-2024-26811 CVE-2024-26812 CVE-2024-26813 CVE-2024-26814 CVE-2024-26817 CVE-2024-26828 CVE-2024-26922 CVE-2024-26923 CVE-2024-26925 CVE-2024-26926 CVE-2024-26929 CVE-2024-26931 CVE-2024-26934 CVE-2024-26935 CVE-2024-26937 CVE-2024-26950 CVE-2024-26951 CVE-2024-26955 CVE-2024-26956 CVE-2024-26957 CVE-2024-26958 CVE-2024-26960 CVE-2024-26961 CVE-2024-26964 CVE-2024-26965 CVE-2024-26966 CVE-2024-26969 CVE-2024-26970 CVE-2024-26973 CVE-2024-26974 CVE-2024-26976 CVE-2024-26977 CVE-2024-26981 CVE-2024-26984 CVE-2024-26988 CVE-2024-26989 CVE-2024-26993 CVE-2024-26994 CVE-2024-26996 CVE-2024-26999 CVE-2024-27000 CVE-2024-27001 CVE-2024-27004 CVE-2024-27008 CVE-2024-27009 CVE-2024-27013 CVE-2024-27015 CVE-2024-27016 CVE-2024-27018 CVE-2024-27019 CVE-2024-27020 CVE-2024-27059 CVE-2024-27393 CVE-2024-27395 CVE-2024-27396 CVE-2024-27437 CVE-2024-35785 CVE-2024-35789 CVE-2024-35791 CVE-2024-35796 CVE-2024-35804 CVE-2024-35805 CVE-2024-35806 CVE-2024-35807 CVE-2024-35809 CVE-2024-35813 CVE-2024-35815 CVE-2024-35817 CVE-2024-35819 CVE-2024-35821 CVE-2024-35822 CVE-2024-35823 CVE-2024-35825 CVE-2024-35847 CVE-2024-35849 CVE-2024-35851 CVE-2024-35852 CVE-2024-35853 CVE-2024-35854 CVE-2024-35855 CVE-2024-35857 CVE-2024-35871 CVE-2024-35872 CVE-2024-35877 CVE-2024-35879 CVE-2024-35884 CVE-2024-35885 CVE-2024-35886 CVE-2024-35888 CVE-2024-35890 CVE-2024-35893 CVE-2024-35895 CVE-2024-35896 CVE-2024-35897 CVE-2024-35898 CVE-2024-35899 CVE-2024-35900 CVE-2024-35902 CVE-2024-35905 CVE-2024-35907 CVE-2024-35910 CVE-2024-35912 CVE-2024-35915 CVE-2024-35918 CVE-2024-35922 CVE-2024-35925 CVE-2024-35930 CVE-2024-35933 CVE-2024-35934 CVE-2024-35935 CVE-2024-35936 CVE-2024-35938 CVE-2024-35940 CVE-2024-35944 CVE-2024-35950 CVE-2024-35955 CVE-2024-35958 CVE-2024-35960 CVE-2024-35969 CVE-2024-35970 CVE-2024-35973 CVE-2024-35976 CVE-2024-35978 CVE-2024-35982 CVE-2024-35984 CVE-2024-35988 CVE-2024-35989 CVE-2024-35990 CVE-2024-35997 CVE-2024-36004 CVE-2024-36005 CVE-2024-36006 CVE-2024-36007 CVE-2024-36008 CVE-2024-36020 CVE-2024-36025 CVE-2024-36029.

Apigee UI - On August 15, 2024, we released an updated version of the Apigee UI. Bug ID Description 356453519 Fixed issue with the display of shared flow detail pages.

Apigee Advanced API Security - On August 13, 2024 we released an updated version of Advanced API Security. Public preview of Risk Assessment v2 This release introduces Risk Assessment v2 in preview.

Apigee X - On August 16, 2024, we released an updated version of Apigee (1-13-0-apigee-2). Bug ID Description 324418891 Added improvements to the MessageLogging policy to avoid potential downtime and deployment failures. On August 15, 2024 documentation was added describing how to provision Apigee in the Google Cloud console. Apigee provisioning for Subscription orgs is now performed in the Google Cloud console. On August 12, 2024, we released a new version of Apigee. We changed the maximum number of Apps per developer from 10 to 100. With this release, Apigee expanded its support for data residency to additional regions in Japan: asia-northeast1 (Tokyo) asia-northeast2 (Osaka) Data residency for Apigee meets compliance and regulatory requirements by allowing you to specify the geographic locations (regions) where Apigee data is stored.

Application Integration - In the Application Integration editor, you can now search, browse, and select tasks and connectors in the Tasks list.

Assured Workloads Access Approval - Access Approval supports Cloud Armor in the GA stage.

Assured Workloads Access Transparency - Access Transparency supports Cloud Armor in the GA stage.

Batch - Documentation has been added to explain how to export job information. Cancel jobs is available in Preview. Batch CentOS (batch-centos) and Batch HPC CentOS (batch-hpc-centos) have reached end of development due to the end of support (EOS) of Compute Engine CentOS 7 images on June 30, 2024. The documentation has been updated to clarify that a Batch OS stops being supported when its base Compute Engine OS is deprecated.

BigQuery - You can now get lower latency for small queries with the new short query optimized mode. You can now use time series and range functions to support time series analysis.

Bigtable - You can now enable client-side metrics with the Bigtable client library for Go.

Billing - The Carbon footprint dashboard in the FinOps hub now includes market-based emissions data (preview) Scope 2 market-based emissions data (preview) for the Carbon footprint dashboard are now available in the FinOps hub.

Carbon Footprint - Beginning with the release of January 2024 data, Google Cloud Carbon Footprint has adopted a semi-annual methodology improvement schedule, with updates planned for January and July data releases each year.

Chronicle - The documentation for the SIEM product is currently undergoing a makeover.

Chronicle SOAR - Release Notes 6.3.16 is currently in Preview. Unable to edit, delete or export custom integration (ID #52403533). Remote Agents 2.1.0 is currently in Preview. Agent logs are now consolidated in one location: /opt/SiemplifyAgent/Logs. Release 6.3.15 is now in General Availability. The documentation for the SOAR product is currently undergoing a makeover.

Key Access Justifications - Access Approval supports Cloud Armor in the GA stage.

Access Transparency - Access Transparency supports Cloud Armor in the GA stage.

Colab - The notebook scheduler is now generally available.

Cloud Composer - A new Cloud Composer release has started on August 13, 2024. New Airflow builds are available in Cloud Composer 3: composer-3-airflow-2.9.1-build.4 composer-3-airflow-2.7.3-build.13. Cloud Composer 2.9.1 images are available: composer-2.9.1-airflow-2.9.1 (default) composer-2.9.1-airflow-2.7.3.

Database Migration Service - Database Migration Service now supports migrations to MySQL minor version 8.0.37.

Dataform - Customer-Managed Encryption Keys (CMEK) in Dataform are generally available (GA). You can now use Cloud External Key Manager (Cloud EKM) keys to protect Dataform data.

Dataplex - Data lineage list view is available in preview.

Dataproc Serverless - New Dataproc Serverless for Spark runtime versions: 1.1.75 1.2.19 2.0.83 2.2.19.

Dialogflow - Dialogflow CX: You can now configure sensitivity levels of safety filters with respect to different Responsible AI (RAI) categories. Vertex AI Agents: OpenAPI tool authentication now supports custom client certificates for mutual TLS authentication.

Cloud Data Loss Prevention - The PHONE_NUMBER infoType functionality that was previously only accessible by setting InfoType.version to latest has been promoted to be the default detection model for this infoType.

Error Reporting - Error Reporting can now analyze log entries that have been routed to a log bucket in a non-global region, provided the log sink is in the same project as the log bucket.

Eventarc - Eventarc support for creating triggers for direct events from Apigee API hub is generally available (GA).

IAM - You can attach tags to Identity and Access Management (IAM) service accounts to conditionally grant or deny access to specific service accounts.

Google Kubernetes Engine - In GKE version 1.29.7-gke.1238000-1.30, and 1.30.3-gke.1571000 or later, node pools use regional instance templates instead of global instance templates. (2024-R30) Version updates GKE cluster versions have been updated. We've identified a potential issue that may cause downtime for traffic coming to your GKE managed Internal passthrough Network Load Balancers, after certain cluster operations like node upgrades. In GKE version 1.30 and later, there is a workaround in the PDCSI driver for privileged workloads that access container namespaces with hostpath. Custom compute classes are a new set of capabilities in GKE that provide an API for fine-grained control over fallback compute priorities, autoscaling configuration, obtainability and node consolidation. (2024-R29) Version updates There are no GKE cluster version updates in 2024-R29.

GKE new features - Custom compute classes are a new set of capabilities in GKE that provide an API for fine-grained control over fallback compute priorities, autoscaling configuration, obtainability and node consolidation.

GKE - (2024-R30) Version updates Note: Your clusters might not have these versions available. (2024-R29) Version updates There are no updates for clusters not enrolled in a release channel.

Google Kubernetes Engine Regular - (2024-R30) Version updates Note: Your clusters might not have these versions available. (2024-R29) Version updates There are no new releases in the Regular channel.

Live Stream API - You can now create static overlays and position them on top of a live stream.

Cloud Logging - Introducing log scopes.

Looker - Looker (Google Cloud core) only changes. Looker (Google Cloud core) customers can now create a Looker (Google Cloud core) instance with Private Service Connect. Looker (Google Cloud core) and Looker (original) changes. Looker 24.14 includes the following changes, features, and fixes: Expected Looker (original) deployment start: Monday, August 19, 2024 Expected Looker (original) final deployment and download available: Thursday, August 29, 2024 Expected Looker (Google Cloud core) deployment start: Monday, August 19, 2024 Expected Looker (Google Cloud core) final deployment: Monday, September 2, 2024. The Edit Connection page URL has been changed from admin/next/connections/:id to admin/next/connections/:id/edit. The presumed_looker_employee property is now omitted from the user API response model. The Chart Config Editor now supports a new Sankey chart type. The Edit button appears only for model sets for which the user has edit access. The Queries Admin page now contains a SQL Interface tab in the Details pop-up for queries that originate from the Open SQL Interface. A new option is available for Looker-hosted instances that causes the instance to ignore configuration updates that occur outside the maintenance window. The Chart Config Editor now supports a Venn diagram chart type. The Open SQL Interface is now generally available and the SQL Interface Looker Labs toggle is removed. The Looker–Tableau BI Connector is now generally available. The Looker IDE now supports Vim and Emacs editors in addition to the default Looker IDE editor. The Looker IDE now supports text line wrapping in the IDE editor. The Looker IDE now persists a user's IDE status, including the current open LookML file; the expand/collapse status of items in the file browser; the left sidebar item (such as the file browser, Git actions, Object Browser, or Project Settings); and the right sidebar item (such as the Quick Help panel, the Metadata panel, and the Project Health panel). The LookML validator will no longer report inaccessible field errors for fields that are excluded from Explores. System Activity queries that count Looker employee usage on your instance will no longer count Google employees that don't work on Looker products. Performance has been improved for model preparation for models that use local import. An issue has been fixed where some custom fields could not be deleted from the data table in an Explore. An issue that caused some schedules to get indefinitely stuck in the scheduler queue has been fixed. Previously, Look IDs were not always saved in the query metadata. Previously, an issue caused some table calculations that referenced row totals to not appear in the series editor. Previously, an issue could cause one invalid conditional data formatting rule to disable all conditional formatting rules for a series. A previous issue with some Liquid variables would unnecessarily pull fields into the SQL query. Rather than returning a 500 error as it would have previously, the sync_lookml_dashboard endpoint will now return a 422 with a more informative error message if there is an issue with the LookML dashboard layout. The custom field editor now displays an error when users attempt to enter a conditional formatting rule with more than three conditions. Unqualified field references in Liquid will no longer trigger SQL dependencies if the value does not depend on the result set. An issue has been fixed where an escaped single quote in a LookML string was being treated as the end of the string. An issue has been fixed where dashboard filters were applied to tile queries during tile editing. An issue has been fixed where LookML details were exposed to users who did not have the see_lookml permission. An issue has been fixed where Looker would draw incorrect markers in the Google map visualization. An issue with Exasol pivot queries has been fixed. An issue with the User Activity dashboard has been resolved. An issue with SSO logins has been fixed. An issue has been fixed where the top-level item in an object tree was sometimes not expanded upon first loading. An issue that could cause the LookML Validator to time out has been fixed. Previously, a Validation or Query operation might fail if a measure did not have a type and used a sql_distinct_key. An issue has been fixed with the Denodo dialect where the TRUNC() function could erroneously return a NULL value. HighCharts error codes are now displayed in the UI rather than a blank visualization being rendered. An issue has been fixed where unlocalized strings were rendered as "Bad Translation Key" when the project localization level was set to "permissive." This feature now performs as expected. Looker can now use more efficient queries to determine the names of Redshift external schemas. An issue has been fixed where, previously, a project could not be deleted because of a timeout on the Delete Confirmation page. Previously, updating an OAuth client secret when there were multiple connections sometimes failed. Previously, the PDT Admin panel could not be filtered by the status "Failed." This feature now performs as expected. The editing experience in the Chart Config Editor is now more responsive. Looker (original) only changes. A new progress bar, called the Looker query tracker, appears in the Explore UI when a query is running. Looker (Google Cloud core) only changes. For Google BigQuery connections, Looker (Google Cloud core) can automatically use the OAuth application credentials that your Looker admin used when they created the Looker (Google Cloud core) instance. Looker (original) only changes. Choosing a hosting option for a Looker (original) instance helps you understand the benefits and limitations of each hosting option — Looker-hosted or customer-hosted — so that you can make the best decision for their organization. Looker (Google Cloud core) only changes. Looker (Google Cloud core) users now have access to the first-ever Learn Assistant panel on Google Cloud console pages. Looker (Google Cloud core) and Looker (original) changes. A new Looker and Looker Studio shared terms and concepts glossary is available.

Policy Intelligence - The IAM recommender generates policy insights and role recommendations for the following identities: All identities in a workload identity pool Single identity in a workload identity pool All identities in a workforce identity pool Single identity in a workforce identity pool All Google Kubernetes Engine Pods that use a specific Kubernetes service account To learn more, see Availability.

Security Command Center - Install new version of the Security Command Center Enterprise use case The installation and configuration of a new version of the SCC Enterprise - Cloud Orchestration & Remediation use case in the Security Operations console is required for the toxic combination functionality of Security Command Center Enterprise. Cloud Infrastructure Entitlement Management (CIEM) is generally available CIEM helps you adhere to the principle of least privilege by providing a comprehensive look at the security of your identity and access configuration. EC2 Vulnerability Assessment findings now support attack exposure scores Software vulnerability findings detected by EC2 Vulnerability Assessment for Amazon Web Services are now scored with attack path simulations.

Sensitive Data Protection - The PHONE_NUMBER infoType functionality that was previously only accessible by setting InfoType.version to latest has been promoted to be the default detection model for this infoType.

SAP Solutions - New SAP certifications: C4 series of general-purpose machine types For use with SAP HANA scale-up (OLAP and OLTP) and SAP NetWeaver workloads, SAP has certified the Compute Engine C4 series of general-purpose machine types. Google Cloud's Agent for SAP version 3.5 Version 3.5 of Google Cloud's Agent for SAP is generally available (GA).

Cloud Spanner - A new multi-region instance configuration is now available in North America - nam16 (Iowa/Northern Virginia/Columbus).

Cloud SQL MySQL - Extended support pricing is now available for Cloud SQL for MySQL.

Cloud SQL Postgres - Extended support pricing is now available for Cloud SQL for PostgreSQL. If your Cloud SQL Enterprise edition instance stores the transaction logs used for point-in-time recovery (PITR) on disk, then when you do an in-place upgrade to Cloud SQL Enterprise Plus edition the storage location for the transaction logs is switched to Cloud Storage.

Cloud Translation - The translation LLM and adaptive translation now support Arabic, Hindi, and Russian.

Virtual Private Cloud - VPC Flow Logs includes the following metadata annotations in General Availability: src_gateway and dest_gateway src_google_service and dest_google_service load_balancing network_service psc For more information, see Record Format.

 

Latest Issues




Contact

Zdenko Hrček
Třebanická 183
Prague, Czech Republic
Phone: +420 777 283 075
Email: [email protected]