Google Cloud Platform Newsletter

Check Archive for older issues

News

Blackwell is here — new A4 VMs powered by NVIDIA B200 now in preview - Google Cloud introduces A4 VMs powered by NVIDIA B200 GPUs, offering significant performance improvements over previous generations.

Announcing the general availability of Spanner Graph - Spanner Graph, a unified database that integrates graph, relational, search, and AI capabilities, is now generally available. It offers an intuitive ISO Standard Graph Query Language (GQL) interface, full interoperability between GQL and SQL, powerful vector and full-text search, and integration with Vertex AI.

Improving model performance with PyTorch/XLA 2.6 - PyTorch/XLA 2.6 improves AI model performance on Cloud TPUs. It introduces an experimental scan operator for faster compilation, host offloading to fit larger models on fewer TPUs, an alternative base Docker image with improved goodput, and reorganized documentation for easier navigation.

Introducing custom rules in Workload Manager: Evaluate workloads against customized best practices - Workload Manager custom rules, a detective-based service, helps ensure deployments follow best practices and generate configuration validation reports.

A new flexible, simplified, and more secure way to configure GKE cluster connectivity - Google Cloud introduces new features for GKE cluster and control-plane networking, providing more flexibility and simplicity in configuring connectivity. Key changes include decoupling control-plane access from node-pool IP configuration, enabling DNS-based access to the control plane, and enhancing node-pool and IP address flexibility.

Simplify the developer experience on Kubernetes with KRO - Kube Resource Orchestrator (kro) is a Kubernetes-native, cloud-agnostic framework that simplifies the developer experience on Kubernetes. It lets you create reusable APIs to deploy multiple resources as a single unit, hiding the complexity of Kubernetes and cloud-provider APIs from end users.

Privacy-preserving Confidential Computing now on even more machines and services - Google Cloud expands Confidential Computing capabilities, making it easier for organizations to protect sensitive data in use.

Articles, Tutorials

Infrastructure, Networking, Security, Kubernetes

Cloud CISO Perspectives: How cloud security can adapt to today’s ransomware threats - Cloud security strategies in 2025 should prioritize protecting against data exfiltration and identity access abuse. Threat actors have made stealing data and exploiting weaknesses in identity security top targets. Google’s Threat Horizons Report provides cloud security professionals with a deeper understanding of the threats they face and actionable risk mitigations.

Adversarial Misuse of Generative AI - This report shares findings on government-backed threat actor use of the Gemini web application.

ScatterBrain: Unmasking the Shadow of PoisonPlug's Obfuscator - An in-depth analysis of the ScatterBrain obfuscator.

Cloud migrations made easy: a guide to migrating from AWS to Google Cloud - Google Cloud offers a series of reference guides to help design, plan, and implement a migration process from Amazon Web Services (AWS) to Google Cloud.

How to setup Google Media CDN the right way - This article discusses how to set up Google Media CDN optimally for live streaming, VOD streaming, and large file downloads. It also covers important considerations such as origin validation, Vary header, and security measures like restricting access to Media CDN servers only.

Deploy Gemini-powered LangChain applications on GKE - Deploy and scale LangChain applications on Google Kubernetes Engine.

App Development, Serverless, Databases, DevOps

Create and Deploy Custom Python Libraries on GCP - Create and deploy custom Python libraries in Google Cloud Platform / Artifact Registry to streamline development, enhance code quality, and address specific needs.

Install Python package from GCP Artifact Registry in Docker - How to install a Python package from the artifact registry in a Dockerfile with an authentication method.

Build an Xtreme Weather App with Google Geocoding and Places API - Xtreme Weather App is an advanced disaster preparedness multi-agent system built with LangChain and Gemini-2.0-Flash that provides personalized emergency guidance using a Streamlit interface.

Setting up a codelab or demo with Firestore data? Check out Firestore Export & Import. - This article describes options to export and import data from/to Cloud Firestore.

Big Data, Analytics, ML&AI

Demystifying Composite Trigger Mechanics in GCP Data Fusion - Composite triggers in Data Fusion cater to complex dependency needs, such as when a downstream pipeline must wait for several upstream pipelines to complete under different conditions. Run constraints control when scheduled workflows run, based on conditions. These mechanisms provide fine-grained control over workflow execution, allowing more room to define precise conditions for scheduling Data Fusion pipelines.

Tired of stacking UNION ALL, have you tried BigQuery GROUPING SETS? - BigQuery's GROUPING SETS offers an alternative to complex UNION ALL queries for multi-granularity aggregations. It improves query readability and maintainability by specifying multiple grouping combinations within a single GROUP BY clause.

Export BigQuery Saved Queries programmatically - Hands on tutorial how to export/backup using the Dataform API your BigQuery saved queries.

BigQuery “NOT IN” vs “NOT EXISTS” vs “EXCEPT DISTINCT” understand the differences in 3 minutes! - This article explains the difference between operators for excluding data in results like NOT IN, NOT EXISTS, EXCEPT DISTINCT.

How many CPU Cores and Threads do I need to run a Web App interacting with Gemini 2.0? - This article explores the technical challenges and solutions in building a real-time, interactive web app powered by Gemini 2.0 and live video streaming for hundreds of users.

Stop Wasting Time with Bad AI Prompts: 10 Tips for Beginners - Improve your prompts today with these best practices.

Running DeepSeek: From Open Source Model to Production-Ready API on Google Cloud — VertexAI - This guide breaks down the end-to-end deployment of the 7B parameter language model DeepSeek, tackling performance, cost optimization, and best practices to make it efficient, responsive, and cloud-native on Google Cloud Vertex AI.

How Generative AI Transforms Enterprise Data Insights with Google Gemini and Teradata - GenAI tools, like Google Gemini and Teradata Vantage are transforming the way businesses analyze vast amounts of unstructured data.

Unlocking Customer Insights with AI Market Research Digital Twins - An end to end guide on how to generate synthetic survey results data and create digital twins of survey respondents.

Slides, Videos, Audio

Kubernetes Podcast - #246 Linkerd, with William Morgan.

Security Podcast - #208 The Modern CISO: Balancing Risk, Innovation, and Business Strategy (And Where is Cloud?).

Releases

Cloud SQL SQL Server - Transaction logs associated with point-in-time-recovery (PITR) operations for all Cloud SQL for SQL Server instances are now stored in Cloud Storage.

Cloud SQL Postgres - All Cloud SQL for PostgreSQL 9.6, 10, 11, and 12 instances are running community end-of-life (EOL) major versions and are now enrolled in Cloud SQL extended support.

Cloud Storage - You can now enable client-side traces with OpenTelemetry when you use Cloud Storage client libraries.

Virtual Private Cloud - VPC Flow Logs metadata annotations include InstanceGroupDetails. There is a known issue with global access endpoints that access services that are published by using internal passthrough Network Load Balancers or internal protocol forwarding (target instances).

Workflows - Workflows doesn't support HTTP requests to the IP-based endpoints of Google Kubernetes Engine cluster control planes.

Cloud Architecture Center - Best practices and reference architectures for VPC design: Updates to the document to reflect feature releases over the past months. Cross-Cloud Network for distributed applications: Updates to the document set to reflect feature releases over the past months. (New guide) Cross-Cloud Network inter-VPC connectivity using Network Connectivity Center: Describes how to design the network segmentation structure and connectivity of Cross-Cloud Network with Network Connectivity Center.

Cloud Asset Inventory - The following resource types are now publicly available through the ExportAssets, ListAssets, BatchGetAssetsHistory, QueryAssets, Feed, and Search (SearchAllResources, SearchAllIamPolicies) APIs.

BigQuery - You can now view stored column usage information for a query job that performs vector search using stored columns. A weekly digest of client library updates from across the Cloud SDK. The following BigQuery ML generative AI features are now available: Creating a remote model based on an open model from Vertex Model Garden or Hugging Face that is deployed to Vertex AI. We previously communicated that after January 27, 2025, a purchase would be required to use Gemini in BigQuery features. You can now set conditional IAM access on BigQuery datasets with access control lists (ACLs).

Billing - Tags data for Bigtable instances is available in both the Standard usage cost export and the Detailed usage cost export.

Chronicle - Environment groups This feature lets you group environments into logical categories, making it easier to manage your company or your customers as an MSSP. Adding individual emails to IdP group mapping page Customers who use Cloud Identity Provider can map individual user emails on the IdP group mapping page. Added instructions on how to add SIEM-only or SOAR-only users to Google SecOps For details about how to grant permission to specific users to use only the SIEM features in Google SecOps or only the SOAR features of Google SecOps, see Add SIEM or SOAR users.

Chronicle Security Operations - Environment groups This feature lets you group environments into logical categories, making it easier to manage your company or your customers as an MSSP. Adding individual emails to IdP group mapping page Customers who use Cloud Identity Provider can map individual user emails on the IdP group mapping page. Added instructions on how to add SIEM-only or SOAR-only users to Google SecOps For details about how to grant permission to specific users to use only the SIEM features in Google SecOps or only the SOAR features of Google SecOps, see Add SIEM or SOAR users.

Chronicle SOAR - Release 6.3.33 is currently in Preview. Map IdP Groups to control access parameters You can now create user groups in your SAML provider and map them to IdP groups, removing the need to manually add individual users to the platform. Environment groups This feature lets you group environments into logical categories, making it easier to manage your company or your customers as an MSSP. Release 6.3.32 is now in General Availability.

Cloud Composer - At the beginning of February 2025, we will delete inactive environments that are non-recoverable in Cloud Composer 1, Cloud Composer 2, and Cloud Composer 3. (Cloud Composer 3 only) We are currently experiencing an issue with upgrading Airflow builds for Cloud Composer 3 in asia-south1, asia-northeast2, europe-west1, europe-west3, europe-north1 regions.

Compute Engine - Preview: You can now modify which machine types are recommended, so that the generated recommendations only include your preferred machine series.

Dataplex - Aspect-only metadata import for Dataplex Catalog metadata is generally available (GA).

Dataproc Serverless - New Dataproc Serverless for Spark runtime versions: 1.1.89 1.2.33 2.2.33. Dataproc Serverless for Spark: Private Google Access is now automatically enabled in the configured subnetwork when running batch workloads and interactive sessions.

Dataproc - Dataproc on Compute Engine: Private Google Access is now automatically enabled in the configured subnetwork when creating clusters with internal IP addresses.

Cloud Networking Products - DNS64 is now available in Preview.

Cloud Quotas - Quota adjuster is available in Preview via the API, gcloud quotas beta CLI and Cloud Client Libraries.

Gemini - For new customers with billing accounts that have never had a Gemini Code Assist subscription, we automatically apply up to 50 license credits for the first month, regardless of Gemini Code Assist edition. We previously communicated that after January 27, 2025, a purchase would be required to use Gemini in BigQuery features.

Google Kubernetes Engine - Starting on January 28, 2025, the following Preview features are deprecated: GKE threat detection Supply chain concerns - Binary Authorization GKE Compliance dashboard For deprecation and removal dates, and for information about alternatives, see Posture management deprecations. (2025-R04) Version updates GKE cluster versions have been updated.

Cloud Monitoring - You can now monitor usage, throughput, and latency, and troubleshoot 429 errors on Vertex AI foundation models like Google Gemini and Anthropic Claude by using a new predefined dashboard.

NetApp - Google Cloud NetApp Volumes now supports Managed Service for Microsoft Active Directory. Google Cloud NetApp Volumes now supports user and group quotas. Flex service level now supports Backups feature in Preview.

Network Connectivity Center - Route exchange with VPC spokes is generally available. See the following known issues for dynamic route exchange: Routing VPC networks that are also VPC spokes: A routing VPC network should typically contain hybrid spokes.

SAP Solutions - ABAP SDK for Google Cloud version 1.9 (On-premises or any cloud edition) Version 1.9 of the on-premises or any cloud edition of the ABAP SDK for Google Cloud is generally available (GA).

Cloud Spanner - The Spanner index advisor is Generally Available in both GoogleSQL and PostgreSQL-dialect databases. Spanner supports new SERIAL and AUTO_INCREMENT DDL syntax. You can now downgrade your Spanner instance to a lower-tier edition. Spanner supports the SELECT…FOR UPDATE query syntax in GoogleSQL and PostgreSQL-dialect databases.

Cloud Speech-to-Text - Speech-to-Text is generally available (GA) in the Chirp 2 model in asia-southeast1, us-central1, and europe-west4.

Cloud SQL MySQL - All Cloud SQL for MySQL 5.6 and 5.7 instances are running community end-of-life (EOL) major versions and are now enrolled in Cloud SQL extended support.