Welcome to issue #194 June 15th, 2020


Networking Official Blog Security

Google Cloud firewalls adds new policy and insights - New Google Cloud firewall features provide more flexibility, control, and optimization.

BigQuery Data Analytics Official Blog

Introducing table-level access controls in BigQuery - Check out table-level access controls (ACLs) in cloud data warehouse BigQuery to share data more easily and help meet compliance.

Billing Monitoring Official Blog

Using Recommenders to keep your cloud running optimally - The Recommenders displayed the new Recommender Hub provide actionable advice on optimizing your Google Cloud environment.

Official Blog

Supporting your compliance journey with Compliance Resource Center - Compliance Resource Center provides on-demand access to helpful resources to support your compliance efforts.

Business Infrastructure Official Blog

Google Cloud and Telefónica Partner to Accelerate Digital Transformation for Spanish Businesses - Google Cloud announces plans to launch a cloud region in Spain.


The Firebase Crashlytics SDK is now publicly available!

Articles, Tutorials

Infrastructure, Networking, Security, Kubernetes

Official Blog SRE

Building resilient systems to weather the unexpected - See how SRE teams at Google apply principles in practice to built resilient systems and prepare for any type of business continuity needs.

Anthos Official Blog

3 strategies to ensure business continuity using Anthos - Business continuity has never been more important, and it means so much more than the right backup and disaster recovery plans. Here are 3 strategies to consider.

Cloud Pub/Sub DevOps Monitoring Tutorial

Warehousing Cloud Monitoring Alerts - The article describes how to set alert to trigger Pub/Sub topic.

Anthos Kubernetes

Anthos — Multi-cluster Management - Using Anthos for a hybrid cloud.

Google Kubernetes Engine Kubernetes

Using CoreDNS on GKE - Overcoming kube-dns restrictions on GKE via stub domains.

IAM Security

The 3 Must-Ask Questions When Using Google Cloud IAM - A checklist of what you should think about prior to changing permissions.

IAM Security VPC

Demystifying GCP Security Responsibilities - Some tips on how to improve security in IAM and VPC.

IAM Security

Inventory Your GCP API Keys - Inventory, analyze, and report on your GCP API keys in an automated fashion.

App Development, Serverless, Databases, DevOps

Cloud Storage Official Blog Security

5 ways to enhance your cloud storage security and data protection - Make sure your cloud storage is well-protected using these 5 best practices for storage data protection.

Billing Official Blog Serverless

Optimizing for long-term cost management in fully managed applications - These general optimizations can increase the overall efficiency of your fully managed serverless applications and reduce your overall bill. Learn now.

Beginner Cloud CDN Tutorial

How to enable Google CDN for custom origin websites | Google CDN for external websites - This tutorial explains how to set up Cloud CDN for a website.

Cloud Functions Cloud Memorystore VPC

Connecting Cloud Functions To Redis (Memorystore) With Serverless VPC Connector - Quick and easy way to get cloud functions and Redis working in one simple script.

Cloud Build Cloud Run Firebase Machine Learning

Build your own AutoML Text Classification using Spacy & Firebase (Part 1) - A guide to building your own AutoML text classifier that’s cheap and easy to run by using ‘spaCy’ and ‘Firebase’.

Cloud Logging Stackdriver Tutorial

Exporting GCP Stackdriver logs to ELK Stack on Elastic Cloud - Exporting logs from GCP to Elastic Search.

CI Cloud Run Gitlab

How to deploy to the Google Run with Gitlab CI/CD - CI/CD pipeline on Gitlab to deploy Wordpress website to Cloud Run.

API Cloud Functions Cloud Pub/Sub Secret Manager

Salesforce Subscription to Google Pub/Sub Topic using Google Cloud Functions - Uploading data to Salesforce using Pub/Sub and Cloud Functions.

Compute Engine R Tutorial

Using RStudio With An iPad - Setting up R Studio on Compute Engine.

Big Data, Analytics, ML&AI

Cloud Pub/Sub Serverless

PubSub message filter: small feature for big improvements - The article explains Pub/Sub filtering capabilities.

Cloud Pub/Sub Python

Deduplication, Delayed Messaging and FIFO with Pub/Sub - Handling deduplication, delayed messaging, and FIFO for Pub/Sub.

Airflow Google Kubernetes Engine

Apache Airflow At Palo Alto Networks - Experience with a self-managed Airflow on GKE.

Cloud Dataprep Cloud Functions Cloud Storage

Automation of GCP Dataprep Pipeline - A process in which, Cloud Dataprep pipeline will execute and load the transformed data into Bigquery whenever a new file gets uploaded into Google Cloud Storage.


BigQuery Dataset Metadata Queries - Queries you can use to pull metadata on BigQuery datasets and tables.

AWS BigQuery

How we migrated our data warehouse from Redshift to BigQuery - Process of migrating data from AWS Redshift to BigQuery.

Big Data BigQuery GCP Experience

DNC Tech Choices: Why we chose BigQuery - Thoughts about migrating to BigQuery.

BigQuery Data Science Public Datasets

Intro to BigQuery and its Free Data Sets - A quick introduction on how to access and query Google’s BigQuery using their free public datasets.


BigQuery Fun Facts! - A list of BigQuery facts and properties.

AI Kaggle TensorFlow

Predicting Forest Cover Type with Tensorflow and model deployment in GCP - Using a Kaggle competition to get started with Tensorflow and learn how to deploy the model in GCP.

AI Cloud Functions Cloud Pub/Sub Dialogflow

AI-Driven News ChatBot (TL;DR) On GCP - Creating a Telegram Chatbot on GCP that summarizes news articles.


GCP Experience Official Blog Serverless

Gannett uses Google’s serverless platform to reach next generation of readers - Gannett used Google’s serverless stack to build a news reader app.

GCP Certification

Google GCP Associate Cloud Engineer Certification Tips - Resources to use when preparing for Associate Cloud Engineering Certification.


Access Context Manager - General availability of the Access Context Manager Bulk API.

AppEngine Standard Go 1.13 - The Go 1.13 runtime for the App Engine standard environment is now generally available. App Engine is now available in the asia-southeast2 region (Jakarta).

AppEngine Standard Python - App Engine is now available in the asia-southeast2 region (Jakarta).

BI Engine - BigQuery BI Engine is now available in the Jakarta (asia-southeast2) region.

BigQuery - Clustering for non-partitioned tables is now supported. BigQuery is now available in the Jakarta (asia-southeast2) region.

BigQuery ML - BigQuery ML is now available in the Jakarta (asia-southeast2) region.

BigQuery Transfer - BigQuery Data Transfer Service is now available in the Jakarta (asia-southeast2) region.

BigTable - Cloud Bigtable is now available in the asia-southeast2 (Jakarta) region.

CDN - HTTP(S) Load Balancing with Cloud CDN logging is available in General Availability.

Cloud Build - Upgraded to Docker server version 19.03.8.

Compute Engine - The asia-southeast2 Jakarta, Indonesia region is now available to all projects and users. Enhancements to the pre-configured Cloud Monitoring Compute Engine VM Instances dashboard.

Config Connector - Added ability to update streaming DataflowJobs by updating its spec (e.g.

Cloud Dataflow - Dataflow is now able to use workers in zones in the asia-southeast2 region (Jakarta).

Dataproc - Users can now configure a tempBucket in API calls. New subminor image versions: 1.2.99-debian9, 1.3.59-debian9, 1.4.30-debian9, 1.3.59-debian10, 1.4.30-debian10, 1.5.5-debian10, 1.3.59-ubuntu18, 1.4.30-ubuntu18, and 1.5.5-ubuntu18. Image 1.3+ Patched HIVE-23496 Adding a flag to disable materialized views cache warm up. Druid's Historical's and Broker's JVM and runtime properties are now calculated using server resources. If the project-level staging bucket is manually deleted, it will be recreated when a cluster is created. Dataproc now uses Compute Engine shielded VMs for Debian 10 and Ubuntu 18.04 clusters by default. Dataproc Job container logging now supports Dataproc Kerberized clusters. Image 1.5: Fixed a bug that prevented users from logging on to the Presto UI when using Component Gateway. Dataproc is now available in the asia-southeast2 region (Jakarta).

Datastore - Support for the asia-southeast2 (Jakarta).

Cloud Filestore - High Scale SSD tier released to beta. IP-based access control released to beta. Filestore service tier name change: Standard tier is now called Basic HDD. Filestore is available in the asia-southeast2 (Jakarta) region.

Cloud Firestore - Support for the asia-southeast2 (Jakarta).

Cloud Functions - Cloud Functions is now available in the following regions: europe-west6 (Zurich) us-west3 (Salt Lake City) See Cloud Functions Locations for details.

Cloud Healthcare API - v1. It is now possible to de-identify data from within the Healthcare Browser in the Cloud Console.

KMS - Cloud KMS and Cloud EKM resources are available in the asia-southeast2 region.

Google Kubernetes Engine - GKE cluster versions have been updated. Rollouts are phased across multiple weeks, to ensure cluster and fleet stability. The following Kubernetes versions are now available for new clusters and for opt-in master upgrades and node upgrades for existing clusters. No channel Note: Your clusters might not have these versions available. 1.15.11-gke.3. 1.15.11-gke.5. 1.15.11-gke.9. 1.15.11-gke.11. 1.15.11-gke.12. The COS image for GKE 1.15.12-gke.2 clusters and up is now cos-77-12371-227-0. The Ubuntu image for GKE 1.15.11-gke.17 clusters and up is ubuntu-gke-1804-1-15-v20200330. The COS image for GKE clusters in the Rapid release channel is now cos-81-12871-119-0. The region asia-southeast2 in Jakarta is now available.

Cloud Memorystore - Added new Memorystore for Redis region: Jakarta (asia-southeast2).

Cloud Monitoring - Enhancements to the pre-configured Compute Engine VM Instances dashboard.

Cloud PubSub - Pub/Sub is now available in the asia-southeast2 region (Jakarta). Pub/Sub message filtering is now available at the beta launch stage.

Cloud Run - Export a Cloud Run service to a YAML file with gcloud run services describe SERVICE --format export.

Cloud Spanner - A second multi-region instance configuration is now available in Europe - eur5 (London/Belgium). A multi-region instance configuration is now available in Asia - asia1 (Tokyo/Osaka). Cloud Spanner regional instances can now be created in Jakarta (asia-southeast2).

Cloud SQL MySQL - Support for asia-southeast2 region (Jakarta).

Cloud SQL Postgres - Support for asia-southeast2 region (Jakarta).

Cloud SQL SQL Server - Support for asia-southeast2 region (Jakarta).

Cloud Storage - Jakarta region (asia-southeast2) launched.

Cloud Vision API - OCR legacy model access extension Based on customer feedback, we have decided to extend support of the legacy TEXT_DETECTION and DOCUMENT_TEXT_DETECTION models.

Virtual Private Cloud - Firewall Rules Logging metadata controls is now available in Beta. For auto mode VPC networks, added a new subnet for the Jakarta asia-southeast2 region.

VPC Service Controls - General availability for bulk changes to service perimeters.

Cloud VPN - Cloud VPN is now available in region asia-southeast2 (Jakarta, Indonesia).

AI Platform Prediction - The Total latency chart on the Version details page of the Google Cloud Console was reporting incorrect information.

Cloud VPN - Cloud VPN is now available in region asia-southeast2 (Jakarta, Indonesia).

Service Mesh - 1.5.5-asm.0 and 1.4.10-asm.1 Fixes the security issue, CVE-2020-11080, with the same fixes as OSS Istio 1.5.5.


Latest Issues


Zdenko Hrček
Třebanická 183
Prague, Czech Republic
Phone: +420 777 283 075
Email: [email protected]