Welcome to issue #224 January 11th, 2021


Cloud Logging Official Blog

Find logs fast with new “tail -f” functionality in Cloud Logging - Now, you can troubleshoot your Google Cloud logs in real-time with Cloud Logging’s new “tail -f”-like functionality.

Articles, Tutorials

Infrastructure, Networking, Security, Kubernetes

CI DevOps Gitlab

Exploring Cloud Build, Source Repository plugin in Jenkins w/ Gitlab as SCM - Jenkins plugin for Cloud Build, Source Repo and Gitlab — CICD in GCP.

Kubernetes Security

GKE private cluster with a bastion host - Leaving GKE cluster opened for access from internet poses a security risk. Layering security to multiple level improves security posture.

IAM Security

Choosing Service or User or Impersonated Credentials For Google APIs - This article focuses on administration and security concepts that illustrate the power of and remove the myths around choosing credentials for Google API calls.

Config Connector Google Kubernetes Engine Kubernetes

GKE with Istio and Config sync - Google cloud has a great product called Anthos. Its best feature is able to span the Kubernetes engine cluster to other cloud providers or….

Data Studio Networking Security VPC Service Controls

Create a Data Studio dashboard to monitor VPC-SC violations on your Google Cloud Organization - Fixing VPC Service Control violations and creating a dashboard for monitoring.

App Development, Serverless, Databases, DevOps

Compute Engine R Tutorial

RStudio Server on GCP: the right way - This quick tutorial details how to install an RStudio Server on a Google Cloud Virtual Machine and how to easily enable remote access in a secure manner through SSH port forwarding.

Cloud Spanner Official Blog

The Magic Of Distributed Joins in Cloud Spanner - How do you join two tables when both of them are divided into multiple splits managed by multiple different machines? In this blog entry, we'll describe distributed joins using the Distributed Cross Apply (DCA) operator.

Cloud Spanner Official Blog

Behind the scenes of Cloud Spanner’s ExecuteQuery request - What happens when an application executes a query against Cloud Spanner? This post is going to shed some light on the magic that happens behind the scenes. How does Spanner take an arbitrary SQL statement, locate the data, and return the response in milliseconds? We will take some of the concepts described in SIGMOD’17 paper and explain, step by step, how the execution occurs.

Cloud SQL Networking Security

Cloud SQL with private IP only: the Good, the Bad and the Ugly - To remove private IP on the database is a legacy pattern. Cloud SQL and its proxy allow to go beyond and always secured.

Firebase Official Blog Security

How to code review security rules - This post will walk through how to approach reviewing and giving good feedback on Security Rules in Firebase.

Cloud Build Firebase

Firebase hosting: Production and Staging environment with Cloudbuild - Firebase deployments with Cloud Build.

Cloud Run Cloud SQL Docker NodeJS Terraform

Building a Fully Automated, Scalable, Cost Efficient and Performant Web Infrastructure for 2021 - Part 1: Setting Up Locally.

Cloud Load Balancing Cloud Run Serverless

Create a Cloud Run service and https load balancer with Pulumi - Options to set a custom domain to Cloud Run.

CI Cloud Run DevOps Terraform

CI/CD for Cloud Run with Terraform - How to automate GCP Cloud Run setup with Terraform Cloud (Parts 1& 2).

Cloud IoT Cloud Pub/Sub IoT

Production-Scale IoT Best Practices: Implementation with GCP (Part 1/3) - How to securely register millions of IoT devices streaming telemetry data to your Google Cloud environment.

Elixir Erlang

Watch Google Bucket with Elixir: Google Cloud Storage + PubSub + Elixir Broadway - Example of processing Pub/Sub messages in Exilir.

Big Data, Analytics, ML&AI

BigQuery Machine Learning

Running Kedro Machine Learning Pipelines with Google Cloud BigQuery ML - Simplifying Kedro pipelines by deploying them in Google Cloud Notebooks, and using BigQuery for data storage and machine learning.

Data Catalog SAP

How to Discover Your Sap HANA Assets in Google Data Catalog - Learn how to ingest SAP HANA metadata to Google Data Catalog and extend it with your user needs.

C++ Cloud Pub/Sub Official Blog

Running large-scale C++ workloads with Cloud Pub/Sub and GKE - Learn how to use Pub/Sub and GKE effectively to run large-scale C++ applications on Google Cloud.

BigQuery Billing

Reducing BigQuery production cost by 70% with Flex Slots - Reducing BigQuery costs.

BigQuery Cloud SQL

Send Cloud SQL Data to BigQuery - Automated data pipeline to move Cloud SQL data to BigQuery.

BigQuery Data Analytics Data Studio

Analyze Jira Issues using BigQuery and Data Studio - Analyzing Jira issues in BigQuery.

BigQuery Data Analytics Machine Learning

Agile Machine Learning with dbt and BigQuery ML - Combine the orchestration power of dbt with the ML power of BigQuery.

AI Platform Machine Learning TPU

Running PyTorch with TPUs on GCP AI Platform Training - Using TPUs in PyTorch on AI Platform.

Docker Jupyter Notebook Machine Learning TensorFlow

AI Platform Notebooks with multiple “Docker” kernels - This post will show you how to create different Jupyter kernels where each kernel will be using a different Deep Learning Container.

Cloud Dataprep Cloud Functions Python

Google Cloud Functions for Cloud Dataprep - Examples of Google Cloud Functions for Cloud Dataprep.

Cloud Pub/Sub GCP Experience

How we compress Pub/Sub messages and more, saving a load of money - Migrating logs from one Elasticsearch cluster to another via Pub Sub and doing price optimisations.


GCP Certification

How I fail the GCP Professional Cloud Architect certification exam - Self reflection after not passing GCP certification exam.

Infrastructure Serverless

GCP Sketchnotes on GitHub - Every product in the Google Cloud family described in the visual sketchnote format to grasp the capability of the tools quickly and easily.


Anthos Config Management - 1.6.0. Config Sync unintentionally started using the absolute path in the file system with spec.git.policyDir.

Cloud Composer - In an upcoming Cloud Composer version release, DAG Serialization will be enabled by default when creating new Cloud Composer environments.

Config Connector - Config Connector version 1.34.0 is now available. Added support for IAM Member References. Added support for the GameServicesRealm resource. Added IAM support for ComputeDisk. Added cacheMode, clientTtl, defaultTtl, maxTtl, negativeCaching, negativeCachingPolicy, serveWhileStale, and customResponseHeaders fields to ComputeBackendBucket. Added customTimeBefore, daysSinceCustomTime, daysSinceNoncurrentTime, and noncurrentTimeBefore fields to StorageBucket. Allow for IAMPolicy, IAMPolicyMember, and IAMAuditConfig to reference resources in other namespaces. Added support for UpdateFailed, DeleteFailed, DependencyNotFound, and DependencyNotReady events to IAMPolicy, IAMPoicyMember, IAMAuditConfig. Allow for Project and Folder resources to be migrated across folders and organizations by updating the folder-id/organization-id annotation.

Dataproc - Added support for new persistent disk type, pd-balanced. New sub-minor versions of Dataproc images: 1.3.80-debian10, 1.3.80-ubuntu18, 1.4.51-debian10, 1.4.51-ubuntu18, 1.5.26-centos8, 1.5.26-debian10, 1.5.26-ubuntu18, 2.0.0-RC22-debian10, and 2.0.0-RC22-ubuntu18. Image 2.0 preview: Upgraded Delta Hive connector to version 0.2.0. Image 2.0 preview: HIVE-21646: Tez: Prevent TezTasks from escaping thread logging context.

Cloud Data Loss Prevention - Hybrid Jobs are now available for inspecting external data sources.

VPC Service Controls - General availability for the following integration: Compute Engine.

Traffic Director - Traffic Director now supports TCP-based services in Preview.


Latest Issues


Zdenko Hrček
Třebanická 183
Prague, Czech Republic
Phone: +420 777 283 075
Email: [email protected]