Welcome to issue #297 June 6th, 2022


Billing Official Blog

Billing reports and Saved Cost Views - Try out Saved Cost Views to create and share custom views from the Google Cloud billing reports page.

Anthos Official Blog

Google Distributed Cloud adds AI, ML and Database Solutions to deliver customers even greater flexibility and choice - A selection of Google Cloud’s popular AI, ML and database services to be available for customers to use inside their own data centers via Google Distributed Cloud Hosted.

Document AI Official Blog

Google Cloud simplifies customer verification and benefits processing with Document AI for Identity cards - Google Cloud simplifies customer verification and benefits processing with Document AI for Identity.

Cloud Spanner Official Blog

Introducing granular instance sizing for Cloud Spanner, now run production workloads for as low as $40/month - Customers can now use Cloud Spanner for their production workloads for as low as $40/month and have the same industry leading availability, ability for extreme scale with consistent performance.

Google Cloud Platform Official Blog

Google Cloud’s preparations to address the Digital Operational Resilience Act - As the EU’s proposed DORA regulation reaches a major milestone, Google Cloud details our approach to its new rules and rule changes.

Articles, Tutorials

Infrastructure, Networking, Security, Kubernetes

Official Blog VMware Engine

Understanding Google Cloud’s VMware Engine Migration Process and Performance - Understand the complexities and performance of Google Cloud VMware Engine when migrating from on-prem location to your Google Cloud.

Networking Official Blog

Achieving cloud-native network automation at a global scale with Nephio - Learn how Google manages the software and hardware lifecycles of all these systems remotely to achieve cloud native network automation at scale.

Official Blog Security

Cloud CISO Perspectives: May 2022 - Google Cloud CISO Phil Venables shares his thoughts on the latest security updates from the Google Cybersecurity Action Team.

Google Kubernetes Engine Kubernetes

Getting started with GKE Gateway controller - One year ago, Google announced the preview release of the GKE Gateway controller and while it was kind of cool to play with initially, it….

GCP Experience GKE Autopilot Kubernetes Official Blog

How a robotics startup switched clouds and reduced its Kubernetes ops costs with GKE Autopilot - Compared with using AWS EKS, Brain Corp’s use of GKE Autopilot reduced the operational overhead involved with running 100,000 robots in production.

Docker Google Kubernetes Engine Kubernetes Microservices

Deploying Microservices to Kubernetes using Google Kubernetes Engine - Example of deploying service to GKE.

Cloud Load Balancing

How to redirect (301) HTTP to HTTPS in Google Cloud Platform using Load Balancer - Setting HTTPS redirect for a website hosted on Cloud Storage and managed with Load Balancer.

Cloud Identity Aware Proxy Compute Engine

How to manage GCP access using IAP and OS-Login - Discuss the details and best practices for GCP VM access management.


Enumeration and lateral movement in GCP environments - This write-up is about a pentest in which it was compromised a hybrid GCP hosted infrastructure using native GCP tools for situational awareness and lateral movement.

App Development, Serverless, Databases, DevOps

Document AI Official Blog

Automate identity document processing with Document AI - In this post, you’ll see how to process identity documents with Document AI and create your own identity form autofiller.

Document AI Machine Learning

Document AI JSON Tool - The highest level notion of Document AI is that one can send a document as a scanned or captured graphics image or a PDF and what will be….

Contact Center AI Official Blog

Apigee best practices for Contact Center AI - Learn seven Apigee best practices for building fast, effective chatbots using Contact Center AI and Apigee API Management.

Cloud Marketplace Official Blog

How SingleStoreDB uses Google Cloud Marketplace to drive great customer experiences - Google Cloud Marketplace enables partners like SingleStoreDB to enhance customer experiences.


Connecting to AlloyDB from your Local - Using alloydb-auth-proxy to connect from the local computer to AlloyDB.

Big Data, Analytics, ML&AI

Data Analytics GCP Experience Official Blog

Google Cloud helps ADAM and THOR find asteroids - Google Cloud and the Asteroid Institute discover 104 new asteroids using existing images of the sky and public cloud resources.

Apache Beam BigQuery Cloud Dataflow

BigQuery Clustered Tables from Beam — NOW AVAILABLE [ without partitioning ]! - Using BigQuery Clustered tables in Apache Beam.

Big Data Cloud Dataproc

Tuning Spark Applications to Efficiently Utilize Dataproc Cluster - Have you recently migrated your Spark application from the on-prem Yarn cluster to Dataproc? Then this blog post might help you to tune your Spark applications to efficiently utilize the GCP Dataproc and save cost.

Cloud Data Fusion Terraform

Cloud Data Fusion: Using Terraform to run ephemeral Data Fusion Instances - Using Terraform to automate the deployment of Data Fusion environments to use for short duration of time and reduce costs.

BigQuery Data Science

How to Use Partitions and Clusters in BigQuery Using SQL - Optimize your costs and speed up your queries.

Big Data BigQuery Data Science

A Senior’s Guide to Kickstart your BigQuery Journey - Missing basics you need to know when using BigQuery.

BigQuery Data Catalog Data Science

Google improves Data Security in BigQuery - Using Column based Data Masking in BigQuery and Data Catalog.


Raw Google Analytics 4 (GA4) Data in BigQuery (BQ) - Investigate the first visits from users using GA4 data in BigQuery.

BigQuery Machine Learning

A Step-by-Step Guide to Training a Machine Learning Model using BigQueryML (BQML) - A guide to using BigQuery ML on your GA4 data.

Cloud Storage Official Blog Vertex AI

Cloud Storage as a File System in Vertex AI Workbench Notebooks - Learn how to use GCS fuse to mount GCS buckets in Vertex AI Workbench notebooks.

GCP Experience Official Blog TPU

Snap Inc. adopts Google Cloud TPU for deep learning recommendation models - Snap, Inc. is using Google Cloud solutions to quickly turn millions of data points into personalized customer ad recommendations.


Google Cloud Platform Official Blog

“Take that leap of faith” Meet the Googler helping customers create financial inclusion - Cloud Googler shares how she has brought her purpose to her work, creating equity in the financial services space.

GCP Certification

Preparing for success with the GCP Professional Cloud Network Engineer Exam - Tips to be successful in GCP Network Engineer certification.

Book Google Cloud Platform

Visualizing Google Cloud Book Review - TLDR: Buy it!

Slides, Videos, Audio

GCP Podcast - #306 Network Analyzer with Zach Seils and Manasa Chalasani.

Kubernetes Podcast - #181 Configuration as Data, with Justin Santa Barbara.

Security Podcast - #67 Cyber Defense Matrix and Does Cloud Security Have to DIE to Win?

SRE Podcast - #9 Postmortems with Ayelet Sachto.



Anthos clusters on AWS - Anthos Clusters on AWS aws-1.11.1-gke.7 (previous generation) is now available. This release fixes the following CVEs: CVE-2022-24769 CVE-2022-1292 CVE-2022-25235 CVE-2022-25236 CVE-2022-25315 CVE-2022-23852 CVE-2021-4160 CVE-2022-25313 CVE-2022-24407 CVE-2022-23219 CVE-2022-23218 CVE-2021-3999.

Anthos clusters on bare metal - 1.10. Release 1.10.5 Anthos clusters on bare metal 1.10.5 is now available for download. Fixes: The following container image security vulnerabilities have been fixed: CVE-2022-1271 CVE-2022-22576 CVE-2022-27774 CVE-2022-24769. Known issues: For information about the latest known issues, see Anthos on bare metal known issues in the Troubleshooting section.

Anthos clusters on VMware - Cluster lifecycle improvements GA: You can use the Cloud console to create, update, and delete Anthos on VMware user clusters.

BigQuery - BigQuery Omni now supports Reservation and Access Control DCL. Column-level data masking is now available in preview.

BigTable - Cloud Bigtable now provides increased observability by letting you identify and monitor hot tablets in a cluster.

Cloud Composer - Web server restarting is available in Preview in Cloud Composer 2. IP Masquerade agent support is now generally available (GA) in Cloud Composer 1 and Cloud Composer 2. (Cloud Composer 2) Environment's size can now be updated for environments with Private Service Connect. (Cloud Composer 2) The amount of memory available to Redis queue now scales with the environment's size. Fixed a problem where an upgrade operation could fail when deleting the previous Cloud Composer namespace. Airflow 2.2.3 is no longer included in Cloud Composer images. Cloud Composer 1.18.11 and 2.0.15 images are available: composer-1.18.11-airflow-1.10.15 (default) composer-1.18.11-airflow-2.1.4 composer-1.18.11-airflow-2.2.5 composer-2.0.15-airflow-2.1.4 composer-2.0.15-airflow-2.2.5.

Compute Engine - Generally available: NVIDIA A100 GPUs are now available in the following additional regions and zones: Seoul, South Korea, APAC : asia-northeast3-a,b For more information about using GPUs on Compute Engine, see GPU platforms.

Config Connector - Config Connector version 1.87.0 is now available. Added spec.pscTargetService field to ComputeRegionNetworkEndpointGroup. Added spec.enableDynamicPortAllocation field to ComputeRouterNAT. Added spec.maintenancePolicy.maintenanceExclusion[].exclusionOptions field to ContainerCluster. Added spec.settings.activeDirectoryConfig field to SQLInstance. Added spec.gateways field to NetworkServicesTCPRoute.

Dataproc - Dataproc is now available in the us-east5 region (Columbus, Ohio). Dataproc is now available in the europe-southwest1 region (Madrid, Spain). Dataproc is now available in the europe-west9 region (Paris, France). New sub-minor versions of Dataproc images: 1.5.67-debian10, 1.5.67-ubuntu18, 1.5.67-rocky8 2.0.41-debian10, 2.0.41-ubuntu18, 2.0.41-rocky8. Dataproc on GKE error messages now provide additional information. Backported fixes for HIVE-22098, HIVE-23809, HIVE-20462, HIVE-21675 to Hive 3.1 in Dataproc 2.0 images. Fix a bug where properties related to Kerberos cross realm trust were not properly set. Fixed a bug where older-image (for example, 1.3.95) cluster create operations failed with the error message : "does not support specifying local SSD interface other than 'SCSI'".

Datastore - Support for VPC Service Controls is now available in General Availability.

Cloud Deploy - Google Cloud Deploy support for Skaffold version 1.37.1 has been updated to version 1.37.2, which is now the default Skaffold version.

Document AI - Identity DocAI General availability (GA) release The following Identity DocAI processors are now Generally Available (GA).

Eventarc - A dedicated user interface is now generally available (GA).

Cloud Firestore - Support for VPC Service Controls is now available in General Availability.

Cloud Healthcare API - De-identification operations are now billed progressively as the work completes. When a FHIR resource is modified, the full contents of the FHIR resource can be sent in a Pub/Sub notification.

Cloud Logging - The Logs Explorer has now replaced the Legacy Log Viewer.

Cloud Monitoring - You can now add, edit, and remove alerting policy user labels by using the Cloud console when you use the preview alerting interface.

Cloud PubSub - The Pub/Sub Java client library now supports gRPC compression to save networking costs before your publisher client sends out the publish request.

SAP Solutions - Google Cloud storage manager for SAP HANA standby nodes version 2.5 Version 2.5 of the Google Cloud storage manager for SAP HANA standby nodes is now available. Google Cloud Connector for SAP Landscape Management version 2.3.2 Version 2.3.2 of the Google Cloud Connector for SAP Landscape Management is now available. Cloud Storage Backint agent for SAP HANA version 1.0.18 Version 1.0.18 of the Cloud Storage Backint agent for SAP HANA is now available.

Cloud Spanner - Granular instance sizing is now generally available.

Cloud SQL MySQL - Cloud SQL now supports faster machine type changes, with connectivity dropping to less than 60 seconds.

Cloud Storage - Turbo replication is generally available (GA).

VMware Engine - Private cloud creation now uses the HCX Enterprise license level by default, enabling the following premium HCX features: HCX Replication Assisted vMotion (bulk, no-downtime migration) Migrations from KVM and Hyper-V to vSphere Traffic engineering Mobility groups Mobility-optimized networking.

VPC Service Controls - General availability for the following integrations: Firestore Firestore in Datastore mode. General availability for the following integration: Cloud Domains.

Workflows - Workflows is now available in the europe-west8 (Milan, Italy) region.


Latest Issues


Zdenko Hrček
Třebanická 183
Prague, Czech Republic
Phone: +420 777 283 075
Email: [email protected]