Welcome to issue #314 October 3rd, 2022


GKE Autopilot GPU Official Blog

Introducing support for GPU workloads and even larger Pods in GKE Autopilot - GPU support launches on GKE Autopilot. Run workloads like AI/ML training and inference, and video transcoding on a fully managed Kubernetes platform.

Cloud Spanner Official Blog

Cloud Spanner doubles the number of updates per transaction - Cloud Spanner supports 40,000 mutations per commit.

Cloud Natural Language API Official Blog

Google Cloud supercharges NLP with large language models - Google Cloud updates its Natural Language API with the power of large language models.

Cloud Deploy Official Blog

Google Cloud Deploy introduces post deployment verification - Deployment Verification allows developers and operators to add a list of test containers to be run post deployment and monitored for success/failure.

Cloud Deploy Cloud Run Official Blog

Google Cloud Deploy adds Cloud Run and deployment verification support - In this latest release, Google Cloud Deploy add supports for Cloud Run deployment and deployment verification in Preview.

Cloud Functions Cloud Run Official Blog Serverless

New startup CPU boost improves cold starts in Cloud Run, Cloud Functions - Announcing startup CPU boost for Cloud Run & Cloud Functions, allowing you to cut cold start time.

BigQuery Cloud Logging Official Blog Serverless

Introducing Cloud Logging - Log Analytics, powered by BigQuery - Announcing Log Analytics, a new set of features in Cloud Logging available in Preview, powered by BigQuery that allows you to gain even more insights and value from your logs.

Official Blog Workforce Identity Federation

Introducing Workforce Identity Federation to easily manage workforce access to Google Cloud - Workforce Identity Federation can help users onboard to Google Cloud using their identity and credentials that currently exist with their external identity provider.

Google Maps Platform Official Blog

Announcing Routes API: the new enhanced version of the Directions and Distance Matrix APIs

Google Maps Platform Official Blog

Announcing new routing, address validation and map customization capabilities

Official Blog VMware Engine

Google Cloud VMware Engine - What’s New: Increased commercial flexibility, ease of use and more - Learn about what’s new with Google Cloud VMware Engine.

Official Blog SAP

Accelerating SAP CPG enterprises with Google Cloud Cortex Framework - Google Cloud Cortex Framework launches analytics content to make it easier for SAP enterprises to solve common Consumer Packaged Goods use cases.

Data Analytics Official Blog

Introducing Device Connect for Fitbit: How Google Cloud and Fitbit are working together to help people live healthier lives - How Google Cloud and Fitbit are working together to help people live healthier lives with Device Connect for Fitbit.

DevOps Official Blog

Announcing the 2022 Accelerate State of DevOps Report: A deep dive into security - Security-enhancing DevOps practices are broadly adopted, this year’s DORA Accelerate State of DevOps Report found, but that’s not the whole story.

Articles, Tutorials

Infrastructure, Networking, Security, Kubernetes

Infrastructure Official Blog

How to get the most from your Intel-based instances on Google Cloud - Learn how Google Cloud is partnering with Intel to help our mutual customers optimize their most demanding workloads on Intel-based instances through the Intel Software Center of Excellence.

CISO Official Blog Security

Cloud CISO Perspectives: September 2022 - CISO Phil Venables shares his thoughts on Google Cloud’s recently-closed acquisition of Mandiant.

CISO Official Blog Security

What makes Google Cloud security special: Our reflections 1 year after joining OCISO - Google Cloud OCISO members Taylor Lehmann and David Stone reflect on their first year with the team, and what makes Google Cloud security special.

IAM Official Blog Security

Best Kept Security Secrets: Tap into the power of Organization Policy Service - Organization Policy Service is a powerful tool for creating broad security guardrails in the cloud. Learn more about how this Best Kept Security Secret works.

Cloud NAT Cloud VPN Networking

Connecting Google Cloud VPC Network with an Overlapping Network using Twice NAT - Handling overlapping networks while working with hybrid or multi-cloud infrastructure.

Anthos Kubernetes

Introduction to GKE On-Prem - An overview of GKE On-prem a.k.a Anthos on VMware.

Go Google Kubernetes Engine Kubernetes

Dynamic Kubernetes Configuration for GKE - Connect to GKE from outside the cluster by discovering the necessary configuration parameters from Google Cloud APIs.

Cloud Healthcare Data Loss Prevention API Official Blog Security

How Cloud tools help with healthcare data security - Data de-identification technology to help automate the identification and redaction of sensitive data using machine learning.

App Development, Serverless, Databases, DevOps

Official Blog Workspace

Efficient File Management using Batch Requests with Google Apps Script - Google Drive can handle small file management but when it comes to larger batches of files, with Google Apps Script, even large batches can be executed within 6 minutes, offering businesses the monetary and time benefits of efficient file management. This report looks at how Google Apps Script improves file management with batch requests, judging its efficacy by measuring the benchmark.

Cloud SQL Official Blog

Cloud SQL Query Insights GA for MySQL: Query Load, Tags, Query Plans! - We will learn how to use query insights to troubleshoot a slow running pet clinic app. For this, we will create a Cloud SQL for MySQL Instance, create a database, a few tables and insert records using SQL scripts. Build an application on Spring Boot that accesses the Cloud SQL database, containerized by Jib and deployed on Cloud Run. We will include a performance-intensive query. We will see how we can engage Cloud SQL Query Insights for MySQL in the journey of performance monitoring and troubleshooting.

Cloud SQL Official Blog VPC

Troubleshooting Cloud Functions connection issues to Cloud SQL private IPs - In this blog post, we'll go over 3 scenarios involving VPC and public/private IPs and how we've configured Cloud Functions to connect to a Cloud SQL instance in each.

Workflows Workspace

Writing to Google Sheets from Workflows - Example of a workflow that writes results from BigQuery query to Google Sheet.

Cloud Run Go Workflows

A Cloud Run service in Go calling a Workflows callback endpoint - Using callback endpoint in Workflows to resume execution.

Cloud Functions

Reduce cold start and execution time of Google Cloud Functions - Save seconds with simple tips.

Billing Cloud Run Cloud SQL

Reduce your Google Cloud Spend - How to set up and use committed discounts for Cloud Run and Cloud SQL.

Cloud Build DevOps

Using native tools in Google Cloud to build and deploy your application - Google Cloud offers a variety of tools and managed services to turbocharge your development process without having to set up infrastructure.

Cloud SQL

CloudSQL: Cross Region HA just got easier… and whole lot faster! - This article explains how to set cross regional highly available Cloud SQL instance.

Big Data, Analytics, ML&AI

BigQuery Cloud Dataflow Data Analytics NoSQL Official Blog

A data pipeline for MongoDB Atlas and BigQuery using Dataflow - Optimize moving and transforming data between MongoDB Atlas and BigQuery using Dataflow templates.

Data Analytics GCP Experience Machine Learning Official Blog

Built with BigQuery: BigQuery ML enables Faraday to make predictions for any US consumer brand - How Building with BigQuery ML enables Faraday to make predictions for any US consumer brand.

Data Analytics Official Blog

Lufthansa increases on-time flights by wind forecasting with Google Cloud ML - Learn how Lufthansa worked with Google engineers to do a wind forecasting prototype on Google Cloud, to reduce flight delays.

BigQuery Billing Data Science

7 Cost Optimization Practices for BigQuery - Things you can do to keep the cost of BigQuery lower.


GCP Certification Official Blog

Get a head start with no-cost learning challenges before Next ‘22 - Register for Google Cloud Next and explore no-cost learning challenges for developers, including #GoogleClout and the Google Cloud Fly Cup challenge.

Event Google Cloud Platform Official Blog

4 steps to get the most out of your Google Cloud Next experience - Get the scoop on the Google Cloud Next ‘22 session catalog & learn to create your own personalized event playlist.

Business Official Blog

Divercity uses Google Cloud to build more inclusive and sustainable workforces - Learn how Divercity uses Google Cloud to help tech companies measure employee diversity, recruit underrepresented talent, and significantly reduce turnover.

Slides, Videos, Audio

GCP Podcast - #321 DEI and Belonging in the Cloud with Jason Smith.

Kubernetes Podcast - #190 VMware Tanzu, with Betty Junod.

Security Podcast - #85 Deploy Security Capabilities at Scale: SRE Explains How.



Access Approval - Access Approval supports Dataproc in the GA stage.

Anthos Config Management - Config Controller now uses the following versions of its included products: Anthos Config Management v1.13.0, release notes Config Connector v1.94.0, release notes.

Anthos clusters on bare metal - 1.13. Release 1.13.0 Anthos clusters on bare metal 1.13.0 is now available for download. The dockershim component in Kubernetes enables cluster nodes to use the Docker Engine container runtime. Improved cluster lifecycle functionalities: Upgraded from Kubernetes version 1.23 to 1.24: Reverted some of the changes Kubernetes and the kubeadm tool made to certain labels and taints on control plane nodes. Known issues: For information about the latest known issues, see Anthos on bare metal known issues in the Troubleshooting section. 1.11. Release 1.11.6 Anthos clusters on bare metal 1.11.6 is now available for download. Fixes: Updated the container image to resolve a yaml text/template vulnerability. Known issues: For information about the latest known issues, see Anthos on bare metal known issues in the Troubleshooting section.

Anthos clusters on Azure - You can now launch clusters with the following Kubernetes versions: 1.24.3-gke.2100 1.23.9-gke.2100 1.22.12-gke.2300. Kubernetes 1.21 versions are no longer supported. You can now use the Google Cloud console to update, upgrade, and delete clusters on Azure. In Kubernetes version 1.24 and later, Google Cloud Managed Service for Prometheus (GMP) is available as an invite only private preview. Anthos clusters on Azure now supports Cloud Monitoring for Windows node pools from Kubernetes version 1.24 and later. Starting from Kubernetes version 1.24, virtual machines launched by Anthos clusters on Azure support System Assigned Managed Identities. In Kubernetes version 1.24 and later, there are now checks to the API to ensure that users aren't making inconsistent or erroneous requests. Starting from Kubernetes version 1.24, Anthos clusters on Azure switches to the external cloud provider. Go 1.18 stops accepting certificates signed with the SHA-1 hash algorithm by default. This release includes fixes for following CVEs: CVE-2022-1786 CVE-2022-29582 CVE-2022-29581 CVE-2022-1116 CVE-2022-34903 CVE-2021-4209 CVE-2022-29900 CVE-2022-29901 CVE-2022-2385 CVE-2022-1462 CVE-2022-1882 CVE-2022-21505 CVE-2022-2585 CVE-2022-23816 CVE-2022-2509 CVE-2022-2586 CVE-2022-2588 CVE-2022-26373 CVE-2022-36879 CVE-2022-36946.

Anthos clusters on VMware - Anthos clusters on VMware 1.13.0-gke.525 is now available. vSphere versions below 7.0 Update 1 are no longer supported in Anthos clusters on VMware. Cluster life-cycle Improvements: GA: A new asynchronous variation of the user cluster upgrade is now supported. connectgateway.googleapis.com API is now required to create new clusters in 1.13.0. Fixed the issue of cloud-init log not showing in the serial console for Ubuntu. In the configuration file template generated by gkectl create-config cluster, the pre-populated value for the commented field kubeception is shown as false, while the default value is true. Anthos clusters on VMware 1.12.2-gke.21 is now available. Fixed the issue where you may not be able to add a new user cluster if a user cluster is stuck in the deletion process, and your admin cluster is set up with a MetalLB load balancer configuration.

Apigee X - On September 28, 2022, we released an updated version of Apigee X (1-9-0-apigee-3). Bug ID Description 218567150 X-request-id headers modified at 14th character. Availability of scripts to recreate Apigee instances created before January 25, 2022. If you have an Apigee instance that was created before January 25, 2022, Apigee recommends that you replace it with a new instance.

Google Cloud Armor - The rule source for Cloud Armor preconfigured rules now includes ModSecurity Core Rule Set (CRS) 3.3 in General Availability.

BigQuery - In addition to standard rounding, BigQuery now supports the rounding mode ROUND_HALF_EVEN for parameterized NUMERIC or BIGNUMERIC columns. With Datastream for BigQuery, you can now replicate data and schema updates from operational databases directly into BigQuery. The totalItems field returned by the projects.list API method now returns the number of items per page, rather than an approximate total number of projects across all pages. In the Explorer pane, you can now open tables in Connected Sheets.

BigTable - The Cloud Bigtable observability metric high-granularity CPU utilization of hottest node is now generally available (GA).

Chronicle - The following changes are available in the Unified Data Model: A new field, risk_score, was added to Noun.investigation. Context Aware Detections - Risk Dashboard The Context Aware Detections - Risk dashboard provides insight into the current threat status of assets and users in your enterprise. Contextual enrichment in events and entities To enable a security investigation, Chronicle provides additional context about artifacts in a customer environment by calculating prevalence statistics, enriching events with geolocation data based on IP address, and ingesting data from Safe Browsing threat lists related to file hashes.

Key Access Justifications - Access Approval supports Dataproc in the GA stage.

Cloud Composer - Cloud Composer 1.19.11 and 2.0.28 release started on September 29, 2022. Airflow 2.3.3 is available in Cloud Composer images. Cloud Composer 1.19.11 and 2.0.28 images are available: composer-1.19.11-airflow-1.10.15 (default) composer-1.19.11-airflow-2.1.4 composer-1.19.11-airflow-2.2.5 composer-1.19.11-airflow-2.3.3 composer-2.0.28-airflow-2.1.4 composer-2.0.28-airflow-2.2.5 composer-2.0.28-airflow-2.3.3. Cloud Composer versions 1.17.1 and 2.0.0-preview.2 have reached their end of full support period.

Config Connector - Config Connector version 1.95.0 is now available. Added support for DLPDeidentifyTemplate resource. Added enableServiceLinks: false to all the Pod configurations in Config Connector installation bundle.

Container Registry - New pricing for Cloud Storage takes effect October 1, 2022.

Data Catalog - Public tags are now generally available (GA).

Data Catalog Resources - Public tags are now generally available (GA).

Dataproc Serverless - Dataproc Auto Zone Placement now takes ANY reservation into account by default. Dataproc Serverless for Spark now uses runtime version 1.0.19 and 2.0.0-RC4, which also upgrades both runtimes to Cloud Storage Connector to 2.2.8.

Dataproc - Dataproc Auto Zone Placement now takes ANY reservation into account by default. Dataproc Serverless for Spark now uses runtime version 1.0.19 and 2.0.0-RC4, which also upgrades both runtimes to Cloud Storage Connector to 2.2.8.

Datastore - In the Google Cloud console, updated the pages for editing an entity.

Deep Learning VM - M97 Release Improved the startup time for Ubuntu GPU images.

Document AI - This launch upgrades the lifecycle stage of the Custom Document Extractor (CDE) component of the DocAI Workbench from Private Preview to Public Preview. Notable new Public Preview Custom Document Extractor (CDE) features include: Progressive data import Direct import of annotated .json files as training or test datasets Data labeling platform integration Dataset export with metadata preserved Auto-labeling using a trained processor version at import to minimize manual annotation efforts Tabular entity end-to-end support Checkbox boolean annotation, training, and extraction Fuzzy matching for more flexible model evaluation Exportable / downloadable model evaluation metrics The following features have been upgraded: Data import Schema creation and annotation Processor model training Evaluation and troubleshooting Model deployment and version management Human-in-the-loop (HITL) integration for "last-mile" processor quality assurance. Known issues During labeling, checkboxes default to a state that does not reflect the selected or unselected states in the corresponding documents.

Networking Interconnect - Dedicated Interconnect support is available in the following colocation facilities: True IDC - North Muang Thong, Bangkok For more information, see the Locations table.

Google Kubernetes Engine - You can now run GPU-based workloads in Preview in Autopilot clusters that use GKE version 1.24.2-gke.1800 and later. In Autopilot clusters running GKE version 1.24.1-gke.1400 and later, you can now use the Balanced compute class to schedule your workloads that require very high memory or CPU requests. The Calico CNI authentication errors that caused pods to get stuck in Terminating or Pending state (see August 19, 2022 release notes) are fixed in the following GKE versions in the Rapid release channel: 1.24.4-gke.500 or later 1.23.11-gke.300 or later 1.22.14-gke.300 or later To fix the issue, upgrade your control plane to any of these versions. GKE control plane metrics is now available for clusters running Kubernetes control plane version 1.22.13 or later.

Cloud Logging - Cloud Logging now uses one service account and writer identity for all the sinks in a resource container that route logs to an external resource. Using Log Analytics, you can run SQL queries that analyze your log data to generate useful insights.

Marketplace Partners - When you create a private offer for a customer, the offer expires at 11:45 PM US and Canadian Pacific Time (UTC-8) on the offer acceptance deadline, instead of 12:00 AM UTC-8.

Cloud Memorystore - Added new Memorystore for Redis region: Dallas (us-south1).

Cloud Monitoring - The set of pre-configured Monitoring dashboards now includes a Microservices gRPC Overview dashboard. You can now collect additional Elasticsearch metrics from the Ops Agent, starting with version 2.21.0. You can now collect additional PostgreSQL metrics from the Ops Agent, starting with version 2.21.0. You can now use Prometheus Query Language (PromQL) when creating charts and dashboards in Cloud Monitoring.

Cloud Interconnect - Dedicated Interconnect support is available in the following colocation facilities: True IDC - North Muang Thong, Bangkok For more information, see the Locations table.

Network Intelligence Center - Connectivity Tests now includes a feature that verifies connectivity from a Cloud Function (1st gen) to a VM or public IP address.

Payment Gateway Issuer Switch - The payment operations console of the Payment Gateway is now available in preview.

Cloud PubSub - The Kafka Connector library for Pub/Sub and Pub/Sub Lite is now in preview.

Retail Recommendations AI - The Monitoring & Analytics page has been split into two separate pages.

Security Command Center - Sensitive Actions Service, a built-in service of Security Command Center Premium, is now available in Preview. Container Threat Detection, a built-in service of Security Command Center Premium, has launched a new detector, Malicious URL Observed, in Preview. The parentDisplayName attribute was added to the Finding object of the Security Command Center API.

SAP Solutions - BigQuery Connector for SAP version 2.5 Version 2.5 of BigQuery Connector for SAP is now generally available (GA).

Cloud Spanner - The following SPANNER_SYS statistical tables have been enhanced with new columns: Transaction statistics: TOTAL_LATENCY_DISTRIBUTION, OPERATIONS_BY_TABLE, and ATTEMPT_COUNT. The number of mutations per commit that Cloud Spanner supports has increased from 20,000 to 40,000. The ARRAY_SLICE function is now available to use in Google Standard SQL.

Cloud SQL MySQL - Query insights is now generally available. Cloud SQL for MySQL now supports high-availability for self-service migration.

Cloud SQL Postgres - Cloud SQL for PostgreSQL supports in-place major version upgrades in GA.

Cloud Storage - New buckets created using the Cloud Console now have public access prevention enabled by default.

Cloud Translation - Support for 24 new languages is Generally Available (GA).

Vertex AI - Vertex AI Model Monitoring Vertex AI Model Monitoring now offers Preview support for batch prediction jobs. Vertex AI Feature Store Feature value monitoring is now generally available (GA).

Video Stitcher API - The Video Stitcher API now supports CDN keys created for Media CDN.

Virtual Private Cloud - General Availability: You can monitor the following Private Service Connect producer metrics using Cloud Monitoring: Connected consumer forwarding rules Used NAT IP addresses For more information, see Monitor Private Service Connect published services.


Latest Issues


Zdenko Hrček
Třebanická 183
Prague, Czech Republic
Phone: +420 777 283 075
Email: [email protected]