Welcome to issue #333 February 13th, 2023


Cloud SQL Official Blog

Reducing the storage impact of Point-in-Time Recovery - Cloud SQL for Postgres is reducing the storage impact of enabling Point-in-Time Recovery.

Networking Official Blog

Extending reality: Immersive Stream for XR is now Generally Available - Immersive Stream for XR brings extended reality and photorealistic 3D experiences to every smartphone.

Cloud Pub/Sub Data Analytics Official Blog

Pub/Sub Lite’s Apache Spark Structured Streaming Connector is now Generally Available - The Pub/Sub Lite Spark connector supports the use of Pub/Sub Lite as both an input and output source for Apache Spark Structured Streaming.

Dataplex Official Blog

Deliver trusted insights with automatic data quality - Explores how Dataplex AutoDQ & data profiling enables automated rule creation & deployment of trusted data quality at-scale.

Google Maps Platform Official Blog

Build faster with new optimized solutions and step-by-step guidance - Today, we are introducing new enhancements to the Google Maps Platform experience in the Cloud console to help further increase your development velocity and drive business impact.

Articles, Tutorials

Infrastructure, Networking, Security, Kubernetes

CISO Official Blog

Health-ISAC and Google Cloud partner to build more resilient healthcare, one threat indicator at a time - Google Cloud is open-sourcing a first-in-the-market integration that can help more than 750 healthcare customers to speed up their use of Health-ISAC’s threat intelligence with Chronicle.

Anthos Official Blog

How Anthos helps improve your platform and application security and governance - How Anthos helps you improve your application and platform security and governance.

Networking Official Blog

Google Cloud Firewall capabilities to enhance your security posture and simplify configuration - Cloud Firewall has significantly enhanced its capabilities in the last six months. Here’s what’s new, and how it can help strengthen your security posture.

Anthos Official Blog

Harden your Kubernetes clusters and monitor workload compliance at scale with new PCI DSS policy bundle - Policy Controller enables the enforcement of programmable policies for Anthos clusters.

Cloud Armor Cloud Load Balancing Terraform

How to deploy Google Cloud Armor with HTTP(S) Load Balancer using terraform! - Google Cloud Armor is a network security service that provides defense against DDoS and application attacks. It offers a rich set of WAF….

Kubernetes Traffic Director

Traffic Director — Is it a Managed Istio Control Plane? - An overview of Traffic Director.

Kubernetes Microservices

Using Argo Events With Pub/Sub to Trigger Kubernetes Jobs in Google Cloud - Triggering Kubernetes Jobs from Google Cloud Pub/Sub messages.


Kubernetes with Red Hat Open Shift - This article is a hands-on tutorial on how to install an OpenShift Kubernetes Cluster on Google Cloud.

Terraform VMware Engine

Configure your private clouds using the Google Cloud VMware Engine IaC Foundations repository - Terraform modules for Google Cloud VMware engine.

App Development, Serverless, Databases, DevOps

Cloud Storage Official Blog

Access Control set up on Storage Transfer Service - Limiting data access for Cloud Storage Service transfer agents.

API Apigee Official Blog

Unpacking API Management policies [Part 1]: How to transform or reformat your payload - Every API use case is different. Apigee allows developers to control and manipulate traffic using robust policies without any overheads.

API Official Blog

Unpacking API Management policies [Part 2]: 5 ways to handle REST API authentication - APIs have become the primary attack vector and a focus area for developers and security professionals alike. Implementing robust authentication mechanisms for your REST APIs is crucial and the simplest way to protect your data moving through the boundaries.

API Official Blog

Large scale hybrid API management: Common challenges with structuring the right teams and platform - Hybrid cloud adoption is on the rise but managing APIs consistently across these environments is a challenge. Structuring the right teams and platform resources plays a key role in operating APIs at a large scale in hybrid environments.

API Official Blog

Large scale hybrid API management: Best practices in configuring clusters, scaling, and operations - Managing costs is top of mind. In this blog, we outline best practices that will help you optimize managing APIs at scale across hybrid environments.

Cloud SQL IAM Official Blog

Application security with Cloud SQL IAM database authentication - An overview of Cloud SQL authentication methods.

NetApp Official Blog VMware Engine

How to use NetApp CVS as datastores for Google Cloud VMware Engine - Learn about how you can use NetApp CVS for datastore expansion for Google Cloud VMware Engine.

Cloud Storage Official Blog

How to choose between regional, dual-region and multi-region Cloud Storage - Considerations and process for migrating your Google Cloud Storage data from multi-region to regional buckets.

Data Analytics Infrastructure Official Blog

How to migrate Cloud Storage data from multi-region to regional - Considerations and process for migrating your Google Cloud Storage data from multi-region to regional buckets.

Cloud SQL Official Blog

Understanding Cloud SQL connectors - Securely connect your application to PostgreSQL, MySQL, and SQL Server databases running on Cloud SQL using Cloud SQL connectors.

Big Data, Analytics, ML&AI

Batch Official Blog

Running Batch with Nvidia Clara Parabricks - If you want to process large scale data with Nvidia Clara Parabricks software, Batch is the solution for HPC computation / genomic processing on the Google Cloud Platform. No need to maintain a scheduler, no complicated architecture, auto scaling without any infrastructure setup process.

Data Analytics Dataform Official Blog

Transform SQL into SQLX for Dataform - This guide shows the first steps of transitioning legacy SQL into SQLX for Dataform to enable metadata management, data quality testing, and efficient development.

Apache Beam Data Science

The top 15 methods to know in Apache Beam to transform your data. - Learning to transform your data in a pipeline.


The BigQuery Autoscaling Public Preview Rundown - BigQuery slot autoscaling was just announced by Google as a public preview feature and it’s a pretty massive change from the pricing models that have existed for most, if not all, of its lifetime.


10 Advanced public BigQuery functions to elevate your game in NLP Preprocessing - Learn how to effectively perform text preprocessing using public BigQuery UDFs.

Big Data BigQuery

How to Deal with Wildcard Tables in BigQuery - A couple of tricks to speed up Your Data Warehousing.

Document AI

Building Custom Document Extraction Processors on Google Cloud Document AI - Example of using custom processor in Document AI.


Google Cloud Platform Official Blog

Scott Penberthy lost his mom to cancer — he’s now committed to using his passion for AI to advance healthcare - After losing his mom to cancer, Googler Scott Penberthy committed to using his passion for AI to help advance healthcare.

Google Cloud Platform Official Blog

Black History Month: Celebrating the success of Black founders with Google Cloud: Onramp - Onramp participates in the Google for Startups Accelerator: Black Founders and helps candidates from diverse backgrounds find great roles in tech.

Google Cloud Platform Kubernetes

2022 in review, first year in DevRel - Sharing personal and professional achievements for 2022.

Slides, Videos, Audio

Security Podcast - #107 How Google Secures It's Google Cloud Usage at Massive Scale.



Anthos clusters on bare metal - 1.12. Release 1.12.7 Anthos clusters on bare metal 1.12.7 is now available for download. Fixes: The following container image security vulnerabilities have been fixed: CVE-2021-3759 CVE-2021-46848 CVE-2022-3169 CVE-2022-3524 CVE-2022-3542 CVE-2022-3564 CVE-2022-3565 CVE-2022-3594 CVE-2022-3640 CVE-2022-41849 CVE-2022-41850 CVE-2022-42895 CVE-2022-42896 CVE-2022-42898 CVE-2022-43552. Known issues: For information about the latest known issues, see Anthos clusters on bare metal known issues in the Troubleshooting section.

Apigee X - On February 8, we released an updated version of Apigee X (1-9-0-apigee-21). The VerifyAPIKey policy and the VerifyAccessToken action of the OAuth2 policy now support CacheExpiryInSeconds. Bug ID Description 217173784 The HMAC.policy-name.error variable is populated for HMAC failing policies.

Artifact Registry - Container Analysis automatic scanning for Java and Go vulnerabilities in container images is now generally available.

BigQuery - You can now apply four new types of dynamic data masking to table columns in BigQuery. Autoscaling slot reservations are now available in preview. Cloud console updates: In the Explorer pane, you can now refresh the contents of a resource (project or dataset). The HAVING MAX and HAVING MIN clause for the ANY_VALUE function is now in preview. You can now view information related to query processing to monitor and optimize queries with the query_info column in INFORMATION_SCHEMA.JOBS, JOBS_BY_FOLDER and JOBS_BY_ORGANIZATION views. A weekly digest of client library updates from across the Cloud SDK.

Cloud Build - You can now create and manage repository connections using Terraform when using Cloud Build repositories (2nd gen).

Chronicle - Chronicle has released additional ingestion scripts, written in Python, that can be deployed as Cloud Functions. YARA-L outcomes In the outcome section, you can now define up to 20 outcome variables, with arbitrary names.

Compute Engine - Preview: You can modify the description, schedule frequency, or labels for a snapshot schedule instead of creating a new snapshot schedule.

Dataproc Serverless - New Dataproc Serverless for Spark runtime versions: 1.1.2 2.0.10. The default Dataproc Serverless for Spark runtime version has changed to 2.0.

Dataproc - New Dataproc Serverless for Spark runtime versions: 1.1.2 2.0.10. The default Dataproc Serverless for Spark runtime version has changed to 2.0.

Cloud Deploy - The ability to deploy to Cloud Run is now generally available.

Dialogflow - Dialogflow CX now provides flow import options for resolving resource conflicts.

Cloud Data Loss Prevention - To better understand the size and shape of your BigQuery data that's in scope for data profiling, you can run an estimation.

Eventarc - You can filter and search for instructions to create an Eventarc trigger based on the event provider, event destination, and event type.

Google Kubernetes Engine - (2023-R04) Version updates GKE cluster versions have been updated. For clusters running on GKE version 1.21—which reaches end of life on January 31, 2023—you can apply a one-time maintenance exclusion to prevent the cluster from being upgraded until April 30, 2023.

GKE - (2023-R04) Version updates Version 1.24.9-gke.2000 is now the default version.

Google Kubernetes Engine Rapid - (2023-04) Version updates Version 1.25.6-gke.200 is now the default version in the Rapid channel.

Google Kubernetes Engine Regular - (2023-R04) Version updates Version 1.24.9-gke.2000 is now the default version in the Regular channel.

Google Kubernetes Engine Stable - (2023-R04) Version updates Version 1.21.14-gke.14600 is now available in the Stable channel.

Marketplace Partners - As part of a limited Preview program, you can turn on automatic offer approval for software as a service (SaaS) products.

Cloud Monitoring - The Observability tab is now available for GKE Deployments.

Cloud Interconnect - Dataplane v2 for Cloud Interconnect is fully available for customers using Dedicated Interconnect or Partner Interconnect in the following regions: us-west3 (Salt Lake City) europe-west1 (Belgium) All new VLAN attachments that you create in these regions are automatically provisioned on Dataplane v2.

Retail Recommendations AI - Retail Search catalog support for Korean, Polish, and Turkish is now generally available (GA).

Security Command Center - Event Threat Detection, a built-in service of Security Command Center, launched the Persistence: New API Method rule to General Availability. The version 1.0 release of the Google SCC ITSM app and the Google SCC SIR app, which let you send data, such as findings, sources, assets, and audit logs, from Security Command Center to ServiceNow, is generally available.

SAP Solutions - Network interface support for automating SAP HANA deployments You can now specify if you want to use Google Virtual NIC (gVNIC) with your VM instance using the new argument nic_type.

Cloud Spanner - The Google Cloud console for Spanner now displays the status and progress of copy backup long-running operations that you have initiated in the console. Cloud Spanner now autocompletes and validates the syntax of your DDL statements when you use the Google Cloud console to write DDL statements for your PostgreSQL-dialect databases. Cloud Spanner now supports regional endpoints.

Cloud Speech-to-Text - We are removing SpeechContext.strength field within the next 4 weeks, because it has been deprecated and unused for more than a year.

Cloud SQL - The Cloud SQL Auth proxy is a utility for ensuring secure connections to your Cloud SQL instances.

Cloud Text-to-Speech - Text-to-Speech now offers Studio voices.

Vertex AI - The M104 release of Vertex AI Workbench managed notebooks includes the following: Added a fix for a security vulnerability in single-user managed notebooks instances.

VPC Service Controls - Preview stage support for the following integration: Policy Simulator.


Latest Issues


Zdenko Hrček
Třebanická 183
Prague, Czech Republic
Phone: +420 777 283 075
Email: [email protected]