Welcome to issue #337 March 13th, 2023


Cloud Spanner Official Blog

Rapidly expand the reach of Spanner databases with read-only replicas and zero-downtime moves - Cloud Spanner now offers configurable read-only replicas and a zero-downtime instance move service, expanding its geographic reach.

Cloud Healthcare Official Blog

Driving operational insights with Healthcare Data Engine Accelerators - New Healthcare Data Engine accelerators allow healthcare providers to leverage use-case driven insights to improve patient health outcomes.

Business NoSQL Official Blog

Google Cloud and MongoDB expand partnership to support startups - Google Cloud and MongoDB have expanded their partnership to support high-potential startups through their startup programs.

Business NoSQL Official Blog

Accelerating the MongoDB-Google Cloud partnership to make data more open and transformative - Google Cloud and MongoDB are accelerating their partnership to support increased adoption of MongoDB Atlas.

Contact Center AI Official Blog

Google is a Leader in the 2023 Gartner® Magic Quadrant™ for Enterprise Conversational AI Platforms - With demand for high-quality and trustworthy conversational AI at its highest, we’re thrilled to deliver best-in-class conversational AI tools.


Articles, Tutorials

Infrastructure, Networking, Security, Kubernetes

Data Analytics Google Kubernetes Engine Official Blog

Game on and on and on: Google Cloud's strategy for live service games - With Google Cloud for Games, we’re bringing Google scale and analytics to the developers creating live service games for players around the world.

Network Connectivity Center Networking

GCP Routing Adventures vol. 2: enterprise multi-regional deployments in Google Cloud - This article describes how to use Network Connectivity Center Router Appliance to create multi-regional, hub-and-spoke architectures using Network Virtual Appliances.

Google Kubernetes Engine Infrastructure Kubernetes Networking

GCP DNS Endpoints With GKE - Domain name with GCP DNS for testing in GKE.

Official Blog SRE

Adopting SRE: Standardizing your SLO design process - Designing SLOs is a key SRE competency which requires careful consideration and a consistent approach to implementation.

Official Blog VMware Engine

What Google Cloud VMware Engine can do for you: Three customers talk TCO - ADT, LIQ, and Viant discuss why they migrated their VMware-based applications to Google Cloud VMware Engine.

Google Kubernetes Engine Official Blog

5 GKE features to help you optimize your clusters - Make your Kubernetes clusters more efficient, cheaper and easily adjustable to scale up and down.

BigQuery Chronicle Looker

Monitoring Detection Rule Latency in Chronicle SIEM - This post covers how you can monitor Detection Rule latency in Chronicle SIEM, and common causes of late arriving Detections.

Kubernetes Terraform

GCP-Terraform to deploy Private GKE Cluster. - One of your most important decisions when creating a GKE cluster is deciding whether it will be public or private. Public Clusters are….

Infrastructure Networking

Google Cloud Networking fundamentals - Explanation of Google Cloud Networking concepts.

Billing Resources Manager Visualization

Effortlessly Visualize GCP Resources Hierarchy and Billing Data with Sunburst Diagrams - The goal of this article is to explore the use of a Sunburst diagram as a way to combine GCP Billing data and Resources Hierarchy into a single, user-friendly visual representation.

Google Kubernetes Engine Kubernetes Microservices

Kubernetes Multi-Cluster deployments with GKE: Part 2 -Service Export

Infrastructure Terraform

How to keep your terraform code clean and robust (Part2) - This blog post shows how you can test your infrastructure with Terraform and Terratest on the Google Cloud Platform.

Networking Security VPC Service Controls

Protecting Sensitive Data: Securing Data Pipelines on Google Cloud (part 2) - This series of stories will help you to design and secure workload on GCP with different levels of protection.

Networking Security VPC Service Controls

Protecting Sensitive Data: Securing Data Pipelines on Google Cloud (part 3) - This series of stories will help you to design and secure workload on GCP with different protection levels.

App Development, Serverless, Databases, DevOps

GCP Experience Official Blog

Helcim transforms payments for small and medium-sized businesses - To scale the business, while boosting security and innovation for its SMB customers, Helcim migrated its payments platform to Google Cloud.

GCP Experience Official Blog

How one ecommerce leader supports 3x growth with Google Cloud - Italian retailer Giglio works with Google Cloud and partner Cloudmind to scale its business and expand into new regions.

Cloud Bigtable Data Analytics Official Blog

At Box, a game plan for migrating critical storage services from HBase to Cloud Bigtable - Migrating to Cloud Bigtable from Apache HBase had clear benefits for Box. This highlights a game plan for migrating critical storage services to Bigtable.

Cloud Spanner GCP Experience Official Blog

Cloud Spanner powers Kochava's mobile analytics platform - With Cloud Spanner, Kochava gained a single consolidated database solution that could scale to meet its real-time processing requirements.

Cloud SQL Migration

Migration of DB2 to GCP CloudSQL Postgres - Example of migrating IBM DB2 to Cloud SQL.

Cloud Spanner

Minimal Downtime Cloud Spanner Migrations Using HarbourBridge - HarbourBridge is a stand-alone open source tool for Cloud Spanner evaluation and migration, using data from an existing PostgreSQL, MySQL, SQL Server, Oracle or DynamoDB database.

Artifact Registry Kubernetes

Remote Repository with Artifact Registry - Exploring remote repository on Artifact Registry to deploy images to GKE.

Cloud Identity Aware Proxy Cloud Run Cloud SQL

Hosting a fully Serverless Web-Based Postgres Admin Client on GCP using Pgweb, Cloud Run, & IAP - Deploying Pgweb on Cloud Run, a lightweight web-based database explorer for PostgreSQL.

Big Data, Analytics, ML&AI

Data Analytics NoSQL Official Blog

Enriching Knowledge Graphs in Neo4j with Google Enterprise Knowledge Graph - Neo4j delivers a graph data platform. Google Enterprise Knowledge Graph is a knowledge store. Learn how they differ from and complement one another.

Cloud Dataproc Terraform

Creation of Google Cloud Platform Dataproc Workflow templates via Terraform

Cloud Dataflow PubSub

Building an End-to-End Hate Speech Detection system on Google Cloud - Building a real-time end-to-end hate speech detection system that is analyzing Youtube comments.

Cloud Dataflow Networking

Eliminate Auto-Scaling Bottlenecks by using Private IPs for Dataflow Workers - By default, Dataflow workers have public IPs with limited quotas. Get around this limitation and improve security via private IPs.

Cloud Data Fusion GCP Experience

My journey with Google Cloud Data Fusion - Hands-on experience with Data Fusion, pros and cons.

Airflow Big Data Cloud Dataproc Cloud Storage

Event Driven Data Processing on Google Cloud Platform - An example of event-driven data pipeline.


Table functions — A hidden gem in Google’s BigQuery - One of the multiple benefits of moving to the cloud is simplification.

BigQueryML Official Blog

Sentiment analysis with BigQuery ML - This blog demonstrates the use of sparse features with BigQuery ML to perform a sentiment analysis on a BigQuery public dataset.

Earth Engine Machine Learning Official Blog

Using ML to predict the weather and climate risk - We give a summary of Google’s weather prediction model and how to approach building one using Google Cloud and Earth Engine.

Cloud Run Machine Learning

How To Deploy and Test Your Models Using FastAPI and Google Cloud Run - Learn how to turn your model into a service that runs in the cloud in this end-to-end tutorial.

Machine Learning TensorFlow Terraform

Running a Stable Diffusion cluster on GCP with tensorflow-serving (Part 1) - Part1: Setting up the infrastructure using terraform.

Machine Learning Vertex AI

Deploy Flan-T5 XXL on Vertex AI Prediction - Learn how to deploy a FLAN-T5 XXL model in Vertex AI.


Google Cloud Platform Official Blog

Celebrating women driving impact at Google Cloud - Many of the women leaders at Google Cloud were the “first” or “only” in their industry or field and have since paved the way for others.

Google Cloud Platform Official Blog

Women’s History Month: Celebrating the success of women founders: Schoolio - Schoolio chose Google Cloud to run its E-learning platform which offers immersive, K8 teaching materials to help children reach their full potential.

Google Cloud Platform Official Blog

“I wouldn’t have believed you” How Brazilian Googler José Neto built his own path to tech with relentless learning and hustle - Brazilian Googler José Neto’s relentless learning and hustle helped him build a career supporting customers’ transformation for some of the country’s biggest tech companies.

Slides, Videos, Audio

Security Podcast - #111 How to Solve the Mystery of Application Security in the Cloud?



Access Approval - Access Approval supports Cloud NAT in the GA stage.

AlloyDB - Cloud Client libraries for the AlloyDB Admin API are in Preview.

Anthos Config Management - Config Controller now uses the following versions of its included products: Anthos Config Management v1.14.2, release notes.

Anthos clusters on bare metal - 1.13 & 1.14. Cluster lifecycle improvements 1.13.1 and later Starting with Anthos clusters on bare metal release 1.13.1, you can use the Google Cloud console or the gcloud CLI to upgrade admin and user clusters managed by the Anthos On-Prem API.

Anthos clusters on Azure - You can now launch clusters with the following Kubernetes versions: 1.23.16-gke.200 1.24.9-gke.2000 1.25.5-gke.2000. Fixed an issue where certain errors weren't propagated and reported during cluster create/update operations. This release fixes the following vulnerabilities: CVE-2022-2097 CVE-2022-42898.

Anthos clusters on VMware - Anthos clusters on VMware 1.14.2-gke.37 is now available. We no longer silently skip saving empty files in diagnose snapshots, but instead collect the names of those files in a new empty_snapshots file in the snapshot tarball. Fixed an issue where user cluster data disk validation used the cluster-level datastore vsphere.datastore instead of masterNode.vsphere.datastore. Fixed the following vulnerabilities: Critical container vulnerabilities: CVE-2021-46848 CVE-2022-23521 CVE-2022-41903 High-severity container vulnerabilities: CVE-2022-39260 CVE-2023-23946 CVE-2022-3094 CVE-2022-42898 Container-optimized OS vulnerabilities: CVE-2023-0286 CVE-2023-0461 Ubuntu vulnerabilities: CVE-2022-4203 CVE-2022-4304 CVE-2022-4450 CVE-2023-0215 CVE-2023-0216 CVE-2023-0217 CVE-2023-0286 CVE-2023-0401 CVE-2022-28321. Cluster lifecycle improvements versions 1.13.1 and later You can use the Google Cloud console or the gcloud CLI to upgrade user clusters managed by the Anthos On-Prem API. 1.12.6 patch release Anthos clusters on VMware 1.12.6-gke.35 is now available. Fixed a bug where KSASigningKeyRotation always shows as an unsupported change during user cluster update. Fixed the following vulnerabilities: Critical container vulnerabilities: CVE-2022-32221 CVE-2022-23521 CVE-2022-41903 CVE-2021-46848 High-severity container vulnerabilities: CVE-2022-39260 CVE-2023-23946 CVE-2022-3094 CVE-2022-42898 Container-optimized OS vulnerabilities: CVE-2023-0286 CVE-2023-0461 Ubuntu vulnerabilities: CVE-2022-28321 CVE-2022-3643 CVE-2022-42896 CVE-2022-43945 CVE-2022-45934.

AppEngine Standard Ruby - The Ruby 3.20 runtime for App Engine standard environment is now available in preview.

Batch - Batch is available in the following regions: asia-south1 (Mumbai) asia-east1 (Taiwan) europe-west3 (Frankfurt) southamerica-west1 (Santiago) us-east4 (Northern Virginia) For more information, see Locations.

BigQuery - The CREATE TABLE AS SELECT statement now lets you filter data from files in Amazon S3 and Azure Blob Storage before transferring results into BigQuery tables This feature is in preview. Case-insensitive collation support is now generally available (GA).

Chronicle - The [all namespaces] menu item in Asset view will be removed on July 1, 2023. The SentinelOne Alert feed has been enhanced to ingest both alerts and threats.

Key Access Justifications - v1. Access Approval supports Cloud NAT in the GA stage.

Data Fusion - SAP BW OHD, SAP ODP, SAP OData, SAP SLT, and SAP Table plugins version 0.8 is generally available (GA) in Cloud Data Fusion versions 6.8.0 and later.

Dataproc Metastore - v1. Dataproc Metastore 2 is now Generally Available (GA). The Spanner database type is generally available (GA). Auxiliary versions is generally available (GA).

Dataproc - New Dataproc Serverless for Spark runtime versions: 1.1.6 2.0.14 2.1.0-RC2. Upgraded Spark BigQuery connector version to 0.28.1 in 1.1 and 2.1 Dataproc Serverless for Spark runtimes. Added stronger validations to disallow upper-case characters in template IDs per Resource Names guidance, which allows Workflow template creation to fail fast instead of failing at workflow template instantiation. Added decision metric field in Stackdriver autoscaler logs.

Cloud Deploy - Google Cloud Deploy now provides the ability to deploy to multiple targets at the same time, supported in preview.

Cloud Filestore - Filestore data is compliant with at-rest and in-use data residency requirements pursuant with Google Cloud terms of service.

IAM - You can now set an expiry time for all newly created service account keys in your project, folder, or organization.

Google Kubernetes Engine - Backend Service-based external Network load balancers are now generally available with GKE.

Load Balancing - The Cloud Load Balancing Console now allows you to see the equivalent API code for actions you take in the Console.

Cloud Logging - Log-based metrics on log buckets are now generally available (GA). Starting with version 2.28.0, the Ops Agent limits the amount of disk space it can use to store buffer chunks. You can now route logs through the Log Router of another Google Cloud project.

Cloud Monitoring - You can now have Cloud Monitoring send an email that contains a dashboard URL to people or groups in your organization. You can now use the gcloud CLI to configure a snooze, which prevents Cloud Monitoring from sending notifications or creating incidents during specific time periods. You can now view and list incidents on your custom dashboards.

Network Intelligence Center - Network Topology now includes cross-project metrics for network traffic sent across Shared VPC or VPC Network Peering boundaries within the same organization. You can now see allow rules that are no longer active based on usage patterns and trends. You can now see shadowed rule insights for hierarchical firewall policies and global network firewall policies in Firewall Insights.

Cloud PubSub - A weekly digest of client library updates from across the Cloud SDK.

Resource Manager - You can now create dry-run organization policies to monitor how policy changes would impact your workflows before they are enforced.

Cloud Run - You can now authenticate to a Cloud Run service by including a Google-signed OpenID Connect ID token in the X-Serverless-Authorization header if your application already uses the Authorization header for custom authorization.

Secret Manager - Support for Annotations in Secret Manager is now generally available.

Cloud Spanner - Cloud Spanner fine-grained access control is now generally available.

Cloud Storage - In buckets with turbo replication enabled, objects uploaded using XML API multipart uploads are now included in the turbo replication RPO.

Transfer Appliance - 4.0. ta check is a command line tool to detect and help fix configuration issues with Transfer Appliance and Edge Appliance.

VMware Engine - VMware Engine nodes are now available in the following additional region: asia-south2 (Delhi).

VPC Service Controls - Preview stage support for the following integration: Public Certificate Authority.

Virtual Private Cloud - Connectivity to Private Service Connect endpoints used to access a managed service is supported over VLAN attachments for Cloud Interconnect. Consumption of IP addresses in Private Service Connect NAT subnets is improved for service attachments that are created after March 1st, 2023.


Latest Issues


Zdenko Hrček
Třebanická 183
Prague, Czech Republic
Phone: +420 777 283 075
Email: [email protected]