Welcome to issue #347 May 22nd, 2023


Cloud Storage Official Blog

Understand and manage data at scale with Cloud Storage Insights - The new Storage Insights inventory report offers comprehensive and actionable insight into data assets stored in Cloud Storage buckets.

Compute Engine Official Blog

Announcing new idle VM recommendation configuration option in Google Cloud - A new configuration option for idle Virtual Machine recommendations gives you control over how idle VMs are identified and recommended for deletion.

Cloud Workstations Official Blog

Cloud Workstations is now GA, with new capabilities and integrations - Cloud Workstations, now GA, enables faster developer onboarding and increased productivity with an enhanced security posture.

GCP Certification Official Blog

Seven new no-cost generative AI training courses to advance your cloud career - Google Cloud Skills Boost now includes no-cost generative AI training.

Google Maps Platform Official Blog

2023 Accessibility updates in the Maps JavaScript API - In recognition of Global Accessibility Awareness Day on May 18, we wanted to share work we’ve done over the last year to improve accessibility in the Maps JavaScript API since our latest update last year.

Cloud Speech API Official Blog

Bringing the power of large models to Google Cloud’s Speech API

AI Official Blog

Introducing Duet AI for developers: The next frontier in AI-powered developer productivity - Explore how Google Cloud’s Duet AI can make developers more productive.

Cloud Dataflow Data Analytics Official Blog

Introducing Dataflow Cookbook: Practical solutions to common data processing problems - The new Dataflow Cookbook covers common data processing topics like windowing and triggers, and advanced pipeline patterns.

Data Analytics Official Blog

Faster together: How Dun & Bradstreet datasets accelerate your real-time insights - Much of Dun & Bradstreet’s catalog is on Analytics Hub and the Google Cloud Marketplace, for simplified procurement and consolidated billing.

Cloud Security Command Center Data Loss Prevention API Official Blog

Cloud Data Loss Prevention’s sensitive data intelligence service is now available in Security Command Center - Cloud DLP can monitor your data warehouse to show where sensitive data is stored and processed. You now can use Security Command Center to prioritize findings that drive the greatest risks.

Anthos Google Kubernetes Engine Official Blog

Policy Controller dashboard: Now available for all Anthos and GKE environments - Policy Controller enforces programmable policies for Anthos clusters, which you can manage through the enhanced Policy Controller dashboard.

GCP Certification Official Blog

How to get started with Google Cloud: Introducing our new learning hub and learning benefits for Innovators - The new Google Cloud learning hub helps you discover the latest learning and trainings available for the most in-demand cloud job roles.

Official Blog Public Sector

Google Public Sector announces Board of Directors - Google Public Sector announces Board of Directors to help meet the needs of our customers, anticipate future needs, and drive differentiation in the U.S. public sector market.

Event Official Blog

How to easily migrate your apps to containers — free deep dive and workshop - Google Cloud is hosting a free workshop on May 24th, 2023, that will teach you everything you need to know about migrating your app to containers.


Articles, Tutorials

Infrastructure, Networking, Security, Kubernetes

CISO Official Blog Security

Cloud CISO Perspectives: Early May 2023 - Guest author MK Palmore talks about Google Cloud’s new Grow with Google Certifications and how they can help organizations close the security talent gap.

Billing Official Blog

When they go closed, we go open – Google Cloud and open billing data - Google Cloud partnered with the FinOps Foundation on FOCUS, a Linux Foundation project, to establish an open specification for cloud billing data.

GCP Experience Google Kubernetes Engine Official Blog

How SEEN scaled output 89x and reduced GPU costs by 66% using Google Kubernetes Engine - Personalized video provider SEEN dramatically scaled its output by building on Google Cloud and Google Kubernetes Engine (GKE).

Google Kubernetes Engine Official Blog

Enriching GKE observability-in-context with uptime checks - Cloud Monitoring’s uptime checks monitor an application's availability and performance on an on-going basis, now directly from the GKE user interface.

Google Kubernetes Engine Official Blog

Backup for GKE - Part 2 - backup & restore plan - Set up your GKE backups automatically to help prepare you for upgrades or emergencies.

Compute Engine Networking VPC

Privately access services in overlapping networks in GCP - This blog shows you how to use Private Service Connect to privately access services running in VM/GKE clusters with overlapping networks.

Cloud Resource Manager Python

Exploring Google Cloud Resource Manager with Python — V1.0 - Listing projects under google cloud organisation hierarchy using Python.


Building a L7 Web Proxy on Google Cloud Platform (GCP) with Squid Proxy and ClamAV - This article provides step-by-step instructions on constructing a layer 7 (application) web proxy on Google Cloud from scratch by leveraging Squid and ClamAV open-source tools and Compute Engine services.

App Development, Serverless, Databases, DevOps

Cloud SQL Networking

GCP Cloud SQL Private Connectivity Options - This blog entry tries to explain 5 different connectivity scenarios for Cloud SQL database instances using its Private IP.

Networking Official Blog

Picture this: How media companies can render faster — for less — with cloud-based NFS caching - When working with creative customers, Gunpowder Tech uses knfsd NFS caching to help obtain them obtain cloud capacity and control costs for VFX jobs.

Compute Engine Networking Official Blog

Migrating your Google Cloud network from IPv4 to dual-stack IPv6 - Learn how to migrate your existing internet-connected Compute Engine VM instances from IPv4 to dual-stack IPv6.

GCP Experience Google Maps Platform Official Blog

Opening the doors to accessibility with Google Maps Platform - Today's guest post comes from Brandon Winfield, CEO & Co-Founder, iAccess Life. iAccess Life uses the power of Google Maps Platform to make spaces and places more accessible for people with disabilities.

Cloud Monitoring Monitoring Official Blog

How to monitor IBM MQ instance on Google Cloud with Prometheus metrics - Collect metrics, track performance and generate reports or dashboards using Google Cloud Monitoring and Logging.

Cloud Identity Cloud Run Firebase Security

Simplify Your Authentication Process with Google Cloud Identity Platform: A Step-by-Step Guide to Outsourcing User Authentication - This article provides guidance on how to set up Identity Platform for Cloud Run service and authenticate users via SSO.


Unleashing Developer Potential with Google Cloud Workstation. - Setting up a custom development environment on google cloud workstation with Terraform.


Configuring mTLS for Apigee X Northbound Traffic using Global HTTPS Load Balancer - This blog will discuss how mTLS can be configured for Apigee X Northbound traffic flow. There are two available methods for achieving this-.

Cloud Run Go gRPC Serverless

Google Cloud Serverless Platform Highlights Series — Episode 2: Cloud Run gRPC Triggering - This blog post explains how to trigger a Cloud Run instance with gRPC requests.

Big Data, Analytics, ML&AI

BigQueryML Official Blog Vertex AI

Build, automate, and monitor BigQuery ML models with Vertex AI MLOps capabilities

Databricks Official Blog

How Databricks and Google Cloud enable Uplight to deliver energy analytics solutions efficiently - Uplight uses Google Cloud and partner Databricks to improve data analytics performance for energy efficiency improvements.

AI GCP Experience Machine Learning Official Blog

How Glance is collaborating with Google to build a next-level Gaming Recommendation engine - Technical deep dive to develop gaming recommendation systems at scale. Read how Google Cloud and Glance Gaming build a scalable recommendation system.

Official Blog PyTorch Vertex AI

Deploying your Generative AI model in only four steps with Vertex AI and PyTorch - Use TorchServe, Cloud Storage, VertexAI and PyTorch to make your own large model for scalable, production-ready AI.

Official Blog SAP

Google Cloud and SAP: Faster outcomes, more value from data

BigQuery Data Analytics

Unlocking Efficiency and Flexibility: Clone Tables in BigQuery - This article explores the benefits, use cases, and best practices of using clone tables in BigQuery.

BigQuery Cloud Logging Data Studio IAM

Monitor IAM binding changes on BigQuery dataset - Creating a Looker Studio dashboard to query historical IAM binding information.

Slides, Videos, Audio

Kubernetes Podcast - #201 Kubernetes 1.27 Chill Vibes, with Xander Grzywinski.

Security Podcast - #121 What Happens Here Stays Here: Confidential City (and Space).



AlloyDB - The AlloyDB FORCE_APPLY update policy is available in Preview.

Anthos clusters on VMware - Security bulletin Two new vulnerabilities (CVE-2023-1281, CVE-2023-1829) have been discovered in the Linux kernel that can lead to a privilege escalation to root on the node. Anthos clusters on VMware 1.13.8-gke.42 is now available. Fixed a race condition where some cluster nodes couldn't access the HA control plane when the underlying network performed ARP suppression. Fixed the following vulnerabilities: High-severity container vulnerabilities: CVE-2023-26604 CVE-2022-29154.

Apigee X - On May 17, 2023, we released an updated version of Apigee X (1-10-0-apigee-1). Bug ID Description N/A Upgraded infrastructure and libraries.

AppEngine Standard PHP7 - The PHP 8.2 runtime for App Engine standard environment is now generally available.

Cloud Asset Inventory - The following resource types are now publicly available through the Export APIs (ExportAssets, ListAssets, and BatchGetAssetsHistory), Feed API, and Search APIs (SearchAllResources, SearchAllIamPolicies). The following resource types are now publicly available through the Export APIs (ExportAssets, ListAssets, and BatchGetAssetsHistory) and Feed API.

Batch - Preview: Integrate a job into a workflow using the Batch API connector for Workflows.

BigQuery - EXTERNAL_QUERY SQL pushdown optimizes data retrieval from external sources like Cloud SQL or Cloud Spanner databases. You can now sort your query results by using the sort menu next to a column name. The VPC Service Controls perimeter that protects the BigQuery API now also protects the BigQuery Reservation API.BigQuery Omni is now available in the AWS - Asia Pacific (Seoul) (aws-ap-northeast-2) region.

Chronicle - Some of supported default parsers have changed, see release page for more information.

Compute Engine - The image import tool now supports importing Rocky Linux 9 images to Google Cloud. Generally available: The local SSD quota per machine family (LOCAL_SSD_TOTAL_GB_PER_VM_FAMILY) is generally available.

Container Registry - Container Registry is deprecated and is superseded by Artifact Registry.

Dataplex - Dataplex auto data quality (AutoDQ) and data profiling can be used on any BigQuery tables, including tables that aren't part of a Dataplex lake.

Dataproc Serverless - New Dataproc Serverless for Spark runtime versions: 1.1.15 2.0.23 2.1.2. Upgraded the Cloud Storage connector to 2.2.13 version in Dataproc Serverless for Spark runtimes. Fixed the NoClassDefFoundError for log4j class in Zeppelin BigQuery interpreter in 2.0 images. Backported HIVE-22891 to 2.0 images.

Dataproc - New Dataproc Serverless for Spark runtime versions: 1.1.15 2.0.23 2.1.2. Upgraded the Cloud Storage connector to 2.2.13 version in Dataproc Serverless for Spark runtimes. Fixed the NoClassDefFoundError for log4j class in Zeppelin BigQuery interpreter in 2.0 images. Backported HIVE-22891 to 2.0 images.

Cloud Deploy - Security insights for container images are now available on the release details page.

Cloud Functions - Cloud Functions has added support for a new runtime, PHP 8.2, at the General Availability release level.

Google Kubernetes Engine - Two new vulnerabilities (CVE-2023-1281, CVE-2023-1829) have been discovered in the Linux kernel that can lead to a privilege escalation to root on the node.

Google Kubernetes Engine Rapid - 1.27 is now available in the Rapid channel Kubernetes 1.27 is now available in the Rapid channel. Deprecated API versions These APIs are still served in version 1.27 but are in a deprecation period: The following Beta versions of graduated APIs will be removed in 1.29 in favor of newer versions: flowcontrol.apiserver.k8s.io/v1beta2 FlowSchema, PriorityLevelConfiguration deprecated since 1.26 use flowcontrol.apiserver.k8s.io/v1beta3 instead, available since 1.26. Removed API versions The following Beta versions of graduated APIs will be removed in 1.27 in favor of newer versions: storage.k8s.io/v1beta1 CSIStorageCapacity deprecated since 1.24 use storage.k8s.io/v1 instead, available since 1.24.

Cloud Logging - Log buckets with Log Analytics enabled now support the use of Customer Managed Encryption Keys (CMEK). You can now customize the time range of your queries in the Log Analytics page by using the time-range selector.

Managed Microsoft AD - Managed Microsoft AD is available in the following regions: europe-west12 (Turin) me-central1 (Doha) For more information, see Deploy domain controllers in additional regions.

Cloud Monitoring - Cloud Monitoring now provides GA support to prevent alerting policies from sending notifications and creating incidents during specific time periods. The new interface for creating charts with Metrics Explorer is GA. Version 2.31.0 of the Ops Agent introduces preview support for an OpenTelemetry Protocol (OTLP) receiver.

Cloud Interconnect - Cross-Cloud Interconnect is now generally available.

Network Intelligence Center - Network Analyzer is now integrated with the Transparency and Control Center.

Cloud PubSub - BigQuery subscriptions now support the NUMERIC and BIGNUMERIC data types.

Cloud Run - Allocating up to 32 GiB of memory and up to 8 CPU to your Cloud Run services is now at general availability (GA).

Security Command Center - With project-level activations of the Security Command Center Premium tier, you can now enable certain Premium-tier threat and vulnerability findings that require organization-level access by activating the Standard tier at the organization level in addition to your project-level activation. The pricing for project-level activations of Security Command Center has been reduced by lowering the Security Command Center rate for the usage of the following Google Cloud services: Compute Engine GKE-Autopilot App Engine Cloud SQL For more information, see Pricing for project-level activations.

SAP Solutions - Google Cloud's Agent for SAP version 1.6 Version 1.6 of Google Cloud's Agent for SAP is available.

Cloud SQL Postgres - The following extensions, views, utilities, and flags are generally available: Extensions postgresql_anonymizer: mask or replace personally identifiable information (PII) or sensitive data from a PostgreSQL database.

Cloud SQL SQL Server - You can now use the point-in-time-recovery (PITR) feature and read replicas on the same primary instance.

Cloud Trace - Version 2.31.0 of the Ops Agent introduces preview support for an OpenTelemetry Protocol (OTLP) receiver.

Cloud Translation - Romanization and transliteration are now in Preview.

Vertex AI - Vertex Prediction You can now co-host models on the same VM from the Google Cloud Console. Vertex AI custom training now supports deep integration with Vertex AI Experiments. The scheduler API for Vertex AI Pipelines is now available in Preview.

VMware Engine - VMware Aria Operations for Logs is now certified for Google Cloud VMware Engine.

Virtual Private Cloud - Private Service Connect service connectivity automation is available in Preview. Global access for Private Service Connect endpoints for published services is available in General Availability.

Workflows - Support for a Batch API connector is available in Preview.


Latest Issues


Zdenko Hrček
Třebanická 183
Prague, Czech Republic
Phone: +420 777 283 075
Email: [email protected]