Google Cloud Platform Newsletter

Check Archive for older issues

News

Expanding Sensitive Data Protection to make it easier to protect data in Cloud SQL

Strengthening Federal Cybersecurity: CISA, Zero Trust, and Google Workspace: Exclusive Sessions at Next ‘24

Articles, Tutorials

Infrastructure, Networking, Security, Kubernetes

Navigating the cross-cloud network: 12 must-attend networking and network security sessions at Next ‘24

Cloud CISO Perspectives: Get ready for Next ‘24: What you need to know

SeeSeeYouExec: Windows Session Hijacking via CcmExec - In this blog post, we delve into how the CcmExec service can be utilized for session hijacking and introduce CcmPwn, a tool designed to facilitate this technique.

Life After Death? IO Campaigns Linked to Notorious Russian Businessman Prigozhin Persist After His Political Downfall and Death

Trends on Zero-Days Exploited In-the-Wild in 2023

How to choose a known, trusted supplier for open source software

Enterprise Connect 2024 - Bringing AI to the Contact Center

From whoami to whoarewe with GKE Workload Identity for Fleets - Exploration of how Workload Identity Federation works in GKE fleets to provide an identity pool across clusters and GCP projects.

Secure Together — Federated Learning for Decentralized Security on GCP - Integrating security mechanisms to enhance organization posture with FL.

Design your Landing Zone — Design Considerations Part 3 — Monitoring, Logging, Billing and Labelling (Google Cloud Adoption Series) - Landing Zone Design Considerations: Monitoring, Logging, Billing, Labelling.

Using Terraform to Build a Shared VPC Network in GCP - I wrote an article a little while back that walked through the process of setting up a Cloud Composer environment in a Shared VPC network.

Making GitHub workflows to deploy to GKE with Terraform and Workload Identity Federation - A production-level DevOps tutorial to deploy to multiple environments with automated testing.

App Development, Serverless, Databases, DevOps

Dev Connect at Next ‘24: Master AI on Google Cloud with Firebase, Kaggle, Android, and more

Altair EDEM on Google Cloud: Breaking the billion-particle barrier

IT pros’ top five questions, and how we are answering them at Google Cloud Next

Let’s talk about Disaster Recovery to the Cloud - An overview of Disaster Recovery best practices.

New Google Cloud Z3 Instances: Early Performance Benchmarks on ScyllaDB Show up to 24% Better Throughput - ScyllaDB had the privilege of testing Google Cloud’s brand new Z3 GCE instances in an early preview. It was observed a 23% increase in write throughput, 24% for mixed workloads, and 14% for reads per vCPU — all at a lower cost compared to N2.

Unlocking the Potential of Serverless ColdFusion with Google Cloud Run - This blog explores how to deploy and run your Adobe ColdFusion applications on Google Cloud Run.

Deployment Pipeline — GitHub Actions Google Cloud Functions - Deploying Cloud Functions through GitHub Actions.

Codegolf: Build a container in Cloud Build - Reducing characters in Cloud Build to make short version.

Big Data, Analytics, ML&AI

Enrich your streaming data using Bigtable and Dataflow

Ways of Improving Your RFM Model in BigQuery - Advanced Strategies for Better Customer Insights.

Data masking in BigQuery tables and Looker Studio reports - How can data security be provided in reports when one user group must see sensitive data, but another group should not have access to it?

De-Nesting Google Analytics Data in BigQuery - The proper way to flat tables.

Essential SQL Functions for the GA4 BigQuery Events Export - The fundamental functions you’ll need to master if you want to work with the GA4 events export in BigQuery.

Google made Query Search Indexes generally available - Realize Query Optimization with Creating and Searching Indexes.

How to change partition column in dbt incrementally without losing any data in BigQuery - Learn how dbt incremental works and swap partition columns cheaply without the need to refresh the whole table and avoid partitioning by ingestion time.

Spark Performance Tuning for BigQuery APIs - Dealing with challenges when using Spark for NLP processing.

Demystifying Generative AI for Enterprise Developers - Guide to kickstart your Enterprise GenAI journey.

Crafting Bespoke Output Formats with Gemini API - Propose a method using question phrasing and API calls to craft a bespoke output, enabling seamless integration with user applications.

GKE + Gemma + Ollama: The Power Trio for Flexible LLM Deployment - Deploying Gemma on GKE.

Vertex AI Pipelines: End-to-end implementation of a custom pipeline - This article aims to describe the process of implementing a simple end-to-end Vertex AI pipeline with Kubeflow components.

Various

1.5 gigawatts later, our smarter way of buying clean energy is here to stay

Slides, Videos, Audio

Security Podcast - #165 Your Cloud Is Not a Pet - Decoding 'Shifting Left' for Cloud Security.

Releases

AlloyDB - AlloyDB clusters created using the Google Cloud CLI, the AlloyDB Admin API, or Terraform have PostgreSQL 14 compatibility by default, instead of PostgreSQL 15 compatibility.

Anthos clusters on VMware - GKE on VMware 1.15.10-gke.32 is now available. The following issue is fixed in 1.15.10-gke.32: Fixed the known issue where the controlPlaneNodePort field defaults to 30968 when the manualLB spec is empty.

GDCV for VMware - GKE on VMware 1.15.10-gke.32 is now available. The following issue is fixed in 1.15.10-gke.32: Fixed the known issue where the controlPlaneNodePort field defaults to 30968 when the manualLB spec is empty.

Apigee Integrated Portal - On March 28, 2024 we released an updated version of Apigee integrated portal. Bug ID Description 324872865 Fixed scrolling issue with API documentation display when navigating to the overview page.

Apigee X - On March 29, 2024, we released an updated version of Apigee. With this release, Apigee expanded its support for data residency to additional regions in the European Union. On March 26, 2024, we released an updated version of Apigee (1-12-0-apigee-1). New Apigee API Monitoring Metrics An new suite of metrics for monitoring Apigee proxies and target endpoints is now available. Bug ID Description 322843888 Fixed issue with incorrect proxy routing when using base paths in proxy chaining.

AppEngine Flexible Go - Go 1.22 is now generally available.

AppEngine Standard Go - Go 1.22 is now generally available.

Cloud Architecture Center - (New guide) Model development and data labeling with Google Cloud and Labelbox: Provides guidance for building a standardized pipeline to help accelerate the development of ML models. (New guide) Jump Start Solution: Generative AI Knowledge Base: Demonstrates how to build an extractive question-answering (EQA) pipeline to produce content for an internal knowledge base. AI and machine learning resources: Added introduction information with guiding links to our generative AI and traditional AI resources. (New guide) Cross-silo and cross-device federated learning on Google Cloud: Provides guidance to help you create a federated learning platform that supports either a cross-silo or cross-device architecture.

Artifact Registry - v1. The software bill of materials (SBOM) feature is now Generally Available (GA). Artifact Analysis support for Vulnerability Exploitability eXchange (VEX) statements now includes the capability to upload VEX statements for multiple versions of an image.

Cloud Asset Inventory - The following resource types are now publicly available through the ExportAssets, ListAssets, BatchGetAssetsHistory, QueryAssets, Feed, and Search (SearchAllResources, SearchAllIamPolicies) APIs.

Assured Workloads for Goverment - v1. The following compliance programs now support the following products.

Backup and DR Service - Backup and DR Service added support to view daily scheduled compliance logs in Cloud Logging. Backup and DR Service added support to view daily scheduled compliance reports in BigQuery.

BigQuery - You can now query data in SAP Datasphere using a federated query. Query optimization using search indexes is now applied to comparisons of string literals and indexed data, including the equal (=), IN, and LIKE operators and the STARTS_WITH function. An updated version of JDBC driver for BigQuery is now available. The Help me code tool lets you use natural language to generate a SQL query that can then be run in BigQuery. The following Generative AI features are now in preview: Creating a remote model based on a Vertex AI gemini-pro-vision large vision model (VLM). Duet AI in BigQuery is now Gemini for BigQuery.

Capacity Planner - Preview: Capacity planner supports the following for data aggregated by organization ID: View and export the actual and forecasted usage data of the VMs and persistent disks in your organization.

Chronicle - Chronicle Applied Threat Intelligence helps you identify and respond to threats.

Chronicle Security Operations - Gemini in Security Operations Duet AI in Google Cloud is now Gemini for Google Cloud.

Chronicle SOAR - Release 6.2.52 is now in General Availability. Release 6.2.53 is currently in Preview. Issue when filtering Cases in Cases Page (ID #49689809). Case filter is_not not working as expected (ID #00279039). Unsupported providers causing playbooks not to run (ID #00262970). Playbook block missing when trying to add it to a case (ID #00273133). Report Scheduler not sending out reports as planned (ID #00277914). Remote Agent Release 1.5.0 is currently in Preview. Support for future major upgrades Currently, Google supports minor upgrades which make changes to the remote agent code only. Support for updating custom environment variables (ID #47675122) You can now configure environment variables on the agent. Remote connector logs are now written to the following path: /opt/SiemplifyAgent/Integrations//Connectors//remote_script.log.

Colab - Duet AI in Google Cloud is now Gemini for Google Cloud.

Cloud Composer - Cloud Composer 2.6.6 release started on March 26, 2024. The Logs in Cloud Logging only feature is available in all regions: In newly created Cloud Composer environments, Airflow task logs are now stored only in Cloud Logging by default. In new environments with Airflow 2.6.3 and 2.7.3 the default values of the following Airflow configuration options are changed to provide more optimized Cloud Composer environments: [scheduler]job_heartbeat_sec to 30 [scheduler]scheduler_health_check_threshold to 60 [scheduler]scheduler_heartbeat_sec to 15 If you want to override the [scheduler]scheduler_heartbeat_sec option's value, then also adjust the [scheduler]scheduler_health_check_threshold option, as described in Cloud Composer documentation. Cloud Composer 2.6.6 images are available: composer-2.6.6-airflow-2.7.3 composer-2.6.6-airflow-2.6.3 (default) composer-2.6.6-airflow-2.5.3. Cloud Composer versions 2.1.11 and 1.20.11 have reached their end of full support period. In Cloud Composer versions from 2.1.0 to 2.6.4, task instances that succeeded in the past can be marked as FAILED in some cases.

Config Connector - Config Connector version 1.114.1 is now available. Stop merging sensitive fields in SQLInstance and ComputeBackendService. Fix resource deletion of AlloyDBInstance and EdgeContainerNodePool when their "parent objects" no longer exist. Initial support (alpha stability) for pausing reconciliation, by setting spec.actuationMode: Paused in the ConfigConnectorContext. Initial support (alpha stability) for defaulting state-into-spec to absent (the recommended setting), by setting spec.stateIntoSpec: Absent in the ConfigConnectorContext. AccessContextManagerServicePerimeterResource is promoted from alpha to beta. Added support for ComputeNetworkFirewallPolicyAssociation (v1beta1) resource. Added support for APIKeysKey (v1alpha1) resource. BigQueryDataSet Added access[].iamMember field. ComputeAddress Added status.observedState.address field. ComputeTargetHttpsProxy Added spec.certificateManagerCertificates field. DNSRecordSet Added spec.routingPolicy field. GKEHubFeatureMembership Added spec.policycontroller field.

Contact Center AI Platform - Version 3.13 is released All release notes published on this date are part of version 3.13. Agent alias Agents can use aliases instead of their real names when communicating with end-users. Country code of the outbound phone number is included with the added party's phone number When an agent adds a party to a call, the country code from the outbound phone number is automatically included with the added party's phone number. Calls waiting indicator The call adapter includes a calls waiting indicator that indicates the number of calls in the queue waiting to be answered. Time stamp in the chat adapter displays seconds The message time stamp in the chat adapter displays seconds. Virtual task assistant for chats The virtual task assistant is available for chats. Configure SSO for your email channel using OAuth credentials from Google Cloud You can configure single sign-on (SSO) for your Contact Center AI Platform email channel using OAuth 2.0 credentials from Google Cloud. Deflections are available for agent-to-agent calls You can configure agent-to-agent calls to deflect to voicemail after a period of time that you set. Support phone number is included for incoming calls The incoming call screen shows the support phone number that the end-user used to call your support center. Support for multiple data parameters in API requests to the DAPs for your IVR queues You can capture data in the headers of incoming Session Initiation Protocol (SIP) calls and pass them in API requests to the Direct Access Points (DAPs) for your Interactive Voice Response (IVR) queues. Fixed an issue that resulted in an error being returned whenever an agent tried to send a blended SMS message, despite preset SMS being disabled. Fixed an issue where the queue-level call music section was not displayed to users with a custom role. Fixed an issue where calls sometimes got stuck in a queued state when an agent had a poor network connection. Fixed an issue where the Copy CRM Link button in the call adapter sometimes copied the CRM ID instead of the URL. Fixed an issue where the Assign Agents button wasn't working on top-level queues. Fixed an issue where using keyboard shortcuts or arrow keys to scroll in a window did not allow scrolling beyond a single screen of text. Fixed an issue where a CRM page did not load in the Call Center AI Platform portal.

Data Fusion - The Amazon Redshift batch source connector version 1.11.1 is available in Preview in Cloud Data Fusion 6.10.0 and later. The Amazon Redshift batch source connector version 1.10.6 is available in Preview in Cloud Data Fusion 6.9 versions. Cloud Data Fusion is available in the following regions: asia-south2 me-central2 For more information, see Pricing.

Database Migration Service - A new migration job status called Running with errors is available for heterogeneous Oracle migrations in Database Migration Service. Database Migration Service now supports faster migrations of large PostgreSQL databases to Cloud SQL for PostgreSQL.

Dataflow - The Dataflow right fitting feature is now supported by non-Prime batch pipelines.

Dataplex - Data insights in Dataplex is now available in Preview.

Dataproc Serverless - Dataproc Serverless for Spark: runtime version 2.2 will become the default Dataproc Serverless for Spark runtime version on May 3, 2024. New Dataproc Serverless for Spark runtime versions: 1.1.56 1.2.0 2.0.64 2.1.43 2.2.0. Announcing the General Availability (GA) release of Dataproc Serverless for Spark runtime versions 1.2 and 2.2, which include the following components: Spark 3.5.1 BigQuery Spark Connector 0.36.1 Cloud Storage Connector 3.0.0 Conda 24.1 Java 17 Python 3.12 R 4.3 Scala 2.12 (1.2 runtime) and Scala 2.13 (2.2 runtime). Dataproc Serverless for Spark: Upgraded Spark to version 3.5.1 in the latest 1.2 and 2.2 runtimes.

Dataproc - New Dataproc on Compute Engine subminor image versions: 2.0.97-debian10, 2.0.97-rocky8, 2.0.97-ubuntu18 2.1.45-debian11, 2.1.45-rocky8, 2.1.45-ubuntu20, 2.1.45-ubuntu20-arm 2.2.11-debian12, 2.2.11-rocky9, 2.2.11-ubuntu22. Dataproc on Compute Engine: New Hadoop Google Secret Manager Credential Provider feature introduced in latest Dataproc on Compute Engine 2.0 image versions.

Datastore - Datastore now supports using range and inequality filters on multiple fields in a single query. Support for Query Explain.

Deep Learning VM - M119 release Fixed an issue wherein Dataproc extensions caused JupyterLab to crash when remote kernels weren't available.

Dialogflow - Starting on April 17, 2024, the Dialogflow CX and Dialogflow ES traffic with audio will gradually route away from the classic phone_call speech model to the new conformer-based speech models for the following language tags: en-au, en-gb, de, de-de, es, es-es, es-us, fr, fr-ca, fr-fr, it, it-it, ja, pt-br. Dialogflow CX: You can now enable smart endpointing. Dialogflow CX: The Override request-level speech model has been added to advanced speech settings. Vertex AI Conversation data stores: Gemini-pro 1.0 is now officially in General Availability. Vertex AI Conversation data stores: The text-bison-001 model and fine-tuned text-bison@001 options will be deprecated by Vertex AI on July 6th. Dialogflow CX: DTMF for telephony integrations is now available for preview.

Cloud Data Loss Prevention - The SWITZERLAND_SOCIAL_SECURITY_NUMBER infoType detector is available in all regions. From February 12 through 27, 2024, a bug caused Sensitive Data Protection to inaccurately set the free-text scores of certain data profiles to 0, where they should have been higher.

Cloud Quotas - The Cloud Quotas API is generally available (GA).

Cloud Firestore - Firestore now supports using range and inequality filters on multiple fields in a single query. Support for Query Explain.

Cloud Functions - Cloud Functions (2nd gen) now supports the Go 1.22 runtime at the General Availability release level.

Gemini - Duet AI in Google Cloud is now Gemini for Google Cloud.

Load Balancing - Typically with HTTPS communication, the authentication works only one way: the client verifies the identity of the server.

Cloud Logging - Pie charts are now available for visualizing data in the Log Analytics page. You can now configure your aggregated sink to be intercepting, which prevents logs from being passed through the Log Router of child resources. Duet AI in Google Cloud is now Gemini for Google Cloud.

Migrate for Compute Engine 4.8 - 5.0. Preview: Migrate to Virtual Machines supports the ARM64 migration journey.

Migrate to Virtual Machines - Preview: Migrate to Virtual Machines supports the ARM64 migration journey.

Cloud Monitoring - Uptime checks now support authentication by using a service account and a generated OpenID Connect (OIDC) token, as an alternative to providing a username and password. Duet AI in Google Cloud is now Gemini for Google Cloud.

reCAPTCHA Enterprise - reCAPTCHA Enterprise account defender for mobile applications is now generally available (GA).

Retail Recommendations AI - Vertex AI Retail Search: Search analytics v2 improvements Enhanced dashboard experience: Leverages Looker for a more interactive and informative analysis of your search and browse performance.

Cloud Run - All jobs are now subject to maintenance events, not just jobs longer than one hour, which increases reliability for jobs under 1 hour.

Sensitive Data Protection - The SWITZERLAND_SOCIAL_SECURITY_NUMBER infoType detector is available in all regions. From February 12 through 27, 2024, a bug caused Sensitive Data Protection to inaccurately set the free-text scores of certain data profiles to 0, where they should have been higher.

Cloud Spanner - Duet AI in Google Cloud is now Gemini for Google Cloud. You can now optimize your writes by setting the maximum delay time of your Spanner write requests between 0 and 500 milliseconds.

Cloud SQL MySQL - You can now simulate a planned maintenance update with near-zero downtime on your Cloud SQL Enterprise Plus primary instance without updating your database. Private Service Connect now includes support for cross-region read replicas.

Cloud SQL Postgres - You can now simulate a planned maintenance update with near-zero downtime on your Cloud SQL Enterprise Plus primary instance without updating your database. The pgvector extension is upgraded from version 0.5.1 to version 0.6.0. The rollout of the following items in the February 7 release note is now complete: Extensions Flags Minor versions Extension versions Plugin versions. You can now integrate Cloud SQL and Vertex AI. Private Service Connect now includes support for cross-region read replicas.

Cloud SQL SQL Server - You can now use Private Service Connect to connect to a Cloud SQL for SQL Server instance.

Cloud Storage - Custom constraints for Cloud Storage are now available. The Storage Control API is now available for use.

Video Stitcher API - Added a new tokenConfig field to the Media CDN key.