Welcome to issue #395 April 22nd, 2024


LLM Official Blog Vertex AI

Meta Llama 3 Available Today on Google Cloud Vertex AI - Meta Llama 3 model is available on Vertex AI Model Garden.

BigQuery LLM Official Blog

Introducing LLM fine-tuning and evaluation in BigQuery - Supervised fine-tuning via BigQuery uses a dataset which has examples of input text (the prompt) and the expected ideal output text (the label), and fine-tunes the model to mimic the behavior or task implied from these examples.

Compute Engine Hyperdisk Storage Pools Official Blog

Hyperdisk Storage Pools: Simplify block storage management and lower TCO - Hyperdisk Storage Pools help you lower your Total Cost of Ownership (TCO) by as much as 30-50%, helping you achieve higher efficiency, modernize SAN-based workloads, and simplify block storage management.

Google Cloud Hyperdisk Google Kubernetes Engine Official Blog

Introducing Hyperdisk Balanced, a new storage option for stateful Kubernetes workloads - Hyperdisk Balanced storage volumes on GKE is a good fit for workloads that typically rely on persistent SSDs — for example, line-of-business applications, web applications, and databases.

Immersive Stream for XR Networking Official Blog

Upgrading Immersive Stream for XR to Unreal Engine 5.3 - Google Cloud's Immersive Stream for XR is a powerful cloud-based solution for rendering and streaming high-quality XR experiences and now it’s getting even better with its integration of Unreal Engine 5.3.

Official Blog Startups

28 startups that launched at Next '24

AI GCP Certification Official Blog

Google Cloud offers new AI, cybersecurity, and data analytics training to unlock job opportunities

GCP Certification Generative AI Official Blog Public Sector

Google Cloud launches new generative AI, cybersecurity, and data analytics trainings with employer partner the U.S. Department of the Treasury


Articles, Tutorials

Infrastructure, Networking, Security, Kubernetes

CISO Official Blog Security

Cloud CISO Perspectives: 20 major security announcements from Next ‘24 - A list of some of the major announcements of security products and security enhancements to Google Cloud.

Official Blog Threat Intelligence

Unearthing APT44: Russia’s Notorious Cyber Sabotage Unit Sandworm


Landing Zone Technical Onboarding— the “How-To” (Google Cloud Adoption Series) - How to build your LZ project team, get the support you need, run your workshops, and document your design.

Infrastructure Networking

Multi-region HA in Google Cloud - In this article we will try to explore the levels of possible application availability in Google Cloud with a focus on private internal networks.


Stop using NGFW Appliances in Google Cloud - Cloud NGFW - Cloud Next Generation Firewall.

AI Google Kubernetes Engine LLM

GKE Orchestration : Deploy your Gemma LLM - Deploying Gemma - lightweight open model on GKE.

DevOps Kubernetes

Streamline your GKE logs: Opensearch & Fluent-bit setup made Easy with Helm Charts - Embarking on a journey to optimize your Google Kubernetes Engine (GKE) infrastructure? Look no further. Dive into the seamless integration of Opensearch and Fluent-bit using Helm charts.

Google Kubernetes Engine Kubernetes Secret Manager

Accessing GCP Secret Manager from GKE Cluster using Murmur - Murmur is helping to integrate our application with GCP Secret Manager without changing our code.

App Development, Serverless, Databases, DevOps

Compute Engine Official Blog

New storage-optimized Z3 VMs deliver industry-leading IOPS - Z3 VMs provide a consistent performance and maintenance experience with minimal disruptions for storage-dense workloads such as horizontal, scale-out databases and log analytics workloads, allowing you to reduce total cost of ownership by offering more storage capacity for fewer cores.

Cloud Logging

Google Cloud logging: Complete guide on usage and pricing optimization - Understand Cloud logging, apply FinOps practices, and reduce your spending in Google Cloud by optimizing the management of your logs.

Infrastructure Windows

Google APIs from Windows DNS Server - Accessing Google APIs from Windows DNS Server.

Paywall Python

How to communicate to your cloud run instance in GCP using Python (Deploy in Production/Locally) - Deploy In Production:.

Big Data, Analytics, ML&AI

GCP Experience Official Blog

Telegraph Media Group unlocks insights with a Single Customer View on Google Cloud - This blog post describest how Telegraph Media Group (TMG) built a Single Customer View using Google Cloud and what they learned from their experience.

Cloud Pub/Sub Official Blog

What’s new in Cloud Pub/Sub at Next ’24

Serverless Spark

Google Serverless Spark: An Overview and How to Optimize Performance - This blog post delves into the characteristics and the advantages of Google Serverless Spark.

Billing Cloud Data Fusion

Cloud Data Fusion: Tracking Pipeline Spend - TL;DR Using cluster labels in compute profiles is a great way to track spend at a pipeline level.

Use Log Analytics for BigQuery Usage Analysis on Google Cloud - On Google Cloud you can use Log Analytics to query and analyze your log data, and then you can view or chart the query results.

Looker Python

A step-by-step guide to maintaining a clean Looker instance - In this article, we will walk through the process of creating an automated clean-up script for Looker, using Python.


Cross-dataset Foreign Key referencing in BigQuery - How to bypass Primary Key/Foreign Key constraints within single dataset in BigQuery.


Pay attention to cardinality & grain when UNNESTING in BigQuery! - A reminder on effect of UNNESTing multiple arrays in BigQuery.

BigQuery Workflows

Applying graph theory for inferring your BigQuery SQL transformations: an experimental DataOps tool

BigQuery Gemini Generative AI

Master Data Management Simplified: Match & Merge with Generative AI! - Accelerating tedious Master Data Management processes with Generative AI, Embeddings, and Vector Search.

AI BigQuery Gemini

Generate Data Insights in No Time using AI - Build an AI app using Langchain to Analyze Data for your company.

AI GCP Experience Google Kubernetes Engine Official Blog Vertex AI

Innovating in patent search: How IPRally leverages AI with Google Kubernetes Engine and Ray


Generative AI Google Cloud Platform

Dazbo’s Google Cloud Next ’24 Recap: Keynote - A wrap-up of the keynote, and a collection of key announcements.

Slides, Videos, Audio

Kubernetes Podcast - #223 Kubernetes v1.30: "Uwubernetes", with Kat Cosgrove.

Security Podcast - #168 Beyond Regular LLMs: How SecLM Enhances Security and What Teams Can Do With It.

GCP Life Episode Podcast - #62 "It was Easter!” In this episode we discuss; Vim Easter Egg, Word Easter Egg, Go Easter Egg, C64 Vinyl Easter Egg, MS Easter Eggs, Qantum Superposition, Qubit Game, Alister Dias, Cloud Run Volume Mounts, GKE Autopilot Burstable, Google Submarine Cable, Spyware Vendors, XZ Backdoor.



Anthos clusters on VMware - GKE on VMware 1.28.400-gke.75 is now available. The following vulnerabilities are fixed in1.28.400-gke.75: High-severity container vulnerabilities: CVE-2024-24806 Container-optimized OS vulnerabilities: CVE-2023-52447 Ubuntu vulnerabilities: CVE-2023-23000 CVE-2023-32247 CVE-2024-1085 CVE-2024-1086 CVE-2024-24855.

GDCV for VMware - GKE on VMware 1.28.400-gke.75 is now available. The following vulnerabilities are fixed in1.28.400-gke.75: High-severity container vulnerabilities: CVE-2024-24806 Container-optimized OS vulnerabilities: CVE-2023-52447 Ubuntu vulnerabilities: CVE-2023-23000 CVE-2023-32247 CVE-2024-1085 CVE-2024-1086 CVE-2024-24855.

Apigee X - On April 19, 2024, we released an updated version of Apigee. With this release, Apigee API Management organizations with Subscription 2021 contracts have been upgraded to introduce standard and extensible API proxy features and expanded limits on deployments. On April 15, 2024, we released an updated version of Apigee (1-12-0-apigee-4). Bug ID Description 332981542 Optimized VerifyAPI policy execution time for high count of API products.

Apigee Hybrid - v1.12.0. On April 17, 2024 we released an updated version of the Apigee hybrid software, v1.12.0. A new suite of metrics for monitoring Apigee proxies and target endpoints is now available for Hybrid 1.12. You can now add your own contractEncryptionKey for new Apigee hybrid installations. The JAR file dependencies required to create a Java callout are now hosted securely in Artifact Registry. Hybrid 1.12 validates required conditions are satisfied before allowing Runtime services to be created. The apigeectl command-line tool is deprecated. The Proxyv2 and targetv2 metrics suite is deprecated. Bug ID Description 284034011 Modified Apigee Watcher and Apigee Ingress to leverage a sidecar instead of pod/exec for collecting ingress routing status. These security bugs were fixed in Apigee hybrid v1.11.1. These security bugs were fixed in Apigee hybrid v1.10.4. These security bugs were fixed in Apigee hybrid v1.11.1-hotfix.1. These security bugs were fixed in Apigee hybrid v1.10.4-hotfix.1.

Application Integration - Apache Kafka trigger is now in preview.

Artifact Registry - Artifact Registry download file feature is Generally Available (GA) for standard repositories and remote repositories. v1. The immutable tags setting is generally available for Docker repositories.

BigQuery - The quantified LIKE operator is generally available (GA). You can now use deny policies to define deny rules that prevent selected principals from using certain permissions, regardless of the roles they're granted. BigQuery now supports subqueries in row level access policies.

BigTable - Client-side metrics are enabled by default in the Bigtable client library for Java versions 2.38.0 and later.

Chronicle SOAR - Release 6.2.54 is now in General Availability. Release 6.3.0 is currently in Preview. Chronicle SOAR is being rebranded to Google Security Operations (Google SecOps). Context-sensitive help added to the platform When you click the documentation link at the top of the platform, you will now be directed to the exact documentation page that relates to the screen you are on. Custom List import error not propagated to the user (ID #1032784). Advanced Text Editor text formatting not working (ID #00274952). Issues with Login (ID #00283928). Parse case wall email doesn't work in playbook simulator (ID #00260679). Unable to create advanced reports when a specific environment is selected (ID #49898167). Playbooks not visible due to missing categoryId and categoryName values (ID #00274872). Events tab lists all artifacts even though they are part of different events (ID #49103838). Tagged user is not highlighted or hyperlinked on the Case Wall page & Notification popup.

Cloud Composer - Between April 16, 2024, 2:00 AM (PST) and April 17, 2024, 3:30 AM (PST), Cloud Composer service experienced problems with environment creation, upgrades, and changing the environment size.

Compute Engine - General purpose C3 VMs are now available in Sydney, (australia-southeast1-c). Generally available: Z3 VMs, which offer the latest compute, networking, and storage innovations in one platform with a particular focus on high density, high performing Local SSD are now available on Compute Engine. Generally available: Hyperdisk Balanced is available with M1 and M2 VMs.

Data Fusion - The Salesforce Marketing Cloud plugin (version 1.3.1) is available in Cloud Data Fusion version 6.8.0 and later.

Dataproc Serverless - New Dataproc Serverless for Spark runtime versions: 1.1.58 1.2.2 2.0.66 2.1.45 2.2.2. Set the soft delete policy of newly created Dataproc staging and temp Cloud Storage buckets to 0 days. Updated the default autoscaling V2 cool-down time from 2m to 1m to reduce scaling latency. Fixed a bug where Dataproc Serverless sessions that live longer than 48 hours are underbilled.

Dialogflow - Dialogflow CX: The Conversation history API is now available for public preview.

Identity Platform - Automatic, anonymous account deletion is now enforced for all projects that have autodelete_anonymous_users enabled.

Infrastructure Manager - Infrastructure manager supports the following versions of Terraform when creating a preview of a deployment: Terraform 1.2.3, 1.3.10, 1.4.7, 1.5.7.

Integration Connectors - The HTTP connector now supports the following additional authentication types: Service account Service account ID token authentication API key authentication. The Commercetools connector is available for preview.

KMS - Cloud KMS now supports asymmetric signing and validation using ECDSA on the Curve25519 in PureEdDSA mode, which takes raw data as input instead of hashed data.

Google Kubernetes Engine - A bug in the Image streaming feature might cause containers to fail because of missing files. (2024-R10) Version updates GKE cluster versions have been updated. The Z3 machine family is generally available in Standard clusters running for GKE 1.25 and later.

GKE new features - The Z3 machine family is generally available in Standard clusters running for GKE 1.25 and later.

Load Balancing - Internal passthrough Network Load Balancer now supports load-balancing for TCP, UDP, ICMP, ICMPv6, SCTP, ESP, AH, and GRE protocols.

Marketplace Partners - We've made the following changes to Cloud Marketplace reports: A new field, offer_title, has been added to the Detailed disbursements report and the Customer Insights report.

Migration Center - Preview: Migration Center displays additional asset-level insights that indicate the installed software detected on scanned virtual machines.

Cloud Run - The Direct VPC egress feature of Cloud Run is now supported in all regions.

Security Command Center - Security Health Analytics use of security marks for asset allowlists deprecated Starting April 15, 2025, Security Health Analytics will no longer use security marks to allowlist assets for Security Health Analytics detectors. Historical snapshots to be disabled in Security Command Center API Starting July 15, 2024, Security Command Center will discontinue historical snapshot capabilities in the Security Command Center API, which were used to query for findings at a particular point in time. Data retention period to be reduced for Standard tier findings For existing Standard tier users, on July 14, 2024, the data retention period for findings will be reduced from 13 months to 35 days.

SAP Solutions - BigQuery Connector for SAP version v2.7 Version 2.7 of the BigQuery Connector for SAP is generally available (GA).

Cloud Storage Transfer - Storage Transfer Service has added support for Shared Keys as an authentication method when transferring from Microsoft Azure Storage.

Vertex AI - Persistent resource for Vertex AI custom training is generally available (GA). The following features of Vertex AI Feature Store are now generally available (GA): Optimized online serving, Search using embeddings, and Feature view sync.


Latest Issues


Zdenko Hrček
Třebanická 183
Prague, Czech Republic
Phone: +420 777 283 075
Email: [email protected]