Google Cloud Platform Newsletter

Check Archive for older issues

News

Accelerate your data-to-insights journey with enhanced BigQuery data canvas - BigQuery data canvas is a visual workspace that democratizes data analysis and empowers everyone to unlock the power of their BigQuery data. It features a built-in AI-assistive chat experience powered by Gemini, which allows users to generate and refine queries, ask questions about their data, and receive intelligent suggestions and insights using natural language.

Automate data pipelines with BigQuery's new data engineering agent - BigQuery data engineering agent automates data pipeline building, modification, and troubleshooting, freeing data teams to focus on extracting value from data. It understands data engineering best practices, your specific environment, and context, and generates SQL code, builds pipelines, and creates unit tests. The agent monitors pipelines, identifies issues, and proposes fixes, acting as a dedicated expert constantly watching over your data infrastructure.

Migrating your apps from MySQL to Spanner just got easier - Spanner, Google Cloud’s horizontally scalable, always-on operational database, now offers simpler live migrations from MySQL with virtually no downtime. The Spanner migration tool automates schema and data migration, including consolidating petabyte-sized sharded MySQL databases in days.

SaaS delivery made easy: Meet SaaS Runtime - SaaS Runtime is a fully managed Google Cloud service management platform for SaaS providers to simplify and automate the complexities of infrastructure operations. It empowers software providers to launch quickly, customize and iterate, automate operations, observe and scale tenants, and integrate, optimize and expand rapidly.

Google Cloud Database and LangChain integrations now support Go, Java, and JavaScript - Google Cloud Database and LangChain integrations now support Go, Java, and JavaScript. Developers can now create intricate workflows and easily interchange underlying components as needed to align with specific use cases.

Google Public Sector and Palantir collaborate to bring Google Cloud to FedStart - Google Public Sector and Palantir collaborate to bring Google Cloud to FedStart, empowering Anthropic and other Independent Software Vendors (ISVs) to offer their solutions on Google Cloud's accredited infrastructure.

Your comprehensive guide to Google Cloud Security at RSA 2025 - Google Cloud Security will be at the RSA Conference 2025 in San Francisco, showcasing their latest innovations and insights from the M-Trends report.

Articles, Tutorials

Infrastructure, Networking, Security, Kubernetes

Diving into the technology behind Google's AI-era global network - Google's next-generation global network is designed for the AI era, featuring exponential scalability, beyond-9s reliability, intent-driven programmability, and autonomous networking. It embraces horizontal scaling through multi-sharding, architects for resilience with regional isolation and Protective ReRoute, enables fine-grained programmability with SDN, and adopts autonomous network operation powered by AI/ML.

M-Trends 2025: Data, Insights, and Recommendations From the Frontlines - Mandiant's M-Trends 2025 report analyzes data from over 450,000 hours of incident response investigations conducted between January 1, 2024, and December 31, 2024. The report provides recommendations for organizations to enhance their cybersecurity posture, such as implementing a layered security approach, enforcing multi-factor authentication, and improving logging and monitoring practices.

Multi-Cluster Networking with Multi-Cloud : Migrating to Google Kubernetes Engine with Istio - Organizations often manage workloads across multiple Kubernetes clusters, sometimes spanning different cloud providers. Istio Service Mesh can be leveraged to connect two Kubernetes clusters, one running in another cloud provider and the other in Google Cloud (GKE). This enables secure, observable, and controlled traffic routing between clusters, as well as seamless connectivity between workloads across both clusters.

Google Kubernetes Engine (GKE) & Gateway API - This article discusses deploying GKE Gateway API resources, including creating a Gateway, deploying an external Gateway, and configuring an HTTPRoute.

How I Mastered a DNS Swap to Migrate a Startup from AWS to GCP with Minimal Downtime - Migrating a startup's infrastructure from AWS to Google Cloud Platform (GCP) with minimal downtime.

Migrating GCP Projects Between Organizations Without Breaking Things - This guide provides a step-by-step approach to migrate projects across organization to ensure a smooth migration with minimal impact.

Inference Gateway: Intelligent Load Balancing for LLMs on GKE - GKE Inference Gateway, an extension of the standard GKE Gateway controller, optimizes routing and load balancing for generative AI workloads on Google Kubernetes Engine (GKE). It addresses the unique challenges of stateful LLM inference, such as cache affinity and queue length awareness, to maximize cache reuse and minimize prefill operations.

App Development, Serverless, Databases, DevOps

DORA's new report: Unlock generative AI in software development - DORA's new report reveals the real-world impact of generative AI in software development, with 89% of organizations prioritizing AI integration and 76% of technologists already using it. To maximize AI's benefits, organizations should prioritize transparent communication, empower developers with learning opportunities, establish clear policies, rethink performance metrics, and embrace fast feedback loops.

Going from requirements to prototype with Gemini Code Assist - This article demonstrates how to use Gemini Code Assist to efficiently transform requirements into a working application prototype.

50% faster merge and 50% fewer bugs: How CodeRabbit built its AI code review agent with Google Cloud Run - CodeRabbit, an AI code review tool, leverages Google Cloud Run to halve code review time and bugs by safely executing untrusted code. It integrates with code hosting platforms to provide automated feedback on pull requests by analyzing changes against the entire codebase and generating scripts for deeper analysis.

Running an interactive shell in Cloud Run for learning and debugging - Use interactive shells in Cloud Run to explore & debug your containers! Dive deep into your cloud environment for ultimate understanding.

✨ IDX becames Firebase Studio - A brief overview of Firebase studio (former IDX).

Faster and Cheaper? Google Cloud's N2 vs C4 - Comparing N2 and C4 generation of GCE machine types.

Install Python packages from GCP Artifact Registry using UV - Install packages from your private GCP artifact registry using the package manager UV.

How to programmatically schedule a Google Cloud function to run more frequently than once a minute - A function scheduling itself at sub-minute intervals in Google Tasks queue.

Moving and Renaming Google Cloud Storage Buckets Without Downtime: A Safe Strategy - part 1 - Strategies to move and rename between the projects.

Moving and Renaming Google Cloud Storage Buckets Without Downtime: A Safe Strategy - part 2

Master DevOps Project 4 : Database Migrations in Production with Cloud Run Jobs and Alembic - Cloud Run Jobs can be used to execute Alembic migrations automatically as part of a CI/CD pipeline in Google Cloud Platform (GCP). This method ensures secure, repeatable, and infrastructure-compliant migrations that align with the 12-Factor App methodology.

Big Data, Analytics, ML&AI

How Mars Wrigley uses agile media experiments to measure sales lift with EPAM and Cortex Framework - Mars Wrigley uses Google Cloud Cortex Framework to accurately measure in-flight audience effectiveness based on incremental sales. By integrating media data from sources like YouTube with sales information from retailers, Mars Wrigley can better understand how specific audience targeting strategies are driving incremental sales lift across key customer groups.

Unlocking Savings: A look at Google’s new BigQuery & Composer CUDs - CUDs for BigQuery and Composer finally arrived — Am I going to save money?

Execute DBT with Airflow and Cloud Run - This article explains how to trigger a DBT pipeline in Cloud Run directly from Apache Airflow and Cloud Composer.

Streaming One Row to BigQuery! - A walkthrough of the new usability improvements for the 2.30 release of the Storage Write API Python client library.

Chatting With Dataproc Clusters Using An AI Agent - A Dataproc AI agent built using Google’s Agent Development Kit (ADK).

Choosing the right upgrade path for your Gen AI apps to Gemini 2.x and beyond - This blog post was co-authored with Anna Novakovska and Dennis Kashkin.

MCP Toolbox for Databases: Simplify AI Agent Access to Enterprise Data - MCP Toolbox for Databases (formerly Gen AI Toolbox for Databases) is an open-source MCP (Model Context Protocol) server that allows developers to connect gen AI agents to enterprise data easily and securely. Toolbox offers simplified development, enhanced security, and end-to-end observability. It also supports Agent Development Kit (ADK), an open-source framework that simplifies building sophisticated multi-agent systems.

Why Basic Similarity Search Still Powers Many RAGs and AI Agents (And Why It’s Changing) - Vector similarity search, a technique for finding information based on meaning rather than keywords, is commonly used in Retrieval-Augmented Generation (RAG) and AI agents despite its simplicity. However, as the RAG field matures, more sophisticated techniques from Information Retrieval and Recommender Systems are being adopted for better quality and reliability.

Tutorial : MCP Toolbox for Databases - Exposing BigQuery Datasets - MCP Toolbox for Databases, formerly known as GenAI Toolbox for Databases, now supports BigQuery as a data source. Users can now query their BigQuery datasets directly within Gen AI clients using MCP client mode.

Agent Development Kit (ADK) Tutorials to get started with - Links to several articles to learn Agent Development Kit.

A2A Deep Dive: Getting Real-Time Updates from AI Agents - An Exploration of A2A Streaming via SSE.

Slides, Videos, Audio

Kubernetes Podcast - #251 Kubernetes 1.33 Octarine, with Nina Polshakova.

Security Podcast - #221 Special - Semi-Live from Google Cloud Next 2025: AI, Agents, Security ... Cloud?

GCP Bytes Podcast - #15 In this episode we discuss; Daves Dog, Google Chat History, Retire CCTLDs, GDG Events, ESXi Free, ATO Bundling, CVEs & MITRE, Firebase Studio, Woolworths, Next 25, Google Monopoly, UWS System Breach, IBM Z17 AI Mainframe, AWS AI Chips, Flash 2.5, webdev AI.

Releases

AlloyDB - 8 AlloyDB recommenders are now generally available (GA).

Anthos clusters on VMware - Google Distributed Cloud (software only) for VMware 1.31.400-gke.110 is now available for download. Upgraded etcd to v3.4.33-0-gke.3. Fixed an issue that prevented user cluster upgrades when Dataplane V2 was explicitly configured with forward mode. The 1.31.400-gke.110 release includes many vulnerability fixes.

Apigee Integrated Portal - On April 22, 2025 we released a new version of the Apigee integrated portal. This release adds the Apigee Integrated Developer Portal Admin UI from the Classic Apigee UI into the Google Cloud console.

AppEngine Flexible Python - Python 3.13 is now available in Preview.

AppEngine Standard Python3 - Python 3.13 is now available in Preview.

Application Integration - New Canvas View is enabled by default in the Integration Editor The new Canvas View is now enabled by default in the integration editor.

Cloud Asset Inventory - The following resource types are now publicly available through the ExportAssets, ListAssets, BatchGetAssetsHistory, QueryAssets, and Feed APIs.

Backup and DR Service - There is a new committed use discount (CUD) for customers using Backup and DR Service to protect Oracle databases into a backup vault. Introduced logging and alerting capabilities to monitor the health and status of your backup/recovery appliances. Backup and DR Service now supports backup and restore of Db2 databases using persistent disk snapshots. These issues have been fixed: An issue in which multiple snapshot/Direct OnVault jobs became stuck in an unresponsive state after attempting to connect to vCenter with an openssl command. Vulnerabilities CVE-2024-42301, CVE-2024-42284, and CVE-2024-41092 have been fixed at kernel version 4.18.0-553.33.1.el8_10. Introduced management console events for the Appliance Connectivity Events and Dynamic Protection Events.

BigQuery - You can now work with a Gemini powered assistant in a BigQuery data canvas. You can now set a maximum slot limit for a reservation. You can now specify which reservation a query uses at runtime, and set IAM policies directly on reservations. You can now allocate idle slots fairly across reservations within a single admin project. BigQuery now provides spend-based committed use discounts (CUDs). You can now enable fine-grained access control on BigQuery metastore Iceberg tables. You can get the required permissions to use BigQuery data preparation through the BigQuery Studio User (roles/bigquery.studioUser) and Gemini for Google Cloud User (roles/cloudaicompanion.user) roles, and permission to access the data you're preparing.

Bigtable - Bigtable is supported by Database Center, which is generally available (GA).

Billing - Cloud Billing supports Dark theme in the Google Cloud console (in preview) Dark theme is now available in the Billing section of the Google Cloud console (preview).

Cloud Build - You can now specify build dependencies in your build configuration file.

Chronicle - The following parser documentation is now available: Collect Barracuda Email Security Gateway logs Collect Barracuda WAF logs Collect CrowdStrike Falcon logs in CEF Collect Juniper NetScreen Firewall logs Collect Micro Focus NetIQ Access Manager logs Collect Symantec DLP logs Collect Aruba ClearPass logs Collect Aruba Wireless Controller and Access Point logs Collect BeyondTrust Secure Remote Access logs Collect CyberArk Privileged Threat Analytics logs Collect Fortinet FortiMail logs Collect Sophos Central logs Collect Sophos XG Firewall logs Collect AWS EC2 Hosts logs Collect AWS EC2 Instance logs Collect AWS IAM logs Collect Cisco Stealthwatch logs Collect Cisco Umbrella audit logs Collect Cisco Umbrella DNS logs Collect Cisco Umbrella Web Proxy logs Collect CommVault Backup and Recovery logs Collect Forcepoint Proxy logs Collect Fortinet FortiAnalyzer logs Collect Fortinet FortiAuthenticator logs Collect Fortinet Firewall logs Collect Palo Alto Networks Traps logs Collect SecureAuth Identity Platform logs Collect Claroty CTD logs Collect Claroty xDome logs Collect F5 BIG-IP ASM logs Collect FireEye HX logs Collect Microsoft IIS logs Collect PowerShell logs Collect Snort logs Collect A10 Network Load Balancer logs Collect Alcatel switch logs Collect AlgoSec Security Management logs Collect Arbor Edge Defense logs Collect Epic Systems logs Collect Fortra Digital Guardian DLP logs Collect MobileIron logs Collect Microsoft Windows Defender ATP logs Collect Nokia Router logs Collect Broadcom Symantec SiteMinder Web Access logs. Curated Detections has been enhanced with new detection content for Cloud Threats to include rule packs covering Office 365 and Okta.

Chronicle SOAR - Release 6.3.44 is being rolled out to the first phase of regions as listed here.

Colab - The notebook gallery is now available.

Cloud Composer - Starting from June 2025, the default version for new Cloud Composer environments changes from Cloud Composer 2 to Cloud Composer 3.

Compute Engine - Public Preview: General purpose C4D machine types have reached Public Preview. On June 30th, 2024, CentOS 7 will reach end of support and the images marked deprecated on Google Cloud. Generally available: Compute flexible committed use discounts (CUDs) are available for the sole-tenancy premium that you pay for eligible sole-tenant node types.

Confidential VM - Support for accelerator-optimized a3-highgpu-1g machine type for securely running AI and ML workloads is now available in Preview, with the following specifications: 4th Generation Intel Xeon Scalable processor (Sapphire Rapids) Intel TDX 1 NVIDIA H100 GPU.

Contact Center AI Insights - Quality AI offers fine-grained access control in preview.

Database Migration Service - Database Migration Service for heterogeneous migrations to PostgreSQL now supports migrating to PostgreSQL versions 16 and 17.

Dataproc Metastore - v1beta1. Dataproc Metastore multi-regional services now support the use of customer-managed encryption keys (CMEKs) -- (in preview).

Datastore - Committed use discounts are now generally available (GA) for Firestore in Datastore mode in exchange for a commitment to continuously spend a certain amount on read/write/delete operations for one year or three years.

Cloud Firestore - Committed use discounts are now generally available (GA) for Firestore in exchange for a commitment to continuously spend a certain amount on Firestore read/write/delete operations for one year or three years.

Cloud NGFW - v1. You can use a single request to batch update all the firewall policy rules for hierarchical and network firewall policies.

Cloud Functions - Cloud Run functions now supports the Python 3.13 runtime at the Preview release level.

Gemini - After May 23, 2025, Gemini in Looker will be enabled by default for Looker (original) instances outside of the EMEA region.

Google Kubernetes Engine - Saxml on GKE is de-prioritized beginning April 24, 2025.

Load Balancing - Starting April 28, 2025, the Global external Application Load Balancer and the Classic Application Load Balancer will no longer allow the use of custom request headers that reference connection-specific hop-by-hop headers.

Looker - Looker (original) only changes. After May 23, 2025, Gemini in Looker will be enabled by default for Looker (original) instances outside of the EMEA region. Looker (Google Cloud core) and Looker (original) changes. The Looker Mobile (Legacy) application will be deprecated on March 1, 2026. Looker (Google Cloud core) only changes. Looker (Google Cloud core) now supports Google group mirroring when using OAuth authentication.

Network Intelligence Center - Network Analyzer includes an insight that indicates if a GKE cluster's pod CIDR range isn't included in the ip-masq-agent ConfigMap.

Cloud Run - Cloud KMS with Autokey is now in General Availability (GA) for Cloud Run. Support for the Python 3.13 runtime is now in Preview.

Security Command Center - The Execution: Ingress Nightmare Vulnerability Execution detector of Container Threat Detection is in Preview.

SAP Solutions - New SAP certifications: Additional M4 memory-optimized machine types For use with SAP HANA scale-up (OLAP and OLTP) and SAP NetWeaver workloads, SAP has certified the following Compute Engine M4 memory-optimized machine types: m4-megamem-28 and m4-ultramem-224. New SAP certification: 3 TB m4-megamem-224 for SAP HANA scale-out workloads For use with SAP HANA scale-out (OLAP and OLTP) workloads, SAP has certified the m4-megamem-224 memory-optimized machine type.

Cloud Spanner - Spanner now lets you use the INTERLEAVE IN clause to colocate child rows with parent rows without enforcing the parent-child relationship.

Cloud SQL MySQL - Private Service Connect endpoint propagation is now generally available (GA).

Cloud SQL Postgres - Private Service Connect endpoint propagation is now generally available (GA).

Cloud SQL SQL Server - Private Service Connect endpoint propagation is now generally available (GA).