Google Cloud Platform Newsletter

Check Archive for older issues

News

Google Cloud Serverless for Apache Spark: high-performance, unified with BigQuery - Google Cloud Serverless for Apache Spark, now available in BigQuery is an open-source, zero-ops, high performance, and unified analytics platform.

Simplify your streaming pipelines with new Pub/Sub Single Message Transforms - Pub/Sub Single Message Transforms (SMTs) to make it easy to perform simple data transformations right within Pub/Sub.

Unlock 66% better price-performance with new M4 VMs for memory-intensive workloads - Compute Engine M4 VMs are designed for workloads like SAP HANA, SQL Server, and in-memory analytics that benefit from a high memory-to-core ratio.

Standardize your business terms with Dataplex business glossary, now GA - Dataplex business glossary provides a central, trusted vocabulary for your data assets, streamlining data discovery and reducing ambiguity.

Accelerating innovation with Agent Assist, Looker (Google Cloud core) and Vertex AI Vector Search, now FedRAMP High authorized - Google Cloud achieves FedRAMP High authorization for Agent Assist, Looker (Google Cloud core) & Vertex AI Vector Search.

New G4 VMs with NVIDIA RTX PRO 6000 Blackwell power AI, graphics, gaming and beyond - New G4 VMs based on NVIDIA RTX PRO 6000 Blackwell Server edition round out the Compute Engine GPU portfolio for developers and creators.

Datadog expands its AI observability capabilities with new integrations across the Google Cloud stack - Datadog monitoring tools are now better integrated across Google Cloud Vertex AI Agent Engine, gen AI applications, TPU utilization, and BigQuery.

---

As a trusted Google Cloud partner of over a decade, DoiT delivers the only intent-aware FinOps platform that goes beyond cost optimization to drive reliability, performance, and security.

Kubernetes optimization with full visibility

Continuously and autonomously optimize your Kubernetes environment for peak performance at the lowest possible cost, and correlate that spend with your wider business objectives.

Learn How

---

Articles, Tutorials

Infrastructure, Networking, Security, Kubernetes

Cloud CISO Perspectives: How Google secures AI Agents - To help mitigate potential agentic AI risks, we need to invest in a new field of study focused specifically on securing agent systems.

Autonomous Network Operations framework: Unlock predictable and high-performing networks - CSPs can unlock predictable and high-performing networks with Google Cloud’s AI-first Autonomous Networking Operations framework.

GKE Custom Compute Classes to Maximize Spot and On-Demand Node Utilization - In this series, we explore how to leverage custom compute classes to deploy workloads on Google Kubernetes Engine (GKE) with cost-optmized.

Secure Your GKE Ingress with Let’s Encrypt: A How-To Guide - The article provides a how-to guide on securing Google Kubernetes Engine (GKE) Ingress with Let's Encrypt certificates. It explains two methods: using Google-managed SSL certificates, recommended for global external HTTP(S) load balancers, and using cert-manager, which offers more flexibility and is necessary for securing regional and internal load balancers.

App Development, Serverless, Databases, DevOps

Improving Bigtable single-row read throughput by 70%: How we did it - To achieve Bigtable read performance improvements, the team explored caching, scheduler improvements, and request prioritization, to name a few.

Selecting the right Hyperdisk block storage for your workloads - Learn about Hyperdisk workload-optimized block storage, and choose from its variants: Balanced, Extreme, Throughput, and ML.

Gemini Code Assist Extension: Customization features - Gemini Code Assist has received usability improvements, including access to previous chat sessions and release notes directly from the extension.

Unlocking SQL Server to Bigtable: A Comprehensive Guide to Non-Heterogeneous Migration - Migrating from SQL Server to Bigtable can boost performance and scalability, especially for organizations handling large datasets and real-time processing. The article explores schema design and data migration using Cloud Data Fusion, emphasizing its simplicity and integration capabilities.

How to export Google Cloud logs - Learn to export Google Cloud logs. A guide to routing historical and real-time logs to third-party services using GCS and Pub/Sub.

Automating AlloyDB starts and stops - The article explains how to automate the starting and stopping of AlloyDB instances using Cloud Run Functions, Cloud Pub/Sub, and Cloud Scheduler.

Big Data, Analytics, ML&AI

How to benchmark and scale your Google Cloud Managed Service for Kafka deployment - Learn about Google Managed Service for Kafka performance benchmarking and how to optimize your deployment for throughput and latency.

How to Build Metadata-Driven Data Pipelines in BigQuery (+ dbt Examples) - Automate, validate, and orchestrate your BigQuery workflows with metadata logic — and make your data platform think for itself.

How to preview table data at no cost in Google BigQuery - The article discusses cost-effective ways to preview table data in Google BigQuery.

Advanced Security Strategies for Data Pipelines with Airflow, dbt, and BigQuery on GCP - Protect your data pipelines beyond access controls: learn deep security techniques for Airflow, dbt, and BigQuery in a modern GCP stack.

The SQL Fanatics’ Dream: AI Agents Without the Application Code! - The article discusses how BigQuery allows users to build applications with search and chat functionalities using only SQL queries, eliminating the need for extensive application code.

Bridging Clouds: Accessing Azure Cosmos DB from GCP Dataflow with Azure Federated Identity (Entra ID) - This article walks you through the process of setting up Azure’s Federated Identity between GCP and Entra ID to enable a GCP Dataflow pipeline to securely access Azure Cosmos DB (using the MongoDB API).

Looker Performance Optimization With Henry - Henry, a community-supported open-source tool, analyzes Looker query history to identify unused LookML projects, models, explores, measures, and dimensions. By using Henry's analysis, users can pare down LookML by deleting unused elements or hiding them, improving Looker's performance and usability.

How good is your AI? Gen AI evaluation at every stage, explained - Master your AI development journey with the Vertex Evaluation Service. Learn how to scale your evaluations, build trust in your autorater, and assess complex use cases with rubrics.

Lessons from the field: What decision-makers want to know about multi-agentic systems - Read about some common missteps in the field, top questions executives have, and insights to move forward on adopting multi-agent systems today.

Beyond the Buzz: Practical AI with Cloud Databases using MCP and ADK - Find the clear path from buzzword to business value by adding secure, targeted AI solutions on top of the database you already trust.

Powering your IDE’s build-time agents with MCP Toolbox for Databases - Boost developer productivity and streamline database interactions by using database toolsets in your IDE.

Your First Multi-agent system: A Beginner’s Guide to Building an AI Trend finder with ADK - The article guides readers through building a multi-agent system using Google's Agent Development Kit (ADK) by refactoring a simple AI agent into a "Manager" agent that orchestrates specialist agents, including a custom-built Reddit tool, to gather diverse insights, debug using ADK's Trace view, and produce a detailed intelligence report, which helps developers build more robust and scalable AI applications.

Agent Patterns with ADK (1 Agent, 5 Ways!) - The article explores five different agent patterns using Google Cloud's Agent Development Kit (ADK) to automate a customer refund system for a candy shop.

Slides, Videos, Audio

Security Podcast - #229 Beyond the Hype: Debunking Cloud Breach Myths (and What DBIR Says Now).

Releases

Anthos clusters on VMware - Google Distributed Cloud (software only) for VMware 1.30.1000-gke.83 is now available for download. The following issues were fixed in 1.30.1000-gke.83: Fixed vulnerabilities listed in Vulnerability fixes.

API Gateway - On June 9, 2025, we released an updated version of API Gateway. With this release, the limit on the number of API gateways that can be created per region is increased to 50.

Cloud Asset Inventory - The following resource types are now publicly available through the ExportAssets, ListAssets, BatchGetAssetsHistory, QueryAssets, Feed, and Search (SearchAllResources, SearchAllIamPolicies) APIs.

BigQuery - Dark theme is now available for BigQuery in Preview. The following GoogleSQL functions are now available in preview: The ARRAY_FIRST function returns the first element of the input array. The ARRAY_LAST function returns the last element of the input array. The ARRAY_SLICE function returns an array that contains consecutive elements from the input array. An updated version of the ODBC driver for BigQuery is now available. For supported Gemini models, you can now use Vertex AI Provisioned Throughput with the ML.GENERATE_TEXTand AI.GENERATE functions to provide consistent high throughput for requests. You can reference Iceberg external tables in materialized views instead of migrating that data to BigQuery-managed storage.

Chronicle SOAR - Release 6.3.49 is being rolled out to the first phase of regions as listed here. Release 6.3.48 is now available for all regions.

Compute Engine - Generally available: General purpose C4D machine types, powered by the fifth generation AMD EPYC processors (Turin) and Google Titanium, are generally available. Preview: Dynamic NICs let you add or remove network interfaces to or from an instance without having to restart or recreate the instance. Preview: The storage-optimized Z3 machine series offers a bare metal (-metal) machine type with 192 vCPUs. A vulnerability (CVE-2025-2884) affecting Shielded VMs using virtual Trusted Platform Module (vTPM) was discovered and is being addressed.

Config Connector - Config Connector version 1.132.0 is now available. New Beta Resources (Direct Reconciler): SpeechCustomClass SpeechPhraseSet SpeechRecognizer VertexAINotebooksInstance VertexAIMetadataStore. New Alpha Resources (Direct Reconciler): OrgPolicyPolicy OrgPolicyCustomConstraint SpeechRecognizer StorageAnywhereCache. New Fields: SpannerInstance For opt-in direct controller, Added spec.labels field. Reconciliation Improvements: BigtableAppProfile You can opt-in the direct controller by adding the alpha.cnrm.cloud.google.com/reconciler: direct annotation to the BigtableAppProfile resource.

Contact Center AI Platform - Salesforce ICU Update This is for Google Contact Center as a Service (CCaaS) customers that use Salesforce integration with CCaaS.

Data Fusion - The HTTP plugin version 1.4.4 is available in Cloud Data Fusion version 6.10.1. Cloud Data Fusion is available in the northamerica-south1 (Mexico) region.

Dataflow - Dataflow now supports right fitting for streaming jobs.

Dataform - Dark theme is now available for BigQuery and Dataform.

Dataproc - Announcing the GA release of Dataproc on Compute Engine image version 2.3: Image Version 2.3 is a lightweight image that contains only core components, reducing exposure to Common Vulnerabilities and Exposures (CVEs).

Dialogflow - Conversational Agents: New Chirp 3 HD Cloud Text-to-Speech voice Autonoe is now available. Conversational Agents: Conversational Agents console now supports test cases. Conversational Agents: Service agent access tokens used for authentication by both webhooks and tools are now discontinued as mentioned in notification emails to customers earlier this year. Data store handlers: Data store handler use tracking for billing purposes has been corrected.

Gemini - Configure AI exclusion files You can now configure the use of .aiexclude and .gitignore files to exclude files from the local context with VS Code Gemini Code Assist (version 2.36.0). Add code snippets to the chat context You can now select, attach, and direct Gemini to focus on code snippets with VS Code Gemini Code Assist (version 2.36.0). Add terminal output to the chat context Terminal output can now be attached to the chat context with VS Code Gemini Code Assist (version 2.36.0).

IAM - Conditions that check the tags for a resource can also check other attributes, such as the resource name of the timestamp of the request.

GKE new features - GKE now reports CPU and memory requests and limits metrics for Kubernetes-native sidecar containers starting from GKE version 1.32.4-gke.1106006. Flex-start provisioning mode on GKE now supports TPUs in single-host node pools.

Load Balancing - Cloud Load Balancing supports load balancing to multi-NIC instances that use Dynamic NICs.

Looker - Looker (Google Cloud core) and Looker (original) changes. Looker 25.10 is expected to include the following changes, features, and fixes: Expected Looker (original) deployment start: Tuesday, June 17, 2025 Expected Looker (original) final deployment and download available: Thursday, June 26, 2025 Expected Looker (Google Cloud core) deployment start: Monday, June 16, 2025 Expected Looker (Google Cloud core) final deployment: Monday, June 30, 2025. The Embed SDK has been upgraded to release 2.0.0. For period-over-period (PoP) measures, a new subparameter, value_to_date, is available. The Firebolt JDBC driver has been updated to version 3.5.0. The Hive JDBC driver has been updated to version 4.0.1. The MS SQL JDBC driver has been updated to version 12.10.0. The Teradata JDBC driver has been updated to version 20.00.00.45. The Vertica JDBC driver has been updated to version 24.2.0-1. The new Content Guardrails admin panel lets Looker admins limit both the ability for users to add or execute merged results queries on dashboards and the use of the dashboard auto-refresh option. This release contains the following accessibility improvements: Increased contrast ratio for graphic elements, including icon bullets Improved contrast for download links and unemphasized text to comply with Web Content Accessibility Guidelines (WCAG) Level AA. The Tile Actions kebab menu now includes the name of the dashboard tile in its aria-label value. An issue has been fixed where SDK API calls could return a 500 error if optional headers were not specified. An issue has been fixed where the PDT Override Service Account field was not available for connections that use OAuth credentials. An issue has been fixed where the Manage Access dialog on a folder could load slowly if the Looker instance has a large number of groups. An issue has been fixed where, previously, testing a new OAuth connection before saving would run connection tests on an empty connection. The OAuth Tenant ID field will no longer appear in connections for which it is not relevant. An issue has been fixed where the API calls to run git connection tests would fail unless the user was in dev mode. An issue has been fixed where drill downs wouldn't be displayed for a field if the first field value had null values. An issue has been fixed where assigning the user attribute looker_internal_email_domain_allowlist on the SAML config page would return a 500 error. An issue has been fixed where restarting the Looker instance during a folder sync could cause the instance to fail to start. An issue has been fixed where selecting fields from the Session view in the System Activity User Explore could cause fanout. An issue has been fixed where the count table calculation function could return incorrect values if its inputs included a list with null values. An issue has been fixed where the drill menu did not properly translate some entries when the locale was set to Swedish (sv_SE). An issue has been fixed where drilling on a query with subtotals could display incorrect values. An issue has been fixed where filtering on a custom dimension that references a datetime type field could return the following error message: No matching signature. An issue has been fixed where the LookML validator would return a 500 error if a LookML file contained a sum_distinct measure for a database that doesn't support sum_distinct measures. An issue has been fixed where entering the value 12:00 in the Time field of an alert schedule dialog would input 00:00 instead. An issue has been fixed where changes to PDT override settings would not be saved. An issue has been fixed where PDTs could fail to rebuild with the following error message: undefined method trace_id_hex. Looker (original) only changes. You can now embed Looker reports on Looker (original) instances when Looker reports and the Embed Looker reports Labs features are enabled for your instance. An issue has been fixed where LDAP authentication could fail with the following error message: no implicit conversion of Hash into String. Looker (original) only changes. Gemini in Looker will be enabled by default for Looker (original) instances that meet at least one of the following criteria: The Automated Gemini in Looker enablement and user management setting on the Settings page in the Looker Admin panel was previously enabled. When the Automated Gemini in Looker enablement and user management setting is enabled, the Gemini Default Users group is created automatically for instances that use an open system configuration.

Network Connectivity Center - Routes that NCC Gateway advertises don't show up in the list of a VPC network's effective routes.

Cloud VPN - Cloud VPN supports customizable cipher options for your VPN tunnels.

Resource Manager - You can use custom constraints with Organization Policy to provide more granular control over specific fields for indexes and index endpoints in Vector Search.

Cloud Run - You can use request host and request path in IAM Conditions when defining access control for invoking Cloud Run services.

Security Command Center - The following Event Threat Detection detectors for Vertex AI have been released to Preview: Persistence: New Geography for AI Service Privilege Escalation: Anomalous Multistep Service Account Delegation for AI Admin Activity Privilege Escalation: Anomalous Multistep Service Account Delegation for AI Data Access Privilege Escalation: Anomalous Service Account Impersonator for AI Admin Activity Privilege Escalation: Anomalous Service Account Impersonator for AI Data Access Privilege Escalation: Anomalous Impersonation of Service Account for AI Admin Activity Persistence: New AI API Method Initial Access: Dormant Service Account Activity in AI Service.

Service Mesh - Managed Cloud Service Mesh. You can now enforce cluster-local traffic for an individual service, all services in a particular namespace, or globally for all services in the mesh.

SAP Solutions - New SAP NetWeaver certification: C4D series of general-purpose machine types For use with SAP NetWeaver, SAP has certified the Compute Engine general purpose machine types c4d-standard and c4d-highmem. Google Cloud's Agent for SAP version 3.8 Version 3.8 of Google Cloud's Agent for SAP is generally available (GA).

Cloud Spanner - Column operations statistics are generally available.

Cloud Trace - The Analysis reports page has been removed.

Vertex AI - Vector Search custom constraints with Organization Policy You can use custom constraints with the Organization Policy Service to provide more granular control over specific fields for indexes and index endpoints in Vector Search.

Vertex AI Workbench - Available in Preview: You can consume reservations with Vertex AI Workbench instances.

VMware Engine - VMware Engine ve2 nodes are now available in Toronto, Canada (northamerica-northeast2). VMware Engine ve2 nodes are now available in the following additional region: Melbourne, Australia (australia-southeast2-a).

Virtual Private Cloud - Dynamic Network Interfaces (NICs) are available in Preview.

Workstation - The JetBrains readiness server lets you configure the port it listens on and the timeout when you specify the JETBRAINS_READY_SERVER_PORT and JETBRAINS_READY_SERVER_TIMEOUT environment variables in your workstation environment.