Google Cloud Platform Newsletter

Check Archive for older issues

News

Gemini momentum continues with launch of 2.5 Flash-Lite and general availability of 2.5 Flash and Pro on Vertex AI - Latest Gemini 2.5 updates on Vertex AI: Flash & Pro GA for enterprises, SFT GA for custom AI, Flash-Lite Preview, & enhanced Live API for voice apps.

Automate data resilience at scale with Eon and Google Cloud Backup - No matter what platform you use, it’s critical to understand what resilient cloud backup looks like and how to get there with Google Cloud’s native capabilities.

Simplify your multi-cloud strategy with Cloud Location Finder, now in preview - Cloud Location Finder provides up-to-date location data across Google Cloud, Amazon Web Services (AWS), Azure, and Oracle Cloud Infrastructure (OCI).

C4D now GA: up to 80% higher performance for your business critical workloads - C4D VMs are now GA, powered by 5th Gen AMD EPYC processors. Experience unparalleled performance, efficiency, and security for business workloads.

Google is a Leader in the 2025 Gartner® Magic Quadrant™ for Analytics and Business Intelligence Platforms - Thanks to Looker, for the second year in a row, Google was named a Leader in the Gartner 2025 Magic Quadrant for Analytics and Business Intelligence.

Save early and often with multi-tier checkpointing to optimize large AI training jobs - Multi-tier checkpointing uses multiple tiers of storage to save progress and reduce MTTR, increasing ML Goodput for very large AI training jobs.

Zephr.xyz powers real-time GNSS precision on Android with Google Cloud - Zephr wants to reimagine GPS for mobile devices, bringing greater precision through Android on Google Cloud.

Articles, Tutorials

Infrastructure, Networking, Security, Kubernetes

What’s in an ASP? Creative Phishing Attack on Prominent Academics and Critics of Russia - A Russia-sponsored threat actor is impersonating the U.S. Department of State, and using phishing to gain access to email accounts.

GKE workload scheduling: Strategies for when resources get tight - Learn about the GKE scheduler and the factors that can influence its workload placement decisions when there are capacity constraints.

How Google Cloud is securing open-source credentials at scale - We’ve developed a powerful tool to scan open-source package and image files by default for leaked Google Cloud credentials. Here’s how to use it.

Your GKE Fleet, Git-Controlled: Unlocking Enterprise DevOps with Anthos Config Management - Anthos Config Management (ACM) enables GitOps for GKE clusters, ensuring consistent configurations and policies across environments. ACM leverages Config Sync, Policy Controller, and Config Connector to automate deployments, enforce security, and manage Google Cloud resources declaratively. This approach streamlines operations, enhances security, and simplifies disaster recovery for enterprise DevOps.

Managing secrets and configs used to be a silent source of frustration — until now. - The article discusses Google Cloud's Parameter Manager and Secret Manager as solutions for managing configurations and secrets, addressing challenges like security leaks, human error, and lack of centralized control.

Private Service Connect and VPC Service Controls — Complementary OR Mutually Exclusive? - Private Service Connect (PSC) and VPC Service Controls (VPC SC) are complementary Google Cloud security services. PSC ensures private connectivity to managed services, while VPC SC prevents data exfiltration with security perimeters. Combining both enhances security and compliance in cloud infrastructures, creating defense-in-depth strategy.

App Development, Serverless, Databases, DevOps

Enhancing backup vaults with support for Persistent Disk, Hyperdisk, and multi-regions - Google Cloud Backup and DR service backup vaults offer immutability and indelibility to Persistent Disk (PD) and Hyperdisk disks, in multiple regions.

Spanner's enduring impact: Celebrating the 2025 ACM SIGMOD Systems Award - Spanner showed that you could build a database with the horizontal scalability of a distributed system, as well as transactions and SQL.

Control what you log - Need to control your logging storage? Find out methods and best practices to do it using log sinks.

Distributed Tracing & CloudRun - Cloud Run's infrastructure can disrupt distributed tracing with non-GCP tools by overriding trace headers.

Oracle to AlloyDB | Cloud SQL (PostgreSQL) Migration Series: A Developer’s Guide (Part 1) - The Foundational Shift from Packages to Schemas — Code Conversion.

Oracle to AlloyDB | Cloud SQL (PostgreSQL) Migration Series: A Developer’s Guide (Part 2) - Mind the Gotchas: 5 Critical Differences That Can Break Your Oracle to AlloyDB | CloudSQL (PostgreSQL) Migration.

Streamline App Creation with Backstage Templates and Automated CI/CD in Google Cloud - The article discusses how to streamline application creation in Google Cloud using Backstage templates and automated CI/CD.

Big Data, Analytics, ML&AI

BigQuery under the hood: Enhanced vectorization in the advanced runtime - BigQuery applies enhanced vectorization to aspects of query processing such as filter evaluation and data encodings and optimization techniques.

Why My BigQuery Query Was Fast at 10K Rows and Died at 10M - The article discusses common mistakes when using BigQuery that can lead to performance issues when scaling from small test datasets to larger, real-world datasets.

BigQuery Cost Management and Monitoring: In-Depth Technical Guide - BigQuery cost management is crucial as usage grows. The article provides techniques like table partitioning, query optimization, and audit log analysis. It also highlights the importance of understanding storage costs, including active and long-term storage, to control spending and maintain performance.

BigQuery time-partitioning: The hidden cost trap - How choosing the wrong date function can explode your BigQuery costs.

From BQML Insights to Governed Quality: Predictive DQ with Dataplex AutoDQ - The article explains how to integrate BigQuery ML (BQML) anomaly detection with Dataplex AutoDQ to create a governed data quality solution.

Build and Deploy a Remote MCP Server to Google Cloud Run in Under 10 Minutes - Learn how to quickly build and deploy a remote Model Context Protocol (MCP) server to Google Cloud Run, enabling secure and scalable integration of external context with Large Language Models (LLMs).

Deploying Secure Remote MCP Servers to Cloud Run - Why remote MCP deployment is inevitable, and how to do it right with Google Cloud Run.

Inside CampaignCrafter: Engineering an End-to-End AI Ad Generator - Aman Konchgamey details the creation of CampaignCrafter, an AI-powered ad generator built using Google's Agent Development Kit (ADK). The system uses specialized AI agents for market insight, copywriting, image generation, and localization, orchestrated to produce complete ad campaigns from a single user prompt.

How I Created a Data Pipeline Incident Resolver Using the Agent Development Kit (ADK)! - AI Agent-Driven Data Pipeline Incident Resolver using Google Cloud's Agent Development Kit (ADK). The system autonomously detects, diagnoses, and remediates pipeline incidents by using three key agents.

Build a multi-agent KYC workflow in three steps using Google’s Agent Development Kit and Gemini - Learn how you can build a multi-agent KYC workflow using Google’s ADK (Agent Development Kit) and Gemini models.

Mastering Observability for Generative AI in GO - This article emphasizes the importance of observability for Generative AI applications built with Go, highlighting how it aids in monitoring performance, identifying issues, and optimizing resource use.

Using HTTP endpoints as tools with MCP Toolbox for Databases - Turn external endpoints into MCP compatible tools using MCP Toolbox.

Various

Graduating the Google for Startups Accelerator: AI First in Europe & Israel - Google for Startups Accelerator: AI First has graduated its new cohort with 14 innovative startups from Europe & Israel.

Want to become Google Cloud GenAI Leader? Your Guide to AI Mastery - The article provides a comprehensive guide to Generative AI certificate on Google Cloud, covering fundamental concepts, models, the ML lifecycle, and Google Cloud's GenAI offerings like Gemini and Vertex AI.

Slides, Videos, Audio

GCP Bytes Podcast - #19 In this episode we discuss; Flux AI, Banky passes Security Pro Cert, Mwave goes into administration, MS Copilot Echo Leak, VCF9, GDG , Google Buyout Offers, Amazon Spend, VMWARE & Siemens Dispute, GCP Outage, WIZ Antitrust, Android 16, Voice Phishing, New Chief Ai Architect, GCP & Open AI.

Security Podcast - #230 AI Red Teaming: Surprises, Strategies, and Lessons from Google.

Releases

AlloyDB - You can use the columnar engine to improve the performance of vector similarity searches, specifically K-Nearest Neighbor (KNN) searches, when combined with highly-selective predicate filtering.

Apigee UI - On June 17, 2025 we began redirecting the following Apigee Classic UI navigation items to Apigee UI in the Google Cloud console: Publish > Monetization Analyze > API monitoring Analyze > API metrics Analyze > Developers > Developer Engagement Analyze > Developers > Traffic Composition Analyze > End Users > Devices Analyze > End Users > Geomap Analyze > Custom reports See Apigee UI in Cloud console navigation for a mapping of each Classic Apigee UI feature page to its location in the Apigee UI in Cloud console.

Apigee Advanced API Security - On June 16, 2025 we released a new version of Advanced API Security Abuse Detection. API address drill down details are now available in the preview release of Advanced API Security Abuse Detection incidents in the detected traffic tab.

AppEngine Standard PHP Second Generation - Support for the PHP 8.4 runtime is in General Availability (GA).

AppEngine Standard Ruby - Support for the Ruby 3.4 runtime is in General Availability (GA).

Google Cloud Armor - Cloud Armor supports Network Threat Intelligence (NTI) in globally scoped edge security policies for Media CDN edge cache services in Preview. Cloud Armor supports Autonomous System Numbers (ASNs) in globally scoped edge security policies for Media CDN edge cache services in Preview.

Cloud Asset Inventory - The following resource types are now publicly available through the ExportAssets, ListAssets, BatchGetAssetsHistory, QueryAssets, Feed, and Search (SearchAllResources, SearchAllIamPolicies) APIs. The following resource types are now publicly available through the ExportAssets, ListAssets, BatchGetAssetsHistory, QueryAssets, and Feed APIs.

Assured Workloads for Goverment - The IRS 1075 control package now supports the following products: Access Transparency Backup for GKE Cloud Healthcare API Cloud OS Login API Cloud Workstations Conversational Agents Conversational Insights Dataplex Universal Catalog Document AI Essential Contacts Eventarc External passthrough Network Load Balancer Generative AI on Vertex AI Google Agentspace Google Cloud Armor Google Cloud NetApp Volumes Google Security Operations SOAR Identity and Access Management (IAM) Infrastructure Manager Integration Connectors Internal passthrough Network Load balancer Jurisdictional Cloud Console Looker (Google Cloud core) Organization Policy Service Regional external Application Load Balancer Regional external proxy Network Load Balancer Regional internal Application Load Balancer Regional internal proxy Network Load Balancer Storage Transfer Service VPC Service Controls Virtual Private Cloud (VPC). The names for some Assured Workloads control packages have changed.

BigQuery - You can now publish the results of a data quality scan as Dataplex Universal Catalog metadata. You can now use data insights to have Gemini generate table and column descriptions from table metadata. In BigQuery ML, you can now forecast multiple time series at once by using the TIME_SERIES_ID_COL option that is available in ARIMA_PLUS_XREG multivariate time series models. You can now manage IAM tags on BigQuery datasets and tables using SQL. The BigQuery migration assessment is now available for workflows that use Cloudera and Apache Hadoop. The Merchant Center best sellers report supports multi-client accounts (MCAs). BigQuery now offers the following Gemini-enhanced SQL translation features: Create Gemini-based configuration YAML files to generate AI suggestions for batch or interactive SQL translations.

Chronicle - Product Centric Feed Management This feature is currently in Preview. You can now remove existing UDM field mappings by using parser extensions in Google SecOps. New data ingestion and health dashboard widgets are now available. The Release Candidate period of the following premium parsers has been extended from the end of May to the week of July 21, 2025: Crowdstrike Detection Monitoring (CS_DETECTS) Crowdstrike Falcon (CS_EDR) Microsoft Defender for Endpoint We recommend that you opt-in early and make any necessary adjustments before these updates become the default.

Chronicle Security Operations - Content Hub This feature is currently in Preview. Product Centric Feed Management This feature is currently in Preview. You can now remove existing UDM field mappings by using parser extensions in Google SecOps. New data ingestion and health dashboard widgets are now available. The Release Candidate period of the following premium parsers has been extended from the end of May to the week of July 21, 2025: Crowdstrike Detection Monitoring (CS_DETECTS) Crowdstrike Falcon (CS_EDR) Microsoft Defender for Endpoint We recommend that you opt-in early and make any necessary adjustments before these updates become the default.

Chronicle SOAR - Release 6.3.50 is being rolled out to the first phase of regions as listed here. Release 6.3.49 is now available for all regions.

Cloud Composer - We're planning to phase out the APIs that aren't required by Cloud Composer 3.

Database Migration Service - Heterogeneous Oracle and SQL Server migrations now provide an improved experience with conversion overview dashboards and streamlined conversion issue grouping.

Dataplex - Previously, data quality scan results were published only to the Google Cloud console.

Cloud Functions - Support for the Ruby 3.4 runtime is in General Availability (GA). Support for the PHP 8.4 runtime is in General Availability (GA).

Gemini - Chat code suggestion preview Chat code suggestions are displayed in a preview block by default with VS Code Gemini Code Assist 2.37.0, improving the readability of generated chat responses. Revert to a checkpoint (Preview) You can revert to a checkpoint for chat code suggestions with VS Code Gemini Code Assist 2.37.0, in Preview. Configure local codebase awareness You can configure local codebase awareness with VS Code Gemini Code Assist 2.37.0.

GKE new features - For clusters running GKE version 1.32.4-gke.1236000 or later, the cluster autoscaler can scale down nodes by evicting Pods in the kube-system namespace that have no Pod Disruption Budget (PDB) set and have been running for at least one hour.

Media CDN - You can use Network Threat Intelligence (NTI) from Cloud Armor in Edge Security Policies for Media CDN edge cache services for Enterprise users. You can use Autonomous System Numbers (ASN) based rules from Cloud Armor for Media CDN.

Cloud Run - Support for the PHP 8.4 runtime is in General Availability (GA). Support for the Ruby 3.4 runtime is in General Availability (GA). You can configure GPU in your Cloud Run job (Preview).

Security Command Center - The display name for the following Event Threat Detection rules have changed. Risk Engine now includes the aiplatform.googleapis.com/Model resource type in the default high-value resource set. The prompt injection and jailbreak detection filter in Model Armor flags more threats across various attack vectors, and offers an improved detection rate for high-confidence malicious prompts. CVEs with no known exploitation activity are not considered in attack path simulations Vulnerability findings in Security Command Center are enriched by Mandiant Threat Intelligence. The Set security marks option in the new Security Command Center Enterprise Findings and Assets pages is temporarily unavailable.

Cloud Spanner - A new free trial creation work flow makes it easier to start your Spanner free trial.

Cloud SQL MySQL - You no longer have to upgrade your instance to MySQL 8.0.37 before you upgrade to Cloud SQL for MySQL 8.4.

Cloud Text-to-Speech - Chirp 3: Instant Custom Voice now extends support to ja-JP, now supporting more than 30 locales.

Virtual Private Cloud - The following features of VPC Flow Logs are available in Preview through the Network Management API: Enabling VPC Flow Logs for an organization Enabling VPC Flow Logs for a VPC network Enabling VPC Flow Logs for a subnet For more information, see Supported configurations. VPC Flow Logs annotates RDMA traffic that is reported from A3 Mega VMs.