Google Cloud Platform Newsletter

Check Archive for older issues

News

Announcing AI service expansion and CJIS 6.0 readiness for public safety - Google Public Sector announces enhanced CJIS 6.0 compliance and expanded AI services for public safety agencies, ensuring secure, compliant cloud solutions.

New AI tools help partners increase efficiency and growth - Discover the new AI-powered SOW Analyzer, Bot-Assisted Live Chat, and enhanced Earnings Hub designed to boost efficiency and growth for Google Cloud partners.

Making it easier to scale Kafka workloads with Cloud Run worker pools - With Cloud Run worker pools, built for continuous, non-HTTP, pull-based background processing, and Kafka Autoscaler, you can adjust consumer instances based on demand.

You dream it, Veo creates it: Veo 3 is now available for everyone in public preview on Vertex AI - Veo 3 text-to-video is now available for all Google Cloud customers in public preview on Vertex AI. Learn more about Veo 3 and try it on Vertex AI Media Studio today.

Google named a Strong Performer in The Forrester Wave for security analytics platforms - We are excited to announce that Google has been named a Strong Performer in The Forrester Wave™: Security Analytics Platforms, Q2 2025, in our first year of participation.

Introducing BigQuery ObjectRef: Supercharge your multimodal data and AI processing - The new ObjectRef data type helps to integrate unstructured data like images and audio into existing BigQuery tables.

Audit smarter: Introducing Google Cloud’s Recommended AI Controls framework - An improved approach to AI audits that is scalable and evidence-based: the Recommended AI Controls framework.

Run your own code at the edge with Service Extensions plugins for Cloud CDN - Running Service Extensions plugins with Cloud CDN allows you to run custom code directly in the request path in a fully managed Google environment.

Looker developers gain speed and accuracy with debut of Continuous Integration - Continuous Integration for Looker helps streamline code development workflows, boosts the end-user experience, and lets you deploy changes faster.

How Conversational Agents and Looker can boost contact center efficiency and enhance constituent services - Learn how Google's Conversational Agents and Looker work together to turn raw data into insights that boost contact center efficiency and constituent services.

---

As a trusted Google Cloud partner of over a decade, DoiT delivers the only intent-aware FinOps platform that goes beyond cost optimization to drive reliability, performance, and security.

Kubernetes optimization with full visibility

Continuously and autonomously optimize your Kubernetes environment for peak performance at the lowest possible cost, and correlate that spend with your wider business objectives.

Learn How

---

Articles, Tutorials

Infrastructure, Networking, Security, Kubernetes

Just say no: Build defense in depth with IAM Deny and Org Policies - IAM Deny and Org Policies provide a vital, scalable layer of security. Here’s how to use them to boost your IAM security.

Cloud WAN under the hood: A closer look at its differentiated networking capabilities - We designed Cloud WAN to make it easy for third-parties to deploy their network and security services on it with scale, performance, and resilience.

Using Platform Engineering to simplify the developer experience - part one - Learn how John Lewis transformed its e-commerce platform with Google Cloud, GKE, and a simplified developer platform engineering approach.

Using Platform Engineering to simplify the developer experience - part two - Learn how John Lewis transformed its e-commerce platform with Google Cloud, GKE, and a simplified developer platform engineering approach.

Trix Shots: Remote Code Execution on Aviatrix Controller - Red team case study detailing the discovery of two critical vulnerabilities in the Aviatrix Controller software.

GCP GKE Cost Management: A Practical Guide - This guide provides engineering teams with practical strategies for managing GKE costs, including understanding cost drivers, utilizing built-in GCP tools, and tuning autoscaling.

How I Automated 350+ GCP Project Label Updates in 15 Minutes (Down from 1 Month!) - A Terraform-powered solution that slashed a one-month manual task into a 15-minute pipeline.

Building Super Reliable GKE Clusters for Your Most Important Applications - This article provides advanced strategies for building highly available and fault-tolerant Google Kubernetes Engine (GKE) clusters. It covers network architecture, private clusters, node pool optimization, and application resilience techniques.

Streamlining Domain Redirects: Unlocking Efficiency with Istio - The article explains how to implement domain redirection using Istio's VirtualService configuration within a Google Kubernetes Engine environment, offering a solution to avoid the overhead of managing Nginx for redirection.

App Development, Serverless, Databases, DevOps

From nothing to production: Build, test, and deploy a full stack app with Cloud Build & Terraform - The article provides a comprehensive guide on building, testing, and deploying a full-stack application on Google Cloud using Cloud Build and Terraform. It details the process from project setup to automated infrastructure deployment, including CI/CD pipelines, security scanning, and environment-specific configurations.

PostgreSQL hygiene at Plum - Plum's Site Reliability Engineering team describes how it improved the performance and reduced costs of their Google CloudSQL PostgreSQL databases.

Building DR-Ready Applications on Google Cloud: Configuration & DNS Best Practices - Learn how to design disaster recovery-ready applications on Google Cloud by externalizing configurations, using DNS over IP.

QuickPerf: A Lightweight Load-Testing Tool for Spanner - How to get rapid performance insights and generate test data for individual queries and DML statements.

The GCP Bill Surprise: A Guide to Fixing Outdated Cloud SQL Databases - The message popped up on my screen. It came from a client, a knowledgeable entrepreneur who took great pride in his e-commerce business.

First steps with Gemini Code Assist agent mode - Start pair programming with Gemini.

A spanner-cli Contributor's Perspective on the Official Spanner CLI

Big Data, Analytics, ML&AI

Tools Make an Agent: From Zero to Assistant with ADK - This article explains how agents use tools to interact with the external world, including function tools, built-in tools, third-party API tools via LangChain, and MCP tools for accessing internal APIs and databases, streamlining the development process by enabling the creation of a QuantumRoast bug assistant agent.

How Schroders built its multi-agent financial analysis research assistant - For Schroders, a key objective was to automate routine data gathering for data analysts, allowing them to shift focus from data collection to higher-value strategic thinking.

The secret to document intelligence: Box builds Enhanced Extract Agents using Google’s Agent-2-Agent framework - Learn how Box AI's Enhanced Extract Agent, powered by Google's Gemini 2.5 models and Agent-2-Agent protocol, transforms unstructured data into actionable intelligence with high confidence scores.

How to fine-tune Gemini 2.5 using videos via Vertex AI - Gemini 2.5 is making it possible to fine-tune video outputs on Vertex AI. Read more to learn how to conduct truly effective tuning experiments using the Vertex AI tuning service.

How AI & IoT are helping detect hospital incidents — without compromising patient privacy - Healthcare innovator Hypros has developed an AI-assisted patient monitoring system that detects and alerts staff to in-hospital patient emergencies, like falls and delirium.

How to Update the Schema of an Incremental BigQuery Table - Learn how to add new fields to RECORD (STRUCT) columns in BigQuery table schemas without breaking your incremental data pipeline.

Why Adding a LIMIT to a SORT in BigQuery Improves Performance — And What It Teaches Us About Efficient Sorting - As a GCP trainer, I recently got a fascinating question:.

Source-Agnostic Data Ingestion with Singer and Meltano on GCP - Build a declarative ETL pipeline and load any data to BigQuery with an open source solution.

Unlock Insights Faster: Meet Your AI Assistant in BigQuery Data Canvas! - This post is a joint collaboration with Blessing Bamiduro (PM, DB & Analytics, Google Cloud).

How to build a custom user journey GA4 report in BigQuery - Learn how to build a custom user journey report in GA4 using BigQuery! Step-by-step guide to analyze customer paths, optimize conversions.

Authenticating On-Premise X.509 Workloads to GCP - This blog will demonstrate how an workload running in your on-prem datacenter can securely access Google Cloud through it’s X.509 identity.

Generating business metadata through crowdsourcing, documentation and technical metadata in Dataplex - Governance and curating metadata descriptions at scale is a cumbersome task, but there’s hope.

Part I - RoCEv2 for optimized GPU AI workloads on Google Cloud : (1) Why it matters? - The article discusses the importance of RDMA over Converged Ethernet v2 (RoCEv2) for optimizing GPU-based AI workloads on Google Cloud. RoCEv2 enables direct communication between GPUs, bypassing the CPU and reducing latency while increasing throughput, through specialized VPC configurations and VMs with ConnectX-7 NICs.

Gemini CLI Tutorial Series - This article introduces Gemini CLI, an open-source AI agent that brings the power of Gemini directly into the terminal.

Building a Multi-Agent Assistant with Gemini and the Agent Development Kit - A walkthrough of the “Tiny Tastes” app, which leverages multi-agent workflows with human-in-the-loop validation.

Talk to Your Docs: Building a Scalable RAG App on Google Cloud - Build a modular, secure, and scalable RAG system with Python, LangChain, and Google Cloud’s serverless stack.

Various

Partner growth with Google Cloud: A strategy for maximized and sustained earnings - New study outlines how Google Cloud partners can maximize earnings and unlock market potential by expanding services across the customer lifecycle, leveraging Google Cloud's AI and data strengths.

Slides, Videos, Audio

Kubernetes Podcast - #254 Kubernetes and Cloud Native Trends, with Alain Regnier and Camila Martins.

Security Podcast - #231 Beyond the Buzzword: Practical Detection as Code in the Enterprise.

Releases

Anthos clusters on VMware - Google Distributed Cloud (software only) for VMware 1.31.600-gke.85 is now available for download. The following issues were fixed in 1.31.600-gke.85: Fixed vulnerabilities listed in Vulnerability fixes.

Apigee Integrated Portal - On June 23, 2025 we released a new version of the Apigee integrated portal. This release adds the Export feature to the Apigee UI in the Cloud console.

Apigee UI - On June 25, 2025 we began redirecting the following Apigee Classic UI navigation items to Apigee UI in the Google Cloud console: Publish > API products Publish > Developers Publish > Apps Admin > Instances Admin > Data collectors Admin > Environments Admin > Endpoint attachments See Apigee UI in Cloud console navigation for a mapping of each Classic Apigee UI feature page to its location in the Apigee UI in Cloud console.

App Hub - App Hub supports resources from the following sources in Preview: Dataproc Metastore Service Vertex AI Dataset Vertex AI Featurestore Vertex AI MetadataStore Vertex AI Model.

Google Cloud Armor - Cloud Armor's Hierarchical security policies facilitate centralized control, enhanced consistency, operational efficiency, and effective delegation of security policy management in Preview. Cloud Armor supports organization-scoped address groups for security policies in Preview.

Artifact Registry - Artifact Registry generic repositories are now generally available.

BigQuery - You can now use the use the PARTITION BY clause of the CREATE VECTOR INDEX statement to partition TreeAH vector indexes. BigQuery search indexes provide free index management until your organization reaches the limit in a given region. You can now use the Apache Iceberg REST catalog in BigLake metastore to create interoperability between your query engines by allowing your open source engines to access Iceberg data in Cloud Storage. Colab Enterprise notebooks in BigQuery let you do the following in Preview: Explain code with Gemini assistance Fix and explain errors with Gemini assistance.

Bigable - You can use Data Boost to analyze your Bigtable data with BigQuery without impacting the performance of the clusters that handle your application traffic.

Billing - New fields added to Cloud Billing data exports to BigQuery. To prepare for expanding the spend-based committed use discounts (CUD)s program, we added new data fields to the schema for Cloud Billing standard and detailed data exports to BigQuery. New, enhanced forecasting model for increased accuracy in cost reports Cloud Billing forecasts now better account for seasonality trends, data irregularities, and missing data, using an enhanced forecasting model that leverages AI to factor in various scenarios, such as the following: Intelligent handling of transient effects caused by known business events - for example, a new workload migration causing a usage spike.

CDN - Cloud CDN lets you add custom code to the request processing path of global external Application Load Balancers by using Service Extensions edge extensions.

Chronicle - Premium Fortinet Firewall parser now available as Release Candidate This enhanced parser is available as a Release Candidate for the next 3 months. New parser documentation now available New parser documentation is available to help you ingest and normalize logs from the following sources: Collect BeyondTrust BeyondInsight logs Collect BloxOne Threat Defense logs Collect BlueCat Edge DNS Resolver logs Collect Cambium Networks logs Collect Check Point Audit logs Collect Check Point EDR logs Collect Check Point SmartDefense logs Collect Commvault logs Collect Comodo AV logs Collect Cylance PROTECT logs Collect Cyolo OT logs Collect Delinea PAM logs Collect Dell CyberSense logs Collect Dell EMC Data Domain logs Collect Dell EMC Isilon NAS logs Collect Dell EMC PowerStore logs Collect Dell OpenManage logs Collect Endpoint Protector DLP logs Collect ESET AV logs Collect ESET EDR logs Collect F5 AFM logs Collect F5 ASM logs Collect FileZilla FTP logs Collect Forescout NAC logs Collect ForgeRock OpenAM logs Collect HAProxy logs Collect Kaseya Datto File Protection logs Collect ManageEngine AD360 logs Collect Palo Alto Cortex XDR Events logs Collect Snowflake logs Collect Trellix DLP logs Collect Trellix ePO logs Collect Trend Micro DDI logs Collect Trend Micro Email Security logs Collect Trend Micro Vision One Activity logs Collect Trend Micro Vision One Audit logs Collect Trend Micro Vision One Container Vulnerability logs Collect Trend Micro Vision One Detections logs Collect Trend Micro Vision One Observed Attack Techniques logs Collect Trend Micro Vision One Workbench logs.

Chronicle SOAR - Release 6.3.51 is being rolled out to the first phase of regions as listed here. Bulk Playbook Duplication Behavior Updated When duplicating playbooks in bulk, the original selection is now preserved. Release 6.3.50 is now available for all regions.

Cloud Composer - A new Cloud Composer release has started on June 23, 2025. Improved the startup times of Airflow workers for environments that have a large number of custom PyPI packages installed. (Available without upgrading) Fixed an issue where deleting a Cloud Composer 2 environment could fail when the environment's cluster was in the process of creating a node pool. (Airflow 2.10.5) The apache-airflow-providers-cncf-kubernetes package was upgraded to version 10.5.0 from version 10.4.2. New Airflow builds are available in Cloud Composer 3: composer-3-airflow-2.10.5-build.7 (default) composer-3-airflow-2.9.3-build.27. New images are available in Cloud Composer 2: composer-2.13.5-airflow-2.10.5 (default) composer-2.13.5-airflow-2.9.3. Cloud Composer version 2.8.3 has reached its end of support period.

Compute Engine - Generally available: You can specify a custom ephemeral external IPv6 address when creating an instance.

Contact Center AI Platform - Web SDK version 3 We're pleased to announce that the web SDK v3 is now generally available (GA). Version 3.36 pre-release notes Here are the pre-release notes for version 3.36. Configure storage of Screen Share recordings You can now configure how long to store Screen Share recordings in your external storage settings. Restrict auto-assignment for email queues You can now configure email queues so that incoming emails are auto-assigned only during queue operating hours or to agents who are signed in. Salesforce: New closed record options for scheduled calls If you've integrated Google Cloud CCaaS with the Salesforce CRM, you can configure how your instance handles scheduled calls for closed records. The following issues were addressed in this release: Fixed an issue where calls weren't being assigned to the correct agent in Google Cloud CCaaS reporting.

Dataflow - Dataflow now supports an automated parallel update workflow for streaming jobs.

Datastream - Datastream now supports BigLake Iceberg tables as a destination both in the Google Cloud console and the Datastream API.

Cloud NGFW - You can create a secure tag at the organization level and bind it's value to all virtual machine (VM) instances across that organization, instead of applying tags to instances within a specific network.

Gemini - Agent mode is available in preview in Gemini Code Assist Standard and Enterprise Edition for VS Code. Multi file editing is available in preview in Gemini Code Assist Standard and Enterprise Edition chat agent mode. Full Project Context is available in preview in Gemini Code Assist Standard and Enterprise Edition chat agent mode.

Integration Connectors - You can use the following connectors that are now available in Google Cloud Marketplace to create connections and use them in Application Integration.

GKE new features - The C4D machine series is generally available in GKE.

Looker - Looker (Google Cloud core) only changes. The following feature is generally available for Looker reports: The Looker connector can now connect to a private IP (private services access) only Looker (Google Cloud core) instance or to a private IP (Private Service Connect) Looker (Google Cloud core) instance using the Looker instance ID.

Media CDN - Flexible shielding helps you overcome some limitations of default origin shielding by letting you configure a single, specific geographic region for origin shielding, typically selected to be near your centralized origin.

Cloud Interconnect - Interconnect connection groups and VLAN attachment groups are Generally available.

Network Connectivity Center - Static routes for Network Connectivity Center are available in public preview.

Cloud Run - Cloud Run worker pools are now available (Preview). A new region is now available for Cloud Run GPUs: us-east4.

Service Extensions - Edge extensions help you manipulate request headers early in the request processing lifecycle of Global external Application Load Balancers to influence caching and routing decisions.

Cloud Spanner - You can directly connect and interact with your Spanner database using the Spanner CLI, an interactive shell for Spanner that is built into the Google Cloud CLI.

Cloud Storage - The Cloud Storage Cloud Audit Logs have expanded support to include error scenario coverage and produce a more comprehensive error message with code, error messages, and details, in an easy to understand format.

Vertex AI - Gemma 3n models are now available through Model Garden. The Generative AI module in the Vertex AI SDK is deprecated.

Vertex AI Workbench - The M130 release of Vertex AI Workbench instances includes the following: Updated the Dataproc JupyterLab plugin to version 0.1.87.

Virtual Private Cloud - Private Service Connect service connectivity automation periodically retries endpoint create or delete operations that fail due to errors.