Google Cloud Platform Newsletter

Check Archive for older issues

News

New Cluster Director features: Simplified GUI, managed Slurm, advanced observability - Cluster Director automates AI and HPC cluster setup with Google Cloud compute and networking, into a performant, and easy to manage environment.

Announcing the new Google Developer Program forums - Join the new Google Developer Program forums for collaborative building, expert discussions, and community support with Google technologies.

Chrome brings seamless work and personal switching to iOS and enhanced enterprise protections to mobile - Discover how Chrome Enterprise is enhancing security for organizations by bringing enterprise-level Browse protections to iOS. Support your BYOD model by enabling employees to securely switch between work and personal accounts on iPhones and iPads, ensuring data separation and a managed environment.

The Future is Collaborative: ChromeOS Customer Community - Join the new global ChromeOS Customer Community! An open platform for IT admins, professionals, and business leaders to connect, collaborate, and share insights.

Graduating the inaugural Google for Startups Accelerator: AI First cohort in the UK - The Google for Startups Accelerator: AI First UK has celebrated the graduation of its latest cohort of AI startups. Learn more about the graduating startups and their inspiring work.

Your guide to Google Cloud Security at Black Hat USA 2025 - We're excited to bring our commitment to cybersecurity innovation and simplification to Black Hat USA 2025. Here’s where to find us, and what we’ll be talking about.

Articles, Tutorials

Infrastructure, Networking, Security, Kubernetes

Celebrating 10 years of GKE: Incredible customer journeys, amazing AI futures - The 10 years of GKE ebook explores how customers are building global businesses on the Google Kubernetes Engine managed platform.

How SUSE and Google Cloud collaborate on Confidential Computing - Secure sensitive data on Google Cloud using SUSE Linux Enterprise Server (SLES) and Confidential VMs with AMD SEV, AMD SEV-SNP, and Intel TDX.

Beyond Convenience: Exposing the Risks of VMware vSphere Active Directory Integration - We explore the critical risks of integrating VMware vSphere with Active Directory, especially as it relates to ransomware.

From Help Desk to Hypervisor: Defending Your VMware vSphere Estate from UNC3944 - The anatomy of UNC3944's vSphere-centric attacks, and a fortified, multi-pillar defense strategy required for mitigation.

Innovate with Confidential Computing: Attestation, Live Migration on Google Cloud - Confidential Computing has evolved rapidly since we first made it available. See what’s new with two key pillars: robust attestation and live migration.

Securing Your Internal Tools: Implementing Identity-Aware Proxy (IAP) for GKE Resources with CDKTF (IaC) - The article discusses how to implement Google's Identity-Aware Proxy (IAP) for securing internal tools and dashboards running on GKE using Cloud Development Kit for Terraform (CDKTF).

How IndiaMART uses Google Armor for AI-Driven Defence - Legacy Defences are a thing of the past. Enter AI-based Cloud-Native protection for Threat Mitigation and Global Edge Enforcement.

How to enable Secure Boot for your AI workloads - How to use Secure Boot for your GPU-accelerated machines on Google Cloud.

App Development, Serverless, Databases, DevOps

Structured GCP logging in Rust - The article discusses how to implement structured logging for Google Cloud Platform in Rust using the `tracing` and `tracing-subscriber` crates.

Upload Documents to Firebase Firestore using Web API - A Step-by-Step Guide to Adding Documents to Firestore.

The Serverless Metamorphosis: Managed Kafka and Cloud Run Worker Pools - Get Kafka’s power without the pain. Build a serverless streaming pipeline with Managed Kafka & Cloud Run Worker pools on Google Cloud.

Securing Cloud Run to PSC Enabled Cloud SQL Connectivity with the Auth Proxy Sidecar - Introduction.

Your Database Just Learned to Speak English: The AI Revolution Inside AlloyDB AI - AlloyDB is revolutionizing data interaction by embedding generative AI, enabling users to ask questions in natural language instead of complex SQL queries. This shift democratizes data access, allowing non-technical users to easily retrieve insights and analyze information, marking a significant change in the data landscape.

Unleash new AI capabilities for Flutter in Firebase Studio - The article discusses the new AI-powered features for Flutter development in Firebase Studio, including an upgraded AI-optimized Flutter template with autonomous Agent mode and AI rules defined in an `airules.md` file.

Big Data, Analytics, ML&AI

Optimizing GCP Dataproc to Reduce Resource Waste and Lower Costs - An organization optimized their GCP Dataproc cluster by tuning Spark configurations (executor cores, memory, and instances) and autoscaling settings, which drastically improved CPU and RAM utilization.

Your guide to taking an open model from discovery to a production-ready endpoint on Vertex AI - Your new go-to guide for taking open models from discovery to production-ready endpoints on Vertex AI.

The Dataproc advantage: Advanced Spark features that will transform your analytics and AI - Dataproc improvements around open lakehouses, AI/ML, storage integration and security help to supercharge Spark deployments.

BigQuery Advanced Runtime: Testing Performance Part 2 - The article analyzes the performance impact of clustering in BigQuery's Advanced Runtime. Findings show that clustering significantly improves performance for selective queries by reducing I/O, although some queries may experience degraded performance due to query optimizer issues.

Optimize Ad Verification Logging with Google Cloud BigQuery: How We Achieved Success - DoubleVerify migrated its ad verification logging from a legacy on-premise OLAP system to Google Cloud BigQuery to handle increasing data volumes and enable advanced analytics.

Automating BigQuery Spark Stored Procedures with dbt - This guide shows how to introduce serverless BigQuery Spark stored procedures into your existing dbt project by leveraging dbt macros.

How to set hard limits on BigQuery costs with custom quota - A practical guide to managing BigQuery costs and setting the right quotas for your project.

Calculating Each Query Job Cost + Storage Cost in BigQuery - This article provides a step-by-step guide to calculating and monitoring BigQuery costs using INFORMATION_SCHEMA views.

25+ top gen AI how-to guides for enterprise - Check out 25 how-to guides from Google Cloud for enterprise use cases, from building agents to key integrations.

Unlock your journey with Gemini CLI: A list of resources - A comprehensive list of resources for developers to learn and utilize Gemini CLI, Google's command-line interface for interacting with Gemini models.

It’s a Bird, It’s a Plane, It’s… One Tool with Many Powers! - Simplify Your Agent Tools with Optional Parameters.

Various

Exploring the Evolution of Google’s Community Forum: A Comparison of Old and New features - The article compares the existing Google Cloud Community forum with the envisioned Google Developer Program forums, highlighting key differences across 12 areas.

Slides, Videos, Audio

Kubernetes Podcast - #256 Platform Engineering, GitOps and AI with Pierre-Gilles Mialon and Glen Yu.

Security Podcast - #235 The Autonomous Frontier: Governing AI Agents from Code to Courtroom.

Releases

Anthos clusters on VMware - Google Distributed Cloud (software only) for VMware 1.31.700-gke.72 is now available for download. The following issues were fixed in 1.31.700-gke.72: Fixed vulnerabilities listed in Vulnerability fixes. Google Distributed Cloud (software only) for VMware 1.30.1100-gke.67 is now available for download. The following issues were fixed in 1.30.1100-gke.67: Fixed vulnerabilities listed in Vulnerability fixes.

API Gateway - On July 23, 2025, we released an updated version of API Gateway. Deprecation of Transport Layer Security (TLS) v1.0 and v1.1 protocols API Gateway now enforces TLS v1.2+.

Apigee API Hub - API hub provisioning now enables Apigee API When you provision API hub, it now enables the Apigee API (apigee.googleapis.com) in your Google Cloud project. API hub deprovisioning changes Deprovisioning an API hub instance now also deletes any associated Apigee organizations from your Google Cloud project, provided those Apigee organizations have no Apigee instances.

Apigee Integrated Portal - On July 24, 2025 we began redirecting the following Apigee Classic UI navigation items to Apigee UI in the Google Cloud console: Publish > Portals See Apigee UI in Cloud console navigation for a mapping of each Classic Apigee UI feature page to its location in the Apigee UI in Cloud console.

Apigee UI - On July 24, 2025 we began redirecting the following Apigee Classic UI navigation items to Apigee UI in the Google Cloud console: Publish > Portals See Apigee UI in Cloud console navigation for a mapping of each Classic Apigee UI feature page to its location in the Apigee UI in Cloud console.

Cloud Architecture Center - (New guide) Secure apps and resources by using context-aware access: Describes how you can use context-aware access to secure different types of apps and resources. (New guide) Best practices for securing apps and resources by using context-aware access: Describes best practices for using context-aware access to secure apps and resources.

Google Cloud Armor - Cloud Armor supports internal service security policies for the service mesh to enforce global server-side rate limiting per client in Preview.

Assured Workloads Access Transparency - Access Transparency supports BigQuery data preparation in the GA stage.

Batch - Pub/Sub might not send notifications for all intermediate states when a job or task changes very quickly.

BigQuery - You can now use the VECTOR_INDEX.STATISTICS function to calculate how much an indexed table's data has drifted between when a vector index was created and the present. Access Transparency supports BigQuery data preparation in the GA stage. The CREATE EXTERNAL TABLE and LOAD DATA statements now support the following options in Preview: null_markers: define the strings that represent NULL values in CSV files. You can now use the MATCH_RECOGNIZE clause in your SQL queries to filter and aggregate matches across rows in a table. You can now use the DISTINCT pipe operator to select distinct rows from a table in your pipe syntax queries.

Chronicle - Silent Host Monitoring New configuration options are now available for Silent Host Monitoring. New parser documentation now available New parser documentation is available to help you ingest and normalize logs from the following sources: Collect Apache Tomcat logs Collect Appian Cloud logs Collect Archer IRM logs Collect ArcSight CEF logs Collect Area 1 logs Collect Aruba EdgeConnect SD-WAN logs Collect Atlassian Cloud Admin Audit logs Collect Avatier logs Collect Avigilon Access Control Manager logs Collect AWS CloudTrail logs Collect Barracuda CloudGen Firewall logs Collect Barracuda Web Filter logs Collect Broadcom CA PAM logs Collect Broadcom SSL VA logs Collect Cato Networks logs Collect Check Point Harmony logs Collect CipherTrust Manager logs Collect Cisco VCS logs Collect Cisco VPN logs Collect Cisco WSA logs Collect CyberArk Privilege Cloud logs Collect Digi Modems logs Collect F5 DNS logs Collect F5 VPN logs Collect Forcepoint CASB logs Collect HPE BladeSystem c7000 logs Collect Skyhigh Security logs Collect Trellix IPS logs.

Chronicle Security Operations - Automate tasks with Playbook Loops This feature is in Preview. Playbook Simulator enhancements for loops The Playbook Simulator now supports visualization and debugging of playbooks that contain loops. Silent Host Monitoring New configuration options are now available for Silent Host Monitoring. New parser documentation now available New parser documentation is available to help you ingest and normalize logs from the following sources: Collect Apache Tomcat logs Collect Appian Cloud logs Collect Archer IRM logs Collect ArcSight CEF logs Collect Area 1 logs Collect Aruba EdgeConnect SD-WAN logs Collect Atlassian Cloud Admin Audit logs Collect Avatier logs Collect Avigilon Access Control Manager logs Collect AWS CloudTrail logs Collect Barracuda CloudGen Firewall logs Collect Barracuda Web Filter logs Collect Broadcom CA PAM logs Collect Broadcom SSL VA logs Collect Cato Networks logs Collect Check Point Harmony logs Collect CipherTrust Manager logs Collect Cisco VCS logs Collect Cisco VPN logs Collect Cisco WSA logs Collect CyberArk Privilege Cloud logs Collect Digi Modems logs Collect F5 DNS logs Collect F5 VPN logs Collect Forcepoint CASB logs Collect HPE BladeSystem c7000 logs Collect Skyhigh Security logs Collect Trellix IPS logs.

Chronicle SOAR - Release 6.3.55 is being rolled out to the first phase of regions, as outlined in our Google SecOps release plan. Automate tasks with Playbook Loops This feature is in Preview. Playbook Simulator enhancements for loops The Playbook Simulator now supports visualization and debugging of playbooks that contain loops. Release 6.3.54 is now available for all regions.

Cloud Composer - Web server restarting is is now generally available (GA) in Cloud Composer 2 and Cloud Composer 3. If your environment uses dag-factory package version 0.22, then you might experience DAG failures in Cloud Composer versions that have apache-airflow-providers-cncf-kubernetes package version 10.4.2 or later.

Compute Engine - Hyperdisk Extreme is available in all regions and zones. You can now resize Hyperdisk Balanced volumes twice within a 4-hour window. Generally available: The general-purpose C4 machine series now supports Hyperdisk Balanced High Availability. When a regional Persistent Disk volume is fully replicated, Compute Engine now refreshes its replica recovery checkpoint every 15 minutes. Preview: Multi-writer support for Hyperdisk Extreme disks. Generally available: The general-purpose C4D machine series offers the following bare metal machine types: c4d-standard-384-metal c4d-highcpu-384-metal c4d-highmem-384-metal This is the first machine series to offer AMD-based bare metal instances.

Contact Center AI Platform - Mobile SDK patch 2.13.1 is released This patch fixes an issue where the Android SDK didn't support deep linking in the customizable link format.

Data Fusion - The Cloud Data Fusion version 6.10.1.5 patch revision is generally available (GA).

Document AI - Custom extractor model pretrained-foundation-model-v1.5-pro-2025-06-20 powered by Gemini 2.5 Pro is in Public Preview.

Cloud NGFW - You can create a Remote Direct Memory Access (RDMA) over converged ethernet (RoCE) Virtual Private Cloud (VPC) network and configure firewall rules that apply to the network.

Gemini - Stop in-progress chat responses with IntelliJ IntelliJ Gemini Code Assist 1.22.1 You can stop chat responses with IntelliJ Gemini Code Assist 1.22.1. Thinking tokens You'll see thinking insights into Gemini's thought process before IntelliJ Gemini Code Assist produces a response, to show you that Gemini is actively working on your request.

IAM - You can ask Gemini for predefined role suggestions using the IAM role picker in the Google Cloud Console.

GKE new features - In GKE version 1.33.2-gke.1111000 and later, you can use compute classes to set Kubernetes labels on all nodes that are created for that compute class.

Looker - The Code Interpreter in Conversational Analytics is available in Preview for Looker (original) and Looker (Google Cloud core) instances. Looker (Google Cloud core) and Looker (original) changes. Looker 25.12 is expected to include the following changes, features, and fixes: Expected Looker (original) deployment start: Monday, July 28, 2025 Expected Looker (original) final deployment and download available: Thursday, August 7, 2025 Expected Looker (Google Cloud core) deployment start: Monday, July 28, 2025 Expected Looker (Google Cloud core) final deployment: Wednesday, July 30, 2025. Because of security concerns, text tiles no longer support the form and input Markdown elements. The Oracle JDBC driver has been updated to version 19.25. For faster response time for queries in BigQuery, Looker will execute BigQuery queries by using jobCreationMode=JOB_CREATION_OPTIONAL. The Query Concurrency System Activity Explore is now available. Looker 25.12 contains the following accessibility improvements: Improved contrast for exit buttons on dialogs Improved contrast for checkbox borders. An issue has been fixed where pull requests could display a different user than the pull request's owner. An issue has been fixed where the System Activity Query Metrics Explore was not reliably populating with data. An issue has been fixed where API users could view a list of users on a Looker instance, even if they didn't have the see_users permission. An issue has been fixed where the response headers from some API calls were not set by Looker. An issue has been fixed where exploring from a dashboard tile while editing a dashboard could result in a permissions error, even if the user had permission to view the Explore. An issue has been fixed where the row limit in an Explore could display a blank field when the row limit was set to 5,000. An issue has been fixed where some users were unable to create or edit BigQuery OAuth connections. An issue has been fixed where SQL Runner would display a blank page if a user changed the visualization type after pivoting on a dimension. An issue has been fixed where some queries to the internal database were unoptimized, affecting instance performance. An issue has been fixed where a visualization template could fail to be displayed in the list of templates if the name contained certain unicode characters. An issue has been fixed where invalid query killing statements could cause unnecessarily verbose log outputs. An issue has been fixed where API users without the explore permission could access visualization templates. An issue has been fixed where Looker could return a 500 error while retrieving dashboard details if the details contained non-UTF-8 characters. An issue has been fixed where forecasting didn't work properly on fields that were based on JSON data. An issue has been fixed where Looker didn't properly sanitize slash characters in git references that were used for remote dependencies. An issue has been fixed where fields could be sorted differently when a visualization was downloaded or scheduled as a PNG. An issue has been fixed where the all_connections API call could ignore the fields parameter. An issue has been fixed where a map visualization would display drill links for fields that were hidden from the visualization. An issue has been fixed where some System Activity tables were missing the element_id field. An issue has been fixed where subtotals could be incorrectly formatted in PDF downloads when an HTML parameter was defined on the field and the "Expand tables to show all rows" option was enabled. The Looker IDE now checks for subparameters in local and remote dependencies and displays a more informative error if the subparameters are missing. An issue has been fixed where editing a merged query in an embedded session would open in a new tab. An issue has been fixed where Looker could generate duplicate SQL table references if a PDT referenced a table directly as well as through a join. An issue has been fixed where some PDT regeneration events were not tracked in System Activity. When an Explore is saved as a new dashboard, Looker will create advanced filter type dashboard filters, rather than drop-down type dashboard filters, for number type parameters. Looker (Google Cloud core) only changes. An issue has been fixed where SAML authentication could fail for a Looker (Google Cloud core) instance. An issue has been fixed where the Looker Marketplace toggle was not being displayed in Looker core instances for users who were granted Admin permissions with an IAM role. Looker (original) only changes. An issue has been fixed where installing multiple drivers for the same database type on a customer-hosted instance could cause Looker to display an error.

Cloud Monitoring - You can now monitor and understand the costs and utilization of resources in your Google Cloud project or App Hub application by using the Cost Explorer.

NetApp - Google Cloud NetApp Volumes now supports cross-project cross-region replication for Standard, Premium, and Extreme service levels. Google Cloud NetApp Volumes now supports volume backups for large capacity volumes.

Security Command Center - For the Enterprise service tier, Security Command Center offers data residency support in the European Union, Saudi Arabia, and United States. The Setup guide in Security Command Center Enterprise, used to monitor the activation progress and configure services, is now in General Availability. The Impair Defenses: Two Step Verification Disabled finding type of Event Threat Detection was renamed to Persistence: Two Step Verification Disabled. The Aggregations panel on the Findings page in Security Command Center Enterprise has been enhanced and is now called Quick Filters.

Service Extensions - To upload your Wasm plugin code to Artifact Registry, you can use generic format repositories, in addition to Docker repositories.

Service Mesh - Managed Cloud Service Mesh. Advanced load balancing for managed Cloud Service Mesh (TD) now generally available (GA). Managed Cloud Service Mesh. Managed Cloud Service Mesh will start using proxy version csm_mesh_proxy.20250623b_RC00 for Gateway API on GKE clusters.

VPC Service Controls - Preview stage support for the following integration: License Manager.

Workload Manager - You can set up the Agent for Compute Workloads to collect metrics of your Oracle workloads running on Google Compute Engine instances.