Google Cloud Platform Newsletter

Check Archive for older issues

News

Building next-gen visuals with Gemini 2.5 Flash Image on Vertex AI - Gemini 2.5 Flash Image is State of the Art (SOTA) for both generation and image editing. Developers and enterprises can access Gemini 2.5 Flash Image in preview today on Vertex AI.

Announcing general availability of Firestore with MongoDB compatibility - Firestore with MongoDB compatibility is now Generally Available, to serve the most demanding enterprise document database workloads.

Google Cloud’s open ecosystem for Apache Iceberg - In partnership with Confluent, Databricks, dbt, Fivetran, Informatica and Snowflake, using Apache Iceberg can help dismantle traditional data silos.

Run Gemini anywhere, including on-premises, with Google Distributed Cloud - With Gemini on GDC, you can now leverage Google AI anywhere, while still controlling your sensitive data.

From clicks to clusters: Expanding Confidential Computing with Intel TDX - New updates to our Confidential Computing Intel TDX-based offerings include GKE nodes, Confidential Space and GPU, and support for more regions and zones.

Chat with your data from anywhere: Announcing Google’s Conversational Analytics API - The Conversational Analytics API lets you build custom data experiences that provide data, chart, and text answers using Looker's semantic model.

Happy birthday, GKE! Let's celebrate with new features and better pricing - 10 years since we launched Google Kubernetes Engine (GKE), we’re introducing a single paid tier that has new functionality.

Simplify complex eventing at Scale with Eventarc Advanced - Eventarc Advanced is a simple, unified messaging platform that can intelligently filter, transform, and centrally govern the flow of information to build event-driven architectures.

Defense Logistics Agency selects Google Public Sector to modernize global supply chain operations – the agency’s first AI-ready commercial cloud partnership - Google Public Sector announces a $48M contract with the DLA to modernize its global supply chain operations, the agency's first AI-ready commercial cloud partnership.

Google named a Leader in IDC MarketScape: Worldwide Incident Response 2025 Vendor Assessment - Mandiant, a core part of Google Cloud Security, can empower organizations to navigate critical moments, prepare for future threats, build confidence, and advance their cyber defense programs.

Enhancing BigQuery geospatial with Earth Engine raster analytics and map visualization - BigQuery now integrates Earth Engine for geospatial analytics, making it easy to join structured data with satellite imagery and visualize insights.

Articles, Tutorials

Infrastructure, Networking, Security, Kubernetes

Cloud CISO Perspectives: How CISOs and boards can help fight cyber-enabled fraud - Cyber-enabled fraud is a serious and growing threat to an organization’s financial health, brand reputation, and core mission. Here’s how CISOs and boards can help stop it.

GKE under the hood: Container-optimized compute delivers fast autoscaling for Autopilot - Take a deeper look at autoscaling in GKE Autopilot, and how to start using the new container-optimized compute platform for your workloads today.

Five ways Skopeo can simplify your Google Cloud container workflow - Simplify Google Cloud container workflows with Skopeo. Learn 5 key ways this daemonless CLI tool enhances Artifact Registry management, image migration, CI/CD integration, and security for efficient, automated container image handling.

Widespread Data Theft Targets Salesforce Instances via Salesloft Drift - UNC6395 stole data from Salesforce instances by exploiting compromised OAuth tokens from the Salesloft Drift app.

Deception in Depth: PRC-Nexus Espionage Campaign Hijacks Web Traffic to Target Diplomats - A social engineering campaign leveraging signed malware, evasive tactics, and captive portal hijacking.

A Tale of GKE, GCP, and Product Catalogue Search - SRC Innovations leverages Google Cloud Platform (GCP) and Google Kubernetes Engine (GKE) for its SaaS product catalog search engine, citing seamless integration and flexibility. They utilize Config Connector for declarative GCP resource management within Kubernetes and appreciate Google's AI services, particularly Gemini and AI Studio, for their developer-friendliness.

GitOps Infrastructure as Code: Managing Kubernetes Infrastructure with Crossplane and Argo CD - How I built a fully automated GitOps pipeline for infrastructure management using Crossplane, Argo CD, and the App-of-Apps pattern.

Setting up environments on Google Cloud with Terraform - The article provides a step-by-step guide to setting up development and production environments on Google Cloud using Terraform. It emphasizes modular design, infrastructure as code principles, and separation of concerns for scalability, maintainability, and security.

Introduction to NCC: What it is and Why You Need It - Google Cloud's Network Connectivity Center (NCC) simplifies global enterprise network connectivity through a centralized hub-and-spoke model.

App Development, Serverless, Databases, DevOps

Unleash Your Business Potential: The Total Economic Impact of ChromeOS - Discover how ChromeOS helps businesses boost employee productivity and enhance security while significantly cutting IT costs. Learn how the cloud-first OS lowers the total cost of ownership for your organization's devices.

Storage Insights datasets: How to optimize storage spend with deep visibility - Use Storage Insights datasets and Gemini Cloud Assist to identify which data buckets to relocate and perform large-scale batch operations.

Data synchronisation from PostgreSQL to BigQuery (part 2) - A custom data synchronization service from PostgreSQL to BigQuery due to concerns about vendor lock-in, data sovereignty, and the need for flexibility in target systems.

Automating AlloyDB Operations - AlloyDB, like other cloud services, offers a management API that enables task automation. The article explains how to automate AlloyDB operations using the API, focusing on key resources like clusters and instances, and demonstrates using Go and REST API and Cloud Functions to manage these resources.

CI/CD Workflow — Part 1: for managing infrastructure using Cloud Build - This article explains how to automate infrastructure management using Google Cloud Build and Terraform. It walks through setting up a CI/CD pipeline to automate Terraform operations, including initializing, planning, and applying changes.

Big Data, Analytics, ML&AI

A new way to use Earth Engine: Raster analytics and map visualization in BigQuery - Google announces the General Availability of Earth Engine in BigQuery, enhancing geospatial analysis with expanded regional deployment and improved metadata visibility.

BigQuery data quality: Automating duplicate record tests in SQL - A guide on how you can automatically detect duplicate records and improve your data quality with a few lines of SQL code.

Adventures in Aggregate Awareness (and Level-Specific Measures) with Looker - The article discusses Looker's aggregate awareness feature, which optimizes query performance by automatically using pre-aggregated summary tables. It explores how to enable this feature, including defining aggregate tables and using incremental refresh.

Now available: Direct Importing from BigQuery to Vector Search - The new BigQuery import feature for Vertex AI Vector Search, now in Public Preview, simplifies data loading by allowing direct import from BigQuery tables, eliminating the need for manual ETL processes.

How I Built a Recipe Parser That Actually Works Using Google’s LangExtract - The author describes building a recipe parser using Google's LangExtract library, which leverages LLMs to extract structured data from unstructured text.

Using Google’s AI Hypercomputer - Fine Tuning Gemma 3 using MaxText and XPK.

vLLM Performance Tuning: The Ultimate Guide to xPU Inference Configuration - Optimize vLLM serving for LLMs on GPUs and TPUs. This guide details selecting accelerators, configuring vLLM, and benchmarking for the best cost-performance ratio for your specific use case.

Building a Multi-Agent Travel Agency with MCP Toolbox for Databases - Automating Travel Planning with Intelligent Agents and Database Integration.

Guided Implementation of Agent Development Kit (ADK) with the Rickbot Multi-Personality Application - A detailed walkthrough of creating the Rickbot ADK agent code itself, and some tips for how we can help Gemini CLI be more effective.

An Open Book: Evaluating AI Agents with ADK - The article discusses how to evaluate AI agents, which are non-deterministic, using the Agent Development Kit (ADK). It explains how to test an agent's behavior on a sliding scale by defining test cases with expected results and comparing the agent's actual output against those expectations.

From Generalist to Specialist: Fine-Tuning Gemini for Terraform Scans & Phishing Detection - How customizing models for specific security use cases leads to superior accuracy and reliability.

Various

Google for Startups Accelerator: AI First – Meet the 2025 Brazilian cohort - We are proud to announce 11 Brazilian startups that will participate in the AI First program. This group of entrepreneurs showcase innovative solutions that apply AI to solve challenges in diverse industries.

Slides, Videos, Audio

GCP Bytes Podcast - #24 In this episode we discuss; Terraform framework plugin, Google I/O Connect China, GCP Docs, Okinawa, Tarrifs, Gen AI Academy, Broadcomm Back On Prem, $55m Fine Optus & Telstra, Meta $10 Billion Deal, Power usage and AI, iiNet Brech, Exetel Vulnerability, Paypal Breached, eSIMS and China, Gemini temporary chats, Gartner Magic Quadrant, Oracle selling gemini, AI trying to escape.

Kubernetes Podcast - #259 Kubernetes 1.34 Of Wind & Will, With Vyom Yadav.

Security Podcast - #240 Cyber Resiliency for the Rest of Us: Making it Happen on a Real-World Budget.

Releases

Load Balancing - The internal and external passthrough Network Load Balancers now support load balancing to unmanaged instance groups comprised of IPv6-only VM instances.

Memorystore for Redis Cluster - You can now simulate maintenance events on your clusters in Memorystore for Redis Cluster. You can now use Cloud Logging to query and view maintenance logs for a cluster in Memorystore for Redis Cluster.

Memorystore for Memcached - You can now use Cloud Logging to query and view maintenance logs for a Memorystore for Memcached instance.

Cloud Memorystore - You can now use Cloud Logging to query and view maintenance logs for a Memorystore for Redis instance.

Cloud Monitoring - Your Application Monitoring dashboards will display latency, error rates, and traffic level for workloads deployed on Google Kubernetes Engine, when you instrument your application with OpenTelemetry.

Cloud NAT - Cloud NAT gateways for Public NAT support IPv6 to IPv4 network address translation in General Availability.

NetApp - Google Cloud NetApp Volumes now supports the external replication feature in allow-listed General Availability (GA) for Standard, Premium, and Extreme service levels.

Network Connectivity Center - Static routes for Network Connectivity Center are available in GA. IPv4 and IPv6 address range filtering for VPC spokes is available in GA.

Resource Manager - Certain Organization Policy managed constraints that were released on August 21, 2025 were not functioning as intended.

Security Command Center - Compliance Manager (available in Preview) now lets you remove resources from deployed frameworks.

Sensitive Data Protection - The August 25 release note announcing the release of the DOCUMENT_TYPE/FINANCE/INVOICE and DOCUMENT_TYPE/MEDICAL/RECORD infoType detectors was published in error. The DOCUMENT_TYPE/FINANCE/INVOICE and DOCUMENT_TYPE/MEDICAL/RECORD infoType detectors are available in global and the asia, europe, and us multi-regions.

Cloud Spanner - You can now terminate multiple active queries in your Spanner instance.

Cloud SQL SQL Server - Max degree of parallelism (MAXDOP) is a Microsoft database flag available for use in Cloud SQL for SQL Server.

Cloud Storage - Beginning October 31, 2025, if you set an object's age condition to a value of 0 when setting Object Lifecycle Management rules, the condition is satisfied at midnight UTC after the object is created, which helps reduce unintended data loss.

Cloud Text-to-Speech - Chirp 3: HD voices is available on the europe-west2 endpoint. Chirp 3: instant custom voice supports the Chirp 3: HD voice controls for pace control, pause control, and custom pronunciations.

Cloud Trace - You can now create and manage the trace scope programmatically.

Vertex AI Workbench - The M132 release of Vertex AI Workbench instances includes the following: The new scheduler Jupyter plugin (scheduler-jupyter-plugin) is now preinstalled in the Jupyterlab 4 environment, with support for both the Cloud Composer and Vertex AI notebook schedulers.

VMware Engine - VMware Engine ve2 nodes are now available in the London, England, Europe region (europe-west2-a).

Virtual Private Cloud - IPv6-only subnets and instances are available in General Availability. VPC Flow Logs supports logging for RDMA flows over Converged Ethernet, such as GPU-to-GPU flows from A3 Ultra, A4, and A4X VMs.

Anthos clusters on VMware - Google Distributed Cloud (software only) for VMware 1.32.400-gke.68 is now available for download. The following issues were fixed in 1.32.400-gke.68: Fixed vulnerabilities listed in Vulnerability fixes.

Apigee Integrated Portal - On August 25, 2025 we released a new version of the Apigee integrated portal.

Apigee UI - On August 26, 2025, we released an updated version of the Apigee UI. Debug view settings are now retained when switching between transactions When switching between transactions in the debug view the following view settings are now retained: The state of the expand all toggle The zoom level of the graph The positioning of the viewport in the graph (best effort). Added Display name column to Apps table Added a column to the Apps table to show the App display name separate from the App name.

Apigee Advanced API Security - On August 25, 2025 we released an updated version of Advanced API Security Note: Rollouts of this release to production instances will begin within two business days and may take four or more business days to complete across all Google Cloud zones. Additional details and explanations for incidents and traffic identified as anomalous in Abuse Detection Advanced Anomaly Detection Starting with this release, additional details are available for anomalies detected in incidents and detected traffic, including details on why traffic was flagged as anomalous, the days and times it triggered, time series charts showing anomalous traffic spikes, and direct links to the Google Cloud Logging for events.

App Hub - App Hub supports resources from the following sources in Preview: Vertex AI Pipeline job Custom job Hyperparameter tuning job Index Index endpoint NAS job Model deployment monitoring job Compute Engine Autoscaler Commitment Disk Regional disk Instance template Regional instance template License Node group Image Resource policy Reservation Node template Router Snapshot Route Subnetwork Global public delegated prefix Public delegated prefix Dataflow Job Datastream Stream Cloud DNS Managed zone Policy.

Artifact Registry - The Container Analysis API now supports the option of returning partial results during region-down failure conditions when listing notes, listing occurrences, or generating vulnerability summaries.

BigQuery - For additional layers of security and control, you can now use query templates to predefine and limit the queries that can be run in data clean rooms. You can deduplicate table data with Gemini assistance in your BigQuery data preparations. You can use the ST_REGIONSTATS geography function to combine raster data using Earth Engine with your vector data stored in BigQuery. You can now use data insights to have Gemini generate table and column descriptions from table metadata. A weekly digest of client library updates from across the Cloud SDK.

Bigtable - Bigtable tools are available in Agent Development Kit (ADK).

Capacity Planner - Capacity Planner is available in Preview!. Reference documentation has been added for the REST Capacity Planner API. Preview: You can use capacity requests to request a large number of resources for a future date and time, and across multiple regions or zones.

Chronicle - Composite detections for MITRE ATT&CK The Curated Detections feature has been enhanced with new composite rules that define chains of MITRE ATT&CK tactics and techniques. Google SecOps has updated the list of supported default parsers.

Chronicle Security Operations - Composite detections for MITRE ATT&CK The Curated Detections feature has been enhanced with new composite rules that define chains of MITRE ATT&CK tactics and techniques. Google SecOps has updated the list of supported default parsers.

Chronicle SOAR - Release 6.3.60 is being rolled out to the first phase of regions as listed here. Release 6.3.59 is now available for all regions.

Compute Engine - Generally available: M4 memory-optimized hypermem VMs are now generally available. Generally available: You can create instances that use only IPv6 IP addresses.

Contact Center AI Platform - Mobile SDK 2.14 pre-release notes Here are the pre-release notes for Mobile SDK 2.14. Fixed an issue where the Android SDK wouldn't minimize when an end-user clicked a deep link. Portal version 3.39 pre-release notes Here are the pre-release notes for portal version 3.39. Destination queue name and session history is available in the agent adapter The agent adapter now displays the destination queue during transfers and deflections for IVR calls. Improved controls over the ordering of key-value pairs in the agent adapter and CRM records Google Cloud CCaaS has improved controls over the ordering of the key-value pairs that appear in the agent adapter and in CRM records. Virtual agents for the SMS channel Virtual agents are now available for the SMS channel. Search in the email channel Agents can now search for emails in the agent adapter by keyword, session ID, or subject. Cancel scheduled calls with the callback calls API You can now use the callback calls API to cancel a single scheduled callback call or a list of calls. The following issues were addressed in this release: Fixed an issue where incoming chats took precedence over the in-progress chat.

Data Fusion - Cloud Data Fusion version 6.11.1 is generally available (GA). Changes in Cloud Data Fusion 6.11.1: The Java runtime environment is upgraded from Java 8 to Java 11 (CDAP-21184). Fixed in Cloud Data Fusion 6.11.1: To prevent storage issues on static Dataproc clusters, temporary pipeline data is automatically deleted after a successful run (CDAP-21076). Dataproc 2.0 is no longer supported in Cloud Data Fusion version 6.11.1 and later.

Dataflow - Dataflow supports Cloud TPUs, Google's custom-designed AI accelerators that are optimized for large-scale AI/ML workloads. Dataflow Runner v2 fixes an issue that could cause data discrepancies when using splittable DoFns, particularly when processing large datasets as side inputs.

Cloud Networking Products - DNS64 is available in GA.

Gemini - Full Remote Codebase Awareness Comprehensive understanding of your entire remote codebase directly within the chat interface. Get suggestions from your documentation stored in Markdown files Gemini Code Assist code customization can now index and understand your organization's internal documentation, stored in Markdown files. Change in telemetry setting behavior for VS Code Gemini Code Assist Gemini Code Assist telemetry log settings now override the VS Code telemetry setting.

Cloud Healthcare API - Preview: Cloud Healthcare API has launched DICOM Updates and Patches.

Google Kubernetes Engine - A fix is available for an issue with Cloud Storage FUSE CSI driver that could cause Pod to be stuck during startup after a node restart event. GKE version 1.33.0-gke.1276000 and later remediate a low severity vulnerability, in which an attacker with the ability to patch Node resources by using the Kubernetes API could change specific node labels in clusters that use Workload Identity Federation for GKE. You can now run GPU workloads on Confidential GKE Nodes with the A3 High machine type and NVIDIA H100 GPUs. (2025-R36) Version updates GKE cluster versions have been updated. In GKE version 1.33 and later, the Horizontal Pod Autoscaler has been re-architected for improved performance and scalability.

GKE new features - You can now run GPU workloads on Confidential GKE Nodes with the A3 High machine type and NVIDIA H100 GPUs. In GKE version 1.33 and later, the Horizontal Pod Autoscaler has been re-architected for improved performance and scalability.