Google Cloud Platform Newsletter

Check Archive for older issues

News

Back to AI school: New Google Cloud training to future-proof your AI skills - Announcing a new suite of Google Cloud AI training courses. These courses are designed with intermediate and advanced technical learners in mind for roles such as Cloud Infrastructure Engineers, Cloud Architects, AI Engineers and MLOps Engineers, AI Developers and Data Scientists.

Strengthen GCE and GKE security with new dashboards powered by Security Command Center - We’ve introduced new, integrated security dashboards in GCE and GKE consoles, powered by Security Command Center, to provide critical insights.

Announcing MCP Toolbox support for Firestore - Today, we’re expanding Toolbox with a comprehensive new set of tools for Firestore. This will help millions of developers build more modern web and mobile applications.

Gemini and OSS text embeddings are now in BigQuery ML - In addition to its existing text embedding models, you can now use both Google’s Gemini and open-source (OSS) models directly within BigQuery.

Supercharge ML performance on xPUs with the new XProf profiler and Cloud Diagnostics XProf library - Optimize ML model performance on Google Cloud with the new XProf profiler and Cloud Diagnostics XProf library. Identify bottlenecks, leverage advanced features, and collaborate seamlessly.

Announcing the new Practical Guide to Data Science on Google Cloud - Learn how to leverage Google Cloud's BigQuery, Serverless Spark, and Vertex AI for modern data science workflows. This guide covers unified tooling, end-to-end solutions, and real-world use cases with code examples.

Supercharging Employee Productivity with AI, Securely, with Gemini in Chrome Enterprise - Gemini in Chrome comes to Google Workspace with enterprise-grade protections.

Power up your data analysis: The Data Science Agent now supports BigQuery ML, DataFrames, and Spark - Your AI-powered data science partner just got a major upgrade. The Data Science Agent now automates ML workflows with Spark, BigQuery ML, & BigQuery DataFrames.

New DNS Armor can help detect, mitigate domain name system risks - Google Cloud is partnering with Infoblox to deliver DNS Armor, a cloud-native DNS security service available now in preview.

Partnering with Google Cloud MSSPs: Solving security challenges with expertise & speed

Powering AI commerce with the new Agent Payments Protocol (AP2) - Learn more about the Agent Payments Protocol (AP2), an open protocol that builds on A2A, Agent to Agent Protocol. AP2 was developed by Google with leading payments and technology companies to securely initiate and transact agent-led payments across platforms.

Unlocking a new era for SAP on Google Cloud - Discover the new era for SAP on Google Cloud. Unify data with BigQuery, simplify procurement with SAP BTP on the Marketplace, and innovate with AI agents.

Articles, Tutorials

Infrastructure, Networking, Security, Kubernetes

5 best practices for Managed Lustre on Google Kubernetes Engine - Learn 5 best practices for using GKE Managed Lustre to accelerate AI and HPC workloads.

Network Performance Decoded: Much ado about headers, data and bitrates - New whitepapers discuss TCP retransmissions, how headers and MTUs impact data transfer performance, and using netperf to measure packets per second.

GKE network interface at 10: From core connectivity to the AI backbone - A history of Container Network Interface (CNI) for Kubernetes/GKE, from kubenet to eBPF/Cilium to DRANET.

Cloud CISO Perspectives: APAC security leaders speak out on AI and key topics - Our Office of the CISO Asia-Pacific shares insights on AI and key topics from security leaders at a recent Google Cloud CISO Community event in Singapore.

The Two-Band CPU Mystery: The Kubernetes CPU Anomaly That Nobody Could Explain - A 4-Week Investigation Into Mysterious CPU Behavior.

GKE: service to service zonal affinity when crossing the cluster boundary. - Since Topology Aware Routing only works within the bounds of the cluster, we explore a new option in GKE to achieve zonal affinity.

Databases on K8s — Really? - This multi-part blog series is a backstory that deep-dives into the motivation behind building Kubernetes Operators for running databases.

Google Model Armor as Layer 8 Firewall - Google Model Armor as a "Layer 8 Firewall" that protects LLMs from attacks like jailbreaks and prompt injections by filtering requests and responses based on safety policies.

Google Cloud Router: Introduction to BGP Policies - Google Cloud Platform BGP route policies for route filtering.

App Development, Serverless, Databases, DevOps

Setting new expectations: Benchmarking high-performance trading with C3 machines - In collaboration with 28Stone, we benchmarked Google Compute Engine C3 machine types for trading participants with demanding applications.

A minimalist GCP logging library - "nano-gcp-logging" a Rust crate providing context-aware logging that adapts intelligently to its environment, automatically producing readable output during development and structured logs in production without requiring complex configurations.

Deploy a Website in 10 Minutes (for Pennies) on Google Cloud - Learn three ways to host a fast, secure, and incredibly cheap static website on Google Cloud. Your first cloud project starts here!

Why You Need to Enable Audit Logs in Google Cloud - Enabling audit logs enhances your security, auditing, and compliance monitoring.

Big Data, Analytics, ML&AI

BigQuery under the hood: Scalability, reliability and usability enhancements for gen AI inference - With recent performance improvements to BigQuery, users can expect gains in scalability, reliability, and usability across BigQuery and BigQuery ML.

The Price of Speed: Taming the BigQuery Autoscaler Waste - How to use the autoscaler in the most efficient way.

Replicating BigQuery Data to Another Data Warehouse - How to use Continuous Queries to Perform CDC from BigQuery.

Migrating Kafka clusters on Google Cloud - Walking through migrating a self-managed Kafka cluster to Managed Service for Apache Kafka on Google Cloud.

Optimizing Large Analytical Data Delivery to Google Managed Kafka - The article discusses optimizing data ingestion into Google Cloud Managed Service for Apache Kafka by tuning client-side producer configurations.

Optimizing Large Analytical Data Delivery to Google Managed Kafka: A Deep Dive into Individual Properties - The article explores optimizing data delivery to Google Managed Kafka by examining individual properties like compression, acks, and batch size.

Inside the AI-powered assistant helping doctors work faster and better at Seattle Children’s Hospital - New AI-powered Pathways Assistant helps clinicians at Seattle Children’s hospitals determine symptoms and treatments faster.

Oklahoma DOT gains valuable information on the health of bridge inventory with data-driven insights on Google Cloud - Discover how ODOT is using Google Cloud to transform bridge safety. See how BigQuery, Dataplex, & AI create a data-driven model for maintenance.

Achieve agentic productivity with Vertex AI Agent Builder - Vertex AI Agent Builder is the unified platform that helps you close this gap. It’s where you can build the smartest agents, and deploy and scale them with enterprise-grade confidence.

How Mr. Cooper assembled a team of AI agents to handle complex mortgage questions - Just as we prioritize hiring great teams, Mr. Cooper discovered how important it is to put together the right group of agents to effectively meet the needs of consumers and employees.

How to secure your remote MCP server on Google Cloud - Here are five key MCP deployment risks you should be aware of, and how using a centralized proxy architecture on Google Cloud can help mitigate them.

Optimizing vLLM inference on TPUs! - Learn how to push your TPUs to their limits with proper vLLM inference configuration options.

Integrating knowledge systems with Google Agentspace — custom Connectors/Datastores - The article explains how to create custom indexing connectors for Google Cloud's Agentspace, a service for secure enterprise knowledge access.

Build a Google Cloud FinOps Assistant Agent with ADK & MCP Toolbox for Databases - The article introduces a solution using MCP Toolbox for Databases and Agent Development Kit (ADK) to transform cloud billing data into a conversational asset.

Stop Writing Boilerplate: A TypeScript SDK for Google’s Agent Development Kit - An open-source TypeScript SDK for Google's Agent Development Kit.

Various

How California is transforming public services with Google Cloud - Discover how California agencies like Covered California and UCR are using Google Cloud's AI to innovate services, streamline operations, and bolster security.

How Google Cloud’s AI tech stack powers today’s startups - At the first-ever Google Cloud AI Builders Forum, leading startups, founders, and VCs celebrate the differentiated AI services and infrastructure that makes their innovations possible.

Introducing the Class of 2025 Google for Startups Accelerator: AI First MENA and Turkey - Today, we are thrilled to announce the 14 innovative startups selected to join the Google for Startups Accelerator: AI First in the Middle East, North Africa and Turkey. Learn more about the program today.

Slides, Videos, Audio

Agent Factory Recap: Deep Dive into Gemini CLI with Taylor Mullen - Learn about the Gemini CLI, a powerful conversational AI agent, in this recap of the Agent Factory podcast. Discover its origin, design philosophy, and future roadmap, including real-world demos and insights from its creator, Taylor Mullen.

Security Podcast - #243 Email Security in the AI Age: An Epic 2025 Arms Race Begins.

Releases

Anthos clusters on VMware - Google Distributed Cloud (software only) for VMware 1.31.900-gke.38 is now available for download. The following issues were fixed in 1.31.900-gke.38: Fixed vulnerabilities listed in Vulnerability fixes.

Apigee UI - On September 19, 2025, we released an updated version of the Apigee UI. Bug ID Description 444579842 Fixed browser hang issue when uploading large bundles.

Apigee Advanced API Security - On September 19, 2025 we released an updated version of Advanced API Security Note: Rollouts of this release to production instances will begin within two business days and may take four or more business days to complete across all Google Cloud zones. New security actions status icons and "expired" note in the security actions UI This release adds security status icons to the Apigee UI to make it easier to see, at a glance, whether a security action is enabled, disabled, or paused, and an "expired" note when an action is expired. On September 18, 2025 we released an updated version of Advanced API Security Note: Rollouts of this release to production instances will begin within two business days and may take four or more business days to complete across all Google Cloud zones. Improvements to the Abuse Detection Advanced Anomaly Detection incident model This release includes improvements to the incident model, including lower noise and higher accuracy for abuse detection incidents.

Application Integration - Salesforce connected app requires installation for OAuth 2.0 authentication A new security requirement from Salesforce restricts the use of uninstalled connected apps.

Cloud Architecture Center - (New guide) VPC Network Peering Cross-Cloud Network with NVAs and regional affinity: Describes how to deploy network virtual appliances (NVAs) in a single-region Cross-Cloud Network architecture. (New guide) Multi-agent AI system in Google Cloud: A reference architecture to help you design robust multi-agent AI systems in Google Cloud.

Google Cloud Armor - Cloud Armor support for organization-scoped address groups for security policies is Generally Available.

BigQuery - You can now access snapshots of Apache Iceberg external tables that are retained in your Iceberg metadata by using the FOR SYSTEM_TIME AS OF clause. You can use the JSON_KEYS function to extract unique JSON keys from a JSON expression, and you can specify a mode for some JSON functions that take a JSONPath to allow more flexibility in how the path matches the JSON structure. SQL code completion is now available for all BigQuery projects. In the BigQuery Studio, in the Explorer pane, you can now open saved queries in Connected Sheets. You can now enable the BigQuery advanced runtime to improve query execution time and slot usage.

Chronicle Security Operations - Migrate SOAR to Google Cloud We're actively migrating all SOAR customers and partners to their respective Google Cloud projects.

Chronicle SOAR - Migrate SOAR to Google Cloud All customers and partners are being migrated from SOAR to Google Cloud. Release 6.3.62 is being rolled out to the first phase of regions as listed here. Release 6.3.61 is now available for all regions.

Compute Engine - Compute Engine enforces limits to the total baseline performance that a project's Hyperdisk Balanced and Hyperdisk Balanced High Availability disks that are in the same zone can consume at the same time. Generally available: You can decrease a Compute Engine instance shutdown time by skipping the guest OS shutdown.

Contact Center AI Insights - Conversational Insights offers the following subscriptions: Standard edition provides a suite of tools to analyze customer service conversations.

Database Migration Service - Gemini-powered conversion features for heterogeneous migrations in Database Migration Service are now generally available (GA).

Dataproc - New Dataproc on Compute Engine subminor image versions: 2.0.149-debian10, 2.0.149-ubuntu18, 2.0.149-rocky8 2.1.98-debian11, 2.1.98-ubuntu20, 2.1.98-ubuntu20-arm, 2.1.98-rocky8 2.2.66-debian12, 2.2.66-ubuntu22, 2.2.66-ubuntu22-arm, 2.2.66-rocky9 2.3.13-debian12, 2.3.13-ubuntu22, 2.3.13-ubuntu22-arm, 2.3.13-ml-ubuntu22, 2.3.13-rocky9.

Google Distributed Cloud Edge - This is a minor release of Google Distributed Cloud connected (version 1.11.0). The following new functionality has been introduced in this release of Google Distributed Cloud connected: Backup for VM workloads on GDC connected servers. Security mitigations for the following vulnerabilities have been implemented in this release of Google Distributed Cloud connected: OS layer security mitigations: CVE-2025-31498, CVE-2024-48615, CVE-2016-1585. The following Google Distributed Cloud connected components have been updated: GDC software-only has been updated to version 1.32.100. The following issues have been resolved in this release of Google Distributed Cloud connected: Machines no longer experience intermittent connectivity loss. This release of Google Distributed Cloud connected contains the following known issues: The gvisor runtime class is incompatible with Symcloud Storage persistent volumes in block mode.

Buildpacks - Ubuntu 24 builder with the google-24 stack is available for Google Cloud's Buildpacks.

Gemini - VS Code Gemini Code Assist 2.49.0. See code customization status directly in IDE You'll now get a one-time notification the first time code customization is enabled for you, so you know right away that the feature is active.

Integration Connectors - Salesforce connected app requires installation for OAuth 2.0 authentication A new security requirement from Salesforce restricts the use of uninstalled connected apps.

Backup for GKE - Backup for GKE now supports restoring disks in pre-existing Storage Pools for Hyperdisk Balanced and Hyperdisk Throughput volumes.

Load Balancing - A security fix was made which changes the behavior of requests and responses sent with the Transfer-Encoding: Chunked header to be more RFC 9112 compliant.

Migration Center - Generally available: Migration Center now provides more granular Google Compute Engine preferences.

Cloud Monitoring - When viewing a chart, you can now open a flyout that displays the chart and related log entries.

Security Command Center - Model Armor is integrated with Google Agentspace to provide greater insights and enhanced security of your agent interactions by default. Model Armor integration with Google Kubernetes Engine is available in General Availability. The Findings page in Security Command Center has been improved.

Sensitive Data Protection - When you inspect a BigQuery table for sensitive data, you can send the inspection findings to Dataplex Universal Catalog.

Service Extensions - To protect AI workloads, you can configure traffic extensions to call the Model Armor service on supported Application Load Balancers.

Service Mesh - Managed Cloud Service Mesh. The following rollouts have completed for managed Cloud Service Mesh: 1.21.5-asm.55 has rolled out to the rapid release channel.

Cloud Spanner - Spanner Graph support of schemaless schemas is generally available (GA). The Cassandra interface for Spanner is now generally available.

Cloud SQL Postgres - The rollout of the following minor version upgrades is complete: Minor versions 13.21 is upgraded to 13.22.

Cloud Storage - The bucket_attributes_view and bucket_attributes_latest_snapshot_view tables in Storage Insights datasets are updated with two new fields: objectCount and totalSize.

Cloud Text-to-Speech - Chirp 3: HD voices is available on the asia-northeast1 endpoint.

Vertex AI - Vector Search indexes optimized for storage (Preview). Storage-optimized Vector Search offers a cost-effective solution for searching massive datasets.

Vertex AI Workbench - The M133 release of Vertex AI Workbench instances includes the following: Patched an incompatibility with the Dataproc JupyterLab plugin (dataproc-jupyter-plugin) and instances with end-user credentials enabled.

VMware Engine - VMware Engine ve2 nodes are now available in the following additional region and zone: The Milan, Italy, Europe region (europe-west8-a).

Workload Manager - Generally available: You can evaluate MySQL and Redis workloads running on Compute Engine instances by using Workload Manager.