Google Cloud Platform Newsletter

Check Archive for older issues

News

GPUs when you need them: Introducing Flex-start VMs - Flex-start VMs, powered by Dynamic Workload Scheduler, let you create single VM instances with fair and improved access to GPUs.

Meet the new GKE: Extending Autopilot to all qualifying clusters - Autopilot is now available to most GKE clusters, bringing the performance and ease of container-optimized compute platform to existing GKE clusters.

Announcing the 2025 DORA Report: State of AI-Assisted Software Development - The 2025 DORA Report, State of AI-Assisted Software Development, is now available to download.

Introducing the DORA AI Capabilities Model: 7 keys to succeeding in AI-assisted software development - The DORA research team has developed the inaugural DORA AI Capabilities Model to provide data-backed guidance for organizations grappling with these questions.

Articles, Tutorials

Infrastructure, Networking, Security, Kubernetes

How to Securely Expose Envoy/Application with GCP LoadBalancer and DNS Automation - When running workloads in Kubernetes on Google Cloud, one of the most common challenges is exposing services securely and predictably.

[GitHub Actions Series #13] Deploy to Google Kubernetes Engine (GKE) with GitHub Actions + OIDC - This article details how to deploy applications to Google Kubernetes Engine (GKE) using GitHub Actions with OIDC for authentication, following DevOps best practices.

Understanding unallocated costs in GKE - The article discusses understanding and reducing "kube:unallocated" costs in Google Kubernetes Engine (GKE) by focusing on workload resource requests and node utilization.

Practical Guide to Kueue and Custom Compute Classes - Orchestrate cost-efficient AI/ML workloads on GKE using Kueue and CCC.

The Best of Both: Autopilot mode workloads in GKE Standard - GKE now supports a hybrid model using Autopilot ComputeClasses in Standard clusters, which allows users to run Autopilot-managed workloads inside a Standard cluster and provides the flexibility of Standard mode and managed experience of Autopilot mode.

Another BRICKSTORM: Stealthy Backdoor Enabling Espionage into Tech and Legal Sectors - BRICKSTORM is a stealthy backdoor used by suspected China-nexus actors for long-term espionage.

Accelerating cloud migrations to Google Cloud with Searce to drive profitable growth - Searce relies on Google Cloud’s Global VPC, AI/ML, and GKE to deliver transformative cloud migrations for its customers.

App Development, Serverless, Databases, DevOps

Serverless AI: EmbeddingGemma with Cloud Run

Global Real-Time AI-Powered Product Catalog with Spanner AI - Transactional consistency & advanced AI? Spanner says heck yeah!!!

Understanding UUIDv7 and its impact on Google Cloud Spanner - UUIDs (Universally Unique Identifiers) are a common standard (or data type) for generating unique IDs.

Who’s Querying? How to Control the Database Access of Your AI Agents - MCP Toolbox supports end-user credential passthrough for database tools!

Using Open Telemetry (OTLP) on Cloud Run - Using Open Telemetry on Cloud Run to create traces of critical code paths, and capture timing and debugging information.

Securing Images: Using a Private Artifact Registry for Apigee Hybrid Cluster - This article explains how to configure Apigee Hybrid deployments to pull container images from a private artifact registry instead of the public Google Cloud Container Registry.

Google Cloud Database Digest: Strong Consistency, Local Latency — No Compromises for Your Global Database - The latest GCP database updates and what they mean for your production systems, dev workflows, and architecture.

How to Configure Essential Contacts in Google Cloud to Receive Important Email Notifications - Essential Contacts defines who receives important notifications from Google so nothing critical gets missed.

From legacy complexity to Google-powered innovation - Learn how JS Bank transformed its IT operations by migrating to ChromeOS and Google Cloud. See how they cut device management time by 40%, enhanced security, and freed their IT team to focus on strategic innovation like AI.

Big Data, Analytics, ML&AI

The new data scientist: From analyst to agentic architect - At Big Data London we announced an intelligent notebook environment, native, SQL-based access to real-time data, and a 'Build-Deploy-Connect' toolkit.

I Flipped a Switch in BigQuery and My Queries Got 75% Faster for Free - The Advanced Runtime is the next evolution of this powerhouse engine — a complete modernization of its core technology.

Learning PIVOT in BigQuery - A step-by-step guide to reshaping your data with PIVOT.

How We Cut BigQuery Costs by 50% in Production - We Saved $100K+ Annually.

HyperLogLog++: Efficiently Approximate COUNT(DISTINCT) Across Modern Data Platforms - How to speed up distinct counts on massive datasets with minimal cost — examples in BigQuery.

When to Use BigQuery Pipelines: a practical re-introduction - BigQuery Pipelines offers a pragmatic solution for sequencing SQL and notebook tasks within BigQuery Studio, providing a low-friction alternative to Apache Airflow for users prioritizing rapid adoption and native integration.

AI Innovators: How JAX on TPU is helping Escalante advance AI-driven protein design - Protein engineering startup Escalante explains why it uses JAX on TPUs: for ease of use as well as cost-performance.

Deutsche Bank delivers AI-powered financial research with DB Lumina - DB Lumina is an AI-powered research agent that helps automate data analysis, streamline workflows, and deliver more accurate and timely insights securely and in a compliant manner.

Build Your Own AI Google Calendar Assistant with Agent Development Kit - This article provides a tutorial on building an AI calendar assistant using Google's Agent Development Kit (ADK) and the Google Calendar API.

Build a GCP Cost Agent with ADK and MCP Toolbox for Databases to Analyze Your Cloud Spending - The article introduces a GCP Cost Agent built using the Agent Development Kit (ADK) and MCP Toolbox for Databases. It allows users to analyze Google Cloud spending data in BigQuery through conversational queries, eliminating the need for complex SQL or console navigation. The agent provides insights into total costs, project breakdowns, and service expenses, streamlining FinOps workflows and making cloud cost management more accessible.

Exploring EPC Ratings with Vertex AI: A Data Science Experiment in Property Data - A hands-on experiment combining EPC data, BigQuery, and Vertex AI to uncover surprising predictors of property value.

Give Your AI Agents Deep Understanding — Coding the Multi-Agent ADK Solution - Coding the ADK agents; Jupyter notebook for experimentation; ADK Web UI for testing, debugging and tracing; ADK tips and tricks.

How to build your own video-processing app with AI, and what it means for us as developers - The article discusses a new, streamlined approach to building AI-powered video processing applications using Google Cloud's Gemini API.

Launching Gemini CLI extensions for Google Data Cloud - The Gemini CLI, an open-source AI agent in your terminal, is now available for Google Data Cloud services such as Cloud SQL, AlloyDB and BigQuery.

Various

The global harms of restrictive cloud licensing, one year later - Microsoft’s restrictive cloud licensing has harmed the global economy, but ending it could help supercharge Europe’s economic engine.

Indiana DOT saved 360 hours of manual effort to meet a 30-day executive order with Google AI - See how INDOT used Google's Gemini to analyze decades of documents, saving 360 hours of manual work to meet a critical 30-day executive order.

Slides, Videos, Audio

Kubernetes Podcast - #260 Kubernetes SIG Docs, With Shannon Kularathna.

Security Podcast - #244 The Future of SOAPA: Jon Oltsik on Platform Consolidation vs. Best-of-Breed in the Age of Agentic AI.

GCP Bytes Podcast - #28 In this episode we discuss; Bambulab H2S Printer, What is Broacomm is right?, Revanced, Optus Outage, GDG, Google $3T Club,Fast Track Approvals, Penske Sues Google, Nvidia Intel Deal, Shinysp1d3r, Gemini in Chrome, Agentic Payments.

Releases

Agent Assist - Agent Assist offers a bidirectional API for next-generation audio and multi-modal experiences in both Conversational Agents and Agent Assist.

AlloyDB - You can create and manage query plan patches. You can now provision, manage, and query your databases using the dedicated Gemini CLI extensions for AlloyDB. The available memory metric now accurately reflects the memory available to AlloyDB by taking into consideration usable memory from the OS page cache. Database server compatibility with PostgreSQL version 17 is now generally available (GA).

Anthos clusters on VMware - Google Distributed Cloud (software only) for VMware 1.32.500-gke.48 is now available for download. The following issues were fixed in 1.32.500-gke.48: Fixed vulnerabilities listed in Vulnerability fixes.

Apigee Hybrid - v1.15.0. Apigee Operator for Kubernetes for Apigee Hybrid (Preview) On September 24, 2025 we released the Apigee Operator for Kubernetes for Apigee Hybrid 1.15.0 and newer.

Google Cloud Armor - Cloud Armor's support for Network Threat Intelligence (NTI) in globally scoped edge security policies for Media CDN edge cache services is Generally Available. Cloud Armor's support for Autonomous System Numbers (ASNs) in globally scoped edge security policies for Media CDN edge cache services is Generally Available.

Artifact Registry - Layer-based scanning for Artifact Analysis is in Preview.

BigQuery - The ARRAY_FIRST, ARRAY_LAST, and ARRAY_SLICE GoogleSQL functions are now generally available (GA). BigQuery data canvas now supports destination table nodes. BigQuery ML now supports visualization of model monitoring metrics. For command-line users, BigQuery is now integrated with the Gemini CLI to provide an agentic CLI experience. You can now run federated queries against PostgreSQL dialect databases in Spanner using BigQuery external datasets with GoogleSQL; this includes cross-region federated queries. Python3.38.0 (2025-09-15) Features Add additional query stats (#2270) (7b1b718).

Chronicle - Transport-layer migration for third-party API feeds Google SecOps is migrating the transport layer for third-party API feeds to a new platform to improve performance and reliability.

Chronicle Security Operations - Podman support for Remote Agents You can now install a Remote Agent using Podman. Debian support for remote agents You can now install a Remote Agent using Debian. Remote Agent, Release 2.5.0 contains the following changes: Increased Alert Trimming limit for Remote Agent The default setting for Alert Trimming has been increased to 25 MB. Publisher Connector package size limit enforced The maximum allowed size for a Publisher's Connector Package is now limited to 25 MB.

Chronicle SOAR - Release 6.3.63 is being rolled out to the first phase of regions, as outlined in our Google SecOps release plan. Podman support for Remote Agents You can now install a Remote Agent using Podman. Deploy an agent with Debian You can now install a Remote Agent using Debian. Remote Agent, Release 2.5.0 contains the following changes: Increased Alert Trimming limit for Remote Agent The default setting for Alert Trimming has been increased to 25 MB. Publisher Connector package size limit enforced The maximum allowed size for a Publisher's Connector Package is now limited to 25 MB. Release 6.3.62 is now available for all regions.

Compute Engine - Generally available: You can create and use Flex-start VMs.

Config Connector - Config Connector version 1.134.1 is now available. Bug Fixes: #5230: Fixed an issue that could lead to premature certificate rotation by ensuring errors are not swallowed when reading a Secret. Config Connector version 1.135.0 is now available. New Beta Resources (Direct Reconciler): AssetSavedQuery PubSubSnapshot. Modified Beta Reconciliation: We migrated the following resources from the Terraform-based or DCL-based controller to the new Direct Controller. New Fields: AlloyDBCluster Added spec.databaseVersion field. Bug Fixes: PR#5009 Fix the nil pointer dereference error in AlloyDB direct controller.

Contact Center AI Platform - Web SDK version 2 will be shut down on June 26, 2026 On June 26, 2025, we announced the launch of Web SDK version 3.

Dataflow - For jobs that use GPUs, Dataflow now supports the flex-start provisioning model.

Dataplex - You can now connect your Dataplex Universal Catalog instance to your favorite developer tools, such as the Gemini CLI and other IDEs.

Datastream - Datastream support for MongoDB as a source is now generally available (GA).

Document AI - v1 & v1beta3. Custom classifier model pretrained-classifier-v1.5-2025-08-05 powered by Gemini 2.5 Flash is in Preview.

Eventarc - Eventarc Advanced support for publishing events from multiple projects is available in Preview.

Cloud Firestore - You can now query your databases and update data using the dedicated Gemini CLI extension for Firestore.

Cloud NGFW - You can use the URL filtering service to filter your workload traffic by using domain and Server Name Indication (SNI) information available in the egress HTTP(S) messages.

Gemini - VS Code Gemini Code Assist 2.51.0. Next Edit Predictions in VS Code (Preview) Next Edit Predictions, which predicts the next code suggestions throughout the code file that you're currently in, are now available in VS Code Gemini Code Assist, in Preview. Gemini Cloud Assist. Cloud Hub Optimization and Cost Explorer integrations Gemini Cloud Assist can now answer questions about your resource cost and utilization. VS Code Gemini Code Assist 2.50.0. Inline diff is generally available (GA) for VS Code Inline diff is generally available for VS Code Gemini Code Assist. IntelliJ Gemini Code Assist 1.31.3. Revert to a checkpoint in IntelliJ (GA) Reverting to a checkpoint for chat code suggestions with IntelliJ Gemini Code Assist is now generally available. Access saved prompts in the Prompt Library You can access saved prompts in the Prompt Library when you type @ in Gemini chat and select the prompt you want. Copy sign-in link As an alternative to clicking Sign in when signing into your Google Account to use IntelliJ Gemini Code Assist, you can click Copy link and manually paste the link in your browser's URL bar.

KMS - Cloud KMS now supports key encapsulation mechanisms (KEMs) for sharing secrets in Preview.

Google Kubernetes Engine - You can now let GKE auto-create node pools with ComputeClasses without having to enable node auto-provisioning for the entire cluster. GKE Standard clusters now support Autopilot features, including the container-optimized compute platform and fully managed nodes, letting you use Autopilot's advantages without migrating to a dedicated Autopilot cluster. Issue with A4X machine type compatibility on certain GKE versions Certain GKE versions are not compatible with the A4X machine type. The following metrics are now only billed through Cloud Monitoring.

GKE new features - You can now let GKE auto-create node pools with ComputeClasses without having to enable node auto-provisioning for the entire cluster. GKE Standard clusters now support Autopilot features, including the container-optimized compute platform and fully managed nodes, letting you use Autopilot's advantages without migrating to a dedicated Autopilot cluster.

Cloud Logging - Cloud Logging has removed the quota for write requests per minute, which has been replaced by volume-based regional quotas.

Looker - Looker (Google Cloud core) and Looker (original) changes. You can now connect to your Looker instance with the Gemini CLI using a dedicated Gemini extension.

Media CDN - You can use Autonomous System Numbers (ASN) based rules from Cloud Armor for Media CDN. You can use Network Threat Intelligence (NTI) from Cloud Armor in Edge Security Policies for Media CDN edge cache services for Enterprise users.

Cloud NAT - Cloud NAT gateways for Public NAT support source-based NAT rules for IPv4 addresses.

Cloud Run - Support for setting multiple environment variables using the .env file is in General Availability (GA). You can specify mount options when you configure Cloud Storage volume mounts for Cloud Run services, jobs, and worker pools.

Security Command Center - Bulk export findings to BigQuery is available in General Availability. The upgraded model for the prompt injection and jailbreak detection filter is available in EU multi-region. Graph search lets you explore the security graph using custom queries.

Sensitive Data Protection - The DOCUMENT_TYPE/FINANCE/INVOICE and DOCUMENT_TYPE/MEDICAL/RECORD infoType detectors are available in global and the asia, europe, and us multi-regions.

Service Mesh - 1.21.x & 1.22.x & 1.23.x & 1.24.x & 1.25.x & 1.26.x & 1.27.x. Support for the following features will end on March 17, 2027: GKE on AWS GKE on Azure EKS Attached Clusters on AWS Azure Attached Clusters with AKS Note that there are no changes to the other features of GKE attached clusters or Google Distributed Cloud (software only or air-gapped), You must migrate to an alternative service mesh solution or an alternative Istio-based solution using your existing CSM configuration files by March 17, 2027. 1.27.x. 1.27.1-asm.2 is now available for in-cluster Cloud Service Mesh.

Cloud Spanner - The Cassandra interface for Spanner is now generally available. You can now use read lease regions to reduce latency for strong reads in multi-region or dual-region instances. You can now use the dedicated Gemini CLI extension for Spanner to execute SQL statements and query your Spanner instance using natural language controls. You can now run federated queries against PostgreSQL dialect databases in Spanner using BigQuery external datasets using GoogleSQL; this includes cross-region federated queries.

Cloud SQL MySQL - Cloud SQL for MySQL now supports minor version 8.0.43. Cloud SQL for MySQL 8.4.5 is upgraded to MySQL 8.4.6. You can now provision, manage and query your databases using the dedicated Gemini CLI extension for Cloud SQL for MySQL. You can now retain point-in-time recovery (PITR) logs for an instance after its deletion for a specified retention period.

Cloud SQL Postgres - Cloud SQL Managed Connection Pooling is now generally available (GA). You can now provision, manage and query your databases using the dedicated Gemini CLI extension for Cloud SQL for PostgreSQL. You can now retain point-in-time recovery (PITR) logs for an instance after its deletion for a specified retention period.

Cloud SQL SQL Server - You can now provision, manage and query your databases using the dedicated Gemini CLI extension for Cloud SQL for SQL Server. You can now retain point-in-time recovery (PITR) logs for an instance after its deletion for a specified retention period.

Vertex AI - DeepSeek-V3.1-Terminus is available through Model Garden.

VMware Engine - VMware Engine ve2 nodes are now available in the following additional region: Doha, Qatar (me-central1, v-zone-a). All 3-year Committed Use Discounts (CUDs) for VMware Engine ve1 SKUs are now End-of-Sale across all regions where the service is available.

Virtual Private Cloud - The following features of VPC Flow Logs are available in General Availability through the Network Management API: Enabling VPC Flow Logs for an organization Enabling VPC Flow Logs for a VPC network Enabling VPC Flow Logs for a subnet For more information, see Supported configurations. Service producers can publish services that are hosted on cross-region internal Application Load Balancers.