Google Cloud Platform Newsletter

Check Archive for older issues

News

Unlock next-gen database performance: C4A Axion and N4 machines for Cloud SQL now GA - Axion-powered C4A machine series are GA for Cloud SQL Enterprise Plus edition, as are N4 machine series for Cloud SQL Enterprise edition.

New BigQuery Studio experience: Boost your data analysis productivity - BigQuery Studio’s improved console interface helps streamline your workflows, enhances your productivity, and gives you greater control.

Secure data collaboration with query templates in BigQuery data clean rooms - Query templates in BigQuery data clean rooms let you create pre-defined queries that run against specific tables, reducing the risk of data exfiltration.

Announcing prompt management in the Vertex AI SDK - Today, we are announcing the General Availability (GA) of Prompt Management in the Vertex AI SDK, a new set of capabilities designed to bring control, scalability, and enterprise-readiness to your prompt management workflow.

Gemini Code Assist brings enterprise-grade AI code reviews to GitHub - Today, we're introducing a public preview of Gemini Code Assist on GitHub for enterprise customers, providing you with AI powered code reviews to meet the needs of enterprises.

How AI can scale customer experience — online and IRL - LiveX AI enables businesses to build and deploy advanced AI systems that deliver natural conversational experiences at scale in any environment. See how they built it with Google Cloud, and how you can, too.

Scaling AI agents with Google Cloud Marketplace and Gemini Enterprise - Discover the Google Cloud AI Agent Marketplace, featuring a rich ecosystem of partners and AI agents integrated with Gemini Enterprise.

Introducing LLM-Evalkit: A practical framework for prompt engineering on Google Cloud - LLM-Evalkit is a light-weight, open-source application designed to bring structure to this process. LLM-Evalkit is a practical lightweight framework built on Vertex AI SDKs using Google Cloud that centralizes and streamlines prompt engineering.

From dark data to bright insights: The dawn of smart storage - See how Google's Auto annotate and object contexts let you curate AI datasets, streamline discovery, and manage unstructured data.

Power your enterprise applications in the cloud with unified block and file storage - Google Cloud NetApp Volumes now supports NetApp FlexCache, and can serve as a datastore for Gemini Enterprise, amongst other enhancements.

Open-source and enterprise-ready: IBM Spectrum Symphony connectors for Google Cloud - IBM Spectrum Symphony HostFactory connectors bring grid workloads to Compute Engine or GKE, automatically extending or deploying new clusters.

Agile AI architectures: A fungible data center for the intelligent era - The furious pace of AI innovation needs systems and infrastructure engineers to use fungibility and agility as first-class design considerations.

New from Mandiant Academy: Protect your perimeter with practical network training - Protecting the Perimeter: Practical Network Enrichment teaches the skills to transform network traffic analysis into a powerful, precise security asset.

A week of innovation in Washington, D.C.: Google Cloud and NVIDIA power AI innovation across industries and the public sector - Google Cloud & NVIDIA showcase secure AI for government missions at GTC DC and the Public Sector Summit.

Google is named a Leader in the 2025 Gartner® Magic Quadrant™ for SIEM - We’re excited to share that Gartner has recognized Google as a Leader in the 2025 Gartner® Magic Quadrant™ for Security Information and Event Management (SIEM).

Google Cloud Apigee Named a Leader for the 10th Consecutive Time in the Gartner® Magic Quadrant™ for API Management - For the tenth consecutive time, Gartner has named Google Cloud Apigee a Leader in the 2025 Gartner® Magic Quadrant™ for API Management.

Articles, Tutorials

Infrastructure, Networking, Security, Kubernetes

DPRK Adopts EtherHiding: Nation-State Malware Hiding on Blockchains - North Korea threat actor UNC5342 is leveraging the EtherHiding technique in espionage and financially motivated operations.

New Group on the Block: UNC5142 Leverages EtherHiding to Distribute Malware - Financially motivated UNC5142abuses the blockchain to facilitate the distribution of information stealers.

Cloud CISO Perspectives: Disrupt ransomware with AI in Google Drive - A new AI-driven capability in Google Drive can help protect data and disrupt ransomware. Here’s how it can help CISOs safeguard their organizations.

Chaos engineering on Google Cloud: Principles, practices, and getting started - By deliberately introducing failures into production systems, chaos engineering helps you face production incidents calmly and confidently.

The future of media sanitization at Google - To help you get started in pursuing malware analysis as a primary specialty, we’re introducing Mandiant Academy’s new "Basic Static and Dynamic Analysis" course.

Stop Google Cloud Bills Before They Spiral: Build Your Kill Switch - The article discusses the need for a "kill switch" to automatically disable billing in Google Cloud when budgets are exceeded, as budgets only provide alerts and don't prevent overspending.

How to Prevent Project and Billing Sprawl in Google Cloud - A 1-minute fix for your Google Cloud Organization Setup.

How I Discovered Google Cloud Asset Inventory (and Finally Got a Grip on My GCP Resources) - The article discusses Google Cloud Asset Inventory (CAI) as a solution for gaining visibility and control over GCP resources across multiple projects.

Google Kubernetes Engine (GKE): Architecture Patterns to build Fault-Tolerant Production Systems - The article discusses six architecture patterns for building fault-tolerant production systems on Google Kubernetes Engine (GKE), emphasizing the importance of understanding failure modes and applying proven patterns.

Use Google Cloud Groups to Simplify Access Management and Improve Security - This article emphasizes the importance of using Google Cloud Groups for streamlined access management and enhanced security.

Build Your Own AI Hypercomputer: Training Qwen2 on a Slurm Cluster - The article provides a guide on building a high-performance Slurm cluster on Google Cloud using the Cluster Toolkit to train a 1.5 billion parameter Qwen2 model.

App Development, Serverless, Databases, DevOps

Migrating Cron Jobs from Heroku to Google Cloud Run: A Complete End-to-End Guide - The article guides readers through migrating cron jobs from Heroku to Google Cloud Platform using Cloud Run Jobs and Cloud Scheduler.

Data! Data! Data! Solving Database Mysteries with Gemini CLI - Support for your software development lifecycle using Gemini CLI extensions and the GitHub MCP server.

A practical Spanner introspection cheatsheet: 4 key metrics for starting debugging performance issues - Leveraging a simple CLI tool to simplify and automate Spanner performance analysis.

Bigtable’s Python Client Now Speaks Protobuf Natively - The Bigtable Python client library now natively supports Protocol Buffer (Proto) types, removing the need for manual serialization and deserialization. This update simplifies code, reduces potential errors, and allows developers to focus on business logic instead of data conversion.

Architecting for Data Diversity — The Intelligent E-commerce Catalog - Polyglot Persistence with GCP: Building an Intelligent E-commerce Catalog with AlloyDB, MongoDB, Cloud Storage, BigQuery, and MCP Toolbox.

Big Data, Analytics, ML&AI

How Moloco is powering the future of retail media with AI Vector Search - In a media-saturated environment, discover how Moloco built its AI-native platform that delivers the one-to-one ad personalization retailers need.

Use Gemini CLI to deploy cost-effective LLM workloads on GKE - Google Kubernetes Engine (GKE) offers Inference Quickstart. With Inference Quickstart, you can replace months of manual trial-and-error with out-of-the-box manifests and data-driven insights. Learn more today.

8 BigQuery Tricks from Python - Faster reads, safer writes, and cheaper queries using pandas-gbq, DB-API, and Arrow—without fighting dtypes or paying surprise bills.

BigQuery Slots vs On-Demand: Choose with Math - A clear, numbers-first way to pick the right BigQuery pricing model — without vibes or guesswork.

Stop Paying for Cloud Resources During Development: Building a Local GCP Pub/Sub Emulator - A Docker-based Google Cloud Pub/Sub emulator with a web dashboard to facilitate local development and testing. It aims to reduce cloud costs, eliminate the need for internet connectivity and cloud credentials, and improve debugging by providing real-time message monitoring and topic management.

From Local Triumph to Cloud Failure — And the Fix: Build a Reliable Portfolio Chatbot with RAG + Vertex AI - A builder’s journey through hard lessons and production failures — complete with actionable fixes, architectures, and a working live demo.

The ultimate prompting guide for Veo 3.1 - This guide is a framework for directing Veo 3.1, our latest model. Veo 3.1 is state-of-the-art and builds on Veo 3, with stronger prompt adherence and improved audiovisual quality when turning images into videos.

Save costs and decrease latency while using Gemini with Vertex AI context caching - Context caching on Vertex AI can help you save costs and decrease latency. Learn more to get started today.

Tracing Your AI Agents for Better Observability: A Guide with Agent Engine - This guide explains how to use tracing with Agent Engine on Vertex AI to understand AI agent decision-making. It covers key concepts like traces, spans, and attributes, and demonstrates how to enable tracing, analyze data with the Cloud Trace SDK and pandas, and clean up resources.

Stop Guessing and Start Benchmarking Your AI Prompts - The article introduces a framework for building applications using Generative AI, emphasizing the importance of systematic prompt engineering. It highlights Google Cloud tools for prompt evaluation, including the GenAI evaluation tool and Python evaluation library, to move from guesswork to data-driven prompt optimization.

Vector SQL in Practice: Embedding Tables, ANN vs. Exact Search - BigQuery supports vector search, enabling users to store and query embeddings with SQL, choosing between exact brute-force search and fast ANN indexes. The article provides a practical guide covering table design, distance metrics, index choices (IVF, TreeAH/ScaNN), pre/post-filters, cost optimization, and testing strategies for production use.

Slides, Videos, Audio

Security Podcast - #247 The Evolving CISO: From Security Cop to Cloud & AI Champion.

Releases

Apigee API Hub - Change Create and manage API operations in the UI You can now create and manage API operations for your API versions from the API details page in the Google Cloud console. Change New MCP API style system attribute The system-defined API style attribute now includes a new value: MCP.

Google Cloud Armor - Feature Cloud Armor's Hierarchical security policies that facilitate centralized control, enhanced consistency, operational efficiency, and effective delegation of security policy management is Generally Available.

Backup and DR Service - Backup and DR Service 11.0.16.253 is now available to update your backup/recovery appliances. You can now set up backup vault specific workload quotas for critical resources like data sources, backups, backup plans, and backup plan associations.

BigQuery - Feature The following features are now generally available (GA) in BigQuery Studio: To streamline resource discovery and access, the left Explorer pane has been reorganized into three sections: Explorer, Classic Explorer, and Git repository. Feature You can now access repositories by clicking Repositories in the Explorer pane. Feature You can visualize your geospatial query results on an interactive map in BigQuery Studio. Feature You can use the dbt-bigquery adapter to run Python code that's defined in BigQuery DataFrames. Feature You can now use SQL cells to write, edit, and run SQL queries on your BigQuery data directly from your notebooks. Announcement The BigQuery Data Transfer API (bigquerydatatransfer.googleapis.com) is now enabled by default for every new Google Cloud project. Feature You can now embed natural language as comments in existing SQL to refine and transform your code.

Chronicle - Deprecated The Netskope v1 API feed has been deprecated by Netskope.

Chronicle SOAR - Announcement Release 6.3.64 is being rolled out to the first phase of regions as listed here. Announcement Release 6.3.63 is now available for all regions.

Colab - Feature SQL cells Preview: You can use SQL cells to write, edit, and run SQL queries directly from your Colab Enterprise notebooks.

Compute Engine - Feature Generally Available: You can now access the Compute Engine alpha API at the project level through a self-service process. Change Starting with SUSE Linux Enterprise Server (SLES) 16, including variants for SAP, the default file system for the root partition (/) is Btrfs changing from the previous default of XFS.

Config Connector - Config Connector version 1.137.0 is now available. New Beta Resources (Direct Reconciler): DocumentAIProcessorVersion EssentialContactsContact BigQueryBigLakeTable BackupDRBackupPlan. New Alpha Resources (Direct Reconciler): BigtableMaterializedView. New Fields: BigtableMaterializedView: Added spec.sourceTableRef and spec.definition. Reconciliation Improvements: Enabled opt-in for IAM partial policy management. Bug Fixes: Fixed an issue where ComputeBackendService backends were not sorted.

Contact Center AI Platform - Mobile SDK patch 2.14.1 is released This patch adds the didHandleUjetError function to the iOS SDK. Portal version 3.40 pre-release notes Here are the pre-release notes for portal version 3.40. New variables for custom lookup URLs We've added the following five variables for custom lookup URLs: CUSTOMER_PHONE_NUMBER: the end-user's phone number SUPPORT_PHONE_NUMBER: your call center's phone number that an end-user calls in on OUTBOUND_NUMBER: the phone number an agent uses when making an outbound call SESSION_ID: the session ID CUSTOM_AGENT_ID: an optional agent ID. Agent desktop maintains state after refresh While you're using the agent desktop, if you refresh your browser, the agent desktop now maintains its state. Search in email channel by email address and name Agents can now search for email sessions by email address and name in the email adapter. Customize the color of the Start Screen Share button You can now control the color of the Start Screen Share button to match the color palette of your brand. The europe-west4 and europe-west6 regions are available for Agent Assist conversation profiles The europe-west4 and europe-west6 regions are now available when you create an Agent Assist conversation profile for a Dialogflow CX virtual agent. Web SDK: Support for hiding the download transcript option You can now configure the web SDK to do the following on the end-user's chat screen: Hide the Download transcript menu option during a chat session Hide the Download transcript button after a chat session ends. Web SDK: Support for hiding the Start a new conversation button You can now configure the web SDK to hide the Start a new conversation button on the end-user's chat screen after the session ends. The following issues were addressed in this release: Fixed an issue that prevented administrators from configuring virtual agents on the top level for IVR queues.

Dataproc Serverless - New Serverless for Apache Spark runtime versions: 3.0.0-RC6. Dataproc on Compute Engine: The default image version of premium tier clusters is now 2.3. Serverless for Apache Spark: Runtimes rollout with Apache Spark upgrade to version 3.5.3 in the latest 1.2 and 2.2 Serverless for Apache Spark runtime versions has started and is expected to finish by October 16th.

Gemini - Breaking Gemini Code Assist tools are no longer available and are replaced by agent mode (Preview) Effective October 14, 2025, Gemini Code Assist tools are no longer available. Feature Enterprise version of Gemini Code Assist on GitHub (Preview) Gemini Code Assist on GitHub provides Gemini-powered reviews of pull requests in your GitHub repositories.

Memorystore for Redis Cluster - Feature You can now create a cluster in Memorystore for Redis Cluster, even if a zone of the region where you want the cluster to be created is unavailable.

Migration Center - Feature Preview: Migration Center lets you view detailed total cost of ownership (TCO) information directly in the Google Cloud Console for each asset and migration preference set, without the need to export the TCO report. Feature Preview: On the Migration Center Summary page, you can now see an aggregated view of the detected software assets.

Policy Intelligence - Feature You can use Policy Troubleshooter to remediate access issues. Issue Due to an ongoing issue, IAM recommender role recommendations might be out of date and inaccurate.

Resource Manager - You can use custom constraints with Organization Policy to provide more granular control over specific fields for some Datastream resources.

Secret Manager - Preview: Integrated secret synchronization feature is now available in preview.

Security Command Center - Change Security Command Center and attack path simulations use Compute Engine and Google Kubernetes Engine operating system and software vulnerabilities to detect toxic combinations and chokepoints.

Service Mesh - Managed Cloud Service Mesh. The promotion of 1.21 to the Rapid release channel included upstream breaking changes to ExternalName and auto-sni when using the ISTIOD implementation. 1.25.x. 1.25.5-asm.7 is now available for in-cluster Cloud Service Mesh. 1.25.5-asm.7 includes the fixes for the following CVEs: CVE Proxy Control Plane CNI Distroless CVE-2025-6297 Yes Yes Yes - CVE-2024-10963 Yes Yes Yes - CVE-2025-4802 - - - Yes CVE-2025-8058 Yes Yes Yes Yes. 1.26.x. 1.26.4-asm.7 is now available for in-cluster Cloud Service Mesh. 1.26.4-asm.7 includes the fixes for the following CVEs: CVE Proxy Control Plane CNI Distroless CVE-2024-10963 Yes Yes Yes - CVE-2025-8058 Yes Yes Yes Yes CVE-2025-4802 - - - Yes. 1.27.x. 1.27.1-asm.5 is now available for in-cluster Cloud Service Mesh. 1.27.1-asm.5 includes the fixes for the following CVEs: CVE Proxy Control Plane CNI Distroless CVE-2025-6297 Yes Yes Yes - CVE-2024-10963 Yes Yes Yes - CVE-2025-9230 Yes Yes Yes - CVE-2025-8058 Yes Yes Yes Yes CVE-2025-4802 - - - Yes. 1.24.x. In-cluster Cloud Service Mesh 1.24 is no longer supported.

Cloud Speech-to-Text - Feature Speech-to-Text is excited to announce the General Availability (GA) of the Chirp 3: Transcription, the latest generation of Google's multilingual Automatic Speech Recognition (ASR)-specific generative model, delivering state-of-the-art ASR accuracy and multilingual capabilities.

Cloud SQL - Cloud SQL Enterprise edition now supports a new machine series called the N4 machine series. The C4A machine series is now generally available (GA).

Virtual Private Cloud - Private Service Connect health is available in Preview.