Google Cloud Platform Newsletter

Check Archive for older issues

News

Reimagine global network connectivity with Cross-Site Interconnect, now GA - Cross-Site Interconnect, now GA, offers managed layer 2 connectivity over Google infrastructure to simplify WAN connectivity for demanding use cases.

Build trust and context for AI with lineage, now at column-level granularity - Dataplex column-level lineage in BigQuery charts a data column’s path as it moves, establishing context for agentic AI applications.

Introducing Google Gen AI .NET SDK - This blog post introduces the new Google Gen AI .NET SDK, enabling C#/.NET developers to use Gemini from Google AI or Vertex AI with a single, unified library.

Google Cloud and AMD at STAC Summit NYC: H4D VMs for Finance - H4D VMs powered by 5th Gen AMD EPYC (Turin) processors are designed for high-performance workloads common in capital markets.

What’s new in Cloud Armor: Innovations to boost security posture, threat protection - New capabilities in Cloud Armor offer more comprehensive security policies and granular network configuration controls.

Google named a Leader in the 2025 IDC MarketScape for Worldwide GenAI Life-Cycle Foundation Model Software - Google has been recognized as a Leader for our Gemini model family in the 2025 IDC MarketScape for Worldwide GenAI Life-Cycle Foundation Model Software report. The result validates our multi-year commitment to building the most capable, multimodal AI and delivering it to the enterprise through Vertex AI.

What's new with the AI Hypercomputer? vLLM on TPU, and more - New ways to simplify AI infrastructure deployment, improve performance, and optimize your costs.

Oklahoma transforms data access and boosts employer trust with Google Cloud - See how OESC transformed its legacy data system with Google Cloud. They cut reporting times from months to hours and improved services for citizens.

Articles, Tutorials

Infrastructure, Networking, Security, Kubernetes

A practical guide to Google Cloud's Parameter Manager - Google Cloud Parameter Manager is designed to reduce unnecessarily sharing key cloud configurations, and it works with many types of data formats.

Design Cross-Cloud Network VPC Network Peering with NVAs and Regional Affinity - Design a Cross-Cloud Network VPC Network Peering with NVAs and regional affinity. Learn how to integrate security into your network design and achieve regional affinity for low latency, data residency, and resource optimization.

Help Wanted: Vietnamese Actors Using Fake Job Posting Campaigns to Deliver Malware and Steal Credentials - Financially motivated actors are using fake job postings on legitimate platforms to target the digital advertising and marketing sectors.

Google Cloud Support: The Insurance Policy Your Cloud Workloads Need - A 5 Minute Guide to Selecting the Right Google Cloud Support Coverage.

Pro-Russia Information Operations Leverage Russian Drone Incursions into Polish Airspace - Pro-Russia information operations promoting narratives related to the incursion of Russian drones into Polish airspace.

To Be (A Robot) or Not to Be: New Malware Attributed to Russia State-Sponsored COLDRIVER - Russia state-sponsored COLDRIVER started using new malware immediately following a May public disclosure of their activity.

Beyond “Try Again Later”: A strategic guide to obtaining high-demand resources in Google Cloud - Stop hitting ZONE_RESOURCE_POOL_EXHAUSTED errors. Learn how to use GCP’s provisioning models to get the compute you need, when you need it.

Stop Guessing: How to Actually Track Your GKE Costs - Which team is responsible for that $45,000 spike in our GKE bill last month?

Solving the Kafka HA Puzzle on GKE Autopilot (Hard vs. Soft Pod Topology Spread Constraints) - The Three-Act Play of Stateful Workloads on GKE.

App Development, Serverless, Databases, DevOps

Cloud Workstations: building reusable development environments in cloud - Setting up Cloud Workstations using Pulumi, Typescript and Bun.

At Google, the future is multiarch; AI and automation are helping us get there - Google used hard work, automation, and AI to migrate more than 30,000 applications to Arm from x86, advancing the goal of architecture neutrality.

G4 VMs under the hood: A custom, high-performance P2P fabric for multi-GPU workloads - G4 GPU VMs use a PCIe-only interconnect that supports peer-to-peer (P2P) communication to accelerate workloads that require multi-GPU scaling.

Launching Ubuntu Desktop with Chrome Remote Desktop in Google Cloud (2025) - Step-by-step guide to running Ubuntu Desktop on Google Cloud with Chrome Remote Desktop, including network fixes and remote access setup.

The G4 VM is GA: Expanding our NVIDIA GPU portfolio for visual computing and AI - Now GA, the G4 VM powered by NVIDIA’s RTX PRO 6000 Blackwell GPUs is designed for latency-sensitive AI, simulation and visual applications.

From Data Changes to Real-Time Actions: CDC with Debezium and Google Cloud Pub/Sub - Designing an event-driven architecture that reacts instantly to database updates using Debezium Server, Pub/Sub, and Cloud Run.

Cloud Spanner — The impact of data locality on query latency - In Cloud Spanner, data locality is crucial for schema design. While colocating related data improves performance by reducing remote calls, distributing large datasets across multiple splits can significantly enhance query latency through parallel processing. This approach reduces latency but increases CPU usage.

Big Data, Analytics, ML&AI

Building scalable AI agents: Design patterns with Agent Engine on Google Cloud - These blog posts provide explanations into Agentic AI and the technology behind it. It discusses use cases and architecture patterns for building scalable enterprise grade Agents on Google cloud.

Agent Factory Recap: A Deep Dive into Agent Evaluation, Practical Tooling, and Multi-Agent Systems - Learn how to effectively evaluate AI agents with a full-stack approach, covering key metrics, measurement methods, and a 5-step evaluation loop using the Agent Development Kit (ADK) and Vertex AI. Discover strategies for single and multi-agent systems, synthetic data generation, and future challenges in agent evaluation.

Spanner better with BigQuery: streaming insights, faster federated queries, Iceberg tables support and more - Google Cloud enhances Spanner's integration with BigQuery, enabling real-time insights and faster federated queries. New features include support for Postgres-dialect Spanner databases in BigQuery external datasets, accelerated queries with materialized views, and real-time reverse ETL for streaming data from BigQuery to Spanner.

The 6 BigQuery Personas: Which One Are You? - After analyzing feedback from over 100 BigQuery clients, the article identifies six distinct personas based on their approach to BigQuery pricing, ranging from "On-Demand Native" to "Adaptive Automator.".

Training Nanochat on a A3 Spot VM - This article explains how to train a nanochat model, a simplified LLM implementation, on Google Cloud using an A3 Spot VM to leverage spare capacity at a significantly reduced cost.

Build a Custom Connector for Gemini Enterprise - How to integrate any system into Gemini Enterprise using a Custom Connector.

5 ad agencies used Gemini 2.5 Pro and gen media models to create an "impossible ad” - We briefed several top agencies to use Google's AI to create an “impossible” ad — a campaign that pushes the boundaries of what’s creatively and technically feasible. This is what they created with Gemini 2.5 Pro and gen media models.

How the Max Planck Institute is sharing expert skills through multimodal agents - The Proteomics Lab Agent assists scientists by simplifying complex scientific procedures through personalized AI guidance, making them easier to execute, while automatically documenting the process.

Agent Factory Recap: Securing AI Agents in Production - Securing AI agents in production is crucial. Learn about current threats, layered defense strategies, and practical implementations to keep your AI agents and users safe from prompt injection, context poisoning, and other attacks. Discover Google Cloud's Model Armor and the rise of guardian agents.

How Model Armor can help protect your AI apps from prompt injections and jailbreaks - You can use Model Armor to protect against prompt injections and jailbreaks. Here’s how.

Dataproc 2.3 on Google Compute Engine: A lightweight image with improved security - Dataproc 2.3 on Google Compute Engine is a Lightweight Image for Improved Security and Efficiency.

FinOps Cost Management for BigQuery - The article discusses applying FinOps principles to Google BigQuery, focusing on cost visibility, allocation, optimization, and governance.

Join the party: Build your first Gemini CLI extension! - Learn how to package commands and tools to scale your project setup. Stop copying configuration files — start sharing your best practices.

Cloud Composer Vs Vertex AI Pipelines - The article provides a framework for choosing between Cloud Composer and Vertex AI Pipelines for MLOps, focusing on team skills, data complexity, and budget.

Various

Google Skills — an evolution of online learning - An overview of the Google education platform evolution.

Get Your Feature or Bug on Google’s Roadmap: Step-by-Step Submission Guide - If you want a feature or a bug fix from Google, start in Issue Tracker, file it or star an existing one, share with the community.

Toronto Serverless Meetup - Nov 14, 2025 online - From Prompt to Production: Advanced Gemini CLI for Serverless.

Slides, Videos, Audio

GCP Bytes Podcast - #28 In this episode we discuss; Unifi, Gen AI Leader, OpenTrickler, Intervlan Routing Provider, AWS Outage, Nadellas Pay, GDG, VMWare License, Australian Age Verification, Private Buckets and CDN, Gemini Enterprise, Qantas Hack, F5 Hack, AI Will Not Take Your Job, Mac Bank and Gemini, Google 10 New AI Products.

Security Podcast - #248 Cloud IR Tabletop Wins: How to Stop Playing Security Theater and Start Practicing.

Releases

Agent Assist - Agent Assist offers summarization automatic evaluation in GA.

AppEngine Flexible Go - Feature Support for TLS version 1.2 and later, along with a corresponding secure set of cipher suites, is in General Availability (GA).

AppEngine Flexible PHP - Feature Support for TLS version 1.2 and later, along with a corresponding secure set of cipher suites, is in General Availability (GA).

BigQuery - Feature BigQuery is now offering early access to conversational analytics. Feature You can now use custom constraints with Organization Policy to provide more granular control over specific fields for some BigQuery sharing resources. Issue Support for table parameters in table-value functions (TVFs) has been temporarily disabled. Feature BigQuery ML now offers a built-in TimesFM univariate time series forecasting model that implements Google Research's open source TimesFM model. Feature BigQuery now supports TransUnion for entity resolution. Feature You can now use visualization cells to automatically generate a visualization of any DataFrame in your notebook. Feature In BigQuery ML, you can now fully manage open models as Vertex AI endpoints.

BigTable - You can save queries and then view and manage the saved queries in Bigtable Studio.

Chronicle - Feature earliest and latest functions supported in Rules and Dashboards The earliest and latest YARA-L functions for statistics and aggregations are now supported in Rules and Dashboards, in addition to Search. Announcement Premium Fortinet Firewall parser now available as Release Candidate This enhanced parser is available as a Release Candidate for the next 2 months.

Chronicle Security Operations - Announcement Premium Fortinet Firewall parser now available as Release Candidate This enhanced parser is available as a Release Candidate for the next 2 months.

Chronicle SOAR - Announcement Release 6.3.65 is being rolled out to the first phase of regions as listed here. Feature Delete high-load environments You can now easily delete environments with heavy loads directly from the platform. Announcement Release 6.3.64 is now available for all regions.

Colab - Feature Visualization cells Preview: You can use visualization cells to generate interactive and editable visualizations from within a Colab Enterprise notebook.

Cloud Composer - Announcement A new Cloud Composer release has started on October 22, 2025. Change The default value of the NO_PROXY environment variable now includes the IP address of the environment's cluster Compute Engine metadata server. Change (Airflow 2.10.5) The apache-airflow-providers-google package was upgraded to version 18.0.0 in Cloud Composer 2 images and Cloud Composer 3 builds. Change (Airflow 2.10.5) The apache-airflow-providers-cncf-kubernetes package was upgraded to version 10.8.2. Change New Airflow builds are available in Cloud Composer 3: composer-3-airflow-2.10.5-build.17 (default) composer-3-airflow-2.9.3-build.37. Change New images are available in Cloud Composer 2: composer-2.15.0-airflow-2.10.5 (default) composer-2.15.0-airflow-2.9.3. Deprecated The following Cloud Composer versions and builds have reached their end of support period: composer-3-airflow-2.7.3-build.20, composer-3-airflow-2.7.3-build.19, composer-2.9.8-*, composer-2.9.7-*.

Compute Engine - Feature Generally available: You can use future reservations to request to reserve capacity starting on a specific date up to one year in the future. Change The kernel dist-tag that supports the Rocky Linux Optimized and Accelerator images on Compute Engine is being updated from elX_ycld_next to elX_y_ciq as part of the consolidation of CIQ's kernel trees. Security A vulnerability affecting AMD Zen 5 processors (Turin) was discovered and is being addressed. Feature Generally Available: The G4 accelerator-optimized machine series is designed for graphics-intensive workloads such as NVIDIA Omniverse simulations, video transcoding, and virtual desktops.

Confidential VM - Security A vulnerability affecting AMD Zen 5 processors (Turin) was discovered and is being addressed.

Contact Center AI Platform - Advanced reporting dashboards version 3.40 pre-release notes Here are the pre-release notes for version 3.40 of the advanced reporting dashboards. New Agent Preference table in the Agent Availability dashboard We've added a new Agent Preference table to the Agent Availability dashboard. New Audit Log dashboard We've added a new Audit log dashboard to help you track changes to the configuration of your instance. The following issues were addressed in this release: Fixed an issue that caused the Agent Activity Timeline dashboard to display inaccurate or incomplete data.

Dataproc Serverless - Announcement Announcing the General Availability (GA) of Lightning Engine for Google Cloud Serverless for Apache Spark. Change Serverless for Apache Spark: With the Lightning Engine GA release, the property to enable Native Query Execution (NQE) feature has been updated.

Dataproc - Announcement Announcing the General Availability (GA) of Lightning Engine for Google Cloud Serverless for Apache Spark. Change Serverless for Apache Spark: With the Lightning Engine GA release, the property to enable Native Query Execution (NQE) feature has been updated.

Dialogflow - Feature Conversational Agents (Dialogflow CX):The Block none safety feature in agent settings is no longer restricted access. Feature Conversational Agents (Dialogflow CX): The Entity Types console menu now allows you to set a page size for entity entries and excluded phrases. Feature Conversational Agents (Dialogflow CX): You can now configure service account authorization for both tools and webhooks. Feature Conversational Agents (Dialogflow CX): New fields temperature, input_token_limit and output_token_limit are now available for LlmModelSettings in the v3beta1 API.

Google Kubernetes Engine - Change (2025-R44) Version updates GKE cluster versions have been updated. Security (2025-R44) Security updates This release includes new GKE versions that use updated Container-Optimized OS images. Feature The G4 VM, powered by NVIDIA's RTX PRO 6000 Blackwell Server Edition GPUs with the AMD EPYC Turin CPU platform, is generally available on GKE.

GKE new features - Feature The G4 VM, powered by NVIDIA's RTX PRO 6000 Blackwell Server Edition GPUs with the AMD EPYC Turin CPU platform, is generally available on GKE.

GKE - Change (2025-R44) Version updates Note: Your clusters might not have these versions available.

Google Kubernetes Engine Rapid - Change (2025-R44) Version updates Note: Your clusters might not have these versions available.

Google Kubernetes Engine Regular - Change (2025-R44) Version updates Note: Your clusters might not have these versions available.

Google Kubernetes Engine Stable - Change (2025-R44) Version updates Note: Your clusters might not have these versions available.

Looker - Looker (Google Cloud core) and Looker (original) changes. Feature Conversational Analytics in Looker The following features are available in Preview for use with Conversational Analytics in Looker instances that are running Looker 25.18 or later: Event and event attribute information is now available in System Activity Explores. Looker (Google Cloud core) and Looker (original) changes. Feature Looker now supports cloning a public Git repository using an https:// URL. Looker (original) only changes. Feature The new Looker Status Dashboard provides real-time updates about service availability or disruptions for Looker-hosted instances.

Memorystore for Redis Cluster - Feature We have implemented a security fix for CVE-2025-49844. Feature You can now use self-service maintenance to update your cluster to a newer version.

Cloud Memorystore - Feature We have implemented a security fix for CVE-2025-49844.

Cloud Monitoring - Feature You can now use the Google Cloud CLI and the Cloud Monitoring API to list incidents and get incident details.

Cloud NAT - Feature Private NAT supports Cloud Run in General Availability.

Policy Intelligence - Fixed The issue that caused IAM recommender role recommendations to be inaccurate and out of date is fixed.

Cloud Run - Feature Support for configuring GPU for your Cloud Run job is in General Availability (GA). Feature Direct VPC egress now supports Private NAT (GA). Feature Direct VPC egress now supports VPC Flow Logs (Preview).

Security Command Center - Change The release note for Security Command Center and attack path simulations, published on October 16, 2025, was updated to clarify that attack path simulations use Compute Engine and Google Kubernetes Engine OS and software vulnerability findings to detect toxic combinations and chokepoints. Feature Container image vulnerability findings has been released to General Availability.

Cloud Spanner - The Schema object drop protection feature is now generally available. You can now use the GoogleSQL ML.PREDICT function to convert your natural language query text into an embedding and perform approximate nearest neighbors (ANN) vector search.

Cloud SQL Postgres - Feature Cloud SQL now proactively detects and works to cancel high memory usage connections to prevent out-of-memory (OOM) failures.

Cloud Storage - You can now use Storage batch operations to create and manage retention configurations for objects in bulk using the PutMetadata transformation.

Cloud Text-to-Speech - Change Chirp 3: instant custom voice now supports voice cloning key generation in the eu and us regions.

Virtual Private Cloud - Feature You can view IP address utilization when you list or describe subnets. Feature VPC Flow Logs supports logging for Cloud Run resources that are configured with Direct VPC egress.

AppEngine Flexible Go - Feature Support for TLS version 1.2 and later, along with a corresponding secure set of cipher suites, is in General Availability (GA).

AppEngine Flexible PHP - Feature Support for TLS version 1.2 and later, along with a corresponding secure set of cipher suites, is in General Availability (GA).

BigQuery - BigQuery is now offering early access to conversational analytics. You can now use custom constraints with Organization Policy to provide more granular control over specific fields for some BigQuery sharing resources. Issue Support for table parameters in table-value functions (TVFs) has been temporarily disabled. BigQuery ML now offers a built-in TimesFM univariate time series forecasting model that implements Google Research's open source TimesFM model. BigQuery now supports TransUnion for entity resolution. You can now use visualization cells to automatically generate a visualization of any DataFrame in your notebook. In BigQuery ML, you can now fully manage open models as Vertex AI endpoints.

Bigtable - You can save queries and then view and manage the saved queries in Bigtable Studio.

Chronicle - Feature earliest and latest functions supported in Rules and Dashboards The earliest and latest YARA-L functions for statistics and aggregations are now supported in Rules and Dashboards, in addition to Search. Announcement Premium Fortinet Firewall parser now available as Release Candidate This enhanced parser is available as a Release Candidate for the next 2 months.

Chronicle Security Operations - Announcement Premium Fortinet Firewall parser now available as Release Candidate This enhanced parser is available as a Release Candidate for the next 2 months.

Chronicle SOAR - Announcement Release 6.3.65 is being rolled out to the first phase of regions as listed here. Feature Delete high-load environments You can now easily delete environments with heavy loads directly from the platform. Announcement Release 6.3.64 is now available for all regions.

Colab - Feature Visualization cells Preview: You can use visualization cells to generate interactive and editable visualizations from within a Colab Enterprise notebook.

Compute Engine - Feature Generally available: You can use future reservations to request to reserve capacity starting on a specific date up to one year in the future. Change The kernel dist-tag that supports the Rocky Linux Optimized and Accelerator images on Compute Engine is being updated from elX_ycld_next to elX_y_ciq as part of the consolidation of CIQ's kernel trees. Security A vulnerability affecting AMD Zen 5 processors (Turin) was discovered and is being addressed. Feature Generally Available: The G4 accelerator-optimized machine series is designed for graphics-intensive workloads such as NVIDIA Omniverse simulations, video transcoding, and virtual desktops.

Confidential VM - Security A vulnerability affecting AMD Zen 5 processors (Turin) was discovered and is being addressed.

Contact Center AI Platform - Advanced reporting dashboards version 3.40 pre-release notes Here are the pre-release notes for version 3.40 of the advanced reporting dashboards. New Agent Preference table in the Agent Availability dashboard We've added a new Agent Preference table to the Agent Availability dashboard. New Audit Log dashboard We've added a new Audit log dashboard to help you track changes to the configuration of your instance. The following issues were addressed in this release: Fixed an issue that caused the Agent Activity Timeline dashboard to display inaccurate or incomplete data.

Dataproc Serverless - Announcement Announcing the General Availability (GA) of Lightning Engine for Google Cloud Serverless for Apache Spark. Change Serverless for Apache Spark: With the Lightning Engine GA release, the property to enable Native Query Execution (NQE) feature has been updated.

Dialogflow - Feature Conversational Agents (Dialogflow CX):The Block none safety feature in agent settings is no longer restricted access. Feature Conversational Agents (Dialogflow CX): The Entity Types console menu now allows you to set a page size for entity entries and excluded phrases. Feature Conversational Agents (Dialogflow CX): You can now configure service account authorization for both tools and webhooks. Feature Conversational Agents (Dialogflow CX): New fields temperature, input_token_limit and output_token_limit are now available for LlmModelSettings in the v3beta1 API.

GKE new features - Feature The G4 VM, powered by NVIDIA's RTX PRO 6000 Blackwell Server Edition GPUs with the AMD EPYC Turin CPU platform, is generally available on GKE.

Looker - Looker (Google Cloud core) and Looker (original) changes. Feature Conversational Analytics in Looker The following features are available in Preview for use with Conversational Analytics in Looker instances that are running Looker 25.18 or later: Event and event attribute information is now available in System Activity Explores. Looker (Google Cloud core) and Looker (original) changes. Feature Looker now supports cloning a public Git repository using an https:// URL. Looker (original) only changes. Feature The new Looker Status Dashboard provides real-time updates about service availability or disruptions for Looker-hosted instances.

Memorystore for Redis Cluster - Feature We have implemented a security fix for CVE-2025-49844. Feature You can now use self-service maintenance to update your cluster to a newer version.

Cloud Memorystore - Feature We have implemented a security fix for CVE-2025-49844.

Cloud Monitoring - Feature You can now use the Google Cloud CLI and the Cloud Monitoring API to list incidents and get incident details.

Cloud NAT - Feature Private NAT supports Cloud Run in General Availability.

Policy Intelligence - Fixed The issue that caused IAM recommender role recommendations to be inaccurate and out of date is fixed.

Cloud Run - Feature Support for configuring GPU for your Cloud Run job is in General Availability (GA). Feature Direct VPC egress now supports Private NAT (GA). Feature Direct VPC egress now supports VPC Flow Logs (Preview).

Security Command Center - Change The release note for Security Command Center and attack path simulations, published on October 16, 2025, was updated to clarify that attack path simulations use Compute Engine and Google Kubernetes Engine OS and software vulnerability findings to detect toxic combinations and chokepoints. Feature Container image vulnerability findings has been released to General Availability.

Cloud Spanner - The Schema object drop protection feature is now generally available. You can now use the GoogleSQL ML.PREDICT function to convert your natural language query text into an embedding and perform approximate nearest neighbors (ANN) vector search.

Cloud SQL Postgres - Feature Cloud SQL now proactively detects and works to cancel high memory usage connections to prevent out-of-memory (OOM) failures.

Cloud Text-to-Speech - Change Chirp 3: instant custom voice now supports voice cloning key generation in the eu and us regions.

Virtual Private Cloud - Feature You can view IP address utilization when you list or describe subnets. Feature VPC Flow Logs supports logging for Cloud Run resources that are configured with Direct VPC egress.