Google Cloud Platform Newsletter

Check Archive for older issues

News

Announcing Claude Opus 4.5 on Vertex AI - Anthropic’s newest model, Claude Opus 4.5, is generally available on Vertex AI. As Anthropic’s most advanced model to date, it excels in coding, agents, vision, computer use and office tasks — at one-third the cost of its predecessor, Opus 4.1.

AWS and Google Cloud collaborate to simplify multicloud networking - AWS and Google Cloud’s jointly engineered multicloud networking solution uses AWS Interconnect - multicloud and Google Cloud Cross-Cloud Interconnect.

Expanding Google Cloud’s Cross-Cloud Network with a groundbreaking AWS collaboration - Cross-Cloud Interconnect for AWS is an on-demand, cross-cloud connectivity solution for applications that span the two cloud provider environments.

Articles, Tutorials

Infrastructure, Networking, Security, Kubernetes

Access AWS Services from GKE - Demonstrates how to securely access AWS services directly from GKE Pods by leveraging GKE Workload Identity.

How to Setup Google Secret Manager with Google IAM Permissions - This article provides a detailed walkthrough on setting up and utilizing Google Secret Manager for securely storing backend credentials, such as Database and JWT secrets, in a Node.js/TypeScript project.

Surviving Success: Intelligent Capacity Failover with GKE Custom Compute Classes - This article introduces GKE’s Custom Compute Classes (CCC) as a solution for SREs to manage unpredictable load spikes by creating a hardware spillover strategy for high-performance servers.

Our Cloud Monitoring Bill Jumped 25x, and Here’s How We Found the Culprit - This is the story of how our Google Cloud Monitoring bill jumped 25x overnight, from $2/day to a persistent $50/day.

Stop Storing Cloud Secrets: How Workload Identity Federation Eliminates Static Keys - The most dangerous part of modern ML isn’t model accuracy. It’s the secrets we scatter across systems like digital landmines.

Workforce Identity Federation Made Easy: Attribute Mapping and Permissions for Entra ID & SAML - This technical guide addresses common challenges when configuring Workforce Identity Federation (WIF) with Microsoft Entra ID and SAML, a critical step for enabling AI services like Gemini Enterprise.

App Development, Serverless, Databases, DevOps

How I Solved a Real-World Load Problem Using GCP Cloud Run Jobs - This article explains how to scale a failing, data-heavy Cloud Run Job by shifting from a sequential workload to a parallelized, batch-oriented architecture. The solution leverages the CLOUD_RUN_TASK_COUNT and CLOUD_RUN_TASK_INDEX environment variables to distribute tasks efficiently across multiple workers, dramatically reducing job runtime from hours to minutes while cutting costs.

Google Cloud Gotcha: Direct VPC Egress on Cloud Functions vs. Cloud Run - Many tries to understand that feature is working only with Cloud Run.

Crutch Factory— Conditional build in Cloud build on specified file changes - My note about creating conditional build step in Cloud build only when source code was changed.

Big Data, Analytics, ML&AI

Your Command-Line Companion: A Story of a Smarter CLI - Elevate your command line workflow by leveraging Prompt support in MCP Toolbox to turn complex operations into a single command!

New Gemini API updates for Gemini 3 - Gemini 3 is available via API with updates for developers: new `thinking_level` for depth control, `media_resolution` for multimodal processing, and enforced `Thought Signatures` for agentic workflows, especially with function calling and image generation. It also introduces combining Google Search/URL Grounding with Structured Outputs and new usage-based pricing for Grounding. Best practices, like using default temperature, are advised for optimal results.

How we slashed data-API costs by 99.8% using flAPI + Google BigQuery + DuckDB - This article outlines a cost-optimization strategy using flAPI to cache periodic BigQuery aggregations within a local DuckDB instance for high-frequency API endpoints. This architectural pattern decouples heavy data warehouse queries from user traffic, resulting in millisecond response times and a reported 99% reduction in operational costs.

Building Dataform Pipelines: A Practical Guide To Materializations - This article details how to optimize data warehouse costs and performance by strategically selecting Dataform materialization types: view for freshness, table for simplicity, incremental for efficient updates on large datasets, and operations for complex custom logic. It provides a decision-making framework based on dataset size, update frequency, and team maturity to ensure scalable and maintainable data models.

Being a (context) Control Freak: 4 optimizations that made my ADK agent 2.7x faster - Managing context and state to improve agent runtime.

How We Migrated from dbt Cloud to GCP Dataform (And Saved Significant Cost) - Step-by-step process, feature comparison, and real-world insights for data engineers.

BigQuery Cost FireDrill: Guardrails, Quotas, and Kill Switches - How to stop one bad query, one rogue dashboard, or one “quick export” from torching your entire data budget.

How Vertex AI RAG Engine Simplifies Security Policy Grounding and Multi-Corpus Architecture - My experience of exploring GCP RAG Engine for security-related tasks.

TPU Mythbusting: The general perception - Learn what are some common misconceptions about TPUs and what are the facts.

TPU Mythbusting: cost and usage - Second part of the TPU Mythbusting. Learn how to get access to TPU without paying for them and how you can use TPUs.

Implementing Dynamic Loops in ADK: What I Learned - This guide explains how to master dynamic loops in the Agent Development Kit by using the LoopAgent pattern to manage control flow via Session State and Callbacks rather than relying on unstable prompts.

Slides, Videos, Audio

Security Podcast - #253 The Craft of Cloud Bug Hunting: Writing Winning Reports and Secrets from a VRP Champion.

Releases

Cloud TPU - Feature: Preview: TPU7x is available in Preview. TPU7x is the first release within the Ironwood family, Google Cloud's seventh generation TPU. TPU7x supports large-scale AI training and inference, providing performance and cost-effectiveness for demanding workloads such as large language models (LLMs), mixture of experts (MoEs), and diffusion models. For more information, see the TPU7x (Ironwood) documentation.

Cloud Architecture Center - Feature: AI and ML perspective: Security: Major update to expand the security principles and recommendations in the AI and ML perspective. Feature: (New guide) Choose your agentic AI architecture components: Learn how to select architecture components to build your agentic AI system.

Artifact Registry - Feature: You can now use ExportArtifact() to export an artifact to a Cloud Storage bucket.

Cloud Asset Inventory - Feature: The following resource types are publicly available through the ExportAssets, ListAssets, BatchGetAssetsHistory, QueryAssets, Feed, SearchAllResources, and SearchAllIamPolicies APIs. BigQuery sharing analyticshub.googleapis.com/DataExchange analyticshub.googleapis.com/Listing

BigQuery - Feature: The BigQuery Data Transfer Service now supports incremental data transfers when transferring data from Salesforce to BigQuery. This feature is supported in Preview. Change: An updated version of the JDBC driver for BigQuery is now available. Feature: You can set the default project and dataset for your pipeline in the SQLX options section, which simplifies task configuration by using these defaults for all tasks. This feature is generally available (GA).

Cloud Composer - Issue: We discovered an issue that might impact the reporting of metrics in the following recently released Cloud Composer versions: composer-2.15.4-airflow-* composer-3-airflow-2.10.5-build.20 composer-3-airflow-2.9.3-build.40 composer-3-airflow-3.1.0-build.3 To prevent additional environments from being affected, we have disabled the ability to upgrade existing environments to these versions and to create new environments using these versions. If your environment is already using one of these versions, you can continue to use it as usual. We are working to resolve the issue for all currently affected environments.

Compute Engine - Feature: Public Preview: You can now access the VM metadata server using IPv6 connectivity from single-stack IPv6 VM instances. For more information, see About VM metadata.

Contact Center AI Platform - Announcement: Google Cloud CCaaS 3.43 prerelease notes Here are the prerelease notes for Google Cloud CCaaS version 3.43. When we release version 3.43, we expect the new capabilities to be as shown here. Feature: In-queue wait time virtual agent for calls You can now configure a virtual agent to handle incoming calls requiring escalation to a human agent. The in-queue wait time virtual agent can place an incoming call into a queue and then provide personalized, interactive updates based on real-time events that your instance sends to the virtual agent. These events include estimated wait time, queue position, and agent availability. When an agent is available, the virtual agent transfers the call. Feature: New web SDK event: exited We've added the exited event to the web SDK. This event triggers when an end-user exits a chat session after an agent ends the session. Fixed: We addressed the following issues in this release: Fixed an issue that occurred when a call was connected directly to an agent using the agent's extension (either from another agent or from an end-user). The system didn't apply the settings of the receiving agent's queue. Fixed a web SDK issue where responses from virtual agents displayed markup code for headings, bold, italics, etc., instead of the rendered formatting. Fixed a web SDK issue where the timeout dialog for chat check-in didn't dismiss after a chat session expired. Fixed a web SDK issue where an error was incorrectly returned in the browser console log. Fixed a web SDK issue where the "new message" alert in the chat screen used a text color that didn't adequately contrast with the background. Fixed an issue where red boxes incorrectly appeared in the chat screen when an agent's message was undelivered. Fixed an issue where inbound calls were routed incorrectly to agents outside of their personal hours of operation. Fixed an issue that prevented users from downloading web chat transcripts using the Download button. Fixed an issue that occurred during overcapacity deflection. The "redirect to queue" action didn't route calls to the configured Dialogflow menu ID. Fixed an issue where virtual agents disconnected calls during after-hours deflection or automatic redirection instead of routing them to the configured location. Fixed an issue where virtual agents incorrectly remained in a session if an agent answered a call immediately after an overcapacity deflection announcement. Fixed an issue where calls didn't end after an end-user selected the "message" option during overcapacity deflection. Fixed an issue where manually adding users to multiple teams returned an error. Fixed an issue where administrators couldn't save queue reordering actions in the SMS channel. Fixed an issue where the BYOC configuration incorrectly overwrote the domain of target SIP URIs during outbound calls. Fixed an issue that incorrectly returned Cannot read properties console errors. Fixed an issue where a service name was misspelled, which caused errors in batch user creation and team assignment. Fixed an issue with historical data bulk import where uploading historical data without dates generated empty import reports instead of returning an error. Fixed an issue with historical data bulk import where the system accepted and processed data with future dates instead of returning an error. Fixed an issue where queue priority sliders for users and teams were active when they were configured to be inactive. Fixed an issue that prevented languages from being added to an instance. Fixed an issue where the agent directory was empty when an agent attempted to transfer a call to another agent. Addressed latency in Telnyx calls. Fixed a billing calculation issue where concurrent agent counts were inaccurate.

GKE new features - Feature: TPU7x (Ironwood), Google's seventh-generation TPU for large-scale AI workloads, is available in Preview in GKE Standard clusters that run version 1.34.0-gke.2201000 and later, and in Autopilot clusters that run version 1.34.1-gke.3084001 and later. TPU7x offers a significant performance increase compared to previous generations, with 2307 TFLOPs of BF16 performance and 192 GB of high-bandwidth memory (HBM) per chip. For more information, see Get started with Ironwood (TPU7x). Feature: Fast-starting nodes are now generally available. GKE provisions fast-starting nodes on a best-effort basis in Autopilot when workloads use compatible configurations. For more information, see About quicker workload startup with fast-starting nodes.

Looker - Deprecated: The DataRobot action will be deprecated on February 1, 2026. After that date, this action won't be available in the Looker Action Hub.

Policy Intelligence - Feature: IAM administrators can review and manage identity risks across their organization, folder, or project from the Google Cloud console by using the Security Insights dashboard. For more information, see Review and manage identity risks. This feature is available in Preview.

VMware Engine - Announcement: VMware Engine ve2 nodes are now available in the Dallas, Texas, North America region ( us-south1-b ).

VPC Service Controls - Feature: Preview stage support for the following integration: Unified Maintenance