Google Cloud Platform Newsletter

Check Archive for older issues

News

Sawasdee Thailand! Google Cloud launches new region in Bangkok - Google Cloud's new Bangkok region helps customers scale innovation with low-latency, local data residency, and PDPA compliance across Thailand.

Elevate your applications with Firestore’s new advanced query engine - New Firestore advanced query engine includes over a hundred new query capabilities known as pipeline operations.

Monitoring Google ADK agentic applications with Datadog LLM Observability - Datadog LLM Observability now provides automatic instrumentation for systems built with Google’s Agent Development Kit, or ADK.

Improving workflow orchestration with Apache Airflow 3.1 in Cloud Composer - For Cloud Composer users, new features in Apache Airflow 3.1 are designed to increase oversight, improve reliability, and support global teams.

Accelerate migrations with new incentives from the Rapid Migration and Modernization Program (RaMP) - Incentives in the Rapid Migration and Modernization Program (RaMP) help you migrate your enterprise applications to Google Cloud and get AI-ready.

Articles, Tutorials

Infrastructure, Networking, Security, Kubernetes

Scaling WideEP Mixture-of-Experts inference with Google Cloud A4X (GB200) and NVIDIA Dynamo - A new reference architecture for mixture-of-experts (MoE) workloads uses AI Hypercomputer with A4X machines, NVIDIA GB200 NVL72 and NVIDIA Dynamo.

CASA Tier 2 Audit: What to Expect - Costs, timeline, ZAP preparation, and why good security hygiene pays off.

Part I— Exploring DRANET on GKE with B200 GPUs and NCCL test - This article details how to deploy DRANET on Google Kubernetes Engine (GKE) using B200 GPUs to achieve high-speed networking for AI workloads. It explains how to leverage Kubernetes Dynamic Resource Allocation to ensure optimal GPU-to-GPU communication, preventing performance bottlenecks. The guide concludes with a demonstration and verification of RDMA speed using NCCL benchmarks.

Understanding Google Cloud’s New Spend-Based CUD Model - January 2026 brings simplified billing, expanded discounts, same savings.

App Development, Serverless, Databases, DevOps

How Google SREs Use Gemini CLI to Solve Real-World Outages - See how Google SREs use Gemini CLI and Gemini 3 to automate incident response, from paging to postmortem. Learn how AI helps eliminate toil and reduce Bad Customer Minutes safely.

Getting Started with Gemini 3: Deploy Your First Gemini 3 App to Google Cloud Run - Learn how to use Google AI Studio's Build mode to "vibe code" your first app with the Gemini 3 Flash Preview model and deploy it as a publicly accessible URL on Google Cloud Run.

Making Google Cloud IAP Usable on macOS - An open-source macOS app that significantly simplifies using Google Cloud IAP for accessing private virtual machines, which previously involved repetitive manual commands. This utility provides a visual interface to manage IAP TCP tunnels, automating port selection, integrating directly with Microsoft Remote Desktop, and securely storing credentials.

How to Deploy The Neo4j MCP Server to GCP Cloud Run - Learn strategies for deploying the Neo4j MCP server in development and production environments.

Migrating to PSC-Enabled Cloud SQL Across VPCs using DMS - This article provides a comprehensive guide for securely migrating Cloud SQL databases across different Google Cloud VPCs using Database Migration Service (DMS) and Private Service Connect (PSC).

To Build, or Not to Build: 3 (+1 New) Ways to Deploy Containers on Cloud Run - This article explores four distinct approaches for deploying containerized applications to Google Cloud Run, ranging from traditional Dockerfile builds to automated Buildpacks, and a newly introduced "no-build" option.

I Stopped Setting Up Firebase Manually, Here’s What Changed - What I changed in 2026 to make Firebase setup reproducible across teams and projects.

Firebase Just Got Relational: How to Use SQL in Your Next.js 16 App - The article introduces how Firebase Data Connect allows Next.js developers to integrate relational databases, specifically PostgreSQL via Cloud SQL, into their Firebase projects.

Rows to Relationships: Zero-Copy Fraud Detection with Spanner Graph & Kineviz GraphXR - This article demonstrates a streamlined approach to detecting modern financial fraud, particularly second-party fraud, by analyzing relationships within data rather than isolated transactions. It utilizes Google Cloud Spanner Graph as a cloud-native serving engine alongside Kineviz GraphXR Explorer for rapid, visual pattern discovery.

Introducing Spanner Schema Insights: Optimizing Your Global Database Design - Google engineers have been using this feature to optimize their databases in Spanner. Now they made it available to everyone.

Google Found a Way to Make Serverless Actually Fast - Google Cloud Run significantly improves serverless function performance by enabling sub-100ms cold starts when properly configured. This is achieved through a combination of startup CPU boost, lightweight gVisor sandboxing, and efficient concurrency management.

Big Data, Analytics, ML&AI

How Fastweb + Vodafone reimagined data workflows with Spanner & BigQuery - Following the acquisition of Vodafone Italy by Swisscom, these European telco leaders saw an opportunity to rethink how they serve customers.

We save $8k/Year: Why We Picked BigQuery-native Dataform over dbt Cloud - A guide to scaling data pipelines with Dataform + Airflow for BigQuery teams without a pricey vendor lock-in.

Staying Organized: How to set Schema Name to Parent Folder Name in Dataform - This article demonstrates a method to dynamically set the schema name in Dataform based on the parent folder name, eliminating the need for manual configuration in each action.

Creating a Dataform CI Process using Cloud Build and Github - This article provides a detailed guide on setting up a Continuous Integration (CI) process for Google Cloud Dataform projects using Cloud Build and GitHub.

Fixing a Broken PostgreSQL to BigQuery Pipeline Using Google DataStream - A practical guide to setting up CDC replication, troubleshooting common failures, and getting your data flowing again.

BigQuery’s Managed Inference for Open Models: Your Warehouse is Now an AI Engine - How Google Cloud is democratizing AI inference for data teams — no MLOps expertise required.

BigQuery Cost Spikes Explained: Why Your “Small” Change Triggered 10× Spend (and How Pros Prevent It) - This article explains how seemingly small changes in BigQuery queries can trigger significant cost spikes, often by inadvertently increasing bytes processed, data shuffled, or query executions.

Mastering Gemini CLI: Your Complete Guide from Installation to Advanced Use-Cases - Master Gemini CLI with our free DeepLearning.ai course! Learn to integrate this open-source AI agent for data analysis, content creation, and software development workflows.

Recursive Language Models in ADK - Recursive Language Models (RLMs) introduce a novel architecture where AI agents gain complete control over their context through an interactive coding environment, allowing them to handle extremely long texts and complex, information-dense tasks. Google's Agent Development Kit has successfully implemented and extended RLMs for enterprise use, incorporating practical features like lazy file loading and parallelism.

Parallel agents in Antigravity - Google Antigravity transforms a regular IDE into an agentic development platform, featuring a unique Agent Manager. This manager allows users to simultaneously spin up and oversee multiple AI agents working in parallel across various workspaces, significantly streamlining complex development tasks.

Welcome to MCP-P-A-looza - An overview of current Model Context Protocol (MCP) implementations across the programming landscape.

From Black-Box to White-Box: Generative AI Evaluation on Vertex AI - This article details how Google Cloud's Vertex AI Gen AI Evaluation Service helps address the "black box" problem of generative AI by providing a systematic approach to evaluating model outputs. It introduces methods like adaptive rubrics, which dynamically generate specific pass/fail criteria to assess factual accuracy, safety, and reliability, moving beyond traditional manual or fixed evaluation techniques.

Slides, Videos, Audio

Agent Factory Recap: Antigravity and Nano Banana Pro with Remik - Agent Factory Recap: Dive into Antigravity & Nano Banana Pro (Gemini 3 Pro Image model) to learn how to build AI agents for code and high-fidelity media.

Security Podcast - #259 Why Google Built a Security LLM and How It Beats the Generalists.

Releases

Assured Workloads Access Transparency - Feature: Automotive AI Agent is generally available (GA).

Backup and DR Service - Feature: Cost reports are now generally available for Backup and DR Service. Use cost reports to view resource specific Backup & DR Billing costs to gain granular insights into service spend and take actions to optimize resource allocation.

BigQuery - Change: You can now optionally specify which model to use by passing an endpoint argument to the AI.IF, AI.SCORE, and AI.CLASSIFY functions. Change: You can now run queries that use the AI.IF, AI.SCORE, and AI.CLASSIFY functions by using your end-user credentials instead of a BigQuery connection. Fixed: Support for table parameters in table-valued functions is restored. Change: BigQuery is now available in the Bangkok ( asia-southeast3 ) region. Feature: You can now use Gemini Cloud Assist to get information about your job history, such as why a particular query was slow or which queries were the most resource-intensive in the past day. This feature is in Preview. Breaking: Dataform workflows, BigQuery notebooks, pipelines, and data preparations are enforcing strict act-as mode at the project level. To avoid failures and maintain automatic releases, you must use custom service accounts instead of the default Dataform service agent across all repositories. You must also grant the Service Account User role ( roles/iam.serviceAccountUser ) to the default Dataform service agent and relevant principals. For more information and to verify act-as permissions, see Use strict act-as mode.

Billing - Feature: CUD recommendations support more machine types Resource-based CUD recommendations for cores and RAM now support additional machine series. For a complete list, see Resource-based CUDs supported by recommendations. You can access these recommendations using the FinOps hub user interface, programmatically using the Recommender API, or when you export recommendations to BigQuery.

Chronicle - Feature: Direct ingestion for Google Cloud Model Armor logs You can now ingest Google Cloud Model Armor logs ( GCP_MODEL_ARMOR ) directly into Google SecOps. Use an export filter for direct ingestion and access the logs through Google Cloud logging. Model Armor logs provide a unified window into AI-specific threats, such as prompt injection and sensitive data leakage. For more information, see Model Armor Documentation to Configure Logging. Announcement: New parser documentation now available New parser documentation is available to help you ingest and normalize logs from the following sources: Collect Active Countermeasures AI-Hunter logs Collect ADVA Fiber Service Platform logs Collect AIX system logs Collect Akamai SIEM Connector logs Collect AMD Pensando DSS firewall logs Collect Azure NSG Flow logs Collect Cloudflare Page Shield logs Collect FingerprintJS logs Collect FireEye eMPS logs Collect Forcepoint Email Security logs Collect Forcepoint NGFW logs Collect Fortinet FortiSASE logs Collect IBM DB2 logs Collect ManageEngine ADManager Plus logs Collect Microsoft Azure Resource logs Collect Microsoft Intune Context logs Collect Ubiquiti Unifi switch logs Collect Vectra Detect logs Collect Vectra Stream logs Collect Voltage SecureMail logs Collect Wallix Bastion logs

Chronicle SOAR - Announcement: Release 6.3.73 is being rolled out to the first phase of regions as listed here. This release contains the following changes: Feature: Structured SOAR Python integration logs Python integration logging has been upgraded to a structured format to eliminate visibility gaps and ensure comprehensive diagnostic coverage in Google Cloud. This upgrade changes how Python logs are interpreted in the GCP Cloud Logging Explorer. Previously, logs were bundled into a single block per execution. Now, every log line is interpreted as a separate entry, allowing for granular filtering, better searchability, and easier debugging of specific events. Recommended Actions: Update Log-Based Alerts: Ensure alerts triggered by string matches are compatible with individual log entries rather than bundled blocks. Review Automation Scripts: Test any external scripts or BigQuery exports that parse textPayload against the new granular format. Verify Dashboards: Custom monitoring dashboards may show an increase in event counts as executions are no longer bundled. For more information, see Collect SOAR logs. Announcement: Integration Rollback This Integration Rollback feature is now in General Availability (GA). Rollback is not supported for integrations built for Python 2.7 or 3.7. To perform a rollback, a snapshot must have been created during the previous upgrade process. For more information, see Roll back response integration version. Announcement: Release 6.3.72 is now available for all regions.

Dataform - Breaking: Dataform workflows, BigQuery notebooks, pipelines, and data preparations are enforcing strict act-as mode at the project level. To avoid failures and maintain automatic releases, you must use custom service accounts instead of the default Dataform service agent across all repositories. You must also grant the Service Account User role ( roles/iam.serviceAccountUser ) to the default Dataform service agent and relevant principals. For more information and to verify act-as permissions, see Use strict act-as mode.

Dataproc Serverless - Announcement: New Serverless for Apache Spark runtime versions: 1.2.67 2.2.67 2.3.20 3.0.3 Fixed: Applied patch for SPARK-48292 in Serverless for Apache Spark 1.2 and 2.2 runtimes.

Buildpacks - Feature: The Python buildpack supports default entrypoint detection for the Agent Development Kit (ADK) framework in General Availability. For more information, see Build a Python application.

KMS - Feature: Cloud KMS is available in the following region: asia-southeast3 For more information, see Cloud KMS locations.

GKE new features - Feature: You can now determine which Kubernetes JobSets are scheduled on which GKE node pools and nodes by monitoring the new generally available system metrics: kubernetes.io/jobset/assigned_node_pools: GKE node pools where a Kubernetes JobSet has scheduled Pods. kubernetes.io/jobset/assigned_nodes: GKE nodes where a Kubernetes JobSet has scheduled Pods. kubernetes.io/node_pool/assigned_jobsets: Kubernetes JobSets that have scheduled Pods on a GKE node pool. kubernetes.io/node/assigned_jobsets: Kubernetes JobSets that have scheduled Pods on a GKE node. Feature: The asia-southeast3 region in Bangkok, Thailand is available. For more information, see the Global Locations.

Load Balancing - Feature: Application Load Balancers now support the configuration of a traffic duration setting when you add backends to the backend services. You can configure this setting as SHORT or LONG based on the response time needed by backends to complete HTTP requests. Application Load Balancers also support the use of a new in-flight balancing mode that lets you configure the load balancer's traffic distribution to supported backends when requests take more than a second to complete. This feature is available in Preview. Feature: Backend buckets are available for regional external Application Load Balancers and regional internal Application Load Balancers. This feature enables to serve static content (such as images, video, and CSS) confined to a specific region, helping you meet strict data residency and compliance requirements for regulated workloads. This update ensures backend bucket availability across the entire Application Load Balancers portfolio. For more information, see the following: Set up a regional external Application Load Balancer with Cloud Storage buckets Set up a regional internal Application Load Balancer with Cloud Storage buckets This feature is in Preview.

Cloud Logging - Announcement: Cloud Logging adds support for the asia-southeast3 region. For a complete list of supported regions, see Supported regions.

Memorystore for Memcached - Deprecated: Memorystore for Memcached is being deprecated and will be shut down on January 31, 2029. After February 1, 2027, you can't create Memorystore for Memcached instances in new projects unless these instances already exist in these projects. We recommend that you migrate your workloads to Memorystore for Valkey, which offers superior performance and features.

Cloud Monitoring - Feature: Your Application Monitoring dashboards now display the trace spans that are associated with your registered App Hub applications. The display includes annotations that let you identify services and workloads. You can also open the Trace Explorer page from your Application Monitoring dashboards. To learn more, see the following documents: Application Monitoring overview. View application telemetry. Find and explore traces describes how to use the Trace Explorer page to filter and explore your trace data.

Cloud Run - Feature: The Python buildpack supports default entrypoint detection for the Agent Development Kit (ADK) framework in General Availability. For more information, see Build a Python application. Feature: The following new region is now available: asia-southeast3.

Service Mesh - Announcement: 1.28.2-asm.4 is now available for in-cluster Cloud Service Mesh. You can now download 1.28.2-asm.4 for in-cluster Cloud Service Mesh. It includes the features of Istio 1.28.0 subject to the list of supported features. The following environment variables, fields, and annotations are not supported: PILOT_SPAWN_UPSTREAM_SPAN_FOR_GATEWAY Additional attributes for HTTPCookie in the DestinationRule API caCertCredentialName field in ServerTLSSettings API Optional NetworkPolicy for Istiod deployment Disable shadow host suffix MAX_CONNECTIONS_PER_SOCKET_EVENT_LOOP Istio dual stack is not supported Istio's experimental feature to enable lazy subset creation of envoy statistics is not supported. The ENABLE_AUTO_SNI flag is still supported to stay aligned with legacy behavior. For details on upgrading Cloud Service Mesh, see Upgrade Cloud Service Mesh. Cloud Service Mesh version 1.28.2-asm.4 uses Envoy v1.36.5-dev. Announcement: 1.27.5-asm.0 is now available for in-cluster Cloud Service Mesh. You can now download 1.27.5-asm.0 for in-cluster Cloud Service Mesh. It includes the features of Istio 1.27.5 subject to the list of supported features. Cloud Service Mesh version 1.27.5-asm.0 uses envoy v1.35.9-dev. For details on upgrading Cloud Service Mesh, see Upgrade Cloud Service Mesh. Announcement: 1.26.8-asm.1 is now available for in-cluster Cloud Service Mesh. You can now download 1.26.8-asm.1 for in-cluster Cloud Service Mesh. It includes the features of Istio 1.26.8 subject to the list of supported features. Cloud Service Mesh version 1.26.8-asm.1 uses envoy v1.34.11. For details on upgrading Cloud Service Mesh, see Upgrade Cloud Service Mesh. Announcement: In-cluster Cloud Service Mesh 1.25 is no longer supported. For more information and to view the earliest end-of-life dates for other versions, see Supported versions.

Cloud SQL MySQL - Feature: Cloud SQL for MySQL now supports performance capture to help you diagnose transient performance issues with your MySQL database. Performance capture lets you specify configurable thresholds for additional monitoring. If a threshold is reached, then performance capture takes snapshots of the database state, including in-flight transactions, InnoDB status, and, in the case of replication lag, detailed replication status. Performance capture outputs the snapshots in a log format so you can review the state of the instance when the problem occurred. For more information, see Cloud SQL performance capture overview. Performance capture is in Preview. Change: Cloud SQL for MySQL 8.0.43 is now the default minor version of Cloud SQL for MySQL 8.0. If you have automatic minor version upgrade enabled for your instance, then your instance is upgraded to the default minor version automatically during its regularly scheduled maintenance update. For more information about automatic minor version upgrade, see Upgrade the database minor version of MySQL 8.0.

Cloud Storage - Feature: Bucket relocation with write downtime now supports completed multipart uploads. If a multipart upload is started before relocation begins and is completed before the final synchronization step, the objects are successfully relocated. In-progress multipart uploads continue to block the final synchronization step until they are either completed or cancelled. For more information, see Bucket relocation overview. Feature: Cloud Storage now offers support in the Thailand, Bangkok ( asia-southeast3 ) region. To learn more about supported locations, see Cloud Storage bucket locations.

Virtual Private Cloud - Feature: For auto mode VPC networks, added a new subnet 10.232.0.0/20 for the Bangkok asia-southeast3 region. For more information, see Global locations and Auto mode IP ranges.

AlloyDB - Issue: Automatic IAM authentication is unavailable when you use managed connection pooling with the AlloyDB Auth Proxy and Language Connectors. To sign into your database without a password, use manual IAM authentication. For more information, see Connect using an IAM account Feature: You can create AlloyDB cluster instances in Bangkok, Thailand ( asia-southeast3 ). For more information, see AlloyDB locations and AlloyDB for PostgreSQL pricing. Feature: AlloyDB now supports the Z3 machine series, which are powered by 4th generation Intel x86 processors (Sapphire Rapids) with Titanium SSD. These instances offer machine sizes, with up to 88 vCPU and 704 GiB RAM, that let you run storage-intensive workloads with large working datasets. For more information, see Choose an AlloyDB machine type. This feature is generally available (GA).

Apigee UI - Deprecated: Debug v1 turndown As of January 20, 2026, Debug v1 has been turned down and is no longer available. Please use Debug v2 (now referred to as Debug) for debugging API proxies.

Artifact Registry - Feature: Artifact Registry is available in the asia-southeast3 region (Bangkok). For more information, see Global locations. Feature: Artifact Registry now calculates fingerprints for each version of a package pushed to the Artifact Registry repository. You can use the fingerprint to validate that the package wasn't modified when moving between Google Cloud systems, such as Compute Engine and Cloud Build. This feature is in public preview. For more information, see Use fingerprints to verify package version identities.

Cloud Asset Inventory - Feature: The following resource types are publicly available through the ExportAssets, ListAssets, BatchGetAssetsHistory, QueryAssets, Feed, SearchAllResources, and SearchAllIamPolicies APIs. Bigtable bigtableadmin.googleapis.com/AuthorizedView

Assured Workloads Access Approval - Feature: Automotive AI Agent is generally available (GA).