Google Cloud Platform Newsletter

Check Archive for older issues

News

Introducing Gemini 3.1 Pro on Google Cloud - Today, we’re announcing Gemini 3.1 Pro on Google Cloud for developers and business teams. Get started on Gemini CLI, Gemini Enterprise, and Vertex AI.

Powering the next generation of agents with Google Cloud databases - Learn about new Model Context Protocol (MCP) servers for AlloyDB, Spanner, Cloud SQL, Firestore and Bigtable, as well one for Developer Knowledge.

Announcing America-India Connect and new investments to advance global AI access - The America-India Connect system increases the reach, reliability, and resilience of digital connectivity across four continents, expanding AI access.

Unlocking enterprise data to accelerate agentic AI: How Ab Initio does it - Pulling together the data and metadata necessary for effective AI agents requires an effective, reliable multi-cloud platform like Ab Initio’s.

New BigQuery global queries let you explore distributed data with a single SQL statement - The preview of global queries in BigQuery lets you query data stored in different geographic locations with a single, standard SQL query, with no ETL.

Simplify your AI workflow with autonomous embedding generation in BigQuery - BigQuery autonomous embedding generation treats embeddings as a managed part of your table, making it easier to get your data AI-ready.

Building a conversational agent in BigQuery using the Conversational Analytics API - Use the Conversational Analytics API to build context-aware agents that understand natural language, query BigQuery data, and deliver answers in text, tables, and visual charts.

Decommission your legacy Apache Cassandra stack and build for the future with Spanner - With Cassandra Query Language (CQL) APIs on Spanner, your existing Apache Cassandra applications can run on Spanner and continue to use CQL.

Google (Spanner) Ranks #1 for Lightweight Transactions Use Case in Gartner® Critical Capabilities Report - For the second year in a row, Gartner recognized Spanner in the Critical Capabilities for Cloud Database Management Systems report.

Articles, Tutorials

Infrastructure, Networking, Security, Kubernetes

Cloud CISO Perspectives: New AI threats report: Distillation, experimentation, and integration - John Hultquist details what security leaders should know from our newest AI threat report on experimentation, integration, and distillation attacks.

From BRICKSTORM to GRIMBOLT: UNC6201 Exploiting a Dell RecoverPoint for Virtual Machines Zero-Day - UNC6201 utilizes a newly discovered zero-day in Dell RecoverPoint for Virtual Machines to deliver BRICKSTORM and subsequently backdoors.

GKE Pod Snapshots Cut Startup Times for Heavy Workloads - Google Kubernetes Engine's new Pod snapshots feature significantly reduces startup times for computationally intensive workloads such as large language models and scientific computing applications.

Google Cloud Router: Using BGP Policies to influence traffic paths - This article explains how BGP Route Policies on Google Cloud Router can be used to influence network traffic paths and optimize routing decisions. It details how manipulating BGP attributes like Multi Exit Discriminator (MED) or ASPath allows for precise traffic shaping, particularly in scenarios involving custom advertised routes within complex VPC architectures.

Building a Faster GCP Kill Switch: Leveraging Cloud Monitoring Instead of Billing Data - This article demonstrates building a faster "kill switch" in Google Cloud Platform to prevent unexpected costs, arguing that traditional budget alerts are insufficient due to inherent reporting delays.

Safe Cleanup: How to use Policy Intelligence to Monitor and Retire GCP Service Account Keys - Google Cloud's Policy Intelligence offers a data-driven approach to safely manage and retire unused GCP Service Account keys, eliminating the "Delete-and-Pray" dilemma. Leveraging tools like Activity Analyzer and Recommender, it provides insights into key usage, enabling users to identify dormant keys, disable them for a "scream test," and then confidently delete them to enhance security without disrupting critical services.

App Development, Serverless, Databases, DevOps

Using the Neo4j Extension in Gemini CLI - Turn your terminal into an intelligent workspace with the Neo4j Gemini CLI extension. Leverage Gemini's AI reasoning to deploy Neo4j Aura, generate Cypher queries, and build GraphRAG applications.

Managing development, staging and production environments in Firebase

Real-Time Architecture: Building a WebSocket Fan-out Mediator with Apigee Hybrid and GKE - This article outlines a real-time architecture solution for fanning out single WebSocket connections to multiple backend services. It details the implementation of a Mediator Service on Google Kubernetes Engine (GKE), positioned behind an Apigee Hybrid gateway.

Geo-Spatial Indexing on Spanner with S2 - Google Cloud Spanner, lacking native spatial indexes, can be efficiently equipped for geo-spatial queries using the S2 Geometry Library. This approach transforms 2D locations into 1D S2 Cell IDs, stored in a multi-level token index within an interleaved child table for fast range scans.

Cloud SQL remote MCP Server in Action - Google has launched the Cloud SQL remote MCP server, a fully managed and enterprise-ready endpoint that empowers AI assistants and agents to seamlessly interact with Cloud SQL databases.

Exploring Axion CPUs with Google Cloud C4A Axion instances - This article benchmarks Google Cloud's C4A Axion instances against C4 Intel Emerald Rapids instances, focusing on image transformation workloads. It demonstrates Axion's superior performance, especially for data-intensive tasks, attributing this to its larger cache hierarchy and higher effective instructions per cycle.

From Conversion Workspace to Code Repo: Managing Google DMS Schema & Code Exports in Git - Google Cloud's Database Migration Service (DMS) automates schema conversion, but the resulting large, single SQL file can be difficult to manage in a Git repository. This article outlines a practical approach using `gcloud` commands and custom Python/Bash scripts to export DMS conversion workspaces.

Big Data, Analytics, ML&AI

5 BigQuery Partitioning Tips you need to know about - This guide provides five essential tips, focusing on how complex query logic or Dataform's `${self()}` injections can lead to inefficient full table scans.

Finally, BigQuery can explain its own table relationships! - Google Cloud's BigQuery has introduced a new "Dataset Insights" feature, now in Preview mode, which automatically visualizes and explains table relationships within a dataset. This tool leverages metadata, usage patterns, and AI inference to generate interactive graphs and suggested queries, drastically simplifying the understanding of complex data schemas.

Getting Started with the BigQuery Remote MCP Server - Connecting your AI tools directly to your data warehouse — no glue code required.

Using Google Cloud AI to measure the physics of U.S. freestyle snowboarding and skiing - Google Cloud AI and Gemini analyze U.S. Olympians' freestyle tricks to reveal the physics behind their mastery.

Your guide to Provisioned Throughput (PT) on Vertex AI - Provisioned Throughput (PT) on Vertex AI gives you reserved resources that guarantee capacity and predictable performance.

Turn creative prompts into interactive XR experiences with Gemini - The Android XR team is using Gemini's Canvas feature to make creating immersive extended reality (XR) experiences more accessible. This allows developers to rapidly prototype interactive 3D environments and models on a Samsung Galaxy XR headset using simple creative prompts.

BigQuery + Vector Search for Support Tickets: A Practical RAG Pipeline That Survives Real Data Mess - This article details how to construct a practical Retrieval-Augmented Generation (RAG) pipeline for support tickets, specifically designed to handle common data challenges like threads, duplicates, and PII.

Hooking up CrewAI with Google Gemini for Multi-Agent Automation Systems - This article demonstrates how to combine the CrewAI framework with Google Gemini models to build advanced multi-agent automation systems. This integration leverages Gemini's rapid reasoning, large context windows, and native Google Search capabilities, enabling AI agents to collaborate effectively on complex tasks.

The Secret Sauce of Reliable AI: Implementing Robust Pre/Post-Processing Hooks - Master the technique of using pre- and post-processing hooks to secure inputs, validate logic, and ensure consistent data use for agents.

Gemini Live — Part 1: Building a low-latency, telephone Voice Agent with FreeSWITCH and ADK agents powered by Gemini Live. - This article demonstrates how to build a low-latency telephone voice agent using Google Cloud's Gemini Live API, which uses a unified audio architecture to deliver immediate, human-like spoken responses with ultra-low latency and emotional intelligence.

Deploying Gemini Enterprise Using Terraform - Bring Gemini Enterprise to life with Infrastructure as Code.

Various

Sovereignty and European competitiveness: A partnership-led approach to AI growth - Google Cloud combines cutting-edge AI with a flexible infrastructure built to align with Europe's digital sovereignty needs. Here’s how it can help European competitiveness.

Slides, Videos, Audio

Security Podcast - #263 SOC Refurbishing: Why New Tools Won’t Fix Broken Processes (Even With AI).

Releases

AlloyDB - Feature: AlloyDB now integrates with Database Center to provide prioritized health monitoring in the Google Cloud console. This integration highlights critical and high-priority risks, offering one-click navigation to recommended fixes and system insights for quick resolution. For more information, see Monitor the health of your AlloyDB clusters and instances. Feature: AlloyDB performance snapshot and reports now support read pool instance nodes, providing deeper observability into read operations and replica-specific performance issues. Announcement: New best practices are available for securing generative AI agents using Model Context Protocol (MCP) with Google Cloud databases. This guide covers key security measures like least privilege, native database controls, and secure agent design to help you build safer AI applications. For more information, see Best practices for securing agent interactions with Model Context Protocol. Feature: You can now make AI function calls in bulk rather than row-by-row, which lets you scale your intelligent workflows faster with new support for array-based processing. For more information, see Perform intelligent SQL queries using AI functions. This feature is in Preview. Feature: You can now use the AlloyDB remote MCP server. The AlloyDB remote MCP server lets you interact easily with AlloyDB clusters from LLMs, AI applications, and AI-enabled development platforms. This feature is in Preview.

AppEngine Flexible - .NET - Feature: Support for .NET 10 runtime is in General Availability.

AppEngine Standard Go - Feature: Support for Go 1.26 runtime is in Preview.

Google Cloud Armor - Change: Cloud Armor preconfigured WAF rules support for inspection up to the first 64 kB (either 8 kB, 16 kB, 32 kB, 48 kB, or 64 kB) of the request body content is Generally Available.

Assured Workloads Access Approval - Feature: Unified Maintenance is generally available (GA).

Assured Workloads Access Transparency - Feature: Unified Maintenance is generally available (GA).

BigQuery - Feature: You can now run global queries, which let you reference data stored in more than one region in a single query. This feature is in Preview. Deprecated: Control of MCP use with organization policies is deprecated. After March 17, 2026, organization policies that use the gcp.managed.allowedMCPServices constraint won't work, and you can control MCP use with IAM deny policies. For more information about controlling MCP use, see Control MCP use with IAM deny policies. Change: After March 17, 2026, when you enable BigQuery, the BigQuery MCP server is automatically enabled.

Bigtable - Announcement: New best practices are available for securing generative AI agents using Model Context Protocol (MCP) with Google Cloud databases. This guide covers key security measures like least privilege, native database controls, and secure agent design to help you build safer AI applications. For more information, see Best practices for securing agent interactions with Model Context Protocol. Feature: You can migrate a machine learning feature management workload from Vertex AI Feature Store (Legacy) to a Bigtable instance. For more information, see Migrate from Vertex AI Feature Store (Legacy) to Bigtable. Feature: You can use the Bigtable Admin API MCP server to enable agents and AI applications to perform a range of data-related tasks. This feature is in Preview.

Chronicle - Feature: New capabilities in Feeds page The following options have been added to the Feeds page: Search Filtering (using feed attributes) Pagination Last Refreshed Time Feed Metadata Export to CSV

Chronicle Security Operations - Change: Publisher Agent Version 2.6.4 removes support for Python 3.7 from the remote agent. Feature: New capabilities in Feeds page The following options have been added to the Feeds page: Search Filtering (using feed attributes) Pagination Last Refreshed Time Feed Metadata Export to CSV Change: After March 17, 2026, when you enable Google SecOps, the Google SecOps MCP server is automatically enabled. Deprecated: Control of MCP use with organization policies is deprecated. After March 17, 2026, organization policies that use the gcp.managed.allowedMCPServices constraint won't work, and you can control MCP use with IAM deny policies. For more information about controlling MCP use, see Control MCP use with IAM.

Cloud Composer - Feature: Environment snapshots are available in environments with Airflow 3 (Preview). This change is now rolled out to all regions supported by Cloud Composer 3. Change: New Airflow builds are available in Cloud Composer 3: composer-3-airflow-3.1.0-build.9 composer-3-airflow-2.10.5-build.26 (default) composer-3-airflow-2.9.3-build.46 Change: New images are available in Cloud Composer 2: composer-2.16.4-airflow-2.10.5 (default) composer-2.16.4-airflow-2.9.3 Deprecated: The following Cloud Composer versions and builds have reached their end of support period: composer-3-airflow-2.9.3-build.15 and composer-2.11.2-*.

Compute Engine - Feature: Generally available: You can use Hyperdisk Exapools for large-scale workloads, such as AI and machine learning, that require between 500 TiB and 5 EiB of block storage and more than 100 GiB/s of concurrent performance in a single zone. With Hyperdisk Exapools, you purchase storage and performance in bulk and share those resources across as many as 500,000 disks in a single project. To use Hyperdisk Exapools with your projects, contact your account team to get access. To learn more about Hyperdisk Exapools, see Hyperdisk Exapools overview. Change: After March 17, 2026, when you enable Compute Engine, the Compute Engine MCP server is automatically enabled. Deprecated: Control of MCP use with organization policies is deprecated. After March 17, 2026, organization policies that use the gcp.managed.allowedMCPServices constraint won't work, and you can control MCP use with IAM deny policies. For more information about controlling MCP use, see Control MCP use with IAM.

Contact Center AI Platform - Announcement: Google Cloud CCaaS 4.0 We've released version 4.0 of Google Cloud CCaaS. The timing of the update to your instance depends on the deployment schedule that you have chosen. For more information, see Deployment schedules. Feature: Salesforce Service Cloud: new secondary lookup object The Salesforce Service Cloud integration can now use a secondary lookup object to identify customer records when the primary lookup object returns no results. This helps prevent the creation of duplicate records. Administrators: When you click Settings > Developer Settings > CRM > Salesforce > SFDC Cloud Selection > Service Cloud, a new Secondary Lookup Object checkbox appears in the Account Lookup section. For more information, see Configure account lookup and field mapping. Feature: Raw data export: new call_participants data type We've added the call_participants data type to raw data export. This data type helps you track the following escalation details for wait-time virtual agents: The amount of time the wait-time virtual agent spent in queue. The number of events sent to the wait-time virtual agent while it was in queue. For more information, see Raw data export dictionary. Fixed: The following issues were addressed in this release: Fixed the following issues with the standard (non-advanced reporting) dashboards: The Dashboard > Queue Reports dashboard had broken table headers. The Dashboard > Call dashboard was missing metrics labels in the LOGGED IN AGENT tile. Fixed an issue where calls were mistakenly saved in MP3 format rather than WAV format in external storage. Fixed an issue that occurred after an agent put an end-user on hold, transferred the call to another agent, and then left the call. When the remaining agent took the end-user off hold, the agent and the end-user couldn't hear each other. Fixed an issue with NICE WFM export where queue abandoned calls were inaccurately reported to the WFM system. Fixed an issue where the Assign Human Agents page for queues appeared blank, preventing administrators from viewing or managing agent assignments. Fixed an issue where an email with a message ID longer than 255 characters failed to process and blocked the processing of other emails. Fixed an issue where agents in the In-email status didn't receive incoming calls or chats. Fixed an issue where CSAT ratings were missing from metadata files and raw data exports. Fixed an issue where Salesforce integrations incorrectly created duplicate cases for a single outbound call. Fixed an issue where unsupported settings, such as Cascade Conditions and Wrap-up settings, mistakenly appeared in the queue menu settings for Apple Messages for Business queues. Fixed an issue where attempting to barge into a chat while monitoring it returned a You are already in Chat error instead of completing the action. Fixed an agent desktop issue where the New photo received banner reappeared after viewing a photo and switching between active chat tabs. Fixed an issue where Direct Access Points failed to route calls correctly for SIP URIs with spaces or non-standard formats. Fixed an issue where an agent's personal contact name was mistakenly displayed as the caller ID to other agents when they received a call from the agent. Fixed an issue where agents appeared as Available in the Agent Activity Timeline report after signing out.

Dataplex - Feature: When you create a data quality rule, you can now optionally include a debug query to run alongside the rule. A debug query is a SQL statement that returns up to 10 scalar values to help diagnose rule failures. This feature is available in preview.

Buildpacks - Feature: Cloud Run source deployment supports Ubuntu 24 LTS base images in General Availability. This builder is available under gcr.io/buildpacks/builder:google-24. For more information, see Builders.

Document AI - Deprecated: Document AI legacy processors will be discontinued on June 30, 2026. To preempt the risk of service failure while using legacy processors, we recommend transitioning to more stable, higher-quality processors. The affected versions are: Type Version Identity parsers pretrained-us-passport-v1.0-2021-06-14 pretrained-fr-driver-license-v1.0-2021-06-14 Tax and finance parsers pretrained-1099misc-v1.1-2021-12-10 pretrained-1099nec-v1.0-2021-08-11 pretrained-1099r-v2.0-2022-07-25 pretrained-1099int-v1.1-2021-12-10 pretrained-ssa1099-v1.0-2021-08-09 pretrained-1099g-v1.0-2021-05-27 pretrained-1099g-v1.1-2021-12-10 pretrained-1120-v3.0-2022-04-26 pretrained-w9-v1.0-2020-09-25 pretrained-w9-v1.1-2021-12-10 pretrained-w9-v1.2-2022-01-27 pretrained-w9-v2.0-2022-06-23 Mortage and banking parsers pretrained-mortgage-statement-v1.0-2021-10-17 Procurement pretrained-utility-v1.1-2021-04-09 pretrained-utility-v1.2-2022-12-15 Splitting pretrained-procurement-splitter-v1.1-2021-04-09 pretrained-procurement-splitter-v1.2-2022-08-19 pretrained-lending-document-split-v1.0-2021-12-08 pretrained-lending-document-split-v2.0-2021-12-09 Summary pretrained-foundation-model-v1.0-2023-08-22 To ensure uninterrupted service and benefit from improved extraction quality, we recommend you migrate to the following later versions before June 30, 2026: Enterprise Document OCR: Migrate to pretrained-ocr-v2.1-2024-08-07. Expense parser: Migrate to pretrained-expense-v1.3.2-2024-09-11. Custom classifier: Migrate to pretrained-classifier-v1.5-2025-08-05. Custom splitter: Migrate to pretrained-splitter-v1.5-2025-07-14. Invoice parser: Migrate to pretrained-invoice-v2.0-2023-12-06. Pay slip parser: Migrate to pretrained-paystub-v3.0-2023-12-06. Bank statement parser: Migrate to pretrained-bankstatement-v5.0-2023-12-06. To learn more about the migration process, refer to Manage processor versions. If you have any questions or require assistance, contact us at Google Cloud support. Feature: The layout parser web interface is in Preview. It supports a document view display for processed PDF files and supports visualizing the document's parsed JSON, block layout, and image or table annotation data in a user-friendly interface. Bounding box support only exists for version processor pretrained-layout-parser-v1.0-2024-06-03. It also supports modifying the input layout config to allow for configuring the table and image annotation feature directly from the interface.

Cloud Firestore - Deprecated: Control of MCP use with organization policies is deprecated. After March 17, 2026, organization policies that use the gcp.managed.allowedMCPServices constraint won't work, and you can control MCP use with IAM deny policies. For more information about controlling MCP use, see Control MCP use with IAM. Change: After March 17, 2026, when you enable Firestore, the Firestore MCP server is automatically enabled. Announcement: New best practices are available for securing generative AI agents using Model Context Protocol (MCP) with Google Cloud databases. This guide covers key security measures like least privilege, native database controls, and secure agent design to help you build safer AI applications. For more information, see Best practices for securing agent interactions with Model Context Protocol.

Cloud Functions - Feature: Support for Go 1.26 runtime is in Preview. Feature: Support for .NET 10 runtime is in General Availability.

Looker - Announcement: The following features will roll out over a four-day period starting February 17, 2026. Feature: The System Activity User Activity dashboard has been updated to improve authentication troubleshooting. New information includes: recent login failures, the authentication method that was used, the error message that was returned, and the time of the attempt. Feature: Looker admins can grant the new schedule_without_limit permission to restrict a user's ability to deliver all data results from a Look or an Explore. This permission must be combined with another Looker permission that permits delivering data. This permission will be automatically granted to any existing roles that already contain a data delivery permission. Looker admins must remove this permission from any users whom they wish to prevent from delivering all results from a Look or an Explore. Note: This item was added on February 19, 2026. Feature: The content certification feature, already available in preview, includes the following updates: The Settings page in the General section of the Admin panel now includes options that let admins enable or disable content certification, set a custom URL for the certification process, and control whether certification is revoked when content is edited. LookML dashboards can now be certified. Looks and dashboards that are based on uncertified self-service Explores now display the "ungoverned" badge. Searching for content now includes the ability to sort content based on its certification status. Feature: Now available in preview, the Self-service Explores feature supports updating the data for a self-service Explore. The owner of a self-service Explore can update it with data from the latest version of the file that was used to create the self-service Explore. See the Creating self-service Explores documentation page for more information. Feature: Now available in preview, the In-database merge queries feature is supported for merging results of two queries that are on the same BigQuery connection. Previously, the join for merging results was always performed in Looker memory, which limited each query to 5,000 rows that could be calculated in the join. If your Looker admin has enabled the In-database merge queries Looker Labs feature, the join between two queries that are on the same BigQuery connection is performed in the BigQuery database itself. Performing the join in the database is more performant and allows for unlimited rows that can be joined. Feature: Now available in preview, LookML developers can unlock their Git branch in cases where their Git branch is locked as a result of another Git operation in progress or a previous Git operation failing. When the Git repository is locked, Looker displays the Unlock Branch option in the Git Actions panel of the Looker IDE. In addition, if a LookML developer tries to commit a change on a locked Git branch, Looker displays a warning in the Commit dialog, along with an option to delete the Git lock. See the Using version control and deploying documentation page for details. Note: This item was added on February 18, 2026. Feature: Now available in preview, the Self-service Explores feature supports uploading data from Google Sheets. To support uploading data from Google Sheets, your Looker admin must enable the required APIs in the Google Cloud project that houses your BigQuery database. Feature: Now available in preview, dashboard editors can set default options for how the download of a dashboard tile includes query results. They can set the download to include by default all query results or the current result table that is displayed in the visualization, or set a custom number of rows and columns. To enable this feature, a Looker admin must turn on the Tile Download Default Options Labs feature. Feature: Now available in preview, the Embed Conversational Analytics Labs feature is now available. When enabled, the Embed Conversational Analytics Labs feature lets you embed Conversational Analytics conversations and agents in an iframe like other Looker content types. Feature: Now available in preview, dashboard editors can change the size and layout of dashboard tiles with more granularity. To enable this feature, a Looker admin must turn on the Granular Dashboard Sizing Labs feature.

Network Connectivity Center - Feature: Producer VPC spokes support for Google Cloud NetApp Volumes is generally available.

Network Intelligence Center - Feature: Connectivity Tests identifies peering dynamic routes and Network Connectivity Center dynamic routes that are dropped due to network- or hub-level quotas as invalid. Feature: Cloud Network Insights is available in Preview. Cloud Network Insights monitors your network and web application performance across multicloud and hybrid networks and provides visualization tools to help identify and diagnose network issues. Contact your Technical Account Manager to request access.

Cloud Run - Feature: Support for Go 1.26 runtime is in Preview. Feature: Support for.NET 10 runtime is in General Availability. Feature: Cloud Run source deployment supports Ubuntu 24 LTS base images in General Availability. This builder is available under gcr.io/buildpacks/builder:google-24. For more information, see Builders.

Service Mesh - Announcement: CNI and managed data plane controller version 1.23.6-asm.28 is rolling out to all release channels. While the managed data plane automatically updates Envoy Proxies by restarting workloads, you must manually restart any StatefulSets and Jobs. This patch includes the fix for the following CVEs: Name CNI MDPC Severity CVE-2017-11164 Yes Yes High (7.5) CVE-2022-27943 Yes Yes Medium (5.5) CVE-2022-41409 Yes Yes High (7.5) CVE-2022-4899 Yes Yes High (7.5) CVE-2023-29383 Yes Yes Low (3.3) CVE-2023-34969 Yes Yes Medium (6.5) CVE-2023-50495 Yes Yes Medium (6.5) CVE-2023-7008 Yes Yes Medium (5.9) CVE-2024-41996 Yes Yes High (7.5) CVE-2025-8114 Yes Yes Medium (4.7) CVE-2025-9086 Yes Yes High (7.5)

Cloud Spanner - Announcement: New best practices are available for securing generative AI agents using Model Context Protocol (MCP) with Google Cloud databases. This guide covers key security measures like least privilege, native database controls, and secure agent design to help you build safer AI applications. For more information, see Best practices for securing agent interactions with Model Context Protocol. This feature is in Preview. Change: After March 17, 2026, when you enable Spanner, the Spanner MCP server is automatically enabled. Deprecated: Control of MCP use with organization policies is deprecated. After March 17, 2026, organization policies that use the gcp.managed.allowedMCPServices constraint won't work, and you can control MCP use with IAM deny policies. For more information about controlling MCP use, see Control MCP use with IAM.

Cloud SQL - Feature: Cloud SQL now provides brute-force detection and protection for your Cloud SQL instances. This helps protect your instances from brute-force access attempts by identifying the source and mitigating the risk caused by these attempts. For more information, see Use brute-force protection. Deprecated: Control of MCP use with organization policies is deprecated. After March 17, 2026, organization policies that use the gcp.managed.allowedMCPServices constraint won't work, and you can control MCP use with IAM deny policies. For more information about controlling MCP use, see Control MCP use with IAM. Change: After March 17, 2026, when you enable the Cloud SQL Admin API ( sqladmin.googleapis.com )`, the Cloud SQL remote MCP server is enabled automatically. The Cloud SQL remote MCP server is in Preview. Announcement: New best practices are available for securing generative AI agents using Model Context Protocol (MCP) with Google Cloud databases. This guide covers key security measures like least privilege, native database controls, and secure agent design to help you build safer AI applications. For more information, see Best practices for securing agent interactions with Model Context Protocol.

Cloud Trace - Deprecated: Starting February 18, 2026, trace sinks are deprecated. For more information, see Export trace spans with sinks deprecation. You can use the Log Analytics page, which provides a SQL query interface, to query both your trace and log data. To learn more, see the following documents: To migrate to using Log Analytics page from a sink-based export of trace data to BigQuery, see Migrate to Log Analytics. To query your trace data by using the Log Analytics page, see Query and analyze traces. To query your trace data by using BigQuery services, see Query a linked BigQuery dataset.

Vertex AI - Deprecated: Vertex AI Feature Store (Legacy/V1) is deprecated. For details, see Vertex AI deprecations. Deprecated: Vertex AI Feature Store Optimized online serving is deprecated. For details, see Vertex AI deprecations.

VMware Engine - Announcement: The VMware Engine ve2 node type is now available in the following additional region: Paris, France, Europe ( europe-west9-b )

Workflows - Change: Workflows is available in the following additional region: asia-southeast3 (Bangkok, Thailand).