Google Cloud Platform Newsletter

Check Archive for older issues

News

Introducing BigQuery Graph: Unlock hidden relationships in your data - BigQuery Graph lets data professionals model, analyze and visualize massive-scale relationships in an entirely new way.

Go from blank slate to analysis with BigQuery Studio notebook gallery templates - Templates in BigQuery Studio notebook gallery, now GA, help you bypass the setup phase and jump straight into discovery.

Subagents have arrived in Gemini CLI - Gemini CLI has introduced subagents, specialized expert agents that handle complex or high-volume tasks in isolated context windows to keep the primary session fast and focused. These agents can be customized via Markdown files, run in parallel to boost productivity, and are easily invoked using the @agent syntax for targeted delegation.

Claude Opus 4.7 on Vertex AI - By pairing Opus 4.7 with Vertex AI, your business can build, scale, and govern agents on a platform that provides the optimized infrastructure, agentic tooling, and unified security controls needed to run AI workloads with confidence.

Guide to prompting Gemini 3.1 Flash TTS (text-to-speech) - Today, we're introducing the Gemini 3.1 Flash Text-to-Speech (TTS) model, our latest TTS model, available on Google AI studio and Vertex AI. It delivers precise controllability and expressivity, empowering developers and enterprises to build advanced AI-speech applications.

Multi-region endpoints are available for Claude on Vertex AI - Today, we’re making US multi-region endpoints for Cloud available for everyone on Vertex AI.

From operational to analytical: The unified Spanner Graph and BigQuery Graph solution - A unified operational and analytical solution with Spanner Graph and BigQuery Graph that minimizes data movements without compromising performance.

Articles, Tutorials

Infrastructure, Networking, Security, Kubernetes

Evolving Media CDN for the world’s most demanding broadcast and streaming workloads - Beyond raw capacity, content delivery platforms like Media CDN need to deliver greater architectural flexibility and more predictable cost models.

How WPP accelerates humanoid robot training 10x with G4 VMs - To achieve its robotics goals, WPP needed a hardware stack that was as advanced as the robots it was programming for dangerous and complex film shoots.

Defending Your Enterprise When AI Models Can Find Vulnerabilities Faster Than Ever - Recommendations in preparation for advances in AI model-powered exploitation and the mass identification of security vulnerabilities.

Cloud CISO Perspectives: How CISOs can pursue technical and cultural resilience (Q&A) - Learn how CISOs can prioritize technical and cultural resilience for security teams in this Q&A between Thiébaut Meyer and Matt Rowe of Lloyds Banking Group.

Securing the AI era across the public sector - Google’s Ron Bushar explores the 2026 threat landscape, Agentic SOC, and how public sector agencies can secure the mission with AI-powered defense.

More GKE Operations with Gemini CLI - Beyond Prompts with Gemini CLI Skills.

How to Remove Service Account Keys from GitHub Actions, GitLab, and Terraform in Google Cloud in… - Most Google Cloud breaches do not begin with exotic zero-days. They begin with credentials that should not have existed in the first place.

Google Cloud Armor’s CRS v4.22: What Changed and How to Roll It Out Safely - Google Cloud Armor has released ModSecurity Core Rule Set v4.22, significantly enhancing protection against OWASP Top 10 vulnerabilities with expanded attack coverage. Migrating to this new ruleset is optional but recommended and can be safely achieved through a methodical, multi-step process utilizing Cloud Armor's preview mode and verbose logging.

GCP Network Egress and Cross-Region Costs: The Hidden Bill Nobody Expects - The article provides practical strategies and architectural considerations to help teams identify and reduce their network-related spend effectively.

Building a PCI-DSS Compliant GKE Framework for Financial Institutions - Zero Secrets, Workload Identity & Network Zero Trust.

App Development, Serverless, Databases, DevOps

Create Expert Content: Deploying a Multi-Agent System with Terraform and Cloud Run - Deploy the "Dev Signal" multi-agent system to Google Cloud Run with Terraform. Set up a production backbone, secure infrastructure, memory bank integration, and telemetry for expert content creation.

How an Unrestricted Firebase API Key Can Drain Your Bank Account Overnight

The Ultimate Preparation Guide for the Google Cloud Professional Database Engineer Exam - Master GCP’s data portfolio, conquer complex migrations, and ace your certification on the first try.

Building a Scalable RAG Backend with Cloud Run Jobs and AlloyDB - This article details how to construct a scalable Retrieval-Augmented Generation (RAG) backend on Google Cloud, tackling the challenges of processing vast datasets at production scale. It outlines an "industrial-strength" architecture using BigQuery, Cloud Run Jobs for parallelized embedding generation, Vertex AI for embeddings, and AlloyDB for PostgreSQL with pgvector for efficient vector storage and querying.

Bringing Performance Snapshots Observability to AlloyDB Read Pools - Google Cloud's AlloyDB now offers Performance Snapshots Observability for read pools, addressing a historical gap in monitoring complex analytical workloads on read replicas. This new feature, Persistent Replica Snapshots, allows users to generate deep diagnostic reports directly on read nodes.

GCP Fundamentals - Visual guides that turn complex GCP services into knowledge you actually retain.

Big Data, Analytics, ML&AI

Scaling unstructured enterprise knowledge with BigQuery Graph, and Kineviz GraphXR - Together, BigQuery Graph and Kineviz GraphXR create a single, streamlined workflow that makes it much easier to uncover hidden business insights.

The “Dots” Just Got a Lot Easier to Connect: BigQuery Graph is Here! - Google Cloud's new BigQuery Graph, now in Public Preview, empowers users to natively model, query, and visualize complex relationships within their data using Graph Query Language (GQL).

Graph Analytics in BigQuery: Mapping the Source-Sink Structure of a Bike Sharing Network - Google Cloud's new BigQuery Graph feature brings native graph querying with GQL and SQL/PGQ directly into the data warehouse. This article demonstrates its use by analyzing San Francisco's bike-sharing network, computing both "out-closeness" and "in-closeness" centrality.

Why Your 5-Second BigQuery Query Isn’t Cheap - The friendly lie of serverless, the hidden truth of slot-time, and how not to wreck production by accident.

dbt at Scale: Managing 500+ Models Without Losing Your Mind - A Banking Data Platform Case Study — S3 → GCS → BigQuery + dbt in Production.

How to find the sweet spot between cost and performance - This guide will walk you through Google Cloud's flexible gen AI infrastructure options, showing you how to find that sweet spot on the efficient frontier between cost and performance.

[ADK] Passing Session State to Remote Agents Over Stateless A2A

A2UI v0.9: The New Standard for Portable, Framework-Agnostic Generative UI - A2UI v0.9 introduces a framework-agnostic standard designed to help AI agents generate real-time, tailored UI widgets using a company’s existing design system. This update simplifies the developer experience with a new Agent SDK for Python, a shared web-core library, and official support for renderers like React, Flutter, and Angular. By decoupling UI intent from specific platforms, the release enables seamless, low-latency streaming of generative interfaces across web and mobile applications.

MaxText Expands Post-Training Capabilities: Introducing SFT and RL on Single-Host TPUs - MaxText has introduced new support for Supervised Fine-Tuning (SFT) and Reinforcement Learning (RL) on single-host TPU configurations, leveraging JAX and the Tunix library for high-performance model refinement. These features enable developers to easily adapt pre-trained models for specialized tasks and complex reasoning using efficient algorithms like GRPO and GSPO. This update streamlines the post-training workflow, offering a scalable path from single-host setups to larger multi-host configurations.

Build Better AI Agents: 5 Developer Tips from the Agent Bake-Off - The Google Cloud AI Agent Bake-Off highlights a shift from simple prompt engineering to rigorous agentic engineering, emphasizing that production-ready AI requires a modular, multi-agent architecture. The post outlines five key developer tips, including decomposing complex tasks into specialized sub-agents and using deterministic code for execution to prevent probabilistic errors.

How We Built an Enterprise-Grade Claude Code Gateway on Google Cloud Platform - Bridging Anthropic’s AI coding assistant with Vertex AI — without sacrificing security, cost control, or visibility.

Build AI Agents That Make Better Decisions on GCP with Neo4j - In this article, you will learn how you can use the Graph Intelligence Platform capabilities to build modern agentic systems on Google Cloud.

MCP Toolbox v1.0: The Open-Source Framework for Secure Agentic Data Access - The MCP Toolbox v1.0 is an open-source framework that facilitates secure and standardized agentic data access for AI agents within the Google Cloud ecosystem. This stable release, now supporting over 40 enterprise data sources, empowers developers with strict control and customization for production workloads.

How to Secure Vertex AI in 2026: The Minimum Security Baseline for Generative AI on Google Cloud - This article details the crucial minimum security baseline required for generative AI workloads on Google Cloud's Vertex AI, emphasizing that foundational security extends far beyond basic setup.

Various

Building the agentic future: A spotlight on Google Cloud’s media & entertainment partner ecosystem - Google Cloud believes no studio or broadcaster should have to build the future in isolation. We provide the agentic platform and AI tools to innovate at the speed of ideas.

A new standard for research: How UC Riverside is securing the path to federal grants with Google Public Sector - Discover how UC Riverside uses Stellar Engine and Google Cloud to automate compliance, secure sensitive research data, and unlock federal grants.

Slides, Videos, Audio

Security Podcast - #272 More Than Just Packets: Is NDR a "First-Class" Cloud Security Control?

Releases

Dataproc - Managed Service for Apache Spark (formerly Dataproc on Compute Engine) Announcing the following cluster features: Flexible VMs: Minimize stockouts and improve machine obtainability by defining prioritized lists for your master, primary, and secondary worker VM types. Managed Spark for Apache Spark utilizes these lists to create your cluster, and selects the optimal VM type based on current capacity, quotas, and existing reservations. Cluster Scheduled Stop: Optimize cost and maintain your cluster configuration by stopping clusters after a specified idle period, at a specified future time, or after a specified period from cluster creation or a cluster update request. All custom cluster configurations are restored once you restart the cluster. Zero-scale clusters: Reduce costs by creating only secondary workers, scaling them down to zero when they are not in use.

Secret Manager - Integrated secret synchronization feature is now Generally Available (GA). You can automatically synchronize secrets from Secret Manager into Kubernetes Secret objects within your Google Kubernetes Engine (GKE) clusters. This process allows applications to access secrets from Secret Manager using standard Kubernetes methods, such as environment variables or volume mounts. Applications that are already configured to read secrets from Kubernetes Secret object can now seamlessly read secrets in Secret Manager. For more information, see Synchronize secrets to Kubernetes Secrets.

Service Extensions - Authorization extensions support authorization policy request and content profiles in Preview. You can use authorization extensions to insert custom services directly into the Secure Web Proxy processing path. This feature is in Preview. For more information, see Callouts for Secure Web Proxy.

NetApp - The ONTAP-mode for the Flex Unified pools is generally available (GA). For more information about this new mode, see About ONTAP-mode. Google Cloud NetApp Volumes Flex Unified service level is generally available (GA) for NFS, SMB, and NVMe/TCP protocols. For more information, see Key features. The large capacity volumes feature, a file-only solution with NFS and SMB protocols for massive datasets, is generally available (GA) for the Flex Unified service level. For more information, see Large capacity volumes.

Network Intelligence Center - You can use the Network Management API remote Model Context Protocol (MCP) server to create, view, and delete Connectivity Tests.

BigQuery - Support for the AI.AGG function preview has been temporarily disabled. We are working to restore this feature as soon as possible. You can use visualization cells to automatically generate a visualization of any DataFrame in your notebook. You can customize the columns, chart type, aggregations, colors, labels, and title. This feature is generally available (GA). The following managed AI functions use Gemini to help you filter, join, rank, and classify your data: AI.IF: Filter and join text and unstructured data (such as images, PDFs, audio, or video) based on a condition described in natural language. AI.SCORE: Rate text and unstructured data (such as images, PDFs, audio, or video) to rank your data by quality, similarity, or other criteria. AI.CLASSIFY: Classify text and unstructured data (such as images, PDFs, audio, or video) into user-defined categories. These functions are generally available (GA). To reduce LLM token consumption and query latency when processing large datasets, enable optimized mode using the following managed AI functions: AI.IF AI.CLASSIFY This feature is in Preview. You can now use EXPORT DATA statements to reverse ETL BigQuery data to AlloyDB. This feature is in Preview. BigQuery agent analytics is now generally available (GA) in the Google Agent Developer Kit. BigQuery agent analytics is an open source solution that lets you capture, analyze, and visualize multimodal agent interaction data at scale. A known issue has been resolved where a materialized view refresh could expose could expose masked or filtered data from fine grained access control policies in error messages. No further action is needed. BigQuery Apache Iceberg external tables now support Iceberg version 3, including binary deletion vectors. For more information, see Apache Iceberg external tables. This feature is in Preview. Conversational analytics now supports querying Lakehouse tables that connect to the Apache Iceberg REST catalog or are federated to an external catalog. For more information, see Query BigLake data with natural language. This feature is in Preview. You can now use Colab Data Apps to transform your data analyses from Colab notebooks into polished, interactive applications. This feature is in Preview. You can now use the AI.KEY_DRIVERS function to identify segments of data that cause statistically significant changes to a summable metric. This feature is in Preview. Using folders to organize and control access to single file code assets is generally available (GA). In addition, you can perform bulk move and delete operations, refresh folder contents, and view full breadcrumb paths based on resource permissions. For more information, see Create and manage folders.

Deep Learning VM - Images with Nvidia 570 drivers have been deprecated as Nvidia officially stopped supporting these versions. You can use images with Nvidia 580 drivers instead.

Colab - Visualization cells Generally available: You can use visualization cells to generate interactive and editable visualizations from within a Colab Enterprise notebook. You can configure the chart type, aggregation, colors, labels, and other aspects of the visualization to help you explore data and discover insights. For more information, see Use visualization cells.

Cloud Firestore - You can now use the Usage Insights dashboard in the Google Cloud console to monitor and analyze your billable usage for specific Firestore databases. Usage insights help you track granular usage data, optimize costs, and monitor historical trends. To learn more, see the guide to analyze usage insights for Native mode and MongoDB compabatibility mode.

IAM - Requesters can schedule grant requests in Privileged Access Manager up to seven days in advance. This lets requesters align access with scheduled maintenance or on-call shifts. This feature is in preview. For more information, see Privileged Access Manager overview.

CDN - Google Kubernetes Engine (GKE) Gateway supports Cloud CDN to help you cache content closer to your users, improve application latency, and reduce origin load. Using GKE Gateway APIs, you can configure, manage, and fine-tune caching configurations for different segments of your traffic. This feature is in Preview. For more information, see Configure Cloud CDN for Gateway.

Memorystore for Redis Cluster - Version 1.0 of JSON documents is Generally Available. Memorystore for Redis Cluster has new node types that you can select for your clusters. This feature is Generally Available. The shared and customer-managed Certificate Authority (CA) modes are Generally Available. You can secure access to your clusters by using basic token-based authentication. This feature is available in Preview.

Cloud Monitoring - Application Monitoring can display a single, dynamic topology map showing your App Hub applications and your registered and discovered services and workloads. This interactive map identifies services and workloads that have open incidents. It also displays the error rates and P95 latency between your services and workloads. To learn more, see the following: View application topology Application Monitoring overview View application telemetry

Cloud NAT - General Availability: Cloud NAT gateways for Public NAT support source-based NAT rules for IPv4 addresses.

Cloud Run - Support for NVIDIA RTX PRO 6000 Blackwell GPU is in General Availability. For more information, see GPU support for services, jobs, and worker pools. Support for worker pools is in General Availability (GA). The Cloud Run remote MCP server, which lets agents and AI applications deploy with Cloud Run, is in General Availability (GA). Support for specifying custom CPU or concurrency targets using scaling controls is in Preview. Support for specifying custom CPU or concurrency targets using scaling controls is in Preview.

Cloud Spanner - Spanner supports importing data from Cloud SQL for MySQL. This feature lets you migrate the schema and perform a one-time bulk data load to evaluate Spanner for your use case. For more information, see Import from Cloud SQL to Spanner. This feature is generally available. Spanner supports Gemini Cloud Assist investigation capabilities. You can create, run, and edit Gemini Cloud Assist investigations only if you have a Premium support contract. For more information, see monitor and troubleshoot your Spanner instance with AI assistance. Columnar engine for Spanner is now generally available (GA). Columnar engine is a storage technique used with analytical queries to make scans up to 200 times faster on live operational data without affecting transaction workloads. This release enables support for Columnar Engine in databases that use the Postgres interface. For more information, see the Columnar engine for Spanner overview. Repeatable read isolation is generally available. You can use it to reduce latency and transaction failure rates for workloads that have many reads contending with fewer writes. For more information, see Repeatable read isolation.

Bigtable - Bigtable supports pipe syntax, an extension to GoogleSQL that lets you build simpler and more concise queries. This feature is generally available (GA). You can now use GoogleSQL geography functions to work with geospatial data in Bigtable. This feature is generally available (GA). For more information, see Work with geospatial data and Geography functions reference. Dataplex Universal Catalog is now called Knowledge Catalog. The API, client library, CLI, and Identity and Access Management (IAM) names remain unchanged. For more information about how Bigtable metadata interacts with Knowledge Catalog, see Manage data assets using Knowledge Catalog. You can stream messages from Pub/Sub directly to a Bigtable table using Bigtable subscriptions. This feature lets you write streaming messages to Bigtable without needing a separate subscriber such as Dataflow. This feature is available in Preview.

Looker - Pro feature: Manage sharing policy for assets in team workspaces In Looker Studio Pro team workspaces, assets such as reports and data sources might not have an individual owner. This can make it difficult to manage sharing permissions for those assets, especially if the person who created the asset leaves your organization. If an asset is located in a team workspace or folder, a Policy User may be designated for that asset. Looker Studio uses the Policy User's account to determine which organizational sharing policies apply. Learn more about Policy Users. Migrate your Teams webhook to "Workflows" Microsoft is retiring the legacy Office 365 Connectors in favor of Power Automate Workflows. Connectors will stop working by the end of April 2026. To ensure that your Looker alerts continue to deliver to Teams, you must replace your current webhook URL with a new "Workflow" URL. For more information, see the Migrate your Teams webhook to "Workflows" Best Practices notice.

Gemini - Quota issues fixed in VS Code Various bug fixes related to quota issues. geminicloudassist API automatically enabled for Gemini Cloud Assist chat users As of April 16th, 2026, the geminicloudassist.googleapis.com API has been automatically enabled on projects that meet all of the following criteria: Had used Gemini Cloud Assist chat in the prior 60 days. Had the cloudaicompanion.googleapis.com API enabled on April 16, 2026. Did not have the geminicloudassist.googleapis.com API enabled on April 16, 2026. The Gemini Cloud Assist chat functionality that was previously served by cloudaicompanion.googleapis.com is now served by geminicloudassist.googleapis.com, and both APIs are dependencies to use Gemini Cloud Assist. This automatic API enablement ensures that users have access to the same functionality without any loss of service.

Cloud Filestore - You can use Filestore CSI driver to dynamically configure custom performance for zonal and regional instances using the Kubernetes VolumeAttributesClass. For more information, see Dynamically scale Filestore performance using VolumeAttributesClass.

Compute Engine - A vulnerability affecting AMD SEV-SNP Confidential VM instances was discovered and has been addressed. For more information, see the GCP-2026-021 security bulletin. Generally available: Hyperdisk ML disks are supported by the following machine series: C3 bare metal C4, including bare metal instances, C4A bare metal instances, N4A. For more information, see Hyperdisk ML overview. A vulnerability (CVE-2025-54510) about AMD SEV-SNP guest memory integrity has been addressed. For more information, see the GCP-2026-019 security bulletin. Generally available: You can control the physical location of the Compute Engine instances in a MIG by using workload policies. Workload policies help you to, for example, place your compute instances close together to minimize network latency when running AI or ML workloads. For more information, see About workload policies in MIGs. You can view the physical location of your Compute Engine instances in a zone to understand your cluster topology. This information helps you reduce network latency between your compute instances. For more information, see View Compute Engine instance topology. Generally available: To ensure data consistency when backing up multiple disks, you can use consistency groups of instant snapshots to back up a group of disks at the same point in time. For more information, see About instant snapshots. Generally available: You can rotate the customer-managed encryption key (CMEK) used to encrypt a disk, standard snapshot, or archive snapshot to a new key version without downtime. Generally available: You can change the CMEK used to encrypt a disk, standard snapshot, or archive snapshot to a different key without downtime. For more information, see Rotate the CMEK for a disk or standard snapshot and Change the CMEK for a disk or standard snapshot. Preview: You can specify a 120-second preemption notice duration while creating Spot VMs. Use this feature for workloads on Spot VMs where you want up to an additional 120 seconds for handling preemption. If you want to migrate existing Spot VMs workloads, make sure you update your workload to handle preemption outside of a shutdown script and test preemption. For more information, see Spot VMs and Create and use Spot VMs. Generally available: You can create a Hyperdisk Balanced High Availability disk by cloning a zonal Hyperdisk Balanced or Hyperdisk Extreme disk. This lets you make your zonal workloads highly available by adding a replica of the data in another zone within the same region. For more information, see Create a regional disk clone from a zonal disk.

Security Command Center - Cloud Run Threat Detection monitors Cloud Run worker pools. For a list of resources that Cloud Run Threat Detection monitors, see Supported resources. When you activate Security Command Center Standard or Premium tier for a project, several services are automatically enabled and service-specific service agents are provisioned with the required IAM roles and permissions. For more information, see Activate for a project when Security Command Center is not active in the organization. AI Protection supports agentic workloads in Preview, including Vertex AI Agent Engine and Model Context Protocol (MCP) servers. This update includes the following: Agent vulnerability scanner: Identifies software vulnerabilities (CVEs) in workloads deployed with Agent Engine. Expanded detection and controls: Includes new threat detection findings and recommended security controls for AI agents and MCP servers. Enhanced inventory and filtering: Provides an updated AI security dashboard view and new filtering options for agentic resources in the console. Through the Application Design Center, Security Command Center helps you perform proactive security assessments ( Preview ) throughout your application development lifecycle. This integration shows both design-time and runtime findings in Security Command Center. For more information, see Application lifecycle security assessments.

Cloud Interconnect - Partner Cross-Cloud Interconnect for Amazon Web Services (AWS) with VPC Network Peering is Generally Available. Network Connectivity Center (NCC) support for Partner Cross-Cloud Interconnect for Amazon Web Services (AWS) is available in Preview. For more information, see Partner Cross-Cloud Interconnect for AWS overview. For available locations, see Choose a paired location.

Cloud SQL SQL Server - As of April 10, 2026, you can create, run, and edit Gemini Cloud Assist investigations only if you have a Premium Support contract. You can use Gemini Cloud Assist investigations to monitor and troubleshoot your Cloud SQL instance with AI assistance. If you ran an investigation prior to April 10, 2026, then the results of the investigation continue to be available to you in the Google Cloud console. You can use DNS automation on Cloud SQL instances where Private Service Connect is enabled to provision and manage per-instance DNS records automatically. On Enterprise Plus edition instances where DNS automation is enabled, you can also enable a global write endpoint DNS that automatically resolves to your current primary instance. This feature is in Preview. The Cloud SQL remote MCP server is generally available ( GA ). The Cloud SQL remote MCP server lets you interact easily with Cloud SQL instances from LLMs, AI applications, and AI-enabled development platforms. You can now integrate Cloud SQL for SQL Server with Vertex AI and third-party models ( Preview ). By integrating your Cloud SQL for SQL Server instance with Vertex AI, you can generate vector embeddings from models hosted in Vertex AI directly from your Cloud SQL instance. Cloud SQL for SQL Server supports model endpoints from the following sources: Vertex AI Hugging Face OpenAI For more information, see Integrate Cloud SQL for SQL Server with Vertex AI. Newly created Cloud SQL instances are integrating with Knowledge Catalog (formerly Dataplex Universal Catalog) for data discovery. As part of this automatic enablement, we will send metadata to Knowledge Catalog. You can verify if your instance is enabled for integration with Knowledge Catalog by looking at the configuration pane in the Knowledge Catalog console. If you don't want your instance to be integrated with Knowledge Catalog, you can turn off this feature. For more information, see Create a new instance with Knowledge Catalog integration enabled.

Contact Center AI Platform - See the release page for a full list of releases.

Confidential VM - A vulnerability affecting AMD SEV-SNP Confidential VM instances was discovered and has been addressed. For more information, see the GCP-2026-021 security bulletin.

AlloyDB - External search with AlloyDB now supports Elasticsearch in Preview. Adaptive filtering from inline filtering to pre-filtering is now generally available (GA). The alloydb_scann extension is updated to include the following vector search improvements. These features are generally available (GA): By default, new ScaNN vector index builds are automatically tuned. Manually-tuned indexes can be converted to automatically-tuned indexes. For more information, see Create a ScaNN index. You can now automatically maintain your ScaNN vector indexes. AlloyDB incrementally manages your index such that when your dataset grows, AlloyDB updates centroids and splits large outlier partitions to provide better QPS and search results. For more information, see Maintain indexes automatically.

Artifact Registry - Platform logs can record data about successful and failed requests made to Artifact Registry repositories. For more information, see Access and use platform logs.

Cloud Asset Inventory - The following resource type is publicly available through the ExportAssets, ListAssets, BatchGetAssetsHistory, QueryAssets, Feed, SearchAllResources, and SearchAllIamPolicies APIs. Storage Batch Operations API storagebatchoperations.googleapis.com/Job

Cloud Composer - Airflow 3 is now generally available (GA) in Cloud Composer 3. Cloud Composer remote Model Context Protocol (MCP) server is available in Preview. You can use Cloud Composer remote Model Context Protocol (MCP) server to connect to Cloud Composer from AI applications such as Gemini CLI, ChatGPT, Claude, or in AI applications that you're developing. The Cloud Composer MCP server lets you manage Cloud Composer environments and get details about executed DAG runs and Airflow tasks. To more strongly embrace the success and growing customer preference for OSS solutions, Cloud Composer is evolving to become Managed Service for Apache Airflow. This name change provides improved customer understanding of our portfolio while reinforcing our commitment to being the most open cloud ecosystem.

Chronicle Security Operations - Chronicle API has been unified with API resources from legacy SOAR API. In addition, we've upgraded the following Chronicle API resources from alpha to beta. This upgrade signals API stability and functional completeness, enabling customer and partner adoption for production usage. We recommend customers use Chronicle API for a more robust, secure, and extensible experience.

Cloud Trace - When you configure a default storage location, you control the location of your new observability buckets. These buckets store your trace data. You can set a default storage location for an organization, a folder, or a project. When set for an organization or folder, the setting applies to that resource and to its descendants. For more information, see Set defaults for observability buckets. Your trace data can be encrypted with a customer-managed encryption key (CMEK). To enable CMEK, set a default storage location and for that location, set a default Cloud Key Management Service key. You can set these defaults for an organization, a folder, or a project. When set for an organization or folder, the settings apply to that resource and to its descendants. For more information, see Set defaults for observability buckets.

Agent Assist - Agent Assist offers the following UI module integrations with Salesforce: Chat Voice with Twilio Flex Voice with Nice CXone Voice with Genesys CX Cloud

Cloud PubSub - You can stream messages from Pub/Sub directly to a Bigtable table using Bigtable subscriptions. This feature lets you write streaming messages to Bigtable without needing a separate subscriber such as Dataflow. This feature is available in Preview. The Pub/Sub remote MCP server is generally available (GA).

Dataform - You can connect Dataform repositories to third-party Git repositories using Developer Connect, removing the need for manual secrets management and enabling support for repositories in privately hosted networks. This feature is generally available (GA).

Datastream - You can now create a Datastream stream directly from the overview page of your AlloyDB for PostgreSQL instance using the automated flow. The automated flow simplifies the process of moving data to BigQuery by reducing the number of steps that you need to perform. For more information, see Create an AlloyDB for PostgreSQL stream using the automated flow.

Cloud Architecture Center - (New guide) Secure data environments in Google Cloud: A high-level architecture to secure sensitive datasets against accidental exposure and malicious exfiltration. (New guide) Multi-agent private networking patterns: Guidance to help you design private networking infrastructure that supports a publicly accessible, multi-agent, Gemini Enterprise app with private connections between agents, subagents, and tools.

Dataplex - Automated cataloging of Iceberg REST Catalog (IRC) for Google Cloud BigLake metastore is now generally available ( GA ). This includes support for lineage, data profiling, data quality, and data insights. Federated support for Databricks Unity IRC, AWS Glue Data Catalog IRC, and Snowflake Horizon IRC is available in preview. For more information, see About metadata management in Knowledge Catalog. Data insights for unstructured data transforms dark data or unstructured files in the form of PDFs in Cloud Storage into structured, queryable assets. This feature is now available in preview. For more information, see About data insights for unstructured data. Data quality now supports rule reusability. You can now define data quality rules as templates and reuse them across multiple catalog entries to standardize your data quality processes. You can also use a shared library of system rule templates for common data validation scenarios. For more information, see Reuse data quality rules. You can now build and run a Knowledge Catalog discovery agent to get more relevant search results for complex natural language queries. For more information, see Build an agent to discover your data.