Google Cloud Platform Newsletter

Check Archive for older issues

News

Gemini 3.1 Flash-Lite is now generally available on Gemini Enterprise Agent Platform - Gemini 3.1 Flash-Lite is now generally available. Designed for ultra-low latency, high-volume tasks, and unmatched cost-efficiency, Flash-Lite is already transforming how applications are built at scale.

Introducing Agent Gateway ISV ecosystem for security and governance - Google Cloud is partnering with leading identity and AI security solutions to integrate with Agent Gateway and help ensure that your security posture remains as flexible as the agents you’re building.

Ship code within minutes with the Gemini CLI DevOps Extension - Ship code to Google Cloud in minutes with the new CI/CD extension for Gemini CLI. Automate deployments and pipelines using AI-powered skills and MCP servers.

With faster node startup for GKE, say goodbye to cold-start latency - New provisioning logic for VMs and GKE nodes lets GKE nodes spin up to 4x faster, so you can shift resources where they are needed.

New Bigtable in-memory tier for sub-millisecond read latency - Bigtable now offers data tiering across RAM, SSD, and HDD into a single, unified service with a hybrid storage architecture.

Google named a Leader in the 2026 Gartner® Magic Quadrant™ for Cyberthreat Intelligence Technologies - We are proud to announce that Gartner has named Google a Leader in the 2026 Magic Quadrant for Cyberthreat Intelligence Technologies. Here’s what that means.

The Blueprint: Translating stream-of-conscious speech into responsive, actionable task lists - Discover how Doist is using gen AI and voice-to-text models to transform stray thoughts into practical to-do lists and more productivity features.

Articles, Tutorials

Infrastructure, Networking, Security, Kubernetes

What's new in IAM: Security, governance, and runtime defense - We’ve introduced a new security and governance paradigm for managing agent identity and access. Here’s what you need to know.

Beyond the HCL: Trench Lessons from Deploying Critical Architectures on GCP with Terraform

The One GCP Metric to Rule Them All - This article details how to set up a simple, cost-effective alerting system in Google Cloud using a single aggregated metric: the "Consumed API" request count. By monitoring all API calls across an entire project, users can proactively detect unusual activity, potential abuse, or unexpected spikes, safeguarding their project and managing costs.

Google Cloud in 2026: stop buying vCPUs, start buying units of work - Google Cloud has significantly expanded its VM portfolio with new N-series and C-series families, featuring Intel, AMD Turin, and Google Axion (Arm) processors, each offering distinct performance characteristics. The article emphasizes evaluating virtual machines based on "cost per unit of work" rather than just vCPU counts or hourly prices, to identify true efficiency for diverse workloads.

Cold Starts Are Costing You: Fix Them with GKE Pod Snapshots - GKE Pod Snapshots, now generally available, solve the "cold start" problem for AI/ML and other demanding Kubernetes workloads that experience long initialization times.

I Ranked Four Ways to Hand a Pod a Password on GKE. Shipping the Winner Surfaced Three Gotchas. - This post recounts the migration of a pod's password handling on GKE to a recommended file-based method, which surprisingly uncovered three critical implementation challenges. These "gotchas" stemmed from nuanced Kubernetes configurations, specific database library interactions, and differing deployment environment assumptions.

App Development, Serverless, Databases, DevOps

Firebase Phone Number Verification is generally available! - Firebase Phone Number Verification (PNV) is now generally available, featuring a new SIM-less test mode to streamline developer experience. This mode allows easy prototyping and testing without requiring a credit card or live SIM. PNV enables phone number verification even when a device lacks mobile data, relying on any internet connection, and provides users with one-tap informed consent.

Firestore at Next '26: Unlock agentic development, search and MongoDB compatibility - Discover the latest Firestore updates from Cloud Next 2026: Agentic AI integrations, built-in search, and expanded MongoDB compatibility.

Installing the official GCP skills in Antigravity and Gemini CLI - This article details the process of integrating Google Cloud's official skills into projects using Antigravity or Gemini CLI, leveraging a specialized `skills CLI` to enhance AI capabilities and streamline GCP workflows.

Cloud Run private networking for $0.20/month - Many guides for Cloud Run private networking suggest using expensive Serverless VPC Access Connectors, which cost $14-$30 per month. However, Google now recommends a more efficient approach that enables secure internal service communication for just $0.20 monthly. This method leverages Private Google Access, Cloud DNS, and Direct VPC Egress, eliminating the need for costly connector instances.

Big Data, Analytics, ML&AI

Scaling data and AI with Managed Service for Apache Airflow - Discover how Google Cloud's Managed Service for Apache Airflow 3.1 empowers data teams with agentic troubleshooting and declarative orchestration.

How to Optimize BigQuery Costs (Real Techniques That Work)

BigQuery On-Demand vs Reservations: Two Models, Two Bills, Same Query - The same SQL can cost $47 on one model and $0.24 on the other. Here’s how to read which model fits which query — and how to route them.

F1 Telemetry and Tuning for your Spark cluster: the BigQuery Log Analytics setup that costs nothing - This article outlines a cost-effective method for gathering detailed telemetry from Spark clusters on Google Cloud. By leveraging a small custom Spark listener and five GCP Log Analytics queries, it extracts crucial job and cluster events for data-driven tuning and resource allocation. This approach provides actionable insights for autoscaled Dataproc clusters significantly cheaper than traditional BigQuery export pipelines.

How I turned dark data into structured gold! - Bulk media files inference in minutes with BigQuery Knowledge Catalog.

How BASF manages thousands of supply chain decisions with AlphaEvolve’s agentic algorithms - Using the advanced agentic algorithm coding of Google DeepMind’s AlphaEvolve, this agribusiness leader is able to accelerate decision-making across its global network by 80%.

Pioneering AI-assisted code migration: How Google achieved 6x faster migration from TensorFlow to JAX - Google achieved 6x faster migration from TensorFlow to JAX. Learn how we deployed specialized, multi-agent AI systems to migrate some of Google’s largest-scale production models from TF to JAX.

Five must-have guides to move agents into production with Gemini Enterprise Agent Platform - At Google Cloud Next '26, we introduced Gemini Enterprise Agent Platform to help developers build, deploy, scale, govern, and optimize autonomous AI agents. Here is a look back at our five-part series covering the architecture patterns and best practices you need to move agents into production.

Agent Factory Recap: How Gemma 4 Taught Itself Physics - Google DeepMind's Gemma 4 is a new family of open models bringing advanced AI intelligence and agentic capabilities to consumer hardware and mobile devices with exceptional "intelligence per parameter." Under an Apache 2 license, it empowers developers to create powerful, localized AI applications capable of complex reasoning and autonomous code execution. This democratizes high-performance AI, making sophisticated applications accessible even on personal devices.

Supercharging LLM inference on Google TPUs: Achieving 3X speedups with diffusion-style speculative decoding - Researchers at UCSD have successfully implemented DFlash, a block-diffusion speculative decoding method, on Google TPUs to bypass the sequential bottlenecks of traditional autoregressive drafting. By "painting" entire blocks of candidate tokens in a single forward pass rather than predicting them one-by-one, the system achieved average speedups of 3.13x, with peak performance nearly doubling that of existing methods like EAGLE-3. T.

Tutorial Series : Gemini Enterprise Agent Platform — Part 1 : Platform Foundations & Your First Agent - In this comprehensive multi-part guide, we will build, deploy, govern and optimize an IT Helpdesk & Asset Management Agent using the Gemini Enterprise Agent Platform.

Various

Public sector momentum and mission impact at Google Cloud Next ‘26 - Explore public sector highlights from Google Cloud Next '26. Learn how government and academia are scaling AI agents to drive real mission impact.

Cloud Engineer’s AI Toolkit: Sign up Now for a Developer Workshop Near You! - Join our hands-on developer workshops across North America to master Agentic AI. Gain practical experience securing GKE clusters and building data-driven autonomous agents. Register now!

Slides, Videos, Audio

Kubernetes Podcast - #265 GKE Turns 10 Hackathon, with Amie Wei.

Security Podcast - #275 Google Cloud Next 2026: The AI Earthquake, “SOC-home” Syndrome, and the Ragged Edge of Reality.

GCP Bytes Podcast - #40 In this episode we discuss; Kubuntu 26.04, Stash, San Fan Store, Legacy SQL, Gemini Ultra, Ask Jeeves, Claude Doubling Limits, Open AI & Musk, Manna, GDG, Tech Companies Charged, X kicks out EU, Fed Gov M365 Licensing, Next In 13 Minutes, 260 Things From Next, Gemini Credit System, Google Doesn’t Care, Firestarter Malware, Shiny Hunters, Cononical DdoS, Copy Fail, AI Sand Boxes, MS to invest $25B, Google to invest $40B, OpenAI Breaks from MS, Firecracker Vms.

Releases

Contact Center AI Platform - Full details on the release page.

Cloud SQL SQL Server - Cloud SQL for SQL Server now supports PolyBase ( GA ). With PolyBase, your Cloud SQL for SQL Server instance uses Transact-SQL (T-SQL) commands to directly query data stored in external data sources as if the data is stored in local tables. You don't need to install separate client connection software. For more information, see About PolyBase.

Cloud NGFW - You can now create and configure the following organization-level Cloud NGFW resources within a Google Cloud project: Security profiles Security profile groups Firewall endpoints Firewall endpoint associations For more information, see Security profile overview, Security profile group overview, and Firewall endpoint overview. This feature is available in Public preview.

Cloud Spanner - Spanner vector index and approximate nearest neighbor (ANN) distance functions are generally available (GA) for PostgreSQL databases.

VMware Engine - The VMware Engine ve2 node type is now available in the following additional region: Eemshaven, Netherlands ( europe-west4-a )

Chronicle Security Operations - Google SecOps has updated the list of supported default parsers. Check the release page for more information.

BigQuery - Starting June 1, 2026, due to changes in Google Ads data retention policies, the BigQuery Data Transfer Service connectors for Google Ads, Search Ads 360, and Google Analytics 4 will stop populating data for backfill runs with dates earlier than 37 months from the current date. For more information about the changes to the Google Ads data retention policies, see New Data Retention Policy for Google Ads starting June 1, 2026. You can configure BigQuery sharing listings for multiple regions, which allows you to share datasets and linked replicas across global geographies simultaneously. For more information, see Create a listing. This feature is generally available (GA). Starting August 11, 2026, the billing label for the BigQuery Data Transfer Service SKU will be updated from goog-bq-feature-type: DATA_TRANSFER_SERVICE (uppercase) to goog-bq-feature-type: data_transfer_service (lowercase) to provide a more unified and complete view of your costs. This update expands the scope of the label to cover all costs associated with the BigQuery Data Transfer Service, including data transfer orchestration, data load operations, and data merge operations. To ensure uninterrupted cost visibility, update your billing exports, dashboards, and reporting queries to include both these labels.

Virtual Private Cloud - Organization Policy Service custom constraints are available in General Availability for private services access connections. For more information, see Restrict private connections with organization policies.

GKE new features - In GKE Standard clusters, live migration is now supported on Confidential GKE Nodes that use C3D machine series with AMD SEV enabled. GKE Pod Snapshots is generally available on clusters that run version 1.35.3-gke.1234000 or later. For more information, see About GKE Pod snapshots.

Cloud Trace - The following remote MCP servers automatically generate a trace span for tools/call operations. These spans can help you understand the behavior of your agentic applications. For more information, see Investigate MCP calls using Trace. Agent Search AlloyDB for PostgreSQL Google Security Operations

Secure Source Manager - You can now use CODEOWNERS files to define required reviewers for pull requests.

Cloud Composer - Managed Airflow (Gen 2) environments can no longer be created in Johannesburg (africa-south1). We're switching this region to supporting only Managed Airflow (Gen 3) environments. Existing Managed Airflow (Gen 2) environments in this region aren't affected by this change. Cloud Composer 2 environments can no longer be created in Johannesburg (africa-south1). We're switching this region to supporting only Cloud Composer 3 environments. Existing Cloud Composer 2 environments in this region aren't affected by this change.

Looker - Check release page for more information.

Apigee API Hub - Unified MCP Proxy Configuration in API hub (Preview) API hub allows you to create and deploy Model Context Protocol (MCP) discovery proxies. Select specific API operations from your registered catalog, bundle them into an MCP server, and automatically deploy them as discovery proxies in your Apigee project. This feature eliminates the need to manually author MCP specifications in Apigee. This feature is in Public Preview. For more information, see Manage MCP proxies.

Bigtable - You can use Aerospike migration tools to migrate data from Aerospike to Bigtable with minimal or zero downtime. This feature is available in Preview. For more information, see Migrate Aerospike to Bigtable.

Workstation - You can configure a workstation authorization URL for workstation clusters. When you specify an authorization URL, unauthorized HTTP or HTTPS requests received by workstation VMs in the cluster are redirected to this endpoint. The endpoint is then responsible for retrieving an access token and redirecting back to the original hostname with the token.

Policy Intelligence - You can use the IAM recommender to remediate excessive permissions for Google groups by transitioning from permanent role bindings to temporary, on-demand entitlements in Privileged Access Manager (PAM). This feature is in Preview. To learn how to remediate excessive permissions, see Remediate excessive permissions with Privileged Access Manager.

IAM - You can use the IAM recommender to remediate excessive permissions for Google groups by transitioning from permanent role bindings to temporary, on-demand entitlements in Privileged Access Manager (PAM). This feature is in Preview. To learn how to remediate excessive permissions, see Remediate excessive permissions with Privileged Access Manager.

Cloud Storage Transfer - Storage Transfer Service now supports AWS GovCloud (US) regions, including us-gov-east-1 and us-gov-west-1. You can now transfer data from Amazon S3 buckets located in GovCloud regions using both batch and event-driven transfers. For more information, see Configure access to a source: Amazon S3 and Event-driven transfers from AWS S3.

Chronicle SOAR - Release 6.3.84 is now available for all regions. Release 6.3.85 is being rolled out to the first phase of regions as listed here. This release contains internal and customer bug fixes.