Google Cloud Weekly - GCP Newsletter #315

Welcome to issue #315 October 10th, 2022

News

Billing Compute Engine Infrastructure Official Blog

New Google Cloud Spot VM price reductions: Up to 11% off already discounted - New, lower prices available on Google Cloud Spot VMs.

Cloud SDK Cloud Storage Infrastructure Official Blog

Introducing gcloud storage: up to 94% faster data transfers for Cloud Storage - gcloud CLI enables super-fast data transfers into Cloud Storage and delivers a consistent CLI experience across all Google Cloud services.

Data Analytics Official Blog

Moving to Log Analytics for BigQuery export users - Log Analytics combines the power of BigQuery with Cloud Logging. Learn why you should migrate to Log Analytics and how to convert SQL queries originally made for BigQuery log sink.

Cloud Monitoring Official Blog

Cloud Monitoring further embraces open source by adding PromQL - PromQL is now supported in Cloud Monitoring’s Metrics Explorer and dashboards. Use the query language that Kubernetes devs already know and love.

Cloud Firestore Official Blog

Querying Firestore in the Cloud Console - You can now visually construct queries using all the power of the Firestore SDK—query collections or collection groups using multiple WHERE clauses, equalities, and comparison operators.

Contact Center AI Data Analytics Official Blog

CCAI Platform goes GA: Faster time to value with AI for your Contact Center - Google Cloud Contact Center AI provides end-to-end capabilities that bring AI to the call center.

Official Blog Vertex AI

Streamline your models to production with the Vertex AI Model Registry - The Vertex AI Model Registry is the central repository where you can manage the lifecycle of all your ML models.

Google Maps Platform Javascript Official Blog

Announcing Advanced Markers: easily create highly customized, faster performance markers - With Advanced Markers for the Maps JavaScript API. Now, you can create highly customized, faster performance markers that provide a richer user experience, showcase your brand, and save time and resources.

Official Blog

Google announces new Health Equity Research Initiative to mitigate health disparities - The Google Health Equity Research Initiative is designed to help researchers advance health equity research and improve health outcomes for groups disproportionately impacted by health disparities and/or negative social and structural determinants of health.

Official Blog Workspace

U.S. Army chooses Google Workspace to deliver cutting-edge collaboration - Google Public Sector will provide 250,000 active-duty enlisted members of the U.S. Army with Google Workspace.

Articles, Tutorials

Infrastructure, Networking, Security, Kubernetes

Anthos Istio Official Blog

From open source to managed services: Maisons du Monde’s service mesh journey - Hear why Maisons du Monde chose to migrate from Istio to Anthos Service Mesh and the continuing benefits of their application modernization.

Networking Official Blog

6 Building blocks for cloud networking - Networking Architecture - This blog looks at 6 reference blocks of cloud networking and some services that can assist when designing your cloud networks.

Artifact Registry Google Kubernetes Engine Official Blog

Use Artifact Registry and Container Scanning to shift left on security and streamline your deployments - Artifact Registry and Container Scanning help customer shift left security for kubernetes GKE and Cloud Run.

CI Cloud Build Security

Securing Software Supply Chain on Google Cloud - The purpose of this document is to provide a step by step guide and related artifacts to set up a secure CI/CD pipeline for a containerized workload.

IAM Security

Best security practices for Service Account keys on Google Cloud - The best security practices that can be implemented on service accounts and mitigate them without getting compromised.

Cloud Monitoring Networking Security VPC

Notification of Firewall denies - An example of using Cloud Monitoring alerting subsystem to inform users about rejected requests because of firewall rules in VPC.

Networking VPC

VPC design considerations for Google Cloud - Covering 201 to 301, a quick recap of all network design fundamental considerations used in Google Cloud’s VPC.

Kubernetes Terraform Workload Identity

How to use Workload Identity for access provisioning of Kubernetes services on Google Cloud - Workload Identity is the recommended way for your workloads running on Google Kubernetes Engine (GKE) to access Google Cloud services in a secure and manageable way.

App Development, Serverless, Databases, DevOps

GCP Experience Infrastructure Official Blog

100,000 new SUVs booked in 30 minutes: How Mahindra built its online order system - Mahindra Group’s Automotive Division optimized their website in anticipation of the release of the new vehicle model.

Google Cloud Platform Official Blog

Tell us about your Cloud Architecture dreams - Learn how Google is thinking about cloud architecture and share your thoughts with us.

Javascript NodeJS

Log levels in Google Cloud (Node.js) - Using the correct logging format in serverless instances.

Cloud Logging Cloud Storage

GCP Cloud Logging : How to Enable Data Access Audit For Selected Buckets - This post explains how to enable data access audit for selected GCS buckets while excluding other buckets within the same project from being audited.

Apigee Official Blog reCAPTCHA

How to secure APIs against fraud and abuse with reCAPTCHA Enterprise and Apigee X - This Apigee X with reCAPTCHA Enterprise proxy code guide shows exactly how to provision a reCAPTCHA proxy flow.

.NET Cloud Functions Serverless

.NET 6 on Cloud Functions (2nd gen) - deploying .NET functions to Cloud Functions 2nd gen.

Cloud Run

What’s new in Cloud Run 2022 - Top 5 problems that Cloud Run solved for me in 2022.

Big Data, Analytics, ML&AI

Data Analytics Infrastructure Official Blog

Secure streaming data with Private Service Connect for Confluent Cloud - Confluent Cloud supports Google Cloud Private Service Connect making it easier for organizations to get secure private network connectivity.

Data Analytics Official Blog Serverless

Analyzing satellite images in Google Earth Engine with BigQuery SQL - Learn how to use BigQuery SQL inside Google Earth Engine to analyze satellite imagery to track farm health.

BigQuery Data Analytics GCP Experience Official Blog

Built with BigQuery: How Tinyclues and Google Cloud deliver the CDP capabilities that marketers need - Built with BigQuery: How TinyClues delivers their next generation headless CDP solution.

BigQuery Data Analytics Official Blog

How to simplify and fast-track your data warehouse migrations using BigQuery Migration Service - A suite of tools for enabling end-to-end data warehouse migrations to BigQuery.

BigQuery Data Analytics Official Blog

Building an automated data pipeline from BigQuery to Earth Engine with Cloud Functions - This post walks through the architecture for a recently open sourced architecture of an automated data pipeline with BigQuery and Earth Engine.

BigQuery Data Science Python

3 BigQuery SQL Tricks to Undo Your Screw Ups - Messing up while writing and running SQL is inevitable; your recovery determines whether this is a hiccup or an apocalypse.

BigQuery Data Analytics

GCP — Proactive DQ Alert Setup - Using Data Quality library to manage pro-active data quality alerts on the data ingested in BigQuery.

Apache Beam Cloud Dataflow

Using custom containers with Dataflow flex templates - This article describes how to use custom containers with Dataflow templates.

AI Machine Learning Official Blog

How our commitment to open source unlocks AI and ML innovation - From TensorFlow, JAX, and TFX to MLIR, KubeFlow, and Kubernetes, Google OSS contributions help accelerate machine learning.

Official Blog Vertex AI

Building reusable Machine Learning workflows with Pipeline Templates - This blog post demonstrates how to create, upload, and (re)use end-to-end pipeline templates using the Kubeflow Pipelines (KFP) SDK registry client (`RegistryClient`), Artifact Registry, and Vertex AI Pipelines.

Official Blog PyTorch TPU

Building Large Scale Recommenders using Cloud TPUs - In this blog post, we introduce concepts to generate and analyze traces to debug PyTorch training performance on TPU VM.

Various

Google Cloud Platform Official Blog

Sales specialist, mentor, and woman in Web3: Anella Bokhari is building community and helping others tell their story along the way - Sales Specialist, Mentor, and Woman in Web3: Anella Bokhari Wears Many Hats But Has the Same “Why” – Helping Others Find & Tell Their Stories.

Event Official Blog

Google Cloud Next for application developers: 5 can’t miss breakout sessions - These five breakout sessions at Google Cloud Next ‘22 will bring application developers up to speed on trends on containers, serverless, and CI/CD.

Event Official Blog

5 Google Cloud Next ’22 sessions on Cloud FinOps Cost Optimization - Learn from industry experts and real-world customers on how to optimize your costs on Google Cloud and create efficient solutions to maximize your business value on cloud.

Event Official Blog

Google Cloud Next ‘22 for enterprise cloud architects: 5 breakout sessions you can’t miss - This year, Google Cloud Next will feature plenty of keynotes and sessions for enterprise cloud architects.

Event Official Blog

Google Cloud Next for executives and IT business leaders: 5 key breakout sessions - These five breakout sessions at Google Cloud Next ‘22 will illustrate how businesses are using cloud technology to build for the future.

Slides, Videos, Audio

GCP Podcast - #322 2022 State of DevOps Report with Nathen Harvey and Derek DeBellis.

Kubernetes Podcast - #191 Fresh Pivot, with Dan Stein.

Security Podcast - #86 How to Apply Lessons from Virtualization Transition to Make Cloud Transformation Better.

GCP Life Podcast - #24 “How long has that API been open!” – In this episode we discuss; Optus Hack, Next 2022, VS Code, Anthos On Prem, BQ Streaming, GCP Data Tools, Firewall Policies, Interview with Dheerendra Nath, What are OKR’s?

 

Releases

Anthos clusters on AWS - Anthos clusters on AWS (previous generation) aws-1.13.0-gke.5 is now available. You can now launch clusters with the following Kubernetes versions: 1.22.15-gke.300 1.23.12-gke.300 1.24.6-gke.200. This release fixes the following vulnerabilities: CVE-2022-1292 CVE-2022-1586 CVE-2022-2097 CVE-2022-2068 CVE-2022-34903 CVE-2022-37434. If you use the deprecated ubuntuRepositoryMirror: 'packages.cloud.google.com' field in the AWSManagementService resource and are upgrading your node pool, you must upgrade only to the 1.22.15-gke.300 or 1.23.12-gke.300 versions included in this release.

Anthos clusters on bare metal - 1.12. Release 1.12.3 Anthos clusters on bare metal 1.12.3 is now available for download. Fixes: Updated the container image to resolve a YAML text/template vulnerability. Known issues: For information about the latest known issues, see Anthos on bare metal known issues in the Troubleshooting section.

Anthos GKE on AWS - Anthos clusters on AWS (previous generation) aws-1.13.0-gke.5 is now available. You can now launch clusters with the following Kubernetes versions: 1.22.15-gke.300 1.23.12-gke.300 1.24.6-gke.200. This release fixes the following vulnerabilities: CVE-2022-1292 CVE-2022-1586 CVE-2022-2097 CVE-2022-2068 CVE-2022-34903 CVE-2022-37434. If you use the deprecated ubuntuRepositoryMirror: 'packages.cloud.google.com' field in the AWSManagementService resource and are upgrading your node pool, you must upgrade only to the 1.22.15-gke.300 or 1.23.12-gke.300 versions included in this release.

Apigee X - On October 6, 2022, Apigee announced the GA launch of Cloud Monitoring for Apigee gateway node usage for Pay-as-you-go customers.

Assured Workloads for Goverment - If you create a public cluster on Google Kubernetes Engine (GKE) version 1.23 or newer in any existing Assured Workloads compliance regime folder, it might fail with the following error: ManagedResourceService.AddServiceBundle, PERMISSION_DENIED'/> APPLICATION_ERROR;google.cloud.servicedirectory.v1beta1/ManagedResourceService.AddServiceBundle;Request is disallowed by organization's constraints/gcp.restrictServiceUsage constraint for 'projects/attempting to use service 'servicedirectory.googleapis.com' To fix this issue, the Service Directory API (servicedirectory.googleapis.com) must be added as an allowed service on the resource usage restriction organization policy for the folder.

Batch - Starting today, to submit a job, you must also have the Service Account User (roles/iam.serviceAccountUser) IAM role on the service account used by a job. The new Batch Job Editor (roles/batch.jobsEditor) IAM role is intended to replace the existing Batch Job Administrator (roles/batch.jobsAdmin) role.

BigQuery - You can now explore query results in Colab using Python libraries. Concurrent connections quotas are now based on the project that initiates the Storage Write API request, not the project containing the BigQuery dataset resource. A weekly digest of client library updates from across the Cloud SDK.

Cloud Build - Users can now build repositories from GitLab Enterprise Edition, including instances hosted in a private network.

Carbon Footprint - We improved the data quality and updated coverage for the following services: Improved mapping between Google Cloud services and internal resource use, particularly for a few Networking SKUs. Updated carbon model to version 6.

Chronicle - Chronicle Feed Management for the Rapid7 Insight log type now enables you to configure the Rapid7 API endpoint. Chronicle Curated Detections has been enhanced with the following additional detection content: Windows-based threats: Living off the land (LotL): identifies tools native to Microsoft Windows operating systems that can be abused by threat actors for malicious purposes. The following supported default parsers have changed.

Cloud Composer - Starting from January 2023, the default version for new Cloud Composer environments changes from Cloud Composer 1 to Cloud Composer 2. Airflow worker memory requirements in Airflow 2.3 are 30% higher compared to workers in Airflow 2.2 or Airflow 2.1, which causes problems with automatically calculated Airflow worker concurrency.

Compute Engine - Generally available: Tau T2A, Google Cloud's first general purpose VM family to run on Arm architecture, is now generally available in these three regions.

Dataflow - Dataflow is now available in Tel Aviv (me-west1). The Dataflow VM image has been updated to include several mitigations for a recently disclosed hardware speculative execution vulnerability named Retbleed.

Dataproc Serverless - Dataproc is now available in the me-west1 region (Tel Aviv, Israel). Preemptible SPOT VMs can be used as secondary workers in a Dataproc cluster.

Dataproc - Dataproc is now available in the me-west1 region (Tel Aviv, Israel). Preemptible SPOT VMs can be used as secondary workers in a Dataproc cluster.

Dialogflow - Dialogflow CX now provides a conversation history tool, which can be used to browse, filter, and analyze production conversations.

Networking Interconnect - Dedicated Interconnect support is available in the following colocation facilities: Equinix SO2, Sofia For more information, see the Locations table.

GKE - The following control plane and node versions are now available: 1.21.14-gke.7100 1.22.15-gke.100 1.23.12-gke.100 1.24.5-gke.600.

Google Kubernetes Engine Rapid - The following versions are now available in the Rapid channel: 1.21.14-gke.7100 1.22.15-gke.100 1.23.12-gke.100 1.24.5-gke.600 1.25.1-gke.500.

Google Kubernetes Engine Regular - The following versions are now available in the Regular channel: 1.21.14-gke.5300 1.22.13-gke.1000.

Google Kubernetes Engine Stable - The following versions are now available in the Stable channel: 1.21.14-gke.5300.

Cloud Logging - You can now collect Oracle Database logs and metrics from the Ops Agent, starting with version 2.22.0. A weekly digest of client library updates from across the Cloud SDK.

Media CDN - Media CDN now supports origin redirect following and origin header overrides in Preview.

Memorystore for Memcached - Added new Memorystore for Memcached region: Tel Aviv (me-west1).

Cloud Memorystore - Added new Memorystore for Redis region: Tel Aviv (me-west1).

Cloud Monitoring - You can now collect Oracle Database logs and metrics from the Ops Agent, starting with version 2.22.0.

Cloud Interconnect - Dedicated Interconnect support is available in the following colocation facilities: Equinix SO2, Sofia For more information, see the Locations table.

Cloud VPN - Cloud VPN is now available in region me-west1 (Tel Aviv, Israel).

Network Intelligence Center - Network Analyzer is now Generally Available. Preview: Network Topology provides dedicated views and insights of VMs and instance groups that generate higher egress.

Cloud Run - Cloud Run services can now connect to Memorystore for Redis instances using integrations (Preview). Cloud Run services can now use the Global External HTTP(S) Load Balancer to map Custom Domains using integrations (Preview). New security recommendations are created for Cloud Run services, which recommends securing environment variables that might contain passwords, API keys and Google application credentials.

Security Command Center - Error notifications in Security Command Center console When Security Command Center detects configuration errors that prevent services from detecting threats or vulnerabilities, a pop-up notification appears in the Security Command Center console.

Service Mesh - 1.12.x & 1.13.x & 1.14.x. The Istio and Go projects recently disclosed a CVE that can expose Anthos Service Mesh to remotely exploitable vulnerabilities. 1.14.x. 1.14.4-asm.2 is now available. 1.13.x. 1.13.8-asm.4 is now available. 1.12.x. 1.12.9-asm.3 is now available.

SAP Solutions - Monitoring agent for SAP HANA version 2.8 Version 2.8 of the monitoring agent for SAP HANA is now available.

Cloud Speech-to-Text - Speaker Diarization is now available for "Latest" models in en-US.

Cloud SQL MySQL - Terraform is supported when you use self-service maintenance.

Cloud SQL Postgres - Cloud SQL for PostgreSQL now supports the log_timezone and TimeZone flags. Terraform is supported when you use self-service maintenance.

Cloud SQL SQL Server - When you create an instance, you can set a permanent time zone for the instance. Terraform is supported when you use self-service maintenance.

Cloud Storage Transfer - Multipart upload for transfers originating from a file system is now generally available (GA) and enabled by default. The Storage Transfer Service REST API now provides a transferJobs.delete method. Support for exporting data from Cloud Storage to a file system is now generally available (GA).

Cloud Text-to-Speech - Text-to-Speech now offers these new voices: cloud-mr-IN-Wavenet-A, cloud-mr-IN-Standard-A, cloud-mr-IN-Wavenet-B, cloud-mr-IN-Standard-B, cloud-mr-IN-Wavenet-C, cloud-mr-IN-Standard-C.

Vertex AI - Incrementally train an AutoML model You can now incrementally train an AutoML image classification or object detection model by selecting a previously trained model. Vertex AI Feature Store The ability to delete feature values from an entity type is now available in Preview. Vertex AI model evaluation is now available in Preview.

VMware Engine - VMware Engine adds five service subnets for newly created private clouds.

Virtual Private Cloud - For auto mode VPC networks, added a new subnet 10.208.0.0/20 for the Tel Aviv me-west1 region. Accessing managed services using Private Service Connect with consumer HTTP(S) controls is available in General Availability for the global external HTTP(S) load balancer.

If you have suggestion, feedback or link you want to share feel free to email me at zdenko@gcpweekly.com

Have a great week,

Zdenko

Older messages

GCP Newsletter #314

Monday, October 3, 2022

Welcome to issue #314 October 3rd, 2022 News GKE Autopilot GPU Official Blog Introducing support for GPU workloads and even larger Pods in GKE Autopilot - GPU support launches on GKE Autopilot. Run

GCP Newsletter #313

Monday, September 26, 2022

Welcome to issue #313 September 26th, 2022 News AI Machine Learning Official Blog Vertex AI Enabling real-time AI with Streaming Ingestion in Vertex AI - Starting this month, Vertex AI Matching Engine

GCP Newsletter #312

Monday, September 19, 2022

Welcome to issue #312 September 19th, 2022 News BigQuery Data Analytics Datastream Official Blog Introducing Datastream for BigQuery - Serverless, seamless, and low-latency replication from relational

GCP Newsletter #311

Monday, September 12, 2022

Welcome to issue #311 September 12th, 2022 News Google Kubernetes Engine Official Blog Introducing Kubernetes control plane metrics in GKE - Metrics from Kubernetes control plane components, including

GCP Newsletter #310

Monday, September 5, 2022

Welcome to issue #310 September 5th, 2022 News Apigee Official Blog Introducing Pay-as-you-go pricing for Apigee API Management - Access Apigee API management with no upfront commitment while

You Might Also Like

.NET 9 Focuses on .NET Aspire & AI, Preview of Copilot in SQL Server Management Studio, More

Friday, November 15, 2024

Home | News | How To | Webcasts | Whitepapers | Advertise .NET Insight November 14, 2024 THIS ISSUE SPONSORED BY: ■ Build .NET Applications with Powerful Reporting ■ dtSearch® - INSTANTLY SEARCH

How to define and revisit your career goals

Friday, November 15, 2024

Learn how to define and revisit your career goals, align them with your life objectives, and create a fulfilling professional journey that optimizes for happiness and personal growth. Sébastien Dubois

eBook: The Cyber Insurance MFA Checklist

Friday, November 15, 2024

How to Comply with the Cyber Insurance MFA Checklist ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌

The Sequence Chat: Small Specialists vs. Large Generalist Models and What if NVIDIA Becomes Sun Microsystems

Friday, November 15, 2024

A controversial debate and a crazy thesis. ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏

Microsoft Confirms Zero-Day Exploitation of NTLM and Task Scheduler Flaws

Friday, November 15, 2024

THN Daily Updates Newsletter cover Generative AI For Dummies ($18.00 Value) FREE for a Limited Time Generate a personal assistant with generative AI Download Now Sponsored LATEST NEWS Nov 13, 2024

Post from Syncfusion Blogs on 11/13/2024

Friday, November 15, 2024

New blogs from Syncfusion Celebrating 75 Blogs of Chart Excellence: A Journey with Syncfusion Charts By Saravanan Madheswaran Syncfusion's Chart of the Week blog series hits 75. This blog

⚙️ Self-driving cabs in LA

Friday, November 15, 2024

Plus: The impact of algorithmic discrimination ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌

Introducing the "Art of Data" Book and Speaking Tour 🌎

Friday, November 15, 2024

Be the first to get access to Visual Capitalist's data storytelling secrets, before time runs out. View Online | Subscribe | Download Our App "The Art of Data" The Secrets to Data

21 Cranium-Catching Bitcoin Marketing Ideas For Dummies Savvyies

Friday, November 15, 2024

Top Tech Content sent at Noon! How the world collects web data Read this email in your browser How are you, @newsletterest1? 🪐 What's happening in tech today, November 13, 2024? The HackerNoon

Last chance: The future of access management webinar

Friday, November 15, 2024

Join us today! ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏