Welcome to issue #319 November 7th, 2022

News

Flare Network gives blockchain a boost with groundbreaking protocol running on Google Cloud - Flare Network launches interoperable blockchain based on power, security, and scalability of Google Cloud.

Flexible committed use discounts — a simple new way to discount Compute Engine instances - You can use new flexible committed use discounts (CUDs) across multiple VM families and regions and get 28% off one year and 46% off 3 years.

What’s new in Firestore from Cloud Next and Firebase Summit 2022 - Use Firestore to unlock application innovation with simplicity, speed and confidence.

Introducing Cloud Workstations: Managed and Secure Development environments in the cloud - Cloud Workstations is a remote, managed, and secure IDE solution for developers entering Public Preview.

Navigate more sustainably and optimize for fuel savings with eco-friendly routing - Routes API offers eco-friendly routing to improve fuel efficiency and lower CO2 emissions.

Introducing reCAPTCHA Enterprise’s Mobile SDK to help protect iOS, Android apps - Mobile app usage surpasses web traffic for many enterprise customers, and our new reCAPTCHA Enterprise Mobile SDK can help protect their Android and iOS users.

The Google Workspace blog has moved to a new home - The Google Workspace blog has a new home, now on workspace.google.com.

Meet Google Cloud at Supercomputing 2022 - Find out all the details on Google Cloud’s presence at the Supercomputing 2022 conference.

Articles, Tutorials

Infrastructure, Networking, Security, Kubernetes

Cloud CISO Perspectives: October 2022 - CISO Phil Venables takes a look back at our recent Google Cloud Next conference, and what it means for cloud security.

An introduction to Software Delivery Shield - Take a look at new features introduced as part of the Software Delivery Shield, helping secure your software delivery supply chain.

How we secured our data on the Cloud - Challenges and solutions while enforcing VPC Service Controls.

Use Workload Identity Federation with another GCP project - Using Workload Identity Federation to access second GCP project.

Terraform CDK GCP - Getting started with Terraform CDK in GCP.

App Development, Serverless, Databases, DevOps

Practicing the principle of least privilege with Cloud Build and Artifact Registry - How to use Cloud Build's support for per-trigger service accounts to apply the principle of least privilege to builds that push images to Artifact Registry.

A deep dive into Spanner’s query optimizer - Learn how the Cloud Spanner query optimizer helps developers by automatically choosing performant and efficient query plans.

Understanding lock_scanned_ranges hint of Cloud Spanner - We will discuss on LOCK_SCANNED_RANGES hint. Acquiring exclusive locks is needed for different scenario and important to understand hint.

Databases on Google Cloud Part 7: Managed Service for Prometheus, Serverless MongoDB Atlas and the Finale - In this blog, you will read about an assortment of some of my favorite Google Cloud Database, Storage features and other related services.

Cloud Functions – Develop it the right way - Using Functions Framework to develop Cloud Functions locally with a ease.

Top 10 reasons to get started with Log Analytics today - Cloud Logging launched Log Analytics powered by BigQuery. The top 10 reasons to get started with Log Analytics for no additional cost.

Index Recommender Extension on AlloyDB for PostgreSQL - Using google_db_advisor extension in AlloyDB to get recommendation on creating indexes.

Cloud Workflows — Orchestrate in declarative way - An overview of Cloud Workflows and comparison with Cloud Composer.

Workflows tips’n tricks - Useful tips and tricks when working with Workflows.

Getting started with the Google Cloud CLI interactive shell for serverless JavaScript developers - Step by step tutorial to deploy Cloud Run application from command line.

Running Solana Nodes on GCP - Solana nodes can be run on Google Cloud. This article shows you how.

Big Data, Analytics, ML&AI

Building advanced Beam pipelines in Scala with SCIO

Real-time Data Integration from Oracle to Google BigQuery Using Striim - A performance study on real-time data Integration from Oracle to Google BigQuery Using Striim.

Unleashing the power of BigQuery to create personalized customer experiences - BigQuery’s high performance drives real-time, actionable decision-making that enables Wunderkind to bring large brands closer to their customers.

How to build customer 360 profiles using MongoDB Atlas and Google Cloud for data-driven decisions - Learn how to build Customer 360 Profiles, including the architecture and a reusable repository that customers can use in their environments.

Creating Serverless Spark Jobs with Google Cloud - Write scalable Spark applications and data pipelines without any manual infrastructure provisioning or tuning.

90% cost saving using Terraform to create BigQuery subscriptions to read from PubSub - Architectural changes to reduce costs for BigQuery data ingestion.

BigQuery: Basics & Internals: Part # 2 - Part # 2 of the series of posts on Internal Working of BigQuery.

Cloud Data Fusion: Building Job Metadata Pipelines - This article explores building a pipeline for the purposes of sourcing job related metadata and metrics for Data Fusion and storing them in BigQuery for analysis.

Doing AI with SQL Syntax?! (Bigquery) - A simple demo explaining how to do Machine Learning in BigQuery.

Various

Can writing code be emotional? Google Cloud’s Kelsey Hightower says yes - “Creating good software is very emotional.” Googler Kelsey Hightower shares how he champions a rarely-noticed aspect of engineering to build trust and help customers succeed.

From the FBI to Google Cloud, meet CISO Director MK Palmore - Office of the CISO Director MK Palmore on his transition from government to private sector, his next big challenge, and diversifying cybersecurity.

FAQs on Google Cloud (GCP) Certifications - Common questions regarding GCP Certifications answered.

Slides, Videos, Audio

GCP Podcast - #326 Assured Workloads with Key Access Justifications with Bryce Buffaloe and Seth Denney.

Security Podcast - #94 Meet Cloud Security Acronyms with Anna Belak.

Releases

Anthos clusters on AWS - Anthos clusters on AWS (previous generation) aws-1.13.1-gke.1 is now available. You can now launch clusters with the following Kubernetes versions: 1.22.15-gke.1400 1.23.12-gke.1400 1.24.6-gke.1300. This release fixes the following vulnerabilities: CVE-2021-3999 CVE-2022-40674 CVE-2021-46828 CVE-2022-2526 CVE-2022-1587 CVE-2022-1586 CVE-2022-37434 CVE-2022-2509 CVE-2022-3176 CVE-2022-2602 CVE-2022-2585.

Anthos clusters on bare metal - 1.13. Cluster lifecycle improvements in 1.13 and later Preview: You can use the Google Cloud console to create user clusters, delete user clusters, and to add and remove node pools from a user cluster. 1.13. Release 1.13.1 Anthos clusters on bare metal 1.13.1 is now available for download. Fixes: Increased the CPU limit for the metrics-server Pod to prevent it from frequently restarting. Known issues: For information about the latest known issues, see Anthos on bare metal known issues in the Troubleshooting section.

Anthos clusters on Azure - You can now launch clusters with the following Kubernetes versions: 1.22.15-gke.100 1.23.11-gke.300 1.24.5-gke.200. This release includes fixes for following CVEs: CVE-2021-3999 CVE-2022-35252 CVE-2020-35525 CVE-2020-35527 CVE-2021-20223 CVE-2022-40674 CVE-2022-37434 CVE-2022-2509 CVE-2022-2031 CVE-2021-46828 CVE-2022-32744 CVE-2021-3999 CVE-2022-32745 CVE-2022-1586 CVE-2022-1587 CVE-2022-32742 CVE-2022-32746 CVE-2022-1586 CVE-2022-1587 CVE-2022-40674 CVE-2022-37434 CVE-2021-3999 CVE-2022-2509 CVE-2021-46828 CVE-2022-1679 CVE-2022-2795 CVE-2022-3028 CVE-2022-38177 CVE-2022-38178 CVE-2021-3502 CVE-2021-44648 CVE-2021-46829 CVE-2022-2905 CVE-2022-3080 CVE-2022-35252 CVE-2022-39190 CVE-2022-41222 CVE-2020-8287 CVE-2022-1184 CVE-2022-2153 CVE-2022-39188 CVE-2022-20422 CVE-2022-3176 CVE-2022-3172 CVE-2022-2602.

Anthos clusters on VMware - Anthos clusters on VMware 1.13.1-gke.35 is now available. Increased logging granularity for the cluster backup operation including indicating status for each step of the process. Fixed the issue of a race condition that blocks the deletion of an old machine object during cluster upgrade or update.

Apigee X - On November 4, 2022 we released an updated version of Apigee X. Apigee support for using Private Service Connect (PSC) for client-to-Apigee (northbound) traffic is now GA.

AppEngine Standard - Build environment variables support is now generally available.

BigQuery - SQL functions for managing wrapped keysets are generally available (GA). The query execution graph is now in preview. The BigQuery migration assessment is now available for Amazon Redshift in preview. The max_staleness materialized view option helps you achieve consistently high performance with controlled costs when processing large, frequently changing datasets. Column-level data masking is now generally available (GA).

Chronicle - Enhancements to the Detection Engine API The StreamDetectionAlerts method in the Detection Engine API has been enhanced to return detections generated by both user-created rules and Chronicle Curated Detections. The Ingestion API udmevents and createentities methods now accept both uppercase and lowercase characters in the following fields: <_Noun_>.mac: defined when calling the udmeevents method, where Noun is either principal, src, target, observer, intermediary, or about. Chronicle Feed Management added a hostname field to the configuration workflow of certain log types.

Cloud Composer - The apache-airflow-providers-google package in images with Airflow 2.1.4 and 2.2.5 was upgraded to 2022.10.17+composer. The google-api-core package was downgraded from 2.8.2 to 2.8.1. Cloud Composer 1.19.13 and 2.0.30 images are available: composer-1.19.13-airflow-1.10.15 (default) composer-1.19.13-airflow-2.1.4 composer-1.19.13-airflow-2.2.5 composer-1.19.13-airflow-2.3.3 composer-2.0.30-airflow-2.1.4 composer-2.0.30-airflow-2.2.5 composer-2.0.30-airflow-2.3.3. Cloud Composer versions 1.17.3 and 2.0.0-preview.4 have reached their end of full support period.

Compute Engine - The image import tool now supports importing Ubuntu 22.04 LTS images to Google Cloud.

Dataproc Serverless - Dataproc Serverless for Spark now allows the customization of driver and executor memory using the following properties: spark.driver.memory spark.driver.memoryOverhead spark.executor.memory spark.executor.memoryOverhead. Dataproc Serverless for Spark now outputs approximate_usage after a workload finishes that shows the approximate DCU and shuffle storage resource consumption by the workload. Removed the Auto Zone placement check for supported machine types.

Dataproc - Dataproc Serverless for Spark now allows the customization of driver and executor memory using the following properties: spark.driver.memory spark.driver.memoryOverhead spark.executor.memory spark.executor.memoryOverhead. Dataproc Serverless for Spark now outputs approximate_usage after a workload finishes that shows the approximate DCU and shuffle storage resource consumption by the workload. Removed the Auto Zone placement check for supported machine types.

Deep Learning VM - M99 Release Fixed a bug where Jupyter widgets through ipywidgets were causing errors and not displaying.

Document AI - A new Release Candidate (RC) version of the Document OCR Processor, pretrained-ocr-v1.1-2022-09-12, is available in the US and EU.

KMS - Cloud HSM resources are now available in the following regions: europe-southwest1 europe-west9 me-west1 For information about which locations are supported by Cloud KMS, Cloud HSM, and Cloud EKM, see Cloud KMS locations.

Google Kubernetes Engine - (2022-R26) Version updates GKE cluster versions have been updated. You can now easily identify clusters that use certificates incompatible with Kubernetes version 1.23.

GKE - (2022-R26) Version updates Version 1.23.12-gke.100 is now the default version.

Google Kubernetes Engine Rapid - (2022-R26) Version updates Version 1.24.5-gke.600 is now the default version in the Rapid channel.

Google Kubernetes Engine Regular - (2022-R26) Version updates Version 1.23.12-gke.100 is now the default version in the Regular channel.

Google Kubernetes Engine Stable - (2022-R26) Version updates Version 1.22.15-gke.100 is now the default version in the Stable channel.

Load Balancing - Cloud Load Balancing introduces the internal regional TCP proxy load balancer.

Cloud Logging - The Logs tab available for each cluster on the Kubernetes Engine > Clusters page now includes suggested queries for your logs. You can now collect Aerospike logs from the Ops Agent, starting with version 2.22.0.

StratoZone - Added ability to export digital sustainability report. Added host maintenance policy options for Google sole-tenant pricing. StratoProbe 5.0.5.1 - Added the ability to configure the collector to use IP addresses instead of FQDN to identify and deduplicate assets. Updated StratoZone Portal EULA. StratoProbe 5.0.5.1 - Updated StratoProbe EULA. StratoProbe 5.0.5.1 - Updated the data collection method for mFit assessments on Windows. Updated moderate and aggressive right-sizing defaults for Google sole-tenant nodes. Added CloudSQL and sole-tenant pricing for Milan. Removed preferences tab under Access Management page and Additional Software option under sizing options. Updated error message for authentication failures on login page with detailed instructions to fix common issues. Fixed an issue with editing an application in the StratoZone portal. Fixed an issue with the ability to add partner users. Fixed an issue with search on database inventory page. StratoProbe 5.0.5.1 - Fixed an issue with IP address list import.

Cloud Monitoring - You can now add table widgets to custom dashboards that let you limit the number of table rows, persiste specific columns, display only those rows with the highest, or lowest values, and that display a visual indicator of the value as compared to the range of possible values.

Cloud Router - The Cloud Router BGP MD5 authentication feature is Generally Available (GA).

Cloud PubSub - BigQuery subscriptions now support the Avro logical types timestamp-micros, date, and time-micros.

reCAPTCHA Enterprise - reCAPTCHA Enterprise Mobile SDK v18.0.0 is now generally available.

Resource Manager - The feature for listing all tags that are attached to or inherited by your resources has entered general availability. You can now use the Cloud Console UI to create and manage tags.

Service Mesh - 1.15.x. 1.15.3-asm.1 is now available. Managed Anthos Service Mesh. VPC-SC for managed Anthos Service Mesh is generally available (GA) in the rapid channel. Managed Anthos Service Mesh. Version 1.15 is now available for managed Anthos Service Mesh and is rolling out to the Rapid Release Channel. End-user authentication is being made available to managed Anthos Service Mesh in the rapid release channel.

Cloud Spanner - Support for the NHibernate ORM is now generally available, enabling you to use Cloud Spanner as a backend database for the NHibernate framework.

Vertex AI - Vertex AI Prediction You can now use A2 machine types to serve predictions. Vertex ML Metadata You can now filter contexts, executions, and artifacts by association and attribution. Vertex AI Prediction Custom prediction routines (CPR) are now Generally Available.

VPC Service Controls - Beta stage support for the following integration: BigQuery Data Policy API.

Virtual Private Cloud - Private Service Connect supports internal regional TCP proxy load balancers as a service attachment target in General Availability.

If you have suggestion, feedback or link you want to share feel free to email me at zdenko@gcpweekly.com

Have a great week,

Zdenko