Google Cloud Weekly - GCP Newsletter #320
Welcome to issue #320 November 14th, 2022
News
Cloud Marketplace Official BlogAnnouncing Private Marketplace, now in preview - Private Marketplace functionality is now available in preview for Google Cloud Marketplace to help organizations scale compliant product discovery.
Google Kubernetes Engine Official BlogGoogle Kubernetes Engine Gateway controller is now GA for single cluster deployments - Google Cloud is excited to announce the General Availability of the GKE Gateway controller, Google Cloud’s implementation of the Kubernetes Gateway API, supporting single cluster deployments, in GKE 1.24+ clusters.
Apigee NoSQL Official BlogAnnouncing MongoDB connector for Apigee Integration - Easily connect your data and applications using the MongoDB Connector for Apigee Integration.
Assured workloads Official BlogAnnouncing Assured Workloads for Israel in Preview - Google Cloud is now offering Assured Workloads in Israel to help provide the confidence that when you use our services, you can have control, transparency, and can support your compliance and residency requirements.
Data Analytics Data Studio Official BlogAccess modeled data from Looker Studio, now in public preview - The integration between Looker and Looker Studio (Data Studio) is now available in public preview with additional functionality.
Google Maps Platform Official BlogAddress Validation API is now generally available
GCP Certification Official BlogUpskill for in-demand cloud roles with no-cost training on Coursera - Access no-cost Google Cloud training on Coursera - grow in-demand cloud skills to stand out in the job market.
Google Cloud Platform Official BlogLive from COP27, Egypt: A cloud’s eye view - Google Cloud experts and customers are weighing in daily on cloud and climate change during the United Nation’s COP27 conference in Egypt.
Articles, Tutorials
Infrastructure, Networking, Security, Kubernetes
Official Blog SecurityHow data embassies can strengthen resiliency with sovereignty - Embassies have been foreign safe havens for generations. The concept has been extended to data in the digital world, made possible by the flexible, distributed nature of the cloud. Here’s how it works.
Google Kubernetes Engine Official Blog4 low-effort, high-impact ways to cut your GKE costs (and your carbon footprint) - Trimming your Google Kubernetes Engine (GKE) costs is a simple matter of using built-in tools and following well-established best practices.
Google Kubernetes Engine Networking Official Blog Traffic DirectorTraffic Director: TLS routing using Envoy gateway proxy on GKE - We share a sample architecture for using Traffic Director with TLS routing for workloads deployed on the GKE cluster.
CISO Official Blog SecurityFor a successful cloud transformation, change your culture first - Lessons from the computing virtualization era can help ease an organization’s cloud transformation. First, start with your culture. Here’s why.
Google Cloud Platform InfrastructureLanding Zones on Google Cloud - An overview of using Landing Zones in your organization.
Cloud Load Balancing Compute Engine NetworkingLoad balancing with IPVS - Making work IP Virtual Server L4 Load Balancing on Google Cloud.
Anthos Official BlogHere's how Anthos helps you do cluster lifecycle operations in your hybrid and multicloud environment - The Google Cloud console provides a consistent cluster management experience for Anthos clusters across hybrid, on-prem and multicloud environments.
Cloud Armor Official BlogWhen should I use Cloud Armor? - This blog looks at a few examples where Cloud Armor might be a good fit.
App Development, Serverless, Databases, DevOps
Google Maps Platform Official BlogDiscover Elton and Los Angeles history using Google Maps Platform - Rocket Entertainment shares how they created an immersive map experience to celebrate Elton John’s final North American tour using Google Maps Platform.
Data Loss Prevention API Official BlogRedacting PII data in Dialogflow CX with Google Cloud Data Loss Prevention (DLP) - This blog post will provide a walkthrough on redacting sensitive information.
.NET Cloud Run.NET 7 on Cloud Run - .NET 7 was released a few days ago with new features and performance improvements and it’s already supported on Cloud Run on Google Cloud!
Cloud Run Official Blog ServerlessMigrate from Heroku Enterprise to Cloud Run while keeping devs and ops happy - Migrate Heroku apps to a private space like architecture on Google Cloud with Cloud Run.
Cloud Functions Cloud Run Official Blog ServerlessCloud Functions vs. Cloud Run: when to use one over the other - When building on top of a serverless platform like Cloud Run or Cloud Functions, here’s a framework for deciding which to choose for a given workload.
Cloud StorageGoogle Cloud Storage introduces Autoclass - Cloud Storage Autoclass automatically moves objects based on the last access time by policy to colder or warmer storage classes.
API Monitoring Official Blog3 best practices to reduce application downtime with Google Cloud’s API monitoring tools - Maintain high uptime and performance for your APIs without any overheads using Google Cloud’s API monitoring tools.
Big Data, Analytics, ML&AI
BigQuery BillingReducing BigQuery Costs: How We Fixed A $1 Million Query - Tips from Shopify Engineers to lower costs in BigQuery.
Cloud Composer Cloud Dataproc ServerlessUse Composer for Dataproc Serverless workloads - Using Composer to run Dataproc jobs.
BigQuery Data Science dbt GCP ExperienceBQ+DBT: 5 proven practices to scale you analytics infrastructure effectively without exploding your cloud costs - Sharing learnings and distilled techniques used to manage analytics infrastructure.
Document AI Official BlogDocument AI: A unified AI agent for your document processing needs - Learn how Document AI helps organizations understand and organize the data in their documents.
Cloud Dataflow Earth Engine Machine Learning Official BlogIntro to deep learning to track deforestation in supply chains - What’s deep learning, how fully convolutional network work, and how it can help detect deforestation in supply chains or other environmental use cases.
Official Blog Vertex AIBest Practices for managing Vertex Pipelines code - Best practices on how to manage the codebase for your ML pipelines.
Machine Learning Vertex AIMonitoring ML models with Vertex AI - Monitoring ML Models in Vertex AI.
Various
Official Blog Public SectorVeteran Transitioners Find Success at Google Public Sector - In celebration of Veterans Day, we spoke with five Googler Veterans who share their experiences and offer insights for others looking to make their way into tech after active-duty service.
GCP Experience Official BlogVeterans Day: Q&A with Terradepth about mapping the ocean floor, the final frontier on Earth, with Google Cloud - Terradepth has built a revolutionary platform that stores and shares ocean floor data using Google Cloud, including Google Kubernetes Engine and Cloud SQL.
Google Cloud Platform Official BlogSarah Masotti has worked and traveled across 60 countries — here’s how she channels her own experiences to help customers transform their businesses - Sarah Masotti has worked and traveled across 60 countries and is currently a Digital Transformation Lead. See how she brings creativity to help customers embrace change and transform their businesses.
Slides, Videos, Audio
GCP Podcast - #327 ML/AI Data Science for Data Analytics with Jed Dougherty and Dan Darnell.
Kubernetes Podcast - #193 KubeCon NA 2022.
Security Podcast - #95 Cloud Security Talks Panel: Cloud Threats and Incidents.
The Digital Show Podcast - #55 The Transformation Debrief: How Botify is Transforming SEO with AI to deliver for its customers, Botify continues to reinvent how companies perform SEO.
Releases
Anthos clusters on AWS - Two new vulnerabilities (CVE-2022-2585 and CVE-2022-2588) have been discovered in the Linux kernel that can lead to a full container break out to root on the node.
Anthos clusters on bare metal - 1.12. Release 1.12.4 Anthos clusters on bare metal 1.12.4 is now available for download. Fixes: Increased the CPU limit for the metrics-server Pod to prevent it from frequently restarting. Known issues: For information about the latest known issues, see Anthos on bare metal known issues in the Troubleshooting section. 1.11 & 1.12 & 1.13. Security bulletin (1.11, 1.12, and 1.13) A security vulnerability, CVE-2022-39278, has been discovered in Istio, which is used in Anthos Service Mesh, that allows a malicious attacker to crash the control plane.
Anthos clusters on Azure - Two new vulnerabilities (CVE-2022-2585 and CVE-2022-2588) have been discovered in the Linux kernel that can lead to a full container break out to root on the node.
Anthos clusters on VMware - Anthos clusters on VMware 1.11.5-gke.14 is now available. Fixed the issue where /var/log/audit/ is using up disk space on the admin workstation. Two new vulnerabilities, CVE-2022-2585 and CVE-2022-2588, have been discovered in the Linux kernel that can lead to a full container break out to root on the node. A security vulnerability, CVE-2022-39278, has been discovered in Istio, which is used in Anthos Service Mesh, that allows a malicious attacker to crash the control plane.
Anthos GKE on AWS - Two new vulnerabilities (CVE-2022-2585 and CVE-2022-2588) have been discovered in the Linux kernel that can lead to a full container break out to root on the node.
AppEngine Flexible - The option to set IP mode to internal for App Engine flexible environment instances is now generally available.
Bare Metal Solution - Enhancements to Bare Metal Solution resource management–Adds the following self-service functionality: Manage networks–You can create, attach, detach, and delete networks.
BigQuery - You can now transfer data from Amazon S3 and Azure Blob Storage to BigQuery using the LOAD DATA statement. In the Explorer pane, you can now star your projects, datasets, and tables. In the Cloud console, the Add data feature lets you access popular ways to search for and ingest data sources that work with BigQuery.
Cloud Build - Users can now customize Slack notifications for their builds using notifier templates.
Chronicle - Chronicle Curated Detections has been enhanced with the following additional detection content: Windows-based threats: Security Posture Downgrade: detects activity attempting to disable or decrease the effectiveness of security tools. The following default parsers have changed. Chronicle Feed Management added support for the Sentinel One Alerts API. When downloading data to CSV file format from the Chronicle user interface, raw log data is now excluded unless you are using Raw Log Scan.
Cloud Composer - Cloud Composer 1.19.14 and 2.0.31 release started on November 7, 2022. Airflow triggerer and Deferrable Operators are available in Preview in Cloud Composer 2. Cloud Composer 1.19.14 and 2.0.31 images are available: composer-1.19.14-airflow-1.10.15 (default) composer-1.19.14-airflow-2.1.4 composer-1.19.14-airflow-2.2.5 composer-1.19.14-airflow-2.3.3 composer-2.0.31-airflow-2.1.4 composer-2.0.31-airflow-2.2.5 composer-2.0.31-airflow-2.3.3. Cloud Composer versions 1.17.4 and 2.0.0-preview.5 have reached their end of full support period.
Compute Engine - Per VM Tier_1 networking performance now includes up to 25 Gbps egress for traffic going to public IP addresses (increased from 7 Gbps). Generally available: Share sole-tenant node groups with other projects or with your entire organization. The quota limits displayed in the Cloud console might be incorrect in the asia-south1 region. Generally available: Memory-optimized M3 virtual machine instances are available in the following regions and zones: Frankfurt, Germany (europe-west3-a,b) Eemshaven, Netherlands (europe-west4-a,b) Council Bluffs, Iowa, USA (us-central1-a,b) Las Vegas, Nevada, USA (us-west4-a,b) See VM instance pricing for details.
Data Fusion - DNS Resolution is generally available (GA).
Dataproc Serverless - Dataproc Serverless for Spark runtime versions 1.0.22 and 2.0.2 will be deprecated on 11/11/2022.
Dataproc - Dataproc images 2.0.50 and preview 2.1.0-RC3 are deprecated and cluster creations based on these images will fail starting 11/11/2022. New sub-minor versions of Dataproc images: 1.5.76-debian10, 1.5.76-rocky8, 1.5.76-ubuntu18 2.0.50-debian10, 2.0.50-rocky8, 2.0.50-ubuntu18 preview 2.1.0-RC3-debian11, preview 2.1.0-RC3-rocky8, preview 2.1.0-RC3-ubuntu20,. Dataproc Serverless for Spark now now uses runtime version 1.0.22 and 2.0.2. If a Dataproc Metastore service uses the gRPC endpoint protocol, a Dataproc or self-managed cluster located in any region can attach to the service.
Deep Learning Containers - M100 Release Regular package updates.
Deep Learning VM - M100 Release Migrated the Docker proxy agent to use a systemctl service.
Dialogflow - The following languages are now GA (generally available) for Dialogflow CX: Bulgarian (bg) Catalan (ca) Croatian (hr) Czech (cs) Greek (el) Hebrew (iw) Hmong (hmn) Hungarian (hu) Serbian (sr) Slovak (sk) Somali (so).
Cloud Data Loss Prevention - The ExcludeByHotword type was added as a type of ExclusionRule.
Document AI - v1beta3. New stable W2 processor version with the following enhancements: Breaks down long entities such as addresses into fine-grained sub-entities: StreetAddressOrPostalBox, AdditionalStreetAddressOrPostalBox, City, State, and Zip. New stable Payslip processor version with the following enhancements: Bonus, commissions, holiday, overtime, regular pay and vacation are now part of earning_item/earning_this_period and earning_item/earning_ytd.
Cloud Functions - Cloud Functions has added support for the following new runtimes at the Preview release level: Go 1.18 Go 1.19.
IAM - You can use the Google Cloud console to view authentication activities, which indicate when your service accounts and keys were last used to call a Google API.
Google Kubernetes Engine - The Filestore CSI driver has patched the following CVEs for newly created clusters running GKE version 1.23 and later: CVE-2022-37434 CVE-2019-19126 CVE-2019-25013 CVE-2022-23219 CVE-2021-35942 CVE-2020-10029 CVE-2021-3326 CVE-2022-23218 CVE-2020-1752 CVE-2021-3999 CVE-2020-27618 CVE-2021-27645 CVE-2016-10228 CVE-2020-6096 CVE-2021-33574 CVE-2022-29458. You can now use use compact placement for node auto-provisioning in Standard clusters with GKE version 1.25 and later. GKE Gateway for Single Cluster is now generally available in GKE version 1.24 and later. A security vulnerability, CVE-2022-39278, has been discovered in Istio, which is used in Anthos Service Mesh, that allows a malicious attacker to crash the control plane. When you create a LoadBalancer service in GKE, the Google Cloud controllers automatically create the following firewall rules and apply them to the GKE nodes to allow inbound connections on the Service port: Internal load balancer with GKE subsetting or external load balancer with regional backend services (RBS): k8s2-[cluster-id]-[namespace]-[service-name]-[suffixhash] Internal load balancer without GKE subsetting or external load balancer with target pool: k8s-fw-[loadbalancer-hash] These rules now include the load balancer IP address in the destination ranges field to further control the inbound connections to the nodes.
Cloud Logging - You can now dynamically include your log content in your alert notifications for easier troubleshooting.
Marketplace Partners - After your organization enrolls in Partner Advantage portal, you can start integrating your products with Google Cloud Marketplace and preparing to publish them at the same time that your organization completes the process of becoming an approved Google Cloud Build partner.
Migrate for Compute Engine - V.4.11.11 Security updates available.
Cloud Monitoring - Prometheus Query Language (PromQL) for creating charts and dashboards in Cloud Monitoring is now Generally Available. Cloud Monitoring now provides a GKE Clusters dashboard for enabling Managed Service for Prometheus on clusters in your project. You can now dynamically include your log content in your alert notifications for easier troubleshooting.
Network Connectivity Center - The Google Cloud console now lets you do all of the following: See a list of existing hubs Create multiple hubs Edit an existing hub's description and/or labels Previously, you could complete these actions only by using the Google Cloud CLI or the API.
Security Command Center - Security Command Center added the ability to export findings to a CSV file from the Google Cloud console. Security Command Center released two new error detectors: KTD blocked by admission controller KTD image pull failure These detectors report configuration errors that prevent the Container Threat Detection service from functioning properly.
Service Mesh - Managed Anthos Service Mesh. The rollout of version 1.15 for managed Anthos Service Mesh has completed in all regions.
Anthos Service Mesh - Managed Anthos Service Mesh. The rollout of version 1.15 for managed Anthos Service Mesh has completed in all regions.
SAP Solutions - New SAP certifications: M3 series of memory-optimized machine types For use with SAP HANA and SAP NetWeaver, SAP has now certified the Compute Engine memory-optimized M3 series machine types.
Cloud Spanner - Cloud Spanner now supports cross-region and cross-project backup use cases.
Cloud Speech-to-Text - Speech-to-Text has updated its pricing policy.
Cloud Storage - You can now use the Google Cloud console to get role recommendations and policy insights for buckets. Expanded Cloud Storage monitoring dashboards are now available in Preview. The Autoclass feature is now available. gcloud storage GA release 1.1 is now available.
Cloud Text-to-Speech - Text-to-Speech now offers these new voices.
Cloud Trace - The Trace scatterplot now indicates traces with error codes as red.
Transfer Appliance - 4.0. Users can now use SMB to transfer data by enabling SMB file share.
Vertex AI - AutoML Image Classification Error Analysis Error analysis allows you to examine error cases after training a model from within the model evaluation page. Feature Transform Engine is available in Preview. M100 Release The M100 release of Vertex AI Workbench includes the following: Fixed a bug that prevented an instance with a GPU from starting.
VPC Service Controls - Beta stage support for the following integration: Config Controller.
Virtual Private Cloud - Preview: You use the private.googleapis.com and restricted.googleapis.com VIPs to access Google APIs and services using IPv6 addresses.
Workflows - Workflows is available in the following additional regions: asia-east2 (Hong Kong, China) europe-central2 (Warsaw, Poland) europe-southwest1 (Madrid, Spain) europe-west9 (Paris, France) northamerica-northeast2 (Toronto, Canada) us-east5 (Columbus, United States) us-south1 (Dallas, United States) us-west2 (Los Angeles, United States) us-west3 (Salt Lake City, United States).
If you have suggestion, feedback or link you want to share feel free to email me at zdenko@gcpweekly.com
Have a great week,
Zdenko
Older messages
GCP Newsletter #319
Monday, November 7, 2022
Welcome to issue #319 November 7th, 2022 News Blockchain Official Blog Flare Network gives blockchain a boost with groundbreaking protocol running on Google Cloud - Flare Network launches interoperable
GCP Newsletter #318
Monday, October 31, 2022
Welcome to issue #318 October 31st, 2022 News Blockchain Node Engine Official Blog Introducing Blockchain Node Engine: fully managed node-hosting for Web3 development BigQuery Data Analytics Official
GCP Newsletter #317
Monday, October 24, 2022
Welcome to issue #317 October 24th, 2022 News Infrastructure Official Blog The new Google Cloud Region in Israel is now open - The Google Cloud region in Israel gives users low-latency access to
GCP Newsletter #316
Monday, October 17, 2022
Welcome to issue #316 October 17th, 2022 With Google Cloud Next '22 behind us, in "all 123 things announced" article is the gist or you can read more detailed/in-depth overviews in
GCP Newsletter #315
Monday, October 10, 2022
Welcome to issue #315 October 10th, 2022 News Billing Compute Engine Infrastructure Official Blog New Google Cloud Spot VM price reductions: Up to 11% off already discounted - New, lower prices
You Might Also Like
How to define and revisit your career goals
Friday, November 15, 2024
Learn how to define and revisit your career goals, align them with your life objectives, and create a fulfilling professional journey that optimizes for happiness and personal growth. Sébastien Dubois
eBook: The Cyber Insurance MFA Checklist
Friday, November 15, 2024
How to Comply with the Cyber Insurance MFA Checklist
The Sequence Chat: Small Specialists vs. Large Generalist Models and What if NVIDIA Becomes Sun Microsystems
Friday, November 15, 2024
A controversial debate and a crazy thesis. ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏
Microsoft Confirms Zero-Day Exploitation of NTLM and Task Scheduler Flaws
Friday, November 15, 2024
THN Daily Updates Newsletter cover Generative AI For Dummies ($18.00 Value) FREE for a Limited Time Generate a personal assistant with generative AI Download Now Sponsored LATEST NEWS Nov 13, 2024
Post from Syncfusion Blogs on 11/13/2024
Friday, November 15, 2024
New blogs from Syncfusion Celebrating 75 Blogs of Chart Excellence: A Journey with Syncfusion Charts By Saravanan Madheswaran Syncfusion's Chart of the Week blog series hits 75. This blog
⚙️ Self-driving cabs in LA
Friday, November 15, 2024
Plus: The impact of algorithmic discrimination
Introducing the "Art of Data" Book and Speaking Tour 🌎
Friday, November 15, 2024
Be the first to get access to Visual Capitalist's data storytelling secrets, before time runs out. View Online | Subscribe | Download Our App "The Art of Data" The Secrets to Data
21 Cranium-Catching Bitcoin Marketing Ideas For Dummies Savvyies
Friday, November 15, 2024
Top Tech Content sent at Noon! How the world collects web data Read this email in your browser How are you, @newsletterest1? 🪐 What's happening in tech today, November 13, 2024? The HackerNoon
Last chance: The future of access management webinar
Friday, November 15, 2024
Join us today! ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏
Top Tech Deals 👀 Roku Ultra, iPhone 14, Jackery, and More!
Friday, November 15, 2024
Buy something you'll love. How-To Geek Logo November 13, 2024 Top Tech Deals: Roku Ultra, iPhone 14, Jackery, and More! Buy something you'll love. It seems like Black Friday deals start a