Welcome to issue #425 November 18th, 2024

News

65,000 nodes and counting: Google Kubernetes Engine is ready for trillion-parameter AI models - Google Kubernetes Engine (GKE) now supports clusters with up to 65,000 nodes, offering more than 10X larger scale than the other two largest public cloud providers. This unmatched scale enables customers to train trillion-parameter AI models and run five jobs in a single cluster, each matching the scale of Google Cloud's previous world record for the world’s largest training job for LLMs.

A new flexible DNS-based approach for accessing the GKE control plane - Google Cloud has introduced a new DNS-based endpoint for accessing the Google Kubernetes Engine (GKE) control plane. This new approach eliminates the need for bastion hosts or proxy nodes, allowing authorized users to access the control plane from different clouds, on-prem deployments, or from home. Access to the control plane is protected via IAM policies and can be further enhanced with VPC Service Controls, providing a multi-layer security model.

AlloyDB Omni supercharges performance: Faster transactions, analytics, and vector search - AlloyDB Omni version 15.7.0 brings significant enhancements for PostgreSQL workflows. It offers faster performance, an ultra-fast disk cache for improved memory management, an enhanced columnar engine with expanded storage options, and the general availability of ScANN vector indexing for rapid vector queries. Additionally, the new release of the AlloyDB Omni Kubernetes operator provides more configuration options and support for high availability and log rotation.

What’s new with HPC and AI infrastructure at Google Cloud - Google Cloud is rapidly advancing its high-performance computing (HPC) capabilities, providing researchers and engineers with powerful tools and infrastructure to tackle the most demanding computational challenges. Key developments include the next generation of HPC VMs with improved scalability and performance, Parallelstore, a fully managed, scalable, high-performance storage solution based on next-generation DAOS technology, A3 Ultra VMs with NVIDIA H200 Tensor Core GPUs for GPU-based HPC workloads, and Trillium, Google's sixth-generation TPU, which delivers significant improvements in training performance, inference throughput, and energy efficiency.

Shift-left your cloud compliance auditing with Audit Manager - Google Cloud's Audit Manager service is now generally available. It digitizes and streamlines the compliance auditing process, providing clear shared responsibility outlines, automated compliance assessments, audit-ready evidence, and actionable remediation guidance. Audit Manager supports popular industry and regulatory frameworks, including NIST 800-53, ISO, SOC, and CSA-CCM. Deutsche Börse Group, a customer of Google Cloud, has successfully used Audit Manager to automate cloud controls and provide auditable evidence for compliant usage of Google Cloud resources.

Dataproc Serverless: Now faster, easier and smarter - Dataproc Serverless now offers faster performance with native query execution in the Premium tier, improving query performance by ~47% in tests. It also introduces a built-in Spark UI for seamless monitoring and troubleshooting, eliminating the need for setting up and maintaining persistent history servers.

Use AI to build AI: Save time on prompt design with AI-powered prompt writing - Vertex AI introduces AI-powered prompt writing tools to streamline prompt engineering for generative AI models. The Generate prompt feature creates comprehensive prompts from simple objectives, while the Refine prompt feature provides AI-powered suggestions for prompt improvement based on user feedback.

Transforming DoD's data utilization with generative AI - Google Cloud's generative AI solutions are designed to transform data utilization within the Department of Defense (DoD). These solutions address the DoD's unique requirements, such as stringent security standards and the need for seamless integration into existing infrastructure. Google's AI capabilities provide actionable insights from diverse data sources, enabling data-driven decision-making. The enterprise search solution consolidates data access, enhances discoverability, and delivers rapid, accurate insights, supporting the DoD's mission and strategic advantage.

Unlocking LLM training efficiency with Trillium — a performance analysis - Trillium, Google's sixth-generation Tensor Processing Unit (TPU), delivers up to 1.8x better performance-per-dollar compared to the previous-generation Cloud TPU v5p. Trillium achieves 99% scaling efficiency, outperforming Cloud TPU v5p's 94% scaling efficiency. Trillium lowers the cost to train by up to 1.8x (45% lower) compared to TPU v5p while delivering convergence to the same validation accuracy.

Dataplex Automatic Discovery makes Cloud Storage data available for Analytics and governance - Dataplex, a unified platform for intelligent data to AI governance, now offers automatic discovery and cataloging of Google Cloud Storage data. This feature helps organizations locate valuable data assets, harvest metadata, and enable analytics for data science and AI use cases at scale. By eliminating the challenges associated with dark data, Dataplex empowers businesses to make data-driven decisions with confidence.

Secure your data ecosystem: a multi-layered approach with Google Cloud - New ebook, "Building a Secure Data Platform with Google Cloud," explores many data security capabilities within Google Cloud and how they can support data-based innovation strategies.

Join our upcoming Security Talks to unlock the Defender's Advantage - Join our upcoming Security Talks, a virtual event packed with insights and strategies to help you proactively secure your business. Our Google Cloud security experts will share the latest threat intelligence, cutting-edge defense strategies, and innovative cloud security solutions. Sign up now to reserve your virtual seat on Tuesday, Nov. 19. Security Talks is 100% digital and free to attend.

Google Cloud deepens its commitment to security and transparency with expanded CVE program - Google Cloud is expanding its commitment to security and transparency by issuing CVEs for critical Google Cloud vulnerabilities, even when they don't require customer action or patching. These CVEs will be annotated with the "exclusively-hosted-service" tag to help users easily recognize them. CVEs will continue to be published on the Security Bulletins site.

Articles, Tutorials

Infrastructure, Networking, Security, Kubernetes

Cloud CISO Perspectives: The high security cost of legacy tech - Google Cloud’s CISO and senior director of product management for Google Workspace discuss the high security costs of legacy technology. Legacy tech increases business and security risks, with 81% of organizations experiencing at least one security incident per year. Adopting modern technology can eliminate entire classes of threats and improve business outcomes. Customer examples of Trellix, the city of Dearborn, and Humana illustrate the benefits of modernizing.

Pirates in the Data Sea: AI Enhancing Your Adversarial Emulation - This blog post discusses how artificial intelligence (AI) and large language models (LLMs) can be used to enhance adversarial emulation and improve cybersecurity.

Emerging Threats: Cybersecurity Forecast 2025 - The Cybersecurity Forecast 2025 report from Google Cloud provides insights into anticipated threats and cybersecurity trends for the coming year. It highlights the increasing use of AI by threat actors for sophisticated attacks, the potential impact of AI on information operations, and the continued prevalence of ransomware and multifaceted extortion.

How Verve achieves 37% performance gains with C4 machines and new GKE features - Verve, a creator of digital advertising solutions, achieved a 37% performance improvement by integrating C4 machines into their core infrastructure. C4 VMs, built on the latest Intel Xeon Scalable processors, deliver exceptional performance for latency-sensitive workloads.

Empower your teams with self-service Kubernetes using GKE fleets and Argo CD - This blog post provides a guide to setting up a robust multi-cluster infrastructure using GKE fleets, Argo CD, Connect Gateway, Workload Identity, and GKE Enterprise Teams. It explains how to create a GKE fleet with application and control clusters, deploy Argo CD on the control cluster, configure GKE Enterprise Teams for granular access control, and install and leverage the fleet-argocd-plugin to manage the secure, multi-cluster fleet with team awareness.

How to Accelerate Cloud Migrations at Scale - Deciding what migration activity to centralise versus federate. How to leverage the CCoE to deploy artefacts that speed up migration.

Witch Quotas on GCP to Prevent Unexpected Billing Surprises - How Terraforming Quota Management Can Prevent Unexpected Cloud Expenditure.

Google Axion is a game-changer — let me show you why - Google Axion, built on Arm Neoverse V2 CPU architecture, delivers significant performance leaps for general-purpose workloads. Its Titanium subsystem offloads key platform operations, enhancing performance for customer workloads. Axion offers a compelling price-to-performance ratio, outperforming competitors while being among the most affordable options.

App Development, Serverless, Databases, DevOps

How to deploy Llama 3.2-1B-Instruct model with Google Cloud Run GPU - Deploy the Meta Llama 3.2 1B Instruction model on Cloud Run with NVIDIA GPUs. This guide provides step-by-step instructions for local model testing, deployment, and cold start improvements using Cloud Storage FUSE.

Authenticate Google Cloud In Docker Without Getting Your Creds Stolen - Avoid GCP 401 errors — and security concerns — by passing project credentials into your Docker image the right way.

From Chaos to Clarity: Mastering Alerting Policy Documentation - Alerting policy documentation is essential for effective incident response and minimizing downtime. It should include the purpose of the alert, trigger conditions, severity, escalation path, actionable steps, related resources, owner, and review schedule. To create alerting policy documentation, you can use the Google Cloud Console, the Cloud Monitoring API, or the Google Cloud CLI.

How to Add Google Login in React Native: A Step-by-Step Guide - This guide takes you through the process of setting up Google Login in React app, including setting up the Google API Console project, configuring your app, and handling common errors.

Managing Firebase Costs on High Traffic Applications: An Ultimate Guide to Keeping Your Budget Happy! - This guide provides practical tips, code examples, and error handling techniques to optimize Firebase for scale without breaking the bank. From optimizing Firestore reads and writes to caching data locally, using Firebase Functions wisely, optimizing authentication flows, and enabling data compression for storage, each step contributes to a more cost-effective Firebase experience.

Building Resilient Systems on Google Cloud Platform: An Engineer’s Guide - This guide provides key strategies and coding practices for building resilient systems on GCP, covering topics such as regions and zones, platform availability, and infrastructure stack. Real-world scenarios illustrate the application of these principles in practice.

Customizing Retry Predicates in Google Cloud Python Libraries - This blog post explores how the Google Cloud's Python libraries interact with custom retry predicates, allowing you to customize the retry behavior to better meet your specific requirements.

ABAP SDK for Google Cloud: Productivity Booster Series — Part 1 - Sharing productivity boosters when using ABAP SDK for Google Cloud, including tips, tricks, and code snippets.

Big Data, Analytics, ML&AI

Data loading best practices for AI/ML inference on GKE - Accelerate data loading for AI/ML inference apps on GKE by using secondary boot disks to cache container images and Cloud Storage Fuse or Hyperdisk ML to load models and weights from Google Cloud Storage. This can significantly reduce startup times and improve the overall performance of your AI/ML inference workloads.

How Deutsche Bank built a new retail data platform on Google Cloud - Deutsche Bank built a new retail data platform (PBDP) on Google Cloud to gain insights into customer preferences and needs. The PBDP serves as a central and holistic data platform with flexible data modeling options, an analytical workplace for exploration and analysis, and easy data ingestion using real-time events and daily batch processes. It provides a foundation for simple, central data retrieval, improving data quality and reliability, and making data sharing more cost-efficient.

How PUMA leverages built-in intelligence with BigQuery for greater customer engagement - PUMA, a leading sportswear company, leverages the power of Google Cloud's BigQuery to enhance customer engagement through advanced audience segmentation. By utilizing machine learning capabilities, PUMA creates custom predictive models that analyze first-party data, enabling them to identify users with a high purchase propensity.

Taming the Data Chaos: A Deep Dive into Google Cloud’s Data Lineage API - An overview of Data Lineage API, with code samples.

Custom Dataproc Spark Monitoring Dashboard: Keep Your Spark Jobs Humming - Custom Dataproc Spark Monitoring Dashboard helps you monitor and troubleshoot your Spark jobs on Dataproc. It provides insights into job performance, resource utilization, and autoscaling. The dashboard is easy to set up and use, and it can be customized to meet your specific needs. With this dashboard, you can quickly identify and resolve issues with your Spark jobs, ensuring that they run smoothly and efficiently.

Understanding Windowing in Apache Beam: DataFlow - This article explores what windowing is, why it’s necessary for Apache Beam, and how to use it effectively in your data processing pipelines.

Write Manageable Queries With The BigQuery Pipe Syntax - Google just recently rolled out an experimental feature for BigQuery SQL, named pipe syntax.

Essential BigQuery SQL Tips for GA4 Analysis - This guide provides essential BigQuery SQL tips for analyzing Google Analytics 4 (GA4) data. It covers understanding GA4's data structure in BigQuery, handling nested fields, and extracting meaningful insights. The guide is designed for beginners and offers step-by-step instructions to get started quickly.

Discover the Underlying Drivers of Multichannel Retail Sales Performance with BigQuery BQML Contribution Analysis and Looker Studio - Discover the underlying drivers of multichannel retail sales performance with BigQuery's Contribution Analysis and Looker Studio. By comparing test and control datasets, Contribution Analysis identifies which segments have the most significant impact on key business metrics. This enables businesses to focus on the factors that truly influence performance, such as promotions, channels, or regions. The model output can be exported to Looker Studio for visual representation and further analysis, helping retailers prioritize interventions and optimize marketing campaigns.

BigQuery Table-Level Quota Alerts: A Step-by-Step Guide - BigQuery users can closely monitor table modifications (LOAD, COPY, and certain SELECT queries) to manage quotas and ensure optimal performance. This guide outlines a solution using scheduled queries and Google Cloud Monitoring to create a robust table-level quota alert system. It includes steps on setting up a scheduled query, creating a destination table, configuring a Cloud Monitoring metric, and creating an alert policy. Customizations can be made to fit specific table monitoring needs, and the approach can be adapted if future BigQuery updates introduce quotas for DML statements.

Utilising Dataform’s config blocks with partition expiry to separate test logic and get billed less at the same time - Dataform's config blocks with partition expiry can separate test logic and reduce billing costs. This technique efficiently manages rolling tables and table-based configurations across different execution profiles.

Tricks for Visualizing BigQuery Data Protected by VPC Service Controls in LookerStudio - This article provides tips and tricks for securely visualizing such data in Looker Studio while maintaining the integrity of your environment. The key steps include setting up the Looker Studio Service Agent, creating a Service Account, adding the Service Account as an authorized principal in the VPC Service Controls settings, and configuring data credentials in Looker Studio. By following these steps, you can securely visualize data protected by VPC Service Controls in Looker Studio.

BigQuery HLL: How we cut COUNT(DISTINCT) query costs by 93% using HyperLogLog - COUNT(DISTINCT) is a fundamental operation, but it doesn’t scale efficiently — so we turned to HLL to address this challenge.

LLM Guard and Vertex AI - LLM Guard is a comprehensive security toolkit for LLMs, offering input and output scanners for sanitization, harmful language detection, data leakage prevention, and more. It integrates with Vertex AI, allowing users to securely interact with LLMs and protect sensitive information. LLM Guard also includes anonymize and de-anonymize scanners to ensure personal data is not shared with the LLM.

Build GenAI Prototypes with Streamlit - Build GenAI prototypes quickly and easily with Streamlit, a simple Python GUI framework. Integrate with Generative AI APIs like Gemini to generate text, images, and code. Customize your prototypes with features like PDF upload and more. Share your prototypes with colleagues or leadership to demonstrate your GenAI ideas.

Universal Data Platform Management: Understanding and Allocating BigQuery Autoscale Slot Costs in Enterprise Environments - This article discusses the challenge of managing and allocating costs in modern enterprise data platforms, particularly when dealing with shared resources like BigQuery slots. It proposes a data-driven solution that combines data from the INFORMATION_SCHEMA.RESERVATION_TIMELINES view with Google Cloud Billing extract data to create a fair and transparent cost allocation model.

Various

How cloud and AI are bringing scale to corporate climate mitigation and adaptation - Cloud and AI technologies offer the potential to unlock climate change solutions that can be both transformational and global in scale. Businesses are using AI to measure business performance, optimize operations and supply chains, identify cleaner business models, and build more sustainably. Google Cloud is committed to helping organizations of all sizes achieve their sustainability goals, with cloud, data analytics, and AI.

Releases

Secure Source Manager - Secure Source Manager supports Workforce Identity Federation.

Security Command Center - You can now view the configurations that determine the resource values of your high-value resource set. The Defense Evasion: Rootkit detector of Virtual Machine Threat Detection is in General Availability. The application steps to activate the Security Command Center Enterprise tier have been streamlined. As of December 9, 2024, if you activate Security Command Center within an organization for the first time, then you must use only version 2 of the Security Command Center API in that organization. The Vulnerability management dashboard was enhanced to include information about containers with exploitable vulnerabilities. Starting October 24, 2024, the IAM Recommender service is enabled by default when activating Security Command Center.

Sensitive Data Protection - The current default STREET_ADDRESS infoType detection model, which is available when InfoType.version is set to latest or stable, is now also used when InfoType.version is set to legacy. The current default ORGANIZATION_NAME infoType detection model, which is available when InfoType.version is set to latest or stable, is now also used when InfoType.version is set to legacy.

Service Mesh - 1.20.x. In-cluster Cloud Service Mesh 1.20 is no longer supported. 1.20.8-asm.10 is now available for in-cluster Cloud Service Mesh. 1.23.x. 1.23.3-asm.2 is now available for in-cluster Cloud Service Mesh. 1.22.x. 1.22.6-asm.2 is now available for in-cluster Cloud Service Mesh. 1.21.x. 1.21.5-asm.12 is now available for in-cluster Cloud Service Mesh. 1.20.x & 1.21.x & 1.22.x & 1.23.x. This release fixes a bug in the distroless proxy container.

Cloud SQL Postgres - You can now register an AI model endpoint, generate vector embeddings, and invoke predictions by using model endpoint management in Cloud SQL. You can now create custom organization policies for the BackupRun resource in Cloud SQL instances. You can now have Cloud SQL create a Private Service Connect endpoint automatically instead of creating the endpoint manually after the instance is created.

Cloud Storage - You can now use the x-amz-decoded-content-length header to allow an XML API upload that uses chunked transfer encoding to include a signature in its Authorization header. Bucket IP filtering for Cloud Storage is now available in Preview.

Cloud Text-to-Speech - Journey Voices now supports the de-de, en-gb, en-in, es-us, fr-ca, fr-fr, and it-it locales.

VPC Service Controls - VPC Service Controls feature (Status: Preview): VPC Service Controls adds support for using groups of third-party identities in ingress and egress rules to allow access to resources protected by service perimeters.

AlloyDB - AlloyDB free trial clusters are now available in all regions. The extension vector, which includes pgvector functions and operators, is updated to version 0.7.4. AlloyDB now supports up to 128 TiB storage per cluster in all regions where AlloyDB is available. If you are dropping an AlloyDB database that is larger than 64 TiB, then any write operations on other AlloyDB databases are paused until the drop operation is completed.

Anthos Config Management - Config Controller now uses the following versions of its included products: Config Connector v1.124.0, release notes.

GDCV for VMware - Google Distributed Cloud (software only) for VMware 1.29.800-gke.108 is now available for download. Added support for configuring the GKE Identity Service to enforce a minimum transport layer security (TLS) version of 1.2 for HTTPS connections. The following issue is fixed in 1.29.800-gke.108: Fixed the issue that additional manual steps are needed after disabling always-on secrets encryption with gkectl update cluster.

Apigee Advanced API Security - On November 14, 2024 we released a new version of Advanced API Security. IP address drill down details are now available in the preview release of Advanced API Security Abuse Detection Incidents.

Apigee Hybrid - v1.13.2 On November 12, 2024 we released an updated version of the Apigee hybrid software, 1.13.2. Bug ID Description 373722434 Fixed support for backups to GCS buckets with retention policies. Bug ID Description N/A Security fixes for apigee-redis.

AppEngine Flexible - .NET - .NET 6 has reached end of support.

Artifact Registry - The Container Registry -> Artifact Registry Migration Admin role simplifies the IAM roles required for the transition from Container Registry to Artifact Registry.

Cloud Asset Inventory - The following resource types are now publicly available through the ExportAssets, ListAssets, BatchGetAssetsHistory, QueryAssets, and Feed APIs - Cloud Build. The following resource types are now publicly available through the ExportAssets, ListAssets, BatchGetAssetsHistory, QueryAssets, Feed, and Search (SearchAllResources, SearchAllIamPolicies) APIs - Dataplex.

Assured Workloads for Goverment - The CJIS control package now supports the following products.

Batch - Dependent jobs are available in Preview.

BigQuery - The following BigQuery ML features are now available: Creating remote models based on the Vertex AI gemini-1.5-flash and gemini-1.5-pro models. You can try Gemini in BigQuery at no charge until January 27, 2025. The following BigQuery ML features are now available: 1) Creating remote models based on the Vertex AI gemini-1.5-flash and gemini-1.5-pro models. 2) Using the ML.GENERATE_TEXT function with these remote models to perform generative natural language tasks for text stored in BigQuery tables. 3) Using the ML.GENERATE_TEXT function with these remote models to perform generative AI tasks, for example audio transcription or document classification, using image, video, audio, PDF, or text content stored in BigQuery object tables. You can perform supervised tuning on a remote model based on a Vertex AI Gemini 1.5 flash or Gemini 1.5 pro model.

Capacity Planner - Preview: You can view and export historical utilization of on-demand and future reservations in your project, folder, or organization.

Cloud Composer - A new Cloud Composer release has started on November 13, 2024. Airflow 2.10.2 is available in Cloud Composer. (Airflow 2.7.3) Backported #35887 to fix an issue that occurred during the DST transition. Improved the error message generated when a Cloud Composer 3 environment creation fails because of missing permissions. (Airflow 2.10.2 and 2.9.3) The apache-airflow-providers-google package was upgraded to version 10.25.0 in Cloud Composer 2 images and Cloud Composer 3 builds. (Airflow 2.10.2 and 2.9.3) The apache-airflow-providers-cncf-kubernetes package was upgraded to version 9.0.1 in Cloud Composer 2 images and Cloud Composer 3 builds. New Airflow builds are available in Cloud Composer 3: composer-3-airflow-2.10.2-build.0 composer-3-airflow-2.9.3-build.7 (default) composer-3-airflow-2.7.3-build.23. New images are available in Cloud Composer 2: composer-2.9.11-airflow-2.10.2 composer-2.9.11-airflow-2.9.3 (default) composer-2.9.11-airflow-2.7.3. Support dates for previous Cloud Composer 3 builds are available.

Compute Engine - Preview: The OS policy orchestrator feature in VM Manager lets you manage OS policy assignments across projects and zones at scale in large organizations.

Config Connector - Config Connector version 1.125.0 is now available. New Beta resources (direct reconciler) BigQueryConnectionConnection Manage connections to connect to Google services and external data sources BigQueryAnalyticsHubDataExchange Manage data exchange to enable self-service data sharing PrivilegedAccessManagerEntitlement Manage entitlements to grant for projects, folders, and organizations WorkstationCluster Manage workstation cluster to define a group of workstations in a particular region and the VPC network they're attached to. Added cluster mode to manage the rate-limit for the Config Connector requests You can set the rate-limit for the reconciling requests to the kube-apiserver in Cluster and Namespace mode. SQLInstance Reconciliation Improvements You can use the alpha.cnrm.cloud.google.com/reconciler: direct annotation on the SQLInstance CR object to opt-in the direct controller. ComputeFirewallPolicyRule Reconciliation Improvements You can use the alpha.cnrm.cloud.google.com/reconciler: direct annotation on the ComputeFirewallPolicyRule CR object to opt-in the direct controller, which fixes the targetResources error "required value priority could not be found". AlloyDBInstance Added spec.networkConfig.enableOutboundPublicIp field. Issue 3007 ComputeBackendService cannot refer clientTLSPolicy due to invalid format. Issue 2973 kubelet_config has insecure_kubelet_readonly_port_enabled: true set even if not configured in the ContainerNodePool object.

Contact Center AI Platform - Flutter for the Mobile SDKs You can now use Flutter to help you integrate the Mobile SDKs (the Android SDK and the iOS SDK) into your Android or iOS app. Mobile SDK 2.10 is released Mobile SDK 2.10 includes the following updates: iOS SDK: Text resizing.

Contact Center AI Insights - Contact Center AI Insights now offers Analysis rules as a preview feature to customize your conversation analyses.

Dataproc - Announcing the General Availability (GA) of Flexible shapes for Dataproc secondary workers which allows you to provide a ranked selection of machine types to use for the creation of VMs. Announcing the General Availability (GA) of Spot and non-preemptible VM mixing for Dataproc secondary workers which allows you to mix spot and non-preemptible secondary workers when you create a Dataproc cluster.

Datastream - Datastream now supports global transaction identifier (GTID)-based replication for MySQL sources.

Dialogflow - Data store tools: You can now optimize the RAG performance of data store tools used by Playbooks. Dialogflow CX: New feature Context token limits has been added to Agent Settings > Generative AI. Generators and data store handlers: The model gemini-1.5-flash-002 is now GA. Data store handlers: The default generative model has been changed to gemini-1.5-flash-001.

Cloud Data Loss Prevention - The current default STREET_ADDRESS infoType detection model, which is available when InfoType.version is set to latest or stable, is now also used when InfoType.version is set to legacy. The current default ORGANIZATION_NAME infoType detection model, which is available when InfoType.version is set to latest or stable, is now also used when InfoType.version is set to legacy.

Gemini - IntelliJ Gemini Code Assist is now a separate extension from Cloud Code. You can now automatically or manually assign Gemini Code Assist licenses.

Backup for GKE - Backup for GKE now supports backing up and restoring Hyperdisk throughput, extreme, and balanced types volumes.

Google Kubernetes Engine - (2024-R44) Version updates GKE cluster versions have been updated. Clusters now have unified and flexible configuration, allowing you to modify control plane access and cluster node settings at any time, without the need to recreate the cluster. DNS-based access for GKE clusters control plane is now generally available.

GKE new features - DNS-based access for GKE clusters control plane is now generally available.

Load Balancing - Cloud Load Balancing resources now let you use custom constraints to define your own restrictions on Google Cloud services.

Looker - Looker (Google Cloud core) only changes. You can now use the Google Cloud console to create a Looker (Google Cloud core) Private Service Connect instance.

Memorystore for Redis Cluster - Instances that use 1, 2, or 4 shards are now Generally Available. Added support for Node-level monitoring metrics (Generally Available).

Migration Center - The discovery client 6.3.4 is available with new features and bug fixes. The discovery client disk usage collection in Linux and Windows VMs has been enhanced for improved accuracy in disk reporting. ESX CPU hyperthreading detection is now supported in the collection of inventory level data from vCenter. Reduced potential performance impact of the guest collection script on target Linux VMs by setting scripts to execute with a higher nice level. Reduced potential performance impact of the guest collection script on target Windows VMs by optimizing the collection script. Fixed an issue that caused Linux guest collection to report incorrect disk space in some cases by excluding network mounts and temporary file systems, and incorrectly calculating logical volumes. Fixed an issue that caused UDP connections on Windows to not be uploaded to Migration Center. Fixed an issue that caused VMs with a very large number of running processes, services, installed applications, or open files handlers, to be reported incorrectly to Migration Center.

Cloud Monitoring - Dashboard variables and dashboard-level filtering is now GA.

Cloud Run - The in-memory volume type is now generally available (GA) for Cloud Run services and jobs.