Welcome to issue #440 March 3rd, 2025

News

Evaluate gen AI models with Vertex AI evaluation service and LLM comparator - Vertex AI evaluation service and LLM Comparator are tools that help evaluate and compare generative AI models. Vertex AI evaluation service allows users to define custom metrics and perform pairwise evaluations, while LLM Comparator provides human-in-the-loop evaluation capabilities with visualizations and insights.

Announcing Terraform providers for Oracle Database@Google Cloud - The new Terraform providers for Oracle Database@Google Cloud enable users to deploy and manage Oracle Autonomous Database and Oracle Exadata Database Service resources using the Google Terraform provider.

Enhancing AlloyDB vector search with inline filtering and enterprise observability - AlloyDB vector search now includes inline filtering, a major performance enhancement for filtered vector search. Inline filtering automatically combines vector indexes and traditional indexes on metadata columns to achieve better query performance.

Introducing the new Google Cloud Trace Explorer - The new Cloud Trace explorer, part of Google Cloud Observability, offers advanced querying and visualization of trace data for service-oriented investigations.

Announcing Claude 3.7 Sonnet, Anthropic’s first hybrid reasoning model, is available on Vertex AI - Anthropic's Claude 3.7 Sonnet, the first hybrid reasoning model, is now available on Vertex AI. It combines rapid responses with step-by-step reasoning visible to users and is optimized for real-world use cases.

Dynamic 5G services, made possible by AI and intent-based automation - Ericsson and Google Cloud are exploring technology that simplifies operations and redefines how telecommunications companies can deliver on the promise of 5G. Intent-based service management combines AI and automation with service orchestration and assurance, enabling network resources to scale and adjust dynamically according to real-time demand.

The AI-driven telecom: How we’re powering transformation - Google Cloud is showcasing AI-driven telecom innovations at Mobile World Congress (MWC) 2025. CSPs are partnering with Google Cloud to adopt AI and lead the industry forward in terms of innovation. Google Cloud's AI-powered solutions and strategic partnerships enable CSPs to innovate and grow their businesses, from building a strong data foundation to optimizing network operations and enhancing customer experiences.

AI-powered network optimization: Unlocking 5G's potential with Amdocs - Amdocs and Google Cloud have partnered to create a new network AI operations solution called Amdocs Network AIOps. This solution uses data to help communication service providers improve their networks and customer service.

How our partners are enhancing CSP operations with AI solutions - Google Cloud and its partners are showcasing their latest AI solutions for enhancing telecommunications operations at Mobile World Congress (MWC). Partners are using AI to help CSPs optimize network performance, personalize customer experiences, automate operations, and identify new revenue streams.

Partnering with leading mobile operators for API-based phone number verification - Google Cloud and the Open Gateway Initiative (OGI) have partnered to provide Firebase developers with access to critical network CSP APIs, such as phone number acquisition and verification.

How partners are unlocking scalable audio transcription with Gemini - Gemini, a cutting-edge audio transcription solution from Google Cloud, offers scalable and accurate transcription services. It leverages advanced AI and seamless integration with Google Cloud to efficiently process large datasets, ensuring exceptional accuracy and contextual understanding. Gemini supports multiple languages and offers customizable formatting options.

Articles, Tutorials

Infrastructure, Networking, Security, Kubernetes

Cloud CISO Perspectives: Prepare early for PQC to be resilient against tomorrow’s cryptographic threats - Post-quantum cryptography (PQC) is rapidly becoming a reality, and businesses need to prepare for its adoption. PQC is the industry effort to defend against the risks posed by cryptographically-relevant quantum computers (CRQC), which could break some of today's critical cryptography.

Inter-VPC connectivity architecture patterns in Cross-Cloud Network - Cross-Cloud Network provides any-to-any connectivity leveraging Google’s software-defined global scaled backbone to connect distributed applications. Two architectural patterns are discussed: one based on VPC Network Peering, and the other on Network Connectivity Center.

How we got to 100 million cells in our global Li-ion rack battery fleet - Google has deployed over 100 million lithium-ion (Li-ion) battery cells in its global data center fleet, ensuring uninterrupted power supply and improving efficiency and lifespan.

Phishing Campaigns Targeting Higher Education Institutions - Phishing campaigns targeting higher education institutions have been observed, with attackers exploiting trust within academia to deceive students, faculty, and staff.

Enforcing Deployment Standards with Admission Controller Validation in GKE - This guide explains how to use an Admission Controller Policy to enforce validation rules when deploying resources in Kubernetes.

GKE Cost Cutting — Three Key Lookout Points to view your Potential Savings - This article highlights three key lookout points to view potential savings for GKE: cluster cost optimization, workloads at risk, and workloads rightsizing.

Diagnosing with Prakhar : k8s Node Disk Pressure | Part 2 - Kubernetes Node Disk Pressure, a common issue that can disrupt cluster performance, occurs when a node runs out of disk space or inodes. It can lead to pod evictions, scheduling failures, and performance degradation.

App Development, Serverless, Databases, DevOps

Journey to Create a CDC Solution with Google Services: Lessons Learned and Challenges Overcome - Building a Change Data Capture (CDC) solution to move real-time data from MySQL into Google BigQuery using Google services.

3 Pro Tips For Datastream - Datastream is a managed service that allows you to replicate data with default out of the box configuration. But you can go beyond!!

Big Data, Analytics, ML&AI

African super app Yassir delivers on data with BigQuery migration - Yassir, an African super app, migrated its data infrastructure to Google Cloud's BigQuery to unify data and AI, improving access, scalability, and performance. The migration allowed Yassir to consolidate data processing, deploy new AI models with Vertex AI, and implement centralized data governance controls.

Transforming data: How Vodafone Italy modernized its data architecture in the cloud - Vodafone Italy has modernized its data architecture by migrating to Google Cloud, leveraging BigQuery and a "clone and shift" approach in collaboration with Google Cloud and Amdocs.

Four missing Functions in BigQuery - And how to work around them.

Appending Nested Columns in dbt Incremental Updates on BigQuery - Workaround for managing nested columns in bq with dbt incremental updates.

Finetune Gemini to Create Reasoning Agent - Google’s Gemini 1.5 Flash model is fine-tuned to create a reasoning agent that demonstrates its “chain-of-thought” process. The model is trained on a publicly available dataset and deployed to an endpoint for inference. The process involves preparing the data, configuring a service account, submitting a tuning job, deploying the model, and sending prompts.

Data Governance with dbt, Terraform, and Dataplex: A Practical Guide to BigQuery Policy Tags

Design a Fashion Collection with Vertex AI Imagen 3 & Gemini 2.0 - How Alex Built EcoThreads’ Streetwear Line — Zero Budget, Maximum Impact.

Streamline your LangChain deployments with LangServe - LangServe is a helpful tool designed to simplify the deployment of LangChain applications as REST APIs.

Streamline your LangChain deployments with LangServe - Learn how to streamline exposing AI models using LangChain and LangServe, deployed on Google Kubernetes Engine (GKE).

Various

Investing in AI, collaboration and the next generation of leaders - Google Public Sector Live & Labs event showcased the transformative impact of artificial intelligence in government operations. Attendees learned about Google's unique full-stack approach to AI and how it can revolutionize public service delivery.

Get Google Cloud certified in 2025—and see why the latest research says it matters - Ipsos research shows that Google Cloud certifications increase career opportunities, accelerate promotion potential, and contribute to overall professional success.

Slides, Videos, Audio

Security Podcast - #212 Securing the Cloud at Scale: Modern Bank CISO on Metrics, Challenges, and SecOps.

GCP Bytes podcast - #11 In this episode we discuss; MS Data centres, BeeLink, Google Next, Google IO, AU & NZ Study Jam, Brisbane Meetup, GDG Sydney Meetup, GDG Cloud Sydney Meetup, Sunil Potti, Fastest Growing Cloud, Salesforce, Google Spend, AI Weapons, Majorana, Quantum Safe Crypto, Pixel Updates, A4X VMs.

Releases

AlloyDB - AlloyDB's cross-region replication supports up to five secondary regions. The alloydb_scann extension is updated to include the following vector search improvements in Preview: AlloyDB for PostgreSQL introduces inline filtering for vector search.

Anthos clusters on VMware - Google Distributed Cloud (software only) for VMware 1.29.1100-gke.82 is now available for download. The 1.29.1100-gke.82 release includes many vulnerability fixes.

Apigee UI - On February 27, 2025, we released an updated version of the Apigee Proxy Debug tool. Overview This release introduces a redesigned debugging experience for API proxies in the Apigee UI, which is available in Google Cloud console.

Apigee Hybrid - v1.12.4. hybrid v1.12.4 On March 1, 2025 we released an updated version of the Apigee hybrid software, 1.12.4. Bug ID Description 390258745, 388608440 Any left over Cassandra snapshots are automatically removed. Stricter class instantiation checks included in this release. v1.13.3. hybrid v1.13.3 On March 1, 2025 we released an updated version of the Apigee hybrid software, 1.13.3. Bug ID Description 396886110 Fixed a bug where the HPA max replicas could be lower than min. Stricter class instantiation checks included in this release. v1.14.1. hybrid v1.14.1 On March 1, 2025 we released an updated version of the Apigee hybrid software, 1.14.1. Bug ID Description 396886110 Fixed a bug where the HPA max replicas could be lower than min. Stricter class instantiation checks included in this release.

Artifact Registry - Artifact Registry is now enabled for use with Cloud KMS Autokey.

Cloud Asset Inventory - The following resource types are now publicly available through the ExportAssets, ListAssets, BatchGetAssetsHistory, QueryAssets, Feed, and Search (SearchAllResources, SearchAllIamPolicies).

BigQuery - You can now see a list of BigQuery API and service dependencies. You can use the best sellers and price competitiveness migration guides to transition to the newer version of the reports. BigQuery resource utilization charts provide metrics views and more chart configuration options in Preview. You can now use the @@location system variable to set the location in which to run a query.

Bigtable - Bigtable Data Boost, a serverless compute service designed for high-throughput read jobs and queries, is generally available (GA). Automated backup for Bigtable is generally available (GA).

Chronicle Security Operations - The Custom Fields feature has been rolled back.

Chronicle SOAR - Release 6.3.37 is currently in Preview. Release 6.3.36 is now in General Availability.

Colab - You can use Terraform resources to schedule notebook runs, and to manage runtimes and runtime templates.

Cloud Composer - Database retention policy is available in Cloud Composer 3. Cloud Composer 3 is now available in Stockholm (europe-north2).

Contact Center AI Platform - Patch 3.31.36 This patch does the following: Fixes an issue where the chat adapter was not appearing in the agent desktop when an incoming chat was received.

Database Migration Service - Database Migration Service for homogeneous Cloud SQL for PostgreSQL migrations now lets you migrate specific databases from your source instance.

Dataproc - New Dataproc on Compute Engine subminor image versions: 2.0.133-debian10, 2.0.133-rocky8, 2.0.133-ubuntu18 2.1.81-debian11, 2.1.81-rocky8, 2.1.81-ubuntu20, 2.1.81-ubuntu20-arm 2.2.47-debian12, 2.2.47-rocky9, 2.2.47-ubuntu22.

Datastream - Datastream now supports Salesforce as a source.

Dialogflow - Dialogflow CX (Conversational Agents) & ES: Text-to-speech used by Dialogflow now supports new Chirp HD voices. Dialogflow CX (Conversational Agents) & ES: Text-to-speech removed support for voices across European markets.

Gemini - The following Gemini in Looker features are available in Preview for Looker (original) instances on Looker 25.2 and later: Create custom Looker visualizations: The Visualization Assistant helps you generate custom formatting options for Looker visualizations by using natural language. Conversational Analytics is now available in Preview for Looker (original) and Looker (Google Cloud core) instances on Looker 25.0 and later that have both Studio in Looker and Gemini in Looker enabled.

IAM - Workforce Identity Federation can map up to 400 groups from Microsoft Entra ID.

GKE new features - New recommendations of NODE_SA_MISSING_PERMISSIONS subtype are added to the portfolio of GKE Recommendations. The GKE Autopilot partner program now lets partners create and manage allowlists that correspond to specific partner workloads. Three new metrics are added for checking node and node pool status: kubernetes.io/node/status_condition: The condition of a node from the node status condition field.

Load Balancing - In typical HTTPS communication, neither the load balancer nor the backend verify each other's identity, assuming that they are within a secure perimeter and can be trusted.

Looker - Looker (original) only changes. The following Gemini in Looker features are available in Preview for instances on Looker 25.2 and later: Create custom Looker visualizations: The Visualization Assistant helps you generate custom formatting options for Looker visualizations by using natural language. Looker (Google Cloud core) and Looker (original) changes. Conversational Analytics is now available in Preview for Looker (original) and Looker (Google Cloud core) instances on Looker 25.0 and later that have both Studio in Looker and Gemini in Looker enabled.

Cloud Monitoring - On your custom dashboards, you can reduce the load time of the dashboard by using group widgets. You can now enable and disable the logging of uptime-check failures by using the log_check_failures field in the Cloud Monitoring API.

Network Connectivity Center - Producer VPC Spokes is generally available. Private Service Connect connection propagation is asynchronous after spoke creation or deletion. Private Service Connect connection propagation is generally available.

Network Intelligence Center - Flow Analyzer is available in General availability.

Cloud PubSub - You can now ingest streaming data into Pub/Sub by using an import topic, from the following external sources: Azure Event Hubs Amazon Managed Streaming for Apache Kafka (MSK) Confluent Cloud.

Security Command Center - Event Threat Detection, a built-in service of Security Command Center, has released new detectors. You can now use Organization Policy Service custom constraints to provide more granular control over specific fields for some Security Command Center resources.

Service Mesh - Managed Anthos Service Mesh. Managed Cloud Service Mesh with the Traffic Director control plane now supports configuring the network topology to use X-Forwarded-For and X-Forwarded-Client-Cert headers by MeshConfig or annotations of workloads. Managed Cloud Service Mesh. If you're a user of managed Cloud Service Mesh with the ISTIOD control plane implementation, you can now fine-tune your control plane modernization.

Cloud Spanner - Full-text search is now generally available for PostgreSQL-dialect databases.

Cloud SQL MySQL - You can now include replicas when you perform an in-place major version upgrade using gcloud or the Cloud SQL Admin API.

Cloud SQL Postgres - You can now include replicas when you perform an in-place major version upgrade using gcloud or the Cloud SQL Admin API. You can now export or import all user databases in an instance using a directory-formatted, parallel export or import operation.

Cloud Storage - Bucket relocation for Cloud Storage is generally available (GA). You can move an object within a bucket with hierarchical namespace enabled using the Objects: move method.

VMware Engine - Generally available: VMware Engine Update center on the Google Cloud console is now generally available.

VPC Service Controls - Preview stage support for the following integration: Service Usage. VPC Service Controls feature (Status: Preview): The VPC Service Controls violation analyzer lets you diagnose access denial events for services in your perimeters using an encrypted troubleshooting token generated by VPC Service Controls.

Virtual Private Cloud - Accessing supported global Google APIs through Private Service Connect backends is available in General Availability. The following Private Service Connect monitoring metrics are available for both producers and consumers in General Availability: Closed connections count Received packets dropped count Sent packets dropped count New connections count Open connections Received bytes count Received packets count Sent bytes count Sent packets count Additionally, the NAT IP address capacity metric is available for producers in General Availability. Private Service Connect propagated connections are available in General Availability.

Workflows - v1. Support to create and manage tags is available.