Welcome to issue #253 August 2nd, 2021

News

The new Google Cloud region in Melbourne is now open - The new Google Cloud region in Melbourne adds a second region to Australia, supporting economic growth in the region.

Introducing improved maintenance policy for Cloud Memorystore - Reduce maintenance downtime and get more control with Cloud Memorystore.

Building with Looker made easier with the Extension Framework - The Extension Framework is a fully hosted development platform that enables developers to build any data-powered application, workflow or tool right in Looker. By eliminating the need to spin up and host infrastructure, the Extension Framework lets developers focus on building great experiences for their users.

What’s new with Google Cloud’s infrastructure - Q2 edition - A roundup of the Q2 news and announcements from the compute, networking, storage and container products that make up Google Cloud’s IaaS.

Introducing Cloud Build private pools: Secure CI/CD for private networks - With new private pools, you can use Google Cloud’s hosted Cloud Build CI/CD service on resources in your private network or in other clouds.

Introducing the new Firebase JS SDK - New web Firebase Javascript SDK libraries are up to 80% smaller.

Announcing the Blue and Raman subsea cable systems - The Blue and Raman subsea cable systems will link the Middle East with southern Europe and Asia.

SAP and Google Cloud: The next chapter begins - SAP and Google Cloud are expanding their partnership through the RISE with SAP program.

Hey Google, show me the future of retail - Google Cloud’s Retail Summit offers an optimistic vision of retail’s future.

Easy data blending, intelligent reporting leveraging Google Cloud to extend Anaplan Planning - Anaplan Connected Planning Platform is now integrated into Google Cloud, including with BigQuery and Google Sheets.

Delivering API stability with Google Enterprise APIs - Google Cloud follows new API stability tenets that work to minimize unexpected deprecations to our Enterprise APIs.

Data protection in transit, in storage, and in use - Whether you're handling highly regulated financial services data, or sensitive pictures from your customers, or need to protect high-value intellectual property, check out confidential computing and hear more about how it works on this episode of Cloud Security Podcast.

Strengthening our workplace with neurodiverse talent - Google Cloud launches a career program for people with autism designed to hire and support more talented people with autism in the rapidly growing cloud industry.

Articles, Tutorials

Infrastructure, Networking, Security, Kubernetes

Why retailers should run in our trusted cloud - Digital retail is the new normal. So how do brands make the best of a cloud transition while keeping themselves and their customers safe and secure?

Compliance Engineering - From manual attestation to continuous compliance - Cloud technology opens up new avenues of compliance automation.

Securing the software development lifecycle with Cloud Build and SLSA - Google’s proposed SLSA framework provides guidance on how to build a more secure software supply chain.

Getting the most out of Cloud IDS for advanced network threat detection - Follow these steps to get the most out of cloud-native, managed, network-based threat detection with Google Cloud IDS.

Let's migrate: why lifting and shifting is simply too easy to ignore - Maximise the velocity and success of your cloud migration by starting with lift and shift.

A container story - Google Kubernetes Engine - Like virtual machines, containers enable you to package your application together with libraries and other dependencies, providing isolated environments for running your software services; the similarities end here as containers offer a far more lightweight unit for developers and IT Ops teams to work with.

Exploring ArgoCD for deployment in GKE (or any Kubernetes Cluster) - Exploring ArgoCD for deployment in GKE (or any Kubernetes Cluster).

Launching Collie — Your Open-Source CLI for Cloud Governance - Collie is an open-source CLI tool that helps you as an enterprise architect or platform engineer get an overview of multi-cloud projects.

Building Docker images with GitHub Actions and Google Cloud - Building Docker images with Google Cloud Build and pushing them to Google Cloud Registry using GitHub Actions as part of your CI pipeline.

App Development, Serverless, Databases, DevOps

Elevate customer and driver experiences with improved accuracy, reliability, and travel modes - When users book a ride or order food, they want a seamless experience and real-time accurate updates. Today, we’re taking a closer look into data quality improvements for location, time and distance accuracy, and motorbike routes.

Unlocking the next level of app stability with Firebase Crashlytics - Real-time crash reporting in Firebase Crashlytics allows you to quickly triage and troubleshoot any bugs in your app by gathering and grouping crashes based on where they occurred in your app’s code.

All you need to know about Datastream - Learn about Datastream: Serverless and easy-to-use change data capture and replication service.

Best practices for dependency management - This article describes a set of best practices for managing dependencies of your application, including vulnerability monitoring, artifact verification, and steps to reduce your dependency footprint and make it reproducible.

Cloud Run Continous Deployment and Domain Mapping - A process of setting Continuous Deployment for Cloud Run.

Remote development with PyCharm and Google Cloud - Data Scientists guide to setting up remote development with PyCharm and GCP.

Import CSV into Firebase Firestore without Code - Using Firefoo tool to import data from CV file to Firestore.

AppSheet + AppScript for sports videography highlights tracking - Creating a simple system to track special video events in the sports competition.

Cloud build notifications in Google Chat - Receive build notifications from Cloud Build to your Google Chat room.

Mount a file as a volume in Cloud Run - Simulation mounting of a volume in Cloud Run through Secret Manager.

Use cases for troubleshooting access problems on Google Cloud - This document describes how to use Google Cloud tools to troubleshoot use cases related to problems accessing Google Cloud resources.

Big Data, Analytics, ML&AI

How LiveRamp scales identity data management in the cloud - LiveRamp simplifies data operations, and enable customers to connect, control, and activate user data safely and securely with CDAP and Data Fusion.

Creating a Dataproc cluster: considerations, gotchas & resources - This article discusses focus areas users should consider in their efforts to successfully create a reliable, reproducible, and consistent cluster.

From Zero to Hero: End-to-end automated Analytics workload using Cloud Functions — Data Fusion — BigQuery and Data Studio - How to trigger an automated end-to-end data loading, transformation, warehousing, and data visualization process in GCP in 30 mins.

How to configure the “Export Collections to BigQuery” extension and use SQL “full” power on your… - Real-time sync with Firestore and BigQuery using Firebase extension.

How to Sync data from MySQL to BigQuery - The purpose of this blog is to provide information on how data can be synced/replicated to BigQuery for data warehouse purposes.

BigQuery Admin reference guide: Query processing - An in depth view of query processing in BigQuery.

Design considerations for SAP data modeling in BigQuery - Learn how to model your SAP data inside of BigQuery, Google Cloud’s serverless data warehouse.

Load data from Stripe to BigQuery - Synchronize the data from Stripe to BigQuery using Stripe Sigma and Cloud Functions.

Explaining a BigQuery ML model - How to obtain and interpret explanations of predictions.

New to ML: Learning path on Vertex AI - If you're new to ML, or new to Vertex AI, this post will walk through a few example ML scenarios to help you understand when to use which tool, going from ML APIs all the way to custom models and MLOps for taking them into a production system.

Monitor models for training-serving skew with Vertex AI - This blog post focuses on how Vertex AI enables one of the core aspects of MLOps: monitoring models deployed in production for training-serving skew.

The Making of an AI Storyteller - How to prepare data and fine-tune a T5 model for story generation on Google AI Platform.

See what Video Intelligence API can do with this visualisation tool - A visualiser for the Google Cloud Video Intelligence API allows anybody to explore all of the API features.

Anomalies detection using River - From a proof of concept to predicting millions of transactions.

Various

IKEA Retail (Ingka Group) increases Global Average Order Value for eCommerce by 2% with Recommendations AI - IKEA uses Recommendations AI to provide customers with more relevant product information.

My Journey to becoming a Google Cloud Certified — Professional Cloud Architect 2021 - Background.

Book - Practical Machine Learning for Computer Vision

Built for Innovation: How Google’s Office of the CTO is Redefining Collaboration

GCP Professional Cloud Architect Certification: Guide - A journey to the Google Cloud Platform Professional Cloud Architect exam and guide through all the preps needed.

Slides, Videos, Audio

GCP Podcast - #269 Cloud Logging with Philip O'Toole and Reed Taylor.

Kubernetes Podcast - #156 Opstrace, with Sebastien Pahl.

Cloud Security Podcast - “Confidentially Speaking” episode focuses on confidential computing.

Releases

Dataproc - New sub-minor versions of Dataproc images: 1.3.94-debian10, 1.3.94-ubuntu18, 1.4.65-debian10, 1.4.65-ubuntu18, 1.5.40-centos8, 1.5.40-debian10, 1.5.40-ubuntu18, 2.0.14-centos8, 2.0.14-debian10, and 2.0.14-ubuntu18. The following component versions were updated in image 2.0: Upgraded Scala version to 2.12.14. Fixed a rare bug that sometimes happened when scaling down the number of secondary workers in a cluster in which the update operation would fail with error 'Resource is not a member of' or 'Cannot delete instance that was already deleted'.

IAM - Recommender now generates lateral movement insights, which identify roles that allow a service account in one project to impersonate a service account in another project.

Google Kubernetes Engine - (2021-R24) Version updates GKE cluster versions have been updated.

GKE - (2021-R24) Version updates Version 1.20.8-gke.900 is now the default version.

Google Kubernetes Engine Rapid - (2021-R24) Version updates Version 1.21.3-gke.100 is now available in the Rapid channel.

Google Kubernetes Engine Regular - (2021-R24) Version updates Version 1.20.8-gke.900 is now the default version in the Regular channel.

Google Kubernetes Engine Stable - (2021-R24) Version updates Version 1.18.20-gke.501 is now the default version in the Stable channel.

Load Balancing - Cloud Monitoring now provides a new predefined dashboard called External HTTP(S) Load Balancers. When you make an internal TCP/UDP load balancer the next hop of a static route, the route can now have network tags.

Cloud Logging - Cloud Logging now lets you control access to individual log entry fields using field-level access control. Cloud Logging now supports the asia-east2 and europe-central2 regions. Log entries that are exported to BigQuery that result in a schema mismatch are now being written to an error table.

KF - 2.5. New features may now start in preview and GA with the next Kf release. New Early Access program (currently private preview). Automated assessment and migration of your existing CF foundation. [PREVIEW] NFS broker automatically configures NFS mounts on your cluster for Apps to bind to. [PREVIEW] Schedule Tasks to run at recurring intervals specified using the unix-cron format. [PREVIEW] Support for Anthos clusters on VMware via the Early Access program. Minor reliability improvements. Support for ASM 1.10.

Cloud Monitoring - Monitoring Query Language (MQL) no longer requires you to use strict form when you create MQL-based alerting policies by using the Monitoring API. The new External HTTP(S) Load Balancers dashboard in Monitoring provides powerful visualizations to help you understand and troubleshoot connectivity issues on your external load balancers.

Notebooks - v1beta1 & v1. If using proxy single-user mode, Notebooks API now verifies if the specified user (proxy-user-mail) has Service Account permissions on the Service Account.

Resource Manager - The Organization Policy constraints Allowed ingress settings and Allowed VPC egress settings for Cloud Run have launched into general availability.

Cloud Run - Cloud Run VPC Service Controls are now at General Availability (GA). Committed use discounts are now at General Availability (GA). The following organization policies are now at General Availability (GA): Cloud Run Allowed ingress settings and Allowed VPC egress settings. Cloud Run container instances can now process up to 1,000 concurrent requests, see Setting maximum concurrency.

Anthos Service Mesh - 1.8.x. 1.8.6-asm.7 is now available.

Cloud SQL Postgres - Cloud SQL for PostgreSQL now supports the following flags: * tcp_keepalives_count * tcp_keepalives_idle * tcp_keepalives_interval For more information about these flags, see the Cloud SQL for PostgreSQL flags documentation. The following PostgreSQL minor versions and extension versions are now available.

Vertex AI - You can use the Reduction Server algorithm (Preview) to increase throughput and reduce latency during distributed custom training. The following features are generally available (GA): Access Transparency for Vertex AI Using a custom service account for custom training and prediction Using VPC Service Controls with Vertex AI Setting up VPC Network Peering with Vertex AI and using private IP for custom training (Using private IP for prediction and vector matching with Matching Engine remains in preview.).

VPC Service Controls - Support for Cloud Run is now at General Availability (GA).

Virtual Private Cloud - Publishing services and accessing published services using Private Service Connect is now available in General Availability. If you are using Private Service Connect to publish or consume services, the following items are not logged in Cloud Logging: changes in endpoint status, and service attachment deletions. The number of Private Service Connect endpoints that are connected to a service attachment is not adjusted when an endpoint is deleted.

Workflows - v1. A list.concat function has been added to support adding an element to a list.

Access Approval - v1. Cloud Data Loss Prevention is supported by Access Approval in GA stage. Cloud External Key Manager is supported by Access Approval in GA stage. Cloud HSM is supported by Access Approval in GA stage. Cloud Logging is supported by Access Approval in GA stage.

AI Platform - Notebooks - v1beta1 & v1. If using proxy single-user mode, Notebooks API now verifies if the specified user (proxy-user-mail) has Service Account permissions on the Service Account.

Anthos clusters on AWS - Anthos clusters on AWS aws-1.8.1-gke.1 is now available. This release contains fixes for the following security vulnerabilities: CVE-2021-33560 CVE-2021-20232 CVE-2021-20231 CVE-2020-24659 CVE-2021-20305 CVE-2021-3580 CVE-2021-3520 CVE-2021-20271. Anthos clusters on AWS now requires kubectl version 1.17 or higher and terraform version v0.14.3 or higher.

Anthos clusters on bare metal - 1.8. Release 1.8.2 Anthos clusters on bare metal 1.8.2 is now available. Features: Preview: Added capability to rotate cluster certificate authorities (CAs) for user clusters. Fixes: Fixed CVE-2021-3520 vulnerability related to a flaw in lz4, which provides support for LZ4 a lossless compression algorithm. Functionality changes: Expanded snapshots to include resource usage metrics to improve troubleshooting and support.

BigQuery ML - The Wide-and-Deep model is now available for preview. Explainable artificial intelligence (XAI) helps you understand the results that your predictive machine-learning model generates for classification and regression tasks by defining how each feature in a row of data contributed to the predicted result. Time series models now support holiday effects for weekly time series, in addition to the daily time series that was previously supported.

BigQuery - BigQuery now supports the INTERVAL type, which represents a duration or an amount of time. DML query jobs now return statistics about the number of rows that were inserted, deleted, or updated.

Cloud Build - Cloud Build private pools are now generally available.

Dataproc Metastore - v1. Dataproc Metastore is now available in the asia-southeast1 (Singapore), europe-west1 (Belgium), and northamerica-northeast1 (Montréal) regions. v1beta1. There is an issue with Dataproc Metastore to Data Catalog batch sync.

If you have suggestion, feedback or link you want to share feel free to email me at zdenko@gcpweekly.com

Have a great week,

Zdenko