------------------------------
Title: April 02, 2024
[content]
AlloyDB for PostgreSQL
Feature
AlloyDB Studio is now generally available (GA). AlloyDB Studio includes an Explorer pane that integrates with an enhanced query editor, letting you browse, query, and modify your AlloyDB databases with this single interface. For more information, see Manage your data using AlloyDB Studio. 
Apigee X
Announcement
On April 2, 2024, we announced an increase in the rate limits for the Spike Arrest policy.

The limit on the rate you can specify increased from 1,000 requests per second, 60,000 requests per minute to 4,000 requests per second, 240,000 requests per minute.

See the Spike Arrest section of the Limits page for information on Spike Arrest limits.
Artifact Registry
Feature
Artifact Analysis automatic scanning for Ruby, Rust, .NET and PHP vulnerabilities in container images is now generally available. If the Container Scanning API is enabled, it scans container images pushed to Artifact Registry for Ruby, Rust, .NET and PHP vulnerabilities, in addition to already supported operating system and language package vulnerabilities.

Artifact Analysis returns Ruby, Rust, .NET and PHP vulnerability results for images that have a supported or unsupported operating system. When you push new versions of images to the registry, you might see more successful vulnerability scans against images without a supported operating system.

For more information, see Container scanning overview.
BigQuery
Feature
The following BigQuery ML features are now in
preview:


Performing
supervised tuning
on a remote model based on a
Vertex AI text-bison large language model (LLM).
Evaluate a Vertex AI LLM using the
ML.EVALUATE function.
Pre-trained
text-bison, text unicorn, or gemini-pro
models and tuned text-bison models are supported for evaluation.


Try tuning and evaluating an LLM with the
Customize an LLM by using supervised fine tuning
how-to topic.
Cloud SQL for MySQL
Feature
You can now scale up the compute size (vCPU, memory) of a Cloud SQL Enterprise Plus edition primary instance with near-zero downtime.
Cloud SQL for PostgreSQL
Changed
Version 0.6.0 of the pgvector extension that's listed in the March 27 release note isn't available yet. Use version 0.5.1 of this extension.
Feature
You can now scale up the compute size (vCPU, memory) of a Cloud SQL Enterprise Plus edition primary instance with near-zero downtime.
Cloud SQL for SQL Server
Feature
You can now use SSL mode instead of the legacy require_ssl setting to specify the encryption requirements for connections to your Cloud SQL for SQL Server instances. For more information, see Enforce SSL/TLS encryption.
Dataform
Feature
You can now use Customer-Managed Encryption Keys (CMEK) to protect repositories in Dataform. CMEK in Dataform is available in preview. For more information, see Use customer-managed encryption keys.
Dialogflow
Feature
Dialogflow CX: Call companion is now generally available with new user interface settings.
Feature
Dialogflow CX: Dialogflow CX phone gateway is now generally available.
Feature
Vertex AI Conversation: Data stores now support parse and chunk configuration.
Document AI
Feature
Fine tuning generative AI models within the Custom Extractor is now supported in GA. For more information, see custom processors and fine tuning pricing.
Eventarc
Feature
Eventarc support for creating triggers for direct events from Cloud Deploy is generally available (GA).
Generative AI on Vertex AI
Feature
Model Garden supports all Text Generation Inference supported models in HuggingFace:


Verified deployment settings for about 400 Hugging Face text generation models (including google/gemma-7b-it, meta-llama/Llama-2-7b-chat-hf, and mistralai/Mistral-7B-v0.1).
Other Hugging Face text generation models have unverified deployment settings that are auto generated.

Google Kubernetes Engine
Feature
Observability for Google Kubernetes Engine: Added a dashboard for Tensor Processing Unit (TPU) metrics on the Observability tab of both the cluster listing and cluster details pages for GKE clusters. The charts on this dashboard are populated with data only if the cluster has TPU nodes and GKE system metrics is enabled. For more information, see View observability metrics.
Looker Studio
Breaking
Search Ads 360 connector deprecation

After April 30, 2024, you will no longer be able to create new reports from this connector. Please start using the New Search Ads 360 connector.

To learn more about this change, read the Connect to Search Ads 360 (deprecated) Help Center article.
SAP on Google Cloud
Announcement
ABAP SDK for Google Cloud version v1.6

Version 1.6 of the ABAP SDK for Google Cloud is generally available (GA). This version brings in expanded support for more Google Cloud APIs, including support for multi-modal LLMs such as Gemini, SDK feature enhancements, and bug fixes.

For more information, see What's new with the ABAP SDK for Google Cloud.
Security Command Center
Feature
Enterprise tier released to General Availability

The Enterprise tier, which transforms Security Command Center into a cloud-native application protection platform (CNAPP) that combines cloud security and enterprise security operations with multicloud support, is released to General Availability.

The following features and capabilities of the Enterprise tier are new to Security Command Center:


Multicloud support: You can now connect Security Command Center to Amazon Web Services for the following capabilities:

Detect threats and vulnerabilities
Assess the risk exposure of your high-value AWS resources
Assess compliance with security standards

A new Security Operations console for global security operations tasks
SIEM and SOAR capabilities for security operations

Security investigation and event management (SIEM) capabilities:

Ingest and normalize logs from Google Cloud, AWS, Security Command Center findings, and resource metadata from multiple sources
Detect the most important cloud threats with curated threat detection
Search across consolidated SIEM data

Security operations and response (SOAR) capabilities:

Manage detections, investigations, and responses with cases
Automate response workflows with playbooks
Focus on posture and threat findings with dedicated views in the Security Operations console
Integrate with IT service management products, such as Jira and ServiceNow, for posture management
Search across consolidated SOAR data


The following attack exposure scoring features are in General Availability:

Attack exposure scores now calculated for high-value resources
Severities of vulnerability findings can vary to align with attack exposure scores
Optional automated assignment of resource values with Sensitive Data Protection

Vulnerability and misconfiguration detections

Security Health Analytics includes the following enhancements:

New misconfiguration detectors for AWS resources
Detectors are mapped to new security standards

You can now manage the remediation of critical and high severity vulnerability and misconfiguration findings using cases that are automatically opened for you.

Threat detection and investigation

Detect threats in your AWS deployments
Investigate and respond to incidents with SIEM-like capabilities across 90 days of cloud logs
Manage the investigation of and response to threats by using cases
Define response workflows and automated actions in response to threats by using playbooks

Mandiant Attack Surface Management integration

Mandiant Attack Surface Management scans your external attack surfaces to identify  vulnerability and misconfiguration findings

Sensitive Data Protection integration

The Risk overview page of Security Command Center in the Google Cloud console now shows data security findings from the Sensitive Data Protection discovery service
Findings from Sensitive Data Protection that indicate the sensitivity and data risk levels of your data can inform the automated assignment of resource values for the attack path simulation feature

Gemini artificial intelligence features

Natural language search for threat findings    
AI investigation widget for cases

Compliance, security standards

Support for AWS security standards

Validate infrastructure as code (IaC) against organization policies and Security Health Analytics detectors.
The IaC validation feature lets you determine whether your new or modified resource definitions violate the existing policies that are applied to your Google Cloud resources.
Integration with Assured Open Source Software
The paid tier of Assured OSS is included with your Enterprise tier license, so that you can enhance your code security by using the open source software packages that Google uses for its own developer workflows.

Breaking
With the Enterprise tier, severity levels of certain findings are now variable

In the Enterprise tier of Security Command Center, the default severity level of an active vulnerability or misconfiguration finding can change if the finding's attack exposure score changes. If you are a user of the Premium tier and you upgrade to the Enterprise tier, check any automated or manual procedures that rely on the value of the severity property to ensure that they can support a variable severity value.

For more information, see Severities that vary based on attack exposure score.
Sensitive Data Protection
Announcement
If you opted to publish your data profiles to Security Command Center, you can configure Security Command Center to prioritize resources automatically according to the sensitivity of the data that the resources contain. For more information, see Set resource priority values automatically by data sensitivity.

If your discovery scan configuration isn't set to publish data profiles to Security Command Center, see Enable publishing to Security Command Center in an existing configuration.
Service Extensions
Announcement
Service Extensions is Generally Available for callout extensions for most Google Cloud Application Load Balancers.

You can also configure Cloud Load Balancing callout extensions by using the Console.
[/content]

PublishedDate: 2024-04-02
Category: Technology
NewsPaper: GCP latest releases