Mark Mirchandani and Priyanka Vergadia are here this week to talk about some cool things that are going on. Then, Mark brings us an interesting interview all about documentation in development with Technical Writing Manager Riona Macnamara. Riona specializes in technical documentation for DevOps at Google. Having written technical documentation for both external and internal audiences, Riona starts the show comparing the two, explaining how the process can be very different. In external writing, she stresses the importance of engineers and technical writers working together. She details the challenges of documentation in code development culture and offers some solutions. Laying out goals can create better quality documents, while providing a simple documentation process for engineers can help bolster a culture of documenting. She talks about open source projects, stressing that documentation is possibly more necessary because of the diverse contributor base. We wrap up the interview learning how to get started creating and maintaining useful documentation. Better trumps best with documentation; a lot of decent documentation is better than very few documents no one can find or use! Riona Macnamara Riona is a 13-year Google veteran, and a documentation manager in Google Cloud. Previously at Google, she drove Google’s open source documentation strategy, led the team that developed Google’s internal engineering doc platform used by more than 20,000 projects, and supported Google’s Webmaster Tools (now Search Console). Before Google, she was a product manager at Amazon, and spent ten years at Microsoft as an editor on Encarta and mapping products, and a technical writer. She is a frequent speaker on documentation, open source, and diversity and inclusion, and is based in New York City. Cool things of the week Google Cloud VMware Engine is now generally available blog I built an AI-powered moderation bot for Discord video Interview Berlin Buzzwords 2019: Aizhamal Nurmamat Kyzy & Riona MacNamara - From User to Contributor video Documentation for Good: Knowledge as a tool for equity and inclusion video SREcon18 Asia/Australia - Do Docs Better: Practical Tips on Delivering Value to your Business video DevOps Days Galway videos Write the Docs Portland 2019 videos Write the Docs Australia 2019 videos Technical Writing Courses at Google site Docs Like Code on Amazon site Tip of the week This week, we learn how to authenticate a REST API. What’s something cool you’re working on? Riona will be the Keynote speaker for TCWorld India Priyanka’s been working on new episodes of Cloud Bytes. App Engine in a Minute is now up! She’s also working on her series GCP Comics.

This week, Mark Mirchandani and Priyanka Vergadia learn all about Cloud Audit Logging with fellow Googlers Philip O’Toole and Oscar Guerrero. Our guests explain the importance of Cloud Audit Logs to keep track of your GCP resources so you know who, what, where, and when things were done. Our guests explain the types of logs GCP offers and why each is important for security. The interview continues with a discussion the various other benefits of audit logging, including proof of compliance and measuring of risk. Because audit logs have the ability to create more data than some businesses can use, Philip and Oscar help our listeners understand how to choose the correct logging services for their needs, and we learn how Cloud Logging can help users digest their data. Philip describes how audit logs and event driven systems can benefit businesses, explaining how event driven systems can be built and pushed with GCP. Oscar continues the conversation with audit logging in G Suite. The Cloud Logging team is continuing to expand offerings, so be on the lookout! Philip O’Toole Philip O’Toole is an Engineering Manager at Google Pittsburgh, leading development teams working on GCP’s Cloud Logging Platform, including Audit Logging. Prior to Google, he led development teams at InfluxDB, Loggly, and Riverbed Technology. You can find him on the web. Oscar Guerrero Oscar Guerrero is a Product Manager at Google New York, focused on Data Privacy and Compliance, in particular Audit Logging. Prior to Google, he consulted on Cloud based Financial Risk systems and was a Program Manager at Microsoft in Commerce, Xbox, and Cloud Recommendations. Cool things of the week The new Google Cloud region in Jakarta is now open blog Cloud SQL database instances now discounted blog Beyond Your Bill videos Understanding and analyzing your committed use discounts video Now available: Next OnAir ‘20 schedule, sessions, learning, and resources blog Interview Cloud Audit Logs site Cloud Audit Logs Documentation site Cloud Logging site Cloud Logging Documentation site BigQuery site Google Cloud Storage site Operations (formerly Stackdriver) site Chronicle site Splunk site G Suite audit logging information guide Google G Suite to Splunk HEC Configuration blog Anthos site Tip of the week This week, we have a tip from our Customer Engineering friend, Anthony Bushong, about audit logging in Kubernetes. You can find great documentation on this here and here. What’s something cool you’re working on? Cloud Bytes launched on Sunday and the 2nd episode of the Drawing Board launched late last week! Continuing to work on these.

Mark Mirchandani and Priyanka Vergadia host this week’s episode of the podcast, with a thorough discussion of Solutions Engineering at Google. Our guests, Grace Mollison and Ann Wallace, explain that the Solutions Engineering team is there to help customers choose appropriate products for things like security, analytics, data management, and more. The products are laid out in guides and blueprints so the client can easily understand why products are chosen and how to use them. Grace and Ann talk later in the podcast about the Solutions Engineering blueprints that Solutions Engineering Architects have begun creating. They describe how the idea came about, how they’re built, as well as the types of blueprints that are available and how to use them. The team is still working to create more blueprints and make them even easier to use. Grace Mollison Based in London, UK, Grace Mollison leads the Cloud Solutions Architect team in EMEA, where she helps customers to understand how to architect and deploy applications “safely” on the Google Cloud platform. In her spare time she spends time attempting to teach her international team how to speak the Queen’s English! Before Google, Grace was a Solutions Architect at AWS where she worked with the AWS ecosystem and customers to ensure well architected solutions. Ann Wallace Ann Wallace (she/her) is Security Solutions Manager for Google Cloud where she develops, designs, and packages security solutions for Enterprise Customers. She co-wrote Google’s guidance for running PCI compliant workloads on GKE. Before Google, Ann spent 14 years at Nike in various engineering and architecture roles. She volunteers and leads workshops with Women Who Code Portland. When not working, Ann can be found traveling and ultra-trail running with her dog, Cedar. Cool things of the week Father’s Day present of the past: 30 years of family videos in an AI archive blog GCP Podcast Episode 214: AI in Healthcare with Dale Markowitz podcast Open Match is now 1.0 and ready for deployment in production blog Google Data Center Security: 6 Layers Deep video Interview Cloud Solutions site Security blueprint: PCI on GKE site PCI and GKE Blueprint on GitHub site GCP Podcast Episode 116: Solution Architects with Miles Ward and Grace Mollison podcast GCP Podcast Episode 174: Professional Services with Ann Wallace and Michael Wallman podcast Terraform site Kubernetes site Anthos site Anthos security blueprint: Auditing and monitoring for deviation from policy site Anthos security blueprint: Enforcing policies site Anthos security blueprint: Enforcing locality restrictions for clusters on Google Cloud site OnlineBoutique on GitHub site Tip of the week How can I get introduced to key products? With Priyanka’s new video series! What’s something cool you’re working on? Our guests will be giving talks at virtual summits, including KubeCon and CISO Forum. Priyanka has been working on a new video series called Google Cloud Drawing Board, as well as a new animation series that will launch next week!

Mark Mirchandani is back this week as he and co-host Brian Dorsey learn all about voice coding with some great guests! Emily Shea, senior software engineer at Fastly and user of Talon Voice, and Ryan Hileman, developer of Talon Voice, tell us about Repetitive Strain Injury and how it led to the design and use of Talon Voice. Talon allows not only straight voice input but includes eye tracking, noise recognition, and user customization to perform complex actions like moving windows, selecting text, and user-specific workflow customizations without touching any hardware. Emily describes her experiences with Talon, including the process to get started and how she looked past voice recognition stereotypes to find how useful the product could be. She demos Talon for us, explaining how the alphabet system works. Ryan types a sentence using his voice then explains the process of developing the alphabet and other parts of Talon. Later, Ryan and Emily tell us how they write code using Talon and the logistics of using the software at home or in the office. We end the show talking about how Talon and voice recognition software have helped people with and without debilitating injuries and given hope to those spending hours on computers every day. Emily stresses the importance of adding accessibility to websites to accommodate Talon users and others with disabilities. Emily Shea Emily is a Senior Software Engineer at Fastly, where she works on the platform for delivering core Edge Cloud configurations. Because of a Repetitive Strain Injury, she develops using Talon’s speech recognition. Ryan Hileman Ryan was a software engineer for over a decade and in 2017 quit his job due to hand pain. He has since worked full time on Talon with a mission of enabling anyone to be equally productive for any and all tasks on a computer without their hands. Cool things of the week How to find—and use—your GKE logs with Cloud Logging blog The Stack Doctor videos Using Recommenders to keep your cloud running optimally blog Interview Talon Voice site Talon Slack site Talon Patreon site Hammerspoon site AutoHotkey site Whale Quench site The Accessibility Project site Web Content Accessibility Guidelines site Perl Conference video Demo from The Perl Conf video Strange Loop video Demo from Strange Loop video Ryan’s demo video Street Fighter video

We’re discussing security operations on the podcast this week with your hosts Priyanka Vergadia and Mark Mirchandani. They’re joined by Elliott Abraham and Jason Bisson who start the interview explaining that they created the CLAM framework to help customers use Google Cloud security features to their fullest potential to create safe projects and relaxed clients. The CLAM (Cloud Logging Alerting and Monitoring) framework came about specifically to help customers transition products to, and run products securely in, the cloud. Using the Mitre GCP Matrix, the security team addressed each element with GCP product solutions, from initial access to persistence and beyond. CLAM is GCP specific, taking into account the default security measures GCP already provides and supplementing these measures with appropriate procedures for each client. Once the framework is in place and things are secure, clients can build on that with operational controls, such as SRE best practices. Elliott explains the shared security model and how clients can shift more of the security responsibility to the cloud service provider by employing more managed services. Jason tells us about VPC Service Controls and how they allow clients to set specific security rules such as from where data can be accessed. They go on to describe the GCP Security Command Center and the tools available there. We wrap up the interview with some tips from our guests, including what to do if you are compromised. Elliott Abraham Elliott Abraham is a Security and Compliance Specialist based in Atlanta. Elliott works with Financial Services, Healthcare and Life Sciences and other Select Accounts migrating to or expanding their footprint on the Google Cloud Platform. Elliott has helped many customers to operationalize GCP Security solutions in alignment with their security, compliance, and regulatory requirements. Jason Bisson Jason Bisson is a Security and Compliance Specialist based in NYC. He works with Financial Services, Healthcare, Government, and Retail customers to explain the security, compliance, and regulatory abilities of Google Cloud Platform. Cool things of the week Announcing Google Cloud Next ‘20: OnAir blog Celebrating a decade of data: BigQuery turns 10 blog A very special BigQuery Day (The Data Show, w/ Felipe Hoffa & Yufeng Guo) video Interview CLAM Framework pdf Mitre site Mitre ATT&CK site Mitre GCP Matrix site SRE Handbook site VPC Service Controls site Cloud Audit Logs site Cloud Data Loss Prevention site GCP Podcast Episode 218: Chronicle Security with Dr. Anton Chuvakin and Ansh Patniakpodcast GCP Podcast Episode 221: BeyondCorp with Robert Sadowski podcast Tip of the week Yuri Grinshteyn talks about the new logging feature. What’s something cool you’re working on? Priyanka is working on Building an Unbreakable DevOps Pipeline with Google Cloud. Mark is working on more videos and will be speaking at Next.

On this episode of the podcast, our old pal Mark Mirchandani is joined by special guest host Max Saltonstall to talk trust and security with fellow Googler Rob Sadowski. BeyondCorp is Google’s answer to allowing employees to use company networks on any device while outside the building in a way that is both secure and efficient. Users are authenticated per session and per device to give access only to the specific person, on the specific device, for the specific job each time. In addition to the thorough authentication process, BeyondCorp continues to monitor device metadata during use as part of the system’s decision to continue to trust (or not trust) a user. With this information, if a user accidentally exposes the system to malware, for example, access can be revoked quickly. Max and Rob explain the steps Google went through to create such a state-of-the-art security program and give tips on how companies can build something similar. Codifying your employees’ needs and preferences, detailing the levels of trust you’ll allow, and thinking ahead about where in the world your employees will be when they access the system are some of their tips. Rob stresses how complicated the system was to build from scratch and emphasizes that with BeyondCorp Remote Access, companies don’t have to build a whole new system. BeyondCorp Remote Access offers automatic scaling and world-wide points of presence for a fast user experience anywhere in the world. Companies can define access rules for each user, setting trust levels and parameters for who can access what parts of the network. Rob points out that this is a great solution, not only for employees who find themselves working from home due to the current global climate, but also for freelance or contract workers who only need access to parts of the internal system. Rob Sadowski Rob Sadowski is the Trust & Security Product Lead for Google Cloud at Google. He is responsible for creating and delivering Google Cloud’s security message, spanning platforms, applications, and connected devices. Cool things of the week Using Bigtable’s monitoring tools, meant for a petabyte-scale database, to… make art blog GCP Podcast Episode 192: Cloud Bigtable with Billy Jacobson podcast A simple, secure way for teams to meet and work: G Suite Essentials is here blog Interview BeyondCorp site BeyondCorp Remote Access site BeyondCorp: A New Approach to Enterprise Security paper BeyondCorp: Design to Deployment at Google paper BeyondCorp: The Access Proxy paper Migrating to BeyondCorp: Maintaining Productivity While Improving Security paper BeyondCorp: The User Experience paper BeyondCorp 6: Building a Healthy Fleet paper NYC Cyber Command site Tip of the week This week, Max talks about 2-step verification, security keys, and why you need them! What’s something cool you’re working on? Max is working on Stack Chat at Home (coming soon!), BeyondCorp in a Bottle, as well as Ring Fit Adventure and Just Dance video games. Sound Effect Attribution “Clarinet Multiphonics” by jfcharles of Freesound.org

Priyanka Vergadia hops back into the host seat this week, joining Mark Mirchandani to talk to Marit Rødevand of Strise. Strise is an AI-driven enterprise company using knowledge graphs to gather and analyze massive amounts of information, depositing it into a web-based interface to help large clients such as banks solve data-driven problems. Strise’s web-based data platform is customizable, flexible, and capable of keeping up with the fast-paced world of technology so enterprise companies aren’t constantly putting time and resources into reworking old or building new software. To do this, Strise uses knowledge graphs rather than typical databases to create what Marit calls a future-proof data model. Marit explains knowledge graphs in detail, emphasizing that they can reduce training of machine models, allow new data to be input easily, and make analyzing unstructured data much easier. Knowledge graphs take data that would normally only make sense to humans and in effect translate it for computers. Using banking as an example, she details how information about customers can be collected and analyzed thoroughly to help the bank come to conclusions about credit-worthiness or possible criminal activity. On Strise’s platform, Marit tells us that the information is now available to the end user who provides feedback to the system, marking things as relevant or irrelevant, rather than leaving those decisions to a data scientist outside of the client’s field. This means that massive amounts of information could be stored in the knowledge graph, across many industries, and each user only gets the data he or she needs. Google Cloud tools such as Kubernetes Engine, Dataproc, and Pub/Sub have played an integral roll in the creation of the Strise data pipeline. Marit explains how Strise gets their data, how it’s input into the knowledge graph, and how these Google tools help to keep Strise running. Marit Rødevand Marit Rødevand is the CEO & co-founder of Strise, an AI startup from Norway who is signaling a new era of enterprise software. Strise makes the world’s information useful across the enterprise. Their novel approach by utilizing a knowledge graph to power their data platform, allows Strise to break data silos, end customization projects, and bring new insights from unstructured data. Strise is currently helping leading Nordic banks and financial institutions to solve their hardest data-driven problems within KYC/AML, risk, and sales. Strise recently announced their Seed round from Maki.vc, the leading Nordic early stage investor, who invests in deep tech & brand-led startups. Marit has a background from Cybernetics & Robotics at the Norwegian University of Science and Technology (NTNU). In university, she co-founded Rendra, a construction SaaS, who was later acquired. Marit started as Entrepreneur in Residence at NTNU where she spun Strise out of a research project that focused on new data models as a foundation for better AI. Cool things of the week BakeML site David East’s Firebase Podcast podcast Automating BigQuery exports to an email blog Cloud OnBoard site Interview Strise site A world in text — Strise blog GKE site Helm sote Dataproc site Operations site Cloud Run site Cloud Pub/Sub site Cloud DNS site Cloud Storage site GCP Podcast Episode 198: SeMI Technologies with Laura Ham podcast Building on Google Cloud with SeMI Technologies - Stack Chat video Knowledge graphs with Weaviate - Stack Chat video Natural Language Data Processing with Mito.ai - Stack Chat video Question of the week Zach answers the question “What’s a cool thing in Cloud that many people may not have thought about?” GSuite and Apps Script What’s something cool you’re working on? Priyanka wrote this post on 13 Most Common Google Cloud Reference Architectures and her parents were on the news for the vegetable garden they’ve been working on. She’s also been working with material design components and firebase hosting. And The Data Show with Yufeng and Felipe is going strong!

Josh Brown, Developer Advocate at Spotify, is on the podcast this week with your hosts Mark and Brian. Working in the Open Developer Platform department, Josh supports third-party developers as they create music experiences for users using the Spotify APIs and SDKs. The most popular of these, the Spotify Web API, lets developers access metadata about music and facilitates library management for users. We talk later in the episode about the types of applications developers are creating using the Spotify Web API and how it’s changing the way people listen. Using developer feedback, Spotify has continued to improve on the API, now offering podcast support, for example. With the new podcast support, hobby developers especially are developing apps that make podcast listening easier and more social. To create these open platform APIs, Josh tells us they relied heavily on Google Cloud products like GKE and Cloud Storage. To manage the GCP products they use, Spotify created an internal portal called Backstage. Independent developers are encouraged to make use of Backstage to help with their Spotify projects as well. Josh wraps up the episode explaining the lessons learned in creating these APIs and how developer feedback became so important for them. Josh Brown Josh Brown is a developer advocate for Spotify, focusing on APIs. In his spare time, Josh enjoys running and writing. Cool things of the week Google Cloud training available at no cost for 30 days blog Cost optimization for serverless workloads blog Understanding forwarding, peering, and private zones in Cloud DNS blog Stephanie Wong’s video series on networking videos Stephanie Wong’s blog on Medium blog Interview Spotify site Backstage site Spotify for Developers site Spotify Community site Spotify Web API site Search, browse and follow podcasts using the new Podcast APIs news Kubernetes site GKE site Cloud SQL site Google Cloud Storage site Spotify Platform Documentation site Adopting Kubernetes with Spotify - Stack Chat video Updates on future Spotify events twitter Question of the week Podcasts and hosting static files: how does the GC Podcast do it? Cloud Storage of course! GC Podcast on GitHub. What’s something cool you’re working on? The Google Cloud livestreams we talked about a few weeks ago have expanded into a new Meetup group!

It’s cyber security week on the podcast as Priyanka Vergadia joins Mark Mirchandani to talk with the folks of the Chronicle Security Team. Our guests Ansh Patniak and Dr. Anton Chuvakin start the show off with a brief explanation of Chronicle, which is a security analytics platform that can identify threats and correct them. Anton details the threats facing clients today and why it’s important to continue to guard against old threats as well. Cyber security developers must constantly examine the landscape, adjust tools used, and think ahead to try to predict possible future problems. Ansh elaborates, pointing out that sometimes, all the security needed to protect against old, current, and potentially new threats can create a data overload that causes some threats to be lost in a jungle of notifications. Analyzing this data to gain insights about the health of a company’s cyber security is an important part of the process, and Chronicle can help with that. We discuss other challenges in the security analytics world and learn tips and tricks to help overcome them. Our guests wrap up the show explaining how Chronicle, as part of GCP, benefits Google Cloud customers. Dr. Anton Chuvakin Dr. Anton Chuvakin is now involved with security solution strategy at Google Cloud, where he arrived via Chronicle Security (an Alphabet company) acquisition in July 2019. Anton was, until recently, a Research Vice President and Distinguished Analyst at Gartner for Technical Professionals (GTP) Security and Risk Management Strategies team. Anton is a recognized security expert in the field of log management, SIEM and PCI DSS compliance. Ansh Patniak Ansh Patnaik is responsible for product marketing at Chronicle. Previously, he was VP of Product Management at Oracle where he defined and launched their Security Analytics Cloud service. Ansh has held product management, marketing and sales engineering roles at several cybersecurity and data segment market leaders including Delphix, ArcSight (acquired by HP), and BindView (acquired by Symantec). Cool things of the week UEFI, Shielded VM now the default for Google Compute Engine customers—no additional charge blog Anthos—driving business agility and efficiency blog Anthos 101 videos Interview Chronicle Security site Chronicle Security Blog blog Chronicle Security Resources site Why Your Security Data Lake Project Will FAIL! blog Question of the week Whats one thing you have seen users ask about security on Google Cloud? What’s something cool you’re working on? Our guests be doing the SANS Webinar on April 30th. 13 days of GCP Architecture series! We’re on day nine now, but you can catch up on Twitter with posts like Day 6 on Data Lake and join us for the next few!

Our guests Justin Lerma and Pathik Sharma join Brian and Mark this week to talk cost optimization techniques for internet projects. Justin and Pathik, both of the Professional Services Organization, work to help customers get the most out of GCP while maintaining their project budgets. They help customers take business success metrics and track them from a cost perspective, allowing the client to get an understanding of how much each business goal actually costs, rather than an aggregate of how much has been spent in total. This information is used to tailor GCP product usage and cost optimization to each client project. Pathik explains how the Recommender API can help with VM usage by suggesting shrinking or removing a VM altogether for cost savings. With thorough analysis, clients can also benefit from cost savings by paying for longterm usage of GCP products rather than month-to-month. For storage and analysis, BigQuery can offer better performance at a lower cost with partitioning and clustering. Throughout the episode, Justin and Pathik offer up other tips and tricks to help our listeners save money with GCP, as well as suggested reading materials, videos, and labs to get you started on your cost optimization adventure. Pathik Sharma Pathik Sharma is a Technical Account Manager with Google Cloud, focusing on proactively guiding enterprise customers to operate effectively and efficiently in the cloud. He loves helping customers to maximize their business value by optimizing their cloud spend.  Justin Lerma Justin Lerma is a Technical Account Manager with Google Cloud. He has a passion for sharing best practices in operational efficiency as it allows for the proliferation of more experimentation and breeds new ideas. Cool things of the week Get started with Google Cloud Training & Certification site Interview Compute Engine site BigQuery site BigQuery Reservations docs Cloud Storage site Operations site Recommenders docs Google Cloud Support Plans site Cloud SQL site Use labels to gain visibility into GCP resource usage and spending blog GCP Advanced Billing Dashboard site Stack Doctor Series videos Cost Management Playlist videos Best practices for Cloud Storage cost optimization blog Best practices for optimizing your cloud costs blog Cost optimization best practices for BigQuery blog Networking cost optimization best practices: an overview blog 5 best practices for Compute Engine Cost Optimization blog Cloud Logging and Monitoring Cost Optimization Strategies docs Codelabs: BigQuery Pricing site Qwiklabs: Business Transformation with Google Cloud site Qwiklabs: Understand Your Google Cloud Costs site Qwiklabs: Optimizing Your GCP Costs site Business Learning Path site Cloud Platform Resource Hierarchy docs Cleaning up unused IP addresses docs Cleaning up unused and orphaned persistent disks docs Schedule VMs to auto start/stop with Cloud Scheduler docs Question of the week What is the metadata server?