Building and scaling generative AI models demands enormous resources, but this process can get tedious. Developers wrestle with managing job queues, provisioning clusters, and resolving dependencies just to ensure consistent results. This infrastructure overhead, along with the difficulty of discovering the optimal training recipe and navigating the endless maze of hyperparameter and model architecture choices, slows the path to production-grade model training.
Today, we’re announcing expanded capabilities in Vertex AI Training that simplify and accelerate the path to developing large, highly differentiated models.
Our new managed training features, aimed at developers training with hundreds to thousands of AI accelerators, builds on the best of Google Cloud’s AI infrastructure offerings, including Cluster Director for a fully managed and resilient Slurm environment, and adds sophisticated management tools. This includes pre-built data science tooling and optimized recipes integrated with frameworks like NVIDIA NeMo for specialized, massive-scale model building.
Built for customization and scale
Vertex AI Training delivers choice across the full spectrum of model customization. This range extends from cost-effective, lightweight tunings like LoRA for rapid behavioral refinement of models like Gemini, all the way to large-scale training of open-source or custom-built models on clusters for full domain specialization.
The Vertex AI training capabilities are organized around three areas:
1. Flexible, self-healing infrastructure
With Vertex AI Training, you can create a production-ready environment in minutes. By leveraging our included Cluster Director capabilities, customers benefit from a fully managed and resilient Slurm environment that simplifies large scale training.
Automated resiliency features proactively check for and avoid stragglers, swiftly restart or replace faulty nodes, and utilize performance-optimized checkpointing functionality to maximize cluster uptime.
To achieve optimal cost efficiency, you can provision Google Cloud capacity using our Dynamic Workload Scheduler (DWS). Calendar Mode provides fixed, future-dated reservations (up to 90 days), similar to a scheduled booking. Flex-start provides flexible, on-demand capacity requests (up to 7 days) that are fulfilled as soon as all requested resources become simultaneously available.
2. Comprehensive data science tooling
Our comprehensive data science tooling removes much of the guesswork from complex model development. It includes capabilities such as hyperparameter tuning (which automatically finds the best model settings), data optimization, and advanced model evaluation – all designed to ensure your specialized models are production-ready faster.
3. Integrated recipes and frameworks
Maximize training efficiency out-of-the-box with our curated, optimized recipes for the full model development lifecycle, from pre-training and continued pre-training to supervised fine-tuning (SFT) and Direct Preference Optimization (DPO). We also provide seamless integration of standardized frameworks like NVIDIA NeMo and NeMo-RL.
How customers are seeing impact with Vertex AI Training
Salesforce: The Salesforce AI Research team leveraged Vertex AI Training to expand the capabilities of their large action models. By fine-tuning these models for their unique business operations, Salesforce’s Gemini models now outperform industry-leading LLMs against key CRM benchmarks. This allows customers to more accurately and reliably automate complex, multi-step business processes, providing the reliable foundation for building AI agents.
“In the enterprise environment, it’s imperative for AI agents to be highly capable and highly consistent, especially for critical use cases. Together with Google Cloud, we are setting a new standard for building the future of what’s possible in the agentic enterprise down to the model level.” – Silvio Savarese, Chief Scientist at Salesforce
AI Singapore (AISG): AISG utilized Vertex AI Training’s managed training capabilities on reserved clusters to launch their 27-billion parameter flagship model. This extensive specialization project demanded peak infrastructure reliability and performance tuning to achieve precise language and contextual customization for diverse Southeast Asian markets.
“AI Singapore recently launched SEA-LION v4, an open source foundational model incorporating Southeast Asian contexts and languages. Vertex AI and its managed training clusters were instrumental in our development of SEA-LION v4. Vertex AI delivered a stable, resilient environment for our large scale training workloads that was easy to set up and use. Its optimized training recipes helped increase training throughput performance by nearly 30%.”– William Tjhi, Head of Applied Research, AI Products Pillar, AI Singapore
Looking for more control?
For customers seeking maximum flexibility and control, our AI-optimized infrastructure is available via Google Compute Engine or through Google Kubernetes Engine, both of which include Cluster Director to provision and manage highly scalable AI training accelerators and clusters. Cluster Director provides the deep control over hardware, network optimization, capacity management, and operational efficiency that these advanced users demand.
Elevate your models today
Vertex AI Training provides the full range of approaches, the world-class infrastructure, and the expertise to make your AI your most powerful competitive asset. Interested customers should contact their Google Cloud sales representative for access and to gain access and learn more about how Vertex AI Training can help deliver their unique business advantage.
Amazon Cognito now enables app clients to specify resource indicators during access token requests as part of its OAuth 2.0 authorization code grant and implicit grant flows. The resource indicator identifies the protected resource, such as a user’s bank account record or a specific file in a file server that the user needs to access. After authenticating the client, Cognito then issues an access token for that specific resource. This ensures that access tokens can be limited from broad service level access down to accessing specific individual resources.
This capability makes it simpler to protect resources that a user needs to access. For example, agents (an example of app clients) on behalf of users can request access tokens for specific protected resources, such as a user’s banking records. After validation, Cognito issues an access token with the audience claim set to the specific resource. Previously, clients had to use non-standard claims or scopes for Cognito to infer and issue resource-specific access tokens. Now, customers can specify the target resource in a simple and consistent way using standards-based resource parameter.
This capability is available to Amazon Cognito Managed Login customers using Essentials or Plus tiers in AWS Regions where Cognito is available, including the AWS GovCloud (US) Regions. To learn more, refer to the developer guide, and pricing for Cognito Essentials and Plus tier.
Today, AWS announced enhanced API key restrictions for Amazon Location Service, enabling developers to secure their location-based applications more effectively. This new capability helps organizations that need to restrict API access to specific mobile applications, providing improved security controls for location services across their application portfolio.
Developers can now create granular security policies by restricting API keys to specific Android applications using package names and SHA-1 certificate fingerprints, or to iOS applications using Bundle IDs. For example, enterprises can ensure their API keys only work with their approved mobile applications, while development teams can create separate keys for testing and production environments.
Amazon Location Service API key restrictions are available in the following AWS Regions: US East (Ohio), US East (N. Virginia), US West (Oregon), Asia Pacific (Mumbai), Asia Pacific (Sydney), Asia Pacific (Tokyo), Canada (Central), Europe (Frankfurt), Europe (Ireland), Europe (London), Europe (Stockholm), Europe (Spain), and South America (São Paulo). To implement these restrictions, you’ll need to update your API key configurations using the Amazon Location Service console or APIs. To learn more, please visit the Developer Guide.
Amazon Elastic Container Service (Amazon ECS) Managed Instances is now available in all commercial AWS Regions. ECS Managed Instances is a fully managed compute option designed to eliminate infrastructure management overhead while giving you access to the full capabilities of Amazon EC2. By offloading infrastructure operations to AWS, you get the application performance you want and the simplicity you need while reducing your total cost of ownership.
Managed Instances dynamically scales EC2 instances to match your workload requirements and continuously optimizes task placement to reduce infrastructure costs. It also enhances your security posture through regular security patching initiated every 14 days. You can simply define your task requirements such as the number of vCPUs, memory size, and CPU architecture, and Amazon ECS automatically provisions, configures and operates most optimal EC2 instances within your AWS account using AWS-controlled access. You can also specify desired instance types in Managed Instances Capacity Provider configuration, including GPU-accelerated, network-optimized, and burstable performance, to run your workloads on the instance families you prefer.
To get started with ECS Managed Instances, use the AWS Console, Amazon ECS MCP Server, or your favorite infrastructure-as-code tooling to enable it in a new or existing Amazon ECS cluster. You will be charged for the management of compute provisioned, in addition to your regular Amazon EC2 costs. To learn more about ECS Managed Instances, visit the feature page, documentation, and AWS News launch blog.
Amazon SageMaker enhances search results in Amazon SageMaker Unified Studio with additional context that improves transparency and interpretability. Users can see which metadata fields matched their query and understand why each result appears, increasing clarity and trust in data discovery. The capability introduces inline highlighting for matched terms and an explanation panel that details where and how each match occurred across metadata fields such as name, description, glossary, schema, and other metadata.
The enhancement reduces time spent evaluating irrelevant assets by presenting match evidence directly in search results. Users can quickly validate relevance without opening individual assets.
This capability is now available in all AWS Regions where Amazon SageMaker is supported.
To learn more about Amazon SageMaker, see Amazon SageMaker documentaion.
Amazon Redshift Serverless, which allows you to run and scale analytics without having to provision and manage data warehouse clusters, is now generally available in the AWS Asia Pacific (Osaka) and Asia Pacific (Malaysia) regions. With Amazon Redshift Serverless, all users, including data analysts, developers, and data scientists, can use Amazon Redshift to get insights from data in seconds. Amazon Redshift Serverless automatically provisions and intelligently scales data warehouse capacity to deliver high performance for all your analytics. You only pay for the compute used for the duration of the workloads on a per-second basis. You can benefit from this simplicity without making any changes to your existing analytics and business intelligence applications.
With a few clicks in the AWS Management Console, you can get started with querying data using the Query Editor V2 or your tool of choice with Amazon Redshift Serverless. There is no need to choose node types, node count, workload management, scaling, and other manual configurations. You can create databases, schemas, and tables, and load your own data from Amazon S3, access data using Amazon Redshift data shares, or restore an existing Amazon Redshift provisioned cluster snapshot. With Amazon Redshift Serverless, you can directly query data in open formats, such as Apache Parquet, in Amazon S3 data lakes. Amazon Redshift Serverless provides unified billing for queries on any of these data sources, helping you efficiently monitor and manage costs.
Customers can now enable predictive scaling for their Auto Scaling groups (ASGs) in six more regions: Asia Pacific (Hyderabad), Asia Pacific (Melbourne), Israel (Tel Aviv), Canada West (Calgary), Europe (Spain), and Europe (Zurich). Predictive Scaling can proactively scale out your ASGs to be ready for upcoming demand. This allows you to avoid the need to over-provision capacity, resulting in lower EC2 cost, while ensuring your application’s responsiveness. To see the list of all supported AWS public regions and AWS GovCloud (US) regions, click here.
Predictive Scaling is appropriate for applications that experience recurring patterns of steep demand changes, such as early morning spikes when business resumes. It learns from the past patterns and launches instances in advance of predicted demand, giving instances time to warm up. Predictive scaling enhances existing Auto Scaling policies, such as Target Tracking or Simple Scaling, so that your applications scale based on both real-time metrics and historic patterns. You can preview how Predictive Scaling works with your ASG by using the “Forecast Only” mode.
Predictive Scaling is available as a scaling policy type through AWS Command Line Interface (CLI), EC2 Auto Scaling Management Console, AWS CloudFormation and AWS SDKs. To learn more, visit the Predictive Scaling page in the EC2 Auto Scaling documentation.
Amazon Aurora DSQL now supports resource-based policies, enabling you to simplify access control for your Aurora DSQL resources. With resource-based policies, you can specify Identity and Access Management (IAM) principals and the specific IAM actions they can perform against your Aurora DSQL resources. Resource-based policies also enable you to implement Block Public Access (BPA), which helps to further restrict access to your Aurora DSQL public or VPC endpoints.
Aurora DSQL support for resource-based policies is available in the following AWS Regions: US East (N. Virginia), US East (Ohio), US West (Oregon), Asia Pacific (Osaka), Asia Pacific (Tokyo), Asia Pacific (Seoul), Europe (Ireland), Europe (London), Europe (Paris), and Europe (Frankfurt). To get started, visit the Aurora DSQL resource-based policies documentation.
VPC Reachability Analyzer allows you to diagnose network reachability between a source resource and a destination resource in your virtual private clouds (VPCs) by analyzing your network configurations. For example, Reachability Analyzer can help you identify a missing route table entry in your VPC route table that could be blocking network reachability between an EC2 instance in Account A that is not able to connect to another EC2 instance in Account B in your AWS Organization.
VPC Network Access Analyzer allows you to identify unintended network access to your AWS resources, helping you meet your security and compliance guidelines. For example, you can create a scope to verify that all paths from your web-applications to the internet, traverse the firewall, and detect any paths that bypass the firewall.
The conversation around generative AI in the enterprise is getting creative.
Since launching our popular Nano Banana model, consumers have created 13 billion images and 230 million videos1. Enterprises can combine Gemini 2.5 Pro with our generative media models – Lyria, Chirp, Imagen, and Veo – to bring their ideas to life.
To us, generative media is a canvas to explore ideas that were previously constrained by time, budget, or the limits of conventional production. To test this, we briefed several top agencies to use Google’s AI to create an “impossible” ad — a campaign that pushes the boundaries of what’s creatively and technically feasible.
This is what they created.
aside_block
<ListValue: [StructValue([(‘title’, ‘Try generative media models on Gemini Enterprise today’), (‘body’, <wagtail.rich_text.RichText object at 0x7fad4cb6af10>), (‘btn_text’, ”), (‘href’, ”), (‘image’, None)])]>
Challenge: Slice needed to relaunch a nostalgic soda brand with a new focus on probiotic benefits. They aimed to create a distinct brand experience that resonated with both long-time fans and a new generation, creatively showcasing its retro appeal and health-focused features.
Approach: “106.3 The Fizz,” an AI-generated retro radio station, marketed Slice’s relaunch. Gemini wrote 80s/90s pop lyrics, lore, and DJ banter, all infused with “fizz” themes, and powered the global streaming site. Imagen and Veo 3 created visual assets like album covers and music videos. Lyria composed lo-fi instrumentals for a “Chill Zone,” and Chirp provided voices for radio hosts. This approach combined nostalgia with AI innovation, matching Slice’s retro-meets-modern identity.
Impossible personalization: Message the future with personalized trip previews
Brand: Virgin Voyages
Agency: In-house at Virgin Voyages
Challenge: Virgin Voyages wanted to improve its digital advertising by creating highly personalized and engaging ad experiences. The goal was to re-engage prospective cruisers with compelling visuals and messaging that directly reflected their on-site browsing behavior, turning potential bookings into actual conversions.
Approach: Virgin Voyages launched “Postcards from your future self.” This campaign used Google AI to create personalized “postcard” ads based on users’ browsing behavior on virginvoyages.com. Gemini interpreted on-site signals, such as viewed itineraries or ship pages, to generate tailored messaging, taglines, and calls to action. Imagen then created static postcard visuals matching the destinations and cruise themes each user explored, while Veo produced dynamic video versions for more immersive ad formats. These unique AI-generated creatives were used to retarget users, showing them a “Postcard from your future self” specific to their browsing session.
Tech stack:
Google Cloud (Gemini 2.5 Pro, Imagen, Veo 2, Vertex AI)
Impossible experiences: Unlock endless, unique party themes & bespoke cocktails
Brand: Smirnoff
Agency: McCANN
Challenge: Smirnoff aimed to become the preferred vodka brand for LDA Gen Z’s house party culture. While popular for casual home use, the brand wanted to elevate its status and become linked with the unique, personalized gatherings favored by this generation, being the go-to option for bringing people together over delicious drinks. To lead in the LDA Gen Z home party market, Smirnoff needed an innovative way to connect and prove its relevance, making every at-home celebration an unforgettable experience to enjoy responsibly and with moderation.
Approach: Smirnoff introduced Party Engine, an AI-powered co-host that designs unique house parties. Gemini powered a conversational co-host that chatted with each guest to understand their preferences and personalities. As more guests interacted, Gemini combined their inputs with cultural data to develop a unique party theme in real-time. The engine recommended specific party details, including the theme, music, decor, and a personalized Smirnoff cocktail. This approach blended guest personalities with cultural trends, down to the dress code and playlist, creating tailored, one-of-a-kind experiences, all designed to deliver the collective effervescence that Smirnoff brings to every occasion.
Impossible world building: Crowdsource mascots for the lesser traveled parts of Orlando
Brand: Visit Orlando
Agency: razorfish
Challenge: To attract visitors to Orlando’s unique, lesser-known destinations beyond major theme parks, Visit Orlando needed to create compelling awareness. They required an innovative strategy to differentiate these local attractions and their distinct personalities from dominant parks like Walt Disney World and Universal Studios, encouraging travelers to explore the city’s hidden attractions.
Approach: Visit Orlando launched “The Morelandos,” a group of AI-generated characters inspired by real Google reviews. Vertex AI powered a custom agent that gathered and organized Google reviews into distinct personality traits and descriptors for each location. Gemini then turned this information into creative prompts and character backstories, while Imagen visualized these unique mascots. Veo brought the characters to life through animated video stories, featured in YouTube pre-roll and Performance Max campaigns. The characters are available on a Google Maps-integrated experience on VisitOrlando.com, allowing users to explore them online or in real life through AR.
Impossible consistency: Achieve cinematic quality and brand consistency
Brand: Moncler
Agency: R/GA
Challenge: Moncler sought innovative ways to produce high-quality, cinematic visual content at scale while maintaining its distinctive luxury aesthetic and brand consistency across diverse creative inputs. The goal was to show how advanced AI could serve as a powerful creative partner for high-end storytelling through an experimental brand film.
Approach: Moncler partnered with R/GA to create “A Journey from Mountains to the City,” an experimental AI-driven film. Gemini powered a tool called Shotflow, which converted creative direction, style, and references into consistent, production-ready prompts. Veo 2 then used these prompts to create high-quality, cinematic visuals that perfectly matched Moncler’s luxury aesthetic. R/GA’s development of Shotflow also enabled global collaboration and maintained visual continuity throughout the project. This film was not intended for media distribution.
The results: The project was finished in four weeks, establishing Veo as a strong creative partner for high-end, brand-forward storytelling and demonstrating AI’s ability to produce cinematic, consistent visuals for luxury brands.
If you’re interested in learning how to apply these AI-driven approaches to your own brand challenges, explore Gemini 2.5 Pro and our generative media solutions:
Effective monitoring and treatment of complex diseases like cancer and Alzheimer’s disease depends on understanding the underlying biological processes, for which proteins are essential. Mass spectrometry-based proteomics is a powerful method for studying these proteins in a fast and global manner. Yet the widespread adoption of this technique remains constrained by technical complexity as mastering these sophisticated analytical instruments and procedures requires specialized training. This creates an expertise bottleneckthat slows research progress.
To address this challenge, researchers at the Max Planck Institute of Biochemistry collaborated with Google Cloud to build a Proteomics Lab Agent that assists scientists with their experiments. This agent simplifies performing complex scientific procedures through personalized AI guidance, making them easier to execute, while automatically documenting the process.
“A lab’s critical expertise is often tacit knowledge that is rarely documented and lost to academic turnover. This agent addresses that directly, not only by capturing hands-on practice to build an institutional memory, but by systematically detecting experimental errors to enhance reproducibility. Ultimately, this is about empowering our labs to push the frontiers of science faster than ever before.”, said Prof. Matthias Mann, a pioneer in mass spectrometry-based proteomics who leads the Department of Proteomics and Signal Transduction at the Max Planck Institute of Biochemistry.
The agent was built using the Agent Development Kit (ADK), Google Cloud infrastructure, and Gemini models, which offer advanced video and long-context understanding uniquely suited to the needs of advanced research.
One of the agent’s core capabilities is to detect errors and omissions by analyzing a video of a researcher performing lab work and comparing their actions against a reference protocol. This process takes just over two minutes and catches about 74% of procedural errors with high accuracy,although domain-specific knowledge and spatial recognition should still be improved.Our Ai-assisted approach is more efficient compared to the current manual approach, which relies on a researcher’s intuition to either spot subtle mistakes during the procedure or, more commonly, to troubleshoot only after an experiment has failed.
By making it easier to spot mistakes and offering personalized guidance, the agent can reduce troubleshooting time and build towards a future where real-time AI guidance can help prevent errors from happening.
The potential of the Proteomics AI agent goes beyond life sciences, addressing a universal challenge in specialized fields: capturing and transferring the kind of expertise that is learned through hands-on practice, not from manuals. To enable other researchers and organizations to adapt this concept to their own domains, the agentic framework has been made available as an open-source project on GitHub.
In this post, we will detail the agentic framework of the Proteomics Lab Agent, how it uses multimodal AI to provide personalized laboratory guidance, and the results from its deployment in a real-world research environment.
Proteomics Lab Agent generates protocols and detects errors
Proteomics Lab Agent generates protocols and detects errors
The challenge: Preserving expert knowledge in a high-turnover environment
Imagine it’s a Friday evening in the lab. A junior researcher needs to use a sophisticated analytical instrument, a mass spectrometer, but the senior expert who is responsible for it has already left for the weekend. The researcher has to search through lengthy protocols, interpret the instrument’s performance, which depends on multiple factors reflected in diverse metrics, and proceed without guidance. A single misstep could potentially damage the expensive equipment, waste a unique and valuable sample, or compromise the entire study.
Such complexity is a regular hurdle in specialized research fields like mass spectrometry-based proteomics. Scientific progress often depends on complex techniques and instruments that require deep technical expertise. Laboratories face a significant bottleneck in training personnel, documenting procedures, and retaining knowledge, especially with the high rate of academic turnover. When an expert leaves, their accumulated knowledge often leaves with them, forcing the team to partially start over. Collectively, this creates accessibility and reproducibility challenges, which slows down new discoveries.
A solution: an AI agent for lab guidance
The proteomics lab agent addresses these challenges by connecting directly to the lab’s collective knowledge – from protocols and instrument data to past troubleshooting decisions. With this it provides researchers with personalized AI guidance for complex procedures across the entire experimental workflow. Examples include regular wet-lab work such as pipetting or the interactions with specialized equipment and software as required for operating a mass spectrometer. A further feature of the agent is the ability to automatically generate detailed protocols from videos of experiments, detect procedural errors, and provide guidance for correction, reducing troubleshooting and documentation time.
An AI agent architecture for the lab
The underlying multimodal agentic AI framework uses a main agent that coordinates the work of several specialized sub-agents, as shown in Figure 1. Built with Gemini models and the Agent Development Kit, this main agent acts as an orchestrator. It receives a researcher’s query, interprets the request, and delegates the task to the appropriate sub-agent.
Figure 1: Architecture of the Proteomics Lab Agent for multimodal guidance.
The sub-agents are designed for specific functions and connect to the lab’s existing knowledge systems:
Lab Note and Protocol Agents: These agents handle video-related tasks. When a researcher provides a video of an experiment, these agents upload videos to Google Cloud Storage to allow the analysis of the visual and spoken content of a video. Following, the agent can check for errors or generate a new protocol.
Lab Knowledge Agent: This agent connects to the laboratory’s knowledge base (MCP Confluence) to retrieve protocols or save new lab notes, making knowledge accessible to the entire team.
Instrument Agent: To provide guidance on using complex analytical instruments, this agent retrieves instrument performance metrics from a self-build MCP server that monitors the lab’s mass spectrometers (MCP AlphaKraken).
Quality Control Memory Agent: This agent captures all instrument-related decisions and their outcomes in a database (e.g. MCP BigQuery). This creates a searchable history of what has worked in the past and preserves valuable troubleshooting experience.
Together, these agents can provide guidance adapted to the current instrument status and the researcher’s experience level while automatically documenting the researcher’s experience.
A closer look: Catching experimental errors with video analysis
While generative AI has proven effective for digital tasks in science – from literature analysis to controlling lab robots through code – it has not addressed the critical gap between digital assistance and hands-on laboratory execution. Our work demonstrates how to bridge this divide by automatically generating lab notes and detecting experimental errors from a video.
Figure 2: Agent workflow for the video-based lab note generation and error detection.
The process, illustrated in Figure 2, unfolds in several steps:
A researcher records their experiment and submits the video to the agent with a prompt like, “Generate a lab note from this video and check for mistakes.”.
The main agent delegates the task to the Lab Note Agent, which uploads the video to Google Cloud Storage and analyzes the actions performed in the video.
The main agent asks the Lab Knowledge Agent to find the protocol that matches these actions. The Lab Knowledge Agent then retrieves it from the lab’s knowledge base, Confluence.
With both the video analysis and the baseline protocol, the task is passed on to the Lab Note Agent again, which has the knowledge how to perform a step-by-step comparison of video and protocol. It flags any potential mistakes, such as missed steps, incorrectly performed actions, added steps not in the protocol, or steps completed in the wrong order.
The main agent returns the generated lab notes to the researcher with these potential errors flagged for review. The researcher can accept the notes or make corrections.
Once finalized, the corrected notes are saved back to the Confluence knowledge base via the Lab Knowledge Agent, preserving a complete and accurate record of the experiment.
Building institutional memory
To support a lab in building a knowledge base, the Protocol Agent can generate lab instructions directly from a video. A researcher can record themselves performing a procedure while explaining the steps aloud. The agent analyzes the video and audio to produce a formatted, publication-ready protocol. We found that providing the model with a diverse set of examples, step-by-step instructions, and relevant background documents produced the best results.
Figure 3: Agent workflow for guiding instrument operations.
The agent can also support instrument operations (see Figure 3). A researcher may ask, “Is instrument X ready so that I can measure my samples?”. The agent retrieves the latest instrument metrics via the Instrument Agent and compares it with past troubleshooting decisions from the Quality Control Memory Agent. It then provides a recommendation, such as “Yes, the instrument is ready,” or “No, calibration is recommended first”. It can even provide the relevant calibration protocol from the Lab Knowledge Agent. Subsequently, it saves the final researcher’s decision and actions with the Quality Control Memory Agent. With this, every reasoning and its outcome is saved, creating a continuously improving knowledge base for operating specialized equipment and software.
Real-world impact: Making complex scientific procedures easier
To measure the AI agent’s value in a real-world setting, we deployed it in our department at the Max Planck Institute of Biochemistry, a group with 40 researchers. We evaluated the agent’s performance across three key laboratory functions: detecting procedural errors, generating protocols, and providing personalized guidance.
The results showed strong gains in both speed and quality. Key findings include:
AI-assisted error detection: The agent successfully identified 74% of all procedural errors (a metric known as recall) with an overall accuracy of 77% when comparing 28 recorded lab procedures against their reference protocols. While precision (41%) is still a limitation at this early stage, the results are highly promising.
Fast, expert-quality protocols: From lab videos, the agent generated standardized, publication-ready protocols in about 2.6 minutes. This was approximately 10 times faster than manual creation and achieved an average quality score of 4.4 out of 5 across 10 diverse protocols.
Personalized, real-time support: The agent successfully integrated real-time instrument data with past performance decisions to provide researchers with tailored advice on equipment use.
A deeper analysis of the error-detection results revealed specific strengths and areas for improvement. As shown in Figure 4, the system is already effective at recognizing general lab equipment and reading on-screen text. The main limitations were in understanding highly specialized proteomics equipment (27% of these errors were unrecognized) and perceiving fine-grained details, such as the exact placement of pipette tips on a 96-well grid (47%) or small text on pipettes (41%) (see Appendix of corresponding paper). As multimodal models advance, we expect their ability to interpret these details will improve, strengthening this critical safeguard against experimental mistakes.
Figure 4: Strengths and current limitations of the Proteomics Lab Agent in a lab.
Our agent already automates documentation and flags errors in recorded videos, but its future potential lies in prevention, not just correction. We envision an interactive assistant that uses speech to prevent mistakes in real-time before they happen. By making this project open source, we invite the community to help build this future.
Scaling for the future
In conclusion, this framework addresses critical challenges in modern science, from the reproducibility crisis to knowledge retention in high-turnover academic environments. By systematically capturing not just procedural data but also the expert reasoning behind them, the agent builds an institutional memory.
“This approach helps us capture and share the practical knowledge that is often lost when a researcher leaves the lab”, notes Matthias Mann. “This collected experience will not only accelerate the training of new team members but also creates the data foundation we need for future innovations like predictive instrument maintenance for mass spectrometers and automated protocol harmonization within individual labs and across different labs”.
The principles behind the Proteomics Lab Agent are not limited to one field. The concepts outlined in this study are a generalizable solution for any discipline that relies on complex, hands-on procedures, from life sciences to manufacturing.
Dive deeper into the methodology and results by reading our full paper. Explore the code on GitHub and adapt the Proteomics Lab Agent for your own research. Follow the work of the Mann Lab at the Max Planck Institute to see what comes next either on LinkedIn, BlueSky or X.
This project was a collaboration between the Max Planck Institute of Biochemistry and Google. The core team included Patricia Skowronek and Matthias Mann from Department of Proteomics and Signal Transduction at the Max Planck Institute for Biochemistry and Anant Nawalgaria from Google. P.S. and M.M. want to thank the entire Mann Lab for their support.
AWS Transfer Family now enables you to change your server’s identity provider (IdP) type without service interruption. This enhancement gives you more control and flexibility over authentication management in your file transfer workflows, enabling you to adapt quickly to changing business requirements.
AWS Transfer Family provides fully managed file transfers over SFTP, FTP, FTPS, AS2, and web-browser based interfaces. With this launch, you can now dynamically switch between service managed authentication, Active Directory, and custom IdP configurations for SFTP, FTPS, and FTP servers. This enables you to implement zero-downtime authentication migration and meet evolving compliance requirements.
Today, Amazon announced two new Amazon CloudWatch metrics that provide insight into when your application exceeds the I/O performance limits for your EC2 instance with attached EBS volumes. These two metrics, Instance EBS IOPS Exceeded Check and Instance EBS Throughput Exceeded Check, monitor if the driven IOPS or throughput is exceeding the maximum EBS IOPS or throughput that your instance can support.
With these two new metrics at the instance level, you can quickly identify and respond to application performance issues stemming from exceeding the EBS-Optimized limits of your instance. These metrics will return a value of 0 (performance not exceeded) or a 1 (performance exceeded) when your workload is exceeding the EBS-Optimized IOPS or throughput limit of the EC2 instance. With Amazon CloudWatch, you can use these new metrics to create customized dashboards and set alarms that notify you or automatically perform actions based on these metrics, such as moving to a larger instance size or a different instance type that supports higher EBS-Optimized limits.
The Instance EBS IOPS Exceeded Check and Instance EBS Throughput Exceeded Check metrics are available by default at a 1-minute frequency at no additional charges, for all Nitro-based Amazon EC2 instances with EBS volumes attached. You can access these metrics via the EC2 console, CLI, or CloudWatch API in all Commercial AWS Regions, including the AWS GovCloud (US) Regions and China Regions. To learn more about these CloudWatch metrics, please visit the EC2 CloudWatch Metrics documentation.
Data engineers and data analysts using Amazon SageMaker Unified Studio can now connect to and run queries with pre-existing Amazon Athena workgroups. This feature enables data teams to run SQL queries in SageMaker Unified Studio with the default settings and properties from existing Athena workgroups. Since Athena workgroups are used to manage query access and control costs, data engineers and data analysts can save time by reusing Athena workgroups as their SQL analytics compute while maintaining data usage limits and tracking query usage by team or project.
When choosing a compute for SQL analytics within SageMaker Unified Studio, customers can create a new Athena compute connection or choose to connect to an existing Athena workgroup. To get started, navigate to SageMaker Unified Studio, select “Add compute” and choose “Connect to existing compute resources”. Then create a connection to your pre-existing Athena workgroups and save. This new compute is now available within the SageMaker Unified Studio query editor to run SQL queries.
AWS Lambda increases asynchronous invocations maximum payload size from 256 KB to 1 MB, allowing customers to ingest richer, complex payloads for their event-driven workloads without the need to split, compress, or externalize data. Customers invoke their Lambda functions asynchronously using either Lambda API directly, or by receiving push-based events from various AWS services like Amazon S3, Amazon CloudWatch, Amazon SNS, Amazon EventBridge, AWS Step Functions.
Modern cloud applications increasingly rely on AWS Lambda’s asynchronous invocations and its integration with various AWS serverless services to build scalable, event-driven architectures. These applications often need to process rich contextual data, including large-language model prompts, telemetry signals, and complex JSON structures for machine learning outputs. With increase in maximum payload size to 1MB for asynchronous invocations, developers can streamline their architectures by including comprehensive data, from detailed user profiles to complete transaction histories, in a single event, eliminating the need for complex data chunking or external storage solutions.
This feature is generally available in all AWS Commercial and AWS GovCloud (US) Regions. Customers can start sending asynchronous invocation payloads up to 1 MB using Lambda’s invoke API. Customers are charged for 1 request per each asynchronous invocation for first 256 KB. Individual payload size beyond 256 KB is charged 1 additional request for each 64 KB of chunk up to 1 MB. To learn more, read Lambda asynchronous invocation documentation and AWS Lambda pricing.
Starting today, Amazon Aurora DSQL is now available in Europe (Frankfurt). Aurora DSQL is the fastest serverless, distributed SQL database with active-active high availability and multi-Region strong consistency. Aurora DSQL enables you to build always available applications with virtually unlimited scalability, the highest availability, and zero infrastructure management. It is designed to make scaling and resilience effortless for your applications and offers the fastest distributed SQL reads and writes.
Aurora DSQL is now available in the following AWS Regions: US East (N. Virginia), US East (Ohio), US West (Oregon), Asia Pacific (Osaka), Asia Pacific (Tokyo), Asia Pacific (Seoul), Europe (Ireland), Europe (London), Europe (Paris), and Europe (Frankfurt).
Amazon Connect outbound campaigns now offers a preview dialing mode that gives agents more context about a customer before placing a call. Agents can see key customer information—such as name, account balance, and prior interactions—and choose the right moment to call. Campaign managers can tailor preview settings and monitor performance through new dashboards that bring visibility to agent behavior, campaign outcomes, and customer engagement trends.
Without proper context, agents struggle to personalize interactions, leading to low customer engagement and poor experiences. Additionally, businesses can face steep regulatory penalties under laws such as the U.S. Telephone Consumer Protection Act (TCPA) or the UK Office of Communications (OFCOM) for delays in customer-agent connection.
With preview dialing, campaign managers can define review time limits and optionally enable contact removal from campaigns. During preview, agents see a countdown timer alongside customer data and can initiate calls at any moment. Analytics reveal performance patterns—such as average preview time or discard volume—giving managers data to optimize strategy and coach teams effectively. By reserving an agent prior to placing the call, companies can support compliance with regulations while bringing precision to outbound calling, improving both customer connection and operational control.
With Amazon Connect outbound campaigns, companies pay-as-they-go for campaign processing and channel usage. Preview dialing is available in AWS regions, including US East (N. Virginia), US West (Oregon), Africa (Cape Town), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), Canada (Central), Europe (Frankfurt), and Europe (London).
To learn more about configuring preview dialing, visit our webpage.
Amazon Connect now provides granular permissions to access conversation recordings and transcripts in the UI, giving administrators greater flexibility and security control. Contact center administrators can now separately configure access to recordings and transcripts, allowing users to listen to calls while preventing unauthorized copying of transcripts. The system also provides flexible download controls, enabling users to download redacted recordings while restricting downloads of unredacted versions. Administrators can also create sophisticated permission scenarios, providing access to redacted recordings of sensitive conversations while granting unredacted recording access for other conversations.
For modern enterprises, network connectivity is the lifeblood of the AI era. But today’s technology landscape has challenges that are pushing traditional networking models to their limits:
Aggressive cloud migrations and investments in colocation spaces: Organizations are grappling with complex, high-capital expenditure requirements to interconnect global environments from multiple vendors.
Shifting network capacity demands: The computational and data transfer requirements of AI/ML workloads are growing at an unprecedented rate, exposing limitations in network architectures.
A constrained global connectivity market: The limited number of high-bandwidth providers is pushing many organizations to adopt either complex do-it-yourself (DIY) approaches, stitching together services from multiple providers, or cloud-hosted solutions that require layer 3 peering, which brings its own set of IP addressing challenges, bandwidth restrictions, and management overhead.
The result? Enterprises are faced with difficult trade-offs between performance, simplicity, and cost.
In 2023, we launched Cross-Cloud Network, making it easier to build secure and robust networks between cloud environments, deliver content globally, and connect users to their applications wherever they are. We expanded on that vision with Cloud WAN and Cross-Site Interconnect, connecting globally distributed enterprises including data center and on-premises locations. Today, we’re pleased to share that Cross-Site Interconnect is now generally available.
We built Cross-Site Interconnect on the premise that connectivity should be as dynamic and flexible as the digital ecosystems it supports. At its core, Cross-Site Interconnect is a transparent, on-demand, layer 2 connectivity solution that leverages Google’s global infrastructure, letting you simplify, augment and improve your reliability posture across the WAN for high-performance and high-bandwidth connectivity use cases. But it doesn’t stop there.
Global enterprise connectivity reimagined
Traditional network expansion involves massive capital expenditures, complex procurement processes, and extended deployment timelines. With Cross-Site Interconnect, Google Cloud becomes the first major cloud provider to offer transparent layer 2 connectivity over its network, therefore disrupting the current connectivity landscape.
Consider the following Cross-Site Interconnect advantages:
Abstracted resiliency: In a traditional model, organizations with multiple unprotected services from different providers often require detailed maps and lower-level information about their circuits to minimize shared risk and avoid single points of failure in their networks. They also need to model risks of simultaneous failures, overlapping maintenance windows, and mean-times-to-resolution (MTTR). Finally, they need to build monitoring, detection and reaction mechanisms into their topologies in order to meet their availability targets. In contrast, with Cross-Site Interconnect, you specify your WAN resiliency needs in the abstract, and Google Cloud stands behind them with an SLA.
Simplicity and flexibility: As a transparent layer 2 service, Cross-Site Interconnect makes it easy to accommodate current network architectures. You can still build traffic engineering capabilities, adopt active/active or active/passive patterns, or even leverage Cross-Site Interconnect to augment existing network assets, all without changing your operating model, or worrying about IP addressing overlaps.
Pay for what you need: Cross-Site Interconnect applies a cloud consumption model to network assets, so there are no significant upfront infrastructure investments. Further, consumption-based pricing eliminates setup fees, non-recurring charges, and long-term commitments. Rather than overprovisioning to meet anticipated business demands, now you can optimize costs by paying only for the network resources you use.
Optimized infrastructure: With Cross-Site Interconnect, you can decouple your port speeds from your WAN bandwidth, and your last-mile connections from the middle-mile that is delivered over the Google global backbone. You can also maximize the value of your last-mile investments to reach multiple destinations: using ‘VLAN mode’, simply leverage the same port in your central location to establish connections to multiple destinations.
And because Cross-Site Interconnect is built on Google’s extensive footprint of terrestrial and submarine cables, its globally distributed edge locations, and its next-generation network innovations, it offers:
Network reliability: With multiple redundant paths, automatic failover mechanisms, and proactive monitoring, the underlying infrastructure is built to withstand failures. Google’s network is built over more than 3.2 million kilometers of fiber and 34 subsea cables, delivering Cross-Site Interconnect to customers in 100s of Cloud Interconnect PoPs, ensuring 99.95% SLA that doesn’t exclude events such as cable cuts or maintenance. Cross-Site Interconnect abstracts this resilient infrastructure, letting you leverage it as a service. No need to manage complex failover configurations or worry about individual link outages — the network intelligently routes traffic around disruptions, for continuous connectivity between sites.
Strong security: As a cloud-delivered layer 2 overlay, Cross-Site Interconnect lets you build layer 2 adjacencies over long-haul connections. That enables the configuration of MACsec (or other line-rate, layer 2 encryption mechanisms) between remote routers, promoting end-to-end encryption with customer-controlled keys.
Performance transparency: While Cross-Site Interconnect abstracts failure detection and mitigation, it also exposes the key metrics that network operators need to maintain their environment’s end-to-end availability. With probers that continuously monitor the service, Cross-Site Interconnect exposes data via intuitive dashboards and APIs, so you can monitor network characteristics like latency, packet loss, and bandwidth utilization.
Programmable consumption: Cross-Site Interconnect’s consumption model is designed to align with your evolving needs. You can dynamically scale your bandwidth up or down as required, automating network management and incorporating network connectivity into your infrastructure-as-code workflows. This programmability empowers agility and cost optimization, so you only pay for what you need, when you need it.
A spectrum of use cases
Whether you’re looking to augment network capacity, increase reliability, or expand to new locations, Cross-Site Interconnect is a transformative solution that solves critical challenges across diverse industry verticals.
Take, for example, financial institutions, where lower network latency translates directly into competitive advantage. With its consistent and predictable performance and enhanced disaster recovery capabilities, Cross-Site Interconnect helps financial services organizations increase their agility with on-demand network builds, and streamline their operations with fully managed global network connectivity.
“A scalable and stable network is essential for our business operations and powers the data transfers that fuel our research and market responsiveness. Our long-haul Cross-Site Interconnect pilot over the past few months has proved to be quite stable and reliable. We look forward to using Cross-Site Interconnect to further enhance the stability of our global network footprint.” – Chris Dee, Head of Cloud Platform Engineering, Citadel
Other highly regulated industries offering mission critical services also value Cross-Site Interconnect for its unique reliability and security capabilities. For instance, telecommunication providers can use it to expand to new geographies; model builders can quickly and dynamically augment their bandwidth to enable their business needs; enterprises can increase their reliability posture thanks to its convenient handoff in colocation facilities, dynamic bandwidth allocation, consistent, high-bandwidth data transfers, and industry-leading reliability.
The future of global connectivity is here
Cross-Site Interconnect is a unique and compelling solution for businesses seeking reliable, flexible, and transparent connectivity between their global data centers. By abstracting away the complexities of network management and providing robust guarantees, Cross-Site Interconnect lets you focus on innovation and growth, knowing your global connectivity is in capable hands.
Ready to experience the difference? Start deploying Cross-Site Interconnect in your environment or reach out to our team at cross-site-interconnect@google.com and discover how we can elevate your global network infrastructure.
Every development team wants to build robust, secure, and scalable cloud applications, and that often means navigating complexity — especially when it comes to configuration management. Relying on hard-coded configurations and keys is a common practice that can expose sensitive security details. To move faster and stay secure, developers should use a centralized, secure service dedicated to managing application configurations.
Google Cloud’s solution is our Parameter Manager, designed to reduce unnecessarily sharing key cloud configurations, such as API keys, database passwords, and private encryption keys. Parameter Manager works with many types of data formats, including JSON, YAML, and other unformatted data.
It also includes format validation for JSON and YAML types to help eliminate concerns about configuration integrity. Parameter Manager also integrates with Secret Manager, to help ensure confidential data remains secure and separate.
How to use Parameter Manager
To help illustrate how easy and beneficial it can be to use Parameter Manager, we’ll guide you through a practical example: Building a simple weather application you can configure dynamically, including changing between Celsius and Fahrenheit, updating the default city, and managing your API key.
Here’s what we’ll cover:
Obtaining a Weather API Key and securely storing it in Secret Manager.
Creating a Parameter and Version to reference your API Key and hold other relevant parameters.
Building a Simple UI and Backend that interacts with Parameter Manager.
To complete this project, you should have an active Google Cloud project. Here’s the Code Repository for your reference.
1. Obtaining a Weather API Key and storing it securely in Secret Manager
Use any weather API Key here.
Enable the Secret Manager and Parameter Manager APIs from the console. Both have monthly free tiers that should suffice for this walkthrough.
Secret Manager and Parameter Manager home page.
Since the API Key is sensitive, store it in Secret Manager.
In the Google Cloud Console, search for “Secret Manager”.
Click on the “Create Secret” button.
On the creation form:
Define the secret name (such as weather-api-key.)
Paste your weather API Key into the “Secret value” section.
For this demo, use the default options. Feel free to explore other settings in the documentation if you wish.
Click “Create Secret.”
Storing Weather API key in Secret Manager
You’ve now created a Secret resource with a Secret Version containing your API Key. The interface will display its unique identifier, which will look something like this:
projects/<your-project>/secrets/weather-api-key
Copy this identifier. We’ll use it when creating our Parameter.
Copying Weather API key identifier.
2. Creating a Parameter and Version to reference your API Key and hold other relevant parameters
Access Parameter Manager from the Secret Manager home screen or by searching for it in the console.
Accessing Parameter Manager from the Secret Manager console.
Click on the “Create parameter” button.
Creating a parameter.
On the creation form:
Define the parameter name (such as my-weather-demo-parameter.)
Select “YAML” as the format type (Parameter Manager offers format validation for JSON and YAML formats) and submit the form.
As earlier, we’ll use the defaults for other options for this demo.
Parameter creation form.
Parameters offer the advantage of versioning, where each version captures a distinct snapshot of your configuration. This immutability is vital for safeguarding deployed applications against unintended breaking changes. When updates are necessary, a new version can be easily created.
Create a new version for this Parameter by clicking on “New Version”.
Creating a parameter version.
Provide a “Name” for your Parameter Version (such as v1 for your initial application version.) Pro tip: Iterate your version numbers to keep track of different versions.
In the payload section, paste the following YAML. Crucially, replace <your-project-number> with your actual Google Cloud project number and ensure the apiKey attribute correctly references your Secret Manager Secret’s identifier.
code_block
<ListValue: [StructValue([(‘code’, “version: ‘v1’rnapiKey: ‘__REF__(//secretmanager.googleapis.com/projects/<your-project-number>/secrets/weather-api-key/versions/1)’rnfahrenheit: falserndefaultLocation: ‘London’rnshowHumidity: falsern# dummy values, useful when the app is not connected to internet after going live & loading this config or when the weather API is downrndummyData:rn- rn city: ‘London’rn temperature: ’15°C’rn description: ‘Partly Cloudy’rn humidity: ‘70%’rn windSpeed: ’10 km/h’rn icon: ‘http://openweathermap.org/img/wn/02d@2x.png’rn- rn city: ‘New York’rn temperature: ’22°C’rn description: ‘Sunny’rn humidity: ‘55%’rn windSpeed: ’12 km/h’rn icon: ‘http://openweathermap.org/img/wn/03d@2x.png’rn-rn city: ‘Tokyo’rn temperature: ’28°C’rn description: ‘Clear Sky’rn humidity: ‘60%’rn windSpeed: ‘8 km/h’rn icon: ‘http://openweathermap.org/img/wn/04n@2x.png’rn-rn city: ‘Paris’rn temperature: ’18°C’rn description: ‘Light Rain’rn humidity: ‘85%’rn windSpeed: ’15 km/h’rn icon: ‘http://openweathermap.org/img/wn/04d@2x.png’rn-rn city: ‘Sydney’rn temperature: ’20°C’rn description: ‘Mostly Sunny’rn humidity: ‘65%’rn windSpeed: ‘9 km/h’rn icon: ‘http://openweathermap.org/img/wn/04n@2x.png'”), (‘language’, ”), (‘caption’, <wagtail.rich_text.RichText object at 0x7f6220cbebe0>)])]>
Submit the form after specifying the above payload data.
Parameter version creation form.
Key Point: Notice the __REF__ syntax for the apiKey. This is how Parameter Manager securely references data from Secret Manager:__REF__(//secretmanager.googleapis.com/projects/<your-project-number>/secrets/<secret-id>/versions/<version-id>)
You can also use the special alias “latest” instead of a specific version ID to always retrieve the most recently created Secret Version. (Learn more about Secret references in Parameter Manager documentation).
IAM principal identifier for a parameter.
For Parameter Manager to successfully resolve the Secret Manager reference, it needs permission to access your secret.
Navigate back to your Parameter’s list view and click on your newly created Parameter.
Go to the “Overview” section. Copy the “IAM Principal Identifier.” This is a unique service account associated with your Parameter.
Now, navigate back to your Secret Manager service and open the secret you created.
Go to the “Permissions” section and click “Grant Access.”
In the “New principals” field, paste the IAM Principal Identifier you copied from Parameter Manager.
Select the role “Secret Manager Secret Accessor.”
Click “Save.”
This step authorizes all Parameter Versions created under the Parameter to securely access and resolve the secret containing your API Key.
Granting Secret access permissions to Parameter’s IAM principal identifier.
Let’s confirm everything is set up correctly. Navigate to the Parameter Version you just created and click on “Render” from the “Actions” menu.
Testing Secret References are working by performing a render operation.
If your permissions are correctly configured, Parameter Manager will display the “Rendered output,” which will include your actual weather API Key securely retrieved from Secret Manager! This confirms your configuration is ready to be consumed by your application.
Verifying secret substitution in rendered output.
Building a simple UI and backend that can talk to Parameter Manager
Now that our configurations are securely stored and managed, let’s build a simple application to consume them. We’ll create a React frontend and a Node.js backend.
<ListValue: [StructValue([(‘code’, “import React from ‘react’;rnimport ReactDOM from ‘react-dom/client’;rnimport ‘./index.css’;rnimport App from ‘./App’;rnimport reportWebVitals from ‘./reportWebVitals’;rnrnconst root = ReactDOM.createRoot(document.getElementById(‘root’));rnroot.render(rn <React.StrictMode>rn <App />rn </React.StrictMode>rn);rnrn// If you want to start measuring performance in your app, pass a functionrn// to log results (for example: reportWebVitals(console.log))rn// or send to an analytics endpoint. Learn more: https://bit.ly/CRA-vitalsrnreportWebVitals();”), (‘language’, ‘lang-py’), (‘caption’, <wagtail.rich_text.RichText object at 0x7f621f2f5910>)])]>
Now, edit your src/App.js with the following code:
code_block
<ListValue: [StructValue([(‘code’, ‘import ‘./App.css’;rnimport React, { useState } from ‘react’;rnimport axios from ‘axios’;rnrnfunction App() {rn // State for the city input by the userrn const [city, setCity] = useState(”);rn // State for the weather data fetchedrn const [weatherData, setWeatherData] = useState(null);rn // State for loading indicatorrn const [loading, setLoading] = useState(false);rn // State for error messagesrn const [error, setError] = useState(”);rnrn // Function to simulate fetching weather datarn const fetchWeather = async (searchCity) => {rn setLoading(true); // Set loading to true when fetching startsrn setError(”); // Clear any previous errorsrn setWeatherData(null); // Clear previous weather datarnrn try {rn // Make Axios GET request to your Node.js backend serverrn const response = await axios.get(`http://localhost:5001/api/weather`, {rn params: {rn city: searchCityrn }rn });rnrn // Assuming your backend sends back data in a format like:rn // { city: ‘London’, temperature: ’15°C’, description: ‘Partly Cloudy’, humidity: ‘70%’, windSpeed: ’10 km/h’, icon: ‘…’ }rn setWeatherData(response.data);rn console.log(response.data)rn } catch (err) {rn console.error(‘Error fetching weather from backend:’, err);rn // Handle different error responses from the backendrn if (err.response && err.response.data && err.response.data.message) {rn setError(`Error: ${err.response.data.message}`);rn } else {rn setError(‘Failed to fetch weather data. Please ensure the backend server is running and try again.’);rn }rn } finally {rn setLoading(false); // Set loading to false once fetching is completern }rn };rnrn // Handle form submissionrn const handleSubmit = (e) => {rn e.preventDefault(); // Prevent default form submission behaviorrn if (city.trim()) { // Only fetch if city input is not emptyrn fetchWeather(city.trim());rn } else {rn setError(‘Please enter a city name.’);rn }rn };rnrn return (rn <div className=”min-h-screen bg-gradient-to-br from-blue-400 to-purple-600 flex items-center justify-center p-4 font-sans”>rn <div className=”bg-white bg-opacity-90 backdrop-filter backdrop-blur-lg rounded-2xl shadow-xl p-8 w-full max-w-md transform transition-all duration-300 hover:scale-105″>rn <h1 className=”text-4xl font-extrabold text-gray-800 mb-6 text-center”>rn Weather Apprn {(weatherData && weatherData.offline) && (rn <div className=”bg-red-100 border border-red-400 text-red-700 px-4 py-3 rounded-xl relative mb-4″ role=”alert”>rn <strong className=”font-bold”>Weather API is offline! showing dummy data from a default location.</strong>rn <span className=”block sm:inline ml-2″>{error}</span>rn </div>rn )}rn </h1>rnrn {/* City Search Form */}rn <form onSubmit={handleSubmit} className=”flex flex-col sm:flex-row gap-4 mb-8″>rn <inputrn type=”text”rn value={city}rn onChange={(e) => setCity(e.target.value)}rn placeholder=”Enter city name (e.g., London)”rn className=”flex-grow p-3 rounded-xl border border-gray-300 focus:ring-2 focus:ring-blue-500 focus:border-transparent outline-none text-gray-700″rn />rn <buttonrn type=”submit”rn className=”bg-blue-600 hover:bg-blue-700 text-white font-bold py-3 px-6 rounded-xl shadow-md transition-all duration-200 ease-in-out transform hover:-translate-y-1 hover:scale-105 focus:outline-none focus:ring-2 focus:ring-blue-500 focus:ring-opacity-75″rn disabled={loading} // Disable button while loadingrn >rn {loading ? ‘Searching…’ : ‘Get Weather’}rn </button>rn </form>rnrn {/* Loading and Error Messages */}rn {loading && (rn <div className=”flex items-center justify-center text-blue-700 font-semibold text-lg py-4″>rn <svg className=”animate-spin -ml-1 mr-3 h-6 w-6 text-blue-700″ xmlns=”http://www.w3.org/2000/svg” fill=”none” viewBox=”0 0 24 24″>rn <circle className=”opacity-25″ cx=”12″ cy=”12″ r=”10″ stroke=”currentColor” strokeWidth=”4″></circle>rn <path className=”opacity-75″ fill=”currentColor” d=”M4 12a8 8 0 018-8V0C5.373 0 0 5.373 0 12h4zm2 5.291A7.962 7.962 0 014 12H0c0 3.042 1.135 5.824 3 7.938l3-2.647z”></path>rn </svg>rn Loading weather data…rn </div>rn )}rnrn {error && (rn <div className=”bg-red-100 border border-red-400 text-red-700 px-4 py-3 rounded-xl relative mb-4″ role=”alert”>rn <strong className=”font-bold”>Error!</strong>rn <span className=”block sm:inline ml-2″>{error}</span>rn </div>rn )}rnrn {/* Weather Display */}rn {weatherData && !loading && (rn <div className=”bg-gradient-to-r from-blue-500 to-indigo-600 text-white p-6 rounded-2xl shadow-lg transform transition-all duration-300 hover:shadow-xl”>rn <div className=”flex items-center justify-between mb-4″>rn <h2 className=”text-3xl font-bold”>{weatherData.city}</h2>rn <span className=”text-5xl”><imgrn src={weatherData.icon}rn alt=”new”rn /></span>rn </div>rn <p className=”text-6xl font-extrabold mb-4″>{weatherData.temperature}</p>rn <p className=”text-2xl mb-2″>{weatherData.description}</p>rn <div className=”grid grid-cols-2 gap-4 text-lg”>rn {weatherData.showHumidity && (<p>Humidity: <span className=”font-semibold”>{weatherData.humidity}</span></p>)}rn <p>Wind Speed: <span className=”font-semibold”>{weatherData.windSpeed}</span></p>rn </div>rn </div>rn )}rnrn {/* Initial message or no data message */}rn {!weatherData && !loading && !error && (rn <div className=”text-center text-gray-600 text-lg py-8″>rn Enter a city name above to get started!rn </div>rn )}rn </div>rn </div>rn );rn}rnrnexport default App;’), (‘language’, ”), (‘caption’, <wagtail.rich_text.RichText object at 0x7f621f2f5a00>)])]>
Clear the App.css file (or delete it & remove its references if required). We will be using tailwind so add the following in public/index.html, inside the <head> tag:
<ListValue: [StructValue([(‘code’, ‘<!DOCTYPE html>rn<html lang=”en”>rn <head>rn <meta charset=”utf-8″ />rn <link rel=”icon” href=”%PUBLIC_URL%/favicon.ico” />rn <meta name=”viewport” content=”width=device-width, initial-scale=1″ />rn <meta name=”theme-color” content=”#000000″ />rn <metarn name=”description”rn content=”Web site created using create-react-app”rn />rn <link rel=”apple-touch-icon” href=”%PUBLIC_URL%/logo192.png” />rn <!–rn manifest.json provides metadata used when your web app is installed on arn user’s mobile device or desktop. See https://developers.google.com/web/fundamentals/web-app-manifest/rn –>rn <link rel=”manifest” href=”%PUBLIC_URL%/manifest.json” />rn <!–rn Notice the use of %PUBLIC_URL% in the tags above.rn It will be replaced with the URL of the `public` folder during the build.rn Only files inside the `public` folder can be referenced from the HTML.rn Unlike “/favicon.ico” or “favicon.ico”, “%PUBLIC_URL%/favicon.ico” willrn work correctly both with client-side routing and a non-root public URL.rn Learn how to configure a non-root public URL by running `npm run build`.rn –>rn <!– Add this Tailwind CSS CDN link –>rn <script src=”https://cdn.tailwindcss.com”></script>rn <title>React App</title>rn </head>rn <body>rn <noscript>You need to enable JavaScript to run this app.</noscript>rn <div id=”root”></div>rn <!–rn This HTML file is a template.rn If you open it directly in the browser, you will see an empty page.rn You can add webfonts, meta tags, or analytics to this file.rn The build step will place the bundled scripts into the <body> tag.rn To begin the development, run `npm start` or `yarn start`.rn To create a production bundle, use `npm run build` or `yarn build`.rn –>rn </body>rn</html>’), (‘language’, ”), (‘caption’, <wagtail.rich_text.RichText object at 0x7f62221e8310>)])]>
Now we need a server to serve weather API responses:
Now, within the weather-backend directory create a server.js file with the following code:
code_block
<ListValue: [StructValue([(‘code’, ‘// server.jsrnrn// Import necessary modulesrnconst express = require(‘express’); // Express.js for creating the serverrnconst cors = require(‘cors’); // CORS middleware to allow cross-origin requestsrnconst fetch = require(‘node-fetch’); // node-fetch for making HTTP requests (install with npm install node-fetch@2)rnconst YAML = require(‘yaml’);rn// Imports the Parametermanager libraryrnconst {ParameterManagerClient} = require(‘@google-cloud/parametermanager’).v1;rnrnconst app = express(); // Initialize Express apprnconst PORT = process.env.PORT || 5001; // Define the port for the serverrnconst startupConfigProject = “annular-text-460910-i0” // specify your own GCP project ID herernconst startupConfigLocation = “global” // specify region of the Parameter to usernconst startupConfigParameter = “my-weather-demo-parameter” // specify name of the Parameter to usernconst startupConfig = `projects/${startupConfigProject}/locations/${startupConfigLocation}/parameters/${startupConfigParameter}/versions/`rnconst appVersion = “v1″ // specify the name of the Parameter Verision to usern// Instantiates a clientrnconst parametermanagerClient = new ParameterManagerClient();rnlet CONFIG = undefinedrnrn// Middlewarernapp.use(cors()); // Enable CORS for all routes, allowing frontend to connectrnapp.use(express.json()); // Enable parsing of JSON request bodiesrnrn// You can get one from: https://openweathermap.org/api & store it in Secret Managerrn// & use Parameter Manager to fetch it along with other relevant configuration parameters.rnlet OPENWEATHER_API_KEY = ”; // set on server startup by fetching it from Parameter Managerrn// Base URL for OpenWeatherMap APIrnconst OPENWEATHER_BASE_URL = ‘https://api.openweathermap.org/data/2.5/weather’;rnrnasync function callRenderParameterVersion(name) {rn // Construct requestrn const request = {rn name,rn };rnrn // Run requestrn const [response] = await parametermanagerClient.renderParameterVersion(request);rn try {rn CONFIG = YAML.parse(response.renderedPayload.toString(‘utf8’));rn console.log(CONFIG);rn } catch (e) {rn console.error(‘Error parsing YAML parameters to utf8:’, e);rn }rn}rnrn/**rn * @route GET /api/weatherrn * @desc Fetches weather data for a given cityrn * @param {object} req – Express request object. Expects ‘city’ as a query parameter.rn * @param {object} res – Express response object. Sends weather data or error.rn */rnapp.get(‘/api/weather’, async (req, res) => {rn const city = req.query.city; // Get city from query parameters (e.g., /api/weather?city=London)rnrn if (!city) {rn // If no city is provided, send a 400 Bad Request errorrn return res.status(400).json({ message: ‘City parameter is required.’ });rn }rnrn try {rn // Construct the OpenWeatherMap API URLrn let unit = “metric”rn let temperatureSuffix = “°C”rn if (CONFIG.fahrenheit) {rn unit = “imperial”rn temperatureSuffix = “°F”rn }rn const apiUrl = `${OPENWEATHER_BASE_URL}?q=${city}&appid=${OPENWEATHER_API_KEY}&units=${unit}`; // units=metric for Celsiusrn console.log(apiUrl)rnrn // Make the API call to OpenWeatherMaprn const response = await fetch(apiUrl);rn const data = await response.json();rnrn // Check if the API call was successfulrn if (response.ok) {rn // Process the data to send a simplified, relevant response to the frontendrn const weatherData = {rn city: data.name,rn country: data.sys.country,rn temperature: `${Math.round(data.main.temp)}${temperatureSuffix}`, // Round temperaturern description: data.weather[0].description,rn humidity: `${data.main.humidity}%`,rn showHumidity: CONFIG.showHumidity,rn windSpeed: `${Math.round(data.wind.speed * 3.6)} km/h`, // Convert m/s to km/hrn icon: `http://openweathermap.org/img/wn/${data.weather[0].icon}@2x.png`, // OpenWeatherMap icon URLrn offline: falsern };rn res.json(weatherData); // Send processed data to frontendrn } else {rn // If OpenWeatherMap returns an error (e.g., city not found or API is down)rn console.error(‘OpenWeatherMap API Error:’, data);rnrn // return dummy data based on defaultLocationrn const dummyData = CONFIG.dummyData.find((d) => d.city === CONFIG.defaultLocation)rnrn const weatherData = {rn city: dummyData.city,rn temperature: `${dummyData.temperature}`,rn description: dummyData.description,rn humidity: `${dummyData.humidity}`,rn showHumidity: CONFIG.showHumidity,rn windSpeed: `${dummyData.windSpeed}`,rn icon: `${dummyData.icon}`, // OpenWeatherMap icon URLrn offline: truern };rnrn res.json(weatherData); // Send processed dummy data to frontendrn }rn } catch (error) {rn // Catch any network or server-side errorsrn console.error(‘Server error fetching weather:’, error);rn res.status(500).json({ message: ‘Internal server error.’ });rn }rn});rnrn// Start the serverrn(async () => {rn try {rn // Fetch the application parameters & set them in CONFIG variablern await callRenderParameterVersion(startupConfig + appVersion)rnrn app.listen(PORT, () => {rn OPENWEATHER_API_KEY = CONFIG.apiKeyrn console.log(`Node.js Weather Backend listening on port ${PORT}`);rn console.log(`Visit http://localhost:${PORT}/api/weather?city=London in your browser to test.`);rn });rn } catch (error) {rn console.error(‘Error during pre-server setup:’, error);rn process.exit(1); // Exit if critical setup failsrn }rn})();’), (‘language’, ”), (‘caption’, <wagtail.rich_text.RichText object at 0x7f6222454070>)])]>
This server is responsible for fetching the application parameters from Parameter Manager on startup. Use that to serve the necessary responses from the weather API.
The parameters stored in Parameter Manager contain the weather API Key, metric system configuration, and other relevant application specific data. It also contains some dummy data that can be used by the server in events when the server is not connected to the weather API due to some issue.
Open two separate terminal shells:
code_block
<ListValue: [StructValue([(‘code’, ‘## In First Shell:rnrncd parameter-manager-weather-app/weather-backendrnrngcloud auth application-default loginrnrnnode server.js’), (‘language’, ”), (‘caption’, <wagtail.rich_text.RichText object at 0x7f6222454e20>)])]>
Your backend server will start, loading the configuration from Parameter Manager, including the securely resolved API Key from Secret Manager.
code_block
<ListValue: [StructValue([(‘code’, ‘## In Second Shell:rnrncd parameter-manager-weather-apprnrnnpm start’), (‘language’, ”), (‘caption’, <wagtail.rich_text.RichText object at 0x7f62224543d0>)])]>
Your React frontend will launch, connect to your local backend, and start requesting weather information, dynamically configured by Parameter Manager.
Running the Application in browser.
Viewing weather details in the application.
Beyond the basics: Advanced use cases
Parameter Manager can help developers achieve their configuration security and compliance goals. It can help you:
Offer regional configurations: Imagine your app serves users globally. Some regions may prefer Celsius, others Fahrenheit. You can create regional Parameters in different Google Cloud regions, each with different values for Fahrenheit and defaultLocation. By setting the startupConfigLocation in your server.js (or in your deployment environment), your servers can automatically load the configuration relevant to that region.
Meet regional compliance requirements: Parameters can only reference Secrets from the same region. For this walkthrough, we used a global region for both Secrets and Parameters, but you can create Regional Secrets in, for example, us-central1, and expect that only Parameters in us-central1 can reference the Secret. This can help to ensure that your sensitive information never leaves the region of your choice.
Implement A/B testing and feature flags: To test a new feature with a subset of users, you can add a new attribute to a v2 Parameter Version. Then you can dynamically switch the appVersion constant in your backend (or via an environment variable in a deployed environment) based on your A/B testing strategy, and roll out new features to different user groups, gather feedback, and iterate quickly.
By using Google Cloud Parameter Manager and Secret Manager, you can gain a robust, secure, and flexible system for managing all your application configurations, empowering you to build more agile and resilient applications.
