Today, Google announced a public preview of support for Python packages (using the Pypi repository format) in Artifact Registry. With this feature, you can create a private repository in your project where you can publish your packages, instead of pushing them to the public repository at Pypi.org.

Uploading Python Packages with Cloud Build

Google recommends authenticating to Artifact Registry PyPi repositories using the Python keyring library. Here is an example of how you can do this in your cloudbuild.yaml :


If you are involved with the Google Cloud Platform billing for your organization, you may have noticed that there is currently no programmatic access to the details of your monthly invoice.

Read on to learn why this is frustrating and how you can ultimately solve the problem thanks to recent updates to the BigQuery Billing Export.

Invoice Notification & Access

Whether you are setup with online billing (credit card or direct debit) or offline billing (monthly invoice), you can receive an email notification from Google when your invoice is ready.

If you pay automatically with a credit card or direct debit, your invoice notifications…


BigQuery is a powerful tool for building a data warehouse, allowing you to store massive amounts of data and perform super-fast SQL queries without having to build or manage any infrastructure.

The typical ETL process involves three steps:

  1. Extract: Pull data from a source, such as a database (LDAP, MySQL, MongoDB, etc.) or an API (GitHub, Google, Workday, etc.)
  2. Transform: Prepare source data for destination (if necessary).
  3. Load: Import prepared data into destination.

Regardless of your source and the steps you may need to take to prepare your data, there are several options for loading data into BigQuery. …


Several years ago, when we started building Firecloud (“an open platform for secure and scalable analysis on the cloud”) we quickly discovered a need for a general purpose authentication and authorization proxy that we could deploy in front of each of our micro services.

Rather than having each of the engineering teams build auth and security features into their respective applications, we wanted to provide those features as a self-contained component that could be deployed along-side each micro service.

The key features we wanted to externalize included:

  • Authentication of user requests
  • Authorization of user requests based on groups
  • Logging requests…

Before you can get started building infrastructure, applications and services on the public cloud, the first thing you need to concern yourself with is how you are going to pay for it.

About Billing Accounts

If you will be using Google Cloud Platform (GCP), you want to start by creating a Billing Account.

Your Billing Account will be linked to a Google payments profile that will be used to pay for any cloud resources you create, such as virtual machines and storage, as well as any other services you consume, such as network traffic or support.

In addition to defining how you will…


Run Atom Editor on Pixelbook with Crostini

You can now run the Atom Editor (or MS Code, or any other Linux apps) on your Pixelbook with Crostini! This can be done without going into Developer Mode, by simply enabling the Chrome OS Dev Channel (verify your version is 67.0.3383.0 or newer) and then following the directions below.

More information available at the GitHub repo, here:

  1. Launch crosh on your Pixelbook with CTRL-ALT-T.
  2. Run: vmc start dev to create the Crostini VM.
  3. Run: run_container.sh --container_name=stretch --user=<username> --shell to to launch a new container.
  4. sudo apt-get update -y
  5. sudo apt-get install -y gpg libxss1 software-properties-common
  6. sudo add-apt-repository -y ppa:webupd8team/atom
  7. sudo apt-get update -y
  8. sudo apt-key adv --keyserver ha.pool.sks-keyservers.net --recv-keys C2518248EEA14886
  9. sudo apt-get install -y atom
  10. Run: atom and enjoy!


Updated 6/8/2018 to reflect the correct command u2f_flags u2f , to include the usage info and the fact that this feature is now available in the stable channel.

With the new Google Pixelbook and the newest release of the Chrome dev channel, you can use the power button as a built-in UTF key for 2fa/2sv. This is useful, because the device only has two USB-C ports so you don’t want to permanently fill one up with a YubiKey 4c or 4c Nano.

To enable this feature, first make sure you have the newest version of Chrome from the stable channel…


The Google Cloud Platform Podcast is a weekly podcast, produced by Google, featuring Google Cloud Developer Advocates (and rockstars!) Francesc Campoy Flores and Mark Mandel.

Screenshot from Google Play Music Podcasts

As a GCP developer, I find the podcast incredibly useful. In addition to the Questions and Cool Things of the Week, each episode features an in-depth discussion with a guest (or guests!) about a Google Cloud product, service, customer, or other topic of interest.

Even though it has been running for over a year and a half, I have to admit I that I didn’t start listening regularly until a year after it started. #shame…


Problem: “Legacy Projects” (pre-Organization)

Note: As of February 26th, 2021, Google has made a self-service process for migrating projects between organizations available in public preview.

If you use GCP with G Suite (including Cloud Identity) accounts, you are already familiar with how using Organizations makes it easier to centrally manage all your Google Cloud resources.

However, if you started using GCP before the Organization resource became generally available, you may have a number of projects that were created by your G Suite users before the Organization resource for your domain existed. These projects are currently out of your control.

Your users can opt-in to…


I recently began working on my first App Engine application, following Google’s Quickstart for Python App Engine Standard Environment.

My application needs to be able to authenticate against to some Google APIs with OAuth 2.0. There are several ways to do this from App Engine, but all of them require you to have access to oauth2client.

I naturally assumed that oauth2client would be automatically included in the App Engine Standard Environment, because it’s installed as one of the dependencies for google-api-python-client. But the client libraries are not included by default.

App Engine

Because the Python client libraries are not installed…

Lukas Karlsson

Google Developer Expert, Cloud Platform; Google Certified Cloud Architect. Somerville, MA.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store