

Ver post completo: Como siempre mal y tarde.
Spanner has long been the backbone for Google’s most critical services, from Gmail and YouTube to Photos and Chat. Spanner is a one of a kind database. Some even say it defies the CAP Theorem. This is an engineering hero story on a new release for Spanner: Schema insights.

This feature, long used by Google engineers to optimize the applications millions use every day, is now available to help you harness Spanner’s superpowers with ease.
As applications grow, their access patterns naturally change. To ensure your database remains perfectly tuned to these evolving needs, Google Cloud engineers have made these internal optimization tools accessible to everyone. Schema Insights acts as a proactive guide right next to your tables in Spanner Studio, helping you maintain a schema that is always optimized for speed and scale.
Spanner achieves horizontal scalability by partitioning and distributing data across different splits and servers. To ensure maximum performance, it is a best practice to distribute your workload evenly across these servers. Think of it as balancing the amount of data each server has, so they can all search and update at the same time.
When a primary key uses a timestamp or an increasing integer, new records may land in the same partition. This can potentially create a “hotspot” as your applications access one partition predominantly more than others.
Insights will recommend strategies like hashing, bucketing, or bit-reversing key columns to ensure your data is distributed effectively for parallel processing.

This is a common design pitfall that might not be obvious if we don’t have the distributed data storage aspect in mind. The good news is this can also be easily fixed. Consider these recommendations when designing the schema for your distributed database on Spanner.
In a distributed database, the complexity of your schema directly impacts the performance of transactions and queries. Keeping the schema lean ensures that our application stays fast and maintainable.
A complex schema not only gets in the way of clean and maintainable code, it can make it harder to scale horizontally, increase latency and degrade performance of write and read operations. The insights below basically are designed to guide you through this process of designing and fine-tuning your schema the right way, and to avoid certain pitfalls that might not necessarily be obvious but lead to huge performance penalties.
While Spanner is fully relational, highly normalized schemas can increase memory and server overhead. A large number of tables may indicate a schema may need a redesign to apply patterns such as multitenancy.

This should be hard to reach and it probably means it’s time for a more holistic view of the schema design, but a table can have a maximum of 1024 columns. The issue will be highlighted when a table starts approaching that limit so we have time to react.

Maintaining foreign key references requires additional data to be consulted during transactions, which can slow down processing. Optimize for transactional speed by balancing the number of foreign key references.

Schema Insights works within Spanner Studio so you have the schema and context handy. It also works in tandem with Spanner’s suite of observability tools.
For example, the Key Visualizer allows you to visualize your specific traffic patterns and see exactly how your schema choices affect data distribution. To further understand potential problematic queries, Query Insights will highlight issues like high CPU utilization.
The best part of these tools is they highlight your specific access patterns, so you can tailor your next steps based on your needs and knowledge of your applications.
We’d love to know how this is working for you.
Let’s stay in touch on TikTok, Instagram or YouTube!
This post was co-authored with the product and engineering heroes of this story:
Guoqiang Pan, Igor Grunskyi, Jagan Athreya, Masha Lifshits
Introducing Spanner Schema Insights: Optimizing Your Global Database Design was originally published in Google Cloud - Community on Medium, where people are continuing the conversation by highlighting and responding to this story.
One of the most common questions about secrets management strategies on Amazon Web Services (AWS) is whether an organization should centralize its secrets. Though this question is often focused on whether secrets should be centrally stored, there are four aspects of centralizing the secrets management process that need to be considered: creation, storage, rotation, and monitoring. In this post, we discuss the advantages and tradeoffs of centralizing or decentralizing each of these aspects of secrets management.
When deciding whether to centralize secrets creation, you should consider how you already deploy infrastructure in the cloud. Modern DevOps practices have driven some organizations toward developer portals and internal developer platforms that use golden paths for infrastructure deployment. By using tools that use golden paths, developers can deploy infrastructure in a self-service model through infrastructure as code (IaC) while adhering to organizational standards.
A central function maintains these golden paths, such as a platform engineering team. Examples of services that can be used to maintain and define golden paths might include AWS services such as AWS Service Catalog or popular open source projects such as Backstage.io. Using this approach, developers can focus on application code while platform engineers focus on infrastructure deployment, security controls, and developer tooling. An example of a golden path might be a templatized implementation for a microservice that writes to a database.
For example, a golden path could define that a service or application must be built using the AWS Cloud Development Kit (AWS CDK), running on Amazon Elastic Container Service (Amazon ECS), and use AWS Secrets Manager to retrieve database credentials. The platform team could also build checks to help ensure that the secret’s resource policy only allows access to the role being used by the microservice and is encrypted with a customer managed key. This pattern abstracts deployments away from developers and facilitates resource deployment across accounts. This is one example of a centralized creation pattern, shown in Figure 1.
Figure 1: Architecture diagram highlighting the developer portal deployment pattern for centralized creation
The advantages of this approach are:
The tradeoffs of this approach are:
If you want to learn more about the internal developer platform pattern, check out the re:Invent 2024 talk Elevating the developer experience with Backstage on AWS.
In a decentralized model, application teams own the IaC templates and deployment mechanisms in their own accounts. Here, each team is operating independently, which can make it more difficult to enforce standards as code. We’ll refer to this pattern, shown in Figure 2, as a decentralized creation pattern.
Figure 2: Decentralized creation of secrets
The advantages of this approach are:
The tradeoffs of this approach are:
Some customers choose to store their secrets in a central account, and others choose to store secrets in the accounts in which their workloads live. Figure 3 shows the architecture for centralized storage of secrets.
Figure 3: Centralized storage of secrets
The advantages of centralizing the storage of secrets are:
Some tradeoffs of centralizing the storage of secrets are:
Though there are advantages to centralizing secrets for monitoring and observability, many customers already rely on services such as AWS Security Hub, IAM Access Analyzer, AWS Config, and Amazon CloudWatch for cross-account observability. These services make it easier to create centralized views of secrets in a multi-account environment.
In a decentralized approach to storage, shown in in Figure 4, secrets live in the same accounts as the workload that needs access to them.
Figure 4: Decentralized storage of secrets
The advantages of decentralizing the storage of secrets are:
There are a few tradeoffs to consider for this architecture:
Like the creation and storage of secrets, organizations take different approaches to centralizing the lifecycle management and rotation of secrets.
When you centralize lifecycle management, as shown in Figure 5, a central team manages and owns AWS Lambda functions for rotation. The advantages of centralizing the lifecycle management of secrets are:
Figure 5: Centralized rotation of secrets
There are some tradeoffs in centralizing the lifecycle management and rotation of secrets:
Decentralizing the lifecycle management of secrets is a more common choice, where the rotation functions live in the same account as the associated secret, as shown in Figure 6.
Figure 6: Decentralized rotation of secrets
The advantages of decentralizing the lifecycle management of secrets are:
The primary tradeoff of decentralizing rotation is that you will need to provide either centralized or federated access to logs for rotation functions in different accounts. By default, Lambda automatically captures logs for all function invocations and sends them to CloudWatch Logs. CloudWatch Logs offers a few different ways that you can centralize your logs, with the tradeoffs of each described in the documentation.
Regardless of the model chosen for creation, storage, and rotation of secrets, centralize the compliance and auditing aspect when operating in a multi-account environment. You can use AWS Security Hub CSPM through its integration with AWS Organizations to centralize:
In this scenario, shown in Figure 7, centralized functions get visibility across the organization and individual teams can view their posture at an account level with no need to look at the state of the entire organization.
Use AWS CloudTrail organizational trails to send all API calls for Secrets Manager to a centralized delegated admin account.
Figure 7: Centralized monitoring and auditing
For organizations that don’t require centralized auditing and monitoring of secrets, you can configure access so that individual teams can determine which logs are collected, alerts are enabled, and checks are in place in relation to your secrets. The advantages of this approach are:
The tradeoffs of this approach are:
Most organizations choose a combination of these approaches to meet their needs. An example is a financial services company that has a central security team, operates across hundreds of AWS accounts, and has hundreds of applications that are isolated at the account level. This customer could:
In this post, we’ve examined the architectural decisions organizations face when implementing secrets management on AWS: creation, storage, rotation, and monitoring. Each approach—whether centralized or decentralized—offers distinct advantages and tradeoffs that should align with your organization’s security requirements, operational model, and scale. The important points include:
To learn more about AWS Secrets Manager, check out some of these resources:
Brendan Paul
Eduardo Patroncinio
AWS Security Agent now supports GitHub Enterprise Cloud, enabling customers to connect their GitHub Enterprise Organization and leverage AI-powered security capabilities across their private repositories. With this expansion, development teams can integrate security analysis directly into their GitHub workflows.
Customers can now connect their GitHub Enterprise Organization to AWS Security Agent by installing the AWS Security Agent GitHub app with the required permissions. Once connected, the agent provides three key capabilities for private repositories:
Automated Code Reviews: AWS Security Agent performs comprehensive security reviews on new pull requests, identifying vulnerabilities and compliance with internal security requirements before code is merged.
Penetration Testing Integration: Leverage your GitHub Enterprise code repositories during penetration testing activities, allowing the agent to analyze your codebase for potential security weaknesses and attack vectors.
Automated Code Remediation: When security issues are identified during penetration testing, customers can choose to have AWS Security Agent automatically submit pull requests with recommended fixes, accelerating remediation workflows.
This capability is available in the US East (N. Virginia) region where AWS Security Agent operates. To get started, connect your GitHub Enterprise Organization to AWS Security Agent through the AWS Security Agent console. To learn more about AWS Security Agent, visit the product page.
PDF files are everywhere. They’re used for reports, invoices, bank statements, research papers, and legal documents. While PDFs are easy to read for humans, they’re not easy to work with in code. Extracting text, splitting pages, or merging files often feels harder than it should be.
This is where PyPDF helps. PyPDF is a popular Python library that lets you read, modify, and write PDF files. It’s lightweight, easy to learn, and works well for most common PDF tasks. If you have ever needed to extract text from a PDF, merge multiple PDFs, or protect a file with a password, PyPDF is a good place to start.
In this article, you’ll learn what PyPDF is, how it works, and how to use it through simple and practical examples. You’ll also learn how tools like PDFBoom handle PDF operations. This tutorial requires a basic understanding of Python.
PyPDF is a pure Python library for working with PDF files. It allows you to open existing PDFs, read their structure, extract content, and create new PDF files. Since it’s written in Python, it doesn’t require external tools or system-level dependencies.
The library understands the internal layout of a PDF, such as pages, text streams, metadata, and encryption. You don’t need to know how PDFs work internally to use PyPDF, but it helps to understand that a PDF is not just text. It’s a structured document with objects and references.
PyPDF is often used in automation scripts, data pipelines, compliance systems, and document processing tools. It’s a common choice when you need a reliable and simple solution without heavy dependencies.
Installing PyPDF is straightforward. You can install it using pip, which is the standard package manager for Python.
pip install pypdf
Once installed, you can import it in your Python code. The main class you’ll use is PdfReader for reading files and PdfWriter for creating or modifying them.
from pypdf import PdfReader, PdfWriter
With this setup, you’re ready to start working with PDFs.
The first step in most tasks is opening a PDF file. PyPDF makes this simple using the PdfReader class.
from pypdf import PdfReader
reader = PdfReader("sample.pdf")
print(len(reader.pages))
This code opens a PDF file and prints the number of pages. Each page in the document is represented as an object that you can access and work with.
You can also inspect basic metadata such as the title or author if it’s available.
metadata = reader.metadata
print(metadata)
Metadata is optional in PDFs, so not all files will contain meaningful values.
One of the most common use cases is text extraction. PyPDF allows you to extract text page by page.
from pypdf import PdfReader
reader = PdfReader("sample.pdf")
page = reader.pages[0]
text = page.extract_text()
print(text)
This code extracts text from the first page of the PDF. For many documents like reports or articles, this works well.
It’s important to understand that text extraction isn’t perfect. PDFs store text based on layout, not reading order. This means extracted text may appear out of order or missing spaces in some cases. Still, for most structured documents, PyPDF provides usable results.
If you want to extract text from all pages, you can loop through them.
full_text = ""
for page in reader.pages:
full_text += page.extract_text() + "\n"
print(full_text)
This approach is common when building search indexes or document analysis pipelines.
Another practical task is splitting a PDF into smaller files. This is useful when dealing with large reports or scanned documents.
from pypdf import PdfReader, PdfWriter
reader = PdfReader("sample.pdf")
for i, page in enumerate(reader.pages):
writer = PdfWriter()
writer.add_page(page)
with open(f"page_{i + 1}.pdf", "wb") as f:
writer.write(f)
This code creates one PDF file per page. Each new file contains exactly one page from the original document.
You can also split a PDF into chunks, such as every five pages, by controlling how many pages you add before writing the file.
Merging PDFs is another common requirement. PyPDF allows you to combine several PDF files into one.
from pypdf import PdfReader, PdfWriter
writer = PdfWriter()
files = ["file1.pdf", "file2.pdf", "file3.pdf"]
for file in files:
reader = PdfReader(file)
for page in reader.pages:
writer.add_page(page)
with open("merged.pdf", "wb") as f:
writer.write(f)
This script reads each input file and appends all pages to a single output PDF. The order of files in the list defines the order in the merged document.
This approach is often used in reporting systems where multiple outputs are combined into one final document.
Sometimes you need to rotate pages, especially when working with scanned documents. PyPDF makes this easy.
from pypdf import PdfReader, PdfWriter
reader = PdfReader("sample.pdf")
writer = PdfWriter()
page = reader.pages[0]
page.rotate(90)
writer.add_page(page)
with open("rotated.pdf", "wb") as f:
writer.write(f)
This code rotates the first page by 90 degrees clockwise. You can apply similar logic to all pages or selected pages.
You can also crop pages by adjusting their media box, which controls page dimensions. This is useful when removing margins or focusing on a specific area.
Security is important when handling sensitive documents. PyPDF supports PDF encryption and password protection.
from pypdf import PdfReader, PdfWriter
reader = PdfReader("sample.pdf")
writer = PdfWriter()
for page in reader.pages:
writer.add_page(page)
writer.encrypt("strongpassword")
with open("protected.pdf", "wb") as f:
writer.write(f)
The resulting PDF requires a password to open. This is commonly used for sharing confidential reports or financial documents.
If you need to read an encrypted PDF, you can provide the password when opening it.
reader = PdfReader("protected.pdf")
reader.decrypt("strongpassword")
After decryption, you can work with the file like any other PDF.
Metadata helps describe a document. You can add or update metadata using PyPDF.
from pypdf import PdfWriter
writer = PdfWriter()
writer.add_metadata({
"/Title": "Monthly Report",
"/Author": "Finance Team",
"/Subject": "Revenue Analysis"
})
with open("metadata.pdf", "wb") as f:
writer.write(f)
This metadata becomes part of the PDF file and can be viewed in most PDF readers. It is useful for document management and search systems.
While PyPDF is powerful, it has limitations. It doesn’t perform optical character recognition (OCR), so it can’t extract text from scanned images. For scanned PDFs, you need OCR tools like Tesseract.
Complex layouts such as multi-column text or tables may not extract cleanly. In such cases, post-processing or layout-aware tools are needed.
Despite these limits, PyPDF is reliable for a large range of everyday PDF tasks.
PyPDF is best suited for automation, backend services, and scripts where you need simple and fast PDF processing. It works well in data pipelines, compliance systems, and internal tools.
If you need advanced layout understanding or visual analysis, you may need heavier tools. But for most developers, PyPDF covers the core needs with minimal effort.
PyPDF is a practical and easy-to-use library for working with PDF files in Python. It allows you to read documents, extract text, merge and split files, rotate pages, and add security with just a few lines of code.
Its simple API and lightweight design make it a strong choice for developers who want to automate PDF workflows without extra complexity. While it doesn’t solve every PDF problem, it handles the most common ones very well.
If you work with PDFs regularly, learning PyPDF is a valuable skill that can save time and reduce manual work across many projects.
La Fiscalía de la Audiencia Nacional ha acordado archivar las diligencias abiertas tras recibir una denuncia por agresión sexual contra Julio Iglesias, ante la falta de...
etiquetas: julio iglesias, audiencia nacional, archivo denuncia, jurisdicción
» noticia original (www.elmundo.es)
Microsoft proporcionó al FBI las claves de recuperación para desbloquear los datos cifrados en los discos duros de tres portátiles como parte de una investigación federal, según informó Forbes el viernes. Muchos ordenadores modernos con Windows utilizan un sistema de cifrado de disco completo, llamado BitLocker, que viene activado por defecto. Este tipo de tecnología debería impedir que cualquier persona, excepto el propietario del dispositivo, acceda a los datos si el ordenador está bloqueado y apagado.
etiquetas: microsoft, claves bitlocker, fbi
» noticia original (techcrunch.com)
El historiador José Miguel Villarroya responde a las críticas del expresidente sobre Rodalies, calificando sus declaraciones como una mezcla de populismo y desprecio hacia España ...
etiquetas: puigdemont, catalunya, villarroya
» noticia original (www.catalunyapress.es)
La tira de Gallego & Rey . Cuarta entrega del año 2026 .
etiquetas: urnas, tira, gallego, rey
» noticia original (www.rtve.es)
El paso devastador de la tormenta Harry ha desenterrado en la ciudad costera de Nabeul, en la península tunecina de Cap Bon, lo que muchos creen que podría ser parte de la legendaria ciudad de Neápolis, una urbe púnico-romana sumergida por un tsunami en el siglo IV d.C. ... lo que ha sucedido tras la tormenta Harry ha sido inédito, ya que por primera vez, han aparecido estructuras en tierra firme. En la zona de Sidi Mahrsi, al norte de Nabeul.
etiquetas: tormenta harry, púnico-romana, túnez
» noticia original (historia.nationalgeographic.com.es)
Dropkick Murphys enviaron «mucho amor» a Michael Fanone después de que llevara la camiseta de la banda «Fighting Nazis since 1996» a la audiencia de Jack Smith. Fanone era policía el día del ataque al Capitolio de los Estados Unidos el 6 de enero de 2021. Fue agredido por los alborotadores y desde entonces le han diagnosticado trastorno de estrés postraumático (TEPT). Tras retirarse de la policía a finales de 2021, Fanone se dedicó a la escritura y al comentario político. Asistió a la audiencia del jueves en apoyo del exfiscal especial
etiquetas: dropkick murphys, michael fan one, jack smith, trump, asalto al capitolio
» noticia original (www.irishcentral.com)
Según el periódico británico The Times, los reservistas finlandeses tuvieron tan buen desempeño en un ejercicio de la OTAN en el norte de Noruega el año pasado que los líderes del ejercicio les pidieron que aliviaran la presión sobre las tropas estadounidenses para salvaguardar su moral.
etiquetas: finlandia, eeuu, usa, otan, joint viking, ejercicio, militar
» noticia original (www.iltalehti.fi)
Jeson Nelon Presilla Flores, acusado de perseguir un camión blindado en 2022, autorizado a auto deportarse a Sudamérica.
etiquetas: ice, eeuu, joyas, robo
» noticia original (www.theguardian.com)
"Estados Unidos está profundamente endeudado y sus finanzas siguen una trayectoria insostenible a largo plazo, algún tipo de crisis es casi inevitable". "Si la deuda nacional continúa creciendo a un ritmo mayor que la economía, el país podría experimentar una crisis financiera, una crisis inflacionaria, una crisis de austeridad, una crisis monetaria, una crisis de impagos, una crisis gradual o una combinación de ellas. Cualquiera de estas crisis causaría una perturbación masiva y reduciría sustancialmente el nivel de vida de los estadounidenses y de la población mundial".
etiquetas: estados unidos, organismo de control, crisis, inevitable, cambios
» noticia original (fortune.com)
Según la RAE el odio es la “antipatía y aversión hacia algo o hacia alguien cuyo mal se desea”. Si esa es la definición, voy bien cargado. Podría aburrirlos. Enciendo la televisión y odio al tipo con la cara tapada que, bajo las siglas ICE, va por las calles de Estados Unidos aterrorizando a niños de piel oscura. Miro a Gaza y odio con todas mis fuerzas el nivel de impunidad que maneja el genocida Netanyahu.
etiquetas: odiemos, bien, aco, intolerante
» noticia original (ctxt.es)
El Gobierno brasileño invitó al gigante chino de telecomunicaciones Huawei a participar en la subasta de baterías que se realizará en abril
etiquetas: brasil, brics, huawei, china, baterías
» noticia original (efe.com)
La estrategia de "enterrar" una mierda con otra mayor y de tapar un bulo con otro para que sea imposible seguirlo la aprendió del que fue su abogado, Roy Cohn (1927-1986), al que Donald Trump llamaba "su segundo padre". Fue su asesor legal durante los 70 y los 80 y una de las figuras más siniestras de la política estadounidense, conocido por distintos asuntos turbios como sus intercambios de favores con mafiosos, pero sobre todo por su papel activo en el Macartismo. Como recuerda el periodista David Cay Johnston, autor del libro "The Making of
etiquetas: no, nobel, trump, viñeta
» noticia original (jrmora.com)
«La retirada de la administración Trump de la OMS es una decisión imprudente que perjudicará a todos los californianos y estadounidenses», afirmó el gobernador Gavin Newsom en un comunicado. «California no será testigo del caos que provocará esta decisión. Seguiremos fomentando las alianzas en todo el mundo y mantendremos nuestra posición de vanguardia en materia de preparación para la salud pública, entre otras cosas, a través de nuestra pertenencia como único estado a la Red Mundial de Alerta y Respuesta ante Brotes Epidémicos de la OMS».
etiquetas: oms, california, gavin nowsom
» noticia original (thehill.com)
Las mujeres afirmaban que el patriarcado debía desaparecer y ser sustituido por la igualdad. Pero eso no era más que un caballo de Troya. Resultaba útil para desmantelar la autoridad masculina. Sin embargo, el objetivo final no era el igualitarismo. Ese no era el verdadero propósito. No querían acabar con la jerarquía.Las mujeres querían situarse en la cima de la jerarquía. Esperaban poder consolidar su posición en la cima explotando la bondad de los hombres. Contiene pista de audio en español.
etiquetas: feminismo, hembrismo, supremacismo, respeto
» noticia original (www.youtube.com)
No hay una explicación racional para esta involución en la Alta Velocidad española que no pase por señalar la incompetencia del Gobierno y la falta de racionalidad en el gasto público, que no ha dejado de crecer, como no han dejado de hacerlo los ingresos fiscales, de muy difícil seguimiento tras casi tres ejercicios sin Presupuestos Generales del Estado. Los informes de la Comisión Europea sitúan a España como uno de los socios que menos invierten en el mantenimiento de las redes ferroviarias, pese a ser uno de los países que más fondos comun
etiquetas: psoe, trama, perro, corrupción
» noticia original (www.larazon.es)
Adif adjudicó la obra de renovación del tramo de Adamuz a una empresa investigada en la denominada trama del PSOE. El Gobierno valoró el uso de «material reciclado y reutilizable» entre los criterios para adjudicar el contrato de mejora integral de la línea de alta velocidad Madrid-Sevilla en el tramo Guadalmez-Córdoba, donde se produjo el mortal accidente ferroviario del pasado domingo. El siniestro deja, hasta el momento, 43 muertos y decenas de heridos. Adif valoró con mayor puntuación a las empresas que prometían «trabajar con materiales pr
etiquetas: psoe, trama, perro, corrupción
» noticia original (okdiario.com)
La compañía de Elon Musk lleva casi un mes ignorando la medida cautelar acordada por la jueza en el proceso judicial iniciado por ACO con el fin de “evitar que continúe cometiendo delitos de odio” en esta red
etiquetas: libertad de expresión, discurso de odio, justicia, racismo
» noticia original (acoctxt.org)
En este vídeo vivimos desde dentro la organización de El Salón del Videojuego, un evento celebrado en Madrid a principios de febrero, mostrando todo lo que no se ve cuando visitas una feria de videojuegos como público. Acompañamos a José, organizador del evento y responsable de Game Press, durante los días de montaje y celebración, para entender qué implica realmente levantar una feria de este tamaño en solo tres meses, sin ayudas institucionales y con un riesgo económico muy alto.
etiquetas: feria, evento, salón del videojuego, madrid, coste, organización
» noticia original (www.youtube.com)
Los argumentos se basaban en una entrevista que José Luis Ábalos llevó a cabo en OkDiario en la que aseguraba que el presidente le avisó de la investigación en su contra antes de que se hiciera pública
etiquetas: vox, pedro sánchez, tribunal supremo, querella
» noticia original (www.infobae.com)
El secretario general de la OTAN lleva al máximo su humillación ante Donald Trump y defiende sus pretensiones en Groenlandia
etiquetas: mark rutte, donald trump, otan, humillación
» noticia original (www.elplural.com)