Config Controller overview

This page explains what Config Controller is and how it relates to Config Connector, Config Sync and Policy Controller.

Config Controller creates and manages Google Cloud resources with a declarative, Kubernetes model. Config Controller is a hosted version of Config Connector that simplifies installation and maintenance. Config Controller also includes Policy Controller and Config Sync.

Config Controller is available with a Google Kubernetes Engine (GKE) Enterprise edition license.

With Config Controller, you can create configurations for any Google Cloud resource. The configurations for these resources are stored in a source of truth like a Git repository. Config Sync continuously monitors your resources to ensure the current states of resources matches the state that you define in your source of truth. Policy Controller can catch and enforce policy violations on those resources before they are deployed. This flow is illustrated in the following diagram:

Config Controller resource management flow

Config Controller's declarative configuration approach gives you many benefits:

  • Manage with Kubernetes: Use familiar Kubernetes tools and workflows to manage GKE Enterprise and Google Cloud resources.
  • Declare desired state: Focus on what your resources look like rather than the specifics of how you create them.
  • Automate drift detection and repair: Continuously monitor your infrastructure for drift from the defined state and enable automatic repairs.
  • Use GitOps for consistency: Collaborate with your colleagues on potential changes and preview changes before they are made.
  • Enforce policy guardrails: Enforce policies earlier in the development cycle and detect violations before deploying resources.
  • Audit infrastructure continuously: Maintain an audit trail of all changes to help understand the history of your infrastructure.
  • Increase developer velocity: Improve the safety and velocity of your cloud adoption journey by using best practices.

For a guided example showing you how to install and use a Config Controller instance, see Manage resources with Config Controller. For the full installation instructions, see Set up Config Controller.