Jump to Content
Containers & Kubernetes

Introducing GKE Compliance: Maintain clusters and workloads against industry standards

June 6, 2024
Poonam Lamba

Product Manager, Google

Try Gemini 1.5 models

Google's most advanced multimodal models in Vertex AI

Try it

Maintaining Kubernetes compliance is a moving target, thanks to the platform's dynamic, distributed nature and its short-lived workloads. Additionally, compliance standards are constantly evolving, and there's a significant lack of Kubernetes expertise.   

Today, we’re excited to announce a game-changing feature for our Google Kubernetes Engine (GKE) Enterprise customers: built-In, fully managed GKE Compliance within GKE posture management. Now, achieving and maintaining compliance for your Kubernetes clusters is easier than ever before. 

What's the big deal?

With GKE Compliance, you have a streamlined way to assess your GKE clusters and workloads against industry-standards, benchmarks and control frameworks, including:

CIS Benchmark for GKE: The gold standard for secure GKE configurations

Pod Security Standards (PSS), which offer both baseline and restricted profiles to protect your workloads

GKE Compliance is built into GKE and fully managed by Google, so you don't have to worry about buying or building extra tools. With no complex setup or ongoing maintenance required, you can focus on your business goals.

The GKE Compliance dashboard gives you centralized compliance reporting that is updated every 30 minutes, giving you a clear view of your compliance posture for your fleet of clusters.

https://storage.googleapis.com/gweb-cloudblog-publish/images/1-compliance-dashboard.max-1800x1800.png

The built-in dashboard gives centralized view of compliance across the fleet

https://storage.googleapis.com/gweb-cloudblog-publish/images/2-compliance-detailed.max-1800x1800.png

The concerns tab shows an in-depth compliance report for the selected standard across the fleet, or for a selected cluster

You can drill deeper into compliance reports by clicking on individual constraints to:

  • View details about the compliance check

  • See the list of affected resources causing non-compliance

  • View the remediations to fix the violation

Manage compliance at scale

For organizations with multiple teams and clusters, the new compliance capabilities in GKE Enterprise really shine. You can now easily view compliance reports by fleet or by cluster, making it easy to understand compliance. And the beauty of the GKE Compliance feature is that it's entirely managed. There's no extra software to install or maintain on your clusters. You simply enable it, and we take care of the rest. Plus, it's included in your GKE Enterprise license at no additional cost!

To get started, log in to a GCP project with GKE Enterprise-enabled clusters and check out the Compliance tab in GKE Posture. If you’re new to GKE Enterprise, learn more about how to start a free trial. 

Posted in