Shared responsibility model

With Edge Appliance, Anthos on bare metal runs directly on the appliance, and you have been granted the cluster administrator role. Since workloads run directly on the bare metal, there are no performance losses due to virtualization.

Due to the lack of a security boundary between your workloads and the host OS, it's assumed that this model results in you having access to the host OS. As a result, your workloads could potentially change OS settings, such as enabling SSH. Additionally, you have access to any Google-managed applications on the appliance, with the potential to break those applications or their update mechanisms.

This is similar to the Shared Responsibility Model provided by Anthos products: Google provides secure binaries with secure defaults, and it's up to the customer to securely run and update them.

Component	Google's responsibilities	Customer's responsibilities
Hardware	Provide a tamper resistant device	Restrict physical device access
Firmware + OS	Provide a secure OS with frequent updates Fix security vulnerabilities in a timely manner Maintain an auto-update system Device is shipped with secure OS settings (e.g. no SSH access) Factory reset functionality for restoring secure settings	Monitor appliance's OS version (via the Google Cloud console and alerts) Connect the appliance to the internet when it needs to be updated Maintain secure default settings, and/or take responsibility for any setting changes
Workloads	Provide Google application binaries and updates Provide secure Kubernetes distribution and container runtime Maintain an auto-update system	Issues caused by modifying Google-provided applications, such as changing settings or killing processes. This includes modifying or blocking any auto-update systems Monitor software versions via Google Cloud console and alerts Provide internet connectivity when needed for updates