Stay organized with collections
Save and categorize content based on your preferences.
Google Distributed Cloud (GDC) air-gapped appliance runs its administration clusters directly on the
appliance bare metal servers. For maintenance and administrative purposes, you
have been provided credentials for accessing these clusters as well as the underlying OS of the bare metal hosts.
Due to the lack of a strong security boundary between your workloads and the OS for the bare metal hosts, it's assumed that this model results in your workloads having access to the host OS. As a result, your workloads could potentially change OS settings, reducing overall device security. Additionally, you have access to any Google-managed applications on the appliance, with the potential to break those applications or their update mechanisms.
This is similar to the
Shared Responsibility Model
provided by GKE Enterprise products: Google provides secure binaries with
secure defaults, and it's up to the customer to securely run and update them.
Component
Google's responsibilities
Customer's responsibilities
Hardware
Provide a tamper resistant device
Restrict physical device access
Firmware + OS
Provide a secure OS with frequent OS and firmware updates made available for download
Fix security vulnerabilities in a timely manner
Device is shipped with initial secure OS settings
Access credentials for initial setup provided in a secure manner
Review and install security updates when they are made available
Restrict and protect access to initial administrator credentials
Configure OS firewall rules as advised in initial setup and configuration documentation
Maintain secure settings, and/or take responsibility for any setting changes
Monitor device for OS security notifications, events, and alerts using GDC console
Workloads
Provide Google application binaries and updates
Provide secure Kubernetes distribution and container runtime
Google system software updates are made available for download
Review and install system software updates when they are made available
Avoid and protect against modifying Google-provided applications, such as changing settings or stopping processes. This includes modifying or blocking any system updates
Monitor device for software security notifications, events, and alerts using GDC console
Storage
Provide a means for securely transferring data and logs to/from the device
Monitor local device storage consumption, notifications, events, and alerts using GDC console
Develop and follow a process for maintaining available storage space consistent with the individual customer use case of the device
Set appropriate schedules for system log transfer to a customer determined centralized monitoring scheme, as required by individual customer use case
Configure, maintain, and restrict access credentials for data transfer tasks on the device
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-02-26 UTC."],[],[]]
