GKE shared responsibility


Running a business-critical application on Google Kubernetes Engine (GKE) requires multiple parties to carry different responsibilities. While not an exhaustive list, this topic lists the responsibilities for both Google and the customer.

GKE

Google's responsibilities

Customer's responsibilities

  • Maintain your workloads, including your application code, build files, container images, data, Role-based access control (RBAC)/IAM policy, and containers and pods that you are running.
  • Rotate your clusters credentials.
  • Enroll clusters in auto-upgrade (default) or upgrade clusters to supported versions.
  • Monitor the cluster and applications and respond to any alerts and incidents using technologies such as the security posture dashboard and Google Cloud Observability.
  • Provide Google with environmental details when requested for troubleshooting purposes.
  • Ensure Logging and Monitoring are enabled on clusters. Without logs, support is available on a best-effort basis.

What's next