GKE shared responsibility

Running a business-critical application on Google Kubernetes Engine (GKE) requires multiple parties to carry different responsibilities. While not an exhaustive list, this topic lists the responsibilities for both Google and the customer.


Google's responsibilities

Customer's responsibilities

  • Maintain your workloads, including your application code, build files, container images, data, Role-based access control (RBAC)/IAM policy, and containers and pods that you are running.
  • Rotate your clusters credentials.
  • Enroll clusters in auto-upgrade (default) or upgrade clusters to supported versions.
  • Monitor the cluster and applications and respond to any alerts and incidents using technologies such as the security posture dashboard and Google Cloud Observability.
  • Provide Google with environmental details when requested for troubleshooting purposes.

What's next