FedRAMP logo

FedRAMP

The U.S. Federal Government established the Federal Risk and Authorization Management Program (FedRAMP), a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. All Federal agency cloud deployments and service models, other than certain on-premises private clouds, must meet FedRAMP requirements at the appropriate risk impact level (Low, Moderate, or High).

Google Cloud maintains a FedRAMP High provisional authority to operate (P-ATO) from the FedRAMP JAB for 17 Google Cloud products in 5 regions. We also maintain a Moderate provisional authority to operate (P-ATO) for 64 Google Cloud Platform (GCP) products in 17 regions and a Moderate authority to operate (ATO) for 27 Google Workspace products.

Google’s FedRAMP status is posted on the government’s website: FedRAMP Marketplace.

Google Cloud services that are covered by FedRAMP

Customers seeking FedRAMP compliance should only run their workloads in the following FedRAMP-authorized regions

FAQs