FedRAMP logo

FedRAMP

The U.S. Federal Government established the Federal Risk and Authorization Management Program (FedRAMP), a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. All Federal agency cloud deployments and service models, other than certain on-premises private clouds, must meet FedRAMP requirements at the appropriate risk impact level (Low, Moderate, or High).

Google Cloud maintains a FedRAMP High provisional authority to operate (P-ATO) from the FedRAMP JAB for 17 Google Cloud products in 5 regions. We also maintain a Moderate provisional authority to operate (P-ATO) for 64 Google Cloud Platform (GCP) products in 17 regions and a Moderate authority to operate (ATO) for 27 G Suite products.

Google’s FedRAMP status is posted on the government’s website: FedRAMP Marketplace.

Google Cloud services that are covered by FedRAMP

Admin Settings API
Apps Email Audit API
Calendar Resource API
Directory API (replaced Provisioning API)
Domain Shared Contacts API
Email Settings API
Enterprise License Manager API
Groups Migration API
Groups Settings
Reports API
Reseller API
Chrome Sync (for G Suite for Education domains only)
Contacts
Directory Sync
Apps Activity API
Calendar API
Contacts API
Drive REST API (replaced Documents List API)
Gmail REST API (replaced Email Migration API)
Sheets API
Sites API
Tasks API
Drawings
G Suite Security Center (for G Suite Enterprise and G Suite Enterprise for Education domains only)
Gmail (including Talk)
Google Tasks
Groups for Business
Hangouts Classic
Sites Classic

Customers seeking FedRAMP compliance should only run their workloads in the following FedRAMP-authorized regions

Region High Baseline Moderate Baseline
Oregon (us-west1) X X
Los Angeles (us-west2) X X
Iowa (us-central1) X X
South Carolina (us-east1) X X
Northern Virginia (us-east4) X X
Montreal (northamerica-northeast1) X
Sao Paulo (southamerica-east1) X
Belgium (europe-west1) X
London (europe-west2) X
Frankfurt (europe-west3) X
Netherlands (europe-west4) X
Finland (europe-north1) X
Mumbai (asia-south1) X
Singapore (asia-southeast1) X
Taiwan (asia-east1) X
Tokyo (asia-northeast1) X
Sydney (australia-southeast1) X
Related documentation

FedRAMP compliance documents are available to U.S. government customers or contractors working on behalf of a U.S. government customer.

Region

U.S.

Industry

Government and public sector