| San Francisco

Google Cloud Next '19 | Who Protects What? Shared Security in GKE, with Jesse Endahl

  • Container security
Play

When you use a hosted cloud service, security is shared between the cloud provider, and the user — the more ""managed"" the offering, the less the user is responsible for. On Google Kubernetes Engine, Google manages the control plane, whereas the user manages the nodes. From a security point of view, what does this mean? Who is responsible for managing security updates and responding to incidents?

In this session, we’ll cover the shared responsibility model at Google and how it applies to Google Kubernetes Engine. For the components that are managed and protected by Google, we’ll lift the covers on what Google does to secure your clusters, day in, day out. For the components you’re responsible for, we’ll cover hardening that’s already in place on GKE and best practices for you to follow to further harden your workloads. We’ll finish with tools you can use to supplement your security posture on GKE.