Domains / Security and Compliance/ Cloud Service

Security GKE Cluster

Hardened Google Kubernetes Engine cluster hosting all Security and Compliance workloads, with strict network policies and node isolation.

Cloud Service Technology active

Security GKE Cluster is a hardened GKE cluster with binary authorization, Workload Identity enabled, and strict NetworkPolicy rules permitting only explicitly allowlisted service-to-service communication. Node pools use shielded VMs with Secure Boot and vTPM.

Relationships

Serves outgoing 7
Target Element Element Type
IAM API Software Subsystem
Policy Engine Software Subsystem
Audit Ingest API Software Subsystem
Audit Query API Software Subsystem
Privacy Rights API Software Subsystem
Vault API Software Subsystem
Security Node Pool Infrastructure Node

Architecture Context

Diagrams

Not yet referenced in any diagram

Properties

Type Cloud Service
Layer Technology
Domain Security and Compliance
Status active
Owner Security Team

Additional Metadata

Cloud Provider GCP
Archimate Type system-software
Togaf Type Physical Technology Component
Emm Type Physical TI Component

Meta Model

Business
Organization
Application
Technology current

Actions