Stay organized with collections
Save and categorize content based on your preferences.
This page explains what Config Controller is and how it relates to
Config Connector, Config Sync and Policy Controller.
Config Controller creates and manages
Google Cloud resources with a declarative, Kubernetes model.
Config Controller is a hosted version of Config Connector that simplifies
installation and maintenance. Config Controller also includes
Policy Controller and Config Sync.
Config Controller is available with a Google Kubernetes Engine (GKE) Enterprise edition license.
With Config Controller, you can create configurations for any Google Cloud
resource. The configurations for these resources are stored in a source of truth
like a Git repository. Config Sync continuously monitors your resources to
ensure the current states of resources matches the state that you define in your
source of truth. Policy Controller can catch and enforce policy violations
on those resources before they are deployed. This flow is illustrated in the
following diagram:
Config Controller's declarative configuration approach gives you many
benefits:
Manage with Kubernetes: Use familiar Kubernetes tools and workflows to
manage GKE Enterprise and Google Cloud resources, and
custom workloads.
Declare desired state: Focus on what your resources look like rather
than the specifics of how you create them.
Automate drift detection and repair: Continuously monitor your
infrastructure for drift from the defined state and enable automatic
repairs.
Use GitOps for consistency: Collaborate with your colleagues on
potential changes and preview changes before they are made.
Enforce policy guardrails: Enforce policies earlier in the development
cycle and detect violations before deploying resources.
Audit infrastructure continuously: Maintain an audit trail of all
changes to help understand the history of your infrastructure.
Increase developer velocity: Improve the safety and velocity of your
cloud adoption journey by using best practices.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-08-25 UTC."],[],[],null,["# Config Controller overview\n\nThis page explains what Config Controller is and how it relates to\nConfig Connector, Config Sync and Policy Controller.\n\nConfig Controller creates and manages\nGoogle Cloud resources with a declarative, Kubernetes model.\nConfig Controller is a hosted version of Config Connector that simplifies\ninstallation and maintenance. Config Controller also includes\nPolicy Controller and Config Sync.\n\nConfig Controller is available with a Google Kubernetes Engine (GKE) Enterprise edition license.\n\nWith Config Controller, you can create configurations for any Google Cloud\nresource. The configurations for these resources are stored in a source of truth\nlike a Git repository. Config Sync continuously monitors your resources to\nensure the current states of resources matches the state that you define in your\nsource of truth. Policy Controller can catch and enforce policy violations\non those resources before they are deployed. This flow is illustrated in the\nfollowing diagram:\n\nConfig Controller's declarative configuration approach gives you many\nbenefits:\n\n- **Manage with Kubernetes** : Use familiar Kubernetes tools and workflows to manage GKE Enterprise and Google Cloud resources, and [custom workloads](/kubernetes-engine/enterprise/config-controller/docs/deploy-workloads).\n- **Declare desired state**: Focus on what your resources look like rather than the specifics of how you create them.\n- **Automate drift detection and repair**: Continuously monitor your infrastructure for drift from the defined state and enable automatic repairs.\n- **Use GitOps for consistency**: Collaborate with your colleagues on potential changes and preview changes before they are made.\n- **Enforce policy guardrails**: Enforce policies earlier in the development cycle and detect violations before deploying resources.\n- **Audit infrastructure continuously**: Maintain an audit trail of all changes to help understand the history of your infrastructure.\n- **Increase developer velocity**: Improve the safety and velocity of your cloud adoption journey by using best practices.\n\nFor a guided example showing you how to install and use a Config Controller\ninstance, see\n[Manage resources with Config Controller](/kubernetes-engine/enterprise/config-controller/docs/manage-resources).\nFor the full installation instructions, see\n[Set up Config Controller](/kubernetes-engine/enterprise/config-controller/docs/setup)."]]
