Version 1.9. This version is no longer supported. For information about how to upgrade to version 1.10, see Upgrading Anthos on bare metal in the 1.10 documentation. For more information about supported and unsupported versions, see the Version history page in the latest documentation.
Google Distributed Cloud deploys Pods to your nodes that have elevated
RBAC
permissions such as the ability to modify all Deployments and to read all
cluster Secrets. These permissions are required for Google Distributed Cloud to
function correctly.
The following table lists all Google Distributed Cloud components with elevated
permissions:
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-08-25 UTC."],[[["\u003cp\u003eGoogle Distributed Cloud requires Pods with elevated RBAC permissions to function, including the ability to modify Deployments and read cluster Secrets.\u003c/p\u003e\n"],["\u003cp\u003eSeveral Google Distributed Cloud components, such as \u003ccode\u003eais\u003c/code\u003e, \u003ccode\u003eanet-operator\u003c/code\u003e, and \u003ccode\u003eanthos-cluster-operator\u003c/code\u003e, are granted these elevated permissions.\u003c/p\u003e\n"],["\u003cp\u003eOptional features like VM Runtime and multi-NIC for pods necessitate some of these components with high permissions, however, they are disabled by default until you activate the specific features.\u003c/p\u003e\n"],["\u003cp\u003eThe provided list outlines the numerous components, including \u003ccode\u003ecert-manager\u003c/code\u003e, \u003ccode\u003eistio-ingress\u003c/code\u003e, and \u003ccode\u003emetrics-server\u003c/code\u003e, that are granted these elevated RBAC permissions to ensure proper operation of Google Distributed Cloud.\u003c/p\u003e\n"]]],[],null,[]]
