This guide provides technical guidance for US Federal agencies on deploying and using Gemini for Government in compliance with FedRAMP High and Impact Level 4 (IL4) requirements. This document describes which services and features are included in the authorization boundaries and the steps to help you ensure a compliant deployment.
Gemini for Government uses Assured Workloads to help with compliance. You must deploy all Gemini for Government resources within an Assured Workloads folder that's configured for your specific compliance regime (FedRAMP High or IL4).
Core product dependencies
Gemini for Government relies on several Google Cloud services. The following table lists the compliance status for each service.
| Google Cloud service | FedRAMP High status | IL4 status |
|---|---|---|
Generative AI on Vertex AI |
Authorized |
Authorized |
BigQuery |
Authorized |
Authorized |
Cloud Storage |
Authorized |
Authorized |
Looker (Google Cloud core) |
Authorized |
Submitted |
Authorized services and features
The following table lists the services and features that you can use within Gemini for Government for FedRAMP High and IL4.
| Feature | FedRAMP High | IL4 |
|---|---|---|
Approved |
Approved |
|
Approved |
Approved |
|
Approved |
Approved |
|
Authorized data stores such as Cloud Storage and BigQuery |
Approved |
Approved |
Approved |
Approved |
|
Uploading documents from local machines |
Approved |
Approved |
Ability for end users to select models |
Approved |
Approved |
Unauthorized features that you must disable manually
The following services and features aren't authorized for FedRAMP High or IL4. However, they aren't blocked by the Assured Workloads control packages and are available in your project. To remain compliant, you must manually disable the features on this list in your Gemini Enterprise application configuration.
| Agents and galleries | |
|---|---|
| Grounding |
|
| Generative features | |
| User, session, and UI features | |
| Other features |
For more information about implicit context caching, see Vertex AI and zero data retention.
Unauthorized features that you can't disable
The following services and features are available in the Assured Workloads control package. You can't disable them and using these features makes your environment no longer compliant. If you do use these features, you are accepting the risk of operating a non-compliant environment.
| Agents and galleries |
To remove availability for these agents, contact Google Cloud. |
|---|---|
| Analytics and dependent features |
|
| Data connectors and stores |
|
| User, session, and UI features | |
| Other features |
|
Deploy a compliant environment
Follow these steps to ensure that your deployment is compliant:
- Deploy Assured Workloads:
- Create an Assured Workloads folder that uses Data Boundary for FedRAMP High or Data Boundary for IL4.
- Create your Google Cloud project inside this folder.
- Verify that all users and service accounts have the required Identity and Access Management (IAM) permissions.
- Create a Gemini Enterprise app. Select US Multi-region as the location. The Assured Workloads data residency policy enforces this option.
Connect to a Google data source that is located within your Assured Workloads folder. The authorized data stores for FedRAMP High and IL4 are Cloud Storage buckets and BigQuery datasets.
Configure authorized compliance features.
Turn off the unauthorized features that are described in unauthorized features that you must disable manually.
Train your personnel not to use unauthorized features that you can't disable.