Stay organized with collections
Save and categorize content based on your preferences.
Assured Workloads helps ensure that
your Cloud Armor deployments across your organization are configured in
a compliant manner. You create a folder that contains the projects in which you
want to maintain compliance, and then apply one or more
control packages to that folder to
enforce those controls across all of those projects. This document explains what
control packages you can apply to Cloud Armor resources, and highlights
what resources aren't supported by Assured Workloads.
Maintain compliance through Assured Workloads
Cloud Armor can be deployed in configurations which satisfy a variety
of global, country specific, or industry specific compliance frameworks. A
comprehensive list of supported compliance offerings across Google Cloud and
whether Cloud Armor is in scope for them can be found in our
Compliance Offerings.
Control packages by security policy type
The following table explains what control packages are available for each
security policy type. For
more information about these control packages and to search for the control
packages that support Cloud Armor, see
supported products by control package.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-08-25 UTC."],[[["\u003cp\u003eAssured Workloads ensures compliant Google Cloud Armor deployments across your organization by applying control packages to designated folders containing the projects.\u003c/p\u003e\n"],["\u003cp\u003eGoogle Cloud Armor can be configured to meet various global, country-specific, or industry-specific compliance frameworks, which can be found in the Compliance Offerings.\u003c/p\u003e\n"],["\u003cp\u003eDifferent control packages are available for different Google Cloud Armor security policy types, including global backend, edge, regional backend, and network edge security policies.\u003c/p\u003e\n"],["\u003cp\u003eThe table outlines which control packages, such as CJIS, FedRAMP, Healthcare and Life Sciences, Impact Levels, ITAR, IRS Publication 1075, Sovereign Controls and more, are available for each type of security policy.\u003c/p\u003e\n"],["\u003cp\u003eFedRAMP Moderate and High are listed as under JAB review for Network Edge Security policy.\u003c/p\u003e\n"]]],[],null,[]]