Mit Sammlungen den Überblick behalten
Sie können Inhalte basierend auf Ihren Einstellungen speichern und kategorisieren.
Für das Ausführen geschäftskritischer Arbeitslasten in Dataproc müssen mehrere Parteien unterschiedliche Verantwortlichkeiten übernehmen. Auf dieser Seite werden die Verantwortlichkeiten aufgeführt, die Google und dem Kunden obliegen. Die Liste ist jedoch nicht vollständig.
Dataproc: Verantwortlichkeiten von Google
Schutz der zugrunde liegenden Infrastruktur, einschließlich Hardware, Firmware, Kernel, Betriebssystem, Speicher, Netzwerk und mehr. Dazu zählen:
Bereitstellung von Google Cloud Integrationen für Connect, Identity and Access Management, Cloud-Audit-Logs, Cloud Key Management Service, Security Command Center und andere.
Beschränken und Protokollieren des administrativen Zugriffs von Google auf Kundencluster mit Access Transparency und Access Approval für vertragliche Supportzwecke
Empfehlungen für Best Practices für die Konfiguration von Dataproc und der in Dataproc-Images enthaltenen Open-Source-Komponenten
Dataproc: Verantwortlichkeiten des Kunden
Verwalten Ihrer Arbeitslasten, einschließlich Anwendungscode, benutzerdefinierte Images, Daten, IAM-Richtlinie und Cluster, die Sie ausführen
Cluster mit aktuellen Dataproc-Images ausführen, indem Sie die neueste Sub-Minor-Image-Version verwenden, Ihre benutzerdefinierten Images umgehend aktualisieren und so bald wie möglich zur neuesten Minor-Image-Version migrieren. Die Bildmetadaten enthalten das Label previous-subminor, das auf true gesetzt ist, wenn im Cluster nicht die neueste Sub-Minor-Version des Images verwendet wird. Informationen zum Aufrufen von Bildmetadaten finden Sie unter Wichtige Hinweise zur Versionsverwaltung.
Google auf Anfrage Details zur Umgebung zur Verfügung stellen, damit Probleme behoben werden können
Best Practices für die Konfiguration von Dataproc und anderen Google Cloud-Diensten sowie für die Konfiguration von Open-Source-Komponenten, die in Dataproc-Images enthalten sind
[[["Leicht verständlich","easyToUnderstand","thumb-up"],["Mein Problem wurde gelöst","solvedMyProblem","thumb-up"],["Sonstiges","otherUp","thumb-up"]],[["Schwer verständlich","hardToUnderstand","thumb-down"],["Informationen oder Beispielcode falsch","incorrectInformationOrSampleCode","thumb-down"],["Benötigte Informationen/Beispiele nicht gefunden","missingTheInformationSamplesINeed","thumb-down"],["Problem mit der Übersetzung","translationIssue","thumb-down"],["Sonstiges","otherDown","thumb-down"]],["Zuletzt aktualisiert: 2025-08-22 (UTC)."],[[["\u003cp\u003eGoogle's responsibilities for Dataproc include securing the underlying infrastructure, releasing security patches for Dataproc images, providing Google Cloud integrations, restricting and logging administrative access, and recommending configuration best practices.\u003c/p\u003e\n"],["\u003cp\u003eCustomers are responsible for maintaining their workloads, including application code, custom images, data, IAM policy, and clusters, and ensuring they run on up-to-date Dataproc images.\u003c/p\u003e\n"],["\u003cp\u003eGoogle encrypts data at rest and in transit, utilizes custom-designed hardware, and implements private network cables as part of their infrastructure protection.\u003c/p\u003e\n"],["\u003cp\u003eCustomers should leverage the latest subminor image version of Dataproc images, and migrate to the most recent minor image version when possible.\u003c/p\u003e\n"],["\u003cp\u003eGoogle will request customers for environmental details to be used for troubleshooting purposes.\u003c/p\u003e\n"]]],[],null,["# Dataproc shared responsibility model\n\nRunning business-critical workloads on Dataproc requires multiple parties to\ncarry different responsibilities. While not an exhaustive list, this page lists\nthe responsibilities for Google and the customer.\n\nDataproc: Google responsibilities\n---------------------------------\n\n- Protecting the underlying infrastructure, including hardware, firmware, kernel,\n OS, storage, network, and more. This includes:\n\n - [encrypting data at rest by default](/security/encryption-at-rest/default-encryption)\n - providing [additional customer-managed disk encryption](/dataproc/docs/concepts/configuring-clusters/customer-managed-encryption)\n - [encrypting data in transit](https://cloud.google.com/security/encryption-in-transit)\n - using [custom-designed hardware](/docs/security/titan-hardware-chip)\n - laying [private network cables](https://cloud.google.com/about/locations#network-tab)\n - protecting data centers from physical access\n - protecting the bootloader and kernel against modification using [Shielded Nodes](/kubernetes-engine/docs/how-to/shielded-gke-nodes)\n - providing network protection with [VPC Service Controls](https://cloud.google.com/vpc-service-controls/docs/supported-products)\n - following secure software development practices\n- Releasing security patches for Dataproc images . This includes:\n\n - patches for the base operating systems included in [Dataproc images](/dataproc/docs/concepts/versioning/dataproc-version-clusters) (Ubuntu, Debian, and Rocky Linux)\n - patches and fixes available for the [open source components](/dataproc/docs/concepts/versioning/dataproc-release-2.1) included in Dataproc images Security patches may only be available for operating system versions or open source software that are included in the most recent version of Dataproc images. Leveraging the latest Dataproc image version available is a customer responsibility.\n- Providing Google Cloud integrations for Connect, Identity and Access Management,\n Cloud Audit Logs, Cloud Key Management Service, Security Command Center, and others.\n\n- Restricting and logging Google administrative access to customer clusters for\n contractual support purposes with [Access Transparency](/access-transparency)\n and [Access Approval](/assured-workloads/access-approval/docs/overview)\n\n- Recommending best practices for configuring Dataproc and the open source\n components included in Dataproc images\n\nDataproc: Customer responsibilities\n-----------------------------------\n\n- Maintaining your workloads, including your application code, custom images, data,\n IAM policy, and clusters that you run\n\n- Running clusters on up-to-date Dataproc images\n by leveraging the latest\n [subminor image version](/dataproc/docs/concepts/versioning/dataproc-version-clusters#debian_images),\n promptly refreshing your custom images, and migrating to the most recent minor\n image version as soon as it is feasible. Image metadata includes a\n `previous-subminor` label, which is set to `true` if the cluster is not\n using the latest subminor image version. For information on how to view\n image metadata, see\n [Important notes about versioning](/dataproc/docs/concepts/versioning/overview#important_notes_about_versioning).\n\n- Providing Google with environmental details when requested for troubleshooting\n purposes\n\n- Following best practices for the configuration of Dataproc and other Google Cloud\n services, and for the configuration of open source components included in\n Dataproc images"]]