Enabling Identity Platform - Cloud Identity: FedRA...

adfrench · 02-11-2025 01:12 PM

I am trying to enable Identity Platform on a project under an Assured Workloads folder with FedRAMP Moderate compliance configured and am receiving an error with no message. I am the owner of the project. Looking at the logs, I believe there might be a service usage policy constraint. Identity Platform is allowed; however, I noticed that Cloud Identity is not allowed by default for FedRAMP Moderate. I checked the services compliance list and noticed that Cloud Identity is listed under FedRAMP High compliance but not FedRAMP Moderate. I would have assumed that all FedRAMP High compliant services would also be FedRAMP Moderate compliant. Is that correct? Any reason why Cloud Identity would not be FedRAMP Moderate?

ChieKo

Hi @adfrench,

Welcome to the Google Cloud community!

In Assured Workloads for FedRAMP Moderate environments, not all services that are FedRAMP High compliant are automatically FedRAMP Moderate compliant. Each service undergoes a different authorization process, and Google Cloud has categorized services based on their security requirements.

As you've noticed, Cloud Identity is not listed under FedRAMP Moderate but is listed under FedRAMP High. This discrepancy exists because Cloud Identity’s security controls and the scope of its certification may not align with the requirements for FedRAMP Moderate. The High classification means that the service meets more strict security controls that are appropriate for environments with sensitive or critical data, whereas the Moderate designation is for services with a lower threshold of risk management.

Was this helpful? If so, please accept this answer as “Solution”. If you need additional assistance, reply here within 2 business days and I’ll be happy to help.

Enabling Identity Platform - Cloud Identity: FedRAMP Moderate compliance