Sovereign solutions for sensitive workloads: Elastic on Google Distributed Cloud Hosted


Maintaining sovereignty over sensitive workloads is paramount, especially in industries like public sector and telecommunications. Combining this need with cloud adoption and the innovation acceleration it provides is not always an easy path. Thus, sovereign cloud solutions, ensuring data residency, regulatory compliance, and security become indispensable for organizations dealing with highly sensitive data. With data sovereignty, organizations retain control over their data, mitigating risks associated with data breaches, regulatory noncompliance, and geopolitical considerations.

Google Cloud sovereign solutions

Elastic and Google Cloud recognize the critical importance of sovereign cloud and are partnering together to offer a comprehensive solutions portfolio for these use cases. Google Cloud’s offering provides extensive Google-managed, partner-managed, and customer-managed sovereign cloud deployment options with increasing compliance and stricter rules depending on specific needs. Among these, Google Distributed Cloud Hosted (GDCH) shines as the safest environment for the most critical workloads. Providing an air-gapped private cloud environment, it ensures organizations can operate their workloads with stringent data residency and security requirements while leveraging many of the same services from Google’s public cloud. Elastic Cloud is one of the first independent software vendors (ISV) to be available on the platform. This extensibility grants organizations flexibility to leverage their favorite solutions that adhere to the strict operational guidelines of GDCH. 

GDCH is designed to address the complexities of these environments, ensuring organizations can seamlessly navigate the intersection between sovereignty and cloud-enabled innovation. This offering empowers public sector entities and regulated enterprises to innovate with similar features and a similar experience to public cloud services while adhering to strict data governance standards.

GDCH encompasses the essential components — hardware, software, local control plane, and operational tooling — for deploying, operating, scaling, and securing a comprehensive managed cloud. Emphasizing full isolation, GDCH operates without connectivity to Google Cloud or the public internet, meeting rigorous accreditation standards such as NIST SP 800-53-FedRAMP High security controls and European requirements. This architecture provides an unparalleled level of data security and control, making it well-suited for the most sensitive deployments.

GDCH provides this opportunity without sacrificing the latest technologies in the AI space. Customers can use built-in AI solutions, such as Translation API, Speech-to-Text, or optical character recognition (OCR), which are Vertex AI features that follow Google Cloud’s AI Principles, and available services are continually increasing. GDCH is also built to be extensible and enables a catalog of trusted independent software vendors' (ISVs) applications through its Marketplace.

Elastic Cloud on GDCH Marketplace

Elastic Cloud on Kubernetes (ECK) is the Elastic Cloud deployment option designed to streamline the deployment, management, and scaling of Elasticsearch clusters within Kubernetes environments. Through the native operator, ECK extends the capabilities of Kubernetes to provide a seamless experience for running Elasticsearch, Kibana, and other associated Elastic Stack components. With ECK, organizations can leverage the flexibility and scalability of containers while harnessing the robust and AI-driven features of the Elastic Stack for their Search, Observability, and Security needs. This empowers teams to efficiently manage their Elasticsearch workloads, automate tasks, and ensure high availability and resilience for their applications and data. 

ECK on GDCH comes with the same features and updates available on our public cloud service while fulfilling air-gapped requirements, allowing customers to embrace search powered AI, vector search, and all kinds of integrations with Google Cloud’s and third-party solutions you may privately run on your sovereign cloud thanks to Elasticsearch capabilities. And since monitoring your sovereign environments is even more important, both from a performance and security perspective, Elastic is there to help from day one as your end-to-end Observability and Security solution for your whole GDCH space.

Elastic Cloud on Kubernetes is easily deployable with just a few clicks from the GDCH Marketplace page — as shown below — allowing quick access via the Google Kubernetes Engine (GKE) cluster of your choice and easy management via the official Elastic operator. Importantly, ECK deployment and operation adheres to the strict security and isolation principles of GDCH. This allows organizations to fully benefit from the power and flexibility of Elastic Cloud within their sovereign environment. ECK follows a Bring Your Own License (BYOL) model, which allows customers to securely take advantage of their existing licenses and leverage Elastic’s direct support.

Video thumbnail

Elastic prioritizes security and compliance across its products, ensuring customer data remains secure and meets global regulatory standards. This commitment extends to Elastic's offerings within GDCH. Elastic recognizes the heightened security considerations within sovereign environments and designs its solutions accordingly

With a comprehensive suite of security features, including those designed for GDPR compliance, Elastic Cloud securely manages valuable data for thousands of customers worldwide. Elastic adheres to key information security standards and regulations such as PCI DSS, FedRAMP, CSA STAR, ISO/IEC 27001, and others, reflecting its commitment to maintaining a robust security posture. Through independent audits and certifications, Elastic demonstrates its adherence to stringent security protocols, including HIPAA and SOC 2 compliance. Additionally, Elastic actively engages in vulnerability management, leveraging its Customer Zero Program to rigorously test solutions in real-world environments. With a focus on supply chain security, Elastic partners with trusted vendors who meet its strict security and compliance criteria, ensuring the integrity of its products and services.

Explore more and try it out!

Try this out yourself! One of the easiest ways to get started and explore our capabilities is with your own free Elastic Cloud trial or by subscribing through Google Cloud Marketplace. Dive into sensitive workloads with the air-gapped official documentation and explore our success stories.

The release and timing of any features or functionality described in this post remain at Elastic's sole discretion. Any features or functionality not currently available may not be delivered on time or at all. Elastic, Elasticsearch and associated marks are trademarks, logos or registered trademarks of Elasticsearch N.V. in the United States and other countries. All other company and product names are trademarks, logos or registered trademarks of their respective owners.