Deployment guidance for Gemini for Government

This document provides technical guidance for US Federal agencies and DoD departments on deploying and using Gemini for Government in compliance with FedRAMP High and DoD Impact Level 4 (IL4) requirements. This document describes which services and features are included in the authorization boundaries and the steps to help you meet your compliance obligations.

Gemini for Government uses Assured Workloads to help with compliance requirements. You must deploy all Gemini for Government resources within an Assured Workloads folder that's configured for your specific compliance regime (FedRAMP High or IL4).

Core product dependencies

Gemini for Government relies on several Google Cloud services. The following table lists the compliance status for each service.

Google Cloud service	FedRAMP High status	IL4 status
Gemini Enterprise	Authorized	Authorized
Generative AI on Vertex AI	Authorized	Authorized
BigQuery	Authorized	Authorized
Cloud Storage	Authorized	Authorized
Looker (Google Cloud core)	Authorized	Submitted

Authorized services and features

The following table lists the services and features that you can use within Gemini for Government for FedRAMP High and IL4 deployments.

Feature	FedRAMP High	IL4
Generally available Gemini models	Authorized	Authorized
Autocomplete	Authorized	Authorized
Serving controls	Authorized	Authorized
Authorized data stores such as Cloud Storage and BigQuery	Authorized	Authorized
Web Grounding for Enterprise	Authorized	Authorized
Uploading documents from local machines	Authorized	Authorized
Ability for end users to select models	Authorized	Authorized

Unauthorized features that you should disable manually

The following services and features aren't authorized for FedRAMP High or IL4. However, they aren't blocked by the Assured Workloads control packages and are available in your project. As part of your risk assessment, you may need to carefully assess service usage relative to sensitive data and any mitigating controls available to you. You may need to manually disable the features on this list in your Gemini Enterprise application configuration based on your assessment.

Agents and galleries	Agents gallery Prompt gallery
Grounding	Grounding with Google Maps Platform Grounding with Google Search Grounding using Google Drive uploads Grounding using Microsoft OneDrive uploads
Generative features	Generate images using Imagen Generate video with Veo
User, session, and UI features	User events for Gemini Enterprise apps Conversation sharing Personalization and memory in Gemini Enterprise
Other features	Private Knowledge Graph in Gemini Enterprise Model Armor NotebookLM Enterprise Implicit context caching

For more information about implicit context caching, see Vertex AI and zero data retention.

Unauthorized features that you can't disable

The following services and features are available in the Assured Workloads control package. You can't disable them. If you do use these features, you should conduct a proper risk assessment prior to granting your authorization to make sure service usage is appropriate for your FedRAMP High or IL4 deployment. For example, you could assess service usage relative to data sensitivity. You could also evaluate if any mitigating controls based on data encryption are available to you to establish sole control over data access.

Agents and galleries	Data Insights agent Deep Research agent Note: Data Boundary for FedRAMP High doesn't let end users use this agent. However, it is available for end users in IL4. Idea Generation agent To remove availability for these agents, contact our sales team or your Google Cloud representative.
Analytics and dependent features	View analytics data Data agent context for Looker data sources Data agent context for BigQuery data sources Data agents that you create using the Conversational Analytics API Gemini in BigQuery Gemini in Looker
Data connectors and stores	Google Workspace data sources such as Google Drive, Gmail, or Google Calendar Google Cloud data stores such as Cloud SQL and Firestore Google Calendar and Gmail actions Third-party data sources such as Salesforce or Microsoft People data sources such as Google Workspace, Microsoft Entra, or custom sources
User, session, and UI features	Prompt chips
Other features	Gemini Code Assist Creating a no-code agent using Agent Designer

Deploy your environment

Follow these steps for assistance with deploying an environment that meets your compliance obligations:

Deploy Assured Workloads:
1. Create an Assured Workloads folder that uses Data Boundary for FedRAMP High or Data Boundary for IL4.
2. Create your Google Cloud project inside this folder.
3. Verify that all users and service accounts have the required Identity and Access Management (IAM) permissions.
Create a Gemini Enterprise app. Select US Multi-region as the location. The Assured Workloads data residency policy enforces this option.
Connect to a Google data source that's located within your Assured Workloads folder. The authorized data stores for FedRAMP High and IL4 are Cloud Storage buckets and BigQuery datasets.

Note: Don't connect to an unauthorized data source (for example, Cloud SQL or Google Drive) or a resource that's outside your Assured Workloads folder.
Configure authorized compliance features.
Turn off the unauthorized features that are described in unauthorized features that you should disable manually.
Train your personnel not to use unauthorized features that you can't disable.