FedRAMP Authorization Information for Confluent Cloud for Government
Confluent Cloud for Government satisfies the FedRAMP 20x public posting requirements (ADS-CSO-PUB, ADS-CSO-SVC, ADS-UTC-PGD, and CCM-OAR-NRD). This page covers the authorization status, service profile, in-scope services, and customer responsibilities. For contact information, service status, and trust center access, see Confluent Support for Confluent Cloud for Government.
Authorization status
Confluent Cloud for Government holds an active FedRAMP 20x Moderate authorization, with public references in the FedRAMP Marketplace and Confluent’s Trust Center.
- Impact level
Moderate
- FedRAMP Marketplace listing
- Authority to Operate (ATO) letter
Confluent Trust Center US Public Sector Documents section
- Next Ongoing Authorization Report (OAR) date
June 16, 2026
Service profile
Confluent Cloud for Government is offered with the following specifications:
- Service model
Software-as-a-Service (SaaS)
- Deployment model
Public cloud
- Business category
Analytics, Data Management, Storage, Cybersecurity & Risk Management
- Unique Entity Identifier (UEI)
GHN5M5CAYT69
For an overview of Confluent Cloud for Government supported features, cloud providers, and regions, see Confluent Cloud for Government.
Services in the FedRAMP Minimum Assessment Scope
The following Confluent Cloud for Government services handle federal data and metadata according to the FedRAMP 20x Minimum Assessment Scope (KSI-MAS). Security objectives use FIPS 199 impact levels for Confidentiality, Integrity, and Availability (C/I/A).
Service | Security objective (C/I/A) | Status |
|---|---|---|
Dedicated Kafka Cluster | Moderate / Moderate / Moderate | Authorized |
Confluent Cloud for Government services that are not listed in the preceding table are not in the Minimum Assessment Scope. Other Confluent offerings, including commercial Confluent Cloud and Confluent Platform, are also not in the Confluent Cloud for Government Minimum Assessment Scope.
For applicable FedRAMP security controls and best practices for the in-scope services, see Manage Security for Confluent Cloud for Government.
Customer responsibilities and secure configuration
For a summary of customer responsibilities and secure configuration guidance, see Audit access control lists in the FedRAMP best practices guide.