Cloud Run pairs with TEE for scale

Cloud Run is Google’s managed container service: you ship a container, it serves HTTP traffic, and idle revisions can scale to zero. (docs.cloud.google.com 1) (docs.cloud.google.com 2) Confidential Space is a trusted execution environment, or TEE, which is a hardware-isolated room for code and data while they are being processed. It uses attestation checks and a hardened operating system image before releasing secrets to a workload. (docs.cloud.google.com) Google’s current architecture guidance puts those two ideas next to each other rather than treating them as substitutes. A December 9, 2025 Google Developers Blog post described end-to-end confidential applications that keep scalable front ends separate from the most sensitive compute. (developers.googleblog.com) That split starts with the economics and behavior of Cloud Run. Google says Cloud Run is fully managed, charges only for resources used, and by default scales a revision to zero when it receives no traffic. (docs.cloud.google.com) (cloud.google.com) (docs.cloud.google.com) It also starts with the limits of a scale-to-zero service. Cloud Run services are stateless by design, and Google documents a disposable container file system, which means durable state has to live somewhere else. (docs.cloud.google.com) Confidential Space is built for the opposite problem: protecting “data in use,” the moment when plaintext usually has to exist in memory to be processed. Google says the service can protect personally identifiable information, health data, cryptographic secrets, and machine learning models from operators as well as other parties. (docs.cloud.google.com) (developers.googleblog.com) In Google’s example, the hard part is not spinning up more containers. It is proving to users that only verified code inside a hardware-isolated environment can see sensitive inputs, even when the application uses load balancing and multiple service instances. (developers.googleblog.com) That is where attestation comes in. Google says Confidential Space returns attestation evidence as OpenID Connect tokens, and those tokens can be used to decide whether a workload gets access to protected resources such as Cloud Key Management Service keys or Cloud Storage buckets. (docs.cloud.google.com) The practical pattern is a hybrid one: let Cloud Run absorb bursty web traffic and routine stateless work, then hand off the sensitive step to a TEE-backed workload. Google’s recent confidential-computing materials describe that broader push as protecting data not only at rest and in transit, but also while it is being used. (docs.cloud.google.com) (cloud.google.com) (developers.googleblog.com) The result is not a new Google Cloud product launch so much as a clearer design rule. Put the disposable, autoscaled edge on Cloud Run, and keep the secrets in the room that can prove who is inside. (docs.cloud.google.com 1) (docs.cloud.google.com 2)