En el momento de la implementación, la autorización binaria puede usar firmas llamadas certificaciones para determinar que un proceso se completó antes.
Por ejemplo, puedes usar la autorización binaria para lo siguiente:
Verificar que se haya compilado una imagen de contenedor mediante un sistema de compilación específico o una canalización de integración continua (CI)
Validar que una imagen de contenedor cumpla con la política de firma de vulnerabilidades
Verificar que una imagen de contenedor pase los criterios para ascender al siguiente entorno de implementación, por ejemplo, del desarrollo al control de calidad
[[["Fácil de comprender","easyToUnderstand","thumb-up"],["Resolvió mi problema","solvedMyProblem","thumb-up"],["Otro","otherUp","thumb-up"]],[["Difícil de entender","hardToUnderstand","thumb-down"],["Información o código de muestra incorrectos","incorrectInformationOrSampleCode","thumb-down"],["Faltan la información o los ejemplos que necesito","missingTheInformationSamplesINeed","thumb-down"],["Problema de traducción","translationIssue","thumb-down"],["Otro","otherDown","thumb-down"]],["Última actualización: 2025-09-04 (UTC)"],[[["\u003cp\u003eBinary Authorization is a Google Cloud service that enforces security policies at deploy-time for environments like GKE, Cloud Run, and Google Distributed Cloud.\u003c/p\u003e\n"],["\u003cp\u003eIt supports container images in Artifact Registry and other container image registries by verifying signatures called attestations.\u003c/p\u003e\n"],["\u003cp\u003eBinary Authorization can verify that a container image was built by a specific system, is compliant with vulnerability signing policy, or meets promotion criteria.\u003c/p\u003e\n"],["\u003cp\u003eIt provides documentation on how to use Binary Authorization on their documentation site.\u003c/p\u003e\n"]]],[],null,["# Securing deployments\n\nBinary Authorization is a Google Cloud service that provides deploy-time\nenforcement of security policies for [supported Google Cloud environments](/binary-authorization/docs/overview#supported_platforms), including\n[Google Kubernetes Engine (GKE)](/kubernetes-engine/docs),\n[Cloud Run](/run/docs), and\n[Google Distributed Cloud](/anthos/gke/docs/on-prem). It supports container\nimages in Artifact Registry and other container image registries.\n\nAt deploy time, Binary Authorization can use signatures called attestations to determine that a process was completed earlier.\nFor example, you can use Binary Authorization to:\n\n- Verify that a container image was built by a specific build system or continuous integration (CI) pipeline.\n- Validate that a container image is compliant with vulnerability signing policy.\n- Verify that a container image passes criteria for promotion to the next deployment environment, such as development to QA.\n\nTo learn about using Binary Authorization see the\n[Binary Authorization documentation](/binary-authorization/docs)."]]
