Pada waktu deployment, Otorisasi Biner dapat menggunakan tanda tangan yang disebut pengesahan untuk menentukan bahwa proses telah diselesaikan lebih awal.
Misalnya, Anda dapat menggunakan Otorisasi Biner untuk:
Pastikan bahwa image container dibuat oleh sistem build atau
pipeline continuous integration (CI) tertentu.
Validasi bahwa image container mematuhi kebijakan penandatanganan kerentanan.
Pastikan bahwa image container lulus kriteria untuk promosi ke lingkungan deployment berikutnya, seperti dari pengembangan hingga UM (Uji Mutu).
[[["Mudah dipahami","easyToUnderstand","thumb-up"],["Memecahkan masalah saya","solvedMyProblem","thumb-up"],["Lainnya","otherUp","thumb-up"]],[["Sulit dipahami","hardToUnderstand","thumb-down"],["Informasi atau kode contoh salah","incorrectInformationOrSampleCode","thumb-down"],["Informasi/contoh yang saya butuhkan tidak ada","missingTheInformationSamplesINeed","thumb-down"],["Masalah terjemahan","translationIssue","thumb-down"],["Lainnya","otherDown","thumb-down"]],["Terakhir diperbarui pada 2025-09-04 UTC."],[[["\u003cp\u003eBinary Authorization is a Google Cloud service that enforces security policies at deploy-time for environments like GKE, Cloud Run, and Google Distributed Cloud.\u003c/p\u003e\n"],["\u003cp\u003eIt supports container images in Artifact Registry and other container image registries by verifying signatures called attestations.\u003c/p\u003e\n"],["\u003cp\u003eBinary Authorization can verify that a container image was built by a specific system, is compliant with vulnerability signing policy, or meets promotion criteria.\u003c/p\u003e\n"],["\u003cp\u003eIt provides documentation on how to use Binary Authorization on their documentation site.\u003c/p\u003e\n"]]],[],null,["# Securing deployments\n\nBinary Authorization is a Google Cloud service that provides deploy-time\nenforcement of security policies for [supported Google Cloud environments](/binary-authorization/docs/overview#supported_platforms), including\n[Google Kubernetes Engine (GKE)](/kubernetes-engine/docs),\n[Cloud Run](/run/docs), and\n[Google Distributed Cloud](/anthos/gke/docs/on-prem). It supports container\nimages in Artifact Registry and other container image registries.\n\nAt deploy time, Binary Authorization can use signatures called attestations to determine that a process was completed earlier.\nFor example, you can use Binary Authorization to:\n\n- Verify that a container image was built by a specific build system or continuous integration (CI) pipeline.\n- Validate that a container image is compliant with vulnerability signing policy.\n- Verify that a container image passes criteria for promotion to the next deployment environment, such as development to QA.\n\nTo learn about using Binary Authorization see the\n[Binary Authorization documentation](/binary-authorization/docs)."]]