Creating a cluster

This page explains how to create a cluster in Google Kubernetes Engine (GKE) with Binary Authorization enabled. You perform this step at the command line using gcloud commands or in Google Cloud Console. This step is part of setting up Binary Authorization.

Create the cluster

To create a cluster with Binary Authorization enabled:


  1. Set your default Google Cloud project if you have not already done so:

    gcloud config set project PROJECT_ID

    where PROJECT_ID is the ID of the project where you want to create the cluster.

  2. Create the cluster:

    gcloud container clusters create \
        --enable-binauthz \
        --zone ZONE \


    • ZONE is the GKE zone (for example, us-central1-a)
    • CLUSTER_NAME is the name of the cluster you want to create (for example, test-cluster)


  1. Open the GKE page in Cloud Console.

    Go to GKE

  2. Click Create Cluster. Enter values for the default fields as described in Creating a Cluster.

  3. In the left navigation, click Security.

  4. In the Security page, select Enable Binary Authorization.

  5. Click Create.

It can take a few minutes for your cluster to be created.

Verify that the cluster is running

To verify that the cluster is running:


List running clusters in your project:

gcloud container clusters list \
    --zone ZONE


  1. Open the GKE page in Cloud Console.

    Go to GKE

  2. View running clusters in your project:

    View running GKE clusters

What's next