This page provides an overview of how to set up Binary Authorization for use with Anthos Service Mesh.
Before you begin
Before you use Binary Authorization for Anthos Service Mesh, you must first install Anthos Service Mesh on Google Kubernetes Engine (GKE). For more information, see the quickstart or the GKE installation guides.
To set up Binary Authorization for Anthos Service Mesh, perform the following steps:
- Enable Binary Authorization.
Configure your Binary Authorization policy.
You can configure the following features in your policy:
Optional: Use the
built-by-cloud-buildattestor to deploy only images built by Cloud Build (Preview).
Optional: Use attestations.