Setting up overview

This page provides an overview of how to set up Binary Authorization in your environment. You can set up Binary Authorization using Google Cloud Console or gcloud commands. You can also perform some setup steps using the Binary Authorization REST API.

For an end-to-end tutorial that includes setup steps below, see: Getting started using the CLI or Getting started using the Console.

Setup Steps

To set up Binary Authorization:

  1. Enable Binary Authorization on Google Kubernetes Engine. Alternatively, if you use Anthos Config Management, you can enable Binary Authorization using the Config Management Operator.
  2. Create a cluster with Binary Authorization enabled
  3. Configure a policy using the CLI or Google Cloud Console that describes the constraints under which a container can be deployed
  4. Create attestors using the CLI or Google Cloud Console who can attest that a required process has completed before a container image is deployed