This page provides an overview of how to set up Binary Authorization in your
environment. You can set up Binary Authorization using Google Cloud Console
gcloud commands. You can also perform some setup steps using the
Binary Authorization REST API.
To set up Binary Authorization:
- Enable Binary Authorization on Google Kubernetes Engine. Alternatively, if you use Anthos Config Management, you can enable Binary Authorization using the Config Management Operator.
- Create a cluster with Binary Authorization enabled
- Configure a policy using the CLI or Google Cloud Console that describes the constraints under which a container can be deployed
- Create attestors using the CLI or Google Cloud Console who can attest that a required process has completed before a container image is deployed