Binary Authorization is a service on Google Cloud that provides centralized software supply-chain security for applications that run on Google Kubernetes Engine (GKE) and Anthos clusters on VMware. Learn more

Guides

Reference

Resources

Training and tutorials

Try Binary Authorization tutorials, training courses, and Qwiklabs from Google Cloud.

Qwiklabs

Securing Your GKE Deployments with Binary Authorization

This lab describes how to secure a GKE cluster using Binary Authorization.

GKE

Learn more  
Tutorial

Getting started using the command-line tool

Get up and running quickly with GKE and Binary Authorization with this end-to-end getting started tutorial.

GKE

Learn more  
Tutorial

Multi-project setup

Use different projects to restrict access for different activities, enforcing separation of duties.

GKE

Learn more  
Tutorial

Creating attestations based on vulnerability scanning

Use Kritis Signer to scan a container image with Container Analysis before creating attestations.

Kritis Container Analysis

Learn more  
Codelab

Securing Your GKE Deployments with Binary Authorization

Adding deploy-time policy enforcement to your Kubernetes Engine (GKE) cluster.

GKE

Learn more  
How-to

Viewing audit logs

Viewing audit logs for Binary Authorization events.

GKE Cloud Audit Logs

Learn more  
How-to

Viewing audit logs

Viewing audit logs for Binary Authorization events.

GKE on-prem Cloud Audit Logs

Learn more  
How-to

Monitoring metrics

Monitoring metrics from Binary Authorization for GKE on-prem.

GKE on-prem Cloud Monitoring

Learn more  

Use cases

Explore use cases, reference architectures, whitepapers, best practices, and industry solutions.

Best practice

Security controls and forensic analysis for GKE apps

Details instrumentation and tools used in forensic analysis for apps deployed to GKE.

Security Container analysis

Learn more  
Use case

Implementing Binary Authorization using Cloud Build and GKE

Walks you through setting up Binary Authorization for Google Kubernetes Engine.

GKE Cloud Build

Learn more  
Architecture

Help secure software supply chains on Google Kubernetes Engine

Shows you how to ensure that your supply chain follows a known and secure path before you deploy your code in a Google Kubernetes Engine cluster.

DevOps

Learn more  

Code samples

Dive into coding with examples that demonstrate how to use and connect Google Cloud services.

terraform

Google Provider

With Google Provider for Terraform you can configure your Google Cloud infrastructure

Learn more  

terraform

Attestor Provider

Create Binary Authorization attestors

Learn more  

terraform

IAM policy for Binary Authorization Attestor

Three different resources help you manage your IAM policy for Binary Authorization Attestor.

Learn more  

terraform

Binary Authorization Policy

Configure a Binary Authorization polcy.

Learn more  

Videos