Documentação da autorização binária
A autorização binária é um serviço do Google Cloud que fornece segurança centralizada da cadeia de suprimentos de software para aplicativos executados no Google Kubernetes Engine (GKE) e no Distributed Cloud. Saiba mais
Comece seu próximo projeto com US$ 300 em créditos sem custos financeiros
Crie e teste uma prova de conceito com os créditos de teste e o uso mensal sem custos financeiros de mais de 20 produtos.
Recursos de documentação
Guias
-
Guia de início rápido: configurar uma política de autorização binária com o GKE
-
Tutorial completo de atestado (GKE)
-
Configurar a autorização binária na sua plataforma
-
Criar atestados em um pipeline do Cloud Build
-
Usar o Kritis Signer para criar atestados com base na verificação de vulnerabilidades
-
Usar o cupom para criar atestados com base na verificação de vulnerabilidades
-
Configurar uma política usando o Console do Cloud
-
Criar atestadores usando o Console do Cloud
-
Criar atestados
-
Configurar uma política usando a API REST
Recursos relacionados
Vídeos relacionados
Securing your AI model development pipeline
Vertex AI Pipelines → https://goo.gle/41IIBSZ Binary Authorization → https://goo.gle/3VOTAGL Vertex AI Pipeline demo → https://goo.gle/4ghaHJE Are you concerned about AI models going rogue? Secure your AI development pipeline using Google Cloud and
Securing CI/CD with Google Cloud
Learn how Google Cloud can help improve the security posture of your CI/CD process and software supply chains using Cloud Build, Google Cloud Deploy, Artifact Registry, Container Analysis, and Binary Authorization.
How to ensure only trusted container images are deployed to Cloud Run
SLSA → https://goo.gle/3GmqCmY SLSA Levels → https://goo.gle/32RzLGu Want to know how you can protect your system? This complex problem has some simple solutions, and in this episode of Serverless Expeditions Extended, we’ll show you how Google Cloud
Evolve to zero trust security model with Anthos security
BeyondProd is Google’s approach to cloud-native security for internal systems. BeyondProd applies the security principle of zero trust to services and infrastructure, ensuring that all components are verified and authenticated. Binary Authorization
Anthos security: Modernize your security posture for cloud-native applications
Modern security approaches have moved beyond a traditional perimeter-based security model. As many organizations seek to adopt cloud-native architectures and are deploying applications in hybrid and multi-cloud environments they demand a more
Kritis: An open implementation of Binary Authorization (KubeCon 2019, San Diego)
Aysylu Greenberg, Senior Software Engineer at Google, gives us a recap from her #KubeCon + #CloudNativeCon presentation on binary authorization and how Kritis enables tighter control over your container environment by ensuring only verified images
Vulnerabilities in Kubernetes, an interview with Maya (KubeCon 2019, Barcelona)
Google Product Manager, Dustin Kirkland interviews Google Product Manager, Maya Kaczorowski to discuss interesting vulnerabilities in the Kubernetes (K8s) space. Learn what Google Cloud is doing in the GKE and Security space: Binary Authorization →
End-To-End Security and Compliance for Your Kubernetes Software Supply Chain (Cloud Next '19)
Containers have unique characteristics such as immutability, declarative format, fast iteration that make it require a fundamentally different security model than that of VMs, especially within a secure software supply chain. In this session, ANZ
Secure Software Supply Chains on Google Kubernetes Engine (Cloud Next '19)
This session shows users how to ensure their software supply chain follows a known and secure path before their code is deployed in a Google Kubernetes Engine cluster. We will review binary authorization in general and then guide users on how best to
Binary Authorization Demo
Check out a demo of Binary Authorization, a Google Cloud Platform security feature. Binary Authorization is a deploy-time security control that ensures only trusted container images are deployed on Kubernetes Engine.