Binary Authorization documentation

Binary Authorization is a service on Google Cloud that provides centralized software supply-chain security for applications that run on Google Kubernetes Engine (GKE), Cloud Run, and Distributed Cloud.

Start your proof of concept with 300ドル in free credit

  • Get access to Gemini 2.0 Flash Thinking
  • Free monthly usage of popular products, including AI APIs and BigQuery
  • No automatic charges, no commitment

Keep exploring with 20+ always-free products

Access 20+ free products for common use cases, including AI APIs, VMs, data warehouses, and more.

Explore self-paced training, use cases, reference architectures, and code samples with examples of how to use and connect Google Cloud services.
Training
Training and tutorials

Secure your GKE Deployments with Binary Authorization

This lab describes how to secure a GKE cluster using Binary Authorization.

GKE

Training
Training and tutorials

Secure your GKE Deployments with Binary Authorization

Add deploy-time policy enforcement to your GKE cluster.

GKE

Training
Training and tutorials

Get started using the command-line tool

Get up and running quickly with GKE and Binary Authorization with this end-to-end getting started tutorial.

GKE

Training
Training and tutorials

Multi-project setup

Use different projects to restrict access for different activities, enforcing separation of duties.

GKE

Training
Training and tutorials

View audit logs for Binary Authorization

View audit logs for Binary Authorization events.

GKE Cloud Audit Logs

Training
Training and tutorials

View audit logs for Binary Authorization for Google Distributed Cloud (GDC)

View audit logs for Binary Authorization events for Google Distributed Cloud.

GKE on-prem Cloud Audit Logs

Training
Training and tutorials

Monitor metrics for Binary Authorization for Google Distributed Cloud

Monitor metrics from Binary Authorization for GKE on-prem.

GKE on-prem Cloud Monitoring

Use case
Use cases

Security controls and forensic analysis for GKE apps

Details instrumentation and tools used in forensic analysis for apps deployed to GKE.

Security Container analysis

Use case
Use cases

Help secure software supply chains on GKE

Shows you how to ensure that your supply chain follows a known and secure path before you deploy your code in a GKE cluster.

DevOps

Code sample
Code Samples

Google Provider

With Google Provider for Terraform, you can configure your Google Cloud infrastructure.

Code sample
Code Samples

Attestor Provider

Create Binary Authorization attestors.

Code sample
Code Samples

IAM policy for Binary Authorization Attestor

Three different resources help you manage your IAM policy for Binary Authorization Attestor.

Code sample
Code Samples

Binary Authorization Policy

Configure a Binary Authorization policy.

Related videos

Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.

Last updated 2025年11月06日 UTC.