#binary authorisation

Software supply chain security – Binary Authorization & Cloud Build

In the last post, we saw the details of the binary authrorisation and how it works using an example policy. This is the follow-up post with a very simple demonistration. today we see how you can use ‘cloud build’ as an attestor for binary authorisation and let only images built by ‘cloud build’ to be deployed to your Google Kubernetes Engine (GKE) Clusters. This is a very useful starting point to…

Software supply chain security – Binary Authorization on Google Cloud

Binary Authorization is a deploy-time security control that ensures only trusted container images are deployed on Google Kubernetes Engine (GKE) or Cloud Run.  Binary authorisation works based on the policies that you create. These policies can be scoped at the whole Google cloud project or target a specific Google Kubernetes Engine cluster. By using these policies, you can Require images to be…