Launch policies

Workload author

Launch policies override the VM metadata variables set by workload operators to restrict malicious actions. A workload author can set policies with a label as part of building their container image.

For example, in a Dockerfile:

LABEL "tee.launch_policy.allow_cmd_override"="true"

In a Bazel BUILD file:

container_image(
    ...
    labels={"tee.launch_policy.allow_cmd_override":"true"}
    ...
)

The available launch policies are in the following table:

Policy	Type	Description
`tee.launch_policy.allow_cmd_override` Interacts with: Workload operator: The `tee-cmd` metadata variable. Data collaborators: The `container.cmd_override` assertion.	Boolean (default is `false`)	Determines if the `CMD` specified in the workload container's `Dockerfile` can be overridden by a workload operator with the `tee-cmd` metadata value.
`tee.launch_policy.allow_env_override` Interacts with: Workload operator: The `tee-env-ENVIRONMENT_VARIABLE_NAME` metadata variable. Data collaborators: The `container.env` and `container.env_override` assertions.	Comma-separated string	A comma-separated string of permitted environment variable names that are allowed to be set by a workload operator with `tee-env-ENVIRONMENT_VARIABLE_NAME` metadata values.
`tee.launch_policy.allow_mount_destinations` Interacts with: Workload operator: The `tee-mount` metadata variable.	Colon-separated string	A colon-separated string of permitted mount directories the workload operator is allowed to mount to using `tee-mount`. For example: `/run/tmp:/var/tmp:/tmp`
`tee.launch_policy.log_redirect` Interacts with: Workload operator: The `tee-container-log-redirect` metadata variable.	Defined string	Determines how logging works if `tee-container-log-redirect` is set to `true` by a workload operator. The valid values are: `debugonly` (default): Only allow `stdout` and `stderr` redirects when using a debug image. `always`: Always allow `stdout` and `stderr` redirects. `never`: Never allow `stdout` and `stderr` redirects.
`tee.launch_policy.monitoring_memory_allow` Interacts with: Data collaborators: The `monitoring_enabled.memory` assertion. Workload operator: The `tee-memory-monitoring-enable` metadata variable.	Defined string	Determines how workload memory usage monitoring works if `tee-memory-monitoring-enable` is set to `true` by a workload operator. The valid values are: `debugonly` (default): Only allow memory usage monitoring when using a debug image. `always`: Always allow memory usage monitoring. `never`: Never allow memory usage monitoring. Caution: If you allow memory usage monitoring, the workload operator can see workload memory usage metrics in Cloud Logging and Metrics Explorer. If your workload isn't written in a way that prevents total memory usage from leaking sensitive information, block this feature on production workloads.