Container Registry is deprecated. Effective March 18, 2025, Container Registry is shut down and writing images to Container Registry is unavailable. For more information about the Container Registry deprecation and how to migrate to Artifact Registry, see Container Registry deprecation.
Stay organized with collections
Save and categorize content based on your preferences.
Binary Authorization is a Google Cloud service that provides deploy-time
enforcement of security policies for
Google Kubernetes Engine (GKE) and
Google Distributed Cloud. It supports container
images in Container Registry, Artifact Registry and other container image
registries.
At deploy time, Binary Authorization can use signatures called attestations to determine that a process was completed earlier.
For example, you can use Binary Authorization to:
Verify that a container image was built by a specific build system or
continuous integration (CI) pipeline.
Validate that a container image is compliant with vulnerability signing policy.
Verify that a container image passes criteria for promotion to the next
deployment environment, such as development to QA.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-09-16 UTC."],[],[],null,[]]
