Stay organized with collections
Save and categorize content based on your preferences.
Binary Authorization is a Google Cloud service that
provides software supply-chain security by enforcing a set of rules
(policy) on containers
deployed on a Google Cloud
supported container-based platform.
The service allows or blocks deployment of these containers based on that set of
rules.
Also, Binary Authorization provides continuous validation
to ensure that each deployed container continues to conform with policy.
There is no direct integration between Cloud Deploy and
Binary Authorization, but you can use them together to help secure your
software delivery process.
What Binary Authorization can do for your deployable images
At deploy time, Binary Authorization can use attestations
to determine that a process was completed earlier. Here are some examples of
what you can use Binary Authorization for:
Verify that a container image was built by a specific build system or
continuous integration pipeline.
Validate that a container image complies with vulnerability signing policy.
Verify that a container image passes criteria for promotion to the next target.
What's next
Learn more about how to use Binary Authorization
to help ensure the integrity of your container images.
Try a tutorial, for
GKE, to configure and test a Binary Authorization
policy that requires attestations.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-08-25 UTC."],[[["\u003cp\u003eBinary Authorization is a Google Cloud service that enhances software supply-chain security by enforcing rules on container deployments.\u003c/p\u003e\n"],["\u003cp\u003eThe service permits or denies container deployment based on a set of predefined rules, known as a policy.\u003c/p\u003e\n"],["\u003cp\u003eBinary Authorization offers continuous validation to ensure deployed containers remain compliant with the established policy.\u003c/p\u003e\n"],["\u003cp\u003eAt deploy time, Binary Authorization can leverage attestations to confirm the completion of previous processes, such as verifying the build source or compliance with vulnerability signing policy.\u003c/p\u003e\n"],["\u003cp\u003eAlthough there is no direct integration with Cloud Deploy, Binary Authorization can be used in conjunction to bolster the security of the software delivery process.\u003c/p\u003e\n"]]],[],null,[]]