A RetroSearch Logo

Home - News ( United States | United Kingdom | Italy | Germany ) - Football scores

Search Query:

Showing content from https://cloud.google.com/binary-authorization/docs/enable-cluster below:

Enable enforcement on an existing cluster | Binary Authorization

Enable enforcement on an existing cluster

Stay organized with collections Save and categorize content based on your preferences.

This guide shows you how to enable Binary Authorization enforcement on an existing Google Kubernetes Engine (GKE) cluster.

Before you begin

Before you use this guide do the following:

  1. Create a standard GKE cluster. To learn more about creating standard clusters, see Create a zonal cluster or Create a regional cluster.
  2. Enable the Binary Authorization API.
Enable enforcement

To enable enforcement, perform the following steps:

Console

  1. In the Google Cloud console, go to the GKE page:

    Go to GKE.

  2. In the Kubernetes clusters list, click the name of your cluster.

  3. Under Security, in the row for Binary authorization, click the edit icon (edit).

  4. In the Edit Binary Authorization dialog, select the Enable Binary Authorization checkbox and click Save changes.

gcloud

For a zonal cluster, enter the following command:

gcloud container clusters update NAME \
    --zone ZONE \
    --binauthz-evaluation-mode=PROJECT_SINGLETON_POLICY_ENFORCE

Replace the following:

Clusters can have both Binary Authorization enforcement and CV monitoring enabled. To change CV monitoring and enforcement settings, set --binauthz-evaluation-mode to one of the following values:

For more information on CV policy and cluster management, see Manage CV platform policies.

Alternatively, for a regional cluster, enter the following command:

gcloud container clusters update NAME \
    --region REGION \
    --binauthz-evaluation-mode=PROJECT_SINGLETON_POLICY_ENFORCE

Replace the following:

Clusters can have both Binary Authorization enforcement and CV monitoring enabled. To change CV monitoring and enforcement settings, set --binauthz-evaluation-mode to one of the following values:

For more information on CV policy and cluster management, see Manage CV platform policies.

Note: It can take a few minutes for the policy to take effect. What's next

Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.

Last updated 2025-08-07 UTC.

[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-08-07 UTC."],[[["This guide explains how to enable Binary Authorization enforcement on an existing Google Kubernetes Engine (GKE) cluster using the Google Cloud console or the gcloud command-line tool."],["Before enabling enforcement, you must create a standard GKE cluster and enable the Binary Authorization API."],["You can enable Binary Authorization enforcement for either a zonal or regional cluster using the `gcloud container clusters update` command, specifying the cluster name and zone or region."],["Binary Authorization enforcement can be configured alongside CV monitoring, with different modes available to enable one, the other, or both."],["After enabling the policy, it can take several minutes for the changes to take full effect on the cluster."]]],[]]

RetroSearch is an open source project built by @garambo | Open a GitHub Issue

Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo

HTML: 3.2 | Encoding: UTF-8 | Version: 0.7.4