Add configuration flag for enable_binary_authorization
#141
Labels
enhancement
New feature or request
Comments
|
+1 |
|
Fixed by #160 |
|
We only added this feature for private clusters. Public clusters love binary auth too. See #186 |
|
This needs to be enabled on the |
|
it was already out in as non beta, so if we do that it will be a breaking change. So let me know if you want me to put it in as a breaking change. |
|
No, it's only on the private cluster module (which uses the beta provider). We can add it to the public beta module as well, but we don't need to add it to the main module. |
|
I misunderstood. Terraform provider. Now the question is do we put this feature only into our beta modules, and remove it from the private template |
|
Hello is this possible, I search and found that there is an option to use UBUNTU but have not seen a way to use CentOS
Remo
|
|
@itlinux I think you might be looking in the wrong place. This issue is about adding a |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
https://www.terraform.io/docs/providers/google/r/container_cluster.html#enable_binary_authorization
Suggest plumbing the flag for it with the default as false. It allows for enabling the BinAuthZ Admission controller for being able to set a whitelist policy for approved container registry paths and also enforce image signing if desired. Note that can safely be set to be true if desired as the GCP project's default BinAuthZ is allow all/permissive.
The text was updated successfully, but these errors were encountered: