mirror of
https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git
synced 2026-06-11 21:54:56 +03:00
mukul975
23 lines
653 B
Markdown
23 lines
653 B
Markdown
# Workflows - GCP Binary Authorization
|
|
|
|
## Attestation Pipeline
|
|
```
|
|
1. Developer pushes code
|
|
2. Cloud Build triggers container build
|
|
3. Vulnerability scan runs on built image
|
|
4. If scan passes → Create cryptographic attestation
|
|
5. Push attested image to registry
|
|
6. GKE validates attestation at deploy time
|
|
7. Continuous validation monitors running pods
|
|
```
|
|
|
|
## Break-Glass Procedure
|
|
```
|
|
1. Emergency identified → Create incident ticket
|
|
2. Apply break-glass annotation to pod spec
|
|
3. Deploy with override documented
|
|
4. Alert security team of break-glass usage
|
|
5. Post-incident: Review and attest emergency image
|
|
6. Remove break-glass annotation
|
|
```
|