Complete the code to enable Binary Authorization on a GKE cluster.
gcloud container clusters update my-cluster --[1]The correct flag to enable Binary Authorization on a GKE cluster is --enable-binary-authorization.
Complete the command to create a policy for Binary Authorization.
gcloud container binauthz policies create --[1]=my-policyThe correct flag to specify the policy name is --name.
Fix the error in the command to add an attestor to a policy.
gcloud container binauthz policies add-attestor --[1] my-policy --attestor=my-attestorThe correct flag to specify the policy is --name when adding an attestor.
Fill both blanks to configure the attestor with an attestation authority note and description.
gcloud container binauthz attestors create my-attestor --[1]=projects/my-project/locations/global/attestationAuthorityNotes/my-note --[2]="My attestor description"
The flag --attestation-authority-note specifies the attestation authority note resource, and --description adds a description.
Fill all three blanks to create a policy that requires attestation and sets evaluation mode.
gcloud container binauthz policies create --[1]=my-policy --[2]=REQUIRE_ATTESTATION --[3]=PROJECT_SINGLETON_POLICY_ENFORCE
The --name flag sets the policy name, --default-rule-action sets the mode for evaluation, and --global-policy-evaluation-mode enforces the policy globally.