13

Image Hardening and CI/CD Security

In this chapter, we will look at Google’s approach to Compute Engine image hardening and DevOps pipeline security. One of the most critical issues facing industries today is software supply chain attacks. To address this matter in the cloud, we need to be able to build secure infrastructure, monitor operations, and fix vulnerabilities. This is a very broad topic. We will only cover the topics required for the exam in this chapter.

In this chapter, we will cover the following topics:

  • Overview of image management
  • Custom images for Compute Engine
  • Image management pipeline
  • Controlling access to images
  • Image lifecycle
  • Enforcing lifecycle policies
  • Secure CI/CD pipeline
  • Best practices for a CI/CD pipeline
  • Shielded ...

Get Official Google Cloud Certified Professional Cloud Security Engineer Exam Guide now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.