You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/cloud/features/security/security.md
+1Lines changed: 1 addition & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -44,6 +44,7 @@ Below you will find a few examples of our interal code requirements.
44
44
- Each commit to main is approved by someone different than the author.
45
45
- We follow the standard of signing commits and then registering the key with GitHub. [Github Docs](https://docs.github.com/en/authentication/managing-commit-signature-verification/signing-commits)
46
46
- Binary is signed using cosign and OIDC for keyless. [Signing docs](https://docs.sigstore.dev/cosign/signing/overview/)
47
+
- Attestations are created that certify an image. We us GCP Binary Authorization to enforce this. [Attestation docs](https://cloud.google.com/binary-authorization/docs/key-concepts#attestations)
47
48
- Encryption is a key feature of our security posture as well. This is enforced at each stage of access. For example, the state database automatically encrypts all data. Credentials are also securely encrypted and stored.
48
49
- We backup each state database nightly as well as before upgrades. These are stored indefinitely.
0 commit comments