This document includes the best practices and guidelines for agents and applications when running workloads on Google Cloud.
Configure vulnerability scanning for artifacts
Use Artifact Analysis or another tool to scan for vulnerabilities in images and packages within Artifact Registry.
If you use a third-party scanning tool, you must deploy these tools correctly to scan Artifact Registry for vulnerabilities in images and packages.
- Artifact Registry
- Artifact Analysis
serviceusage.getservice
=
-
containerscanning.googleapis.com
- RA-5
- SI-5
- SA-5
- SR-8
- CA-7
- ID-RA-1.1
- ID-RA-1.2
- ID-RA-3.1
- ID-RA-3.2
- ID-RA-3.3
- PR.IP-7.1
- PR.IP-8.1
- PR.IP-12.1
- PR.IP-12.2
- PR.IP-12.3
- PR.IP-12.4
- DE.CM-8.1
- DE.CM-8.2
- DE.DP-4.1
- DE-DP-4.2
- DE-DP-5.1
- RS.CO-3.1
- RS.CO-3.2
- RS.CO-5.2
- RS.CO-5.3
- RS.AN-5.1
- RS.AN-5.2
- RS-AN-5.3
- RS.MI-3.1
- RS-MI-3.2
Define permitted private pools
The cloudbuild.allowedWorkerPools
list constraint lets you define the permitted private pools that you can use within your organization, folder, or project.
Use one of the following formats to define an allowed or denied list of Worker Pools:
-
under:organizations/ORGANIZATION_ID -
under:folders/FOLDER_ID -
under:projects/PROJECT_ID -
projects/PROJECT_ID/locations/REGION/workerPools/WORKER_POOL_ID
- Organization Policy Service
- Cloud Build
constraints/cloudbuild.allowedWorkerPools
=
- AC-3
- AC-5
- AC-6
- AC-12
- AC-17
- AC-20
- PR.AC-3.1
- PR.AC-3.2
- PR.AC-4.1
- PR.AC-4.2
- PR.AC-4.3
- PR.AC-6.1
- PR.AC-7.1
- PR.AC-7.2
- PR.PT-3.1
- PR-PT-4.1
Define which external services can invoke build triggers
The cloudbuild.allowedIntegrations
constraint defines which external services (for example, GitHub) can invoke build triggers. For example, if your build trigger listens for changes to a GitHub repository and GitHub is denied in this constraint, your trigger won't run. You can specify any number of allowed or denied values for your organization or project.
- Organization Policy Service
- Cloud Build
constraints/cloudbuild.allowedIntegrations
=
- AC-3
- AC-12
- AC-17
- AC-20
- PR.AC-3.1
- PR.AC-3.2
- PR.AC-4.1
- PR.AC-4.2
- PR.AC-4.3
- PR.AC-6.1
- PR.AC-7.1
- PR.AC-7.2
- PR.PT-3.1
- PR-PT-4.1
Enable Model Armor
Enable Model Armor to screen for malicious or harmful content in natural language communications, including LLM prompts and responses, MCP server-client connections, or agentic communications.
- Model Armor
serviceusage.getservice
=
-
modelarmor.googleapis.com
- AC-4
- AU-2
- AU-8
- AU-14
- CM-6
- IR-7
- MP-4
- MP-6
- PM-30
- RA-3
- RA-5
- RA-10
- SA-9
- SA-11
- SC-7
- SC-18
- SI-3
- SI-4
- SI-8
- SI-10
- SI-15
- SI-19
Configure runtime vulnerability scanning
Automatically scan the container operating systems and language packages in your running workloads for known vulnerabilities to get actionable mitigation strategies.
- GKE
workload-vulnerability-scanning
==
-
Enterprise
- RA-5
- SI-4
- SA-5
Create cleanup policies for artifacts
Cleanup policies are useful if you store many versions of your artifacts but only need to keep specific versions that you release to production. Create separate cleanup policies for deleting artifacts and retaining artifacts.
- Artifact Registry
- SI-12
- PR.IP-2.1
- PR.IP-2.2
- PR.IP-2.3
