Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.


Secure Workloads in Google Kubernetes Engine

Google via Qwiklabs


Earn a skill badge by completing the Secure Workloads in Google Kubernetes Engine quest, where you learn about security at scale on Google Kubernetes Engine (GKE) including how to: migrate containers from virtual machines to Google Kubernetes Engine, restrict network connections in GKE using firewalls and Network Policies, use role-based access controls (RBAC) in GKE, use Binary Authorization for security controls of your images, secure applications in GKE using 3 access levels: host, network, Kubernetes API, and harden GKE cluster configurations. A skill badge is an exclusive digital badge issued by Google Cloud in recognition of your proficiency with Google Cloud products and services and tests your ability to apply your knowledge in an interactive hands-on environment. Complete this skill badge quest, and the final assessment challenge lab, to receive a skill badge that you can share with your network.


  • Migrating to GKE Containers
    • This lab teaches you how to migrate a stateless application from running on a VM to running on Kubernetes Engine (GKE). You will learn about the lifecycle of an application transitioning from a typical VM/OS-based deployment to three different containerized cloud infrastructure platforms.
  • How to Use a Network Policy on Google Kubernetes Engine
    • In this lab you learn how to improve the security of your Kubernetes Engine by applying fine-grained restrictions to limit intra-cluster network communication.
  • warning Using Role-based Access Control in Kubernetes Engine
    • After provisioning two service accounts to represent user personas and three namespaces for dev, test, and prod, you will test the access controls of the personals in each namespace.
  • Google Kubernetes Engine Security: Binary Authorization
    • This lab deploys a Kubernetes Engine Cluster with the Binary Authorization feature enabled; you'll learn how to whitelist approved container registries and the process of creating and running a signed container.
  • Securing Applications on Kubernetes Engine - Three Examples
    • In this lab you will learn how Kubernetes Engine security features can be used to grant varying levels of privilege to applications based on their particular requirements
  • Hardening Default GKE Cluster Configurations
    • This lab demonstrates some of the security concerns of a default GKE cluster configuration and the corresponding hardening measures to prevent multiple paths of pod escape and cluster privilege escalation
  • Secure Workloads in Google Kubernetes Engine: Challenge Lab
    • This challenge lab tests your skills and knowledge from the labs in the Kubernetes in Google Cloud quest. You should be familiar with the content of the labs before attempting this lab.


Start your review of Secure Workloads in Google Kubernetes Engine

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.