IaC on GCR Scan

Modified on Wed, 11 Oct, 2023 at 7:27 PM



Prerequisites

  • Google account 
  • Created project in Google Console 
  • Private repositories with images in Google Container Registry 



Scan Public images

Go to ‘Applications’ -> ‘Scan’ -> ‘Other’ -> ‘GCR’ and insert name of the image you want to scan:



After the scan new application with the name of the image will be created:



Scan Private images

Step 1: Create a Service account. 

Go to ‘Google console’ -> ‘IAM & Admin’ -> ‘Service accounts’ -> ‘Create service account’. Fill ‘Service account name’ and ‘Service account ID’:


In the next section select ‘Storage Object Viewer’ role:


Click on the created account and go to the ‘Keys’ tab. Create JSON key:


Credentials file will automatically download.

Step 2: Add Google Container Registry integration in CloudDefense. 

Go to ‘Integrations’ -> ‘Container Coverage’ -> ‘Google Container Registry’. Choose downloaded credentials file:


Click ‘Configure’.


Step 3: Scan your private images.

After successful configuration you can scan your own images.


Go to the ‘Integrations’ -> ‘Container Coverage’ -> ‘Google Container Registry’ or ‘Applications’ -> ‘Scan’ -> ‘Other’ -> ‘Google Container Registry’ -> ‘Your own images’. Choose host and the image (images) you want to scan:

Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select at least one of the reasons

Feedback sent

We appreciate your effort and will try to fix the article