Recent Searches

No recent searches

    Popular Articles

      Articles
      View all
        Topics
        View all
          Tickets
          View all
            no results

            Sorry! nothing found for

            How to Run a GCR Scan: A Step-by-Step Guide

            Modified on Tue, 3 Sep at 9:29 PM

            Introduction


            GCR scanner provides comprehensive vulnerability assessment and compliance checks for Docker container images stored in Google Container Registry (GCR). By analyzing the contents of container images, including operating system packages, libraries, and dependencies, GCR scanner identifies potential security vulnerabilities and compliance violations, enabling developers to address issues proactively. 


            This guide details how to initiate and complete an GCR scan on the platform.


            Prerequisites:


            1. You should be signed in with CloudDefense.ai. If not, please refer to our guide on creating a CloudDefense.ai account.

            1. Google account 

            2. Created project in Google Console 

            3. Private repositories with images in Google Container Registry 


            Step 1: Navigation to GCR scanner 


            • Click on  “Applications” on Navbar



            • Click the green “SCAN” button on the left side of the page, and choose “Other” to proceed.




            • After clicking on “Other” select  “GCR” 



            To scan public Images


            Step 1. Click on “Public Images” inside “applications -> scan -> other -> GCR”




            Step 2: input image name and enter “RUN SCAN” button



            To scan Scan Private images


            Step 1: Create a Service account. 


            Go to ‘Google console’ -> ‘IAM & Admin’ -> ‘Service accounts’ -> ‘Create service account’. Fill ‘Service account name’ and ‘Service account ID’:




            In the next section select ‘Storage Object Viewer’ role:



            Click on the created account and go to the ‘Keys’ tab. Create JSON key:



            Credentials file will automatically download.


            Step 2: Add Google Container Registry integration in CloudDefense. 


            Go to ‘Integrations’ -> ‘Container Coverage’ -> ‘Google Container Registry’. Choose downloaded credentials file:


            Click ‘Configure’.


            Step 3: Scan your private images.

            After successful configuration you can scan your own images.


            Go to the ‘Integrations’ -> ‘Container Coverage’ -> ‘Google Container Registry’ or ‘Applications’ -> ‘Scan’ -> ‘Other’ -> ‘GCR’ -> ‘Your own images’. Choose host and the image (images) you want to scan:

            Was this article helpful?

            That’s Great!

            Thank you for your feedback

            Sorry! We couldn't be helpful

            Thank you for your feedback

            Let us know how can we improve this article!

            Select at least one of the reasons

            Feedback sent

            We appreciate your effort and will try to fix the article

            Preview
            0 of 0