Google GCR Integration

Modified on Mon, 3 Jun at 9:09 PM

Introduction


GCR scanner provides comprehensive vulnerability assessment and compliance checks for Docker container images stored in Google Container Registry (GCR). By analyzing the contents of container images, including operating system packages, libraries, and dependencies, GCR scanner identifies potential security vulnerabilities and compliance violations, enabling developers to address issues proactively. 


This guide details how to initiate and complete an GCR scan on the platform. 


Prerequisites:


  1. You should be signed in with CloudDefense.ai. If not, please refer to our guide on creating a CloudDefense.ai account.

  2. Google account 

  3. Created project in Google Console 

  4. Private repositories with images in Google Container Registry 



Step 1: Create a Service account.


Go to ‘Google console’ -> ‘IAM & Admin’ -> ‘Service accounts’ -> ‘Create service account’. Fill ‘Service account name’ and ‘Service account ID’:





In the next section select ‘Storage Object Viewer’ role:



Click on the created account and go to the ‘Keys’ tab. Create JSON key:



Credentials file will automatically download.



Step 2: Add Google Container Registry integration in CloudDefense. 


Go to ‘Integrations’ -> ‘Container Coverage’ -> ‘Google Container Registry’. Choose downloaded credentials file:



Click ‘Configure’.


Step 3: Scan your private images.


After successful configuration you can scan your own images.


Go to the ‘Integrations’ -> ‘Container Coverage’ -> ‘Google Container Registry’ or ‘Applications’ -> ‘Scan’ -> ‘Other’ -> ‘GCR’ -> ‘Your own images’. Choose host and the image (images) you want to scan.

Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select at least one of the reasons

Feedback sent

We appreciate your effort and will try to fix the article