Introduction
GCR scanner provides comprehensive vulnerability assessment and compliance checks for Docker container images stored in Google Container Registry (GCR). By analyzing the contents of container images, including operating system packages, libraries, and dependencies, GCR scanner identifies potential security vulnerabilities and compliance violations, enabling developers to address issues proactively.
This guide details how to initiate and complete an GCR scan on the platform.
Prerequisites:
You should be signed in with CloudDefense.ai. If not, please refer to our guide on creating a CloudDefense.ai account.
Google account
Created project in Google Console
Private repositories with images in Google Container Registry
Step 1: Create a Service account.
Go to ‘Google console’ -> ‘IAM & Admin’ -> ‘Service accounts’ -> ‘Create service account’. Fill ‘Service account name’ and ‘Service account ID’:
In the next section select ‘Storage Object Viewer’ role:
Click on the created account and go to the ‘Keys’ tab. Create JSON key:
Credentials file will automatically download.
Step 2: Add Google Container Registry integration in CloudDefense.
Go to ‘Integrations’ -> ‘Container Coverage’ -> ‘Google Container Registry’. Choose downloaded credentials file:
Click ‘Configure’.
Step 3: Scan your private images.
After successful configuration you can scan your own images.
Go to the ‘Integrations’ -> ‘Container Coverage’ -> ‘Google Container Registry’ or ‘Applications’ -> ‘Scan’ -> ‘Other’ -> ‘GCR’ -> ‘Your own images’. Choose host and the image (images) you want to scan.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article