[[["容易理解","easyToUnderstand","thumb-up"],["確實解決了我的問題","solvedMyProblem","thumb-up"],["其他","otherUp","thumb-up"]],[["難以理解","hardToUnderstand","thumb-down"],["資訊或程式碼範例有誤","incorrectInformationOrSampleCode","thumb-down"],["缺少我需要的資訊/範例","missingTheInformationSamplesINeed","thumb-down"],["翻譯問題","translationIssue","thumb-down"],["其他","otherDown","thumb-down"]],["上次更新時間:2025-09-04 (世界標準時間)。"],[[["\u003cp\u003eThis tool checks for Container Registry usage within a specified Google Cloud project, folder, or organization.\u003c/p\u003e\n"],["\u003cp\u003eTo use the tool, the gcloud CLI needs to be installed and initialized, and the user needs Cloud Asset Viewer and Storage Object Viewer IAM roles.\u003c/p\u003e\n"],["\u003cp\u003eThe tool can output several usage states, including \u003ccode\u003eACTIVE\u003c/code\u003e, \u003ccode\u003eINACTIVE\u003c/code\u003e, \u003ccode\u003eREDIRECTED\u003c/code\u003e, \u003ccode\u003eREDIRECTION_INCOMPLETE\u003c/code\u003e, and \u003ccode\u003eLEGACY\u003c/code\u003e, that describe the Container Registry's usage and status.\u003c/p\u003e\n"],["\u003cp\u003eYou can filter the results of the tool by usage state to see, for example, all active usage or all projects not yet redirected.\u003c/p\u003e\n"],["\u003cp\u003eThe tool indicates errors if there are permission issues with listing Cloud Storage buckets or Container Registry project.\u003c/p\u003e\n"]]],[],null,["Run this tool to determine if there is Container Registry usage within your\nGoogle Cloud project, folder, or organization.\n\nBefore you begin\n\n1.\n [Install](/sdk/docs/install) the Google Cloud CLI.\n\n | **Note:** If you installed the gcloud CLI previously, make sure you have the latest version by running `gcloud components update`.\n2. If you're using an external identity provider (IdP), you must first\n [sign in to the gcloud CLI with your federated identity](/iam/docs/workforce-log-in-gcloud).\n\n3.\n To [initialize](/sdk/docs/initializing) the gcloud CLI, run the following command:\n\n ```bash\n gcloud init\n ```\n\n\u003cbr /\u003e\n\nRequired roles\n\n\nTo get the permissions that\nyou need to find Container Registry usage in your Google Cloud project, folder, or organization,\n\nask your administrator to grant you the\nfollowing IAM roles:\n\n- [Cloud Asset Viewer](/iam/docs/roles-permissions/cloudasset#cloudasset.viewer) (`roles/cloudasset.viewer`) on the Google Cloud project, folder or organization\n- [Storage Object Viewer](/iam/docs/roles-permissions/storage#storage.objectViewer) (`roles/storage.objectViewer`) on the Google Cloud project, folder or organization\n\n\nFor more information about granting roles, see [Manage access to projects, folders, and organizations](/iam/docs/granting-changing-revoking-access).\n\n\nYou might also be able to get\nthe required permissions through [custom\nroles](/iam/docs/creating-custom-roles) or other [predefined\nroles](/iam/docs/roles-overview#predefined).\n\nFind Container Registry usage\n\nYou can run the tool scoped to a single Google Cloud project, folder, or\norganization. \n\nproject\n\nRun the following command to find any Container Registry usage in your\nGoogle Cloud project. \n\n gcloud container images list-gcr-usage \\\n --project=\u003cvar translate=\"no\"\u003ePROJECT\u003c/var\u003e\n\nWhere \u003cvar translate=\"no\"\u003ePROJECT\u003c/var\u003e is your Google Cloud project ID. For information on\nhow to find your project\nID, see [Identifying projects](/resource-manager/docs/creating-managing-projects#identifying_projects).\n\nThe tool returns a list of your host locations for the specified project, and\ntheir usage state. The usage states are defined as follows:\n\n\n- `ACTIVE`: Container Registry usage has occurred in the last 30 days. The host location and project are not redirected.\n- `INACTIVE`: No Container Registry usage has occurred in the last 30 days. The host location and project are not redirected.\n- `REDIRECTED`: the project has been redirected to Artifact Registry but still has Container Registry Cloud Storage buckets. This project will continue to function after Container Registry is turned down and no further action is required. You can reduce costs by deleting the Container Registry Cloud Storage buckets.\n- `REDIRECTION_INCOMPLETE`: requests are redirected to Artifact Registry, but data is still being copied from Container Registry.\n- `LEGACY`: Container Registry usage is unknown. This state is caused by legacy Container Registry projects that store container image metadata files in Cloud Storage buckets. For more information on legacy Container Registry projects, see [Container image metadata storage change](/container-registry/docs/deprecations/feature-deprecations#container_image_metadata_storage_change).\n\nIf the tool encounters errors, such as missing permissions to view the\nCloud Storage bucket or Container Registry project, then you will see an error\nmessage similar to the following: \n\n repository: us.gcr.io/my-project\n usage: |-\n response: {'status': 401}\n Operation on project 'no-gcr-permission' failed. Caller does not have permission 'storage.objects.list'. To configure permissions, follow instructions at: https://cloud.google.com/container-registry/docs/access-control: None\n\n\u003cbr /\u003e\n\nfolder\n\nRun the following command to find any Container Registry usage in your\nGoogle Cloud folder. \n\n gcloud container images list-gcr-usage \\\n --folder=\u003cvar translate=\"no\"\u003eFOLDER\u003c/var\u003e\n\nWhere \u003cvar translate=\"no\"\u003eFOLDER\u003c/var\u003e is your Google Cloud folder ID. For information on how\nto list folders in your organization, see\n[List folders](/resource-manager/docs/creating-managing-folders#list).\n\nThe tool returns the following lists of usage states:\n\n\n- `ACTIVE`: Container Registry usage has occurred in the last 30 days. The host location and project are not redirected.\n- `INACTIVE`: No Container Registry usage has occurred in the last 30 days. The host location and project are not redirected.\n- `REDIRECTED`: the project has been redirected to Artifact Registry but still has Container Registry Cloud Storage buckets. This project will continue to function after Container Registry is turned down and no further action is required. You can reduce costs by deleting the Container Registry Cloud Storage buckets.\n- `REDIRECTION_INCOMPLETE`: requests are redirected to Artifact Registry, but data is still being copied from Container Registry.\n- `LEGACY`: Container Registry usage is unknown. This state is caused by legacy Container Registry projects that store container image metadata files in Cloud Storage buckets. For more information on legacy Container Registry projects, see [Container image metadata storage change](/container-registry/docs/deprecations/feature-deprecations#container_image_metadata_storage_change).\n\nIf the tool encounters errors, such as missing permissions to view the\nCloud Storage bucket or Container Registry project, then you will see an error\nmessage similar to the following: \n\n repository: us.gcr.io/my-project\n usage: |-\n response: {'status': 401}\n Operation on project 'no-gcr-permission' failed. Caller does not have permission 'storage.objects.list'. To configure permissions, follow instructions at: https://cloud.google.com/container-registry/docs/access-control: None\n\n\u003cbr /\u003e\n\norganization\n\nRun the following command to find any Container Registry usage in your\nGoogle Cloud organization. \n\n gcloud container images list-gcr-usage \\\n --organization=\u003cvar translate=\"no\"\u003eORGANIZATION\u003c/var\u003e\n\nWhere \u003cvar translate=\"no\"\u003eORGANIZATION\u003c/var\u003e is your Google Cloud organization ID. For\ninformation about how to find your organization ID, see\n[Getting your organization resource ID](/resource-manager/docs/creating-managing-organization#retrieving_your_organization_id).\n\nThe tool returns the following lists of usage states:\n\n\n- `ACTIVE`: Container Registry usage has occurred in the last 30 days. The host location and project are not redirected.\n- `INACTIVE`: No Container Registry usage has occurred in the last 30 days. The host location and project are not redirected.\n- `REDIRECTED`: the project has been redirected to Artifact Registry but still has Container Registry Cloud Storage buckets. This project will continue to function after Container Registry is turned down and no further action is required. You can reduce costs by deleting the Container Registry Cloud Storage buckets.\n- `REDIRECTION_INCOMPLETE`: requests are redirected to Artifact Registry, but data is still being copied from Container Registry.\n- `LEGACY`: Container Registry usage is unknown. This state is caused by legacy Container Registry projects that store container image metadata files in Cloud Storage buckets. For more information on legacy Container Registry projects, see [Container image metadata storage change](/container-registry/docs/deprecations/feature-deprecations#container_image_metadata_storage_change).\n\nIf the tool encounters errors, such as missing permissions to view the\nCloud Storage bucket or Container Registry project, then you will see an error\nmessage similar to the following: \n\n repository: us.gcr.io/my-project\n usage: |-\n response: {'status': 401}\n Operation on project 'no-gcr-permission' failed. Caller does not have permission 'storage.objects.list'. To configure permissions, follow instructions at: https://cloud.google.com/container-registry/docs/access-control: None\n\n\u003cbr /\u003e\n\nFilter results\n\nTo control which resource items are listed, pass the\n`--filter=`\u003cvar translate=\"no\"\u003eEXPRESSION\u003c/var\u003e flag. If the expression evaluates to true\nfor a given item, then that item is listed.\n\nTo list all active Container Registry usage in your organization, you can filter\nby active usage: \n\n gcloud container images list-gcr-usage \\\n --organization=\u003cvar translate=\"no\"\u003eORGANIZATION\u003c/var\u003e \\\n --filter=\"usage=ACTIVE\"\n\nTo find all projects that aren't redirected yet, you can filter by\n`usage!=REDIRECTED`: \n\n gcloud container images list-gcr-usage \\\n --organization=\u003cvar translate=\"no\"\u003eORGANIZATION\u003c/var\u003e \\\n --filter=\"usage!=REDIRECTED\"\n\nFor more information on filter\nexpressions, run `gcloud topic filters` or read the\n[reference documentation](/sdk/gcloud/reference/topic/filters).\n\nWhat's next\n\n- Determine the [transition option](/artifact-registry/docs/transition/transition-from-gcr#transition-options) you want to take.\n- Use the [automatic migration tool](/artifact-registry/docs/transition/auto-migrate-gcr-ar) to transition to Artifact Registry."]]
