If you choose to enable the vulnerability scanning feature for your container images, the price is $0.26 per scanned container image.
When you enable the Container Scanning API, billing begins immediately.
Container Analysis automatically scans an image the first time you push it to the registry and charges you for the initial scan. This charge applies only to the initial scan and is not affected by the number of layers on the base image. Once the image has been uploaded and initially scanned, subsequent scans of the same image are free.
Each image is uniquely identified by a digest. Images with the same digest are considered the same image.
Container Analysis does not automatically scan existing images after you enable the API. To scan an existing image, you must push it again.
Each new version of an image is associated with a digest, a unique identifier that is created when you push the image to Container Analysis. Tags that you add to an image are labels and do not change the content of the image, therefore you are not billed for adding or editing tags.
Promotional period for vulnerability scanning
Vulnerability scanning became a paid service with the general availability release of Container Analysis. Charges will be applied according to the following promotional schedule:
Between September 20, 2019 and March 31, 2021, charges are billed with a 100% discount.
Between April 1, 2021 and June 30, 2021, charges are billed with a 50% discount.
Starting on July 1, 2021, charges are billed at 100%.
See the upgrading page to learn about best practices for keeping your costs low and how to estimate your scanning costs.