Enabling and disabling Container Analysis

Container Analysis provides vulnerability scanning and metadata storage for images in Container Registry.

This page describes how to enable and disable the Container Analysis API for an existing project.

Enabling vulnerability scanning

  1. Enable the Container Scanning API. This enables vulnerability scanning as well as the Container Analysis API. You can enable the API for an existing project, or create a new project and then enable the API.

    Enable the Container Scanning API

  2. Enable the required IAM permissions. If you are the project owner, skip this step.

    To view occurrences, you must grant the following predefined IAM role, which will automatically provide the necessary permissions: Container Analysis Occurrences Viewer

Disabling vulnerability scanning

To disable vulnerability scanning, do the following:

  1. Open the Container Registry Settings page in the Cloud Console.

    Open the Settings page

  2. Click Disable Vulnerability Scanning.

What's next