Securing Container Registry in a service perimeter

VPC Service Controls improves your ability to mitigate the risk of unauthorized copying or transfer of data from Google-managed services.

With VPC Service Controls, you can configure security perimeters around the resources of your Google-managed services and control the movement of data across the perimeter boundary.

Using Container Registry with VPC Service Controls

If you are using Container Registry with a Google Kubernetes Engine private cluster within a service perimeter, follow the instructions to set up secure communication with Container Registry using a restricted virtual IP.

For general instructions to add Container Registry to a service perimeter, see Creating a service perimeter.

Using Container Analysis with VPC Service Controls

VPC Service Controls provides support for Container Analysis. Depending on your pipeline, it may require adding some other services to your service perimeter. To learn more, see Supported products and limitations

For general instructions to add Container Analysis to a service perimeter, see Creating a service perimeter.