Container Registry Pricing

Container Registry charges for the Cloud Storage storage and network egress used by your Docker images, as well as the vulnerability scanning feature. This page briefly explains the approximate costs for these resources. For more complete information on storage and network egress costs, see the Cloud Storage pricing page.

If you pay in a currency other than USD, the prices listed in your currency on Cloud Platform SKUs apply.

Storage

The first time you push an image to Container Registry, the system creates a Cloud Storage bucket to store all of your images. You are charged for this storage.

The default Cloud Storage class used for most Container Registry storage buckets is called Standard.

The price for Standard buckets is about $0.026 per GB per month.

Because your regional location and storage needs might vary, your Cloud Storage bucket's class might also vary. To learn about pricing for other bucket classes, see the Cloud Storage pricing price sheet.

To learn more about regional locations and their Cloud Storage classes, see Bucket Locations.

Network egress

The Cloud Storage network egress pricing sheet explains how you are charged for egress.

Vulnerability scanning

If you choose to enable the vulnerability scanning feature for your container images, the price is $0.26 per scanned container image.

  1. When you enable the Container Scanning API, billing begins immediately.

  2. Container Analysis automatically scans an image the first time you push it to the registry and charges you for the initial scan. This charge applies only to the initial scan and is not affected by the number of layers on the base image. Once the image has been uploaded and initially scanned, subsequent scans of the same image are free.

    Each image is uniquely identified by a digest. Images with the same digest are considered the same image.

  3. Container Analysis does not automatically scan existing images after you enable the API. To scan an existing image, you must push it again.

Each new version of an image is associated with a digest, a unique identifier that is created when you push the image to Container Registry. Tags that you add to an image are labels and do not change the content of the image, therefore you are not billed for adding or editing tags.

Promotional period for vulnerability scanning

Vulnerability scanning became a paid service with the general availability release of Container Analysis. Charges will be applied according to the following promotional schedule:

  • Between September 20, 2019 and March 31, 2021, charges are billed with a 100% discount.

  • Between April 1, 2021 and June 30, 2021, charges are billed with a 50% discount.

  • Starting on July 1, 2021, charges are billed at 100%.

See the upgrading page to learn about best practices for keeping your costs low and how to estimate your scanning costs.