Information
Scan images stored in Google Container Registry (GCR) for vulnerabilities.
Rationale:
Vulnerabilities in software packages can be exploited by hackers or malicious users to obtain unauthorized access to local cloud resources. GCR Container Analysis and other third party products allow images stored in GCR to be scanned for known vulnerabilities.
Impact:
None.
Solution
Using Google Cloud Console
Go to GCR by visiting https://console.cloud.google.com/gcr
Select Settings and Click Enable Vulnerability Scanning.
Using Command Line
gcloud services enable containerscanning.googleapis.com
Default Value:
By default, GCR Container Analysis is disabled.