Console
    Start free

    gcloud artifacts docker images scan

    NAME
    gcloud artifacts docker images scan - perform a vulnerability scan on a container image
    SYNOPSIS
    gcloud artifacts docker images scan RESOURCE_URI [ --additional-package-types =[ ADDITIONAL_PACKAGE_TYPES , …]] [ --async ] [ --location = LOCATION ; default="us"] [ --remote ] [ --skip-package-types =[ SKIP_PACKAGE_TYPES , …]] [ GCLOUD_WIDE_FLAG ]
    DESCRIPTION
    You can scan a container image in a Google Cloud registry (Artifact Registry or Container Registry), or a local container image.

    Reference an image by tag or digest using any of the formats:

    Artifact  
Registry:  
LOCATION-docker.pkg.dev/PROJECT-ID/REPOSITORY-ID/IMAGE [ 
:tag ] 
  
LOCATION-docker.pkg.dev/PROJECT-ID/REPOSITORY-ID/IMAGE@sha256:digest
     
    Container  
Registry:  
 [ 
LOCATION. ] 
gcr.io/PROJECT-ID/REPOSITORY-ID/IMAGE [ 
:tag ] 
  
 [ 
LOCATION. ] 
gcr.io/PROJECT-ID/REPOSITORY-ID/IMAGE@sha256:digest
     
    Local:  
IMAGE [ 
:tag ]
    EXAMPLES
    Start a scan of a container image stored in Artifact Registry: 
     gcloud  
artifacts  
docker  
images  
scan  
us-west1-docker.pkg.dev/my-project/my-repository/busy-box@sha256:abcxyz  
 --remote

    Start a scan of a container image stored in the Container Registry, and perform the analysis in Europe:

     gcloud  
artifacts  
docker  
images  
scan  
eu.gcr.io/my-project/my-repository/my-image:latest  
 --remote 
  
 --location 
 = 
europe

    Start a scan of a container image stored locally, and perform the analysis in Asia:

     gcloud  
artifacts  
docker  
images  
scan  
ubuntu:latest  
 --location 
 = 
asia
    POSITIONAL ARGUMENTS
    RESOURCE_URI
    A container image in a Google Cloud registry (Artifact Registry or Container Registry), or a local container image.
    FLAGS
    --additional-package-types =[ ADDITIONAL_PACKAGE_TYPES ,…]
    (DEPRECATED) A comma-separated list of package types to scan in addition to OS packages.

    This flag is deprecated as scanning for all package types is now the default. To skip scanning for specific package types, use --skip-package-types. ADDITIONAL_PACKAGE_TYPES must be one of:

    COMPOSER
    PHP Composer package.
    GO
    Go standard library and third party packages.
    MAVEN
    Maven package.
    NPM
    NPM package.
    NUGET
    NuGet package.
    PYTHON
    Python package.
    RUBYGEMS
    RubyGems package.
    RUST
    Rust package.
    --async
    Return immediately, without waiting for the operation in progress to complete.
    --location = LOCATION ; default="us"
    The API location in which to perform package analysis. Consider choosing a location closest to where you are located. Proximity to the container image does not affect response time. LOCATION must be one of:
    asia
    Perform analysis in Asia
    europe
    Perform analysis in Europe
    us
    Perform analysis in the US
    --remote
    Whether the container image is located remotely or on your local machine.
    --skip-package-types =[ SKIP_PACKAGE_TYPES ,…]
    A comma-separated list of package types to skip when scanning. SKIP_PACKAGE_TYPES must be one of:
    COMPOSER
    PHP Composer package.
    GO
    Go standard library and third party packages.
    MAVEN
    Maven package.
    NPM
    NPM package.
    NUGET
    NuGet package.
    PYTHON
    Python package.
    RUBYGEMS
    RubyGems package.
    RUST
    Rust package.
    GCLOUD WIDE FLAGS
    These flags are available to all commands: --access-token-file , --account , --billing-project , --configuration , --flags-file , --flatten , --format , --help , --impersonate-service-account , --log-http , --project , --quiet , --trace-token , --user-output-enabled , --verbosity .

    Run $ gcloud help for details.

    NOTES
    This variant is also available: 
      gcloud  
beta  
artifacts  
docker  
images  
scan
    Create a Mobile Website
    View Site in Mobile | Classic
    Share by: