# IaC on GCR Scan

{% embed url="<https://youtu.be/uYTivs_22to>" %}

### Prerequisites&#x20;

* Google account&#x20;
* Created project in Google Console&#x20;
* Private repositories with images in Google Container Registry&#x20;

### Scan Public images

Go to **‘Applications’ -> ‘Scan’ -> ‘Other’ -> ‘GCR’** and insert name of the image you want to scan:

<figure><img src="https://lh4.googleusercontent.com/OyYOKQmoHNRRwu1XoJEBDzm8g-fd9QYPXusqs2BmaKcCHgXO69KpK9sYZ9nIuVCK1vSiAGoY6TIBqNJBeGzW1ZyVGxhdWRW_WWuJz3e-4Jl0qGgw76DSgPVUVMzTxaQHSU_nppAG04YCUrYm0kkIQZ9IWH5v9mXnDra3-i9BvwCuu7PmNF7voJSzYA" alt=""><figcaption></figcaption></figure>

After the scan new application with the name of the image will be created:

<figure><img src="https://lh4.googleusercontent.com/UZjyQ5E1ksIt-3m65TF2jJQJPECnowIMMHCwKtAjBe9J5cocxO3VkX3GUWs4m0-hUdLRfznzLSY0RKV6I4A24W0hhogwG6Re67N6exbUw5pdr9OXJKHPvTVoneOuX0EsiK2QKRk5Rjx2f9iezAAzHkyACxy5Pu0nGds5RLA24AFDL3ZAZSJJKEZvMw" alt=""><figcaption></figcaption></figure>

### Scan Private images

#### Step 1: Create a Service account.&#x20;

Go to ‘Google console’ -> ‘IAM & Admin’ -> ‘Service accounts’ -> ‘Create service account’. Fill ‘Service account name’ and ‘Service account ID’:

<figure><img src="https://lh4.googleusercontent.com/pKESeKQhJ3i9s8zbArY5e7zug4qQzvgcIliwlTeTys1BeP3pMlOknD22x04oDCTy39TJR0fFYV6uVrUgH8QoL2pBbLC5x_74zisFIX0CW86VDh_dgSzN3504JHl7l5Y4gKIP9CGSEMeSg83zCnhv3F86NPFxTGBS0Wzh3f9rac0lTFA6kz5Qf_EtmA" alt=""><figcaption></figcaption></figure>

In the next section select ‘Storage Object Viewer’ role:

<figure><img src="https://lh6.googleusercontent.com/aD_SQiYUoLBalVbySIoEmVTKz5UgTLscoUSXmVWz3hpQhiOpoR9mWO-8-Tt1Tzo4VTWdRj23pxpR81lXD35FjdCR8sj5HO-iSzTVubyG-aUEo26Xs0W6ZSuIsP7L4QapY7ZKw7oFCthEBrJRlA6Gkhj9QLzMERoOkxcQ2WmKdjh-dJ7s27GxOMMXFA" alt=""><figcaption></figcaption></figure>

Click on the created account and go to the ‘Keys’ tab. Create JSON key:

<figure><img src="https://lh6.googleusercontent.com/NBlI26PATPQ6sf_Cf-1hcnydkBHoBI1TeOoI0o2MgtUrVpLW6UFHXjhnVrkNmmiV2BHvbyrGmLsJy5cpQA4puXZe94_07w49Ezw_Gp_fgx06dfbef8B1sHO1z1LyIACYyfE2BHDMFITFjPdgOY4qYECDHGAzeQqPG16z3i9LDKio3UoI9hBs844zIg" alt=""><figcaption></figcaption></figure>

Credentials file will automatically download.

#### Step 2: Add Google Container Registry integration in CloudDefense.&#x20;

Go to ‘Integrations’ -> ‘Container Coverage’ -> ‘Google Container Registry’. Choose downloaded credentials file:

<figure><img src="https://lh5.googleusercontent.com/830hvhya33oknzF5ohescKnANf820LZd-NFCKQZ6OhDcsZOnBpFGdISC1NklXXs9eSTQmcA1zF-p_7TsSfXCF38_g3naJg3uYPOmfwC85q9PtLM10YgvG5eoisuI8GzZjzpzaaO3aD36OJf64lfbLLcQ9-_Rg-Ih7_UI-aXzoRogOuP1OvXBOT9g2A" alt=""><figcaption></figcaption></figure>

Click ‘Configure’.

#### Step 3: Scan your private images.

After successful configuration you can scan your own images.

Go to the **‘Integrations’ -> ‘Container Coverage’ -> ‘Google Container Registry’ or ‘Applications’ -> ‘Scan’ -> ‘Other’ -> ‘Google Container Registry’ -> ‘Your own images’.** Choose host and the image (images) you want to scan:

<figure><img src="https://lh3.googleusercontent.com/i3eaj0AzOcJG2Kg23rE7MggfPFKvjCzZS65_hwnUQv1n5kVJJN8KruTmczyfYppOPYmUrx-tGPPNvydMR183MjLo7T7afFy3mtmU4qCPMboLJCE_A0Cu-zGpX-W-8Ek0DfJUyuHgwtVbPhaJnbsxxKCw_FVoB208nWocuxbB8k38lubmQt0aG7DAWA" alt=""><figcaption></figcaption></figure>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.clouddefenseai.com/integration/iac-on-gcr-scan.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.