Google Cloud Platform (GCP) provides an efficient way to store container images through the Artifact Registry. Leveraging the power of Aikido in conjunction with GCP's Artifact Registry ensures a robust security framework. Let's walk through the process of enabling container analysis for images stored in Artifact Registry.
Step 1: Set Up Aikido Integration with GCP
Before you begin, make sure your GCP cloud environment has been linked with Aikido. If you did not do this, you can follow the steps in this article to get set up.
Step 2: Enable the Container Analysis API
Log in to your GCP console and navigate to the Artifact Registry service. Click on "Settings" on the left-hand side, where you can turn on vulnerability scanning for your container images.
Step 3: Push the latest version of your images to artifact registry
GCP will only scan newly pushed imags for vulnerabilities. So for the analysis to start on your images, you should push the latest version of your images again to the artifact registry.
Step 4: Start a scan in Aikido to process the results
Once "vulnerability scanning" is enabled for your project, GCP will automatically scan all your latest images for vulnerabilities and make them accessible to acquire via the API.
The initial scan ususally takes a few minutes, after which you can trigger a scan for your cloud environment in Aikido to process the results. Ofcourse we'll have our scoring engine take a look at the results to ensure we only show the relevant issues.