Support
API docs
Product updates Sign up for free

Container security with GAR integration

Snyk integrates with Google Artifact Registry (GAR) so you can monitor your containers for vulnerabilities and fix them as you work. Snyk tests the container images you have imported on a regular cadence.

For more details about how Snyk scans containers, see How Snyk Container works.

For additional information, see What is container security? on Snyk Learn.

Enable permissions for GAR integration

Prerequisites to enabling permissions for GAR integration

Enable the Artifact Registry API for the Google account you plan on integrating with Snyk. Allow a few minutes for Google to propagate the enablement.

Steps to enable permissions for GAR integration

  1. Navigate to the Google Cloud Console Credentials page.

  2. Select the Google project for which you are creating credentials if it is not already selected.

  3. Select the Create Credentials button and select Service Account.

  4. Give the new service account a unique name and ID and select Create.

  5. On the Service account permissions page, choose Select a role and Artifact Registry Reader. You must also add an additional role that has the resourcemanager.projects.list permission, such as Browser or Viewer.

  6. After the account has been created, select the relevant account in the Service Accounts section.

  7. In the Service account details page, under the Keys section, select Add Key and Create New Key.

  8. Select JSON for the Key type and select Create.

The JSON key is generated for your project. Copy the entire contents of the JSON file for the next step: Configure integration for GAR.

Configure integration for GAR

Configure integration from Snyk with your Google Artifact Registry account to scan for vulnerabilities and fix security and license issues accordingly.

Prerequisites to configuring integration for GAR

Enable permissions for GAR integration

Steps to configure GAR integration

  1. Navigate to your Organization in the Snyk Web UI.

  2. Select Integrations.

  3. In the Container Registries section, select Google Artifact Registry.

  4. In the Account credentials section, enter your Artifact Registry hostname. This is typically <Your Region Name>-docker.pkg.dev, but in some cases, you may need to use a specific region or multi-region, for example, us-east1-docker.pkg.dev or us-docker.pkg.dev.

  5. In the JSON key file field, paste the entire contents of the JSON key file you downloaded when enabling permissions.

  6. Select Save.

Snyk checks the credentials, and upon success, the page reloads with a notification that the connection succeeded.

PreviousContainer security with GitLab Container Registry integrationNextContainer security with Snyk Docker Desktop Extension

Last updated

More information

Snyk privacy policy

© 2023 Snyk Limited | All product and company names and logos are trademarks of their respective owners.