Artifact Registry

Jan 1, 0001

Definition

Artifact Registry is a service that allows organizations to store, manage, and secure container images, language packages, and other artifacts. It provides a centralized repository that integrates with CI/CD pipelines, enabling efficient artifact management and distribution. Artifact Registry supports fine-grained access control, ensuring that only authorized users and systems can access or modify the stored artifacts.

Secure Settings Example

# Example IAM policy for Artifact Registry
bindings:
- role: roles/artifactregistry.reader
  members:
  - user: alice@example.com
- role: roles/artifactregistry.writer
  members:
  - serviceAccount: ci-cd-pipeline@example.iam.gserviceaccount.com
- role: roles/artifactregistry.admin
  members:
  - group: devops-team@example.com

Insecure Settings Example

# Insecure IAM policy for Artifact Registry
bindings:
- role: roles/artifactregistry.admin
  members:
  - allUsers  # Grants admin access to everyone, including unauthenticated users

Artifact Registry

Definition

Secure Settings Example

Insecure Settings Example

Ask AppSec: free security newsletter

Ask AppSec: free security newsletter