This chapter covers Google Cloud's Artifact Registry service, which is the centralized solution for storing, managing, and securing container images and language packages (Maven, npm, etc.). For the ACE exam, approximately 5-8% of questions touch on container management and artifact storage, often combined with CI/CD and Kubernetes deployment scenarios. You will learn how to configure repositories, manage images, use vulnerability scanning, and integrate with Cloud Build and GKE—all essential for passing the exam.
Jump to a section
Imagine a large public library system that manages millions of books across multiple branches. Each branch has its own repository with specific shelving rules: some repositories store rare manuscripts with strict climate control, others hold standard fiction on open shelves. The library uses a central catalog system (Artifact Registry) that tracks every book's location, version, and metadata. When a patron requests a book, the librarian queries the catalog to find the exact edition and branch. The catalog supports multiple formats: hardcover, paperback, digital (Docker images), audio (Maven artifacts), and even microfiche (Kubernetes objects). Each repository in the catalog can have different access policies: some are public (anyone can browse), some are private (only library card holders), and some are restricted to specific departments (IAM roles). The catalog also maintains version history—if a patron asks for a specific edition, the librarian can retrieve it even if newer editions exist. Importantly, the catalog is immutable: once a book is entered, its content cannot be changed, only new editions can be added. This prevents tampering and ensures reproducibility. The library uses a naming convention like 'branch/repository/package:version' to uniquely identify every item. This mirrors how Artifact Registry organizes container images and packages: projects/repositories/packages:tag.
What is Artifact Registry and Why It Exists
Artifact Registry is a fully managed, regionalized service for storing and managing container images and language packages. It replaced Container Registry as the primary artifact store on Google Cloud. The service supports multiple artifact formats:
Container images (Docker and OCI)
Language packages: Maven (Java), npm (Node.js), Python (pip), Apt, and Yum
Kubernetes objects (custom resource definitions)
Artifact Registry is essential for any CI/CD pipeline because it provides a secure, immutable, and versioned store for build artifacts. It integrates natively with Cloud Build, GKE, Cloud Run, and other GCP services. The key reason for its existence is to ensure that the exact artifact used in development is the same one deployed to production, preventing "works on my machine" issues.
How Artifact Registry Works Internally
Artifact Registry uses a regional storage backend backed by Cloud Storage buckets. When you push a container image, the service: 1. Authenticates the request using IAM. 2. Validates the image manifest and layers. 3. Stores each layer as a separate object in a Cloud Storage bucket managed by the service. 4. Creates a metadata entry in the Artifact Registry database (Cloud SQL) that maps the image tag to the manifest digest. 5. Enables vulnerability scanning using the Container Analysis API, which checks each layer against known CVE databases.
The service is immutable: once an image or package is stored, its content cannot be modified. Only new versions or tags can be added. This immutability is enforced at the storage layer by using write-once-read-many (WORM) semantics. Deleting an artifact requires explicit permission (artifactregistry.versions.delete) and is not reversible without backup.
Key Components, Values, Defaults, and Timers
Repository: A named collection of artifacts. Created in a specific GCP region (e.g., us-central1). Types: Docker, Maven, npm, Python, Apt, Yum, KFP.
Package: A logical grouping of artifact versions (e.g., my-app).
Version: A specific snapshot of a package, identified by a tag (e.g., v1.0) and a digest (e.g., sha256:abc123).
Tag: A mutable alias that points to a version. Tags can be moved, but the digest always points to the immutable content.
Default retention policy: Versions are kept indefinitely unless a lifecycle policy is configured. The artifactregistry.versions.delete permission is required to delete versions.
Cleanup policies: You can set time-based or count-based policies to automatically delete old versions. For example, keep only the last 5 versions or delete versions older than 30 days.
Vulnerability scanning: Enabled by default for all new repositories. Scans are triggered on push and periodically (every 12 hours). Results are stored in the Container Analysis API and can be viewed in the Console or via gcloud artifacts docker images list --show-occurrences.
Remote repositories: Introduced in 2022, allow proxying and caching of external registries (e.g., Docker Hub, Maven Central). This reduces latency and egress costs.
Virtual repositories: Combine multiple upstream repositories (including remote and standard) into a single endpoint, simplifying client configuration.
Configuration and Verification Commands
To create a Docker repository:
gcloud artifacts repositories create my-repo --repository-format=docker --location=us-central1 --description="My Docker repo"To configure authentication for Docker:
gcloud auth configure-docker us-central1-docker.pkg.devTo push an image:
docker tag my-image us-central1-docker.pkg.dev/my-project/my-repo/my-image:tag
docker push us-central1-docker.pkg.dev/my-project/my-repo/my-image:tagTo list images and their vulnerabilities:
gcloud artifacts docker images list us-central1-docker.pkg.dev/my-project/my-repo --include-occurrencesTo set a cleanup policy:
gcloud artifacts repositories set-cleanup-policies my-repo --location=us-central1 --policy=policy.jsonExample policy.json:
{
"policies": [
{
"id": "keep-recent-5",
"action": "DELETE",
"condition": {
"versionAge": {
"olderThan": "30d"
}
}
}
]
}Interaction with Related Technologies
Cloud Build: When a build is triggered, Cloud Build can automatically push artifacts to Artifact Registry using the artifacts field in cloudbuild.yaml. The service account used by Cloud Build needs the artifactregistry.writer role.
GKE: GKE nodes can pull images from Artifact Registry using the node's service account. For private clusters, you need to configure VPC peering or Private Service Connect. GKE also supports image streaming for faster startup times.
Cloud Run: Deployments can reference images from Artifact Registry. The Cloud Run service account must have artifactregistry.reader on the repository.
CI/CD tools: Jenkins, GitLab, and other tools can authenticate using service account keys or Workload Identity Federation.
Binary Authorization: Can be integrated to enforce that only signed images from Artifact Registry are deployed.
Vulnerability Scanning Details
Artifact Registry uses the Container Analysis API, which is built on Grafeas. The scanning process:
1. When an image is pushed, the service extracts the list of installed packages (OS packages, language dependencies).
2. It compares the package versions against a constantly updated database of CVEs.
3. The scan results include severity (CRITICAL, HIGH, MEDIUM, LOW) and fix availability.
4. You can view results in the Console under Artifact Registry > Images > select image > Vulnerabilities tab.
5. You can also use the gcloud artifacts docker images list --show-occurrences command to get a JSON output with occurrence details.
Note: Scanning is automatic and free. There is no option to disable it for individual repositories, but you can disable the Container Analysis API entirely (not recommended).
Create a Docker Repository
Use the gcloud command to create a repository with format 'docker' in a specific region. The repository name must be unique within the project and location. Default permissions allow project editors to push, but you should explicitly grant roles to service accounts. Example: `gcloud artifacts repositories create my-repo --repository-format=docker --location=us-central1`. This creates a regional endpoint: us-central1-docker.pkg.dev. The repository is immediately ready to accept images.
Configure Docker Authentication
Run `gcloud auth configure-docker us-central1-docker.pkg.dev` to update Docker's config.json with authentication credentials. This command adds an entry to ~/.docker/config.json that uses gcloud as a credential helper. The credential helper automatically refreshes tokens. You must run this once per region. If you skip this step, docker push will fail with 'denied: requested access to the resource is denied'.
Tag and Push a Container Image
Tag your local Docker image with the full Artifact Registry path: `docker tag my-image us-central1-docker.pkg.dev/my-project/my-repo/my-image:v1`. Then push: `docker push us-central1-docker.pkg.dev/my-project/my-repo/my-image:v1`. The push uploads each layer separately. Artifact Registry stores layers deduplicated across images. The tag 'v1' is created pointing to the image digest. You can push multiple tags pointing to the same digest.
View Image Metadata and Vulnerabilities
Use `gcloud artifacts docker images list us-central1-docker.pkg.dev/my-project/my-repo --include-occurrences` to see all images and their vulnerability summaries. For detailed info on a specific image: `gcloud artifacts docker images describe us-central1-docker.pkg.dev/my-project/my-repo/my-image:v1`. The describe command shows the image digest, creation time, and update time. Vulnerabilities are listed under the 'occurrences' field in the JSON output.
Set Up a Cleanup Policy
Create a JSON policy file and apply it with `gcloud artifacts repositories set-cleanup-policies my-repo --location=us-central1 --policy=policy.json`. Example policy: keep only the last 10 versions. The policy runs asynchronously and deletes matching versions within 24 hours. You can also set policies via the Console. Cleanup policies help control storage costs and comply with retention requirements.
Enterprise Scenario 1: Multi-Region Deployment with GKE
A global e-commerce company deploys its microservices across multiple GKE clusters in us-central1 and europe-west1. They use Artifact Registry with regional repositories in each region to minimize latency and egress costs. Each region has its own repository (e.g., us-central1-docker.pkg.dev/prod/backend and europe-west1-docker.pkg.dev/prod/backend). The CI/CD pipeline (Cloud Build) pushes images to both repositories simultaneously. GKE node pools are configured with a service account that has artifactregistry.reader on the specific regional repository. This ensures that nodes in Europe pull from the European repository, not crossing regions. Common misconfiguration: using a single repository in one region causes nodes in other regions to pull across regions, incurring egress charges and increased latency. To fix, they use a virtual repository that aggregates both regional repos, but that still requires proper IAM. The solution is to use regional repos and configure GKE with a node-level Docker daemon config that points to the correct regional endpoint.
Enterprise Scenario 2: Compliance with Binary Authorization
A financial institution must ensure that only signed and vulnerability-free images are deployed to production. They use Artifact Registry integrated with Binary Authorization. All images are built by Cloud Build, which signs them using a KMS key. The Binary Authorization policy requires that images be signed by the 'build' attestor and have no CRITICAL vulnerabilities. Artifact Registry's vulnerability scanning provides the CVE data that Binary Authorization evaluates. If an image has a CRITICAL vulnerability, the deployment is blocked. The team also uses cleanup policies to automatically delete images older than 90 days to comply with data retention policies. Common pitfall: forgetting to grant the Binary Authorization service account access to the Container Analysis API, causing attestation failures.
Scenario 3: Hybrid Cloud with Remote Repositories
A SaaS company uses both Google Cloud and on-premises Kubernetes clusters. They want to cache Docker Hub images locally to reduce internet dependency and improve pull speeds. They create a remote repository in Artifact Registry that proxies Docker Hub. The remote repository caches pulled images in their GCP region. On-prem clusters pull from this remote repository via a VPN. This reduces egress costs and provides a consistent image source. They also use a virtual repository that aggregates the remote repository and a local repository for custom images. Misconfiguration: not setting up proper VPC peering for on-prem access, causing timeouts. They resolved by using Private Service Connect.
Exactly What ACE Tests
Objective 3.2 (Deploy Implement): "Managing container images with Artifact Registry." The exam focuses on:
Creating and configuring repositories (format, location, IAM)
Pushing and pulling images (authentication, tagging)
Vulnerability scanning (enabled by default, results in Container Analysis)
Cleanup policies (JSON policy, conditions)
Integration with Cloud Build and GKE
Differences between Artifact Registry and Container Registry (deprecated)
Common Wrong Answers and Why
1. Wrong: "Container Registry is the recommended service for storing container images." Why wrong: Container Registry is deprecated; Artifact Registry is the recommended service. The exam explicitly tests this shift.
2. Wrong: "You must enable vulnerability scanning manually." Why wrong: Vulnerability scanning is enabled by default for all new repositories. Candidates who don't know this might choose manual setup.
3. Wrong: "Cleanup policies delete versions immediately." Why wrong: Cleanup policies run asynchronously and deletions can take up to 24 hours. The exam tests this delay.
4. Wrong: "You can modify an image after pushing it." Why wrong: Artifact Registry is immutable. You cannot change an existing image; you must push a new version.
Specific Numbers and Terms
Default vulnerability scan interval: every 12 hours.
Repository format values: docker, maven, npm, python, apt, yum, kfp.
Authentication command: gcloud auth configure-docker [REGION]-docker.pkg.dev.
IAM roles: artifactregistry.reader, artifactregistry.writer, artifactregistry.admin.
Cleanup policy action: DELETE (only option).
Maximum tag length: 128 characters.
Repository naming: must be 2-63 characters, lowercase letters, numbers, and hyphens.
Edge Cases and Exceptions
Cross-project pulls: If Cluster A in Project A needs to pull from Artifact Registry in Project B, you must grant the GKE node service account in Project A the artifactregistry.reader role on the repository in Project B.
Private GKE clusters: Nodes in private clusters need access to Artifact Registry via VPC peering or Private Service Connect. The exam may ask how to configure this.
Immutable tags: You can enable immutable tags at the repository level to prevent tags from being overwritten. This is a common exam scenario for security.
Remote repositories: They cache images, but the cache has no expiration; you must manually clear it if needed.
How to Eliminate Wrong Answers
If a question mentions "deprecated" or "legacy," the answer likely involves Container Registry. If a question asks about automatic scanning, remember it's enabled by default. For cleanup policies, look for "asynchronous" or "up to 24 hours." For authentication, the command always includes configure-docker with the regional endpoint.
Artifact Registry is the recommended service; Container Registry is deprecated.
Repository formats include docker, maven, npm, python, apt, yum, kfp.
Authentication requires `gcloud auth configure-docker [REGION]-docker.pkg.dev`.
Vulnerability scanning is enabled by default and scans every 12 hours.
Cleanup policies delete versions asynchronously within 24 hours.
Tags are mutable; digests are immutable.
IAM roles: artifactregistry.reader, writer, admin.
Remote repositories proxy external registries; virtual repositories aggregate multiple upstreams.
Regional repositories reduce latency and egress costs.
Binary Authorization can enforce image signing and vulnerability policies.
These come up on the exam all the time. Here's how to tell them apart.
Artifact Registry
Multi-format support (Docker, Maven, npm, Python, Apt, Yum, KFP).
Regional repositories for low-latency and data residency.
Vulnerability scanning enabled by default.
Cleanup policies for automated lifecycle management.
Remote and virtual repository support.
Container Registry (Deprecated)
Only supports Docker images.
Global (single endpoint gcr.io) – no regional control.
Scanning required manual enablement.
No built-in cleanup policies; manual deletion required.
No remote or virtual repository support.
Mistake
Artifact Registry only supports Docker images.
Correct
Artifact Registry supports Docker, Maven, npm, Python, Apt, Yum, and Kubernetes object formats.
Mistake
You can edit an existing container image tag to point to a different image.
Correct
Tags are mutable and can be moved, but the underlying image (digest) is immutable. You can change a tag to point to a different digest, but you cannot alter the digest's content.
Mistake
Vulnerability scanning must be manually enabled per repository.
Correct
Vulnerability scanning is enabled by default for all new repositories. You can disable it only by disabling the Container Analysis API entirely.
Mistake
Cleanup policies delete versions immediately after the condition is met.
Correct
Cleanup policies run asynchronously; deletions typically occur within 24 hours after the policy is applied or condition met.
Mistake
You can use the same repository across multiple regions without performance impact.
Correct
Each repository is regional. If you need low-latency access in multiple regions, you must create separate repositories in each region or use a virtual repository that aggregates them.
Reveal each answer, then mark whether you got it right. Score 60%+ to unlock the next chapter.
Google provides a migration tool: `gcloud artifacts docker upgrade`. This command moves all images from a Container Registry repository (e.g., gcr.io) to an Artifact Registry repository. You must create the target repository first. The tool copies all tags and digests. After migration, update your CI/CD pipelines and Kubernetes manifests to use the new Artifact Registry URL. Note that the old Container Registry repository will still exist but can be deleted after verification.
Yes, but you need to configure network access. Private GKE cluster nodes do not have public IP addresses, so they cannot reach the public Artifact Registry endpoint. You must either use VPC peering to connect the node's VPC to the Artifact Registry's VPC (Google-managed) or use Private Service Connect. Alternatively, you can enable Private Google Access on the subnet to allow nodes to reach Google APIs via internal IP. The correct approach depends on your network setup.
Create a remote repository with format 'docker' and specify the upstream source as 'DOCKER_HUB' (or 'DOCKER_HUB_US' for US-only). Example: `gcloud artifacts repositories create remote-docker --repository-format=docker --location=us-central1 --mode=remote-repository --remote-repository-config=docker-hub`. Then, configure your Docker client to pull from this remote repository instead of Docker Hub. The remote repository caches pulled images in your GCP region for faster subsequent pulls.
A tag is a mutable, human-readable alias that points to a specific image version (e.g., 'v1.0'). A digest is an immutable, content-addressable identifier (e.g., 'sha256:abc123...') that uniquely identifies the exact image content. Tags can be reassigned to different digests, but the digest always points to the same immutable content. Best practice: use tags for development and CI/CD, but reference digests in production deployments for reproducibility.
You can delete an image version using the gcloud command: `gcloud artifacts versions delete VERSION --package=PACKAGE --repository=REPO --location=LOCATION`. Alternatively, delete by tag: `gcloud artifacts docker images delete LOCATION-docker.pkg.dev/PROJECT/REPO/IMAGE:TAG`. You need the `artifactregistry.versions.delete` permission. Deletion is irreversible unless you have a backup. You can also use cleanup policies to automate deletion of old versions.
Yes, by integrating Artifact Registry with Binary Authorization. You create an attestor that verifies signatures (e.g., using Cloud KMS). Then, configure a Binary Authorization policy that requires at least one attestation from a trusted attestor. The policy can also check vulnerability severity. When GKE or Cloud Run tries to deploy an image, Binary Authorization checks the attestations and vulnerability data from Artifact Registry before allowing the deployment.
To push images, you need the `artifactregistry.writer` role (or `artifactregistry.admin`) on the repository or project. To pull images, you need the `artifactregistry.reader` role. These roles can be granted to user accounts, service accounts, or groups. For automated pipelines, use a service account with the appropriate role. Note that the `roles/artifactregistry.writer` includes read permissions, so it is sufficient for CI/CD that both pushes and pulls.
You've just covered Artifact Registry and Container Management — now see how well it sticks with free ACE practice questions. Full explanations included, no account needed.
Done with this chapter?