Container Image Targets

Use Oracle Cloud Infrastructure Vulnerability Scanning Service to create and manage container image targets and to assign them to container image scan recipes. A container image target is a collection of repositories in Container Registry that you want scanned for security vulnerabilities.


You can configure image scanning and view results using either:

Container Registry lets you share and manage container images (such as Docker images) by storing them in repositories. A repository is a named collection of related images that are grouped for convenience. During the deployment of an application to a Kubernetes cluster, one or more images can be pulled from a repository to start containers on the cluster.

When you create a new repository in Container Registry, image scanning is enabled by default on the repository. Every time an image is pushed to the repository, it's scanned for security vulnerabilities. Container Registry automatically rescans any images in the repository that have changed since the previous scan. You can also disable image scanning on a particular repository.

You have two options when selecting the repositories for a target.

  • Scan one or more specific repositories within a compartment.
  • Scan all repositories within a compartment and its subcompartments.

If you create a target for the root compartment, then all repositories in the entire tenancy are scanned.

When a target is created, the Vulnerability Scanning service scans a specified initial number of images in the target repositories (one image by default). After this initial scan, the service also scans any new image that's pushed to the target.

The Vulnerability Scanning service saves the results for an image repository in the same compartment as the repository's Vulnerability Scanning target.

Consider the following example.

  • The repository MyRepo in Container Registry is in CompartmentA.
  • MyRepo is specified in Target1.
  • Target1 is in CompartmentB.
  • All reports related to MyRepo are in CompartmentB.

This section contains the following topics: