Artifact Registry is GCP's unified artifact repository, recommended since 2022 as the successor to Container Registry (GCR). It supports 10+ formats beyond Docker — Maven, npm, Python, Apt, Yum, Helm, and more — and integrates supply-chain security features.
| Format | Use case |
|---|---|
| Docker | Container images |
| Maven | Java / Kotlin / Scala |
| npm | JavaScript / TypeScript |
| Python (PyPI) | Python packages |
| Apt | Debian / Ubuntu |
| Yum | RHEL / CentOS |
| Helm | Kubernetes Chart |
| Go | Go modules |
| Generic | Arbitrary files |
| KubeflowPipelines | ML pipelines |
| Type | Use case |
|---|---|
| Standard | First-party uploads |
| Remote | Proxy + cache for Docker Hub / Maven Central / PyPI and similar |
| Virtual | Unifies multiple Standard / Remote repositories behind a single endpoint |
# Authenticate gcloud auth configure-docker asia-northeast1-docker.pkg.dev # Create the repository gcloud artifacts repositories create my-repo \ --repository-format=docker --location=asia-northeast1 # Push the image docker tag my-app:v1 asia-northeast1-docker.pkg.dev/PROJECT/my-repo/my-app:v1 docker push asia-northeast1-docker.pkg.dev/PROJECT/my-repo/my-app:v1
| Item | Price |
|---|---|
| Storage | $0.10/GB/month |
| Free tier | 0.5 GB/month |
| Egress (same-region GCP) | Free |
| Egress (cross-region / external) | Standard egress rates |
| Vulnerability Scan | $0.26/image (first scan) |
| Item | Artifact Registry | AWS ECR | Azure ACR |
|---|---|---|---|
| Container | Excellent | Excellent | Excellent |
| Maven / npm / Python | Excellent | — | — |
| Helm | Excellent | Good (OCI Helm) | Good |
| Geo-replication | Multi-region | Cross-region Replication | Geo-replication |
| Vulnerability scanning | Container Analysis | ECR Scanning | Defender for Cloud |
How is it different from Container Registry (GCR)?
GCR is being deprecated (starting 2025) and Artifact Registry is its successor. AR supports Container plus Maven / npm / Python / Apt / Yum / Generic formats.
Which repository formats are supported?
10+ formats are supported, including Docker, Maven, npm, Python (PyPI), Apt (Debian), Yum (RHEL), Helm, Go, Generic, and KubeflowPipelines.
What is the difference between Standard and Remote?
Standard is for direct uploads, while Remote acts as a proxy plus cache for Docker Hub / Maven Central / PyPI and similar registries. A Virtual Repository can unify both behind a single endpoint.
How does vulnerability scanning work?
Container Analysis is integrated, so a CVE scan runs automatically on push. Critical / High vulnerabilities trigger alerts, and SBOM generation is supported.
What is the pricing model?
Storage ($0.10/GB/month) plus network egress. 0.5 GB/month is free, and pulls from same-region GCE / GKE / Cloud Run are free.
How does it combine with Binary Authorization?
Scan with AR's Container Analysis, sign with Cosign, then verify the signature with Binary Authorization before deployment. This is the standard supply-chain security flow.
How does it compare to AWS ECR and Azure ACR?
ECR is AWS-only with ECR Public. ACR is well integrated with Azure and has strong geo-replication. AR's advantages are multi-format support (Maven / npm, etc.) and the Remote / Virtual repository concepts.
How does multi-region / cross-region replication work?
Multi-region repositories (US / EU / ASIA) and custom geo-locations are supported. Cross-region replication is handled via manual sync or pull-through cache as a workaround.
Related Articles: CI/CD and Security
Cloud Deploy 完全ガイド|Canary・Blue-Green・GKE/Cloud Run プログレッシブデプロイ (GCP)
Google Cloud Cloud Deploy の全機能解説。Delivery Pipeline、Canary / Blue-Green、Approval Gate、Verify、Skaffold 統合、GKE / Cloud Run / Anthos 対応、AWS CodeDeploy / ArgoCD 比較を網羅。
GCP Professional Cloud Developer (PCD) 完全ガイド|Cloud Run・GKE・CI/CD・APM
Google Cloud Professional Cloud Developer の試験範囲、Cloud Run / GKE / Cloud Build / Cloud Trace、AWS DVA / Azure AZ-204 比較、学習ロードマップを徹底解説。
GCP Professional Cloud Network Engineer (PCNE) 完全ガイド|VPC・Interconnect・Load Balancing
Google Cloud Professional Cloud Network Engineer の試験範囲、VPC / Cloud Interconnect / Cloud Load Balancing / Cloud Armor、AWS ANS・Azure AZ-700 比較を詳解。
Cloud Build 完全ガイド|CI/CD・cloudbuild.yaml・Private Pool・GitHub 連携 (GCP)
Google Cloud Cloud Build の全機能解説。cloudbuild.yaml、トリガー設定、Private Pool、Workload Identity、Build Approvals、Cloud Deploy 連携、AWS CodeBuild / Azure DevOps 比較を網羅。
* Google Cloud is a trademark of Google LLC. For the latest information, see the official Artifact Registry documentation.
Practice with certification-focused question sets
View GCP exam prep pageNicheeLab Editorial Team
NicheeLab editorial team focused on data engineering and cloud certification learning. Content is structured around practical study needs and official exam domains.
Google Cloud Certification Roadmap (2026)
Choose your GCP certification path — Foundational, Associate...
CDL Cloud Digital Leader: Complete Exam Guide (2026)
Pass the Cloud Digital Leader exam — cloud business value, G...
GAIL Generative AI Leader: Complete Exam Guide (2026)
Pass the Generative AI Leader exam — Gemini, Vertex AI, Work...
Vertex AI Fundamentals for GCP Certs (2026)
Vertex AI basics every cert candidate needs — Workbench, Pip...
Associate Cloud Engineer (ACE): Complete Guide (2026)
Pass the Associate Cloud Engineer exam — Console, gcloud, pr...