Pull images from a private image registry - Administrator Guide - 8.5 - Cortex XSOAR - Cortex - Security Operations

Cortex XSOAR On-prem Documentation

Product
Cortex XSOAR
Version
8.5
Creation date
2024-03-10
Last date published
2024-11-28
Category
Administrator Guide
Solution
On-prem
Abstract

Create your own authenticated Docker image repository for Cortex XSOAR. View all available images.

Pulling images from a private image registry enables securely accessing and deploying Cortex XSOAR content, for example, custom integrations containing scripts and code packaged into Docker images. You can then run the integrations and scripts in Cortex XSOAR.

Before you begin
  • Before pulling a custom image ensure the image does not infringe any licenses.

  • If using an engine, connect the engine to the private image registry using Docker or Podman. See Connect your engine to an image registry.

Note

(Multi-tenant) This feature is not supported on the Main Account.

  1. Go to Settings & InfoSettingsAdvancedImage Registry.

  2. Set Use Additional Private Image Registry to On.

  3. Configure access to the private image registry and the images to pull.

    • Select the Connection to either Direct or Using Engine.

      For Using Engine:

      For Direct:

      • Set the Username and Password/Access Token.

    • Define the Registry URL, for example registry.organization.com

    • Click Test the connection to make sure the connection to the registry works.

    • Define the Import images in name:tag format, for example myorg/python/new:2.7.18.24398 or myorg/python:latest

      You can add, edit, or remove images. If you don't specify a tag, the default tag latest will be added automatically, specifying the latest version of the image.

      Note

      The demisto/ prefix cannot be used for custom registry images.

  4. Click Save to persist the configuration and initiate synchronization.

Image synchronization

When you click Save or Update Docker Images, Cortex XSOAR performs synchronization, which involves:

  • Pulling the images from the external registry.

  • Copying and storing the images on the platform.

  • Updating the engines with the new images.

Note

The synchronization process make take time. The Image Registry page displays synchronization status (for example in progress, complete, failure).

If the engine fails to synchronize, it may be offline. When it goes back online, it will pull any new images when running scripts or integrations that use them.