Pull Images from a Private Image Registry - Playbook Design Guide - 8 - Cortex XSOAR - Cortex - Security Operations

Cortex XSOAR Playbook Design Guide

Product
Cortex XSOAR
Version
8
Creation date
2024-09-21
Last date published
2024-09-22
Category
Playbook Design Guide
Abstract

Create your own authenticated Docker image repository for Cortex XSOAR. View all available images.

Pulling images from a private image registry enables securely accessing and deploying Cortex XSOAR content, for example custom integrations containing scripts and code packaged into Docker images. You can then run the integrations and scripts in Cortex XSOAR.

Before You Begin
  • Make sure all Docker images you want to pull are built on the linux/amd64 platform. If an image is built on a different platform, for example the Apple M series (M1, M2, M3), you must run the image build command with the --platform linux/amd64 parameter. For example:

    docker build --platform linux/amd64 -t my_image:latest .
  • Verify the image does not infringe on any licenses.

  • If using an engine, connect the engine to the private image registry using Docker or Podman. See Connect Your Engine to an Image Registry.

How to Pull Images from a Private Image Registry
  1. Go to Settings & InfoSettingsAdvancedImage Registry.

  2. Set Use Additional Private Image Registry to On.

  3. Configure access to the private image registry and the images to pull.

    • Select the Connection to either Direct or Using Engine.

      For Using Engine:

      For Direct:

      • Set the Username and Password/Access Token.

    • Define the Registry URL.

      Note

      The registry URL needs to be set to the hostname of your organization registry service, for example us-central1-docker.pkg.dev.

    • Click Test the connection to make sure the connection to the registry works.

    • Define the Import images in name:tag format, for example myimage:2.7.18.24398.

      You can add, edit, or remove images. If you don't specify a tag, the default tag latest will be added automatically.

      Note

      • If you use folders to store your images, the image name needs to include the folder path, for example myorg/python:latest. Currently, only one folder is supported, and no subfolders.

      • The demisto/ prefix cannot be used for custom registry images.

  4. Click Save to persist the configuration and initiate synchronization.

Image Synchronization

When you click Save or Update Docker Images, Cortex XSOAR performs synchronization, which involves:

  • Pulling the images from the external registry.

  • Copying and storing the images onto the platform. The images are kept on the platform and not shared externally.

  • Updating the engines with the new images.

Note

The synchronization process make take time. The Image Registry page displays synchronization status (for example in progress, complete, failure).

If the engine fails to synchronize, it may be offline. When it goes back online, it will pull any new images when running scripts or integrations that use them.