Creating a registry

Written by

Yandex Cloud

Improved by

Danila N.

Updated at November 24, 2025

The new registry can be used by all users and service accounts with access permissions for the folder.

You can create a secure registry with autoscanning using a vulnerability scanner.

Note

Scanning Docker images for vulnerabilities is charged.

Management console

CLI

Terraform

API

In the management console, select the folder where you want to create a registry.
In the list of services, select Container Registry.
Click Create registry.
Specify a name for the registry. Follow these naming requirements:
- It must be from 2 to 63 characters long.
- It can only contain lowercase Latin letters, numbers, and hyphens.
- It must start with a letter and cannot end with a hyphen.
Optionally, under Automatic scanning:
- Disable Scan Docker images on push to skip scanning of Docker images at their upload to the repository.
- Disable Scan all Docker images in the registry or set the scanning frequency.
  
  Warning
  
  Automatic Docker image scanning makes your registry more secure. The default vulnerability scan settings are consistent with the Yandex Cloud cloud infrastructure security standard.
Optionally, add labels.
Click Create registry.

If you do not have the Yandex Cloud CLI installed yet, install and initialize it.

By default, the CLI uses the folder specified when creating the profile. To change the default folder, use the yc config set folder-id <folder_ID> command. You can also set a different folder for any specific command using the --folder-name or --folder-id parameter.

Make sure that a registry has not been created in the folder yet:
```
yc container registry list
```
Result:
```
+----+------+-----------+
| ID | NAME | FOLDER ID |
+----+------+-----------+
+----+------+-----------+
```
If the folder already contains a registry, see Updating a registry for info on how you can update it.
Create a registry:
- With automated vulnerability scanning:
```
yc container registry create --name my-reg --secure
```
  Warning
  
  Automatic Docker image scanning makes your registry more secure. The default vulnerability scan settings are consistent with the Yandex Cloud cloud infrastructure security standard.
- Without automated vulnerability scanning:
```
yc container registry create --name my-reg
```
Result:
```
done
id: crpd50616s9a********
folder_id: b1g88tflru0e********
name: my-reg
status: ACTIVE
created_at: "2019-01-09T14:34:06.601Z"
```
Follow these registry naming requirements:
- It must be from 2 to 63 characters long.
- It can only contain lowercase Latin letters, numbers, and hyphens.
- It must start with a letter and cannot end with a hyphen.
The --name parameter is optional. You can create a registry without a name and use its ID to access it. The name field is user-defined. It is used when listing in the Yandex Cloud CLI and not used in the Docker CLI.

Make sure the registry was created:

yc container registry list

Result:

+----------------------+--------+----------------------+
|          ID          |  NAME  |      FOLDER ID       |
+----------------------+--------+----------------------+
| crpd50616s9a******** | my-reg | b1g88tflru0e******** |
+----------------------+--------+----------------------+

If you do not have Terraform yet, install it and configure the Yandex Cloud provider.

Include the parameters of the registry you want to create in the configuration file, e.g., a file named example.tf in the ~/cloud-terraform directory:
```
resource "yandex_container_registry" "my-reg" {
  name = "my-registry"
  folder_id = "<folder_ID>"
  labels = {
    my-label = "my-label-value"
  }
}
```
Where:
- name: Registry name.
- folder_id: Folder ID.
- labels: Labels used.
For more information about resources you can create with Terraform, see this provider reference.

Make sure the configuration file is correct.

Use the command line to go to the directory where you saved the configuration file:
```
cd /Users/<username>/cloud-terraform
```

Run a check using this command:

terraform plan

Result:

Refreshing Terraform state in-memory prior to plan...
The refreshed state will be used to calculate this plan, but will not be
persisted to local or remote state storage.
...
Note: You did not specify an "-out" parameter to save this plan, so Terraform
cannot guarantee that exactly these actions will be performed if
"terraform apply" is subsequently run.

Create a registry.

Run this command:

terraform apply

Result:

An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
  + create
...
  Terraform will perform the actions described above.
  Only 'yes' will be accepted to approve.

  Enter a value:

Confirm creation of the registry. To do this, type yes and press Enter:

Enter a value: yes

Result:

yandex_container_registry.default: Creating...
yandex_container_registry.default: Creation complete after 4s [id=crpuljdfqoj3********]

Apply complete! Resources: 1 added, 0 changed, 0 destroyed.

This will create a registry named my-registry in the folder.

Check the resources and their settings in the management console.

To create a registry, use the create method for the Registry resource.

Creating a registry

Was the article helpful?