IBM Cloud Docs
IAM and Activity Tracker or IBM Cloud Logs actions by API method for Container Registry

IAM and Activity Tracker or IBM Cloud Logs actions by API method for Container Registry

When you use IBM Cloud® Container Registry through the command line or console, the service calls application programming interface (API) methods to complete your requests.

As of 28 March 2024, the IBM Cloud Activity Tracker service is deprecated and will no longer be supported as of 30 March 2025. Customers will need to migrate to IBM Cloud Logs before 30 March 2025. During the migration period, customers can use IBM Cloud Activity Tracker along with IBM Cloud Logs. Activity tracking events are the same for both services. For more information about migrating from IBM Cloud Activity Tracker to IBM Cloud Logs and running the services in parallel, see migration planning.

You might need certain permissions to call these API methods, and you can track the requests that you make with an IBM Cloud Activity Tracker or IBM Cloud Logs instance.

Review the following Cloud Identity and Access Management (IAM) actions and IBM Cloud Activity Tracker or IBM Cloud Logs events that correspond to each API method in Container Registry.

For more information, see the following topics:

Container Registry

Review the following account API methods, their required actions in IBM Cloud IAM, and the events that are sent to IBM Cloud Activity Tracker or IBM Cloud Logs for Container Registry.

Authorization API methods

Auth
Action Method IAM ACTION AT ACTION
Get authorization options for the targeted account. GET /api/v1/auth container-registry.auth.get container-registry.auth.get
Update authorization options for the targeted account. PATCH /api/v1/auth container-registry.auth.set container-registry.auth.set

Image API methods

Images
Action Method IAM ACTION AT ACTION
List the images. GET /api/v1/images container-registry.image.list container-registry.image.list
Delete more than one image. POST /api/v1/images/bulkdelete container-registry.image.delete container-registry.image.bulkdelete
List the images by digest. POST /api/v1/images/digests container-registry.image.list container-registry.image.list
Create a tag. POST /api/v1/images/tags container-registry.image.pull

container-registry.image.push

container-registry.image.tag
Delete an image. DELETE /api/v1/images/{image} container-registry.image.delete container-registry.image.delete
Inspect an image. GET /api/v1/images/{image}/json container-registry.image.inspect container-registry.image.inspect
Get the image manifest. GET /api/v1/images/{image}/manifest container-registry.image.inspect container-registry.manifest.inspect

Message API methods

Messages
Action Method IAM ACTION AT ACTION
Return any published system messages. GET /api/v1/messages Not applicable Not applicable

Namespace API methods

Namespaces
Action Method IAM ACTION AT ACTION
List the namespaces. GET /api/v1/namespaces container-registry.namespace.list container-registry.namespace.list
Detailed namespace list. GET /api/v1/namespaces/details container-registry.namespace.list container-registry.namespace.list
Create a namespace. PUT /api/v1/namespaces/{namespace} container-registry.namespace.create container-registry.namespace.create
Assign a namespace. PATCH /api/v1/namespaces/{namespace} container-registry.namespace.create container-registry.namespace.update
Delete a namespace. DELETE /api/v1/namespaces/{namespace} container-registry.namespace.delete container-registry.namespace.delete

Plan API methods

Plans
Action Method IAM ACTION AT ACTION
Get plans for the targeted account. GET /api/v1/plans container-registry.plan.get container-registry.plan.get
Update plans for the targeted account. PATCH /api/v1/plans container-registry.plan.set container-registry.plan.set

Quota API methods

Quotas
Action Method IAM ACTION AT ACTION
Get the quotas for the targeted account. GET /api/v1/quotas container-registry.quota.get container-registry.quota.get
Update the quotas for the targeted account. PATCH /api/v1/quotas container-registry.quota.set container-registry.quota.set

Retention API methods

Retentions
Action Method IAM ACTION AT ACTION
List the retention policies for all namespaces in the targeted IBM Cloud account. GET /api/v1/retentions container-registry.retention.list container-registry.retention.list
Set the retention policy for the specified namespace. POST /api/v1/retentions container-registry.retention.set container-registry.retention.set
Analyze a retention policy, and get a list of what would be deleted by it. POST /api/v1/retentions/analyze container-registry.retention.analyze container-registry.retention.analyze
Get the retention policy for the specified namespace. GET /api/v1/retentions/{namespace} container-registry.retention.get container-registry.retention.get

Settings API methods

Settings
Action Method IAM ACTION AT ACTION
Get the registry service settings for the targeted account, such as whether platform metrics are enabled. GET /api/v1/settings container-registry.settings.get container-registry.settings.get
Update the registry service settings for the targeted account, such as enabling platform metrics. PATCH /api/v1/settings container-registry.settings.set container-registry.settings.set

Tag API methods

Tags
Action Method IAM ACTION AT ACTION
Delete a tag. DELETE /api/v1/tags/{image} container-registry.image.delete container-registry.image.untag

Trash API methods

Trash
Action Method IAM ACTION AT ACTION
List the images in the trash. GET /api/v1/trash container-registry.image.delete container-registry.trash.list
Restore a digest and all associated tags. POST /api/v1/trash/{digest}/restoretags container-registry.image.push container-registry.trash.restore
Restore a deleted image. POST /api/v1/trash/{image}/restore container-registry.image.push container-registry.trash.restore

Vulnerability Advisor API methods

Report API methods

Report for version 4
Action Method IAM ACTION AT ACTION
Get the vulnerability assessment for all images. GET /va/api/v4/report/account container-registry.exemption.list container-registry.account-vulnerability-report.list
Get the vulnerability assessment status for all images. GET /va/api/v4/report/account/status container-registry.exemption.list container-registry.account-vulnerability-status.list
Get the vulnerability status. GET /va/api/v4/report/image/status/{name} container-registry.exemption.list container-registry.image-vulnerability-status.read
Get the vulnerability assessment status. GET /va/api/v4/report/image/{name} container-registry.exemption.list container-registry.image-vulnerability-report.read

Exemption API methods

Exemptions for version 4
Action Method IAM ACTION AT ACTION
List the account-level exemptions. GET /va/api/v4/exempt/image container-registry.exemption.list Not applicable
Get an account-level exemption. GET /va/api/v4/exempt/image/issue/{issueType}/{issueID} container-registry.exemption.list Not applicable
Create or update an account-level exemption. POST /va/api/v4/exempt/image/issue/{issueType}/{issueID} container-registry.exemption.manager container-registry.exemption.create
Delete an account-level exemption. DELETE /va/api/v4/exempt/image/issue/{issueType}/{issueID} container-registry.exemption.manager container-registry.exemption.delete
List the resource exemptions. GET /va/api/v4/exempt/image/{resource} container-registry.exemption.list Not applicable
Get the details of a resource exemption. GET /va/api/v4/exempt/image/{resource}/issue/{issueType}/{issueID} container-registry.exemption.list Not applicable
Create or update a resource exemption. POST /va/api/v4/exempt/image/{resource}/issue/{issueType}/{issueID} container-registry.exemption.manager container-registry.exemption.create
Delete a resource exemption. DELETE /va/api/v4/exempt/image/{resource}/issue/{issueType}/{issueID} container-registry.exemption.manager container-registry.exemption.delete
List the types of exemption. GET /va/api/v4/exempt/types Not applicable Not applicable
List all exemptions. GET /va/api/v4/exemptions/account container-registry.exemption.list Not applicable
Delete all exemptions. POST /va/api/v4/exemptions/deleteAll container-registry.exemption.manager container-registry.exemption.delete
List the image exemptions. GET /va/api/v4/exemptions/image/{resource} container-registry.exemption.list Not applicable
List the exemptions for images. POST /va/api/v4/exemptions/images container-registry.exemption.list Not applicable