Skip to main content
Scaleway Container Registry is Scaleway’s managed Docker registry service available across multiple European regions. CybeDefend integrates with Scaleway to scan your container images using API secret key authentication.

CybeDefend Configuration

FieldDescriptionExample
Scaleway Project IDYour Scaleway project UUID550e8400-e29b-41d4-a716-446655440001
RegionScaleway region where the registry is hostedfr-par
Namespace NameThe name of your Scaleway Container Registry namespacemy-namespace
Secret KeyYour Scaleway API secret keyxxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
Description (optional)A label to help identify this credentialProduction registry

Available Regions

Region CodeLocation
fr-parFrance, Paris
nl-amsNetherlands, Amsterdam
pl-wawPoland, Warsaw

How to Get Your Scaleway API Secret Key

1

Access Scaleway Console

Go to console.scaleway.com and log in to your account.
2

Navigate to IAM

Go to Identity and Access Management (IAM)API Keys.
3

Create an API Key

Click Generate an API key. Select the project scope and set the purpose to container registry access.
4

Copy the Secret Key

Copy the Secret Key value. This is only shown once — store it securely.
5

Configure in CybeDefend

In CybeDefend, go to your organization’s Container Registry settings and add a new Scaleway credential with the secret key.
The secret key is only displayed once when created. If you lose it, you must generate a new API key.

How It Works

Once credentials are stored, CybeDefend can:
  1. Browse namespaces — List all container registry namespaces in your Scaleway project
  2. List images — View all Docker images within a namespace
  3. List tags — See all available tags for a specific image
  4. Scan images — Pull and scan any image for known vulnerabilities
Credentials are stored with AES-256-GCM encryption and are never exposed in API responses.

Credential Management

Credentials are managed at two levels:
LevelActionsPermission Required
OrganizationCreate and delete credentialsmanage_integration
ProjectView credentials, browse images, start scansread / start_scan
Credentials are created at the organization level and can be used across all projects within that organization.

Security Best Practices

Least Privilege

Create a dedicated API key with only Container Registry permissions.

Rotate Keys

Rotate API keys regularly and update stored credentials in CybeDefend.

Use Project Scope

Scope API keys to specific projects rather than granting organization-wide access.

Audit Access

Monitor API key usage in Scaleway’s IAM audit logs.

Troubleshooting

  • Verify the secret key is correct and has not been revoked
  • Check that the API key has Container Registry permissions
  • Ensure the region matches the namespace location
  • Confirm the namespace name is spelled correctly (case-sensitive)
  • Verify the namespace exists in the selected region
  • Check that the API key’s project scope includes the namespace
  • Ensure the API key has ContainerRegistryFullAccess or equivalent policy
  • Verify the API key is scoped to the correct Scaleway project
  • Verify the image name and tag are correct
  • Ensure the image exists in the specified namespace
  • Check that the container_scanning feature is enabled for your plan