Artifact Registry — Container & package storage
A private Docker registry (and npm, Maven, Python) hosted by Google. Cloud Build pushes images here, Cloud Run pulls them from here.
is the closet where your images live. It's 's private Docker Hub. Cloud Build puts images in, takes images out.
You create a repository (think of it as a folder), pick a format (docker, npm, maven, python, apt, yum, …), pick a , and you're done. You get a URL like europe-west1-docker.pkg.dev/my-project/my-repo.
Why use it instead of Docker Hub? It's private by default (authenticated via , not Docker credentials). It's in the same region as your Cloud Run — pulls are fast and free of egress fees. It supports vulnerability scanning automatically.
It replaces the older Container Registry (gcr.io). For new projects, always use Artifact Registry.
Comparison: Artifact Registry = AWS ECR = Azure Container Registry. Same role: private image storage, scoped to your project, billed per GB stored + per GB pulled outside your region.
Grounded on https://cloud.google.com/artifact-registry/docs/overview
Next up
Cloud Storage — Object storage
Buckets of files (images, backups, logs, static assets) accessible via URL or API. Cheap, infinitely scalable, not a filesystem.