AzPolicyAdvertizer

last sync: 2024-Nov-25 18:54:24 UTC

Configure container registries to disable anonymous authentication.

Azure BuiltIn Policy definition

Source Azure Portal
Display name Configure container registries to disable anonymous authentication.
Id cced2946-b08a-44fe-9fd9-e4ed8a779897
Version 1.0.0
Details on versioning
Versioning Versions supported for Versioning: 1
1.0.0
Built-in Versioning [Preview]
Category Container Registry
Microsoft Learn
Description Disable anonymous pull for your registry so that data not accessible by unauthenticated user. Disabling local authentication methods like admin user, repository scoped access tokens and anonymous pull improves security by ensuring that container registries exclusively require Azure Active Directory identities for authentication. Learn more at: https://aka.ms/acr/authentication.
Mode Indexed
Type BuiltIn
Preview False
Deprecated False
Effect Default
Modify
Allowed
Modify, Disabled
RBAC role(s)
Role Name Role Id
Contributor b24988ac-6180-42a0-ab88-20f7382dd24c
Rule aliases IF (1)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.ContainerRegistry/registries/anonymousPullEnabled Microsoft.ContainerRegistry registries properties.anonymousPullEnabled True True
THEN-Operations (1)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.ContainerRegistry/registries/anonymousPullEnabled Microsoft.ContainerRegistry registries properties.anonymousPullEnabled True True
Rule resource types IF (1)
Microsoft.ContainerRegistry/registries
Compliance Not a Compliance control
Initiatives usage
Initiative DisplayName Initiative Id Initiative Category State Type
[Preview]: Control the use of Container Registry in a Virtual Enclave b3fe25eb-cdc6-475f-96a5-04ac270f630d VirtualEnclaves Preview BuiltIn
Enforce recommended guardrails for Container Registry Enforce-Guardrails-ContainerRegistry Container Registry GA ALZ
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-02-11 18:30:22 add cced2946-b08a-44fe-9fd9-e4ed8a779897
JSON compare n/a
JSON
api-version=2021-06-01
EPAC