last sync: 2022-May-24 16:30:29 UTC

Azure Policy definition

Configure container registries to disable local admin account.

Name Configure container registries to disable local admin account.
Azure Portal
Id 79fdfe03-ffcb-4e55-b4d0-b925b8241759
Version 1.0.1
details on versioning
Category Container Registry
Microsoft docs
Description Disable admin account for your registry so that it is not accessible by local admin. Disabling local authentication methods like admin user, repository scoped access tokens and anonymous pull improves security by ensuring that container registries exclusively require Azure Active Directory identities for authentication. Learn more at: https://aka.ms/acr/authentication.
Mode Indexed
Type BuiltIn
Preview FALSE
Deprecated FALSE
Effect Default: Modify
Allowed: (Modify, Disabled)
Used RBAC Role
Role Name Role Id
Contributor b24988ac-6180-42a0-ab88-20f7382dd24c
Rule Aliases IF (1)
Alias Namespace ResourceType DefaultPath Modifiable
Microsoft.ContainerRegistry/registries/adminUserEnabled Microsoft.ContainerRegistry registries properties.adminUserEnabled true
THEN-Operations (1)
Alias Namespace ResourceType DefaultPath Modifiable
Microsoft.ContainerRegistry/registries/adminUserEnabled Microsoft.ContainerRegistry registries properties.adminUserEnabled true
Rule ResourceTypes IF (1)
Microsoft.ContainerRegistry/registries
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-02-11 18:30:22 change Patch (1.0.0 > 1.0.1) *changes on text case sensitivity are not tracked
2021-06-15 14:05:41 add 79fdfe03-ffcb-4e55-b4d0-b925b8241759
Used in Initiatives none
JSON Changes

JSON