last sync: 2022-May-24 16:30:29 UTC

Azure Policy definition

Configure container registries to disable repository scoped access token.

Name Configure container registries to disable repository scoped access token.
Azure Portal
Id a9b426fe-8856-4945-8600-18c5dd1cca2a
Version 1.0.0
details on versioning
Category Container Registry
Microsoft docs
Description Disable repository scoped access tokens for your registry so that repositories are not accessible by tokens. Disabling local authentication methods like admin user, repository scoped access tokens and anonymous pull improves security by ensuring that container registries exclusively require Azure Active Directory identities for authentication. Learn more at: https://aka.ms/acr/authentication.
Mode All
Type BuiltIn
Preview FALSE
Deprecated FALSE
Effect Default: Modify
Allowed: (Modify, Disabled)
Used RBAC Role
Role Name Role Id
Contributor b24988ac-6180-42a0-ab88-20f7382dd24c
Rule Aliases IF (1)
Alias Namespace ResourceType DefaultPath Modifiable
Microsoft.ContainerRegistry/registries/tokens/status Microsoft.ContainerRegistry registries/tokens properties.status true
THEN-Operations (1)
Alias Namespace ResourceType DefaultPath Modifiable
Microsoft.ContainerRegistry/registries/tokens/status Microsoft.ContainerRegistry registries/tokens properties.status true
Rule ResourceTypes IF (1)
Microsoft.ContainerRegistry/registries/tokens
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-02-11 18:30:22 add a9b426fe-8856-4945-8600-18c5dd1cca2a
Used in Initiatives none
JSON