AzPolicyAdvertizer

last sync: 2024-Mar-28 18:44:05 UTC

Configure Container registries with private endpoints

Azure BuiltIn Policy definition

Source

Azure Portal

Display name

Configure Container registries with private endpoints

d85c6833-7d33-4cf5-a915-aaa2de84405f

Version

1.0.0
Details on versioning

Category

Container Registry
Microsoft Learn

Description

Private endpoints connect your virtual network to Azure services without a public IP address at the source or destination. By mapping private endpoints to your premium container registry resources, you can reduce data leakage risks. Learn more at: https://aka.ms/privateendpoints and https://aka.ms/acr/private-link.

Mode

Indexed

Type

BuiltIn

Preview

False

Deprecated

False

Effect

Default
DeployIfNotExists
Allowed
DeployIfNotExists, Disabled

RBAC role(s)

Role Name	Role Id
Contributor	b24988ac-6180-42a0-ab88-20f7382dd24c

Rule aliases

IF (1)

Alias	Namespace	ResourceType	DefaultPath	Modifiable
Microsoft.ContainerRegistry/registries/sku.name	Microsoft.ContainerRegistry	registries	sku.name	false

THEN-ExistenceCondition (1)

Alias	Namespace	ResourceType	DefaultPath	Modifiable
Microsoft.ContainerRegistry/registries/privateEndpointConnections/privateLinkServiceConnectionState.status	Microsoft.ContainerRegistry	registries/privateEndpointConnections	properties.privateLinkServiceConnectionState.status	false

Rule resource types

IF (1)
Microsoft.ContainerRegistry/registries
THEN-Deployment (2)
Microsoft.Network/privateEndpoints
Microsoft.Resources/deployments

Compliance

Not a Compliance control

Initiatives usage

none

History

Date/Time (UTC ymd) (i)	Change type	Change detail
2021-03-16 16:49:20	add	d85c6833-7d33-4cf5-a915-aaa2de84405f

JSON compare

n/a

JSON

api-version=2021-06-01
EPAC