last sync: 2024-Jul-16 18:17:49 UTC

[Preview]: Control the use of Container Registry in a Virtual Enclave

Azure BuiltIn Policy Initiative (PolicySet)

Source Azure Portal
Display name[Preview]: Control the use of Container Registry in a Virtual Enclave
Idb3fe25eb-cdc6-475f-96a5-04ac270f630d
Version1.0.0-preview
Details on versioning
CategoryVirtualEnclaves
Microsoft Learn
DescriptionThis initiative deploys Azure policies for Container Registry ensuring boundary protection of this resource while it operates within the logically separated structure of Azure Virtual Enclaves. https://aka.ms/VirtualEnclaves
TypeBuiltIn
DeprecatedFalse
PreviewTrue
Policy count Total Policies: 8
Builtin Policies: 8
Static Policies: 0
Policy used
Policy DisplayName Policy Id Category Effect Roles# Roles State
Configure container registries to disable anonymous authentication. cced2946-b08a-44fe-9fd9-e4ed8a779897 Container Registry Default
Modify
Allowed
Modify, Disabled
1 Contributor GA
Configure Container registries to disable public network access a3701552-92ea-433e-9d17-33b7f1208fc9 Container Registry Default
Modify
Allowed
Modify, Disabled
1 Contributor GA
Container registries should be encrypted with a customer-managed key 5b9159ae-1701-4a6f-9a7a-aa9c8ddd0580 Container Registry Default
Audit
Allowed
Audit, Deny, Disabled
0 GA
Container registries should have anonymous authentication disabled. 9f2dea28-e834-476c-99c5-3507b4728395 Container Registry Default
Audit
Allowed
Audit, Deny, Disabled
0 GA
Container registries should have SKUs that support Private Links bd560fc0-3c69-498a-ae9f-aa8eb7de0e13 Container Registry Default
Audit
Allowed
Audit, Deny, Disabled
0 GA
Container registries should not allow unrestricted network access d0793b48-0edc-4296-a390-4c75d1bdfd71 Container Registry Default
Audit
Allowed
Audit, Deny, Disabled
0 GA
Container registries should use private link e8eef0a8-67cf-4eb4-9386-14b0e78733d4 Container Registry Default
Audit
Allowed
Audit, Disabled
0 GA
Public network access should be disabled for Container registries 0fdf0491-d080-4575-b627-ad0e843cba0f Container Registry Default
Audit
Allowed
Audit, Deny, Disabled
0 GA
Roles used Total Roles usage: 2
Total Roles unique usage: 1
Role Role Id Policies count Policies
Contributor b24988ac-6180-42a0-ab88-20f7382dd24c 2 Configure container registries to disable anonymous authentication., Configure Container registries to disable public network access
History
Date/Time (UTC ymd) (i) Changes
2024-01-17 19:06:27 add Initiative b3fe25eb-cdc6-475f-96a5-04ac270f630d
JSON compare n/a
JSON
api-version=2021-06-01
EPAC