AzInitiativeAdvertizer

last sync: 2025-Apr-29 17:15:47 UTC

[Preview]: Control the use of Container Registry in a Virtual Enclave

Azure BuiltIn Policy Initiative (PolicySet)

Source Azure Portal
Display name[Preview]: Control the use of Container Registry in a Virtual Enclave
Idb3fe25eb-cdc6-475f-96a5-04ac270f630d
Version1.0.0-preview
Details on versioning
Versioning Versions supported for Versioning: 1
1.0.0-preview
Built-in Versioning [Preview]
CategoryVirtualEnclaves
Microsoft Learn
DescriptionThis initiative deploys Azure policies for Container Registry ensuring boundary protection of this resource while it operates within the logically separated structure of Azure Virtual Enclaves. https://aka.ms/VirtualEnclaves
Cloud environmentsAzureCloud = true
AzureChinaCloud = unknown
AzureUSGovernment = true
Available in AzUSGovThe PolicySet is available in AzureUSGovernment cloud. Version: '1.0.0-preview'
Repository: Azure-Policy b3fe25eb-cdc6-475f-96a5-04ac270f630d
TypeBuiltIn
DeprecatedFalse
PreviewTrue
Policy-used summary
Policy types Policy states Policy categories
Total Policies: 8
Builtin Policies: 8
Static Policies: 0
GA: 8
1 categories:
Container Registry: 8
Policy-used
Policy DisplayName Policy Id Category Version Versioning Effect Roles# Roles State policy in AzUSGov
Configure container registries to disable anonymous authentication. cced2946-b08a-44fe-9fd9-e4ed8a779897 Container Registry 1.0.0 1x
1.0.0		 Default
Modify
Allowed
Modify, Disabled		 1 Contributor GA true
Configure Container registries to disable public network access a3701552-92ea-433e-9d17-33b7f1208fc9 Container Registry 1.0.0 1x
1.0.0		 Default
Modify
Allowed
Modify, Disabled		 1 Contributor GA true
Container registries should be encrypted with a customer-managed key 5b9159ae-1701-4a6f-9a7a-aa9c8ddd0580 Container Registry 1.1.2 1x
1.1.2		 Default
Audit
Allowed
Audit, Deny, Disabled		 0 GA true
Container registries should have anonymous authentication disabled. 9f2dea28-e834-476c-99c5-3507b4728395 Container Registry 1.0.0 1x
1.0.0		 Default
Audit
Allowed
Audit, Deny, Disabled		 0 GA true
Container registries should have SKUs that support Private Links bd560fc0-3c69-498a-ae9f-aa8eb7de0e13 Container Registry 1.0.0 1x
1.0.0		 Default
Audit
Allowed
Audit, Deny, Disabled		 0 GA true
Container registries should not allow unrestricted network access d0793b48-0edc-4296-a390-4c75d1bdfd71 Container Registry 2.0.0 1x
2.0.0		 Default
Audit
Allowed
Audit, Deny, Disabled		 0 GA true
Container registries should use private link e8eef0a8-67cf-4eb4-9386-14b0e78733d4 Container Registry 1.0.1 1x
1.0.1		 Default
Audit
Allowed
Audit, Disabled		 0 GA true
Public network access should be disabled for Container registries 0fdf0491-d080-4575-b627-ad0e843cba0f Container Registry 1.0.0 1x
1.0.0		 Default
Audit
Allowed
Audit, Deny, Disabled		 0 GA true
Roles used Total Roles usage: 2
Total Roles unique usage: 1
Role Role Id #Policies Policies
Contributor b24988ac-6180-42a0-ab88-20f7382dd24c 2 Configure container registries to disable anonymous authentication., Configure Container registries to disable public network access
History
Date/Time (UTC ymd) (i) Changes
2024-01-17 19:06:27 add Initiative b3fe25eb-cdc6-475f-96a5-04ac270f630d
JSON compare n/a
JSON
api-version=2023-04-01
EPAC