Ensure Azure ACR admin account is disabled
Error: Azure ACR admin account is enabled
Bridgecrew Policy ID: BC_AZR_IAM_5
Checkov Check ID: CKV_AZURE_137
Bridgecrew Severity: LOW
Azure ACR admin account is enabled
Description
Disabling the admin account for your Azure Container Registry (ACR) can help improve the security of your registry. The admin account has full access to all resources within the registry, and can make any changes to the registry and its contents.
Fix - Runtime
Fix - Buildtime
Terraform
- Resource: azurerm_container_registry
- Argument: admin_enabled
resource "azurerm_container_registry" "ckv_unittest_pass" {
name = "containerRegistry1"
resource_group_name = azurerm_resource_group.rg.name
location = azurerm_resource_group.rg.location
admin_enabled = false
}
Updated 9 months ago