Ensure Azure ACR disables anonymous image pulling
Error: Azure ACR enables anonymous image pulling
Bridgecrew Policy ID: BC_AZR_IAM_7
Checkov Check ID: CKV_AZURE_138
Bridgecrew Severity: LOW
Azure ACR enables anonymous image pulling
Description
Disabling anonymous image pulling for your Azure Container Registry (ACR) can help improve the security of your registry. When anonymous image pulling is enabled, anyone can pull images from your registry without needing to authenticate or have authorization.
Fix - Runtime
Fix - Buildtime
Terraform
- Resource: azurerm_container_registry
- Argument: anonymous_pull_enabled
resource "azurerm_container_registry" "ckv_unittest_pass_1" {
name = "containerRegistry1"
resource_group_name = azurerm_resource_group.rg.name
location = azurerm_resource_group.rg.location
sku = "Premium"
anonymous_pull_enabled = false
}
Updated 9 months ago