Ensure Azure ACR is set to disable public networking

Error: Azure Container registries Public access to All networks is enabled

Bridgecrew Policy ID: BC_AZR_NETWORKING_54
Checkov Check ID: CKV_AZURE_139
Severity: LOW

Azure Container registries Public access to All networks is enabled

Description

Disabling the public network access by disabling automated anonymous pulling improves security by ensuring your Azure ACRs.

Fix - Runtime

Fix - Buildtime

Terraform

  • Resource: azurerm_container_registry
  • Argument: public_network_access_enabled
resource "azurerm_container_registry" "ckv_unittest_pass" {
  name                          = "containerRegistry1"
  resource_group_name           = azurerm_resource_group.rg.name
  location                      = azurerm_resource_group.rg.location
  public_network_access_enabled = false
}