Ensure Azure ACR is set to disable public networking

Error: Azure Container registries Public access to All networks is enabled

Bridgecrew Policy ID: BC_AZR_NETWORKING_54
Checkov Check ID: CKV_AZURE_139
Severity: LOW

Azure Container registries Public access to All networks is enabled

Description

Disabling the public network access by disabling automated anonymous pulling improves security by ensuring your Azure ACRs.

Fix - Runtime

Fix - Buildtime

Terraform

  • Resource: azurerm_container_registry
  • Argument: anonymous_pull_enabled
resource "azurerm_container_registry" "ckv_unittest_pass_1" {
  name                   = "containerRegistry1"
  resource_group_name    = azurerm_resource_group.rg.name
  location               = azurerm_resource_group.rg.location
  sku                    = "Premium"
  anonymous_pull_enabled = false
}