Policy Templates for ACR
Azure Container Registry (ACR)
Policy Templates for Container Security are used with Microsoft Azure Container Registry (ACR).
Policy Name | Resource | Benchmark | PCI DSS | HIPAA | NIST 800-53 | Policy Description |
---|---|---|---|---|---|---|
ACR: Image Registry should not have more than 200 repositories | ACR | Yes | SC-6, Resource Availability | Image registry should have a limit on number of respositories | ||
ACR: Repositories should not be exposed to everyone/ publicly for push actions | ACR | Yes | SI-7, Software, Firmware, and Information Integrity. | Repository policy push actions should be avoided | ||
ACR: Repositories should not be exposed to everyone/ publicly for pull actions | ACR | Yes | SI-7, Software, Firmware, and Information Integrity. | Repository policy pull actions should be avoided | ||
ACR: Repositories should not be exposed to everyone/ publicly for delete actions | ACR | Yes | SI-7, Software, Firmware, and Information Integrity. | Repository policy delete actions should be avoided | ||
ACR: Image tag immutability should be set correctly for repository | ACR | Yes | SI-7, Software, Firmware, and Information Integrity. | Image Tag Immutability should be set correctly for repository |