Policy Templates for ACR
Azure Container Registry (ACR)
Policy Templates for Container Security are used with Microsoft Azure Container Registry (ACR).
For instructions on how to find Policy templates that are new or updated due to changed recommendations, see Find New and Updated Policy Templates.
| Policy Name | Resource | Benchmark | PCI DSS | HIPAA | NIST 800-53 | Policy Description |
|---|---|---|---|---|---|---|
| ACR: Image Registry should not have more than 200 repositories | ACR | Yes | SC-6, Resource Availability | Image registry should have a limit on number of respositories | ||
| ACR: Repositories should not be exposed to everyone/ publicly for push actions | ACR | Yes | SI-7, Software, Firmware, and Information Integrity. | Repository policy push actions should be avoided | ||
| ACR: Repositories should not be exposed to everyone/ publicly for pull actions | ACR | Yes | SI-7, Software, Firmware, and Information Integrity. | Repository policy pull actions should be avoided | ||
| ACR: Repositories should not be exposed to everyone/ publicly for delete actions | ACR | Yes | SI-7, Software, Firmware, and Information Integrity. | Repository policy delete actions should be avoided | ||
| ACR: Image tag immutability should be set correctly for repository | ACR | Yes | SI-7, Software, Firmware, and Information Integrity. | Image Tag Immutability should be set correctly for repository |