Azure Classic v5.43.0, May 6 23

azure.containerservice.Registry

Explore with Pulumi AI

Manages an Azure Container Registry.

Example Usage

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Azure = Pulumi.Azure;

return await Deployment.RunAsync(() => 
{
    var example = new Azure.Core.ResourceGroup("example", new()
    {
        Location = "West Europe",
    });

    var acr = new Azure.ContainerService.Registry("acr", new()
    {
        ResourceGroupName = example.Name,
        Location = example.Location,
        Sku = "Premium",
        AdminEnabled = false,
        Georeplications = new[]
        {
            new Azure.ContainerService.Inputs.RegistryGeoreplicationArgs
            {
                Location = "East US",
                ZoneRedundancyEnabled = true,
                Tags = null,
            },
            new Azure.ContainerService.Inputs.RegistryGeoreplicationArgs
            {
                Location = "North Europe",
                ZoneRedundancyEnabled = true,
                Tags = null,
            },
        },
    });

});

package main

import (
	"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/containerservice"
	"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		example, err := core.NewResourceGroup(ctx, "example", &core.ResourceGroupArgs{
			Location: pulumi.String("West Europe"),
		})
		if err != nil {
			return err
		}
		_, err = containerservice.NewRegistry(ctx, "acr", &containerservice.RegistryArgs{
			ResourceGroupName: example.Name,
			Location:          example.Location,
			Sku:               pulumi.String("Premium"),
			AdminEnabled:      pulumi.Bool(false),
			Georeplications: containerservice.RegistryGeoreplicationArray{
				&containerservice.RegistryGeoreplicationArgs{
					Location:              pulumi.String("East US"),
					ZoneRedundancyEnabled: pulumi.Bool(true),
					Tags:                  nil,
				},
				&containerservice.RegistryGeoreplicationArgs{
					Location:              pulumi.String("North Europe"),
					ZoneRedundancyEnabled: pulumi.Bool(true),
					Tags:                  nil,
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.ResourceGroup;
import com.pulumi.azure.core.ResourceGroupArgs;
import com.pulumi.azure.containerservice.Registry;
import com.pulumi.azure.containerservice.RegistryArgs;
import com.pulumi.azure.containerservice.inputs.RegistryGeoreplicationArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var example = new ResourceGroup("example", ResourceGroupArgs.builder()        
            .location("West Europe")
            .build());

        var acr = new Registry("acr", RegistryArgs.builder()        
            .resourceGroupName(example.name())
            .location(example.location())
            .sku("Premium")
            .adminEnabled(false)
            .georeplications(            
                RegistryGeoreplicationArgs.builder()
                    .location("East US")
                    .zoneRedundancyEnabled(true)
                    .tags()
                    .build(),
                RegistryGeoreplicationArgs.builder()
                    .location("North Europe")
                    .zoneRedundancyEnabled(true)
                    .tags()
                    .build())
            .build());

    }
}

import pulumi
import pulumi_azure as azure

example = azure.core.ResourceGroup("example", location="West Europe")
acr = azure.containerservice.Registry("acr",
    resource_group_name=example.name,
    location=example.location,
    sku="Premium",
    admin_enabled=False,
    georeplications=[
        azure.containerservice.RegistryGeoreplicationArgs(
            location="East US",
            zone_redundancy_enabled=True,
            tags={},
        ),
        azure.containerservice.RegistryGeoreplicationArgs(
            location="North Europe",
            zone_redundancy_enabled=True,
            tags={},
        ),
    ])

import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";

const example = new azure.core.ResourceGroup("example", {location: "West Europe"});
const acr = new azure.containerservice.Registry("acr", {
    resourceGroupName: example.name,
    location: example.location,
    sku: "Premium",
    adminEnabled: false,
    georeplications: [
        {
            location: "East US",
            zoneRedundancyEnabled: true,
            tags: {},
        },
        {
            location: "North Europe",
            zoneRedundancyEnabled: true,
            tags: {},
        },
    ],
});

resources:
  example:
    type: azure:core:ResourceGroup
    properties:
      location: West Europe
  acr:
    type: azure:containerservice:Registry
    properties:
      resourceGroupName: ${example.name}
      location: ${example.location}
      sku: Premium
      adminEnabled: false
      georeplications:
        - location: East US
          zoneRedundancyEnabled: true
          tags: {}
        - location: North Europe
          zoneRedundancyEnabled: true
          tags: {}

Encryption)

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Azure = Pulumi.Azure;

return await Deployment.RunAsync(() => 
{
    var exampleResourceGroup = new Azure.Core.ResourceGroup("exampleResourceGroup", new()
    {
        Location = "West Europe",
    });

    var exampleUserAssignedIdentity = new Azure.Authorization.UserAssignedIdentity("exampleUserAssignedIdentity", new()
    {
        ResourceGroupName = exampleResourceGroup.Name,
        Location = exampleResourceGroup.Location,
    });

    var exampleKey = Azure.KeyVault.GetKey.Invoke(new()
    {
        Name = "super-secret",
        KeyVaultId = data.Azurerm_key_vault.Existing.Id,
    });

    var acr = new Azure.ContainerService.Registry("acr", new()
    {
        ResourceGroupName = exampleResourceGroup.Name,
        Location = exampleResourceGroup.Location,
        Sku = "Premium",
        Identity = new Azure.ContainerService.Inputs.RegistryIdentityArgs
        {
            Type = "UserAssigned",
            IdentityIds = new[]
            {
                exampleUserAssignedIdentity.Id,
            },
        },
        Encryption = new Azure.ContainerService.Inputs.RegistryEncryptionArgs
        {
            Enabled = true,
            KeyVaultKeyId = exampleKey.Apply(getKeyResult => getKeyResult.Id),
            IdentityClientId = exampleUserAssignedIdentity.ClientId,
        },
    });

});

package main

import (
	"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/authorization"
	"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/containerservice"
	"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core"
	"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/keyvault"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		exampleResourceGroup, err := core.NewResourceGroup(ctx, "exampleResourceGroup", &core.ResourceGroupArgs{
			Location: pulumi.String("West Europe"),
		})
		if err != nil {
			return err
		}
		exampleUserAssignedIdentity, err := authorization.NewUserAssignedIdentity(ctx, "exampleUserAssignedIdentity", &authorization.UserAssignedIdentityArgs{
			ResourceGroupName: exampleResourceGroup.Name,
			Location:          exampleResourceGroup.Location,
		})
		if err != nil {
			return err
		}
		exampleKey, err := keyvault.LookupKey(ctx, &keyvault.LookupKeyArgs{
			Name:       "super-secret",
			KeyVaultId: data.Azurerm_key_vault.Existing.Id,
		}, nil)
		if err != nil {
			return err
		}
		_, err = containerservice.NewRegistry(ctx, "acr", &containerservice.RegistryArgs{
			ResourceGroupName: exampleResourceGroup.Name,
			Location:          exampleResourceGroup.Location,
			Sku:               pulumi.String("Premium"),
			Identity: &containerservice.RegistryIdentityArgs{
				Type: pulumi.String("UserAssigned"),
				IdentityIds: pulumi.StringArray{
					exampleUserAssignedIdentity.ID(),
				},
			},
			Encryption: &containerservice.RegistryEncryptionArgs{
				Enabled:          pulumi.Bool(true),
				KeyVaultKeyId:    *pulumi.String(exampleKey.Id),
				IdentityClientId: exampleUserAssignedIdentity.ClientId,
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.ResourceGroup;
import com.pulumi.azure.core.ResourceGroupArgs;
import com.pulumi.azure.authorization.UserAssignedIdentity;
import com.pulumi.azure.authorization.UserAssignedIdentityArgs;
import com.pulumi.azure.keyvault.KeyvaultFunctions;
import com.pulumi.azure.keyvault.inputs.GetKeyArgs;
import com.pulumi.azure.containerservice.Registry;
import com.pulumi.azure.containerservice.RegistryArgs;
import com.pulumi.azure.containerservice.inputs.RegistryIdentityArgs;
import com.pulumi.azure.containerservice.inputs.RegistryEncryptionArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var exampleResourceGroup = new ResourceGroup("exampleResourceGroup", ResourceGroupArgs.builder()        
            .location("West Europe")
            .build());

        var exampleUserAssignedIdentity = new UserAssignedIdentity("exampleUserAssignedIdentity", UserAssignedIdentityArgs.builder()        
            .resourceGroupName(exampleResourceGroup.name())
            .location(exampleResourceGroup.location())
            .build());

        final var exampleKey = KeyvaultFunctions.getKey(GetKeyArgs.builder()
            .name("super-secret")
            .keyVaultId(data.azurerm_key_vault().existing().id())
            .build());

        var acr = new Registry("acr", RegistryArgs.builder()        
            .resourceGroupName(exampleResourceGroup.name())
            .location(exampleResourceGroup.location())
            .sku("Premium")
            .identity(RegistryIdentityArgs.builder()
                .type("UserAssigned")
                .identityIds(exampleUserAssignedIdentity.id())
                .build())
            .encryption(RegistryEncryptionArgs.builder()
                .enabled(true)
                .keyVaultKeyId(exampleKey.applyValue(getKeyResult -> getKeyResult.id()))
                .identityClientId(exampleUserAssignedIdentity.clientId())
                .build())
            .build());

    }
}

import pulumi
import pulumi_azure as azure

example_resource_group = azure.core.ResourceGroup("exampleResourceGroup", location="West Europe")
example_user_assigned_identity = azure.authorization.UserAssignedIdentity("exampleUserAssignedIdentity",
    resource_group_name=example_resource_group.name,
    location=example_resource_group.location)
example_key = azure.keyvault.get_key(name="super-secret",
    key_vault_id=data["azurerm_key_vault"]["existing"]["id"])
acr = azure.containerservice.Registry("acr",
    resource_group_name=example_resource_group.name,
    location=example_resource_group.location,
    sku="Premium",
    identity=azure.containerservice.RegistryIdentityArgs(
        type="UserAssigned",
        identity_ids=[example_user_assigned_identity.id],
    ),
    encryption=azure.containerservice.RegistryEncryptionArgs(
        enabled=True,
        key_vault_key_id=example_key.id,
        identity_client_id=example_user_assigned_identity.client_id,
    ))

import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";

const exampleResourceGroup = new azure.core.ResourceGroup("exampleResourceGroup", {location: "West Europe"});
const exampleUserAssignedIdentity = new azure.authorization.UserAssignedIdentity("exampleUserAssignedIdentity", {
    resourceGroupName: exampleResourceGroup.name,
    location: exampleResourceGroup.location,
});
const exampleKey = azure.keyvault.getKey({
    name: "super-secret",
    keyVaultId: data.azurerm_key_vault.existing.id,
});
const acr = new azure.containerservice.Registry("acr", {
    resourceGroupName: exampleResourceGroup.name,
    location: exampleResourceGroup.location,
    sku: "Premium",
    identity: {
        type: "UserAssigned",
        identityIds: [exampleUserAssignedIdentity.id],
    },
    encryption: {
        enabled: true,
        keyVaultKeyId: exampleKey.then(exampleKey => exampleKey.id),
        identityClientId: exampleUserAssignedIdentity.clientId,
    },
});

resources:
  exampleResourceGroup:
    type: azure:core:ResourceGroup
    properties:
      location: West Europe
  acr:
    type: azure:containerservice:Registry
    properties:
      resourceGroupName: ${exampleResourceGroup.name}
      location: ${exampleResourceGroup.location}
      sku: Premium
      identity:
        type: UserAssigned
        identityIds:
          - ${exampleUserAssignedIdentity.id}
      encryption:
        enabled: true
        keyVaultKeyId: ${exampleKey.id}
        identityClientId: ${exampleUserAssignedIdentity.clientId}
  exampleUserAssignedIdentity:
    type: azure:authorization:UserAssignedIdentity
    properties:
      resourceGroupName: ${exampleResourceGroup.name}
      location: ${exampleResourceGroup.location}
variables:
  exampleKey:
    fn::invoke:
      Function: azure:keyvault:getKey
      Arguments:
        name: super-secret
        keyVaultId: ${data.azurerm_key_vault.existing.id}

Attaching A Container Registry To A Kubernetes Cluster)

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Azure = Pulumi.Azure;

return await Deployment.RunAsync(() => 
{
    var exampleResourceGroup = new Azure.Core.ResourceGroup("exampleResourceGroup", new()
    {
        Location = "West Europe",
    });

    var exampleRegistry = new Azure.ContainerService.Registry("exampleRegistry", new()
    {
        ResourceGroupName = exampleResourceGroup.Name,
        Location = exampleResourceGroup.Location,
        Sku = "Premium",
    });

    var exampleKubernetesCluster = new Azure.ContainerService.KubernetesCluster("exampleKubernetesCluster", new()
    {
        Location = exampleResourceGroup.Location,
        ResourceGroupName = exampleResourceGroup.Name,
        DnsPrefix = "exampleaks1",
        DefaultNodePool = new Azure.ContainerService.Inputs.KubernetesClusterDefaultNodePoolArgs
        {
            Name = "default",
            NodeCount = 1,
            VmSize = "Standard_D2_v2",
        },
        Identity = new Azure.ContainerService.Inputs.KubernetesClusterIdentityArgs
        {
            Type = "SystemAssigned",
        },
        Tags = 
        {
            { "Environment", "Production" },
        },
    });

    var exampleAssignment = new Azure.Authorization.Assignment("exampleAssignment", new()
    {
        PrincipalId = exampleKubernetesCluster.KubeletIdentity.Apply(kubeletIdentity => kubeletIdentity.ObjectId),
        RoleDefinitionName = "AcrPull",
        Scope = exampleRegistry.Id,
        SkipServicePrincipalAadCheck = true,
    });

});

package main

import (
	"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/authorization"
	"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/containerservice"
	"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		exampleResourceGroup, err := core.NewResourceGroup(ctx, "exampleResourceGroup", &core.ResourceGroupArgs{
			Location: pulumi.String("West Europe"),
		})
		if err != nil {
			return err
		}
		exampleRegistry, err := containerservice.NewRegistry(ctx, "exampleRegistry", &containerservice.RegistryArgs{
			ResourceGroupName: exampleResourceGroup.Name,
			Location:          exampleResourceGroup.Location,
			Sku:               pulumi.String("Premium"),
		})
		if err != nil {
			return err
		}
		exampleKubernetesCluster, err := containerservice.NewKubernetesCluster(ctx, "exampleKubernetesCluster", &containerservice.KubernetesClusterArgs{
			Location:          exampleResourceGroup.Location,
			ResourceGroupName: exampleResourceGroup.Name,
			DnsPrefix:         pulumi.String("exampleaks1"),
			DefaultNodePool: &containerservice.KubernetesClusterDefaultNodePoolArgs{
				Name:      pulumi.String("default"),
				NodeCount: pulumi.Int(1),
				VmSize:    pulumi.String("Standard_D2_v2"),
			},
			Identity: &containerservice.KubernetesClusterIdentityArgs{
				Type: pulumi.String("SystemAssigned"),
			},
			Tags: pulumi.StringMap{
				"Environment": pulumi.String("Production"),
			},
		})
		if err != nil {
			return err
		}
		_, err = authorization.NewAssignment(ctx, "exampleAssignment", &authorization.AssignmentArgs{
			PrincipalId: exampleKubernetesCluster.KubeletIdentity.ApplyT(func(kubeletIdentity containerservice.KubernetesClusterKubeletIdentity) (*string, error) {
				return &kubeletIdentity.ObjectId, nil
			}).(pulumi.StringPtrOutput),
			RoleDefinitionName:           pulumi.String("AcrPull"),
			Scope:                        exampleRegistry.ID(),
			SkipServicePrincipalAadCheck: pulumi.Bool(true),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.ResourceGroup;
import com.pulumi.azure.core.ResourceGroupArgs;
import com.pulumi.azure.containerservice.Registry;
import com.pulumi.azure.containerservice.RegistryArgs;
import com.pulumi.azure.containerservice.KubernetesCluster;
import com.pulumi.azure.containerservice.KubernetesClusterArgs;
import com.pulumi.azure.containerservice.inputs.KubernetesClusterDefaultNodePoolArgs;
import com.pulumi.azure.containerservice.inputs.KubernetesClusterIdentityArgs;
import com.pulumi.azure.authorization.Assignment;
import com.pulumi.azure.authorization.AssignmentArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var exampleResourceGroup = new ResourceGroup("exampleResourceGroup", ResourceGroupArgs.builder()        
            .location("West Europe")
            .build());

        var exampleRegistry = new Registry("exampleRegistry", RegistryArgs.builder()        
            .resourceGroupName(exampleResourceGroup.name())
            .location(exampleResourceGroup.location())
            .sku("Premium")
            .build());

        var exampleKubernetesCluster = new KubernetesCluster("exampleKubernetesCluster", KubernetesClusterArgs.builder()        
            .location(exampleResourceGroup.location())
            .resourceGroupName(exampleResourceGroup.name())
            .dnsPrefix("exampleaks1")
            .defaultNodePool(KubernetesClusterDefaultNodePoolArgs.builder()
                .name("default")
                .nodeCount(1)
                .vmSize("Standard_D2_v2")
                .build())
            .identity(KubernetesClusterIdentityArgs.builder()
                .type("SystemAssigned")
                .build())
            .tags(Map.of("Environment", "Production"))
            .build());

        var exampleAssignment = new Assignment("exampleAssignment", AssignmentArgs.builder()        
            .principalId(exampleKubernetesCluster.kubeletIdentity().applyValue(kubeletIdentity -> kubeletIdentity.objectId()))
            .roleDefinitionName("AcrPull")
            .scope(exampleRegistry.id())
            .skipServicePrincipalAadCheck(true)
            .build());

    }
}

import pulumi
import pulumi_azure as azure

example_resource_group = azure.core.ResourceGroup("exampleResourceGroup", location="West Europe")
example_registry = azure.containerservice.Registry("exampleRegistry",
    resource_group_name=example_resource_group.name,
    location=example_resource_group.location,
    sku="Premium")
example_kubernetes_cluster = azure.containerservice.KubernetesCluster("exampleKubernetesCluster",
    location=example_resource_group.location,
    resource_group_name=example_resource_group.name,
    dns_prefix="exampleaks1",
    default_node_pool=azure.containerservice.KubernetesClusterDefaultNodePoolArgs(
        name="default",
        node_count=1,
        vm_size="Standard_D2_v2",
    ),
    identity=azure.containerservice.KubernetesClusterIdentityArgs(
        type="SystemAssigned",
    ),
    tags={
        "Environment": "Production",
    })
example_assignment = azure.authorization.Assignment("exampleAssignment",
    principal_id=example_kubernetes_cluster.kubelet_identity.object_id,
    role_definition_name="AcrPull",
    scope=example_registry.id,
    skip_service_principal_aad_check=True)

import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";

const exampleResourceGroup = new azure.core.ResourceGroup("exampleResourceGroup", {location: "West Europe"});
const exampleRegistry = new azure.containerservice.Registry("exampleRegistry", {
    resourceGroupName: exampleResourceGroup.name,
    location: exampleResourceGroup.location,
    sku: "Premium",
});
const exampleKubernetesCluster = new azure.containerservice.KubernetesCluster("exampleKubernetesCluster", {
    location: exampleResourceGroup.location,
    resourceGroupName: exampleResourceGroup.name,
    dnsPrefix: "exampleaks1",
    defaultNodePool: {
        name: "default",
        nodeCount: 1,
        vmSize: "Standard_D2_v2",
    },
    identity: {
        type: "SystemAssigned",
    },
    tags: {
        Environment: "Production",
    },
});
const exampleAssignment = new azure.authorization.Assignment("exampleAssignment", {
    principalId: exampleKubernetesCluster.kubeletIdentity.apply(kubeletIdentity => kubeletIdentity.objectId),
    roleDefinitionName: "AcrPull",
    scope: exampleRegistry.id,
    skipServicePrincipalAadCheck: true,
});

resources:
  exampleResourceGroup:
    type: azure:core:ResourceGroup
    properties:
      location: West Europe
  exampleRegistry:
    type: azure:containerservice:Registry
    properties:
      resourceGroupName: ${exampleResourceGroup.name}
      location: ${exampleResourceGroup.location}
      sku: Premium
  exampleKubernetesCluster:
    type: azure:containerservice:KubernetesCluster
    properties:
      location: ${exampleResourceGroup.location}
      resourceGroupName: ${exampleResourceGroup.name}
      dnsPrefix: exampleaks1
      defaultNodePool:
        name: default
        nodeCount: 1
        vmSize: Standard_D2_v2
      identity:
        type: SystemAssigned
      tags:
        Environment: Production
  exampleAssignment:
    type: azure:authorization:Assignment
    properties:
      principalId: ${exampleKubernetesCluster.kubeletIdentity.objectId}
      roleDefinitionName: AcrPull
      scope: ${exampleRegistry.id}
      skipServicePrincipalAadCheck: true

Create Registry Resource

new Registry(name: string, args: RegistryArgs, opts?: CustomResourceOptions);

@overload
def Registry(resource_name: str,
             opts: Optional[ResourceOptions] = None,
             admin_enabled: Optional[bool] = None,
             anonymous_pull_enabled: Optional[bool] = None,
             data_endpoint_enabled: Optional[bool] = None,
             encryption: Optional[RegistryEncryptionArgs] = None,
             export_policy_enabled: Optional[bool] = None,
             georeplications: Optional[Sequence[RegistryGeoreplicationArgs]] = None,
             identity: Optional[RegistryIdentityArgs] = None,
             location: Optional[str] = None,
             name: Optional[str] = None,
             network_rule_bypass_option: Optional[str] = None,
             network_rule_set: Optional[RegistryNetworkRuleSetArgs] = None,
             public_network_access_enabled: Optional[bool] = None,
             quarantine_policy_enabled: Optional[bool] = None,
             resource_group_name: Optional[str] = None,
             retention_policy: Optional[RegistryRetentionPolicyArgs] = None,
             sku: Optional[str] = None,
             tags: Optional[Mapping[str, str]] = None,
             trust_policy: Optional[RegistryTrustPolicyArgs] = None,
             zone_redundancy_enabled: Optional[bool] = None)
@overload
def Registry(resource_name: str,
             args: RegistryArgs,
             opts: Optional[ResourceOptions] = None)

func NewRegistry(ctx *Context, name string, args RegistryArgs, opts ...ResourceOption) (*Registry, error)

public Registry(string name, RegistryArgs args, CustomResourceOptions? opts = null)

public Registry(String name, RegistryArgs args)
public Registry(String name, RegistryArgs args, CustomResourceOptions options)

type: azure:containerservice:Registry
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

name string: The unique name of the resource.
args RegistryArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args RegistryArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args RegistryArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args RegistryArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args RegistryArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Registry Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The Registry resource accepts the following input properties:

ResourceGroupName string: The name of the resource group in which to create the Container Registry. Changing this forces a new resource to be created.
Sku string: The SKU name of the container registry. Possible values are Basic, Standard and Premium.
AdminEnabled bool: Specifies whether the admin user is enabled. Defaults to false.
AnonymousPullEnabled bool: Whether allows anonymous (unauthenticated) pull access to this Container Registry? This is only supported on resources with the Standard or Premium SKU.
DataEndpointEnabled bool: Whether to enable dedicated data endpoints for this Container Registry? This is only supported on resources with the Premium SKU.
Encryption RegistryEncryptionArgs: An encryption block as documented below.
ExportPolicyEnabled bool: Boolean value that indicates whether export policy is enabled. Defaults to true. In order to set it to false, make sure the public_network_access_enabled is also set to false.
Georeplications List<RegistryGeoreplicationArgs>: A georeplications block as documented below.
Identity RegistryIdentityArgs: An identity block as defined below.
Location string: Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
Name string: Specifies the name of the Container Registry. Only Alphanumeric characters allowed. Changing this forces a new resource to be created.
NetworkRuleBypassOption string: Whether to allow trusted Azure services to access a network restricted Container Registry? Possible values are None and AzureServices. Defaults to AzureServices.
NetworkRuleSet RegistryNetworkRuleSetArgs: A network_rule_set block as documented below.
PublicNetworkAccessEnabled bool: Whether public network access is allowed for the container registry. Defaults to true.
QuarantinePolicyEnabled bool: Boolean value that indicates whether quarantine policy is enabled.
RetentionPolicy RegistryRetentionPolicyArgs: A retention_policy block as documented below.
Tags Dictionary<string, string>: A mapping of tags to assign to the resource.
TrustPolicy RegistryTrustPolicyArgs: A trust_policy block as documented below.
ZoneRedundancyEnabled bool: Whether zone redundancy is enabled for this Container Registry? Changing this forces a new resource to be created. Defaults to false.

ResourceGroupName string: The name of the resource group in which to create the Container Registry. Changing this forces a new resource to be created.
Sku string: The SKU name of the container registry. Possible values are Basic, Standard and Premium.
AdminEnabled bool: Specifies whether the admin user is enabled. Defaults to false.
AnonymousPullEnabled bool: Whether allows anonymous (unauthenticated) pull access to this Container Registry? This is only supported on resources with the Standard or Premium SKU.
DataEndpointEnabled bool: Whether to enable dedicated data endpoints for this Container Registry? This is only supported on resources with the Premium SKU.
Encryption RegistryEncryptionArgs: An encryption block as documented below.
ExportPolicyEnabled bool: Boolean value that indicates whether export policy is enabled. Defaults to true. In order to set it to false, make sure the public_network_access_enabled is also set to false.
Georeplications []RegistryGeoreplicationArgs: A georeplications block as documented below.
Identity RegistryIdentityArgs: An identity block as defined below.
Location string: Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
Name string: Specifies the name of the Container Registry. Only Alphanumeric characters allowed. Changing this forces a new resource to be created.
NetworkRuleBypassOption string: Whether to allow trusted Azure services to access a network restricted Container Registry? Possible values are None and AzureServices. Defaults to AzureServices.
NetworkRuleSet RegistryNetworkRuleSetArgs: A network_rule_set block as documented below.
PublicNetworkAccessEnabled bool: Whether public network access is allowed for the container registry. Defaults to true.
QuarantinePolicyEnabled bool: Boolean value that indicates whether quarantine policy is enabled.
RetentionPolicy RegistryRetentionPolicyArgs: A retention_policy block as documented below.
Tags map[string]string: A mapping of tags to assign to the resource.
TrustPolicy RegistryTrustPolicyArgs: A trust_policy block as documented below.
ZoneRedundancyEnabled bool: Whether zone redundancy is enabled for this Container Registry? Changing this forces a new resource to be created. Defaults to false.

resourceGroupName String: The name of the resource group in which to create the Container Registry. Changing this forces a new resource to be created.
sku String: The SKU name of the container registry. Possible values are Basic, Standard and Premium.
adminEnabled Boolean: Specifies whether the admin user is enabled. Defaults to false.
anonymousPullEnabled Boolean: Whether allows anonymous (unauthenticated) pull access to this Container Registry? This is only supported on resources with the Standard or Premium SKU.
dataEndpointEnabled Boolean: Whether to enable dedicated data endpoints for this Container Registry? This is only supported on resources with the Premium SKU.
encryption RegistryEncryptionArgs: An encryption block as documented below.
exportPolicyEnabled Boolean: Boolean value that indicates whether export policy is enabled. Defaults to true. In order to set it to false, make sure the public_network_access_enabled is also set to false.
georeplications List<RegistryGeoreplicationArgs>: A georeplications block as documented below.
identity RegistryIdentityArgs: An identity block as defined below.
location String: Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
name String: Specifies the name of the Container Registry. Only Alphanumeric characters allowed. Changing this forces a new resource to be created.
networkRuleBypassOption String: Whether to allow trusted Azure services to access a network restricted Container Registry? Possible values are None and AzureServices. Defaults to AzureServices.
networkRuleSet RegistryNetworkRuleSetArgs: A network_rule_set block as documented below.
publicNetworkAccessEnabled Boolean: Whether public network access is allowed for the container registry. Defaults to true.
quarantinePolicyEnabled Boolean: Boolean value that indicates whether quarantine policy is enabled.
retentionPolicy RegistryRetentionPolicyArgs: A retention_policy block as documented below.
tags Map<String,String>: A mapping of tags to assign to the resource.
trustPolicy RegistryTrustPolicyArgs: A trust_policy block as documented below.
zoneRedundancyEnabled Boolean: Whether zone redundancy is enabled for this Container Registry? Changing this forces a new resource to be created. Defaults to false.

resourceGroupName string: The name of the resource group in which to create the Container Registry. Changing this forces a new resource to be created.
sku string: The SKU name of the container registry. Possible values are Basic, Standard and Premium.
adminEnabled boolean: Specifies whether the admin user is enabled. Defaults to false.
anonymousPullEnabled boolean: Whether allows anonymous (unauthenticated) pull access to this Container Registry? This is only supported on resources with the Standard or Premium SKU.
dataEndpointEnabled boolean: Whether to enable dedicated data endpoints for this Container Registry? This is only supported on resources with the Premium SKU.
encryption RegistryEncryptionArgs: An encryption block as documented below.
exportPolicyEnabled boolean: Boolean value that indicates whether export policy is enabled. Defaults to true. In order to set it to false, make sure the public_network_access_enabled is also set to false.
georeplications RegistryGeoreplicationArgs[]: A georeplications block as documented below.
identity RegistryIdentityArgs: An identity block as defined below.
location string: Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
name string: Specifies the name of the Container Registry. Only Alphanumeric characters allowed. Changing this forces a new resource to be created.
networkRuleBypassOption string: Whether to allow trusted Azure services to access a network restricted Container Registry? Possible values are None and AzureServices. Defaults to AzureServices.
networkRuleSet RegistryNetworkRuleSetArgs: A network_rule_set block as documented below.
publicNetworkAccessEnabled boolean: Whether public network access is allowed for the container registry. Defaults to true.
quarantinePolicyEnabled boolean: Boolean value that indicates whether quarantine policy is enabled.
retentionPolicy RegistryRetentionPolicyArgs: A retention_policy block as documented below.
tags {[key: string]: string}: A mapping of tags to assign to the resource.
trustPolicy RegistryTrustPolicyArgs: A trust_policy block as documented below.
zoneRedundancyEnabled boolean: Whether zone redundancy is enabled for this Container Registry? Changing this forces a new resource to be created. Defaults to false.

resource_group_name str: The name of the resource group in which to create the Container Registry. Changing this forces a new resource to be created.
sku str: The SKU name of the container registry. Possible values are Basic, Standard and Premium.
admin_enabled bool: Specifies whether the admin user is enabled. Defaults to false.
anonymous_pull_enabled bool: Whether allows anonymous (unauthenticated) pull access to this Container Registry? This is only supported on resources with the Standard or Premium SKU.
data_endpoint_enabled bool: Whether to enable dedicated data endpoints for this Container Registry? This is only supported on resources with the Premium SKU.
encryption RegistryEncryptionArgs: An encryption block as documented below.
export_policy_enabled bool: Boolean value that indicates whether export policy is enabled. Defaults to true. In order to set it to false, make sure the public_network_access_enabled is also set to false.
georeplications Sequence[RegistryGeoreplicationArgs]: A georeplications block as documented below.
identity RegistryIdentityArgs: An identity block as defined below.
location str: Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
name str: Specifies the name of the Container Registry. Only Alphanumeric characters allowed. Changing this forces a new resource to be created.
network_rule_bypass_option str: Whether to allow trusted Azure services to access a network restricted Container Registry? Possible values are None and AzureServices. Defaults to AzureServices.
network_rule_set RegistryNetworkRuleSetArgs: A network_rule_set block as documented below.
public_network_access_enabled bool: Whether public network access is allowed for the container registry. Defaults to true.
quarantine_policy_enabled bool: Boolean value that indicates whether quarantine policy is enabled.
retention_policy RegistryRetentionPolicyArgs: A retention_policy block as documented below.
tags Mapping[str, str]: A mapping of tags to assign to the resource.
trust_policy RegistryTrustPolicyArgs: A trust_policy block as documented below.
zone_redundancy_enabled bool: Whether zone redundancy is enabled for this Container Registry? Changing this forces a new resource to be created. Defaults to false.

resourceGroupName String: The name of the resource group in which to create the Container Registry. Changing this forces a new resource to be created.
sku String: The SKU name of the container registry. Possible values are Basic, Standard and Premium.
adminEnabled Boolean: Specifies whether the admin user is enabled. Defaults to false.
anonymousPullEnabled Boolean: Whether allows anonymous (unauthenticated) pull access to this Container Registry? This is only supported on resources with the Standard or Premium SKU.
dataEndpointEnabled Boolean: Whether to enable dedicated data endpoints for this Container Registry? This is only supported on resources with the Premium SKU.
encryption Property Map: An encryption block as documented below.
exportPolicyEnabled Boolean: Boolean value that indicates whether export policy is enabled. Defaults to true. In order to set it to false, make sure the public_network_access_enabled is also set to false.
georeplications List<Property Map>: A georeplications block as documented below.
identity Property Map: An identity block as defined below.
location String: Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
name String: Specifies the name of the Container Registry. Only Alphanumeric characters allowed. Changing this forces a new resource to be created.
networkRuleBypassOption String: Whether to allow trusted Azure services to access a network restricted Container Registry? Possible values are None and AzureServices. Defaults to AzureServices.
networkRuleSet Property Map: A network_rule_set block as documented below.
publicNetworkAccessEnabled Boolean: Whether public network access is allowed for the container registry. Defaults to true.
quarantinePolicyEnabled Boolean: Boolean value that indicates whether quarantine policy is enabled.
retentionPolicy Property Map: A retention_policy block as documented below.
tags Map<String>: A mapping of tags to assign to the resource.
trustPolicy Property Map: A trust_policy block as documented below.
zoneRedundancyEnabled Boolean: Whether zone redundancy is enabled for this Container Registry? Changing this forces a new resource to be created. Defaults to false.

Outputs

All input properties are implicitly available as output properties. Additionally, the Registry resource produces the following output properties:

AdminPassword string: The Password associated with the Container Registry Admin account - if the admin account is enabled.
AdminUsername string: The Username associated with the Container Registry Admin account - if the admin account is enabled.
Id string: The provider-assigned unique ID for this managed resource.
LoginServer string: The URL that can be used to log into the container registry.

AdminPassword string: The Password associated with the Container Registry Admin account - if the admin account is enabled.
AdminUsername string: The Username associated with the Container Registry Admin account - if the admin account is enabled.
Id string: The provider-assigned unique ID for this managed resource.
LoginServer string: The URL that can be used to log into the container registry.

adminPassword String: The Password associated with the Container Registry Admin account - if the admin account is enabled.
adminUsername String: The Username associated with the Container Registry Admin account - if the admin account is enabled.
id String: The provider-assigned unique ID for this managed resource.
loginServer String: The URL that can be used to log into the container registry.

adminPassword string: The Password associated with the Container Registry Admin account - if the admin account is enabled.
adminUsername string: The Username associated with the Container Registry Admin account - if the admin account is enabled.
id string: The provider-assigned unique ID for this managed resource.
loginServer string: The URL that can be used to log into the container registry.

admin_password str: The Password associated with the Container Registry Admin account - if the admin account is enabled.
admin_username str: The Username associated with the Container Registry Admin account - if the admin account is enabled.
id str: The provider-assigned unique ID for this managed resource.
login_server str: The URL that can be used to log into the container registry.

adminPassword String: The Password associated with the Container Registry Admin account - if the admin account is enabled.
adminUsername String: The Username associated with the Container Registry Admin account - if the admin account is enabled.
id String: The provider-assigned unique ID for this managed resource.
loginServer String: The URL that can be used to log into the container registry.

Look up Existing Registry Resource

Get an existing Registry resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: RegistryState, opts?: CustomResourceOptions): Registry

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        admin_enabled: Optional[bool] = None,
        admin_password: Optional[str] = None,
        admin_username: Optional[str] = None,
        anonymous_pull_enabled: Optional[bool] = None,
        data_endpoint_enabled: Optional[bool] = None,
        encryption: Optional[RegistryEncryptionArgs] = None,
        export_policy_enabled: Optional[bool] = None,
        georeplications: Optional[Sequence[RegistryGeoreplicationArgs]] = None,
        identity: Optional[RegistryIdentityArgs] = None,
        location: Optional[str] = None,
        login_server: Optional[str] = None,
        name: Optional[str] = None,
        network_rule_bypass_option: Optional[str] = None,
        network_rule_set: Optional[RegistryNetworkRuleSetArgs] = None,
        public_network_access_enabled: Optional[bool] = None,
        quarantine_policy_enabled: Optional[bool] = None,
        resource_group_name: Optional[str] = None,
        retention_policy: Optional[RegistryRetentionPolicyArgs] = None,
        sku: Optional[str] = None,
        tags: Optional[Mapping[str, str]] = None,
        trust_policy: Optional[RegistryTrustPolicyArgs] = None,
        zone_redundancy_enabled: Optional[bool] = None) -> Registry

func GetRegistry(ctx *Context, name string, id IDInput, state *RegistryState, opts ...ResourceOption) (*Registry, error)

public static Registry Get(string name, Input<string> id, RegistryState? state, CustomResourceOptions? opts = null)

public static Registry get(String name, Output<String> id, RegistryState state, CustomResourceOptions options)

Resource lookup is not supported in YAML

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

AdminEnabled bool: Specifies whether the admin user is enabled. Defaults to false.
AdminPassword string: The Password associated with the Container Registry Admin account - if the admin account is enabled.
AdminUsername string: The Username associated with the Container Registry Admin account - if the admin account is enabled.
AnonymousPullEnabled bool: Whether allows anonymous (unauthenticated) pull access to this Container Registry? This is only supported on resources with the Standard or Premium SKU.
DataEndpointEnabled bool: Whether to enable dedicated data endpoints for this Container Registry? This is only supported on resources with the Premium SKU.
Encryption RegistryEncryptionArgs: An encryption block as documented below.
ExportPolicyEnabled bool: Boolean value that indicates whether export policy is enabled. Defaults to true. In order to set it to false, make sure the public_network_access_enabled is also set to false.
Georeplications List<RegistryGeoreplicationArgs>: A georeplications block as documented below.
Identity RegistryIdentityArgs: An identity block as defined below.
Location string: Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
LoginServer string: The URL that can be used to log into the container registry.
Name string: Specifies the name of the Container Registry. Only Alphanumeric characters allowed. Changing this forces a new resource to be created.
NetworkRuleBypassOption string: Whether to allow trusted Azure services to access a network restricted Container Registry? Possible values are None and AzureServices. Defaults to AzureServices.
NetworkRuleSet RegistryNetworkRuleSetArgs: A network_rule_set block as documented below.
PublicNetworkAccessEnabled bool: Whether public network access is allowed for the container registry. Defaults to true.
QuarantinePolicyEnabled bool: Boolean value that indicates whether quarantine policy is enabled.
ResourceGroupName string: The name of the resource group in which to create the Container Registry. Changing this forces a new resource to be created.
RetentionPolicy RegistryRetentionPolicyArgs: A retention_policy block as documented below.
Sku string: The SKU name of the container registry. Possible values are Basic, Standard and Premium.
Tags Dictionary<string, string>: A mapping of tags to assign to the resource.
TrustPolicy RegistryTrustPolicyArgs: A trust_policy block as documented below.
ZoneRedundancyEnabled bool: Whether zone redundancy is enabled for this Container Registry? Changing this forces a new resource to be created. Defaults to false.

AdminEnabled bool: Specifies whether the admin user is enabled. Defaults to false.
AdminPassword string: The Password associated with the Container Registry Admin account - if the admin account is enabled.
AdminUsername string: The Username associated with the Container Registry Admin account - if the admin account is enabled.
AnonymousPullEnabled bool: Whether allows anonymous (unauthenticated) pull access to this Container Registry? This is only supported on resources with the Standard or Premium SKU.
DataEndpointEnabled bool: Whether to enable dedicated data endpoints for this Container Registry? This is only supported on resources with the Premium SKU.
Encryption RegistryEncryptionArgs: An encryption block as documented below.
ExportPolicyEnabled bool: Boolean value that indicates whether export policy is enabled. Defaults to true. In order to set it to false, make sure the public_network_access_enabled is also set to false.
Georeplications []RegistryGeoreplicationArgs: A georeplications block as documented below.
Identity RegistryIdentityArgs: An identity block as defined below.
Location string: Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
LoginServer string: The URL that can be used to log into the container registry.
Name string: Specifies the name of the Container Registry. Only Alphanumeric characters allowed. Changing this forces a new resource to be created.
NetworkRuleBypassOption string: Whether to allow trusted Azure services to access a network restricted Container Registry? Possible values are None and AzureServices. Defaults to AzureServices.
NetworkRuleSet RegistryNetworkRuleSetArgs: A network_rule_set block as documented below.
PublicNetworkAccessEnabled bool: Whether public network access is allowed for the container registry. Defaults to true.
QuarantinePolicyEnabled bool: Boolean value that indicates whether quarantine policy is enabled.
ResourceGroupName string: The name of the resource group in which to create the Container Registry. Changing this forces a new resource to be created.
RetentionPolicy RegistryRetentionPolicyArgs: A retention_policy block as documented below.
Sku string: The SKU name of the container registry. Possible values are Basic, Standard and Premium.
Tags map[string]string: A mapping of tags to assign to the resource.
TrustPolicy RegistryTrustPolicyArgs: A trust_policy block as documented below.
ZoneRedundancyEnabled bool: Whether zone redundancy is enabled for this Container Registry? Changing this forces a new resource to be created. Defaults to false.

adminEnabled Boolean: Specifies whether the admin user is enabled. Defaults to false.
adminPassword String: The Password associated with the Container Registry Admin account - if the admin account is enabled.
adminUsername String: The Username associated with the Container Registry Admin account - if the admin account is enabled.
anonymousPullEnabled Boolean: Whether allows anonymous (unauthenticated) pull access to this Container Registry? This is only supported on resources with the Standard or Premium SKU.
dataEndpointEnabled Boolean: Whether to enable dedicated data endpoints for this Container Registry? This is only supported on resources with the Premium SKU.
encryption RegistryEncryptionArgs: An encryption block as documented below.
exportPolicyEnabled Boolean: Boolean value that indicates whether export policy is enabled. Defaults to true. In order to set it to false, make sure the public_network_access_enabled is also set to false.
georeplications List<RegistryGeoreplicationArgs>: A georeplications block as documented below.
identity RegistryIdentityArgs: An identity block as defined below.
location String: Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
loginServer String: The URL that can be used to log into the container registry.
name String: Specifies the name of the Container Registry. Only Alphanumeric characters allowed. Changing this forces a new resource to be created.
networkRuleBypassOption String: Whether to allow trusted Azure services to access a network restricted Container Registry? Possible values are None and AzureServices. Defaults to AzureServices.
networkRuleSet RegistryNetworkRuleSetArgs: A network_rule_set block as documented below.
publicNetworkAccessEnabled Boolean: Whether public network access is allowed for the container registry. Defaults to true.
quarantinePolicyEnabled Boolean: Boolean value that indicates whether quarantine policy is enabled.
resourceGroupName String: The name of the resource group in which to create the Container Registry. Changing this forces a new resource to be created.
retentionPolicy RegistryRetentionPolicyArgs: A retention_policy block as documented below.
sku String: The SKU name of the container registry. Possible values are Basic, Standard and Premium.
tags Map<String,String>: A mapping of tags to assign to the resource.
trustPolicy RegistryTrustPolicyArgs: A trust_policy block as documented below.
zoneRedundancyEnabled Boolean: Whether zone redundancy is enabled for this Container Registry? Changing this forces a new resource to be created. Defaults to false.

adminEnabled boolean: Specifies whether the admin user is enabled. Defaults to false.
adminPassword string: The Password associated with the Container Registry Admin account - if the admin account is enabled.
adminUsername string: The Username associated with the Container Registry Admin account - if the admin account is enabled.
anonymousPullEnabled boolean: Whether allows anonymous (unauthenticated) pull access to this Container Registry? This is only supported on resources with the Standard or Premium SKU.
dataEndpointEnabled boolean: Whether to enable dedicated data endpoints for this Container Registry? This is only supported on resources with the Premium SKU.
encryption RegistryEncryptionArgs: An encryption block as documented below.
exportPolicyEnabled boolean: Boolean value that indicates whether export policy is enabled. Defaults to true. In order to set it to false, make sure the public_network_access_enabled is also set to false.
georeplications RegistryGeoreplicationArgs[]: A georeplications block as documented below.
identity RegistryIdentityArgs: An identity block as defined below.
location string: Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
loginServer string: The URL that can be used to log into the container registry.
name string: Specifies the name of the Container Registry. Only Alphanumeric characters allowed. Changing this forces a new resource to be created.
networkRuleBypassOption string: Whether to allow trusted Azure services to access a network restricted Container Registry? Possible values are None and AzureServices. Defaults to AzureServices.
networkRuleSet RegistryNetworkRuleSetArgs: A network_rule_set block as documented below.
publicNetworkAccessEnabled boolean: Whether public network access is allowed for the container registry. Defaults to true.
quarantinePolicyEnabled boolean: Boolean value that indicates whether quarantine policy is enabled.
resourceGroupName string: The name of the resource group in which to create the Container Registry. Changing this forces a new resource to be created.
retentionPolicy RegistryRetentionPolicyArgs: A retention_policy block as documented below.
sku string: The SKU name of the container registry. Possible values are Basic, Standard and Premium.
tags {[key: string]: string}: A mapping of tags to assign to the resource.
trustPolicy RegistryTrustPolicyArgs: A trust_policy block as documented below.
zoneRedundancyEnabled boolean: Whether zone redundancy is enabled for this Container Registry? Changing this forces a new resource to be created. Defaults to false.

admin_enabled bool: Specifies whether the admin user is enabled. Defaults to false.
admin_password str: The Password associated with the Container Registry Admin account - if the admin account is enabled.
admin_username str: The Username associated with the Container Registry Admin account - if the admin account is enabled.
anonymous_pull_enabled bool: Whether allows anonymous (unauthenticated) pull access to this Container Registry? This is only supported on resources with the Standard or Premium SKU.
data_endpoint_enabled bool: Whether to enable dedicated data endpoints for this Container Registry? This is only supported on resources with the Premium SKU.
encryption RegistryEncryptionArgs: An encryption block as documented below.
export_policy_enabled bool: Boolean value that indicates whether export policy is enabled. Defaults to true. In order to set it to false, make sure the public_network_access_enabled is also set to false.
georeplications Sequence[RegistryGeoreplicationArgs]: A georeplications block as documented below.
identity RegistryIdentityArgs: An identity block as defined below.
location str: Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
login_server str: The URL that can be used to log into the container registry.
name str: Specifies the name of the Container Registry. Only Alphanumeric characters allowed. Changing this forces a new resource to be created.
network_rule_bypass_option str: Whether to allow trusted Azure services to access a network restricted Container Registry? Possible values are None and AzureServices. Defaults to AzureServices.
network_rule_set RegistryNetworkRuleSetArgs: A network_rule_set block as documented below.
public_network_access_enabled bool: Whether public network access is allowed for the container registry. Defaults to true.
quarantine_policy_enabled bool: Boolean value that indicates whether quarantine policy is enabled.
resource_group_name str: The name of the resource group in which to create the Container Registry. Changing this forces a new resource to be created.
retention_policy RegistryRetentionPolicyArgs: A retention_policy block as documented below.
sku str: The SKU name of the container registry. Possible values are Basic, Standard and Premium.
tags Mapping[str, str]: A mapping of tags to assign to the resource.
trust_policy RegistryTrustPolicyArgs: A trust_policy block as documented below.
zone_redundancy_enabled bool: Whether zone redundancy is enabled for this Container Registry? Changing this forces a new resource to be created. Defaults to false.

adminEnabled Boolean: Specifies whether the admin user is enabled. Defaults to false.
adminPassword String: The Password associated with the Container Registry Admin account - if the admin account is enabled.
adminUsername String: The Username associated with the Container Registry Admin account - if the admin account is enabled.
anonymousPullEnabled Boolean: Whether allows anonymous (unauthenticated) pull access to this Container Registry? This is only supported on resources with the Standard or Premium SKU.
dataEndpointEnabled Boolean: Whether to enable dedicated data endpoints for this Container Registry? This is only supported on resources with the Premium SKU.
encryption Property Map: An encryption block as documented below.
exportPolicyEnabled Boolean: Boolean value that indicates whether export policy is enabled. Defaults to true. In order to set it to false, make sure the public_network_access_enabled is also set to false.
georeplications List<Property Map>: A georeplications block as documented below.
identity Property Map: An identity block as defined below.
location String: Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
loginServer String: The URL that can be used to log into the container registry.
name String: Specifies the name of the Container Registry. Only Alphanumeric characters allowed. Changing this forces a new resource to be created.
networkRuleBypassOption String: Whether to allow trusted Azure services to access a network restricted Container Registry? Possible values are None and AzureServices. Defaults to AzureServices.
networkRuleSet Property Map: A network_rule_set block as documented below.
publicNetworkAccessEnabled Boolean: Whether public network access is allowed for the container registry. Defaults to true.
quarantinePolicyEnabled Boolean: Boolean value that indicates whether quarantine policy is enabled.
resourceGroupName String: The name of the resource group in which to create the Container Registry. Changing this forces a new resource to be created.
retentionPolicy Property Map: A retention_policy block as documented below.
sku String: The SKU name of the container registry. Possible values are Basic, Standard and Premium.
tags Map<String>: A mapping of tags to assign to the resource.
trustPolicy Property Map: A trust_policy block as documented below.
zoneRedundancyEnabled Boolean: Whether zone redundancy is enabled for this Container Registry? Changing this forces a new resource to be created. Defaults to false.

Supporting Types

RegistryEncryption

IdentityClientId string: The client ID of the managed identity associated with the encryption key.
KeyVaultKeyId string: The ID of the Key Vault Key.
Enabled bool: Boolean value that indicates whether encryption is enabled.

IdentityClientId string: The client ID of the managed identity associated with the encryption key.
KeyVaultKeyId string: The ID of the Key Vault Key.
Enabled bool: Boolean value that indicates whether encryption is enabled.

identityClientId String: The client ID of the managed identity associated with the encryption key.
keyVaultKeyId String: The ID of the Key Vault Key.
enabled Boolean: Boolean value that indicates whether encryption is enabled.

identityClientId string: The client ID of the managed identity associated with the encryption key.
keyVaultKeyId string: The ID of the Key Vault Key.
enabled boolean: Boolean value that indicates whether encryption is enabled.

identity_client_id str: The client ID of the managed identity associated with the encryption key.
key_vault_key_id str: The ID of the Key Vault Key.
enabled bool: Boolean value that indicates whether encryption is enabled.

identityClientId String: The client ID of the managed identity associated with the encryption key.
keyVaultKeyId String: The ID of the Key Vault Key.
enabled Boolean: Boolean value that indicates whether encryption is enabled.

RegistryGeoreplication

Location string: A location where the container registry should be geo-replicated.
RegionalEndpointEnabled bool: Whether regional endpoint is enabled for this Container Registry?
Tags Dictionary<string, string>: A mapping of tags to assign to this replication location.
ZoneRedundancyEnabled bool: Whether zone redundancy is enabled for this replication location? Defaults to false.

Location string: A location where the container registry should be geo-replicated.
RegionalEndpointEnabled bool: Whether regional endpoint is enabled for this Container Registry?
Tags map[string]string: A mapping of tags to assign to this replication location.
ZoneRedundancyEnabled bool: Whether zone redundancy is enabled for this replication location? Defaults to false.

location String: A location where the container registry should be geo-replicated.
regionalEndpointEnabled Boolean: Whether regional endpoint is enabled for this Container Registry?
tags Map<String,String>: A mapping of tags to assign to this replication location.
zoneRedundancyEnabled Boolean: Whether zone redundancy is enabled for this replication location? Defaults to false.

location string: A location where the container registry should be geo-replicated.
regionalEndpointEnabled boolean: Whether regional endpoint is enabled for this Container Registry?
tags {[key: string]: string}: A mapping of tags to assign to this replication location.
zoneRedundancyEnabled boolean: Whether zone redundancy is enabled for this replication location? Defaults to false.

location str: A location where the container registry should be geo-replicated.
regional_endpoint_enabled bool: Whether regional endpoint is enabled for this Container Registry?
tags Mapping[str, str]: A mapping of tags to assign to this replication location.
zone_redundancy_enabled bool: Whether zone redundancy is enabled for this replication location? Defaults to false.

location String: A location where the container registry should be geo-replicated.
regionalEndpointEnabled Boolean: Whether regional endpoint is enabled for this Container Registry?
tags Map<String>: A mapping of tags to assign to this replication location.
zoneRedundancyEnabled Boolean: Whether zone redundancy is enabled for this replication location? Defaults to false.

RegistryIdentity

Type string: Specifies the type of Managed Service Identity that should be configured on this Container Registry. Possible values are SystemAssigned, UserAssigned, SystemAssigned, UserAssigned (to enable both).
IdentityIds List<string>: Specifies a list of User Assigned Managed Identity IDs to be assigned to this Container Registry.
PrincipalId string: The Principal ID associated with this Managed Service Identity.
TenantId string: The Tenant ID associated with this Managed Service Identity.

Type string: Specifies the type of Managed Service Identity that should be configured on this Container Registry. Possible values are SystemAssigned, UserAssigned, SystemAssigned, UserAssigned (to enable both).
IdentityIds []string: Specifies a list of User Assigned Managed Identity IDs to be assigned to this Container Registry.
PrincipalId string: The Principal ID associated with this Managed Service Identity.
TenantId string: The Tenant ID associated with this Managed Service Identity.

type String: Specifies the type of Managed Service Identity that should be configured on this Container Registry. Possible values are SystemAssigned, UserAssigned, SystemAssigned, UserAssigned (to enable both).
identityIds List<String>: Specifies a list of User Assigned Managed Identity IDs to be assigned to this Container Registry.
principalId String: The Principal ID associated with this Managed Service Identity.
tenantId String: The Tenant ID associated with this Managed Service Identity.

type string: Specifies the type of Managed Service Identity that should be configured on this Container Registry. Possible values are SystemAssigned, UserAssigned, SystemAssigned, UserAssigned (to enable both).
identityIds string[]: Specifies a list of User Assigned Managed Identity IDs to be assigned to this Container Registry.
principalId string: The Principal ID associated with this Managed Service Identity.
tenantId string: The Tenant ID associated with this Managed Service Identity.

type str: Specifies the type of Managed Service Identity that should be configured on this Container Registry. Possible values are SystemAssigned, UserAssigned, SystemAssigned, UserAssigned (to enable both).
identity_ids Sequence[str]: Specifies a list of User Assigned Managed Identity IDs to be assigned to this Container Registry.
principal_id str: The Principal ID associated with this Managed Service Identity.
tenant_id str: The Tenant ID associated with this Managed Service Identity.

type String: Specifies the type of Managed Service Identity that should be configured on this Container Registry. Possible values are SystemAssigned, UserAssigned, SystemAssigned, UserAssigned (to enable both).
identityIds List<String>: Specifies a list of User Assigned Managed Identity IDs to be assigned to this Container Registry.
principalId String: The Principal ID associated with this Managed Service Identity.
tenantId String: The Tenant ID associated with this Managed Service Identity.

RegistryNetworkRuleSet

DefaultAction string: The behaviour for requests matching no rules. Either Allow or Deny. Defaults to Allow
IpRules List<RegistryNetworkRuleSetIpRule>: One or more ip_rule blocks as defined below.
VirtualNetworks List<RegistryNetworkRuleSetVirtualNetwork>: One or more virtual_network blocks as defined below.

DefaultAction string: The behaviour for requests matching no rules. Either Allow or Deny. Defaults to Allow
IpRules []RegistryNetworkRuleSetIpRule: One or more ip_rule blocks as defined below.
VirtualNetworks []RegistryNetworkRuleSetVirtualNetwork: One or more virtual_network blocks as defined below.

defaultAction String: The behaviour for requests matching no rules. Either Allow or Deny. Defaults to Allow
ipRules List<RegistryNetworkRuleSetIpRule>: One or more ip_rule blocks as defined below.
virtualNetworks List<RegistryNetworkRuleSetVirtualNetwork>: One or more virtual_network blocks as defined below.

defaultAction string: The behaviour for requests matching no rules. Either Allow or Deny. Defaults to Allow
ipRules RegistryNetworkRuleSetIpRule[]: One or more ip_rule blocks as defined below.
virtualNetworks RegistryNetworkRuleSetVirtualNetwork[]: One or more virtual_network blocks as defined below.

default_action str: The behaviour for requests matching no rules. Either Allow or Deny. Defaults to Allow
ip_rules Sequence[RegistryNetworkRuleSetIpRule]: One or more ip_rule blocks as defined below.
virtual_networks Sequence[RegistryNetworkRuleSetVirtualNetwork]: One or more virtual_network blocks as defined below.

defaultAction String: The behaviour for requests matching no rules. Either Allow or Deny. Defaults to Allow
ipRules List<Property Map>: One or more ip_rule blocks as defined below.
virtualNetworks List<Property Map>: One or more virtual_network blocks as defined below.

RegistryNetworkRuleSetIpRule

Action string: The behaviour for requests matching this rule. At this time the only supported value is Allow
IpRange string: The CIDR block from which requests will match the rule.

Action string: The behaviour for requests matching this rule. At this time the only supported value is Allow
IpRange string: The CIDR block from which requests will match the rule.

action String: The behaviour for requests matching this rule. At this time the only supported value is Allow
ipRange String: The CIDR block from which requests will match the rule.

action string: The behaviour for requests matching this rule. At this time the only supported value is Allow
ipRange string: The CIDR block from which requests will match the rule.

action str: The behaviour for requests matching this rule. At this time the only supported value is Allow
ip_range str: The CIDR block from which requests will match the rule.

action String: The behaviour for requests matching this rule. At this time the only supported value is Allow
ipRange String: The CIDR block from which requests will match the rule.

RegistryNetworkRuleSetVirtualNetwork

Action string: The behaviour for requests matching this rule. At this time the only supported value is Allow
SubnetId string: The subnet id from which requests will match the rule.

Action string: The behaviour for requests matching this rule. At this time the only supported value is Allow
SubnetId string: The subnet id from which requests will match the rule.

action String: The behaviour for requests matching this rule. At this time the only supported value is Allow
subnetId String: The subnet id from which requests will match the rule.

action string: The behaviour for requests matching this rule. At this time the only supported value is Allow
subnetId string: The subnet id from which requests will match the rule.

action str: The behaviour for requests matching this rule. At this time the only supported value is Allow
subnet_id str: The subnet id from which requests will match the rule.

action String: The behaviour for requests matching this rule. At this time the only supported value is Allow
subnetId String: The subnet id from which requests will match the rule.

RegistryRetentionPolicy

Days int: The number of days to retain an untagged manifest after which it gets purged. Default is 7.
Enabled bool: Boolean value that indicates whether the policy is enabled.

Days int: The number of days to retain an untagged manifest after which it gets purged. Default is 7.
Enabled bool: Boolean value that indicates whether the policy is enabled.

days Integer: The number of days to retain an untagged manifest after which it gets purged. Default is 7.
enabled Boolean: Boolean value that indicates whether the policy is enabled.

days number: The number of days to retain an untagged manifest after which it gets purged. Default is 7.
enabled boolean: Boolean value that indicates whether the policy is enabled.

days int: The number of days to retain an untagged manifest after which it gets purged. Default is 7.
enabled bool: Boolean value that indicates whether the policy is enabled.

days Number: The number of days to retain an untagged manifest after which it gets purged. Default is 7.
enabled Boolean: Boolean value that indicates whether the policy is enabled.

RegistryTrustPolicy

Enabled bool: Boolean value that indicates whether the policy is enabled.

Enabled bool: Boolean value that indicates whether the policy is enabled.

enabled Boolean: Boolean value that indicates whether the policy is enabled.

enabled boolean: Boolean value that indicates whether the policy is enabled.

enabled bool: Boolean value that indicates whether the policy is enabled.

enabled Boolean: Boolean value that indicates whether the policy is enabled.

Import

Container Registries can be imported using the resource id, e.g.

 $ pulumi import azure:containerservice/registry:Registry example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mygroup1/providers/Microsoft.ContainerRegistry/registries/myregistry1

Package Details

Repository: Azure Classic pulumi/pulumi-azure
License: Apache-2.0
Notes: This Pulumi package is based on the azurerm Terraform Provider.