Docs
PackagesWe recommend using Azure Native.
Azure Classic v5.72.0 published on Monday, Apr 15, 2024 by Pulumi
azure.containerservice.Registry
Explore with Pulumi AI
Manages an Azure Container Registry.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";
const example = new azure.core.ResourceGroup("example", {
name: "example-resources",
location: "West Europe",
});
const acr = new azure.containerservice.Registry("acr", {
name: "containerRegistry1",
resourceGroupName: example.name,
location: example.location,
sku: "Premium",
adminEnabled: false,
georeplications: [
{
location: "East US",
zoneRedundancyEnabled: true,
tags: {},
},
{
location: "North Europe",
zoneRedundancyEnabled: true,
tags: {},
},
],
});
import pulumi
import pulumi_azure as azure
example = azure.core.ResourceGroup("example",
name="example-resources",
location="West Europe")
acr = azure.containerservice.Registry("acr",
name="containerRegistry1",
resource_group_name=example.name,
location=example.location,
sku="Premium",
admin_enabled=False,
georeplications=[
azure.containerservice.RegistryGeoreplicationArgs(
location="East US",
zone_redundancy_enabled=True,
tags={},
),
azure.containerservice.RegistryGeoreplicationArgs(
location="North Europe",
zone_redundancy_enabled=True,
tags={},
),
])
package main
import (
"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/containerservice"
"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
example, err := core.NewResourceGroup(ctx, "example", &core.ResourceGroupArgs{
Name: pulumi.String("example-resources"),
Location: pulumi.String("West Europe"),
})
if err != nil {
return err
}
_, err = containerservice.NewRegistry(ctx, "acr", &containerservice.RegistryArgs{
Name: pulumi.String("containerRegistry1"),
ResourceGroupName: example.Name,
Location: example.Location,
Sku: pulumi.String("Premium"),
AdminEnabled: pulumi.Bool(false),
Georeplications: containerservice.RegistryGeoreplicationArray{
&containerservice.RegistryGeoreplicationArgs{
Location: pulumi.String("East US"),
ZoneRedundancyEnabled: pulumi.Bool(true),
Tags: nil,
},
&containerservice.RegistryGeoreplicationArgs{
Location: pulumi.String("North Europe"),
ZoneRedundancyEnabled: pulumi.Bool(true),
Tags: nil,
},
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Azure = Pulumi.Azure;
return await Deployment.RunAsync(() =>
{
var example = new Azure.Core.ResourceGroup("example", new()
{
Name = "example-resources",
Location = "West Europe",
});
var acr = new Azure.ContainerService.Registry("acr", new()
{
Name = "containerRegistry1",
ResourceGroupName = example.Name,
Location = example.Location,
Sku = "Premium",
AdminEnabled = false,
Georeplications = new[]
{
new Azure.ContainerService.Inputs.RegistryGeoreplicationArgs
{
Location = "East US",
ZoneRedundancyEnabled = true,
Tags = null,
},
new Azure.ContainerService.Inputs.RegistryGeoreplicationArgs
{
Location = "North Europe",
ZoneRedundancyEnabled = true,
Tags = null,
},
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.ResourceGroup;
import com.pulumi.azure.core.ResourceGroupArgs;
import com.pulumi.azure.containerservice.Registry;
import com.pulumi.azure.containerservice.RegistryArgs;
import com.pulumi.azure.containerservice.inputs.RegistryGeoreplicationArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new ResourceGroup("example", ResourceGroupArgs.builder()
.name("example-resources")
.location("West Europe")
.build());
var acr = new Registry("acr", RegistryArgs.builder()
.name("containerRegistry1")
.resourceGroupName(example.name())
.location(example.location())
.sku("Premium")
.adminEnabled(false)
.georeplications(
RegistryGeoreplicationArgs.builder()
.location("East US")
.zoneRedundancyEnabled(true)
.tags()
.build(),
RegistryGeoreplicationArgs.builder()
.location("North Europe")
.zoneRedundancyEnabled(true)
.tags()
.build())
.build());
}
}
resources:
example:
type: azure:core:ResourceGroup
properties:
name: example-resources
location: West Europe
acr:
type: azure:containerservice:Registry
properties:
name: containerRegistry1
resourceGroupName: ${example.name}
location: ${example.location}
sku: Premium
adminEnabled: false
georeplications:
- location: East US
zoneRedundancyEnabled: true
tags: {}
- location: North Europe
zoneRedundancyEnabled: true
tags: {}
Encryption)
import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";
const exampleResourceGroup = new azure.core.ResourceGroup("example", {
name: "example-resources",
location: "West Europe",
});
const exampleUserAssignedIdentity = new azure.authorization.UserAssignedIdentity("example", {
resourceGroupName: exampleResourceGroup.name,
location: exampleResourceGroup.location,
name: "registry-uai",
});
const example = azure.keyvault.getKey({
name: "super-secret",
keyVaultId: existing.id,
});
const acr = new azure.containerservice.Registry("acr", {
name: "containerRegistry1",
resourceGroupName: exampleResourceGroup.name,
location: exampleResourceGroup.location,
sku: "Premium",
identity: {
type: "UserAssigned",
identityIds: [exampleUserAssignedIdentity.id],
},
encryption: {
enabled: true,
keyVaultKeyId: example.then(example => example.id),
identityClientId: exampleUserAssignedIdentity.clientId,
},
});
import pulumi
import pulumi_azure as azure
example_resource_group = azure.core.ResourceGroup("example",
name="example-resources",
location="West Europe")
example_user_assigned_identity = azure.authorization.UserAssignedIdentity("example",
resource_group_name=example_resource_group.name,
location=example_resource_group.location,
name="registry-uai")
example = azure.keyvault.get_key(name="super-secret",
key_vault_id=existing["id"])
acr = azure.containerservice.Registry("acr",
name="containerRegistry1",
resource_group_name=example_resource_group.name,
location=example_resource_group.location,
sku="Premium",
identity=azure.containerservice.RegistryIdentityArgs(
type="UserAssigned",
identity_ids=[example_user_assigned_identity.id],
),
encryption=azure.containerservice.RegistryEncryptionArgs(
enabled=True,
key_vault_key_id=example.id,
identity_client_id=example_user_assigned_identity.client_id,
))
package main
import (
"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/authorization"
"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/containerservice"
"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core"
"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/keyvault"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
exampleResourceGroup, err := core.NewResourceGroup(ctx, "example", &core.ResourceGroupArgs{
Name: pulumi.String("example-resources"),
Location: pulumi.String("West Europe"),
})
if err != nil {
return err
}
exampleUserAssignedIdentity, err := authorization.NewUserAssignedIdentity(ctx, "example", &authorization.UserAssignedIdentityArgs{
ResourceGroupName: exampleResourceGroup.Name,
Location: exampleResourceGroup.Location,
Name: pulumi.String("registry-uai"),
})
if err != nil {
return err
}
example, err := keyvault.LookupKey(ctx, &keyvault.LookupKeyArgs{
Name: "super-secret",
KeyVaultId: existing.Id,
}, nil)
if err != nil {
return err
}
_, err = containerservice.NewRegistry(ctx, "acr", &containerservice.RegistryArgs{
Name: pulumi.String("containerRegistry1"),
ResourceGroupName: exampleResourceGroup.Name,
Location: exampleResourceGroup.Location,
Sku: pulumi.String("Premium"),
Identity: &containerservice.RegistryIdentityArgs{
Type: pulumi.String("UserAssigned"),
IdentityIds: pulumi.StringArray{
exampleUserAssignedIdentity.ID(),
},
},
Encryption: &containerservice.RegistryEncryptionArgs{
Enabled: pulumi.Bool(true),
KeyVaultKeyId: pulumi.String(example.Id),
IdentityClientId: exampleUserAssignedIdentity.ClientId,
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Azure = Pulumi.Azure;
return await Deployment.RunAsync(() =>
{
var exampleResourceGroup = new Azure.Core.ResourceGroup("example", new()
{
Name = "example-resources",
Location = "West Europe",
});
var exampleUserAssignedIdentity = new Azure.Authorization.UserAssignedIdentity("example", new()
{
ResourceGroupName = exampleResourceGroup.Name,
Location = exampleResourceGroup.Location,
Name = "registry-uai",
});
var example = Azure.KeyVault.GetKey.Invoke(new()
{
Name = "super-secret",
KeyVaultId = existing.Id,
});
var acr = new Azure.ContainerService.Registry("acr", new()
{
Name = "containerRegistry1",
ResourceGroupName = exampleResourceGroup.Name,
Location = exampleResourceGroup.Location,
Sku = "Premium",
Identity = new Azure.ContainerService.Inputs.RegistryIdentityArgs
{
Type = "UserAssigned",
IdentityIds = new[]
{
exampleUserAssignedIdentity.Id,
},
},
Encryption = new Azure.ContainerService.Inputs.RegistryEncryptionArgs
{
Enabled = true,
KeyVaultKeyId = example.Apply(getKeyResult => getKeyResult.Id),
IdentityClientId = exampleUserAssignedIdentity.ClientId,
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.ResourceGroup;
import com.pulumi.azure.core.ResourceGroupArgs;
import com.pulumi.azure.authorization.UserAssignedIdentity;
import com.pulumi.azure.authorization.UserAssignedIdentityArgs;
import com.pulumi.azure.keyvault.KeyvaultFunctions;
import com.pulumi.azure.keyvault.inputs.GetKeyArgs;
import com.pulumi.azure.containerservice.Registry;
import com.pulumi.azure.containerservice.RegistryArgs;
import com.pulumi.azure.containerservice.inputs.RegistryIdentityArgs;
import com.pulumi.azure.containerservice.inputs.RegistryEncryptionArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var exampleResourceGroup = new ResourceGroup("exampleResourceGroup", ResourceGroupArgs.builder()
.name("example-resources")
.location("West Europe")
.build());
var exampleUserAssignedIdentity = new UserAssignedIdentity("exampleUserAssignedIdentity", UserAssignedIdentityArgs.builder()
.resourceGroupName(exampleResourceGroup.name())
.location(exampleResourceGroup.location())
.name("registry-uai")
.build());
final var example = KeyvaultFunctions.getKey(GetKeyArgs.builder()
.name("super-secret")
.keyVaultId(existing.id())
.build());
var acr = new Registry("acr", RegistryArgs.builder()
.name("containerRegistry1")
.resourceGroupName(exampleResourceGroup.name())
.location(exampleResourceGroup.location())
.sku("Premium")
.identity(RegistryIdentityArgs.builder()
.type("UserAssigned")
.identityIds(exampleUserAssignedIdentity.id())
.build())
.encryption(RegistryEncryptionArgs.builder()
.enabled(true)
.keyVaultKeyId(example.applyValue(getKeyResult -> getKeyResult.id()))
.identityClientId(exampleUserAssignedIdentity.clientId())
.build())
.build());
}
}
resources:
exampleResourceGroup:
type: azure:core:ResourceGroup
name: example
properties:
name: example-resources
location: West Europe
acr:
type: azure:containerservice:Registry
properties:
name: containerRegistry1
resourceGroupName: ${exampleResourceGroup.name}
location: ${exampleResourceGroup.location}
sku: Premium
identity:
type: UserAssigned
identityIds:
- ${exampleUserAssignedIdentity.id}
encryption:
enabled: true
keyVaultKeyId: ${example.id}
identityClientId: ${exampleUserAssignedIdentity.clientId}
exampleUserAssignedIdentity:
type: azure:authorization:UserAssignedIdentity
name: example
properties:
resourceGroupName: ${exampleResourceGroup.name}
location: ${exampleResourceGroup.location}
name: registry-uai
variables:
example:
fn::invoke:
Function: azure:keyvault:getKey
Arguments:
name: super-secret
keyVaultId: ${existing.id}
Attaching A Container Registry To A Kubernetes Cluster)
import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";
const example = new azure.core.ResourceGroup("example", {
name: "example-resources",
location: "West Europe",
});
const exampleRegistry = new azure.containerservice.Registry("example", {
name: "containerRegistry1",
resourceGroupName: example.name,
location: example.location,
sku: "Premium",
});
const exampleKubernetesCluster = new azure.containerservice.KubernetesCluster("example", {
name: "example-aks1",
location: example.location,
resourceGroupName: example.name,
dnsPrefix: "exampleaks1",
defaultNodePool: {
name: "default",
nodeCount: 1,
vmSize: "Standard_D2_v2",
},
identity: {
type: "SystemAssigned",
},
tags: {
Environment: "Production",
},
});
const exampleAssignment = new azure.authorization.Assignment("example", {
principalId: exampleKubernetesCluster.kubeletIdentity.apply(kubeletIdentity => kubeletIdentity.objectId),
roleDefinitionName: "AcrPull",
scope: exampleRegistry.id,
skipServicePrincipalAadCheck: true,
});
import pulumi
import pulumi_azure as azure
example = azure.core.ResourceGroup("example",
name="example-resources",
location="West Europe")
example_registry = azure.containerservice.Registry("example",
name="containerRegistry1",
resource_group_name=example.name,
location=example.location,
sku="Premium")
example_kubernetes_cluster = azure.containerservice.KubernetesCluster("example",
name="example-aks1",
location=example.location,
resource_group_name=example.name,
dns_prefix="exampleaks1",
default_node_pool=azure.containerservice.KubernetesClusterDefaultNodePoolArgs(
name="default",
node_count=1,
vm_size="Standard_D2_v2",
),
identity=azure.containerservice.KubernetesClusterIdentityArgs(
type="SystemAssigned",
),
tags={
"Environment": "Production",
})
example_assignment = azure.authorization.Assignment("example",
principal_id=example_kubernetes_cluster.kubelet_identity.object_id,
role_definition_name="AcrPull",
scope=example_registry.id,
skip_service_principal_aad_check=True)
package main
import (
"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/authorization"
"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/containerservice"
"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
example, err := core.NewResourceGroup(ctx, "example", &core.ResourceGroupArgs{
Name: pulumi.String("example-resources"),
Location: pulumi.String("West Europe"),
})
if err != nil {
return err
}
exampleRegistry, err := containerservice.NewRegistry(ctx, "example", &containerservice.RegistryArgs{
Name: pulumi.String("containerRegistry1"),
ResourceGroupName: example.Name,
Location: example.Location,
Sku: pulumi.String("Premium"),
})
if err != nil {
return err
}
exampleKubernetesCluster, err := containerservice.NewKubernetesCluster(ctx, "example", &containerservice.KubernetesClusterArgs{
Name: pulumi.String("example-aks1"),
Location: example.Location,
ResourceGroupName: example.Name,
DnsPrefix: pulumi.String("exampleaks1"),
DefaultNodePool: &containerservice.KubernetesClusterDefaultNodePoolArgs{
Name: pulumi.String("default"),
NodeCount: pulumi.Int(1),
VmSize: pulumi.String("Standard_D2_v2"),
},
Identity: &containerservice.KubernetesClusterIdentityArgs{
Type: pulumi.String("SystemAssigned"),
},
Tags: pulumi.StringMap{
"Environment": pulumi.String("Production"),
},
})
if err != nil {
return err
}
_, err = authorization.NewAssignment(ctx, "example", &authorization.AssignmentArgs{
PrincipalId: exampleKubernetesCluster.KubeletIdentity.ApplyT(func(kubeletIdentity containerservice.KubernetesClusterKubeletIdentity) (*string, error) {
return &kubeletIdentity.ObjectId, nil
}).(pulumi.StringPtrOutput),
RoleDefinitionName: pulumi.String("AcrPull"),
Scope: exampleRegistry.ID(),
SkipServicePrincipalAadCheck: pulumi.Bool(true),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Azure = Pulumi.Azure;
return await Deployment.RunAsync(() =>
{
var example = new Azure.Core.ResourceGroup("example", new()
{
Name = "example-resources",
Location = "West Europe",
});
var exampleRegistry = new Azure.ContainerService.Registry("example", new()
{
Name = "containerRegistry1",
ResourceGroupName = example.Name,
Location = example.Location,
Sku = "Premium",
});
var exampleKubernetesCluster = new Azure.ContainerService.KubernetesCluster("example", new()
{
Name = "example-aks1",
Location = example.Location,
ResourceGroupName = example.Name,
DnsPrefix = "exampleaks1",
DefaultNodePool = new Azure.ContainerService.Inputs.KubernetesClusterDefaultNodePoolArgs
{
Name = "default",
NodeCount = 1,
VmSize = "Standard_D2_v2",
},
Identity = new Azure.ContainerService.Inputs.KubernetesClusterIdentityArgs
{
Type = "SystemAssigned",
},
Tags =
{
{ "Environment", "Production" },
},
});
var exampleAssignment = new Azure.Authorization.Assignment("example", new()
{
PrincipalId = exampleKubernetesCluster.KubeletIdentity.Apply(kubeletIdentity => kubeletIdentity.ObjectId),
RoleDefinitionName = "AcrPull",
Scope = exampleRegistry.Id,
SkipServicePrincipalAadCheck = true,
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.ResourceGroup;
import com.pulumi.azure.core.ResourceGroupArgs;
import com.pulumi.azure.containerservice.Registry;
import com.pulumi.azure.containerservice.RegistryArgs;
import com.pulumi.azure.containerservice.KubernetesCluster;
import com.pulumi.azure.containerservice.KubernetesClusterArgs;
import com.pulumi.azure.containerservice.inputs.KubernetesClusterDefaultNodePoolArgs;
import com.pulumi.azure.containerservice.inputs.KubernetesClusterIdentityArgs;
import com.pulumi.azure.authorization.Assignment;
import com.pulumi.azure.authorization.AssignmentArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new ResourceGroup("example", ResourceGroupArgs.builder()
.name("example-resources")
.location("West Europe")
.build());
var exampleRegistry = new Registry("exampleRegistry", RegistryArgs.builder()
.name("containerRegistry1")
.resourceGroupName(example.name())
.location(example.location())
.sku("Premium")
.build());
var exampleKubernetesCluster = new KubernetesCluster("exampleKubernetesCluster", KubernetesClusterArgs.builder()
.name("example-aks1")
.location(example.location())
.resourceGroupName(example.name())
.dnsPrefix("exampleaks1")
.defaultNodePool(KubernetesClusterDefaultNodePoolArgs.builder()
.name("default")
.nodeCount(1)
.vmSize("Standard_D2_v2")
.build())
.identity(KubernetesClusterIdentityArgs.builder()
.type("SystemAssigned")
.build())
.tags(Map.of("Environment", "Production"))
.build());
var exampleAssignment = new Assignment("exampleAssignment", AssignmentArgs.builder()
.principalId(exampleKubernetesCluster.kubeletIdentity().applyValue(kubeletIdentity -> kubeletIdentity.objectId()))
.roleDefinitionName("AcrPull")
.scope(exampleRegistry.id())
.skipServicePrincipalAadCheck(true)
.build());
}
}
resources:
example:
type: azure:core:ResourceGroup
properties:
name: example-resources
location: West Europe
exampleRegistry:
type: azure:containerservice:Registry
name: example
properties:
name: containerRegistry1
resourceGroupName: ${example.name}
location: ${example.location}
sku: Premium
exampleKubernetesCluster:
type: azure:containerservice:KubernetesCluster
name: example
properties:
name: example-aks1
location: ${example.location}
resourceGroupName: ${example.name}
dnsPrefix: exampleaks1
defaultNodePool:
name: default
nodeCount: 1
vmSize: Standard_D2_v2
identity:
type: SystemAssigned
tags:
Environment: Production
exampleAssignment:
type: azure:authorization:Assignment
name: example
properties:
principalId: ${exampleKubernetesCluster.kubeletIdentity.objectId}
roleDefinitionName: AcrPull
scope: ${exampleRegistry.id}
skipServicePrincipalAadCheck: true
Create Registry Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new Registry(name: string, args: RegistryArgs, opts?: CustomResourceOptions);@overload
def Registry(resource_name: str,
args: RegistryArgs,
opts: Optional[ResourceOptions] = None)
@overload
def Registry(resource_name: str,
opts: Optional[ResourceOptions] = None,
resource_group_name: Optional[str] = None,
sku: Optional[str] = None,
name: Optional[str] = None,
public_network_access_enabled: Optional[bool] = None,
export_policy_enabled: Optional[bool] = None,
georeplications: Optional[Sequence[RegistryGeoreplicationArgs]] = None,
identity: Optional[RegistryIdentityArgs] = None,
location: Optional[str] = None,
admin_enabled: Optional[bool] = None,
network_rule_bypass_option: Optional[str] = None,
network_rule_set: Optional[RegistryNetworkRuleSetArgs] = None,
encryption: Optional[RegistryEncryptionArgs] = None,
quarantine_policy_enabled: Optional[bool] = None,
data_endpoint_enabled: Optional[bool] = None,
retention_policy: Optional[RegistryRetentionPolicyArgs] = None,
anonymous_pull_enabled: Optional[bool] = None,
tags: Optional[Mapping[str, str]] = None,
trust_policy: Optional[RegistryTrustPolicyArgs] = None,
zone_redundancy_enabled: Optional[bool] = None)func NewRegistry(ctx *Context, name string, args RegistryArgs, opts ...ResourceOption) (*Registry, error)public Registry(string name, RegistryArgs args, CustomResourceOptions? opts = null)
public Registry(String name, RegistryArgs args)
public Registry(String name, RegistryArgs args, CustomResourceOptions options)
type: azure:containerservice:Registry
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args RegistryArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args RegistryArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args RegistryArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args RegistryArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args RegistryArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Example
The following reference example uses placeholder values for all input properties.
var registryResource = new Azure.ContainerService.Registry("registryResource", new()
{
ResourceGroupName = "string",
Sku = "string",
Name = "string",
PublicNetworkAccessEnabled = false,
ExportPolicyEnabled = false,
Georeplications = new[]
{
new Azure.ContainerService.Inputs.RegistryGeoreplicationArgs
{
Location = "string",
RegionalEndpointEnabled = false,
Tags =
{
{ "string", "string" },
},
ZoneRedundancyEnabled = false,
},
},
Identity = new Azure.ContainerService.Inputs.RegistryIdentityArgs
{
Type = "string",
IdentityIds = new[]
{
"string",
},
PrincipalId = "string",
TenantId = "string",
},
Location = "string",
AdminEnabled = false,
NetworkRuleBypassOption = "string",
NetworkRuleSet = new Azure.ContainerService.Inputs.RegistryNetworkRuleSetArgs
{
DefaultAction = "string",
IpRules = new[]
{
new Azure.ContainerService.Inputs.RegistryNetworkRuleSetIpRuleArgs
{
Action = "string",
IpRange = "string",
},
},
},
Encryption = new Azure.ContainerService.Inputs.RegistryEncryptionArgs
{
IdentityClientId = "string",
KeyVaultKeyId = "string",
Enabled = false,
},
QuarantinePolicyEnabled = false,
DataEndpointEnabled = false,
RetentionPolicy = new Azure.ContainerService.Inputs.RegistryRetentionPolicyArgs
{
Days = 0,
Enabled = false,
},
AnonymousPullEnabled = false,
Tags =
{
{ "string", "string" },
},
TrustPolicy = new Azure.ContainerService.Inputs.RegistryTrustPolicyArgs
{
Enabled = false,
},
ZoneRedundancyEnabled = false,
});
example, err := containerservice.NewRegistry(ctx, "registryResource", &containerservice.RegistryArgs{
ResourceGroupName: pulumi.String("string"),
Sku: pulumi.String("string"),
Name: pulumi.String("string"),
PublicNetworkAccessEnabled: pulumi.Bool(false),
ExportPolicyEnabled: pulumi.Bool(false),
Georeplications: containerservice.RegistryGeoreplicationArray{
&containerservice.RegistryGeoreplicationArgs{
Location: pulumi.String("string"),
RegionalEndpointEnabled: pulumi.Bool(false),
Tags: pulumi.StringMap{
"string": pulumi.String("string"),
},
ZoneRedundancyEnabled: pulumi.Bool(false),
},
},
Identity: &containerservice.RegistryIdentityArgs{
Type: pulumi.String("string"),
IdentityIds: pulumi.StringArray{
pulumi.String("string"),
},
PrincipalId: pulumi.String("string"),
TenantId: pulumi.String("string"),
},
Location: pulumi.String("string"),
AdminEnabled: pulumi.Bool(false),
NetworkRuleBypassOption: pulumi.String("string"),
NetworkRuleSet: &containerservice.RegistryNetworkRuleSetArgs{
DefaultAction: pulumi.String("string"),
IpRules: containerservice.RegistryNetworkRuleSetIpRuleArray{
&containerservice.RegistryNetworkRuleSetIpRuleArgs{
Action: pulumi.String("string"),
IpRange: pulumi.String("string"),
},
},
},
Encryption: &containerservice.RegistryEncryptionArgs{
IdentityClientId: pulumi.String("string"),
KeyVaultKeyId: pulumi.String("string"),
Enabled: pulumi.Bool(false),
},
QuarantinePolicyEnabled: pulumi.Bool(false),
DataEndpointEnabled: pulumi.Bool(false),
RetentionPolicy: &containerservice.RegistryRetentionPolicyArgs{
Days: pulumi.Int(0),
Enabled: pulumi.Bool(false),
},
AnonymousPullEnabled: pulumi.Bool(false),
Tags: pulumi.StringMap{
"string": pulumi.String("string"),
},
TrustPolicy: &containerservice.RegistryTrustPolicyArgs{
Enabled: pulumi.Bool(false),
},
ZoneRedundancyEnabled: pulumi.Bool(false),
})
var registryResource = new Registry("registryResource", RegistryArgs.builder()
.resourceGroupName("string")
.sku("string")
.name("string")
.publicNetworkAccessEnabled(false)
.exportPolicyEnabled(false)
.georeplications(RegistryGeoreplicationArgs.builder()
.location("string")
.regionalEndpointEnabled(false)
.tags(Map.of("string", "string"))
.zoneRedundancyEnabled(false)
.build())
.identity(RegistryIdentityArgs.builder()
.type("string")
.identityIds("string")
.principalId("string")
.tenantId("string")
.build())
.location("string")
.adminEnabled(false)
.networkRuleBypassOption("string")
.networkRuleSet(RegistryNetworkRuleSetArgs.builder()
.defaultAction("string")
.ipRules(RegistryNetworkRuleSetIpRuleArgs.builder()
.action("string")
.ipRange("string")
.build())
.build())
.encryption(RegistryEncryptionArgs.builder()
.identityClientId("string")
.keyVaultKeyId("string")
.enabled(false)
.build())
.quarantinePolicyEnabled(false)
.dataEndpointEnabled(false)
.retentionPolicy(RegistryRetentionPolicyArgs.builder()
.days(0)
.enabled(false)
.build())
.anonymousPullEnabled(false)
.tags(Map.of("string", "string"))
.trustPolicy(RegistryTrustPolicyArgs.builder()
.enabled(false)
.build())
.zoneRedundancyEnabled(false)
.build());
registry_resource = azure.containerservice.Registry("registryResource",
resource_group_name="string",
sku="string",
name="string",
public_network_access_enabled=False,
export_policy_enabled=False,
georeplications=[azure.containerservice.RegistryGeoreplicationArgs(
location="string",
regional_endpoint_enabled=False,
tags={
"string": "string",
},
zone_redundancy_enabled=False,
)],
identity=azure.containerservice.RegistryIdentityArgs(
type="string",
identity_ids=["string"],
principal_id="string",
tenant_id="string",
),
location="string",
admin_enabled=False,
network_rule_bypass_option="string",
network_rule_set=azure.containerservice.RegistryNetworkRuleSetArgs(
default_action="string",
ip_rules=[azure.containerservice.RegistryNetworkRuleSetIpRuleArgs(
action="string",
ip_range="string",
)],
),
encryption=azure.containerservice.RegistryEncryptionArgs(
identity_client_id="string",
key_vault_key_id="string",
enabled=False,
),
quarantine_policy_enabled=False,
data_endpoint_enabled=False,
retention_policy=azure.containerservice.RegistryRetentionPolicyArgs(
days=0,
enabled=False,
),
anonymous_pull_enabled=False,
tags={
"string": "string",
},
trust_policy=azure.containerservice.RegistryTrustPolicyArgs(
enabled=False,
),
zone_redundancy_enabled=False)
const registryResource = new azure.containerservice.Registry("registryResource", {
resourceGroupName: "string",
sku: "string",
name: "string",
publicNetworkAccessEnabled: false,
exportPolicyEnabled: false,
georeplications: [{
location: "string",
regionalEndpointEnabled: false,
tags: {
string: "string",
},
zoneRedundancyEnabled: false,
}],
identity: {
type: "string",
identityIds: ["string"],
principalId: "string",
tenantId: "string",
},
location: "string",
adminEnabled: false,
networkRuleBypassOption: "string",
networkRuleSet: {
defaultAction: "string",
ipRules: [{
action: "string",
ipRange: "string",
}],
},
encryption: {
identityClientId: "string",
keyVaultKeyId: "string",
enabled: false,
},
quarantinePolicyEnabled: false,
dataEndpointEnabled: false,
retentionPolicy: {
days: 0,
enabled: false,
},
anonymousPullEnabled: false,
tags: {
string: "string",
},
trustPolicy: {
enabled: false,
},
zoneRedundancyEnabled: false,
});
type: azure:containerservice:Registry
properties:
adminEnabled: false
anonymousPullEnabled: false
dataEndpointEnabled: false
encryption:
enabled: false
identityClientId: string
keyVaultKeyId: string
exportPolicyEnabled: false
georeplications:
- location: string
regionalEndpointEnabled: false
tags:
string: string
zoneRedundancyEnabled: false
identity:
identityIds:
- string
principalId: string
tenantId: string
type: string
location: string
name: string
networkRuleBypassOption: string
networkRuleSet:
defaultAction: string
ipRules:
- action: string
ipRange: string
publicNetworkAccessEnabled: false
quarantinePolicyEnabled: false
resourceGroupName: string
retentionPolicy:
days: 0
enabled: false
sku: string
tags:
string: string
trustPolicy:
enabled: false
zoneRedundancyEnabled: false
Registry Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The Registry resource accepts the following input properties:
- Resource
Group stringName - The name of the resource group in which to create the Container Registry. Changing this forces a new resource to be created.
- Sku string
- The SKU name of the container registry. Possible values are
Basic,StandardandPremium. - Admin
Enabled bool - Specifies whether the admin user is enabled. Defaults to
false. - Anonymous
Pull boolEnabled - Whether allows anonymous (unauthenticated) pull access to this Container Registry? This is only supported on resources with the
StandardorPremiumSKU. - Data
Endpoint boolEnabled - Whether to enable dedicated data endpoints for this Container Registry? This is only supported on resources with the
PremiumSKU. - Encryption
Registry
Encryption - An
encryptionblock as documented below. - Export
Policy boolEnabled Boolean value that indicates whether export policy is enabled. Defaults to
true. In order to set it tofalse, make sure thepublic_network_access_enabledis also set tofalse.NOTE:
quarantine_policy_enabled,retention_policy,trust_policy,export_policy_enabledandzone_redundancy_enabledare only supported on resources with thePremiumSKU.- Georeplications
List<Registry
Georeplication> A
georeplicationsblock as documented below.NOTE: The
georeplicationsis only supported on new resources with thePremiumSKU.NOTE: The
georeplicationslist cannot contain the location where the Container Registry exists.NOTE: If more than one
georeplicationsblock is specified, they are expected to follow the alphabetic order on thelocationproperty.- Identity
Registry
Identity - An
identityblock as defined below. - Location string
- Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
- Name string
- Specifies the name of the Container Registry. Only Alphanumeric characters allowed. Changing this forces a new resource to be created.
- Network
Rule stringBypass Option - Whether to allow trusted Azure services to access a network restricted Container Registry? Possible values are
NoneandAzureServices. Defaults toAzureServices. - Network
Rule RegistrySet Network Rule Set - A
network_rule_setblock as documented below. - Public
Network boolAccess Enabled - Whether public network access is allowed for the container registry. Defaults to
true. - Quarantine
Policy boolEnabled - Boolean value that indicates whether quarantine policy is enabled.
- Retention
Policy RegistryRetention Policy - A
retention_policyblock as documented below. - Dictionary<string, string>
- A mapping of tags to assign to the resource.
- Trust
Policy RegistryTrust Policy - A
trust_policyblock as documented below. - Zone
Redundancy boolEnabled - Whether zone redundancy is enabled for this Container Registry? Changing this forces a new resource to be created. Defaults to
false.
- Resource
Group stringName - The name of the resource group in which to create the Container Registry. Changing this forces a new resource to be created.
- Sku string
- The SKU name of the container registry. Possible values are
Basic,StandardandPremium. - Admin
Enabled bool - Specifies whether the admin user is enabled. Defaults to
false. - Anonymous
Pull boolEnabled - Whether allows anonymous (unauthenticated) pull access to this Container Registry? This is only supported on resources with the
StandardorPremiumSKU. - Data
Endpoint boolEnabled - Whether to enable dedicated data endpoints for this Container Registry? This is only supported on resources with the
PremiumSKU. - Encryption
Registry
Encryption Args - An
encryptionblock as documented below. - Export
Policy boolEnabled Boolean value that indicates whether export policy is enabled. Defaults to
true. In order to set it tofalse, make sure thepublic_network_access_enabledis also set tofalse.NOTE:
quarantine_policy_enabled,retention_policy,trust_policy,export_policy_enabledandzone_redundancy_enabledare only supported on resources with thePremiumSKU.- Georeplications
[]Registry
Georeplication Args A
georeplicationsblock as documented below.NOTE: The
georeplicationsis only supported on new resources with thePremiumSKU.NOTE: The
georeplicationslist cannot contain the location where the Container Registry exists.NOTE: If more than one
georeplicationsblock is specified, they are expected to follow the alphabetic order on thelocationproperty.- Identity
Registry
Identity Args - An
identityblock as defined below. - Location string
- Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
- Name string
- Specifies the name of the Container Registry. Only Alphanumeric characters allowed. Changing this forces a new resource to be created.
- Network
Rule stringBypass Option - Whether to allow trusted Azure services to access a network restricted Container Registry? Possible values are
NoneandAzureServices. Defaults toAzureServices. - Network
Rule RegistrySet Network Rule Set Args - A
network_rule_setblock as documented below. - Public
Network boolAccess Enabled - Whether public network access is allowed for the container registry. Defaults to
true. - Quarantine
Policy boolEnabled - Boolean value that indicates whether quarantine policy is enabled.
- Retention
Policy RegistryRetention Policy Args - A
retention_policyblock as documented below. - map[string]string
- A mapping of tags to assign to the resource.
- Trust
Policy RegistryTrust Policy Args - A
trust_policyblock as documented below. - Zone
Redundancy boolEnabled - Whether zone redundancy is enabled for this Container Registry? Changing this forces a new resource to be created. Defaults to
false.
- resource
Group StringName - The name of the resource group in which to create the Container Registry. Changing this forces a new resource to be created.
- sku String
- The SKU name of the container registry. Possible values are
Basic,StandardandPremium. - admin
Enabled Boolean - Specifies whether the admin user is enabled. Defaults to
false. - anonymous
Pull BooleanEnabled - Whether allows anonymous (unauthenticated) pull access to this Container Registry? This is only supported on resources with the
StandardorPremiumSKU. - data
Endpoint BooleanEnabled - Whether to enable dedicated data endpoints for this Container Registry? This is only supported on resources with the
PremiumSKU. - encryption
Registry
Encryption - An
encryptionblock as documented below. - export
Policy BooleanEnabled Boolean value that indicates whether export policy is enabled. Defaults to
true. In order to set it tofalse, make sure thepublic_network_access_enabledis also set tofalse.NOTE:
quarantine_policy_enabled,retention_policy,trust_policy,export_policy_enabledandzone_redundancy_enabledare only supported on resources with thePremiumSKU.- georeplications
List<Registry
Georeplication> A
georeplicationsblock as documented below.NOTE: The
georeplicationsis only supported on new resources with thePremiumSKU.NOTE: The
georeplicationslist cannot contain the location where the Container Registry exists.NOTE: If more than one
georeplicationsblock is specified, they are expected to follow the alphabetic order on thelocationproperty.- identity
Registry
Identity - An
identityblock as defined below. - location String
- Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
- name String
- Specifies the name of the Container Registry. Only Alphanumeric characters allowed. Changing this forces a new resource to be created.
- network
Rule StringBypass Option - Whether to allow trusted Azure services to access a network restricted Container Registry? Possible values are
NoneandAzureServices. Defaults toAzureServices. - network
Rule RegistrySet Network Rule Set - A
network_rule_setblock as documented below. - public
Network BooleanAccess Enabled - Whether public network access is allowed for the container registry. Defaults to
true. - quarantine
Policy BooleanEnabled - Boolean value that indicates whether quarantine policy is enabled.
- retention
Policy RegistryRetention Policy - A
retention_policyblock as documented below. - Map<String,String>
- A mapping of tags to assign to the resource.
- trust
Policy RegistryTrust Policy - A
trust_policyblock as documented below. - zone
Redundancy BooleanEnabled - Whether zone redundancy is enabled for this Container Registry? Changing this forces a new resource to be created. Defaults to
false.
- resource
Group stringName - The name of the resource group in which to create the Container Registry. Changing this forces a new resource to be created.
- sku string
- The SKU name of the container registry. Possible values are
Basic,StandardandPremium. - admin
Enabled boolean - Specifies whether the admin user is enabled. Defaults to
false. - anonymous
Pull booleanEnabled - Whether allows anonymous (unauthenticated) pull access to this Container Registry? This is only supported on resources with the
StandardorPremiumSKU. - data
Endpoint booleanEnabled - Whether to enable dedicated data endpoints for this Container Registry? This is only supported on resources with the
PremiumSKU. - encryption
Registry
Encryption - An
encryptionblock as documented below. - export
Policy booleanEnabled Boolean value that indicates whether export policy is enabled. Defaults to
true. In order to set it tofalse, make sure thepublic_network_access_enabledis also set tofalse.NOTE:
quarantine_policy_enabled,retention_policy,trust_policy,export_policy_enabledandzone_redundancy_enabledare only supported on resources with thePremiumSKU.- georeplications
Registry
Georeplication[] A
georeplicationsblock as documented below.NOTE: The
georeplicationsis only supported on new resources with thePremiumSKU.NOTE: The
georeplicationslist cannot contain the location where the Container Registry exists.NOTE: If more than one
georeplicationsblock is specified, they are expected to follow the alphabetic order on thelocationproperty.- identity
Registry
Identity - An
identityblock as defined below. - location string
- Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
- name string
- Specifies the name of the Container Registry. Only Alphanumeric characters allowed. Changing this forces a new resource to be created.
- network
Rule stringBypass Option - Whether to allow trusted Azure services to access a network restricted Container Registry? Possible values are
NoneandAzureServices. Defaults toAzureServices. - network
Rule RegistrySet Network Rule Set - A
network_rule_setblock as documented below. - public
Network booleanAccess Enabled - Whether public network access is allowed for the container registry. Defaults to
true. - quarantine
Policy booleanEnabled - Boolean value that indicates whether quarantine policy is enabled.
- retention
Policy RegistryRetention Policy - A
retention_policyblock as documented below. - {[key: string]: string}
- A mapping of tags to assign to the resource.
- trust
Policy RegistryTrust Policy - A
trust_policyblock as documented below. - zone
Redundancy booleanEnabled - Whether zone redundancy is enabled for this Container Registry? Changing this forces a new resource to be created. Defaults to
false.
- resource_
group_ strname - The name of the resource group in which to create the Container Registry. Changing this forces a new resource to be created.
- sku str
- The SKU name of the container registry. Possible values are
Basic,StandardandPremium. - admin_
enabled bool - Specifies whether the admin user is enabled. Defaults to
false. - anonymous_
pull_ boolenabled - Whether allows anonymous (unauthenticated) pull access to this Container Registry? This is only supported on resources with the
StandardorPremiumSKU. - data_
endpoint_ boolenabled - Whether to enable dedicated data endpoints for this Container Registry? This is only supported on resources with the
PremiumSKU. - encryption
Registry
Encryption Args - An
encryptionblock as documented below. - export_
policy_ boolenabled Boolean value that indicates whether export policy is enabled. Defaults to
true. In order to set it tofalse, make sure thepublic_network_access_enabledis also set tofalse.NOTE:
quarantine_policy_enabled,retention_policy,trust_policy,export_policy_enabledandzone_redundancy_enabledare only supported on resources with thePremiumSKU.- georeplications
Sequence[Registry
Georeplication Args] A
georeplicationsblock as documented below.NOTE: The
georeplicationsis only supported on new resources with thePremiumSKU.NOTE: The
georeplicationslist cannot contain the location where the Container Registry exists.NOTE: If more than one
georeplicationsblock is specified, they are expected to follow the alphabetic order on thelocationproperty.- identity
Registry
Identity Args - An
identityblock as defined below. - location str
- Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
- name str
- Specifies the name of the Container Registry. Only Alphanumeric characters allowed. Changing this forces a new resource to be created.
- network_
rule_ strbypass_ option - Whether to allow trusted Azure services to access a network restricted Container Registry? Possible values are
NoneandAzureServices. Defaults toAzureServices. - network_
rule_ Registryset Network Rule Set Args - A
network_rule_setblock as documented below. - public_
network_ boolaccess_ enabled - Whether public network access is allowed for the container registry. Defaults to
true. - quarantine_
policy_ boolenabled - Boolean value that indicates whether quarantine policy is enabled.
- retention_
policy RegistryRetention Policy Args - A
retention_policyblock as documented below. - Mapping[str, str]
- A mapping of tags to assign to the resource.
- trust_
policy RegistryTrust Policy Args - A
trust_policyblock as documented below. - zone_
redundancy_ boolenabled - Whether zone redundancy is enabled for this Container Registry? Changing this forces a new resource to be created. Defaults to
false.
- resource
Group StringName - The name of the resource group in which to create the Container Registry. Changing this forces a new resource to be created.
- sku String
- The SKU name of the container registry. Possible values are
Basic,StandardandPremium. - admin
Enabled Boolean - Specifies whether the admin user is enabled. Defaults to
false. - anonymous
Pull BooleanEnabled - Whether allows anonymous (unauthenticated) pull access to this Container Registry? This is only supported on resources with the
StandardorPremiumSKU. - data
Endpoint BooleanEnabled - Whether to enable dedicated data endpoints for this Container Registry? This is only supported on resources with the
PremiumSKU. - encryption Property Map
- An
encryptionblock as documented below. - export
Policy BooleanEnabled Boolean value that indicates whether export policy is enabled. Defaults to
true. In order to set it tofalse, make sure thepublic_network_access_enabledis also set tofalse.NOTE:
quarantine_policy_enabled,retention_policy,trust_policy,export_policy_enabledandzone_redundancy_enabledare only supported on resources with thePremiumSKU.- georeplications List<Property Map>
A
georeplicationsblock as documented below.NOTE: The
georeplicationsis only supported on new resources with thePremiumSKU.NOTE: The
georeplicationslist cannot contain the location where the Container Registry exists.NOTE: If more than one
georeplicationsblock is specified, they are expected to follow the alphabetic order on thelocationproperty.- identity Property Map
- An
identityblock as defined below. - location String
- Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
- name String
- Specifies the name of the Container Registry. Only Alphanumeric characters allowed. Changing this forces a new resource to be created.
- network
Rule StringBypass Option - Whether to allow trusted Azure services to access a network restricted Container Registry? Possible values are
NoneandAzureServices. Defaults toAzureServices. - network
Rule Property MapSet - A
network_rule_setblock as documented below. - public
Network BooleanAccess Enabled - Whether public network access is allowed for the container registry. Defaults to
true. - quarantine
Policy BooleanEnabled - Boolean value that indicates whether quarantine policy is enabled.
- retention
Policy Property Map - A
retention_policyblock as documented below. - Map<String>
- A mapping of tags to assign to the resource.
- trust
Policy Property Map - A
trust_policyblock as documented below. - zone
Redundancy BooleanEnabled - Whether zone redundancy is enabled for this Container Registry? Changing this forces a new resource to be created. Defaults to
false.
Outputs
All input properties are implicitly available as output properties. Additionally, the Registry resource produces the following output properties:
- Admin
Password string - The Password associated with the Container Registry Admin account - if the admin account is enabled.
- Admin
Username string - The Username associated with the Container Registry Admin account - if the admin account is enabled.
- Id string
- The provider-assigned unique ID for this managed resource.
- Login
Server string - The URL that can be used to log into the container registry.
- Admin
Password string - The Password associated with the Container Registry Admin account - if the admin account is enabled.
- Admin
Username string - The Username associated with the Container Registry Admin account - if the admin account is enabled.
- Id string
- The provider-assigned unique ID for this managed resource.
- Login
Server string - The URL that can be used to log into the container registry.
- admin
Password String - The Password associated with the Container Registry Admin account - if the admin account is enabled.
- admin
Username String - The Username associated with the Container Registry Admin account - if the admin account is enabled.
- id String
- The provider-assigned unique ID for this managed resource.
- login
Server String - The URL that can be used to log into the container registry.
- admin
Password string - The Password associated with the Container Registry Admin account - if the admin account is enabled.
- admin
Username string - The Username associated with the Container Registry Admin account - if the admin account is enabled.
- id string
- The provider-assigned unique ID for this managed resource.
- login
Server string - The URL that can be used to log into the container registry.
- admin_
password str - The Password associated with the Container Registry Admin account - if the admin account is enabled.
- admin_
username str - The Username associated with the Container Registry Admin account - if the admin account is enabled.
- id str
- The provider-assigned unique ID for this managed resource.
- login_
server str - The URL that can be used to log into the container registry.
- admin
Password String - The Password associated with the Container Registry Admin account - if the admin account is enabled.
- admin
Username String - The Username associated with the Container Registry Admin account - if the admin account is enabled.
- id String
- The provider-assigned unique ID for this managed resource.
- login
Server String - The URL that can be used to log into the container registry.
Look up Existing Registry Resource
Get an existing Registry resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: RegistryState, opts?: CustomResourceOptions): Registry@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
admin_enabled: Optional[bool] = None,
admin_password: Optional[str] = None,
admin_username: Optional[str] = None,
anonymous_pull_enabled: Optional[bool] = None,
data_endpoint_enabled: Optional[bool] = None,
encryption: Optional[RegistryEncryptionArgs] = None,
export_policy_enabled: Optional[bool] = None,
georeplications: Optional[Sequence[RegistryGeoreplicationArgs]] = None,
identity: Optional[RegistryIdentityArgs] = None,
location: Optional[str] = None,
login_server: Optional[str] = None,
name: Optional[str] = None,
network_rule_bypass_option: Optional[str] = None,
network_rule_set: Optional[RegistryNetworkRuleSetArgs] = None,
public_network_access_enabled: Optional[bool] = None,
quarantine_policy_enabled: Optional[bool] = None,
resource_group_name: Optional[str] = None,
retention_policy: Optional[RegistryRetentionPolicyArgs] = None,
sku: Optional[str] = None,
tags: Optional[Mapping[str, str]] = None,
trust_policy: Optional[RegistryTrustPolicyArgs] = None,
zone_redundancy_enabled: Optional[bool] = None) -> Registryfunc GetRegistry(ctx *Context, name string, id IDInput, state *RegistryState, opts ...ResourceOption) (*Registry, error)public static Registry Get(string name, Input<string> id, RegistryState? state, CustomResourceOptions? opts = null)public static Registry get(String name, Output<String> id, RegistryState state, CustomResourceOptions options)Resource lookup is not supported in YAML- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Admin
Enabled bool - Specifies whether the admin user is enabled. Defaults to
false. - Admin
Password string - The Password associated with the Container Registry Admin account - if the admin account is enabled.
- Admin
Username string - The Username associated with the Container Registry Admin account - if the admin account is enabled.
- Anonymous
Pull boolEnabled - Whether allows anonymous (unauthenticated) pull access to this Container Registry? This is only supported on resources with the
StandardorPremiumSKU. - Data
Endpoint boolEnabled - Whether to enable dedicated data endpoints for this Container Registry? This is only supported on resources with the
PremiumSKU. - Encryption
Registry
Encryption - An
encryptionblock as documented below. - Export
Policy boolEnabled Boolean value that indicates whether export policy is enabled. Defaults to
true. In order to set it tofalse, make sure thepublic_network_access_enabledis also set tofalse.NOTE:
quarantine_policy_enabled,retention_policy,trust_policy,export_policy_enabledandzone_redundancy_enabledare only supported on resources with thePremiumSKU.- Georeplications
List<Registry
Georeplication> A
georeplicationsblock as documented below.NOTE: The
georeplicationsis only supported on new resources with thePremiumSKU.NOTE: The
georeplicationslist cannot contain the location where the Container Registry exists.NOTE: If more than one
georeplicationsblock is specified, they are expected to follow the alphabetic order on thelocationproperty.- Identity
Registry
Identity - An
identityblock as defined below. - Location string
- Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
- Login
Server string - The URL that can be used to log into the container registry.
- Name string
- Specifies the name of the Container Registry. Only Alphanumeric characters allowed. Changing this forces a new resource to be created.
- Network
Rule stringBypass Option - Whether to allow trusted Azure services to access a network restricted Container Registry? Possible values are
NoneandAzureServices. Defaults toAzureServices. - Network
Rule RegistrySet Network Rule Set - A
network_rule_setblock as documented below. - Public
Network boolAccess Enabled - Whether public network access is allowed for the container registry. Defaults to
true. - Quarantine
Policy boolEnabled - Boolean value that indicates whether quarantine policy is enabled.
- Resource
Group stringName - The name of the resource group in which to create the Container Registry. Changing this forces a new resource to be created.
- Retention
Policy RegistryRetention Policy - A
retention_policyblock as documented below. - Sku string
- The SKU name of the container registry. Possible values are
Basic,StandardandPremium. - Dictionary<string, string>
- A mapping of tags to assign to the resource.
- Trust
Policy RegistryTrust Policy - A
trust_policyblock as documented below. - Zone
Redundancy boolEnabled - Whether zone redundancy is enabled for this Container Registry? Changing this forces a new resource to be created. Defaults to
false.
- Admin
Enabled bool - Specifies whether the admin user is enabled. Defaults to
false. - Admin
Password string - The Password associated with the Container Registry Admin account - if the admin account is enabled.
- Admin
Username string - The Username associated with the Container Registry Admin account - if the admin account is enabled.
- Anonymous
Pull boolEnabled - Whether allows anonymous (unauthenticated) pull access to this Container Registry? This is only supported on resources with the
StandardorPremiumSKU. - Data
Endpoint boolEnabled - Whether to enable dedicated data endpoints for this Container Registry? This is only supported on resources with the
PremiumSKU. - Encryption
Registry
Encryption Args - An
encryptionblock as documented below. - Export
Policy boolEnabled Boolean value that indicates whether export policy is enabled. Defaults to
true. In order to set it tofalse, make sure thepublic_network_access_enabledis also set tofalse.NOTE:
quarantine_policy_enabled,retention_policy,trust_policy,export_policy_enabledandzone_redundancy_enabledare only supported on resources with thePremiumSKU.- Georeplications
[]Registry
Georeplication Args A
georeplicationsblock as documented below.NOTE: The
georeplicationsis only supported on new resources with thePremiumSKU.NOTE: The
georeplicationslist cannot contain the location where the Container Registry exists.NOTE: If more than one
georeplicationsblock is specified, they are expected to follow the alphabetic order on thelocationproperty.- Identity
Registry
Identity Args - An
identityblock as defined below. - Location string
- Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
- Login
Server string - The URL that can be used to log into the container registry.
- Name string
- Specifies the name of the Container Registry. Only Alphanumeric characters allowed. Changing this forces a new resource to be created.
- Network
Rule stringBypass Option - Whether to allow trusted Azure services to access a network restricted Container Registry? Possible values are
NoneandAzureServices. Defaults toAzureServices. - Network
Rule RegistrySet Network Rule Set Args - A
network_rule_setblock as documented below. - Public
Network boolAccess Enabled - Whether public network access is allowed for the container registry. Defaults to
true. - Quarantine
Policy boolEnabled - Boolean value that indicates whether quarantine policy is enabled.
- Resource
Group stringName - The name of the resource group in which to create the Container Registry. Changing this forces a new resource to be created.
- Retention
Policy RegistryRetention Policy Args - A
retention_policyblock as documented below. - Sku string
- The SKU name of the container registry. Possible values are
Basic,StandardandPremium. - map[string]string
- A mapping of tags to assign to the resource.
- Trust
Policy RegistryTrust Policy Args - A
trust_policyblock as documented below. - Zone
Redundancy boolEnabled - Whether zone redundancy is enabled for this Container Registry? Changing this forces a new resource to be created. Defaults to
false.
- admin
Enabled Boolean - Specifies whether the admin user is enabled. Defaults to
false. - admin
Password String - The Password associated with the Container Registry Admin account - if the admin account is enabled.
- admin
Username String - The Username associated with the Container Registry Admin account - if the admin account is enabled.
- anonymous
Pull BooleanEnabled - Whether allows anonymous (unauthenticated) pull access to this Container Registry? This is only supported on resources with the
StandardorPremiumSKU. - data
Endpoint BooleanEnabled - Whether to enable dedicated data endpoints for this Container Registry? This is only supported on resources with the
PremiumSKU. - encryption
Registry
Encryption - An
encryptionblock as documented below. - export
Policy BooleanEnabled Boolean value that indicates whether export policy is enabled. Defaults to
true. In order to set it tofalse, make sure thepublic_network_access_enabledis also set tofalse.NOTE:
quarantine_policy_enabled,retention_policy,trust_policy,export_policy_enabledandzone_redundancy_enabledare only supported on resources with thePremiumSKU.- georeplications
List<Registry
Georeplication> A
georeplicationsblock as documented below.NOTE: The
georeplicationsis only supported on new resources with thePremiumSKU.NOTE: The
georeplicationslist cannot contain the location where the Container Registry exists.NOTE: If more than one
georeplicationsblock is specified, they are expected to follow the alphabetic order on thelocationproperty.- identity
Registry
Identity - An
identityblock as defined below. - location String
- Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
- login
Server String - The URL that can be used to log into the container registry.
- name String
- Specifies the name of the Container Registry. Only Alphanumeric characters allowed. Changing this forces a new resource to be created.
- network
Rule StringBypass Option - Whether to allow trusted Azure services to access a network restricted Container Registry? Possible values are
NoneandAzureServices. Defaults toAzureServices. - network
Rule RegistrySet Network Rule Set - A
network_rule_setblock as documented below. - public
Network BooleanAccess Enabled - Whether public network access is allowed for the container registry. Defaults to
true. - quarantine
Policy BooleanEnabled - Boolean value that indicates whether quarantine policy is enabled.
- resource
Group StringName - The name of the resource group in which to create the Container Registry. Changing this forces a new resource to be created.
- retention
Policy RegistryRetention Policy - A
retention_policyblock as documented below. - sku String
- The SKU name of the container registry. Possible values are
Basic,StandardandPremium. - Map<String,String>
- A mapping of tags to assign to the resource.
- trust
Policy RegistryTrust Policy - A
trust_policyblock as documented below. - zone
Redundancy BooleanEnabled - Whether zone redundancy is enabled for this Container Registry? Changing this forces a new resource to be created. Defaults to
false.
- admin
Enabled boolean - Specifies whether the admin user is enabled. Defaults to
false. - admin
Password string - The Password associated with the Container Registry Admin account - if the admin account is enabled.
- admin
Username string - The Username associated with the Container Registry Admin account - if the admin account is enabled.
- anonymous
Pull booleanEnabled - Whether allows anonymous (unauthenticated) pull access to this Container Registry? This is only supported on resources with the
StandardorPremiumSKU. - data
Endpoint booleanEnabled - Whether to enable dedicated data endpoints for this Container Registry? This is only supported on resources with the
PremiumSKU. - encryption
Registry
Encryption - An
encryptionblock as documented below. - export
Policy booleanEnabled Boolean value that indicates whether export policy is enabled. Defaults to
true. In order to set it tofalse, make sure thepublic_network_access_enabledis also set tofalse.NOTE:
quarantine_policy_enabled,retention_policy,trust_policy,export_policy_enabledandzone_redundancy_enabledare only supported on resources with thePremiumSKU.- georeplications
Registry
Georeplication[] A
georeplicationsblock as documented below.NOTE: The
georeplicationsis only supported on new resources with thePremiumSKU.NOTE: The
georeplicationslist cannot contain the location where the Container Registry exists.NOTE: If more than one
georeplicationsblock is specified, they are expected to follow the alphabetic order on thelocationproperty.- identity
Registry
Identity - An
identityblock as defined below. - location string
- Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
- login
Server string - The URL that can be used to log into the container registry.
- name string
- Specifies the name of the Container Registry. Only Alphanumeric characters allowed. Changing this forces a new resource to be created.
- network
Rule stringBypass Option - Whether to allow trusted Azure services to access a network restricted Container Registry? Possible values are
NoneandAzureServices. Defaults toAzureServices. - network
Rule RegistrySet Network Rule Set - A
network_rule_setblock as documented below. - public
Network booleanAccess Enabled - Whether public network access is allowed for the container registry. Defaults to
true. - quarantine
Policy booleanEnabled - Boolean value that indicates whether quarantine policy is enabled.
- resource
Group stringName - The name of the resource group in which to create the Container Registry. Changing this forces a new resource to be created.
- retention
Policy RegistryRetention Policy - A
retention_policyblock as documented below. - sku string
- The SKU name of the container registry. Possible values are
Basic,StandardandPremium. - {[key: string]: string}
- A mapping of tags to assign to the resource.
- trust
Policy RegistryTrust Policy - A
trust_policyblock as documented below. - zone
Redundancy booleanEnabled - Whether zone redundancy is enabled for this Container Registry? Changing this forces a new resource to be created. Defaults to
false.
- admin_
enabled bool - Specifies whether the admin user is enabled. Defaults to
false. - admin_
password str - The Password associated with the Container Registry Admin account - if the admin account is enabled.
- admin_
username str - The Username associated with the Container Registry Admin account - if the admin account is enabled.
- anonymous_
pull_ boolenabled - Whether allows anonymous (unauthenticated) pull access to this Container Registry? This is only supported on resources with the
StandardorPremiumSKU. - data_
endpoint_ boolenabled - Whether to enable dedicated data endpoints for this Container Registry? This is only supported on resources with the
PremiumSKU. - encryption
Registry
Encryption Args - An
encryptionblock as documented below. - export_
policy_ boolenabled Boolean value that indicates whether export policy is enabled. Defaults to
true. In order to set it tofalse, make sure thepublic_network_access_enabledis also set tofalse.NOTE:
quarantine_policy_enabled,retention_policy,trust_policy,export_policy_enabledandzone_redundancy_enabledare only supported on resources with thePremiumSKU.- georeplications
Sequence[Registry
Georeplication Args] A
georeplicationsblock as documented below.NOTE: The
georeplicationsis only supported on new resources with thePremiumSKU.NOTE: The
georeplicationslist cannot contain the location where the Container Registry exists.NOTE: If more than one
georeplicationsblock is specified, they are expected to follow the alphabetic order on thelocationproperty.- identity
Registry
Identity Args - An
identityblock as defined below. - location str
- Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
- login_
server str - The URL that can be used to log into the container registry.
- name str
- Specifies the name of the Container Registry. Only Alphanumeric characters allowed. Changing this forces a new resource to be created.
- network_
rule_ strbypass_ option - Whether to allow trusted Azure services to access a network restricted Container Registry? Possible values are
NoneandAzureServices. Defaults toAzureServices. - network_
rule_ Registryset Network Rule Set Args - A
network_rule_setblock as documented below. - public_
network_ boolaccess_ enabled - Whether public network access is allowed for the container registry. Defaults to
true. - quarantine_
policy_ boolenabled - Boolean value that indicates whether quarantine policy is enabled.
- resource_
group_ strname - The name of the resource group in which to create the Container Registry. Changing this forces a new resource to be created.
- retention_
policy RegistryRetention Policy Args - A
retention_policyblock as documented below. - sku str
- The SKU name of the container registry. Possible values are
Basic,StandardandPremium. - Mapping[str, str]
- A mapping of tags to assign to the resource.
- trust_
policy RegistryTrust Policy Args - A
trust_policyblock as documented below. - zone_
redundancy_ boolenabled - Whether zone redundancy is enabled for this Container Registry? Changing this forces a new resource to be created. Defaults to
false.
- admin
Enabled Boolean - Specifies whether the admin user is enabled. Defaults to
false. - admin
Password String - The Password associated with the Container Registry Admin account - if the admin account is enabled.
- admin
Username String - The Username associated with the Container Registry Admin account - if the admin account is enabled.
- anonymous
Pull BooleanEnabled - Whether allows anonymous (unauthenticated) pull access to this Container Registry? This is only supported on resources with the
StandardorPremiumSKU. - data
Endpoint BooleanEnabled - Whether to enable dedicated data endpoints for this Container Registry? This is only supported on resources with the
PremiumSKU. - encryption Property Map
- An
encryptionblock as documented below. - export
Policy BooleanEnabled Boolean value that indicates whether export policy is enabled. Defaults to
true. In order to set it tofalse, make sure thepublic_network_access_enabledis also set tofalse.NOTE:
quarantine_policy_enabled,retention_policy,trust_policy,export_policy_enabledandzone_redundancy_enabledare only supported on resources with thePremiumSKU.- georeplications List<Property Map>
A
georeplicationsblock as documented below.NOTE: The
georeplicationsis only supported on new resources with thePremiumSKU.NOTE: The
georeplicationslist cannot contain the location where the Container Registry exists.NOTE: If more than one
georeplicationsblock is specified, they are expected to follow the alphabetic order on thelocationproperty.- identity Property Map
- An
identityblock as defined below. - location String
- Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
- login
Server String - The URL that can be used to log into the container registry.
- name String
- Specifies the name of the Container Registry. Only Alphanumeric characters allowed. Changing this forces a new resource to be created.
- network
Rule StringBypass Option - Whether to allow trusted Azure services to access a network restricted Container Registry? Possible values are
NoneandAzureServices. Defaults toAzureServices. - network
Rule Property MapSet - A
network_rule_setblock as documented below. - public
Network BooleanAccess Enabled - Whether public network access is allowed for the container registry. Defaults to
true. - quarantine
Policy BooleanEnabled - Boolean value that indicates whether quarantine policy is enabled.
- resource
Group StringName - The name of the resource group in which to create the Container Registry. Changing this forces a new resource to be created.
- retention
Policy Property Map - A
retention_policyblock as documented below. - sku String
- The SKU name of the container registry. Possible values are
Basic,StandardandPremium. - Map<String>
- A mapping of tags to assign to the resource.
- trust
Policy Property Map - A
trust_policyblock as documented below. - zone
Redundancy BooleanEnabled - Whether zone redundancy is enabled for this Container Registry? Changing this forces a new resource to be created. Defaults to
false.
Supporting Types
RegistryEncryption, RegistryEncryptionArgs
- Identity
Client stringId The client ID of the managed identity associated with the encryption key.
NOTE The managed identity used in
encryptionalso needs to be part of theidentityblock underidentity_ids- Key
Vault stringKey Id - The ID of the Key Vault Key.
- Enabled bool
- Boolean value that indicates whether encryption is enabled.
- Identity
Client stringId The client ID of the managed identity associated with the encryption key.
NOTE The managed identity used in
encryptionalso needs to be part of theidentityblock underidentity_ids- Key
Vault stringKey Id - The ID of the Key Vault Key.
- Enabled bool
- Boolean value that indicates whether encryption is enabled.
- identity
Client StringId The client ID of the managed identity associated with the encryption key.
NOTE The managed identity used in
encryptionalso needs to be part of theidentityblock underidentity_ids- key
Vault StringKey Id - The ID of the Key Vault Key.
- enabled Boolean
- Boolean value that indicates whether encryption is enabled.
- identity
Client stringId The client ID of the managed identity associated with the encryption key.
NOTE The managed identity used in
encryptionalso needs to be part of theidentityblock underidentity_ids- key
Vault stringKey Id - The ID of the Key Vault Key.
- enabled boolean
- Boolean value that indicates whether encryption is enabled.
- identity_
client_ strid The client ID of the managed identity associated with the encryption key.
NOTE The managed identity used in
encryptionalso needs to be part of theidentityblock underidentity_ids- key_
vault_ strkey_ id - The ID of the Key Vault Key.
- enabled bool
- Boolean value that indicates whether encryption is enabled.
- identity
Client StringId The client ID of the managed identity associated with the encryption key.
NOTE The managed identity used in
encryptionalso needs to be part of theidentityblock underidentity_ids- key
Vault StringKey Id - The ID of the Key Vault Key.
- enabled Boolean
- Boolean value that indicates whether encryption is enabled.
RegistryGeoreplication, RegistryGeoreplicationArgs
- Location string
- A location where the container registry should be geo-replicated.
- Regional
Endpoint boolEnabled - Whether regional endpoint is enabled for this Container Registry?
- Dictionary<string, string>
- A mapping of tags to assign to this replication location.
- Zone
Redundancy boolEnabled Whether zone redundancy is enabled for this replication location? Defaults to
false.NOTE: Changing the
zone_redundancy_enabledforces the a underlying replication to be created.
- Location string
- A location where the container registry should be geo-replicated.
- Regional
Endpoint boolEnabled - Whether regional endpoint is enabled for this Container Registry?
- map[string]string
- A mapping of tags to assign to this replication location.
- Zone
Redundancy boolEnabled Whether zone redundancy is enabled for this replication location? Defaults to
false.NOTE: Changing the
zone_redundancy_enabledforces the a underlying replication to be created.
- location String
- A location where the container registry should be geo-replicated.
- regional
Endpoint BooleanEnabled - Whether regional endpoint is enabled for this Container Registry?
- Map<String,String>
- A mapping of tags to assign to this replication location.
- zone
Redundancy BooleanEnabled Whether zone redundancy is enabled for this replication location? Defaults to
false.NOTE: Changing the
zone_redundancy_enabledforces the a underlying replication to be created.
- location string
- A location where the container registry should be geo-replicated.
- regional
Endpoint booleanEnabled - Whether regional endpoint is enabled for this Container Registry?
- {[key: string]: string}
- A mapping of tags to assign to this replication location.
- zone
Redundancy booleanEnabled Whether zone redundancy is enabled for this replication location? Defaults to
false.NOTE: Changing the
zone_redundancy_enabledforces the a underlying replication to be created.
- location str
- A location where the container registry should be geo-replicated.
- regional_
endpoint_ boolenabled - Whether regional endpoint is enabled for this Container Registry?
- Mapping[str, str]
- A mapping of tags to assign to this replication location.
- zone_
redundancy_ boolenabled Whether zone redundancy is enabled for this replication location? Defaults to
false.NOTE: Changing the
zone_redundancy_enabledforces the a underlying replication to be created.
- location String
- A location where the container registry should be geo-replicated.
- regional
Endpoint BooleanEnabled - Whether regional endpoint is enabled for this Container Registry?
- Map<String>
- A mapping of tags to assign to this replication location.
- zone
Redundancy BooleanEnabled Whether zone redundancy is enabled for this replication location? Defaults to
false.NOTE: Changing the
zone_redundancy_enabledforces the a underlying replication to be created.
RegistryIdentity, RegistryIdentityArgs
- Type string
- Specifies the type of Managed Service Identity that should be configured on this Container Registry. Possible values are
SystemAssigned,UserAssigned,SystemAssigned, UserAssigned(to enable both). - Identity
Ids List<string> Specifies a list of User Assigned Managed Identity IDs to be assigned to this Container Registry.
NOTE: This is required when
typeis set toUserAssignedorSystemAssigned, UserAssigned.- Principal
Id string - The Principal ID associated with this Managed Service Identity.
- Tenant
Id string - The Tenant ID associated with this Managed Service Identity.
- Type string
- Specifies the type of Managed Service Identity that should be configured on this Container Registry. Possible values are
SystemAssigned,UserAssigned,SystemAssigned, UserAssigned(to enable both). - Identity
Ids []string Specifies a list of User Assigned Managed Identity IDs to be assigned to this Container Registry.
NOTE: This is required when
typeis set toUserAssignedorSystemAssigned, UserAssigned.- Principal
Id string - The Principal ID associated with this Managed Service Identity.
- Tenant
Id string - The Tenant ID associated with this Managed Service Identity.
- type String
- Specifies the type of Managed Service Identity that should be configured on this Container Registry. Possible values are
SystemAssigned,UserAssigned,SystemAssigned, UserAssigned(to enable both). - identity
Ids List<String> Specifies a list of User Assigned Managed Identity IDs to be assigned to this Container Registry.
NOTE: This is required when
typeis set toUserAssignedorSystemAssigned, UserAssigned.- principal
Id String - The Principal ID associated with this Managed Service Identity.
- tenant
Id String - The Tenant ID associated with this Managed Service Identity.
- type string
- Specifies the type of Managed Service Identity that should be configured on this Container Registry. Possible values are
SystemAssigned,UserAssigned,SystemAssigned, UserAssigned(to enable both). - identity
Ids string[] Specifies a list of User Assigned Managed Identity IDs to be assigned to this Container Registry.
NOTE: This is required when
typeis set toUserAssignedorSystemAssigned, UserAssigned.- principal
Id string - The Principal ID associated with this Managed Service Identity.
- tenant
Id string - The Tenant ID associated with this Managed Service Identity.
- type str
- Specifies the type of Managed Service Identity that should be configured on this Container Registry. Possible values are
SystemAssigned,UserAssigned,SystemAssigned, UserAssigned(to enable both). - identity_
ids Sequence[str] Specifies a list of User Assigned Managed Identity IDs to be assigned to this Container Registry.
NOTE: This is required when
typeis set toUserAssignedorSystemAssigned, UserAssigned.- principal_
id str - The Principal ID associated with this Managed Service Identity.
- tenant_
id str - The Tenant ID associated with this Managed Service Identity.
- type String
- Specifies the type of Managed Service Identity that should be configured on this Container Registry. Possible values are
SystemAssigned,UserAssigned,SystemAssigned, UserAssigned(to enable both). - identity
Ids List<String> Specifies a list of User Assigned Managed Identity IDs to be assigned to this Container Registry.
NOTE: This is required when
typeis set toUserAssignedorSystemAssigned, UserAssigned.- principal
Id String - The Principal ID associated with this Managed Service Identity.
- tenant
Id String - The Tenant ID associated with this Managed Service Identity.
RegistryNetworkRuleSet, RegistryNetworkRuleSetArgs
- Default
Action string - The behaviour for requests matching no rules. Either
AlloworDeny. Defaults toAllow - Ip
Rules List<RegistryNetwork Rule Set Ip Rule> One or more
ip_ruleblocks as defined below.NOTE:
network_rule_setis only supported with thePremiumSKU at this time.NOTE: Azure automatically configures Network Rules - to remove these you'll need to specify an
network_rule_setblock withdefault_actionset toDeny.- Virtual
Networks List<RegistryNetwork Rule Set Virtual Network>
- Default
Action string - The behaviour for requests matching no rules. Either
AlloworDeny. Defaults toAllow - Ip
Rules []RegistryNetwork Rule Set Ip Rule One or more
ip_ruleblocks as defined below.NOTE:
network_rule_setis only supported with thePremiumSKU at this time.NOTE: Azure automatically configures Network Rules - to remove these you'll need to specify an
network_rule_setblock withdefault_actionset toDeny.- Virtual
Networks []RegistryNetwork Rule Set Virtual Network
- default
Action String - The behaviour for requests matching no rules. Either
AlloworDeny. Defaults toAllow - ip
Rules List<RegistryNetwork Rule Set Ip Rule> One or more
ip_ruleblocks as defined below.NOTE:
network_rule_setis only supported with thePremiumSKU at this time.NOTE: Azure automatically configures Network Rules - to remove these you'll need to specify an
network_rule_setblock withdefault_actionset toDeny.- virtual
Networks List<RegistryNetwork Rule Set Virtual Network>
- default
Action string - The behaviour for requests matching no rules. Either
AlloworDeny. Defaults toAllow - ip
Rules RegistryNetwork Rule Set Ip Rule[] One or more
ip_ruleblocks as defined below.NOTE:
network_rule_setis only supported with thePremiumSKU at this time.NOTE: Azure automatically configures Network Rules - to remove these you'll need to specify an
network_rule_setblock withdefault_actionset toDeny.- virtual
Networks RegistryNetwork Rule Set Virtual Network[]
- default_
action str - The behaviour for requests matching no rules. Either
AlloworDeny. Defaults toAllow - ip_
rules Sequence[RegistryNetwork Rule Set Ip Rule] One or more
ip_ruleblocks as defined below.NOTE:
network_rule_setis only supported with thePremiumSKU at this time.NOTE: Azure automatically configures Network Rules - to remove these you'll need to specify an
network_rule_setblock withdefault_actionset toDeny.- virtual_
networks Sequence[RegistryNetwork Rule Set Virtual Network]
- default
Action String - The behaviour for requests matching no rules. Either
AlloworDeny. Defaults toAllow - ip
Rules List<Property Map> One or more
ip_ruleblocks as defined below.NOTE:
network_rule_setis only supported with thePremiumSKU at this time.NOTE: Azure automatically configures Network Rules - to remove these you'll need to specify an
network_rule_setblock withdefault_actionset toDeny.- virtual
Networks List<Property Map>
RegistryNetworkRuleSetIpRule, RegistryNetworkRuleSetIpRuleArgs
RegistryNetworkRuleSetVirtualNetwork, RegistryNetworkRuleSetVirtualNetworkArgs
RegistryRetentionPolicy, RegistryRetentionPolicyArgs
RegistryTrustPolicy, RegistryTrustPolicyArgs
- Enabled bool
- Boolean value that indicates whether the policy is enabled.
- Enabled bool
- Boolean value that indicates whether the policy is enabled.
- enabled Boolean
- Boolean value that indicates whether the policy is enabled.
- enabled boolean
- Boolean value that indicates whether the policy is enabled.
- enabled bool
- Boolean value that indicates whether the policy is enabled.
- enabled Boolean
- Boolean value that indicates whether the policy is enabled.
Import
Container Registries can be imported using the resource id, e.g.
$ pulumi import azure:containerservice/registry:Registry example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mygroup1/providers/Microsoft.ContainerRegistry/registries/myregistry1
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Azure Classic pulumi/pulumi-azure
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
azurermTerraform Provider.