Welcome to Pulumi Registry, your window into the cloud. Read the announcement.

Azure Classic

v4.28.0 published on Monday, Nov 22, 2021 by Pulumi

Registry

Manages an Azure Container Registry.

Example Usage

using Pulumi;
using Azure = Pulumi.Azure;

class MyStack : Stack
{
    public MyStack()
    {
        var rg = new Azure.Core.ResourceGroup("rg", new Azure.Core.ResourceGroupArgs
        {
            Location = "West Europe",
        });
        var acr = new Azure.ContainerService.Registry("acr", new Azure.ContainerService.RegistryArgs
        {
            ResourceGroupName = rg.Name,
            Location = rg.Location,
            Sku = "Premium",
            AdminEnabled = false,
            Georeplications = 
            {
                new Azure.ContainerService.Inputs.RegistryGeoreplicationArgs
                {
                    Location = "East US",
                    ZoneRedundancyEnabled = true,
                    Tags = ,
                },
                new Azure.ContainerService.Inputs.RegistryGeoreplicationArgs
                {
                    Location = "westeurope",
                    ZoneRedundancyEnabled = true,
                    Tags = ,
                },
            },
        });
    }

}
package main

import (
	"github.com/pulumi/pulumi-azure/sdk/v4/go/azure/containerservice"
	"github.com/pulumi/pulumi-azure/sdk/v4/go/azure/core"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		rg, err := core.NewResourceGroup(ctx, "rg", &core.ResourceGroupArgs{
			Location: pulumi.String("West Europe"),
		})
		if err != nil {
			return err
		}
		_, err = containerservice.NewRegistry(ctx, "acr", &containerservice.RegistryArgs{
			ResourceGroupName: rg.Name,
			Location:          rg.Location,
			Sku:               pulumi.String("Premium"),
			AdminEnabled:      pulumi.Bool(false),
			Georeplications: containerservice.RegistryGeoreplicationArray{
				&containerservice.RegistryGeoreplicationArgs{
					Location:              pulumi.String("East US"),
					ZoneRedundancyEnabled: pulumi.Bool(true),
					Tags:                  nil,
				},
				&containerservice.RegistryGeoreplicationArgs{
					Location:              pulumi.String("westeurope"),
					ZoneRedundancyEnabled: pulumi.Bool(true),
					Tags:                  nil,
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}
import pulumi
import pulumi_azure as azure

rg = azure.core.ResourceGroup("rg", location="West Europe")
acr = azure.containerservice.Registry("acr",
    resource_group_name=rg.name,
    location=rg.location,
    sku="Premium",
    admin_enabled=False,
    georeplications=[
        azure.containerservice.RegistryGeoreplicationArgs(
            location="East US",
            zone_redundancy_enabled=True,
            tags={},
        ),
        azure.containerservice.RegistryGeoreplicationArgs(
            location="westeurope",
            zone_redundancy_enabled=True,
            tags={},
        ),
    ])
import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";

const rg = new azure.core.ResourceGroup("rg", {location: "West Europe"});
const acr = new azure.containerservice.Registry("acr", {
    resourceGroupName: rg.name,
    location: rg.location,
    sku: "Premium",
    adminEnabled: false,
    georeplications: [
        {
            location: "East US",
            zoneRedundancyEnabled: true,
            tags: {},
        },
        {
            location: "westeurope",
            zoneRedundancyEnabled: true,
            tags: {},
        },
    ],
});

Encryption)

using Pulumi;
using Azure = Pulumi.Azure;

class MyStack : Stack
{
    public MyStack()
    {
        var rg = new Azure.Core.ResourceGroup("rg", new Azure.Core.ResourceGroupArgs
        {
            Location = "West Europe",
        });
        var exampleUserAssignedIdentity = new Azure.Authorization.UserAssignedIdentity("exampleUserAssignedIdentity", new Azure.Authorization.UserAssignedIdentityArgs
        {
            ResourceGroupName = azurerm_resource_group.Example.Name,
            Location = azurerm_resource_group.Example.Location,
        });
        var exampleKey = Output.Create(Azure.KeyVault.GetKey.InvokeAsync(new Azure.KeyVault.GetKeyArgs
        {
            Name = "super-secret",
            KeyVaultId = data.Azurerm_key_vault.Existing.Id,
        }));
        var acr = new Azure.ContainerService.Registry("acr", new Azure.ContainerService.RegistryArgs
        {
            ResourceGroupName = rg.Name,
            Location = rg.Location,
            Sku = "Premium",
            Identity = new Azure.ContainerService.Inputs.RegistryIdentityArgs
            {
                Type = "UserAssigned",
                IdentityIds = 
                {
                    exampleUserAssignedIdentity.Id,
                },
            },
            Encryption = new Azure.ContainerService.Inputs.RegistryEncryptionArgs
            {
                Enabled = true,
                KeyVaultKeyId = exampleKey.Apply(exampleKey => exampleKey.Id),
                IdentityClientId = exampleUserAssignedIdentity.ClientId,
            },
        });
    }

}
package main

import (
	"github.com/pulumi/pulumi-azure/sdk/v4/go/azure/authorization"
	"github.com/pulumi/pulumi-azure/sdk/v4/go/azure/containerservice"
	"github.com/pulumi/pulumi-azure/sdk/v4/go/azure/core"
	"github.com/pulumi/pulumi-azure/sdk/v4/go/azure/keyvault"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		rg, err := core.NewResourceGroup(ctx, "rg", &core.ResourceGroupArgs{
			Location: pulumi.String("West Europe"),
		})
		if err != nil {
			return err
		}
		exampleUserAssignedIdentity, err := authorization.NewUserAssignedIdentity(ctx, "exampleUserAssignedIdentity", &authorization.UserAssignedIdentityArgs{
			ResourceGroupName: pulumi.Any(azurerm_resource_group.Example.Name),
			Location:          pulumi.Any(azurerm_resource_group.Example.Location),
		})
		if err != nil {
			return err
		}
		exampleKey, err := keyvault.LookupKey(ctx, &keyvault.LookupKeyArgs{
			Name:       "super-secret",
			KeyVaultId: data.Azurerm_key_vault.Existing.Id,
		}, nil)
		if err != nil {
			return err
		}
		_, err = containerservice.NewRegistry(ctx, "acr", &containerservice.RegistryArgs{
			ResourceGroupName: rg.Name,
			Location:          rg.Location,
			Sku:               pulumi.String("Premium"),
			Identity: &containerservice.RegistryIdentityArgs{
				Type: pulumi.String("UserAssigned"),
				IdentityIds: pulumi.StringArray{
					exampleUserAssignedIdentity.ID(),
				},
			},
			Encryption: &containerservice.RegistryEncryptionArgs{
				Enabled:          pulumi.Bool(true),
				KeyVaultKeyId:    pulumi.String(exampleKey.Id),
				IdentityClientId: exampleUserAssignedIdentity.ClientId,
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}
import pulumi
import pulumi_azure as azure

rg = azure.core.ResourceGroup("rg", location="West Europe")
example_user_assigned_identity = azure.authorization.UserAssignedIdentity("exampleUserAssignedIdentity",
    resource_group_name=azurerm_resource_group["example"]["name"],
    location=azurerm_resource_group["example"]["location"])
example_key = azure.keyvault.get_key(name="super-secret",
    key_vault_id=data["azurerm_key_vault"]["existing"]["id"])
acr = azure.containerservice.Registry("acr",
    resource_group_name=rg.name,
    location=rg.location,
    sku="Premium",
    identity=azure.containerservice.RegistryIdentityArgs(
        type="UserAssigned",
        identity_ids=[example_user_assigned_identity.id],
    ),
    encryption=azure.containerservice.RegistryEncryptionArgs(
        enabled=True,
        key_vault_key_id=example_key.id,
        identity_client_id=example_user_assigned_identity.client_id,
    ))
import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";

const rg = new azure.core.ResourceGroup("rg", {location: "West Europe"});
const exampleUserAssignedIdentity = new azure.authorization.UserAssignedIdentity("exampleUserAssignedIdentity", {
    resourceGroupName: azurerm_resource_group.example.name,
    location: azurerm_resource_group.example.location,
});
const exampleKey = azure.keyvault.getKey({
    name: "super-secret",
    keyVaultId: data.azurerm_key_vault.existing.id,
});
const acr = new azure.containerservice.Registry("acr", {
    resourceGroupName: rg.name,
    location: rg.location,
    sku: "Premium",
    identity: {
        type: "UserAssigned",
        identityIds: [exampleUserAssignedIdentity.id],
    },
    encryption: {
        enabled: true,
        keyVaultKeyId: exampleKey.then(exampleKey => exampleKey.id),
        identityClientId: exampleUserAssignedIdentity.clientId,
    },
});

Create a Registry Resource

new Registry(name: string, args: RegistryArgs, opts?: CustomResourceOptions);
@overload
def Registry(resource_name: str,
             opts: Optional[ResourceOptions] = None,
             admin_enabled: Optional[bool] = None,
             anonymous_pull_enabled: Optional[bool] = None,
             data_endpoint_enabled: Optional[bool] = None,
             encryption: Optional[RegistryEncryptionArgs] = None,
             georeplication_locations: Optional[Sequence[str]] = None,
             georeplications: Optional[Sequence[RegistryGeoreplicationArgs]] = None,
             identity: Optional[RegistryIdentityArgs] = None,
             location: Optional[str] = None,
             name: Optional[str] = None,
             network_rule_bypass_option: Optional[str] = None,
             network_rule_set: Optional[RegistryNetworkRuleSetArgs] = None,
             public_network_access_enabled: Optional[bool] = None,
             quarantine_policy_enabled: Optional[bool] = None,
             resource_group_name: Optional[str] = None,
             retention_policy: Optional[RegistryRetentionPolicyArgs] = None,
             sku: Optional[str] = None,
             storage_account_id: Optional[str] = None,
             tags: Optional[Mapping[str, str]] = None,
             trust_policy: Optional[RegistryTrustPolicyArgs] = None,
             zone_redundancy_enabled: Optional[bool] = None)
@overload
def Registry(resource_name: str,
             args: RegistryArgs,
             opts: Optional[ResourceOptions] = None)
func NewRegistry(ctx *Context, name string, args RegistryArgs, opts ...ResourceOption) (*Registry, error)
public Registry(string name, RegistryArgs args, CustomResourceOptions? opts = null)
name string
The unique name of the resource.
args RegistryArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
args RegistryArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args RegistryArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args RegistryArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.

Registry Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The Registry resource accepts the following input properties:

ResourceGroupName string
The name of the resource group in which to create the Container Registry. Changing this forces a new resource to be created.
AdminEnabled bool
Specifies whether the admin user is enabled. Defaults to false.
AnonymousPullEnabled bool
Whether allows anonymous (unauthenticated) pull access to this Container Registry? Defaults to false. This is only supported on resources with the Standard or Premium SKU.
DataEndpointEnabled bool
Whether to enable dedicated data endpoints for this Container Registry? Defaults to false. This is only supported on resources with the Premium SKU.
Encryption RegistryEncryptionArgs
An encryption block as documented below.
GeoreplicationLocations List<string>
A list of Azure locations where the container registry should be geo-replicated.

Deprecated: Deprecated in favour of georeplications

Georeplications List<RegistryGeoreplicationArgs>
A georeplications block as documented below.
Identity RegistryIdentityArgs
An identity block as defined below.
Location string
Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
Name string
Specifies the name of the Container Registry. Changing this forces a new resource to be created.
NetworkRuleBypassOption string
Whether to allow trusted Azure services to access a network restricted Container Registry? Possible values are None and AzureServices. Defaults to AzureServices.
NetworkRuleSet RegistryNetworkRuleSetArgs
A network_rule_set block as documented below.
PublicNetworkAccessEnabled bool
Whether public network access is allowed for the container registry. Defaults to true.
QuarantinePolicyEnabled bool
Boolean value that indicates whether quarantine policy is enabled. Defaults to false.
RetentionPolicy RegistryRetentionPolicyArgs
A retention_policy block as documented below.
Sku string
The SKU name of the container registry. Possible values are Basic, Standard and Premium. Classic (which was previously Basic) is supported only for existing resources.
StorageAccountId string

Deprecated: this attribute is no longer recognized by the API and is not functional anymore, thus this property will be removed in v3.0

Tags Dictionary<string, string>
A mapping of tags to assign to the resource.
TrustPolicy RegistryTrustPolicyArgs
A trust_policy block as documented below.
ZoneRedundancyEnabled bool
Whether zone redundancy is enabled for this Container Registry? Changing this forces a new resource to be created. Defaults to false.
ResourceGroupName string
The name of the resource group in which to create the Container Registry. Changing this forces a new resource to be created.
AdminEnabled bool
Specifies whether the admin user is enabled. Defaults to false.
AnonymousPullEnabled bool
Whether allows anonymous (unauthenticated) pull access to this Container Registry? Defaults to false. This is only supported on resources with the Standard or Premium SKU.
DataEndpointEnabled bool
Whether to enable dedicated data endpoints for this Container Registry? Defaults to false. This is only supported on resources with the Premium SKU.
Encryption RegistryEncryptionArgs
An encryption block as documented below.
GeoreplicationLocations []string
A list of Azure locations where the container registry should be geo-replicated.

Deprecated: Deprecated in favour of georeplications

Georeplications []RegistryGeoreplicationArgs
A georeplications block as documented below.
Identity RegistryIdentityArgs
An identity block as defined below.
Location string
Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
Name string
Specifies the name of the Container Registry. Changing this forces a new resource to be created.
NetworkRuleBypassOption string
Whether to allow trusted Azure services to access a network restricted Container Registry? Possible values are None and AzureServices. Defaults to AzureServices.
NetworkRuleSet RegistryNetworkRuleSetArgs
A network_rule_set block as documented below.
PublicNetworkAccessEnabled bool
Whether public network access is allowed for the container registry. Defaults to true.
QuarantinePolicyEnabled bool
Boolean value that indicates whether quarantine policy is enabled. Defaults to false.
RetentionPolicy RegistryRetentionPolicyArgs
A retention_policy block as documented below.
Sku string
The SKU name of the container registry. Possible values are Basic, Standard and Premium. Classic (which was previously Basic) is supported only for existing resources.
StorageAccountId string

Deprecated: this attribute is no longer recognized by the API and is not functional anymore, thus this property will be removed in v3.0

Tags map[string]string
A mapping of tags to assign to the resource.
TrustPolicy RegistryTrustPolicyArgs
A trust_policy block as documented below.
ZoneRedundancyEnabled bool
Whether zone redundancy is enabled for this Container Registry? Changing this forces a new resource to be created. Defaults to false.
resourceGroupName string
The name of the resource group in which to create the Container Registry. Changing this forces a new resource to be created.
adminEnabled boolean
Specifies whether the admin user is enabled. Defaults to false.
anonymousPullEnabled boolean
Whether allows anonymous (unauthenticated) pull access to this Container Registry? Defaults to false. This is only supported on resources with the Standard or Premium SKU.
dataEndpointEnabled boolean
Whether to enable dedicated data endpoints for this Container Registry? Defaults to false. This is only supported on resources with the Premium SKU.
encryption RegistryEncryptionArgs
An encryption block as documented below.
georeplicationLocations string[]
A list of Azure locations where the container registry should be geo-replicated.

Deprecated: Deprecated in favour of georeplications

georeplications RegistryGeoreplicationArgs[]
A georeplications block as documented below.
identity RegistryIdentityArgs
An identity block as defined below.
location string
Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
name string
Specifies the name of the Container Registry. Changing this forces a new resource to be created.
networkRuleBypassOption string
Whether to allow trusted Azure services to access a network restricted Container Registry? Possible values are None and AzureServices. Defaults to AzureServices.
networkRuleSet RegistryNetworkRuleSetArgs
A network_rule_set block as documented below.
publicNetworkAccessEnabled boolean
Whether public network access is allowed for the container registry. Defaults to true.
quarantinePolicyEnabled boolean
Boolean value that indicates whether quarantine policy is enabled. Defaults to false.
retentionPolicy RegistryRetentionPolicyArgs
A retention_policy block as documented below.
sku string
The SKU name of the container registry. Possible values are Basic, Standard and Premium. Classic (which was previously Basic) is supported only for existing resources.
storageAccountId string

Deprecated: this attribute is no longer recognized by the API and is not functional anymore, thus this property will be removed in v3.0

tags {[key: string]: string}
A mapping of tags to assign to the resource.
trustPolicy RegistryTrustPolicyArgs
A trust_policy block as documented below.
zoneRedundancyEnabled boolean
Whether zone redundancy is enabled for this Container Registry? Changing this forces a new resource to be created. Defaults to false.
resource_group_name str
The name of the resource group in which to create the Container Registry. Changing this forces a new resource to be created.
admin_enabled bool
Specifies whether the admin user is enabled. Defaults to false.
anonymous_pull_enabled bool
Whether allows anonymous (unauthenticated) pull access to this Container Registry? Defaults to false. This is only supported on resources with the Standard or Premium SKU.
data_endpoint_enabled bool
Whether to enable dedicated data endpoints for this Container Registry? Defaults to false. This is only supported on resources with the Premium SKU.
encryption RegistryEncryptionArgs
An encryption block as documented below.
georeplication_locations Sequence[str]
A list of Azure locations where the container registry should be geo-replicated.

Deprecated: Deprecated in favour of georeplications

georeplications Sequence[RegistryGeoreplicationArgs]
A georeplications block as documented below.
identity RegistryIdentityArgs
An identity block as defined below.
location str
Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
name str
Specifies the name of the Container Registry. Changing this forces a new resource to be created.
network_rule_bypass_option str
Whether to allow trusted Azure services to access a network restricted Container Registry? Possible values are None and AzureServices. Defaults to AzureServices.
network_rule_set RegistryNetworkRuleSetArgs
A network_rule_set block as documented below.
public_network_access_enabled bool
Whether public network access is allowed for the container registry. Defaults to true.
quarantine_policy_enabled bool
Boolean value that indicates whether quarantine policy is enabled. Defaults to false.
retention_policy RegistryRetentionPolicyArgs
A retention_policy block as documented below.
sku str
The SKU name of the container registry. Possible values are Basic, Standard and Premium. Classic (which was previously Basic) is supported only for existing resources.
storage_account_id str

Deprecated: this attribute is no longer recognized by the API and is not functional anymore, thus this property will be removed in v3.0

tags Mapping[str, str]
A mapping of tags to assign to the resource.
trust_policy RegistryTrustPolicyArgs
A trust_policy block as documented below.
zone_redundancy_enabled bool
Whether zone redundancy is enabled for this Container Registry? Changing this forces a new resource to be created. Defaults to false.

Outputs

All input properties are implicitly available as output properties. Additionally, the Registry resource produces the following output properties:

AdminPassword string
The Password associated with the Container Registry Admin account - if the admin account is enabled.
AdminUsername string
The Username associated with the Container Registry Admin account - if the admin account is enabled.
Id string
The provider-assigned unique ID for this managed resource.
LoginServer string
The URL that can be used to log into the container registry.
AdminPassword string
The Password associated with the Container Registry Admin account - if the admin account is enabled.
AdminUsername string
The Username associated with the Container Registry Admin account - if the admin account is enabled.
Id string
The provider-assigned unique ID for this managed resource.
LoginServer string
The URL that can be used to log into the container registry.
adminPassword string
The Password associated with the Container Registry Admin account - if the admin account is enabled.
adminUsername string
The Username associated with the Container Registry Admin account - if the admin account is enabled.
id string
The provider-assigned unique ID for this managed resource.
loginServer string
The URL that can be used to log into the container registry.
admin_password str
The Password associated with the Container Registry Admin account - if the admin account is enabled.
admin_username str
The Username associated with the Container Registry Admin account - if the admin account is enabled.
id str
The provider-assigned unique ID for this managed resource.
login_server str
The URL that can be used to log into the container registry.

Look up an Existing Registry Resource

Get an existing Registry resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: RegistryState, opts?: CustomResourceOptions): Registry
@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        admin_enabled: Optional[bool] = None,
        admin_password: Optional[str] = None,
        admin_username: Optional[str] = None,
        anonymous_pull_enabled: Optional[bool] = None,
        data_endpoint_enabled: Optional[bool] = None,
        encryption: Optional[RegistryEncryptionArgs] = None,
        georeplication_locations: Optional[Sequence[str]] = None,
        georeplications: Optional[Sequence[RegistryGeoreplicationArgs]] = None,
        identity: Optional[RegistryIdentityArgs] = None,
        location: Optional[str] = None,
        login_server: Optional[str] = None,
        name: Optional[str] = None,
        network_rule_bypass_option: Optional[str] = None,
        network_rule_set: Optional[RegistryNetworkRuleSetArgs] = None,
        public_network_access_enabled: Optional[bool] = None,
        quarantine_policy_enabled: Optional[bool] = None,
        resource_group_name: Optional[str] = None,
        retention_policy: Optional[RegistryRetentionPolicyArgs] = None,
        sku: Optional[str] = None,
        storage_account_id: Optional[str] = None,
        tags: Optional[Mapping[str, str]] = None,
        trust_policy: Optional[RegistryTrustPolicyArgs] = None,
        zone_redundancy_enabled: Optional[bool] = None) -> Registry
func GetRegistry(ctx *Context, name string, id IDInput, state *RegistryState, opts ...ResourceOption) (*Registry, error)
public static Registry Get(string name, Input<string> id, RegistryState? state, CustomResourceOptions? opts = null)
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.

The following state arguments are supported:

AdminEnabled bool
Specifies whether the admin user is enabled. Defaults to false.
AdminPassword string
The Password associated with the Container Registry Admin account - if the admin account is enabled.
AdminUsername string
The Username associated with the Container Registry Admin account - if the admin account is enabled.
AnonymousPullEnabled bool
Whether allows anonymous (unauthenticated) pull access to this Container Registry? Defaults to false. This is only supported on resources with the Standard or Premium SKU.
DataEndpointEnabled bool
Whether to enable dedicated data endpoints for this Container Registry? Defaults to false. This is only supported on resources with the Premium SKU.
Encryption RegistryEncryptionArgs
An encryption block as documented below.
GeoreplicationLocations List<string>
A list of Azure locations where the container registry should be geo-replicated.

Deprecated: Deprecated in favour of georeplications

Georeplications List<RegistryGeoreplicationArgs>
A georeplications block as documented below.
Identity RegistryIdentityArgs
An identity block as defined below.
Location string
Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
LoginServer string
The URL that can be used to log into the container registry.
Name string
Specifies the name of the Container Registry. Changing this forces a new resource to be created.
NetworkRuleBypassOption string
Whether to allow trusted Azure services to access a network restricted Container Registry? Possible values are None and AzureServices. Defaults to AzureServices.
NetworkRuleSet RegistryNetworkRuleSetArgs
A network_rule_set block as documented below.
PublicNetworkAccessEnabled bool
Whether public network access is allowed for the container registry. Defaults to true.
QuarantinePolicyEnabled bool
Boolean value that indicates whether quarantine policy is enabled. Defaults to false.
ResourceGroupName string
The name of the resource group in which to create the Container Registry. Changing this forces a new resource to be created.
RetentionPolicy RegistryRetentionPolicyArgs
A retention_policy block as documented below.
Sku string
The SKU name of the container registry. Possible values are Basic, Standard and Premium. Classic (which was previously Basic) is supported only for existing resources.
StorageAccountId string

Deprecated: this attribute is no longer recognized by the API and is not functional anymore, thus this property will be removed in v3.0

Tags Dictionary<string, string>
A mapping of tags to assign to the resource.
TrustPolicy RegistryTrustPolicyArgs
A trust_policy block as documented below.
ZoneRedundancyEnabled bool
Whether zone redundancy is enabled for this Container Registry? Changing this forces a new resource to be created. Defaults to false.
AdminEnabled bool
Specifies whether the admin user is enabled. Defaults to false.
AdminPassword string
The Password associated with the Container Registry Admin account - if the admin account is enabled.
AdminUsername string
The Username associated with the Container Registry Admin account - if the admin account is enabled.
AnonymousPullEnabled bool
Whether allows anonymous (unauthenticated) pull access to this Container Registry? Defaults to false. This is only supported on resources with the Standard or Premium SKU.
DataEndpointEnabled bool
Whether to enable dedicated data endpoints for this Container Registry? Defaults to false. This is only supported on resources with the Premium SKU.
Encryption RegistryEncryptionArgs
An encryption block as documented below.
GeoreplicationLocations []string
A list of Azure locations where the container registry should be geo-replicated.

Deprecated: Deprecated in favour of georeplications

Georeplications []RegistryGeoreplicationArgs
A georeplications block as documented below.
Identity RegistryIdentityArgs
An identity block as defined below.
Location string
Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
LoginServer string
The URL that can be used to log into the container registry.
Name string
Specifies the name of the Container Registry. Changing this forces a new resource to be created.
NetworkRuleBypassOption string
Whether to allow trusted Azure services to access a network restricted Container Registry? Possible values are None and AzureServices. Defaults to AzureServices.
NetworkRuleSet RegistryNetworkRuleSetArgs
A network_rule_set block as documented below.
PublicNetworkAccessEnabled bool
Whether public network access is allowed for the container registry. Defaults to true.
QuarantinePolicyEnabled bool
Boolean value that indicates whether quarantine policy is enabled. Defaults to false.
ResourceGroupName string
The name of the resource group in which to create the Container Registry. Changing this forces a new resource to be created.
RetentionPolicy RegistryRetentionPolicyArgs
A retention_policy block as documented below.
Sku string
The SKU name of the container registry. Possible values are Basic, Standard and Premium. Classic (which was previously Basic) is supported only for existing resources.
StorageAccountId string

Deprecated: this attribute is no longer recognized by the API and is not functional anymore, thus this property will be removed in v3.0

Tags map[string]string
A mapping of tags to assign to the resource.
TrustPolicy RegistryTrustPolicyArgs
A trust_policy block as documented below.
ZoneRedundancyEnabled bool
Whether zone redundancy is enabled for this Container Registry? Changing this forces a new resource to be created. Defaults to false.
adminEnabled boolean
Specifies whether the admin user is enabled. Defaults to false.
adminPassword string
The Password associated with the Container Registry Admin account - if the admin account is enabled.
adminUsername string
The Username associated with the Container Registry Admin account - if the admin account is enabled.
anonymousPullEnabled boolean
Whether allows anonymous (unauthenticated) pull access to this Container Registry? Defaults to false. This is only supported on resources with the Standard or Premium SKU.
dataEndpointEnabled boolean
Whether to enable dedicated data endpoints for this Container Registry? Defaults to false. This is only supported on resources with the Premium SKU.
encryption RegistryEncryptionArgs
An encryption block as documented below.
georeplicationLocations string[]
A list of Azure locations where the container registry should be geo-replicated.

Deprecated: Deprecated in favour of georeplications

georeplications RegistryGeoreplicationArgs[]
A georeplications block as documented below.
identity RegistryIdentityArgs
An identity block as defined below.
location string
Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
loginServer string
The URL that can be used to log into the container registry.
name string
Specifies the name of the Container Registry. Changing this forces a new resource to be created.
networkRuleBypassOption string
Whether to allow trusted Azure services to access a network restricted Container Registry? Possible values are None and AzureServices. Defaults to AzureServices.
networkRuleSet RegistryNetworkRuleSetArgs
A network_rule_set block as documented below.
publicNetworkAccessEnabled boolean
Whether public network access is allowed for the container registry. Defaults to true.
quarantinePolicyEnabled boolean
Boolean value that indicates whether quarantine policy is enabled. Defaults to false.
resourceGroupName string
The name of the resource group in which to create the Container Registry. Changing this forces a new resource to be created.
retentionPolicy RegistryRetentionPolicyArgs
A retention_policy block as documented below.
sku string
The SKU name of the container registry. Possible values are Basic, Standard and Premium. Classic (which was previously Basic) is supported only for existing resources.
storageAccountId string

Deprecated: this attribute is no longer recognized by the API and is not functional anymore, thus this property will be removed in v3.0

tags {[key: string]: string}
A mapping of tags to assign to the resource.
trustPolicy RegistryTrustPolicyArgs
A trust_policy block as documented below.
zoneRedundancyEnabled boolean
Whether zone redundancy is enabled for this Container Registry? Changing this forces a new resource to be created. Defaults to false.
admin_enabled bool
Specifies whether the admin user is enabled. Defaults to false.
admin_password str
The Password associated with the Container Registry Admin account - if the admin account is enabled.
admin_username str
The Username associated with the Container Registry Admin account - if the admin account is enabled.
anonymous_pull_enabled bool
Whether allows anonymous (unauthenticated) pull access to this Container Registry? Defaults to false. This is only supported on resources with the Standard or Premium SKU.
data_endpoint_enabled bool
Whether to enable dedicated data endpoints for this Container Registry? Defaults to false. This is only supported on resources with the Premium SKU.
encryption RegistryEncryptionArgs
An encryption block as documented below.
georeplication_locations Sequence[str]
A list of Azure locations where the container registry should be geo-replicated.

Deprecated: Deprecated in favour of georeplications

georeplications Sequence[RegistryGeoreplicationArgs]
A georeplications block as documented below.
identity RegistryIdentityArgs
An identity block as defined below.
location str
Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
login_server str
The URL that can be used to log into the container registry.
name str
Specifies the name of the Container Registry. Changing this forces a new resource to be created.
network_rule_bypass_option str
Whether to allow trusted Azure services to access a network restricted Container Registry? Possible values are None and AzureServices. Defaults to AzureServices.
network_rule_set RegistryNetworkRuleSetArgs
A network_rule_set block as documented below.
public_network_access_enabled bool
Whether public network access is allowed for the container registry. Defaults to true.
quarantine_policy_enabled bool
Boolean value that indicates whether quarantine policy is enabled. Defaults to false.
resource_group_name str
The name of the resource group in which to create the Container Registry. Changing this forces a new resource to be created.
retention_policy RegistryRetentionPolicyArgs
A retention_policy block as documented below.
sku str
The SKU name of the container registry. Possible values are Basic, Standard and Premium. Classic (which was previously Basic) is supported only for existing resources.
storage_account_id str

Deprecated: this attribute is no longer recognized by the API and is not functional anymore, thus this property will be removed in v3.0

tags Mapping[str, str]
A mapping of tags to assign to the resource.
trust_policy RegistryTrustPolicyArgs
A trust_policy block as documented below.
zone_redundancy_enabled bool
Whether zone redundancy is enabled for this Container Registry? Changing this forces a new resource to be created. Defaults to false.

Supporting Types

RegistryEncryption

IdentityClientId string
The client ID of the managed identity associated with the encryption key.
KeyVaultKeyId string
The ID of the Key Vault Key.
Enabled bool
Boolean value that indicates whether encryption is enabled.
IdentityClientId string
The client ID of the managed identity associated with the encryption key.
KeyVaultKeyId string
The ID of the Key Vault Key.
Enabled bool
Boolean value that indicates whether encryption is enabled.
identityClientId string
The client ID of the managed identity associated with the encryption key.
keyVaultKeyId string
The ID of the Key Vault Key.
enabled boolean
Boolean value that indicates whether encryption is enabled.
identity_client_id str
The client ID of the managed identity associated with the encryption key.
key_vault_key_id str
The ID of the Key Vault Key.
enabled bool
Boolean value that indicates whether encryption is enabled.

RegistryGeoreplication

Location string
A location where the container registry should be geo-replicated.
RegionalEndpointEnabled bool
Whether regional endpoint is enabled for this Container Registry? Defaults to false.
Tags Dictionary<string, string>
A mapping of tags to assign to this replication location.
ZoneRedundancyEnabled bool
Whether zone redundancy is enabled for this replication location? Defaults to false.
Location string
A location where the container registry should be geo-replicated.
RegionalEndpointEnabled bool
Whether regional endpoint is enabled for this Container Registry? Defaults to false.
Tags map[string]string
A mapping of tags to assign to this replication location.
ZoneRedundancyEnabled bool
Whether zone redundancy is enabled for this replication location? Defaults to false.
location string
A location where the container registry should be geo-replicated.
regionalEndpointEnabled boolean
Whether regional endpoint is enabled for this Container Registry? Defaults to false.
tags {[key: string]: string}
A mapping of tags to assign to this replication location.
zoneRedundancyEnabled boolean
Whether zone redundancy is enabled for this replication location? Defaults to false.
location str
A location where the container registry should be geo-replicated.
regional_endpoint_enabled bool
Whether regional endpoint is enabled for this Container Registry? Defaults to false.
tags Mapping[str, str]
A mapping of tags to assign to this replication location.
zone_redundancy_enabled bool
Whether zone redundancy is enabled for this replication location? Defaults to false.

RegistryIdentity

Type string
The type of Managed Identity which should be assigned to the Container Registry. Possible values are SystemAssigned, UserAssigned and SystemAssigned, UserAssigned.
IdentityIds List<string>
A list of User Managed Identity ID’s which should be assigned to the Container Registry.
PrincipalId string
The Principal ID for the Service Principal associated with the Managed Service Identity of this Container Registry.
TenantId string
The Tenant ID for the Service Principal associated with the Managed Service Identity of this Container Registry.
Type string
The type of Managed Identity which should be assigned to the Container Registry. Possible values are SystemAssigned, UserAssigned and SystemAssigned, UserAssigned.
IdentityIds []string
A list of User Managed Identity ID’s which should be assigned to the Container Registry.
PrincipalId string
The Principal ID for the Service Principal associated with the Managed Service Identity of this Container Registry.
TenantId string
The Tenant ID for the Service Principal associated with the Managed Service Identity of this Container Registry.
type string
The type of Managed Identity which should be assigned to the Container Registry. Possible values are SystemAssigned, UserAssigned and SystemAssigned, UserAssigned.
identityIds string[]
A list of User Managed Identity ID’s which should be assigned to the Container Registry.
principalId string
The Principal ID for the Service Principal associated with the Managed Service Identity of this Container Registry.
tenantId string
The Tenant ID for the Service Principal associated with the Managed Service Identity of this Container Registry.
type str
The type of Managed Identity which should be assigned to the Container Registry. Possible values are SystemAssigned, UserAssigned and SystemAssigned, UserAssigned.
identity_ids Sequence[str]
A list of User Managed Identity ID’s which should be assigned to the Container Registry.
principal_id str
The Principal ID for the Service Principal associated with the Managed Service Identity of this Container Registry.
tenant_id str
The Tenant ID for the Service Principal associated with the Managed Service Identity of this Container Registry.

RegistryNetworkRuleSet

DefaultAction string
The behaviour for requests matching no rules. Either Allow or Deny. Defaults to Allow
IpRules List<RegistryNetworkRuleSetIpRule>
One or more ip_rule blocks as defined below.
VirtualNetworks List<RegistryNetworkRuleSetVirtualNetwork>
One or more virtual_network blocks as defined below.
DefaultAction string
The behaviour for requests matching no rules. Either Allow or Deny. Defaults to Allow
IpRules []RegistryNetworkRuleSetIpRule
One or more ip_rule blocks as defined below.
VirtualNetworks []RegistryNetworkRuleSetVirtualNetwork
One or more virtual_network blocks as defined below.
defaultAction string
The behaviour for requests matching no rules. Either Allow or Deny. Defaults to Allow
ipRules RegistryNetworkRuleSetIpRule[]
One or more ip_rule blocks as defined below.
virtualNetworks RegistryNetworkRuleSetVirtualNetwork[]
One or more virtual_network blocks as defined below.
default_action str
The behaviour for requests matching no rules. Either Allow or Deny. Defaults to Allow
ip_rules Sequence[RegistryNetworkRuleSetIpRule]
One or more ip_rule blocks as defined below.
virtual_networks Sequence[RegistryNetworkRuleSetVirtualNetwork]
One or more virtual_network blocks as defined below.

RegistryNetworkRuleSetIpRule

Action string
The behaviour for requests matching this rule. At this time the only supported value is Allow
IpRange string
The CIDR block from which requests will match the rule.
Action string
The behaviour for requests matching this rule. At this time the only supported value is Allow
IpRange string
The CIDR block from which requests will match the rule.
action string
The behaviour for requests matching this rule. At this time the only supported value is Allow
ipRange string
The CIDR block from which requests will match the rule.
action str
The behaviour for requests matching this rule. At this time the only supported value is Allow
ip_range str
The CIDR block from which requests will match the rule.

RegistryNetworkRuleSetVirtualNetwork

Action string
The behaviour for requests matching this rule. At this time the only supported value is Allow
SubnetId string
The subnet id from which requests will match the rule.
Action string
The behaviour for requests matching this rule. At this time the only supported value is Allow
SubnetId string
The subnet id from which requests will match the rule.
action string
The behaviour for requests matching this rule. At this time the only supported value is Allow
subnetId string
The subnet id from which requests will match the rule.
action str
The behaviour for requests matching this rule. At this time the only supported value is Allow
subnet_id str
The subnet id from which requests will match the rule.

RegistryRetentionPolicy

Days int
The number of days to retain an untagged manifest after which it gets purged. Default is 7.
Enabled bool
Boolean value that indicates whether the policy is enabled.
Days int
The number of days to retain an untagged manifest after which it gets purged. Default is 7.
Enabled bool
Boolean value that indicates whether the policy is enabled.
days number
The number of days to retain an untagged manifest after which it gets purged. Default is 7.
enabled boolean
Boolean value that indicates whether the policy is enabled.
days int
The number of days to retain an untagged manifest after which it gets purged. Default is 7.
enabled bool
Boolean value that indicates whether the policy is enabled.

RegistryTrustPolicy

Enabled bool
Boolean value that indicates whether the policy is enabled.
Enabled bool
Boolean value that indicates whether the policy is enabled.
enabled boolean
Boolean value that indicates whether the policy is enabled.
enabled bool
Boolean value that indicates whether the policy is enabled.

Import

Container Registries can be imported using the resource id, e.g.

 $ pulumi import azure:containerservice/registry:Registry example /subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/mygroup1/providers/Microsoft.ContainerRegistry/registries/myregistry1

Package Details

Repository
https://github.com/pulumi/pulumi-azure
License
Apache-2.0
Notes
This Pulumi package is based on the azurerm Terraform Provider.