Top / Microsoft Azure / Azure Container / Registry Token

Azure Container Registry Token

This page shows how to write Terraform and Azure Resource Manager for Container Registry Token and write them securely.

terraform-logo

Review your .tf file for Azure best practices

Shisho Cloud, our free checker to make sure your Terraform configuration follows best practices, is available (beta).

azurerm_container_registry_token (Terraform)

The Registry Token in Container can be configured in Terraform with the resource name azurerm_container_registry_token. The following sections describe how to use the resource and its parameters.

Example Usage from GitHub

An example could not be found in GitHub.

Review your Terraform file for Azure best practices

Shisho Cloud, our free checker to make sure your Terraform configuration follows best practices, is available (beta).

Parameters

>> from Terraform Registry

Explanation in Terraform Registry

Manages an Azure Container Registry token. Tokens are a preview feature only available in Premium SKU Container registries.

resource "azurerm_resource_group" "example" {
  name     = "example-resource-group"
  location = "West Europe"
}
resource "azurerm_container_registry" "example" {
  name                     = "example-registry"
  resource_group_name      = azurerm_resource_group.example.name
  location                 = azurerm_resource_group.example.location
  sku                      = "Premium"
  admin_enabled            = false
  georeplication_locations = ["East US", "West Europe"]
}
resource "azurerm_container_registry_scope_map" "example" {
  name                    = "example-scope-map"
  container_registry_name = azurerm_container_registry.acr.name
  resource_group_name     = azurerm_resource_group.rg.name
  actions = [
    "repositories/repo1/content/read",
    "repositories/repo1/content/write"
  ]
}
resource "azurerm_container_registry_token" "example" {
  name                    = "exampletoken"
  container_registry_name = azurerm_container_registry.acr.name
  resource_group_name     = azurerm_resource_group.rg.name
  scope_map_id            = azurerm_container_registry_scope_map.map.id
}

>> from Terraform Registry

Tips: Best Practices for The Other Azure Container Resources

In addition to the azurerm_kubernetes_cluster, Azure Container has the other resources that should be configured for security reasons. Please check some examples of those resources and precautions.

risk-label

azurerm_kubernetes_cluster

Ensure to enable logging for AKS

It is better to enable AKS logging to Azure Monitoring. This provides useful information regarding access and usage.

Review your Azure Container settings

In addition to the above, there are other security points you should be aware of making sure that your .tf files are protected in Shisho Cloud.

Microsoft.ContainerRegistry/registries/tokens (Azure Resource Manager)

The registries/tokens in Microsoft.ContainerRegistry can be configured in Azure Resource Manager with the resource name Microsoft.ContainerRegistry/registries/tokens. The following sections describe how to use the resource and its parameters.

Example Usage from GitHub

An example could not be found in GitHub.

The Other Related Azure Container Resources

Frequently asked questions

What is Azure Container Registry Token?

Azure Container Registry Token is a resource for Container of Microsoft Azure. Settings can be wrote in Terraform.

security-icon

Automate config file reviews on your commits

Fix issues in your infrastructure as code with auto-generated patches.

Table of Contents