Azure Container Registry Webhook
This page shows how to write Terraform and Azure Resource Manager for Container Registry Webhook and write them securely.
azurerm_container_registry_webhook (Terraform)
The Registry Webhook in Container can be configured in Terraform with the resource name azurerm_container_registry_webhook
. The following sections describe 10 examples of how to use the resource and its parameters.
Example Usage from GitHub
resource "azurerm_container_registry_webhook" "panel" {
actions = ["push"]
location = var.resource_group_location
name = "panelwebhook"
registry_name = var.registry_name
resource_group_name = var.resource_group_name
resource "azurerm_container_registry_webhook" "container_registry_webhook" {
name = "autodeploy"
resource_group_name = var.resource_group
registry_name = var.container_registry
location = var.location
resource "azurerm_container_registry_webhook" "container_registry_webhook" {
name = "autodeploy"
resource_group_name = var.resource_group
registry_name = var.container_registry
location = var.location
resource "azurerm_container_registry_webhook" "acrwebhook" {
name = var.acr_webhook_name
resource_group_name = var.acr_webhook_rg
registry_name = var.acr_webhook_registry
location = var.location
service_uri = var.acr_webhook_service_uri
resource "azurerm_container_registry_webhook" "webhook" {
name = "mywebhook"
resource_group_name = azurerm_resource_group.rg.name
registry_name = azurerm_container_registry.acr.name
location = azurerm_resource_group.rg.location
resource "azurerm_container_registry_webhook" "container_registry_webhook" {
name = "autodeploy"
resource_group_name = var.resource_group
registry_name = var.container_registry
location = var.location
resource "azurerm_container_registry_webhook" "webhook" {
name = var.name
resource_group_name = module.resource_group.azurerm_resource_group.example.name
registry_name = module.container_registry.azurerm_container_registry.example.name
location = module.resource_group.azurerm_resource_group.example.location
resource "azurerm_container_registry_webhook" "this" {
actions = var.actions
custom_headers = var.custom_headers
location = var.location
name = var.name
registry_name = var.registry_name
resource "azurerm_container_registry_webhook" "webhooks" {
for_each = { for object in var.webhooks : object.name => object }
depends_on = [azurerm_container_registry.registry]
name = each.value.name
resource "azurerm_container_registry_webhook" "registry_webhook" {
count = length(var.registry_webhook)
actions = [lookup(var.registry_webhook[count.index], "actions")]
name = lookup(var.registry_webhook[count.index], "name")
registry_name = lookup(var.registry_webhook[count.index], "registry_id") == null ? var.registry_name : element(var.registry_name, lookup(var.registry_webhook[count.index], "registry_id"))
resource_group_name = lookup(var.registry_webhook[count.index], "resource_group_id") == null ? var.resource_group_name : element(var.resource_group_name, lookup(var.registry_webhook[count.index], "resource_group_id"))
Parameters
-
actions
required - set of string -
custom_headers
optional - map from string to string -
id
optional computed - string -
location
required - string -
name
required - string -
registry_name
required - string -
resource_group_name
required - string -
scope
optional - string -
service_uri
required - string -
status
optional - string -
tags
optional - map from string to string -
timeouts
single block
Explanation in Terraform Registry
Manages an Azure Container Registry Webhook.
Tips: Best Practices for The Other Azure Container Resources
In addition to the azurerm_kubernetes_cluster, Azure Container has the other resources that should be configured for security reasons. Please check some examples of those resources and precautions.
azurerm_kubernetes_cluster
Ensure to enable logging for AKS
It is better to enable AKS logging to Azure Monitoring. This provides useful information regarding access and usage.
Microsoft.ContainerRegistry/registries/webhooks (Azure Resource Manager)
The registries/webhooks in Microsoft.ContainerRegistry can be configured in Azure Resource Manager with the resource name Microsoft.ContainerRegistry/registries/webhooks
. The following sections describe how to use the resource and its parameters.
Example Usage from GitHub
An example could not be found in GitHub.
Parameters
apiVersion
required - stringlocation
required - stringThe location of the webhook. This cannot be changed after the resource is created.
name
required - stringThe name of the webhook.
properties
requiredactions
required - arrayThe list of actions that trigger the webhook to post notifications.
customHeaders
optional - stringCustom headers that will be added to the webhook notifications.
scope
optional - stringThe scope of repositories where the event can be triggered. For example, 'foo:*' means events for all tags under repository 'foo'. 'foo:bar' means events for 'foo:bar' only. 'foo' is equivalent to 'foo:latest'. Empty means all events.
serviceUri
required - stringThe service URI for the webhook to post notifications.
status
optional - stringThe status of the webhook at the time the operation was called.
tags
optional - stringThe tags for the webhook.
type
required - string
Frequently asked questions
What is Azure Container Registry Webhook?
Azure Container Registry Webhook is a resource for Container of Microsoft Azure. Settings can be wrote in Terraform.
Where can I find the example code for the Azure Container Registry Webhook?
For Terraform, the kashw2/Fleet-of-the-Faithful-Knights, DTS-STN/BenefitsFinderFrontEnd and DTS-STN/rules-based-benefit-finder source code examples are useful. See the Terraform Example section for further details.