Closed BernieWhite closed 10 months ago
No response
Create rule Azure.ACR.AnonymousAccess that checks if anonymous access is enabled.
Azure.ACR.AnonymousAccess
If anonymous is enabled, the rule should fail.
By default, anonymous is not enabled but may be explicitly set to enabled by setting properties.anonymousPullEnabled to true.
properties.anonymousPullEnabled
true
Anonymous access can currently only be enabled on Standard and Premium tiers, and is a preview feature.
Security
I can contribute on this one.
Thanks @BenjaminEngeset
Existing rule
No response
Suggested rule
Create rule
Azure.ACR.AnonymousAccess
that checks if anonymous access is enabled.If anonymous is enabled, the rule should fail.
By default, anonymous is not enabled but may be explicitly set to enabled by setting
properties.anonymousPullEnabled
totrue
.Anonymous access can currently only be enabled on Standard and Premium tiers, and is a preview feature.
Pillar
Security
Additional context