Control: Azure > Container Registry > Registry > Anonymous Pull Access

Define the Anonymous Pull Access settings required for Azure > Container Registry > Registry.

The Anonymous Pull Access control determines whether anonymous pull access for Azure Container Registry should be Enabled or Disabled.

When anonymous pull access is enabled, the Container Registry allows unauthenticated users to pull container images. This provides convenience but may reduce security by allowing public access to container images.

Resource Types

This control targets the following resource types:

Azure > Container Registry > Registry

Policies

The following policies can be used to configure this control:

Azure > Container Registry > Registry > Anonymous Pull Access

Permissions

Cloud permissions used by this control and its actions:

microsoft.containerregistry/registries/write

In Your Workspace

Developers

Control Type URI

tmod:@turbot/azure-containerregistry#/control/types/registryAnonymousPullAccess

Category URI

tmod:@turbot/turbot#/control/categories/security

GraphQL

query controlType(id: "tmod:@turbot/azure-containerregistry#/control/types/registryAnonymousPullAccess") { … }

query controls(filter: "controlTypeId:'tmod:@turbot/azure-containerregistry#/control/types/registryAnonymousPullAccess'") { … }

CLI

Get Controls

turbot graphql controls --filter "controlTypeId:tmod:@turbot/azure-containerregistry#/control/types/registryAnonymousPullAccess"