ServiceNow CMDB CI relationship sync: faster, more complete →
Turbot Guardrails Hub 
Hub
Mods
Azure
40
Mods
164
Resource Types
1,929
Policies
943
Controls
103
Quick Actions
95
IAM

IAM Role: Azure/Container Registry/admin

PermissionGrant
microsoft.containerregistry/locations/deletevirtualnetworkorsubnets/actionadmin
microsoft.containerregistry/register/actionadmin
microsoft.containerregistry/registries/agentpools/deleteadmin
microsoft.containerregistry/registries/agentpools/listqueuestatus/actionadmin
microsoft.containerregistry/registries/agentpools/writeadmin
microsoft.containerregistry/registries/artifacts/deleteadmin
microsoft.containerregistry/registries/builds/cancel/actionadmin
microsoft.containerregistry/registries/builds/getloglink/actionadmin
microsoft.containerregistry/registries/builds/writeadmin
microsoft.containerregistry/registries/buildtasks/deleteadmin
microsoft.containerregistry/registries/buildtasks/listsourcerepositoryproperties/actionadmin
microsoft.containerregistry/registries/buildtasks/steps/deleteadmin
microsoft.containerregistry/registries/buildtasks/steps/listbuildarguments/actionadmin
microsoft.containerregistry/registries/buildtasks/steps/writeadmin
microsoft.containerregistry/registries/buildtasks/writeadmin
microsoft.containerregistry/registries/cacherules/deleteadmin
microsoft.containerregistry/registries/cacherules/writeadmin
microsoft.containerregistry/registries/connectedregistries/deactivate/actionadmin
microsoft.containerregistry/registries/connectedregistries/deleteadmin
microsoft.containerregistry/registries/connectedregistries/writeadmin
microsoft.containerregistry/registries/credentialsets/deleteadmin
microsoft.containerregistry/registries/credentialsets/writeadmin
microsoft.containerregistry/registries/deleteadmin
microsoft.containerregistry/registries/deleted/restore/actionadmin
microsoft.containerregistry/registries/eventgridfilters/deleteadmin
microsoft.containerregistry/registries/eventgridfilters/writeadmin
microsoft.containerregistry/registries/exportpipelines/deleteadmin
microsoft.containerregistry/registries/exportpipelines/writeadmin
microsoft.containerregistry/registries/generatecredentials/actionadmin
microsoft.containerregistry/registries/getbuildsourceuploadurl/actionadmin
microsoft.containerregistry/registries/importimage/actionadmin
microsoft.containerregistry/registries/importpipelines/deleteadmin
microsoft.containerregistry/registries/importpipelines/writeadmin
microsoft.containerregistry/registries/listbuildsourceuploadurl/actionadmin
microsoft.containerregistry/registries/listcredentials/actionadmin
microsoft.containerregistry/registries/metadata/writeadmin
microsoft.containerregistry/registries/packages/archives/deleteadmin
microsoft.containerregistry/registries/packages/archives/versions/deleteadmin
microsoft.containerregistry/registries/packages/archives/versions/writeadmin
microsoft.containerregistry/registries/packages/archives/writeadmin
microsoft.containerregistry/registries/pipelineruns/deleteadmin
microsoft.containerregistry/registries/pipelineruns/writeadmin
microsoft.containerregistry/registries/privateendpointconnectionproxies/deleteadmin
microsoft.containerregistry/registries/privateendpointconnectionproxies/validate/actionadmin
microsoft.containerregistry/registries/privateendpointconnectionproxies/writeadmin
microsoft.containerregistry/registries/privateendpointconnections/deleteadmin
microsoft.containerregistry/registries/privateendpointconnections/writeadmin
microsoft.containerregistry/registries/privateendpointconnectionsapproval/actionadmin
microsoft.containerregistry/registries/providers/microsoft.insights/diagnosticsettings/writeadmin
microsoft.containerregistry/registries/push/writeadmin
microsoft.containerregistry/registries/quarantine/writeadmin
microsoft.containerregistry/registries/quarantinedartifacts/writeadmin
microsoft.containerregistry/registries/queuebuild/actionadmin
microsoft.containerregistry/registries/regeneratecredential/actionadmin
microsoft.containerregistry/registries/replications/deleteadmin
microsoft.containerregistry/registries/replications/writeadmin
microsoft.containerregistry/registries/repositories/content/deleteadmin
microsoft.containerregistry/registries/repositories/content/writeadmin
microsoft.containerregistry/registries/repositories/metadata/deleteadmin
microsoft.containerregistry/registries/repositories/metadata/writeadmin
microsoft.containerregistry/registries/runs/cancel/actionadmin
microsoft.containerregistry/registries/runs/listlogsasurl/actionadmin
microsoft.containerregistry/registries/runs/writeadmin
microsoft.containerregistry/registries/schedulerun/actionadmin
microsoft.containerregistry/registries/scopemaps/deleteadmin
microsoft.containerregistry/registries/scopemaps/writeadmin
microsoft.containerregistry/registries/sign/writeadmin
microsoft.containerregistry/registries/taskruns/deleteadmin
microsoft.containerregistry/registries/taskruns/listdetails/actionadmin
microsoft.containerregistry/registries/taskruns/writeadmin
microsoft.containerregistry/registries/tasks/deleteadmin
microsoft.containerregistry/registries/tasks/listdetails/actionadmin
microsoft.containerregistry/registries/tasks/writeadmin
microsoft.containerregistry/registries/tokens/deleteadmin
microsoft.containerregistry/registries/tokens/writeadmin
microsoft.containerregistry/registries/trustedcollections/writeadmin
microsoft.containerregistry/registries/updatepolicies/writeadmin
microsoft.containerregistry/registries/webhooks/deleteadmin
microsoft.containerregistry/registries/webhooks/getcallbackconfig/actionadmin
microsoft.containerregistry/registries/webhooks/listevents/actionadmin
microsoft.containerregistry/registries/webhooks/ping/actionadmin
microsoft.containerregistry/registries/webhooks/writeadmin
microsoft.containerregistry/registries/writeadmin
microsoft.containerregistry/unregister/actionadmin
microsoft.containerregistry/checknameavailability/readmetadata
microsoft.containerregistry/locations/operationresults/readmetadata
microsoft.containerregistry/operations/readmetadata
microsoft.containerregistry/registries/agentpools/operationresults/status/readmetadata
microsoft.containerregistry/registries/agentpools/operationstatuses/readmetadata
microsoft.containerregistry/registries/agentpools/readmetadata
microsoft.containerregistry/registries/builds/readmetadata
microsoft.containerregistry/registries/buildtasks/readmetadata
microsoft.containerregistry/registries/buildtasks/steps/readmetadata
microsoft.containerregistry/registries/cacherules/operationstatuses/readmetadata
microsoft.containerregistry/registries/cacherules/readmetadata
microsoft.containerregistry/registries/catalog/readmetadata
microsoft.containerregistry/registries/connectedregistries/readmetadata
microsoft.containerregistry/registries/credentialsets/operationstatuses/readmetadata
microsoft.containerregistry/registries/credentialsets/readmetadata
microsoft.containerregistry/registries/deleted/readmetadata
microsoft.containerregistry/registries/eventgridfilters/readmetadata
microsoft.containerregistry/registries/exportpipelines/readmetadata
microsoft.containerregistry/registries/importpipelines/readmetadata
microsoft.containerregistry/registries/listpolicies/readmetadata
microsoft.containerregistry/registries/listusages/readmetadata
microsoft.containerregistry/registries/metadata/readmetadata
microsoft.containerregistry/registries/operationstatuses/readmetadata
microsoft.containerregistry/registries/packages/archives/readmetadata
microsoft.containerregistry/registries/packages/archives/versions/operationstatuses/readmetadata
microsoft.containerregistry/registries/packages/archives/versions/readmetadata
microsoft.containerregistry/registries/pipelineruns/operationstatuses/readmetadata
microsoft.containerregistry/registries/pipelineruns/readmetadata
microsoft.containerregistry/registries/privateendpointconnectionproxies/operationstatuses/readmetadata
microsoft.containerregistry/registries/privateendpointconnectionproxies/readmetadata
microsoft.containerregistry/registries/privateendpointconnections/operationstatuses/readmetadata
microsoft.containerregistry/registries/privateendpointconnections/readmetadata
microsoft.containerregistry/registries/providers/microsoft.insights/diagnosticsettings/readmetadata
microsoft.containerregistry/registries/providers/microsoft.insights/logdefinitions/readmetadata
microsoft.containerregistry/registries/providers/microsoft.insights/metricdefinitions/readmetadata
microsoft.containerregistry/registries/pull/readmetadata
microsoft.containerregistry/registries/quarantine/readmetadata
microsoft.containerregistry/registries/quarantinedartifacts/readmetadata
microsoft.containerregistry/registries/readmetadata
microsoft.containerregistry/registries/replications/operationstatuses/readmetadata
microsoft.containerregistry/registries/replications/readmetadata
microsoft.containerregistry/registries/repositories/content/readmetadata
microsoft.containerregistry/registries/repositories/metadata/readmetadata
microsoft.containerregistry/registries/runs/readmetadata
microsoft.containerregistry/registries/scopemaps/operationstatuses/readmetadata
microsoft.containerregistry/registries/scopemaps/readmetadata
microsoft.containerregistry/registries/taskruns/operationstatuses/readmetadata
microsoft.containerregistry/registries/taskruns/readmetadata
microsoft.containerregistry/registries/tasks/readmetadata
microsoft.containerregistry/registries/tokens/operationstatuses/readmetadata
microsoft.containerregistry/registries/tokens/readmetadata
microsoft.containerregistry/registries/webhooks/operationstatuses/readmetadata
microsoft.containerregistry/registries/webhooks/readmetadata