Terraform module to create a Container Registry.
Resource names should clearly indicate their type, workload, environment, and region. Using a consistent naming convention ensures clarity, uniformity, and easy identification across all repositories.
<resource_prefix>-<app_or_project>-<environment>-<region>-<optional_unique_suffix>
| Component | Description | Example |
|---|---|---|
resource_prefix |
Short abbreviation for the resource type. | rg (Resource Group) |
app_or_project |
Identifier for the application or project. | qoh |
environment |
Environment where the resource is deployed (prod, dev, test, etc.). |
prod |
region |
Azure region where the resource resides (e.g., cus for centralus). |
cus |
optional_unique_suffix |
Optional unique string for ensuring name uniqueness, often random or incremental. | abcd, a42n |
| Name | Version |
|---|---|
| terraform | >=0.13 |
| azurerm | >=4.0.0 |
| Name | Version |
|---|---|
| azurerm | >=4.0.0 |
No modules.
| Name | Type |
|---|---|
| azurerm_container_registry.container_registry | resource |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| admin_enabled | (Optional) Specifies whether the admin user is enabled. Defaults to false. | string |
false |
no |
| anonymous_pull_enabled | (Optional) Whether allows anonymous (unauthenticated) pull access to this Container Registry? This is only supported on resources with the Standard or Premium SKU. | bool |
null |
no |
| data_endpoint_enabled | (Optional) Whether to enable dedicated data endpoints for this Container Registry? This is only supported on resources with the Premium SKU. | bool |
null |
no |
| encryption | (Optional) An encryption block | any |
{} |
no |
| export_policy_enabled | (Optional) Boolean value that indicates whether export policy is enabled. Defaults to true. In order to set it to false, make sure the public_network_access_enabled is also set to false. | bool |
true |
no |
| georeplications | (Optional) One or more georeplications blocks | any |
{} |
no |
| identity | (Optional) An identity block | any |
{} |
no |
| location | (Required) Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created. | string |
n/a | yes |
| name | (Required) Specifies the name of the Container Registry. Only Alphanumeric characters allowed. Changing this forces a new resource to be created. | string |
n/a | yes |
| network_rule_bypass_option | (Optional) Whether to allow trusted Azure services to access a network restricted Container Registry? Possible values are None and AzureServices. Defaults to AzureServices. | string |
"AzureServices" |
no |
| network_rule_set | (Optional) A network_rule_set block | any |
{} |
no |
| public_network_access_enabled | (Optional) Whether public network access is allowed for the container registry. Defaults to true. | bool |
true |
no |
| quarantine_policy_enabled | (Optional) Boolean value that indicates whether quarantine policy is enabled. | bool |
null |
no |
| resource_group_name | (Required) The name of the resource group in which to create the Container Registry. Changing this forces a new resource to be created. | string |
n/a | yes |
| retention_policy_in_days | (Optional) The number of days to retain and untagged manifest after which it gets purged. Defaults to 7. | number |
7 |
no |
| sku | va(Required) The SKU name of the container registry. Possible values are Basic, Standard and Premium.lue | string |
n/a | yes |
| tags | (Optional) A mapping of tags to assign to the resource. | map(any) |
{} |
no |
| trust_policy_enabled | (Optional) Boolean value that indicated whether trust policy is enabled. Defaults to false. | bool |
false |
no |
| zone_redundancy_enabled | (Optional) Whether zone redundancy is enabled for this Container Registry? Changing this forces a new resource to be created. Defaults to false. | bool |
false |
no |
| Name | Description |
|---|---|
| admin_password | The Password associated with the Container Registry Admin account - if the admin account is enabled. |
| admin_username | The Username associated with the Container Registry Admin account - if the admin account is enabled. |
| id | The ID of the Container Registry. |
| identity | An identity block |
| login_server | The URL that can be used to log into the container registry. |
| name | The Name of the Container Registry. |