pulumi-azure-kotlin/com.pulumi.azure.containerservice.kotlin/Registry

Registry

class Registry : KotlinCustomResource

Manages an Azure Container Registry.

Example Usage

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.ResourceGroup;
import com.pulumi.azure.core.ResourceGroupArgs;
import com.pulumi.azure.containerservice.Registry;
import com.pulumi.azure.containerservice.RegistryArgs;
import com.pulumi.azure.containerservice.inputs.RegistryGeoreplicationArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var example = new ResourceGroup("example", ResourceGroupArgs.builder()
            .location("West Europe")
            .build());
        var acr = new Registry("acr", RegistryArgs.builder()
            .resourceGroupName(example.name())
            .location(example.location())
            .sku("Premium")
            .adminEnabled(false)
            .georeplications(
                RegistryGeoreplicationArgs.builder()
                    .location("East US")
                    .zoneRedundancyEnabled(true)
                    .tags()
                    .build(),
                RegistryGeoreplicationArgs.builder()
                    .location("North Europe")
                    .zoneRedundancyEnabled(true)
                    .tags()
                    .build())
            .build());
    }
}

Encryption)

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.ResourceGroup;
import com.pulumi.azure.core.ResourceGroupArgs;
import com.pulumi.azure.authorization.UserAssignedIdentity;
import com.pulumi.azure.authorization.UserAssignedIdentityArgs;
import com.pulumi.azure.keyvault.KeyvaultFunctions;
import com.pulumi.azure.keyvault.inputs.GetKeyArgs;
import com.pulumi.azure.containerservice.Registry;
import com.pulumi.azure.containerservice.RegistryArgs;
import com.pulumi.azure.containerservice.inputs.RegistryIdentityArgs;
import com.pulumi.azure.containerservice.inputs.RegistryEncryptionArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var exampleResourceGroup = new ResourceGroup("exampleResourceGroup", ResourceGroupArgs.builder()
            .location("West Europe")
            .build());
        var exampleUserAssignedIdentity = new UserAssignedIdentity("exampleUserAssignedIdentity", UserAssignedIdentityArgs.builder()
            .resourceGroupName(exampleResourceGroup.name())
            .location(exampleResourceGroup.location())
            .build());
        final var exampleKey = KeyvaultFunctions.getKey(GetKeyArgs.builder()
            .name("super-secret")
            .keyVaultId(data.azurerm_key_vault().existing().id())
            .build());
        var acr = new Registry("acr", RegistryArgs.builder()
            .resourceGroupName(exampleResourceGroup.name())
            .location(exampleResourceGroup.location())
            .sku("Premium")
            .identity(RegistryIdentityArgs.builder()
                .type("UserAssigned")
                .identityIds(exampleUserAssignedIdentity.id())
                .build())
            .encryption(RegistryEncryptionArgs.builder()
                .enabled(true)
                .keyVaultKeyId(exampleKey.applyValue(getKeyResult -> getKeyResult.id()))
                .identityClientId(exampleUserAssignedIdentity.clientId())
                .build())
            .build());
    }
}

Attaching A Container Registry To A Kubernetes Cluster)

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.ResourceGroup;
import com.pulumi.azure.core.ResourceGroupArgs;
import com.pulumi.azure.containerservice.Registry;
import com.pulumi.azure.containerservice.RegistryArgs;
import com.pulumi.azure.containerservice.KubernetesCluster;
import com.pulumi.azure.containerservice.KubernetesClusterArgs;
import com.pulumi.azure.containerservice.inputs.KubernetesClusterDefaultNodePoolArgs;
import com.pulumi.azure.containerservice.inputs.KubernetesClusterIdentityArgs;
import com.pulumi.azure.authorization.Assignment;
import com.pulumi.azure.authorization.AssignmentArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var exampleResourceGroup = new ResourceGroup("exampleResourceGroup", ResourceGroupArgs.builder()
            .location("West Europe")
            .build());
        var exampleRegistry = new Registry("exampleRegistry", RegistryArgs.builder()
            .resourceGroupName(exampleResourceGroup.name())
            .location(exampleResourceGroup.location())
            .sku("Premium")
            .build());
        var exampleKubernetesCluster = new KubernetesCluster("exampleKubernetesCluster", KubernetesClusterArgs.builder()
            .location(exampleResourceGroup.location())
            .resourceGroupName(exampleResourceGroup.name())
            .dnsPrefix("exampleaks1")
            .defaultNodePool(KubernetesClusterDefaultNodePoolArgs.builder()
                .name("default")
                .nodeCount(1)
                .vmSize("Standard_D2_v2")
                .build())
            .identity(KubernetesClusterIdentityArgs.builder()
                .type("SystemAssigned")
                .build())
            .tags(Map.of("Environment", "Production"))
            .build());
        var exampleAssignment = new Assignment("exampleAssignment", AssignmentArgs.builder()
            .principalId(exampleKubernetesCluster.kubeletIdentity().applyValue(kubeletIdentity -> kubeletIdentity.objectId()))
            .roleDefinitionName("AcrPull")
            .scope(exampleRegistry.id())
            .skipServicePrincipalAadCheck(true)
            .build());
    }
}

Import

Container Registries can be imported using the resource id, e.g.

$ pulumi import azure:containerservice/registry:Registry example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mygroup1/providers/Microsoft.ContainerRegistry/registries/myregistry1

Properties

adminEnabled

val adminEnabled: Output<Boolean>?

Specifies whether the admin user is enabled. Defaults to false.

adminPassword

val adminPassword: Output<String>

The Password associated with the Container Registry Admin account - if the admin account is enabled.

adminUsername

val adminUsername: Output<String>

The Username associated with the Container Registry Admin account - if the admin account is enabled.

anonymousPullEnabled

val anonymousPullEnabled: Output<Boolean>?

Whether allows anonymous (unauthenticated) pull access to this Container Registry? This is only supported on resources with the Standard or Premium SKU.

dataEndpointEnabled

val dataEndpointEnabled: Output<Boolean>?

Whether to enable dedicated data endpoints for this Container Registry? This is only supported on resources with the Premium SKU.

encryption

val encryption: Output<RegistryEncryption>

An encryption block as documented below.

exportPolicyEnabled

val exportPolicyEnabled: Output<Boolean>?

Boolean value that indicates whether export policy is enabled. Defaults to true. In order to set it to false, make sure the public_network_access_enabled is also set to false.

georeplications

val georeplications: Output<List<RegistryGeoreplication>>?

A georeplications block as documented below.

val id: Output<String>

identity

val identity: Output<RegistryIdentity>?

An identity block as defined below.

location

val location: Output<String>

Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

loginServer

val loginServer: Output<String>

The URL that can be used to log into the container registry.

name

val name: Output<String>

Specifies the name of the Container Registry. Only Alphanumeric characters allowed. Changing this forces a new resource to be created.

networkRuleBypassOption

val networkRuleBypassOption: Output<String>?

Whether to allow trusted Azure services to access a network restricted Container Registry? Possible values are None and AzureServices. Defaults to AzureServices.

networkRuleSet

val networkRuleSet: Output<RegistryNetworkRuleSet>

A network_rule_set block as documented below.

publicNetworkAccessEnabled