2024-06-26 15:45:06 -04:00
|
|
|
@description('The name of the Container Registry resource. Will be automatically generated if not provided.')
|
2024-08-07 09:51:56 -04:00
|
|
|
param registryName string
|
2024-06-26 15:45:06 -04:00
|
|
|
|
|
|
|
|
@description('The location of the Container Registry resource.')
|
|
|
|
|
param location string = resourceGroup().location
|
|
|
|
|
|
2024-08-07 09:51:56 -04:00
|
|
|
@description('Array of objects with fields principalId, principalType, roleDefinitionId')
|
|
|
|
|
param roleAssignments array = []
|
2024-06-26 15:45:06 -04:00
|
|
|
|
|
|
|
|
resource registry 'Microsoft.ContainerRegistry/registries@2023-11-01-preview' = {
|
2024-08-07 09:51:56 -04:00
|
|
|
name: registryName
|
2024-06-26 15:45:06 -04:00
|
|
|
location: location
|
|
|
|
|
sku: {
|
|
|
|
|
name: 'Standard'
|
|
|
|
|
}
|
|
|
|
|
properties: {
|
2024-09-19 14:17:51 -07:00
|
|
|
adminUserEnabled: false
|
2024-06-26 15:45:06 -04:00
|
|
|
encryption: {
|
|
|
|
|
status: 'disabled'
|
|
|
|
|
}
|
|
|
|
|
dataEndpointEnabled: false
|
|
|
|
|
publicNetworkAccess: 'Enabled'
|
|
|
|
|
networkRuleBypassOptions: 'AzureServices'
|
|
|
|
|
zoneRedundancy: 'Disabled'
|
|
|
|
|
anonymousPullEnabled: false
|
|
|
|
|
metadataSearch: 'Disabled'
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2024-08-07 09:51:56 -04:00
|
|
|
resource roleAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' = [
|
|
|
|
|
for role in roleAssignments: {
|
|
|
|
|
name: guid('${role.principalId}-${role.principalType}-${role.roleDefinitionId}')
|
|
|
|
|
scope: registry
|
|
|
|
|
properties: role
|
|
|
|
|
}
|
|
|
|
|
]
|
|
|
|
|
|
2024-06-26 15:45:06 -04:00
|
|
|
output name string = registry.name
|
2024-08-07 09:51:56 -04:00
|
|
|
output id string = registry.id
|
2024-06-26 15:45:06 -04:00
|
|
|
output loginServer string = registry.properties.loginServer
|
