Admin User Enabled For Container Registry
- Query id: b897dfbf-322c-45a8-b67c-1e698beeaa51
- Query name: Admin User Enabled For Container Registry
- Platform: Terraform
- Severity: High
- Category: Access Control
- URL: Github
Description¶
Admin user is enabled for Container Registry
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Postitive test num. 1 - tf file
resource "azurerm_resource_group" "positive1" {
name = "resourceGroup1"
location = "West US"
}
resource "azurerm_container_registry" "positive2" {
name = "containerRegistry1"
resource_group_name = azurerm_resource_group.rg.name
location = azurerm_resource_group.rg.location
sku = "Premium"
admin_enabled = true
georeplication_locations = ["East US", "West Europe"]
}
Code samples without security vulnerabilities¶
Negative test num. 1 - tf file
resource "azurerm_resource_group" "negative1" {
name = "resourceGroup1"
location = "West US"
}
resource "azurerm_container_registry" "negative2" {
name = "containerRegistry1"
resource_group_name = azurerm_resource_group.rg.name
location = azurerm_resource_group.rg.location
sku = "Premium"
admin_enabled = false
georeplication_locations = ["East US", "West Europe"]
}