The container register has no locks
ID |
azure_container_registry_with_no_locks |
Severity |
high |
Vendor |
Azure |
Resource |
IAM |
Tags |
reachable |
Description
The container register has no locks. This is an insecure configuration for Azure rm container registry .
You must configure managed_resource_id or resource_group properties.
Learn more about this topic at Azure rm lock module.
Examples
---
- name: Example playbook
hosts: localhost
tasks:
- name: Create a lock for a subscription
azure_rm_lock:
name: myLock
level: read_onlyMitigation / Fix
---
- name: Example playbook
hosts: localhost
tasks:
- name: Create a lock for a resource group
azure_rm_lock:
managed_resource_id: /subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourcegroups/myResourceGroup
name: myLock
level: read_only
- name: Create a lock for a resource group
azure_rm_lock:
resource_group: myResourceGroup
name: myLock
level: read_only