states.azurerm.containerregistry.registry¶
Azure Resource Manager (ARM) Container Registry State Module
New in version 3.0.0.
Changed in version 4.0.0.
maintainer: | |
---|---|
configuration: | This module requires Azure Resource Manager credentials to be passed via acct. Note that the authentication parameters are case sensitive. Required provider parameters:
Optional provider parameters: cloud_environment: Used to point the cloud driver to different API endpoints, such as Azure GovCloud. Possible values:
Example configuration for Azure Resource Manager authentication: azurerm:
default:
subscription_id: 3287abc8-f98a-c678-3bde-326766fd3617
tenant: ABCDEFAB-1234-ABCD-1234-ABCDEFABCDEF
client_id: ABCDEFAB-1234-ABCD-1234-ABCDEFABCDEF
secret: XXXXXXXXXXXXXXXXXXXXXXXX
cloud_environment: AZURE_PUBLIC_CLOUD
user_pass_auth:
subscription_id: 3287abc8-f98a-c678-3bde-326766fd3617
username: fletch
password: 123pass
The authentication parameters can also be passed as a dictionary of keyword arguments to the |
-
idem_azurerm.states.azurerm.containerregistry.registry.
absent
(hub, ctx, name, resource_group, connection_auth=None, **kwargs)¶ New in version 3.0.0.
Ensure a container registry does not exist in a resource group.
Parameters: - name – Name of the container registry.
- resource_group – The name of the resource group to which the container registry belongs.
Ensure container registry is absent: azurerm.containerregistry.registry.absent: - name: other_repo - resource_group: testgroup
-
idem_azurerm.states.azurerm.containerregistry.registry.
present
(hub, ctx, name, resource_group, sku='Basic', replica_locations=None, admin_user_enabled=False, default_action=None, virtual_network_rules=None, ip_rules=None, trust_policy=None, quarantine_policy=None, retention_policy=None, retention_days=None, tags=None, connection_auth=None, **kwargs)¶ New in version 3.0.0.
Changed in version 4.0.0.
Ensure a container registry exists.
Parameters: - name – The name of the container registry.
- resource_group – The name of the resource group to which the container registry belongs.
- sku – The SKU name of the container registry. Required for registry creation. Possible values include: ‘Basic’, ‘Standard’, ‘Premium’
- replica_locations – A list of valid Azure regions can be provided in order to enable replication to locations other than the location in which the repository was configured.
- admin_user_enabled – This value that indicates whether the admin user is enabled.
- default_action – The default action of allow or deny when no other rules match. Possible values include: ‘Allow’, ‘Deny’. Only available for the ‘Premium’ tier.
- virtual_network_rules – A list of virtual network rule dictionaries where one key is the “action” of the rule (Allow/Deny) and the other key is the “virtual_network_resource_id” which is the full resource ID path of a subnet. Only available for the ‘Premium’ tier.
- ip_rules – A list of IP rule dictionaries where one key is the “action” of the rule (Allow/Deny) and the other key is the “ip_address_or_range” which specifies the IP or IP range in CIDR format. Only IPV4 addresses are allowed. Only available for the ‘Premium’ tier.
- trust_policy – Accepts boolean True/False or string “enabled”/”disabled” to configure. Image publishers can sign their container images and image consumers can verify their integrity. Container Registry supports both by implementing Docker’s content trust model. Only available for the ‘Premium’ tier.
- quarantine_policy – Accepts boolean True/False or string “enabled”/”disabled” to configure. To assure a registry only contains images that have been vulnerability scanned, ACR introduces the Quarantine pattern. When a registries policy is set to Quarantine Enabled, all images pushed to that registry are put in quarantine by default. Only after the image has been verifed, and the quarantine flag removed may a subsequent pull be completed. Only available for the ‘Premium’ tier.
- retention_policy – Accepts boolean True/False or string “enabled”/”disabled” to configure. Indicates whether retention policy is enabled. Only available for the ‘Premium’ tier.
- tags – A dictionary of strings can be passed as tag metadata to the object.
Example usage:
Ensure container registry exists: azurerm.containerregistry.registry.present: - name: testrepo - resource_group: testgroup - sku: Premium - location: eastus - replica_locations: - westus - admin_user_enabled: True - default_action: Deny - ip_rules: - action: Allow ip_address_or_range: 8.8.8.8/32 - quarantine_policy: Enabled - retention_policy: Enabled - retention_days: 7 - tags: how_awesome: very contact_name: Elmer Fudd Gantry