With Azure Container Registry, or ACR, we get a lot of great capabilities to host our Docker images in the Azure cloud. With that, as with everything else, comes security concerns we should not overlook.
In this post I'm exploring how we can lock down all access to our ACR by default, and then enable access based on an IP address or range of IP addresses.
This is similar to what I've already explained in another post about Secure your Azure Storage Accounts with restrictions based on public IP addresses. If you haven't seen that, take a look there how to learn to protect the storage accounts the same way.
Note 2019-03-20: This feature is currently in Preview for ACR.... Read the full post on https://zimmergren.net/protect-azure-container-registry-deny-traffic-whitelist-firewall/
That said, it's an important
by Tobias Zimmergren via Zimmergren
No comments:
Post a Comment