Azure Azure - Terraform templates

Container Registry

Last updated: May 15, 2025
In the simplest form, we can create an Azure Container Registry (ACR) with the following code:

resource "azurerm_container_registry" "acr" {
  name                = "${local.resource_prefix_short}acr"
  resource_group_name = azurerm_resource_group.rg.name
  location            = azurerm_resource_group.rg.location
  sku                 = "Standard"
  admin_enabled       = true
  tags                = local.tags

  public_network_access_enabled = true
}

output "acr_login_server" {
  description = "The URL that can be used to log into the container registry"
  value       = azurerm_container_registry.acr.login_server
}

output "acr_admin_username" {
  description = "The username for admin access to the container registry"
  value       = azurerm_container_registry.acr.admin_username
}

output "acr_admin_password" {
  description = "The password for admin access to the container registry"
  value       = nonsensitive(azurerm_container_registry.acr.admin_password) # nonsensitive function will display the password
  sensitive   = false
}

In the above example, we are creating an ACR resource which has public network access enabled as well as a defined admin account. This has been set so for the convenience of being able to quickly test this, but this is not recommended. More on this below.

Using the output values of the terraform code, you can log in to ACR by running:

az acr login -n ACR_LOGIN_SERVER -u ACR_ADMIN_USERNAME -p ACR_ADMIN_PASSWORD

After a successful log in, if you want to manually push an image, tag an image with the url of the ACR login server and then push, e.g.:

docker tag your_image:your_tag ACR_LOGIN_SERVER/your_image:your_tag
docker push ACR_LOGIN_SERVER/your_image:your_tag

Securing your ACR


Following best practices, to secure your container registry, you should disable the admin access and public network access. Tightening the security, unfortunately, will require you to upgrade the SKU to Premium as these features are only available for premium tier. 

Log in to get access to this part

This is a blurred line of code

Another blurred line of code

Yet another blurred line of code

Sign in to see the code