Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We鈥檒l occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

azurerm_container_registry public_network_access_enabled does not fully allow public access #25359

Open
1 task done
Vermyndax opened this issue Mar 21, 2024 · 1 comment
Open
1 task done

azurerm_container_registry public_network_access_enabled does not fully allow public access #25359

Vermyndax opened this issue Mar 21, 2024 · 1 comment
Labels
question service/container-registry v/3.x waiting-response

Comments

@Vermyndax
Copy link

Is there an existing issue for this?

  • I have searched the existing issues

Community Note

  • Please vote on this issue by adding a 馃憤 reaction to the original issue to help the community and maintainers prioritize this request
  • Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment and review the contribution guide to help.

Terraform Version

1.7.5

AzureRM Provider Version

3.96.0

Affected Resource(s)/Data Source(s)

azurerm_container_registry

Terraform Configuration Files

resource "azurerm_container_registry" "cr" {
  name                          = "xxx-${var.environment}"
  location                      = azurerm_resource_group.network_base.location
  resource_group_name           = azurerm_resource_group.network_base.name
  sku                           = "Premium"
  admin_enabled                 = false
  public_network_access_enabled = true
  anonymous_pull_enabled        = false
}

Debug Output/Panic Output

Plan/apply succeeds, and Azure portal shows public access enabled, but not for all networks. Public access is enabled for "specific networks" only. Manual action must be taken in the portal to enable it for all networks.

Expected Behaviour

The resource should provide a way to set public access for all. In our case, we're trying to use Github Actions to build/tag containers and save them into this repo.

Actual Behaviour

Public access is enabled on the repo, but GitHub Actions is denied access to the repo unless we go to the portal and manually select "allow access for all networks."

Steps to Reproduce

terraform apply

Important Factoids

No response

References

No response
@github-actions github-actions bot added the v/3.x label Mar 21, 2024
@magodo
Copy link
Collaborator

magodo commented Mar 22, 2024

@Vermyndax I've tried your above config and created the ACR, whose portal shows the network setting as exepcted:

image

Could you elaborate more about:

go to the portal and manually select "allow access for all networks."

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
question service/container-registry v/3.x waiting-response
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@Vermyndax @magodo @rcskosir