Azure Container Registry (ACR) is a fully managed Docker container registry in Azure that allows you to store and manage container images for use in Azure Kubernetes Service (AKS), Azure App Service, and other containerized workloads. ACR supports private container registries, image scanning, vulnerability detection, and integration with Azure Active Directory (AAD) for secure access control.
ACR makes it easy to manage your containerized applications by offering scalable, secure, and private repositories for storing Docker images and OCI artifacts.
Using Pulumi, you can define, deploy, and manage an ACR instance as part of your infrastructure code.
In resources folder, you create a new file named containerregistry.ts and add the below code to create an Azure Resource Group and an Azure Container Registry using TypeScript.
// resources/containerregistry.tsimport*asazurefrom"@pulumi/azure-native/";import*aspulumifrom"@pulumi/pulumi";import{config}from"../config";exportconstcreateContainerRegistry=(resourceGroupName:pulumi.Input<string>)=>{ // Create the Azure Container Registry (ACR)constcontainerRegistry=newazure.containerregistry.Registry("aksregistry",{resourceGroupName:resourceGroupName,// Reference the resource groupsku:{name:"Standard",// ACR pricing tier: Basic, Standard, or Premium},adminUserEnabled:true,// Optional: Enable the admin user (useful for simple scenarios)location:config.location// Set location same as the resource group}); // Return ACR resourcereturncontainerRegistry;}
Key Parameters Explained:
resourceGroupName: This is the name of the Azure resource group where the registry will be created.
sku.name: ACR offers different pricing tiers, such as Basic, Standard, and Premium. You can choose one depending on your requirements.
Basic: Suitable for dev/test environments.
Standard: Best for most production workloads.
Premium: Offers features like geo-replication, content trust, and private link access.
adminUserEnabled: When set to true, this enables a local admin account that can be used to authenticate with the ACR. This is useful for testing and simple deployments but should be disabled for production systems.
You will make some changes from index.ts that include the method to create the Azure Container Registry:
You can preview the changes Pulumi will make using the following command: