Container Registry export policy should be disabled#
Security · Container Registry · Rule · 2025_09 · Important
Export policy on Azure container registry may allow artifact exfiltration.
Description#
Azure Container Registry (ACR) export policy allows copying container images and artifacts to other registries or locations.
When the export policy is enabled, data can be moved out of the registry via acr import or acr transfer commands.
To improve security and prevent exfiltration, the export policy should be disabled from an already network restricted registry.
An already network restricted registry is one that has publicNetworkAccess set to Disabled and is accessible only
through private endpoints.
Disabling export of artifacts does not prevent authorized access to the registry within the virtual network to pull artifacts or perform other data-plane operations.
To audit registry use, configure diagnostic settings to monitor registry operations.
Recommendation#
Consider disabling public network access and the export policy status for private container registries.
Examples#
Configure with Bicep#
To deploy registries that pass this rule:
- Set
properties.policies.exportPolicy.statustodisabled. - Set
properties.publicNetworkAccesstoDisabledto restrict access to private endpoints only.
For example:
resource registry 'Microsoft.ContainerRegistry/registries@2025-05-01-preview' = {
name: name
location: location
sku: {
name: 'Premium'
}
identity: {
type: 'SystemAssigned'
}
properties: {
adminUserEnabled: false
anonymousPullEnabled: false
publicNetworkAccess: 'Disabled'
zoneRedundancy: 'Enabled'
policies: {
quarantinePolicy: {
status: 'enabled'
}
retentionPolicy: {
days: 30
status: 'enabled'
}
softDeletePolicy: {
retentionDays: 90
status: 'enabled'
}
exportPolicy: {
status: 'disabled'
}
}
}
}
Configure with Azure Verified Modules
A pre-validated module supported by Microsoft is available from the Azure Bicep public registry. To reference the module, please use the following syntax:
To use the latest version:
Configure with Azure template#
To deploy registries that pass this rule:
- Set
properties.policies.exportPolicy.statustodisabled. - Set
properties.publicNetworkAccesstoDisabledto restrict access to private endpoints only.
For example:
{
"type": "Microsoft.ContainerRegistry/registries",
"apiVersion": "2025-05-01-preview",
"name": "[parameters('name')]",
"location": "[parameters('location')]",
"sku": {
"name": "Premium"
},
"identity": {
"type": "SystemAssigned"
},
"properties": {
"adminUserEnabled": false,
"anonymousPullEnabled": false,
"publicNetworkAccess": "Disabled",
"zoneRedundancy": "Enabled",
"policies": {
"quarantinePolicy": {
"status": "enabled"
},
"retentionPolicy": {
"days": 30,
"status": "enabled"
},
"softDeletePolicy": {
"retentionDays": 90,
"status": "enabled"
},
"exportPolicy": {
"status": "disabled"
}
}
}
}
Configure with Azure CLI#
az resource update -n '<name>' -g '<resource_group>' --resource-type 'Microsoft.ContainerRegistry/registries' --api-version '2021-06-01-preview' --set 'properties.policies.exportPolicy.status=disabled' --set 'properties.publicNetworkAccess=disabled'
Configure with Azure Policy#
To address this issue at runtime use the following policies:
- Container registries should have exports disabled
/providers/Microsoft.Authorization/policyDefinitions/524b0254-c285-4903-bee6-bb8126cde579.
Notes#
An Azure container registry with export policy disabled:
- Prevents copying registry data using ACR import/ export jobs.
- Allows standard operations through private endpoints.
- Is available for Premium tier registries only.
This rule may produce false positives if the registry is intended to serve artifacts to external clients, such as in the case of public registries.
Links#
- SE:08 Hardening resources
- Data loss prevention for Azure Container Registry
- Azure Security Benchmark - Monitor anomalies and threats targeting sensitive data
- Azure Policy - Container registries should have exports disabled
- Azure deployment reference - Container Registry