| Plugin Title | ACR Admin User |
| Cloud | AZURE |
| Category | Container Registry |
| Description | Ensures that the admin user is not enabled on container registries |
| More Info | Azure Container Registries have an admin user that is designed for testing. This should be disabled by default to avoid sharing confidential admin credentials. |
| AZURE Link | https://docs.microsoft.com/en-us/azure/container-registry/container-registry-authentication |
| Recommended Action | Ensure that the admin user is disabled for each container registry. |
- Login to the Microsoft Azure Management Console.
- In the search bar at the top search for container registries and click on "Container registries".
- On the container registries page, click on the "Name" link to go to the configuration page.
- On the container registry pane that opens, click on "Access keys" under "Settings" in the left navigation panel.
- In the keys panel, if you see "Enabled" next to "Admin user" then the admin user is enabled for the container registry. This is a security risk and against the Azure recommended practices.
- Click on the slider to "Disable" the admin user.
- Repeat step 3 - 6 for all other container registries.
