Knowledge base
Knowledge base
Breadcrumbs

Container Inspection - Azure

Last Updated: 2025-04-01




Purpose

This article describes how to create access on Azure portal that can be configured in HIAB to discover and scan container images that resides in an Azure Container Registry.

Introduction

The Azure Portal is a single portal where applications can be accessed and managed in one place. Access on the Azure portal can be created so that it can be configured in HIAB to discover and scan container images that resides in an Azure Container Registry. The current implementation does not support the Microsoft Azure RBAC model, and instead requires the use of admin access as detailed in the Microsoft documentation. Steps include accessing the Azure portal to configure the container registry, enabling the admin user, and then setting up credentials in the HIAB portal. Finally, the document provides references to additional Microsoft documentation for further guidance on using the Azure container registry. 

Requirements

The current implementation of discovering and scanning an Azure container registry does NOT yet support Microsoft Azure RBAC model as described in the following Microsoft documentation https://docs.microsoft.com/en-us/azure/container-registry/container-registry-roles.

The only supported method is to configure and use admin access in the container registry as described in Microsoft documentation: https://docs.microsoft.com/en-us/azure/container-registry/container-registry-authentication#admin-account

Configuring Azure Container Registry

To run Container Inspection on an Azure container registry, the Azure registry must be configured to provide access that later can be configured on the Outpost24 HIAB.

  1. Enter Azure portal and open Container registries service.

    Container Registries



  2. Select the registry you want to enable Container Inspection for and click on it to open the specific registry information.

    Select Registry



  3. Click on the Access Keys entry in the Settings sub section to access the configuration and enable the Admin user to be reused later in the HIAB configuration.

    Access Keys



  4. Enable the Admin user by setting it to Enabled. This generates user/password access as follow:

    Admin User


Configuring HIAB

  1. To configure Azure registry access, open HIAB Portal from the HIAB Main Menu, by clicking on Portal entry.

    Main Menu


  2. In the HIAB Portal, click on the green Account button with your initials in the top right corner to display the Account view.

    Portal_Account_Button.png


  3. Then click on the Credentials card to open the Credentials configuration page, which allows you to create new Docker Credentials.

    card_credentials.png


  4. Click on the green  Add credentials button on the bottom right corner to open the Add credentials panel..

    image2020-11-9_14-18-18.png


  5. The Add Credentials panel allow you to create Docker credentials.

    Add Credentials



  6. Fill the empty field with all information from Azure portal as follow:

    Add Credentials


Do not forget to add https:// in front of the Azure Login server field to obtain a valid URL

Scanning Azure Container Registries

The discovery and the scanning works as any other container inspection discovery or scanning. For example the discovery can be done as follows:

Scanning Azure Container Registries


Reference

  1. Microsoft documentation on Admin account for Azure container registry: https://docs.microsoft.com/en-us/azure/container-registry/container-registry-authentication#admin-account

  2. Microsoft Quickstart guide for Azure container registry: https://docs.microsoft.com/en-us/azure/container-registry/container-registry-get-started-portal


Related Articles