Risk Level: Low
Cloud Entity: Container Registry
CloudGuard Rule ID: D9.AZU.AKS.09
Covered by Spectral: No
Category: Compute

GSL LOGIC

ContainerRegistry should not have sku.name='Classic'

REMEDIATION

From Portal

Go to Container registries
Click on Overview section and then 'Update' button
Now select a new SKU from the SKU drop-down which is Basic, Standard or Premium
Click Save.

From TF
Set the 'sku' argument under 'azurerm_container_registry' as below:

resource "azurerm_container_registry" "acr" {
	...
	sku = "Premium"/ "Basic"/ "Standard"
	...
}

From Command Line
Run

az acr update --name --sku `{Basic, Premium, Standard}`

References

Container Registry

Azure Container Registry allows you to build, store, and manage images for all types of container deployments. Azure Container Registry allows you to store images for all types of container deployments including DC/OS, Docker Swarm, Kubernetes, and Azure services such as App Service, Batch, Service Fabric, and others.

Compliance Frameworks

Azure CloudGuard Best Practices
CloudGuard Azure All Rules Ruleset