1

I have a pre-existing ACR and I need to enable soft-deletion policy using terraform. I don't want to use null-resource, is there any other way I can achieve this?

resource "null_resource" "soft_delete_policy" {
  provisioner "local-exec" {
    command = "az acr config soft-delete update -r MyRegistry --days 7 --status Enabled"
  }
Improve this question
2

1 Answer 1

Reset to default
1

You could use the AzAPI provider:

    softDeletePolicy = {
      retentionDays = int
      status = "string"
    }

First, run az acr show -g <your-resource-group> -n <your-acr-name> -o json to get the container registry's resource configuration in JSON format.

Then, construct an azapi_resource in your Terraform configuration using the relevant bits of the JSON:

resource "azapi_resource" "your_acr" {
  type = "Microsoft.ContainerRegistry/registries@2023-11-01-preview"
  name = "youracr"
  location = "westus"
  parent_id = azurerm_resource_group.your_resource_group.id
  tags = { }
  body = jsonencode({
    properties = {
      adminUserEnabled = false
...

Next, import the AzAPI resource into your Terraform configuration:

terraform import azapi_resource.your_acr /subscriptions/<your-subscription-id>/resourcegroups/<your-resource-group-name>/providers/Microsoft.ContainerRegistry/registries/youracr

Update the AzAPI resource in the Terraform config to set soft delete policy:

softDeletePolicy = {
  retentionDays = 7
  status = "enabled"
}

Finally, apply the change via terraform apply

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.