Share via

Registries - List

Service:
Container Registry
API Version:
2025-11-01

Lists all the container registries under the specified subscription.

GET https://management.azure.com/subscriptions/{subscriptionId}/providers/Microsoft.ContainerRegistry/registries?api-version=2025-11-01

URI Parameters

Name In Required Type Description
subscriptionId
 path True

string (uuid)

The ID of the target subscription. The value must be an UUID.
api-version
 query True

string

minLength: 1

The API version to use for this operation.

Responses

Name Type Description
200 OK

RegistryListResult

Azure operation completed successfully.
Other Status Codes

ErrorResponse

An unexpected error response.

Security

azure_auth

Azure Active Directory OAuth2 Flow.

Type: oauth2
Flow: implicit
Authorization URL: https://login.microsoftonline.com/common/oauth2/authorize

Scopes

Name Description
user_impersonation impersonate your user account

Examples

RegistryList

Sample request

GET https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.ContainerRegistry/registries?api-version=2025-11-01

Sample response

Status code:
200 
{
  "value": [
    {
      "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/myResourceGroup/providers/Microsoft.ContainerRegistry/registries/myRegistry",
      "name": "myRegistry",
      "type": "Microsoft.ContainerRegistry/registries",
      "location": "westus",
      "tags": {
        "key": "value"
      },
      "sku": {
        "name": "Standard",
        "tier": "Standard"
      },
      "properties": {
        "loginServer": "myRegistry.azurecr.io",
        "creationDate": "2021-06-15T21:38:26.1537861Z",
        "provisioningState": "Succeeded",
        "adminUserEnabled": false,
        "networkRuleSet": {
          "defaultAction": "Allow",
          "ipRules": []
        },
        "policies": {
          "quarantinePolicy": {
            "status": "disabled"
          },
          "trustPolicy": {
            "type": "Notary",
            "status": "disabled"
          },
          "retentionPolicy": {
            "days": 7,
            "lastUpdatedTime": "2021-06-15T21:40:12.8506835+00:00",
            "status": "disabled"
          },
          "exportPolicy": {
            "status": "enabled"
          },
          "azureADAuthenticationAsArmPolicy": {
            "status": "enabled"
          }
        },
        "encryption": {
          "status": "disabled"
        },
        "status": null,
        "dataEndpointEnabled": false,
        "dataEndpointHostNames": [],
        "privateEndpointConnections": [],
        "publicNetworkAccess": "Enabled",
        "networkRuleBypassOptions": "AzureServices",
        "networkRuleBypassAllowedForTasks": false,
        "zoneRedundancy": "Disabled",
        "anonymousPullEnabled": false,
        "roleAssignmentMode": "LegacyRegistryPermissions"
      }
    }
  ]
}

Definitions

Name Description
Action

The action of IP ACL rule.
ActionsRequired

A message indicating if changes on the service provider require any updates on the consumer.
AzureADAuthenticationAsArmPolicy

The policy for using Azure Resource Manager audience token for a container registry.
AzureADAuthenticationAsArmPolicyStatus

The value that indicates whether the policy is enabled or not.
ConnectionStatus

The private link service connection status.
createdByType

The type of identity that created the resource.
DefaultAction

The default action of allow or deny when no other rules match.
EncryptionProperty
EncryptionStatus

Indicates whether or not the encryption is enabled for container registry.
ErrorAdditionalInfo

The resource management error additional info.
ErrorDetail

The error detail.
ErrorResponse

Error response
ExportPolicy

The export policy for a container registry.
ExportPolicyStatus

The value that indicates whether the policy is enabled or not.
IdentityProperties

Managed identity for the resource.
IPRule

IP rule with specific IP or IP range in CIDR format.
KeyVaultProperties
NetworkRuleBypassOptions

Whether to allow trusted Azure services to access a network restricted registry.
NetworkRuleSet

The network rule set for a container registry.
Policies

The policies for a container registry.
PolicyStatus

The value that indicates whether the policy is enabled or not.
PrivateEndpoint

The Private Endpoint resource.
PrivateEndpointConnection

An object that represents a private endpoint connection for a container registry.
PrivateLinkServiceConnectionState

The state of a private link service connection.
ProvisioningState

The provisioning state of the archive at the time the operation was called.
PublicNetworkAccess

Whether or not public network access is allowed for the container registry.
QuarantinePolicy

The quarantine policy for a container registry.
Registry

An object that represents a container registry.
RegistryListResult

The result of a request to list container registries.
ResourceIdentityType

The identity type.
RetentionPolicy

The retention policy for a container registry.
RoleAssignmentMode

Determines registry role assignment mode.
Sku

The SKU of a container registry.
SkuName

The SKU name of the container registry. Required for registry creation.
SkuTier

The SKU tier based on the SKU name.
Status

The status of an Azure resource at the time the operation was called.
systemData

Metadata pertaining to creation and last modification of the resource.
TrustPolicy

The content trust policy for a container registry.
TrustPolicyType

The type of trust policy.
UserIdentityProperties
ZoneRedundancy

Whether or not zone redundancy is enabled for this container registry

Action

Enumeration

The action of IP ACL rule.

Value Description
Allow

ActionsRequired

Enumeration

A message indicating if changes on the service provider require any updates on the consumer.

Value Description
None
Recreate

AzureADAuthenticationAsArmPolicy

Object

The policy for using Azure Resource Manager audience token for a container registry.

Name Type Default value Description
status

AzureADAuthenticationAsArmPolicyStatus

enabled

The value that indicates whether the policy is enabled or not.

AzureADAuthenticationAsArmPolicyStatus

Enumeration

The value that indicates whether the policy is enabled or not.

Value Description
enabled
disabled

ConnectionStatus

Enumeration

The private link service connection status.

Value Description
Approved
Pending
Rejected
Disconnected

createdByType

Enumeration

The type of identity that created the resource.

Value Description
User
Application
ManagedIdentity
Key

DefaultAction

Enumeration

The default action of allow or deny when no other rules match.

Value Description
Allow
Deny

EncryptionProperty

Object
Name Type Description
keyVaultProperties

KeyVaultProperties

Key vault properties.
status

EncryptionStatus

Indicates whether or not the encryption is enabled for container registry.

EncryptionStatus

Enumeration

Indicates whether or not the encryption is enabled for container registry.

Value Description
enabled
disabled

ErrorAdditionalInfo

Object

The resource management error additional info.

Name Type Description
info

object

The additional info.
type

string

The additional info type.

ErrorDetail

Object

The error detail.

Name Type Description
additionalInfo

ErrorAdditionalInfo[]

The error additional info.
code

string

The error code.
details

ErrorDetail[]

The error details.
message

string

The error message.
target

string

The error target.

ErrorResponse

Object

Error response

Name Type Description
error

ErrorDetail

The error object.

ExportPolicy

Object

The export policy for a container registry.

Name Type Default value Description
status

ExportPolicyStatus

enabled

The value that indicates whether the policy is enabled or not.

ExportPolicyStatus

Enumeration

The value that indicates whether the policy is enabled or not.

Value Description
enabled
disabled

IdentityProperties

Object

Managed identity for the resource.

Name Type Description
principalId

string

The principal ID of resource identity.
tenantId

string

The tenant ID of resource.
type

ResourceIdentityType

The identity type.
userAssignedIdentities

<string,  UserIdentityProperties>

The list of user identities associated with the resource. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/ providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.

IPRule

Object

IP rule with specific IP or IP range in CIDR format.

Name Type Default value Description
action

Action

Allow

The action of IP ACL rule.
value

string

Specifies the IP or IP range in CIDR format. Only IPV4 address is allowed.

KeyVaultProperties

Object
Name Type Description
identity

string

The client id of the identity which will be used to access key vault.
keyIdentifier

string

Key vault uri to access the encryption key.
keyRotationEnabled

boolean

Auto key rotation status for a CMK enabled registry.
lastKeyRotationTimestamp

string (date-time)

Timestamp of the last successful key rotation.
versionedKeyIdentifier

string

The fully qualified key identifier that includes the version of the key that is actually used for encryption.

NetworkRuleBypassOptions

Enumeration

Whether to allow trusted Azure services to access a network restricted registry.

Value Description
AzureServices
None

NetworkRuleSet

Object

The network rule set for a container registry.

Name Type Default value Description
defaultAction

DefaultAction

Allow

The default action of allow or deny when no other rules match.
ipRules

IPRule[]

The IP ACL rules.

Policies

Object

The policies for a container registry.

Name Type Description
azureADAuthenticationAsArmPolicy

AzureADAuthenticationAsArmPolicy

The policy for using Azure Resource Manager audience token for a container registry.
exportPolicy

ExportPolicy

The export policy for a container registry.
quarantinePolicy

QuarantinePolicy

The quarantine policy for a container registry.
retentionPolicy

RetentionPolicy

The retention policy for a container registry.
trustPolicy

TrustPolicy

The content trust policy for a container registry.

PolicyStatus

Enumeration

The value that indicates whether the policy is enabled or not.

Value Description
enabled
disabled

PrivateEndpoint

Object

The Private Endpoint resource.

Name Type Description
id

string

This is private endpoint resource created with Microsoft.Network resource provider.

PrivateEndpointConnection

Object

An object that represents a private endpoint connection for a container registry.

Name Type Description
id

string (arm-id)

Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}"
name

string

The name of the resource
properties.privateEndpoint

PrivateEndpoint

The resource of private endpoint.
properties.privateLinkServiceConnectionState

PrivateLinkServiceConnectionState

A collection of information about the state of the connection between service consumer and provider.
properties.provisioningState

ProvisioningState

The provisioning state of private endpoint connection resource.
systemData

systemData

Azure Resource Manager metadata containing createdBy and modifiedBy information.
type

string

The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"

PrivateLinkServiceConnectionState

Object

The state of a private link service connection.

Name Type Description
actionsRequired

ActionsRequired

A message indicating if changes on the service provider require any updates on the consumer.
description

string

The description for connection status. For example if connection is rejected it can indicate reason for rejection.
status

ConnectionStatus

The private link service connection status.

ProvisioningState

Enumeration

The provisioning state of the archive at the time the operation was called.

Value Description
Creating
Updating
Deleting
Succeeded
Failed
Canceled

PublicNetworkAccess

Enumeration

Whether or not public network access is allowed for the container registry.

Value Description
Enabled
Disabled

QuarantinePolicy

Object

The quarantine policy for a container registry.

Name Type Default value Description
status

PolicyStatus

disabled

The value that indicates whether the policy is enabled or not.

Registry

Object

An object that represents a container registry.

Name Type Default value Description
id

string (arm-id)

Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}"
identity

IdentityProperties

The identity of the container registry.
location

string

The geo-location where the resource lives
name

string

The name of the resource
properties.adminUserEnabled

boolean

False

The value that indicates whether the admin user is enabled.
properties.anonymousPullEnabled

boolean

False

Enables registry-wide pull from unauthenticated clients.
properties.creationDate

string (date-time)

The creation date of the container registry in ISO8601 format.
properties.dataEndpointEnabled

boolean

Enable a single data endpoint per region for serving data.
properties.dataEndpointHostNames

string[]

List of host names that will serve data when dataEndpointEnabled is true.
properties.encryption

EncryptionProperty

The encryption settings of container registry.
properties.loginServer

string

The URL that can be used to log into the container registry.
properties.networkRuleBypassAllowedForTasks

boolean

False

Whether or not Tasks allowed to bypass the network rules for this container registry.
properties.networkRuleBypassOptions

NetworkRuleBypassOptions

AzureServices

Whether to allow trusted Azure services to access a network restricted registry.
properties.networkRuleSet

NetworkRuleSet

The network rule set for a container registry.
properties.policies

Policies

The policies for a container registry.
properties.privateEndpointConnections

PrivateEndpointConnection[]

List of private endpoint connections for a container registry.
properties.provisioningState

ProvisioningState

The provisioning state of the container registry at the time the operation was called.
properties.publicNetworkAccess

PublicNetworkAccess

Enabled

Whether or not public network access is allowed for the container registry.
properties.roleAssignmentMode

RoleAssignmentMode

LegacyRegistryPermissions

Determines registry role assignment mode.
properties.status

Status

The status of the container registry at the time the operation was called.
properties.zoneRedundancy

ZoneRedundancy

Disabled

Whether or not zone redundancy is enabled for this container registry
sku

Sku

The SKU of the container registry.
systemData

systemData

Azure Resource Manager metadata containing createdBy and modifiedBy information.
tags

object

Resource tags.
type

string

The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"

RegistryListResult

Object

The result of a request to list container registries.

Name Type Description
nextLink

string

The URI that can be used to request the next list of container registries.
value

Registry[]

The list of container registries. Since this list may be incomplete, the nextLink field should be used to request the next list of container registries.

ResourceIdentityType

Enumeration

The identity type.

Value Description
SystemAssigned
UserAssigned
SystemAssigned, UserAssigned
None

RetentionPolicy

Object

The retention policy for a container registry.

Name Type Default value Description
days

integer (int32)

7

The number of days to retain an untagged manifest after which it gets purged.
lastUpdatedTime

string (date-time)

The timestamp when the policy was last updated.
status

PolicyStatus

disabled

The value that indicates whether the policy is enabled or not.

RoleAssignmentMode

Enumeration

Determines registry role assignment mode.

Value Description
AbacRepositoryPermissions
LegacyRegistryPermissions

Sku

Object

The SKU of a container registry.

Name Type Description
name

SkuName

The SKU name of the container registry. Required for registry creation.
tier

SkuTier

The SKU tier based on the SKU name.

SkuName

Enumeration

The SKU name of the container registry. Required for registry creation.

Value Description
Classic
Basic
Standard
Premium

SkuTier

Enumeration

The SKU tier based on the SKU name.

Value Description
Classic
Basic
Standard
Premium

Status

Object

The status of an Azure resource at the time the operation was called.

Name Type Description
displayStatus

string

The short label for the status.
message

string

The detailed message for the status, including alerts and error messages.
timestamp

string (date-time)

The timestamp when the status was changed to the current value.

systemData

Object

Metadata pertaining to creation and last modification of the resource.

Name Type Description
createdAt

string (date-time)

The timestamp of resource creation (UTC).
createdBy

string

The identity that created the resource.
createdByType

createdByType

The type of identity that created the resource.
lastModifiedAt

string (date-time)

The timestamp of resource last modification (UTC)
lastModifiedBy

string

The identity that last modified the resource.
lastModifiedByType

createdByType

The type of identity that last modified the resource.

TrustPolicy

Object

The content trust policy for a container registry.

Name Type Default value Description
status

PolicyStatus

disabled

The value that indicates whether the policy is enabled or not.
type

TrustPolicyType

Notary

The type of trust policy.

TrustPolicyType

Enumeration

The type of trust policy.

Value Description
Notary

UserIdentityProperties

Object
Name Type Description
clientId

string

The client id of user assigned identity.
principalId

string

The principal id of user assigned identity.

ZoneRedundancy

Enumeration

Whether or not zone redundancy is enabled for this container registry

Value Description
Enabled
Disabled