Sorry if it is a dump question. I was wondering what value it brings when we use multiple registries. It makes CICD process more complex. Rather than creating different registries per environment why can't we use a single registry and try to make it more secure. what are the benefits of using different acr, securitywise and operationalwise?
Yes that is definitely an option, however most of the enterprise companies prefer keeping the registries completely separate, from both a "user access" perspective as well as a network perspective. If you have a registry sitting on the dev-env network, that most likely is not reachable from the prod network, as son on .
So security wise it is definitely more secure (if you need that level of security or not is another discussion :D ). Operations-wise it may make things a little more complex (you have to manage more registries) but imho it respect the "separation of concerns" principle :)
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Sorry if it is a dump question. I was wondering what value it brings when we use multiple registries. It makes CICD process more complex. Rather than creating different registries per environment why can't we use a single registry and try to make it more secure. what are the benefits of using different acr, securitywise and operationalwise?
Yes that is definitely an option, however most of the enterprise companies prefer keeping the registries completely separate, from both a "user access" perspective as well as a network perspective. If you have a registry sitting on the dev-env network, that most likely is not reachable from the prod network, as son on .
So security wise it is definitely more secure (if you need that level of security or not is another discussion :D ). Operations-wise it may make things a little more complex (you have to manage more registries) but imho it respect the "separation of concerns" principle :)