Skip to content

Update scan-images-defender.md #102

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Update scan-images-defender.md #102

wants to merge 1 commit into from
+6 −0

Conversation

mosuhail-vm
Copy link

MDC engineering team confirmed that ARM audience token is required for Defender to scan Images in ACR.

Defender doesnt scan the image if they use Microsoft Entra ACR Audience tokens

a1e22ee9-763f-4635-8259-666fc8ad481e

@mosuhail-vm
Update scan-images-defender.md
f3951fc 
MDC engineering team confirmed that ARM audience token is required for Defender to scan Images in ACR.

Defender doesnt scan the image if they use Microsoft Entra ACR Audience tokens
@prmerger-automator PRMerger Automator
Copy link
Contributor

@mosuhail-vm : Thanks for your contribution! The author(s) and reviewer(s) have been notified to review your proposed change.

@learn-build-service-prod Learn Build Service (PROD)
Copy link
Contributor

Learn Build status updates of commit f3951fc:

✅ Validation status: passed

File Status Preview URL Details
articles/container-registry/scan-images-defender.md ✅Succeeded

For more details, please refer to the build report.

v-dirichards
v-dirichards reviewed Sep 12, 2025
View reviewed changes
articles/container-registry/scan-images-defender.md

> [!NOTE]
>
> For Microsoft Defender for Cloud to scan images in ACR, [**Authentication-as-arm**](container-registry-disable-authentication-as-arm.md) should be enabled
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
> For Microsoft Defender for Cloud to scan images in ACR, [**Authentication-as-arm**](container-registry-disable-authentication-as-arm.md) should be enabled
> For Microsoft Defender for Cloud to scan images in ACR, [**Authentication-as-arm**](container-registry-disable-authentication-as-arm.md) should be enabled.

adding end punctuation

@v-dirichards
Copy link
Contributor

@chasedmicrosoft

Can you review the proposed changes?

Important: When the changes are ready for publication, adding a #sign-off comment is the best way to signal that the PR is ready for the review team to merge.

#label:"aq-pr-triaged"
@MicrosoftDocs/public-repo-pr-review-team

@prmerger-automator prmerger-automator bot added the aq-pr-triaged C+L Pull Request Review Team label label Sep 12, 2025
@mosuhail-vm
Copy link
Author

@chasedmicrosoft Could you please review this PR.

@v-dirichards
Copy link
Contributor

@chasedmicrosoft Could you review this proposed update to your article and enter #sign-off in a comment if it's ready to merge?

Thanks!

@v-dirichards v-dirichards requested a review from Copilot October 14, 2025 21:18
Copilot
Copilot AI reviewed Oct 14, 2025
View reviewed changes
Copy link
Contributor

@Copilot Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR adds a documentation note clarifying that ARM audience token authentication must be enabled for Microsoft Defender for Cloud to properly scan container images in Azure Container Registry (ACR).

  • Added a note section explaining the ARM authentication requirement for Defender scanning

Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.

articles/container-registry/scan-images-defender.md

> [!NOTE]
>
> For Microsoft Defender for Cloud to scan images in ACR, [**Authentication-as-arm**](container-registry-disable-authentication-as-arm.md) should be enabled
Copy link

Copilot AI Oct 14, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The link text 'Authentication-as-arm' doesn't clearly describe what it links to. Consider using more descriptive text like 'ARM audience token authentication' to match the terminology used in the PR description.

Suggested change
> For Microsoft Defender for Cloud to scan images in ACR, [**Authentication-as-arm**](container-registry-disable-authentication-as-arm.md) should be enabled
> For Microsoft Defender for Cloud to scan images in ACR, [**ARM audience token authentication**](container-registry-disable-authentication-as-arm.md) should be enabled

Copilot uses AI. Check for mistakes.

@v-dirichards
Copy link
Contributor

@chasedmicrosoft

Can you review this old PR and determine whether it needs to be closed or merged?

@MicrosoftDocs/public-repo-pr-review-team

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@v-dirichards v-dirichards v-dirichards left review comments

Copilot code review Copilot Copilot left review comments

@chasedmicrosoft chasedmicrosoft Awaiting requested review from chasedmicrosoft

Assignees

@chasedmicrosoft chasedmicrosoft

Labels

aq-pr-triaged C+L Pull Request Review Team label azure-container-registry/svc Change sent to author do-not-merge

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@mosuhail-vm @v-dirichards @chasedmicrosoft