AZ-204 Developing Solutions for Microsoft Azure Exam

You can develop, but can you develop for the cloud? Harness your development skills and learn how to create robust solutions for Microsoft Azure, aiming for your Microsoft Certified: Azure Developer Associate certification!

Practice Test

Exam

Create and manage container images for solutions

Implement containerized solutions

Create and Manage Container Images

In Azure, a container image is a lightweight, standalone package that includes everything needed to run an application. You store these images in the Azure Container Registry (ACR), which acts as a secure, private repository for your files. To get started, you provision a registry using the Azure CLI or the Azure portal. This registry keeps your images organized and ensures they are accessible only to authenticated users. Understanding how ACR works is critical for efficient container management.

Building and pushing a custom image requires the Docker CLI or ACR Tasks, which automate and simplify the process. The typical workflow involves:

  • docker build: creates an image from a Dockerfile.
  • docker tag: assigns a name and version to your image.
  • docker push: uploads the tagged image to your ACR. Before you can push an image, you must authenticate with ACR by using az acr login or through a service principal in your CI/CD pipeline. These steps ensure that only authorized processes can update your registry.

Properly managing tags and versioning is essential for tracking releases and rolling back changes when needed. You can list repositories and tags with:

  • az acr repository list
  • az acr repository show-tags To clean up unused images and save storage space, use az acr repository delete. You can also retag images with az acr repository update to rename or move tags. These practices keep your registry tidy and help you maintain control over your deployments.

Scanning container images for vulnerabilities is a key part of a secure pipeline. ACR integrates with Microsoft Defender for Cloud to automatically scan images upon push. You can also set up ACR Tasks to run custom scanners or third-party tools. By enforcing scan policies, you catch security issues early and reduce the risk of deploying compromised containers. This integration helps you maintain compliance and protect your production environments.

Conclusion

In this section, you learned how to use Azure Container Registry to store and organize container images. You saw how to build and push images with the Docker CLI or ACR Tasks, and how to authenticate securely. Managing tags and versioning keeps your registry organized and helps you roll back when needed. Finally, integrating vulnerability scanning through Microsoft Defender for Cloud and scan policies ensures your images remain secure before deployment. These skills form the foundation for creating and managing container images in Azure solutions.

Publish an image to Azure Container Registry