Could not able to see the docker image pushed into the container registry.

Question

Could not able to see the docker image pushed into the container registry.

Satyam Kumar 0

User's image

az acr repository list --name <ACR-name> --output table --username <removed_due_to PII_Info> --password

am able to successfully push and pull Docker images to and from my Azure Container Registry (ACR). However, when I navigate to the ACR in the Azure Portal and check the Repositories section, I cannot see the Docker images I pushed. Interestingly, when I use the Azure CLI and authenticate with admin credentials, I can retrieve the list of repositories and confirm that the image I pushed does exist in the registry. I have tried creating new container registries in different ways, but the issue persists.

Pathum Malinga Mahalekam 0 Reputation points

2025-10-14T16:01:18.0833333+00:00
Issue:

You pushed a Docker image to Azure Container Registry (ACR but cannot see it in the portal. The error says:

You do not have permissions to list the repositories for this registry. Please ensure that you have the appropriate role assignments to access registry data plane resources.

Root Cause:

Azure Container Registry uses two permission layers:

Control Plane: Lets you manage the resource (via Azure RBAC).

Data Plane: Required to access image data (list repositories, pull/push images).

If you only have control plane access, you can see the registry but cannot list repositories.

Solution:

Assign Data Plane Role:

Go to ACR → Access Control (IAM).

Add role:

AcrPull (read-only)

AcrPush (read/write)

Or Owner for full access.

Use Azure CLI with RBAC (preferred):

az loginaz

acr repository list --name <ACR-name> --output table

If using admin credentials:

Enable Admin user in ACR settings.

Use --username and --password from the portal.

✅ Tip: Always prefer RBAC roles over admin credentials for better security.
Ankit Yadav 6,760 Reputation points Microsoft External Staff Moderator

2025-10-15T21:58:37.7133333+00:00

Hello Satyam Kumar

Good day! Just checking in if you got a chance to review my suggestion shared earlier. Let me know if it helped to allow you to view the repository details.
Ankit Yadav 6,760 Reputation points Microsoft External Staff Moderator

2025-10-18T01:07:00.8966667+00:00

Hello Satyam Kumar

If the query has been resolved, please take a moment to accept answers and upvote it 👍 to make it helpful to the community.

Thank you for helping to improve Microsoft Q&A!

1 answer

Your answer

Pathum Malinga Mahalekam 0 Reputation points

2025-10-14T16:01:18.0833333+00:00

Issue:

You pushed a Docker image to Azure Container Registry (ACR but cannot see it in the portal. The error says:

You do not have permissions to list the repositories for this registry. Please ensure that you have the appropriate role assignments to access registry data plane resources.

Root Cause:

Azure Container Registry uses two permission layers:

Control Plane: Lets you manage the resource (via Azure RBAC).

Data Plane: Required to access image data (list repositories, pull/push images).

If you only have control plane access, you can see the registry but cannot list repositories.

Solution:

Assign Data Plane Role:

Go to ACR → Access Control (IAM).

Add role:

AcrPull (read-only)

AcrPush (read/write)

Or Owner for full access.

Use Azure CLI with RBAC (preferred):

az loginaz

acr repository list --name <ACR-name> --output table

If using admin credentials:

Enable Admin user in ACR settings.

Use --username and --password from the portal.

✅ Tip: Always prefer RBAC roles over admin credentials for better security.
Ankit Yadav 6,760 Reputation points Microsoft External Staff Moderator

2025-10-15T21:58:37.7133333+00:00

Hello Satyam Kumar

Good day! Just checking in if you got a chance to review my suggestion shared earlier. Let me know if it helped to allow you to view the repository details.
Ankit Yadav 6,760 Reputation points Microsoft External Staff Moderator

2025-10-18T01:07:00.8966667+00:00

Hello Satyam Kumar

If the query has been resolved, please take a moment to accept answers and upvote it 👍 to make it helpful to the community.

Thank you for helping to improve Microsoft Q&A!

Answer 1

Hello Satyam Kumar

From the Portal snippet shared, it looks like you are not the owner for the ACR resource, could you please answer below queries to understand more about your issue :

Do you have the read roles assigned to your user by the Owner of the resource?
For the azure cli command failure, are you using service Principal to login to the ACR or are you using the Admin credentials?
If it's service principal, can you please review and share what IAM roles you have assigned to your service principal.
Also is your ACR publicly accessible or is it part of some private endpoint?

In order to replicate the issue on my end, I created an ACR and assigned AcrPull

to my teammate at the resource group level, along with the Reader at the resource group scope and he was able to access it.

User's image

Additionally, I created a new service principal using the bash script listed out here: https://xtls-v4.hkg1.meaqua.org/en-us/azure/container-registry/container-registry-auth-service-principal#create-a-service-principal

Sharing the Azure CLI sample command that worked for me:

az acr login --name <ACR-Name> -u <Service principal ID> -p <Service principal password>

az acr repository list --name <ACR-Name> --output table

User's image

Share via

Could not able to see the docker image pushed into the container registry.

1 answer

Your answer