Created
November 8, 2020 04:07
-
-
Save nilesh93/8d5a6770f0ab152bf05116ff10ff0979 to your computer and use it in GitHub Desktop.
arg1=ACR_NAME, arg2=SERVICE_PRINCIPAL_NAME
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #generate service pricipal id and password using below command under shell script file | |
| # Modify for your environment. | |
| ACR_NAME=$1 | |
| SERVICE_PRINCIPAL_NAME=$2 | |
| ACR_NAME=cloudmanager.azurecr.io | |
| SERVICE_PRINCIPAL_NAME=acr-service-principal | |
| # Obtain the full registry ID for subsequent command args | |
| ACR_REGISTRY_ID=$(az acr show --name $ACR_NAME --query id --output tsv) | |
| # Create the service principal with rights scoped to the registry. | |
| # Default permissions are for docker pull access. Modify the '--role' | |
| # argument value as desired: | |
| # acrpull: pull only | |
| # acrpush: push and pull | |
| # owner: push, pull, and assign roles | |
| SP_PASSWD=$(az ad sp create-for-rbac --name http://$SERVICE_PRINCIPAL_NAME --scopes $ACR_REGISTRY_ID --role acrpush --query password --output tsv) | |
| SP_APP_ID=$(az ad sp show --id http://$SERVICE_PRINCIPAL_NAME --query appId --output tsv) | |
| # Output the service principal's credentials; use these in your services and | |
| # applications to authenticate to the container registry. | |
| echo "Service principal ID: $SP_APP_ID" | |
| echo "Service principal password: $SP_PASSWD" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment