Can someone help me configure AKS to pull containers from ACR using the ACR access key(s) please?
I am learning AKS. I understand the benefits to using managed identity, and the security risks associated with shared access keys. However, this is a test playground, and I have only contributor access within my subscription and thus no ability to create role assignments on my resource groups. (I will get the rights in the new year when everyone is back, and I request them but want to learn this week :).)
I have a test AKS and ACR that I will blow away shortly. As I can't grant the required RBAC assignments to any principals, I would like to know if I can instead utilise SAS tokens? Can someone help me configure AKS to pull containers from ACR using the ACR access key(s) please?
Hi paul using ACR access keys directly is not a recommended practice for production scenarios due to security concerns. In a production environment, it's better to use managed identities or service principals Go to the Azure portal. Navigate to your Azure Container Registry. In the ACR's left navigation pane, click on "Access keys." Copy the value of "Login server" as it will be used as ACR_NAME.azurecr.io. Configure AKS to Use ACR Access Key
Folow these docs for detailed info https://learn.microsoft.com/en-us/azure/container-registry/
https://learn.microsoft.com/en-us/azure/container-registry/container-registry-get-started-docker-cli?tabs=azure-cli