Open majastrz opened 2 years ago
Related to #4884.
Will this also allow for querying a single ACR instance across tenants? So I create ACR in tenant A, but want to reference in a deployment to tenant B.
Yes, that should work. These tokens are really using Basic Authentication, so they wouldn't be tied to any AAD tenant.
Are there any plan to support generating the actual token credential from bicep too (password1
and password2
)?
Looks like currently the only available solution is through the CLI.
In my case, I would like to then inject it as a keyvault secret or reuse it to configure other resources.
hey @alex-frankel any update one this?
@alex-frankel I'm also looking forward to this feature, to use scope maps. Since template spec doesn't work between different tenants...
+1. Bicep module restore not working for ACR in another tenant is a major hurdle if you have a dev and prod tenant (private registries for bicep are kinda useless without this IMHO)
Hey @alex-frankel any update on token support?
No major updates, but @sydkar / @majastrz are working out a plan to update the ORAS .NET client such that we can take a dependency on it instead of relying on the ACR SDK which binds us to ACR. We might know more in about a month.
Hey, Just wondering if there is any update on this?
Any update?
ACR premium supports authenticating via tokens: https://docs.microsoft.com/en-us/azure/container-registry/container-registry-repository-scoped-permissions. We should support that for ACR requests.