[英]Azure Container Instances: authenticate to private ACR with client certificate based service principal in ARM template
The Azure Container Instances ARM template schema exposes the below fields to authenticate to pull an image from a private ACR using a service principal: Azure 容器实例 ARM 模板模式公开了以下字段以进行身份验证,以使用服务主体从私有 ACR 中提取图像:
"imageRegistryCredentials": [
{
"server": "myacrserver.azurecr.io",
"username": "00000-000-000-00", // Service principal application ID
"password": "servicePrincipalClientSecret"
}
],
Using an ARM template based deployment, is it possible to use a service principal with a client certificate based login, instead of a client secret?使用基于 ARM 模板的部署,是否可以将服务主体与基于客户端证书的登录一起使用,而不是使用客户端密码? Can I specify the "password" field to be the base64 encoding of the private key of the certificate that can be used to access the relevant service principal?我可以将“密码”字段指定为可用于访问相关服务主体的证书私钥的 base64 编码吗?
I'm afraid it's impossible.恐怕是不可能的。 ARM template does not have the property to set the credential with a certificate instead of the secret. ARM 模板没有使用证书而不是秘密设置凭据的属性。 Maybe it's possible in the future, but not it does not support it.也许以后可以,但不是不支持。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.