ACR | Trusted Azure services

Hi!

Azure Container Registry can allow select trusted Azure services to access a registry that’s configured with network access rules. When trusted services are allowed, a trusted service instance can securely bypass the registry’s network rules and perform operations such as pull or push images. 

Trusted serviceSupported usage scenariosConfigure managed identity with RBAC role
Azure Container InstancesDeploy to Azure Container Instances from Azure Container Registry using a managed identityYes, either system-assigned or user-assigned identity
Microsoft Defender for CloudVulnerability scanning by Microsoft Defender for container registriesNo
ACR TasksAccess the parent registry or a different registry from an ACR TaskYes
Machine LearningDeploy or train a model in a Machine Learning workspace using a custom Docker container imageYes
Azure Container RegistryImport images to or from a network-restricted Azure container registryNo

To enable:

az acr update --name myregistry --allow-trusted-services true 

To disable:

az acr update --name myregistry --allow-trusted-services false

Maxime.

Démarrez une conversation

Votre adresse e-mail ne sera pas publiée.