You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/container-apps/managed-identity-image-pull.md
+19-6Lines changed: 19 additions & 6 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -93,7 +93,15 @@ Create a container app revision with a private image and the system-assigned man
93
93
1. Select **Save**.
94
94
1. Select **Create** from the **Create and deploy new revision** page.
95
95
96
-
A new revision will be created and deployed. The portal will automatically attempt to add the `acrpull` role to the user-assigned managed identity. If the role isn't added, you can add it manually.
96
+
A new revision will be created and deployed. The portal will automatically attempt to add the `acrpull` role to the user-assigned managed identity. If the role isn't added, you can add it manually.
97
+
98
+
You can verify that the role was added by checking the identity from the **Identity** pane of the container app page.
99
+
100
+
1. Select **Identity** from the left menu.
101
+
1. Select the **User assigned** tab.
102
+
1. Select the user-assigned managed identity.
103
+
1. Select **Azure role assignments** from the menu on the managed identity resource page.
104
+
1. Verify that the `acrpull` role is assigned to the user-assigned managed identity.
97
105
98
106
### Clean up resources
99
107
@@ -172,6 +180,15 @@ Edit the container to use the image from your private Azure Container Registry,
172
180
1. Select **Create** at the bottom of the **Create and deploy new revision** page
173
181
1. After a few minutes, select **Refresh** on the **Revision management** page to see the new revision.
174
182
183
+
A new revision will be created and deployed. The portal will automatically attempt to add the `acrpull` role to the system-assigned managed identity. If the role isn't added, you can add it manually.
184
+
185
+
You can verify that the role was added by checking the identity in the **Identity** pane of the container app page.
186
+
187
+
1. Select **Identity** from the left menu.
188
+
1. Select the **System assigned** tab.
189
+
1. Select **Azure role assignments**.
190
+
1. Verify that the `acrpull` role is assigned to the system-assigned managed identity.
191
+
175
192
### Clean up resources
176
193
177
194
If you're not going to continue to use this application, you can delete the Azure Container Apps instance and all the associated services by removing the resource group.
@@ -435,7 +452,7 @@ Create your container app with your image from the private registry authenticate
435
452
436
453
# [Azure CLI](#tab/azure-cli)
437
454
438
-
Copy the identity's resource ID to paste into the *\<IDENTITY_ID\>* placeholders in the command below.
455
+
Copy the identity's resource ID to paste into the *\<IDENTITY_ID\>* placeholders in the command below. If your image tag isn't `latest`, replace 'latest' with your tag.
439
456
440
457
```azurecli
441
458
echo $IDENTITY_ID
@@ -557,9 +574,6 @@ New-AzContainerApp @AppArgs
557
574
558
575
Update the container app with the image from your private container registry and add a system-assigned identity to authenticate the Azure Container Registry pull. You can also include other settings necessary for your container app, such as ingress, scale and Dapr settings.
559
576
560
-
If you are using an image tag other than `latest`, replace the `latest` value with your value.
561
-
562
-
563
577
# [Azure CLI](#tab/azure-cli)
564
578
565
579
Set the registry server and turn on system-assigned managed identity in the container app.
@@ -572,7 +586,6 @@ az containerapp registry set \
![prmerger-automator[bot]](https://avatars.githubusercontent.com/u/22479449?v=4&size=40){kind=avatar}
0 commit comments