https://pulumi.com logo
Title
m

melodic-student-71781

07/27/2021, 6:36 PM
Hi, I'm trying to emulate
az aks create [...] --attach-acr $MYACR
where the cluster uses a managed identity instead of an explicit service principal. As far as I understand it, I need to add a
RoleAssignment
with
scope
=containerRegistryId and
roleDefinitionId
="AcrPull". RoleAssignment contains `principalId`(required) and
delegatedManagedIdentityResourceId
(optional). How do I fill these two fields? I'm guessing
delegatedManagedIdentityResourceId
should be the id of the AKS cluster, but what's the
principalId
if there is no principal?
b

breezy-cricket-40277

07/29/2021, 2:40 PM
Did you managed to solve it? Having the same issue.