melodic-student-71781
07/27/2021, 6:36 PMaz aks create [...] --attach-acr $MYACR
where the cluster uses a managed identity instead of an explicit service principal.
As far as I understand it, I need to add a RoleAssignment
with scope
=containerRegistryId and roleDefinitionId
="AcrPull".
RoleAssignment contains `principalId`(required) and delegatedManagedIdentityResourceId
(optional).
How do I fill these two fields?
I'm guessing delegatedManagedIdentityResourceId
should be the id of the AKS cluster, but what's the principalId
if there is no principal?breezy-cricket-40277
07/29/2021, 2:40 PM