forked from Azure-Samples/cosmos-aks-keda
-
Notifications
You must be signed in to change notification settings - Fork 0
/
acr.bicep
35 lines (28 loc) · 951 Bytes
/
acr.bicep
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
param acrName string
param location string = resourceGroup().location
param principalId string
resource acr 'Microsoft.ContainerRegistry/registries@2022-02-01-preview' = {
name: acrName
location: location
sku: {
name: 'Premium'
}
properties: {
adminUserEnabled: true
}
}
output acrid string = acr.id
@description('This is the built-in role to Pull artifacts from a container registry. See https://docs.microsoft.com/en-us/azure/role-based-access-control/built-in-roles#acrpull')
resource acrPullDefinition 'Microsoft.Authorization/roleDefinitions@2018-01-01-preview' existing = {
scope: resourceGroup()
name: '7f951dda-4ed3-4680-a7ca-43fe172d538d'
}
resource aksAcrPermissions 'Microsoft.Authorization/roleAssignments@2020-04-01-preview' = {
name: guid(resourceGroup().id)
scope: acr
properties: {
principalId: principalId
roleDefinitionId: acrPullDefinition.id
principalType: 'ServicePrincipal'
}
}