Created
January 30, 2022 18:27
-
-
Save fabriciosanchez/741aabc29e49749aaac0d6703f2364c1 to your computer and use it in GitHub Desktop.
Creates a new vault, creates a new service principal and attributes proper permissions to it.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# CREATING A NEW KEY VAULT | |
az keyvault create -g $RG --name $AKV_NAME | |
# CREATING A SERVICE PRINCIPAL AND STORING IT (USER AND PASSWORD) INTO AKV | |
az keyvault secret set \ | |
--vault-name $AKV_NAME \ | |
--name $ACR_NAME-pull-pwd \ | |
--value $(az ad sp create-for-rbac \ | |
--name $ACR_NAME-pull \ | |
--scopes $(az acr show --name $ACR_NAME --query id --output tsv) \ | |
--role acrpull \ | |
--query password \ | |
--output tsv) | |
az keyvault secret set \ | |
--name $ACR_NAME-pull-usr \ | |
--value $(az ad sp list --display-name $ACR_NAME-pull --query "[].appId" --output tsv) \ | |
--vault-name $AKV_NAME |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment