Skip to content

Instantly share code, notes, and snippets.

@buzztaiki
Created July 10, 2023 01:21
Show Gist options
  • Save buzztaiki/ade531f289c7d3ad36f9b8e7f74b1ba7 to your computer and use it in GitHub Desktop.
Save buzztaiki/ade531f289c7d3ad36f9b8e7f74b1ba7 to your computer and use it in GitHub Desktop.
Azure で az acr build するのに最低限の権限

Built-in role がないのでね。

{
  "roleName": "My AcrBuild",
  "roleType": "CustomRole",
  "description": "Build images in a container registry.",

  "permissions": [
    {
      "actions": [
        "Microsoft.ContainerRegistry/registries/read",
        "Microsoft.ContainerRegistry/registries/scheduleRun/action",
        "Microsoft.ContainerRegistry/registries/listBuildSourceUploadUrl/action",
        "Microsoft.ContainerRegistry/registries/runs/listLogSasUrl/action"
      ],
      "dataActions": [],
      "notActions": [],
      "notDataActions": []
    }
  ],
  "assignableScopes": [
    "<my-subscription>"
  ]
}

Azure/acr#174 (comment) にコメントしておいた。

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment