Closed
Description
Requirements
- Azure CLI
- Azure Container Registry (ACR)
- Azure AD (AAD)
Acceptance Criteria
- A bash script is available to provision ACR and service principals.
- A resource group is provisioned.
- An ACR resource is provisioned in the resource group.
- An AAD service principal is created with permissions to pull images from the ACR.
- An AAD service principal is created with permissions to push and pull images to and from the ACR.
Given script input parameter company 'contoso'
and script input parameter location 'eastus'
when the script is executed
then a resource group exists in East US with the name 'acr-eus-contoso',
and an ACR exists with the name 'acr-eus-contoso' and sku 'Standard' inside the resource group,
and an AAD service principal exists with the name 'acr-contoso-pull', scoped to the ACR resource, and role set to 'acrpull',
and an AAD service principal exists with the name 'acr-contoso-push', scoped to the ACR resource, and role set to 'acrpush'.
Notes
Team identified that this is also needed by bedrock project. There should be a second effort to reconcile how bedrock might consume what is implemented with this story. microsoft/bedrock#210