On attempt to login to Azure Container Registry with docker login
command using Active Directory credentials I have faced the issue:
Error response from daemon: Get https://myregistry.azurecr.io/v2/: unauthorized: authentication required
It's maybe obvious thing, that there is a problem with permissions, but I could not find correct way to reach the goal.
Please note that:
az acr login --name myregistry
works perfectly fine, and after that I was able to upload my image, but due to specific situation, I need a solution for docker login
command and auth with AD credentials.
I tried to provide required permissons acrpull/acrpush/acrdelete to user using the following doc:
https://docs.microsoft.com/en-us/azure/container-registry/container-registry-auth-service-principal
but with no luck - the same output.
Is there any way to login to ACR with AD credentials using docker login
?
The document that you following is the right way to create a service principal for container registry to auth. You need to assign the right role to the service principal. The role describes in the script:
# Default permissions are for docker pull access. Modify the '--role'
# argument value as desired:
# acrpull: pull only
# acrpush: push and pull
# owner: push, pull, and assign roles
When the service principal is ready. You can log in with the command docker login
with the variables in the script like below:
docker login $ACR_NAME.azurecr.io -u $SP_APP_ID -p $SP_PASSWD
Then it works like this: