You are configuring an Azure Kubernetes Service (AKS) cluster that will connect to an Azure Container Registry. You need to use the auto-generated service principal to authenticate to the Azure Container Registry. What should you create?
Experience Level: Junior
Tags: Azure CloudAzure Container RegistryAzure Kubernetes Service
Answer
- When you create an AKS cluster, Azure also creates a service principal to support cluster operability with other Azure resources.
- This service principal can already authenticate to AAD (since it was created in AAD).
- But it needs to have RBAC permissions on the ACR Registry to pull images.
- To assign the permissions, you need to create an Azure RBAC role assignment that grants the cluster's service principal access to the container registry.
Related Azure Cloud job interview questions
According to Microsoft Cloud Adoption Framework (CAF), what are the three specific terms related to Management phaze that can help improve conversations among business stakeholders?
Microsoft Cloud Adoption Framework (CAF) JuniorWhat are 6 key steps for establishing a management baseline according to Microsoft Cloud Adoption Framework (CAF)?
Microsoft Cloud Adoption Framework (CAF) JuniorWhat is management baseline according to Microsoft Cloud Adoption Framework (CAF)?
Microsoft Cloud Adoption Framework (CAF) JuniorWhat are the 5 disciplines of cloud governance according to Microsoft Cloud Adoption Framework (CAF)?
Microsoft Cloud Adoption Framework (CAF) JuniorIs Cloud Security Posture Management (CSPM) available for all Azure Subscriptions?
Microsoft Defender Junior