Skip to content

Support Managed Identity for Image ACR pulling in App Service image update command #28858

New issue
New issue
Open
Open
Support Managed Identity for Image ACR pulling in App Service image update command#28858
Assignees
seligj95madsd
Labels
Auto-AssignAuto assign by botService AttentionThis issue is responsible by Azure service team.Web Appsaz webappapp-service-generalcustomer-reportedIssues that are reported by GitHub users external to the Azure organization.
Milestone
Backlog
@yurymalash

Description

@yurymalash
yurymalash
opened on Apr 30, 2024

Related command

az webapp config container set -g my-resource_group -n my-web-app -c my-acr.azurecr.io/myimage:1.0.0 -r https://my-acr.azurecr.io

Is your feature request related to a problem? Please describe.

Current implementation only supports ACR username and password which is not the safest approach.
See method 'update_container_settings' at line 2195 https://github.com/Azure/azure-cli/blob/dev/src/azure-cli/azure/cli/command_modules/appservice/custom.py

There is no provisioning for authentication to ACR using managed identity.
This is especially annoying considering the fact that Managed Identity is supported in general for App Service ACR pull.

Describe the solution you'd like

'az webapp config container set ' command to use Managed Identity for ACR authentication

Describe alternatives you've considered

I cannot find alternative of the image update without getting back to infra deployment, e.g. Terraform infra supplying the image details. I need more robust way of image update.

Additional context

Metadata

Metadata

Assignees

Labels

Auto-AssignAuto assign by botService AttentionThis issue is responsible by Azure service team.Web Appsaz webappapp-service-generalcustomer-reportedIssues that are reported by GitHub users external to the Azure organization.

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions