Azure Container Registry Connector
For Azure Container Registry (ACR), you can create a connector to connect to your Azure account.
Create Connector for Azure Container Registry
- In the Container Security UI, go to Assets > Registries and click New Registry.
- Pick Azure Container Registry from the Registry Type menu.
- In the URL field, enter the path to the registry (e.g. https://myregistry.domain:port).
- Click Create New next to the Connector field.
You can delete misconfigured or unused connectors from the Connector list if they are not associated with any registries.
-
On the Connector Details page, give your connector a name.
-
Continue with the steps below to create an application and generate client secret. When you're done, you'll need to paste the application ID and client secret back into the connector details. (Note that the steps you need also appear in the UI, on the right side of the Connector Details screen.)
Create Application in Azure Active Directory
Follow the steps below to create an application in Azure Active Directory and generate the client secret.
- Log on to Microsoft Azure portal, navigate to Azure Active Directory, and then go to App Registrations.
- Click on New Registration and provide the following details:
- Name: A name for the application.
- Supported account types: Single Tenant and Accounts in this organizational directory only.
- Click Register.
- Copy the Application (client) ID.
- Navigate to Certificates & secrets on the left panel and then generate a client secret by clicking on New Client Secret.
Provide the following details:
- Description: A description of the client secret.
- Expires: Never.
- Click Add.
- Copy the Client Secret that is generated.
Assign Service Principal with a Contributor/Reader role to the Application
Follow the steps below to assign a role to the application.
- Navigate to Container registries and then to Access control (IAM) on the left panel.
- Navigate to Role assignments and Add a new role assignment.
Provide the following details:
- Role: Contributor.
- Assign access to: Azure AD user, group or service principal.
- Select: Application created with client secret.
- Click Save.