Azure Container Registry
An Azure service that provides a registry of Docker and Open Container Initiative images.
403 questions
Is it possible to use ACR ExportPipeline/ImportPipeline without SAS tokens and KeyVault policies?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(272, 67%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVZ%3C/text%3E%3C/svg%3E)
Valeriy Zabawski
0
Reputation points
I'm trying to solve the problem of copying images from ACR instance located in subscription A to ACR instance located in subscription B. Both of those ACRs don't have public access, so I've discovered preview functionality called ExportPipeline which seem to solve my issue.
https://learn.microsoft.com/en-us/azure/container-registry/container-registry-transfer-cli
When I was trying to use this approach, I've discovered this guide points at a legacy Key Vault policy setup guide and commands provided in this guide are not relevant anymore.
At the same time, az acr export-pipeline create command requires --secret-uri to be provided. Is it possible to use export/import pipelines without SAS tokens for storage accounts, relying on EntraID and managed identity that has proper role assignments on ACR and storage account levels?
{count} votes
-
Luke Murray 10,611 Reputation points MVP2024-03-23T22:47:23.3133333+00:00 The export-pipeline command has an assign-identity parameter that can be used to create a User Assigned Managed Identity.
It looks like you can. If you created your pipeline with a user-assigned identity, simply give this user-assigned identity
secret getaccess policy permissions on the keyvault.Q. Have you had any issues with this? If so, supply a screenshot/error so we can take a look and do some testing?
Reference: ACR Transfer with Az CLI
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(76.8, 74%, 17%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAN%3C/text%3E%3C/svg%3E)
Anveshreddy Nimmala 2,790 Reputation points Microsoft Vendor2024-03-26T04:28:50.7033333+00:00 Hello Valeriy Zabawski
We haven’t heard from you on the last response and was just checking back to see if you have a resolution yet. In case if you have any resolution please do share that same with the community as it can be helpful to others. Otherwise, will respond with more details and we will try to help
Sign in to comment