IAM & access control

Azure Active Directory (AAD)

note: below are azure cli commands

List users

az ad user list

Create User

az ad user create --display-name
                  --password
                  --user-principal-name
                  [--force-change-password-next-sign-in {false, true}]
                  [--immutable-id]
                  [--mail-nickname]

Storage

Blobs

Add permissions for container

First, list all storage accounts. Thereof, we are interested in the scope, namely what comes after "id" elements.
az storage account list | grep id
you'll get something as:

/subscriptions/<subscription>/resourceGroups/<resource-group>/providers/Microsoft.Storage/storageAccounts/<storage-account>/blobServices/default/containers/<container>
Having identified the scope, and knowing your container name you can now:

az role assignment create \ --role "Owner" \ --assignee <your-id> \ --scope "/subscriptions/<subscription>/resourceGroups/<resource-group>/providers/Microsoft.Storage/storageAccounts/<storage-account>/blobServices/default/containers/<container>"

Copy to azure blob via azcopy

logging in via AAD

After having assigned the roles for access appropriately, you need to install azcopy on the machine where you'll copy from.
azcopy login --tenant-id=<AAD-tenant-id>

copy

single file

az copy "[path-to-file]" "https://[account].blob.core.windows.net/[container]/[path/to/container-directory]"

Dev-Ops

Create and push local image to Azure Container Registry

After creating your container registry, you can spawn an admin user and (2) passwords. This practice is not avised unless temporarily for pushing your image. You should deactivate your admin credentials in the end. Alternatively, you can assign pull/push roles to an azure server principal.

read -sp "Continer Registry Admin Credentials: " SP_PASSWD && echo && docker login <registryname>.azurecr.io --username <admin-usr> --password $SP_PASSWD
docer images
docker tag <your-image-id> <registryname>.azurecr.io/<tag>
docker push <registryname>.azurecr.io/<tag>```

Azure - Davz33/tutorials GitHub Wiki

IAM & access control

Azure Active Directory (AAD)

List users

Create User

Storage

Blobs

Add permissions for container

Copy to azure blob via azcopy

logging in via AAD

copy

single file

directory

Dev-Ops

Create and push local image to Azure Container Registry

Davz33 tutorials 🥇

⚠️ GitHub.com Fallback ⚠️

Azure - Davz33/tutorials GitHub Wiki

IAM & access control

Azure Active Directory (AAD)

List users

Create User

Storage

Blobs

Add permissions for container

Copy to azure blob via azcopy

logging in via AAD

copy

single file

directory

Dev-Ops

Create and push local image to Azure Container Registry

Davz33 tutorials 🥇

⚠️ **GitHub.com Fallback** ⚠️

⚠️ GitHub.com Fallback ⚠️