RES_GROUP=acivnet # Resource Group name ACR_NAME=acivnetacr # Azure Container Registry registry name AKV_NAME=acivnetkv # Azure Key Vault vault name
az keyvault create -g $RES_GROUP -n $AKV_NAME
az keyvault secret set
--vault-name $AKV_NAME
--name $ACR_NAME-pull-pwd
--value $(az ad sp create-for-rbac
--name http://$ACR_NAME-pull
--scopes $(az acr show --name $ACR_NAME --query id --output tsv)
--role acrpull
--query password
--output tsv)
az keyvault secret set
--vault-name $AKV_NAME
--name $ACR_NAME-pull-usr
--value $(az ad sp show --id http://$ACR_NAME-pull --query appId --output tsv)
ACR_LOGIN_SERVER=$(az acr show --name $ACR_NAME --resource-group $RES_GROUP --query "loginServer" --output tsv)
az container create
--name hieuacivnet
--resource-group $RES_GROUP
--image $ACR_LOGIN_SERVER/aci-helloworld:v1
--registry-login-server $ACR_LOGIN_SERVER
--registry-username $(az keyvault secret show --vault-name $AKV_NAME -n $ACR_NAME-pull-usr --query value -o tsv)
--registry-password $(az keyvault secret show --vault-name $AKV_NAME -n $ACR_NAME-pull-pwd --query value -o tsv)
--vnet aci-vnet
--vnet-address-prefix 10.0.0.0/16
--subnet aci-subnet
--subnet-address-prefix 10.0.0.0/24
// --dns-name-label aci-demo-$RANDOM
// --query ipAddress.fqdn
52.187.133.35