Skip to content

Support VNet #297

New issue
New issue
Closed
Closed
Support VNet#297
Assignees
djyou
@djyou

Description

@djyou
djyou
opened on Nov 21, 2018

This is a proposal of new commands to support VNet in ACR.

  • Commands with additional arguments to support VNet
    > az acr create -n registry -h
    > az acr update -n registry -h
Network Rule Arguments
    --default-action               : Default action to apply when no rule matches.  Allowed values:
                                     Allow, Deny.
  • Network rule set will be part of registry properties (the following shows a registry with one vnet/subnet configured)
    > az acr show -n registry
{
    "adminUserEnabled": true,
    "creationDate": "2018-08-20T19:00:55.080406+00:00",
    "id": "/subscriptions/42faadea-9997-495e-93e4-4d94809b829c/resourceGroups/myRG/providers/Microsoft.ContainerRegistry/registries/registry",
    "location": "westus2",
    "loginServer": "registry.azurecr.io",
    "name": "registry",
    "provisioningState": "Succeeded",
    "resourceGroup": "myRG",
    "sku": {
        "name": "Premium",
        "tier": "Premium"
    },
    "status": null,
    "storageAccount": null,
    "tags": {},
    "type": "Microsoft.ContainerRegistry/registries",
    "networkRuleSet": {
        "defaultAction": "Deny",
        "virtualNetworkRules": [
            {
                "action": "Allow",
                "virtualNetworkResourceId": "/subscriptions/dfb63c8c-7c89-4ef8-af13-75c1d873c895/resourceGroups/myRG/providers/Microsoft.Network/virtualNetworks/myvnet/subnets/default"
            }
        ]
    }
}
  • List network rules
    > az acr network-rule list -n registry
{
    "defaultAction": "Deny",
    "virtualNetworkRules": [
        {
            "action": "Allow",
            "virtualNetworkResourceId": "/subscriptions/dfb63c8c-7c89-4ef8-af13-75c1d873c895/resourceGroups/myRG/providers/Microsoft.Network/virtualNetworks/myvnet/subnets/default"
        }
    ]
}

  • Add a network rule using a subnet's resource ID
    > az acr network-rule add --subnet "/subscriptions/dfb63c8c-7c89-4ef8-af13-75c1d873c895/resourceGroups/myRG/providers/Microsoft.Network/virtualNetworks/myvnet/subnets/default" -n registry

  • Add a network rule using vnet/subnet names (used when the vnet is in the same resource group as the registry)
    > az acr network-rule add --vnet-name myvnet --subnet default -n registry

  • Remove a network rule using a subnet's resource ID
    > az acr network-rule remove --subnet "/subscriptions/dfb63c8c-7c89-4ef8-af13-75c1d873c895/resourceGroups/myRG/providers/Microsoft.Network/virtualNetworks/myvnet/subnets/default" -n registry

  • Remove a network rule using vnet/subnet names (used when the vnet is in the same resource group as the registry)
    > az acr network-rule remove --vnet-name myvnet --subnet default -n registry

Metadata

Metadata

Assignees

Labels

No labels
No labels

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions