{"id":5503,"date":"2019-08-10T18:24:19","date_gmt":"2019-08-10T22:24:19","guid":{"rendered":"\/db-blog\/?p=5503"},"modified":"2020-02-22T22:08:44","modified_gmt":"2020-02-23T03:08:44","slug":"azure-configure-the-azure-cli-in-the-development-environment-for-containerization","status":"publish","type":"post","link":"https:\/\/droidbasement.com\/db-blog\/azure-configure-the-azure-cli-in-the-development-environment-for-containerization\/","title":{"rendered":"Azure \u2013 Configure the CLI in the Development Environment for Containerization"},"content":{"rendered":"\n

In this article we will setup the Azure CLI to interact with AWS AKS (Azure Kubernetes Service) and Azure ACR (Azure Container Registry)). <\/p>\n\n\n\n

<\/p>\n\n\n\n

–>
UI Console -> Azure Active Directory
App registrations -> New registration -> * Name: container-admin -> Supported account types: Accounts in this organizational directory only -> Register<\/p>\n\n\n\n

container-admin -> Certificates & secrets -> New client secret -> Description: azure-cli ; Expires: In 1 year -> Add -> Take note of the <Client secret value><\/p>\n\n\n\n

Search for (top left): Subscriptions -> Click your subscription -> Access control (IAM) -> Add -> Add role assignment -> Role: Azure Kubernetes Service Cluster Admin Role -> Assign access to: Azure AD user, group, or service principal -> Select: (search for) container-admin -> Save<\/p>\n\n\n\n

Azure Active Directory -> App registrations -> container-admin -> Overview -> Take note of the <Application (client) ID> and <Directory (tenant) ID><\/p>\n\n\n\n

 $ [[ ! -d ~\/.azure ]] && mkdir ~\/.azure<\/pre>\n\n\n\n
(Replace <Application (client) ID>, <Client secret value> and <Directory (tenant) ID>  below):<\/p>\n\n\n\n
$ cat << \"EOF\" > ~\/.azure\/credentials\n> [container-admin]\n> application_id=<Application (client) ID>\n> client_secret=<Client secret value>\n> directory_id=<Directory (tenant) ID>\n> EOF\n$ chmod o-rw,g-w ~\/.azure\/credentials<\/pre>\n\n\n\n
Add a function in to your startup to parse the above file for pertinent login information as a servicePrincipal and run az login in a sub-shell when you execute it (ensure you get pertinent output regarding the Subscription):<\/p>\n\n\n\n
$ cat << 'EOF' >> ~\/.bashrc\n>\n> function az-login-sp() {\n>         (export $(grep -v '^\\[' $HOME\/.azure\/credentials | xargs) && az login --service-principal -u $application_id -p $client_secret --tenant $directory_id)\n> }\n> EOF\n$ . ~\/.bashrc\n$ az-login-sp<\/pre>\n\n\n\n
Ensure you get appropriate output (the value will be []):<\/p>\n\n\n\n
$ az aks list<\/pre>\n\n\n\n
Ensure you get appropriate output (the value will be []):<\/p>\n\n\n\n
$ az acr list<\/pre>\n\n\n\n
<–<\/p>\n\n\n\n
<\/p>\n\n\n\n
References:<\/p>\n","protected":false},"excerpt":{"rendered":"
In this article we will setup the Azure CLI to interact with AWS AKS (Azure Kubernetes Service) and Azure ACR (Azure Container Registry)). –>UI Console -> Azure Active DirectoryApp registrations -> New registration -> * Name: container-admin -> Supported account types: Accounts in this organizational directory only -> Register container-admin -> Certificates & secrets -> […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[5],"tags":[],"class_list":["post-5503","post","type-post","status-publish","format-standard","hentry","category-devops"],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/droidbasement.com\/db-blog\/wp-json\/wp\/v2\/posts\/5503","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/droidbasement.com\/db-blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/droidbasement.com\/db-blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/droidbasement.com\/db-blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/droidbasement.com\/db-blog\/wp-json\/wp\/v2\/comments?post=5503"}],"version-history":[{"count":14,"href":"https:\/\/droidbasement.com\/db-blog\/wp-json\/wp\/v2\/posts\/5503\/revisions"}],"predecessor-version":[{"id":5814,"href":"https:\/\/droidbasement.com\/db-blog\/wp-json\/wp\/v2\/posts\/5503\/revisions\/5814"}],"wp:attachment":[{"href":"https:\/\/droidbasement.com\/db-blog\/wp-json\/wp\/v2\/media?parent=5503"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/droidbasement.com\/db-blog\/wp-json\/wp\/v2\/categories?post=5503"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/droidbasement.com\/db-blog\/wp-json\/wp\/v2\/tags?post=5503"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}