Azure Container Instances Python API - fails to fetch image from Azure Container Registry
Based on this guide I wrote this sample code which works for the default image ("microsoft/aci-helloworld"), but fails when changing to an image from an Azure Container Registry in my azure subscription.
The error message is:
The image 'mytest.azurecr.io/myimage:latest' in container group '' is not accessible. Please check the image and registry credential.
I found this similar SO thread but the sample code already uses the solution from that question (using file based auth).
I've also tried my image name with/without the ":latest" suffix, and made sure that a "docker pull mytest.azurecr.io/myimage:latest" succeeds.
Edit: Adding ACR screenshot:
Note: I've also tried the C# code sample (according to the similar SO thread), and received the same error. I'm probably missing something that's configuration related. How do I allow the service principal to have access to the ACR? I created the principal according to the guide:
az ad sp create-for-rbac --sdk-auth > my.azureauth
Does this mean this service principal should have access to any ACR in the same subscription?
The missing part was adding the ACR's credentials. The fixed code looks like so (you have tot set the server, username and password in the ImageRegistryCredential instance):
credentials = [ImageRegistryCredential(server='myregistry.azurecr.io', username='acr_username', password='acr_password')]
group = ContainerGroup(location=resource_group.location,
containers=[container],
os_type=OperatingSystemTypes.linux,
ip_address=group_ip_address,
image_registry_credentials=credentials)