Skip to content

Enable Management storage account and ACR access from private runners #4532

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
3 tasks
ashis-kar91 opened this issue May 9, 2025 · 0 comments
Open
3 tasks

Enable Management storage account and ACR access from private runners #4532

ashis-kar91 opened this issue May 9, 2025 · 0 comments
Labels
story Stories are the smallest unit of work to be done for a project.

Comments

@ashis-kar91
Copy link
Collaborator

Description

As part of issue #4463 and pull request #4495, we have enabled support for configuring a private agent subnet ID to enable virtual network (vnet) exceptions for accessing Core Key Vault from Github runners.
If private agent subnet ID is not provided in the config, it defaults to just in time public access of the key vault during deployment.

We need to add similar implementation with private agent subnet vnet exception for Management Storage account and ACR to make the private resource access behavior consistent.

Acceptance criteria

  • Should be able to deploy TRE from private runners using CICD
  • Should be able to deploy TRE from local dev machine
  • Public access to the Storage account and ACR should be in disabled state at the end of deployment
@ashis-kar91 ashis-kar91 added the story Stories are the smallest unit of work to be done for a project. label May 9, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
story Stories are the smallest unit of work to be done for a project.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@ashis-kar91