Allows Access Control to enable access to ACR about acr HOT 4 CLOSED

Current solution only enables IAM users which are service principals.
For AAD, #32 is what is currently being worked on and login will be supported through the CLI

from acr.

I am not sure what the value of #32 is. The ability to use AAD credentials to pull images from a registry seems like a entry level requirement. Without this, the overhead of creating service principals for every user that needs individual access controls is crazy. At DockerCon, I was told this feature was being worked on.

from acr.

@erichexter - #32 will enable to use IAM with AAD users on a registry users. Currently ACR is based on Basic auth. With the AAD implementation, we will integrate the device login scenario which should enable AAD users to be assigned to the registry resource and perform pull/push depending on the IAM permissions for that user on the registry.
Service Principals are managed with AAD and do not require 2FA and hence can be used in a non-interactive flow and is clearly targeting a headless scenario where as user login as you pointed out should be AAD. With AAD and 2FA the token flow is different and as per Dockers recommendation we will have to make this an oauth model and hence a change to ACR on the service side + client side is required.

from acr.

Managed registries are now in preview. We should be able to open issues under that for AAD.
Registries with your own storage account will be provided an option to migrate up before Managed registries goes GA.

from acr.