CybeDefend Configuration
| Field | Description | Example |
|---|---|---|
| Login Server | Your ACR login server URL | myregistry.azurecr.io |
| Service Principal App ID | Application (client) ID of the service principal | xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx |
| Service Principal Password | Service principal password/secret | ***** |
| Description | Optional description for the registry | Production ACR registry |
How to Get Azure Container Registry Credentials
Option A: Admin User (Quick Setup)
1
Access Azure Portal
Go to Azure Portal → Container Registries → Select your registry
2
Enable Admin User
Go to Settings → Access keys → Enable Admin user
3
Copy Credentials
Copy the username and password provided
Option B: Service Principal (Recommended)
1
Create Service Principal
Create a Service Principal with the AcrPull or AcrPush role
2
Assign Role
Assign the Service Principal to your ACR with appropriate permissions
3
Enter Credentials
Enter the Service Principal App ID and password in CybeDefend
Security Best Practices
Use Service Principals
Prefer Service Principals over Admin User for production environments.
AcrPull Role
Use the minimal
AcrPull role for scanning operations only.Rotate Secrets
Rotate Service Principal secrets regularly to minimize exposure.
Use Managed Identities
When running in Azure, prefer Managed Identities for authentication.
Troubleshooting
Authentication Failed
Authentication Failed
- Verify Service Principal App ID and password are correct
- Check if the client secret has expired
- Ensure the login server URL is correct
Permission Denied
Permission Denied
- Verify the Service Principal has
AcrPullrole - Check RBAC assignments on the registry