Azure
Content Trust for ACR encrypted with CMK
What is the problem you're trying to solve Currently for the ACR encrypted with CMK, content trust cannot be implemented as per this documentation
https://azure.github.io/PSRule.Rules.Azure/en/rules/Azure.ACR.ContentTrust/
Content trust is currently not supported in a registry that's encrypted with a customer-managed key. When using customer-managed keys, content trust can not be enabled.
Describe the solution you'd like Is there any feature request being planned for enabling this content trust feature for ACR encrypted with CMK. If Yes, what is the tentative date decided by the Microsoft ACR team and if we can track that anywhere.
Additional context Add any other context or screenshots about the feature request here.
Consider using Notation, which is an OCI standard for container image signing.
https://learn.microsoft.com/en-us/azure/container-registry/container-registry-tutorial-sign-trusted-ca
https://github.com/notaryproject/notation
Consider using Notation, which is an OCI standard for container image signing.
https://learn.microsoft.com/en-us/azure/container-registry/container-registry-tutorial-sign-trusted-ca
https://github.com/notaryproject/notation
This is not my request. I just want the confirmation if Content trust is ever going to be enabled on ACR with CMK enabled.
@divjotsinghbns Hi, Content Trust will be deprecated this year so there will not be any new feature planned for Content Trust. Notation is the alternative solution now and can work with CMK-enabled registry. Feel free to give it a try.
As stated above, Docker Content Trust will not be enabled with CMK and the feature is on path to deprecation. Closing the issue.
