The Azure Container Instances ARM template schema exposes the below fields to authenticate to pull an image from a private ACR using a service principal:

"imageRegistryCredentials": [
      {
        "server": "myacrserver.azurecr.io",
        "username": "00000-000-000-00",  // Service principal application ID
        "password": "servicePrincipalClientSecret"
      }
    ],

Using an ARM template based deployment, is it possible to use a service principal with a client certificate based login, instead of a client secret? Can I specify the "password" field to be the base64 encoding of the private key of the certificate that can be used to access the relevant service principal?

1

There are 1 answers

0
Charles Xu On BEST ANSWER

I'm afraid it's impossible. ARM template does not have the property to set the credential with a certificate instead of the secret. Maybe it's possible in the future, but not it does not support it.