The Azure Container Instances ARM template schema exposes the below fields to authenticate to pull an image from a private ACR using a service principal:
"imageRegistryCredentials": [
{
"server": "myacrserver.azurecr.io",
"username": "00000-000-000-00", // Service principal application ID
"password": "servicePrincipalClientSecret"
}
],
Using an ARM template based deployment, is it possible to use a service principal with a client certificate based login, instead of a client secret? Can I specify the "password" field to be the base64 encoding of the private key of the certificate that can be used to access the relevant service principal?
I'm afraid it's impossible. ARM template does not have the property to set the credential with a certificate instead of the secret. Maybe it's possible in the future, but not it does not support it.