Terraform image_registry_credentials setup for azurerm_container_group?

Question

I'd like to deploy "golden" containers from a private container registry, but I'm not sure how to give Terraform access.

I am already logged in through azure-cli and Terraform doesn't have any problem spinning up public-image containers on my Azure account, but when I try to pull a container from a private registry, it complains that it doesn't have access. main.tf looks like:

# Use the Azure Resource Manager Provider
provider "azurerm" {
  version = "~> 2.0"
  features {}
}

# Create a new Resource Group
resource "azurerm_resource_group" "group" {
  name     = "demo-group"
  location = "eastus"
}

resource "azurerm_container_group" "example" {
  name                = "containers-demo"
  location            = azurerm_resource_group.group.location
  resource_group_name = azurerm_resource_group.group.name
  ip_address_type     = "public"
  dns_name_label      = "aci-label"
  os_type             = "Linux"

 container {
    name  = "elastic"
    # Not my real subdomain. Don't worry.
    image = "myprivatereg.azurecr.io/elasticsearch:v1"
    cpu   = "1.0"
    memory = "4.5"

    ports {
      port     = 9200
      protocol = "TCP"
    }
  }

  tags = {
    environment = "testing"
  }
}

Answer 1

@Aaron-9052

ACR is equivalent to any private registry, so you need to provide username and password.
You can also configure service principal for authenticating.

Please refer below links for more info on your ask:

Azure Provider: Authenticating using a Service Principal

Support for registry auth

Please 'Accept as answer' if it helped, so that it can help others in the community looking for help on similar topics.