I've found the solution to this issue. To do so, there must be set "User Assigned Identity", and configured repository access, see code below:
resource "azurerm_container_app" "sampleapi" {
name = "${local.prefix}-app"
container_app_environment_id = azurerm_container_app_environment.app_env.id
resource_group_name = azurerm_resource_group.rg.name
revision_mode = "Single"
identity {
type = "SystemAssigned, UserAssigned"
identity_ids = [azurerm_user_assigned_identity.ca_identity.id ]
}
registry {
identity = azurerm_user_assigned_identity.ca_identity.id
server = container_registry_host_name
}
...
}
container_registry_host_name - {yourACRname}.azurecr.io
Need to set AcrPull for this User Assigned Identity
resource "azurerm_role_assignment" "acrpull_mi" {
scope = module.container_registry.id
role_definition_name = "AcrPull"
principal_id = azurerm_user_assigned_identity.ca_identity.principal_id
}
Using this setup I can download image from my Azure Container Registry using User Assigned Identity. Cheers!