az acr import fails when using service principle

[i-make-razors]

Describe the bug When running an az acr import command while logged in as a service principle the command fails for network firewall issue. When logged into my personal account the az acr import command completes successfully.

To Reproduce Steps to reproduce the behavior:

1. az login --service-principle -u -p= --tenant
2. az acr import --name acrqa --source acrdev.azurecr.io/repo/image:38290

Expected behavior The acr import command completes successfully.

Additional context In our situation we have two acr's: "dev" and "qa". Both have network restrictions in place with private endpoints configured, and both have "Allow trusted Microsoft services to access this container registry" enabled. We are attempting to import an image from the "Dev" acr into the "QA" acr.

The error we receive when using the SP is that the public ip address of the source ACR is not allowed access. This is unexpected because it should be routing over our private azure network infrastructure like it would when we log in with our personal credentials. For some reason when we use the SP it's instead routing over the public network which is causing the issue.

[JXavierMSFT]

Hello,

Thank you for opening this issue for Azure Container Registry. In-order to resolve this request, please open a Support ticket here: https://azure.microsoft.com/en-us/support/create-ticket/

[terencet-dev]

Closing as this has been inactive for over two weeks. Please reopen this issue if you would like additional guidance.