What is the problem you're trying to solve
I'm frustrated that Azure Container Registry Artifact cache required the manual management of credentials to authenticate to external upstream private registries like Google Artifact Registry.

Describe the solution you'd like
I would like to request native, direct identity federation capabilities for ACR's artifact cache when pulling from external registries. ACR could use its own managed identity to authenticate with Google Cloud IAM, eliminating the need to have to managed pre-configured long access tokens or service account keys (comply with security best practices) to be generated and rotated by users.

Additional context
Primary GCP footprint, looking to leverage Azure Batch and NP-series compute for large-scale genomic sequencing workloads.