Merge pull request #295336 from Akhilesh-microsoft/ACA/manage_secrets_uuf367750

[UUF367750]: Analyzed and fixed the documentation issue; reviewed and fixed the issues w.r.t freshness. Updated ms.date

Author: prmerger-automator[bot]

articles/container-apps/manage-secrets.md

@@ -5,7 +5,7 @@ services: container-apps
 author: craigshoemaker
 ms.service: azure-container-apps
 ms.topic: how-to
-ms.date: 02/03/2025
+ms.date: 02/28/2025
 ms.author: cshoe
 ms.custom: devx-track-azurecli, devx-track-azurepowershell, build-2023
 ---
@@ -136,6 +136,9 @@ To grant access to Key Vault secrets, [create an access policy](/azure/key-vault
 
 1. In the *System assigned* tab, set the *Status* to **On**.
 
+> [!NOTE]
+> You can also use a user-assigned managed identity, which can be reused across multiple resources and persists independently of the app lifecycle. To use it, select the *User assigned* tab and choose an existing identity.
+
 1. Select **Save** to enable system assigned managed identity.
 
 1. A popup appears to confirm that you want to enable system assigned managed identity and register your container app with Microsoft Entra ID. Select **Yes**.
@@ -209,7 +212,7 @@ Secrets Key Vault references aren't supported in PowerShell.
 ---
 
 > [!NOTE]
-> If you're using [UDR With Azure Firewall](networking.md#user-defined-routes-udr), you will need to add the `AzureKeyVault` service tag and the *login.microsoft.com* FQDN to the allow list for your firewall. Refer to [configuring UDR with Azure Firewall](networking.md#configuring-udr-with-azure-firewall) to decide which additional service tags you need.
+> If you're using [UDR With Azure Firewall](networking.md#user-defined-routes-udr), you need to add the `AzureKeyVault` service tag and the *login.microsoft.com* FQDN to the allow list for your firewall. Refer to [configuring UDR with Azure Firewall](networking.md#configuring-udr-with-azure-firewall) to decide which additional service tags you need.
 
 #### Key Vault secret URI and secret rotation