Adapt AKS infra for managed identity rather than explicit service acc…

…ount creds (#1784)
hashicorp · Aug 30, 2022 · 6b3618a · 6b3618a
1 parent 1e6f817
commit 6b3618a
Show file tree

Hide file tree

Showing 3 changed files with 5 additions and 14 deletions.
diff --git a/kubernetes/test-infra/aks/main.tf b/kubernetes/test-infra/aks/main.tf
@@ -78,13 +78,9 @@ resource "azurerm_kubernetes_cluster" "tf-k8s-acc" {
     vnet_subnet_id = azurerm_subnet.tf-k8s-acc.id
   }
 
-  service_principal {
-    client_id     = var.aks_client_id
-    client_secret = var.aks_client_secret
-  }
 
-  role_based_access_control {
-    enabled = true
+  identity {
+    type = "SystemAssigned"
   }
 
   network_profile {

diff --git a/kubernetes/test-infra/aks/outputs.tf b/kubernetes/test-infra/aks/outputs.tf
@@ -2,3 +2,6 @@ output "kubeconfig_path" {
   value = local_file.kubeconfig.filename
 }
 
+output "cluster_name" {
+  value = azurerm_kubernetes_cluster.tf-k8s-acc.name
+}
diff --git a/kubernetes/test-infra/aks/variables.tf b/kubernetes/test-infra/aks/variables.tf
@@ -22,14 +22,6 @@ variable "workers_type" {
   default = "Standard_DS4_v2"
 }
 
-variable "aks_client_id" {
-  description = "The Client ID for the Service Principal to use for this Managed Kubernetes Cluster"
-}
-
-variable "aks_client_secret" {
-  description = "The Client Secret for the Service Principal to use for this Managed Kubernetes Cluster"
-}
-
 # Uncomment to enable SSH access to nodes
 #
 # variable "public_ssh_key_path" {