From 6b3618a40ac7b5329d16a3c6d145f1994583804c Mon Sep 17 00:00:00 2001 From: Alex Somesan Date: Fri, 22 Jul 2022 15:02:03 +0200 Subject: [PATCH] Adapt AKS infra for managed identity rather than explicit service account creds (#1784) --- kubernetes/test-infra/aks/main.tf | 8 ++------ kubernetes/test-infra/aks/outputs.tf | 3 +++ kubernetes/test-infra/aks/variables.tf | 8 -------- 3 files changed, 5 insertions(+), 14 deletions(-) diff --git a/kubernetes/test-infra/aks/main.tf b/kubernetes/test-infra/aks/main.tf index 1f086fe12d..ad96017473 100644 --- a/kubernetes/test-infra/aks/main.tf +++ b/kubernetes/test-infra/aks/main.tf @@ -78,13 +78,9 @@ resource "azurerm_kubernetes_cluster" "tf-k8s-acc" { vnet_subnet_id = azurerm_subnet.tf-k8s-acc.id } - service_principal { - client_id = var.aks_client_id - client_secret = var.aks_client_secret - } - role_based_access_control { - enabled = true + identity { + type = "SystemAssigned" } network_profile { diff --git a/kubernetes/test-infra/aks/outputs.tf b/kubernetes/test-infra/aks/outputs.tf index e89edcd1fc..9c3d4a986f 100644 --- a/kubernetes/test-infra/aks/outputs.tf +++ b/kubernetes/test-infra/aks/outputs.tf @@ -2,3 +2,6 @@ output "kubeconfig_path" { value = local_file.kubeconfig.filename } +output "cluster_name" { + value = azurerm_kubernetes_cluster.tf-k8s-acc.name +} diff --git a/kubernetes/test-infra/aks/variables.tf b/kubernetes/test-infra/aks/variables.tf index 5a8867f088..50a9ac76d3 100644 --- a/kubernetes/test-infra/aks/variables.tf +++ b/kubernetes/test-infra/aks/variables.tf @@ -22,14 +22,6 @@ variable "workers_type" { default = "Standard_DS4_v2" } -variable "aks_client_id" { - description = "The Client ID for the Service Principal to use for this Managed Kubernetes Cluster" -} - -variable "aks_client_secret" { - description = "The Client Secret for the Service Principal to use for this Managed Kubernetes Cluster" -} - # Uncomment to enable SSH access to nodes # # variable "public_ssh_key_path" {