Provision a Ready-to-Use Azure AKS Cluster with Terraform in Minutes
Learn how to quickly set up a development‑test Azure Kubernetes Service (AKS) cluster using Terraform with default settings, including creating a Service Principal, configuring Terraform Cloud backend, defining variables, and applying the infrastructure, plus commands for login, plan, apply, and destroy.
Prerequisites
Azure subscription
Azure CLI installed
Terraform CLI installed
Terraform Cloud account
Create a Service Principal
export TF_VAR_subscription_id=YOUR_SUBSCRIPTION_ID
SERVICE_PRINCIPAL_JSON=$(az ad sp create-for-rbac \
--name aks-getting-started-sp \
--role Contributor \
--scopes /subscriptions/${TF_VAR_subscription_id} -o json)
TF_VAR_client_id=$(echo $SERVICE_PRINCIPAL_JSON | jq -r '.appId')
TF_VAR_client_secret=$(echo $SERVICE_PRINCIPAL_JSON | jq -r '.password')
TF_VAR_tenant_id=$(echo $SERVICE_PRINCIPAL_JSON | jq -r '.tenant')
az login \
--service-principal \
--tenant $TF_VAR_tenant_id \
--username $TF_VAR_client_id \
--password $TF_VAR_client_secret \
--output tableThe --scopes /subscriptions/${TF_VAR_subscription_id} flag makes the Service Principal usable across any resource group in the subscription. Prefixing the variables with TF_VAR_ allows Terraform to read them automatically.
Login to Terraform Cloud
terraform loginTerraform Cloud provides a SaaS backend for state storage and remote execution.
Terraform Configuration
The sample code is available at https://github.com/martinliu/azure-labs/tree/main/lab02. The key files are:
main.tf
terraform {
cloud {
organization = "DevOpsCoach"
workspaces {
name = "aks-labs"
}
}
}
provider "azurerm" {
features {}
tenant_id = var.tenant_id
subscription_id = var.subscription_id
client_id = var.client_id
client_secret = var.client_secret
}
resource "azurerm_resource_group" "example" {
name = "${local.prefix}-rg"
location = local.location
}locals.tf
locals {
prefix = "aks4devops"
location = "eastasia"
}
variable "client_id" {
description = "Client ID for the Azure provider"
type = string
}
variable "client_secret" {
description = "Client Secret for the Azure provider"
type = string
}
variable "subscription_id" {
description = "Subscription ID for the Azure provider"
type = string
}
variable "tenant_id" {
description = "Tenant ID for the Azure provider"
type = string
}aks.tf
resource "azurerm_kubernetes_cluster" "example" {
name = "${local.prefix}-k8s"
location = azurerm_resource_group.example.location
resource_group_name = azurerm_resource_group.example.name
dns_prefix = "${local.prefix}-k8s"
default_node_pool {
name = "default"
node_count = 2
min_count = 1
max_count = 10
vm_size = "Standard_DS2_v2"
enable_auto_scaling = true
}
identity {
type = "SystemAssigned"
}
}The configuration uses a system‑assigned managed identity and an autoscaling node pool that scales between 1 and 10 nodes. All other settings rely on Azure defaults.
Deploy the Cluster
terraform init
terraform plan
terraform applyDuring apply you can monitor progress in the Terraform Cloud web UI.
Cleanup
terraform destroyThis command removes the AKS cluster and all associated Azure resources.
Signed-in readers can open the original source through BestHub's protected redirect.
This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactand we will review it promptly.
How this landed with the community
Was this worth your time?
0 Comments
Thoughtful readers leave field notes, pushback, and hard-won operational detail here.