I think a more elegant solution would be to get the field directly in terraform. # Configure the Azure AD Provider provider "azuread" { version = "~> 1.0.0" # NOTE: Environment Variables can also be used for Service Principal authentication # Terraform also supports … Here's a Terraform sample for an out-of-the-box, … In older versions of TerraForm this was possible using the azurerm_azuread_application and other elements. I had previously done this in the Kubernetes template I have on github . At this point running either terraform plan or terraform apply should allow Terraform to run using the Azure CLI to authenticate. But Terraform only seems to export these items: So, the reason for this question is, what is best practice for creating an Azure AD Application Via Terraform? Azure Kubernetes Services supports Kubernetes RBAC with Azure Active Directory integration, that allows to bind ClusterRole and Role to subjects like Azure Active Directory users and groups. ⚠️ Warning: This module will happily expose application credentials.All arguments including the application password will be persisted into Terraform state, into any plan files, and in some cases in the console output while running terraform plan and terraform apply.Read more about sensitive data in state. The workaround I found is to query with az cli the necessary field, save it as an external data source. This is the plan ~ … I'm trying to setup my azure infrastructure using Terraform which was pretty successful so far. Notice how much cleaner the code is, first we aren’t doing the ${} to do string interpolation, and ultimately the resources are much cleaner. Sign in We’ll occasionally send you account related emails. If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. If you’d like to following along with this tutorial, be sure you have the following in place: Azure CLI already authenticated to an Azure subscription; Throughout the steps, … Now, with TerraForm v2.0, there have been some pretty big changes, including removing all of the Azure AD elements and moving them to their own provider, and the question becomes “How does that change my template?”. In older versions of TerraForm this was possible using the azurerm_azuread_application and other elements. The version 1.19.0 of the AzureRM Terraform provider supports this integration. Warning: This module will happily … » Configuration (Terraform Cloud) Verify your settings and click "Enable". I had previously done this in the Kubernetes template I have on github. …