It looks like Azure is the only cloud provider that has k8s 1.17.x available at the time of this writing, so it got bumped up the priority list since that's what the CKA/CKAD exams are based on.
The azurerm_kubernetes_cluster resource apparently requires a service principal, and that'll need to be set up before the plan can be run.
Service principal creation via the Azure CLI:
SPID=$(az ad sp create-for-rbac -n "http://sp-aks-manager" --sdk-auth \
--skip-assignment | \
tee sp-aks-manager.json | jq -r '.clientId')The following CLI examples are useful, but are not required for the plan to run:
Assign the ... role to the new service principal only for the single
resource group specified in the ${RG} environment variable:
az role assignment create --assignee ${SPID} --resource-group ${RG} \
--role "..."TODO: Figure out the minimal role required above to make this work. For now, whatever default permissions are assigned work (I would think none!), but I want to know for sure that the SP is set up correctly.
View the service principal:
az ad sp list --all | jq ".[]|select(.appId==\"${SPID}\")"Delete the service principal:
az ad sp delete --id ${SPID}