| page_type | sample | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| languages |
|
||||||||
| products |
|
||||||||
| name | Configure AAD with an Azure Red Hat OpenShift cluster using Terraform and AzAPI Provider | ||||||||
| description | This sample shows how to confugre AAD with an Azure Red Hat OpenShift cluster using Terraform and AzAPI Provider for authentication and rbac. | ||||||||
| urlFragment | aro-aad-terraform |
- If you want to run Azure CLI locally, install Azure CLI
- An Azure account with an active subscription is required. If you don't already have one, you can create an account for free. If you don't have one, create a free Azure account before you begin.
- Visual Studio Code installed on one of the supported platforms along with the HashiCorp Terraform.
- Ability to assign User Access Administrator and Contributor roles. If you lack this ability, contact your Azure Active Directory admin to manage roles.
- A Red Hat account. If you don't have one, you'll have to register for an account.
- A pull secret for your Azure Red Hat OpenShift cluster. Download the pull secret file from the Red Hat OpenShift Cluster Manager web site.
- If you want to run the Azure PowerShell code locally, Azure PowerShell.
- Create an ARO cluster. Follow the [instructions] (https://github.com/sgahlot/aro-azapi-terraform)
- Login to azure
az login
- Initialize terraform
terraform init
- Run the command.
export subscription_id=<<subscription_id>>
export name_prefix=<<name_prefix>>
export resource_group_name=<<resource_group_name>>
export aro_cluster_name=<<aro_cluster_name>>
terraform import -var "name_prefix=$name_prefix" -var "cluster_name=$aro_cluster_name" -var "resource_group_name=$resource_group_name" azapi_resource.aro_cluster /subscriptions/$subscription_id/resourceGroups/$resource_group_name/providers/Microsoft.RedHatOpenShift/OpenShiftClusters/$aro_cluster_name
- Uncomment the code in import.tf
- Terraform apply
terraform apply -var "name_prefix=$name_prefix" -var "cluster_name=$aro_cluster_name" -var "resource_group_name=$resource_group_name"