Service Principle Account - Connection -Terraform

 

If you are using a service principal for Terraform connectivity to Azure, you typically don't need to configure az login or set the default subscription because Terraform interacts with Azure using the credentials of the service principal provided in the Terraform configuration.

When using a service principal, Terraform retrieves the necessary authentication details (such as client ID, client secret, and tenant ID) from environment variables, configuration files, or other secure means. These credentials are used by Terraform to authenticate with Azure and perform operations on your behalf.

However, if you are also using the Azure CLI (az) for other tasks outside of Terraform, you may still need to configure az login with the appropriate credentials, especially if you need to perform manual operations or interact with Azure resources directly from the command line. In such cases, you can log in with the service principal credentials using the following command:

 

az login --service-principal -u <service-principal-client-id> -p <service-principal-client-secret> --tenant <tenant-id>
 

Replace <service-principal-client-id>, <service-principal-client-secret>, and <tenant-id> with the respective values of your service principal.

Keep in mind that managing authentication separately for Terraform and the Azure CLI allows for better isolation and security, as it ensures that Terraform operations are performed with the least privilege necessary for the infrastructure provisioning tasks.