Azure authentication is structured (unsurprisingly) in much the same way as their enterprise Active Directory. To deploy infrastructure, you will need to create a service principal.

Once you have created your Azure account and logged in, you will arrive at the main screen. In the top search bar, enter Azure Active Directory, and press enter.

In the left bar, click on App Registration, and then click on New Registration.

On the New Registration screen, enter in a name, and then leave the rest of the defaults. Then, click the Register button at the bottom.

On the next screen, you will find the first two pieces of information you'll need:

The Application ID and the Directory ID, which will be saved as the ARM_CLIENT_ID and ARM_TENANT_ID environment variables.

To create the secret and allow the service principal to be used, click on Certificates & Secrets in the left bar. Then, click on New Client Secret.

Here, you can enter a description, set an expiry time, and then click add.

Take the secret that was just created, and save it as the ARM_CLIENT_SECRET environment variable.

You'll now need to enable access for this account. Click on the search bar at the top and type in Subscriptions.

On this screen, you'll find the last piece of information you'll need to collect: the Subscription ID. Save this as the ARM_SUBSCRIPTION_ID environment variable.

Click on your subscription, and then click on Access Control (IAM) on the left bar, then click on Add a Role Assignment. Select the role you'd like to grant (usually Contributor), and then find the Service Principal you created earlier. Click on it, and then click Save.

You should now be able to use this Service Principal to interact with Azure from Terraform.