diff --git a/azurerm/internal/services/containers/resource_arm_kubernetes_cluster.go b/azurerm/internal/services/containers/resource_arm_kubernetes_cluster.go
index baf70bf9fa27..0e9ee972b2e4 100644
--- a/azurerm/internal/services/containers/resource_arm_kubernetes_cluster.go
+++ b/azurerm/internal/services/containers/resource_arm_kubernetes_cluster.go
@@ -120,6 +120,42 @@ func resourceArmKubernetesCluster() *schema.Resource {
 				},
 			},
 
+			"identity_profile": {
+				Type:     schema.TypeList,
+				Optional: true,
+				Computed: true,
+				MaxItems: 1,
+				Elem: &schema.Resource{
+					Schema: map[string]*schema.Schema{
+						"kubelet_identity": {
+							Type:     schema.TypeList,
+							Optional: true,
+							Computed: true,
+							MaxItems: 1,
+							Elem: &schema.Resource{
+								Schema: map[string]*schema.Schema{
+									"client_id": {
+										Type:     schema.TypeString,
+										Optional: true,
+										Computed: true,
+									},
+									"object_id": {
+										Type:     schema.TypeString,
+										Optional: true,
+										Computed: true,
+									},
+									"resource_id": {
+										Type:     schema.TypeString,
+										Optional: true,
+										Computed: true,
+									},
+								},
+							},
+						},
+					},
+				},
+			},
+
 			"linux_profile": {
 				Type:     schema.TypeList,
 				Optional: true,
@@ -909,6 +945,11 @@ func resourceArmKubernetesClusterRead(d *schema.ResourceData, meta interface{})
 			return fmt.Errorf("setting `default_node_pool`: %+v", err)
 		}
 
+		identityProfile := flattenKubernetesClusterIdentityProfile(props.IdentityProfile)
+		if err := d.Set("identity_profile", identityProfile); err != nil {
+			return fmt.Errorf("setting `identity_profile`: %+v", err)
+		}
+
 		linuxProfile := flattenKubernetesClusterLinuxProfile(props.LinuxProfile)
 		if err := d.Set("linux_profile", linuxProfile); err != nil {
 			return fmt.Errorf("setting `linux_profile`: %+v", err)
@@ -1042,6 +1083,42 @@ func expandKubernetesClusterLinuxProfile(input []interface{}) *containerservice.
 	}
 }
 
+func flattenKubernetesClusterIdentityProfile(profile map[string]*containerservice.ManagedClusterPropertiesIdentityProfileValue) []interface{} {
+	if profile == nil {
+		return []interface{}{}
+	}
+
+	kubeletIdentity := make([]interface{}, 0)
+	if kubeletidentity := profile["kubeletIdentity"]; kubeletidentity != nil {
+		clientId := ""
+		if clientid := kubeletidentity.ClientID; clientid != nil {
+			clientId = *clientid
+		}
+
+		objectId := ""
+		if objectid := kubeletidentity.ObjectID; objectid != nil {
+			objectId = *objectid
+		}
+
+		resourceId := ""
+		if resourceid := kubeletidentity.ResourceID; resourceid != nil {
+			resourceId = *resourceid
+		}
+
+		kubeletIdentity = append(kubeletIdentity, map[string]interface{}{
+			"client_id":   clientId,
+			"object_id":   objectId,
+			"resource_id": resourceId,
+		})
+	}
+
+	return []interface{}{
+		map[string]interface{}{
+			"kubelet_identity": kubeletIdentity,
+		},
+	}
+}
+
 func flattenKubernetesClusterLinuxProfile(profile *containerservice.LinuxProfile) []interface{} {
 	if profile == nil {
 		return []interface{}{}