diff --git a/aks/cluster_data/data.tf b/aks/cluster_data/data.tf
index 337b2ec..737c9e9 100644
--- a/aks/cluster_data/data.tf
+++ b/aks/cluster_data/data.tf
@@ -17,3 +17,8 @@ terraform {
 data "environment_variables" "github_actions" {
   filter = "GITHUB_ACTIONS"
 }
+
+data "environment_variables" "spn_secret" {
+  filter    = "AAD_SERVICE_PRINCIPAL_CLIENT_SECRET"
+  sensitive = true
+}
diff --git a/aks/cluster_data/variables.tf b/aks/cluster_data/variables.tf
index 107aec3..ff400eb 100644
--- a/aks/cluster_data/variables.tf
+++ b/aks/cluster_data/variables.tf
@@ -105,5 +105,5 @@ locals {
   azure_RBAC_enabled = length(data.azurerm_kubernetes_cluster.main.azure_active_directory_role_based_access_control) > 0
 
   running_in_github_actions = contains(keys(data.environment_variables.github_actions.items), "GITHUB_ACTIONS")
-  spn_secret_authentication = contains(keys(data.environment_variables.github_actions.items), "AAD_SERVICE_PRINCIPAL_CLIENT_SECRET")
+  spn_secret_authentication = contains(keys(data.environment_variables.spn_secret.items), "AAD_SERVICE_PRINCIPAL_CLIENT_SECRET")
 }