diff --git a/azure/terraform/modules/kubernetes/main.tf b/azure/terraform/modules/kubernetes/main.tf
--- a/azure/terraform/modules/kubernetes/main.tf
+++ b/azure/terraform/modules/kubernetes/main.tf
@@ -51,6 +51,7 @@
 }
 
 resource "azurerm_public_ip" "aks_cluster_public_ip" {
+  count               = var.public_ip_provisioning ? 1 : 0
   name                = "${var.cluster_name}_ip"
   resource_group_name = azurerm_kubernetes_cluster.aks_cluster.node_resource_group
   location            = data.azurerm_resource_group.aks_rg.location
diff --git a/azure/terraform/modules/kubernetes/outputs.tf b/azure/terraform/modules/kubernetes/outputs.tf
--- a/azure/terraform/modules/kubernetes/outputs.tf
+++ b/azure/terraform/modules/kubernetes/outputs.tf
@@ -3,7 +3,7 @@
 
 name: ${azurerm_kubernetes_cluster.aks_cluster.name}
 internal_ip: ${azurerm_private_endpoint.aks_cluster_endpoint.private_service_connection.0.private_ip_address}
-public_ip: ${azurerm_public_ip.aks_cluster_public_ip.ip_address}
+public_ip: ${var.public_ip_provisioning ? azurerm_public_ip.aks_cluster_public_ip[0].ip_address : "Disabled"}
 
 Execute the following command to add the credentials in your .kube/config:
 az aks get-credentials --resource-group ${data.azurerm_resource_group.aks_rg.name} --name ${azurerm_kubernetes_cluster.aks_cluster.name} 
diff --git a/azure/terraform/modules/kubernetes/variables.tf b/azure/terraform/modules/kubernetes/variables.tf
--- a/azure/terraform/modules/kubernetes/variables.tf
+++ b/azure/terraform/modules/kubernetes/variables.tf
@@ -38,3 +38,9 @@
   default     = "swh-resource"
 }
 
+variable "public_ip_provisioning" {
+  description = "Should a public ip should be provisionned?"
+  type        = bool
+  default     = true
+}
+