diff --git a/pkg/auth/autorest_auth.go b/pkg/auth/autorest_auth.go
index a7e6b5204..de26665f4 100644
--- a/pkg/auth/autorest_auth.go
+++ b/pkg/auth/autorest_auth.go
@@ -30,7 +30,7 @@ import (
 
 func NewAuthorizer(config *Config, env *azure.Environment) (autorest.Authorizer, error) {
 	// TODO (charliedmcb): need to get track 2 support for the skewer API, and align all auth under workload identity in the same way within cred.go
-	if config.AuthMethod == authMethodWorkloadIdentity {
+	if config.ArmAuthMethod == authMethodWorkloadIdentity {
 		klog.V(2).Infoln("auth: using workload identity for new authorizer")
 		cred, err := azidentity.NewDefaultAzureCredential(nil)
 		if err != nil {
@@ -39,7 +39,7 @@ func NewAuthorizer(config *Config, env *azure.Environment) (autorest.Authorizer,
 		return azidext.NewTokenCredentialAdapter(cred, []string{azidext.DefaultManagementScope}), nil
 	}
 
-	if config.AuthMethod == authMethodSysMSI {
+	if config.ArmAuthMethod == authMethodSysMSI {
 		klog.V(2).Infoln("auth: using system assigned MSI to retrieve access token")
 		msiEndpoint, err := adal.GetMSIVMEndpoint()
 		if err != nil {
@@ -55,5 +55,5 @@ func NewAuthorizer(config *Config, env *azure.Environment) (autorest.Authorizer,
 		return autorest.NewBearerAuthorizer(token), nil
 	}
 
-	return nil, fmt.Errorf("auth: unsupported auth method %s", config.AuthMethod)
+	return nil, fmt.Errorf("auth: unsupported auth method %s", config.ArmAuthMethod)
 }
diff --git a/pkg/auth/config.go b/pkg/auth/config.go
index 6f2c9b6d7..4c638a550 100644
--- a/pkg/auth/config.go
+++ b/pkg/auth/config.go
@@ -60,10 +60,10 @@ type Config struct {
 	ResourceGroup  string `json:"resourceGroup" yaml:"resourceGroup"`
 	VMType         string `json:"vmType" yaml:"vmType"`
 
-	// AuthMethod determines how to authorize requests for the Azure cloud.
+	// ArmAuthMethod determines how to authorize requests for the Azure cloud.
 	// Valid options are "system-assigned-msi" and "workload-identity"
 	// The default is "workload-identity".
-	AuthMethod string `json:"authMethod" yaml:"authMethod"`
+	ArmAuthMethod string `json:"armAuthMethod" yaml:"armAuthMethod"`
 
 	// Managed identity for Kubelet (not to be confused with Azure cloud authorization)
 	KubeletIdentityClientID string `json:"kubeletIdentityClientID" yaml:"kubeletIdentityClientID"`
@@ -110,7 +110,7 @@ func (cfg *Config) Build() error {
 	cfg.VMType = strings.ToLower(os.Getenv("ARM_VM_TYPE"))
 	cfg.ClusterName = strings.TrimSpace(os.Getenv("AZURE_CLUSTER_NAME"))
 	cfg.NodeResourceGroup = strings.TrimSpace(os.Getenv("AZURE_NODE_RESOURCE_GROUP"))
-	cfg.AuthMethod = strings.TrimSpace(os.Getenv("ARM_AUTH_METHOD"))
+	cfg.ArmAuthMethod = strings.TrimSpace(os.Getenv("ARM_AUTH_METHOD"))
 	cfg.KubeletIdentityClientID = strings.TrimSpace(os.Getenv("ARM_KUBELET_IDENTITY_CLIENT_ID"))
 
 	return nil
@@ -122,8 +122,8 @@ func (cfg *Config) Default() error {
 		cfg.VMType = vmTypeVMSS
 	}
 
-	if cfg.AuthMethod == "" {
-		cfg.AuthMethod = authMethodWorkloadIdentity
+	if cfg.ArmAuthMethod == "" {
+		cfg.ArmAuthMethod = authMethodWorkloadIdentity
 	}
 
 	return nil
@@ -145,8 +145,8 @@ func (cfg *Config) Validate() error {
 		}
 	}
 
-	if cfg.AuthMethod != authMethodSysMSI && cfg.AuthMethod != authMethodWorkloadIdentity {
-		return fmt.Errorf("unsupported authorization method: %s", cfg.AuthMethod)
+	if cfg.ArmAuthMethod != authMethodSysMSI && cfg.ArmAuthMethod != authMethodWorkloadIdentity {
+		return fmt.Errorf("unsupported authorization method: %s", cfg.ArmAuthMethod)
 	}
 
 	return nil
diff --git a/pkg/auth/config_test.go b/pkg/auth/config_test.go
index 913d3507a..071a3fb8c 100644
--- a/pkg/auth/config_test.go
+++ b/pkg/auth/config_test.go
@@ -41,7 +41,7 @@ func TestBuildAzureConfig(t *testing.T) {
 				ResourceGroup:     "my-rg",
 				NodeResourceGroup: "my-node-rg",
 				VMType:            "vmss",
-				AuthMethod:        "workload-identity",
+				ArmAuthMethod:     "workload-identity",
 			},
 			wantErr: false,
 			env: map[string]string{
@@ -60,7 +60,7 @@ func TestBuildAzureConfig(t *testing.T) {
 				ResourceGroup:     "my-rg",
 				NodeResourceGroup: "my-node-rg",
 				VMType:            "vm",
-				AuthMethod:        "workload-identity",
+				ArmAuthMethod:     "workload-identity",
 			},
 			wantErr: false,
 			env: map[string]string{
@@ -94,7 +94,7 @@ func TestBuildAzureConfig(t *testing.T) {
 				ResourceGroup:     "my-rg",
 				NodeResourceGroup: "my-node-rg",
 				VMType:            "vmss",
-				AuthMethod:        "system-assigned-msi",
+				ArmAuthMethod:     "system-assigned-msi",
 			},
 			wantErr: false,
 			env: map[string]string{
@@ -114,7 +114,7 @@ func TestBuildAzureConfig(t *testing.T) {
 				ResourceGroup:     "my-rg",
 				NodeResourceGroup: "my-node-rg",
 				VMType:            "vmss",
-				AuthMethod:        "workload-identity",
+				ArmAuthMethod:     "workload-identity",
 			},
 			wantErr: false,
 			env: map[string]string{
@@ -134,7 +134,7 @@ func TestBuildAzureConfig(t *testing.T) {
 				ResourceGroup:           "my-rg",
 				NodeResourceGroup:       "my-node-rg",
 				VMType:                  "vmss",
-				AuthMethod:              "system-assigned-msi",
+				ArmAuthMethod:           "system-assigned-msi",
 				KubeletIdentityClientID: "11111111-2222-3333-4444-555555555555",
 			},
 			wantErr: false,
diff --git a/pkg/auth/cred.go b/pkg/auth/cred.go
index 042a5c982..1cb86b84a 100644
--- a/pkg/auth/cred.go
+++ b/pkg/auth/cred.go
@@ -30,12 +30,12 @@ func NewCredential(cfg *Config) (azcore.TokenCredential, error) {
 		return nil, fmt.Errorf("failed to create credential, nil config provided")
 	}
 
-	if cfg.AuthMethod == authMethodWorkloadIdentity {
+	if cfg.ArmAuthMethod == authMethodWorkloadIdentity {
 		klog.V(2).Infoln("cred: using workload identity for new credential")
 		return azidentity.NewDefaultAzureCredential(nil)
 	}
 
-	if cfg.AuthMethod == authMethodSysMSI {
+	if cfg.ArmAuthMethod == authMethodSysMSI {
 		klog.V(2).Infoln("cred: using system assigned MSI for new credential")
 		msiCred, err := azidentity.NewManagedIdentityCredential(nil)
 		if err != nil {
@@ -44,5 +44,5 @@ func NewCredential(cfg *Config) (azcore.TokenCredential, error) {
 		return msiCred, nil
 	}
 
-	return nil, fmt.Errorf("cred: unsupported auth method: %s", cfg.AuthMethod)
+	return nil, fmt.Errorf("cred: unsupported auth method: %s", cfg.ArmAuthMethod)
 }
diff --git a/pkg/auth/cred_test.go b/pkg/auth/cred_test.go
index 832fa685f..8235b0a5c 100644
--- a/pkg/auth/cred_test.go
+++ b/pkg/auth/cred_test.go
@@ -41,7 +41,7 @@ func TestNewCredential(t *testing.T) {
 		{
 			name: "unsupported auth method",
 			cfg: &Config{
-				AuthMethod: "unsupported",
+				ArmAuthMethod: "unsupported",
 			},
 			want:       nil,
 			wantErr:    true,
@@ -57,7 +57,7 @@ func TestNewCredential(t *testing.T) {
 		{
 			name: "auth method system-assigned-msi",
 			cfg: &Config{
-				AuthMethod: authMethodSysMSI,
+				ArmAuthMethod: authMethodSysMSI,
 			},
 			want:    reflect.TypeOf(&azidentity.ManagedIdentityCredential{}),
 			wantErr: false,
@@ -65,7 +65,7 @@ func TestNewCredential(t *testing.T) {
 		{
 			name: "auth method workload-identity",
 			cfg: &Config{
-				AuthMethod: authMethodWorkloadIdentity,
+				ArmAuthMethod: authMethodWorkloadIdentity,
 			},
 			want:    reflect.TypeOf(&azidentity.DefaultAzureCredential{}),
 			wantErr: false,