Application gateway for containers

Question

so i am trying to implement application gateway for containers. So i am building an AKS 1.30 version. When i am trying to deploy the step for Managed ALB then it is not deploying it.

module "avm-res-managedidentity-userassignedidentityALB" {
  source              = "Azure/avm-res-managedidentity-userassignedidentity/azurerm"
  version             = "0.3.3"
  name                = "azure-alb-identity"
  location            = var.location # data.azurerm_resource_group.rg.location
  resource_group_name = var.rgLzName # data.azurerm_resource_group.rg.name
}

resource "null_resource" "previous" {}

resource "time_sleep" "wait_100_seconds" {
  depends_on = [null_resource.previous]

  create_duration = "100s"
}


resource "null_resource" "next" {
  depends_on = [time_sleep.wait_100_seconds]
} 
resource "azurerm_role_assignment" "role-assignment-alb_identity" {
  scope                =  var.mc_resource_group_id
  role_definition_name = "Reader"
  principal_id         = module.avm-res-managedidentity-userassignedidentityALB.principal_id

  depends_on = [ module.avm-res-managedidentity-userassignedidentityALB, null_resource.next ]
}





resource "azurerm_federated_identity_credential" "federated_agfc" {
  name                = "azure-alb-identity"
  resource_group_name = var.rgLzName
  audience            = ["api://AzureADTokenExchange"]
  issuer              = var.oidc_issuer_url
  parent_id           = module.avm-res-managedidentity-userassignedidentityALB.resource_id
  subject             = "system:serviceaccount:azure-alb-system:alb-controller"
  
  depends_on = [ azurerm_role_assignment.role-assignment-alb_identity]
}

 resource "null_resource" "install_alb_controller" {
  provisioner "local-exec" {
    command = <<EOF
    helm install alb-controller oci://mcr.microsoft.com/application-lb/charts/alb-controller \
    --version 1.4.12 \
    --set albController.namespace="azure-alb-system" \
    --set albController.podIdentity.clientID=$(az identity show -g ${var.rgLzName} -n azure-alb-identity --query clientId -o tsv)
   EOF
  }
  depends_on = [ azurerm_federated_identity_credential.federated_agfc ]
}

resource "azurerm_role_assignment" "CM-alb_identity" {
  scope                =  var.mc_resource_group_id
  role_definition_name = "AppGw for Containers Configuration Manager"
  principal_id         = module.avm-res-managedidentity-userassignedidentityALB.principal_id

  depends_on = [ null_resource.install_alb_controller]
}

resource "azurerm_role_assignment" "network_contributor-alb_identity" {
  scope                = var.snetAGFCAddr
  role_definition_name = "Network Contributor"
  principal_id         = module.avm-res-managedidentity-userassignedidentityALB.principal_id

  # depends_on = [ helm_release.alb_controller ]
  depends_on = [ azurerm_role_assignment.CM-alb_identity ]
}

Its deployed and then when i am trying to deploy the yaml files its not creating the Gateway.

resource "local_file" "namespace_yaml" {
  content  = <<-EOF
apiVersion: v1
kind: Namespace
metadata:
  name: alb-test-infra
EOF
  filename = "${path.module}/namespace.yaml"
}

resource "local_file" "alb_yaml" {
  content  = <<-EOF
apiVersion: alb.networking.azure.io/v1
kind: ApplicationLoadBalancer
metadata:
  name: alb-test
  namespace: alb-test-infra
spec:
  associations:
  - /subscriptions/9889820820/resourceGroups/AksTerra-AV-RG/providers/Microsoft.Network/virtualNetworks/vnet-lz/subnets/subnet-agfc
EOF
  filename = "${path.module}/alb.yaml"
}

resource "null_resource" "kubectl_apply" {
  triggers = {
    namespace_yaml_content = local_file.namespace_yaml.content
    alb_yaml_content       = local_file.alb_yaml.content
  }

  provisioner "local-exec" {
    command = <<-EOT
      kubectl apply -f ${local_file.namespace_yaml.filename}
      kubectl apply -f ${local_file.alb_yaml.filename}
    EOT
  }

  depends_on = [local_file.namespace_yaml, local_file.alb_yaml]
}

Or is there other way to deploy it?