Azure - Kubernetes Module

Introduction

This module will create a managed Kubernetes cluster using Azure Kubernetes Service.

Providers

Name	Version
azurerm	>= 2.57.0

Inputs

Name	Description	Type	Default	Required
acr_pull_access	map of ACR ids to allow AcrPull	map(string)	{}	no
api_server_authorized_ip_ranges	authorized IP ranges to communicate with K8s API	map(string)	n/a	yes
cluster_name	Name of AKS cluster.	string	n/a	yes
configure_network_role	Add Network Contributor role for identity on input subnets.	bool	true	no
default_node_pool	Default node pool. Value refers to key within node_pools variable.	string	"default"	no
dns_prefix	DNS prefix specified when creating the managed cluster.	string	n/a	yes
enable_azure_policy	to apply at-scale enforcements and safeguards on your clusters in a centralized, consistent manner	bool	false	no
enable_kube_dashboard	enable kubernetes dashboard	bool	false	no
identity_type	SystemAssigned or UserAssigned.	string	"UserAssigned"	no
kubernetes_version	kubernetes version	string	n/a	yes
location	Azure region.	string	n/a	yes
log_analytics_workspace_id	ID of the Azure Log Analytics Workspace	string	n/a	yes
names	Names to be applied to resources.	map(string)	n/a	yes
network_plugin	network plugin to use for networking (azure or kubenet)	string	"kubenet"	no
network_policy	Sets up network policy to be used with Azure CNI.	string	n/a	yes
network_profile_options	docker_bridge_cidr, dns_service_ip and service_cidr should all be empty or all should be set	object({ docker_bridge_cidr = string dns_service_ip = string service_cidr = string })	n/a	yes
node_pool_defaults	node pool defaults	object({ vm_size = string availability_zones = list(number) node_count = number enable_auto_scaling = bool min_count = number max_count = number enable_host_encryption = bool enable_node_public_ip = bool max_pods = number node_labels = map(string) only_critical_addons_enabled = bool orchestrator_version = string os_disk_size_gb = number os_disk_type = string type = string tags = map(string) subnet = string # must be key from node_pool_subnets variable # settings below not available in default node pools mode = string node_taints = list(string) max_surge = string eviction_policy = string os_type = string priority = string proximity_placement_group_id = string spot_max_price = number })	{ "availability_zones": [ 1, 2, 3 ], "enable_auto_scaling": false, "enable_host_encryption": false, "enable_node_public_ip": false, "eviction_policy": null, "max_count": null, "max_pods": null, "max_surge": "1", "min_count": null, "mode": "User", "name": null, "node_count": 1, "node_labels": null, "node_taints": null, "only_critical_addons_enabled": false, "orchestrator_version": null, "os_disk_size_gb": null, "os_disk_type": "Managed", "os_type": "Linux", "priority": "Regular", "proximity_placement_group_id": null, "spot_max_price": null, "subnet": null, "tags": null, "type": "VirtualMachineScaleSets", "vm_size": "Standard_B2s" }	no
node_pools	node pools	any	{ "default": {} }	no
node_resource_group	The name of the Resource Group where the Kubernetes Nodes should exist.	string	n/a	yes
outbound_type	outbound (egress) routing method which should be used for this Kubernetes Cluster	string	"loadBalancer"	no
pod_cidr	used for pod IP addresses	string	n/a	yes
private_cluster_enabled	Private Cluster	string	"false"	no
rbac	role based access control settings	object({ enabled = bool ad_integration = bool })	{ "ad_integration": false, "enabled": true }	no
rbac_admin_object_ids	Admin group object ids for use with rbac active directory integration	map(string)	{}	no
resource_group_name	Resource group name.	string	n/a	yes
sku_tier	Sets the cluster's SKU tier. The paid tier has a financially-backed uptime SLA. Read doc here.	string	"Free"	no
tags	Tags to be applied to resources.	map(string)	n/a	yes
user_assigned_identity	User assigned identity for the manged cluster (leave and the module will create one).	object({ id = string principal_id = string client_id = string })	n/a	yes
user_assigned_identity_name	Name of user assigned identity to be created (if applicable).	string	n/a	yes
virtual_network	Virtual network info.	object({ subnets = map(object({ id = string })) route_table_id = string })	n/a	yes
windows_profile	windows profile admin user/pass	object({ admin_username = string admin_password = string })	n/a	yes

Outputs

Name	Description
client_certificate	kubernetes client certificate
client_key	kubernetes client key
cluster_ca_certificate	kubernetes cluster ca certificate
effective_outbound_ips_ids	The outcome (resource IDs) of the specified arguments.
fqdn	kubernetes managed cluster fqdn
host	kubernetes host
id	kubernetes managed cluster id
kube_config	kubernetes config to be used by kubectl and other compatible tools
kube_config_raw	raw kubernetes config to be used by kubectl and other compatible tools
kubelet_identity	kubelet identity information
name	kubernetes managed cluster name
node_resource_group	auto-generated resource group which contains the resources for this managed kubernetes cluster
password	kubernetes password
principal_id	id of the principal used by this managed kubernetes cluster
username	kubernetes username

Examples

See examples folder. These are designed to test module updates and use random_string to run without any user input.