Azure Kubernetes Service

This is the repository for our Azure Kubernetes Service (AKS) Terraform module.

Requirements

Name	Version
azurerm	>3.21.1

Examples

Basic example

module "kubernetes" {
  source  = "amestofortytwo/kubernetes"
  version = "1.2.0"

  name                = "demo-prod-westeu"
  resource_group_name = azurerm_resource_group.demo.name
  location            = azurerm_resource_group.demo.location

  tags = {
    environment = "production"
  }
}

Advanced Example

module "kubernetes" {
  source  = "amestofortytwo/kubernetes"
  version = "1.2.0"

  name                = "demo-prod-westeu"
  resource_group_name = azurerm_resource_group.demo.name
  location            = azurerm_resource_group.demo.location

  service_principal = {
    client_id     = "00000000-0000-0000-0000-000000000000"
    client_secret = "client_secret_value"
  }

  automatic_bump_kubernetes_version = {
    enabled         = true
    version_prefix  = "1.23"
    include_preview = false
  }

  additional_node_pools = [
    { name = "pool1" },
    { name = "pool2" }
  ]

  tags = {
    environment = "production"
  }
}

Providers

Name	Version
azurerm	>3.21.1

Modules

No modules.

Inputs

Name	Description	Type	Default	Required
aad_rbac	(Optional) Used to fill the azure_active_directory_role_based_access_control block for the Kubernetes cluster. If nothing is specified, managed AAD RBAC will be enabled. If managed is set to true, the admin_group_object_ids properties can be specified to a group that will have admin access to the cluster.	object({ managed = optional(bool) tenant_id = optional(string) admin_group_object_ids = optional(list(string)) azure_rbac_enabled = optional(bool) client_app_id = optional(string) server_app_id = optional(string) server_app_secret = optional(string) })	{ "admin_group_object_ids": null, "azure_rbac_enabled": true, "managed": true }	no
additional_node_pools	(Optional) A list of additional node pools to add to the Kubernetes cluster. Each node pool can have the following properties: name - (Required) The name of the node pool. node_count - (optional) The number of nodes in the node pool, defaults to 1. vm_size - (optional) The size of the virtual machines to use for the node pool, defaults to the same as the default node pool.	list(object({ name = string mode = optional(string) orchestrator_version = optional(string) os_type = optional(string) os_sku = optional(string) node_labels = optional(map(string)) node_count = optional(number, 1) enable_auto_scaling = optional(bool, false) min_count = optional(number, 1) max_count = optional(number, 3) vm_size = optional(string) os_disk_size_gb = optional(number) os_disk_type = optional(string) vnet_subnet_id = optional(string) max_pods = optional(number) zones = optional(list(string)) scale_down_mode = optional(string) ultra_ssd_enabled = optional(bool) kubelet_disk_type = optional(string) node_taints = optional(list(string)) tags = optional(map(string)) }))	`[]`	no
api_server_authorized_ip_ranges	(Optional) A list of authorized IP ranges to access the Kubernetes API server	`list(string)`	`null`	no
automatic_bump_kubernetes_version	Automatically bump the Kubernetes version to the latest available version	object({ enabled = bool version_prefix = string include_preview = bool })	{ "enabled": false, "include_preview": false, "version_prefix": "1.23" }	no
azure_policy_enabled	Enable or disable Azure Policy for the cluster. Defaults to true.	`bool`	`true`	no
default_node_pool	(Optional) The default node pool for the Kubernetes cluster. If not specified, the default node pool will have one Standard_d2s_v4 node.	object({ name = string vm_size = string # Autoscale or manual scaling node_count = optional(number) enable_auto_scaling = optional(bool) autoscale = optional(object({ min_count = number max_count = number })) # Optional settings max_pods = optional(number) capacity_reservation_group_id = optional(string) enable_host_encryption = optional(bool) enable_node_public_ip = optional(bool) fips_enabled = optional(bool) kubelet_disk_type = optional(string) message_of_the_day = optional(string) node_public_ip_prefix_id = optional(string) node_labels = optional(map(string)) only_critical_addons_enabled = optional(bool) orchestrator_version = optional(string) os_disk_size_gb = optional(number) os_disk_type = optional(string) os_sku = optional(string) pod_subnet_id = optional(string) scale_down_mode = optional(string) type = optional(string) tags = optional(map(string)) ultra_ssd_enabled = optional(bool) kubelet_config = optional(object( { cpu_manager_policy = optional(string) cpu_cfs_quota_enabled = optional(bool) cpu_cfs_quota_period = optional(string) image_gc_high_threshold = optional(number) image_gc_low_threshold = optional(number) topology_manager_policy = optional(string) allowed_unsafe_sysctls = optional(list(string)) container_log_max_size_mb = optional(number) container_log_max_line = optional(number) pod_max_pid = optional(number) } )) linux_os_config = optional(object({ # sysctl will not be implemented, until someone needs it swap_file_size_mb = optional(number) transparent_huge_page_enabled = optional(bool) transparent_huge_page_defrag = optional(string) })) upgrade_settings = optional(object({ max_surge = optional(number) })) })	{ "name": "default", "node_count": 1, "vm_size": "Standard_D2s_v4" }	no
identity	(Optional) The identity block for the Kubernetes cluster. If not specified, the identity will be of type SystemAssigned.	object({ type = string identity_ids = optional(list(string)) })	{ "identity_ids": null, "type": "SystemAssigned" }	no
ingress_application_gateway	Values used for deployment of the ingress application gateway	object({ gateway_id = optional(string) gateway_name = optional(string) subnet_cidr = optional(string) subnet_id = optional(string) })	`null`	no
kubernetes_version	Kubernetes version to use for the cluster	`string`	`null`	no
location	The location where all resources will be created	`string`	n/a	yes
name	The name of the managed Kubernetes cluster. Will prefix the name of the cluster with `aks-`.	`string`	n/a	yes
network_profile	(Optional) The network profile block for the Kubernetes cluster. If not specified, the network profile will be of type Azure.	object({ network_plugin = string network_policy = optional(string) network_mode = optional(string) vnet_subnet_id = optional(string) load_balancer_sku = optional(string) outbound_type = optional(string) dns_service_ip = optional(string) docker_bridge_cidr = optional(string) service_cidr = optional(string) service_cidrs = optional(list(string)) pod_cidr = optional(string) pod_cidrs = optional(list(string)) ip_versions = optional(list(string)) })	{ "network_plugin": "azure" }	no
resource_group_name	Name of the resource group to create the resources in	`string`	n/a	yes
service_principal	(Optional) The service principal block for the Kubernetes cluster. Do not specify this block if you want already defined the identity block, or if you want to use the SystemAssigned identity.	object({ client_id = string client_secret = string })	`null`	no
tags	A mapping of tags to assign to the resources	`map(string)`	n/a	yes
workload_identity_enabled	(Optional) Enable or disable workload identity for the cluster. Enabling this also sets oidc_issuer_enabled to true.	`bool`	`null`	no

Outputs

No outputs.

Resources

Name	Type
azurerm_kubernetes_cluster.main	resource
azurerm_kubernetes_cluster_node_pool.additional	resource
azurerm_kubernetes_service_versions.current	data source

sunilnagavelli / terraform-azurerm-aks

Azure Kubernetes Service

Requirements

Examples

Basic example

Advanced Example

Providers

Modules

Inputs

Outputs

Resources

About

Languages