Skip to content

Artlvns/tf-azure-aks

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

136 Commits
.github
.github
 
 
.gitignore
.gitignore
 
 
Jenkinsfile
Jenkinsfile
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
aks.tf
aks.tf
 
 
outputs.tf
outputs.tf
 
 
renovate.json
renovate.json
 
 
variables.tf
variables.tf
 
 
versions.tf
versions.tf
 
 

Repository files navigation

tf-azure-aks

Terraform Module for Azure AKS

Requirements

Name Version
terraform >= 1.0
azurerm >= 3.0.0

Providers

Name Version
azurerm >= 3.0.0

Modules

No modules.

Resources

Name Type
azurerm_kubernetes_cluster.k8s_cluster resource
azurerm_kubernetes_cluster_node_pool.aks-node resource
azurerm_monitor_diagnostic_setting.aks-diagnostics resource
azurerm_subnet.k8s_agent_subnet resource
azurerm_virtual_network.k8s_agent_network resource

Inputs

Name Description Type Default Required
admin_username user name to add to VMs string "azureuser" no
agent_net_name Optional name of the agent vnet string "agent-net" no
aks_dns_service_ip n/a string "10.0.0.10" no
aks_docker_bridge_cidr n/a string "172.26.0.1/16" no
aks_network_plugin n/a string "azure" no
aks_network_policy n/a string "calico" no
aks_pod_cidr n/a any null no
aks_service_cidr n/a string "10.0.0.0/16" no
aks_vnet_subnet_cidr n/a string "10.200.0.0/24" no
aks_vnet_subnet_id n/a string "" no
api_server_authorized_ip_ranges List of IPs to whitelist for incoming to Kubernetes API list(string) [] no
automatic_channel_upgrade n/a string null no
azure_policy_enable Turn on Azure Policy in cluster or not bool false no
client_id azure client id any null no
client_secret azure client secret any null no
cluster_name What the k8s cluster should be identified as any n/a yes
create_vnet n/a bool true no
default_pool n/a map {} no
dns_prefix n/a any n/a yes
enable_diagnostics n/a bool false no
identity_ids n/a list(string) [] no
identity_type n/a string "SystemAssigned" no
ingress_application_gateway_enable Ingress Application Gateway bool false no
ingress_application_gateway_name n/a string null no
ingress_application_subnet_cidr n/a string null no
ingress_application_subnet_id n/a string null no
k8s_version What version of k8s to request from provider string "1.11.4" no
key_vault_secrets_provider n/a 
map(object({
    secret_rotation_enabled  = string
    secret_rotation_interval = string
  }))
 null no
kubelet_identity Identity / RBAC goes here 
object({
    client_id                 = string
    object_id                 = string
    user_assigned_identity_id = string
  })
 null no
load_balancer_sku Networking settings. string "standard" no
log_analytics Diagnostics 
map(object({
    enabled = bool
    retention = object({
      enabled = bool
      days    = number
    })
  }))
 {} no
managed_outbound_ip_count n/a number 1 no
max_pods Max pods to support in this cluster pr node number 30 no
metrics n/a 
map(object({
    enabled = bool
    retention = object({
      enabled = bool
      days    = number
    })
  }))
 {} no
msd_enable Enable audit logs collected by Microsoft Defender bool false no
msd_workspace_id Specifies the ID of the Log Analytics Workspace where the audit logs collected by Microsoft Defender should be sent to string "" no
node_pools Node pools to use list [] no
node_resource_group n/a any null no
oidc_issuer_enabled n/a bool false no
oms_agent_enable Enable OMS Agent profile bool true no
oms_workspace_id Operations Management Suite Workspace ID string "" no
outbound_ip_address_ids n/a list(any) null no
outbound_ip_prefix_ids n/a list(any) null no
outbound_type n/a string "loadBalancer" no
private_cluster_enabled n/a bool false no
private_dns_zone_id n/a string null no
rbac_admin_group_ids n/a list(any) [] no
rbac_client_app_id The Client ID of an Azure Active Directory Application any null no
rbac_enable Should RBAC be enabled. bool true no
rbac_managed n/a bool false no
rbac_server_app_id The Server ID of an Azure Active Directory Application any null no
rbac_server_app_secret The Client Secret of an Azure Active Directory Application any null no
resource_group_location Location of the RG the environment will run inside string "West Europe" no
resource_group_name Name of RG the environment will run inside any n/a yes
ssh_public_key public key to add to admin_user in VMs any n/a yes
tags # Metadata ## map {} no
workload_identity_enabled n/a bool false no

Outputs

Name Description
id n/a
identity n/a
kube_client_ca n/a
kube_client_certificate n/a
kube_client_key n/a
kube_cluster_ca n/a
kube_cluster_ca_certificate n/a
kube_config # Outputs ##
kube_configure n/a
kube_host n/a
kube_password n/a
kube_username n/a
kubelet_identity n/a
name Re-export the AKS name for usage
network_profile n/a
node_resource_group auto-generated resource group which contains the resources for this managed kubernetes cluster
oidc_issuer_url n/a
private_fqdn n/a

About

Terraform Module for Azure Kubernetes Service (AKS)

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • HCL 100.0%