| Name | Version |
|---|---|
| terraform | >= 1.6.3 |
| azurerm | 3.100.0 |
| Name | Version |
|---|---|
| azurerm | 3.100.0 |
No modules.
| Name | Type |
|---|---|
| azurerm_kubernetes_cluster.main | resource |
| azurerm_role_assignment.main | resource |
| azurerm_resource_group.rg | data source |
| azurerm_subnet.subnet | data source |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| acr_id | Specifies the ACR ID to allow pull access from the Azure Container Registry using the Service Principal or Managed Identity. | string |
null |
no |
| admin_username | The administrator username for the cluster. Changing this will result in the creation of a new cluster. | string |
"azureadmin" |
no |
| agents_count | The initial number of nodes to be included in the node pool. This value must be between 1 and 1000, and within the specified min_count and max_count. | number |
1 |
no |
| agents_name | Specifies the name for the default Kubernetes Node Pool. Changing this will result in the creation of a new node pool. | string |
"nodepool" |
no |
| agents_size | Specifies the size of the virtual machine for the agent nodes, such as Standard_DS2_v2. Changing this will result in the creation of new agent nodes. | string |
"Standard_B2s" |
no |
| aks_sku_tier | Specifies the SKU Tier for the Kubernetes Cluster. Possible values are Free and Paid (which includes the Uptime SLA), with a default of Free. | string |
"Free" |
no |
| aks_version | Specifies the version of Kubernetes to be used when creating the AKS managed cluster. If not specified, the latest recommended version will be used at provisioning time, but it will not auto-upgrade. | string |
"1.22.7" |
no |
| auto_scaler_balance_similar_node_groups | Enables balancing of similar node groups within the auto-scaler profile. | bool |
false |
no |
| auto_scaler_max_graceful_termination_sec | Specifies the maximum duration for graceful termination of nodes within the auto-scaler profile, measured in seconds. | number |
600 |
no |
| auto_scaler_scale_down_delay_after_add | Defines the delay before scaling down after adding nodes in the auto-scaler profile, specified in duration (e.g., 10m for 10 minutes). | string |
"10m" |
no |
| auto_scaler_scale_down_utilization_threshold | Sets the utilization threshold for scaling down nodes within the auto-scaler profile. If the average utilization of a node pool falls below this threshold, scaling down may occur. | number |
0.5 |
no |
| auto_scaler_scan_interval | Indicates the interval at which the auto-scaler scans the node pools, specified in duration (e.g., 10s for 10 seconds). | string |
"10s" |
no |
| auto_scaling_max_count | Specifies the maximum number of nodes for auto-scaling in the Kubernetes cluster. | number |
3 |
no |
| auto_scaling_min_count | Specifies the minimum number of nodes for auto-scaling in the Kubernetes cluster. | number |
1 |
no |
| azure_policy_enabled | Enables Azure Policy for the AKS cluster. | bool |
false |
no |
| client_id | The Client ID associated with the Service Principal. This is required when using a service principal for authentication. | string |
null |
no |
| client_secret | The Client Secret associated with the Service Principal. This is required when using a service principal for authentication. | string |
null |
no |
| cluster_name | Specifies the name of the Managed Kubernetes Cluster to create. Changing this will result in the creation of a new cluster. | string |
n/a | yes |
| default_tags | A map of default tags to apply to all resources for organization and tracking. | map(any) |
null |
no |
| dns_prefix_name | Specifies the DNS prefix when creating the managed cluster. Must start and end with a letter or number, contain only letters, numbers, and hyphens, and be between 1 and 54 characters in length. Changing this will result in the creation of a new resource. | string |
"" |
no |
| dns_service_ip | The IP address within the Kubernetes service address range designated for service discovery (kube-dns). Changing this will result in the creation of a new cluster. | string |
"172.16.2.11" |
no |
| enable_attach_acr | Enables ACR (Azure Container Registry) Pull attach. Requires acr_id to be defined. | bool |
false |
no |
| enable_auto_scaling | Enables auto-scaling for the default node pool of the Kubernetes cluster. | bool |
false |
no |
| enable_microsoft_defender | Enables Microsoft Defender within the AKS cluster for enhanced security and threat protection. | bool |
false |
no |
| enable_oms_agent | Enables the OMS (Operations Management Suite) agent within the AKS cluster for monitoring and management. | bool |
false |
no |
| enable_pod_security_policy | Enables Pod Security Policy for the AKS cluster. | bool |
false |
no |
| environment | Defines the environment for the backend container (e.g., dev, stage, prod). | string |
"dev" |
no |
| http_application_routing_enabled | Enables HTTP Application Routing for the AKS cluster. | bool |
false |
no |
| image_cleaner_enabled | Enables the image cleaner feature within the AKS cluster to help manage and clean up unused images. | bool |
false |
no |
| image_cleaner_interval_hours | Defines the interval, in hours, for the image cleaner to run within the AKS cluster. | number |
24 |
no |
| load_balancer_sku | Specifies the SKU of the Load Balancer for the Kubernetes Cluster. Possible values are Basic and Standard, with a default of Standard. | string |
"standard" |
no |
| local_account_disabled | Disables local accounts within the AKS cluster. | bool |
false |
no |
| max_pods | Indicates the maximum number of pods that can run on each agent. Changing this will result in the creation of new agent nodes. | number |
60 |
no |
| name_log_analytics_workspace | Specifies the name of the Log Analytics Workspace to be created or used. | string |
null |
no |
| network_plugin | Specifies the network plugin to be used for networking within the cluster. Supported values include azure, kubenet, and none. Changing this will result in the creation of a new cluster. | string |
"kubenet" |
no |
| network_policy | Defines the network policy to be used with Azure CNI. Network policies control traffic flow between pods. Supported values include calico and azure. Changing this will result in the creation of a new cluster. | string |
null |
no |
| os_disk_size_gb | Specifies the size of the OS disk for each agent in the node pool, measured in gigabytes. Changing this will result in the creation of new agent nodes. | number |
120 |
no |
| outbound_type | Defines the outbound (egress) routing method for the Kubernetes Cluster. Possible values include loadBalancer, userDefinedRouting, managedNATGateway, and userAssignedNATGateway, with a default of loadBalancer. | string |
"loadBalancer" |
no |
| private_cluster_enabled | Determines whether the Kubernetes cluster's API server should be accessible only via internal IP addresses. This setting provides a private IP address for the Kubernetes API within the virtual network. Defaults to false. Changing this will result in the creation of a new cluster. | bool |
false |
no |
| public_ssh_key | The public SSH key used for accessing the cluster. Changing this will result in the creation of new access configurations. | string |
null |
no |
| rbac | Indicates whether Role-Based Access Control (RBAC) should be enabled for the Kubernetes cluster. Defaults to true. Changing this will result in the creation of a new cluster. | bool |
true |
no |
| region | Specifies the region where the resources will be deployed (e.g., weu, us-east). | string |
"weu" |
no |
| resource_group_location | Specifies the Azure region where the resource group will be created. Changing this will recreate the resource group. | string |
"West Europe" |
no |
| resource_group_name | The name of the resource group to be created in Azure. | string |
n/a | yes |
| service_cidr | Specifies the network range for Kubernetes services. Changing this will result in the creation of a new cluster. | string |
"172.16.2.0/24" |
no |
| solution_name | Specifies the name of the solution to be deployed. Changing this will result in the creation of new configurations. | string |
"ContainerInsights" |
no |
| subnet_name | The name of the subnet to be used for the Kubernetes cluster. | string |
n/a | yes |
| use_service_principal | Indicates whether to use a service principal (true) or a managed identity (false) for authentication. | bool |
true |
no |
| vnet_name | The name of the Virtual Network to be associated with the Kubernetes cluster. | string |
n/a | yes |
| vnet_rg_name | Specifies the Resource Group in which the Virtual Network will reside. | string |
n/a | yes |
| Name | Description |
|---|---|
| client_certificate | Base64 encoded public certificate used by clients to authenticate to the Kubernetes cluster. |
| client_key | Base64 encoded private key used by clients to authenticate to the Kubernetes cluster. |
| cluster_ca_certificate | Base64 encoded public CA certificate used as the root of trust for the Kubernetes cluster. |
| cluster_password | A password or token used to authenticate to the Kubernetes cluster. |
| cluster_username | A username used to authenticate to the Kubernetes cluster. |
| host | The Kubernetes cluster server host. |
| kube_config | A kube_config block as defined below. |