The following requirements are needed by this module:
No modules.
The following input variables are required:
Description: ID of subnet where API server is deployed
Type: string
Description: ID of existing private DNS zone for cluster - used for private cluster feature
Type: string
Description: ID of subnet where system nodes are deployed
Type: string
Description: n/a
Type: any
Description: n/a
Type: any
Description: ID of existing private DNS zone for keyvault for private endpoints
Type: string
Description: Azure region of cluster such as westeurope, northeurope or swedencentral
Type: string
Description: ID of existing log analytics workspace for Azure Defender for Kubernetes
Type: string
Description: Name of cluster
Type: string
Description: VM SKU for system AKS nodes such as Standard_D4ads_v5
Type: string
Description: ID of resource group where cluster is deployed
Type: string
Description: Name of resource group where cluster is deployed
Type: string
Description: n/a
Type: any
Description: n/a
Type: any
The following input variables are optional (have default values):
Description: n/a
Type: string
Default: "b0797e57-4a37-4f7d-9def-b312831bc3d7"
Description: SKU for cluster such as Free or Standard, for production Standard is recommended
Type: string
Default: "Free"
Description: Channel for automatic cluster upgrades such as stable, patch, rapid, node-image or none
Type: string
Default: "stable"
Description: Cluster version such as 1.24.1 for specific version or 1.24 for latest patch version
Type: string
Default: "1.24"
Description: Maximum count of system nodes
Type: number
Default: 3
Description: Minimum count of system nodes
Type: number
Default: 3
Description: Initial count of system nodes
Type: number
Default: 3
The following resources are used by this module:
- azurerm_api_management_gateway.main (resource)
- azurerm_disk_encryption_set.system (resource)
- azurerm_federated_identity_credential.shared_identity (resource)
- azurerm_key_vault.system (resource)
- azurerm_key_vault_key.kms (resource)
- azurerm_key_vault_key.system_storage (resource)
- azurerm_key_vault_secret.api_management_gateway_token (resource)
- azurerm_kubernetes_cluster.main (resource)
- azurerm_kubernetes_cluster_node_pool.dedicated (resource)
- azurerm_kubernetes_cluster_node_pool.shared (resource)
- azurerm_log_analytics_workspace.monitor (resource)
- azurerm_monitor_diagnostic_setting.forensic (resource)
- azurerm_monitor_diagnostic_setting.operational (resource)
- azurerm_monitor_diagnostic_setting.security (resource)
- azurerm_private_endpoint.keyvault_system (resource)
- azurerm_resource_policy_assignment.allowed_image_default (resource)
- azurerm_resource_policy_assignment.confidential_allowed_image_override (resource)
- azurerm_resource_policy_assignment.https_ingress_only (resource)
- azurerm_resource_policy_assignment.limit_volumes (resource)
- azurerm_resource_policy_assignment.no_api_credentials (resource)
- azurerm_resource_policy_assignment.no_default_namespace (resource)
- azurerm_resource_policy_assignment.no_external_lb (resource)
- azurerm_resource_policy_assignment.no_priv_containers (resource)
- azurerm_resource_policy_assignment.no_priv_escalation (resource)
- azurerm_resource_policy_assignment.no_sysadmin_cap (resource)
- azurerm_resource_policy_assignment.no_sysctl (resource)
- azurerm_resource_policy_assignment.standard_allowed_image_override (resource)
- azurerm_role_assignment.aks_cluster_crypto_user (resource)
- azurerm_role_assignment.aks_managed_identity_operator (resource)
- azurerm_role_assignment.aks_resource_group_contributor (resource)
- azurerm_role_assignment.cluster_admin (resource)
- azurerm_role_assignment.kubeconfig (resource)
- azurerm_role_assignment.private_dns_zone (resource)
- azurerm_role_assignment.shared_identity (resource)
- azurerm_role_assignment.subnets (resource)
- azurerm_role_assignment.system_disk_encryption_set (resource)
- azurerm_role_assignment.system_kv (resource)
- azurerm_storage_account.monitor (resource)
- azurerm_user_assigned_identity.aks_cluster (resource)
- azurerm_user_assigned_identity.aks_kubelet (resource)
- azurerm_user_assigned_identity.shared_identity (resource)
- random_string.aks_kv (resource)
- random_string.monitor (resource)
- time_sleep.wait (resource)
- azapi_resource_action.api_management_gateway_token (data source)
- azurerm_client_config.current (data source)
The following outputs are exported:
Description: n/a
Description: n/a
Description: n/a
Description: n/a
Description: n/a