Requirements

Name	Version
terraform	>= 1.6.3
azurerm	4.42.0

Providers

Name	Version
azurerm	4.42.0

Modules

No modules.

Resources

Name	Type
azurerm_kubernetes_cluster.main	resource
azurerm_role_assignment.main	resource
azurerm_log_analytics_workspace.main	data source
azurerm_resource_group.rg	data source
azurerm_subnet.subnet	data source

Inputs

Name	Description	Type	Default	Required
acr_id	The ID of the Azure Container Registry to allow ACR Pull from the Service Principal or Managed Identity.	string	null	no
admin_username	The admin username for the Kubernetes cluster. Changing this will recreate the resource.	string	"azureadmin"	no
agents_count	The initial number of nodes in the node pool. The value must be between 1 and 1000, and within the min_count and max_count range.	number	1	no
agents_name	The name of the default Kubernetes Node Pool. Changing this will recreate the resource.	string	"nodepool"	no
agents_size	The size of the Virtual Machine instances in the node pool (e.g., 'Standard_DS2_v2'). Changing this will recreate the resource.	string	"Standard_B2s"	no
aks_sku_tier	The SKU tier for the Kubernetes Cluster. Possible values are 'Free' and 'Paid' (includes uptime SLA). Defaults to 'Free'.	string	"Free"	no
aks_version	The version of Kubernetes to use when creating the AKS managed cluster. If not specified, the latest recommended version will be used, but it won't auto-upgrade.	string	"1.30.3"	no
auto_scaler_balance_similar_node_groups	Balance similar node groups in the auto-scaler profile.	bool	false	no
auto_scaler_max_graceful_termination_sec	Maximum number of seconds for graceful termination in the auto-scaler profile.	number	600	no
auto_scaler_scale_down_delay_after_add	Scale-down delay after node addition in the auto-scaler profile.	string	"10m"	no
auto_scaler_scale_down_utilization_threshold	Utilization threshold for scaling down in the auto-scaler profile.	number	0.5	no
auto_scaler_scan_interval	Scan interval for the auto-scaler profile.	string	"10s"	no
auto_scaler_skip_nodes_with_local_storage	Skip nodes with local storage when scaling down.	bool	false	no
auto_scaling_max_count	The maximum number of nodes for auto-scaling.	number	3	no
auto_scaling_min_count	The minimum number of nodes for auto-scaling.	number	1	no
automatic_upgrade_channel	The upgrade channel for the Kubernetes cluster. Valid options are 'patch', 'rapid', 'node-image', and 'stable'. Omitting this sets the value to 'none'.	string	"none"	no
azure_policy_enabled	Enable Azure Policy for the AKS cluster.	bool	false	no
client_id	The Client ID associated with the Service Principal.	string	null	no
client_secret	The Client Secret associated with the Service Principal.	string	null	no
cluster_name	The name of the Managed Kubernetes Cluster to create. Changing this will recreate the resource.	string	n/a	yes
default_tags	A mapping of tags to assign to the resources for organization and management purposes.	map(any)	null	no
dns_prefix_name	DNS prefix specified when creating the managed cluster. Must begin and end with a letter or number, contain only letters, numbers, and hyphens, and be between 1 and 54 characters long. Changing this will recreate the resource.	string	""	no
dns_service_ip	The IP address within the Kubernetes service address range for cluster service discovery (kube-dns). Changing this will recreate the resource.	string	"172.16.2.11"	no
enable_attach_acr	Enable Azure Container Registry (ACR) Pull attach. Requires the 'acr_id' variable to be defined.	bool	false	no
enable_auto_scaling	Enable auto-scaling for the default node pool.	bool	false	no
enable_ingress_application_gateway	Whether to enable the ingress application gateway for traffic routing to the cluster.	bool	false	no
enable_microsoft_defender	Enable Microsoft Defender in the AKS cluster for security scanning and protection.	bool	false	no
enable_oms_agent	Enable the OMS (Operations Management Suite) agent in the AKS cluster.	bool	false	no
enable_upgrade_settings	Enable or disable upgrade settings for the default node pool during an AKS upgrade.	bool	false	no
enable_workload_autoscaler_profile	Specifies whether the workload autoscaler profile block should be enabled in the AKS cluster.	bool	false	no
environment	The environment used for the backend container name key (e.g., 'dev', 'test', 'prod').	string	"dev"	no
http_application_routing_enabled	Enable HTTP Application Routing in the AKS cluster.	bool	false	no
image_cleaner_enabled	Enable the image cleaner in the AKS cluster.	bool	false	no
image_cleaner_interval_hours	The interval in hours for the image cleaner to run in the AKS cluster.	number	24	no
ingress_gateway_id	Optional: The ID of the Application Gateway to integrate with the ingress controller.	string	null	no
ingress_gateway_name	Optional: The name of the Application Gateway to be used or created for ingress traffic.	string	null	no
ingress_gateway_subnet_cidr	Optional: The CIDR block for the subnet where the Application Gateway will be deployed.	string	null	no
ingress_gateway_subnet_id	Optional: The ID of the subnet where the Application Gateway will be deployed.	string	null	no
load_balancer_sku	The SKU for the Load Balancer used by the Kubernetes Cluster. Supported values are 'Basic' and 'Standard'. Defaults to 'Standard'.	string	"standard"	no
local_account_disabled	Disable local accounts in the AKS cluster.	bool	false	no
max_pods	The maximum number of pods that can run on each agent. Changing this will recreate the resource.	number	60	no
msi_auth_for_monitoring_enabled	Enable Managed Service Identity (MSI) authentication for monitoring in the OMS agent.	bool	false	no
name_log_analytics_workspace	The name of the Log Analytics Workspace to be created.	string	null	no
network_plugin	The network plugin to use for networking within the cluster. Supported values are 'azure', 'kubenet', and 'none'. Changing this will recreate the resource.	string	"kubenet"	no
network_policy	The network policy to use with Azure CNI. Network policies control traffic flow between pods. Supported values are 'calico' and 'azure'. Changing this will recreate the resource.	string	null	no
node_os_upgrade_channel	The upgrade channel for the OS image of Kubernetes cluster nodes. Valid options are 'Unmanaged', 'SecurityPatch', 'NodeImage', and 'None'. Defaults to 'None'.	string	"None"	no
os_disk_size_gb	The size (in GB) of the OS disk for each agent in the Node Pool. Changing this will recreate the resource.	number	120	no
outbound_type	The outbound (egress) routing method for the Kubernetes Cluster. Supported values are 'loadBalancer', 'userDefinedRouting', 'managedNATGateway', and 'userAssignedNATGateway'. Defaults to 'loadBalancer'.	string	"loadBalancer"	no
private_cluster_enabled	Indicates whether the Kubernetes API server should be exposed only on internal IP addresses, providing a private IP for the Kubernetes API within the Virtual Network. Defaults to false. Changing this will recreate the resource.	bool	false	no
public_ssh_key	The public SSH key used to access the Kubernetes cluster. Changing this will recreate the resource.	string	null	no
rbac	Specifies whether Role-Based Access Control (RBAC) should be enabled for the Kubernetes Cluster. Defaults to true. Changing this will recreate the resource.	bool	true	no
region	The region in which the resources will be deployed.	string	"weu"	no
resource_group_location	The location or region where the virtual network is created. Changing this will recreate the resource.	string	"West Europe"	no
resource_group_name	The name of the resource group in which the virtual network will be created.	string	n/a	yes
service_cidr	The network range used for Kubernetes services. Changing this will recreate the resource.	string	"172.16.2.0/24"	no
solution_name	The name of the solution to be deployed. Changing this will recreate the resource.	string	"ContainerInsights"	no
subnet_name	The name of the subnet where the Kubernetes cluster will be deployed.	string	n/a	yes
upgrade_settings_drain_timeout_in_minutes	The number of minutes to wait for eviction of pods and graceful termination per node during an upgrade.	number	null	no
upgrade_settings_max_surge	The maximum number or percentage of nodes to be added to the Node Pool size during an upgrade.	string	null	no
upgrade_settings_node_soak_duration_in_minutes	The amount of time in minutes to wait after draining a node before re-imaging it and moving on to the next node during an upgrade.	number	null	no
use_service_principal	Set to true to use a service principal for authentication, or false to use a managed identity.	bool	true	no
vnet_name	The name of the Virtual Network for the Kubernetes cluster.	string	n/a	yes
vnet_rg_name	The name of the Resource Group that contains the Virtual Network.	string	n/a	yes
workload_autoscaler_keda_enabled	Specifies whether the KEDA (Kubernetes Event-driven Autoscaling) Autoscaler can be used for workloads in the AKS cluster.	bool	false	no
workload_autoscaler_vpa_enabled	Specifies whether the Vertical Pod Autoscaler (VPA) should be enabled for automatically adjusting the resources of running pods.	bool	false	no

Outputs

Name	Description
client_certificate	The base64-encoded public certificate used by clients to authenticate to the Kubernetes cluster.
client_key	The base64-encoded private key used by clients to authenticate to the Kubernetes cluster.
cluster_ca_certificate	The base64-encoded public Certificate Authority (CA) certificate used as the root of trust for the Kubernetes cluster.
cluster_password	The password or token used for authentication to the Kubernetes cluster.
cluster_username	The username used for authentication to the Kubernetes cluster.
host	The host URL of the Kubernetes cluster server.
id	The unique identifier (ID) of the Kubernetes Managed Cluster.
kube_config	The raw kube_config block for the Kubernetes cluster as defined below.