aci_connector_linux |
(Optional) A aci_connector_linux block as defined below. For more details, please visit Create and configure an AKS cluster to use virtual nodes. |
any |
[] |
no |
additional_node_pools |
(Optional) Additional node pools |
any |
{} |
no |
api_server_access_profile |
(Optional) An api_server_access_profile |
any |
[] |
no |
auto_scaler_profile |
(Optional) A auto_scaler_profile block |
any |
[] |
no |
automatic_channel_upgrade |
(Optional) The upgrade channel for this Kubernetes Cluster. Possible values are patch, rapid, node-image and stable. Omitting this field sets this value to none. |
string |
null |
no |
azure_active_directory_role_based_access_control |
(Optional) A azure_active_directory_role_based_access_control |
any |
[] |
no |
azure_policy_enabled |
(Optional) Should the Azure Policy Add-On be enabled? For more details please visit Understand Azure Policy for Azure Kubernetes Service |
bool |
true |
no |
confidential_computing |
(Optional) A confidential_computing block |
any |
[] |
no |
create_aks |
Do you want to create AKS Cluster |
bool |
true |
no |
default_node_pool |
(Required) A default_node_pool block |
any |
n/a |
yes |
disk_encryption_set_id |
(Optional) The ID of the Disk Encryption Set which should be used for the Nodes and Volumes. More information can be found in the documentation. Changing this forces a new resource to be created. |
string |
null |
no |
dns_prefix |
(Optional) DNS prefix specified when creating the managed cluster. Possible values must begin and end with a letter or number, contain only letters, numbers, and hyphens and be between 1 and 54 characters in length. Changing this forces a new resource to be created. |
string |
null |
no |
dns_prefix_private_cluster |
(Optional) Specifies the DNS prefix to use with private clusters. Changing this forces a new resource to be created. |
string |
null |
no |
edge_zone |
(Optional) Specifies the Edge Zone within the Azure Region where this Managed Kubernetes Cluster should exist. Changing this forces a new resource to be created. |
string |
null |
no |
http_application_routing_enabled |
(Optional) Should HTTP Application Routing be enabled? |
bool |
false |
no |
http_proxy_config |
(Optional) A http_proxy_config block |
any |
[] |
no |
identity |
(Optional) An identity block as defined below. One of either identity or service_principal must be specified. |
any |
[] |
no |
image_cleaner_enabled |
(Optional) Specifies whether Image Cleaner is enabled |
bool |
false |
no |
image_cleaner_interval_hours |
(Optional) Specifies the interval in hours when images should be cleaned up. Defaults to 48. |
number |
48 |
no |
ingress_application_gateway |
(Optional) A ingress_application_gateway |
any |
[] |
no |
key_management_service |
(Optional) A key_management_service block as defined below. For more details, please visit Key Management Service (KMS) etcd encryption to an AKS cluster. |
any |
[] |
no |
key_vault_secrets_provider |
(Optional) A key_vault_secrets_provider block as defined below. For more details, please visit Azure Keyvault Secrets Provider for AKS. |
any |
[] |
no |
kubelet_identity |
(Optional) A kubelet_identity block |
any |
[] |
no |
kubernetes_version |
(Optional) Version of Kubernetes specified when creating the AKS managed cluster. If not specified, the latest recommended version will be used at provisioning time (but won't auto-upgrade). AKS does not require an exact patch version to be specified, minor version aliases such as 1.22 are also supported. - The minor version's latest GA patch is automatically chosen in that case. More details can be found in the documentation. |
string |
null |
no |
linux_profile |
(Optional) A linux_profile block |
any |
[] |
no |
local_account_disabled |
(Optional) If true local accounts will be disabled. See the documentation for more information. |
bool |
false |
no |
location |
(Required) The location where the Managed Kubernetes Cluster should be created. Changing this forces a new resource to be created. |
string |
n/a |
yes |
maintenance_window |
(Optional) A maintenance_window block |
any |
[] |
no |
microsoft_defender |
(Optional) A microsoft_defender block |
any |
[] |
no |
monitor_metrics |
(Optional) Specifies a Prometheus add-on profile for the Kubernetes Cluster. A monitor_metrics block as defined below. |
any |
[] |
no |
name |
(Required) The name of the Managed Kubernetes Cluster to create. Changing this forces a new resource to be created. |
string |
n/a |
yes |
network_profile |
(Optional) A network_profile block as defined below. Changing this forces a new resource to be created. |
any |
[ { "load_balancer_sku": "standard", "network_plugin": "azure", "network_policy": "azure" } ] |
no |
node_resource_group |
(Optional) The name of the Resource Group where the Kubernetes Nodes should exist. Changing this forces a new resource to be created. |
string |
null |
no |
oidc_issuer_enabled |
(Optional) Enable or Disable the OIDC issuer URL |
bool |
false |
no |
oms_agent |
(Optional) A oms_agent block |
any |
[] |
no |
open_service_mesh_enabled |
(Optional) Is Open Service Mesh enabled? For more details, please visit Open Service Mesh for AKS. |
bool |
false |
no |
private_cluster_enabled |
(Optional) Should this Kubernetes Cluster have its API server only exposed on internal IP addresses? This provides a Private IP Address for the Kubernetes API on the Virtual Network where the Kubernetes Cluster is located. Defaults to false. Changing this forces a new resource to be created. |
bool |
false |
no |
private_cluster_public_fqdn_enabled |
(Optional) Specifies whether a Public FQDN for this Private Cluster should be added. Defaults to false. |
bool |
false |
no |
private_dns_zone_id |
(Optional) Either the ID of Private DNS Zone which should be delegated to this Cluster, System to have AKS manage this or None. In case of None you will need to bring your own DNS server and set up resolving, otherwise, the cluster will have issues after provisioning. Changing this forces a new resource to be created. |
string |
null |
no |
public_network_access_enabled |
(Optional) Whether public network access is allowed for this Kubernetes Cluster. Defaults to true. Changing this forces a new resource to be created. |
bool |
false |
no |
resource_group_name |
(Required) Specifies the Resource Group where the Managed Kubernetes Cluster should exist. Changing this forces a new resource to be created. |
string |
n/a |
yes |
role_based_access_control_enabled |
(Optional) Whether Role Based Access Control for the Kubernetes Cluster should be enabled. Defaults to true. Changing this forces a new resource to be created. |
bool |
true |
no |
run_command_enabled |
(Optional) Whether to enable run command for the cluster or not. Defaults to true. |
bool |
true |
no |
service_mesh_profile |
(Optional) A service_mesh_profile block |
any |
[] |
no |
service_principal |
(Optional) A service_principal block as documented below. One of either identity or service_principal must be specified. |
any |
[] |
no |
sku_tier |
(Optional) The SKU Tier that should be used for this Kubernetes Cluster. Possible values are Free, and Standard (which includes the Uptime SLA). Defaults to Free. |
string |
"Standard" |
no |
tags |
(Optional) A mapping of tags to assign to the resource. |
map(string) |
{} |
no |
vnet_id |
(Required) Vnet id that Aks MSI should be network contributor in a private cluster |
string |
n/a |
yes |
workload_autoscaler_profile |
(Optional) A workload_autoscaler_profile |
any |
[] |
no |
workload_identity_enabled |
(Optional) Specifies whether Azure AD Workload Identity should be enabled for the Cluster. Defaults to false. |
bool |
false |
no |