Merge pull request #5 from adamrushuk/azurerm-v3

Added support for azurerm v3

.gitignore

@@ -5,6 +5,7 @@ terraform.tfvars
 *.tfstate
 *.tfstate.backup
 tfplan
+.terraform.lock.hcl
 
 # Module directory
 .terraform/

examples/basic/main.tf

@@ -5,7 +5,7 @@ terraform {
     # https://github.com/terraform-providers/terraform-provider-azurerm/releases
     azurerm = {
       source  = "hashicorp/azurerm"
-      version = "2.76.0"
+      version = "3.3.0"
     }
   }
 }
@@ -24,7 +24,7 @@ locals {
   # version used for both main AKS API service, and default node pool
   # https://github.com/Azure/AKS/releases
   # az aks get-versions --location uksouth --output table
-  kubernetes_version  = "1.20.9"
+  kubernetes_version  = "1.21.9"
   location            = "uksouth"
   resource_group_name = "${random_string.aks.result}-rg-azurerm-kubernetes-cluster"
   name                = "${random_string.aks.result}-aks-cluster"

main.tf

@@ -6,7 +6,6 @@ locals {
     orchestrator_version = var.kubernetes_version
     vm_size              = "Standard_D2s_v3"
     os_type              = "Linux"
-    availability_zones   = null
     enable_auto_scaling  = false
     min_count            = null
     max_count            = null
@@ -54,7 +53,6 @@ resource "azurerm_kubernetes_cluster" "aks" {
     orchestrator_version = local.default_node_pool.orchestrator_version
     vm_size              = local.default_node_pool.vm_size
     node_count           = local.default_node_pool.count
-    availability_zones   = local.default_node_pool.availability_zones
     enable_auto_scaling  = local.default_node_pool.enable_auto_scaling
     min_count            = local.default_node_pool.min_count
     max_count            = local.default_node_pool.max_count
@@ -79,36 +77,33 @@ resource "azurerm_kubernetes_cluster" "aks" {
     }
   }
 
-  # managed identity block: https://www.terraform.io/docs/providers/azurerm/r/kubernetes_cluster.html#type-1
+  # managed identity block
+  # https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/kubernetes_cluster#identity
   identity {
     type = "SystemAssigned"
   }
 
   # https://docs.microsoft.com/en-us/azure/aks/azure-ad-rbac
-  role_based_access_control {
-    enabled = true
-
-    # conditional dynamic block
-    dynamic "azure_active_directory" {
-      for_each = var.aad_auth_enabled ? [1] : []
-      content {
-        managed = true
-        admin_group_object_ids = [
-          azuread_group.aks_admins[0].id
-        ]
-      }
+  # conditional dynamic block
+  dynamic "azure_active_directory_role_based_access_control" {
+    for_each = var.aad_auth_enabled ? [1] : []
+    content {
+      managed = true
+      admin_group_object_ids = [
+        azuread_group.aks_admins[0].id
+      ]
     }
   }
 
-  addon_profile {
-    # https://docs.microsoft.com/en-ie/azure/governance/policy/concepts/policy-for-kubernetes
-    azure_policy {
-      enabled = var.azure_policy_enabled
-    }
+  # https://docs.microsoft.com/en-ie/azure/governance/policy/concepts/policy-for-kubernetes
+  azure_policy_enabled = var.azure_policy_enabled
 
-    oms_agent {
-      enabled                    = var.log_analytics_workspace_id != "" ? true : false
-      log_analytics_workspace_id = var.log_analytics_workspace_id != "" ? var.log_analytics_workspace_id : null
+  # https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/kubernetes_cluster#oms_agent
+  # conditional dynamic block
+  dynamic "oms_agent" {
+    for_each = var.log_analytics_workspace_id != "" ? [1] : []
+    content {
+      log_analytics_workspace_id = var.log_analytics_workspace_id
     }
   }
 

test/README.md

@@ -37,7 +37,7 @@ cd test
 terraform destroy
 
 # Delete local TF state and plan
-rm -rf terraform.tfstate* tfplan
+rm -rf terraform.tfstate* tfplan .terraform.lock.hcl
 
 # [OPTIONAL] Delete provider binaries and git modules
 rm -rf .terraform

test/main.tf

@@ -3,7 +3,7 @@ locals {
   # version used for both main AKS API service, and default node pool
   # https://github.com/Azure/AKS/releases
   # az aks get-versions --location uksouth --output table
-  kubernetes_version  = "1.20.9"
+  kubernetes_version  = "1.21.9"
   prefix              = "rush"
   location            = "uksouth"
   resource_group_name = "${local.prefix}-rg-azurerm-kubernetes-cluster"

test/versions.tf

@@ -5,7 +5,12 @@ terraform {
     # https://github.com/terraform-providers/terraform-provider-azurerm/releases
     azurerm = {
       source  = "hashicorp/azurerm"
-      version = "2.78.0"
+      version = "~> 3.3.0"
+    }
+    # https://github.com/terraform-providers/terraform-provider-azuread/releases
+    azuread = {
+      source  = "hashicorp/azuread"
+      version = "~> 2.21.0"
     }
   }
 }

variables.tf

@@ -24,7 +24,7 @@ variable "aks_admin_group_member_name" {
 variable "kubernetes_version" {
   description = "Version for both main AKS API service, and default node pool"
   type        = string
-  default     = "1.20.9"
+  default     = "1.21.9"
 }
 
 variable "sla_sku" {
@@ -36,7 +36,7 @@ variable "sla_sku" {
 variable "load_balancer_sku" {
   description = "Specifies the SKU of the Load Balancer used for this Kubernetes Cluster"
   type        = string
-  default     = "Basic"
+  default     = "basic"
 }
 
 variable "tags" {
@@ -67,7 +67,6 @@ map(object({
   count                 = number
   vm_size               = string
   os_type               = string
-  availability_zones    = list(number)
   enable_auto_scaling   = bool
   min_count             = number
   max_count             = number

versions.tf

@@ -9,7 +9,7 @@ terraform {
     # https://github.com/terraform-providers/terraform-provider-azurerm/releases
     azurerm = {
       source  = "hashicorp/azurerm"
-      version = ">= 2.0"
+      version = ">= 3.0"
     }
 
     # https://github.com/terraform-providers/terraform-provider-azuread/releases