diff --git a/.gitignore b/.gitignore index 5c9d280..3545acb 100644 --- a/.gitignore +++ b/.gitignore @@ -5,6 +5,7 @@ terraform.tfvars *.tfstate *.tfstate.backup tfplan +.terraform.lock.hcl # Module directory .terraform/ diff --git a/examples/basic/main.tf b/examples/basic/main.tf index 8462172..025002b 100644 --- a/examples/basic/main.tf +++ b/examples/basic/main.tf @@ -5,7 +5,7 @@ terraform { # https://github.com/terraform-providers/terraform-provider-azurerm/releases azurerm = { source = "hashicorp/azurerm" - version = "2.76.0" + version = "3.3.0" } } } @@ -24,7 +24,7 @@ locals { # version used for both main AKS API service, and default node pool # https://github.com/Azure/AKS/releases # az aks get-versions --location uksouth --output table - kubernetes_version = "1.20.9" + kubernetes_version = "1.21.9" location = "uksouth" resource_group_name = "${random_string.aks.result}-rg-azurerm-kubernetes-cluster" name = "${random_string.aks.result}-aks-cluster" diff --git a/main.tf b/main.tf index da9c64f..3bc892d 100644 --- a/main.tf +++ b/main.tf @@ -6,7 +6,6 @@ locals { orchestrator_version = var.kubernetes_version vm_size = "Standard_D2s_v3" os_type = "Linux" - availability_zones = null enable_auto_scaling = false min_count = null max_count = null @@ -54,7 +53,6 @@ resource "azurerm_kubernetes_cluster" "aks" { orchestrator_version = local.default_node_pool.orchestrator_version vm_size = local.default_node_pool.vm_size node_count = local.default_node_pool.count - availability_zones = local.default_node_pool.availability_zones enable_auto_scaling = local.default_node_pool.enable_auto_scaling min_count = local.default_node_pool.min_count max_count = local.default_node_pool.max_count @@ -79,36 +77,33 @@ resource "azurerm_kubernetes_cluster" "aks" { } } - # managed identity block: https://www.terraform.io/docs/providers/azurerm/r/kubernetes_cluster.html#type-1 + # managed identity block + # https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/kubernetes_cluster#identity identity { type = "SystemAssigned" } # https://docs.microsoft.com/en-us/azure/aks/azure-ad-rbac - role_based_access_control { - enabled = true - - # conditional dynamic block - dynamic "azure_active_directory" { - for_each = var.aad_auth_enabled ? [1] : [] - content { - managed = true - admin_group_object_ids = [ - azuread_group.aks_admins[0].id - ] - } + # conditional dynamic block + dynamic "azure_active_directory_role_based_access_control" { + for_each = var.aad_auth_enabled ? [1] : [] + content { + managed = true + admin_group_object_ids = [ + azuread_group.aks_admins[0].id + ] } } - addon_profile { - # https://docs.microsoft.com/en-ie/azure/governance/policy/concepts/policy-for-kubernetes - azure_policy { - enabled = var.azure_policy_enabled - } + # https://docs.microsoft.com/en-ie/azure/governance/policy/concepts/policy-for-kubernetes + azure_policy_enabled = var.azure_policy_enabled - oms_agent { - enabled = var.log_analytics_workspace_id != "" ? true : false - log_analytics_workspace_id = var.log_analytics_workspace_id != "" ? var.log_analytics_workspace_id : null + # https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/kubernetes_cluster#oms_agent + # conditional dynamic block + dynamic "oms_agent" { + for_each = var.log_analytics_workspace_id != "" ? [1] : [] + content { + log_analytics_workspace_id = var.log_analytics_workspace_id } } diff --git a/test/README.md b/test/README.md index 3a0982d..cf9661e 100644 --- a/test/README.md +++ b/test/README.md @@ -37,7 +37,7 @@ cd test terraform destroy # Delete local TF state and plan -rm -rf terraform.tfstate* tfplan +rm -rf terraform.tfstate* tfplan .terraform.lock.hcl # [OPTIONAL] Delete provider binaries and git modules rm -rf .terraform diff --git a/test/main.tf b/test/main.tf index 4825a4f..e434f08 100644 --- a/test/main.tf +++ b/test/main.tf @@ -3,7 +3,7 @@ locals { # version used for both main AKS API service, and default node pool # https://github.com/Azure/AKS/releases # az aks get-versions --location uksouth --output table - kubernetes_version = "1.20.9" + kubernetes_version = "1.21.9" prefix = "rush" location = "uksouth" resource_group_name = "${local.prefix}-rg-azurerm-kubernetes-cluster" diff --git a/test/versions.tf b/test/versions.tf index f413120..c715dd6 100644 --- a/test/versions.tf +++ b/test/versions.tf @@ -5,7 +5,12 @@ terraform { # https://github.com/terraform-providers/terraform-provider-azurerm/releases azurerm = { source = "hashicorp/azurerm" - version = "2.78.0" + version = "~> 3.3.0" + } + # https://github.com/terraform-providers/terraform-provider-azuread/releases + azuread = { + source = "hashicorp/azuread" + version = "~> 2.21.0" } } } diff --git a/variables.tf b/variables.tf index a1677c6..a4dafc5 100644 --- a/variables.tf +++ b/variables.tf @@ -24,7 +24,7 @@ variable "aks_admin_group_member_name" { variable "kubernetes_version" { description = "Version for both main AKS API service, and default node pool" type = string - default = "1.20.9" + default = "1.21.9" } variable "sla_sku" { @@ -36,7 +36,7 @@ variable "sla_sku" { variable "load_balancer_sku" { description = "Specifies the SKU of the Load Balancer used for this Kubernetes Cluster" type = string - default = "Basic" + default = "basic" } variable "tags" { @@ -67,7 +67,6 @@ map(object({ count = number vm_size = string os_type = string - availability_zones = list(number) enable_auto_scaling = bool min_count = number max_count = number diff --git a/versions.tf b/versions.tf index 1f0ec4e..956cb43 100644 --- a/versions.tf +++ b/versions.tf @@ -9,7 +9,7 @@ terraform { # https://github.com/terraform-providers/terraform-provider-azurerm/releases azurerm = { source = "hashicorp/azurerm" - version = ">= 2.0" + version = ">= 3.0" } # https://github.com/terraform-providers/terraform-provider-azuread/releases