Azure AKS Terraform Module

Name	Type
azuread_application.oauth2_apps	resource
azuread_application_password.oauth2_apps	resource
azurerm_dns_cname_record.wildcard	resource
azurerm_kubernetes_cluster_node_pool.this	resource
azurerm_policy_assignment.baseline	resource
azurerm_role_assignment.dns_zone_contributor	resource
azurerm_role_assignment.managed_identity_operator	resource
azurerm_role_assignment.reader	resource
azurerm_role_assignment.virtual_machine_contributor	resource
azurerm_storage_account.this	resource
azurerm_storage_container.loki	resource
azurerm_user_assigned_identity.cert_manager	resource
azurerm_user_assigned_identity.kube_prometheus_stack_prometheus	resource
azurerm_user_assigned_identity.this	resource
random_password.grafana_admin_password	resource
random_string.storage_account	resource
random_uuid.argocd_app_role	resource
azurerm_client_config.current	data source
azurerm_dns_zone.this	data source
azurerm_kubernetes_cluster.cluster	data source
azurerm_policy_set_definition.baseline	data source
azurerm_policy_set_definition.restricted	data source
azurerm_resource_group.this	data source
azurerm_subscription.primary	data source

Name

Type

azuread_application.oauth2_apps

resource

azuread_application_password.oauth2_apps

resource

azurerm_dns_cname_record.wildcard

resource

azurerm_kubernetes_cluster_node_pool.this

resource

azurerm_policy_assignment.baseline

resource

azurerm_role_assignment.dns_zone_contributor

resource

azurerm_role_assignment.managed_identity_operator

resource

azurerm_role_assignment.reader

resource

azurerm_role_assignment.virtual_machine_contributor

resource

azurerm_storage_account.this

resource

azurerm_storage_container.loki

resource

azurerm_user_assigned_identity.cert_manager

resource

azurerm_user_assigned_identity.kube_prometheus_stack_prometheus

resource

azurerm_user_assigned_identity.this

resource

random_password.grafana_admin_password

resource

random_string.storage_account

resource

random_uuid.argocd_app_role

resource

azurerm_client_config.current

data source

azurerm_dns_zone.this

data source

azurerm_kubernetes_cluster.cluster

data source

azurerm_policy_set_definition.baseline

data source

azurerm_policy_set_definition.restricted

data source

azurerm_resource_group.this

data source

azurerm_subscription.primary

data source

Inputs

Name Description Type Default Required

Name	Description	Type	Default	Required
admin_group_object_ids	A list of Object IDs of Azure Active Directory Groups which should have Admin Role on the Cluster.	`list(string)`	`[]`	no
agents_count	The number of Agents that should exist in the Agent Pool. Please set `agents_count` `null` while `enable_auto_scaling` is `true` to avoid possible `agents_count` changes.	`number`	`2`	no
agents_labels	A map of Kubernetes labels which should be applied to nodes in the Default Node Pool. Changing this forces a new resource to be created.	`map(string)`	`{}`	no
agents_max_pods	(Optional) The maximum number of pods that can run on each agent. Changing this forces a new resource to be created.	`number`	`null`	no
agents_pool_name	The default Azure AKS agentpool (nodepool) name.	`string`	`"nodepool"`	no
agents_size	The default virtual machine size for the Kubernetes agents	`string`	`"Standard_D4s_v3"`	no
app_node_selectors	Map of argoCD apps to node selector	`map(map(string))`	`{}`	no
app_of_apps_values_overrides	App of apps values overrides.	`string`	`""`	no
argocd_server_secretkey	ArgoCD Server Secert Key to avoid regenerate token on redeploy.	`string`	`null`	no
azureidentities	Azure User Assigned Identities to create	`list(object({ namespace = string name = string }))`	`[]`	no
base_domain	The base domain used for Ingresses.	`string`	n/a	yes
cluster_name	The name of the Kubernetes cluster to create.	`string`	n/a	yes
extra_app_projects	Extra AppProjects objects to deploy.	`any`	`[]`	no
extra_application_sets	Extra ApplicationSets objects to deploy.	`any`	`[]`	no
extra_apps	Extra Applications objects to deploy.	`any`	`[]`	no
grafana_admin_password	The admin password for Grafana.	`string`	`null`	no
kubernetes_version	Specify which Kubernetes release to use.	`string`	`"1.21.9"`	no
network_policy	Enable network policy for the azure CNI	`string`	`null`	no
node_pools	Map of node pools	`map(any)`	`{}`	no
oidc	OIDC configuration for core applications.	`object({ issuer_url = string oauth_url = string token_url = string api_url = string client_id = string client_secret = string oauth2_proxy_extra_args = list(string) })`	`null`	no
os_disk_size_gb	Disk size of nodes in GBs.	`number`	`128`	no
prometheus_oauth2_proxy_args	n/a	`object({ prometheus_oauth2_proxy_extra_args = list(string) prometheus_oauth2_proxy_image = string prometheus_oauth2_proxy_extra_volume_mounts = list(object({ name = string mount_path = string })) })`	`{ "prometheus_oauth2_proxy_extra_args": [], "prometheus_oauth2_proxy_extra_volume_mounts": [], "prometheus_oauth2_proxy_image": "quay.io/oauth2-proxy/oauth2-proxy:v7.1.3" }`	no
public_ssh_key	A custom ssh key to control access to the AKS cluster	`string`	`""`	no
repo_url	The source repo URL of ArgoCD’s app of apps.	`string`	`"https://github.com/camptocamp/devops-stack.git"`	no
repositories	A list of repositories to add to ArgoCD.	`map(map(string))`	`{}`	no
resource_group_name	The Resource Group where the Managed Kubernetes Cluster should exist.	`string`	n/a	yes
sku_tier	The SKU Tier that should be used for this Kubernetes Cluster. Possible values are Free and Paid	`string`	`"Free"`	no
storage_account_replication_type	Storage account replication type for storing loki logs	`string`	`"GRS"`	no
storage_account_tier	Storage account tier used for storing loki logs	`string`	`"Standard"`	no
target_revision	The source target revision of ArgoCD’s app of apps.	`string`	`"v0.56.0"`	no
vnet_subnet_id	The ID of a Subnet where the Kubernetes Node Pool should exist. Changing this forces a new resource to be created.	`string`	n/a	yes
wait_for_app_of_apps	Allow to disable wait for app of apps	`bool`	`true`	no

admin_group_object_ids

A list of Object IDs of Azure Active Directory Groups which should have Admin Role on the Cluster.

list(string)

[]

no

agents_count

The number of Agents that should exist in the Agent Pool. Please set agents_count null while enable_auto_scaling is true to avoid possible agents_count changes.

number

2

no

agents_labels

A map of Kubernetes labels which should be applied to nodes in the Default Node Pool. Changing this forces a new resource to be created.

map(string)

{}

no

agents_max_pods

(Optional) The maximum number of pods that can run on each agent. Changing this forces a new resource to be created.

number

null

no

agents_pool_name

The default Azure AKS agentpool (nodepool) name.

string

"nodepool"

no

agents_size

The default virtual machine size for the Kubernetes agents

string

"Standard_D4s_v3"

no

app_node_selectors

Map of argoCD apps to node selector

map(map(string))

{}

no

app_of_apps_values_overrides

App of apps values overrides.

string

""

no

argocd_server_secretkey

ArgoCD Server Secert Key to avoid regenerate token on redeploy.

string

null

no

azureidentities

Azure User Assigned Identities to create

list(object({
    namespace = string
    name      = string
  }))

[]

no

base_domain

The base domain used for Ingresses.

string

n/a

yes

cluster_name

The name of the Kubernetes cluster to create.

string

n/a

yes

extra_app_projects

Extra AppProjects objects to deploy.

any

[]

no

extra_application_sets

Extra ApplicationSets objects to deploy.

any

[]

no

extra_apps

Extra Applications objects to deploy.

any

[]

no

grafana_admin_password

The admin password for Grafana.

string

null

no

kubernetes_version

Specify which Kubernetes release to use.

string

"1.21.9"

no

network_policy

Enable network policy for the azure CNI

string

null

no

node_pools

Map of node pools

map(any)

{}

no

oidc

OIDC configuration for core applications.

object({
    issuer_url              = string
    oauth_url               = string
    token_url               = string
    api_url                 = string
    client_id               = string
    client_secret           = string
    oauth2_proxy_extra_args = list(string)
  })

null

no

os_disk_size_gb

Disk size of nodes in GBs.

number

128

no

prometheus_oauth2_proxy_args

n/a

object({
    prometheus_oauth2_proxy_extra_args = list(string)
    prometheus_oauth2_proxy_image      = string
    prometheus_oauth2_proxy_extra_volume_mounts = list(object({
      name       = string
      mount_path = string
    }))
  })

{
  "prometheus_oauth2_proxy_extra_args": [],
  "prometheus_oauth2_proxy_extra_volume_mounts": [],
  "prometheus_oauth2_proxy_image": "quay.io/oauth2-proxy/oauth2-proxy:v7.1.3"
}

no

public_ssh_key

A custom ssh key to control access to the AKS cluster

string

""

no

repo_url

The source repo URL of ArgoCD’s app of apps.

string

"https://github.com/camptocamp/devops-stack.git"

no

repositories

A list of repositories to add to ArgoCD.

map(map(string))

{}

no

resource_group_name

The Resource Group where the Managed Kubernetes Cluster should exist.

string

n/a

yes

sku_tier

The SKU Tier that should be used for this Kubernetes Cluster. Possible values are Free and Paid

string

"Free"

no

storage_account_replication_type

Storage account replication type for storing loki logs

string

"GRS"

no

storage_account_tier

Storage account tier used for storing loki logs

string

"Standard"

no

target_revision

The source target revision of ArgoCD’s app of apps.

string

"v0.56.0"

no

vnet_subnet_id

The ID of a Subnet where the Kubernetes Node Pool should exist. Changing this forces a new resource to be created.

string

n/a

yes

wait_for_app_of_apps

Allow to disable wait for app of apps

bool

true

no

Outputs

Name	Description
app_of_apps_values	App of Apps values
argocd_auth_token	The token to set in ARGOCD_AUTH_TOKEN environment variable.
argocd_server	The URL of the ArgoCD server.
argocd_server_admin_password	The ArgoCD admin password.
azureidentities	Azure User Assigned Identities created
base_domain	n/a
cluster_id	n/a
grafana_admin_password	The admin password for Grafana.
kube_admin_config	n/a
kubeconfig	The content of the KUBECONFIG file.
kubelet_identity	n/a
namespaces	n/a
node_resource_group	n/a
prometheus_user_assigned_identity_principal_id	n/a
repo_url	n/a
target_revision	n/a

Name

Description

app_of_apps_values

App of Apps values

argocd_auth_token

The token to set in ARGOCD_AUTH_TOKEN environment variable.

argocd_server

The URL of the ArgoCD server.

argocd_server_admin_password

The ArgoCD admin password.

azureidentities

Azure User Assigned Identities created