diff --git a/README.md b/README.md
index 85e159c..51307c4 100644
--- a/README.md
+++ b/README.md
@@ -31,7 +31,7 @@ The following requirements are needed by this module:
- [azapi](#requirement\_azapi) (>=2.0, < 3.0)
-- [azurerm](#requirement\_azurerm) (>= 3.86.0, <4.0)
+- [azurerm](#requirement\_azurerm) (>= 4, <5)
- [modtm](#requirement\_modtm) (>= 0.3, < 1.0)
@@ -225,8 +225,7 @@ map(object({
mode = (Optional) Should this Node Pool be used for System or User resources? Possible values are `System` and `User`. Defaults to `User`.
os\_disk\_size\_gb = (Optional) The Agent Operating System disk size in GB. Changing this forces a new resource to be created.
tags = (Optional) A mapping of tags to assign to the resource. At this time there's a bug in the AKS API where Tags for a Node Pool are not stored in the correct case - you [may wish to use Terraform's `ignore_changes` functionality to ignore changes to the casing](https://www.terraform.io/language/meta-arguments/lifecycle#ignore_changess) until this is fixed in the AKS API.
- labels = (Optional) A map of Kubernetes labels which should be applied to nodes in this Node Pool.
- node\_taints = (Optional) A list of the taints added to new nodes during node pool create and scale.
+ labels = (Optional) A map of Kubernetes labels which should be applied to nodes in this Node Pool.
}))
Example input:
@@ -268,20 +267,11 @@ map(object({
os_disk_size_gb = optional(number, null)
tags = optional(map(string), {})
labels = optional(map(string), {})
- node_taints = optional(list(string), null)
}))
```
Default: `{}`
-### [node\_taints](#input\_node\_taints)
-
-Description: (Optional) A list of the taints added to new nodes during node pool create and scale. Changing this forces a new resource to be created.
-
-Type: `list(string)`
-
-Default: `null`
-
### [orchestrator\_version](#input\_orchestrator\_version)
Description: Specify which Kubernetes release to use. Specify only minor version, such as '1.28'.
@@ -364,9 +354,9 @@ The following Modules are called:
### [avm\_res\_containerregistry\_registry](#module\_avm\_res\_containerregistry\_registry)
-Source: Azure/avm-res-containerregistry-registry/azurerm
+Source: github.com/Azure/terraform-azurerm-avm-res-containerregistry-registry
-Version: 0.3.1
+Version:
## Data Collection
diff --git a/examples/default/README.md b/examples/default/README.md
index 1bd5a82..1208373 100644
--- a/examples/default/README.md
+++ b/examples/default/README.md
@@ -9,7 +9,7 @@ terraform {
required_providers {
azurerm = {
source = "hashicorp/azurerm"
- version = ">= 3.7.0, < 4.0.0"
+ version = ">= 4, <5"
}
random = {
source = "hashicorp/random"
@@ -53,6 +53,9 @@ resource "azurerm_resource_group" "this" {
name = module.naming.resource_group.name_unique
}
+# Datasource of current tenant ID
+data "azurerm_client_config" "current" {}
+
# This is the module call
# Do not specify location here due to the randomization above.
# Leaving location as `null` will cause the module to use the resource group location
@@ -66,6 +69,7 @@ module "test" {
location = azurerm_resource_group.this.location
private_dns_zone_id = azurerm_private_dns_zone.mydomain.id
private_dns_zone_id_enabled = true
+ rbac_aad_tenant_id = data.azurerm_client_config.current.tenant_id
network = {
name = module.avm_res_network_virtualnetwork.name
resource_group_name = azurerm_resource_group.this.name
@@ -117,7 +121,7 @@ The following requirements are needed by this module:
- [terraform](#requirement\_terraform) (>= 1.3.0)
-- [azurerm](#requirement\_azurerm) (>= 3.7.0, < 4.0.0)
+- [azurerm](#requirement\_azurerm) (>= 4, <5)
- [random](#requirement\_random) (>= 3.5.0, < 4.0.0)
@@ -129,6 +133,7 @@ The following resources are used by this module:
- [azurerm_private_dns_zone.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_dns_zone) (resource)
- [azurerm_resource_group.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) (resource)
- [random_integer.region_index](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/integer) (resource)
+- [azurerm_client_config.current](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/client_config) (data source)
## Required Inputs
diff --git a/examples/default/main.tf b/examples/default/main.tf
index 9f8ffe5..730c94b 100644
--- a/examples/default/main.tf
+++ b/examples/default/main.tf
@@ -3,7 +3,7 @@ terraform {
required_providers {
azurerm = {
source = "hashicorp/azurerm"
- version = ">= 3.7.0, < 4.0.0"
+ version = ">= 4, <5"
}
random = {
source = "hashicorp/random"
@@ -47,6 +47,9 @@ resource "azurerm_resource_group" "this" {
name = module.naming.resource_group.name_unique
}
+# Datasource of current tenant ID
+data "azurerm_client_config" "current" {}
+
# This is the module call
# Do not specify location here due to the randomization above.
# Leaving location as `null` will cause the module to use the resource group location
@@ -60,6 +63,7 @@ module "test" {
location = azurerm_resource_group.this.location
private_dns_zone_id = azurerm_private_dns_zone.mydomain.id
private_dns_zone_id_enabled = true
+ rbac_aad_tenant_id = data.azurerm_client_config.current.tenant_id
network = {
name = module.avm_res_network_virtualnetwork.name
resource_group_name = azurerm_resource_group.this.name
diff --git a/examples/with_availability_zone/README.md b/examples/with_availability_zone/README.md
index 1fba2e5..e0ffd3f 100644
--- a/examples/with_availability_zone/README.md
+++ b/examples/with_availability_zone/README.md
@@ -9,7 +9,7 @@ terraform {
required_providers {
azurerm = {
source = "hashicorp/azurerm"
- version = ">= 3.7.0, < 4.0.0"
+ version = ">= 4, <5"
}
}
}
@@ -41,6 +41,9 @@ resource "azurerm_user_assigned_identity" "this" {
resource_group_name = azurerm_resource_group.this.name
}
+# Datasource of current tenant ID
+data "azurerm_client_config" "current" {}
+
# This is the module call
# Do not specify location here due to the randomization above.
# Leaving location as `null` will cause the module to use the resource group location
@@ -67,6 +70,7 @@ module "test" {
azurerm_user_assigned_identity.this.id
]
}
+ rbac_aad_tenant_id = data.azurerm_client_config.current.tenant_id
location = "East US 2" # Hardcoded because we have to test in a region with availability zones
node_pools = {
@@ -127,7 +131,7 @@ The following requirements are needed by this module:
- [terraform](#requirement\_terraform) (>= 1.3.0)
-- [azurerm](#requirement\_azurerm) (>= 3.7.0, < 4.0.0)
+- [azurerm](#requirement\_azurerm) (>= 4, <5)
## Resources
@@ -136,6 +140,7 @@ The following resources are used by this module:
- [azurerm_private_dns_zone.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_dns_zone) (resource)
- [azurerm_resource_group.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) (resource)
- [azurerm_user_assigned_identity.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/user_assigned_identity) (resource)
+- [azurerm_client_config.current](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/client_config) (data source)
## Required Inputs
diff --git a/examples/with_availability_zone/main.tf b/examples/with_availability_zone/main.tf
index 39ba6f4..ab80169 100644
--- a/examples/with_availability_zone/main.tf
+++ b/examples/with_availability_zone/main.tf
@@ -3,7 +3,7 @@ terraform {
required_providers {
azurerm = {
source = "hashicorp/azurerm"
- version = ">= 3.7.0, < 4.0.0"
+ version = ">= 4, <5"
}
}
}
@@ -35,6 +35,9 @@ resource "azurerm_user_assigned_identity" "this" {
resource_group_name = azurerm_resource_group.this.name
}
+# Datasource of current tenant ID
+data "azurerm_client_config" "current" {}
+
# This is the module call
# Do not specify location here due to the randomization above.
# Leaving location as `null` will cause the module to use the resource group location
@@ -61,6 +64,7 @@ module "test" {
azurerm_user_assigned_identity.this.id
]
}
+ rbac_aad_tenant_id = data.azurerm_client_config.current.tenant_id
location = "East US 2" # Hardcoded because we have to test in a region with availability zones
node_pools = {
diff --git a/examples/without_availability_zone/README.md b/examples/without_availability_zone/README.md
index 3f9f9cd..427faad 100644
--- a/examples/without_availability_zone/README.md
+++ b/examples/without_availability_zone/README.md
@@ -9,7 +9,7 @@ terraform {
required_providers {
azurerm = {
source = "hashicorp/azurerm"
- version = ">= 3.7.0, < 4.0.0"
+ version = ">= 4, <5"
}
}
}
@@ -40,6 +40,9 @@ resource "azurerm_user_assigned_identity" "this" {
resource_group_name = azurerm_resource_group.this.name
}
+# Datasource of current tenant ID
+data "azurerm_client_config" "current" {}
+
# This is the module call
# Do not specify location here due to the randomization above.
# Leaving location as `null` will cause the module to use the resource group location
@@ -67,6 +70,8 @@ module "test" {
]
}
+ rbac_aad_tenant_id = data.azurerm_client_config.current.tenant_id
+
location = "West US" # Hardcoded because we have to test in a region without availability zones
node_pools = {
workload = {
@@ -123,7 +128,7 @@ The following requirements are needed by this module:
- [terraform](#requirement\_terraform) (>= 1.3.0)
-- [azurerm](#requirement\_azurerm) (>= 3.7.0, < 4.0.0)
+- [azurerm](#requirement\_azurerm) (>= 4, <5)
## Resources
@@ -132,6 +137,7 @@ The following resources are used by this module:
- [azurerm_private_dns_zone.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_dns_zone) (resource)
- [azurerm_resource_group.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) (resource)
- [azurerm_user_assigned_identity.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/user_assigned_identity) (resource)
+- [azurerm_client_config.current](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/client_config) (data source)
## Required Inputs
diff --git a/examples/without_availability_zone/main.tf b/examples/without_availability_zone/main.tf
index 49031ed..a50f509 100644
--- a/examples/without_availability_zone/main.tf
+++ b/examples/without_availability_zone/main.tf
@@ -3,7 +3,7 @@ terraform {
required_providers {
azurerm = {
source = "hashicorp/azurerm"
- version = ">= 3.7.0, < 4.0.0"
+ version = ">= 4, <5"
}
}
}
@@ -34,6 +34,9 @@ resource "azurerm_user_assigned_identity" "this" {
resource_group_name = azurerm_resource_group.this.name
}
+# Datasource of current tenant ID
+data "azurerm_client_config" "current" {}
+
# This is the module call
# Do not specify location here due to the randomization above.
# Leaving location as `null` will cause the module to use the resource group location
@@ -61,6 +64,8 @@ module "test" {
]
}
+ rbac_aad_tenant_id = data.azurerm_client_config.current.tenant_id
+
location = "West US" # Hardcoded because we have to test in a region without availability zones
node_pools = {
workload = {
diff --git a/locals.tf b/locals.tf
index db66ec8..16c903c 100644
--- a/locals.tf
+++ b/locals.tf
@@ -49,7 +49,6 @@ locals {
max_count = pool.max_count
min_count = pool.min_count
labels = pool.labels
- node_taints = pool.node_taints
os_sku = pool.os_sku
mode = pool.mode
os_disk_size_gb = pool.os_disk_size_gb
diff --git a/main.tf b/main.tf
index de9d093..f7bc059 100644
--- a/main.tf
+++ b/main.tf
@@ -1,7 +1,8 @@
module "avm_res_containerregistry_registry" {
- for_each = toset(var.acr == null ? [] : ["acr"])
- source = "Azure/avm-res-containerregistry-registry/azurerm"
- version = "0.3.1"
+ for_each = toset(var.acr == null ? [] : ["acr"])
+ source = "github.com/Azure/terraform-azurerm-avm-res-containerregistry-registry"
+ #source = "Azure/avm-res-containerregistry-registry/azurerm"
+ #version = "0.4.0"
name = var.acr.name
location = var.location
resource_group_name = var.resource_group_name
@@ -60,12 +61,12 @@ resource "azurerm_kubernetes_cluster" "this" {
location = var.location
name = "aks-${var.name}"
resource_group_name = var.resource_group_name
- automatic_channel_upgrade = "patch"
+ automatic_upgrade_channel = "patch"
azure_policy_enabled = true
dns_prefix = var.name
kubernetes_version = var.kubernetes_version
local_account_disabled = true
- node_os_channel_upgrade = "NodeImage"
+ node_os_upgrade_channel = "NodeImage"
oidc_issuer_enabled = true
private_cluster_enabled = true
private_dns_zone_id = var.private_dns_zone_id
@@ -75,20 +76,19 @@ resource "azurerm_kubernetes_cluster" "this" {
workload_identity_enabled = true
default_node_pool {
- name = "agentpool"
- vm_size = "Standard_D4d_v5"
- enable_auto_scaling = true
- enable_host_encryption = true
- max_count = 9
- max_pods = 110
- min_count = 3
- node_labels = var.node_labels
- node_taints = var.node_taints
- orchestrator_version = var.orchestrator_version
- os_sku = var.os_sku
- tags = merge(var.tags, var.agents_tags)
- vnet_subnet_id = var.network.node_subnet_id
- zones = local.default_node_pool_available_zones
+ name = "agentpool"
+ vm_size = "Standard_D4d_v5"
+ auto_scaling_enabled = true
+ host_encryption_enabled = true
+ max_count = 9
+ max_pods = 110
+ min_count = 3
+ node_labels = var.node_labels
+ orchestrator_version = var.orchestrator_version
+ os_sku = var.os_sku
+ tags = merge(var.tags, var.agents_tags)
+ vnet_subnet_id = var.network.node_subnet_id
+ zones = local.default_node_pool_available_zones
upgrade_settings {
max_surge = "10%"
@@ -100,7 +100,6 @@ resource "azurerm_kubernetes_cluster" "this" {
azure_active_directory_role_based_access_control {
admin_group_object_ids = var.rbac_aad_admin_group_object_ids
azure_rbac_enabled = var.rbac_aad_azure_rbac_enabled
- managed = true
tenant_id = var.rbac_aad_tenant_id
}
## Resources that only support UserAssigned
@@ -272,11 +271,10 @@ resource "azurerm_kubernetes_cluster_node_pool" "this" {
kubernetes_cluster_id = azurerm_kubernetes_cluster.this.id
name = each.value.name
vm_size = each.value.vm_size
- enable_auto_scaling = true
+ auto_scaling_enabled = true
max_count = each.value.max_count
min_count = each.value.min_count
node_labels = each.value.labels
- node_taints = each.value.node_taints
orchestrator_version = each.value.orchestrator_version
os_disk_size_gb = each.value.os_disk_size_gb
os_sku = each.value.os_sku
diff --git a/terraform.tf b/terraform.tf
index 28c91bd..6c25c5a 100644
--- a/terraform.tf
+++ b/terraform.tf
@@ -7,7 +7,7 @@ terraform {
}
azurerm = {
source = "hashicorp/azurerm"
- version = ">= 3.86.0, <4.0"
+ version = ">= 4, <5"
}
modtm = {
source = "Azure/modtm"
diff --git a/variables.tf b/variables.tf
index 5cb5091..4a5af26 100644
--- a/variables.tf
+++ b/variables.tf
@@ -133,7 +133,6 @@ variable "node_pools" {
os_disk_size_gb = optional(number, null)
tags = optional(map(string), {})
labels = optional(map(string), {})
- node_taints = optional(list(string), null)
}))
default = {}
description = <<-EOT
@@ -149,7 +148,6 @@ map(object({
os_disk_size_gb = (Optional) The Agent Operating System disk size in GB. Changing this forces a new resource to be created.
tags = (Optional) A mapping of tags to assign to the resource. At this time there's a bug in the AKS API where Tags for a Node Pool are not stored in the correct case - you [may wish to use Terraform's `ignore_changes` functionality to ignore changes to the casing](https://www.terraform.io/language/meta-arguments/lifecycle#ignore_changess) until this is fixed in the AKS API.
labels = (Optional) A map of Kubernetes labels which should be applied to nodes in this Node Pool.
- node_taints = (Optional) A list of the taints added to new nodes during node pool create and scale.
}))
Example input:
@@ -184,12 +182,6 @@ EOT
}
}
-variable "node_taints" {
- type = list(string)
- default = null
- description = "(Optional) A list of the taints added to new nodes during node pool create and scale. Changing this forces a new resource to be created."
-}
-
variable "orchestrator_version" {
type = string
default = null