| acr_id |
The ID of the Azure Container Registry to allow ACR Pull from the Service Principal or Managed Identity. |
string |
null |
no |
| admin_username |
The admin username for the Kubernetes cluster. Changing this will recreate the resource. |
string |
"azureadmin" |
no |
| agents_count |
The initial number of nodes in the node pool. The value must be between 1 and 1000, and within the min_count and max_count range. |
number |
1 |
no |
| agents_name |
The name of the default Kubernetes Node Pool. Changing this will recreate the resource. |
string |
"nodepool" |
no |
| agents_size |
The size of the Virtual Machine instances in the node pool (e.g., 'Standard_DS2_v2'). Changing this will recreate the resource. |
string |
"Standard_B2s" |
no |
| aks_sku_tier |
The SKU tier for the Kubernetes Cluster. Possible values are 'Free' and 'Paid' (includes uptime SLA). Defaults to 'Free'. |
string |
"Free" |
no |
| aks_version |
The version of Kubernetes to use when creating the AKS managed cluster. If not specified, the latest recommended version will be used, but it won't auto-upgrade. |
string |
"1.30.3" |
no |
| auto_scaler_balance_similar_node_groups |
Balance similar node groups in the auto-scaler profile. |
bool |
false |
no |
| auto_scaler_max_graceful_termination_sec |
Maximum number of seconds for graceful termination in the auto-scaler profile. |
number |
600 |
no |
| auto_scaler_scale_down_delay_after_add |
Scale-down delay after node addition in the auto-scaler profile. |
string |
"10m" |
no |
| auto_scaler_scale_down_utilization_threshold |
Utilization threshold for scaling down in the auto-scaler profile. |
number |
0.5 |
no |
| auto_scaler_scan_interval |
Scan interval for the auto-scaler profile. |
string |
"10s" |
no |
| auto_scaler_skip_nodes_with_local_storage |
Skip nodes with local storage when scaling down. |
bool |
false |
no |
| auto_scaling_max_count |
The maximum number of nodes for auto-scaling. |
number |
3 |
no |
| auto_scaling_min_count |
The minimum number of nodes for auto-scaling. |
number |
1 |
no |
| automatic_upgrade_channel |
The upgrade channel for the Kubernetes cluster. Valid options are 'patch', 'rapid', 'node-image', and 'stable'. Omitting this sets the value to 'none'. |
string |
"none" |
no |
| azure_policy_enabled |
Enable Azure Policy for the AKS cluster. |
bool |
false |
no |
| client_id |
The Client ID associated with the Service Principal. |
string |
null |
no |
| client_secret |
The Client Secret associated with the Service Principal. |
string |
null |
no |
| cluster_name |
The name of the Managed Kubernetes Cluster to create. Changing this will recreate the resource. |
string |
n/a |
yes |
| default_tags |
A mapping of tags to assign to the resources for organization and management purposes. |
map(any) |
null |
no |
| dns_prefix_name |
DNS prefix specified when creating the managed cluster. Must begin and end with a letter or number, contain only letters, numbers, and hyphens, and be between 1 and 54 characters long. Changing this will recreate the resource. |
string |
"" |
no |
| dns_service_ip |
The IP address within the Kubernetes service address range for cluster service discovery (kube-dns). Changing this will recreate the resource. |
string |
"172.16.2.11" |
no |
| enable_attach_acr |
Enable Azure Container Registry (ACR) Pull attach. Requires the 'acr_id' variable to be defined. |
bool |
false |
no |
| enable_auto_scaling |
Enable auto-scaling for the default node pool. |
bool |
false |
no |
| enable_ingress_application_gateway |
Whether to enable the ingress application gateway for traffic routing to the cluster. |
bool |
false |
no |
| enable_microsoft_defender |
Enable Microsoft Defender in the AKS cluster for security scanning and protection. |
bool |
false |
no |
| enable_oms_agent |
Enable the OMS (Operations Management Suite) agent in the AKS cluster. |
bool |
false |
no |
| enable_upgrade_settings |
Enable or disable upgrade settings for the default node pool during an AKS upgrade. |
bool |
false |
no |
| enable_workload_autoscaler_profile |
Specifies whether the workload autoscaler profile block should be enabled in the AKS cluster. |
bool |
false |
no |
| environment |
The environment used for the backend container name key (e.g., 'dev', 'test', 'prod'). |
string |
"dev" |
no |
| http_application_routing_enabled |
Enable HTTP Application Routing in the AKS cluster. |
bool |
false |
no |
| image_cleaner_enabled |
Enable the image cleaner in the AKS cluster. |
bool |
false |
no |
| image_cleaner_interval_hours |
The interval in hours for the image cleaner to run in the AKS cluster. |
number |
24 |
no |
| ingress_gateway_id |
Optional: The ID of the Application Gateway to integrate with the ingress controller. |
string |
null |
no |
| ingress_gateway_name |
Optional: The name of the Application Gateway to be used or created for ingress traffic. |
string |
null |
no |
| ingress_gateway_subnet_cidr |
Optional: The CIDR block for the subnet where the Application Gateway will be deployed. |
string |
null |
no |
| ingress_gateway_subnet_id |
Optional: The ID of the subnet where the Application Gateway will be deployed. |
string |
null |
no |
| load_balancer_sku |
The SKU for the Load Balancer used by the Kubernetes Cluster. Supported values are 'Basic' and 'Standard'. Defaults to 'Standard'. |
string |
"standard" |
no |
| local_account_disabled |
Disable local accounts in the AKS cluster. |
bool |
false |
no |
| max_pods |
The maximum number of pods that can run on each agent. Changing this will recreate the resource. |
number |
60 |
no |
| msi_auth_for_monitoring_enabled |
Enable Managed Service Identity (MSI) authentication for monitoring in the OMS agent. |
bool |
false |
no |
| name_log_analytics_workspace |
The name of the Log Analytics Workspace to be created. |
string |
null |
no |
| network_plugin |
The network plugin to use for networking within the cluster. Supported values are 'azure', 'kubenet', and 'none'. Changing this will recreate the resource. |
string |
"kubenet" |
no |
| network_policy |
The network policy to use with Azure CNI. Network policies control traffic flow between pods. Supported values are 'calico' and 'azure'. Changing this will recreate the resource. |
string |
null |
no |
| node_os_upgrade_channel |
The upgrade channel for the OS image of Kubernetes cluster nodes. Valid options are 'Unmanaged', 'SecurityPatch', 'NodeImage', and 'None'. Defaults to 'None'. |
string |
"None" |
no |
| os_disk_size_gb |
The size (in GB) of the OS disk for each agent in the Node Pool. Changing this will recreate the resource. |
number |
120 |
no |
| outbound_type |
The outbound (egress) routing method for the Kubernetes Cluster. Supported values are 'loadBalancer', 'userDefinedRouting', 'managedNATGateway', and 'userAssignedNATGateway'. Defaults to 'loadBalancer'. |
string |
"loadBalancer" |
no |
| private_cluster_enabled |
Indicates whether the Kubernetes API server should be exposed only on internal IP addresses, providing a private IP for the Kubernetes API within the Virtual Network. Defaults to false. Changing this will recreate the resource. |
bool |
false |
no |
| public_ssh_key |
The public SSH key used to access the Kubernetes cluster. Changing this will recreate the resource. |
string |
null |
no |
| rbac |
Specifies whether Role-Based Access Control (RBAC) should be enabled for the Kubernetes Cluster. Defaults to true. Changing this will recreate the resource. |
bool |
true |
no |
| region |
The region in which the resources will be deployed. |
string |
"weu" |
no |
| resource_group_location |
The location or region where the virtual network is created. Changing this will recreate the resource. |
string |
"West Europe" |
no |
| resource_group_name |
The name of the resource group in which the virtual network will be created. |
string |
n/a |
yes |
| service_cidr |
The network range used for Kubernetes services. Changing this will recreate the resource. |
string |
"172.16.2.0/24" |
no |
| solution_name |
The name of the solution to be deployed. Changing this will recreate the resource. |
string |
"ContainerInsights" |
no |
| subnet_name |
The name of the subnet where the Kubernetes cluster will be deployed. |
string |
n/a |
yes |
| upgrade_settings_drain_timeout_in_minutes |
The number of minutes to wait for eviction of pods and graceful termination per node during an upgrade. |
number |
null |
no |
| upgrade_settings_max_surge |
The maximum number or percentage of nodes to be added to the Node Pool size during an upgrade. |
string |
null |
no |
| upgrade_settings_node_soak_duration_in_minutes |
The amount of time in minutes to wait after draining a node before re-imaging it and moving on to the next node during an upgrade. |
number |
null |
no |
| use_service_principal |
Set to true to use a service principal for authentication, or false to use a managed identity. |
bool |
true |
no |
| vnet_name |
The name of the Virtual Network for the Kubernetes cluster. |
string |
n/a |
yes |
| vnet_rg_name |
The name of the Resource Group that contains the Virtual Network. |
string |
n/a |
yes |
| workload_autoscaler_keda_enabled |
Specifies whether the KEDA (Kubernetes Event-driven Autoscaling) Autoscaler can be used for workloads in the AKS cluster. |
bool |
false |
no |
| workload_autoscaler_vpa_enabled |
Specifies whether the Vertical Pod Autoscaler (VPA) should be enabled for automatically adjusting the resources of running pods. |
bool |
false |
no |