-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathvariables.tf
115 lines (99 loc) · 3.16 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
variable "location" {
description = "Location of Azure region in use"
type = string
}
variable "resource_group_name" {
description = "Existing AKS resource group name"
type = string
}
variable "name" {
description = "AKS cluster name"
type = string
}
variable "aks_admin_group_member_name" {
description = "Existing AAD group name to add as a member to the <AKS_CLUSTER_NAME>-aks-administrators group"
type = string
}
# version used for both main AKS API service, and default node pool
# https://github.com/Azure/AKS/releases
# az aks get-versions --location uksouth --output table
variable "kubernetes_version" {
description = "Version for both main AKS API service, and default node pool"
type = string
default = "1.21.9"
}
variable "sla_sku" {
description = "Defines the SLA under which the managed master control plane of AKS is running"
type = string
default = "Free"
}
variable "load_balancer_sku" {
description = "Specifies the SKU of the Load Balancer used for this Kubernetes Cluster"
type = string
default = "basic"
}
variable "tags" {
description = "A map of the tags to use on the resources"
type = map(string)
default = {
Source = "terraform"
}
}
variable "admin_username" {
description = "The admin username of the node VMs that will be deployed"
default = "sysadmin"
}
# Use "cat ~/.ssh/id_rsa.pub"
variable "admin_ssh_public_key" {
description = "Public key for SSH access to the node VMs"
default = ""
}
variable "default_node_pool" {
description = <<EOD
Default node pool configuration. Overrides/merges with locals.default_agent_profile:
```
map(object({
name = string
count = number
vm_size = string
os_type = string
enable_auto_scaling = bool
min_count = number
max_count = number
type = string
node_taints = list(string)
vnet_subnet_id = string
max_pods = number
os_disk_size_gb = number
enable_node_public_ip = bool
}))
```
EOD
type = map(any)
default = {}
}
# ADD-ONS
# https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/kubernetes_cluster#azure_active_directory
# https://docs.microsoft.com/en-us/azure/aks/azure-ad-rbac
variable "aad_auth_enabled" {
description = "Should AAD authentication be enabled"
type = bool
default = true
}
# https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/kubernetes_cluster#azure_policy
# https://docs.microsoft.com/en-ie/azure/governance/policy/concepts/policy-for-kubernetes
variable "azure_policy_enabled" {
description = "Should Azure Policy be enabled"
type = bool
default = true
}
variable "role_based_access_control_enabled" {
description = "(Optional) - Whether Role Based Access Control for the Kubernetes Cluster should be enabled."
type = bool
default = true
}
variable "log_analytics_workspace_id" {
description = "The ID of the Log Analytics Workspace which the OMS Agent should send data to"
type = string
default = ""
}