From 51737f6264fbc60835809e02984229b4f31916a1 Mon Sep 17 00:00:00 2001 From: Stef Pierre Date: Fri, 14 Jun 2024 23:44:06 -0400 Subject: [PATCH] Add support for Azure Policy Add-On for AKS --- modules/azure_aks/main.tf | 1 + modules/azure_aks/variables.tf | 6 ++++++ variables.tf | 6 ++++++ 3 files changed, 13 insertions(+) diff --git a/modules/azure_aks/main.tf b/modules/azure_aks/main.tf index c186b26b..386659ed 100644 --- a/modules/azure_aks/main.tf +++ b/modules/azure_aks/main.tf @@ -14,6 +14,7 @@ resource "azurerm_kubernetes_cluster" "aks" { role_based_access_control_enabled = true http_application_routing_enabled = false disk_encryption_set_id = var.aks_node_disk_encryption_set_id + azure_policy_enabled = var.aks_azure_policy_enabled # https://docs.microsoft.com/en-us/azure/aks/supported-kubernetes-versions # az aks get-versions --location eastus -o table diff --git a/modules/azure_aks/variables.tf b/modules/azure_aks/variables.tf index c9a2f584..b7ab05bc 100644 --- a/modules/azure_aks/variables.tf +++ b/modules/azure_aks/variables.tf @@ -143,6 +143,12 @@ variable "aks_node_disk_encryption_set_id" { default = null } +variable "aks_azure_policy_enabled" { + description = "Enables the Azure Policy Add-On for Azure Kubernetes Service." + type = bool + default = false +} + variable "kubernetes_version" { description = "The AKS cluster K8s version" type = string diff --git a/variables.tf b/variables.tf index 445100fb..dc0b9a4b 100644 --- a/variables.tf +++ b/variables.tf @@ -196,6 +196,12 @@ variable "aks_node_disk_encryption_set_id" { default = null } +variable "aks_azure_policy_enabled" { + description = "Enables the Azure Policy Add-On for Azure Kubernetes Service." + type = bool + default = false +} + # AKS advanced network config variable "aks_network_plugin" { description = "Network plugin to use for networking. Currently supported values are azure and kubenet. Changing this forces a new resource to be created."