search

Azure / AKS-Construction

Accelerate your onboarding to AKS with; Helper Web App, bicep templating and CI/CD samples. Flexible & secure AKS baseline implementations in a Microsoft + community maintained reference implementation.
https://azure.github.io/AKS-Construction/
MIT License
356 stars 165 forks source link

Error running terraform apply #720

Open thomassjogren opened 1 day ago

thomassjogren commented 1 day ago

Describe the bug After using the Helper UI configuring a simple "Managed Environment" and "Non-production Workflow" I copy all of the required terraform files and run the commands in order stated in the deployment for terraform.

Planning works fine but when trying to apply the plan, the following error occur.

│ Error: validating Template Deployment "AKS-C" (Resource Group "aks-test-cluster-rg"): requesting validating: resources.DeploymentsClient#Validate: Failure sending request: StatusCode=400 -- Original Error: Code="InvalidDeployment" Message="Support for symbolic name resources requires a minimum API version of '2020-09-01', but API version '2020-06-01' was supplied."
│
│   with azurerm_resource_group_template_deployment.aksc_deploy,
│   on main.tf line 16, in resource "azurerm_resource_group_template_deployment" "aksc_deploy":
│   16: resource "azurerm_resource_group_template_deployment" "aksc_deploy" {
│

To Reproduce

#main.tf

data "http" "aksc_release" {
  url = "https://github.com/Azure/AKS-Construction/releases/download/0.10.7/main.json"
  request_headers = {
    Accept = "application/json"
    User-Agent = "request module"
  }
}

data "azurerm_client_config" "current" {}

resource "azurerm_resource_group" "rg" {
  name = var.resourceGroupName
  location = var.location
}

resource "azurerm_resource_group_template_deployment" "aksc_deploy" {
  name = "AKS-C"
  resource_group_name = azurerm_resource_group.rg.name
  deployment_mode = "Incremental"
  template_content = data.http.aksc_release.response_body
  parameters_content = jsonencode({
    resourceName = {value=var.resourceName}
    agentCount = {value=var.agentCount}
    upgradeChannel = {value=var.upgradeChannel}
    agentVMSize = {value=var.agentVMSize}
    agentCountMax = {value=var.agentCountMax}
    osSKU = {value=var.osSKU}
    osDiskType = {value=var.osDiskType}
    osDiskSizeGB = {value=var.osDiskSizeGB}
    custom_vnet = {value=var.custom_vnet}
    enable_aad = {value=var.enable_aad}
    AksDisableLocalAccounts = {value=var.AksDisableLocalAccounts}
    enableAzureRBAC = {value=var.enableAzureRBAC}
    adminPrincipalId = {value=data.azurerm_client_config.current.object_id}
    registries_sku = {value=var.registries_sku}
    acrPushRolePrincipalId = {value=data.azurerm_client_config.current.object_id}
    enableTelemetry = {value=var.enableTelemetry}
    omsagent = {value=var.omsagent}
    retentionInDays = {value=var.retentionInDays}
    networkPolicy = {value=var.networkPolicy}
    azurepolicy = {value=var.azurepolicy}
    ingressApplicationGateway = {value=var.ingressApplicationGateway}
    appGWcount = {value=var.appGWcount}
    appGWsku = {value=var.appGWsku}
    appGWmaxCount = {value=var.appGWmaxCount}
    appgwKVIntegration = {value=var.appgwKVIntegration}
    keyVaultAksCSI = {value=var.keyVaultAksCSI}
    keyVaultCreate = {value=var.keyVaultCreate}
    keyVaultOfficerRolePrincipalId = {value=data.azurerm_client_config.current.object_id}
    automationAccountScheduledStartStop = {value=var.automationAccountScheduledStartStop}
    automationStartHour = {value=var.automationStartHour}
  })
}
#variables.tf

variable resourceGroupName {
  type=string
  default="aks-test-cluster-rg"
}
variable location {
  type=string
  default="northeurope"
} 
variable resourceName {
  type=string
  default="aks-test"
} 
variable agentCount {
  type=number
  default=1
} 
variable upgradeChannel {
  type=string
  default="stable"
} 
variable agentVMSize {
  type=string
  default="Standard_B2ls_v2"
} 
variable agentCountMax {
  type=number
  default=20
} 
variable osSKU {
  type=string
  default="AzureLinux"
} 
variable osDiskType {
  type=string
  default="Managed"
} 
variable osDiskSizeGB {
  type=number
  default=32
} 
variable custom_vnet {
  type=bool
  default=true
} 
variable enable_aad {
  type=bool
  default=true
} 
variable AksDisableLocalAccounts {
  type=bool
  default=true
} 
variable enableAzureRBAC {
  type=bool
  default=true
} 
variable registries_sku {
  type=string
  default="Basic"
} 
variable enableTelemetry {
  type=bool
  default=false
} 
variable omsagent {
  type=bool
  default=true
} 
variable retentionInDays {
  type=number
  default=30
} 
variable networkPolicy {
  type=string
  default="azure"
} 
variable azurepolicy {
  type=string
  default="audit"
} 
variable ingressApplicationGateway {
  type=bool
  default=true
} 
variable appGWcount {
  type=number
  default=0
} 
variable appGWsku {
  type=string
  default="WAF_v2"
} 
variable appGWmaxCount {
  type=number
  default=10
} 
variable appgwKVIntegration {
  type=bool
  default=true
} 
variable keyVaultAksCSI {
  type=bool
  default=true
} 
variable keyVaultCreate {
  type=bool
  default=true
} 
variable automationAccountScheduledStartStop {
  type=string
  default="Day"
} 
variable automationStartHour {
  type=number
  default=7
}

Running the commands provided

terraform fmt
terraform init
terraform validate
terraform plan -out main.tfplan
terraform apply main.tfplan                 <--- Failing
terraform output

Expected behavior Deployment should be created in Azure Portal

Additional context Is this project still relevant or has the recommended way of setting up AKS changed?