search

Azure / terraform-azurerm-avm-ptn-aks-production

This is the Production Standard for AKS pattern module for Azure Verified Modules (AVM) library. This module deploys a production standard AKS cluster along with supporting a Virtual Network and Azure container registry. It provisions an environment sufficient for most production deployments for AKS.
https://registry.terraform.io/modules/Azure/avm-ptn-aks-production/azurerm/latest
MIT License
15 stars 15 forks source link

[AVM Module Issue]: Log analytics workspace created even if default value is null #56

Closed gevraud closed 4 months ago

gevraud commented 4 months ago

Check for previous/existing GitHub issues

Issue Type?

Bug

(Optional) Module Version

No response

(Optional) Correlation Id

No response

Description

Hello,

log analytics workspace can be null (https://github.com/Azure/terraform-azurerm-avm-ptn-aks-production/blob/main/variables.tf#L86-L90) but the module is creating one.

  # module.dev_cluster.azurerm_log_analytics_workspace.this will be created
  + resource "azurerm_log_analytics_workspace" "this" {
      + allow_resource_only_permissions = true
      + daily_quota_gb                  = -1
      + id                              = (known after apply)
      + internet_ingestion_enabled      = true
      + internet_query_enabled          = true
      + local_authentication_disabled   = false
      + location                        = "westeurope"
      + name                            = "log-aks-dev-001-aks"
      + primary_shared_key              = (sensitive value)
      + resource_group_name             = "rg-aks-dev-001"
      + retention_in_days               = (known after apply)
      + secondary_shared_key            = (sensitive value)
      + sku                             = "PerGB2018"
      + workspace_id                    = (known after apply)
    }

main.tf

resource "azurerm_resource_group" "this" {
  location = var.location
  name     = var.rg_name
}

resource "azurerm_user_assigned_identity" "this" {
  location            = azurerm_resource_group.this.location
  name                = "umi-${var.kubernetes_cluster_name}"
  resource_group_name = azurerm_resource_group.this.name
}

module "dev_cluster" {
  source = "Azure/avm-ptn-aks-production/azurerm"
  version = "0.1.0"

  kubernetes_version  = "1.28"
  enable_telemetry    = false
  name                = var.kubernetes_cluster_name
  resource_group_name = azurerm_resource_group.this.name
  managed_identities = {
    user_assigned_resource_ids = [
      azurerm_user_assigned_identity.this.id
    ]
  }
  agents_tags = {
    type = "compute"
  }
  location = var.location
  node_pools = {
    workload = {
      name                 = "workload"
      vm_size              = "Standard_D2d_v5"
      orchestrator_version = "1.28"
      max_count            = 20
      min_count            = 2
      os_sku               = "Ubuntu"
      mode                 = "User"
    }
  }
}
microsoft-github-policy-service[bot] commented 4 months ago

[!IMPORTANT] The "Needs: Triage :mag:" label must be removed once the triage process is complete!

[!NOTE] This label was added as per ITA06.

microsoft-github-policy-service[bot] commented 4 months ago

[!NOTE] The "Type: Bug :bug:" label was added as per ITA21.

zioproto commented 4 months ago

Hello, this is according to our design, we force the use of Log Analytics to force the collection of logs.

If you need to disable Log Analytics completely you can use the module: https://github.com/Azure/terraform-azurerm-aks

zioproto commented 4 months ago

@gevraud thank you. Testing this I actually spotted an unused variable in our code that made everything more confusing. I am fixing this in PR #59