Open joselcaguilar opened 1 year ago
@stephybun do you have any update on above issue?
Do you have any workaround for the above issue? Please help me on this
This is seriously annoying that Terraform can NOT perform the action equivalent to
az aks update \
--resource-group myResourceGroup \
--name myAKSCluster \
--api-server-authorized-ip-ranges ""
which is officially documented by Microsoft to Disable authorized IP ranges.
Whatever method I try to clear disable the IP ranges
using now deprecated, but AFAIR this used to work with Terraform AzureRM 3.57.0
api_server_authorized_ip_ranges = []
using current way
api_server_access_profile {
authorized_ip_ranges = []
vnet_integration_enabled = false
}
the IP range 0.0.0.0/32
for Allow only the outbound public IP of the Standard SKU load balancer always comes back:
The only way seems to go to portal.azure.com and manually tick off this setting in AKS > Networking
in order to disable the "Authorized IP ranges" all together:
Have you tried the alternative [""]
? As in a list containing a single empty string. Since the AZ CLI takes ""
, and Terraform takes []
, setting []
seems to mean to do nothing to what's there, whereas [""]
would pass the ""
like on the CLI.
Is there an existing issue for this?
Community Note
Terraform Version
1.3.7
AzureRM Provider Version
3.39.1
Affected Resource(s)/Data Source(s)
azurerm_kubernetes_cluster
Terraform Configuration Files
Debug Output/Panic Output
Expected Behaviour
Remove completely the
authorized_ip_ranges
fromazurerm_kubernetes_cluster
if they were already deployed, in AzCLI it's possible passing""
or just empty as you can see here but it doesn't work in Terraform.I have tried passing:
Or even removing the dynamic
"api_server_access_profile"
block fromazurerm_kubernetes_cluster
, but it is not recognized by TF so the previous config remains.Actual Behaviour
No response
Steps to Reproduce
terraform plan
Important Factoids
No response
References
No response