Open underguiz opened 3 weeks ago
Hi @underguiz ,
Thank you for taking time to report this issue.
This feature is still in preview, we could support it in the azurerm provider. Here's config about how to use this feature with azapi provider, hope it could help you.
resource "azapi_resource" "aksCluster" {
type = "Microsoft.ContainerService/managedClusters@2024-06-02-preview"
parent_id = azapi_resource.resourceGroup.id
name = "hengluaks"
location = "westus"
identity {
type = "SystemAssigned"
}
body = {
properties = {
kubernetesVersion = "1.30.3"
dnsPrefix = "hengluaks"
enableRBAC = true
agentPoolProfiles = [
{
name = "agentpool"
count = 3
vmSize = "Standard_DS2_v2"
osType = "Linux"
mode = "System"
}
]
ingressProfile = {
webAppRouting = {
nginx = {
defaultIngressControllerType = "AnnotationControlled"
}
}
}
}
}
}
Is there an existing issue for this?
Community Note
Description
When you enable the application routing add-on with NGINX, it creates an ingress controller called default in the app-routing-namespace configured with a public facing Azure load balancer. That ingress controller uses an ingress class name of webapprouting.kubernetes.azure.com.
You can also control if the default gets a public or an internal IP, or if it gets created at all when enabling the add-on using BICEP.
This configuration is crucial in regulated environments and the web_app_routing configuration block should support it.
Bicep example:
"ingressProfile": { "webAppRouting": { "nginx": { "defaultIngressControllerType": "None|Internal|External|AnnotationControlled" } }
Link to documentation:
https://learn.microsoft.com/en-us/azure/aks/app-routing-nginx-configuration?tabs=bicep#control-the-default-nginx-ingress-controller-configuration
New or Affected Resource(s)/Data Source(s)
azurerm_kubernetes_cluster
Potential Terraform Configuration
References
No response