Skip to content

Instantly share code, notes, and snippets.

@sajeetharan

sajeetharan/gist:8213f9c160ab5bc53111bc7047ca81c6

Created May 24, 2021 17:50
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save sajeetharan/8213f9c160ab5bc53111bc7047ca81c6 to your computer and use it in GitHub Desktop.
Save sajeetharan/8213f9c160ab5bc53111bc7047ca81c6 to your computer and use it in GitHub Desktop.
Download ZIP
Kubelet_identity for AKS cluster
Raw
gistfile1.txt
locals {
global_resource_group = "stackover"
resource_group = "stackover-${var.env_prefix}"
cluster_name = "stackover-${var.env_prefix}-cluster"
ingress_address_res_name = "stackover-${var.env_prefix}-ingress-ip"
}
# --- Existing resources -----------------------------------------------------
data "azurerm_container_registry" "container_registry" {
resource_group_name = local.global_resource_group
name = "stackoverregistry"
}
data "azurerm_public_ip" "cluster_ip" {
resource_group_name = local.resource_group
name = local.ingress_address_res_name
}
data "azurerm_user_assigned_identity" "managed_identity" {
resource_group_name = local.resource_group
name = "stackover-${var.env_prefix}-managed-identity"
}
# ------------------------------------------------------------------------------
resource "azurerm_kubernetes_cluster" "kube_cluster" {
name = local.cluster_name
dns_prefix = local.cluster_name
location = var.location
resource_group_name = local.resource_group
default_node_pool {
name = "default"
node_count = 2
vm_size = "Standard_DS2_v2"
}
identity {
type = "UserAssigned"
user_assigned_identity_id = data.azurerm_user_assigned_identity.managed_identity.id
}
}
resource "azurerm_role_assignment" "acr_role_assignment" {
principal_id = azurerm_kubernetes_cluster.kube_cluster.kubelet_identity[0].object_id
scope = data.azurerm_container_registry.container_registry.id
role_definition_name = "AcrPull"
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment