[Hack Update] 039-AKSEnterpriseGrade - Refresh Terraform code to April 2024 provider and modules versions

039-AKSEnterpriseGrade/Coach/Solutions/Challenge-02/Terraform/database.tf

@@ -1,40 +1,33 @@
-resource "azurerm_mysql_server" "example" {
+resource "azurerm_mysql_flexible_server" "example" {
   name = random_string.random.result
   #location            = azurerm_resource_group.example.location
   location            = "eastus"
   resource_group_name = azurerm_resource_group.example.name
 
-  administrator_login          = "mysqlazureadmin"
-  administrator_login_password = var.databasepassword
+  administrator_login    = "mysqlazureadmin"
+  administrator_password = var.databasepassword
 
-  sku_name   = "GP_Gen5_2"
-  storage_mb = 5120
-  version    = "5.7"
+  sku_name = "GP_Standard_D2ds_v4"
 
-  auto_grow_enabled                 = true
-  backup_retention_days             = 7
-  geo_redundant_backup_enabled      = false
-  infrastructure_encryption_enabled = false
-  public_network_access_enabled     = false
-  ssl_enforcement_enabled           = false
+  backup_retention_days        = 7
+  geo_redundant_backup_enabled = false
 }
 
 resource "azurerm_private_endpoint" "example" {
   name                = "${random_string.random.result}-endpoint"
   location            = "westeurope"
   resource_group_name = azurerm_resource_group.example.name
-  subnet_id           = module.network.vnet_subnets[0]
+  subnet_id           = module.network.vnet_subnets_name_id["subnet1"]
 
   private_service_connection {
     name                           = "${random_string.random.result}-privateserviceconnection"
-    private_connection_resource_id = azurerm_mysql_server.example.id
+    private_connection_resource_id = azurerm_mysql_flexible_server.example.id
     subresource_names              = ["mysqlServer"]
     is_manual_connection           = false
   }
 }
 
 variable "databasepassword" {
-
   type      = string
   sensitive = true
 }

039-AKSEnterpriseGrade/Coach/Solutions/Challenge-02/Terraform/main.tf

@@ -1,14 +1,18 @@
-
 module "network" {
-  source              = "Azure/network/azurerm"
+  source  = "Azure/subnets/azurerm"
+  version = "1.0.0"
+
   resource_group_name = azurerm_resource_group.example.name
-  address_space       = "10.52.0.0/16"
-  subnet_prefixes     = ["10.52.0.0/24"]
-  subnet_names        = ["subnet1"]
-  depends_on          = [azurerm_resource_group.example]
-  subnet_enforce_private_link_endpoint_network_policies = {
-    "subnet1" : true
+  subnets = {
+    subnet1 = {
+      address_prefixes                          = ["10.52.0.0/24"]
+      private_endpoint_network_policies_enabled = true
+      service_endpoints                         = ["Microsoft.Storage"]
+    }
   }
+  virtual_network_address_space = ["10.52.0.0/16"]
+  virtual_network_location      = azurerm_resource_group.example.location
+  virtual_network_name          = "subnet1"
 }
 
 resource "azurerm_container_registry" "example" {
@@ -26,44 +30,35 @@ resource "azurerm_role_assignment" "example" {
   depends_on                       = [module.aks]
 }
 
-# Grant AKS cluster access to use AKS subnet
-resource "azurerm_role_assignment" "aks" {
-  principal_id         = module.aks.system_assigned_identity[0].principal_id
-  role_definition_name = "Network Contributor"
-  scope                = module.network.vnet_subnets[0]
-  depends_on           = [module.aks]
-}
-
 module "aks" {
-  source                           = "Azure/aks/azurerm"
-  version                          = "4.16.0"
-  resource_group_name              = azurerm_resource_group.example.name
-  client_id                        = var.client_id
-  client_secret                    = var.client_secret
-  kubernetes_version               = "1.23.5"
-  orchestrator_version             = "1.23.5"
-  prefix                           = "default"
-  cluster_name                     = var.cluster_name
-  network_plugin                   = "azure"
-  vnet_subnet_id                   = module.network.vnet_subnets[0]
-  os_disk_size_gb                  = 50
-  sku_tier                         = "Paid" # defaults to Free
-  enable_role_based_access_control = true
-  rbac_aad_admin_group_object_ids  = var.rbac_aad_admin_group_object_ids
-  rbac_aad_managed                 = true
-  private_cluster_enabled          = false
-  enable_http_application_routing  = true
-  enable_azure_policy              = true
-  enable_auto_scaling              = true
-  enable_host_encryption           = false
-  agents_min_count                 = 1
-  agents_max_count                 = 1
-  agents_count                     = null # Please set `agents_count` `null` while `enable_auto_scaling` is `true` to avoid possible `agents_count` changes.
-  agents_max_pods                  = 100
-  agents_pool_name                 = "exnodepool"
-  agents_availability_zones        = ["1", "2"]
-  agents_type                      = "VirtualMachineScaleSets"
-  agents_size                      = "standard_dc2s_v2"
+  source                            = "Azure/aks/azurerm"
+  version                           = "8.0.0"
+  resource_group_name               = azurerm_resource_group.example.name
+  client_id                         = var.client_id
+  client_secret                     = var.client_secret
+  kubernetes_version                = "1.29.2"
+  orchestrator_version              = "1.29.2"
+  prefix                            = "default"
+  cluster_name                      = var.cluster_name
+  network_plugin                    = "azure"
+  vnet_subnet_id                    = module.network.vnet_subnets_name_id["subnet1"]
+  os_disk_size_gb                   = 50
+  sku_tier                          = "Standard"
+  role_based_access_control_enabled = true
+  rbac_aad_admin_group_object_ids   = var.rbac_aad_admin_group_object_ids
+  rbac_aad_managed                  = true
+  private_cluster_enabled           = false
+  web_app_routing                   = { dns_zone_id = "" }
+  enable_auto_scaling               = true
+  enable_host_encryption            = false
+  agents_min_count                  = 1
+  agents_max_count                  = 1
+  agents_count                      = null # Please set `agents_count` `null` while `enable_auto_scaling` is `true` to avoid possible `agents_count` changes.
+  agents_max_pods                   = 100
+  agents_pool_name                  = "exnodepool"
+  agents_availability_zones         = ["1", "2"]
+  agents_type                       = "VirtualMachineScaleSets"
+  agents_size                       = "standard_dc2s_v2"
 
   agents_labels = {
     "nodepool" : "defaultnodepool"
@@ -73,14 +68,12 @@ module "aks" {
     "Agent" : "defaultnodepoolagent"
   }
 
-  enable_ingress_application_gateway      = true
-  ingress_application_gateway_name        = "aks-agw"
-  ingress_application_gateway_subnet_cidr = "10.52.1.0/24"
+  network_policy             = "azure"
+  net_profile_dns_service_ip = "10.0.0.10"
+  net_profile_service_cidr   = "10.0.0.0/16"
 
-  network_policy                 = "azure"
-  net_profile_dns_service_ip     = "10.0.0.10"
-  net_profile_docker_bridge_cidr = "172.16.0.1/16"
-  net_profile_service_cidr       = "10.0.0.0/16"
+  # Grant AKS cluster access to use AKS subnet
+  network_contributor_role_assigned_subnet_ids = { "subnet1" = module.network.vnet_subnets_name_id["subnet1"] }
 
   depends_on = [module.network]
 }

039-AKSEnterpriseGrade/Coach/Solutions/Challenge-02/Terraform/provider.tf

@@ -2,10 +2,9 @@ terraform {
   required_providers {
     azurerm = {
       source  = "hashicorp/azurerm"
-      version = "~> 2.46"
+      version = ">= 3.99"
     }
   }
-
   required_version = ">= 1.1.0"
 }
 

039-AKSEnterpriseGrade/Coach/Solutions/Challenge-02/Terraform/tfvars

@@ -1,4 +1,4 @@
-agents_size = "standard_dc2s_v2"
+agents_size = "Standard_D2d_v5"
 rbac_aad_admin_group_object_ids  = [""]
 resource_group_name = ""
 identity_type = "SystemAssigned"