ansible.builtin.azure_rm_aks (v2.7.16) — module

Install Ansible via pip

Install with pip install ansible==2.7.16

Description

Create, update and delete a managed Azure Container Service (AKS) Instance.

Requirements

• python >= 2.7
• The host that executes this module must have the azure.azcollection collection installed via galaxy
• All python packages listed in collection's requirements-azure.txt must be installed via pip on the host that executes modules from azure.azcollection
• Full installation instructions may be found https://galaxy.ansible.com/azure/azcollection

Usage examples

Scanned by Steampunk Spotter

• Success
  Steampunk Spotter scan finished with no errors, warnings or hints.

    - name: Create a managed Azure Container Services (AKS) instance
      azure_rm_aks:
        name: acctestaks1
        location: eastus
        resource_group: Testing
        dns_prefix: akstest
        linux_profile:
          admin_username: azureuser
          ssh_key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAA...
        service_principal:
          client_id: "cf72ca99-f6b9-4004-b0e0-bee10c521948"
          client_secret: "mySPNp@ssw0rd!"
        agent_pool_profiles:
          - name: default
            count: 5
            vm_size: Standard_D2_v2
        tags:
          Environment: Production

Scanned by Steampunk Spotter

• Success
  Steampunk Spotter scan finished with no errors, warnings or hints.

    - name: Remove a managed Azure Container Services (AKS) instance
      azure_rm_aks:
        name: acctestaks3
        resource_group: Testing
        state: absent

Inputs

    
name:
    description:
    - Name of the managed Azure Container Services (AKS) instance.
    required: true

tags:
    description:
    - Dictionary of string:string pairs to assign as metadata to the object.
    - Metadata tags on the object will be updated with any provided values.
    - To remove tags set append_tags option to false.
    - Currently, Azure DNS zones and Traffic Manager services also don't allow the use
      of spaces in the tag.
    - Azure Front Door doesn't support the use of
    - Azure Automation and Azure CDN only support 15 tags on resources.
    type: dict

state:
    choices:
    - absent
    - present
    default: present
    description:
    - Assert the state of the AKS. Use C(present) to create or update an AKS and C(absent)
      to delete it.

secret:
    description:
    - Azure client secret. Use when authenticating with a Service Principal.
    type: str

tenant:
    description:
    - Azure tenant ID. Use when authenticating with a Service Principal.
    type: str

ad_user:
    description:
    - Active Directory username. Use when authenticating with an Active Directory user
      rather than service principal.
    type: str

profile:
    description:
    - Security profile found in ~/.azure/credentials file.
    type: str

location:
    description:
    - Valid azure location. Defaults to location of the resource group.

log_mode:
    description:
    - Parent argument.
    type: str

log_path:
    description:
    - Parent argument.
    type: str

password:
    description:
    - Active Directory user password. Use when authenticating with an Active Directory
      user rather than service principal.
    type: str

client_id:
    description:
    - Azure client ID. Use when authenticating with a Service Principal.
    type: str

dns_prefix:
    description:
    - DNS prefix specified when creating the managed cluster.

thumbprint:
    description:
    - The thumbprint of the private key specified in I(x509_certificate_path).
    - Use when authenticating with a Service Principal.
    - Required if I(x509_certificate_path) is defined.
    type: str
    version_added: 1.14.0
    version_added_collection: azure.azcollection

api_profile:
    default: latest
    description:
    - Selects an API profile to use when communicating with Azure services. Default value
      of C(latest) is appropriate for public clouds; future values will allow use with
      Azure Stack.
    type: str
    version_added: 0.0.1
    version_added_collection: azure.azcollection

append_tags:
    default: true
    description:
    - Use to control if tags field is canonical or just appends to existing tags.
    - When canonical, any tags not found in the tags parameter will be removed from the
      object's metadata.
    type: bool

auth_source:
    choices:
    - auto
    - cli
    - credential_file
    - env
    - msi
    default: auto
    description:
    - Controls the source of the credentials to use for authentication.
    - Can also be set via the C(ANSIBLE_AZURE_AUTH_SOURCE) environment variable.
    - When set to C(auto) (the default) the precedence is module parameters -> C(env)
      -> C(credential_file) -> C(cli).
    - When set to C(env), the credentials will be read from the environment variables
    - When set to C(credential_file), it will read the profile from C(~/.azure/credentials).
    - When set to C(cli), the credentials will be sources from the Azure CLI profile.
      C(subscription_id) or the environment variable C(AZURE_SUBSCRIPTION_ID) can be used
      to identify the subscription ID if more than one is present otherwise the default
      az cli subscription is used.
    - When set to C(msi), the host machine must be an azure resource with an enabled MSI
      extension. C(subscription_id) or the environment variable C(AZURE_SUBSCRIPTION_ID)
      can be used to identify the subscription ID if the resource is granted access to
      more than one subscription, otherwise the first subscription is chosen.
    - The C(msi) was added in Ansible 2.6.
    type: str
    version_added: 0.0.1
    version_added_collection: azure.azcollection

linux_profile:
    description:
    - The linux profile suboptions.
    suboptions:
      admin_username:
        description:
        - The Admin Username for the Cluster.
        required: true
      ssh_key:
        description:
        - The Public SSH Key used to access the cluster.
        required: true

resource_group:
    description:
    - Name of a resource group where the managed Azure Container Services (AKS) exists
      or will be created.
    required: true

subscription_id:
    description:
    - Your Azure subscription Id.
    type: str

cloud_environment:
    default: AzureCloud
    description:
    - For cloud environments other than the US public cloud, the environment name (as
      defined by Azure Python SDK, eg, C(AzureChinaCloud), C(AzureUSGovernment)), or a
      metadata discovery endpoint URL (required for Azure Stack). Can also be set via
      credential file profile or the C(AZURE_CLOUD_ENVIRONMENT) environment variable.
    type: str
    version_added: 0.0.1
    version_added_collection: azure.azcollection

service_principal:
    description:
    - The service principal suboptions.
    suboptions:
      client_id:
        description:
        - The ID for the Service Principal.
        required: true
      client_secret:
        description:
        - The secret password associated with the service principal.
        required: true

adfs_authority_url:
    description:
    - Azure AD authority url. Use when authenticating with Username/password, and has
      your own ADFS authority.
    type: str
    version_added: 0.0.1
    version_added_collection: azure.azcollection

kubernetes_version:
    description:
    - Version of Kubernetes specified when creating the managed cluster.

agent_pool_profiles:
    description:
    - The agent pool profile suboptions.
    suboptions:
      count:
        description:
        - Number of agents (VMs) to host docker containers.
        - Allowed values must be in the range of 1 to 100 (inclusive).
        required: true
      name:
        description:
        - Unique name of the agent pool profile in the context of the subscription and
          resource group.
        required: true
      os_disk_size_gb:
        description:
        - Size of the OS disk.
      vm_size:
        description:
        - The VM Size of each of the Agent Pool VM's (e.g. Standard_F1 / Standard_D2v2).
        required: true

cert_validation_mode:
    choices:
    - ignore
    - validate
    description:
    - Controls the certificate validation behavior for Azure endpoints. By default, all
      modules will validate the server certificate, but when an HTTPS proxy is in use,
      or against Azure Stack, it may be necessary to disable this behavior by passing
      C(ignore). Can also be set via credential file profile or the C(AZURE_CERT_VALIDATION)
      environment variable.
    type: str
    version_added: 0.0.1
    version_added_collection: azure.azcollection

x509_certificate_path:
    description:
    - Path to the X509 certificate used to create the service principal in PEM format.
    - The certificate must be appended to the private key.
    - Use when authenticating with a Service Principal.
    type: path
    version_added: 1.14.0
    version_added_collection: azure.azcollection

Outputs

state:
  description: Current state of the Azure Container Service (AKS)
  example:
    agent_pool_profiles:
    - count: 1
      dns_prefix: null
      name: default
      os_disk_size_gb: null
      os_type: Linux
      ports: null
      storage_profile: ManagedDisks
      vm_size: Standard_DS1_v2
      vnet_subnet_id: null
    changed: false
    dns_prefix: aks9860bdcd89
    id: /subscriptions/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX/resourcegroups/yuwzhoaks/providers/Microsoft.ContainerService/managedClusters/aks9860bdc
    kube_config: '......'
    kubernetes_version: 1.7.7
    linux_profile:
      admin_username: azureuser
      ssh_key: ssh-rsa AAAAB3NzaC1yc2EAAAADA.....
    location: eastus
    name: aks9860bdc
    provisioning_state: Succeeded
    service_principal_profile:
      client_id: XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX
    tags: {}
    type: Microsoft.ContainerService/ManagedClusters
  returned: always
  type: dict

See also

• Sign in with Azure CLI: How to authenticate using the C(az login) command. link