ansible / ansible.builtin / v2.7.16 / module / azure_rm_aks Manage a managed Azure Container Service (AKS) Instance. | "added in version" 2.6 of ansible.builtin" Authors: Sertac Ozercan (@sozercan), Yuwei Zhou (@yuwzho) preview | supported by communityansible.builtin.azure_rm_aks (v2.7.16) — module
pip
Install with pip install ansible==2.7.16
Create, update and delete a managed Azure Container Service (AKS) Instance.
- name: Create a managed Azure Container Services (AKS) instance azure_rm_aks: name: acctestaks1 location: eastus resource_group: Testing dns_prefix: akstest linux_profile: admin_username: azureuser ssh_key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAA... service_principal: client_id: "cf72ca99-f6b9-4004-b0e0-bee10c521948" client_secret: "mySPNp@ssw0rd!" agent_pool_profiles: - name: default count: 5 vm_size: Standard_D2_v2 tags: Environment: Production
- name: Remove a managed Azure Container Services (AKS) instance azure_rm_aks: name: acctestaks3 resource_group: Testing state: absent
name: description: - Name of the managed Azure Container Services (AKS) instance. required: true tags: description: - Dictionary of string:string pairs to assign as metadata to the object. - Metadata tags on the object will be updated with any provided values. - To remove tags set append_tags option to false. - Currently, Azure DNS zones and Traffic Manager services also don't allow the use of spaces in the tag. - Azure Front Door doesn't support the use of - Azure Automation and Azure CDN only support 15 tags on resources. type: dict state: choices: - absent - present default: present description: - Assert the state of the AKS. Use C(present) to create or update an AKS and C(absent) to delete it. secret: description: - Azure client secret. Use when authenticating with a Service Principal. type: str tenant: description: - Azure tenant ID. Use when authenticating with a Service Principal. type: str ad_user: description: - Active Directory username. Use when authenticating with an Active Directory user rather than service principal. type: str profile: description: - Security profile found in ~/.azure/credentials file. type: str location: description: - Valid azure location. Defaults to location of the resource group. log_mode: description: - Parent argument. type: str log_path: description: - Parent argument. type: str password: description: - Active Directory user password. Use when authenticating with an Active Directory user rather than service principal. type: str client_id: description: - Azure client ID. Use when authenticating with a Service Principal. type: str dns_prefix: description: - DNS prefix specified when creating the managed cluster. thumbprint: description: - The thumbprint of the private key specified in I(x509_certificate_path). - Use when authenticating with a Service Principal. - Required if I(x509_certificate_path) is defined. type: str version_added: 1.14.0 version_added_collection: azure.azcollection api_profile: default: latest description: - Selects an API profile to use when communicating with Azure services. Default value of C(latest) is appropriate for public clouds; future values will allow use with Azure Stack. type: str version_added: 0.0.1 version_added_collection: azure.azcollection append_tags: default: true description: - Use to control if tags field is canonical or just appends to existing tags. - When canonical, any tags not found in the tags parameter will be removed from the object's metadata. type: bool auth_source: choices: - auto - cli - credential_file - env - msi default: auto description: - Controls the source of the credentials to use for authentication. - Can also be set via the C(ANSIBLE_AZURE_AUTH_SOURCE) environment variable. - When set to C(auto) (the default) the precedence is module parameters -> C(env) -> C(credential_file) -> C(cli). - When set to C(env), the credentials will be read from the environment variables - When set to C(credential_file), it will read the profile from C(~/.azure/credentials). - When set to C(cli), the credentials will be sources from the Azure CLI profile. C(subscription_id) or the environment variable C(AZURE_SUBSCRIPTION_ID) can be used to identify the subscription ID if more than one is present otherwise the default az cli subscription is used. - When set to C(msi), the host machine must be an azure resource with an enabled MSI extension. C(subscription_id) or the environment variable C(AZURE_SUBSCRIPTION_ID) can be used to identify the subscription ID if the resource is granted access to more than one subscription, otherwise the first subscription is chosen. - The C(msi) was added in Ansible 2.6. type: str version_added: 0.0.1 version_added_collection: azure.azcollection linux_profile: description: - The linux profile suboptions. suboptions: admin_username: description: - The Admin Username for the Cluster. required: true ssh_key: description: - The Public SSH Key used to access the cluster. required: true resource_group: description: - Name of a resource group where the managed Azure Container Services (AKS) exists or will be created. required: true subscription_id: description: - Your Azure subscription Id. type: str cloud_environment: default: AzureCloud description: - For cloud environments other than the US public cloud, the environment name (as defined by Azure Python SDK, eg, C(AzureChinaCloud), C(AzureUSGovernment)), or a metadata discovery endpoint URL (required for Azure Stack). Can also be set via credential file profile or the C(AZURE_CLOUD_ENVIRONMENT) environment variable. type: str version_added: 0.0.1 version_added_collection: azure.azcollection service_principal: description: - The service principal suboptions. suboptions: client_id: description: - The ID for the Service Principal. required: true client_secret: description: - The secret password associated with the service principal. required: true adfs_authority_url: description: - Azure AD authority url. Use when authenticating with Username/password, and has your own ADFS authority. type: str version_added: 0.0.1 version_added_collection: azure.azcollection kubernetes_version: description: - Version of Kubernetes specified when creating the managed cluster. agent_pool_profiles: description: - The agent pool profile suboptions. suboptions: count: description: - Number of agents (VMs) to host docker containers. - Allowed values must be in the range of 1 to 100 (inclusive). required: true name: description: - Unique name of the agent pool profile in the context of the subscription and resource group. required: true os_disk_size_gb: description: - Size of the OS disk. vm_size: description: - The VM Size of each of the Agent Pool VM's (e.g. Standard_F1 / Standard_D2v2). required: true cert_validation_mode: choices: - ignore - validate description: - Controls the certificate validation behavior for Azure endpoints. By default, all modules will validate the server certificate, but when an HTTPS proxy is in use, or against Azure Stack, it may be necessary to disable this behavior by passing C(ignore). Can also be set via credential file profile or the C(AZURE_CERT_VALIDATION) environment variable. type: str version_added: 0.0.1 version_added_collection: azure.azcollection x509_certificate_path: description: - Path to the X509 certificate used to create the service principal in PEM format. - The certificate must be appended to the private key. - Use when authenticating with a Service Principal. type: path version_added: 1.14.0 version_added_collection: azure.azcollection
state: description: Current state of the Azure Container Service (AKS) example: agent_pool_profiles: - count: 1 dns_prefix: null name: default os_disk_size_gb: null os_type: Linux ports: null storage_profile: ManagedDisks vm_size: Standard_DS1_v2 vnet_subnet_id: null changed: false dns_prefix: aks9860bdcd89 id: /subscriptions/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX/resourcegroups/yuwzhoaks/providers/Microsoft.ContainerService/managedClusters/aks9860bdc kube_config: '......' kubernetes_version: 1.7.7 linux_profile: admin_username: azureuser ssh_key: ssh-rsa AAAAB3NzaC1yc2EAAAADA..... location: eastus name: aks9860bdc provisioning_state: Succeeded service_principal_profile: client_id: XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX tags: {} type: Microsoft.ContainerService/ManagedClusters returned: always type: dict