advanced aks cluster setup with terraform

Since I wrote my blog article private aks and private acr, safer you are, the associated GitHub repository documenting and scripting how I deploy my own AKS cluster got few notable improvements:

• Managed Identity instead of Service Principal for AKS
• Optimize data collection with Azure Monitor for containers
• Azure Bastion to access the Jumpbox VM (the latter not anymore exposed via a Public IP)
• System Node pools
• Azure KeyVault to store Service Principals info to be reused later for CI/CD pipelines to deploy my containerized apps
• Azure Arc enabled Kubernetes to setup the AKS cluster config via GitOps

Among these updates made to my Azure CLI script, I took the opportunity to write the equivalent in Terraform. Since it’s Infrastructure-as-Code as well as Documentation-as-Code, enjoy your walkthrough of the Terraform files ;)

I think Terraform files are easier (than bash script with Azure CLI) to write, maintain, read/understand, share and extend. Furthermore, you could re-run a new deployment/update with just the delta with the previous one. And destroying the entire infrastucture is just one line of code terraform destroy. Think about how you could do the two last scenarios with a bash script with Azure CLI with couple of if... then... else :)

Enjoy, cheers! ;)