From 09417237aaaf1a113b4c1ec0b1dae864138d404d Mon Sep 17 00:00:00 2001 From: "Menghua Chen (WICRESOFT NORTH AMERICA LTD)" Date: Wed, 4 Sep 2024 10:50:19 +0800 Subject: [PATCH 1/5] add .yml --- .../avm.ptn.azd.insights-dashboard.yml | 88 +++++++++++++++++++ .../avm.ptn.azd.ml-hub-dependencies.yml | 88 +++++++++++++++++++ 2 files changed, 176 insertions(+) create mode 100644 .github/workflows/avm.ptn.azd.insights-dashboard.yml create mode 100644 .github/workflows/avm.ptn.azd.ml-hub-dependencies.yml diff --git a/.github/workflows/avm.ptn.azd.insights-dashboard.yml b/.github/workflows/avm.ptn.azd.insights-dashboard.yml new file mode 100644 index 0000000000..a1df3a89d7 --- /dev/null +++ b/.github/workflows/avm.ptn.azd.insights-dashboard.yml @@ -0,0 +1,88 @@ +name: "avm.ptn.azd.insights-dashboard" + +on: + workflow_dispatch: + inputs: + staticValidation: + type: boolean + description: "Execute static validation" + required: false + default: true + deploymentValidation: + type: boolean + description: "Execute deployment validation" + required: false + default: true + removeDeployment: + type: boolean + description: "Remove deployed module" + required: false + default: true + customLocation: + type: string + description: "Default location overwrite (e.g., eastus)" + required: false + push: + branches: + - main + paths: + - ".github/actions/templates/avm-**" + - ".github/workflows/avm.template.module.yml" + - ".github/workflows/avm.ptn.azd.insights-dashboard" + - "avm/ptn/azd/insights-dashboard/**" + - "avm/utilities/pipelines/**" + - "!avm/utilities/pipelines/platform/**" + - "!*/**/README.md" + +env: + modulePath: "avm/ptn/azd/insights-dashboard" + workflowPath: ".github/workflows/avm.ptn.azd.insights-dashboard.yml" + +concurrency: + group: ${{ github.workflow }} + +jobs: + ########################### + # Initialize pipeline # + ########################### + job_initialize_pipeline: + runs-on: ubuntu-latest + name: "Initialize pipeline" + steps: + - name: "Checkout" + uses: actions/checkout@v4 + with: + fetch-depth: 0 + - name: "Set input parameters to output variables" + id: get-workflow-param + uses: ./.github/actions/templates/avm-getWorkflowInput + with: + workflowPath: "${{ env.workflowPath}}" + - name: "Get module test file paths" + id: get-module-test-file-paths + uses: ./.github/actions/templates/avm-getModuleTestFiles + with: + modulePath: "${{ env.modulePath }}" + outputs: + workflowInput: ${{ steps.get-workflow-param.outputs.workflowInput }} + moduleTestFilePaths: ${{ steps.get-module-test-file-paths.outputs.moduleTestFilePaths }} + psRuleModuleTestFilePaths: ${{ steps.get-module-test-file-paths.outputs.psRuleModuleTestFilePaths }} + modulePath: "${{ env.modulePath }}" + + ############################## + # Call reusable workflow # + ############################## + call-workflow-passing-data: + name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags + needs: + - job_initialize_pipeline + uses: ./.github/workflows/avm.template.module.yml + with: + workflowInput: "${{ needs.job_initialize_pipeline.outputs.workflowInput }}" + moduleTestFilePaths: "${{ needs.job_initialize_pipeline.outputs.moduleTestFilePaths }}" + psRuleModuleTestFilePaths: "${{ needs.job_initialize_pipeline.outputs.psRuleModuleTestFilePaths }}" + modulePath: "${{ needs.job_initialize_pipeline.outputs.modulePath}}" + secrets: inherit \ No newline at end of file diff --git a/.github/workflows/avm.ptn.azd.ml-hub-dependencies.yml b/.github/workflows/avm.ptn.azd.ml-hub-dependencies.yml new file mode 100644 index 0000000000..fc862654f2 --- /dev/null +++ b/.github/workflows/avm.ptn.azd.ml-hub-dependencies.yml @@ -0,0 +1,88 @@ +name: "avm.ptn.azd.ml-hub-dependencies" + +on: + workflow_dispatch: + inputs: + staticValidation: + type: boolean + description: "Execute static validation" + required: false + default: true + deploymentValidation: + type: boolean + description: "Execute deployment validation" + required: false + default: true + removeDeployment: + type: boolean + description: "Remove deployed module" + required: false + default: true + customLocation: + type: string + description: "Default location overwrite (e.g., eastus)" + required: false + push: + branches: + - main + paths: + - ".github/actions/templates/avm-**" + - ".github/workflows/avm.template.module.yml" + - ".github/workflows/avm.ptn.azd.ml-hub-dependencies" + - "avm/ptn/azd/ml-hub-dependencies/**" + - "avm/utilities/pipelines/**" + - "!avm/utilities/pipelines/platform/**" + - "!*/**/README.md" + +env: + modulePath: "avm/ptn/azd/ml-hub-dependencies" + workflowPath: ".github/workflows/avm.ptn.azd.ml-hub-dependencies.yml" + +concurrency: + group: ${{ github.workflow }} + +jobs: + ########################### + # Initialize pipeline # + ########################### + job_initialize_pipeline: + runs-on: ubuntu-latest + name: "Initialize pipeline" + steps: + - name: "Checkout" + uses: actions/checkout@v4 + with: + fetch-depth: 0 + - name: "Set input parameters to output variables" + id: get-workflow-param + uses: ./.github/actions/templates/avm-getWorkflowInput + with: + workflowPath: "${{ env.workflowPath}}" + - name: "Get module test file paths" + id: get-module-test-file-paths + uses: ./.github/actions/templates/avm-getModuleTestFiles + with: + modulePath: "${{ env.modulePath }}" + outputs: + workflowInput: ${{ steps.get-workflow-param.outputs.workflowInput }} + moduleTestFilePaths: ${{ steps.get-module-test-file-paths.outputs.moduleTestFilePaths }} + psRuleModuleTestFilePaths: ${{ steps.get-module-test-file-paths.outputs.psRuleModuleTestFilePaths }} + modulePath: "${{ env.modulePath }}" + + ############################## + # Call reusable workflow # + ############################## + call-workflow-passing-data: + name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags + needs: + - job_initialize_pipeline + uses: ./.github/workflows/avm.template.module.yml + with: + workflowInput: "${{ needs.job_initialize_pipeline.outputs.workflowInput }}" + moduleTestFilePaths: "${{ needs.job_initialize_pipeline.outputs.moduleTestFilePaths }}" + psRuleModuleTestFilePaths: "${{ needs.job_initialize_pipeline.outputs.psRuleModuleTestFilePaths }}" + modulePath: "${{ needs.job_initialize_pipeline.outputs.modulePath}}" + secrets: inherit \ No newline at end of file From 27dc2291402a78b06888f5e55fc741b47a2cc9d4 Mon Sep 17 00:00:00 2001 From: "Menghua Chen (WICRESOFT NORTH AMERICA LTD)" Date: Tue, 10 Sep 2024 16:26:42 +0800 Subject: [PATCH 2/5] add avm.ptn.azd.ml-project.yml --- .github/workflows/avm.ptn.azd.ml-project.yml | 88 ++++++++++++++++++++ 1 file changed, 88 insertions(+) create mode 100644 .github/workflows/avm.ptn.azd.ml-project.yml diff --git a/.github/workflows/avm.ptn.azd.ml-project.yml b/.github/workflows/avm.ptn.azd.ml-project.yml new file mode 100644 index 0000000000..b2d2f60191 --- /dev/null +++ b/.github/workflows/avm.ptn.azd.ml-project.yml @@ -0,0 +1,88 @@ +name: "avm.ptn.azd.ml-project" + +on: + workflow_dispatch: + inputs: + staticValidation: + type: boolean + description: "Execute static validation" + required: false + default: true + deploymentValidation: + type: boolean + description: "Execute deployment validation" + required: false + default: true + removeDeployment: + type: boolean + description: "Remove deployed module" + required: false + default: true + customLocation: + type: string + description: "Default location overwrite (e.g., eastus)" + required: false + push: + branches: + - main + paths: + - ".github/actions/templates/avm-**" + - ".github/workflows/avm.template.module.yml" + - ".github/workflows/avm.ptn.azd.ml-project" + - "avm/ptn/azd/ml-project/**" + - "avm/utilities/pipelines/**" + - "!avm/utilities/pipelines/platform/**" + - "!*/**/README.md" + +env: + modulePath: "avm/ptn/azd/ml-project" + workflowPath: ".github/workflows/avm.ptn.azd.ml-project.yml" + +concurrency: + group: ${{ github.workflow }} + +jobs: + ########################### + # Initialize pipeline # + ########################### + job_initialize_pipeline: + runs-on: ubuntu-latest + name: "Initialize pipeline" + steps: + - name: "Checkout" + uses: actions/checkout@v4 + with: + fetch-depth: 0 + - name: "Set input parameters to output variables" + id: get-workflow-param + uses: ./.github/actions/templates/avm-getWorkflowInput + with: + workflowPath: "${{ env.workflowPath}}" + - name: "Get module test file paths" + id: get-module-test-file-paths + uses: ./.github/actions/templates/avm-getModuleTestFiles + with: + modulePath: "${{ env.modulePath }}" + outputs: + workflowInput: ${{ steps.get-workflow-param.outputs.workflowInput }} + moduleTestFilePaths: ${{ steps.get-module-test-file-paths.outputs.moduleTestFilePaths }} + psRuleModuleTestFilePaths: ${{ steps.get-module-test-file-paths.outputs.psRuleModuleTestFilePaths }} + modulePath: "${{ env.modulePath }}" + + ############################## + # Call reusable workflow # + ############################## + call-workflow-passing-data: + name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags + needs: + - job_initialize_pipeline + uses: ./.github/workflows/avm.template.module.yml + with: + workflowInput: "${{ needs.job_initialize_pipeline.outputs.workflowInput }}" + moduleTestFilePaths: "${{ needs.job_initialize_pipeline.outputs.moduleTestFilePaths }}" + psRuleModuleTestFilePaths: "${{ needs.job_initialize_pipeline.outputs.psRuleModuleTestFilePaths }}" + modulePath: "${{ needs.job_initialize_pipeline.outputs.modulePath}}" + secrets: inherit \ No newline at end of file From 818d862f6e37f42a3408874891fe5071a994bf73 Mon Sep 17 00:00:00 2001 From: "Menghua Chen (WICRESOFT NORTH AMERICA LTD)" Date: Wed, 11 Sep 2024 15:21:58 +0800 Subject: [PATCH 3/5] add ml-ai-environment yml --- .../avm.ptn.azd.ml-ai-environment.yml | 88 +++++++++++++++++++ 1 file changed, 88 insertions(+) create mode 100644 .github/workflows/avm.ptn.azd.ml-ai-environment.yml diff --git a/.github/workflows/avm.ptn.azd.ml-ai-environment.yml b/.github/workflows/avm.ptn.azd.ml-ai-environment.yml new file mode 100644 index 0000000000..2bf27870e8 --- /dev/null +++ b/.github/workflows/avm.ptn.azd.ml-ai-environment.yml @@ -0,0 +1,88 @@ +name: "avm.ptn.azd.ml-ai-environment" + +on: + workflow_dispatch: + inputs: + staticValidation: + type: boolean + description: "Execute static validation" + required: false + default: true + deploymentValidation: + type: boolean + description: "Execute deployment validation" + required: false + default: true + removeDeployment: + type: boolean + description: "Remove deployed module" + required: false + default: true + customLocation: + type: string + description: "Default location overwrite (e.g., eastus)" + required: false + push: + branches: + - main + paths: + - ".github/actions/templates/avm-**" + - ".github/workflows/avm.template.module.yml" + - ".github/workflows/avm.ptn.azd.ml-ai-environment" + - "avm/ptn/azd/ml-ai-environment/**" + - "avm/utilities/pipelines/**" + - "!avm/utilities/pipelines/platform/**" + - "!*/**/README.md" + +env: + modulePath: "avm/ptn/azd/ml-ai-environment" + workflowPath: ".github/workflows/avm.ptn.azd.ml-ai-environment.yml" + +concurrency: + group: ${{ github.workflow }} + +jobs: + ########################### + # Initialize pipeline # + ########################### + job_initialize_pipeline: + runs-on: ubuntu-latest + name: "Initialize pipeline" + steps: + - name: "Checkout" + uses: actions/checkout@v4 + with: + fetch-depth: 0 + - name: "Set input parameters to output variables" + id: get-workflow-param + uses: ./.github/actions/templates/avm-getWorkflowInput + with: + workflowPath: "${{ env.workflowPath}}" + - name: "Get module test file paths" + id: get-module-test-file-paths + uses: ./.github/actions/templates/avm-getModuleTestFiles + with: + modulePath: "${{ env.modulePath }}" + outputs: + workflowInput: ${{ steps.get-workflow-param.outputs.workflowInput }} + moduleTestFilePaths: ${{ steps.get-module-test-file-paths.outputs.moduleTestFilePaths }} + psRuleModuleTestFilePaths: ${{ steps.get-module-test-file-paths.outputs.psRuleModuleTestFilePaths }} + modulePath: "${{ env.modulePath }}" + + ############################## + # Call reusable workflow # + ############################## + call-workflow-passing-data: + name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags + needs: + - job_initialize_pipeline + uses: ./.github/workflows/avm.template.module.yml + with: + workflowInput: "${{ needs.job_initialize_pipeline.outputs.workflowInput }}" + moduleTestFilePaths: "${{ needs.job_initialize_pipeline.outputs.moduleTestFilePaths }}" + psRuleModuleTestFilePaths: "${{ needs.job_initialize_pipeline.outputs.psRuleModuleTestFilePaths }}" + modulePath: "${{ needs.job_initialize_pipeline.outputs.modulePath}}" + secrets: inherit \ No newline at end of file From 3de581825bdcbf984c4d09325a4d59d79f0f26db Mon Sep 17 00:00:00 2001 From: "Menghua Chen (WICRESOFT NORTH AMERICA LTD)" Date: Fri, 22 Nov 2024 09:15:51 +0800 Subject: [PATCH 4/5] Add conditional judgment for aadProfile parameters --- .../managed-cluster/README.md | 9 +++++ .../managed-cluster/main.bicep | 7 +++- .../managed-cluster/main.json | 39 +++++++++++-------- 3 files changed, 36 insertions(+), 19 deletions(-) diff --git a/avm/res/container-service/managed-cluster/README.md b/avm/res/container-service/managed-cluster/README.md index 8ff9e062da..584feeeeb5 100644 --- a/avm/res/container-service/managed-cluster/README.md +++ b/avm/res/container-service/managed-cluster/README.md @@ -2684,6 +2684,7 @@ param tags = { | [`dnsPrefix`](#parameter-dnsprefix) | string | Specifies the DNS prefix specified when creating the managed cluster. | | [`dnsServiceIP`](#parameter-dnsserviceip) | string | Specifies the IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr. | | [`dnsZoneResourceId`](#parameter-dnszoneresourceid) | string | Specifies the resource ID of connected DNS zone. It will be ignored if `webApplicationRoutingEnabled` is set to `false`. | +| [`enableAad`](#parameter-enableaad) | bool | Enable Azure Active Directory integration. | | [`enableAzureDefender`](#parameter-enableazuredefender) | bool | Whether to enable Azure Defender. | | [`enableAzureMonitorProfileMetrics`](#parameter-enableazuremonitorprofilemetrics) | bool | Whether the metric state of the kubenetes cluster is enabled. | | [`enableContainerInsights`](#parameter-enablecontainerinsights) | bool | Indicates if Azure Monitor Container Insights Logs Addon is enabled. | @@ -4063,6 +4064,14 @@ Specifies the resource ID of connected DNS zone. It will be ignored if `webAppli - Required: No - Type: string +### Parameter: `enableAad` + +Enable Azure Active Directory integration. + +- Required: No +- Type: bool +- Default: `False` + ### Parameter: `enableAzureDefender` Whether to enable Azure Defender. diff --git a/avm/res/container-service/managed-cluster/main.bicep b/avm/res/container-service/managed-cluster/main.bicep index 3aecff5f78..21d7aee7d7 100644 --- a/avm/res/container-service/managed-cluster/main.bicep +++ b/avm/res/container-service/managed-cluster/main.bicep @@ -101,6 +101,9 @@ param adminUsername string = 'azureuser' @description('Optional. Specifies the SSH RSA public key string for the Linux nodes.') param sshPublicKey string? +@description('Optional. Enable Azure Active Directory integration.') +param enableAad bool = false + @description('Conditional. Information about a service principal identity for the cluster to use for manipulating Azure APIs. Required if no managed identities are assigned to the cluster.') param aksServicePrincipalProfile object? @@ -739,7 +742,7 @@ resource managedCluster 'Microsoft.ContainerService/managedClusters@2024-03-02-p } } publicNetworkAccess: publicNetworkAccess - aadProfile: { + aadProfile: enableAad ? { clientAppID: aadProfileClientAppID serverAppID: aadProfileServerAppID serverAppSecret: aadProfileServerAppSecret @@ -747,7 +750,7 @@ resource managedCluster 'Microsoft.ContainerService/managedClusters@2024-03-02-p enableAzureRBAC: aadProfileEnableAzureRBAC adminGroupObjectIDs: aadProfileAdminGroupObjectIDs tenantID: aadProfileTenantId - } + } : null autoScalerProfile: { 'balance-similar-node-groups': toLower(string(autoScalerProfileBalanceSimilarNodeGroups)) expander: autoScalerProfileExpander diff --git a/avm/res/container-service/managed-cluster/main.json b/avm/res/container-service/managed-cluster/main.json index 3f20739576..225829bf70 100644 --- a/avm/res/container-service/managed-cluster/main.json +++ b/avm/res/container-service/managed-cluster/main.json @@ -5,8 +5,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.31.34.60546", - "templateHash": "178765084464759811" + "version": "0.30.23.60470", + "templateHash": "13500053223041210958" }, "name": "Azure Kubernetes Service (AKS) Managed Clusters", "description": "This module deploys an Azure Kubernetes Service (AKS) Managed Cluster.", @@ -926,6 +926,13 @@ "description": "Optional. Specifies the SSH RSA public key string for the Linux nodes." } }, + "enableAad": { + "type": "bool", + "defaultValue": false, + "metadata": { + "description": "Optional. Enable Azure Active Directory integration." + } + }, "aksServicePrincipalProfile": { "type": "object", "nullable": true, @@ -1678,7 +1685,10 @@ "apiVersion": "2023-02-01", "subscriptionId": "[split(coalesce(tryGet(parameters('customerManagedKey'), 'keyVaultResourceId'), '//'), '/')[2]]", "resourceGroup": "[split(coalesce(tryGet(parameters('customerManagedKey'), 'keyVaultResourceId'), '////'), '/')[4]]", - "name": "[format('{0}/{1}', last(split(coalesce(tryGet(parameters('customerManagedKey'), 'keyVaultResourceId'), 'dummyVault'), '/')), coalesce(tryGet(parameters('customerManagedKey'), 'keyName'), 'dummyKey'))]" + "name": "[format('{0}/{1}', last(split(coalesce(tryGet(parameters('customerManagedKey'), 'keyVaultResourceId'), 'dummyVault'), '/')), coalesce(tryGet(parameters('customerManagedKey'), 'keyName'), 'dummyKey'))]", + "dependsOn": [ + "cMKKeyVault" + ] }, "avmTelemetry": { "condition": "[parameters('enableTelemetry')]", @@ -1803,15 +1813,7 @@ } }, "publicNetworkAccess": "[parameters('publicNetworkAccess')]", - "aadProfile": { - "clientAppID": "[parameters('aadProfileClientAppID')]", - "serverAppID": "[parameters('aadProfileServerAppID')]", - "serverAppSecret": "[parameters('aadProfileServerAppSecret')]", - "managed": "[parameters('aadProfileManaged')]", - "enableAzureRBAC": "[parameters('aadProfileEnableAzureRBAC')]", - "adminGroupObjectIDs": "[parameters('aadProfileAdminGroupObjectIDs')]", - "tenantID": "[parameters('aadProfileTenantId')]" - }, + "aadProfile": "[if(parameters('enableAad'), createObject('clientAppID', parameters('aadProfileClientAppID'), 'serverAppID', parameters('aadProfileServerAppID'), 'serverAppSecret', parameters('aadProfileServerAppSecret'), 'managed', parameters('aadProfileManaged'), 'enableAzureRBAC', parameters('aadProfileEnableAzureRBAC'), 'adminGroupObjectIDs', parameters('aadProfileAdminGroupObjectIDs'), 'tenantID', parameters('aadProfileTenantId')), null())]", "autoScalerProfile": { "balance-similar-node-groups": "[toLower(string(parameters('autoScalerProfileBalanceSimilarNodeGroups')))]", "expander": "[parameters('autoScalerProfileExpander')]", @@ -2005,8 +2007,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.31.34.60546", - "templateHash": "3191846535289543816" + "version": "0.30.23.60470", + "templateHash": "2505380725266419010" }, "name": "Azure Kubernetes Service (AKS) Managed Cluster Maintenance Configurations", "description": "This module deploys an Azure Kubernetes Service (AKS) Managed Cluster Maintenance Configurations.", @@ -2202,8 +2204,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.31.34.60546", - "templateHash": "13504241837980660061" + "version": "0.30.23.60470", + "templateHash": "13856766172443517827" }, "name": "Azure Kubernetes Service (AKS) Managed Cluster Agent Pools", "description": "This module deploys an Azure Kubernetes Service (AKS) Managed Cluster Agent Pool.", @@ -2552,7 +2554,10 @@ "vmSize": "[parameters('vmSize')]", "vnetSubnetID": "[parameters('vnetSubnetResourceId')]", "workloadRuntime": "[parameters('workloadRuntime')]" - } + }, + "dependsOn": [ + "managedCluster" + ] } }, "outputs": { From 71933fd29347b2277ad4d4dbe820cf68a6406c57 Mon Sep 17 00:00:00 2001 From: "Menghua Chen (WICRESOFT NORTH AMERICA LTD)" Date: Fri, 22 Nov 2024 09:49:33 +0800 Subject: [PATCH 5/5] update test parameter update main.json update main.json update main.json update main.json update main.json --- .../managed-cluster/README.md | 35 +++++++++++++++++++ .../managed-cluster/agent-pool/main.json | 9 +++-- .../managed-cluster/main.json | 12 +++---- .../maintenance-configurations/main.json | 4 +-- .../tests/e2e/automatic/main.test.bicep | 1 + .../tests/e2e/azure/main.test.bicep | 1 + .../tests/e2e/defaults/main.test.bicep | 1 + .../tests/e2e/istio/main.test.bicep | 1 + .../tests/e2e/kubenet/main.test.bicep | 2 ++ .../tests/e2e/priv/main.test.bicep | 1 + .../tests/e2e/waf-aligned/main.test.bicep | 1 + 11 files changed, 57 insertions(+), 11 deletions(-) diff --git a/avm/res/container-service/managed-cluster/README.md b/avm/res/container-service/managed-cluster/README.md index 584feeeeb5..7e44bcaddd 100644 --- a/avm/res/container-service/managed-cluster/README.md +++ b/avm/res/container-service/managed-cluster/README.md @@ -66,6 +66,7 @@ module managedCluster 'br/public:avm/res/container-service/managed-cluster:' + enableAad: true enableAzureDefender: true enableAzureMonitorProfileMetrics: true enableKeyvaultSecretsProvider: true @@ -654,6 +660,9 @@ module managedCluster 'br/public:avm/res/container-service/managed-cluster:" }, + "enableAad": { + "value": true + }, "enableAzureDefender": { "value": true }, @@ -953,6 +962,7 @@ param diagnosticSettings = [ } ] param diskEncryptionSetResourceId = '' +param enableAad = true param enableAzureDefender = true param enableAzureMonitorProfileMetrics = true param enableKeyvaultSecretsProvider = true @@ -1127,6 +1137,7 @@ module managedCluster 'br/public:avm/res/container-service/managed-cluster:' managedIdentities: { systemAssigned: true @@ -1162,6 +1173,9 @@ module managedCluster 'br/public:avm/res/container-service/managed-cluster:" }, @@ -1195,6 +1209,7 @@ param primaryAgentPoolProfiles = [ } ] // Non-required parameters +param enableAad = true param location = '' param managedIdentities = { systemAssigned: true @@ -1228,6 +1243,7 @@ module managedCluster 'br/public:avm/res/container-service/managed-cluster:' } ] + enableAad: true location: '' managedIdentities: { userAssignedResourcesIds: [ @@ -1587,6 +1608,9 @@ module managedCluster 'br/public:avm/res/container-service/managed-cluster:" }, @@ -1722,6 +1746,7 @@ param diagnosticSettings = [ workspaceResourceId: '' } ] +param enableAad = true param location = '' param managedIdentities = { userAssignedResourcesIds: [ @@ -1840,6 +1865,7 @@ module managedCluster 'br/public:avm/res/container-service/managed-cluster:' managedIdentities: { @@ -1944,6 +1970,9 @@ module managedCluster 'br/public:avm/res/container-service/managed-cluster:' @@ -2369,6 +2400,9 @@ module managedCluster 'br/public:avm/res/container-service/managed-cluster: