Back to Azure Resource templates index <–
Azure Kubernetes Service (AKS) is a managed Kubernetes service that lets you quickly deploy and manage clusters.
Template Locations
Infrastructure As Code Advisor (Beta)
WAF-compliance
The WAF-compliance advisor validates templates based on the Well Architected Framework practices. Every day a GitHub Action updates the templates compliance data and lists the recomendations.
Sustainbility Advisor
The sustainability advisor is based on the Sogeti Cloud Reference Architecture with sustainble practices. These sustainble practices cover application code, cloud infrastructures and data. The global Sogeti community is continously evolving the sustainble practices and every day new and tuned are added. For cloud infrastructures the sustainble practices are automatically validated and reported below.
note: when 100% it can be that there is no sustainble practices yet for this Cloud infrastructure.
Online documentation
Template reference
Service description
Requirements
- Resource group must been created with a valid name and location.
Input values
- tagBillingIdentifier: Cost Center.
- dnsPrefix: Optional DNS prefix to use with hosted Kubernetes API server FQDN.
- osDiskSizeGB: Disk size (in GB) to provision for each of the agent pool nodes. This value ranges from 0 to 1023. Specifying 0 will apply the default disk size for that agentVMSize.
- agentCount: The number of agent nodes for the cluster.
- agentVMSize: The size of the Virtual Machine.
- servicePrincipalClientId: Client ID (used by cloudprovider).
- servicePrincipalClientSecret: The Service Principal Client Secret.
- kubernetesVersion: The version of Kubernetes.
- networkPlugin: Network plugin used for building Kubernetes network.
- maxPods: Maximum number of pods that can run on a node.
- enableRBAC: Boolean flag to turn on and off of RBAC.
- enableHttpApplicationRouting: Boolean flag to turn on and off of http application routing.
Output values
- controlPlaneFQDN: Cluster dashboard URL
Compliance Advisor details
Resource Health Result
| Message | ResourceType | Severity |
|---|---|---|
| Location for the resource should not be hardcoded, it should be parameterized and should refer from Resource Group's location i.e. [resourceGroup().location] | Microsoft.ContainerService/managedClusters | 2 |
| Your current API Version i.e.2020-04-01 for the resource Microsoft.ContainerService/managedClusters is outdatedconsider updating to new recent version available i.e. 2023-04-02-preview or 2023-04-01 | Microsoft.ContainerService/managedClusters | 2 |
| Location for the resource should not be hardcoded, it should be parameterized and should refer from Resource Group's location i.e. [resourceGroup().location] | Microsoft.Network/virtualNetworks | 2 |
| It is recommended to enable DDoS Protection, to provide enhanced DDoS mitigation features to defend against attacks that flood network and compute resources and to avoid unnecessary spike in usage and cost.Please Note - The DDoS Protection Plan is a high-cost service. Please keep this in mind while testing and learning | Microsoft.Network/virtualNetworks | 2 |
| Your current API Version i.e.2020-05-01 for the resource Microsoft.Network/virtualNetworks is outdatedconsider updating to new recent version available i.e. 2023-04-01 or 2023-02-01 | Microsoft.Network/virtualNetworks | 2 |
| To help other contributors understand the purpose of the resource, specify comments for each resource in the template | Microsoft.ContainerService/managedClusters | 1 |
| It is recommended to parameterized your tag and make it as object type | Microsoft.ContainerService/managedClusters | 1 |
| To help other contributors understand the purpose of the resource, specify comments for each resource in the template | Microsoft.Network/virtualNetworks | 1 |
| It is recommended to parameterized your tag and make it as object type | Microsoft.Network/virtualNetworks | 1 |
TemplateParameterHealthResult
| Message | Severity |
|---|---|
| Define default values for parameters that aren't sensitive. By specifying a default value, it's easier to deploy the template, and users of your template see an example of an appropriate value i.e. tagBillingIdentifierRead More | 1 |
| Define default values for parameters that aren't sensitive. By specifying a default value, it's easier to deploy the template, and users of your template see an example of an appropriate value i.e. dnsPrefixRead More | 1 |
| Define default values for parameters that aren't sensitive. By specifying a default value, it's easier to deploy the template, and users of your template see an example of an appropriate value i.e. vnetSubnetIDcustomnameRead More | 1 |
| Define default values for parameters that aren't sensitive. By specifying a default value, it's easier to deploy the template, and users of your template see an example of an appropriate value i.e. networkPluginRead More | 1 |
TemplateVariableHealthResult
| Message | Severity |
|---|---|
| It is recommended to make your variable as camel case, wherever possible for e.g. environmentRead More | 1 |
| It is recommended to make your variable as camel case, wherever possible for e.g. locationRead More | 1 |
Sustainable Advisor details
| Message | ResourceType | Severity |
|---|---|---|
| It is recommended to enable DDoS Protection, to provide enhanced DDoS mitigation features to defend against attacks that flood network and compute resources and to avoid unnecessary spike in usage and cost.Please Note - The DDoS Protection Plan is a high-cost service. Please keep this in mind while testing and learning | Microsoft.Network/virtualNetworks | 2 |