Skip to content

feat(azure): AKS routing infra — aks_route_table module, vnet drift fix, security improvements#360

Merged
davidf-null merged 5 commits into
mainfrom
feat/azure-infra-routing-support
May 20, 2026
Merged

feat(azure): AKS routing infra — aks_route_table module, vnet drift fix, security improvements#360
davidf-null merged 5 commits into
mainfrom
feat/azure-infra-routing-support

Conversation

@gdrojas

@gdrojas gdrojas commented May 19, 2026

Copy link
Copy Markdown
Collaborator

Summary

  • New module infrastructure/azure/aks_route_table: associates AKS-managed route tables with the cluster subnet for kubenet clusters. Required for pod-to-pod routing when AKS manages its own route table.
  • fix(azure/aks): resolves vnet subnet drift on plan caused by AKS mutating subnet properties (route table association). Subnet is now configured to ignore AKS-managed fields.
  • fix(azure/security): NSG module now skips the azurerm_resources data source lookup when resource IDs are provided directly, avoiding unnecessary API calls and plan-time failures.
  • chore: add .terraform.lock.hcl files for aks_route_table and security modules.

gdrojas added 4 commits May 18, 2026 13:42
…tion

- Set vnet_subnet_id on user node pool to eliminate provider-level drift
- Use correct vnet_subnet object format with explicit upgrade_settings
- Remove inline route table management from AKS module (moved to
  dedicated aks_route_table module to keep concerns separate)
…ement

Encapsulates the azapi PATCH pattern needed to keep the kubenet route table
associated with the AKS subnet after cluster updates. Using azapi_update_resource
with PATCH avoids full resource ownership and is safe to run idempotently.
@davidf-null davidf-null merged commit 15c2372 into main May 20, 2026
43 checks passed
@davidf-null davidf-null deleted the feat/azure-infra-routing-support branch May 20, 2026 13:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants