https://pulumi.com logo
Powered by
Title
m

most-mouse-38002

06/10/2022, 12:18 PM
Hi all! We are considering a move to Pulumi for our IaC (while rolling out our new platform). However, for compliance reasons we have to run our k8s user nodes with confidential nodes. This creates an issue for us, because I cannot find the option to add the 
ACCSGXDevicePlugin
/ 
confcom
addon when creating a cluster. Is it possible to define AKS addons that are not already defined by Pulumi?
b

billowy-army-68599

06/10/2022, 1:11 PM
hi @most-mouse-38002 do you currently already do this with the ARM templates? You can specify addons using 
addonProfiles
https://www.pulumi.com/registry/packages/azure-native/api-docs/containerservice/managedcluster/#addonprofiles_nodejs
m

most-mouse-38002

06/10/2022, 1:15 PM
Oh, neat. I will try this right now. We are actually using Terraform right now, but they don’t support it. I did fork that and made it work with Terraform so I assume Pulumi is using the same APIs so this should work.
b

billowy-army-68599

06/10/2022, 1:33 PM
@most-mouse-38002 actually no - the azure-native provider is populated directly from the Azure API. so we have 100% coverage of the azure API
m

most-mouse-38002

06/10/2022, 3:38 PM
@billowy-army-68599 awesome, this seems to work perfectly. Thank you! 
AddonProfiles: containerservice.ManagedClusterAddonProfileMap{
				"ACCSGXDevicePlugin": &containerservice.ManagedClusterAddonProfileArgs{
					Config: pulumi.StringMap{
						"ACCSGXQuoteHelperEnabled": pulumi.String("true"),
					},
					Enabled: pulumi.Bool(true),
				},
			},
❤️ 1
7 Views
#azureJoin Slack
Powered by