Hi all We are considering a move to Pulumi for our IaC while Pulumi Community #azure

Hi all! We are considering a move to Pulumi for ou...

most-mouse-38002

06/10/2022, 12:18 PM

Hi all! We are considering a move to Pulumi for our IaC (while rolling out our new platform). However, for compliance reasons we have to run our k8s user nodes with confidential nodes. This creates an issue for us, because I cannot find the option to add the

ACCSGXDevicePlugin

confcom

addon when creating a cluster. Is it possible to define AKS addons that are not already defined by Pulumi?

billowy-army-68599

06/10/2022, 1:11 PM

hi @most-mouse-38002 do you currently already do this with the ARM templates? You can specify addons using

addonProfiles

https://www.pulumi.com/registry/packages/azure-native/api-docs/containerservice/managedcluster/#addonprofiles_nodejs

most-mouse-38002

06/10/2022, 1:15 PM

Oh, neat. I will try this right now. We are actually using Terraform right now, but they don’t support it. I did fork that and made it work with Terraform so I assume Pulumi is using the same APIs so this should work.

billowy-army-68599

06/10/2022, 1:33 PM

@most-mouse-38002 actually no - the azure-native provider is populated directly from the Azure API. so we have 100% coverage of the azure API

most-mouse-38002

06/10/2022, 3:38 PM

@billowy-army-68599 awesome, this seems to work perfectly. Thank you!

Copy code

AddonProfiles: containerservice.ManagedClusterAddonProfileMap{
				"ACCSGXDevicePlugin": &containerservice.ManagedClusterAddonProfileArgs{
					Config: pulumi.StringMap{
						"ACCSGXQuoteHelperEnabled": pulumi.String("true"),
					},
					Enabled: pulumi.Bool(true),
				},
			},

❤️ 1

7 Views

Open in Slack

Previous Next