Removing references to nodeResourceGroupProfile as this is deprected …

…in the managedClusters API (#696)
Azure · Apr 10, 2024 · 7f5214c · 7f5214c
1 parent 6a03335
commit 7f5214c
Show file tree

Hide file tree

Showing 4 changed files with 3 additions and 6 deletions.
diff --git a/bicep/main.bicep b/bicep/main.bicep
@@ -1327,9 +1327,6 @@ var aksProperties = union({
       enabled: fileCSIDriver
     }
   }
-  nodeResourceGroupProfile: {
-    restrictionLevel: restrictionLevelNodeResourceGroup
-  }
 },
 outboundTrafficType == 'managedNATGateway' ? managedNATGatewayProfile : {},
 defenderForContainers && createLaw ? azureDefenderSecurityProfile : {},

diff --git a/samples/SampleAppMain.json b/samples/SampleAppMain.json
@@ -1444,7 +1444,7 @@
               "apiVersion": "2023-03-02-preview",
               "name": "[format('aks-{0}', parameters('resourceName'))]",
               "location": "[parameters('location')]",
-              "properties": "[union(createObject('kubernetesVersion', parameters('kubernetesVersion'), 'enableRBAC', true(), 'dnsPrefix', parameters('dnsPrefix'), 'aadProfile', if(parameters('enable_aad'), createObject('managed', true(), 'enableAzureRBAC', parameters('enableAzureRBAC'), 'tenantID', parameters('aad_tenant_id')), null()), 'apiServerAccessProfile', if(not(empty(parameters('authorizedIPRanges'))), createObject('authorizedIPRanges', parameters('authorizedIPRanges')), createObject('enablePrivateCluster', parameters('enablePrivateCluster'), 'privateDNSZone', if(parameters('enablePrivateCluster'), variables('aksPrivateDnsZone'), ''), 'enablePrivateClusterPublicFQDN', and(parameters('enablePrivateCluster'), equals(parameters('privateClusterDnsMethod'), 'none')))), 'agentPoolProfiles', if(parameters('JustUseSystemPool'), array(createObject('name', if(parameters('JustUseSystemPool'), parameters('nodePoolName'), 'npsystem'), 'vmSize', parameters('agentVMSize'), 'count', parameters('agentCount'), 'mode', 'System', 'osType', 'Linux', 'maxPods', 30, 'type', 'VirtualMachineScaleSets', 'vnetSubnetID', if(not(empty(if(parameters('custom_vnet'), reference(resourceId('Microsoft.Resources/deployments', take(format('{0}-network', deployment().name), 64)), '2022-09-01').outputs.aksSubnetId.value, parameters('byoAKSSubnetId')))), if(parameters('custom_vnet'), reference(resourceId('Microsoft.Resources/deployments', take(format('{0}-network', deployment().name), 64)), '2022-09-01').outputs.aksSubnetId.value, parameters('byoAKSSubnetId')), null()), 'podSubnetID', if(not(empty(if(parameters('custom_vnet'), reference(resourceId('Microsoft.Resources/deployments', take(format('{0}-network', deployment().name), 64)), '2022-09-01').outputs.aksPodSubnetId.value, parameters('byoAKSPodSubnetId')))), if(parameters('custom_vnet'), reference(resourceId('Microsoft.Resources/deployments', take(format('{0}-network', deployment().name), 64)), '2022-09-01').outputs.aksPodSubnetId.value, parameters('byoAKSPodSubnetId')), null()), 'upgradeSettings', createObject('maxSurge', '33%'), 'nodeTaints', createArray(if(parameters('JustUseSystemPool'), '', 'CriticalAddonsOnly=true:NoSchedule')))), concat(array(union(createObject('name', if(parameters('JustUseSystemPool'), parameters('nodePoolName'), 'npsystem'), 'vmSize', parameters('agentVMSize'), 'count', parameters('agentCount'), 'mode', 'System', 'osType', 'Linux', 'maxPods', 30, 'type', 'VirtualMachineScaleSets', 'vnetSubnetID', if(not(empty(if(parameters('custom_vnet'), reference(resourceId('Microsoft.Resources/deployments', take(format('{0}-network', deployment().name), 64)), '2022-09-01').outputs.aksSubnetId.value, parameters('byoAKSSubnetId')))), if(parameters('custom_vnet'), reference(resourceId('Microsoft.Resources/deployments', take(format('{0}-network', deployment().name), 64)), '2022-09-01').outputs.aksSubnetId.value, parameters('byoAKSSubnetId')), null()), 'podSubnetID', if(not(empty(if(parameters('custom_vnet'), reference(resourceId('Microsoft.Resources/deployments', take(format('{0}-network', deployment().name), 64)), '2022-09-01').outputs.aksPodSubnetId.value, parameters('byoAKSPodSubnetId')))), if(parameters('custom_vnet'), reference(resourceId('Microsoft.Resources/deployments', take(format('{0}-network', deployment().name), 64)), '2022-09-01').outputs.aksPodSubnetId.value, parameters('byoAKSPodSubnetId')), null()), 'upgradeSettings', createObject('maxSurge', '33%'), 'nodeTaints', createArray(if(parameters('JustUseSystemPool'), '', 'CriticalAddonsOnly=true:NoSchedule'))), if(and(equals(parameters('SystemPoolType'), 'Custom'), not(equals(parameters('SystemPoolCustomPreset'), createObject()))), parameters('SystemPoolCustomPreset'), variables('systemPoolPresets')[parameters('SystemPoolType')]))))), 'workloadAutoScalerProfile', createObject('keda', createObject('enabled', parameters('kedaAddon'))), 'networkProfile', createObject('loadBalancerSku', 'standard', 'networkPlugin', parameters('networkPlugin'), 'networkPolicy', parameters('networkPolicy'), 'networkPluginMode', if(equals(parameters('networkPlugin'), 'azure'), parameters('networkPluginMode'), ''), 'podCidr', if(or(equals(parameters('networkPlugin'), 'kubenet'), parameters('cniDynamicIpAllocation')), parameters('podCidr'), json('null')), 'serviceCidr', parameters('serviceCidr'), 'dnsServiceIP', parameters('dnsServiceIP'), 'outboundType', parameters('aksOutboundTrafficType'), 'ebpfDataplane', if(equals(parameters('networkPlugin'), 'azure'), parameters('ebpfDataplane'), '')), 'disableLocalAccounts', and(parameters('AksDisableLocalAccounts'), parameters('enable_aad')), 'autoUpgradeProfile', createObject('upgradeChannel', parameters('upgradeChannel')), 'addonProfiles', if(not(empty(variables('aks_addons1'))), variables('aks_addons1'), variables('aks_addons')), 'autoScalerProfile', if(variables('autoScale'), parameters('AutoscaleProfile'), createObject()), 'oidcIssuerProfile', createObject('enabled', parameters('oidcIssuer')), 'securityProfile', createObject('workloadIdentity', createObject('enabled', parameters('workloadIdentity'))), 'ingressProfile', createObject('webAppRouting', createObject('enabled', parameters('warIngressNginx'))), 'storageProfile', createObject('blobCSIDriver', createObject('enabled', parameters('blobCSIDriver')), 'diskCSIDriver', createObject('enabled', parameters('diskCSIDriver')), 'fileCSIDriver', createObject('enabled', parameters('fileCSIDriver'))), 'nodeResourceGroupProfile', createObject('restrictionLevel', parameters('restrictionLevelNodeResourceGroup'))), if(equals(parameters('aksOutboundTrafficType'), 'managedNATGateway'), variables('managedNATGatewayProfile'), createObject()), if(and(parameters('defenderForContainers'), variables('createLaw')), variables('azureDefenderSecurityProfile'), createObject()), if(or(variables('keyVaultKmsCreateAndPrereqs'), not(empty(parameters('keyVaultKmsByoKeyId')))), createObject('securityProfile', createObject('azureKeyVaultKms', createObject('enabled', or(variables('keyVaultKmsCreateAndPrereqs'), not(empty(parameters('keyVaultKmsByoKeyId')))), 'keyId', if(variables('keyVaultKmsCreateAndPrereqs'), reference(resourceId('Microsoft.Resources/deployments', take(format('{0}-keyvaultKmsKeys-{1}', deployment().name, parameters('resourceName')), 64)), '2022-09-01').outputs.keyVaultKmsKeyUri.value, if(not(empty(parameters('keyVaultKmsByoKeyId'))), parameters('keyVaultKmsByoKeyId'), '')), 'keyVaultNetworkAccess', if(parameters('privateLinks'), 'private', 'public'), 'keyVaultResourceId', if(and(parameters('privateLinks'), not(empty(parameters('keyVaultKmsByoKeyId')))), extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', subscription().subscriptionId, parameters('keyVaultKmsByoRG')), 'Microsoft.KeyVault/vaults', variables('keyVaultKmsByoName')), '')))), createObject()), if(not(empty(parameters('managedNodeResourceGroup'))), createObject('nodeResourceGroup', parameters('managedNodeResourceGroup')), createObject()))]",
+              "properties": "[union(createObject('kubernetesVersion', parameters('kubernetesVersion'), 'enableRBAC', true(), 'dnsPrefix', parameters('dnsPrefix'), 'aadProfile', if(parameters('enable_aad'), createObject('managed', true(), 'enableAzureRBAC', parameters('enableAzureRBAC'), 'tenantID', parameters('aad_tenant_id')), null()), 'apiServerAccessProfile', if(not(empty(parameters('authorizedIPRanges'))), createObject('authorizedIPRanges', parameters('authorizedIPRanges')), createObject('enablePrivateCluster', parameters('enablePrivateCluster'), 'privateDNSZone', if(parameters('enablePrivateCluster'), variables('aksPrivateDnsZone'), ''), 'enablePrivateClusterPublicFQDN', and(parameters('enablePrivateCluster'), equals(parameters('privateClusterDnsMethod'), 'none')))), 'agentPoolProfiles', if(parameters('JustUseSystemPool'), array(createObject('name', if(parameters('JustUseSystemPool'), parameters('nodePoolName'), 'npsystem'), 'vmSize', parameters('agentVMSize'), 'count', parameters('agentCount'), 'mode', 'System', 'osType', 'Linux', 'maxPods', 30, 'type', 'VirtualMachineScaleSets', 'vnetSubnetID', if(not(empty(if(parameters('custom_vnet'), reference(resourceId('Microsoft.Resources/deployments', take(format('{0}-network', deployment().name), 64)), '2022-09-01').outputs.aksSubnetId.value, parameters('byoAKSSubnetId')))), if(parameters('custom_vnet'), reference(resourceId('Microsoft.Resources/deployments', take(format('{0}-network', deployment().name), 64)), '2022-09-01').outputs.aksSubnetId.value, parameters('byoAKSSubnetId')), null()), 'podSubnetID', if(not(empty(if(parameters('custom_vnet'), reference(resourceId('Microsoft.Resources/deployments', take(format('{0}-network', deployment().name), 64)), '2022-09-01').outputs.aksPodSubnetId.value, parameters('byoAKSPodSubnetId')))), if(parameters('custom_vnet'), reference(resourceId('Microsoft.Resources/deployments', take(format('{0}-network', deployment().name), 64)), '2022-09-01').outputs.aksPodSubnetId.value, parameters('byoAKSPodSubnetId')), null()), 'upgradeSettings', createObject('maxSurge', '33%'), 'nodeTaints', createArray(if(parameters('JustUseSystemPool'), '', 'CriticalAddonsOnly=true:NoSchedule')))), concat(array(union(createObject('name', if(parameters('JustUseSystemPool'), parameters('nodePoolName'), 'npsystem'), 'vmSize', parameters('agentVMSize'), 'count', parameters('agentCount'), 'mode', 'System', 'osType', 'Linux', 'maxPods', 30, 'type', 'VirtualMachineScaleSets', 'vnetSubnetID', if(not(empty(if(parameters('custom_vnet'), reference(resourceId('Microsoft.Resources/deployments', take(format('{0}-network', deployment().name), 64)), '2022-09-01').outputs.aksSubnetId.value, parameters('byoAKSSubnetId')))), if(parameters('custom_vnet'), reference(resourceId('Microsoft.Resources/deployments', take(format('{0}-network', deployment().name), 64)), '2022-09-01').outputs.aksSubnetId.value, parameters('byoAKSSubnetId')), null()), 'podSubnetID', if(not(empty(if(parameters('custom_vnet'), reference(resourceId('Microsoft.Resources/deployments', take(format('{0}-network', deployment().name), 64)), '2022-09-01').outputs.aksPodSubnetId.value, parameters('byoAKSPodSubnetId')))), if(parameters('custom_vnet'), reference(resourceId('Microsoft.Resources/deployments', take(format('{0}-network', deployment().name), 64)), '2022-09-01').outputs.aksPodSubnetId.value, parameters('byoAKSPodSubnetId')), null()), 'upgradeSettings', createObject('maxSurge', '33%'), 'nodeTaints', createArray(if(parameters('JustUseSystemPool'), '', 'CriticalAddonsOnly=true:NoSchedule'))), if(and(equals(parameters('SystemPoolType'), 'Custom'), not(equals(parameters('SystemPoolCustomPreset'), createObject()))), parameters('SystemPoolCustomPreset'), variables('systemPoolPresets')[parameters('SystemPoolType')]))))), 'workloadAutoScalerProfile', createObject('keda', createObject('enabled', parameters('kedaAddon'))), 'networkProfile', createObject('loadBalancerSku', 'standard', 'networkPlugin', parameters('networkPlugin'), 'networkPolicy', parameters('networkPolicy'), 'networkPluginMode', if(equals(parameters('networkPlugin'), 'azure'), parameters('networkPluginMode'), ''), 'podCidr', if(or(equals(parameters('networkPlugin'), 'kubenet'), parameters('cniDynamicIpAllocation')), parameters('podCidr'), json('null')), 'serviceCidr', parameters('serviceCidr'), 'dnsServiceIP', parameters('dnsServiceIP'), 'outboundType', parameters('aksOutboundTrafficType'), 'ebpfDataplane', if(equals(parameters('networkPlugin'), 'azure'), parameters('ebpfDataplane'), '')), 'disableLocalAccounts', and(parameters('AksDisableLocalAccounts'), parameters('enable_aad')), 'autoUpgradeProfile', createObject('upgradeChannel', parameters('upgradeChannel')), 'addonProfiles', if(not(empty(variables('aks_addons1'))), variables('aks_addons1'), variables('aks_addons')), 'autoScalerProfile', if(variables('autoScale'), parameters('AutoscaleProfile'), createObject()), 'oidcIssuerProfile', createObject('enabled', parameters('oidcIssuer')), 'securityProfile', createObject('workloadIdentity', createObject('enabled', parameters('workloadIdentity'))), 'ingressProfile', createObject('webAppRouting', createObject('enabled', parameters('warIngressNginx'))), 'storageProfile', createObject('blobCSIDriver', createObject('enabled', parameters('blobCSIDriver')), 'diskCSIDriver', createObject('enabled', parameters('diskCSIDriver')), 'fileCSIDriver', createObject('enabled', parameters('fileCSIDriver'))), createObject('restrictionLevel', parameters('restrictionLevelNodeResourceGroup'))), if(equals(parameters('aksOutboundTrafficType'), 'managedNATGateway'), variables('managedNATGatewayProfile'), createObject()), if(and(parameters('defenderForContainers'), variables('createLaw')), variables('azureDefenderSecurityProfile'), createObject()), if(or(variables('keyVaultKmsCreateAndPrereqs'), not(empty(parameters('keyVaultKmsByoKeyId')))), createObject('securityProfile', createObject('azureKeyVaultKms', createObject('enabled', or(variables('keyVaultKmsCreateAndPrereqs'), not(empty(parameters('keyVaultKmsByoKeyId')))), 'keyId', if(variables('keyVaultKmsCreateAndPrereqs'), reference(resourceId('Microsoft.Resources/deployments', take(format('{0}-keyvaultKmsKeys-{1}', deployment().name, parameters('resourceName')), 64)), '2022-09-01').outputs.keyVaultKmsKeyUri.value, if(not(empty(parameters('keyVaultKmsByoKeyId'))), parameters('keyVaultKmsByoKeyId'), '')), 'keyVaultNetworkAccess', if(parameters('privateLinks'), 'private', 'public'), 'keyVaultResourceId', if(and(parameters('privateLinks'), not(empty(parameters('keyVaultKmsByoKeyId')))), extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', subscription().subscriptionId, parameters('keyVaultKmsByoRG')), 'Microsoft.KeyVault/vaults', variables('keyVaultKmsByoName')), '')))), createObject()), if(not(empty(parameters('managedNodeResourceGroup'))), createObject('nodeResourceGroup', parameters('managedNodeResourceGroup')), createObject()))]",
               "identity": "[if(variables('createAksUai'), createObject('type', 'UserAssigned', 'userAssignedIdentities', createObject(format('{0}', resourceId('Microsoft.ManagedIdentity/userAssignedIdentities', format('id-aks-{0}', parameters('resourceName')))), createObject())), if(not(empty(parameters('byoUaiName'))), createObject('type', 'UserAssigned', 'userAssignedIdentities', createObject(format('{0}', resourceId('Microsoft.ManagedIdentity/userAssignedIdentities', parameters('byoUaiName'))), createObject())), createObject('type', 'SystemAssigned')))]",
               "sku": {
                 "name": "Base",