Adding azure policy addon (#72)

* Update main.tf * added policy variable * added timeout block * removed timeout block
Azure-Terraform · Jul 19, 2021 · 227357f · 227357f
1 parent 870386a
commit 227357f
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 0 deletions.
diff --git a/main.tf b/main.tf
@@ -76,6 +76,10 @@ resource "azurerm_kubernetes_cluster" "aks" {
     kube_dashboard {
       enabled = var.enable_kube_dashboard
     }
+
+    azure_policy {
+      enabled = var.enable_azure_policy
+    }
 
     dynamic "oms_agent" {
       for_each = (var.log_analytics_workspace_id != null ? [1] : [])

diff --git a/variables.tf b/variables.tf
@@ -286,6 +286,12 @@ variable "enable_kube_dashboard" {
   default     = false
 }
 
+variable "enable_azure_policy" {
+  description = "to apply at-scale enforcements and safeguards on your clusters in a centralized, consistent manner"
+  type        = bool
+  default     = false
+}
+
 variable "acr_pull_access" {
   description = "map of ACR ids to allow AcrPull"
   type        = map(string)