make api_server_authorized_ip_ranges configurable.

lonegunmanb · lonegunmanb · commit ac833440cfd5 · 2022-07-13T08:44:05.000+08:00
diff --git a/main.tf b/main.tf
@@ -26,6 +26,7 @@ resource "azurerm_kubernetes_cluster" "main" {
   private_dns_zone_id                 = var.private_dns_zone_id
   private_cluster_public_fqdn_enabled = var.private_cluster_public_fqdn_enabled
   local_account_disabled              = var.local_account_disabled
+  api_server_authorized_ip_ranges     = var.api_server_authorized_ip_ranges
 
   dynamic "linux_profile" {
     for_each = var.admin_username == null ? [] : ["linux_profile"]
diff --git a/variables.tf b/variables.tf
@@ -38,6 +38,12 @@ variable "client_secret" {
   default     = ""
 }
 
+variable "api_server_authorized_ip_ranges" {
+  type        = set(string)
+  description = "(Optional) The IP ranges to allow for incoming traffic to the server nodes."
+  default     = null
+}
+
 variable "admin_username" {
   default     = null
   description = "The username of the local administrator to be created on the Kubernetes cluster. Set this variable to `null` to turn off the cluster's `linux_profile`. Changing this forces a new resource to be created."
