Terraform: How to retrieve the aks managed outbound ip

1.2k views Asked by At

In an aks managed slb for standard sku, azure assigns a public ip automatically.

The name of this public ip is auto generated but has the following tags

"tags": {
          "aks-managed-type": "aks-slb-managed-outbound-ip"
        },

Im unable to retrieve this ip after its created.

The name is also auto generated

"name": "[parameters('publicIPAddresses_837ca1c7_1817_43b7_8f4d_34b750419d4b_name')]",

I tried to filter using the azurerm_public_ip data source and use tags for filtering but this is not working.

data "azurerm_public_ip" "example" {
  resource_group_name = "rg-sample-004"
  filter {
    name = "tag:aks-managed-type"
    values = [ "aks-slb-managed-outbound-ip" ]
  }
}

This above code is incorrect as the name parameter is not provided, but I don't know the name until its created.

I want to whitelist this IP for the Azure MySQL database i create at apply stage.

Is there any other way to retrieve this public ip during terraform apply?

2

There are 2 answers

2
Philip Welz On BEST ANSWER

Here you go, we use this to whitelist access from AKS to key vaults etc:

data "azurerm_public_ip" "aks_outgoing" {
  name                = join("", (regex("([^/]+)$", join("", azurerm_kubernetes_cluster.aks.network_profile[0].load_balancer_profile[0].effective_outbound_ips))))
  resource_group_name = "YOUR_RG"
}
0
Manish On

From Azure Portal, you may navigate inside your load balancer resource to see a menu item named "Outbound Rules" and make a note of the rule name you see within the page.

Now navigate to the menu item "Frontend IP configuration" where you may see multiple records. One of this records shall point to your outbound rule, which is the IP address in use from your AKS cluster to the outside world.

Hope this helped.

enter image description here