Support for Advanced Container Networking Services (ACNS)

[EppO]

Is there an existing issue for this?

• [X] I have searched the existing issues

Community Note

• Please vote on this issue by adding a :thumbsup: reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave comments along the lines of "+1", "me too" or "any updates", they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment and review the contribution guide to help.

Description

Add support for ACNS that brings Advanced Network Observability and also support for FQDN-based network policies

New or Affected Resource(s)/Data Source(s)

azurerm_kubernetes_cluster

Potential Terraform Configuration

resource "azurerm_kubernetes_cluster" "test" {
  name                = "myAKS"
  location            = azurerm_resource_group.test.location
  resource_group_name = azurerm_resource_group.test.name

  default_node_pool {
    name           = "default"
    node_count     = 2
    vm_size        = "Standard_DS2_v2"
    vnet_subnet_id = azurerm_subnet.test.id
  }

  identity {
    type = "SystemAssigned"
  }

  network_profile {
    network_plugin = "azure"
    network_policy = "cilium"
    network_data_plane = "cilium"

    advanced_networking {
      observability_enabled = true

      security {
         fqdn_policy_enabled = true
      }
    }
  }
}

References

https://learn.microsoft.com/en-us/azure/aks/advanced-network-observability-cli

{
  "networkProfile": {
    "networkPlugin": "azure",
    "networkPolicy": "cilium",
    "networkDataplane": "cilium",
...
    "advancedNetworking": {
      "observability": {
        "enabled": true,
        "tlsManagement": "Managed"
      },
      "security": {
        "fqdnPolicy": {
          "enabled": true
        }
      }
    }
  }
}