Sample Cluster Prompt

prompt.md

Azure Developer CLI (azd) Project Template

Create an Azure Developer CLI (azd) project that deploys a Kubernetes cluster, a Key Vault, and a User Assigned Identity using Azure Verified Modules (AVM).

Project Structure

<project-root>
├── infra
│   ├── main.bicep
│   └── modules
├── charts
│   └── sample
│       ├── Chart.yaml
│       ├── values.yaml
│       └── templates
│           ├── deployment.yaml
│           └── service.yaml
├── software
│   └── kustomize.yaml
├── azure.yaml
├── .gitignore
└── [README.md](http://README.md)

Components

1. Infrastructure (infra/main.bicep)

Use Azure Verified Bicep Modules referencing the provided samples to create the following resources in eastus2 with a unique naming conventions that have a common pattern for the modules.:

a. User Assigned Identity

• Reference the AVM User Assigned Identity module and use the version 0.4.0:
  • https://github.com/Azure/bicep-registry-modules/tree/main/avm/res/managed-identity/user-assigned-identity

module userAssignedIdentity 'br/public:avm/res/managed-identity/user-assigned-identity:<version>' = {
  name: 'userAssignedIdentityDeployment'
  params: {
    // Required parameters
    name: 'miuaimin001'
    // Optional parameters
    location: '<location>'
  }
}

b. Key Vault with a sample secret

• Reference the AVM Key Vault module and use the version 0.10.2:
  • https://github.com/Azure/bicep-registry-modules/tree/main/avm/res/key-vault/vault

module vault 'br/public:avm/res/key-vault/vault:<version>' = {
  name: 'vaultDeployment'
  params: {
    // Required parameters
    name: 'kvvmin002'
    // Optional parameters
    enablePurgeProtection: false
    location: '<location>'
  }
}

c. AKS Cluster

• Reference the AVM AKS module and use the version 0.5.1:
  • https://github.com/Azure/bicep-registry-modules/tree/main/avm/res/container-service/managed-cluster

module managedCluster 'br/public:avm/res/container-service/managed-cluster:<version>' = {
  name: 'managedClusterDeployment'
  params: {
    // Required parameters
    name: 'csauto001'
    primaryAgentPoolProfiles: [
      {
        count: 3
        mode: 'System'
        name: 'systempool'
        vmSize: 'Standard_DS4_v2'
      }
    ]
    // Optional parameters
    autoNodeOsUpgradeProfileUpgradeChannel: 'NodeImage'
    disableLocalAccounts: true
    enableKeyvaultSecretsProvider: true
    enableSecretRotation: true
    kedaAddon: true
    kubernetesVersion: '1.28'
    location: '<location>'
    maintenanceConfigurations: [
      {
        maintenanceWindow: {
          durationHours: 4
          schedule: {
            weekly: {
              dayOfWeek: 'Sunday'
              intervalWeeks: 1
            }
          }
          startDate: '2024-07-03'
          startTime: '00:00'
          utcOffset: '+00:00'
        }
        name: 'aksManagedAutoUpgradeSchedule'
      }
    ]
    managedIdentities: {
      systemAssigned: true
    }
    outboundType: 'managedNATGateway'
    publicNetworkAccess: 'Enabled'
  }
}

2. Charts

• Include a sample chart that installs a cowsay pod as a service and deployment

3. Software

• Create a kustomize.yaml file that deploys a Flux Helm Release of the included chart
• Create a helmrelease that installs aad pod identity and reference that in the kustomize file.

4. Azure.yaml

• Configure the Azure Developer CLI settings

5. README.md

• Document the project structure
• Provide basic usage instructions

Required Deliverables

• The necessary Bicep code for each module
• Helm chart files (Chart.yaml, values.yaml, and template manifests)
• Kustomize configuration (kustomize.yaml)
• azure.yaml content
• README.md with instructions on how to deploy and use the project