AKS Cluster provision failed with kubenet & UDR with existing subnet and security group

Hi Everyone,

    I've started working on Terraform with Azure recently , i'm looking for help in below concern.

I’m trying to procure AKS cluster with Kubenet with UDR. I’ve created route table and associated with existing subnet and Subnet associated with existing NSG. During Route table time i’m giving some custom routes which has my VPN connectivity (i’m under corporate network). and also creating another default route “0.0.0.0/0” with next_hop_type as “Internet” . I was able to create Cluster until kubernetes orchestration version “15.10”.later some this version is not supported by azure. Whenever i’ve upgraded orchestration version to latest , i’m getting error like below

Original Error: Code=“RouteTableInvalidNextHop” Message="Default route 0.0.0.0/0 has a next hop of Internet but only next hops of VirtualAppliance or VirtualNetworkGateway are allowed. Please see http://aka.ms/aks/outboundtype for more details

Note: I’m aware that 0.0.0.0/0 is default and its not need to add it route table . but AKS cluster failing when its not present in the route table. So i’ve added it intentionally .

Here is my complete code snippet. Kindly help me in this . I may missed somewhere so kindly help me to achieve this.

            provider "azurerm" {
                     version = "~> 2.15"
                     features {}
             }

           resource "azurerm_resource_group" "aks" {
                       name     = var.resource_group
l                      ocation = var.location
             }

             data "azurerm_subnet" "aks" {
                      name                 = var.subnetname
                     virtual_network_name = var.virtual_network_name
                     resource_group_name  = var.vnet_resource_group
             }

              resource "azurerm_route_table" "aks"{
                      name                          = "aks" 
                     resource_group_name           = azurerm_resource_group.aks.name
                     location                      = azurerm_resource_group.aks.location
                    disable_bgp_route_propagation = false

                    route{
                    name                = var.route_name
                    address_prefix      = var.route_address_prefix
                    next_hop_type       = var.route_next_hop_type
                    }
                     route{
                          name                    = "default_route"
                          address_prefix          = "0.0.0.0/0"
                          next_hop_type           = "Internet"
    
                      }

                  }
                 resource "azurerm_subnet_route_table_association" "aks" {
                         subnet_id      = data.azurerm_subnet.aks.id
                        route_table_id = azurerm_route_table.aks.id
                  }

                 resource "azurerm_subnet_network_security_group_association" "aks" {
                              subnet_id                 = data.azurerm_subnet.aks.id
                              network_security_group_id = var.network_security_group
                   }

                resource "null_resource" "previous" {}

               resource "time_sleep" "wait_90_seconds" {
                     depends_on = [null_resource.previous]

                               create_duration = "90s"
                }

               resource "null_resource" "next" {
                     depends_on = [time_sleep.wait_90_seconds]
              }

      resource "azurerm_kubernetes_cluster" "aks" {
             name                    = azurerm_resource_group.aks.name
             resource_group_name     = azurerm_resource_group.aks.name
             location                = azurerm_resource_group.aks.location
             dns_prefix              = "akstfe"   
             kubernetes_version      = "1.18.8"
            private_cluster_enabled = false
            node_resource_group     = var.node_resource_group

            api_server_authorized_ip_ranges = [] #var.api_server_authorized_ip_ranges
      default_node_pool {
          enable_node_public_ip   = false
          name                    = "agentpool" 
          node_count              = var.node_count
          orchestrator_version    = "1.18.8"
           vm_size                 = var.vm_size
           os_disk_size_gb         = var.os_disk_size_gb
           vnet_subnet_id          = data.azurerm_subnet.aks.id
}

linux_profile {
    admin_username = var.admin_username
    ssh_key {
        key_data = var.ssh_key
    }
}
service_principal {
    client_id     = var.client_id
    client_secret = var.client_secret
}

role_based_access_control {
    enabled = true
}
network_profile {
    network_plugin = "kubenet"
    #dns_service_ip     = "172.17.1.10"
    #service_cidr       = "172.16.0.0/14"
    pod_cidr           = "172.40.0.0/16"
    network_policy     = "calico"
    outbound_type      = "userDefinedRouting"
    load_balancer_sku  = "Standard"

}
        addon_profile {
        aci_connector_linux {
        enabled = false
    }

    azure_policy {
        enabled = false
    }

    http_application_routing {
        enabled = false
    }

    kube_dashboard {
        enabled = false
    }

    oms_agent {
        enabled = false
    }
         }
depends_on = [azurerm_subnet_route_table_association.aks]

}

Can someone help me here?

Seems this community not meant for help and NO one ready to help here. its been around 8 days but no response .