We are deploying an Azure Kubernetes Service (AKS) cluster using Terraform. In our environment, custom certificates are used for outbound communication via a network virtual appliance (NVA). The deployment worked previously, but since upgrading to Terraform AKS provider version 4.10, the deployment fails with the following error:
TerraformCopy
HTTPProxyConfigInputError: HTTPProxy and HTTPSProxy both cannot be empty.
Despite setting up a trusted CA, the http_proxy_config
block in our Terraform script is optional according to the documentation. However, the deployment now throws an error, suggesting that the HTTP and HTTPS proxy values must be provided.
https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/kubernetes_cluster
We do not have a proxy server, and our goal is for the nodes to use the provided certificates to encrypt outbound traffic without needing a proxy.
Terraform Configuration Excerpt:
TerraformCopy
http_proxy_config {
trusted_ca = base64encode(local.combined_certs)
no_proxy = ["localhost", "127.0.0.1", data.azurerm_subnet.subnet_aks.address_prefix]
}
Error Message:
TerraformCopy
Error: HTTPProxyConfigInputError
- Has anyone encountered this issue with version 4.10 of the AKS provider?
- Is there a workaround to avoid providing proxy addresses while using custom certificates for outbound communication?
- Any tips for configuring
http_proxy_config
without requiring HTTP and HTTPS proxies would be appreciated.
Any guidance or suggestions would be highly appreciated. Thank you!