From b52571fc2d9fc2b9b961f816f7ecbc9ccc85f467 Mon Sep 17 00:00:00 2001
From: Fred-sun <xiuxi.sun@qq.com>
Date: Thu, 14 Oct 2021 18:44:59 +0800
Subject: [PATCH 1/2] add new paramter to enable AAD profile

---
 plugins/modules/azure_rm_aks.py                     | 13 ++++++++++++-
 .../targets/azure_rm_aks/tasks/minimal-cluster.yml  |  7 +++++++
 2 files changed, 19 insertions(+), 1 deletion(-)

diff --git a/plugins/modules/azure_rm_aks.py b/plugins/modules/azure_rm_aks.py
index 75e6927b5..125f9bc92 100644
--- a/plugins/modules/azure_rm_aks.py
+++ b/plugins/modules/azure_rm_aks.py
@@ -225,6 +225,15 @@
                 description:
                     - The AAD tenant ID to use for authentication.
                     - If not specified, will use the tenant of the deployment subscription.
+            managed:
+                description:
+                    - Whether to enable manged AAD.
+                type: bool
+                default: false
+            admin_group_object_ids:
+                description:
+                    - AAD group object IDs that will have admin role of the cluster.
+                type: str
     addon:
         description:
             - Profile of managed cluster add-on.
@@ -619,7 +628,9 @@ def create_addon_profiles_spec():
     client_app_id=dict(type='str'),
     server_app_id=dict(type='str'),
     server_app_secret=dict(type='str', no_log=True),
-    tenant_id=dict(type='str')
+    tenant_id=dict(type='str'),
+    managed=dict(type='bool', default='false'),
+    admin_group_object_ids=dict(type='str')
 )
 
 
diff --git a/tests/integration/targets/azure_rm_aks/tasks/minimal-cluster.yml b/tests/integration/targets/azure_rm_aks/tasks/minimal-cluster.yml
index 287d7f6eb..85e96ac8a 100644
--- a/tests/integration/targets/azure_rm_aks/tasks/minimal-cluster.yml
+++ b/tests/integration/targets/azure_rm_aks/tasks/minimal-cluster.yml
@@ -13,6 +13,9 @@
     resource_group: "{{ resource_group }}"
     kubernetes_version: "{{ versions.azure_aks_versions[0] }}"
     dns_prefix: "aks{{ rpfx }}"
+    enable_rbac: true
+    aad_profile:
+      managed: true
     agent_pool_profiles:
       - name: default
         count: 1
@@ -46,6 +49,7 @@
     that:
       - "fact.aks | length == 1"
       - fact.aks[0].id == output.id
+      - fact.aks[0].properties.aadProfile.managed == true
 
 - name: Use minimal parameters and system-assigned identity (idempotent)
   azure_rm_aks:
@@ -54,6 +58,9 @@
     resource_group: "{{ resource_group }}"
     kubernetes_version: "{{ versions.azure_aks_versions[0] }}"
     dns_prefix: "aks{{ rpfx }}"
+    enable_rbac: true
+    aad_profile:
+      managed: true
     agent_pool_profiles:
       - name: default
         count: 1

From 35019732e3be732f75f389b7d5c4a6bc0b7c3c0a Mon Sep 17 00:00:00 2001
From: Fred-sun <xiuxi.sun@qq.com>
Date: Thu, 10 Feb 2022 10:09:58 +0800
Subject: [PATCH 2/2] Update test case

---
 tests/integration/targets/azure_rm_aks/tasks/minimal-cluster.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/tests/integration/targets/azure_rm_aks/tasks/minimal-cluster.yml b/tests/integration/targets/azure_rm_aks/tasks/minimal-cluster.yml
index 85e96ac8a..bda3c06ec 100644
--- a/tests/integration/targets/azure_rm_aks/tasks/minimal-cluster.yml
+++ b/tests/integration/targets/azure_rm_aks/tasks/minimal-cluster.yml
@@ -89,6 +89,7 @@
     resource_group: "{{ resource_group }}"
     kubernetes_version: "{{ versions.azure_aks_versions[0] }}"
     dns_prefix: "aks{{ rpfx }}"
+    enable_rbac: true
     agent_pool_profiles:
       - name: default
         count: 1