From c10b2796c98d68b3b88f801e8993ce4be045b29a Mon Sep 17 00:00:00 2001
From: zjhe <hezijie@microsoft.com>
Date: Tue, 9 May 2023 08:06:21 +0800
Subject: [PATCH 1/2] add notice for #357

---
 NoticeOnUpgradeTov7.0.md | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/NoticeOnUpgradeTov7.0.md b/NoticeOnUpgradeTov7.0.md
index 3b828648..ed84e574 100644
--- a/NoticeOnUpgradeTov7.0.md
+++ b/NoticeOnUpgradeTov7.0.md
@@ -30,3 +30,9 @@ In v6.0, `default_node_pool.linux_os_config` block won't be added to `azurerm_ku
 ## Remove unused net_profile_docker_bridge_cidr
 
 `var.net_profile_docker_bridge_cidr` has been [deprecated](https://github.com/hashicorp/terraform-provider-azurerm/issues/18119) and is not used in the module anymore and has been removed.
+
+## Add `create_before_destroy=true` to node pools #357
+
+Now `azurerm_kubernetes_cluster_node_pool.node_pool` resource has `create_before_destroy=true` to avoid downtime when upgrading node pools. Users must be aware that there would be a "random" suffix added into pool's name, this suffix's length is `4`, so your previous node pool's name `nodepool1` would be `nodepool1xxxx`. This suffix is calculated from node pool's config, the same configuration would lead to the same suffix. You might need to shorten your node pool's name because of this new added suffix.
+
+To enable this feature, we've also added new `null_resource.pool_name_keeper` to track node pool's name in case you've changed the name.
\ No newline at end of file

From 5361096f14c4822f9d2123fd545796ecaf813f61 Mon Sep 17 00:00:00 2001
From: zjhe <hezijie@microsoft.com>
Date: Tue, 16 May 2023 10:50:34 +0800
Subject: [PATCH 2/2] upgrade notice for 361

---
 NoticeOnUpgradeTov7.0.md | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/NoticeOnUpgradeTov7.0.md b/NoticeOnUpgradeTov7.0.md
index ed84e574..02dfae0d 100644
--- a/NoticeOnUpgradeTov7.0.md
+++ b/NoticeOnUpgradeTov7.0.md
@@ -35,4 +35,12 @@ In v6.0, `default_node_pool.linux_os_config` block won't be added to `azurerm_ku
 
 Now `azurerm_kubernetes_cluster_node_pool.node_pool` resource has `create_before_destroy=true` to avoid downtime when upgrading node pools. Users must be aware that there would be a "random" suffix added into pool's name, this suffix's length is `4`, so your previous node pool's name `nodepool1` would be `nodepool1xxxx`. This suffix is calculated from node pool's config, the same configuration would lead to the same suffix. You might need to shorten your node pool's name because of this new added suffix.
 
-To enable this feature, we've also added new `null_resource.pool_name_keeper` to track node pool's name in case you've changed the name.
\ No newline at end of file
+To enable this feature, we've also added new `null_resource.pool_name_keeper` to track node pool's name in case you've changed the name.
+
+## Check `api_server_authorized_ip_ranges` when `public_network_access_enabled` is `true` #361
+
+As the [document](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/kubernetes_cluster#public_network_access_enabled) described:
+
+>When `public_network_access_enabled` is set to true, `0.0.0.0/32` must be added to `authorized_ip_ranges` in the `api_server_access_profile block`.
+
+We'll add `api_server_access_profile` nested block after AzureRM provider's v4.0, but starting from v7.0 we'll enforce such pre-condition check.
\ No newline at end of file