diff --git a/README.md b/README.md
index 20aa265..f43a120 100644
--- a/README.md
+++ b/README.md
@@ -348,13 +348,137 @@ Default: `null`
The following outputs are exported:
-### [resource](#output\_resource)
+### [current\_kubernetes\_version](#output\_current\_kubernetes\_version)
-Description: This is the full output for the resource.
+Description: The current version running on the Azure Kubernetes Managed Cluster
+
+### [fqdn](#output\_fqdn)
+
+Description: The FQDN of the Azure Kubernetes Managed Cluster
+
+### [http\_application\_routing\_zone\_name](#output\_http\_application\_routing\_zone\_name)
+
+Description: The Zone Name of the HTTP Application Routing
+
+### [identity\_principal\_id](#output\_identity\_principal\_id)
+
+Description: The Principal ID associated with this Managed Service Identity
+
+### [identity\_tenant\_id](#output\_identity\_tenant\_id)
+
+Description: The Tenant ID associated with this Managed Service Identity
+
+### [ingress\_application\_gateway\_identity\_client\_id](#output\_ingress\_application\_gateway\_identity\_client\_id)
+
+Description: The Client ID of the user-defined Managed Identity used by the Application Gateway
+
+### [ingress\_application\_gateway\_identity\_object\_id](#output\_ingress\_application\_gateway\_identity\_object\_id)
+
+Description: The Object ID of the user-defined Managed Identity used by the Application Gateway
+
+### [ingress\_application\_gateway\_identity\_user\_assigned\_identity\_id](#output\_ingress\_application\_gateway\_identity\_user\_assigned\_identity\_id)
+
+Description: The ID of the User Assigned Identity used by the Application Gateway
+
+### [key\_vault\_secrets\_provider\_secret\_identity\_client\_id](#output\_key\_vault\_secrets\_provider\_secret\_identity\_client\_id)
+
+Description: The Client ID of the user-defined Managed Identity used by the Secret Provider
+
+### [key\_vault\_secrets\_provider\_secret\_identity\_object\_id](#output\_key\_vault\_secrets\_provider\_secret\_identity\_object\_id)
+
+Description: The Object ID of the user-defined Managed Identity used by the Secret Provider
+
+### [key\_vault\_secrets\_provider\_secret\_identity\_user\_assigned\_identity\_id](#output\_key\_vault\_secrets\_provider\_secret\_identity\_user\_assigned\_identity\_id)
+
+Description: The ID of the User Assigned Identity used by the Secret Provider
+
+### [kube\_admin\_config](#output\_kube\_admin\_config)
+
+Description: The kube\_admin\_config block for the Azure Kubernetes Managed Cluster
+
+### [kube\_admin\_config\_raw](#output\_kube\_admin\_config\_raw)
+
+Description: Raw Kubernetes config for the admin account
+
+### [kube\_config](#output\_kube\_config)
+
+Description: The kube\_config block for the Azure Kubernetes Managed Cluster
+
+### [kube\_config\_raw](#output\_kube\_config\_raw)
+
+Description: Raw Kubernetes config for the user account
+
+### [kubelet\_identity\_client\_id](#output\_kubelet\_identity\_client\_id)
+
+Description: The Client ID of the user-defined Managed Identity assigned to the Kubelets
+
+### [kubelet\_identity\_object\_id](#output\_kubelet\_identity\_object\_id)
+
+Description: The Object ID of the user-defined Managed Identity assigned to the Kubelets
+
+### [kubelet\_identity\_user\_assigned\_identity\_id](#output\_kubelet\_identity\_user\_assigned\_identity\_id)
+
+Description: The ID of the User Assigned Identity assigned to the Kubelets
+
+### [load\_balancer\_profile\_effective\_outbound\_ips](#output\_load\_balancer\_profile\_effective\_outbound\_ips)
+
+Description: The effective outbound IPs for the load balancer profile
+
+### [nat\_gateway\_profile\_effective\_outbound\_ips](#output\_nat\_gateway\_profile\_effective\_outbound\_ips)
+
+Description: The effective outbound IPs for the NAT Gateway profile
+
+### [network\_profile](#output\_network\_profile)
+
+Description: The network profile block for the Kubernetes cluster
+
+### [node\_resource\_group](#output\_node\_resource\_group)
+
+Description: The auto-generated Resource Group containing resources for the Managed Kubernetes Cluster
+
+### [node\_resource\_group\_id](#output\_node\_resource\_group\_id)
+
+Description: The ID of the Resource Group containing resources for the Managed Kubernetes Cluster
+
+### [oidc\_issuer\_url](#output\_oidc\_issuer\_url)
+
+Description: The OIDC issuer URL that is associated with the cluster
+
+### [oms\_agent\_identity\_client\_id](#output\_oms\_agent\_identity\_client\_id)
+
+Description: The Client ID of the user-defined Managed Identity used by the OMS Agents
+
+### [oms\_agent\_identity\_object\_id](#output\_oms\_agent\_identity\_object\_id)
+
+Description: The Object ID of the user-defined Managed Identity used by the OMS Agents
+
+### [oms\_agent\_identity\_user\_assigned\_identity\_id](#output\_oms\_agent\_identity\_user\_assigned\_identity\_id)
+
+Description: The ID of the User Assigned Identity used by the OMS Agents
+
+### [portal\_fqdn](#output\_portal\_fqdn)
+
+Description: The FQDN for the Azure Portal resources when private link has been enabled
+
+### [private\_fqdn](#output\_private\_fqdn)
+
+Description: The FQDN for the Kubernetes Cluster when private link has been enabled
### [resource\_id](#output\_resource\_id)
-Description: The `azurerm_kubernetes_cluster`'s resource id.
+Description: The Kubernetes Managed Cluster ID.
+
+### [web\_app\_routing\_web\_app\_routing\_identity\_client\_id](#output\_web\_app\_routing\_web\_app\_routing\_identity\_client\_id)
+
+Description: The Client ID of the user-defined Managed Identity used for Web App Routing
+
+### [web\_app\_routing\_web\_app\_routing\_identity\_object\_id](#output\_web\_app\_routing\_web\_app\_routing\_identity\_object\_id)
+
+Description: The Object ID of the user-defined Managed Identity used for Web App Routing
+
+### [web\_app\_routing\_web\_app\_routing\_identity\_user\_assigned\_identity\_id](#output\_web\_app\_routing\_web\_app\_routing\_identity\_user\_assigned\_identity\_id)
+
+Description: The ID of the User Assigned Identity used for Web App Routing
## Modules
diff --git a/outputs.tf b/outputs.tf
index 3d9bb0f..b6ec427 100644
--- a/outputs.tf
+++ b/outputs.tf
@@ -1,11 +1,167 @@
-# Module owners should include the full resource via a 'resource' output
-# https://azure.github.io/Azure-Verified-Modules/specs/terraform/#id-tffr2---category-outputs---additional-terraform-outputs
-output "resource" {
- description = "This is the full output for the resource."
- value = azurerm_kubernetes_cluster.this
+# Authors SHOULD NOT output entire resource objects as these may contain sensitive outputs and the schema can change with API or provider versions
+# https://azure.github.io/Azure-Verified-Modules/specs/tf/res/#id-tffr2---category-outputs---additional-terraform-outputs
+
+output "current_kubernetes_version" {
+ description = "The current version running on the Azure Kubernetes Managed Cluster"
+ value = azurerm_kubernetes_cluster.this.current_kubernetes_version
+}
+
+output "fqdn" {
+ description = "The FQDN of the Azure Kubernetes Managed Cluster"
+ value = azurerm_kubernetes_cluster.this.fqdn
+}
+
+output "http_application_routing_zone_name" {
+ description = "The Zone Name of the HTTP Application Routing"
+ value = azurerm_kubernetes_cluster.this.http_application_routing_zone_name
+}
+
+output "identity_principal_id" {
+ description = "The Principal ID associated with this Managed Service Identity"
+ value = try(azurerm_kubernetes_cluster.this.identity[0].principal_id, null)
+}
+
+output "identity_tenant_id" {
+ description = "The Tenant ID associated with this Managed Service Identity"
+ value = try(azurerm_kubernetes_cluster.this.identity[0].tenant_id, null)
+}
+
+output "ingress_application_gateway_identity_client_id" {
+ description = "The Client ID of the user-defined Managed Identity used by the Application Gateway"
+ value = try(azurerm_kubernetes_cluster.this.ingress_application_gateway[0].ingress_application_gateway_identity[0].client_id, null)
+}
+
+output "ingress_application_gateway_identity_object_id" {
+ description = "The Object ID of the user-defined Managed Identity used by the Application Gateway"
+ value = try(azurerm_kubernetes_cluster.this.ingress_application_gateway[0].ingress_application_gateway_identity[0].object_id, null)
+}
+
+output "ingress_application_gateway_identity_user_assigned_identity_id" {
+ description = "The ID of the User Assigned Identity used by the Application Gateway"
+ value = try(azurerm_kubernetes_cluster.this.ingress_application_gateway[0].ingress_application_gateway_identity[0].user_assigned_identity_id, null)
+}
+
+output "key_vault_secrets_provider_secret_identity_client_id" {
+ description = "The Client ID of the user-defined Managed Identity used by the Secret Provider"
+ value = try(azurerm_kubernetes_cluster.this.key_vault_secrets_provider[0].secret_identity[0].client_id, null)
+}
+
+output "key_vault_secrets_provider_secret_identity_object_id" {
+ description = "The Object ID of the user-defined Managed Identity used by the Secret Provider"
+ value = azurerm_kubernetes_cluster.this.key_vault_secrets_provider[0].secret_identity[0].object_id
+}
+
+output "key_vault_secrets_provider_secret_identity_user_assigned_identity_id" {
+ description = "The ID of the User Assigned Identity used by the Secret Provider"
+ value = azurerm_kubernetes_cluster.this.key_vault_secrets_provider[0].secret_identity[0].user_assigned_identity_id
+}
+
+output "kube_admin_config" {
+ description = "The kube_admin_config block for the Azure Kubernetes Managed Cluster"
+ value = azurerm_kubernetes_cluster.this.kube_admin_config
+}
+
+output "kube_admin_config_raw" {
+ description = "Raw Kubernetes config for the admin account"
+ value = azurerm_kubernetes_cluster.this.kube_admin_config_raw
+}
+
+output "kube_config" {
+ description = "The kube_config block for the Azure Kubernetes Managed Cluster"
+ value = azurerm_kubernetes_cluster.this.kube_config
+}
+
+output "kube_config_raw" {
+ description = "Raw Kubernetes config for the user account"
+ value = azurerm_kubernetes_cluster.this.kube_config_raw
+}
+
+output "kubelet_identity_client_id" {
+ description = "The Client ID of the user-defined Managed Identity assigned to the Kubelets"
+ value = azurerm_kubernetes_cluster.this.kubelet_identity[0].client_id
+}
+
+output "kubelet_identity_object_id" {
+ description = "The Object ID of the user-defined Managed Identity assigned to the Kubelets"
+ value = azurerm_kubernetes_cluster.this.kubelet_identity[0].object_id
+}
+
+output "kubelet_identity_user_assigned_identity_id" {
+ description = "The ID of the User Assigned Identity assigned to the Kubelets"
+ value = azurerm_kubernetes_cluster.this.kubelet_identity[0].user_assigned_identity_id
+}
+
+output "load_balancer_profile_effective_outbound_ips" {
+ description = "The effective outbound IPs for the load balancer profile"
+ value = try(azurerm_kubernetes_cluster.this.network_profile[0].load_balancer_profile[0].effective_outbound_ips, null)
+}
+
+output "nat_gateway_profile_effective_outbound_ips" {
+ description = "The effective outbound IPs for the NAT Gateway profile"
+ value = try(azurerm_kubernetes_cluster.this.network_profile[0].nat_gateway_profile[0].effective_outbound_ips, null)
+}
+
+output "network_profile" {
+ description = "The network profile block for the Kubernetes cluster"
+ value = azurerm_kubernetes_cluster.this.network_profile
+}
+
+output "node_resource_group" {
+ description = "The auto-generated Resource Group containing resources for the Managed Kubernetes Cluster"
+ value = azurerm_kubernetes_cluster.this.node_resource_group
+}
+
+output "node_resource_group_id" {
+ description = "The ID of the Resource Group containing resources for the Managed Kubernetes Cluster"
+ value = azurerm_kubernetes_cluster.this.node_resource_group_id
+}
+
+output "oidc_issuer_url" {
+ description = "The OIDC issuer URL that is associated with the cluster"
+ value = azurerm_kubernetes_cluster.this.oidc_issuer_url
+}
+
+output "oms_agent_identity_client_id" {
+ description = "The Client ID of the user-defined Managed Identity used by the OMS Agents"
+ value = try(azurerm_kubernetes_cluster.this.oms_agent[0].oms_agent_identity[0].client_id, null)
+}
+
+output "oms_agent_identity_object_id" {
+ description = "The Object ID of the user-defined Managed Identity used by the OMS Agents"
+ value = try(azurerm_kubernetes_cluster.this.oms_agent[0].oms_agent_identity[0].object_id, null)
+}
+
+output "oms_agent_identity_user_assigned_identity_id" {
+ description = "The ID of the User Assigned Identity used by the OMS Agents"
+ value = try(azurerm_kubernetes_cluster.this.oms_agent[0].oms_agent_identity[0].user_assigned_identity_id, null)
+}
+
+output "portal_fqdn" {
+ description = "The FQDN for the Azure Portal resources when private link has been enabled"
+ value = try(azurerm_kubernetes_cluster.this.portal_fqdn, null)
+}
+
+output "private_fqdn" {
+ description = "The FQDN for the Kubernetes Cluster when private link has been enabled"
+ value = try(azurerm_kubernetes_cluster.this.private_fqdn, null)
}
output "resource_id" {
- description = "The `azurerm_kubernetes_cluster`'s resource id."
+ description = "The Kubernetes Managed Cluster ID."
value = azurerm_kubernetes_cluster.this.id
}
+
+output "web_app_routing_web_app_routing_identity_client_id" {
+ description = "The Client ID of the user-defined Managed Identity used for Web App Routing"
+ value = try(azurerm_kubernetes_cluster.this.web_app_routing[0].web_app_routing_identity[0].client_id, null)
+}
+
+output "web_app_routing_web_app_routing_identity_object_id" {
+ description = "The Object ID of the user-defined Managed Identity used for Web App Routing"
+ value = try(azurerm_kubernetes_cluster.this.web_app_routing[0].web_app_routing_identity[0].object_id, null)
+}
+
+output "web_app_routing_web_app_routing_identity_user_assigned_identity_id" {
+ description = "The ID of the User Assigned Identity used for Web App Routing"
+ value = try(azurerm_kubernetes_cluster.this.web_app_routing[0].web_app_routing_identity[0].user_assigned_identity_id, null)
+}