diff --git a/aks.tf b/aks.tf
index 6001b4a..f648cf1 100644
--- a/aks.tf
+++ b/aks.tf
@@ -254,6 +254,11 @@ resource "azurerm_kubernetes_cluster" "k8s_cluster" {
     }
   }
 
+  lifecycle {
+    ignore_changes = [
+      default_node_pool["node_count"],
+    ]
+  }
 
   tags = var.tags
 }
@@ -284,6 +289,14 @@ resource "azurerm_kubernetes_cluster_node_pool" "aks-node" {
   priority        = each.value.priority
   eviction_policy = each.value.eviction_policy
   spot_max_price  = each.value.spot_max_price
+
+  lifecycle {
+    ignore_changes = [
+      node_taints,
+      node_labels,
+      node_count,
+    ]
+  }
 }
 
 resource "azurerm_monitor_diagnostic_setting" "aks-diagnostics" {
@@ -320,3 +333,12 @@ resource "azurerm_monitor_diagnostic_setting" "aks-diagnostics" {
     }
   }
 }
+
+resource "azurerm_kubernetes_cluster_extension" "flux" {
+  count                  = var.enable_flux_extension ? 1 : 0
+  name                   = "flux"
+  cluster_id             = azurerm_kubernetes_cluster.k8s_cluster.id
+  extension_type         = "microsoft.flux"
+  configuration_settings = var.flux_configuration_settings
+}
+
diff --git a/outputs.tf b/outputs.tf
index 27b525f..80e64a5 100644
--- a/outputs.tf
+++ b/outputs.tf
@@ -83,6 +83,15 @@ output "private_fqdn" {
   value = azurerm_kubernetes_cluster.k8s_cluster.private_fqdn
 }
 
+output "fqdn" {
+  value = azurerm_kubernetes_cluster.k8s_cluster.fqdn
+}
+
 output "oidc_issuer_url" {
   value = azurerm_kubernetes_cluster.k8s_cluster.oidc_issuer_url
 }
+
+output "secret_identity" {
+  value = azurerm_kubernetes_cluster.k8s_cluster.key_vault_secrets_provider[0].secret_identity
+}
+
diff --git a/variables.tf b/variables.tf
index 33625e7..91e5b4a 100644
--- a/variables.tf
+++ b/variables.tf
@@ -285,10 +285,21 @@ variable "ingress_application_subnet_cidr" {
 }
 
 variable "key_vault_secrets_provider" {
-  type = map(object({
+  type = object({
     secret_rotation_enabled  = string
     secret_rotation_interval = string
-  }))
+  })
 
   default = null
 }
+
+variable "enable_flux_extension" {
+  type    = bool
+  default = false
+}
+
+variable "flux_configuration_settings" {
+  type    = map(string)
+  default = {}
+}
+
diff --git a/versions.tf b/versions.tf
index 9d76625..4738eb4 100644
--- a/versions.tf
+++ b/versions.tf
@@ -1,8 +1,8 @@
 
 terraform {
-  required_version = ">= 1.0"
+  required_version = ">= 1.4"
 
   required_providers {
-    azurerm = ">= 3.39.0"
+    azurerm = ">= 3.59.0"
   }
 }