containerservice.azure.com/v1api20240402preview

containerservice.azure.com/v1api20240402preview

Package v1api20240402preview contains API Schema definitions for the containerservice v1api20240402preview API group

Resource Types:

    APIVersion (string alias)

    Value Description

    "2024-04-02-preview"

    AdvancedNetworking

    (Appears on:ContainerServiceNetworkProfile)

    Advanced Networking profile for enabling observability on a cluster. Note that enabling advanced networking features may incur additional costs. For more information see aka.ms/aksadvancednetworking.

    Field Description
    observability
    AdvancedNetworkingObservability

    Observability: Observability profile to enable advanced network metrics and flow logs with historical contexts.

    AdvancedNetworkingObservability

    (Appears on:AdvancedNetworking)

    Observability profile to enable advanced network metrics and flow logs with historical contexts.

    Field Description
    enabled
    bool

    Enabled: Indicates the enablement of Advanced Networking observability functionalities on clusters.

    AdvancedNetworkingObservability_STATUS

    (Appears on:AdvancedNetworking_STATUS)

    Observability profile to enable advanced network metrics and flow logs with historical contexts.

    Field Description
    enabled
    bool

    Enabled: Indicates the enablement of Advanced Networking observability functionalities on clusters.

    AdvancedNetworking_STATUS

    (Appears on:ContainerServiceNetworkProfile_STATUS)

    Advanced Networking profile for enabling observability on a cluster. Note that enabling advanced networking features may incur additional costs. For more information see aka.ms/aksadvancednetworking.

    Field Description
    observability
    AdvancedNetworkingObservability_STATUS

    Observability: Observability profile to enable advanced network metrics and flow logs with historical contexts.

    AgentPoolArtifactStreamingProfile

    (Appears on:ManagedClusterAgentPoolProfile, ManagedClustersAgentPool_Spec)

    Field Description
    enabled
    bool

    Enabled: Artifact streaming speeds up the cold-start of containers on a node through on-demand image loading. To use this feature, container images must also enable artifact streaming on ACR. If not specified, the default is false.

    AgentPoolArtifactStreamingProfile_STATUS

    (Appears on:ManagedClusterAgentPoolProfile_STATUS, ManagedClustersAgentPool_STATUS)

    Field Description
    enabled
    bool

    Enabled: Artifact streaming speeds up the cold-start of containers on a node through on-demand image loading. To use this feature, container images must also enable artifact streaming on ACR. If not specified, the default is false.

    AgentPoolGPUProfile

    (Appears on:ManagedClusterAgentPoolProfile, ManagedClustersAgentPool_Spec)

    Field Description
    installGPUDriver
    bool

    InstallGPUDriver: The default value is true when the vmSize of the agent pool contains a GPU, false otherwise. GPU Driver Installation can only be set true when VM has an associated GPU resource. Setting this field to false prevents automatic GPU driver installation. In that case, in order for the GPU to be usable, the user must perform GPU driver installation themselves.

    AgentPoolGPUProfile_STATUS

    (Appears on:ManagedClusterAgentPoolProfile_STATUS, ManagedClustersAgentPool_STATUS)

    Field Description
    installGPUDriver
    bool

    InstallGPUDriver: The default value is true when the vmSize of the agent pool contains a GPU, false otherwise. GPU Driver Installation can only be set true when VM has an associated GPU resource. Setting this field to false prevents automatic GPU driver installation. In that case, in order for the GPU to be usable, the user must perform GPU driver installation themselves.

    AgentPoolGatewayProfile

    (Appears on:ManagedClusterAgentPoolProfile, ManagedClustersAgentPool_Spec)

    Profile of the managed cluster gateway agent pool.

    Field Description
    publicIPPrefixSize
    int

    PublicIPPrefixSize: The Gateway agent pool associates one public IPPrefix for each static egress gateway to provide public egress. The size of Public IPPrefix should be selected by the user. Each node in the agent pool is assigned with one IP from the IPPrefix. The IPPrefix size thus serves as a cap on the size of the Gateway agent pool. Due to Azure public IPPrefix size limitation, the valid value range is 28, 31. The default value is 31.

    AgentPoolGatewayProfile_STATUS

    (Appears on:ManagedClusterAgentPoolProfile_STATUS, ManagedClustersAgentPool_STATUS)

    Profile of the managed cluster gateway agent pool.

    Field Description
    publicIPPrefixSize
    int

    PublicIPPrefixSize: The Gateway agent pool associates one public IPPrefix for each static egress gateway to provide public egress. The size of Public IPPrefix should be selected by the user. Each node in the agent pool is assigned with one IP from the IPPrefix. The IPPrefix size thus serves as a cap on the size of the Gateway agent pool. Due to Azure public IPPrefix size limitation, the valid value range is 28, 31. The default value is 31.

    AgentPoolMode (string alias)

    (Appears on:ManagedClusterAgentPoolProfile, ManagedClustersAgentPool_Spec)

    A cluster must have at least one ‘System’ Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools

    Value Description

    "Gateway"

    "System"

    "User"

    AgentPoolMode_STATUS (string alias)

    (Appears on:ManagedClusterAgentPoolProfile_STATUS, ManagedClustersAgentPool_STATUS)

    A cluster must have at least one ‘System’ Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools

    Value Description

    "Gateway"

    "System"

    "User"

    AgentPoolNetworkProfile

    (Appears on:ManagedClusterAgentPoolProfile, ManagedClustersAgentPool_Spec)

    Network settings of an agent pool.

    Field Description
    allowedHostPorts
    []PortRange

    AllowedHostPorts: The port ranges that are allowed to access. The specified ranges are allowed to overlap.

    applicationSecurityGroupsReferences
    []genruntime.ResourceReference

    ApplicationSecurityGroupsReferences: The IDs of the application security groups which agent pool will associate when created.

    nodePublicIPTags
    []IPTag

    NodePublicIPTags: IPTags of instance-level public IPs.

    AgentPoolNetworkProfile_STATUS

    (Appears on:ManagedClusterAgentPoolProfile_STATUS, ManagedClustersAgentPool_STATUS)

    Network settings of an agent pool.

    Field Description
    allowedHostPorts
    []PortRange_STATUS

    AllowedHostPorts: The port ranges that are allowed to access. The specified ranges are allowed to overlap.

    applicationSecurityGroups
    []string

    ApplicationSecurityGroups: The IDs of the application security groups which agent pool will associate when created.

    nodePublicIPTags
    []IPTag_STATUS

    NodePublicIPTags: IPTags of instance-level public IPs.

    AgentPoolSSHAccess (string alias)

    (Appears on:AgentPoolSecurityProfile)

    SSH access method of an agent pool.

    Value Description

    "Disabled"

    "LocalUser"

    AgentPoolSSHAccess_STATUS (string alias)

    (Appears on:AgentPoolSecurityProfile_STATUS)

    SSH access method of an agent pool.

    Value Description

    "Disabled"

    "LocalUser"

    AgentPoolSecurityProfile

    (Appears on:ManagedClusterAgentPoolProfile, ManagedClustersAgentPool_Spec)

    The security settings of an agent pool.

    Field Description
    enableSecureBoot
    bool

    EnableSecureBoot: Secure Boot is a feature of Trusted Launch which ensures that only signed operating systems and drivers can boot. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false.

    enableVTPM
    bool

    EnableVTPM: vTPM is a Trusted Launch feature for configuring a dedicated secure vault for keys and measurements held locally on the node. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false.

    sshAccess
    AgentPoolSSHAccess

    SshAccess: SSH access method of an agent pool.

    AgentPoolSecurityProfile_STATUS

    (Appears on:ManagedClusterAgentPoolProfile_STATUS, ManagedClustersAgentPool_STATUS)

    The security settings of an agent pool.

    Field Description
    enableSecureBoot
    bool

    EnableSecureBoot: Secure Boot is a feature of Trusted Launch which ensures that only signed operating systems and drivers can boot. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false.

    enableVTPM
    bool

    EnableVTPM: vTPM is a Trusted Launch feature for configuring a dedicated secure vault for keys and measurements held locally on the node. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false.

    sshAccess
    AgentPoolSSHAccess_STATUS

    SshAccess: SSH access method of an agent pool.

    AgentPoolType (string alias)

    (Appears on:ManagedClusterAgentPoolProfile, ManagedClustersAgentPool_Spec)

    The type of Agent Pool.

    Value Description

    "AvailabilitySet"

    "VirtualMachineScaleSets"

    "VirtualMachines"

    AgentPoolType_STATUS (string alias)

    (Appears on:ManagedClusterAgentPoolProfile_STATUS, ManagedClustersAgentPool_STATUS)

    The type of Agent Pool.

    Value Description

    "AvailabilitySet"

    "VirtualMachineScaleSets"

    "VirtualMachines"

    AgentPoolUpgradeSettings

    (Appears on:ManagedClusterAgentPoolProfile, ManagedClustersAgentPool_Spec)

    Settings for upgrading an agentpool

    Field Description
    drainTimeoutInMinutes
    int

    DrainTimeoutInMinutes: The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not specified, the default is 30 minutes.

    maxSurge
    string

    MaxSurge: This can either be set to an integer (e.g. ‘5’) or a percentage (e.g. ‘50%’). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade

    nodeSoakDurationInMinutes
    int

    NodeSoakDurationInMinutes: The amount of time (in minutes) to wait after draining a node and before reimaging it and moving on to next node. If not specified, the default is 0 minutes.

    undrainableNodeBehavior
    AgentPoolUpgradeSettings_UndrainableNodeBehavior

    UndrainableNodeBehavior: Defines the behavior for undrainable nodes during upgrade. The most common cause of undrainable nodes is Pod Disruption Budgets (PDBs), but other issues, such as pod termination grace period is exceeding the remaining per-node drain timeout or pod is still being in a running state, can also cause undrainable nodes.

    AgentPoolUpgradeSettings_STATUS

    (Appears on:ManagedClusterAgentPoolProfile_STATUS, ManagedClustersAgentPool_STATUS)

    Settings for upgrading an agentpool

    Field Description
    drainTimeoutInMinutes
    int

    DrainTimeoutInMinutes: The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not specified, the default is 30 minutes.

    maxSurge
    string

    MaxSurge: This can either be set to an integer (e.g. ‘5’) or a percentage (e.g. ‘50%’). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade

    nodeSoakDurationInMinutes
    int

    NodeSoakDurationInMinutes: The amount of time (in minutes) to wait after draining a node and before reimaging it and moving on to next node. If not specified, the default is 0 minutes.

    undrainableNodeBehavior
    AgentPoolUpgradeSettings_UndrainableNodeBehavior_STATUS

    UndrainableNodeBehavior: Defines the behavior for undrainable nodes during upgrade. The most common cause of undrainable nodes is Pod Disruption Budgets (PDBs), but other issues, such as pod termination grace period is exceeding the remaining per-node drain timeout or pod is still being in a running state, can also cause undrainable nodes.

    AgentPoolUpgradeSettings_UndrainableNodeBehavior (string alias)

    (Appears on:AgentPoolUpgradeSettings)

    Value Description

    "Cordon"

    "Schedule"

    AgentPoolUpgradeSettings_UndrainableNodeBehavior_STATUS (string alias)

    (Appears on:AgentPoolUpgradeSettings_STATUS)

    Value Description

    "Cordon"

    "Schedule"

    AgentPoolWindowsProfile

    (Appears on:ManagedClusterAgentPoolProfile, ManagedClustersAgentPool_Spec)

    The Windows agent pool’s specific profile.

    Field Description
    disableOutboundNat
    bool

    DisableOutboundNat: The default value is false. Outbound NAT can only be disabled if the cluster outboundType is NAT Gateway and the Windows agent pool does not have node public IP enabled.

    AgentPoolWindowsProfile_STATUS

    (Appears on:ManagedClusterAgentPoolProfile_STATUS, ManagedClustersAgentPool_STATUS)

    The Windows agent pool’s specific profile.

    Field Description
    disableOutboundNat
    bool

    DisableOutboundNat: The default value is false. Outbound NAT can only be disabled if the cluster outboundType is NAT Gateway and the Windows agent pool does not have node public IP enabled.

    AutoScaleProfile

    (Appears on:ScaleProfile)

    Specifications on auto-scaling.

    Field Description
    maxCount
    int

    MaxCount: The maximum number of nodes of the specified sizes.

    minCount
    int

    MinCount: The minimum number of nodes of the specified sizes.

    sizes
    []string

    Sizes: The list of allowed vm sizes e.g. [‘Standard_E4s_v3’, ‘Standard_E16s_v3’, ‘Standard_D16s_v5’]. AKS will use the first available one when auto scaling. If a VM size is unavailable (e.g. due to quota or regional capacity reasons), AKS will use the next size.

    AutoScaleProfile_STATUS

    (Appears on:ScaleProfile_STATUS)

    Specifications on auto-scaling.

    Field Description
    maxCount
    int

    MaxCount: The maximum number of nodes of the specified sizes.

    minCount
    int

    MinCount: The minimum number of nodes of the specified sizes.

    sizes
    []string

    Sizes: The list of allowed vm sizes e.g. [‘Standard_E4s_v3’, ‘Standard_E16s_v3’, ‘Standard_D16s_v5’]. AKS will use the first available one when auto scaling. If a VM size is unavailable (e.g. due to quota or regional capacity reasons), AKS will use the next size.

    AzureKeyVaultKms

    (Appears on:ManagedClusterSecurityProfile)

    Azure Key Vault key management service settings for the security profile.

    Field Description
    enabled
    bool

    Enabled: Whether to enable Azure Key Vault key management service. The default is false.

    keyId
    string

    KeyId: Identifier of Azure Key Vault key. See key identifier format for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key identifier. When Azure Key Vault key management service is disabled, leave the field empty.

    keyVaultNetworkAccess
    AzureKeyVaultKms_KeyVaultNetworkAccess

    KeyVaultNetworkAccess: Network access of key vault. The possible values are Public and Private. Public means the key vault allows public access from all networks. Private means the key vault disables public access and enables private link. The default value is Public.

    keyVaultResourceReference
    genruntime.ResourceReference

    KeyVaultResourceReference: Resource ID of key vault. When keyVaultNetworkAccess is Private, this field is required and must be a valid resource ID. When keyVaultNetworkAccess is Public, leave the field empty.

    AzureKeyVaultKms_KeyVaultNetworkAccess (string alias)

    (Appears on:AzureKeyVaultKms)

    Value Description

    "Private"

    "Public"

    AzureKeyVaultKms_KeyVaultNetworkAccess_STATUS (string alias)

    (Appears on:AzureKeyVaultKms_STATUS)

    Value Description

    "Private"

    "Public"

    AzureKeyVaultKms_STATUS

    (Appears on:ManagedClusterSecurityProfile_STATUS)

    Azure Key Vault key management service settings for the security profile.

    Field Description
    enabled
    bool

    Enabled: Whether to enable Azure Key Vault key management service. The default is false.

    keyId
    string

    KeyId: Identifier of Azure Key Vault key. See key identifier format for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key identifier. When Azure Key Vault key management service is disabled, leave the field empty.

    keyVaultNetworkAccess
    AzureKeyVaultKms_KeyVaultNetworkAccess_STATUS

    KeyVaultNetworkAccess: Network access of key vault. The possible values are Public and Private. Public means the key vault allows public access from all networks. Private means the key vault disables public access and enables private link. The default value is Public.

    keyVaultResourceId
    string

    KeyVaultResourceId: Resource ID of key vault. When keyVaultNetworkAccess is Private, this field is required and must be a valid resource ID. When keyVaultNetworkAccess is Public, leave the field empty.

    ClusterUpgradeSettings

    (Appears on:ManagedCluster_Spec)

    Settings for upgrading a cluster.

    Field Description
    overrideSettings
    UpgradeOverrideSettings

    OverrideSettings: Settings for overrides.

    ClusterUpgradeSettings_STATUS

    (Appears on:ManagedCluster_STATUS)

    Settings for upgrading a cluster.

    Field Description
    overrideSettings
    UpgradeOverrideSettings_STATUS

    OverrideSettings: Settings for overrides.

    ContainerServiceLinuxProfile

    (Appears on:ManagedCluster_Spec)

    Profile for Linux VMs in the container service cluster.

    Field Description
    adminUsername
    string

    AdminUsername: The administrator username to use for Linux VMs.

    ssh
    ContainerServiceSshConfiguration

    Ssh: The SSH configuration for Linux-based VMs running on Azure.

    ContainerServiceLinuxProfile_STATUS

    (Appears on:ManagedCluster_STATUS)

    Profile for Linux VMs in the container service cluster.

    Field Description
    adminUsername
    string

    AdminUsername: The administrator username to use for Linux VMs.

    ssh
    ContainerServiceSshConfiguration_STATUS

    Ssh: The SSH configuration for Linux-based VMs running on Azure.

    ContainerServiceNetworkProfile

    (Appears on:ManagedCluster_Spec)

    Profile of network configuration.

    Field Description
    advancedNetworking
    AdvancedNetworking

    AdvancedNetworking: Advanced Networking profile for enabling observability on a cluster. Note that enabling advanced networking features may incur additional costs. For more information see aka.ms/aksadvancednetworking.

    dnsServiceIP
    string

    DnsServiceIP: An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.

    ipFamilies
    []IpFamily

    IpFamilies: IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value is IPv4. For dual-stack, the expected values are IPv4 and IPv6.

    kubeProxyConfig
    ContainerServiceNetworkProfile_KubeProxyConfig

    KubeProxyConfig: Holds configuration customizations for kube-proxy. Any values not defined will use the kube-proxy defaulting behavior. See https://v.docs.kubernetes.io/docs/reference/command-line-tools-reference/kube-proxy/ where is represented by a - string. Kubernetes version 1.23 would be ‘1-23’.

    loadBalancerProfile
    ManagedClusterLoadBalancerProfile

    LoadBalancerProfile: Profile of the cluster load balancer.

    loadBalancerSku
    LoadBalancerSku

    LoadBalancerSku: The default is ‘standard’. See Azure Load Balancer SKUs for more information about the differences between load balancer SKUs.

    natGatewayProfile
    ManagedClusterNATGatewayProfile

    NatGatewayProfile: Profile of the cluster NAT gateway.

    networkDataplane
    NetworkDataplane

    NetworkDataplane: Network dataplane used in the Kubernetes cluster.

    networkMode
    NetworkMode

    NetworkMode: This cannot be specified if networkPlugin is anything other than ‘azure’.

    networkPlugin
    NetworkPlugin

    NetworkPlugin: Network plugin used for building the Kubernetes network.

    networkPluginMode
    NetworkPluginMode

    NetworkPluginMode: Network plugin mode used for building the Kubernetes network.

    networkPolicy
    NetworkPolicy

    NetworkPolicy: Network policy used for building the Kubernetes network.

    outboundType
    ContainerServiceNetworkProfile_OutboundType

    OutboundType: This can only be set at cluster creation time and cannot be changed later. For more information see egress outbound type.

    podCidr
    string

    PodCidr: A CIDR notation IP range from which to assign pod IPs when kubenet is used.

    podCidrs
    []string

    PodCidrs: One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking.

    podLinkLocalAccess
    PodLinkLocalAccess

    PodLinkLocalAccess: Defines access to special link local addresses (Azure Instance Metadata Service, aka IMDS) for pods with hostNetwork=false. if not specified, the default is ‘IMDS’.

    serviceCidr
    string

    ServiceCidr: A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.

    serviceCidrs
    []string

    ServiceCidrs: One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking. They must not overlap with any Subnet IP ranges.

    staticEgressGatewayProfile
    ManagedClusterStaticEgressGatewayProfile

    StaticEgressGatewayProfile: The profile for Static Egress Gateway addon. For more details about Static Egress Gateway, see https://aka.ms/aks/static-egress-gateway.

    ContainerServiceNetworkProfile_KubeProxyConfig

    (Appears on:ContainerServiceNetworkProfile)

    Field Description
    enabled
    bool

    Enabled: Whether to enable on kube-proxy on the cluster (if no ‘kubeProxyConfig’ exists, kube-proxy is enabled in AKS by default without these customizations).

    ipvsConfig
    ContainerServiceNetworkProfile_KubeProxyConfig_IpvsConfig

    IpvsConfig: Holds configuration customizations for IPVS. May only be specified if ‘mode’ is set to ‘IPVS’.

    mode
    ContainerServiceNetworkProfile_KubeProxyConfig_Mode

    Mode: Specify which proxy mode to use (‘IPTABLES’ or ‘IPVS’)

    ContainerServiceNetworkProfile_KubeProxyConfig_IpvsConfig

    (Appears on:ContainerServiceNetworkProfile_KubeProxyConfig)

    Field Description
    scheduler
    ContainerServiceNetworkProfile_KubeProxyConfig_IpvsConfig_Scheduler

    Scheduler: IPVS scheduler, for more information please see http://www.linuxvirtualserver.org/docs/scheduling.html.

    tcpFinTimeoutSeconds
    int

    TcpFinTimeoutSeconds: The timeout value used for IPVS TCP sessions after receiving a FIN in seconds. Must be a positive integer value.

    tcpTimeoutSeconds
    int

    TcpTimeoutSeconds: The timeout value used for idle IPVS TCP sessions in seconds. Must be a positive integer value.

    udpTimeoutSeconds
    int

    UdpTimeoutSeconds: The timeout value used for IPVS UDP packets in seconds. Must be a positive integer value.

    ContainerServiceNetworkProfile_KubeProxyConfig_IpvsConfig_STATUS

    (Appears on:ContainerServiceNetworkProfile_KubeProxyConfig_STATUS)

    Field Description
    scheduler
    ContainerServiceNetworkProfile_KubeProxyConfig_IpvsConfig_Scheduler_STATUS

    Scheduler: IPVS scheduler, for more information please see http://www.linuxvirtualserver.org/docs/scheduling.html.

    tcpFinTimeoutSeconds
    int

    TcpFinTimeoutSeconds: The timeout value used for IPVS TCP sessions after receiving a FIN in seconds. Must be a positive integer value.

    tcpTimeoutSeconds
    int

    TcpTimeoutSeconds: The timeout value used for idle IPVS TCP sessions in seconds. Must be a positive integer value.

    udpTimeoutSeconds
    int

    UdpTimeoutSeconds: The timeout value used for IPVS UDP packets in seconds. Must be a positive integer value.

    ContainerServiceNetworkProfile_KubeProxyConfig_IpvsConfig_Scheduler (string alias)

    (Appears on:ContainerServiceNetworkProfile_KubeProxyConfig_IpvsConfig)

    Value Description

    "LeastConnection"

    "RoundRobin"

    ContainerServiceNetworkProfile_KubeProxyConfig_IpvsConfig_Scheduler_STATUS (string alias)

    (Appears on:ContainerServiceNetworkProfile_KubeProxyConfig_IpvsConfig_STATUS)

    Value Description

    "LeastConnection"

    "RoundRobin"

    ContainerServiceNetworkProfile_KubeProxyConfig_Mode (string alias)

    (Appears on:ContainerServiceNetworkProfile_KubeProxyConfig)

    Value Description

    "IPTABLES"

    "IPVS"

    ContainerServiceNetworkProfile_KubeProxyConfig_Mode_STATUS (string alias)

    (Appears on:ContainerServiceNetworkProfile_KubeProxyConfig_STATUS)

    Value Description

    "IPTABLES"

    "IPVS"

    ContainerServiceNetworkProfile_KubeProxyConfig_STATUS

    (Appears on:ContainerServiceNetworkProfile_STATUS)

    Field Description
    enabled
    bool

    Enabled: Whether to enable on kube-proxy on the cluster (if no ‘kubeProxyConfig’ exists, kube-proxy is enabled in AKS by default without these customizations).

    ipvsConfig
    ContainerServiceNetworkProfile_KubeProxyConfig_IpvsConfig_STATUS

    IpvsConfig: Holds configuration customizations for IPVS. May only be specified if ‘mode’ is set to ‘IPVS’.

    mode
    ContainerServiceNetworkProfile_KubeProxyConfig_Mode_STATUS

    Mode: Specify which proxy mode to use (‘IPTABLES’ or ‘IPVS’)

    ContainerServiceNetworkProfile_OutboundType (string alias)

    (Appears on:ContainerServiceNetworkProfile)

    Value Description

    "loadBalancer"

    "managedNATGateway"

    "none"

    "userAssignedNATGateway"

    "userDefinedRouting"

    ContainerServiceNetworkProfile_OutboundType_STATUS (string alias)

    (Appears on:ContainerServiceNetworkProfile_STATUS)

    Value Description

    "loadBalancer"

    "managedNATGateway"

    "none"

    "userAssignedNATGateway"

    "userDefinedRouting"

    ContainerServiceNetworkProfile_STATUS

    (Appears on:ManagedCluster_STATUS)

    Profile of network configuration.

    Field Description
    advancedNetworking
    AdvancedNetworking_STATUS

    AdvancedNetworking: Advanced Networking profile for enabling observability on a cluster. Note that enabling advanced networking features may incur additional costs. For more information see aka.ms/aksadvancednetworking.

    dnsServiceIP
    string

    DnsServiceIP: An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.

    ipFamilies
    []IpFamily_STATUS

    IpFamilies: IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value is IPv4. For dual-stack, the expected values are IPv4 and IPv6.

    kubeProxyConfig
    ContainerServiceNetworkProfile_KubeProxyConfig_STATUS

    KubeProxyConfig: Holds configuration customizations for kube-proxy. Any values not defined will use the kube-proxy defaulting behavior. See https://v.docs.kubernetes.io/docs/reference/command-line-tools-reference/kube-proxy/ where is represented by a - string. Kubernetes version 1.23 would be ‘1-23’.

    loadBalancerProfile
    ManagedClusterLoadBalancerProfile_STATUS

    LoadBalancerProfile: Profile of the cluster load balancer.

    loadBalancerSku
    LoadBalancerSku_STATUS

    LoadBalancerSku: The default is ‘standard’. See Azure Load Balancer SKUs for more information about the differences between load balancer SKUs.

    natGatewayProfile
    ManagedClusterNATGatewayProfile_STATUS

    NatGatewayProfile: Profile of the cluster NAT gateway.

    networkDataplane
    NetworkDataplane_STATUS

    NetworkDataplane: Network dataplane used in the Kubernetes cluster.

    networkMode
    NetworkMode_STATUS

    NetworkMode: This cannot be specified if networkPlugin is anything other than ‘azure’.

    networkPlugin
    NetworkPlugin_STATUS

    NetworkPlugin: Network plugin used for building the Kubernetes network.

    networkPluginMode
    NetworkPluginMode_STATUS

    NetworkPluginMode: Network plugin mode used for building the Kubernetes network.

    networkPolicy
    NetworkPolicy_STATUS

    NetworkPolicy: Network policy used for building the Kubernetes network.

    outboundType
    ContainerServiceNetworkProfile_OutboundType_STATUS

    OutboundType: This can only be set at cluster creation time and cannot be changed later. For more information see egress outbound type.

    podCidr
    string

    PodCidr: A CIDR notation IP range from which to assign pod IPs when kubenet is used.

    podCidrs
    []string

    PodCidrs: One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking.

    podLinkLocalAccess
    PodLinkLocalAccess_STATUS

    PodLinkLocalAccess: Defines access to special link local addresses (Azure Instance Metadata Service, aka IMDS) for pods with hostNetwork=false. if not specified, the default is ‘IMDS’.

    serviceCidr
    string

    ServiceCidr: A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.

    serviceCidrs
    []string

    ServiceCidrs: One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking. They must not overlap with any Subnet IP ranges.

    staticEgressGatewayProfile
    ManagedClusterStaticEgressGatewayProfile_STATUS

    StaticEgressGatewayProfile: The profile for Static Egress Gateway addon. For more details about Static Egress Gateway, see https://aka.ms/aks/static-egress-gateway.

    ContainerServiceOSDisk (int alias)

    (Appears on:ManagedClusterAgentPoolProfile, ManagedClustersAgentPool_Spec)

    ContainerServiceSshConfiguration

    (Appears on:ContainerServiceLinuxProfile)

    SSH configuration for Linux-based VMs running on Azure.

    Field Description
    publicKeys
    []ContainerServiceSshPublicKey

    PublicKeys: The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.

    ContainerServiceSshConfiguration_STATUS

    (Appears on:ContainerServiceLinuxProfile_STATUS)

    SSH configuration for Linux-based VMs running on Azure.

    Field Description
    publicKeys
    []ContainerServiceSshPublicKey_STATUS

    PublicKeys: The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.

    ContainerServiceSshPublicKey

    (Appears on:ContainerServiceSshConfiguration)

    Contains information about SSH certificate public key data.

    Field Description
    keyData
    string

    KeyData: Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.

    ContainerServiceSshPublicKey_STATUS

    (Appears on:ContainerServiceSshConfiguration_STATUS)

    Contains information about SSH certificate public key data.

    Field Description
    keyData
    string

    KeyData: Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.

    CreationData

    (Appears on:ManagedClusterAgentPoolProfile, ManagedCluster_Spec, ManagedClustersAgentPool_Spec)

    Data used when creating a target resource from a source resource.

    Field Description
    sourceResourceReference
    genruntime.ResourceReference

    SourceResourceReference: This is the ARM ID of the source object to be used to create the target object.

    CreationData_STATUS

    (Appears on:ManagedClusterAgentPoolProfile_STATUS, ManagedCluster_STATUS, ManagedClustersAgentPool_STATUS)

    Data used when creating a target resource from a source resource.

    Field Description
    sourceResourceId
    string

    SourceResourceId: This is the ARM ID of the source object to be used to create the target object.

    DelegatedResource

    (Appears on:ManagedClusterIdentity)

    Delegated resource properties - internal use only.

    Field Description
    location
    string

    Location: The source resource location - internal use only.

    referralResource
    string

    ReferralResource: The delegation id of the referral delegation (optional) - internal use only.

    resourceReference
    genruntime.ResourceReference

    ResourceReference: The ARM resource id of the delegated resource - internal use only.

    tenantId
    string

    TenantId: The tenant id of the delegated resource - internal use only.

    DelegatedResource_STATUS

    (Appears on:ManagedClusterIdentity_STATUS)

    Delegated resource properties - internal use only.

    Field Description
    location
    string

    Location: The source resource location - internal use only.

    referralResource
    string

    ReferralResource: The delegation id of the referral delegation (optional) - internal use only.

    resourceId
    string

    ResourceId: The ARM resource id of the delegated resource - internal use only.

    tenantId
    string

    TenantId: The tenant id of the delegated resource - internal use only.

    Expander (string alias)

    (Appears on:ManagedClusterProperties_AutoScalerProfile)

    If not specified, the default is ‘random’. See expanders for more information.

    Value Description

    "least-waste"

    "most-pods"

    "priority"

    "random"

    Expander_STATUS (string alias)

    (Appears on:ManagedClusterProperties_AutoScalerProfile_STATUS)

    If not specified, the default is ‘random’. See expanders for more information.

    Value Description

    "least-waste"

    "most-pods"

    "priority"

    "random"

    ExtendedLocation

    (Appears on:ManagedCluster_Spec)

    The complex type of the extended location.

    Field Description
    name
    string

    Name: The name of the extended location.

    type
    ExtendedLocationType

    Type: The type of the extended location.

    ExtendedLocationType (string alias)

    (Appears on:ExtendedLocation)

    The type of extendedLocation.

    Value Description

    "EdgeZone"

    ExtendedLocationType_STATUS (string alias)

    (Appears on:ExtendedLocation_STATUS)

    The type of extendedLocation.

    Value Description

    "EdgeZone"

    ExtendedLocation_STATUS

    (Appears on:ManagedCluster_STATUS)

    The complex type of the extended location.

    Field Description
    name
    string

    Name: The name of the extended location.

    type
    ExtendedLocationType_STATUS

    Type: The type of the extended location.

    GPUInstanceProfile (string alias)

    (Appears on:ManagedClusterAgentPoolProfile, ManagedClustersAgentPool_Spec)

    GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.

    Value Description

    "MIG1g"

    "MIG2g"

    "MIG3g"

    "MIG4g"

    "MIG7g"

    GPUInstanceProfile_STATUS (string alias)

    (Appears on:ManagedClusterAgentPoolProfile_STATUS, ManagedClustersAgentPool_STATUS)

    GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.

    Value Description

    "MIG1g"

    "MIG2g"

    "MIG3g"

    "MIG4g"

    "MIG7g"

    IPTag

    (Appears on:AgentPoolNetworkProfile)

    Contains the IPTag associated with the object.

    Field Description
    ipTagType
    string

    IpTagType: The IP tag type. Example: RoutingPreference.

    tag
    string

    Tag: The value of the IP tag associated with the public IP. Example: Internet.

    IPTag_STATUS

    (Appears on:AgentPoolNetworkProfile_STATUS)

    Contains the IPTag associated with the object.

    Field Description
    ipTagType
    string

    IpTagType: The IP tag type. Example: RoutingPreference.

    tag
    string

    Tag: The value of the IP tag associated with the public IP. Example: Internet.

    IpFamily (string alias)

    (Appears on:ContainerServiceNetworkProfile)

    To determine if address belongs IPv4 or IPv6 family.

    Value Description

    "IPv4"

    "IPv6"

    IpFamily_STATUS (string alias)

    (Appears on:ContainerServiceNetworkProfile_STATUS)

    To determine if address belongs IPv4 or IPv6 family.

    Value Description

    "IPv4"

    "IPv6"

    IstioCertificateAuthority

    (Appears on:IstioServiceMesh)

    Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin certificates as described here https://aka.ms/asm-plugin-ca

    Field Description
    plugin
    IstioPluginCertificateAuthority

    Plugin: Plugin certificates information for Service Mesh.

    IstioCertificateAuthority_STATUS

    (Appears on:IstioServiceMesh_STATUS)

    Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin certificates as described here https://aka.ms/asm-plugin-ca

    Field Description
    plugin
    IstioPluginCertificateAuthority_STATUS

    Plugin: Plugin certificates information for Service Mesh.

    IstioComponents

    (Appears on:IstioServiceMesh)

    Istio components configuration.

    Field Description
    egressGateways
    []IstioEgressGateway

    EgressGateways: Istio egress gateways.

    ingressGateways
    []IstioIngressGateway

    IngressGateways: Istio ingress gateways.

    IstioComponents_STATUS

    (Appears on:IstioServiceMesh_STATUS)

    Istio components configuration.

    Field Description
    egressGateways
    []IstioEgressGateway_STATUS

    EgressGateways: Istio egress gateways.

    ingressGateways
    []IstioIngressGateway_STATUS

    IngressGateways: Istio ingress gateways.

    IstioEgressGateway

    (Appears on:IstioComponents)

    Istio egress gateway configuration.

    Field Description
    enabled
    bool

    Enabled: Whether to enable the egress gateway.

    IstioEgressGateway_STATUS

    (Appears on:IstioComponents_STATUS)

    Istio egress gateway configuration.

    Field Description
    enabled
    bool

    Enabled: Whether to enable the egress gateway.

    IstioIngressGateway

    (Appears on:IstioComponents)

    Istio ingress gateway configuration. For now, we support up to one external ingress gateway named aks-istio-ingressgateway-external and one internal ingress gateway named aks-istio-ingressgateway-internal.

    Field Description
    enabled
    bool

    Enabled: Whether to enable the ingress gateway.

    mode
    IstioIngressGateway_Mode

    Mode: Mode of an ingress gateway.

    IstioIngressGateway_Mode (string alias)

    (Appears on:IstioIngressGateway)

    Value Description

    "External"

    "Internal"

    IstioIngressGateway_Mode_STATUS (string alias)

    (Appears on:IstioIngressGateway_STATUS)

    Value Description

    "External"

    "Internal"

    IstioIngressGateway_STATUS

    (Appears on:IstioComponents_STATUS)

    Istio ingress gateway configuration. For now, we support up to one external ingress gateway named aks-istio-ingressgateway-external and one internal ingress gateway named aks-istio-ingressgateway-internal.

    Field Description
    enabled
    bool

    Enabled: Whether to enable the ingress gateway.

    mode
    IstioIngressGateway_Mode_STATUS

    Mode: Mode of an ingress gateway.

    IstioPluginCertificateAuthority

    (Appears on:IstioCertificateAuthority)

    Plugin certificates information for Service Mesh.

    Field Description
    certChainObjectName
    string

    CertChainObjectName: Certificate chain object name in Azure Key Vault.

    certObjectName
    string

    CertObjectName: Intermediate certificate object name in Azure Key Vault.

    keyObjectName
    string

    KeyObjectName: Intermediate certificate private key object name in Azure Key Vault.

    keyVaultReference
    genruntime.ResourceReference

    KeyVaultReference: The resource ID of the Key Vault.

    rootCertObjectName
    string

    RootCertObjectName: Root certificate object name in Azure Key Vault.

    IstioPluginCertificateAuthority_STATUS

    (Appears on:IstioCertificateAuthority_STATUS)

    Plugin certificates information for Service Mesh.

    Field Description
    certChainObjectName
    string

    CertChainObjectName: Certificate chain object name in Azure Key Vault.

    certObjectName
    string

    CertObjectName: Intermediate certificate object name in Azure Key Vault.

    keyObjectName
    string

    KeyObjectName: Intermediate certificate private key object name in Azure Key Vault.

    keyVaultId
    string

    KeyVaultId: The resource ID of the Key Vault.

    rootCertObjectName
    string

    RootCertObjectName: Root certificate object name in Azure Key Vault.

    IstioServiceMesh

    (Appears on:ServiceMeshProfile)

    Istio service mesh configuration.

    Field Description
    certificateAuthority
    IstioCertificateAuthority

    CertificateAuthority: Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin certificates as described here https://aka.ms/asm-plugin-ca

    components
    IstioComponents

    Components: Istio components configuration.

    revisions
    []string

    Revisions: The list of revisions of the Istio control plane. When an upgrade is not in progress, this holds one value. When canary upgrade is in progress, this can only hold two consecutive values. For more information, see: https://learn.microsoft.com/en-us/azure/aks/istio-upgrade

    IstioServiceMesh_STATUS

    (Appears on:ServiceMeshProfile_STATUS)

    Istio service mesh configuration.

    Field Description
    certificateAuthority
    IstioCertificateAuthority_STATUS

    CertificateAuthority: Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin certificates as described here https://aka.ms/asm-plugin-ca

    components
    IstioComponents_STATUS

    Components: Istio components configuration.

    revisions
    []string

    Revisions: The list of revisions of the Istio control plane. When an upgrade is not in progress, this holds one value. When canary upgrade is in progress, this can only hold two consecutive values. For more information, see: https://learn.microsoft.com/en-us/azure/aks/istio-upgrade

    KubeletConfig

    (Appears on:ManagedClusterAgentPoolProfile, ManagedClustersAgentPool_Spec)

    See AKS custom node configuration for more details.

    Field Description
    allowedUnsafeSysctls
    []string

    AllowedUnsafeSysctls: Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in *).

    containerLogMaxFiles
    int

    ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be ≥ 2.

    containerLogMaxSizeMB
    int

    ContainerLogMaxSizeMB: The maximum size (e.g. 10Mi) of container log file before it is rotated.

    cpuCfsQuota
    bool

    CpuCfsQuota: The default is true.

    cpuCfsQuotaPeriod
    string

    CpuCfsQuotaPeriod: The default is ‘100ms.’ Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: ‘300ms’, ‘2h45m’. Supported units are ‘ns’, ‘us’, ‘ms’, ’s’, ’m’, and ‘h’.

    cpuManagerPolicy
    string

    CpuManagerPolicy: The default is ‘none’. See Kubernetes CPU management policies for more information. Allowed values are ‘none’ and ‘static’.

    failSwapOn
    bool

    FailSwapOn: If set to true it will make the Kubelet fail to start if swap is enabled on the node.

    imageGcHighThreshold
    int

    ImageGcHighThreshold: To disable image garbage collection, set to 100. The default is 85%

    imageGcLowThreshold
    int

    ImageGcLowThreshold: This cannot be set higher than imageGcHighThreshold. The default is 80%

    podMaxPids
    int

    PodMaxPids: The maximum number of processes per pod.

    topologyManagerPolicy
    string

    TopologyManagerPolicy: For more information see Kubernetes Topology Manager. The default is ‘none’. Allowed values are ‘none’, ‘best-effort’, ‘restricted’, and ‘single-numa-node’.

    KubeletConfig_STATUS

    (Appears on:ManagedClusterAgentPoolProfile_STATUS, ManagedClustersAgentPool_STATUS)

    See AKS custom node configuration for more details.

    Field Description
    allowedUnsafeSysctls
    []string

    AllowedUnsafeSysctls: Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in *).

    containerLogMaxFiles
    int

    ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be ≥ 2.

    containerLogMaxSizeMB
    int

    ContainerLogMaxSizeMB: The maximum size (e.g. 10Mi) of container log file before it is rotated.

    cpuCfsQuota
    bool

    CpuCfsQuota: The default is true.

    cpuCfsQuotaPeriod
    string

    CpuCfsQuotaPeriod: The default is ‘100ms.’ Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: ‘300ms’, ‘2h45m’. Supported units are ‘ns’, ‘us’, ‘ms’, ’s’, ’m’, and ‘h’.

    cpuManagerPolicy
    string

    CpuManagerPolicy: The default is ‘none’. See Kubernetes CPU management policies for more information. Allowed values are ‘none’ and ‘static’.

    failSwapOn
    bool

    FailSwapOn: If set to true it will make the Kubelet fail to start if swap is enabled on the node.

    imageGcHighThreshold
    int

    ImageGcHighThreshold: To disable image garbage collection, set to 100. The default is 85%

    imageGcLowThreshold
    int

    ImageGcLowThreshold: This cannot be set higher than imageGcHighThreshold. The default is 80%

    podMaxPids
    int

    PodMaxPids: The maximum number of processes per pod.

    topologyManagerPolicy
    string

    TopologyManagerPolicy: For more information see Kubernetes Topology Manager. The default is ‘none’. Allowed values are ‘none’, ‘best-effort’, ‘restricted’, and ‘single-numa-node’.

    KubeletDiskType (string alias)

    (Appears on:ManagedClusterAgentPoolProfile, ManagedClustersAgentPool_Spec)

    Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.

    Value Description

    "OS"

    "Temporary"

    KubeletDiskType_STATUS (string alias)

    (Appears on:ManagedClusterAgentPoolProfile_STATUS, ManagedClustersAgentPool_STATUS)

    Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.

    Value Description

    "OS"

    "Temporary"

    KubernetesSupportPlan (string alias)

    (Appears on:ManagedCluster_Spec)

    Different support tiers for AKS managed clusters

    Value Description

    "AKSLongTermSupport"

    "KubernetesOfficial"

    KubernetesSupportPlan_STATUS (string alias)

    (Appears on:ManagedCluster_STATUS)

    Different support tiers for AKS managed clusters

    Value Description

    "AKSLongTermSupport"

    "KubernetesOfficial"

    LinuxOSConfig

    (Appears on:ManagedClusterAgentPoolProfile, ManagedClustersAgentPool_Spec)

    See AKS custom node configuration for more details.

    Field Description
    swapFileSizeMB
    int

    SwapFileSizeMB: The size in MB of a swap file that will be created on each node.

    sysctls
    SysctlConfig

    Sysctls: Sysctl settings for Linux agent nodes.

    transparentHugePageDefrag
    string

    TransparentHugePageDefrag: Valid values are ‘always’, ‘defer’, ‘defer+madvise’, ‘madvise’ and ‘never’. The default is ‘madvise’. For more information see Transparent Hugepages.

    transparentHugePageEnabled
    string

    TransparentHugePageEnabled: Valid values are ‘always’, ‘madvise’, and ‘never’. The default is ‘always’. For more information see Transparent Hugepages.

    LinuxOSConfig_STATUS

    (Appears on:ManagedClusterAgentPoolProfile_STATUS, ManagedClustersAgentPool_STATUS)

    See AKS custom node configuration for more details.

    Field Description
    swapFileSizeMB
    int

    SwapFileSizeMB: The size in MB of a swap file that will be created on each node.

    sysctls
    SysctlConfig_STATUS

    Sysctls: Sysctl settings for Linux agent nodes.

    transparentHugePageDefrag
    string

    TransparentHugePageDefrag: Valid values are ‘always’, ‘defer’, ‘defer+madvise’, ‘madvise’ and ‘never’. The default is ‘madvise’. For more information see Transparent Hugepages.

    transparentHugePageEnabled
    string

    TransparentHugePageEnabled: Valid values are ‘always’, ‘madvise’, and ‘never’. The default is ‘always’. For more information see Transparent Hugepages.

    LoadBalancerSku (string alias)

    (Appears on:ContainerServiceNetworkProfile)

    The default is ‘standard’. See Azure Load Balancer SKUs for more information about the differences between load balancer SKUs.

    Value Description

    "basic"

    "standard"

    LoadBalancerSku_STATUS (string alias)

    (Appears on:ContainerServiceNetworkProfile_STATUS)

    The default is ‘standard’. See Azure Load Balancer SKUs for more information about the differences between load balancer SKUs.

    Value Description

    "basic"

    "standard"

    ManagedCluster

    Generator information: - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/preview/2024-04-02-preview/managedClusters.json - ARM URI: /​subscriptions/​{subscriptionId}/​resourceGroups/​{resourceGroupName}/​providers/​Microsoft.ContainerService/​managedClusters/​{resourceName}

    Field Description
    metadata
    Kubernetes meta/v1.ObjectMeta
    Refer to the Kubernetes API documentation for the fields of the metadata field.
    spec
    ManagedCluster_Spec


    aadProfile
    ManagedClusterAADProfile

    AadProfile: The Azure Active Directory configuration.

    addonProfiles
    map[string]./api/containerservice/v1api20240402preview.ManagedClusterAddonProfile

    AddonProfiles: The profile of managed cluster add-on.

    agentPoolProfiles
    []ManagedClusterAgentPoolProfile

    AgentPoolProfiles: The agent pool properties.

    aiToolchainOperatorProfile
    ManagedClusterAIToolchainOperatorProfile

    AiToolchainOperatorProfile: AI toolchain operator settings that apply to the whole cluster.

    apiServerAccessProfile
    ManagedClusterAPIServerAccessProfile

    ApiServerAccessProfile: The access profile for managed cluster API server.

    autoScalerProfile
    ManagedClusterProperties_AutoScalerProfile

    AutoScalerProfile: Parameters to be applied to the cluster-autoscaler when enabled

    autoUpgradeProfile
    ManagedClusterAutoUpgradeProfile

    AutoUpgradeProfile: The auto upgrade configuration.

    azureMonitorProfile
    ManagedClusterAzureMonitorProfile

    AzureMonitorProfile: Prometheus addon profile for the container service cluster

    azureName
    string

    AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn’t have to be.

    bootstrapProfile
    ManagedClusterBootstrapProfile

    BootstrapProfile: Profile of the cluster bootstrap configuration.

    creationData
    CreationData

    CreationData: CreationData to be used to specify the source Snapshot ID if the cluster will be created/upgraded using a snapshot.

    disableLocalAccounts
    bool

    DisableLocalAccounts: If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see disable local accounts.

    diskEncryptionSetReference
    genruntime.ResourceReference

    DiskEncryptionSetReference: This is of the form: ‘/​subscriptions/​{subscriptionId}/​resourceGroups/​{resourceGroupName}/​providers/​Microsoft.Compute/​diskEncryptionSets/​{encryptionSetName}’

    dnsPrefix
    string

    DnsPrefix: This cannot be updated once the Managed Cluster has been created.

    enableNamespaceResources
    bool

    EnableNamespaceResources: The default value is false. It can be enabled/disabled on creation and updating of the managed cluster. See https://aka.ms/NamespaceARMResource for more details on Namespace as a ARM Resource.

    enablePodSecurityPolicy
    bool

    EnablePodSecurityPolicy: (DEPRECATED) Whether to enable Kubernetes pod security policy (preview). PodSecurityPolicy was deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25. Learn more at https://aka.ms/k8s/psp and https://aka.ms/aks/psp.

    enableRBAC
    bool

    EnableRBAC: Whether to enable Kubernetes Role-Based Access Control.

    extendedLocation
    ExtendedLocation

    ExtendedLocation: The extended location of the Virtual Machine.

    fqdnSubdomain
    string

    FqdnSubdomain: This cannot be updated once the Managed Cluster has been created.

    httpProxyConfig
    ManagedClusterHTTPProxyConfig

    HttpProxyConfig: Configurations for provisioning the cluster with HTTP proxy servers.

    identity
    ManagedClusterIdentity

    Identity: The identity of the managed cluster, if configured.

    identityProfile
    map[string]./api/containerservice/v1api20240402preview.UserAssignedIdentity

    IdentityProfile: Identities associated with the cluster.

    ingressProfile
    ManagedClusterIngressProfile

    IngressProfile: Ingress profile for the managed cluster.

    kind
    string

    Kind: This is primarily used to expose different UI experiences in the portal for different kinds

    kubernetesVersion
    string

    KubernetesVersion: When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See upgrading an AKS cluster for more details.

    linuxProfile
    ContainerServiceLinuxProfile

    LinuxProfile: The profile for Linux VMs in the Managed Cluster.

    location
    string

    Location: The geo-location where the resource lives

    metricsProfile
    ManagedClusterMetricsProfile

    MetricsProfile: Optional cluster metrics configuration.

    networkProfile
    ContainerServiceNetworkProfile

    NetworkProfile: The network configuration profile.

    nodeProvisioningProfile
    ManagedClusterNodeProvisioningProfile

    NodeProvisioningProfile: Node provisioning settings that apply to the whole cluster.

    nodeResourceGroup
    string

    NodeResourceGroup: The name of the resource group containing agent pool nodes.

    nodeResourceGroupProfile
    ManagedClusterNodeResourceGroupProfile

    NodeResourceGroupProfile: The node resource group configuration profile.

    oidcIssuerProfile
    ManagedClusterOIDCIssuerProfile

    OidcIssuerProfile: The OIDC issuer profile of the Managed Cluster.

    operatorSpec
    ManagedClusterOperatorSpec

    OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not passed directly to Azure

    owner
    genruntime.KnownResourceReference

    Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a resources.azure.com/ResourceGroup resource

    podIdentityProfile
    ManagedClusterPodIdentityProfile

    PodIdentityProfile: See use AAD pod identity for more details on AAD pod identity integration.

    privateLinkResources
    []PrivateLinkResource

    PrivateLinkResources: Private link resources associated with the cluster.

    publicNetworkAccess
    ManagedClusterProperties_PublicNetworkAccess

    PublicNetworkAccess: Allow or deny public network access for AKS

    safeguardsProfile
    SafeguardsProfile

    SafeguardsProfile: The Safeguards profile holds all the safeguards information for a given cluster

    securityProfile
    ManagedClusterSecurityProfile

    SecurityProfile: Security profile for the managed cluster.

    serviceMeshProfile
    ServiceMeshProfile

    ServiceMeshProfile: Service mesh profile for a managed cluster.

    servicePrincipalProfile
    ManagedClusterServicePrincipalProfile

    ServicePrincipalProfile: Information about a service principal identity for the cluster to use for manipulating Azure APIs.

    sku
    ManagedClusterSKU

    Sku: The managed cluster SKU.

    storageProfile
    ManagedClusterStorageProfile

    StorageProfile: Storage profile for the managed cluster.

    supportPlan
    KubernetesSupportPlan

    SupportPlan: The support plan for the Managed Cluster. If unspecified, the default is ‘KubernetesOfficial’.

    tags
    map[string]string

    Tags: Resource tags.

    upgradeSettings
    ClusterUpgradeSettings

    UpgradeSettings: Settings for upgrading a cluster.

    windowsProfile
    ManagedClusterWindowsProfile

    WindowsProfile: The profile for Windows VMs in the Managed Cluster.

    workloadAutoScalerProfile
    ManagedClusterWorkloadAutoScalerProfile

    WorkloadAutoScalerProfile: Workload Auto-scaler profile for the managed cluster.

    status
    ManagedCluster_STATUS

    ManagedClusterAADProfile

    (Appears on:ManagedCluster_Spec)

    For more details see managed AAD on AKS.

    Field Description
    adminGroupObjectIDs
    []string

    AdminGroupObjectIDs: The list of AAD group object IDs that will have admin role of the cluster.

    clientAppID
    string

    ClientAppID: (DEPRECATED) The client AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.

    enableAzureRBAC
    bool

    EnableAzureRBAC: Whether to enable Azure RBAC for Kubernetes authorization.

    managed
    bool

    Managed: Whether to enable managed AAD.

    serverAppID
    string

    ServerAppID: (DEPRECATED) The server AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.

    serverAppSecret
    string

    ServerAppSecret: (DEPRECATED) The server AAD application secret. Learn more at https://aka.ms/aks/aad-legacy.

    tenantID
    string

    TenantID: The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.

    ManagedClusterAADProfile_STATUS

    (Appears on:ManagedCluster_STATUS)

    For more details see managed AAD on AKS.

    Field Description
    adminGroupObjectIDs
    []string

    AdminGroupObjectIDs: The list of AAD group object IDs that will have admin role of the cluster.

    clientAppID
    string

    ClientAppID: (DEPRECATED) The client AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.

    enableAzureRBAC
    bool

    EnableAzureRBAC: Whether to enable Azure RBAC for Kubernetes authorization.

    managed
    bool

    Managed: Whether to enable managed AAD.

    serverAppID
    string

    ServerAppID: (DEPRECATED) The server AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.

    serverAppSecret
    string

    ServerAppSecret: (DEPRECATED) The server AAD application secret. Learn more at https://aka.ms/aks/aad-legacy.

    tenantID
    string

    TenantID: The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.

    ManagedClusterAIToolchainOperatorProfile

    (Appears on:ManagedCluster_Spec)

    When enabling the operator, a set of AKS managed CRDs and controllers will be installed in the cluster. The operator automates the deployment of OSS models for inference and/or training purposes. It provides a set of preset models and enables distributed inference against them.

    Field Description
    enabled
    bool

    Enabled: Indicates if AI toolchain operator enabled or not.

    ManagedClusterAIToolchainOperatorProfile_STATUS

    (Appears on:ManagedCluster_STATUS)

    When enabling the operator, a set of AKS managed CRDs and controllers will be installed in the cluster. The operator automates the deployment of OSS models for inference and/or training purposes. It provides a set of preset models and enables distributed inference against them.

    Field Description
    enabled
    bool

    Enabled: Indicates if AI toolchain operator enabled or not.

    ManagedClusterAPIServerAccessProfile

    (Appears on:ManagedCluster_Spec)

    Access profile for managed cluster API server.

    Field Description
    authorizedIPRanges
    []string

    AuthorizedIPRanges: IP ranges are specified in CIDR format, e.g. 137.117.106.8829. This feature is not compatible with clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see API server authorized IP ranges.

    disableRunCommand
    bool

    DisableRunCommand: Whether to disable run command for the cluster or not.

    enablePrivateCluster
    bool

    EnablePrivateCluster: For more details, see Creating a private AKS cluster.

    enablePrivateClusterPublicFQDN
    bool

    EnablePrivateClusterPublicFQDN: Whether to create additional public FQDN for private cluster or not.

    enableVnetIntegration
    bool

    EnableVnetIntegration: Whether to enable apiserver vnet integration for the cluster or not.

    privateDNSZone
    string

    PrivateDNSZone: The default is System. For more details see configure private DNS zone. Allowed values are ‘system’ and ‘none’.

    subnetId
    string

    SubnetId: It is required when: 1. creating a new cluster with BYO Vnet; 2. updating an existing cluster to enable apiserver vnet integration.

    ManagedClusterAPIServerAccessProfile_STATUS

    (Appears on:ManagedCluster_STATUS)

    Access profile for managed cluster API server.

    Field Description
    authorizedIPRanges
    []string

    AuthorizedIPRanges: IP ranges are specified in CIDR format, e.g. 137.117.106.8829. This feature is not compatible with clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see API server authorized IP ranges.

    disableRunCommand
    bool

    DisableRunCommand: Whether to disable run command for the cluster or not.

    enablePrivateCluster
    bool

    EnablePrivateCluster: For more details, see Creating a private AKS cluster.

    enablePrivateClusterPublicFQDN
    bool

    EnablePrivateClusterPublicFQDN: Whether to create additional public FQDN for private cluster or not.

    enableVnetIntegration
    bool

    EnableVnetIntegration: Whether to enable apiserver vnet integration for the cluster or not.

    privateDNSZone
    string

    PrivateDNSZone: The default is System. For more details see configure private DNS zone. Allowed values are ‘system’ and ‘none’.

    subnetId
    string

    SubnetId: It is required when: 1. creating a new cluster with BYO Vnet; 2. updating an existing cluster to enable apiserver vnet integration.

    ManagedClusterAddonProfile

    (Appears on:ManagedCluster_Spec)

    A Kubernetes add-on profile for a managed cluster.

    Field Description
    config
    map[string]string

    Config: Key-value pairs for configuring an add-on.

    enabled
    bool

    Enabled: Whether the add-on is enabled or not.

    ManagedClusterAddonProfile_STATUS

    (Appears on:ManagedCluster_STATUS)

    A Kubernetes add-on profile for a managed cluster.

    Field Description
    config
    map[string]string

    Config: Key-value pairs for configuring an add-on.

    enabled
    bool

    Enabled: Whether the add-on is enabled or not.

    identity
    UserAssignedIdentity_STATUS

    Identity: Information of user assigned identity used by this add-on.

    ManagedClusterAgentPoolProfile

    (Appears on:ManagedCluster_Spec)

    Profile for the container service agent pool.

    Field Description
    artifactStreamingProfile
    AgentPoolArtifactStreamingProfile

    ArtifactStreamingProfile: Configuration for using artifact streaming on AKS.

    availabilityZones
    []string

    AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is ‘VirtualMachineScaleSets’.

    capacityReservationGroupReference
    genruntime.ResourceReference

    CapacityReservationGroupReference: AKS will associate the specified agent pool with the Capacity Reservation Group.

    count
    int

    Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.

    creationData
    CreationData

    CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.

    enableAutoScaling
    bool

    EnableAutoScaling: Whether to enable auto-scaler

    enableCustomCATrust
    bool

    EnableCustomCATrust: When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded certificates into node trust stores. Defaults to false.

    enableEncryptionAtHost
    bool

    EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption

    enableFIPS
    bool

    EnableFIPS: See Add a FIPS-enabled node pool for more details.

    enableNodePublicIP
    bool

    EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see assigning a public IP per node. The default is false.

    enableUltraSSD
    bool

    EnableUltraSSD: Whether to enable UltraSSD

    gatewayProfile
    AgentPoolGatewayProfile

    GatewayProfile: Profile specific to a managed agent pool in Gateway mode. This field cannot be set if agent pool mode is not Gateway.

    gpuInstanceProfile
    GPUInstanceProfile

    GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.

    gpuProfile
    AgentPoolGPUProfile

    GpuProfile: The GPU settings of an agent pool.

    hostGroupReference
    genruntime.ResourceReference

    HostGroupReference: This is of the form: /​subscriptions/​{subscriptionId}/​resourceGroups/​{resourceGroupName}/​providers/​Microsoft.Compute/​hostGroups/​{hostGroupName}. For more information see Azure dedicated hosts.

    kubeletConfig
    KubeletConfig

    KubeletConfig: The Kubelet configuration on the agent pool nodes.

    kubeletDiskType
    KubeletDiskType

    KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.

    linuxOSConfig
    LinuxOSConfig

    LinuxOSConfig: The OS configuration of Linux agent nodes.

    maxCount
    int

    MaxCount: The maximum number of nodes for auto-scaling

    maxPods
    int

    MaxPods: The maximum number of pods that can run on a node.

    messageOfTheDay
    string

    MessageOfTheDay: A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script).

    minCount
    int

    MinCount: The minimum number of nodes for auto-scaling

    mode
    AgentPoolMode

    Mode: A cluster must have at least one ‘System’ Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools

    name
    string

    Name: Windows agent pool names must be 6 characters or less.

    networkProfile
    AgentPoolNetworkProfile

    NetworkProfile: Network-related settings of an agent pool.

    nodeInitializationTaints
    []string

    NodeInitializationTaints: These taints will not be reconciled by AKS and can be removed with a kubectl call. This field can be modified after node pool is created, but nodes will not be recreated with new taints until another operation that requires recreation (e.g. node image upgrade) happens. These taints allow for required configuration to run before the node is ready to accept workloads, for example ‘key1=value1:NoSchedule’ that then can be removed with kubectl taint nodes node1 key1=value1:NoSchedule-

    nodeLabels
    map[string]string

    NodeLabels: The node labels to be persisted across all nodes in agent pool.

    nodePublicIPPrefixReference
    genruntime.ResourceReference

    NodePublicIPPrefixReference: This is of the form: /​subscriptions/​{subscriptionId}/​resourceGroups/​{resourceGroupName}/​providers/​Microsoft.Network/​publicIPPrefixes/​{publicIPPrefixName}

    nodeTaints
    []string

    NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.

    orchestratorVersion
    string

    OrchestratorVersion: Both patch version and are supported. When is specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same once it has been created will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see upgrading a node pool.

    osDiskSizeGB
    ContainerServiceOSDisk
    osDiskType
    OSDiskType

    OsDiskType: The default is ‘Ephemeral’ if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to ‘Managed’. May not be changed after creation. For more information see Ephemeral OS.

    osSKU
    OSSKU

    OsSKU: Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is deprecated.

    osType
    OSType

    OsType: The operating system type. The default is Linux.

    podIPAllocationMode
    PodIPAllocationMode

    PodIPAllocationMode: The IP allocation mode for pods in the agent pool. Must be used with podSubnetId. The default is ‘DynamicIndividual’.

    podSubnetReference
    genruntime.ResourceReference

    PodSubnetReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /​subscriptions/​{subscriptionId}/​resourceGroups/​{resourceGroupName}/​providers/​Microsoft.Network/​virtualNetworks/​{virtualNetworkName}/​subnets/​{subnetName}

    powerState
    PowerState

    PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded

    proximityPlacementGroupReference
    genruntime.ResourceReference

    ProximityPlacementGroupReference: The ID for Proximity Placement Group.

    scaleDownMode
    ScaleDownMode

    ScaleDownMode: This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.

    scaleSetEvictionPolicy
    ScaleSetEvictionPolicy

    ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is ‘Spot’. If not specified, the default is ‘Delete’.

    scaleSetPriority
    ScaleSetPriority

    ScaleSetPriority: The Virtual Machine Scale Set priority. If not specified, the default is ‘Regular’.

    securityProfile
    AgentPoolSecurityProfile

    SecurityProfile: The security settings of an agent pool.

    spotMaxPrice
    float64

    SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see spot VMs pricing

    tags
    map[string]string

    Tags: The tags to be persisted on the agent pool virtual machine scale set.

    type
    AgentPoolType

    Type: The type of Agent Pool.

    upgradeSettings
    AgentPoolUpgradeSettings

    UpgradeSettings: Settings for upgrading the agentpool

    virtualMachineNodesStatus
    []VirtualMachineNodes
    virtualMachinesProfile
    VirtualMachinesProfile

    VirtualMachinesProfile: Specifications on VirtualMachines agent pool.

    vmSize
    string

    VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions

    vnetSubnetReference
    genruntime.ResourceReference

    VnetSubnetReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /​subscriptions/​{subscriptionId}/​resourceGroups/​{resourceGroupName}/​providers/​Microsoft.Network/​virtualNetworks/​{virtualNetworkName}/​subnets/​{subnetName}

    windowsProfile
    AgentPoolWindowsProfile

    WindowsProfile: The Windows agent pool’s specific profile.

    workloadRuntime
    WorkloadRuntime

    WorkloadRuntime: Determines the type of workload a node can run.

    ManagedClusterAgentPoolProfile_STATUS

    (Appears on:ManagedCluster_STATUS)

    Profile for the container service agent pool.

    Field Description
    artifactStreamingProfile
    AgentPoolArtifactStreamingProfile_STATUS

    ArtifactStreamingProfile: Configuration for using artifact streaming on AKS.

    availabilityZones
    []string

    AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is ‘VirtualMachineScaleSets’.

    capacityReservationGroupID
    string

    CapacityReservationGroupID: AKS will associate the specified agent pool with the Capacity Reservation Group.

    count
    int

    Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.

    creationData
    CreationData_STATUS

    CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.

    currentOrchestratorVersion
    string

    CurrentOrchestratorVersion: If orchestratorVersion was a fully specified version , this field will be exactly equal to it. If orchestratorVersion was , this field will contain the full version being used.

    eTag
    string

    ETag: Unique read-only string used to implement optimistic concurrency. The eTag value will change when the resource is updated. Specify an if-match or if-none-match header with the eTag value for a subsequent request to enable optimistic concurrency per the normal etag convention.

    enableAutoScaling
    bool

    EnableAutoScaling: Whether to enable auto-scaler

    enableCustomCATrust
    bool

    EnableCustomCATrust: When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded certificates into node trust stores. Defaults to false.

    enableEncryptionAtHost
    bool

    EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption

    enableFIPS
    bool

    EnableFIPS: See Add a FIPS-enabled node pool for more details.

    enableNodePublicIP
    bool

    EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see assigning a public IP per node. The default is false.

    enableUltraSSD
    bool

    EnableUltraSSD: Whether to enable UltraSSD

    gatewayProfile
    AgentPoolGatewayProfile_STATUS

    GatewayProfile: Profile specific to a managed agent pool in Gateway mode. This field cannot be set if agent pool mode is not Gateway.

    gpuInstanceProfile
    GPUInstanceProfile_STATUS

    GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.

    gpuProfile
    AgentPoolGPUProfile_STATUS

    GpuProfile: The GPU settings of an agent pool.

    hostGroupID
    string

    HostGroupID: This is of the form: /​subscriptions/​{subscriptionId}/​resourceGroups/​{resourceGroupName}/​providers/​Microsoft.Compute/​hostGroups/​{hostGroupName}. For more information see Azure dedicated hosts.

    kubeletConfig
    KubeletConfig_STATUS

    KubeletConfig: The Kubelet configuration on the agent pool nodes.

    kubeletDiskType
    KubeletDiskType_STATUS

    KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.

    linuxOSConfig
    LinuxOSConfig_STATUS

    LinuxOSConfig: The OS configuration of Linux agent nodes.

    maxCount
    int

    MaxCount: The maximum number of nodes for auto-scaling

    maxPods
    int

    MaxPods: The maximum number of pods that can run on a node.

    messageOfTheDay
    string

    MessageOfTheDay: A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script).

    minCount
    int

    MinCount: The minimum number of nodes for auto-scaling

    mode
    AgentPoolMode_STATUS

    Mode: A cluster must have at least one ‘System’ Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools

    name
    string

    Name: Windows agent pool names must be 6 characters or less.

    networkProfile
    AgentPoolNetworkProfile_STATUS

    NetworkProfile: Network-related settings of an agent pool.

    nodeImageVersion
    string

    NodeImageVersion: The version of node image

    nodeInitializationTaints
    []string

    NodeInitializationTaints: These taints will not be reconciled by AKS and can be removed with a kubectl call. This field can be modified after node pool is created, but nodes will not be recreated with new taints until another operation that requires recreation (e.g. node image upgrade) happens. These taints allow for required configuration to run before the node is ready to accept workloads, for example ‘key1=value1:NoSchedule’ that then can be removed with kubectl taint nodes node1 key1=value1:NoSchedule-

    nodeLabels
    map[string]string

    NodeLabels: The node labels to be persisted across all nodes in agent pool.

    nodePublicIPPrefixID
    string

    NodePublicIPPrefixID: This is of the form: /​subscriptions/​{subscriptionId}/​resourceGroups/​{resourceGroupName}/​providers/​Microsoft.Network/​publicIPPrefixes/​{publicIPPrefixName}

    nodeTaints
    []string

    NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.

    orchestratorVersion
    string

    OrchestratorVersion: Both patch version and are supported. When is specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same once it has been created will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see upgrading a node pool.

    osDiskSizeGB
    int
    osDiskType
    OSDiskType_STATUS

    OsDiskType: The default is ‘Ephemeral’ if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to ‘Managed’. May not be changed after creation. For more information see Ephemeral OS.

    osSKU
    OSSKU_STATUS

    OsSKU: Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is deprecated.

    osType
    OSType_STATUS

    OsType: The operating system type. The default is Linux.

    podIPAllocationMode
    PodIPAllocationMode_STATUS

    PodIPAllocationMode: The IP allocation mode for pods in the agent pool. Must be used with podSubnetId. The default is ‘DynamicIndividual’.

    podSubnetID
    string

    PodSubnetID: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /​subscriptions/​{subscriptionId}/​resourceGroups/​{resourceGroupName}/​providers/​Microsoft.Network/​virtualNetworks/​{virtualNetworkName}/​subnets/​{subnetName}

    powerState
    PowerState_STATUS

    PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded

    provisioningState
    string

    ProvisioningState: The current deployment or provisioning state.

    proximityPlacementGroupID
    string

    ProximityPlacementGroupID: The ID for Proximity Placement Group.

    scaleDownMode
    ScaleDownMode_STATUS

    ScaleDownMode: This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.

    scaleSetEvictionPolicy
    ScaleSetEvictionPolicy_STATUS

    ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is ‘Spot’. If not specified, the default is ‘Delete’.

    scaleSetPriority
    ScaleSetPriority_STATUS

    ScaleSetPriority: The Virtual Machine Scale Set priority. If not specified, the default is ‘Regular’.

    securityProfile
    AgentPoolSecurityProfile_STATUS

    SecurityProfile: The security settings of an agent pool.

    spotMaxPrice
    float64

    SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see spot VMs pricing

    tags
    map[string]string

    Tags: The tags to be persisted on the agent pool virtual machine scale set.

    type
    AgentPoolType_STATUS

    Type: The type of Agent Pool.

    upgradeSettings
    AgentPoolUpgradeSettings_STATUS

    UpgradeSettings: Settings for upgrading the agentpool

    virtualMachineNodesStatus
    []VirtualMachineNodes_STATUS
    virtualMachinesProfile
    VirtualMachinesProfile_STATUS

    VirtualMachinesProfile: Specifications on VirtualMachines agent pool.

    vmSize
    string

    VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions

    vnetSubnetID
    string

    VnetSubnetID: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /​subscriptions/​{subscriptionId}/​resourceGroups/​{resourceGroupName}/​providers/​Microsoft.Network/​virtualNetworks/​{virtualNetworkName}/​subnets/​{subnetName}

    windowsProfile
    AgentPoolWindowsProfile_STATUS

    WindowsProfile: The Windows agent pool’s specific profile.

    workloadRuntime
    WorkloadRuntime_STATUS

    WorkloadRuntime: Determines the type of workload a node can run.

    ManagedClusterAutoUpgradeProfile

    (Appears on:ManagedCluster_Spec)

    Auto upgrade profile for a managed cluster.

    Field Description
    nodeOSUpgradeChannel
    ManagedClusterAutoUpgradeProfile_NodeOSUpgradeChannel

    NodeOSUpgradeChannel: The default is Unmanaged, but may change to either NodeImage or SecurityPatch at GA.

    upgradeChannel
    ManagedClusterAutoUpgradeProfile_UpgradeChannel

    UpgradeChannel: For more information see setting the AKS cluster auto-upgrade channel.

    ManagedClusterAutoUpgradeProfile_NodeOSUpgradeChannel (string alias)

    (Appears on:ManagedClusterAutoUpgradeProfile)

    Value Description

    "NodeImage"

    "None"

    "SecurityPatch"

    "Unmanaged"

    ManagedClusterAutoUpgradeProfile_NodeOSUpgradeChannel_STATUS (string alias)

    (Appears on:ManagedClusterAutoUpgradeProfile_STATUS)

    Value Description

    "NodeImage"

    "None"

    "SecurityPatch"

    "Unmanaged"

    ManagedClusterAutoUpgradeProfile_STATUS

    (Appears on:ManagedCluster_STATUS)

    Auto upgrade profile for a managed cluster.

    Field Description
    nodeOSUpgradeChannel
    ManagedClusterAutoUpgradeProfile_NodeOSUpgradeChannel_STATUS

    NodeOSUpgradeChannel: The default is Unmanaged, but may change to either NodeImage or SecurityPatch at GA.

    upgradeChannel
    ManagedClusterAutoUpgradeProfile_UpgradeChannel_STATUS

    UpgradeChannel: For more information see setting the AKS cluster auto-upgrade channel.

    ManagedClusterAutoUpgradeProfile_UpgradeChannel (string alias)

    (Appears on:ManagedClusterAutoUpgradeProfile)

    Value Description

    "node-image"

    "none"

    "patch"

    "rapid"

    "stable"

    ManagedClusterAutoUpgradeProfile_UpgradeChannel_STATUS (string alias)

    (Appears on:ManagedClusterAutoUpgradeProfile_STATUS)

    Value Description

    "node-image"

    "none"

    "patch"

    "rapid"

    "stable"

    ManagedClusterAzureMonitorProfile

    (Appears on:ManagedCluster_Spec)

    Prometheus addon profile for the container service cluster

    Field Description
    appMonitoring
    ManagedClusterAzureMonitorProfileAppMonitoring

    AppMonitoring: Application Monitoring Profile for Kubernetes Application Container. Collects application logs, metrics and traces through auto-instrumentation of the application using Azure Monitor OpenTelemetry based SDKs. See aka.ms/AzureMonitorApplicationMonitoring for an overview.

    containerInsights
    ManagedClusterAzureMonitorProfileContainerInsights

    ContainerInsights: Azure Monitor Container Insights Profile for Kubernetes Events, Inventory and Container stdout & stderr logs etc. See aka.ms/AzureMonitorContainerInsights for an overview.

    metrics
    ManagedClusterAzureMonitorProfileMetrics

    Metrics: Metrics profile for the prometheus service addon

    ManagedClusterAzureMonitorProfileAppMonitoring

    (Appears on:ManagedClusterAzureMonitorProfile)

    Application Monitoring Profile for Kubernetes Application Container. Collects application logs, metrics and traces through auto-instrumentation of the application using Azure Monitor OpenTelemetry based SDKs. See aka.ms/AzureMonitorApplicationMonitoring for an overview.

    Field Description
    autoInstrumentation
    ManagedClusterAzureMonitorProfileAppMonitoringAutoInstrumentation

    AutoInstrumentation: Application Monitoring Auto Instrumentation for Kubernetes Application Container. Deploys web hook to auto-instrument Azure Monitor OpenTelemetry based SDKs to collect OpenTelemetry metrics, logs and traces of the application. See aka.ms/AzureMonitorApplicationMonitoring for an overview.

    openTelemetryLogs
    ManagedClusterAzureMonitorProfileAppMonitoringOpenTelemetryLogs

    OpenTelemetryLogs: Application Monitoring Open Telemetry Metrics Profile for Kubernetes Application Container Logs and Traces. Collects OpenTelemetry logs and traces of the application using Azure Monitor OpenTelemetry based SDKs. See aka.ms/AzureMonitorApplicationMonitoring for an overview.

    openTelemetryMetrics
    ManagedClusterAzureMonitorProfileAppMonitoringOpenTelemetryMetrics

    OpenTelemetryMetrics: Application Monitoring Open Telemetry Metrics Profile for Kubernetes Application Container Metrics. Collects OpenTelemetry metrics of the application using Azure Monitor OpenTelemetry based SDKs. See aka.ms/AzureMonitorApplicationMonitoring for an overview.

    ManagedClusterAzureMonitorProfileAppMonitoringAutoInstrumentation

    (Appears on:ManagedClusterAzureMonitorProfileAppMonitoring)

    Application Monitoring Auto Instrumentation for Kubernetes Application Container. Deploys web hook to auto-instrument Azure Monitor OpenTelemetry based SDKs to collect OpenTelemetry metrics, logs and traces of the application. See aka.ms/AzureMonitorApplicationMonitoring for an overview.

    Field Description
    enabled
    bool

    Enabled: Indicates if Application Monitoring Auto Instrumentation is enabled or not.

    ManagedClusterAzureMonitorProfileAppMonitoringAutoInstrumentation_STATUS

    (Appears on:ManagedClusterAzureMonitorProfileAppMonitoring_STATUS)

    Application Monitoring Auto Instrumentation for Kubernetes Application Container. Deploys web hook to auto-instrument Azure Monitor OpenTelemetry based SDKs to collect OpenTelemetry metrics, logs and traces of the application. See aka.ms/AzureMonitorApplicationMonitoring for an overview.

    Field Description
    enabled
    bool

    Enabled: Indicates if Application Monitoring Auto Instrumentation is enabled or not.

    ManagedClusterAzureMonitorProfileAppMonitoringOpenTelemetryLogs

    (Appears on:ManagedClusterAzureMonitorProfileAppMonitoring)

    Application Monitoring Open Telemetry Metrics Profile for Kubernetes Application Container Logs and Traces. Collects OpenTelemetry logs and traces of the application using Azure Monitor OpenTelemetry based SDKs. See aka.ms/AzureMonitorApplicationMonitoring for an overview.

    Field Description
    enabled
    bool

    Enabled: Indicates if Application Monitoring Open Telemetry Logs and traces is enabled or not.

    port
    int

    Port: The Open Telemetry host port for Open Telemetry logs and traces. If not specified, the default port is 28331.

    ManagedClusterAzureMonitorProfileAppMonitoringOpenTelemetryLogs_STATUS

    (Appears on:ManagedClusterAzureMonitorProfileAppMonitoring_STATUS)

    Application Monitoring Open Telemetry Metrics Profile for Kubernetes Application Container Logs and Traces. Collects OpenTelemetry logs and traces of the application using Azure Monitor OpenTelemetry based SDKs. See aka.ms/AzureMonitorApplicationMonitoring for an overview.

    Field Description
    enabled
    bool

    Enabled: Indicates if Application Monitoring Open Telemetry Logs and traces is enabled or not.

    port
    int

    Port: The Open Telemetry host port for Open Telemetry logs and traces. If not specified, the default port is 28331.

    ManagedClusterAzureMonitorProfileAppMonitoringOpenTelemetryMetrics

    (Appears on:ManagedClusterAzureMonitorProfileAppMonitoring)

    Application Monitoring Open Telemetry Metrics Profile for Kubernetes Application Container Metrics. Collects OpenTelemetry metrics of the application using Azure Monitor OpenTelemetry based SDKs. See aka.ms/AzureMonitorApplicationMonitoring for an overview.

    Field Description
    enabled
    bool

    Enabled: Indicates if Application Monitoring Open Telemetry Metrics is enabled or not.

    port
    int

    Port: The Open Telemetry host port for Open Telemetry metrics. If not specified, the default port is 28333.

    ManagedClusterAzureMonitorProfileAppMonitoringOpenTelemetryMetrics_STATUS

    (Appears on:ManagedClusterAzureMonitorProfileAppMonitoring_STATUS)

    Application Monitoring Open Telemetry Metrics Profile for Kubernetes Application Container Metrics. Collects OpenTelemetry metrics of the application using Azure Monitor OpenTelemetry based SDKs. See aka.ms/AzureMonitorApplicationMonitoring for an overview.

    Field Description
    enabled
    bool

    Enabled: Indicates if Application Monitoring Open Telemetry Metrics is enabled or not.

    port
    int

    Port: The Open Telemetry host port for Open Telemetry metrics. If not specified, the default port is 28333.

    ManagedClusterAzureMonitorProfileAppMonitoring_STATUS

    (Appears on:ManagedClusterAzureMonitorProfile_STATUS)

    Application Monitoring Profile for Kubernetes Application Container. Collects application logs, metrics and traces through auto-instrumentation of the application using Azure Monitor OpenTelemetry based SDKs. See aka.ms/AzureMonitorApplicationMonitoring for an overview.

    Field Description
    autoInstrumentation
    ManagedClusterAzureMonitorProfileAppMonitoringAutoInstrumentation_STATUS

    AutoInstrumentation: Application Monitoring Auto Instrumentation for Kubernetes Application Container. Deploys web hook to auto-instrument Azure Monitor OpenTelemetry based SDKs to collect OpenTelemetry metrics, logs and traces of the application. See aka.ms/AzureMonitorApplicationMonitoring for an overview.

    openTelemetryLogs
    ManagedClusterAzureMonitorProfileAppMonitoringOpenTelemetryLogs_STATUS

    OpenTelemetryLogs: Application Monitoring Open Telemetry Metrics Profile for Kubernetes Application Container Logs and Traces. Collects OpenTelemetry logs and traces of the application using Azure Monitor OpenTelemetry based SDKs. See aka.ms/AzureMonitorApplicationMonitoring for an overview.

    openTelemetryMetrics
    ManagedClusterAzureMonitorProfileAppMonitoringOpenTelemetryMetrics_STATUS

    OpenTelemetryMetrics: Application Monitoring Open Telemetry Metrics Profile for Kubernetes Application Container Metrics. Collects OpenTelemetry metrics of the application using Azure Monitor OpenTelemetry based SDKs. See aka.ms/AzureMonitorApplicationMonitoring for an overview.

    ManagedClusterAzureMonitorProfileContainerInsights

    (Appears on:ManagedClusterAzureMonitorProfile)

    Azure Monitor Container Insights Profile for Kubernetes Events, Inventory and Container stdout & stderr logs etc. See aka.ms/AzureMonitorContainerInsights for an overview.

    Field Description
    disableCustomMetrics
    bool

    DisableCustomMetrics: Indicates whether custom metrics collection has to be disabled or not. If not specified the default is false. No custom metrics will be emitted if this field is false but the container insights enabled field is false

    disablePrometheusMetricsScraping
    bool

    DisablePrometheusMetricsScraping: Indicates whether prometheus metrics scraping is disabled or not. If not specified the default is false. No prometheus metrics will be emitted if this field is false but the container insights enabled field is false

    enabled
    bool

    Enabled: Indicates if Azure Monitor Container Insights Logs Addon is enabled or not.

    logAnalyticsWorkspaceResourceReference
    genruntime.ResourceReference

    LogAnalyticsWorkspaceResourceReference: Fully Qualified ARM Resource Id of Azure Log Analytics Workspace for storing Azure Monitor Container Insights Logs.

    syslogPort
    int

    SyslogPort: The syslog host port. If not specified, the default port is 28330.

    ManagedClusterAzureMonitorProfileContainerInsights_STATUS

    (Appears on:ManagedClusterAzureMonitorProfile_STATUS)

    Azure Monitor Container Insights Profile for Kubernetes Events, Inventory and Container stdout & stderr logs etc. See aka.ms/AzureMonitorContainerInsights for an overview.

    Field Description
    disableCustomMetrics
    bool

    DisableCustomMetrics: Indicates whether custom metrics collection has to be disabled or not. If not specified the default is false. No custom metrics will be emitted if this field is false but the container insights enabled field is false

    disablePrometheusMetricsScraping
    bool

    DisablePrometheusMetricsScraping: Indicates whether prometheus metrics scraping is disabled or not. If not specified the default is false. No prometheus metrics will be emitted if this field is false but the container insights enabled field is false

    enabled
    bool

    Enabled: Indicates if Azure Monitor Container Insights Logs Addon is enabled or not.

    logAnalyticsWorkspaceResourceId
    string

    LogAnalyticsWorkspaceResourceId: Fully Qualified ARM Resource Id of Azure Log Analytics Workspace for storing Azure Monitor Container Insights Logs.

    syslogPort
    int

    SyslogPort: The syslog host port. If not specified, the default port is 28330.

    ManagedClusterAzureMonitorProfileKubeStateMetrics

    (Appears on:ManagedClusterAzureMonitorProfileMetrics)

    Kube State Metrics for prometheus addon profile for the container service cluster

    Field Description
    metricAnnotationsAllowList
    string

    MetricAnnotationsAllowList: Comma-separated list of additional Kubernetes label keys that will be used in the resource’s labels metric.

    metricLabelsAllowlist
    string

    MetricLabelsAllowlist: Comma-separated list of Kubernetes annotations keys that will be used in the resource’s labels metric.

    ManagedClusterAzureMonitorProfileKubeStateMetrics_STATUS

    (Appears on:ManagedClusterAzureMonitorProfileMetrics_STATUS)

    Kube State Metrics for prometheus addon profile for the container service cluster

    Field Description
    metricAnnotationsAllowList
    string

    MetricAnnotationsAllowList: Comma-separated list of additional Kubernetes label keys that will be used in the resource’s labels metric.

    metricLabelsAllowlist
    string

    MetricLabelsAllowlist: Comma-separated list of Kubernetes annotations keys that will be used in the resource’s labels metric.

    ManagedClusterAzureMonitorProfileMetrics

    (Appears on:ManagedClusterAzureMonitorProfile)

    Metrics profile for the prometheus service addon

    Field Description
    enabled
    bool

    Enabled: Whether to enable the Prometheus collector

    kubeStateMetrics
    ManagedClusterAzureMonitorProfileKubeStateMetrics

    KubeStateMetrics: Kube State Metrics for prometheus addon profile for the container service cluster

    ManagedClusterAzureMonitorProfileMetrics_STATUS

    (Appears on:ManagedClusterAzureMonitorProfile_STATUS)

    Metrics profile for the prometheus service addon

    Field Description
    enabled
    bool

    Enabled: Whether to enable the Prometheus collector

    kubeStateMetrics
    ManagedClusterAzureMonitorProfileKubeStateMetrics_STATUS

    KubeStateMetrics: Kube State Metrics for prometheus addon profile for the container service cluster

    ManagedClusterAzureMonitorProfile_STATUS

    (Appears on:ManagedCluster_STATUS)

    Prometheus addon profile for the container service cluster

    Field Description
    appMonitoring
    ManagedClusterAzureMonitorProfileAppMonitoring_STATUS

    AppMonitoring: Application Monitoring Profile for Kubernetes Application Container. Collects application logs, metrics and traces through auto-instrumentation of the application using Azure Monitor OpenTelemetry based SDKs. See aka.ms/AzureMonitorApplicationMonitoring for an overview.

    containerInsights
    ManagedClusterAzureMonitorProfileContainerInsights_STATUS

    ContainerInsights: Azure Monitor Container Insights Profile for Kubernetes Events, Inventory and Container stdout & stderr logs etc. See aka.ms/AzureMonitorContainerInsights for an overview.

    metrics
    ManagedClusterAzureMonitorProfileMetrics_STATUS

    Metrics: Metrics profile for the prometheus service addon

    ManagedClusterBootstrapProfile

    (Appears on:ManagedCluster_Spec)

    The bootstrap profile.

    Field Description
    artifactSource
    ManagedClusterBootstrapProfile_ArtifactSource

    ArtifactSource: The source where the artifacts are downloaded from.

    containerRegistryReference
    genruntime.ResourceReference

    ContainerRegistryReference: The resource Id of Azure Container Registry. The registry must have private network access, premium SKU and zone redundancy.

    ManagedClusterBootstrapProfile_ArtifactSource (string alias)

    (Appears on:ManagedClusterBootstrapProfile)

    Value Description

    "Cache"

    "Direct"

    ManagedClusterBootstrapProfile_ArtifactSource_STATUS (string alias)

    (Appears on:ManagedClusterBootstrapProfile_STATUS)

    Value Description

    "Cache"

    "Direct"

    ManagedClusterBootstrapProfile_STATUS

    (Appears on:ManagedCluster_STATUS)

    The bootstrap profile.

    Field Description
    artifactSource
    ManagedClusterBootstrapProfile_ArtifactSource_STATUS

    ArtifactSource: The source where the artifacts are downloaded from.

    containerRegistryId
    string

    ContainerRegistryId: The resource Id of Azure Container Registry. The registry must have private network access, premium SKU and zone redundancy.

    ManagedClusterCostAnalysis

    (Appears on:ManagedClusterMetricsProfile)

    The cost analysis configuration for the cluster

    Field Description
    enabled
    bool

    Enabled: The Managed Cluster sku.tier must be set to ‘Standard’ or ‘Premium’ to enable this feature. Enabling this will add Kubernetes Namespace and Deployment details to the Cost Analysis views in the Azure portal. If not specified, the default is false. For more information see aka.ms/aks/docs/cost-analysis.

    ManagedClusterCostAnalysis_STATUS

    (Appears on:ManagedClusterMetricsProfile_STATUS)

    The cost analysis configuration for the cluster

    Field Description
    enabled
    bool

    Enabled: The Managed Cluster sku.tier must be set to ‘Standard’ or ‘Premium’ to enable this feature. Enabling this will add Kubernetes Namespace and Deployment details to the Cost Analysis views in the Azure portal. If not specified, the default is false. For more information see aka.ms/aks/docs/cost-analysis.

    ManagedClusterHTTPProxyConfig

    (Appears on:ManagedCluster_Spec)

    Cluster HTTP proxy configuration.

    Field Description
    httpProxy
    string

    HttpProxy: The HTTP proxy server endpoint to use.

    httpsProxy
    string

    HttpsProxy: The HTTPS proxy server endpoint to use.

    noProxy
    []string

    NoProxy: The endpoints that should not go through proxy.

    trustedCa
    string

    TrustedCa: Alternative CA cert to use for connecting to proxy servers.

    ManagedClusterHTTPProxyConfig_STATUS

    (Appears on:ManagedCluster_STATUS)

    Cluster HTTP proxy configuration.

    Field Description
    effectiveNoProxy
    []string

    EffectiveNoProxy: A read-only list of all endpoints for which traffic should not be sent to the proxy. This list is a superset of noProxy and values injected by AKS.

    httpProxy
    string

    HttpProxy: The HTTP proxy server endpoint to use.

    httpsProxy
    string

    HttpsProxy: The HTTPS proxy server endpoint to use.

    noProxy
    []string

    NoProxy: The endpoints that should not go through proxy.

    trustedCa
    string

    TrustedCa: Alternative CA cert to use for connecting to proxy servers.

    ManagedClusterIdentity

    (Appears on:ManagedCluster_Spec)

    Identity for the managed cluster.

    Field Description
    delegatedResources
    map[string]./api/containerservice/v1api20240402preview.DelegatedResource

    DelegatedResources: The delegated identity resources assigned to this managed cluster. This can only be set by another Azure Resource Provider, and managed cluster only accept one delegated identity resource. Internal use only.

    type
    ManagedClusterIdentity_Type

    Type: For more information see use managed identities in AKS.

    userAssignedIdentities
    []UserAssignedIdentityDetails

    UserAssignedIdentities: The keys must be ARM resource IDs in the form: ‘/​subscriptions/​{subscriptionId}/​resourceGroups/​{resourceGroupName}/​providers/​Microsoft.ManagedIdentity/​userAssignedIdentities/​{identityName}’.

    ManagedClusterIdentity_STATUS

    (Appears on:ManagedCluster_STATUS)

    Identity for the managed cluster.

    Field Description
    delegatedResources
    map[string]./api/containerservice/v1api20240402preview.DelegatedResource_STATUS

    DelegatedResources: The delegated identity resources assigned to this managed cluster. This can only be set by another Azure Resource Provider, and managed cluster only accept one delegated identity resource. Internal use only.

    principalId
    string

    PrincipalId: The principal id of the system assigned identity which is used by master components.

    tenantId
    string

    TenantId: The tenant id of the system assigned identity which is used by master components.

    type
    ManagedClusterIdentity_Type_STATUS

    Type: For more information see use managed identities in AKS.

    userAssignedIdentities
    map[string]./api/containerservice/v1api20240402preview.ManagedClusterIdentity_UserAssignedIdentities_STATUS

    UserAssignedIdentities: The keys must be ARM resource IDs in the form: ‘/​subscriptions/​{subscriptionId}/​resourceGroups/​{resourceGroupName}/​providers/​Microsoft.ManagedIdentity/​userAssignedIdentities/​{identityName}’.

    ManagedClusterIdentity_Type (string alias)

    (Appears on:ManagedClusterIdentity)

    Value Description

    "None"

    "SystemAssigned"

    "UserAssigned"

    ManagedClusterIdentity_Type_STATUS (string alias)

    (Appears on:ManagedClusterIdentity_STATUS)

    Value Description

    "None"

    "SystemAssigned"

    "UserAssigned"

    ManagedClusterIdentity_UserAssignedIdentities_STATUS

    (Appears on:ManagedClusterIdentity_STATUS)

    Field Description
    clientId
    string

    ClientId: The client id of user assigned identity.

    principalId
    string

    PrincipalId: The principal id of user assigned identity.

    ManagedClusterIngressProfile

    (Appears on:ManagedCluster_Spec)

    Ingress profile for the container service cluster.

    Field Description
    webAppRouting
    ManagedClusterIngressProfileWebAppRouting

    WebAppRouting: Web App Routing settings for the ingress profile.

    ManagedClusterIngressProfileWebAppRouting

    (Appears on:ManagedClusterIngressProfile)

    Web App Routing settings for the ingress profile.

    Field Description
    dnsZoneResourceReferences
    []genruntime.ResourceReference

    DnsZoneResourceReferences: Resource IDs of the DNS zones to be associated with the Web App Routing add-on. Used only when Web App Routing is enabled. Public and private DNS zones can be in different resource groups, but all public DNS zones must be in the same resource group and all private DNS zones must be in the same resource group.

    enabled
    bool

    Enabled: Whether to enable Web App Routing.

    ManagedClusterIngressProfileWebAppRouting_STATUS

    (Appears on:ManagedClusterIngressProfile_STATUS)

    Web App Routing settings for the ingress profile.

    Field Description
    dnsZoneResourceIds
    []string

    DnsZoneResourceIds: Resource IDs of the DNS zones to be associated with the Web App Routing add-on. Used only when Web App Routing is enabled. Public and private DNS zones can be in different resource groups, but all public DNS zones must be in the same resource group and all private DNS zones must be in the same resource group.

    enabled
    bool

    Enabled: Whether to enable Web App Routing.

    identity
    UserAssignedIdentity_STATUS

    Identity: Managed identity of the Web Application Routing add-on. This is the identity that should be granted permissions, for example, to manage the associated Azure DNS resource and get certificates from Azure Key Vault. See this overview of the add-on for more instructions.

    ManagedClusterIngressProfile_STATUS

    (Appears on:ManagedCluster_STATUS)

    Ingress profile for the container service cluster.

    Field Description
    webAppRouting
    ManagedClusterIngressProfileWebAppRouting_STATUS

    WebAppRouting: Web App Routing settings for the ingress profile.

    ManagedClusterLoadBalancerProfile

    (Appears on:ContainerServiceNetworkProfile)

    Profile of the managed cluster load balancer.

    Field Description
    allocatedOutboundPorts
    int

    AllocatedOutboundPorts: The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.

    backendPoolType
    ManagedClusterLoadBalancerProfile_BackendPoolType

    BackendPoolType: The type of the managed inbound Load Balancer BackendPool.

    clusterServiceLoadBalancerHealthProbeMode
    ManagedClusterLoadBalancerProfile_ClusterServiceLoadBalancerHealthProbeMode

    ClusterServiceLoadBalancerHealthProbeMode: The health probing behavior for External Traffic Policy Cluster services.

    effectiveOutboundIPs
    []ResourceReference

    EffectiveOutboundIPs: The effective outbound IP resources of the cluster load balancer.

    enableMultipleStandardLoadBalancers
    bool

    EnableMultipleStandardLoadBalancers: Enable multiple standard load balancers per AKS cluster or not.

    idleTimeoutInMinutes
    int

    IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 30 minutes.

    managedOutboundIPs
    ManagedClusterLoadBalancerProfile_ManagedOutboundIPs

    ManagedOutboundIPs: Desired managed outbound IPs for the cluster load balancer.

    outboundIPPrefixes
    ManagedClusterLoadBalancerProfile_OutboundIPPrefixes

    OutboundIPPrefixes: Desired outbound IP Prefix resources for the cluster load balancer.

    outboundIPs
    ManagedClusterLoadBalancerProfile_OutboundIPs

    OutboundIPs: Desired outbound IP resources for the cluster load balancer.

    ManagedClusterLoadBalancerProfile_BackendPoolType (string alias)

    (Appears on:ManagedClusterLoadBalancerProfile)

    Value Description

    "NodeIP"

    "NodeIPConfiguration"

    ManagedClusterLoadBalancerProfile_BackendPoolType_STATUS (string alias)

    (Appears on:ManagedClusterLoadBalancerProfile_STATUS)

    Value Description

    "NodeIP"

    "NodeIPConfiguration"

    ManagedClusterLoadBalancerProfile_ClusterServiceLoadBalancerHealthProbeMode (string alias)

    (Appears on:ManagedClusterLoadBalancerProfile)

    Value Description

    "ServiceNodePort"

    "Shared"

    ManagedClusterLoadBalancerProfile_ClusterServiceLoadBalancerHealthProbeMode_STATUS (string alias)

    (Appears on:ManagedClusterLoadBalancerProfile_STATUS)

    Value Description

    "ServiceNodePort"

    "Shared"

    ManagedClusterLoadBalancerProfile_ManagedOutboundIPs

    (Appears on:ManagedClusterLoadBalancerProfile)

    Field Description
    count
    int

    Count: The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1.

    countIPv6
    int

    CountIPv6: The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack.

    ManagedClusterLoadBalancerProfile_ManagedOutboundIPs_STATUS

    (Appears on:ManagedClusterLoadBalancerProfile_STATUS)

    Field Description
    count
    int

    Count: The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1.

    countIPv6
    int

    CountIPv6: The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack.

    ManagedClusterLoadBalancerProfile_OutboundIPPrefixes

    (Appears on:ManagedClusterLoadBalancerProfile)

    Field Description
    publicIPPrefixes
    []ResourceReference

    PublicIPPrefixes: A list of public IP prefix resources.

    ManagedClusterLoadBalancerProfile_OutboundIPPrefixes_STATUS

    (Appears on:ManagedClusterLoadBalancerProfile_STATUS)

    Field Description
    publicIPPrefixes
    []ResourceReference_STATUS

    PublicIPPrefixes: A list of public IP prefix resources.

    ManagedClusterLoadBalancerProfile_OutboundIPs

    (Appears on:ManagedClusterLoadBalancerProfile)

    Field Description
    publicIPs
    []ResourceReference

    PublicIPs: A list of public IP resources.

    ManagedClusterLoadBalancerProfile_OutboundIPs_STATUS

    (Appears on:ManagedClusterLoadBalancerProfile_STATUS)

    Field Description
    publicIPs
    []ResourceReference_STATUS

    PublicIPs: A list of public IP resources.

    ManagedClusterLoadBalancerProfile_STATUS

    (Appears on:ContainerServiceNetworkProfile_STATUS)

    Profile of the managed cluster load balancer.

    Field Description
    allocatedOutboundPorts
    int

    AllocatedOutboundPorts: The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.

    backendPoolType
    ManagedClusterLoadBalancerProfile_BackendPoolType_STATUS

    BackendPoolType: The type of the managed inbound Load Balancer BackendPool.

    clusterServiceLoadBalancerHealthProbeMode
    ManagedClusterLoadBalancerProfile_ClusterServiceLoadBalancerHealthProbeMode_STATUS

    ClusterServiceLoadBalancerHealthProbeMode: The health probing behavior for External Traffic Policy Cluster services.

    effectiveOutboundIPs
    []ResourceReference_STATUS

    EffectiveOutboundIPs: The effective outbound IP resources of the cluster load balancer.

    enableMultipleStandardLoadBalancers
    bool

    EnableMultipleStandardLoadBalancers: Enable multiple standard load balancers per AKS cluster or not.

    idleTimeoutInMinutes
    int

    IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 30 minutes.

    managedOutboundIPs
    ManagedClusterLoadBalancerProfile_ManagedOutboundIPs_STATUS

    ManagedOutboundIPs: Desired managed outbound IPs for the cluster load balancer.

    outboundIPPrefixes
    ManagedClusterLoadBalancerProfile_OutboundIPPrefixes_STATUS

    OutboundIPPrefixes: Desired outbound IP Prefix resources for the cluster load balancer.

    outboundIPs
    ManagedClusterLoadBalancerProfile_OutboundIPs_STATUS

    OutboundIPs: Desired outbound IP resources for the cluster load balancer.

    ManagedClusterManagedOutboundIPProfile

    (Appears on:ManagedClusterNATGatewayProfile)

    Profile of the managed outbound IP resources of the managed cluster.

    Field Description
    count
    int

    Count: The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 (inclusive). The default value is 1.

    ManagedClusterManagedOutboundIPProfile_STATUS

    (Appears on:ManagedClusterNATGatewayProfile_STATUS)

    Profile of the managed outbound IP resources of the managed cluster.

    Field Description
    count
    int

    Count: The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 (inclusive). The default value is 1.

    ManagedClusterMetricsProfile

    (Appears on:ManagedCluster_Spec)

    The metrics profile for the ManagedCluster.

    Field Description
    costAnalysis
    ManagedClusterCostAnalysis

    CostAnalysis: The cost analysis configuration for the cluster

    ManagedClusterMetricsProfile_STATUS

    (Appears on:ManagedCluster_STATUS)

    The metrics profile for the ManagedCluster.

    Field Description
    costAnalysis
    ManagedClusterCostAnalysis_STATUS

    CostAnalysis: The cost analysis configuration for the cluster

    ManagedClusterNATGatewayProfile

    (Appears on:ContainerServiceNetworkProfile)

    Profile of the managed cluster NAT gateway.

    Field Description
    effectiveOutboundIPs
    []ResourceReference

    EffectiveOutboundIPs: The effective outbound IP resources of the cluster NAT gateway.

    idleTimeoutInMinutes
    int

    IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 4 minutes.

    managedOutboundIPProfile
    ManagedClusterManagedOutboundIPProfile

    ManagedOutboundIPProfile: Profile of the managed outbound IP resources of the cluster NAT gateway.

    ManagedClusterNATGatewayProfile_STATUS

    (Appears on:ContainerServiceNetworkProfile_STATUS)

    Profile of the managed cluster NAT gateway.

    Field Description
    effectiveOutboundIPs
    []ResourceReference_STATUS

    EffectiveOutboundIPs: The effective outbound IP resources of the cluster NAT gateway.

    idleTimeoutInMinutes
    int

    IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 4 minutes.

    managedOutboundIPProfile
    ManagedClusterManagedOutboundIPProfile_STATUS

    ManagedOutboundIPProfile: Profile of the managed outbound IP resources of the cluster NAT gateway.

    ManagedClusterNodeProvisioningProfile

    (Appears on:ManagedCluster_Spec)

    Field Description
    mode
    ManagedClusterNodeProvisioningProfile_Mode

    Mode: Once the mode it set to Auto, it cannot be changed back to Manual.

    ManagedClusterNodeProvisioningProfile_Mode (string alias)

    (Appears on:ManagedClusterNodeProvisioningProfile)

    Value Description

    "Auto"

    "Manual"

    ManagedClusterNodeProvisioningProfile_Mode_STATUS (string alias)

    (Appears on:ManagedClusterNodeProvisioningProfile_STATUS)

    Value Description

    "Auto"

    "Manual"

    ManagedClusterNodeProvisioningProfile_STATUS

    (Appears on:ManagedCluster_STATUS)

    Field Description
    mode
    ManagedClusterNodeProvisioningProfile_Mode_STATUS

    Mode: Once the mode it set to Auto, it cannot be changed back to Manual.

    ManagedClusterNodeResourceGroupProfile

    (Appears on:ManagedCluster_Spec)

    Node resource group lockdown profile for a managed cluster.

    Field Description
    restrictionLevel
    ManagedClusterNodeResourceGroupProfile_RestrictionLevel

    RestrictionLevel: The restriction level applied to the cluster’s node resource group

    ManagedClusterNodeResourceGroupProfile_RestrictionLevel (string alias)

    (Appears on:ManagedClusterNodeResourceGroupProfile)

    Value Description

    "ReadOnly"

    "Unrestricted"

    ManagedClusterNodeResourceGroupProfile_RestrictionLevel_STATUS (string alias)

    (Appears on:ManagedClusterNodeResourceGroupProfile_STATUS)

    Value Description

    "ReadOnly"

    "Unrestricted"

    ManagedClusterNodeResourceGroupProfile_STATUS

    (Appears on:ManagedCluster_STATUS)

    Node resource group lockdown profile for a managed cluster.

    Field Description
    restrictionLevel
    ManagedClusterNodeResourceGroupProfile_RestrictionLevel_STATUS

    RestrictionLevel: The restriction level applied to the cluster’s node resource group

    ManagedClusterOIDCIssuerProfile

    (Appears on:ManagedCluster_Spec)

    The OIDC issuer profile of the Managed Cluster.

    Field Description
    enabled
    bool

    Enabled: Whether the OIDC issuer is enabled.

    ManagedClusterOIDCIssuerProfile_STATUS

    (Appears on:ManagedCluster_STATUS)

    The OIDC issuer profile of the Managed Cluster.

    Field Description
    enabled
    bool

    Enabled: Whether the OIDC issuer is enabled.

    issuerURL
    string

    IssuerURL: The OIDC issuer url of the Managed Cluster.

    ManagedClusterOperatorConfigMaps

    (Appears on:ManagedClusterOperatorSpec)

    Field Description
    oidcIssuerProfile
    genruntime.ConfigMapDestination

    OIDCIssuerProfile: indicates where the OIDCIssuerProfile config map should be placed. If omitted, no config map will be created.

    ManagedClusterOperatorSecrets

    (Appears on:ManagedClusterOperatorSpec)

    Field Description
    adminCredentials
    genruntime.SecretDestination

    AdminCredentials: indicates where the AdminCredentials secret should be placed. If omitted, the secret will not be retrieved from Azure.

    userCredentials
    genruntime.SecretDestination

    UserCredentials: indicates where the UserCredentials secret should be placed. If omitted, the secret will not be retrieved from Azure.

    ManagedClusterOperatorSpec

    (Appears on:ManagedCluster_Spec)

    Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure

    Field Description
    configMapExpressions
    []genruntime/core.DestinationExpression

    ConfigMapExpressions: configures where to place operator written dynamic ConfigMaps (created with CEL expressions).

    configMaps
    ManagedClusterOperatorConfigMaps

    ConfigMaps: configures where to place operator written ConfigMaps.

    secretExpressions
    []genruntime/core.DestinationExpression

    SecretExpressions: configures where to place operator written dynamic secrets (created with CEL expressions).

    secrets
    ManagedClusterOperatorSecrets

    Secrets: configures where to place Azure generated secrets.

    ManagedClusterPodIdentity

    (Appears on:ManagedClusterPodIdentityProfile)

    Details about the pod identity assigned to the Managed Cluster.

    Field Description
    bindingSelector
    string

    BindingSelector: The binding selector to use for the AzureIdentityBinding resource.

    identity
    UserAssignedIdentity

    Identity: The user assigned identity details.

    name
    string

    Name: The name of the pod identity.

    namespace
    string

    Namespace: The namespace of the pod identity.

    ManagedClusterPodIdentityException

    (Appears on:ManagedClusterPodIdentityProfile)

    Field Description
    name
    string

    Name: The name of the pod identity exception.

    namespace
    string

    Namespace: The namespace of the pod identity exception.

    podLabels
    map[string]string

    PodLabels: The pod labels to match.

    ManagedClusterPodIdentityException_STATUS

    (Appears on:ManagedClusterPodIdentityProfile_STATUS)

    Field Description
    name
    string

    Name: The name of the pod identity exception.

    namespace
    string

    Namespace: The namespace of the pod identity exception.

    podLabels
    map[string]string

    PodLabels: The pod labels to match.

    ManagedClusterPodIdentityProfile

    (Appears on:ManagedCluster_Spec)

    See use AAD pod identity for more details on pod identity integration.

    Field Description
    allowNetworkPluginKubenet
    bool

    AllowNetworkPluginKubenet: Running in Kubenet is disabled by default due to the security related nature of AAD Pod Identity and the risks of IP spoofing. See using Kubenet network plugin with AAD Pod Identity for more information.

    enabled
    bool

    Enabled: Whether the pod identity addon is enabled.

    userAssignedIdentities
    []ManagedClusterPodIdentity

    UserAssignedIdentities: The pod identities to use in the cluster.

    userAssignedIdentityExceptions
    []ManagedClusterPodIdentityException

    UserAssignedIdentityExceptions: The pod identity exceptions to allow.

    ManagedClusterPodIdentityProfile_STATUS

    (Appears on:ManagedCluster_STATUS)

    See use AAD pod identity for more details on pod identity integration.

    Field Description
    allowNetworkPluginKubenet
    bool

    AllowNetworkPluginKubenet: Running in Kubenet is disabled by default due to the security related nature of AAD Pod Identity and the risks of IP spoofing. See using Kubenet network plugin with AAD Pod Identity for more information.

    enabled
    bool

    Enabled: Whether the pod identity addon is enabled.

    userAssignedIdentities
    []ManagedClusterPodIdentity_STATUS

    UserAssignedIdentities: The pod identities to use in the cluster.

    userAssignedIdentityExceptions
    []ManagedClusterPodIdentityException_STATUS

    UserAssignedIdentityExceptions: The pod identity exceptions to allow.

    ManagedClusterPodIdentityProvisioningErrorBody_STATUS

    (Appears on:ManagedClusterPodIdentityProvisioningError_STATUS)

    An error response from the pod identity provisioning.

    Field Description
    code
    string

    Code: An identifier for the error. Codes are invariant and are intended to be consumed programmatically.

    details
    []ManagedClusterPodIdentityProvisioningErrorBody_STATUS_Unrolled

    Details: A list of additional details about the error.

    message
    string

    Message: A message describing the error, intended to be suitable for display in a user interface.

    target
    string

    Target: The target of the particular error. For example, the name of the property in error.

    ManagedClusterPodIdentityProvisioningErrorBody_STATUS_Unrolled

    (Appears on:ManagedClusterPodIdentityProvisioningErrorBody_STATUS)

    Field Description
    code
    string

    Code: An identifier for the error. Codes are invariant and are intended to be consumed programmatically.

    message
    string

    Message: A message describing the error, intended to be suitable for display in a user interface.

    target
    string

    Target: The target of the particular error. For example, the name of the property in error.

    ManagedClusterPodIdentityProvisioningError_STATUS

    (Appears on:ManagedClusterPodIdentity_ProvisioningInfo_STATUS)

    An error response from the pod identity provisioning.

    Field Description
    error
    ManagedClusterPodIdentityProvisioningErrorBody_STATUS

    Error: Details about the error.

    ManagedClusterPodIdentity_ProvisioningInfo_STATUS

    (Appears on:ManagedClusterPodIdentity_STATUS)

    Field Description
    error
    ManagedClusterPodIdentityProvisioningError_STATUS

    Error: Pod identity assignment error (if any).

    ManagedClusterPodIdentity_ProvisioningState_STATUS (string alias)

    (Appears on:ManagedClusterPodIdentity_STATUS)

    Value Description

    "Assigned"

    "Canceled"

    "Deleting"

    "Failed"

    "Succeeded"

    "Updating"

    ManagedClusterPodIdentity_STATUS

    (Appears on:ManagedClusterPodIdentityProfile_STATUS)

    Details about the pod identity assigned to the Managed Cluster.

    Field Description
    bindingSelector
    string

    BindingSelector: The binding selector to use for the AzureIdentityBinding resource.

    identity
    UserAssignedIdentity_STATUS

    Identity: The user assigned identity details.

    name
    string

    Name: The name of the pod identity.

    namespace
    string

    Namespace: The namespace of the pod identity.

    provisioningInfo
    ManagedClusterPodIdentity_ProvisioningInfo_STATUS
    provisioningState
    ManagedClusterPodIdentity_ProvisioningState_STATUS

    ProvisioningState: The current provisioning state of the pod identity.

    ManagedClusterProperties_AutoScalerProfile

    (Appears on:ManagedCluster_Spec)

    Field Description
    balance-similar-node-groups
    string

    BalanceSimilarNodeGroups: Valid values are ‘true’ and ‘false’

    daemonset-eviction-for-empty-nodes
    bool

    DaemonsetEvictionForEmptyNodes: If set to true, all daemonset pods on empty nodes will be evicted before deletion of the node. If the daemonset pod cannot be evicted another node will be chosen for scaling. If set to false, the node will be deleted without ensuring that daemonset pods are deleted or evicted.

    daemonset-eviction-for-occupied-nodes
    bool

    DaemonsetEvictionForOccupiedNodes: If set to true, all daemonset pods on occupied nodes will be evicted before deletion of the node. If the daemonset pod cannot be evicted another node will be chosen for scaling. If set to false, the node will be deleted without ensuring that daemonset pods are deleted or evicted.

    expander
    Expander

    Expander: Available values are: ‘least-waste’, ‘most-pods’, ‘priority’, ‘random’.

    ignore-daemonsets-utilization
    bool

    IgnoreDaemonsetsUtilization: If set to true, the resources used by daemonset will be taken into account when making scaling down decisions.

    max-empty-bulk-delete
    string

    MaxEmptyBulkDelete: The default is 10.

    max-graceful-termination-sec
    string

    MaxGracefulTerminationSec: The default is 600.

    max-node-provision-time
    string

    MaxNodeProvisionTime: The default is ‘15m’. Values must be an integer followed by an ’m’. No unit of time other than minutes (m) is supported.

    max-total-unready-percentage
    string

    MaxTotalUnreadyPercentage: The default is 45. The maximum is 100 and the minimum is 0.

    new-pod-scale-up-delay
    string

    NewPodScaleUpDelay: For scenarios like burst/batch scale where you don’t want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they’re a certain age. The default is ‘0s’. Values must be an integer followed by a unit (’s’ for seconds, ’m’ for minutes, ‘h’ for hours, etc).

    ok-total-unready-count
    string

    OkTotalUnreadyCount: This must be an integer. The default is 3.

    scale-down-delay-after-add
    string

    ScaleDownDelayAfterAdd: The default is ‘10m’. Values must be an integer followed by an ’m’. No unit of time other than minutes (m) is supported.

    scale-down-delay-after-delete
    string

    ScaleDownDelayAfterDelete: The default is the scan-interval. Values must be an integer followed by an ’m’. No unit of time other than minutes (m) is supported.

    scale-down-delay-after-failure
    string

    ScaleDownDelayAfterFailure: The default is ‘3m’. Values must be an integer followed by an ’m’. No unit of time other than minutes (m) is supported.

    scale-down-unneeded-time
    string

    ScaleDownUnneededTime: The default is ‘10m’. Values must be an integer followed by an ’m’. No unit of time other than minutes (m) is supported.

    scale-down-unready-time
    string

    ScaleDownUnreadyTime: The default is ‘20m’. Values must be an integer followed by an ’m’. No unit of time other than minutes (m) is supported.

    scale-down-utilization-threshold
    string

    ScaleDownUtilizationThreshold: The default is ‘0.5’.

    scan-interval
    string

    ScanInterval: The default is ‘10’. Values must be an integer number of seconds.

    skip-nodes-with-local-storage
    string

    SkipNodesWithLocalStorage: The default is true.

    skip-nodes-with-system-pods
    string

    SkipNodesWithSystemPods: The default is true.

    ManagedClusterProperties_AutoScalerProfile_STATUS

    (Appears on:ManagedCluster_STATUS)

    Field Description
    balance-similar-node-groups
    string

    BalanceSimilarNodeGroups: Valid values are ‘true’ and ‘false’

    daemonset-eviction-for-empty-nodes
    bool

    DaemonsetEvictionForEmptyNodes: If set to true, all daemonset pods on empty nodes will be evicted before deletion of the node. If the daemonset pod cannot be evicted another node will be chosen for scaling. If set to false, the node will be deleted without ensuring that daemonset pods are deleted or evicted.

    daemonset-eviction-for-occupied-nodes
    bool

    DaemonsetEvictionForOccupiedNodes: If set to true, all daemonset pods on occupied nodes will be evicted before deletion of the node. If the daemonset pod cannot be evicted another node will be chosen for scaling. If set to false, the node will be deleted without ensuring that daemonset pods are deleted or evicted.

    expander
    Expander_STATUS

    Expander: Available values are: ‘least-waste’, ‘most-pods’, ‘priority’, ‘random’.

    ignore-daemonsets-utilization
    bool

    IgnoreDaemonsetsUtilization: If set to true, the resources used by daemonset will be taken into account when making scaling down decisions.

    max-empty-bulk-delete
    string

    MaxEmptyBulkDelete: The default is 10.

    max-graceful-termination-sec
    string

    MaxGracefulTerminationSec: The default is 600.

    max-node-provision-time
    string

    MaxNodeProvisionTime: The default is ‘15m’. Values must be an integer followed by an ’m’. No unit of time other than minutes (m) is supported.

    max-total-unready-percentage
    string

    MaxTotalUnreadyPercentage: The default is 45. The maximum is 100 and the minimum is 0.

    new-pod-scale-up-delay
    string

    NewPodScaleUpDelay: For scenarios like burst/batch scale where you don’t want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they’re a certain age. The default is ‘0s’. Values must be an integer followed by a unit (’s’ for seconds, ’m’ for minutes, ‘h’ for hours, etc).

    ok-total-unready-count
    string

    OkTotalUnreadyCount: This must be an integer. The default is 3.

    scale-down-delay-after-add
    string

    ScaleDownDelayAfterAdd: The default is ‘10m’. Values must be an integer followed by an ’m’. No unit of time other than minutes (m) is supported.

    scale-down-delay-after-delete
    string

    ScaleDownDelayAfterDelete: The default is the scan-interval. Values must be an integer followed by an ’m’. No unit of time other than minutes (m) is supported.

    scale-down-delay-after-failure
    string

    ScaleDownDelayAfterFailure: The default is ‘3m’. Values must be an integer followed by an ’m’. No unit of time other than minutes (m) is supported.

    scale-down-unneeded-time
    string

    ScaleDownUnneededTime: The default is ‘10m’. Values must be an integer followed by an ’m’. No unit of time other than minutes (m) is supported.

    scale-down-unready-time
    string

    ScaleDownUnreadyTime: The default is ‘20m’. Values must be an integer followed by an ’m’. No unit of time other than minutes (m) is supported.

    scale-down-utilization-threshold
    string

    ScaleDownUtilizationThreshold: The default is ‘0.5’.

    scan-interval
    string

    ScanInterval: The default is ‘10’. Values must be an integer number of seconds.

    skip-nodes-with-local-storage
    string

    SkipNodesWithLocalStorage: The default is true.

    skip-nodes-with-system-pods
    string

    SkipNodesWithSystemPods: The default is true.

    ManagedClusterProperties_PublicNetworkAccess (string alias)

    (Appears on:ManagedCluster_Spec)

    Value Description

    "Disabled"

    "Enabled"

    "SecuredByPerimeter"

    ManagedClusterProperties_PublicNetworkAccess_STATUS (string alias)

    (Appears on:ManagedCluster_STATUS)

    Value Description

    "Disabled"

    "Enabled"

    "SecuredByPerimeter"

    ManagedClusterSKU

    (Appears on:ManagedCluster_Spec)

    The SKU of a Managed Cluster.

    Field Description
    name
    ManagedClusterSKU_Name

    Name: The name of a managed cluster SKU.

    tier
    ManagedClusterSKU_Tier

    Tier: If not specified, the default is ‘Free’. See AKS Pricing Tier for more details.

    ManagedClusterSKU_Name (string alias)

    (Appears on:ManagedClusterSKU)

    Value Description

    "Automatic"

    "Base"

    ManagedClusterSKU_Name_STATUS (string alias)

    (Appears on:ManagedClusterSKU_STATUS)

    Value Description

    "Automatic"

    "Base"

    ManagedClusterSKU_STATUS

    (Appears on:ManagedCluster_STATUS)

    The SKU of a Managed Cluster.

    Field Description
    name
    ManagedClusterSKU_Name_STATUS

    Name: The name of a managed cluster SKU.

    tier
    ManagedClusterSKU_Tier_STATUS

    Tier: If not specified, the default is ‘Free’. See AKS Pricing Tier for more details.

    ManagedClusterSKU_Tier (string alias)

    (Appears on:ManagedClusterSKU)

    Value Description

    "Free"

    "Premium"

    "Standard"

    ManagedClusterSKU_Tier_STATUS (string alias)

    (Appears on:ManagedClusterSKU_STATUS)

    Value Description

    "Free"

    "Premium"

    "Standard"

    ManagedClusterSecurityProfile

    (Appears on:ManagedCluster_Spec)

    Security profile for the container service cluster.

    Field Description
    azureKeyVaultKms
    AzureKeyVaultKms

    AzureKeyVaultKms: Azure Key Vault key management service settings for the security profile.

    customCATrustCertificates
    ManagedClusterSecurityProfileCustomCATrustCertificates

    CustomCATrustCertificates: A list of up to 10 base64 encoded CAs that will be added to the trust store on nodes with the Custom CA Trust feature enabled. For more information see Custom CA Trust Certificates

    defender
    ManagedClusterSecurityProfileDefender

    Defender: Microsoft Defender settings for the security profile.

    imageCleaner
    ManagedClusterSecurityProfileImageCleaner

    ImageCleaner: Image Cleaner settings for the security profile.

    imageIntegrity
    ManagedClusterSecurityProfileImageIntegrity

    ImageIntegrity: Image integrity is a feature that works with Azure Policy to verify image integrity by signature. This will not have any effect unless Azure Policy is applied to enforce image signatures. See https://aka.ms/aks/image-integrity for how to use this feature via policy.

    nodeRestriction
    ManagedClusterSecurityProfileNodeRestriction

    NodeRestriction: Node Restriction settings for the security profile.

    workloadIdentity
    ManagedClusterSecurityProfileWorkloadIdentity

    WorkloadIdentity: Workload identity settings for the security profile. Workload identity enables Kubernetes applications to access Azure cloud resources securely with Azure AD. See https://aka.ms/aks/wi for more details.

    ManagedClusterSecurityProfileCustomCATrustCertificates ([]string alias)

    (Appears on:ManagedClusterSecurityProfile)

    ManagedClusterSecurityProfileDefender

    (Appears on:ManagedClusterSecurityProfile)

    Microsoft Defender settings for the security profile.

    Field Description
    logAnalyticsWorkspaceResourceReference
    genruntime.ResourceReference

    LogAnalyticsWorkspaceResourceReference: Resource ID of the Log Analytics workspace to be associated with Microsoft Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When Microsoft Defender is disabled, leave the field empty.

    securityMonitoring
    ManagedClusterSecurityProfileDefenderSecurityMonitoring

    SecurityMonitoring: Microsoft Defender threat detection for Cloud settings for the security profile.

    ManagedClusterSecurityProfileDefenderSecurityMonitoring

    (Appears on:ManagedClusterSecurityProfileDefender)

    Microsoft Defender settings for the security profile threat detection.

    Field Description
    enabled
    bool

    Enabled: Whether to enable Defender threat detection

    ManagedClusterSecurityProfileDefenderSecurityMonitoring_STATUS

    (Appears on:ManagedClusterSecurityProfileDefender_STATUS)

    Microsoft Defender settings for the security profile threat detection.

    Field Description
    enabled
    bool

    Enabled: Whether to enable Defender threat detection

    ManagedClusterSecurityProfileDefender_STATUS

    (Appears on:ManagedClusterSecurityProfile_STATUS)

    Microsoft Defender settings for the security profile.

    Field Description
    logAnalyticsWorkspaceResourceId
    string

    LogAnalyticsWorkspaceResourceId: Resource ID of the Log Analytics workspace to be associated with Microsoft Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When Microsoft Defender is disabled, leave the field empty.

    securityMonitoring
    ManagedClusterSecurityProfileDefenderSecurityMonitoring_STATUS

    SecurityMonitoring: Microsoft Defender threat detection for Cloud settings for the security profile.

    ManagedClusterSecurityProfileImageCleaner

    (Appears on:ManagedClusterSecurityProfile)

    Image Cleaner removes unused images from nodes, freeing up disk space and helping to reduce attack surface area. Here are settings for the security profile.

    Field Description
    enabled
    bool

    Enabled: Whether to enable Image Cleaner on AKS cluster.

    intervalHours
    int

    IntervalHours: Image Cleaner scanning interval in hours.

    ManagedClusterSecurityProfileImageCleaner_STATUS

    (Appears on:ManagedClusterSecurityProfile_STATUS)

    Image Cleaner removes unused images from nodes, freeing up disk space and helping to reduce attack surface area. Here are settings for the security profile.

    Field Description
    enabled
    bool

    Enabled: Whether to enable Image Cleaner on AKS cluster.

    intervalHours
    int

    IntervalHours: Image Cleaner scanning interval in hours.

    ManagedClusterSecurityProfileImageIntegrity

    (Appears on:ManagedClusterSecurityProfile)

    Image integrity related settings for the security profile.

    Field Description
    enabled
    bool

    Enabled: Whether to enable image integrity. The default value is false.

    ManagedClusterSecurityProfileImageIntegrity_STATUS

    (Appears on:ManagedClusterSecurityProfile_STATUS)

    Image integrity related settings for the security profile.

    Field Description
    enabled
    bool

    Enabled: Whether to enable image integrity. The default value is false.

    ManagedClusterSecurityProfileNodeRestriction

    (Appears on:ManagedClusterSecurityProfile)

    Node Restriction settings for the security profile.

    Field Description
    enabled
    bool

    Enabled: Whether to enable Node Restriction

    ManagedClusterSecurityProfileNodeRestriction_STATUS

    (Appears on:ManagedClusterSecurityProfile_STATUS)

    Node Restriction settings for the security profile.

    Field Description
    enabled
    bool

    Enabled: Whether to enable Node Restriction

    ManagedClusterSecurityProfileWorkloadIdentity

    (Appears on:ManagedClusterSecurityProfile)

    Workload identity settings for the security profile.

    Field Description
    enabled
    bool

    Enabled: Whether to enable workload identity.

    ManagedClusterSecurityProfileWorkloadIdentity_STATUS

    (Appears on:ManagedClusterSecurityProfile_STATUS)

    Workload identity settings for the security profile.

    Field Description
    enabled
    bool

    Enabled: Whether to enable workload identity.

    ManagedClusterSecurityProfile_STATUS

    (Appears on:ManagedCluster_STATUS)

    Security profile for the container service cluster.

    Field Description
    azureKeyVaultKms
    AzureKeyVaultKms_STATUS

    AzureKeyVaultKms: Azure Key Vault key management service settings for the security profile.

    customCATrustCertificates
    []string

    CustomCATrustCertificates: A list of up to 10 base64 encoded CAs that will be added to the trust store on nodes with the Custom CA Trust feature enabled. For more information see Custom CA Trust Certificates

    defender
    ManagedClusterSecurityProfileDefender_STATUS

    Defender: Microsoft Defender settings for the security profile.

    imageCleaner
    ManagedClusterSecurityProfileImageCleaner_STATUS

    ImageCleaner: Image Cleaner settings for the security profile.

    imageIntegrity
    ManagedClusterSecurityProfileImageIntegrity_STATUS

    ImageIntegrity: Image integrity is a feature that works with Azure Policy to verify image integrity by signature. This will not have any effect unless Azure Policy is applied to enforce image signatures. See https://aka.ms/aks/image-integrity for how to use this feature via policy.

    nodeRestriction
    ManagedClusterSecurityProfileNodeRestriction_STATUS

    NodeRestriction: Node Restriction settings for the security profile.

    workloadIdentity
    ManagedClusterSecurityProfileWorkloadIdentity_STATUS

    WorkloadIdentity: Workload identity settings for the security profile. Workload identity enables Kubernetes applications to access Azure cloud resources securely with Azure AD. See https://aka.ms/aks/wi for more details.

    ManagedClusterServicePrincipalProfile

    (Appears on:ManagedCluster_Spec)

    Information about a service principal identity for the cluster to use for manipulating Azure APIs.

    Field Description
    clientId
    string

    ClientId: The ID for the service principal.

    secret
    genruntime.SecretReference

    Secret: The secret password associated with the service principal in plain text.

    ManagedClusterServicePrincipalProfile_STATUS

    (Appears on:ManagedCluster_STATUS)

    Information about a service principal identity for the cluster to use for manipulating Azure APIs.

    Field Description
    clientId
    string

    ClientId: The ID for the service principal.

    ManagedClusterStaticEgressGatewayProfile

    (Appears on:ContainerServiceNetworkProfile)

    The Static Egress Gateway addon configuration for the cluster.

    Field Description
    enabled
    bool

    Enabled: Indicates if Static Egress Gateway addon is enabled or not.

    ManagedClusterStaticEgressGatewayProfile_STATUS

    (Appears on:ContainerServiceNetworkProfile_STATUS)

    The Static Egress Gateway addon configuration for the cluster.

    Field Description
    enabled
    bool

    Enabled: Indicates if Static Egress Gateway addon is enabled or not.

    ManagedClusterStorageProfile

    (Appears on:ManagedCluster_Spec)

    Storage profile for the container service cluster.

    Field Description
    blobCSIDriver
    ManagedClusterStorageProfileBlobCSIDriver

    BlobCSIDriver: AzureBlob CSI Driver settings for the storage profile.

    diskCSIDriver
    ManagedClusterStorageProfileDiskCSIDriver

    DiskCSIDriver: AzureDisk CSI Driver settings for the storage profile.

    fileCSIDriver
    ManagedClusterStorageProfileFileCSIDriver

    FileCSIDriver: AzureFile CSI Driver settings for the storage profile.

    snapshotController
    ManagedClusterStorageProfileSnapshotController

    SnapshotController: Snapshot Controller settings for the storage profile.

    ManagedClusterStorageProfileBlobCSIDriver

    (Appears on:ManagedClusterStorageProfile)

    AzureBlob CSI Driver settings for the storage profile.

    Field Description
    enabled
    bool

    Enabled: Whether to enable AzureBlob CSI Driver. The default value is false.

    ManagedClusterStorageProfileBlobCSIDriver_STATUS

    (Appears on:ManagedClusterStorageProfile_STATUS)

    AzureBlob CSI Driver settings for the storage profile.

    Field Description
    enabled
    bool

    Enabled: Whether to enable AzureBlob CSI Driver. The default value is false.

    ManagedClusterStorageProfileDiskCSIDriver

    (Appears on:ManagedClusterStorageProfile)

    AzureDisk CSI Driver settings for the storage profile.

    Field Description
    enabled
    bool

    Enabled: Whether to enable AzureDisk CSI Driver. The default value is true.

    version
    string

    Version: The version of AzureDisk CSI Driver. The default value is v1.

    ManagedClusterStorageProfileDiskCSIDriver_STATUS

    (Appears on:ManagedClusterStorageProfile_STATUS)

    AzureDisk CSI Driver settings for the storage profile.

    Field Description
    enabled
    bool

    Enabled: Whether to enable AzureDisk CSI Driver. The default value is true.

    version
    string

    Version: The version of AzureDisk CSI Driver. The default value is v1.

    ManagedClusterStorageProfileFileCSIDriver

    (Appears on:ManagedClusterStorageProfile)

    AzureFile CSI Driver settings for the storage profile.

    Field Description
    enabled
    bool

    Enabled: Whether to enable AzureFile CSI Driver. The default value is true.

    ManagedClusterStorageProfileFileCSIDriver_STATUS

    (Appears on:ManagedClusterStorageProfile_STATUS)

    AzureFile CSI Driver settings for the storage profile.

    Field Description
    enabled
    bool

    Enabled: Whether to enable AzureFile CSI Driver. The default value is true.

    ManagedClusterStorageProfileSnapshotController

    (Appears on:ManagedClusterStorageProfile)

    Snapshot Controller settings for the storage profile.

    Field Description
    enabled
    bool

    Enabled: Whether to enable Snapshot Controller. The default value is true.

    ManagedClusterStorageProfileSnapshotController_STATUS

    (Appears on:ManagedClusterStorageProfile_STATUS)

    Snapshot Controller settings for the storage profile.

    Field Description
    enabled
    bool

    Enabled: Whether to enable Snapshot Controller. The default value is true.

    ManagedClusterStorageProfile_STATUS

    (Appears on:ManagedCluster_STATUS)

    Storage profile for the container service cluster.

    Field Description
    blobCSIDriver
    ManagedClusterStorageProfileBlobCSIDriver_STATUS

    BlobCSIDriver: AzureBlob CSI Driver settings for the storage profile.

    diskCSIDriver
    ManagedClusterStorageProfileDiskCSIDriver_STATUS

    DiskCSIDriver: AzureDisk CSI Driver settings for the storage profile.

    fileCSIDriver
    ManagedClusterStorageProfileFileCSIDriver_STATUS

    FileCSIDriver: AzureFile CSI Driver settings for the storage profile.

    snapshotController
    ManagedClusterStorageProfileSnapshotController_STATUS

    SnapshotController: Snapshot Controller settings for the storage profile.

    ManagedClusterWindowsProfile

    (Appears on:ManagedCluster_Spec)

    Profile for Windows VMs in the managed cluster.

    Field Description
    adminPassword
    genruntime.SecretReference

    AdminPassword: Specifies the password of the administrator account. Minimum-length: 8 characters Max-length: 123 characters Complexity requirements: 3 out of 4 conditions below need to be fulfilled Has lower characters Has upper characters Has a digit Has a special character (Regex match [\W_]) Disallowed values: “abc@123”, “P@$$w0rd”, “P@ssw0rd”, “P@ssword123”, “Pa$$word”, “pass@word1”, “Password!”, “Password1”, “Password22”, “iloveyou!”

    adminUsername
    string

    AdminUsername: Specifies the name of the administrator account. Restriction: Cannot end in “.” Disallowed values: “administrator”, “admin”, “user”, “user1”, “test”, “user2”, “test1”, “user3”, “admin1”, “1”, “123”, “a”, “actuser”, “adm”, “admin2”, “aspnet”, “backup”, “console”, “david”, “guest”, “john”, “owner”, “root”, “server”, “sql”, “support”, “support_388945a0”, “sys”, “test2”, “test3”, “user4”, “user5”. Minimum-length: 1 character Max-length: 20 characters

    enableCSIProxy
    bool

    EnableCSIProxy: For more details on CSI proxy, see the CSI proxy GitHub repo.

    gmsaProfile
    WindowsGmsaProfile

    GmsaProfile: The Windows gMSA Profile in the Managed Cluster.

    licenseType
    ManagedClusterWindowsProfile_LicenseType

    LicenseType: The license type to use for Windows VMs. See Azure Hybrid User Benefits for more details.

    ManagedClusterWindowsProfile_LicenseType (string alias)

    (Appears on:ManagedClusterWindowsProfile)

    Value Description

    "None"

    "Windows_Server"

    ManagedClusterWindowsProfile_LicenseType_STATUS (string alias)

    (Appears on:ManagedClusterWindowsProfile_STATUS)

    Value Description

    "None"

    "Windows_Server"

    ManagedClusterWindowsProfile_STATUS

    (Appears on:ManagedCluster_STATUS)

    Profile for Windows VMs in the managed cluster.

    Field Description
    adminUsername
    string

    AdminUsername: Specifies the name of the administrator account. Restriction: Cannot end in “.” Disallowed values: “administrator”, “admin”, “user”, “user1”, “test”, “user2”, “test1”, “user3”, “admin1”, “1”, “123”, “a”, “actuser”, “adm”, “admin2”, “aspnet”, “backup”, “console”, “david”, “guest”, “john”, “owner”, “root”, “server”, “sql”, “support”, “support_388945a0”, “sys”, “test2”, “test3”, “user4”, “user5”. Minimum-length: 1 character Max-length: 20 characters

    enableCSIProxy
    bool

    EnableCSIProxy: For more details on CSI proxy, see the CSI proxy GitHub repo.

    gmsaProfile
    WindowsGmsaProfile_STATUS

    GmsaProfile: The Windows gMSA Profile in the Managed Cluster.

    licenseType
    ManagedClusterWindowsProfile_LicenseType_STATUS

    LicenseType: The license type to use for Windows VMs. See Azure Hybrid User Benefits for more details.

    ManagedClusterWorkloadAutoScalerProfile

    (Appears on:ManagedCluster_Spec)

    Workload Auto-scaler profile for the managed cluster.

    Field Description
    keda
    ManagedClusterWorkloadAutoScalerProfileKeda

    Keda: KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.

    verticalPodAutoscaler
    ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler

    ManagedClusterWorkloadAutoScalerProfileKeda

    (Appears on:ManagedClusterWorkloadAutoScalerProfile)

    KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.

    Field Description
    enabled
    bool

    Enabled: Whether to enable KEDA.

    ManagedClusterWorkloadAutoScalerProfileKeda_STATUS

    (Appears on:ManagedClusterWorkloadAutoScalerProfile_STATUS)

    KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.

    Field Description
    enabled
    bool

    Enabled: Whether to enable KEDA.

    ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler

    (Appears on:ManagedClusterWorkloadAutoScalerProfile)

    Field Description
    addonAutoscaling
    ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler_AddonAutoscaling

    AddonAutoscaling: Whether VPA add-on is enabled and configured to scale AKS-managed add-ons.

    enabled
    bool

    Enabled: Whether to enable VPA add-on in cluster. Default value is false.

    ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler_AddonAutoscaling (string alias)

    (Appears on:ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler)

    Value Description

    "Disabled"

    "Enabled"

    ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler_AddonAutoscaling_STATUS (string alias)

    (Appears on:ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler_STATUS)

    Value Description

    "Disabled"

    "Enabled"

    ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler_STATUS

    (Appears on:ManagedClusterWorkloadAutoScalerProfile_STATUS)

    Field Description
    addonAutoscaling
    ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler_AddonAutoscaling_STATUS

    AddonAutoscaling: Whether VPA add-on is enabled and configured to scale AKS-managed add-ons.

    enabled
    bool

    Enabled: Whether to enable VPA add-on in cluster. Default value is false.

    ManagedClusterWorkloadAutoScalerProfile_STATUS

    (Appears on:ManagedCluster_STATUS)

    Workload Auto-scaler profile for the managed cluster.

    Field Description
    keda
    ManagedClusterWorkloadAutoScalerProfileKeda_STATUS

    Keda: KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.

    verticalPodAutoscaler
    ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler_STATUS

    ManagedCluster_STATUS

    (Appears on:ManagedCluster)

    Managed cluster.

    Field Description
    aadProfile
    ManagedClusterAADProfile_STATUS

    AadProfile: The Azure Active Directory configuration.

    addonProfiles
    map[string]./api/containerservice/v1api20240402preview.ManagedClusterAddonProfile_STATUS

    AddonProfiles: The profile of managed cluster add-on.

    agentPoolProfiles
    []ManagedClusterAgentPoolProfile_STATUS

    AgentPoolProfiles: The agent pool properties.

    aiToolchainOperatorProfile
    ManagedClusterAIToolchainOperatorProfile_STATUS

    AiToolchainOperatorProfile: AI toolchain operator settings that apply to the whole cluster.

    apiServerAccessProfile
    ManagedClusterAPIServerAccessProfile_STATUS

    ApiServerAccessProfile: The access profile for managed cluster API server.

    autoScalerProfile
    ManagedClusterProperties_AutoScalerProfile_STATUS

    AutoScalerProfile: Parameters to be applied to the cluster-autoscaler when enabled

    autoUpgradeProfile
    ManagedClusterAutoUpgradeProfile_STATUS

    AutoUpgradeProfile: The auto upgrade configuration.

    azureMonitorProfile
    ManagedClusterAzureMonitorProfile_STATUS

    AzureMonitorProfile: Prometheus addon profile for the container service cluster

    azurePortalFQDN
    string

    AzurePortalFQDN: The Azure Portal requires certain Cross-Origin Resource Sharing (CORS) headers to be sent in some responses, which Kubernetes APIServer doesn’t handle by default. This special FQDN supports CORS, allowing the Azure Portal to function properly.

    bootstrapProfile
    ManagedClusterBootstrapProfile_STATUS

    BootstrapProfile: Profile of the cluster bootstrap configuration.

    conditions
    []genruntime/conditions.Condition

    Conditions: The observed state of the resource

    creationData
    CreationData_STATUS

    CreationData: CreationData to be used to specify the source Snapshot ID if the cluster will be created/upgraded using a snapshot.

    currentKubernetesVersion
    string

    CurrentKubernetesVersion: The version of Kubernetes the Managed Cluster is running.

    disableLocalAccounts
    bool

    DisableLocalAccounts: If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see disable local accounts.

    diskEncryptionSetID
    string

    DiskEncryptionSetID: This is of the form: ‘/​subscriptions/​{subscriptionId}/​resourceGroups/​{resourceGroupName}/​providers/​Microsoft.Compute/​diskEncryptionSets/​{encryptionSetName}’

    dnsPrefix
    string

    DnsPrefix: This cannot be updated once the Managed Cluster has been created.

    eTag
    string

    ETag: Unique read-only string used to implement optimistic concurrency. The eTag value will change when the resource is updated. Specify an if-match or if-none-match header with the eTag value for a subsequent request to enable optimistic concurrency per the normal etag convention.

    enableNamespaceResources
    bool

    EnableNamespaceResources: The default value is false. It can be enabled/disabled on creation and updating of the managed cluster. See https://aka.ms/NamespaceARMResource for more details on Namespace as a ARM Resource.

    enablePodSecurityPolicy
    bool

    EnablePodSecurityPolicy: (DEPRECATED) Whether to enable Kubernetes pod security policy (preview). PodSecurityPolicy was deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25. Learn more at https://aka.ms/k8s/psp and https://aka.ms/aks/psp.

    enableRBAC
    bool

    EnableRBAC: Whether to enable Kubernetes Role-Based Access Control.

    extendedLocation
    ExtendedLocation_STATUS

    ExtendedLocation: The extended location of the Virtual Machine.

    fqdn
    string

    Fqdn: The FQDN of the master pool.

    fqdnSubdomain
    string

    FqdnSubdomain: This cannot be updated once the Managed Cluster has been created.

    httpProxyConfig
    ManagedClusterHTTPProxyConfig_STATUS

    HttpProxyConfig: Configurations for provisioning the cluster with HTTP proxy servers.

    id
    string

    Id: Fully qualified resource ID for the resource. E.g. “/​subscriptions/​{subscriptionId}/​resourceGroups/​{resourceGroupName}/​providers/​{resourceProviderNamespace}/​{resourceType}/​{resourceName}”

    identity
    ManagedClusterIdentity_STATUS

    Identity: The identity of the managed cluster, if configured.

    identityProfile
    map[string]./api/containerservice/v1api20240402preview.UserAssignedIdentity_STATUS

    IdentityProfile: Identities associated with the cluster.

    ingressProfile
    ManagedClusterIngressProfile_STATUS

    IngressProfile: Ingress profile for the managed cluster.

    kind
    string

    Kind: This is primarily used to expose different UI experiences in the portal for different kinds

    kubernetesVersion
    string

    KubernetesVersion: When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See upgrading an AKS cluster for more details.

    linuxProfile
    ContainerServiceLinuxProfile_STATUS

    LinuxProfile: The profile for Linux VMs in the Managed Cluster.

    location
    string

    Location: The geo-location where the resource lives

    maxAgentPools
    int

    MaxAgentPools: The max number of agent pools for the managed cluster.

    metricsProfile
    ManagedClusterMetricsProfile_STATUS

    MetricsProfile: Optional cluster metrics configuration.

    name
    string

    Name: The name of the resource

    networkProfile
    ContainerServiceNetworkProfile_STATUS

    NetworkProfile: The network configuration profile.

    nodeProvisioningProfile
    ManagedClusterNodeProvisioningProfile_STATUS

    NodeProvisioningProfile: Node provisioning settings that apply to the whole cluster.

    nodeResourceGroup
    string

    NodeResourceGroup: The name of the resource group containing agent pool nodes.

    nodeResourceGroupProfile
    ManagedClusterNodeResourceGroupProfile_STATUS

    NodeResourceGroupProfile: The node resource group configuration profile.

    oidcIssuerProfile
    ManagedClusterOIDCIssuerProfile_STATUS

    OidcIssuerProfile: The OIDC issuer profile of the Managed Cluster.

    podIdentityProfile
    ManagedClusterPodIdentityProfile_STATUS

    PodIdentityProfile: See use AAD pod identity for more details on AAD pod identity integration.

    powerState
    PowerState_STATUS

    PowerState: The Power State of the cluster.

    privateFQDN
    string

    PrivateFQDN: The FQDN of private cluster.

    privateLinkResources
    []PrivateLinkResource_STATUS

    PrivateLinkResources: Private link resources associated with the cluster.

    provisioningState
    string

    ProvisioningState: The current provisioning state.

    publicNetworkAccess
    ManagedClusterProperties_PublicNetworkAccess_STATUS

    PublicNetworkAccess: Allow or deny public network access for AKS

    resourceUID
    string

    ResourceUID: The resourceUID uniquely identifies ManagedClusters that reuse ARM ResourceIds (i.e: create, delete, create sequence)

    safeguardsProfile
    SafeguardsProfile_STATUS

    SafeguardsProfile: The Safeguards profile holds all the safeguards information for a given cluster

    securityProfile
    ManagedClusterSecurityProfile_STATUS

    SecurityProfile: Security profile for the managed cluster.

    serviceMeshProfile
    ServiceMeshProfile_STATUS

    ServiceMeshProfile: Service mesh profile for a managed cluster.

    servicePrincipalProfile
    ManagedClusterServicePrincipalProfile_STATUS

    ServicePrincipalProfile: Information about a service principal identity for the cluster to use for manipulating Azure APIs.

    sku
    ManagedClusterSKU_STATUS

    Sku: The managed cluster SKU.

    storageProfile
    ManagedClusterStorageProfile_STATUS

    StorageProfile: Storage profile for the managed cluster.

    supportPlan
    KubernetesSupportPlan_STATUS

    SupportPlan: The support plan for the Managed Cluster. If unspecified, the default is ‘KubernetesOfficial’.

    systemData
    SystemData_STATUS

    SystemData: Azure Resource Manager metadata containing createdBy and modifiedBy information.

    tags
    map[string]string

    Tags: Resource tags.

    type
    string

    Type: The type of the resource. E.g. “Microsoft.Compute/virtualMachines” or “Microsoft.Storage/storageAccounts”

    upgradeSettings
    ClusterUpgradeSettings_STATUS

    UpgradeSettings: Settings for upgrading a cluster.

    windowsProfile
    ManagedClusterWindowsProfile_STATUS

    WindowsProfile: The profile for Windows VMs in the Managed Cluster.

    workloadAutoScalerProfile
    ManagedClusterWorkloadAutoScalerProfile_STATUS

    WorkloadAutoScalerProfile: Workload Auto-scaler profile for the managed cluster.

    ManagedCluster_Spec

    (Appears on:ManagedCluster)

    Field Description
    aadProfile
    ManagedClusterAADProfile

    AadProfile: The Azure Active Directory configuration.

    addonProfiles
    map[string]./api/containerservice/v1api20240402preview.ManagedClusterAddonProfile

    AddonProfiles: The profile of managed cluster add-on.

    agentPoolProfiles
    []ManagedClusterAgentPoolProfile

    AgentPoolProfiles: The agent pool properties.

    aiToolchainOperatorProfile
    ManagedClusterAIToolchainOperatorProfile

    AiToolchainOperatorProfile: AI toolchain operator settings that apply to the whole cluster.

    apiServerAccessProfile
    ManagedClusterAPIServerAccessProfile

    ApiServerAccessProfile: The access profile for managed cluster API server.

    autoScalerProfile
    ManagedClusterProperties_AutoScalerProfile

    AutoScalerProfile: Parameters to be applied to the cluster-autoscaler when enabled

    autoUpgradeProfile
    ManagedClusterAutoUpgradeProfile

    AutoUpgradeProfile: The auto upgrade configuration.

    azureMonitorProfile
    ManagedClusterAzureMonitorProfile

    AzureMonitorProfile: Prometheus addon profile for the container service cluster

    azureName
    string

    AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn’t have to be.

    bootstrapProfile
    ManagedClusterBootstrapProfile

    BootstrapProfile: Profile of the cluster bootstrap configuration.

    creationData
    CreationData

    CreationData: CreationData to be used to specify the source Snapshot ID if the cluster will be created/upgraded using a snapshot.

    disableLocalAccounts
    bool

    DisableLocalAccounts: If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see disable local accounts.

    diskEncryptionSetReference
    genruntime.ResourceReference

    DiskEncryptionSetReference: This is of the form: ‘/​subscriptions/​{subscriptionId}/​resourceGroups/​{resourceGroupName}/​providers/​Microsoft.Compute/​diskEncryptionSets/​{encryptionSetName}’

    dnsPrefix
    string

    DnsPrefix: This cannot be updated once the Managed Cluster has been created.

    enableNamespaceResources
    bool

    EnableNamespaceResources: The default value is false. It can be enabled/disabled on creation and updating of the managed cluster. See https://aka.ms/NamespaceARMResource for more details on Namespace as a ARM Resource.

    enablePodSecurityPolicy
    bool

    EnablePodSecurityPolicy: (DEPRECATED) Whether to enable Kubernetes pod security policy (preview). PodSecurityPolicy was deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25. Learn more at https://aka.ms/k8s/psp and https://aka.ms/aks/psp.

    enableRBAC
    bool

    EnableRBAC: Whether to enable Kubernetes Role-Based Access Control.

    extendedLocation
    ExtendedLocation

    ExtendedLocation: The extended location of the Virtual Machine.

    fqdnSubdomain
    string

    FqdnSubdomain: This cannot be updated once the Managed Cluster has been created.

    httpProxyConfig
    ManagedClusterHTTPProxyConfig

    HttpProxyConfig: Configurations for provisioning the cluster with HTTP proxy servers.

    identity
    ManagedClusterIdentity

    Identity: The identity of the managed cluster, if configured.

    identityProfile
    map[string]./api/containerservice/v1api20240402preview.UserAssignedIdentity

    IdentityProfile: Identities associated with the cluster.

    ingressProfile
    ManagedClusterIngressProfile

    IngressProfile: Ingress profile for the managed cluster.

    kind
    string

    Kind: This is primarily used to expose different UI experiences in the portal for different kinds

    kubernetesVersion
    string

    KubernetesVersion: When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See upgrading an AKS cluster for more details.

    linuxProfile
    ContainerServiceLinuxProfile

    LinuxProfile: The profile for Linux VMs in the Managed Cluster.

    location
    string

    Location: The geo-location where the resource lives

    metricsProfile
    ManagedClusterMetricsProfile

    MetricsProfile: Optional cluster metrics configuration.

    networkProfile
    ContainerServiceNetworkProfile

    NetworkProfile: The network configuration profile.

    nodeProvisioningProfile
    ManagedClusterNodeProvisioningProfile

    NodeProvisioningProfile: Node provisioning settings that apply to the whole cluster.

    nodeResourceGroup
    string

    NodeResourceGroup: The name of the resource group containing agent pool nodes.

    nodeResourceGroupProfile
    ManagedClusterNodeResourceGroupProfile

    NodeResourceGroupProfile: The node resource group configuration profile.

    oidcIssuerProfile
    ManagedClusterOIDCIssuerProfile

    OidcIssuerProfile: The OIDC issuer profile of the Managed Cluster.

    operatorSpec
    ManagedClusterOperatorSpec

    OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not passed directly to Azure

    owner
    genruntime.KnownResourceReference

    Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a resources.azure.com/ResourceGroup resource

    podIdentityProfile
    ManagedClusterPodIdentityProfile

    PodIdentityProfile: See use AAD pod identity for more details on AAD pod identity integration.

    privateLinkResources
    []PrivateLinkResource

    PrivateLinkResources: Private link resources associated with the cluster.

    publicNetworkAccess
    ManagedClusterProperties_PublicNetworkAccess

    PublicNetworkAccess: Allow or deny public network access for AKS

    safeguardsProfile
    SafeguardsProfile

    SafeguardsProfile: The Safeguards profile holds all the safeguards information for a given cluster

    securityProfile
    ManagedClusterSecurityProfile

    SecurityProfile: Security profile for the managed cluster.

    serviceMeshProfile
    ServiceMeshProfile

    ServiceMeshProfile: Service mesh profile for a managed cluster.

    servicePrincipalProfile
    ManagedClusterServicePrincipalProfile

    ServicePrincipalProfile: Information about a service principal identity for the cluster to use for manipulating Azure APIs.

    sku
    ManagedClusterSKU

    Sku: The managed cluster SKU.

    storageProfile
    ManagedClusterStorageProfile

    StorageProfile: Storage profile for the managed cluster.

    supportPlan
    KubernetesSupportPlan

    SupportPlan: The support plan for the Managed Cluster. If unspecified, the default is ‘KubernetesOfficial’.

    tags
    map[string]string

    Tags: Resource tags.

    upgradeSettings
    ClusterUpgradeSettings

    UpgradeSettings: Settings for upgrading a cluster.

    windowsProfile
    ManagedClusterWindowsProfile

    WindowsProfile: The profile for Windows VMs in the Managed Cluster.

    workloadAutoScalerProfile
    ManagedClusterWorkloadAutoScalerProfile

    WorkloadAutoScalerProfile: Workload Auto-scaler profile for the managed cluster.

    ManagedClustersAgentPool

    Generator information: - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/preview/2024-04-02-preview/managedClusters.json - ARM URI: /​subscriptions/​{subscriptionId}/​resourceGroups/​{resourceGroupName}/​providers/​Microsoft.ContainerService/​managedClusters/​{resourceName}/​agentPools/​{agentPoolName}

    Field Description
    metadata
    Kubernetes meta/v1.ObjectMeta
    Refer to the Kubernetes API documentation for the fields of the metadata field.
    spec
    ManagedClustersAgentPool_Spec


    artifactStreamingProfile
    AgentPoolArtifactStreamingProfile

    ArtifactStreamingProfile: Configuration for using artifact streaming on AKS.

    availabilityZones
    []string

    AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is ‘VirtualMachineScaleSets’.

    azureName
    string

    AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn’t have to be.

    capacityReservationGroupReference
    genruntime.ResourceReference

    CapacityReservationGroupReference: AKS will associate the specified agent pool with the Capacity Reservation Group.

    count
    int

    Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.

    creationData
    CreationData

    CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.

    enableAutoScaling
    bool

    EnableAutoScaling: Whether to enable auto-scaler

    enableCustomCATrust
    bool

    EnableCustomCATrust: When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded certificates into node trust stores. Defaults to false.

    enableEncryptionAtHost
    bool

    EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption

    enableFIPS
    bool

    EnableFIPS: See Add a FIPS-enabled node pool for more details.

    enableNodePublicIP
    bool

    EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see assigning a public IP per node. The default is false.

    enableUltraSSD
    bool

    EnableUltraSSD: Whether to enable UltraSSD

    gatewayProfile
    AgentPoolGatewayProfile

    GatewayProfile: Profile specific to a managed agent pool in Gateway mode. This field cannot be set if agent pool mode is not Gateway.

    gpuInstanceProfile
    GPUInstanceProfile

    GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.

    gpuProfile
    AgentPoolGPUProfile

    GpuProfile: The GPU settings of an agent pool.

    hostGroupReference
    genruntime.ResourceReference

    HostGroupReference: This is of the form: /​subscriptions/​{subscriptionId}/​resourceGroups/​{resourceGroupName}/​providers/​Microsoft.Compute/​hostGroups/​{hostGroupName}. For more information see Azure dedicated hosts.

    kubeletConfig
    KubeletConfig

    KubeletConfig: The Kubelet configuration on the agent pool nodes.

    kubeletDiskType
    KubeletDiskType

    KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.

    linuxOSConfig
    LinuxOSConfig

    LinuxOSConfig: The OS configuration of Linux agent nodes.

    maxCount
    int

    MaxCount: The maximum number of nodes for auto-scaling

    maxPods
    int

    MaxPods: The maximum number of pods that can run on a node.

    messageOfTheDay
    string

    MessageOfTheDay: A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script).

    minCount
    int

    MinCount: The minimum number of nodes for auto-scaling

    mode
    AgentPoolMode

    Mode: A cluster must have at least one ‘System’ Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools

    networkProfile
    AgentPoolNetworkProfile

    NetworkProfile: Network-related settings of an agent pool.

    nodeInitializationTaints
    []string

    NodeInitializationTaints: These taints will not be reconciled by AKS and can be removed with a kubectl call. This field can be modified after node pool is created, but nodes will not be recreated with new taints until another operation that requires recreation (e.g. node image upgrade) happens. These taints allow for required configuration to run before the node is ready to accept workloads, for example ‘key1=value1:NoSchedule’ that then can be removed with kubectl taint nodes node1 key1=value1:NoSchedule-

    nodeLabels
    map[string]string

    NodeLabels: The node labels to be persisted across all nodes in agent pool.

    nodePublicIPPrefixReference
    genruntime.ResourceReference

    NodePublicIPPrefixReference: This is of the form: /​subscriptions/​{subscriptionId}/​resourceGroups/​{resourceGroupName}/​providers/​Microsoft.Network/​publicIPPrefixes/​{publicIPPrefixName}

    nodeTaints
    []string

    NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.

    operatorSpec
    ManagedClustersAgentPoolOperatorSpec

    OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not passed directly to Azure

    orchestratorVersion
    string

    OrchestratorVersion: Both patch version and are supported. When is specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same once it has been created will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see upgrading a node pool.

    osDiskSizeGB
    ContainerServiceOSDisk
    osDiskType
    OSDiskType

    OsDiskType: The default is ‘Ephemeral’ if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to ‘Managed’. May not be changed after creation. For more information see Ephemeral OS.

    osSKU
    OSSKU

    OsSKU: Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is deprecated.

    osType
    OSType

    OsType: The operating system type. The default is Linux.

    owner
    genruntime.KnownResourceReference

    Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a containerservice.azure.com/ManagedCluster resource

    podIPAllocationMode
    PodIPAllocationMode

    PodIPAllocationMode: The IP allocation mode for pods in the agent pool. Must be used with podSubnetId. The default is ‘DynamicIndividual’.

    podSubnetReference
    genruntime.ResourceReference

    PodSubnetReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /​subscriptions/​{subscriptionId}/​resourceGroups/​{resourceGroupName}/​providers/​Microsoft.Network/​virtualNetworks/​{virtualNetworkName}/​subnets/​{subnetName}

    powerState
    PowerState

    PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded

    proximityPlacementGroupReference
    genruntime.ResourceReference

    ProximityPlacementGroupReference: The ID for Proximity Placement Group.

    scaleDownMode
    ScaleDownMode

    ScaleDownMode: This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.

    scaleSetEvictionPolicy
    ScaleSetEvictionPolicy

    ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is ‘Spot’. If not specified, the default is ‘Delete’.

    scaleSetPriority
    ScaleSetPriority

    ScaleSetPriority: The Virtual Machine Scale Set priority. If not specified, the default is ‘Regular’.

    securityProfile
    AgentPoolSecurityProfile

    SecurityProfile: The security settings of an agent pool.

    spotMaxPrice
    float64

    SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see spot VMs pricing

    tags
    map[string]string

    Tags: The tags to be persisted on the agent pool virtual machine scale set.

    type
    AgentPoolType

    Type: The type of Agent Pool.

    upgradeSettings
    AgentPoolUpgradeSettings

    UpgradeSettings: Settings for upgrading the agentpool

    virtualMachineNodesStatus
    []VirtualMachineNodes
    virtualMachinesProfile
    VirtualMachinesProfile

    VirtualMachinesProfile: Specifications on VirtualMachines agent pool.

    vmSize
    string

    VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions

    vnetSubnetReference
    genruntime.ResourceReference

    VnetSubnetReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /​subscriptions/​{subscriptionId}/​resourceGroups/​{resourceGroupName}/​providers/​Microsoft.Network/​virtualNetworks/​{virtualNetworkName}/​subnets/​{subnetName}

    windowsProfile
    AgentPoolWindowsProfile

    WindowsProfile: The Windows agent pool’s specific profile.

    workloadRuntime
    WorkloadRuntime

    WorkloadRuntime: Determines the type of workload a node can run.

    status
    ManagedClustersAgentPool_STATUS

    ManagedClustersAgentPoolOperatorSpec

    (Appears on:ManagedClustersAgentPool_Spec)

    Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure

    Field Description
    configMapExpressions
    []genruntime/core.DestinationExpression

    ConfigMapExpressions: configures where to place operator written dynamic ConfigMaps (created with CEL expressions).

    secretExpressions
    []genruntime/core.DestinationExpression

    SecretExpressions: configures where to place operator written dynamic secrets (created with CEL expressions).

    ManagedClustersAgentPool_STATUS

    (Appears on:ManagedClustersAgentPool)

    Field Description
    artifactStreamingProfile
    AgentPoolArtifactStreamingProfile_STATUS

    ArtifactStreamingProfile: Configuration for using artifact streaming on AKS.

    availabilityZones
    []string

    AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is ‘VirtualMachineScaleSets’.

    capacityReservationGroupID
    string

    CapacityReservationGroupID: AKS will associate the specified agent pool with the Capacity Reservation Group.

    conditions
    []genruntime/conditions.Condition

    Conditions: The observed state of the resource

    count
    int

    Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.

    creationData
    CreationData_STATUS

    CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.

    currentOrchestratorVersion
    string

    CurrentOrchestratorVersion: If orchestratorVersion was a fully specified version , this field will be exactly equal to it. If orchestratorVersion was , this field will contain the full version being used.

    eTag
    string

    ETag: Unique read-only string used to implement optimistic concurrency. The eTag value will change when the resource is updated. Specify an if-match or if-none-match header with the eTag value for a subsequent request to enable optimistic concurrency per the normal etag convention.

    enableAutoScaling
    bool

    EnableAutoScaling: Whether to enable auto-scaler

    enableCustomCATrust
    bool

    EnableCustomCATrust: When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded certificates into node trust stores. Defaults to false.

    enableEncryptionAtHost
    bool

    EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption

    enableFIPS
    bool

    EnableFIPS: See Add a FIPS-enabled node pool for more details.

    enableNodePublicIP
    bool

    EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see assigning a public IP per node. The default is false.

    enableUltraSSD
    bool

    EnableUltraSSD: Whether to enable UltraSSD

    gatewayProfile
    AgentPoolGatewayProfile_STATUS

    GatewayProfile: Profile specific to a managed agent pool in Gateway mode. This field cannot be set if agent pool mode is not Gateway.

    gpuInstanceProfile
    GPUInstanceProfile_STATUS

    GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.

    gpuProfile
    AgentPoolGPUProfile_STATUS

    GpuProfile: The GPU settings of an agent pool.

    hostGroupID
    string

    HostGroupID: This is of the form: /​subscriptions/​{subscriptionId}/​resourceGroups/​{resourceGroupName}/​providers/​Microsoft.Compute/​hostGroups/​{hostGroupName}. For more information see Azure dedicated hosts.

    id
    string

    Id: Resource ID.

    kubeletConfig
    KubeletConfig_STATUS

    KubeletConfig: The Kubelet configuration on the agent pool nodes.

    kubeletDiskType
    KubeletDiskType_STATUS

    KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.

    linuxOSConfig
    LinuxOSConfig_STATUS

    LinuxOSConfig: The OS configuration of Linux agent nodes.

    maxCount
    int

    MaxCount: The maximum number of nodes for auto-scaling

    maxPods
    int

    MaxPods: The maximum number of pods that can run on a node.

    messageOfTheDay
    string

    MessageOfTheDay: A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script).

    minCount
    int

    MinCount: The minimum number of nodes for auto-scaling

    mode
    AgentPoolMode_STATUS

    Mode: A cluster must have at least one ‘System’ Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools

    name
    string

    Name: The name of the resource that is unique within a resource group. This name can be used to access the resource.

    networkProfile
    AgentPoolNetworkProfile_STATUS

    NetworkProfile: Network-related settings of an agent pool.

    nodeImageVersion
    string

    NodeImageVersion: The version of node image

    nodeInitializationTaints
    []string

    NodeInitializationTaints: These taints will not be reconciled by AKS and can be removed with a kubectl call. This field can be modified after node pool is created, but nodes will not be recreated with new taints until another operation that requires recreation (e.g. node image upgrade) happens. These taints allow for required configuration to run before the node is ready to accept workloads, for example ‘key1=value1:NoSchedule’ that then can be removed with kubectl taint nodes node1 key1=value1:NoSchedule-

    nodeLabels
    map[string]string

    NodeLabels: The node labels to be persisted across all nodes in agent pool.

    nodePublicIPPrefixID
    string

    NodePublicIPPrefixID: This is of the form: /​subscriptions/​{subscriptionId}/​resourceGroups/​{resourceGroupName}/​providers/​Microsoft.Network/​publicIPPrefixes/​{publicIPPrefixName}

    nodeTaints
    []string

    NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.

    orchestratorVersion
    string

    OrchestratorVersion: Both patch version and are supported. When is specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same once it has been created will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see upgrading a node pool.

    osDiskSizeGB
    int
    osDiskType
    OSDiskType_STATUS

    OsDiskType: The default is ‘Ephemeral’ if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to ‘Managed’. May not be changed after creation. For more information see Ephemeral OS.

    osSKU
    OSSKU_STATUS

    OsSKU: Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is deprecated.

    osType
    OSType_STATUS

    OsType: The operating system type. The default is Linux.

    podIPAllocationMode
    PodIPAllocationMode_STATUS

    PodIPAllocationMode: The IP allocation mode for pods in the agent pool. Must be used with podSubnetId. The default is ‘DynamicIndividual’.

    podSubnetID
    string

    PodSubnetID: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /​subscriptions/​{subscriptionId}/​resourceGroups/​{resourceGroupName}/​providers/​Microsoft.Network/​virtualNetworks/​{virtualNetworkName}/​subnets/​{subnetName}

    powerState
    PowerState_STATUS

    PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded

    properties_type
    AgentPoolType_STATUS

    PropertiesType: The type of Agent Pool.

    provisioningState
    string

    ProvisioningState: The current deployment or provisioning state.

    proximityPlacementGroupID
    string

    ProximityPlacementGroupID: The ID for Proximity Placement Group.

    scaleDownMode
    ScaleDownMode_STATUS

    ScaleDownMode: This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.

    scaleSetEvictionPolicy
    ScaleSetEvictionPolicy_STATUS

    ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is ‘Spot’. If not specified, the default is ‘Delete’.

    scaleSetPriority
    ScaleSetPriority_STATUS

    ScaleSetPriority: The Virtual Machine Scale Set priority. If not specified, the default is ‘Regular’.

    securityProfile
    AgentPoolSecurityProfile_STATUS

    SecurityProfile: The security settings of an agent pool.

    spotMaxPrice
    float64

    SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see spot VMs pricing

    tags
    map[string]string

    Tags: The tags to be persisted on the agent pool virtual machine scale set.

    type
    string

    Type: Resource type

    upgradeSettings
    AgentPoolUpgradeSettings_STATUS

    UpgradeSettings: Settings for upgrading the agentpool

    virtualMachineNodesStatus
    []VirtualMachineNodes_STATUS
    virtualMachinesProfile
    VirtualMachinesProfile_STATUS

    VirtualMachinesProfile: Specifications on VirtualMachines agent pool.

    vmSize
    string

    VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions

    vnetSubnetID
    string

    VnetSubnetID: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /​subscriptions/​{subscriptionId}/​resourceGroups/​{resourceGroupName}/​providers/​Microsoft.Network/​virtualNetworks/​{virtualNetworkName}/​subnets/​{subnetName}

    windowsProfile
    AgentPoolWindowsProfile_STATUS

    WindowsProfile: The Windows agent pool’s specific profile.

    workloadRuntime
    WorkloadRuntime_STATUS

    WorkloadRuntime: Determines the type of workload a node can run.

    ManagedClustersAgentPool_Spec

    (Appears on:ManagedClustersAgentPool)

    Field Description
    artifactStreamingProfile
    AgentPoolArtifactStreamingProfile

    ArtifactStreamingProfile: Configuration for using artifact streaming on AKS.

    availabilityZones
    []string

    AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is ‘VirtualMachineScaleSets’.

    azureName
    string

    AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn’t have to be.

    capacityReservationGroupReference
    genruntime.ResourceReference

    CapacityReservationGroupReference: AKS will associate the specified agent pool with the Capacity Reservation Group.

    count
    int

    Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.

    creationData
    CreationData

    CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.

    enableAutoScaling
    bool

    EnableAutoScaling: Whether to enable auto-scaler

    enableCustomCATrust
    bool

    EnableCustomCATrust: When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded certificates into node trust stores. Defaults to false.

    enableEncryptionAtHost
    bool

    EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption

    enableFIPS
    bool

    EnableFIPS: See Add a FIPS-enabled node pool for more details.

    enableNodePublicIP
    bool

    EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see assigning a public IP per node. The default is false.

    enableUltraSSD
    bool

    EnableUltraSSD: Whether to enable UltraSSD

    gatewayProfile
    AgentPoolGatewayProfile

    GatewayProfile: Profile specific to a managed agent pool in Gateway mode. This field cannot be set if agent pool mode is not Gateway.

    gpuInstanceProfile
    GPUInstanceProfile

    GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.

    gpuProfile
    AgentPoolGPUProfile

    GpuProfile: The GPU settings of an agent pool.

    hostGroupReference
    genruntime.ResourceReference

    HostGroupReference: This is of the form: /​subscriptions/​{subscriptionId}/​resourceGroups/​{resourceGroupName}/​providers/​Microsoft.Compute/​hostGroups/​{hostGroupName}. For more information see Azure dedicated hosts.

    kubeletConfig
    KubeletConfig

    KubeletConfig: The Kubelet configuration on the agent pool nodes.

    kubeletDiskType
    KubeletDiskType

    KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.

    linuxOSConfig
    LinuxOSConfig

    LinuxOSConfig: The OS configuration of Linux agent nodes.

    maxCount
    int

    MaxCount: The maximum number of nodes for auto-scaling

    maxPods
    int

    MaxPods: The maximum number of pods that can run on a node.

    messageOfTheDay
    string

    MessageOfTheDay: A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script).

    minCount
    int

    MinCount: The minimum number of nodes for auto-scaling

    mode
    AgentPoolMode

    Mode: A cluster must have at least one ‘System’ Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools

    networkProfile
    AgentPoolNetworkProfile

    NetworkProfile: Network-related settings of an agent pool.

    nodeInitializationTaints
    []string

    NodeInitializationTaints: These taints will not be reconciled by AKS and can be removed with a kubectl call. This field can be modified after node pool is created, but nodes will not be recreated with new taints until another operation that requires recreation (e.g. node image upgrade) happens. These taints allow for required configuration to run before the node is ready to accept workloads, for example ‘key1=value1:NoSchedule’ that then can be removed with kubectl taint nodes node1 key1=value1:NoSchedule-

    nodeLabels
    map[string]string

    NodeLabels: The node labels to be persisted across all nodes in agent pool.

    nodePublicIPPrefixReference
    genruntime.ResourceReference

    NodePublicIPPrefixReference: This is of the form: /​subscriptions/​{subscriptionId}/​resourceGroups/​{resourceGroupName}/​providers/​Microsoft.Network/​publicIPPrefixes/​{publicIPPrefixName}

    nodeTaints
    []string

    NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.

    operatorSpec
    ManagedClustersAgentPoolOperatorSpec

    OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not passed directly to Azure

    orchestratorVersion
    string

    OrchestratorVersion: Both patch version and are supported. When is specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same once it has been created will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see upgrading a node pool.

    osDiskSizeGB
    ContainerServiceOSDisk
    osDiskType
    OSDiskType

    OsDiskType: The default is ‘Ephemeral’ if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to ‘Managed’. May not be changed after creation. For more information see Ephemeral OS.

    osSKU
    OSSKU

    OsSKU: Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is deprecated.

    osType
    OSType

    OsType: The operating system type. The default is Linux.

    owner
    genruntime.KnownResourceReference

    Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a containerservice.azure.com/ManagedCluster resource

    podIPAllocationMode
    PodIPAllocationMode

    PodIPAllocationMode: The IP allocation mode for pods in the agent pool. Must be used with podSubnetId. The default is ‘DynamicIndividual’.

    podSubnetReference
    genruntime.ResourceReference

    PodSubnetReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /​subscriptions/​{subscriptionId}/​resourceGroups/​{resourceGroupName}/​providers/​Microsoft.Network/​virtualNetworks/​{virtualNetworkName}/​subnets/​{subnetName}

    powerState
    PowerState

    PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded

    proximityPlacementGroupReference
    genruntime.ResourceReference

    ProximityPlacementGroupReference: The ID for Proximity Placement Group.

    scaleDownMode
    ScaleDownMode

    ScaleDownMode: This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.

    scaleSetEvictionPolicy
    ScaleSetEvictionPolicy

    ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is ‘Spot’. If not specified, the default is ‘Delete’.

    scaleSetPriority
    ScaleSetPriority

    ScaleSetPriority: The Virtual Machine Scale Set priority. If not specified, the default is ‘Regular’.

    securityProfile
    AgentPoolSecurityProfile

    SecurityProfile: The security settings of an agent pool.

    spotMaxPrice
    float64

    SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see spot VMs pricing

    tags
    map[string]string

    Tags: The tags to be persisted on the agent pool virtual machine scale set.

    type
    AgentPoolType

    Type: The type of Agent Pool.

    upgradeSettings
    AgentPoolUpgradeSettings

    UpgradeSettings: Settings for upgrading the agentpool

    virtualMachineNodesStatus
    []VirtualMachineNodes
    virtualMachinesProfile
    VirtualMachinesProfile

    VirtualMachinesProfile: Specifications on VirtualMachines agent pool.

    vmSize
    string

    VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions

    vnetSubnetReference
    genruntime.ResourceReference

    VnetSubnetReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /​subscriptions/​{subscriptionId}/​resourceGroups/​{resourceGroupName}/​providers/​Microsoft.Network/​virtualNetworks/​{virtualNetworkName}/​subnets/​{subnetName}

    windowsProfile
    AgentPoolWindowsProfile

    WindowsProfile: The Windows agent pool’s specific profile.

    workloadRuntime
    WorkloadRuntime

    WorkloadRuntime: Determines the type of workload a node can run.

    ManualScaleProfile

    (Appears on:ScaleProfile)

    Specifications on number of machines.

    Field Description
    count
    int

    Count: Number of nodes.

    sizes
    []string

    Sizes: The list of allowed vm sizes e.g. [‘Standard_E4s_v3’, ‘Standard_E16s_v3’, ‘Standard_D16s_v5’]. AKS will use the first available one when scaling. If a VM size is unavailable (e.g. due to quota or regional capacity reasons), AKS will use the next size.

    ManualScaleProfile_STATUS

    (Appears on:ScaleProfile_STATUS)

    Specifications on number of machines.

    Field Description
    count
    int

    Count: Number of nodes.

    sizes
    []string

    Sizes: The list of allowed vm sizes e.g. [‘Standard_E4s_v3’, ‘Standard_E16s_v3’, ‘Standard_D16s_v5’]. AKS will use the first available one when scaling. If a VM size is unavailable (e.g. due to quota or regional capacity reasons), AKS will use the next size.

    NetworkDataplane (string alias)

    (Appears on:ContainerServiceNetworkProfile)

    Network dataplane used in the Kubernetes cluster.

    Value Description

    "azure"

    "cilium"

    NetworkDataplane_STATUS (string alias)

    (Appears on:ContainerServiceNetworkProfile_STATUS)

    Network dataplane used in the Kubernetes cluster.

    Value Description

    "azure"

    "cilium"

    NetworkMode (string alias)

    (Appears on:ContainerServiceNetworkProfile)

    This cannot be specified if networkPlugin is anything other than ‘azure’.

    Value Description

    "bridge"

    "transparent"

    NetworkMode_STATUS (string alias)

    (Appears on:ContainerServiceNetworkProfile_STATUS)

    This cannot be specified if networkPlugin is anything other than ‘azure’.

    Value Description

    "bridge"

    "transparent"

    NetworkPlugin (string alias)

    (Appears on:ContainerServiceNetworkProfile)

    Network plugin used for building the Kubernetes network.

    Value Description

    "azure"

    "kubenet"

    "none"

    NetworkPluginMode (string alias)

    (Appears on:ContainerServiceNetworkProfile)

    The mode the network plugin should use.

    Value Description

    "overlay"

    NetworkPluginMode_STATUS (string alias)

    (Appears on:ContainerServiceNetworkProfile_STATUS)

    The mode the network plugin should use.

    Value Description

    "overlay"

    NetworkPlugin_STATUS (string alias)

    (Appears on:ContainerServiceNetworkProfile_STATUS)

    Network plugin used for building the Kubernetes network.

    Value Description

    "azure"

    "kubenet"

    "none"

    NetworkPolicy (string alias)

    (Appears on:ContainerServiceNetworkProfile)

    Network policy used for building the Kubernetes network.

    Value Description

    "azure"

    "calico"

    "cilium"

    "none"

    NetworkPolicy_STATUS (string alias)

    (Appears on:ContainerServiceNetworkProfile_STATUS)

    Network policy used for building the Kubernetes network.

    Value Description

    "azure"

    "calico"

    "cilium"

    "none"

    OSDiskType (string alias)

    (Appears on:ManagedClusterAgentPoolProfile, ManagedClustersAgentPool_Spec)

    The default is ‘Ephemeral’ if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to ‘Managed’. May not be changed after creation. For more information see Ephemeral OS.

    Value Description

    "Ephemeral"

    "Managed"

    OSDiskType_STATUS (string alias)

    (Appears on:ManagedClusterAgentPoolProfile_STATUS, ManagedClustersAgentPool_STATUS)

    The default is ‘Ephemeral’ if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to ‘Managed’. May not be changed after creation. For more information see Ephemeral OS.

    Value Description

    "Ephemeral"

    "Managed"

    OSSKU (string alias)

    (Appears on:ManagedClusterAgentPoolProfile, ManagedClustersAgentPool_Spec)

    Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is deprecated.

    Value Description

    "AzureLinux"

    "CBLMariner"

    "Mariner"

    "Ubuntu"

    "Windows2019"

    "Windows2022"

    "WindowsAnnual"

    OSSKU_STATUS (string alias)

    (Appears on:ManagedClusterAgentPoolProfile_STATUS, ManagedClustersAgentPool_STATUS)

    Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is deprecated.

    Value Description

    "AzureLinux"

    "CBLMariner"

    "Mariner"

    "Ubuntu"

    "Windows2019"

    "Windows2022"

    "WindowsAnnual"

    OSType (string alias)

    (Appears on:ManagedClusterAgentPoolProfile, ManagedClustersAgentPool_Spec)

    The operating system type. The default is Linux.

    Value Description

    "Linux"

    "Windows"

    OSType_STATUS (string alias)

    (Appears on:ManagedClusterAgentPoolProfile_STATUS, ManagedClustersAgentPool_STATUS)

    The operating system type. The default is Linux.

    Value Description

    "Linux"

    "Windows"

    PodIPAllocationMode (string alias)

    (Appears on:ManagedClusterAgentPoolProfile, ManagedClustersAgentPool_Spec)

    The IP allocation mode for pods in the agent pool. Must be used with podSubnetId. The default is ‘DynamicIndividual’.

    Value Description

    "DynamicIndividual"

    "StaticBlock"

    PodIPAllocationMode_STATUS (string alias)

    (Appears on:ManagedClusterAgentPoolProfile_STATUS, ManagedClustersAgentPool_STATUS)

    The IP allocation mode for pods in the agent pool. Must be used with podSubnetId. The default is ‘DynamicIndividual’.

    Value Description

    "DynamicIndividual"

    "StaticBlock"

    PodLinkLocalAccess (string alias)

    (Appears on:ContainerServiceNetworkProfile)

    Defines access to special link local addresses (Azure Instance Metadata Service, aka IMDS) for pods with hostNetwork=false. If not specified, the default is ‘IMDS’.

    Value Description

    "IMDS"

    "None"

    PodLinkLocalAccess_STATUS (string alias)

    (Appears on:ContainerServiceNetworkProfile_STATUS)

    Defines access to special link local addresses (Azure Instance Metadata Service, aka IMDS) for pods with hostNetwork=false. If not specified, the default is ‘IMDS’.

    Value Description

    "IMDS"

    "None"

    PortRange

    (Appears on:AgentPoolNetworkProfile)

    The port range.

    Field Description
    portEnd
    int

    PortEnd: The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or equal to portStart.

    portStart
    int

    PortStart: The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or equal to portEnd.

    protocol
    PortRange_Protocol

    Protocol: The network protocol of the port.

    PortRange_Protocol (string alias)

    (Appears on:PortRange)

    Value Description

    "TCP"

    "UDP"

    PortRange_Protocol_STATUS (string alias)

    (Appears on:PortRange_STATUS)

    Value Description

    "TCP"

    "UDP"

    PortRange_STATUS

    (Appears on:AgentPoolNetworkProfile_STATUS)

    The port range.

    Field Description
    portEnd
    int

    PortEnd: The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or equal to portStart.

    portStart
    int

    PortStart: The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or equal to portEnd.

    protocol
    PortRange_Protocol_STATUS

    Protocol: The network protocol of the port.

    PowerState

    (Appears on:ManagedClusterAgentPoolProfile, ManagedClustersAgentPool_Spec)

    Describes the Power State of the cluster

    Field Description
    code
    PowerState_Code

    Code: Tells whether the cluster is Running or Stopped

    PowerState_Code (string alias)

    (Appears on:PowerState)

    Value Description

    "Running"

    "Stopped"

    PowerState_Code_STATUS (string alias)

    (Appears on:PowerState_STATUS)

    Value Description

    "Running"

    "Stopped"

    PowerState_STATUS

    (Appears on:ManagedClusterAgentPoolProfile_STATUS, ManagedCluster_STATUS, ManagedClustersAgentPool_STATUS)

    Describes the Power State of the cluster

    Field Description
    code
    PowerState_Code_STATUS

    Code: Tells whether the cluster is Running or Stopped

    PrivateLinkResource

    (Appears on:ManagedCluster_Spec)

    A private link resource

    Field Description
    groupId
    string

    GroupId: The group ID of the resource.

    name
    string

    Name: The name of the private link resource.

    reference
    genruntime.ResourceReference

    Reference: The ID of the private link resource.

    requiredMembers
    []string

    RequiredMembers: The RequiredMembers of the resource

    type
    string

    Type: The resource type.

    PrivateLinkResource_STATUS

    (Appears on:ManagedCluster_STATUS)

    A private link resource

    Field Description
    groupId
    string

    GroupId: The group ID of the resource.

    id
    string

    Id: The ID of the private link resource.

    name
    string

    Name: The name of the private link resource.

    privateLinkServiceID
    string

    PrivateLinkServiceID: The private link service ID of the resource, this field is exposed only to NRP internally.

    requiredMembers
    []string

    RequiredMembers: The RequiredMembers of the resource

    type
    string

    Type: The resource type.

    ResourceReference

    (Appears on:ManagedClusterLoadBalancerProfile, ManagedClusterLoadBalancerProfile_OutboundIPPrefixes, ManagedClusterLoadBalancerProfile_OutboundIPs, ManagedClusterNATGatewayProfile)

    A reference to an Azure resource.

    Field Description
    reference
    genruntime.ResourceReference

    Reference: The fully qualified Azure resource id.

    ResourceReference_STATUS

    (Appears on:ManagedClusterLoadBalancerProfile_OutboundIPPrefixes_STATUS, ManagedClusterLoadBalancerProfile_OutboundIPs_STATUS, ManagedClusterLoadBalancerProfile_STATUS, ManagedClusterNATGatewayProfile_STATUS)

    A reference to an Azure resource.

    Field Description
    id
    string

    Id: The fully qualified Azure resource id.

    SafeguardsProfile

    (Appears on:ManagedCluster_Spec)

    The Safeguards profile.

    Field Description
    excludedNamespaces
    []string

    ExcludedNamespaces: List of namespaces excluded from Safeguards checks

    level
    SafeguardsProfile_Level

    Level: The Safeguards level to be used. By default, Safeguards is enabled for all namespaces except those that AKS excludes via systemExcludedNamespaces

    version
    string

    Version: The version of constraints to use

    SafeguardsProfile_Level (string alias)

    (Appears on:SafeguardsProfile)

    Value Description

    "Enforcement"

    "Off"

    "Warning"

    SafeguardsProfile_Level_STATUS (string alias)

    (Appears on:SafeguardsProfile_STATUS)

    Value Description

    "Enforcement"

    "Off"

    "Warning"

    SafeguardsProfile_STATUS

    (Appears on:ManagedCluster_STATUS)

    The Safeguards profile.

    Field Description
    excludedNamespaces
    []string

    ExcludedNamespaces: List of namespaces excluded from Safeguards checks

    level
    SafeguardsProfile_Level_STATUS

    Level: The Safeguards level to be used. By default, Safeguards is enabled for all namespaces except those that AKS excludes via systemExcludedNamespaces

    systemExcludedNamespaces
    []string

    SystemExcludedNamespaces: List of namespaces specified by AKS to be excluded from Safeguards

    version
    string

    Version: The version of constraints to use

    ScaleDownMode (string alias)

    (Appears on:ManagedClusterAgentPoolProfile, ManagedClustersAgentPool_Spec)

    Describes how VMs are added to or removed from Agent Pools. See billing states.

    Value Description

    "Deallocate"

    "Delete"

    ScaleDownMode_STATUS (string alias)

    (Appears on:ManagedClusterAgentPoolProfile_STATUS, ManagedClustersAgentPool_STATUS)

    Describes how VMs are added to or removed from Agent Pools. See billing states.

    Value Description

    "Deallocate"

    "Delete"

    ScaleProfile

    (Appears on:VirtualMachinesProfile)

    Specifications on how to scale a VirtualMachines agent pool.

    Field Description
    autoscale
    []AutoScaleProfile

    Autoscale: Specifications on how to auto-scale the VirtualMachines agent pool within a predefined size range. Currently, at most one AutoScaleProfile is allowed.

    manual
    []ManualScaleProfile

    Manual: Specifications on how to scale the VirtualMachines agent pool to a fixed size.

    ScaleProfile_STATUS

    (Appears on:VirtualMachinesProfile_STATUS)

    Specifications on how to scale a VirtualMachines agent pool.

    Field Description
    autoscale
    []AutoScaleProfile_STATUS

    Autoscale: Specifications on how to auto-scale the VirtualMachines agent pool within a predefined size range. Currently, at most one AutoScaleProfile is allowed.

    manual
    []ManualScaleProfile_STATUS

    Manual: Specifications on how to scale the VirtualMachines agent pool to a fixed size.

    ScaleSetEvictionPolicy (string alias)

    (Appears on:ManagedClusterAgentPoolProfile, ManagedClustersAgentPool_Spec)

    The eviction policy specifies what to do with the VM when it is evicted. The default is Delete. For more information about eviction see spot VMs

    Value Description

    "Deallocate"

    "Delete"

    ScaleSetEvictionPolicy_STATUS (string alias)

    (Appears on:ManagedClusterAgentPoolProfile_STATUS, ManagedClustersAgentPool_STATUS)

    The eviction policy specifies what to do with the VM when it is evicted. The default is Delete. For more information about eviction see spot VMs

    Value Description

    "Deallocate"

    "Delete"

    ScaleSetPriority (string alias)

    (Appears on:ManagedClusterAgentPoolProfile, ManagedClustersAgentPool_Spec)

    The Virtual Machine Scale Set priority.

    Value Description

    "Regular"

    "Spot"

    ScaleSetPriority_STATUS (string alias)

    (Appears on:ManagedClusterAgentPoolProfile_STATUS, ManagedClustersAgentPool_STATUS)

    The Virtual Machine Scale Set priority.

    Value Description

    "Regular"

    "Spot"

    ServiceMeshProfile

    (Appears on:ManagedCluster_Spec)

    Service mesh profile for a managed cluster.

    Field Description
    istio
    IstioServiceMesh

    Istio: Istio service mesh configuration.

    mode
    ServiceMeshProfile_Mode

    Mode: Mode of the service mesh.

    ServiceMeshProfile_Mode (string alias)

    (Appears on:ServiceMeshProfile)

    Value Description

    "Disabled"

    "Istio"

    ServiceMeshProfile_Mode_STATUS (string alias)

    (Appears on:ServiceMeshProfile_STATUS)

    Value Description

    "Disabled"

    "Istio"

    ServiceMeshProfile_STATUS

    (Appears on:ManagedCluster_STATUS)

    Service mesh profile for a managed cluster.

    Field Description
    istio
    IstioServiceMesh_STATUS

    Istio: Istio service mesh configuration.

    mode
    ServiceMeshProfile_Mode_STATUS

    Mode: Mode of the service mesh.

    SysctlConfig

    (Appears on:LinuxOSConfig)

    Sysctl settings for Linux agent nodes.

    Field Description
    fsAioMaxNr
    int

    FsAioMaxNr: Sysctl setting fs.aio-max-nr.

    fsFileMax
    int

    FsFileMax: Sysctl setting fs.file-max.

    fsInotifyMaxUserWatches
    int

    FsInotifyMaxUserWatches: Sysctl setting fs.inotify.max_user_watches.

    fsNrOpen
    int

    FsNrOpen: Sysctl setting fs.nr_open.

    kernelThreadsMax
    int

    KernelThreadsMax: Sysctl setting kernel.threads-max.

    netCoreNetdevMaxBacklog
    int

    NetCoreNetdevMaxBacklog: Sysctl setting net.core.netdev_max_backlog.

    netCoreOptmemMax
    int

    NetCoreOptmemMax: Sysctl setting net.core.optmem_max.

    netCoreRmemDefault
    int

    NetCoreRmemDefault: Sysctl setting net.core.rmem_default.

    netCoreRmemMax
    int

    NetCoreRmemMax: Sysctl setting net.core.rmem_max.

    netCoreSomaxconn
    int

    NetCoreSomaxconn: Sysctl setting net.core.somaxconn.

    netCoreWmemDefault
    int

    NetCoreWmemDefault: Sysctl setting net.core.wmem_default.

    netCoreWmemMax
    int

    NetCoreWmemMax: Sysctl setting net.core.wmem_max.

    netIpv4IpLocalPortRange
    string

    NetIpv4IpLocalPortRange: Sysctl setting net.ipv4.ip_local_port_range.

    netIpv4NeighDefaultGcThresh1
    int

    NetIpv4NeighDefaultGcThresh1: Sysctl setting net.ipv4.neigh.default.gc_thresh1.

    netIpv4NeighDefaultGcThresh2
    int

    NetIpv4NeighDefaultGcThresh2: Sysctl setting net.ipv4.neigh.default.gc_thresh2.

    netIpv4NeighDefaultGcThresh3
    int

    NetIpv4NeighDefaultGcThresh3: Sysctl setting net.ipv4.neigh.default.gc_thresh3.

    netIpv4TcpFinTimeout
    int

    NetIpv4TcpFinTimeout: Sysctl setting net.ipv4.tcp_fin_timeout.

    netIpv4TcpKeepaliveProbes
    int

    NetIpv4TcpKeepaliveProbes: Sysctl setting net.ipv4.tcp_keepalive_probes.

    netIpv4TcpKeepaliveTime
    int

    NetIpv4TcpKeepaliveTime: Sysctl setting net.ipv4.tcp_keepalive_time.

    netIpv4TcpMaxSynBacklog
    int

    NetIpv4TcpMaxSynBacklog: Sysctl setting net.ipv4.tcp_max_syn_backlog.

    netIpv4TcpMaxTwBuckets
    int

    NetIpv4TcpMaxTwBuckets: Sysctl setting net.ipv4.tcp_max_tw_buckets.

    netIpv4TcpTwReuse
    bool

    NetIpv4TcpTwReuse: Sysctl setting net.ipv4.tcp_tw_reuse.

    netIpv4TcpkeepaliveIntvl
    int

    NetIpv4TcpkeepaliveIntvl: Sysctl setting net.ipv4.tcp_keepalive_intvl.

    netNetfilterNfConntrackBuckets
    int

    NetNetfilterNfConntrackBuckets: Sysctl setting net.netfilter.nf_conntrack_buckets.

    netNetfilterNfConntrackMax
    int

    NetNetfilterNfConntrackMax: Sysctl setting net.netfilter.nf_conntrack_max.

    vmMaxMapCount
    int

    VmMaxMapCount: Sysctl setting vm.max_map_count.

    vmSwappiness
    int

    VmSwappiness: Sysctl setting vm.swappiness.

    vmVfsCachePressure
    int

    VmVfsCachePressure: Sysctl setting vm.vfs_cache_pressure.

    SysctlConfig_STATUS

    (Appears on:LinuxOSConfig_STATUS)

    Sysctl settings for Linux agent nodes.

    Field Description
    fsAioMaxNr
    int

    FsAioMaxNr: Sysctl setting fs.aio-max-nr.

    fsFileMax
    int

    FsFileMax: Sysctl setting fs.file-max.

    fsInotifyMaxUserWatches
    int

    FsInotifyMaxUserWatches: Sysctl setting fs.inotify.max_user_watches.

    fsNrOpen
    int

    FsNrOpen: Sysctl setting fs.nr_open.

    kernelThreadsMax
    int

    KernelThreadsMax: Sysctl setting kernel.threads-max.

    netCoreNetdevMaxBacklog
    int

    NetCoreNetdevMaxBacklog: Sysctl setting net.core.netdev_max_backlog.

    netCoreOptmemMax
    int

    NetCoreOptmemMax: Sysctl setting net.core.optmem_max.

    netCoreRmemDefault
    int

    NetCoreRmemDefault: Sysctl setting net.core.rmem_default.

    netCoreRmemMax
    int

    NetCoreRmemMax: Sysctl setting net.core.rmem_max.

    netCoreSomaxconn
    int

    NetCoreSomaxconn: Sysctl setting net.core.somaxconn.

    netCoreWmemDefault
    int

    NetCoreWmemDefault: Sysctl setting net.core.wmem_default.

    netCoreWmemMax
    int

    NetCoreWmemMax: Sysctl setting net.core.wmem_max.

    netIpv4IpLocalPortRange
    string

    NetIpv4IpLocalPortRange: Sysctl setting net.ipv4.ip_local_port_range.

    netIpv4NeighDefaultGcThresh1
    int

    NetIpv4NeighDefaultGcThresh1: Sysctl setting net.ipv4.neigh.default.gc_thresh1.

    netIpv4NeighDefaultGcThresh2
    int

    NetIpv4NeighDefaultGcThresh2: Sysctl setting net.ipv4.neigh.default.gc_thresh2.

    netIpv4NeighDefaultGcThresh3
    int

    NetIpv4NeighDefaultGcThresh3: Sysctl setting net.ipv4.neigh.default.gc_thresh3.

    netIpv4TcpFinTimeout
    int

    NetIpv4TcpFinTimeout: Sysctl setting net.ipv4.tcp_fin_timeout.

    netIpv4TcpKeepaliveProbes
    int

    NetIpv4TcpKeepaliveProbes: Sysctl setting net.ipv4.tcp_keepalive_probes.

    netIpv4TcpKeepaliveTime
    int

    NetIpv4TcpKeepaliveTime: Sysctl setting net.ipv4.tcp_keepalive_time.

    netIpv4TcpMaxSynBacklog
    int

    NetIpv4TcpMaxSynBacklog: Sysctl setting net.ipv4.tcp_max_syn_backlog.

    netIpv4TcpMaxTwBuckets
    int

    NetIpv4TcpMaxTwBuckets: Sysctl setting net.ipv4.tcp_max_tw_buckets.

    netIpv4TcpTwReuse
    bool

    NetIpv4TcpTwReuse: Sysctl setting net.ipv4.tcp_tw_reuse.

    netIpv4TcpkeepaliveIntvl
    int

    NetIpv4TcpkeepaliveIntvl: Sysctl setting net.ipv4.tcp_keepalive_intvl.

    netNetfilterNfConntrackBuckets
    int

    NetNetfilterNfConntrackBuckets: Sysctl setting net.netfilter.nf_conntrack_buckets.

    netNetfilterNfConntrackMax
    int

    NetNetfilterNfConntrackMax: Sysctl setting net.netfilter.nf_conntrack_max.

    vmMaxMapCount
    int

    VmMaxMapCount: Sysctl setting vm.max_map_count.

    vmSwappiness
    int

    VmSwappiness: Sysctl setting vm.swappiness.

    vmVfsCachePressure
    int

    VmVfsCachePressure: Sysctl setting vm.vfs_cache_pressure.

    SystemData_CreatedByType_STATUS (string alias)

    (Appears on:SystemData_STATUS)

    Value Description

    "Application"

    "Key"

    "ManagedIdentity"

    "User"

    SystemData_LastModifiedByType_STATUS (string alias)

    (Appears on:SystemData_STATUS)

    Value Description

    "Application"

    "Key"

    "ManagedIdentity"

    "User"

    SystemData_STATUS

    (Appears on:ManagedCluster_STATUS, TrustedAccessRoleBinding_STATUS)

    Metadata pertaining to creation and last modification of the resource.

    Field Description
    createdAt
    string

    CreatedAt: The timestamp of resource creation (UTC).

    createdBy
    string

    CreatedBy: The identity that created the resource.

    createdByType
    SystemData_CreatedByType_STATUS

    CreatedByType: The type of identity that created the resource.

    lastModifiedAt
    string

    LastModifiedAt: The timestamp of resource last modification (UTC)

    lastModifiedBy
    string

    LastModifiedBy: The identity that last modified the resource.

    lastModifiedByType
    SystemData_LastModifiedByType_STATUS

    LastModifiedByType: The type of identity that last modified the resource.

    TrustedAccessRoleBinding

    Generator information: - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/preview/2024-04-02-preview/managedClusters.json - ARM URI: /​subscriptions/​{subscriptionId}/​resourceGroups/​{resourceGroupName}/​providers/​Microsoft.ContainerService/​managedClusters/​{resourceName}/​trustedAccessRoleBindings/​{trustedAccessRoleBindingName}

    Field Description
    metadata
    Kubernetes meta/v1.ObjectMeta
    Refer to the Kubernetes API documentation for the fields of the metadata field.
    spec
    TrustedAccessRoleBinding_Spec


    azureName
    string

    AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn’t have to be.

    operatorSpec
    TrustedAccessRoleBindingOperatorSpec

    OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not passed directly to Azure

    owner
    genruntime.KnownResourceReference

    Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a containerservice.azure.com/ManagedCluster resource

    roles
    []string

    Roles: A list of roles to bind, each item is a resource type qualified role name. For example: ‘Microsoft.MachineLearningServices/workspaces/reader’.

    sourceResourceReference
    genruntime.ResourceReference

    SourceResourceReference: The ARM resource ID of source resource that trusted access is configured for.

    status
    TrustedAccessRoleBinding_STATUS

    TrustedAccessRoleBindingOperatorSpec

    (Appears on:TrustedAccessRoleBinding_Spec)

    Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure

    Field Description
    configMapExpressions
    []genruntime/core.DestinationExpression

    ConfigMapExpressions: configures where to place operator written dynamic ConfigMaps (created with CEL expressions).

    secretExpressions
    []genruntime/core.DestinationExpression

    SecretExpressions: configures where to place operator written dynamic secrets (created with CEL expressions).

    TrustedAccessRoleBindingProperties_ProvisioningState_STATUS (string alias)

    (Appears on:TrustedAccessRoleBinding_STATUS)

    Value Description

    "Canceled"

    "Deleting"

    "Failed"

    "Succeeded"

    "Updating"

    TrustedAccessRoleBinding_STATUS

    (Appears on:TrustedAccessRoleBinding)

    Field Description
    conditions
    []genruntime/conditions.Condition

    Conditions: The observed state of the resource

    id
    string

    Id: Fully qualified resource ID for the resource. E.g. “/​subscriptions/​{subscriptionId}/​resourceGroups/​{resourceGroupName}/​providers/​{resourceProviderNamespace}/​{resourceType}/​{resourceName}”

    name
    string

    Name: The name of the resource

    provisioningState
    TrustedAccessRoleBindingProperties_ProvisioningState_STATUS

    ProvisioningState: The current provisioning state of trusted access role binding.

    roles
    []string

    Roles: A list of roles to bind, each item is a resource type qualified role name. For example: ‘Microsoft.MachineLearningServices/workspaces/reader’.

    sourceResourceId
    string

    SourceResourceId: The ARM resource ID of source resource that trusted access is configured for.

    systemData
    SystemData_STATUS

    SystemData: Azure Resource Manager metadata containing createdBy and modifiedBy information.

    type
    string

    Type: The type of the resource. E.g. “Microsoft.Compute/virtualMachines” or “Microsoft.Storage/storageAccounts”

    TrustedAccessRoleBinding_Spec

    (Appears on:TrustedAccessRoleBinding)

    Field Description
    azureName
    string

    AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn’t have to be.

    operatorSpec
    TrustedAccessRoleBindingOperatorSpec

    OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not passed directly to Azure

    owner
    genruntime.KnownResourceReference

    Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a containerservice.azure.com/ManagedCluster resource

    roles
    []string

    Roles: A list of roles to bind, each item is a resource type qualified role name. For example: ‘Microsoft.MachineLearningServices/workspaces/reader’.

    sourceResourceReference
    genruntime.ResourceReference

    SourceResourceReference: The ARM resource ID of source resource that trusted access is configured for.

    UpgradeOverrideSettings

    (Appears on:ClusterUpgradeSettings)

    Settings for overrides when upgrading a cluster.

    Field Description
    forceUpgrade
    bool

    ForceUpgrade: Whether to force upgrade the cluster. Note that this option instructs upgrade operation to bypass upgrade protections such as checking for deprecated API usage. Enable this option only with caution.

    until
    string

    Until: Until when the overrides are effective. Note that this only matches the start time of an upgrade, and the effectiveness won’t change once an upgrade starts even if the until expires as upgrade proceeds. This field is not set by default. It must be set for the overrides to take effect.

    UpgradeOverrideSettings_STATUS

    (Appears on:ClusterUpgradeSettings_STATUS)

    Settings for overrides when upgrading a cluster.

    Field Description
    forceUpgrade
    bool

    ForceUpgrade: Whether to force upgrade the cluster. Note that this option instructs upgrade operation to bypass upgrade protections such as checking for deprecated API usage. Enable this option only with caution.

    until
    string

    Until: Until when the overrides are effective. Note that this only matches the start time of an upgrade, and the effectiveness won’t change once an upgrade starts even if the until expires as upgrade proceeds. This field is not set by default. It must be set for the overrides to take effect.

    UserAssignedIdentity

    (Appears on:ManagedClusterPodIdentity, ManagedCluster_Spec)

    Details about a user assigned identity.

    Field Description
    clientId
    string

    ClientId: The client ID of the user assigned identity.

    objectId
    string

    ObjectId: The object ID of the user assigned identity.

    resourceReference
    genruntime.ResourceReference

    ResourceReference: The resource ID of the user assigned identity.

    UserAssignedIdentityDetails

    (Appears on:ManagedClusterIdentity)

    Information about the user assigned identity for the resource

    Field Description
    reference
    genruntime.ResourceReference

    UserAssignedIdentity_STATUS

    (Appears on:ManagedClusterAddonProfile_STATUS, ManagedClusterIngressProfileWebAppRouting_STATUS, ManagedClusterPodIdentity_STATUS, ManagedCluster_STATUS)

    Details about a user assigned identity.

    Field Description
    clientId
    string

    ClientId: The client ID of the user assigned identity.

    objectId
    string

    ObjectId: The object ID of the user assigned identity.

    resourceId
    string

    ResourceId: The resource ID of the user assigned identity.

    VirtualMachineNodes

    (Appears on:ManagedClusterAgentPoolProfile, ManagedClustersAgentPool_Spec)

    Current status on a group of nodes of the same vm size.

    Field Description
    count
    int

    Count: Number of nodes.

    size
    string

    Size: The VM size of the agents used to host this group of nodes.

    VirtualMachineNodes_STATUS

    (Appears on:ManagedClusterAgentPoolProfile_STATUS, ManagedClustersAgentPool_STATUS)

    Current status on a group of nodes of the same vm size.

    Field Description
    count
    int

    Count: Number of nodes.

    size
    string

    Size: The VM size of the agents used to host this group of nodes.

    VirtualMachinesProfile

    (Appears on:ManagedClusterAgentPoolProfile, ManagedClustersAgentPool_Spec)

    Specifications on VirtualMachines agent pool.

    Field Description
    scale
    ScaleProfile

    Scale: Specifications on how to scale a VirtualMachines agent pool.

    VirtualMachinesProfile_STATUS

    (Appears on:ManagedClusterAgentPoolProfile_STATUS, ManagedClustersAgentPool_STATUS)

    Specifications on VirtualMachines agent pool.

    Field Description
    scale
    ScaleProfile_STATUS

    Scale: Specifications on how to scale a VirtualMachines agent pool.

    WindowsGmsaProfile

    (Appears on:ManagedClusterWindowsProfile)

    Windows gMSA Profile in the managed cluster.

    Field Description
    dnsServer
    string

    DnsServer: Specifies the DNS server for Windows gMSA. Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.

    enabled
    bool

    Enabled: Specifies whether to enable Windows gMSA in the managed cluster.

    rootDomainName
    string

    RootDomainName: Specifies the root domain name for Windows gMSA. Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.

    WindowsGmsaProfile_STATUS

    (Appears on:ManagedClusterWindowsProfile_STATUS)

    Windows gMSA Profile in the managed cluster.

    Field Description
    dnsServer
    string

    DnsServer: Specifies the DNS server for Windows gMSA. Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.

    enabled
    bool

    Enabled: Specifies whether to enable Windows gMSA in the managed cluster.

    rootDomainName
    string

    RootDomainName: Specifies the root domain name for Windows gMSA. Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.

    WorkloadRuntime (string alias)

    (Appears on:ManagedClusterAgentPoolProfile, ManagedClustersAgentPool_Spec)

    Determines the type of workload a node can run.

    Value Description

    "KataMshvVmIsolation"

    "OCIContainer"

    "WasmWasi"

    WorkloadRuntime_STATUS (string alias)

    (Appears on:ManagedClusterAgentPoolProfile_STATUS, ManagedClustersAgentPool_STATUS)

    Determines the type of workload a node can run.

    Value Description

    "KataMshvVmIsolation"

    "OCIContainer"

    "WasmWasi"