containerservice.azure.com/v1api20240402preview

APIVersion

Value	Description
“2024-04-02-preview”

ManagedCluster

Generator information: - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/preview/2024-04-02-preview/managedClusters.json - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName}

Used by: ManagedClusterList.

Property	Description	Type
metav1.TypeMeta
metav1.ObjectMeta
spec		ManagedCluster_Spec Optional
status		ManagedCluster_STATUS Optional

ManagedCluster_Spec

Property	Description	Type
aadProfile	The Azure Active Directory configuration.	ManagedClusterAADProfile Optional
addonProfiles	The profile of managed cluster add-on.	map[string]ManagedClusterAddonProfile Optional
agentPoolProfiles	The agent pool properties.	ManagedClusterAgentPoolProfile[] Optional
aiToolchainOperatorProfile	AI toolchain operator settings that apply to the whole cluster.	ManagedClusterAIToolchainOperatorProfile Optional
apiServerAccessProfile	The access profile for managed cluster API server.	ManagedClusterAPIServerAccessProfile Optional
autoScalerProfile	Parameters to be applied to the cluster-autoscaler when enabled	ManagedClusterProperties_AutoScalerProfile Optional
autoUpgradeProfile	The auto upgrade configuration.	ManagedClusterAutoUpgradeProfile Optional
azureMonitorProfile	Prometheus addon profile for the container service cluster	ManagedClusterAzureMonitorProfile Optional
azureName	The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn’t have to be.	string Optional
bootstrapProfile	Profile of the cluster bootstrap configuration.	ManagedClusterBootstrapProfile Optional
creationData	CreationData to be used to specify the source Snapshot ID if the cluster will be created/upgraded using a snapshot.	CreationData Optional
disableLocalAccounts	If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see disable local accounts.	bool Optional
diskEncryptionSetReference	This is of the form: ‘/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}’	genruntime.ResourceReference Optional
dnsPrefix	This cannot be updated once the Managed Cluster has been created.	string Optional
enableNamespaceResources	The default value is false. It can be enabled/disabled on creation and updating of the managed cluster. See https://aka.ms/NamespaceARMResource for more details on Namespace as a ARM Resource.	bool Optional
enablePodSecurityPolicy	(DEPRECATED) Whether to enable Kubernetes pod security policy (preview). PodSecurityPolicy was deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25. Learn more at https://aka.ms/k8s/psp and https://aka.ms/aks/psp.	bool Optional
enableRBAC	Whether to enable Kubernetes Role-Based Access Control.	bool Optional
extendedLocation	The extended location of the Virtual Machine.	ExtendedLocation Optional
fqdnSubdomain	This cannot be updated once the Managed Cluster has been created.	string Optional
httpProxyConfig	Configurations for provisioning the cluster with HTTP proxy servers.	ManagedClusterHTTPProxyConfig Optional
identity	The identity of the managed cluster, if configured.	ManagedClusterIdentity Optional
identityProfile	Identities associated with the cluster.	map[string]UserAssignedIdentity Optional
ingressProfile	Ingress profile for the managed cluster.	ManagedClusterIngressProfile Optional
kind	This is primarily used to expose different UI experiences in the portal for different kinds	string Optional
kubernetesVersion	When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See upgrading an AKS cluster for more details.	string Optional
linuxProfile	The profile for Linux VMs in the Managed Cluster.	ContainerServiceLinuxProfile Optional
location	The geo-location where the resource lives	string Required
metricsProfile	Optional cluster metrics configuration.	ManagedClusterMetricsProfile Optional
networkProfile	The network configuration profile.	ContainerServiceNetworkProfile Optional
nodeProvisioningProfile	Node provisioning settings that apply to the whole cluster.	ManagedClusterNodeProvisioningProfile Optional
nodeResourceGroup	The name of the resource group containing agent pool nodes.	string Optional
nodeResourceGroupProfile	The node resource group configuration profile.	ManagedClusterNodeResourceGroupProfile Optional
oidcIssuerProfile	The OIDC issuer profile of the Managed Cluster.	ManagedClusterOIDCIssuerProfile Optional
operatorSpec	The specification for configuring operator behavior. This field is interpreted by the operator and not passed directly to Azure	ManagedClusterOperatorSpec Optional
owner	The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a resources.azure.com/ResourceGroup resource	genruntime.KnownResourceReference Required
podIdentityProfile	See use AAD pod identity for more details on AAD pod identity integration.	ManagedClusterPodIdentityProfile Optional
privateLinkResources	Private link resources associated with the cluster.	PrivateLinkResource[] Optional
publicNetworkAccess	Allow or deny public network access for AKS	ManagedClusterProperties_PublicNetworkAccess Optional
safeguardsProfile	The Safeguards profile holds all the safeguards information for a given cluster	SafeguardsProfile Optional
securityProfile	Security profile for the managed cluster.	ManagedClusterSecurityProfile Optional
serviceMeshProfile	Service mesh profile for a managed cluster.	ServiceMeshProfile Optional
servicePrincipalProfile	Information about a service principal identity for the cluster to use for manipulating Azure APIs.	ManagedClusterServicePrincipalProfile Optional
sku	The managed cluster SKU.	ManagedClusterSKU Optional
storageProfile	Storage profile for the managed cluster.	ManagedClusterStorageProfile Optional
supportPlan	The support plan for the Managed Cluster. If unspecified, the default is ‘KubernetesOfficial’.	KubernetesSupportPlan Optional
tags	Resource tags.	map[string]string Optional
upgradeSettings	Settings for upgrading a cluster.	ClusterUpgradeSettings Optional
windowsProfile	The profile for Windows VMs in the Managed Cluster.	ManagedClusterWindowsProfile Optional
workloadAutoScalerProfile	Workload Auto-scaler profile for the managed cluster.	ManagedClusterWorkloadAutoScalerProfile Optional

ManagedCluster_STATUS

Property	Description	Type
aadProfile	The Azure Active Directory configuration.	ManagedClusterAADProfile_STATUS Optional
addonProfiles	The profile of managed cluster add-on.	map[string]ManagedClusterAddonProfile_STATUS Optional
agentPoolProfiles	The agent pool properties.	ManagedClusterAgentPoolProfile_STATUS[] Optional
aiToolchainOperatorProfile	AI toolchain operator settings that apply to the whole cluster.	ManagedClusterAIToolchainOperatorProfile_STATUS Optional
apiServerAccessProfile	The access profile for managed cluster API server.	ManagedClusterAPIServerAccessProfile_STATUS Optional
autoScalerProfile	Parameters to be applied to the cluster-autoscaler when enabled	ManagedClusterProperties_AutoScalerProfile_STATUS Optional
autoUpgradeProfile	The auto upgrade configuration.	ManagedClusterAutoUpgradeProfile_STATUS Optional
azureMonitorProfile	Prometheus addon profile for the container service cluster	ManagedClusterAzureMonitorProfile_STATUS Optional
azurePortalFQDN	The Azure Portal requires certain Cross-Origin Resource Sharing (CORS) headers to be sent in some responses, which Kubernetes APIServer doesn’t handle by default. This special FQDN supports CORS, allowing the Azure Portal to function properly.	string Optional
bootstrapProfile	Profile of the cluster bootstrap configuration.	ManagedClusterBootstrapProfile_STATUS Optional
conditions	The observed state of the resource	conditions.Condition[] Optional
creationData	CreationData to be used to specify the source Snapshot ID if the cluster will be created/upgraded using a snapshot.	CreationData_STATUS Optional
currentKubernetesVersion	The version of Kubernetes the Managed Cluster is running.	string Optional
disableLocalAccounts	If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see disable local accounts.	bool Optional
diskEncryptionSetID	This is of the form: ‘/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}’	string Optional
dnsPrefix	This cannot be updated once the Managed Cluster has been created.	string Optional
enableNamespaceResources	The default value is false. It can be enabled/disabled on creation and updating of the managed cluster. See https://aka.ms/NamespaceARMResource for more details on Namespace as a ARM Resource.	bool Optional
enablePodSecurityPolicy	(DEPRECATED) Whether to enable Kubernetes pod security policy (preview). PodSecurityPolicy was deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25. Learn more at https://aka.ms/k8s/psp and https://aka.ms/aks/psp.	bool Optional
enableRBAC	Whether to enable Kubernetes Role-Based Access Control.	bool Optional
eTag	Unique read-only string used to implement optimistic concurrency. The eTag value will change when the resource is updated. Specify an if-match or if-none-match header with the eTag value for a subsequent request to enable optimistic concurrency per the normal etag convention.	string Optional
extendedLocation	The extended location of the Virtual Machine.	ExtendedLocation_STATUS Optional
fqdn	The FQDN of the master pool.	string Optional
fqdnSubdomain	This cannot be updated once the Managed Cluster has been created.	string Optional
httpProxyConfig	Configurations for provisioning the cluster with HTTP proxy servers.	ManagedClusterHTTPProxyConfig_STATUS Optional
id	Fully qualified resource ID for the resource. E.g. “/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}”	string Optional
identity	The identity of the managed cluster, if configured.	ManagedClusterIdentity_STATUS Optional
identityProfile	Identities associated with the cluster.	map[string]UserAssignedIdentity_STATUS Optional
ingressProfile	Ingress profile for the managed cluster.	ManagedClusterIngressProfile_STATUS Optional
kind	This is primarily used to expose different UI experiences in the portal for different kinds	string Optional
kubernetesVersion	When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See upgrading an AKS cluster for more details.	string Optional
linuxProfile	The profile for Linux VMs in the Managed Cluster.	ContainerServiceLinuxProfile_STATUS Optional
location	The geo-location where the resource lives	string Optional
maxAgentPools	The max number of agent pools for the managed cluster.	int Optional
metricsProfile	Optional cluster metrics configuration.	ManagedClusterMetricsProfile_STATUS Optional
name	The name of the resource	string Optional
networkProfile	The network configuration profile.	ContainerServiceNetworkProfile_STATUS Optional
nodeProvisioningProfile	Node provisioning settings that apply to the whole cluster.	ManagedClusterNodeProvisioningProfile_STATUS Optional
nodeResourceGroup	The name of the resource group containing agent pool nodes.	string Optional
nodeResourceGroupProfile	The node resource group configuration profile.	ManagedClusterNodeResourceGroupProfile_STATUS Optional
oidcIssuerProfile	The OIDC issuer profile of the Managed Cluster.	ManagedClusterOIDCIssuerProfile_STATUS Optional
podIdentityProfile	See use AAD pod identity for more details on AAD pod identity integration.	ManagedClusterPodIdentityProfile_STATUS Optional
powerState	The Power State of the cluster.	PowerState_STATUS Optional
privateFQDN	The FQDN of private cluster.	string Optional
privateLinkResources	Private link resources associated with the cluster.	PrivateLinkResource_STATUS[] Optional
provisioningState	The current provisioning state.	string Optional
publicNetworkAccess	Allow or deny public network access for AKS	ManagedClusterProperties_PublicNetworkAccess_STATUS Optional
resourceUID	The resourceUID uniquely identifies ManagedClusters that reuse ARM ResourceIds (i.e: create, delete, create sequence)	string Optional
safeguardsProfile	The Safeguards profile holds all the safeguards information for a given cluster	SafeguardsProfile_STATUS Optional
securityProfile	Security profile for the managed cluster.	ManagedClusterSecurityProfile_STATUS Optional
serviceMeshProfile	Service mesh profile for a managed cluster.	ServiceMeshProfile_STATUS Optional
servicePrincipalProfile	Information about a service principal identity for the cluster to use for manipulating Azure APIs.	ManagedClusterServicePrincipalProfile_STATUS Optional
sku	The managed cluster SKU.	ManagedClusterSKU_STATUS Optional
storageProfile	Storage profile for the managed cluster.	ManagedClusterStorageProfile_STATUS Optional
supportPlan	The support plan for the Managed Cluster. If unspecified, the default is ‘KubernetesOfficial’.	KubernetesSupportPlan_STATUS Optional
systemData	Azure Resource Manager metadata containing createdBy and modifiedBy information.	SystemData_STATUS Optional
tags	Resource tags.	map[string]string Optional
type	The type of the resource. E.g. “Microsoft.Compute/virtualMachines” or “Microsoft.Storage/storageAccounts”	string Optional
upgradeSettings	Settings for upgrading a cluster.	ClusterUpgradeSettings_STATUS Optional
windowsProfile	The profile for Windows VMs in the Managed Cluster.	ManagedClusterWindowsProfile_STATUS Optional
workloadAutoScalerProfile	Workload Auto-scaler profile for the managed cluster.	ManagedClusterWorkloadAutoScalerProfile_STATUS Optional

ManagedClusterList

Property	Description	Type
metav1.TypeMeta
metav1.ListMeta
items		ManagedCluster[] Optional

ManagedClustersAgentPool

Used by: ManagedClustersAgentPoolList.

Property	Description	Type
metav1.TypeMeta
metav1.ObjectMeta
spec		ManagedClustersAgentPool_Spec Optional
status		ManagedClustersAgentPool_STATUS Optional

ManagedClustersAgentPool_Spec

Property	Description	Type
artifactStreamingProfile	Configuration for using artifact streaming on AKS.	AgentPoolArtifactStreamingProfile Optional
availabilityZones	The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is ‘VirtualMachineScaleSets’.	string[] Optional
azureName	The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn’t have to be.	string Optional
capacityReservationGroupReference	AKS will associate the specified agent pool with the Capacity Reservation Group.	genruntime.ResourceReference Optional
count	Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.	int Optional
creationData	CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.	CreationData Optional
enableAutoScaling	Whether to enable auto-scaler	bool Optional
enableCustomCATrust	When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded certificates into node trust stores. Defaults to false.	bool Optional
enableEncryptionAtHost	This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption	bool Optional
enableFIPS	See Add a FIPS-enabled node pool for more details.	bool Optional
enableNodePublicIP	Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see assigning a public IP per node. The default is false.	bool Optional
enableUltraSSD	Whether to enable UltraSSD	bool Optional
gatewayProfile	Profile specific to a managed agent pool in Gateway mode. This field cannot be set if agent pool mode is not Gateway.	AgentPoolGatewayProfile Optional
gpuInstanceProfile	GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.	GPUInstanceProfile Optional
gpuProfile	The GPU settings of an agent pool.	AgentPoolGPUProfile Optional
hostGroupReference	This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see Azure dedicated hosts.	genruntime.ResourceReference Optional
kubeletConfig	The Kubelet configuration on the agent pool nodes.	KubeletConfig Optional
kubeletDiskType	Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.	KubeletDiskType Optional
linuxOSConfig	The OS configuration of Linux agent nodes.	LinuxOSConfig Optional
maxCount	The maximum number of nodes for auto-scaling	int Optional
maxPods	The maximum number of pods that can run on a node.	int Optional
messageOfTheDay	A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script).	string Optional
minCount	The minimum number of nodes for auto-scaling	int Optional
mode	A cluster must have at least one ‘System’ Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools	AgentPoolMode Optional
networkProfile	Network-related settings of an agent pool.	AgentPoolNetworkProfile Optional
nodeInitializationTaints	These taints will not be reconciled by AKS and can be removed with a kubectl call. This field can be modified after node pool is created, but nodes will not be recreated with new taints until another operation that requires recreation (e.g. node image upgrade) happens. These taints allow for required configuration to run before the node is ready to accept workloads, for example ‘key1=value1:NoSchedule’ that then can be removed with `kubectl taint nodes node1 key1=value1:NoSchedule-`	string[] Optional
nodeLabels	The node labels to be persisted across all nodes in agent pool.	map[string]string Optional
nodePublicIPPrefixReference	This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}	genruntime.ResourceReference Optional
nodeTaints	The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.	string[] Optional
operatorSpec	The specification for configuring operator behavior. This field is interpreted by the operator and not passed directly to Azure	ManagedClustersAgentPoolOperatorSpec Optional
orchestratorVersion	Both patch version <major.minor.patch> and <major.minor> are supported. When <major.minor> is specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same <major.minor> once it has been created will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see upgrading a node pool.	string Optional
osDiskSizeGB		ContainerServiceOSDisk Optional
osDiskType	The default is ‘Ephemeral’ if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to ‘Managed’. May not be changed after creation. For more information see Ephemeral OS.	OSDiskType Optional
osSKU	Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is deprecated.	OSSKU Optional
osType	The operating system type. The default is Linux.	OSType Optional
owner	The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a containerservice.azure.com/ManagedCluster resource	genruntime.KnownResourceReference Required
podIPAllocationMode	The IP allocation mode for pods in the agent pool. Must be used with podSubnetId. The default is ‘DynamicIndividual’.	PodIPAllocationMode Optional
podSubnetReference	If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}	genruntime.ResourceReference Optional
powerState	When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded	PowerState Optional
proximityPlacementGroupReference	The ID for Proximity Placement Group.	genruntime.ResourceReference Optional
scaleDownMode	This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.	ScaleDownMode Optional
scaleSetEvictionPolicy	This cannot be specified unless the scaleSetPriority is ‘Spot’. If not specified, the default is ‘Delete’.	ScaleSetEvictionPolicy Optional
scaleSetPriority	The Virtual Machine Scale Set priority. If not specified, the default is ‘Regular’.	ScaleSetPriority Optional
securityProfile	The security settings of an agent pool.	AgentPoolSecurityProfile Optional
spotMaxPrice	Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see spot VMs pricing	float64 Optional
tags	The tags to be persisted on the agent pool virtual machine scale set.	map[string]string Optional
type	The type of Agent Pool.	AgentPoolType Optional
upgradeSettings	Settings for upgrading the agentpool	AgentPoolUpgradeSettings Optional
virtualMachineNodesStatus		VirtualMachineNodes[] Optional
virtualMachinesProfile	Specifications on VirtualMachines agent pool.	VirtualMachinesProfile Optional
vmSize	VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions	string Optional
vnetSubnetReference	If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}	genruntime.ResourceReference Optional
windowsProfile	The Windows agent pool’s specific profile.	AgentPoolWindowsProfile Optional
workloadRuntime	Determines the type of workload a node can run.	WorkloadRuntime Optional

ManagedClustersAgentPool_STATUS

Property	Description	Type
artifactStreamingProfile	Configuration for using artifact streaming on AKS.	AgentPoolArtifactStreamingProfile_STATUS Optional
availabilityZones	The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is ‘VirtualMachineScaleSets’.	string[] Optional
capacityReservationGroupID	AKS will associate the specified agent pool with the Capacity Reservation Group.	string Optional
conditions	The observed state of the resource	conditions.Condition[] Optional
count	Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.	int Optional
creationData	CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.	CreationData_STATUS Optional
currentOrchestratorVersion	If orchestratorVersion was a fully specified version <major.minor.patch>, this field will be exactly equal to it. If orchestratorVersion was <major.minor>, this field will contain the full <major.minor.patch> version being used.	string Optional
enableAutoScaling	Whether to enable auto-scaler	bool Optional
enableCustomCATrust	When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded certificates into node trust stores. Defaults to false.	bool Optional
enableEncryptionAtHost	This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption	bool Optional
enableFIPS	See Add a FIPS-enabled node pool for more details.	bool Optional
enableNodePublicIP	Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see assigning a public IP per node. The default is false.	bool Optional
enableUltraSSD	Whether to enable UltraSSD	bool Optional
eTag	Unique read-only string used to implement optimistic concurrency. The eTag value will change when the resource is updated. Specify an if-match or if-none-match header with the eTag value for a subsequent request to enable optimistic concurrency per the normal etag convention.	string Optional
gatewayProfile	Profile specific to a managed agent pool in Gateway mode. This field cannot be set if agent pool mode is not Gateway.	AgentPoolGatewayProfile_STATUS Optional
gpuInstanceProfile	GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.	GPUInstanceProfile_STATUS Optional
gpuProfile	The GPU settings of an agent pool.	AgentPoolGPUProfile_STATUS Optional
hostGroupID	This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see Azure dedicated hosts.	string Optional
id	Resource ID.	string Optional
kubeletConfig	The Kubelet configuration on the agent pool nodes.	KubeletConfig_STATUS Optional
kubeletDiskType	Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.	KubeletDiskType_STATUS Optional
linuxOSConfig	The OS configuration of Linux agent nodes.	LinuxOSConfig_STATUS Optional
maxCount	The maximum number of nodes for auto-scaling	int Optional
maxPods	The maximum number of pods that can run on a node.	int Optional
messageOfTheDay	A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script).	string Optional
minCount	The minimum number of nodes for auto-scaling	int Optional
mode	A cluster must have at least one ‘System’ Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools	AgentPoolMode_STATUS Optional
name	The name of the resource that is unique within a resource group. This name can be used to access the resource.	string Optional
networkProfile	Network-related settings of an agent pool.	AgentPoolNetworkProfile_STATUS Optional
nodeImageVersion	The version of node image	string Optional
nodeInitializationTaints	These taints will not be reconciled by AKS and can be removed with a kubectl call. This field can be modified after node pool is created, but nodes will not be recreated with new taints until another operation that requires recreation (e.g. node image upgrade) happens. These taints allow for required configuration to run before the node is ready to accept workloads, for example ‘key1=value1:NoSchedule’ that then can be removed with `kubectl taint nodes node1 key1=value1:NoSchedule-`	string[] Optional
nodeLabels	The node labels to be persisted across all nodes in agent pool.	map[string]string Optional
nodePublicIPPrefixID	This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}	string Optional
nodeTaints	The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.	string[] Optional
orchestratorVersion	Both patch version <major.minor.patch> and <major.minor> are supported. When <major.minor> is specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same <major.minor> once it has been created will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see upgrading a node pool.	string Optional
osDiskSizeGB		int Optional
osDiskType	The default is ‘Ephemeral’ if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to ‘Managed’. May not be changed after creation. For more information see Ephemeral OS.	OSDiskType_STATUS Optional
osSKU	Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is deprecated.	OSSKU_STATUS Optional
osType	The operating system type. The default is Linux.	OSType_STATUS Optional
podIPAllocationMode	The IP allocation mode for pods in the agent pool. Must be used with podSubnetId. The default is ‘DynamicIndividual’.	PodIPAllocationMode_STATUS Optional
podSubnetID	If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}	string Optional
powerState	When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded	PowerState_STATUS Optional
properties_type	The type of Agent Pool.	AgentPoolType_STATUS Optional
provisioningState	The current deployment or provisioning state.	string Optional
proximityPlacementGroupID	The ID for Proximity Placement Group.	string Optional
scaleDownMode	This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.	ScaleDownMode_STATUS Optional
scaleSetEvictionPolicy	This cannot be specified unless the scaleSetPriority is ‘Spot’. If not specified, the default is ‘Delete’.	ScaleSetEvictionPolicy_STATUS Optional
scaleSetPriority	The Virtual Machine Scale Set priority. If not specified, the default is ‘Regular’.	ScaleSetPriority_STATUS Optional
securityProfile	The security settings of an agent pool.	AgentPoolSecurityProfile_STATUS Optional
spotMaxPrice	Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see spot VMs pricing	float64 Optional
tags	The tags to be persisted on the agent pool virtual machine scale set.	map[string]string Optional
type	Resource type	string Optional
upgradeSettings	Settings for upgrading the agentpool	AgentPoolUpgradeSettings_STATUS Optional
virtualMachineNodesStatus		VirtualMachineNodes_STATUS[] Optional
virtualMachinesProfile	Specifications on VirtualMachines agent pool.	VirtualMachinesProfile_STATUS Optional
vmSize	VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions	string Optional
vnetSubnetID	If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}	string Optional
windowsProfile	The Windows agent pool’s specific profile.	AgentPoolWindowsProfile_STATUS Optional
workloadRuntime	Determines the type of workload a node can run.	WorkloadRuntime_STATUS Optional

ManagedClustersAgentPoolList

Property	Description	Type
metav1.TypeMeta
metav1.ListMeta
items		ManagedClustersAgentPool[] Optional

TrustedAccessRoleBinding

Used by: TrustedAccessRoleBindingList.

Property	Description	Type
metav1.TypeMeta
metav1.ObjectMeta
spec		TrustedAccessRoleBinding_Spec Optional
status		TrustedAccessRoleBinding_STATUS Optional

TrustedAccessRoleBinding_Spec

Property	Description	Type
azureName	The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn’t have to be.	string Optional
operatorSpec	The specification for configuring operator behavior. This field is interpreted by the operator and not passed directly to Azure	TrustedAccessRoleBindingOperatorSpec Optional
owner	The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a containerservice.azure.com/ManagedCluster resource	genruntime.KnownResourceReference Required
roles	A list of roles to bind, each item is a resource type qualified role name. For example: ‘Microsoft.MachineLearningServices/workspaces/reader’.	string[] Required
sourceResourceReference	The ARM resource ID of source resource that trusted access is configured for.	genruntime.ResourceReference Required

TrustedAccessRoleBinding_STATUS

Property	Description	Type
conditions	The observed state of the resource	conditions.Condition[] Optional
id	Fully qualified resource ID for the resource. E.g. “/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}”	string Optional
name	The name of the resource	string Optional
provisioningState	The current provisioning state of trusted access role binding.	TrustedAccessRoleBindingProperties_ProvisioningState_STATUS Optional
roles	A list of roles to bind, each item is a resource type qualified role name. For example: ‘Microsoft.MachineLearningServices/workspaces/reader’.	string[] Optional
sourceResourceId	The ARM resource ID of source resource that trusted access is configured for.	string Optional
systemData	Azure Resource Manager metadata containing createdBy and modifiedBy information.	SystemData_STATUS Optional
type	The type of the resource. E.g. “Microsoft.Compute/virtualMachines” or “Microsoft.Storage/storageAccounts”	string Optional

TrustedAccessRoleBindingList

Property	Description	Type
metav1.TypeMeta
metav1.ListMeta
items		TrustedAccessRoleBinding[] Optional

ManagedCluster_Spec

Used by: ManagedCluster.

Property	Description	Type
aadProfile	The Azure Active Directory configuration.	ManagedClusterAADProfile Optional
addonProfiles	The profile of managed cluster add-on.	map[string]ManagedClusterAddonProfile Optional
agentPoolProfiles	The agent pool properties.	ManagedClusterAgentPoolProfile[] Optional
aiToolchainOperatorProfile	AI toolchain operator settings that apply to the whole cluster.	ManagedClusterAIToolchainOperatorProfile Optional
apiServerAccessProfile	The access profile for managed cluster API server.	ManagedClusterAPIServerAccessProfile Optional
autoScalerProfile	Parameters to be applied to the cluster-autoscaler when enabled	ManagedClusterProperties_AutoScalerProfile Optional
autoUpgradeProfile	The auto upgrade configuration.	ManagedClusterAutoUpgradeProfile Optional
azureMonitorProfile	Prometheus addon profile for the container service cluster	ManagedClusterAzureMonitorProfile Optional
azureName	The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn’t have to be.	string Optional
bootstrapProfile	Profile of the cluster bootstrap configuration.	ManagedClusterBootstrapProfile Optional
creationData	CreationData to be used to specify the source Snapshot ID if the cluster will be created/upgraded using a snapshot.	CreationData Optional
disableLocalAccounts	If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see disable local accounts.	bool Optional
diskEncryptionSetReference	This is of the form: ‘/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}’	genruntime.ResourceReference Optional
dnsPrefix	This cannot be updated once the Managed Cluster has been created.	string Optional
enableNamespaceResources	The default value is false. It can be enabled/disabled on creation and updating of the managed cluster. See https://aka.ms/NamespaceARMResource for more details on Namespace as a ARM Resource.	bool Optional
enablePodSecurityPolicy	(DEPRECATED) Whether to enable Kubernetes pod security policy (preview). PodSecurityPolicy was deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25. Learn more at https://aka.ms/k8s/psp and https://aka.ms/aks/psp.	bool Optional
enableRBAC	Whether to enable Kubernetes Role-Based Access Control.	bool Optional
extendedLocation	The extended location of the Virtual Machine.	ExtendedLocation Optional
fqdnSubdomain	This cannot be updated once the Managed Cluster has been created.	string Optional
httpProxyConfig	Configurations for provisioning the cluster with HTTP proxy servers.	ManagedClusterHTTPProxyConfig Optional
identity	The identity of the managed cluster, if configured.	ManagedClusterIdentity Optional
identityProfile	Identities associated with the cluster.	map[string]UserAssignedIdentity Optional
ingressProfile	Ingress profile for the managed cluster.	ManagedClusterIngressProfile Optional
kind	This is primarily used to expose different UI experiences in the portal for different kinds	string Optional
kubernetesVersion	When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See upgrading an AKS cluster for more details.	string Optional
linuxProfile	The profile for Linux VMs in the Managed Cluster.	ContainerServiceLinuxProfile Optional
location	The geo-location where the resource lives	string Required
metricsProfile	Optional cluster metrics configuration.	ManagedClusterMetricsProfile Optional
networkProfile	The network configuration profile.	ContainerServiceNetworkProfile Optional
nodeProvisioningProfile	Node provisioning settings that apply to the whole cluster.	ManagedClusterNodeProvisioningProfile Optional
nodeResourceGroup	The name of the resource group containing agent pool nodes.	string Optional
nodeResourceGroupProfile	The node resource group configuration profile.	ManagedClusterNodeResourceGroupProfile Optional
oidcIssuerProfile	The OIDC issuer profile of the Managed Cluster.	ManagedClusterOIDCIssuerProfile Optional
operatorSpec	The specification for configuring operator behavior. This field is interpreted by the operator and not passed directly to Azure	ManagedClusterOperatorSpec Optional
owner	The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a resources.azure.com/ResourceGroup resource	genruntime.KnownResourceReference Required
podIdentityProfile	See use AAD pod identity for more details on AAD pod identity integration.	ManagedClusterPodIdentityProfile Optional
privateLinkResources	Private link resources associated with the cluster.	PrivateLinkResource[] Optional
publicNetworkAccess	Allow or deny public network access for AKS	ManagedClusterProperties_PublicNetworkAccess Optional
safeguardsProfile	The Safeguards profile holds all the safeguards information for a given cluster	SafeguardsProfile Optional
securityProfile	Security profile for the managed cluster.	ManagedClusterSecurityProfile Optional
serviceMeshProfile	Service mesh profile for a managed cluster.	ServiceMeshProfile Optional
servicePrincipalProfile	Information about a service principal identity for the cluster to use for manipulating Azure APIs.	ManagedClusterServicePrincipalProfile Optional
sku	The managed cluster SKU.	ManagedClusterSKU Optional
storageProfile	Storage profile for the managed cluster.	ManagedClusterStorageProfile Optional
supportPlan	The support plan for the Managed Cluster. If unspecified, the default is ‘KubernetesOfficial’.	KubernetesSupportPlan Optional
tags	Resource tags.	map[string]string Optional
upgradeSettings	Settings for upgrading a cluster.	ClusterUpgradeSettings Optional
windowsProfile	The profile for Windows VMs in the Managed Cluster.	ManagedClusterWindowsProfile Optional
workloadAutoScalerProfile	Workload Auto-scaler profile for the managed cluster.	ManagedClusterWorkloadAutoScalerProfile Optional

ManagedCluster_STATUS

Managed cluster.

Used by: ManagedCluster.

Property	Description	Type
aadProfile	The Azure Active Directory configuration.	ManagedClusterAADProfile_STATUS Optional
addonProfiles	The profile of managed cluster add-on.	map[string]ManagedClusterAddonProfile_STATUS Optional
agentPoolProfiles	The agent pool properties.	ManagedClusterAgentPoolProfile_STATUS[] Optional
aiToolchainOperatorProfile	AI toolchain operator settings that apply to the whole cluster.	ManagedClusterAIToolchainOperatorProfile_STATUS Optional
apiServerAccessProfile	The access profile for managed cluster API server.	ManagedClusterAPIServerAccessProfile_STATUS Optional
autoScalerProfile	Parameters to be applied to the cluster-autoscaler when enabled	ManagedClusterProperties_AutoScalerProfile_STATUS Optional
autoUpgradeProfile	The auto upgrade configuration.	ManagedClusterAutoUpgradeProfile_STATUS Optional
azureMonitorProfile	Prometheus addon profile for the container service cluster	ManagedClusterAzureMonitorProfile_STATUS Optional
azurePortalFQDN	The Azure Portal requires certain Cross-Origin Resource Sharing (CORS) headers to be sent in some responses, which Kubernetes APIServer doesn’t handle by default. This special FQDN supports CORS, allowing the Azure Portal to function properly.	string Optional
bootstrapProfile	Profile of the cluster bootstrap configuration.	ManagedClusterBootstrapProfile_STATUS Optional
conditions	The observed state of the resource	conditions.Condition[] Optional
creationData	CreationData to be used to specify the source Snapshot ID if the cluster will be created/upgraded using a snapshot.	CreationData_STATUS Optional
currentKubernetesVersion	The version of Kubernetes the Managed Cluster is running.	string Optional
disableLocalAccounts	If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see disable local accounts.	bool Optional
diskEncryptionSetID	This is of the form: ‘/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}’	string Optional
dnsPrefix	This cannot be updated once the Managed Cluster has been created.	string Optional
enableNamespaceResources	The default value is false. It can be enabled/disabled on creation and updating of the managed cluster. See https://aka.ms/NamespaceARMResource for more details on Namespace as a ARM Resource.	bool Optional
enablePodSecurityPolicy	(DEPRECATED) Whether to enable Kubernetes pod security policy (preview). PodSecurityPolicy was deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25. Learn more at https://aka.ms/k8s/psp and https://aka.ms/aks/psp.	bool Optional
enableRBAC	Whether to enable Kubernetes Role-Based Access Control.	bool Optional
eTag	Unique read-only string used to implement optimistic concurrency. The eTag value will change when the resource is updated. Specify an if-match or if-none-match header with the eTag value for a subsequent request to enable optimistic concurrency per the normal etag convention.	string Optional
extendedLocation	The extended location of the Virtual Machine.	ExtendedLocation_STATUS Optional
fqdn	The FQDN of the master pool.	string Optional
fqdnSubdomain	This cannot be updated once the Managed Cluster has been created.	string Optional
httpProxyConfig	Configurations for provisioning the cluster with HTTP proxy servers.	ManagedClusterHTTPProxyConfig_STATUS Optional
id	Fully qualified resource ID for the resource. E.g. “/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}”	string Optional
identity	The identity of the managed cluster, if configured.	ManagedClusterIdentity_STATUS Optional
identityProfile	Identities associated with the cluster.	map[string]UserAssignedIdentity_STATUS Optional
ingressProfile	Ingress profile for the managed cluster.	ManagedClusterIngressProfile_STATUS Optional
kind	This is primarily used to expose different UI experiences in the portal for different kinds	string Optional
kubernetesVersion	When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See upgrading an AKS cluster for more details.	string Optional
linuxProfile	The profile for Linux VMs in the Managed Cluster.	ContainerServiceLinuxProfile_STATUS Optional
location	The geo-location where the resource lives	string Optional
maxAgentPools	The max number of agent pools for the managed cluster.	int Optional
metricsProfile	Optional cluster metrics configuration.	ManagedClusterMetricsProfile_STATUS Optional
name	The name of the resource	string Optional
networkProfile	The network configuration profile.	ContainerServiceNetworkProfile_STATUS Optional
nodeProvisioningProfile	Node provisioning settings that apply to the whole cluster.	ManagedClusterNodeProvisioningProfile_STATUS Optional
nodeResourceGroup	The name of the resource group containing agent pool nodes.	string Optional
nodeResourceGroupProfile	The node resource group configuration profile.	ManagedClusterNodeResourceGroupProfile_STATUS Optional
oidcIssuerProfile	The OIDC issuer profile of the Managed Cluster.	ManagedClusterOIDCIssuerProfile_STATUS Optional
podIdentityProfile	See use AAD pod identity for more details on AAD pod identity integration.	ManagedClusterPodIdentityProfile_STATUS Optional
powerState	The Power State of the cluster.	PowerState_STATUS Optional
privateFQDN	The FQDN of private cluster.	string Optional
privateLinkResources	Private link resources associated with the cluster.	PrivateLinkResource_STATUS[] Optional
provisioningState	The current provisioning state.	string Optional
publicNetworkAccess	Allow or deny public network access for AKS	ManagedClusterProperties_PublicNetworkAccess_STATUS Optional
resourceUID	The resourceUID uniquely identifies ManagedClusters that reuse ARM ResourceIds (i.e: create, delete, create sequence)	string Optional
safeguardsProfile	The Safeguards profile holds all the safeguards information for a given cluster	SafeguardsProfile_STATUS Optional
securityProfile	Security profile for the managed cluster.	ManagedClusterSecurityProfile_STATUS Optional
serviceMeshProfile	Service mesh profile for a managed cluster.	ServiceMeshProfile_STATUS Optional
servicePrincipalProfile	Information about a service principal identity for the cluster to use for manipulating Azure APIs.	ManagedClusterServicePrincipalProfile_STATUS Optional
sku	The managed cluster SKU.	ManagedClusterSKU_STATUS Optional
storageProfile	Storage profile for the managed cluster.	ManagedClusterStorageProfile_STATUS Optional
supportPlan	The support plan for the Managed Cluster. If unspecified, the default is ‘KubernetesOfficial’.	KubernetesSupportPlan_STATUS Optional
systemData	Azure Resource Manager metadata containing createdBy and modifiedBy information.	SystemData_STATUS Optional
tags	Resource tags.	map[string]string Optional
type	The type of the resource. E.g. “Microsoft.Compute/virtualMachines” or “Microsoft.Storage/storageAccounts”	string Optional
upgradeSettings	Settings for upgrading a cluster.	ClusterUpgradeSettings_STATUS Optional
windowsProfile	The profile for Windows VMs in the Managed Cluster.	ManagedClusterWindowsProfile_STATUS Optional
workloadAutoScalerProfile	Workload Auto-scaler profile for the managed cluster.	ManagedClusterWorkloadAutoScalerProfile_STATUS Optional

ManagedClustersAgentPool_Spec

Used by: ManagedClustersAgentPool.

Property	Description	Type
artifactStreamingProfile	Configuration for using artifact streaming on AKS.	AgentPoolArtifactStreamingProfile Optional
availabilityZones	The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is ‘VirtualMachineScaleSets’.	string[] Optional
azureName	The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn’t have to be.	string Optional
capacityReservationGroupReference	AKS will associate the specified agent pool with the Capacity Reservation Group.	genruntime.ResourceReference Optional
count	Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.	int Optional
creationData	CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.	CreationData Optional
enableAutoScaling	Whether to enable auto-scaler	bool Optional
enableCustomCATrust	When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded certificates into node trust stores. Defaults to false.	bool Optional
enableEncryptionAtHost	This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption	bool Optional
enableFIPS	See Add a FIPS-enabled node pool for more details.	bool Optional
enableNodePublicIP	Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see assigning a public IP per node. The default is false.	bool Optional
enableUltraSSD	Whether to enable UltraSSD	bool Optional
gatewayProfile	Profile specific to a managed agent pool in Gateway mode. This field cannot be set if agent pool mode is not Gateway.	AgentPoolGatewayProfile Optional
gpuInstanceProfile	GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.	GPUInstanceProfile Optional
gpuProfile	The GPU settings of an agent pool.	AgentPoolGPUProfile Optional
hostGroupReference	This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see Azure dedicated hosts.	genruntime.ResourceReference Optional
kubeletConfig	The Kubelet configuration on the agent pool nodes.	KubeletConfig Optional
kubeletDiskType	Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.	KubeletDiskType Optional
linuxOSConfig	The OS configuration of Linux agent nodes.	LinuxOSConfig Optional
maxCount	The maximum number of nodes for auto-scaling	int Optional
maxPods	The maximum number of pods that can run on a node.	int Optional
messageOfTheDay	A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script).	string Optional
minCount	The minimum number of nodes for auto-scaling	int Optional
mode	A cluster must have at least one ‘System’ Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools	AgentPoolMode Optional
networkProfile	Network-related settings of an agent pool.	AgentPoolNetworkProfile Optional
nodeInitializationTaints	These taints will not be reconciled by AKS and can be removed with a kubectl call. This field can be modified after node pool is created, but nodes will not be recreated with new taints until another operation that requires recreation (e.g. node image upgrade) happens. These taints allow for required configuration to run before the node is ready to accept workloads, for example ‘key1=value1:NoSchedule’ that then can be removed with `kubectl taint nodes node1 key1=value1:NoSchedule-`	string[] Optional
nodeLabels	The node labels to be persisted across all nodes in agent pool.	map[string]string Optional
nodePublicIPPrefixReference	This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}	genruntime.ResourceReference Optional
nodeTaints	The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.	string[] Optional
operatorSpec	The specification for configuring operator behavior. This field is interpreted by the operator and not passed directly to Azure	ManagedClustersAgentPoolOperatorSpec Optional
orchestratorVersion	Both patch version <major.minor.patch> and <major.minor> are supported. When <major.minor> is specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same <major.minor> once it has been created will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see upgrading a node pool.	string Optional
osDiskSizeGB		ContainerServiceOSDisk Optional
osDiskType	The default is ‘Ephemeral’ if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to ‘Managed’. May not be changed after creation. For more information see Ephemeral OS.	OSDiskType Optional
osSKU	Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is deprecated.	OSSKU Optional
osType	The operating system type. The default is Linux.	OSType Optional
owner	The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a containerservice.azure.com/ManagedCluster resource	genruntime.KnownResourceReference Required
podIPAllocationMode	The IP allocation mode for pods in the agent pool. Must be used with podSubnetId. The default is ‘DynamicIndividual’.	PodIPAllocationMode Optional
podSubnetReference	If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}	genruntime.ResourceReference Optional
powerState	When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded	PowerState Optional
proximityPlacementGroupReference	The ID for Proximity Placement Group.	genruntime.ResourceReference Optional
scaleDownMode	This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.	ScaleDownMode Optional
scaleSetEvictionPolicy	This cannot be specified unless the scaleSetPriority is ‘Spot’. If not specified, the default is ‘Delete’.	ScaleSetEvictionPolicy Optional
scaleSetPriority	The Virtual Machine Scale Set priority. If not specified, the default is ‘Regular’.	ScaleSetPriority Optional
securityProfile	The security settings of an agent pool.	AgentPoolSecurityProfile Optional
spotMaxPrice	Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see spot VMs pricing	float64 Optional
tags	The tags to be persisted on the agent pool virtual machine scale set.	map[string]string Optional
type	The type of Agent Pool.	AgentPoolType Optional
upgradeSettings	Settings for upgrading the agentpool	AgentPoolUpgradeSettings Optional
virtualMachineNodesStatus		VirtualMachineNodes[] Optional
virtualMachinesProfile	Specifications on VirtualMachines agent pool.	VirtualMachinesProfile Optional
vmSize	VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions	string Optional
vnetSubnetReference	If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}	genruntime.ResourceReference Optional
windowsProfile	The Windows agent pool’s specific profile.	AgentPoolWindowsProfile Optional
workloadRuntime	Determines the type of workload a node can run.	WorkloadRuntime Optional

ManagedClustersAgentPool_STATUS

Used by: ManagedClustersAgentPool.

Property	Description	Type
artifactStreamingProfile	Configuration for using artifact streaming on AKS.	AgentPoolArtifactStreamingProfile_STATUS Optional
availabilityZones	The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is ‘VirtualMachineScaleSets’.	string[] Optional
capacityReservationGroupID	AKS will associate the specified agent pool with the Capacity Reservation Group.	string Optional
conditions	The observed state of the resource	conditions.Condition[] Optional
count	Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.	int Optional
creationData	CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.	CreationData_STATUS Optional
currentOrchestratorVersion	If orchestratorVersion was a fully specified version <major.minor.patch>, this field will be exactly equal to it. If orchestratorVersion was <major.minor>, this field will contain the full <major.minor.patch> version being used.	string Optional
enableAutoScaling	Whether to enable auto-scaler	bool Optional
enableCustomCATrust	When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded certificates into node trust stores. Defaults to false.	bool Optional
enableEncryptionAtHost	This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption	bool Optional
enableFIPS	See Add a FIPS-enabled node pool for more details.	bool Optional
enableNodePublicIP	Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see assigning a public IP per node. The default is false.	bool Optional
enableUltraSSD	Whether to enable UltraSSD	bool Optional
eTag	Unique read-only string used to implement optimistic concurrency. The eTag value will change when the resource is updated. Specify an if-match or if-none-match header with the eTag value for a subsequent request to enable optimistic concurrency per the normal etag convention.	string Optional
gatewayProfile	Profile specific to a managed agent pool in Gateway mode. This field cannot be set if agent pool mode is not Gateway.	AgentPoolGatewayProfile_STATUS Optional
gpuInstanceProfile	GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.	GPUInstanceProfile_STATUS Optional
gpuProfile	The GPU settings of an agent pool.	AgentPoolGPUProfile_STATUS Optional
hostGroupID	This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see Azure dedicated hosts.	string Optional
id	Resource ID.	string Optional
kubeletConfig	The Kubelet configuration on the agent pool nodes.	KubeletConfig_STATUS Optional
kubeletDiskType	Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.	KubeletDiskType_STATUS Optional
linuxOSConfig	The OS configuration of Linux agent nodes.	LinuxOSConfig_STATUS Optional
maxCount	The maximum number of nodes for auto-scaling	int Optional
maxPods	The maximum number of pods that can run on a node.	int Optional
messageOfTheDay	A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script).	string Optional
minCount	The minimum number of nodes for auto-scaling	int Optional
mode	A cluster must have at least one ‘System’ Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools	AgentPoolMode_STATUS Optional
name	The name of the resource that is unique within a resource group. This name can be used to access the resource.	string Optional
networkProfile	Network-related settings of an agent pool.	AgentPoolNetworkProfile_STATUS Optional
nodeImageVersion	The version of node image	string Optional
nodeInitializationTaints	These taints will not be reconciled by AKS and can be removed with a kubectl call. This field can be modified after node pool is created, but nodes will not be recreated with new taints until another operation that requires recreation (e.g. node image upgrade) happens. These taints allow for required configuration to run before the node is ready to accept workloads, for example ‘key1=value1:NoSchedule’ that then can be removed with `kubectl taint nodes node1 key1=value1:NoSchedule-`	string[] Optional
nodeLabels	The node labels to be persisted across all nodes in agent pool.	map[string]string Optional
nodePublicIPPrefixID	This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}	string Optional
nodeTaints	The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.	string[] Optional
orchestratorVersion	Both patch version <major.minor.patch> and <major.minor> are supported. When <major.minor> is specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same <major.minor> once it has been created will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see upgrading a node pool.	string Optional
osDiskSizeGB		int Optional
osDiskType	The default is ‘Ephemeral’ if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to ‘Managed’. May not be changed after creation. For more information see Ephemeral OS.	OSDiskType_STATUS Optional
osSKU	Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is deprecated.	OSSKU_STATUS Optional
osType	The operating system type. The default is Linux.	OSType_STATUS Optional
podIPAllocationMode	The IP allocation mode for pods in the agent pool. Must be used with podSubnetId. The default is ‘DynamicIndividual’.	PodIPAllocationMode_STATUS Optional
podSubnetID	If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}	string Optional
powerState	When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded	PowerState_STATUS Optional
properties_type	The type of Agent Pool.	AgentPoolType_STATUS Optional
provisioningState	The current deployment or provisioning state.	string Optional
proximityPlacementGroupID	The ID for Proximity Placement Group.	string Optional
scaleDownMode	This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.	ScaleDownMode_STATUS Optional
scaleSetEvictionPolicy	This cannot be specified unless the scaleSetPriority is ‘Spot’. If not specified, the default is ‘Delete’.	ScaleSetEvictionPolicy_STATUS Optional
scaleSetPriority	The Virtual Machine Scale Set priority. If not specified, the default is ‘Regular’.	ScaleSetPriority_STATUS Optional
securityProfile	The security settings of an agent pool.	AgentPoolSecurityProfile_STATUS Optional
spotMaxPrice	Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see spot VMs pricing	float64 Optional
tags	The tags to be persisted on the agent pool virtual machine scale set.	map[string]string Optional
type	Resource type	string Optional
upgradeSettings	Settings for upgrading the agentpool	AgentPoolUpgradeSettings_STATUS Optional
virtualMachineNodesStatus		VirtualMachineNodes_STATUS[] Optional
virtualMachinesProfile	Specifications on VirtualMachines agent pool.	VirtualMachinesProfile_STATUS Optional
vmSize	VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions	string Optional
vnetSubnetID	If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}	string Optional
windowsProfile	The Windows agent pool’s specific profile.	AgentPoolWindowsProfile_STATUS Optional
workloadRuntime	Determines the type of workload a node can run.	WorkloadRuntime_STATUS Optional

TrustedAccessRoleBinding_Spec

Used by: TrustedAccessRoleBinding.

Property	Description	Type
azureName	The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn’t have to be.	string Optional
operatorSpec	The specification for configuring operator behavior. This field is interpreted by the operator and not passed directly to Azure	TrustedAccessRoleBindingOperatorSpec Optional
owner	The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a containerservice.azure.com/ManagedCluster resource	genruntime.KnownResourceReference Required
roles	A list of roles to bind, each item is a resource type qualified role name. For example: ‘Microsoft.MachineLearningServices/workspaces/reader’.	string[] Required
sourceResourceReference	The ARM resource ID of source resource that trusted access is configured for.	genruntime.ResourceReference Required

TrustedAccessRoleBinding_STATUS

Used by: TrustedAccessRoleBinding.

Property	Description	Type
conditions	The observed state of the resource	conditions.Condition[] Optional
id	Fully qualified resource ID for the resource. E.g. “/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}”	string Optional
name	The name of the resource	string Optional
provisioningState	The current provisioning state of trusted access role binding.	TrustedAccessRoleBindingProperties_ProvisioningState_STATUS Optional
roles	A list of roles to bind, each item is a resource type qualified role name. For example: ‘Microsoft.MachineLearningServices/workspaces/reader’.	string[] Optional
sourceResourceId	The ARM resource ID of source resource that trusted access is configured for.	string Optional
systemData	Azure Resource Manager metadata containing createdBy and modifiedBy information.	SystemData_STATUS Optional
type	The type of the resource. E.g. “Microsoft.Compute/virtualMachines” or “Microsoft.Storage/storageAccounts”	string Optional

AgentPoolArtifactStreamingProfile

Used by: ManagedClusterAgentPoolProfile, and ManagedClustersAgentPool_Spec.

Property	Description	Type
enabled	Artifact streaming speeds up the cold-start of containers on a node through on-demand image loading. To use this feature, container images must also enable artifact streaming on ACR. If not specified, the default is false.	bool Optional

AgentPoolArtifactStreamingProfile_STATUS

Used by: ManagedClusterAgentPoolProfile_STATUS, and ManagedClustersAgentPool_STATUS.

Property	Description	Type
enabled	Artifact streaming speeds up the cold-start of containers on a node through on-demand image loading. To use this feature, container images must also enable artifact streaming on ACR. If not specified, the default is false.	bool Optional

AgentPoolGatewayProfile

Profile of the managed cluster gateway agent pool.

Used by: ManagedClusterAgentPoolProfile, and ManagedClustersAgentPool_Spec.

Property	Description	Type
publicIPPrefixSize	The Gateway agent pool associates one public IPPrefix for each static egress gateway to provide public egress. The size of Public IPPrefix should be selected by the user. Each node in the agent pool is assigned with one IP from the IPPrefix. The IPPrefix size thus serves as a cap on the size of the Gateway agent pool. Due to Azure public IPPrefix size limitation, the valid value range is [28, 31](/31 = 2 nodes/IPs, /30 = 4 nodes/IPs, /29 = 8 nodes/IPs, /28 = 16 nodes/IPs). The default value is 31.	int Optional

AgentPoolGatewayProfile_STATUS

Profile of the managed cluster gateway agent pool.

Used by: ManagedClusterAgentPoolProfile_STATUS, and ManagedClustersAgentPool_STATUS.

Property	Description	Type
publicIPPrefixSize	The Gateway agent pool associates one public IPPrefix for each static egress gateway to provide public egress. The size of Public IPPrefix should be selected by the user. Each node in the agent pool is assigned with one IP from the IPPrefix. The IPPrefix size thus serves as a cap on the size of the Gateway agent pool. Due to Azure public IPPrefix size limitation, the valid value range is [28, 31](/31 = 2 nodes/IPs, /30 = 4 nodes/IPs, /29 = 8 nodes/IPs, /28 = 16 nodes/IPs). The default value is 31.	int Optional

AgentPoolGPUProfile

Used by: ManagedClusterAgentPoolProfile, and ManagedClustersAgentPool_Spec.

Property	Description	Type
installGPUDriver	The default value is true when the vmSize of the agent pool contains a GPU, false otherwise. GPU Driver Installation can only be set true when VM has an associated GPU resource. Setting this field to false prevents automatic GPU driver installation. In that case, in order for the GPU to be usable, the user must perform GPU driver installation themselves.	bool Optional

AgentPoolGPUProfile_STATUS

Used by: ManagedClusterAgentPoolProfile_STATUS, and ManagedClustersAgentPool_STATUS.

Property	Description	Type
installGPUDriver	The default value is true when the vmSize of the agent pool contains a GPU, false otherwise. GPU Driver Installation can only be set true when VM has an associated GPU resource. Setting this field to false prevents automatic GPU driver installation. In that case, in order for the GPU to be usable, the user must perform GPU driver installation themselves.	bool Optional

AgentPoolMode

A cluster must have at least one ‘System’ Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools

Used by: ManagedClusterAgentPoolProfile, and ManagedClustersAgentPool_Spec.

Value	Description
“Gateway”
“System”
“User”

AgentPoolMode_STATUS

Used by: ManagedClusterAgentPoolProfile_STATUS, and ManagedClustersAgentPool_STATUS.

Value	Description
“Gateway”
“System”
“User”

AgentPoolNetworkProfile

Network settings of an agent pool.

Used by: ManagedClusterAgentPoolProfile, and ManagedClustersAgentPool_Spec.

Property	Description	Type
allowedHostPorts	The port ranges that are allowed to access. The specified ranges are allowed to overlap.	PortRange[] Optional
applicationSecurityGroupsReferences	The IDs of the application security groups which agent pool will associate when created.	genruntime.ResourceReference[] Optional
nodePublicIPTags	IPTags of instance-level public IPs.	IPTag[] Optional

AgentPoolNetworkProfile_STATUS

Network settings of an agent pool.

Used by: ManagedClusterAgentPoolProfile_STATUS, and ManagedClustersAgentPool_STATUS.

Property	Description	Type
allowedHostPorts	The port ranges that are allowed to access. The specified ranges are allowed to overlap.	PortRange_STATUS[] Optional
applicationSecurityGroups	The IDs of the application security groups which agent pool will associate when created.	string[] Optional
nodePublicIPTags	IPTags of instance-level public IPs.	IPTag_STATUS[] Optional

AgentPoolSecurityProfile

The security settings of an agent pool.

Used by: ManagedClusterAgentPoolProfile, and ManagedClustersAgentPool_Spec.

Property	Description	Type
enableSecureBoot	Secure Boot is a feature of Trusted Launch which ensures that only signed operating systems and drivers can boot. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false.	bool Optional
enableVTPM	vTPM is a Trusted Launch feature for configuring a dedicated secure vault for keys and measurements held locally on the node. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false.	bool Optional
sshAccess	SSH access method of an agent pool.	AgentPoolSSHAccess Optional

AgentPoolSecurityProfile_STATUS

The security settings of an agent pool.

Used by: ManagedClusterAgentPoolProfile_STATUS, and ManagedClustersAgentPool_STATUS.

Property	Description	Type
enableSecureBoot	Secure Boot is a feature of Trusted Launch which ensures that only signed operating systems and drivers can boot. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false.	bool Optional
enableVTPM	vTPM is a Trusted Launch feature for configuring a dedicated secure vault for keys and measurements held locally on the node. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false.	bool Optional
sshAccess	SSH access method of an agent pool.	AgentPoolSSHAccess_STATUS Optional

AgentPoolType

The type of Agent Pool.

Used by: ManagedClusterAgentPoolProfile, and ManagedClustersAgentPool_Spec.

Value	Description
“AvailabilitySet”
“VirtualMachineScaleSets”
“VirtualMachines”

AgentPoolType_STATUS

The type of Agent Pool.

Used by: ManagedClusterAgentPoolProfile_STATUS, and ManagedClustersAgentPool_STATUS.

Value	Description
“AvailabilitySet”
“VirtualMachineScaleSets”
“VirtualMachines”

AgentPoolUpgradeSettings

Settings for upgrading an agentpool

Used by: ManagedClusterAgentPoolProfile, and ManagedClustersAgentPool_Spec.

Property	Description	Type
drainTimeoutInMinutes	The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not specified, the default is 30 minutes.	int Optional
maxSurge	This can either be set to an integer (e.g. ‘5’) or a percentage (e.g. ‘50%’). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade	string Optional
nodeSoakDurationInMinutes	The amount of time (in minutes) to wait after draining a node and before reimaging it and moving on to next node. If not specified, the default is 0 minutes.	int Optional
undrainableNodeBehavior	Defines the behavior for undrainable nodes during upgrade. The most common cause of undrainable nodes is Pod Disruption Budgets (PDBs), but other issues, such as pod termination grace period is exceeding the remaining per-node drain timeout or pod is still being in a running state, can also cause undrainable nodes.	AgentPoolUpgradeSettings_UndrainableNodeBehavior Optional

AgentPoolUpgradeSettings_STATUS

Settings for upgrading an agentpool

Used by: ManagedClusterAgentPoolProfile_STATUS, and ManagedClustersAgentPool_STATUS.

Property	Description	Type
drainTimeoutInMinutes	The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not specified, the default is 30 minutes.	int Optional
maxSurge	This can either be set to an integer (e.g. ‘5’) or a percentage (e.g. ‘50%’). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade	string Optional
nodeSoakDurationInMinutes	The amount of time (in minutes) to wait after draining a node and before reimaging it and moving on to next node. If not specified, the default is 0 minutes.	int Optional
undrainableNodeBehavior	Defines the behavior for undrainable nodes during upgrade. The most common cause of undrainable nodes is Pod Disruption Budgets (PDBs), but other issues, such as pod termination grace period is exceeding the remaining per-node drain timeout or pod is still being in a running state, can also cause undrainable nodes.	AgentPoolUpgradeSettings_UndrainableNodeBehavior_STATUS Optional

AgentPoolWindowsProfile

The Windows agent pool’s specific profile.

Used by: ManagedClusterAgentPoolProfile, and ManagedClustersAgentPool_Spec.

Property	Description	Type
disableOutboundNat	The default value is false. Outbound NAT can only be disabled if the cluster outboundType is NAT Gateway and the Windows agent pool does not have node public IP enabled.	bool Optional

AgentPoolWindowsProfile_STATUS

The Windows agent pool’s specific profile.

Used by: ManagedClusterAgentPoolProfile_STATUS, and ManagedClustersAgentPool_STATUS.

Property	Description	Type
disableOutboundNat	The default value is false. Outbound NAT can only be disabled if the cluster outboundType is NAT Gateway and the Windows agent pool does not have node public IP enabled.	bool Optional

ClusterUpgradeSettings

Settings for upgrading a cluster.

Used by: ManagedCluster_Spec.

Property	Description	Type
overrideSettings	Settings for overrides.	UpgradeOverrideSettings Optional

ClusterUpgradeSettings_STATUS

Settings for upgrading a cluster.

Used by: ManagedCluster_STATUS.

Property	Description	Type
overrideSettings	Settings for overrides.	UpgradeOverrideSettings_STATUS Optional

ContainerServiceLinuxProfile

Profile for Linux VMs in the container service cluster.

Used by: ManagedCluster_Spec.

Property	Description	Type
adminUsername	The administrator username to use for Linux VMs.	string Required
ssh	The SSH configuration for Linux-based VMs running on Azure.	ContainerServiceSshConfiguration Required

ContainerServiceLinuxProfile_STATUS

Profile for Linux VMs in the container service cluster.

Used by: ManagedCluster_STATUS.

Property	Description	Type
adminUsername	The administrator username to use for Linux VMs.	string Optional
ssh	The SSH configuration for Linux-based VMs running on Azure.	ContainerServiceSshConfiguration_STATUS Optional

ContainerServiceNetworkProfile

Profile of network configuration.

Used by: ManagedCluster_Spec.

Property	Description	Type
advancedNetworking	Advanced Networking profile for enabling observability on a cluster. Note that enabling advanced networking features may incur additional costs. For more information see aka.ms/aksadvancednetworking.	AdvancedNetworking Optional
dnsServiceIP	An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.	string Optional
ipFamilies	IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value is IPv4. For dual-stack, the expected values are IPv4 and IPv6.	IpFamily[] Optional
kubeProxyConfig	Holds configuration customizations for kube-proxy. Any values not defined will use the kube-proxy defaulting behavior. See https://v.docs.kubernetes.io/docs/reference/command-line-tools-reference/kube-proxy/ where is represented by a - string. Kubernetes version 1.23 would be ‘1-23’.	ContainerServiceNetworkProfile_KubeProxyConfig Optional
loadBalancerProfile	Profile of the cluster load balancer.	ManagedClusterLoadBalancerProfile Optional
loadBalancerSku	The default is ‘standard’. See Azure Load Balancer SKUs for more information about the differences between load balancer SKUs.	LoadBalancerSku Optional
natGatewayProfile	Profile of the cluster NAT gateway.	ManagedClusterNATGatewayProfile Optional
networkDataplane	Network dataplane used in the Kubernetes cluster.	NetworkDataplane Optional
networkMode	This cannot be specified if networkPlugin is anything other than ‘azure’.	NetworkMode Optional
networkPlugin	Network plugin used for building the Kubernetes network.	NetworkPlugin Optional
networkPluginMode	Network plugin mode used for building the Kubernetes network.	NetworkPluginMode Optional
networkPolicy	Network policy used for building the Kubernetes network.	NetworkPolicy Optional
outboundType	This can only be set at cluster creation time and cannot be changed later. For more information see egress outbound type.	ContainerServiceNetworkProfile_OutboundType Optional
podCidr	A CIDR notation IP range from which to assign pod IPs when kubenet is used.	string Optional
podCidrs	One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking.	string[] Optional
podLinkLocalAccess	Defines access to special link local addresses (Azure Instance Metadata Service, aka IMDS) for pods with hostNetwork=false. if not specified, the default is ‘IMDS’.	PodLinkLocalAccess Optional
serviceCidr	A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.	string Optional
serviceCidrs	One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking. They must not overlap with any Subnet IP ranges.	string[] Optional
staticEgressGatewayProfile	The profile for Static Egress Gateway addon. For more details about Static Egress Gateway, see https://aka.ms/aks/static-egress-gateway.	ManagedClusterStaticEgressGatewayProfile Optional

ContainerServiceNetworkProfile_STATUS

Profile of network configuration.

Used by: ManagedCluster_STATUS.

Property	Description	Type
advancedNetworking	Advanced Networking profile for enabling observability on a cluster. Note that enabling advanced networking features may incur additional costs. For more information see aka.ms/aksadvancednetworking.	AdvancedNetworking_STATUS Optional
dnsServiceIP	An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.	string Optional
ipFamilies	IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value is IPv4. For dual-stack, the expected values are IPv4 and IPv6.	IpFamily_STATUS[] Optional
kubeProxyConfig	Holds configuration customizations for kube-proxy. Any values not defined will use the kube-proxy defaulting behavior. See https://v.docs.kubernetes.io/docs/reference/command-line-tools-reference/kube-proxy/ where is represented by a - string. Kubernetes version 1.23 would be ‘1-23’.	ContainerServiceNetworkProfile_KubeProxyConfig_STATUS Optional
loadBalancerProfile	Profile of the cluster load balancer.	ManagedClusterLoadBalancerProfile_STATUS Optional
loadBalancerSku	The default is ‘standard’. See Azure Load Balancer SKUs for more information about the differences between load balancer SKUs.	LoadBalancerSku_STATUS Optional
natGatewayProfile	Profile of the cluster NAT gateway.	ManagedClusterNATGatewayProfile_STATUS Optional
networkDataplane	Network dataplane used in the Kubernetes cluster.	NetworkDataplane_STATUS Optional
networkMode	This cannot be specified if networkPlugin is anything other than ‘azure’.	NetworkMode_STATUS Optional
networkPlugin	Network plugin used for building the Kubernetes network.	NetworkPlugin_STATUS Optional
networkPluginMode	Network plugin mode used for building the Kubernetes network.	NetworkPluginMode_STATUS Optional
networkPolicy	Network policy used for building the Kubernetes network.	NetworkPolicy_STATUS Optional
outboundType	This can only be set at cluster creation time and cannot be changed later. For more information see egress outbound type.	ContainerServiceNetworkProfile_OutboundType_STATUS Optional
podCidr	A CIDR notation IP range from which to assign pod IPs when kubenet is used.	string Optional
podCidrs	One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking.	string[] Optional
podLinkLocalAccess	Defines access to special link local addresses (Azure Instance Metadata Service, aka IMDS) for pods with hostNetwork=false. if not specified, the default is ‘IMDS’.	PodLinkLocalAccess_STATUS Optional
serviceCidr	A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.	string Optional
serviceCidrs	One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking. They must not overlap with any Subnet IP ranges.	string[] Optional
staticEgressGatewayProfile	The profile for Static Egress Gateway addon. For more details about Static Egress Gateway, see https://aka.ms/aks/static-egress-gateway.	ManagedClusterStaticEgressGatewayProfile_STATUS Optional

ContainerServiceOSDisk

Used by: ManagedClusterAgentPoolProfile, and ManagedClustersAgentPool_Spec.

CreationData

Data used when creating a target resource from a source resource.

Used by: ManagedCluster_Spec, ManagedClusterAgentPoolProfile, and ManagedClustersAgentPool_Spec.

Property	Description	Type
sourceResourceReference	This is the ARM ID of the source object to be used to create the target object.	genruntime.ResourceReference Optional

CreationData_STATUS

Data used when creating a target resource from a source resource.

Used by: ManagedCluster_STATUS, ManagedClusterAgentPoolProfile_STATUS, and ManagedClustersAgentPool_STATUS.

Property	Description	Type
sourceResourceId	This is the ARM ID of the source object to be used to create the target object.	string Optional

ExtendedLocation

The complex type of the extended location.

Used by: ManagedCluster_Spec.

Property	Description	Type
name	The name of the extended location.	string Optional
type	The type of the extended location.	ExtendedLocationType Optional

ExtendedLocation_STATUS

The complex type of the extended location.

Used by: ManagedCluster_STATUS.

Property	Description	Type
name	The name of the extended location.	string Optional
type	The type of the extended location.	ExtendedLocationType_STATUS Optional

GPUInstanceProfile

GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.

Used by: ManagedClusterAgentPoolProfile, and ManagedClustersAgentPool_Spec.

Value	Description
“MIG1g”
“MIG2g”
“MIG3g”
“MIG4g”
“MIG7g”

GPUInstanceProfile_STATUS

GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.

Used by: ManagedClusterAgentPoolProfile_STATUS, and ManagedClustersAgentPool_STATUS.

Value	Description
“MIG1g”
“MIG2g”
“MIG3g”
“MIG4g”
“MIG7g”

KubeletConfig

See AKS custom node configuration for more details.

Used by: ManagedClusterAgentPoolProfile, and ManagedClustersAgentPool_Spec.

Property	Description	Type
allowedUnsafeSysctls	Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).	string[] Optional
containerLogMaxFiles	The maximum number of container log files that can be present for a container. The number must be ≥ 2.	int Optional
containerLogMaxSizeMB	The maximum size (e.g. 10Mi) of container log file before it is rotated.	int Optional
cpuCfsQuota	The default is true.	bool Optional
cpuCfsQuotaPeriod	The default is ‘100ms.’ Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: ‘300ms’, ‘2h45m’. Supported units are ’ns’, ‘us’, ‘ms’, ’s’, ’m’, and ‘h’.	string Optional
cpuManagerPolicy	The default is ’none’. See Kubernetes CPU management policies for more information. Allowed values are ’none’ and ‘static’.	string Optional
failSwapOn	If set to true it will make the Kubelet fail to start if swap is enabled on the node.	bool Optional
imageGcHighThreshold	To disable image garbage collection, set to 100. The default is 85%	int Optional
imageGcLowThreshold	This cannot be set higher than imageGcHighThreshold. The default is 80%	int Optional
podMaxPids	The maximum number of processes per pod.	int Optional
topologyManagerPolicy	For more information see Kubernetes Topology Manager. The default is ’none’. Allowed values are ’none’, ‘best-effort’, ‘restricted’, and ‘single-numa-node’.	string Optional

KubeletConfig_STATUS

See AKS custom node configuration for more details.

Used by: ManagedClusterAgentPoolProfile_STATUS, and ManagedClustersAgentPool_STATUS.

Property	Description	Type
allowedUnsafeSysctls	Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).	string[] Optional
containerLogMaxFiles	The maximum number of container log files that can be present for a container. The number must be ≥ 2.	int Optional
containerLogMaxSizeMB	The maximum size (e.g. 10Mi) of container log file before it is rotated.	int Optional
cpuCfsQuota	The default is true.	bool Optional
cpuCfsQuotaPeriod	The default is ‘100ms.’ Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: ‘300ms’, ‘2h45m’. Supported units are ’ns’, ‘us’, ‘ms’, ’s’, ’m’, and ‘h’.	string Optional
cpuManagerPolicy	The default is ’none’. See Kubernetes CPU management policies for more information. Allowed values are ’none’ and ‘static’.	string Optional
failSwapOn	If set to true it will make the Kubelet fail to start if swap is enabled on the node.	bool Optional
imageGcHighThreshold	To disable image garbage collection, set to 100. The default is 85%	int Optional
imageGcLowThreshold	This cannot be set higher than imageGcHighThreshold. The default is 80%	int Optional
podMaxPids	The maximum number of processes per pod.	int Optional
topologyManagerPolicy	For more information see Kubernetes Topology Manager. The default is ’none’. Allowed values are ’none’, ‘best-effort’, ‘restricted’, and ‘single-numa-node’.	string Optional

KubeletDiskType

Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.

Used by: ManagedClusterAgentPoolProfile, and ManagedClustersAgentPool_Spec.

Value	Description
“OS”
“Temporary”

KubeletDiskType_STATUS

Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.

Used by: ManagedClusterAgentPoolProfile_STATUS, and ManagedClustersAgentPool_STATUS.

Value	Description
“OS”
“Temporary”

KubernetesSupportPlan

Different support tiers for AKS managed clusters

Used by: ManagedCluster_Spec.

Value	Description
“AKSLongTermSupport”
“KubernetesOfficial”

KubernetesSupportPlan_STATUS

Different support tiers for AKS managed clusters

Used by: ManagedCluster_STATUS.

Value	Description
“AKSLongTermSupport”
“KubernetesOfficial”

LinuxOSConfig

See AKS custom node configuration for more details.

Used by: ManagedClusterAgentPoolProfile, and ManagedClustersAgentPool_Spec.

Property	Description	Type
swapFileSizeMB	The size in MB of a swap file that will be created on each node.	int Optional
sysctls	Sysctl settings for Linux agent nodes.	SysctlConfig Optional
transparentHugePageDefrag	Valid values are ‘always’, ‘defer’, ‘defer+madvise’, ‘madvise’ and ’never’. The default is ‘madvise’. For more information see Transparent Hugepages.	string Optional
transparentHugePageEnabled	Valid values are ‘always’, ‘madvise’, and ’never’. The default is ‘always’. For more information see Transparent Hugepages.	string Optional

LinuxOSConfig_STATUS

See AKS custom node configuration for more details.

Used by: ManagedClusterAgentPoolProfile_STATUS, and ManagedClustersAgentPool_STATUS.

Property	Description	Type
swapFileSizeMB	The size in MB of a swap file that will be created on each node.	int Optional
sysctls	Sysctl settings for Linux agent nodes.	SysctlConfig_STATUS Optional
transparentHugePageDefrag	Valid values are ‘always’, ‘defer’, ‘defer+madvise’, ‘madvise’ and ’never’. The default is ‘madvise’. For more information see Transparent Hugepages.	string Optional
transparentHugePageEnabled	Valid values are ‘always’, ‘madvise’, and ’never’. The default is ‘always’. For more information see Transparent Hugepages.	string Optional

ManagedClusterAADProfile

For more details see managed AAD on AKS.

Used by: ManagedCluster_Spec.

Property	Description	Type
adminGroupObjectIDs	The list of AAD group object IDs that will have admin role of the cluster.	string[] Optional
clientAppID	(DEPRECATED) The client AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.	string Optional
enableAzureRBAC	Whether to enable Azure RBAC for Kubernetes authorization.	bool Optional
managed	Whether to enable managed AAD.	bool Optional
serverAppID	(DEPRECATED) The server AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.	string Optional
serverAppSecret	(DEPRECATED) The server AAD application secret. Learn more at https://aka.ms/aks/aad-legacy.	string Optional
tenantID	The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.	string Optional

ManagedClusterAADProfile_STATUS

For more details see managed AAD on AKS.

Used by: ManagedCluster_STATUS.

Property	Description	Type
adminGroupObjectIDs	The list of AAD group object IDs that will have admin role of the cluster.	string[] Optional
clientAppID	(DEPRECATED) The client AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.	string Optional
enableAzureRBAC	Whether to enable Azure RBAC for Kubernetes authorization.	bool Optional
managed	Whether to enable managed AAD.	bool Optional
serverAppID	(DEPRECATED) The server AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.	string Optional
serverAppSecret	(DEPRECATED) The server AAD application secret. Learn more at https://aka.ms/aks/aad-legacy.	string Optional
tenantID	The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.	string Optional

ManagedClusterAddonProfile

A Kubernetes add-on profile for a managed cluster.

Used by: ManagedCluster_Spec.

Property	Description	Type
config	Key-value pairs for configuring an add-on.	map[string]string Optional
enabled	Whether the add-on is enabled or not.	bool Required

ManagedClusterAddonProfile_STATUS

A Kubernetes add-on profile for a managed cluster.

Used by: ManagedCluster_STATUS.

Property	Description	Type
config	Key-value pairs for configuring an add-on.	map[string]string Optional
enabled	Whether the add-on is enabled or not.	bool Optional
identity	Information of user assigned identity used by this add-on.	UserAssignedIdentity_STATUS Optional

ManagedClusterAgentPoolProfile

Profile for the container service agent pool.

Used by: ManagedCluster_Spec.

Property	Description	Type
artifactStreamingProfile	Configuration for using artifact streaming on AKS.	AgentPoolArtifactStreamingProfile Optional
availabilityZones	The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is ‘VirtualMachineScaleSets’.	string[] Optional
capacityReservationGroupReference	AKS will associate the specified agent pool with the Capacity Reservation Group.	genruntime.ResourceReference Optional
count	Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.	int Optional
creationData	CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.	CreationData Optional
enableAutoScaling	Whether to enable auto-scaler	bool Optional
enableCustomCATrust	When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded certificates into node trust stores. Defaults to false.	bool Optional
enableEncryptionAtHost	This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption	bool Optional
enableFIPS	See Add a FIPS-enabled node pool for more details.	bool Optional
enableNodePublicIP	Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see assigning a public IP per node. The default is false.	bool Optional
enableUltraSSD	Whether to enable UltraSSD	bool Optional
gatewayProfile	Profile specific to a managed agent pool in Gateway mode. This field cannot be set if agent pool mode is not Gateway.	AgentPoolGatewayProfile Optional
gpuInstanceProfile	GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.	GPUInstanceProfile Optional
gpuProfile	The GPU settings of an agent pool.	AgentPoolGPUProfile Optional
hostGroupReference	This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see Azure dedicated hosts.	genruntime.ResourceReference Optional
kubeletConfig	The Kubelet configuration on the agent pool nodes.	KubeletConfig Optional
kubeletDiskType	Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.	KubeletDiskType Optional
linuxOSConfig	The OS configuration of Linux agent nodes.	LinuxOSConfig Optional
maxCount	The maximum number of nodes for auto-scaling	int Optional
maxPods	The maximum number of pods that can run on a node.	int Optional
messageOfTheDay	A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script).	string Optional
minCount	The minimum number of nodes for auto-scaling	int Optional
mode	A cluster must have at least one ‘System’ Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools	AgentPoolMode Optional
name	Windows agent pool names must be 6 characters or less.	string Required
networkProfile	Network-related settings of an agent pool.	AgentPoolNetworkProfile Optional
nodeInitializationTaints	These taints will not be reconciled by AKS and can be removed with a kubectl call. This field can be modified after node pool is created, but nodes will not be recreated with new taints until another operation that requires recreation (e.g. node image upgrade) happens. These taints allow for required configuration to run before the node is ready to accept workloads, for example ‘key1=value1:NoSchedule’ that then can be removed with `kubectl taint nodes node1 key1=value1:NoSchedule-`	string[] Optional
nodeLabels	The node labels to be persisted across all nodes in agent pool.	map[string]string Optional
nodePublicIPPrefixReference	This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}	genruntime.ResourceReference Optional
nodeTaints	The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.	string[] Optional
orchestratorVersion	Both patch version <major.minor.patch> and <major.minor> are supported. When <major.minor> is specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same <major.minor> once it has been created will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see upgrading a node pool.	string Optional
osDiskSizeGB		ContainerServiceOSDisk Optional
osDiskType	The default is ‘Ephemeral’ if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to ‘Managed’. May not be changed after creation. For more information see Ephemeral OS.	OSDiskType Optional
osSKU	Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is deprecated.	OSSKU Optional
osType	The operating system type. The default is Linux.	OSType Optional
podIPAllocationMode	The IP allocation mode for pods in the agent pool. Must be used with podSubnetId. The default is ‘DynamicIndividual’.	PodIPAllocationMode Optional
podSubnetReference	If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}	genruntime.ResourceReference Optional
powerState	When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded	PowerState Optional
proximityPlacementGroupReference	The ID for Proximity Placement Group.	genruntime.ResourceReference Optional
scaleDownMode	This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.	ScaleDownMode Optional
scaleSetEvictionPolicy	This cannot be specified unless the scaleSetPriority is ‘Spot’. If not specified, the default is ‘Delete’.	ScaleSetEvictionPolicy Optional
scaleSetPriority	The Virtual Machine Scale Set priority. If not specified, the default is ‘Regular’.	ScaleSetPriority Optional
securityProfile	The security settings of an agent pool.	AgentPoolSecurityProfile Optional
spotMaxPrice	Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see spot VMs pricing	float64 Optional
tags	The tags to be persisted on the agent pool virtual machine scale set.	map[string]string Optional
type	The type of Agent Pool.	AgentPoolType Optional
upgradeSettings	Settings for upgrading the agentpool	AgentPoolUpgradeSettings Optional
virtualMachineNodesStatus		VirtualMachineNodes[] Optional
virtualMachinesProfile	Specifications on VirtualMachines agent pool.	VirtualMachinesProfile Optional
vmSize	VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions	string Optional
vnetSubnetReference	If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}	genruntime.ResourceReference Optional
windowsProfile	The Windows agent pool’s specific profile.	AgentPoolWindowsProfile Optional
workloadRuntime	Determines the type of workload a node can run.	WorkloadRuntime Optional

ManagedClusterAgentPoolProfile_STATUS

Profile for the container service agent pool.

Used by: ManagedCluster_STATUS.

Property	Description	Type
artifactStreamingProfile	Configuration for using artifact streaming on AKS.	AgentPoolArtifactStreamingProfile_STATUS Optional
availabilityZones	The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is ‘VirtualMachineScaleSets’.	string[] Optional
capacityReservationGroupID	AKS will associate the specified agent pool with the Capacity Reservation Group.	string Optional
count	Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.	int Optional
creationData	CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.	CreationData_STATUS Optional
currentOrchestratorVersion	If orchestratorVersion was a fully specified version <major.minor.patch>, this field will be exactly equal to it. If orchestratorVersion was <major.minor>, this field will contain the full <major.minor.patch> version being used.	string Optional
enableAutoScaling	Whether to enable auto-scaler	bool Optional
enableCustomCATrust	When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded certificates into node trust stores. Defaults to false.	bool Optional
enableEncryptionAtHost	This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption	bool Optional
enableFIPS	See Add a FIPS-enabled node pool for more details.	bool Optional
enableNodePublicIP	Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see assigning a public IP per node. The default is false.	bool Optional
enableUltraSSD	Whether to enable UltraSSD	bool Optional
eTag	Unique read-only string used to implement optimistic concurrency. The eTag value will change when the resource is updated. Specify an if-match or if-none-match header with the eTag value for a subsequent request to enable optimistic concurrency per the normal etag convention.	string Optional
gatewayProfile	Profile specific to a managed agent pool in Gateway mode. This field cannot be set if agent pool mode is not Gateway.	AgentPoolGatewayProfile_STATUS Optional
gpuInstanceProfile	GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.	GPUInstanceProfile_STATUS Optional
gpuProfile	The GPU settings of an agent pool.	AgentPoolGPUProfile_STATUS Optional
hostGroupID	This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see Azure dedicated hosts.	string Optional
kubeletConfig	The Kubelet configuration on the agent pool nodes.	KubeletConfig_STATUS Optional
kubeletDiskType	Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.	KubeletDiskType_STATUS Optional
linuxOSConfig	The OS configuration of Linux agent nodes.	LinuxOSConfig_STATUS Optional
maxCount	The maximum number of nodes for auto-scaling	int Optional
maxPods	The maximum number of pods that can run on a node.	int Optional
messageOfTheDay	A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script).	string Optional
minCount	The minimum number of nodes for auto-scaling	int Optional
mode	A cluster must have at least one ‘System’ Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools	AgentPoolMode_STATUS Optional
name	Windows agent pool names must be 6 characters or less.	string Optional
networkProfile	Network-related settings of an agent pool.	AgentPoolNetworkProfile_STATUS Optional
nodeImageVersion	The version of node image	string Optional
nodeInitializationTaints	These taints will not be reconciled by AKS and can be removed with a kubectl call. This field can be modified after node pool is created, but nodes will not be recreated with new taints until another operation that requires recreation (e.g. node image upgrade) happens. These taints allow for required configuration to run before the node is ready to accept workloads, for example ‘key1=value1:NoSchedule’ that then can be removed with `kubectl taint nodes node1 key1=value1:NoSchedule-`	string[] Optional
nodeLabels	The node labels to be persisted across all nodes in agent pool.	map[string]string Optional
nodePublicIPPrefixID	This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}	string Optional
nodeTaints	The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.	string[] Optional
orchestratorVersion	Both patch version <major.minor.patch> and <major.minor> are supported. When <major.minor> is specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same <major.minor> once it has been created will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see upgrading a node pool.	string Optional
osDiskSizeGB		int Optional
osDiskType	The default is ‘Ephemeral’ if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to ‘Managed’. May not be changed after creation. For more information see Ephemeral OS.	OSDiskType_STATUS Optional
osSKU	Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is deprecated.	OSSKU_STATUS Optional
osType	The operating system type. The default is Linux.	OSType_STATUS Optional
podIPAllocationMode	The IP allocation mode for pods in the agent pool. Must be used with podSubnetId. The default is ‘DynamicIndividual’.	PodIPAllocationMode_STATUS Optional
podSubnetID	If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}	string Optional
powerState	When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded	PowerState_STATUS Optional
provisioningState	The current deployment or provisioning state.	string Optional
proximityPlacementGroupID	The ID for Proximity Placement Group.	string Optional
scaleDownMode	This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.	ScaleDownMode_STATUS Optional
scaleSetEvictionPolicy	This cannot be specified unless the scaleSetPriority is ‘Spot’. If not specified, the default is ‘Delete’.	ScaleSetEvictionPolicy_STATUS Optional
scaleSetPriority	The Virtual Machine Scale Set priority. If not specified, the default is ‘Regular’.	ScaleSetPriority_STATUS Optional
securityProfile	The security settings of an agent pool.	AgentPoolSecurityProfile_STATUS Optional
spotMaxPrice	Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see spot VMs pricing	float64 Optional
tags	The tags to be persisted on the agent pool virtual machine scale set.	map[string]string Optional
type	The type of Agent Pool.	AgentPoolType_STATUS Optional
upgradeSettings	Settings for upgrading the agentpool	AgentPoolUpgradeSettings_STATUS Optional
virtualMachineNodesStatus		VirtualMachineNodes_STATUS[] Optional
virtualMachinesProfile	Specifications on VirtualMachines agent pool.	VirtualMachinesProfile_STATUS Optional
vmSize	VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions	string Optional
vnetSubnetID	If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}	string Optional
windowsProfile	The Windows agent pool’s specific profile.	AgentPoolWindowsProfile_STATUS Optional
workloadRuntime	Determines the type of workload a node can run.	WorkloadRuntime_STATUS Optional

ManagedClusterAIToolchainOperatorProfile

When enabling the operator, a set of AKS managed CRDs and controllers will be installed in the cluster. The operator automates the deployment of OSS models for inference and/or training purposes. It provides a set of preset models and enables distributed inference against them.

Used by: ManagedCluster_Spec.

Property	Description	Type
enabled	Indicates if AI toolchain operator enabled or not.	bool Optional

ManagedClusterAIToolchainOperatorProfile_STATUS

Used by: ManagedCluster_STATUS.

Property	Description	Type
enabled	Indicates if AI toolchain operator enabled or not.	bool Optional

ManagedClusterAPIServerAccessProfile

Access profile for managed cluster API server.

Used by: ManagedCluster_Spec.

Property	Description	Type
authorizedIPRanges	IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see API server authorized IP ranges.	string[] Optional
disableRunCommand	Whether to disable run command for the cluster or not.	bool Optional
enablePrivateCluster	For more details, see Creating a private AKS cluster.	bool Optional
enablePrivateClusterPublicFQDN	Whether to create additional public FQDN for private cluster or not.	bool Optional
enableVnetIntegration	Whether to enable apiserver vnet integration for the cluster or not.	bool Optional
privateDNSZone	The default is System. For more details see configure private DNS zone. Allowed values are ‘system’ and ’none’.	string Optional
subnetId	It is required when: 1. creating a new cluster with BYO Vnet; 2. updating an existing cluster to enable apiserver vnet integration.	string Optional

ManagedClusterAPIServerAccessProfile_STATUS

Access profile for managed cluster API server.

Used by: ManagedCluster_STATUS.

Property	Description	Type
authorizedIPRanges	IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see API server authorized IP ranges.	string[] Optional
disableRunCommand	Whether to disable run command for the cluster or not.	bool Optional
enablePrivateCluster	For more details, see Creating a private AKS cluster.	bool Optional
enablePrivateClusterPublicFQDN	Whether to create additional public FQDN for private cluster or not.	bool Optional
enableVnetIntegration	Whether to enable apiserver vnet integration for the cluster or not.	bool Optional
privateDNSZone	The default is System. For more details see configure private DNS zone. Allowed values are ‘system’ and ’none’.	string Optional
subnetId	It is required when: 1. creating a new cluster with BYO Vnet; 2. updating an existing cluster to enable apiserver vnet integration.	string Optional

ManagedClusterAutoUpgradeProfile

Auto upgrade profile for a managed cluster.

Used by: ManagedCluster_Spec.

Property	Description	Type
nodeOSUpgradeChannel	The default is Unmanaged, but may change to either NodeImage or SecurityPatch at GA.	ManagedClusterAutoUpgradeProfile_NodeOSUpgradeChannel Optional
upgradeChannel	For more information see setting the AKS cluster auto-upgrade channel.	ManagedClusterAutoUpgradeProfile_UpgradeChannel Optional

ManagedClusterAutoUpgradeProfile_STATUS

Auto upgrade profile for a managed cluster.

Used by: ManagedCluster_STATUS.

Property	Description	Type
nodeOSUpgradeChannel	The default is Unmanaged, but may change to either NodeImage or SecurityPatch at GA.	ManagedClusterAutoUpgradeProfile_NodeOSUpgradeChannel_STATUS Optional
upgradeChannel	For more information see setting the AKS cluster auto-upgrade channel.	ManagedClusterAutoUpgradeProfile_UpgradeChannel_STATUS Optional

ManagedClusterAzureMonitorProfile

Prometheus addon profile for the container service cluster

Used by: ManagedCluster_Spec.

Property	Description	Type
appMonitoring	Application Monitoring Profile for Kubernetes Application Container. Collects application logs, metrics and traces through auto-instrumentation of the application using Azure Monitor OpenTelemetry based SDKs. See aka.ms/AzureMonitorApplicationMonitoring for an overview.	ManagedClusterAzureMonitorProfileAppMonitoring Optional
containerInsights	Azure Monitor Container Insights Profile for Kubernetes Events, Inventory and Container stdout & stderr logs etc. See aka.ms/AzureMonitorContainerInsights for an overview.	ManagedClusterAzureMonitorProfileContainerInsights Optional
metrics	Metrics profile for the prometheus service addon	ManagedClusterAzureMonitorProfileMetrics Optional

ManagedClusterAzureMonitorProfile_STATUS

Prometheus addon profile for the container service cluster

Used by: ManagedCluster_STATUS.

Property	Description	Type
appMonitoring	Application Monitoring Profile for Kubernetes Application Container. Collects application logs, metrics and traces through auto-instrumentation of the application using Azure Monitor OpenTelemetry based SDKs. See aka.ms/AzureMonitorApplicationMonitoring for an overview.	ManagedClusterAzureMonitorProfileAppMonitoring_STATUS Optional
containerInsights	Azure Monitor Container Insights Profile for Kubernetes Events, Inventory and Container stdout & stderr logs etc. See aka.ms/AzureMonitorContainerInsights for an overview.	ManagedClusterAzureMonitorProfileContainerInsights_STATUS Optional
metrics	Metrics profile for the prometheus service addon	ManagedClusterAzureMonitorProfileMetrics_STATUS Optional

ManagedClusterBootstrapProfile

The bootstrap profile.

Used by: ManagedCluster_Spec.

Property	Description	Type
artifactSource	The source where the artifacts are downloaded from.	ManagedClusterBootstrapProfile_ArtifactSource Optional
containerRegistryReference	The resource Id of Azure Container Registry. The registry must have private network access, premium SKU and zone redundancy.	genruntime.ResourceReference Optional

ManagedClusterBootstrapProfile_STATUS

The bootstrap profile.

Used by: ManagedCluster_STATUS.

Property	Description	Type
artifactSource	The source where the artifacts are downloaded from.	ManagedClusterBootstrapProfile_ArtifactSource_STATUS Optional
containerRegistryId	The resource Id of Azure Container Registry. The registry must have private network access, premium SKU and zone redundancy.	string Optional

ManagedClusterHTTPProxyConfig

Cluster HTTP proxy configuration.

Used by: ManagedCluster_Spec.

Property	Description	Type
httpProxy	The HTTP proxy server endpoint to use.	string Optional
httpsProxy	The HTTPS proxy server endpoint to use.	string Optional
noProxy	The endpoints that should not go through proxy.	string[] Optional
trustedCa	Alternative CA cert to use for connecting to proxy servers.	string Optional

ManagedClusterHTTPProxyConfig_STATUS

Cluster HTTP proxy configuration.

Used by: ManagedCluster_STATUS.

Property	Description	Type
effectiveNoProxy	A read-only list of all endpoints for which traffic should not be sent to the proxy. This list is a superset of noProxy and values injected by AKS.	string[] Optional
httpProxy	The HTTP proxy server endpoint to use.	string Optional
httpsProxy	The HTTPS proxy server endpoint to use.	string Optional
noProxy	The endpoints that should not go through proxy.	string[] Optional
trustedCa	Alternative CA cert to use for connecting to proxy servers.	string Optional

ManagedClusterIdentity

Identity for the managed cluster.

Used by: ManagedCluster_Spec.

Property	Description	Type
delegatedResources	The delegated identity resources assigned to this managed cluster. This can only be set by another Azure Resource Provider, and managed cluster only accept one delegated identity resource. Internal use only.	map[string]DelegatedResource Optional
type	For more information see use managed identities in AKS.	ManagedClusterIdentity_Type Optional
userAssignedIdentities	The keys must be ARM resource IDs in the form: ‘/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}’.	UserAssignedIdentityDetails[] Optional

ManagedClusterIdentity_STATUS

Identity for the managed cluster.

Used by: ManagedCluster_STATUS.

Property	Description	Type
delegatedResources	The delegated identity resources assigned to this managed cluster. This can only be set by another Azure Resource Provider, and managed cluster only accept one delegated identity resource. Internal use only.	map[string]DelegatedResource_STATUS Optional
principalId	The principal id of the system assigned identity which is used by master components.	string Optional
tenantId	The tenant id of the system assigned identity which is used by master components.	string Optional
type	For more information see use managed identities in AKS.	ManagedClusterIdentity_Type_STATUS Optional
userAssignedIdentities	The keys must be ARM resource IDs in the form: ‘/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}’.	map[string]ManagedClusterIdentity_UserAssignedIdentities_STATUS Optional

ManagedClusterIngressProfile

Ingress profile for the container service cluster.

Used by: ManagedCluster_Spec.

Property	Description	Type
webAppRouting	Web App Routing settings for the ingress profile.	ManagedClusterIngressProfileWebAppRouting Optional

ManagedClusterIngressProfile_STATUS

Ingress profile for the container service cluster.

Used by: ManagedCluster_STATUS.

Property	Description	Type
webAppRouting	Web App Routing settings for the ingress profile.	ManagedClusterIngressProfileWebAppRouting_STATUS Optional

ManagedClusterMetricsProfile

The metrics profile for the ManagedCluster.

Used by: ManagedCluster_Spec.

Property	Description	Type
costAnalysis	The cost analysis configuration for the cluster	ManagedClusterCostAnalysis Optional

ManagedClusterMetricsProfile_STATUS

The metrics profile for the ManagedCluster.

Used by: ManagedCluster_STATUS.

Property	Description	Type
costAnalysis	The cost analysis configuration for the cluster	ManagedClusterCostAnalysis_STATUS Optional

ManagedClusterNodeProvisioningProfile

Used by: ManagedCluster_Spec.

Property	Description	Type
mode	Once the mode it set to Auto, it cannot be changed back to Manual.	ManagedClusterNodeProvisioningProfile_Mode Optional

ManagedClusterNodeProvisioningProfile_STATUS

Used by: ManagedCluster_STATUS.

Property	Description	Type
mode	Once the mode it set to Auto, it cannot be changed back to Manual.	ManagedClusterNodeProvisioningProfile_Mode_STATUS Optional

ManagedClusterNodeResourceGroupProfile

Node resource group lockdown profile for a managed cluster.

Used by: ManagedCluster_Spec.

Property	Description	Type
restrictionLevel	The restriction level applied to the cluster’s node resource group	ManagedClusterNodeResourceGroupProfile_RestrictionLevel Optional

ManagedClusterNodeResourceGroupProfile_STATUS

Node resource group lockdown profile for a managed cluster.

Used by: ManagedCluster_STATUS.

Property	Description	Type
restrictionLevel	The restriction level applied to the cluster’s node resource group	ManagedClusterNodeResourceGroupProfile_RestrictionLevel_STATUS Optional

ManagedClusterOIDCIssuerProfile

The OIDC issuer profile of the Managed Cluster.

Used by: ManagedCluster_Spec.

Property	Description	Type
enabled	Whether the OIDC issuer is enabled.	bool Optional

ManagedClusterOIDCIssuerProfile_STATUS

The OIDC issuer profile of the Managed Cluster.

Used by: ManagedCluster_STATUS.

Property	Description	Type
enabled	Whether the OIDC issuer is enabled.	bool Optional
issuerURL	The OIDC issuer url of the Managed Cluster.	string Optional

ManagedClusterOperatorSpec

Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure

Used by: ManagedCluster_Spec.

Property	Description	Type
configMapExpressions	configures where to place operator written dynamic ConfigMaps (created with CEL expressions).	core.DestinationExpression[] Optional
configMaps	configures where to place operator written ConfigMaps.	ManagedClusterOperatorConfigMaps Optional
secretExpressions	configures where to place operator written dynamic secrets (created with CEL expressions).	core.DestinationExpression[] Optional
secrets	configures where to place Azure generated secrets.	ManagedClusterOperatorSecrets Optional

ManagedClusterPodIdentityProfile

See use AAD pod identity for more details on pod identity integration.

Used by: ManagedCluster_Spec.

Property	Description	Type
allowNetworkPluginKubenet	Running in Kubenet is disabled by default due to the security related nature of AAD Pod Identity and the risks of IP spoofing. See using Kubenet network plugin with AAD Pod Identity for more information.	bool Optional
enabled	Whether the pod identity addon is enabled.	bool Optional
userAssignedIdentities	The pod identities to use in the cluster.	ManagedClusterPodIdentity[] Optional
userAssignedIdentityExceptions	The pod identity exceptions to allow.	ManagedClusterPodIdentityException[] Optional

ManagedClusterPodIdentityProfile_STATUS

See use AAD pod identity for more details on pod identity integration.

Used by: ManagedCluster_STATUS.

Property	Description	Type
allowNetworkPluginKubenet	Running in Kubenet is disabled by default due to the security related nature of AAD Pod Identity and the risks of IP spoofing. See using Kubenet network plugin with AAD Pod Identity for more information.	bool Optional
enabled	Whether the pod identity addon is enabled.	bool Optional
userAssignedIdentities	The pod identities to use in the cluster.	ManagedClusterPodIdentity_STATUS[] Optional
userAssignedIdentityExceptions	The pod identity exceptions to allow.	ManagedClusterPodIdentityException_STATUS[] Optional

ManagedClusterProperties_AutoScalerProfile

Used by: ManagedCluster_Spec.

Property	Description	Type
balance-similar-node-groups	Valid values are ’true’ and ‘false’	string Optional
daemonset-eviction-for-empty-nodes	If set to true, all daemonset pods on empty nodes will be evicted before deletion of the node. If the daemonset pod cannot be evicted another node will be chosen for scaling. If set to false, the node will be deleted without ensuring that daemonset pods are deleted or evicted.	bool Optional
daemonset-eviction-for-occupied-nodes	If set to true, all daemonset pods on occupied nodes will be evicted before deletion of the node. If the daemonset pod cannot be evicted another node will be chosen for scaling. If set to false, the node will be deleted without ensuring that daemonset pods are deleted or evicted.	bool Optional
expander	Available values are: ’least-waste’, ‘most-pods’, ‘priority’, ‘random’.	Expander Optional
ignore-daemonsets-utilization	If set to true, the resources used by daemonset will be taken into account when making scaling down decisions.	bool Optional
max-empty-bulk-delete	The default is 10.	string Optional
max-graceful-termination-sec	The default is 600.	string Optional
max-node-provision-time	The default is ‘15m’. Values must be an integer followed by an ’m’. No unit of time other than minutes (m) is supported.	string Optional
max-total-unready-percentage	The default is 45. The maximum is 100 and the minimum is 0.	string Optional
new-pod-scale-up-delay	For scenarios like burst/batch scale where you don’t want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they’re a certain age. The default is ‘0s’. Values must be an integer followed by a unit (’s’ for seconds, ’m’ for minutes, ‘h’ for hours, etc).	string Optional
ok-total-unready-count	This must be an integer. The default is 3.	string Optional
scale-down-delay-after-add	The default is ‘10m’. Values must be an integer followed by an ’m’. No unit of time other than minutes (m) is supported.	string Optional
scale-down-delay-after-delete	The default is the scan-interval. Values must be an integer followed by an ’m’. No unit of time other than minutes (m) is supported.	string Optional
scale-down-delay-after-failure	The default is ‘3m’. Values must be an integer followed by an ’m’. No unit of time other than minutes (m) is supported.	string Optional
scale-down-unneeded-time	The default is ‘10m’. Values must be an integer followed by an ’m’. No unit of time other than minutes (m) is supported.	string Optional
scale-down-unready-time	The default is ‘20m’. Values must be an integer followed by an ’m’. No unit of time other than minutes (m) is supported.	string Optional
scale-down-utilization-threshold	The default is ‘0.5’.	string Optional
scan-interval	The default is ‘10’. Values must be an integer number of seconds.	string Optional
skip-nodes-with-local-storage	The default is true.	string Optional
skip-nodes-with-system-pods	The default is true.	string Optional

ManagedClusterProperties_AutoScalerProfile_STATUS

Used by: ManagedCluster_STATUS.

Property	Description	Type
balance-similar-node-groups	Valid values are ’true’ and ‘false’	string Optional
daemonset-eviction-for-empty-nodes	If set to true, all daemonset pods on empty nodes will be evicted before deletion of the node. If the daemonset pod cannot be evicted another node will be chosen for scaling. If set to false, the node will be deleted without ensuring that daemonset pods are deleted or evicted.	bool Optional
daemonset-eviction-for-occupied-nodes	If set to true, all daemonset pods on occupied nodes will be evicted before deletion of the node. If the daemonset pod cannot be evicted another node will be chosen for scaling. If set to false, the node will be deleted without ensuring that daemonset pods are deleted or evicted.	bool Optional
expander	Available values are: ’least-waste’, ‘most-pods’, ‘priority’, ‘random’.	Expander_STATUS Optional
ignore-daemonsets-utilization	If set to true, the resources used by daemonset will be taken into account when making scaling down decisions.	bool Optional
max-empty-bulk-delete	The default is 10.	string Optional
max-graceful-termination-sec	The default is 600.	string Optional
max-node-provision-time	The default is ‘15m’. Values must be an integer followed by an ’m’. No unit of time other than minutes (m) is supported.	string Optional
max-total-unready-percentage	The default is 45. The maximum is 100 and the minimum is 0.	string Optional
new-pod-scale-up-delay	For scenarios like burst/batch scale where you don’t want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they’re a certain age. The default is ‘0s’. Values must be an integer followed by a unit (’s’ for seconds, ’m’ for minutes, ‘h’ for hours, etc).	string Optional
ok-total-unready-count	This must be an integer. The default is 3.	string Optional
scale-down-delay-after-add	The default is ‘10m’. Values must be an integer followed by an ’m’. No unit of time other than minutes (m) is supported.	string Optional
scale-down-delay-after-delete	The default is the scan-interval. Values must be an integer followed by an ’m’. No unit of time other than minutes (m) is supported.	string Optional
scale-down-delay-after-failure	The default is ‘3m’. Values must be an integer followed by an ’m’. No unit of time other than minutes (m) is supported.	string Optional
scale-down-unneeded-time	The default is ‘10m’. Values must be an integer followed by an ’m’. No unit of time other than minutes (m) is supported.	string Optional
scale-down-unready-time	The default is ‘20m’. Values must be an integer followed by an ’m’. No unit of time other than minutes (m) is supported.	string Optional
scale-down-utilization-threshold	The default is ‘0.5’.	string Optional
scan-interval	The default is ‘10’. Values must be an integer number of seconds.	string Optional
skip-nodes-with-local-storage	The default is true.	string Optional
skip-nodes-with-system-pods	The default is true.	string Optional

ManagedClusterProperties_PublicNetworkAccess

Used by: ManagedCluster_Spec.

Value	Description
“Disabled”
“Enabled”
“SecuredByPerimeter”

ManagedClusterProperties_PublicNetworkAccess_STATUS

Used by: ManagedCluster_STATUS.

Value	Description
“Disabled”
“Enabled”
“SecuredByPerimeter”

ManagedClustersAgentPoolOperatorSpec

Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure

Used by: ManagedClustersAgentPool_Spec.

Property	Description	Type
configMapExpressions	configures where to place operator written dynamic ConfigMaps (created with CEL expressions).	core.DestinationExpression[] Optional
secretExpressions	configures where to place operator written dynamic secrets (created with CEL expressions).	core.DestinationExpression[] Optional

ManagedClusterSecurityProfile

Security profile for the container service cluster.

Used by: ManagedCluster_Spec.

Property	Description	Type
azureKeyVaultKms	Azure Key Vault key management service settings for the security profile.	AzureKeyVaultKms Optional
customCATrustCertificates	A list of up to 10 base64 encoded CAs that will be added to the trust store on nodes with the Custom CA Trust feature enabled. For more information see Custom CA Trust Certificates	ManagedClusterSecurityProfileCustomCATrustCertificates Optional
defender	Microsoft Defender settings for the security profile.	ManagedClusterSecurityProfileDefender Optional
imageCleaner	Image Cleaner settings for the security profile.	ManagedClusterSecurityProfileImageCleaner Optional
imageIntegrity	Image integrity is a feature that works with Azure Policy to verify image integrity by signature. This will not have any effect unless Azure Policy is applied to enforce image signatures. See https://aka.ms/aks/image-integrity for how to use this feature via policy.	ManagedClusterSecurityProfileImageIntegrity Optional
nodeRestriction	Node Restriction settings for the security profile.	ManagedClusterSecurityProfileNodeRestriction Optional
workloadIdentity	Workload identity settings for the security profile. Workload identity enables Kubernetes applications to access Azure cloud resources securely with Azure AD. See https://aka.ms/aks/wi for more details.	ManagedClusterSecurityProfileWorkloadIdentity Optional

ManagedClusterSecurityProfile_STATUS

Security profile for the container service cluster.

Used by: ManagedCluster_STATUS.

Property	Description	Type
azureKeyVaultKms	Azure Key Vault key management service settings for the security profile.	AzureKeyVaultKms_STATUS Optional
customCATrustCertificates	A list of up to 10 base64 encoded CAs that will be added to the trust store on nodes with the Custom CA Trust feature enabled. For more information see Custom CA Trust Certificates	string[] Optional
defender	Microsoft Defender settings for the security profile.	ManagedClusterSecurityProfileDefender_STATUS Optional
imageCleaner	Image Cleaner settings for the security profile.	ManagedClusterSecurityProfileImageCleaner_STATUS Optional
imageIntegrity	Image integrity is a feature that works with Azure Policy to verify image integrity by signature. This will not have any effect unless Azure Policy is applied to enforce image signatures. See https://aka.ms/aks/image-integrity for how to use this feature via policy.	ManagedClusterSecurityProfileImageIntegrity_STATUS Optional
nodeRestriction	Node Restriction settings for the security profile.	ManagedClusterSecurityProfileNodeRestriction_STATUS Optional
workloadIdentity	Workload identity settings for the security profile. Workload identity enables Kubernetes applications to access Azure cloud resources securely with Azure AD. See https://aka.ms/aks/wi for more details.	ManagedClusterSecurityProfileWorkloadIdentity_STATUS Optional

ManagedClusterServicePrincipalProfile

Information about a service principal identity for the cluster to use for manipulating Azure APIs.

Used by: ManagedCluster_Spec.

Property	Description	Type
clientId	The ID for the service principal.	string Required
secret	The secret password associated with the service principal in plain text.	genruntime.SecretReference Optional

ManagedClusterServicePrincipalProfile_STATUS

Information about a service principal identity for the cluster to use for manipulating Azure APIs.

Used by: ManagedCluster_STATUS.

Property	Description	Type
clientId	The ID for the service principal.	string Optional

ManagedClusterSKU

The SKU of a Managed Cluster.

Used by: ManagedCluster_Spec.

Property	Description	Type
name	The name of a managed cluster SKU.	ManagedClusterSKU_Name Optional
tier	If not specified, the default is ‘Free’. See AKS Pricing Tier for more details.	ManagedClusterSKU_Tier Optional

ManagedClusterSKU_STATUS

The SKU of a Managed Cluster.

Used by: ManagedCluster_STATUS.

Property	Description	Type
name	The name of a managed cluster SKU.	ManagedClusterSKU_Name_STATUS Optional
tier	If not specified, the default is ‘Free’. See AKS Pricing Tier for more details.	ManagedClusterSKU_Tier_STATUS Optional

ManagedClusterStorageProfile

Storage profile for the container service cluster.

Used by: ManagedCluster_Spec.

Property	Description	Type
blobCSIDriver	AzureBlob CSI Driver settings for the storage profile.	ManagedClusterStorageProfileBlobCSIDriver Optional
diskCSIDriver	AzureDisk CSI Driver settings for the storage profile.	ManagedClusterStorageProfileDiskCSIDriver Optional
fileCSIDriver	AzureFile CSI Driver settings for the storage profile.	ManagedClusterStorageProfileFileCSIDriver Optional
snapshotController	Snapshot Controller settings for the storage profile.	ManagedClusterStorageProfileSnapshotController Optional

ManagedClusterStorageProfile_STATUS

Storage profile for the container service cluster.

Used by: ManagedCluster_STATUS.

Property	Description	Type
blobCSIDriver	AzureBlob CSI Driver settings for the storage profile.	ManagedClusterStorageProfileBlobCSIDriver_STATUS Optional
diskCSIDriver	AzureDisk CSI Driver settings for the storage profile.	ManagedClusterStorageProfileDiskCSIDriver_STATUS Optional
fileCSIDriver	AzureFile CSI Driver settings for the storage profile.	ManagedClusterStorageProfileFileCSIDriver_STATUS Optional
snapshotController	Snapshot Controller settings for the storage profile.	ManagedClusterStorageProfileSnapshotController_STATUS Optional

ManagedClusterWindowsProfile

Profile for Windows VMs in the managed cluster.

Used by: ManagedCluster_Spec.

Property	Description	Type
adminPassword	Specifies the password of the administrator account. Minimum-length: 8 characters Max-length: 123 characters Complexity requirements: 3 out of 4 conditions below need to be fulfilled Has lower characters Has upper characters Has a digit Has a special character (Regex match [\W_]) Disallowed values: “abc@123”, “P@$$w0rd”, “P@ssw0rd”, “P@ssword123”, “Pa$$word”, “pass@word1”, “Password!”, “Password1”, “Password22”, “iloveyou!”	genruntime.SecretReference Optional
adminUsername	Specifies the name of the administrator account. Restriction: Cannot end in “.” Disallowed values: “administrator”, “admin”, “user”, “user1”, “test”, “user2”, “test1”, “user3”, “admin1”, “1”, “123”, “a”, “actuser”, “adm”, “admin2”, “aspnet”, “backup”, “console”, “david”, “guest”, “john”, “owner”, “root”, “server”, “sql”, “support”, “support_388945a0”, “sys”, “test2”, “test3”, “user4”, “user5”. Minimum-length: 1 character Max-length: 20 characters	string Required
enableCSIProxy	For more details on CSI proxy, see the CSI proxy GitHub repo.	bool Optional
gmsaProfile	The Windows gMSA Profile in the Managed Cluster.	WindowsGmsaProfile Optional
licenseType	The license type to use for Windows VMs. See Azure Hybrid User Benefits for more details.	ManagedClusterWindowsProfile_LicenseType Optional

ManagedClusterWindowsProfile_STATUS

Profile for Windows VMs in the managed cluster.

Used by: ManagedCluster_STATUS.

Property	Description	Type
adminUsername	Specifies the name of the administrator account. Restriction: Cannot end in “.” Disallowed values: “administrator”, “admin”, “user”, “user1”, “test”, “user2”, “test1”, “user3”, “admin1”, “1”, “123”, “a”, “actuser”, “adm”, “admin2”, “aspnet”, “backup”, “console”, “david”, “guest”, “john”, “owner”, “root”, “server”, “sql”, “support”, “support_388945a0”, “sys”, “test2”, “test3”, “user4”, “user5”. Minimum-length: 1 character Max-length: 20 characters	string Optional
enableCSIProxy	For more details on CSI proxy, see the CSI proxy GitHub repo.	bool Optional
gmsaProfile	The Windows gMSA Profile in the Managed Cluster.	WindowsGmsaProfile_STATUS Optional
licenseType	The license type to use for Windows VMs. See Azure Hybrid User Benefits for more details.	ManagedClusterWindowsProfile_LicenseType_STATUS Optional

ManagedClusterWorkloadAutoScalerProfile

Workload Auto-scaler profile for the managed cluster.

Used by: ManagedCluster_Spec.

Property	Description	Type
keda	KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.	ManagedClusterWorkloadAutoScalerProfileKeda Optional
verticalPodAutoscaler		ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler Optional

ManagedClusterWorkloadAutoScalerProfile_STATUS

Workload Auto-scaler profile for the managed cluster.

Used by: ManagedCluster_STATUS.

Property	Description	Type
keda	KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.	ManagedClusterWorkloadAutoScalerProfileKeda_STATUS Optional
verticalPodAutoscaler		ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler_STATUS Optional

OSDiskType

The default is ‘Ephemeral’ if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to ‘Managed’. May not be changed after creation. For more information see Ephemeral OS.

Used by: ManagedClusterAgentPoolProfile, and ManagedClustersAgentPool_Spec.

Value	Description
“Ephemeral”
“Managed”

OSDiskType_STATUS

Used by: ManagedClusterAgentPoolProfile_STATUS, and ManagedClustersAgentPool_STATUS.

Value	Description
“Ephemeral”
“Managed”

OSSKU

Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is deprecated.

Used by: ManagedClusterAgentPoolProfile, and ManagedClustersAgentPool_Spec.

Value	Description
“AzureLinux”
“CBLMariner”
“Mariner”
“Ubuntu”
“Windows2019”
“Windows2022”
“WindowsAnnual”

OSSKU_STATUS

Used by: ManagedClusterAgentPoolProfile_STATUS, and ManagedClustersAgentPool_STATUS.

Value	Description
“AzureLinux”
“CBLMariner”
“Mariner”
“Ubuntu”
“Windows2019”
“Windows2022”
“WindowsAnnual”

OSType

The operating system type. The default is Linux.

Used by: ManagedClusterAgentPoolProfile, and ManagedClustersAgentPool_Spec.

Value	Description
“Linux”
“Windows”

OSType_STATUS

The operating system type. The default is Linux.

Used by: ManagedClusterAgentPoolProfile_STATUS, and ManagedClustersAgentPool_STATUS.

Value	Description
“Linux”
“Windows”

PodIPAllocationMode

The IP allocation mode for pods in the agent pool. Must be used with podSubnetId. The default is ‘DynamicIndividual’.

Used by: ManagedClusterAgentPoolProfile, and ManagedClustersAgentPool_Spec.

Value	Description
“DynamicIndividual”
“StaticBlock”

PodIPAllocationMode_STATUS

The IP allocation mode for pods in the agent pool. Must be used with podSubnetId. The default is ‘DynamicIndividual’.

Used by: ManagedClusterAgentPoolProfile_STATUS, and ManagedClustersAgentPool_STATUS.

Value	Description
“DynamicIndividual”
“StaticBlock”

PowerState

Describes the Power State of the cluster

Used by: ManagedClusterAgentPoolProfile, and ManagedClustersAgentPool_Spec.

Property	Description	Type
code	Tells whether the cluster is Running or Stopped	PowerState_Code Optional

PowerState_STATUS

Describes the Power State of the cluster

Used by: ManagedCluster_STATUS, ManagedClusterAgentPoolProfile_STATUS, and ManagedClustersAgentPool_STATUS.

Property	Description	Type
code	Tells whether the cluster is Running or Stopped	PowerState_Code_STATUS Optional

PrivateLinkResource

A private link resource

Used by: ManagedCluster_Spec.

Property	Description	Type
groupId	The group ID of the resource.	string Optional
name	The name of the private link resource.	string Optional
reference	The ID of the private link resource.	genruntime.ResourceReference Optional
requiredMembers	The RequiredMembers of the resource	string[] Optional
type	The resource type.	string Optional

PrivateLinkResource_STATUS

A private link resource

Used by: ManagedCluster_STATUS.

Property	Description	Type
groupId	The group ID of the resource.	string Optional
id	The ID of the private link resource.	string Optional
name	The name of the private link resource.	string Optional
privateLinkServiceID	The private link service ID of the resource, this field is exposed only to NRP internally.	string Optional
requiredMembers	The RequiredMembers of the resource	string[] Optional
type	The resource type.	string Optional

SafeguardsProfile

The Safeguards profile.

Used by: ManagedCluster_Spec.

Property	Description	Type
excludedNamespaces	List of namespaces excluded from Safeguards checks	string[] Optional
level	The Safeguards level to be used. By default, Safeguards is enabled for all namespaces except those that AKS excludes via systemExcludedNamespaces	SafeguardsProfile_Level Required
version	The version of constraints to use	string Optional

SafeguardsProfile_STATUS

The Safeguards profile.

Used by: ManagedCluster_STATUS.

Property	Description	Type
excludedNamespaces	List of namespaces excluded from Safeguards checks	string[] Optional
level	The Safeguards level to be used. By default, Safeguards is enabled for all namespaces except those that AKS excludes via systemExcludedNamespaces	SafeguardsProfile_Level_STATUS Optional
systemExcludedNamespaces	List of namespaces specified by AKS to be excluded from Safeguards	string[] Optional
version	The version of constraints to use	string Optional

ScaleDownMode

Describes how VMs are added to or removed from Agent Pools. See billing states.

Used by: ManagedClusterAgentPoolProfile, and ManagedClustersAgentPool_Spec.

Value	Description
“Deallocate”
“Delete”

ScaleDownMode_STATUS

Describes how VMs are added to or removed from Agent Pools. See billing states.

Used by: ManagedClusterAgentPoolProfile_STATUS, and ManagedClustersAgentPool_STATUS.

Value	Description
“Deallocate”
“Delete”

ScaleSetEvictionPolicy

The eviction policy specifies what to do with the VM when it is evicted. The default is Delete. For more information about eviction see spot VMs

Used by: ManagedClusterAgentPoolProfile, and ManagedClustersAgentPool_Spec.

Value	Description
“Deallocate”
“Delete”

ScaleSetEvictionPolicy_STATUS

The eviction policy specifies what to do with the VM when it is evicted. The default is Delete. For more information about eviction see spot VMs

Used by: ManagedClusterAgentPoolProfile_STATUS, and ManagedClustersAgentPool_STATUS.

Value	Description
“Deallocate”
“Delete”

ScaleSetPriority

The Virtual Machine Scale Set priority.

Used by: ManagedClusterAgentPoolProfile, and ManagedClustersAgentPool_Spec.

Value	Description
“Regular”
“Spot”

ScaleSetPriority_STATUS

The Virtual Machine Scale Set priority.

Used by: ManagedClusterAgentPoolProfile_STATUS, and ManagedClustersAgentPool_STATUS.

Value	Description
“Regular”
“Spot”

ServiceMeshProfile

Service mesh profile for a managed cluster.

Used by: ManagedCluster_Spec.

Property	Description	Type
istio	Istio service mesh configuration.	IstioServiceMesh Optional
mode	Mode of the service mesh.	ServiceMeshProfile_Mode Required

ServiceMeshProfile_STATUS

Service mesh profile for a managed cluster.

Used by: ManagedCluster_STATUS.

Property	Description	Type
istio	Istio service mesh configuration.	IstioServiceMesh_STATUS Optional
mode	Mode of the service mesh.	ServiceMeshProfile_Mode_STATUS Optional

SystemData_STATUS

Metadata pertaining to creation and last modification of the resource.

Used by: ManagedCluster_STATUS, and TrustedAccessRoleBinding_STATUS.

Property	Description	Type
createdAt	The timestamp of resource creation (UTC).	string Optional
createdBy	The identity that created the resource.	string Optional
createdByType	The type of identity that created the resource.	SystemData_CreatedByType_STATUS Optional
lastModifiedAt	The timestamp of resource last modification (UTC)	string Optional
lastModifiedBy	The identity that last modified the resource.	string Optional
lastModifiedByType	The type of identity that last modified the resource.	SystemData_LastModifiedByType_STATUS Optional

TrustedAccessRoleBindingOperatorSpec

Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure

Used by: TrustedAccessRoleBinding_Spec.

Property	Description	Type
configMapExpressions	configures where to place operator written dynamic ConfigMaps (created with CEL expressions).	core.DestinationExpression[] Optional
secretExpressions	configures where to place operator written dynamic secrets (created with CEL expressions).	core.DestinationExpression[] Optional

TrustedAccessRoleBindingProperties_ProvisioningState_STATUS

Used by: TrustedAccessRoleBinding_STATUS.

Value	Description
“Canceled”
“Deleting”
“Failed”
“Succeeded”
“Updating”

UserAssignedIdentity

Details about a user assigned identity.

Used by: ManagedCluster_Spec, and ManagedClusterPodIdentity.

Property	Description	Type
clientId	The client ID of the user assigned identity.	string Optional
objectId	The object ID of the user assigned identity.	string Optional
resourceReference	The resource ID of the user assigned identity.	genruntime.ResourceReference Optional

UserAssignedIdentity_STATUS

Details about a user assigned identity.

Used by: ManagedCluster_STATUS, ManagedClusterAddonProfile_STATUS, ManagedClusterIngressProfileWebAppRouting_STATUS, and ManagedClusterPodIdentity_STATUS.

Property	Description	Type
clientId	The client ID of the user assigned identity.	string Optional
objectId	The object ID of the user assigned identity.	string Optional
resourceId	The resource ID of the user assigned identity.	string Optional

VirtualMachineNodes

Current status on a group of nodes of the same vm size.

Used by: ManagedClusterAgentPoolProfile, and ManagedClustersAgentPool_Spec.

Property	Description	Type
count	Number of nodes.	int Optional
size	The VM size of the agents used to host this group of nodes.	string Optional

VirtualMachineNodes_STATUS

Current status on a group of nodes of the same vm size.

Used by: ManagedClusterAgentPoolProfile_STATUS, and ManagedClustersAgentPool_STATUS.

Property	Description	Type
count	Number of nodes.	int Optional
size	The VM size of the agents used to host this group of nodes.	string Optional

VirtualMachinesProfile

Specifications on VirtualMachines agent pool.

Used by: ManagedClusterAgentPoolProfile, and ManagedClustersAgentPool_Spec.

Property	Description	Type
scale	Specifications on how to scale a VirtualMachines agent pool.	ScaleProfile Optional

VirtualMachinesProfile_STATUS

Specifications on VirtualMachines agent pool.

Used by: ManagedClusterAgentPoolProfile_STATUS, and ManagedClustersAgentPool_STATUS.

Property	Description	Type
scale	Specifications on how to scale a VirtualMachines agent pool.	ScaleProfile_STATUS Optional

WorkloadRuntime

Determines the type of workload a node can run.

Used by: ManagedClusterAgentPoolProfile, and ManagedClustersAgentPool_Spec.

Value	Description
“KataMshvVmIsolation”
“OCIContainer”
“WasmWasi”

WorkloadRuntime_STATUS

Determines the type of workload a node can run.

Used by: ManagedClusterAgentPoolProfile_STATUS, and ManagedClustersAgentPool_STATUS.

Value	Description
“KataMshvVmIsolation”
“OCIContainer”
“WasmWasi”

AdvancedNetworking

Advanced Networking profile for enabling observability on a cluster. Note that enabling advanced networking features may incur additional costs. For more information see aka.ms/aksadvancednetworking.

Used by: ContainerServiceNetworkProfile.

Property	Description	Type
observability	Observability profile to enable advanced network metrics and flow logs with historical contexts.	AdvancedNetworkingObservability Optional

AdvancedNetworking_STATUS

Advanced Networking profile for enabling observability on a cluster. Note that enabling advanced networking features may incur additional costs. For more information see aka.ms/aksadvancednetworking.

Used by: ContainerServiceNetworkProfile_STATUS.

Property	Description	Type
observability	Observability profile to enable advanced network metrics and flow logs with historical contexts.	AdvancedNetworkingObservability_STATUS Optional

AgentPoolSSHAccess

SSH access method of an agent pool.

Used by: AgentPoolSecurityProfile.

Value	Description
“Disabled”
“LocalUser”

AgentPoolSSHAccess_STATUS

SSH access method of an agent pool.

Used by: AgentPoolSecurityProfile_STATUS.

Value	Description
“Disabled”
“LocalUser”

AgentPoolUpgradeSettings_UndrainableNodeBehavior

Used by: AgentPoolUpgradeSettings.

Value	Description
“Cordon”
“Schedule”

AgentPoolUpgradeSettings_UndrainableNodeBehavior_STATUS

Used by: AgentPoolUpgradeSettings_STATUS.

Value	Description
“Cordon”
“Schedule”

AzureKeyVaultKms

Azure Key Vault key management service settings for the security profile.

Used by: ManagedClusterSecurityProfile.

Property	Description	Type
enabled	Whether to enable Azure Key Vault key management service. The default is false.	bool Optional
keyId	Identifier of Azure Key Vault key. See key identifier format for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key identifier. When Azure Key Vault key management service is disabled, leave the field empty.	string Optional
keyVaultNetworkAccess	Network access of key vault. The possible values are `Public` and `Private`. `Public` means the key vault allows public access from all networks. `Private` means the key vault disables public access and enables private link. The default value is `Public`.	AzureKeyVaultKms_KeyVaultNetworkAccess Optional
keyVaultResourceReference	Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty.	genruntime.ResourceReference Optional

AzureKeyVaultKms_STATUS

Azure Key Vault key management service settings for the security profile.

Used by: ManagedClusterSecurityProfile_STATUS.

Property	Description	Type
enabled	Whether to enable Azure Key Vault key management service. The default is false.	bool Optional
keyId	Identifier of Azure Key Vault key. See key identifier format for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key identifier. When Azure Key Vault key management service is disabled, leave the field empty.	string Optional
keyVaultNetworkAccess	Network access of key vault. The possible values are `Public` and `Private`. `Public` means the key vault allows public access from all networks. `Private` means the key vault disables public access and enables private link. The default value is `Public`.	AzureKeyVaultKms_KeyVaultNetworkAccess_STATUS Optional
keyVaultResourceId	Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty.	string Optional

ContainerServiceNetworkProfile_KubeProxyConfig

Used by: ContainerServiceNetworkProfile.

Property	Description	Type
enabled	Whether to enable on kube-proxy on the cluster (if no ‘kubeProxyConfig’ exists, kube-proxy is enabled in AKS by default without these customizations).	bool Optional
ipvsConfig	Holds configuration customizations for IPVS. May only be specified if ‘mode’ is set to ‘IPVS’.	ContainerServiceNetworkProfile_KubeProxyConfig_IpvsConfig Optional
mode	Specify which proxy mode to use (‘IPTABLES’ or ‘IPVS’)	ContainerServiceNetworkProfile_KubeProxyConfig_Mode Optional

ContainerServiceNetworkProfile_KubeProxyConfig_STATUS

Used by: ContainerServiceNetworkProfile_STATUS.

Property	Description	Type
enabled	Whether to enable on kube-proxy on the cluster (if no ‘kubeProxyConfig’ exists, kube-proxy is enabled in AKS by default without these customizations).	bool Optional
ipvsConfig	Holds configuration customizations for IPVS. May only be specified if ‘mode’ is set to ‘IPVS’.	ContainerServiceNetworkProfile_KubeProxyConfig_IpvsConfig_STATUS Optional
mode	Specify which proxy mode to use (‘IPTABLES’ or ‘IPVS’)	ContainerServiceNetworkProfile_KubeProxyConfig_Mode_STATUS Optional

ContainerServiceNetworkProfile_OutboundType

Used by: ContainerServiceNetworkProfile.

Value	Description
“loadBalancer”
“managedNATGateway”
“none”
“userAssignedNATGateway”
“userDefinedRouting”

ContainerServiceNetworkProfile_OutboundType_STATUS

Used by: ContainerServiceNetworkProfile_STATUS.

Value	Description
“loadBalancer”
“managedNATGateway”
“none”
“userAssignedNATGateway”
“userDefinedRouting”

ContainerServiceSshConfiguration

SSH configuration for Linux-based VMs running on Azure.

Used by: ContainerServiceLinuxProfile.

Property	Description	Type
publicKeys	The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.	ContainerServiceSshPublicKey[] Required

ContainerServiceSshConfiguration_STATUS

SSH configuration for Linux-based VMs running on Azure.

Used by: ContainerServiceLinuxProfile_STATUS.

Property	Description	Type
publicKeys	The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.	ContainerServiceSshPublicKey_STATUS[] Optional

DelegatedResource

Delegated resource properties - internal use only.

Used by: ManagedClusterIdentity.

Property	Description	Type
location	The source resource location - internal use only.	string Optional
referralResource	The delegation id of the referral delegation (optional) - internal use only.	string Optional
resourceReference	The ARM resource id of the delegated resource - internal use only.	genruntime.ResourceReference Optional
tenantId	The tenant id of the delegated resource - internal use only.	string Optional

DelegatedResource_STATUS

Delegated resource properties - internal use only.

Used by: ManagedClusterIdentity_STATUS.

Property	Description	Type
location	The source resource location - internal use only.	string Optional
referralResource	The delegation id of the referral delegation (optional) - internal use only.	string Optional
resourceId	The ARM resource id of the delegated resource - internal use only.	string Optional
tenantId	The tenant id of the delegated resource - internal use only.	string Optional

Expander

If not specified, the default is ‘random’. See expanders for more information.

Used by: ManagedClusterProperties_AutoScalerProfile.

Value	Description
“least-waste”
“most-pods”
“priority”
“random”

Expander_STATUS

If not specified, the default is ‘random’. See expanders for more information.

Used by: ManagedClusterProperties_AutoScalerProfile_STATUS.

Value	Description
“least-waste”
“most-pods”
“priority”
“random”

ExtendedLocationType

The type of extendedLocation.

Used by: ExtendedLocation.

Value	Description
“EdgeZone”

ExtendedLocationType_STATUS

The type of extendedLocation.

Used by: ExtendedLocation_STATUS.

Value	Description
“EdgeZone”

IpFamily

To determine if address belongs IPv4 or IPv6 family.

Used by: ContainerServiceNetworkProfile.

Value	Description
“IPv4”
“IPv6”

IpFamily_STATUS

To determine if address belongs IPv4 or IPv6 family.

Used by: ContainerServiceNetworkProfile_STATUS.

Value	Description
“IPv4”
“IPv6”

IPTag

Contains the IPTag associated with the object.

Used by: AgentPoolNetworkProfile.

Property	Description	Type
ipTagType	The IP tag type. Example: RoutingPreference.	string Optional
tag	The value of the IP tag associated with the public IP. Example: Internet.	string Optional

IPTag_STATUS

Contains the IPTag associated with the object.

Used by: AgentPoolNetworkProfile_STATUS.

Property	Description	Type
ipTagType	The IP tag type. Example: RoutingPreference.	string Optional
tag	The value of the IP tag associated with the public IP. Example: Internet.	string Optional

IstioServiceMesh

Istio service mesh configuration.

Used by: ServiceMeshProfile.

Property	Description	Type
certificateAuthority	Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin certificates as described here https://aka.ms/asm-plugin-ca	IstioCertificateAuthority Optional
components	Istio components configuration.	IstioComponents Optional
revisions	The list of revisions of the Istio control plane. When an upgrade is not in progress, this holds one value. When canary upgrade is in progress, this can only hold two consecutive values. For more information, see: https://learn.microsoft.com/en-us/azure/aks/istio-upgrade	string[] Optional

IstioServiceMesh_STATUS

Istio service mesh configuration.

Used by: ServiceMeshProfile_STATUS.

Property	Description	Type
certificateAuthority	Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin certificates as described here https://aka.ms/asm-plugin-ca	IstioCertificateAuthority_STATUS Optional
components	Istio components configuration.	IstioComponents_STATUS Optional
revisions	The list of revisions of the Istio control plane. When an upgrade is not in progress, this holds one value. When canary upgrade is in progress, this can only hold two consecutive values. For more information, see: https://learn.microsoft.com/en-us/azure/aks/istio-upgrade	string[] Optional

LoadBalancerSku

The default is ‘standard’. See Azure Load Balancer SKUs for more information about the differences between load balancer SKUs.

Used by: ContainerServiceNetworkProfile.

Value	Description
“basic”
“standard”

LoadBalancerSku_STATUS

The default is ‘standard’. See Azure Load Balancer SKUs for more information about the differences between load balancer SKUs.

Used by: ContainerServiceNetworkProfile_STATUS.

Value	Description
“basic”
“standard”

ManagedClusterAutoUpgradeProfile_NodeOSUpgradeChannel

Used by: ManagedClusterAutoUpgradeProfile.

Value	Description
“NodeImage”
“None”
“SecurityPatch”
“Unmanaged”

ManagedClusterAutoUpgradeProfile_NodeOSUpgradeChannel_STATUS

Used by: ManagedClusterAutoUpgradeProfile_STATUS.

Value	Description
“NodeImage”
“None”
“SecurityPatch”
“Unmanaged”

ManagedClusterAutoUpgradeProfile_UpgradeChannel

Used by: ManagedClusterAutoUpgradeProfile.

Value	Description
“node-image”
“none”
“patch”
“rapid”
“stable”

ManagedClusterAutoUpgradeProfile_UpgradeChannel_STATUS

Used by: ManagedClusterAutoUpgradeProfile_STATUS.

Value	Description
“node-image”
“none”
“patch”
“rapid”
“stable”

ManagedClusterAzureMonitorProfileAppMonitoring

Application Monitoring Profile for Kubernetes Application Container. Collects application logs, metrics and traces through auto-instrumentation of the application using Azure Monitor OpenTelemetry based SDKs. See aka.ms/AzureMonitorApplicationMonitoring for an overview.

Used by: ManagedClusterAzureMonitorProfile.

Property	Description	Type
autoInstrumentation	Application Monitoring Auto Instrumentation for Kubernetes Application Container. Deploys web hook to auto-instrument Azure Monitor OpenTelemetry based SDKs to collect OpenTelemetry metrics, logs and traces of the application. See aka.ms/AzureMonitorApplicationMonitoring for an overview.	ManagedClusterAzureMonitorProfileAppMonitoringAutoInstrumentation Optional
openTelemetryLogs	Application Monitoring Open Telemetry Metrics Profile for Kubernetes Application Container Logs and Traces. Collects OpenTelemetry logs and traces of the application using Azure Monitor OpenTelemetry based SDKs. See aka.ms/AzureMonitorApplicationMonitoring for an overview.	ManagedClusterAzureMonitorProfileAppMonitoringOpenTelemetryLogs Optional
openTelemetryMetrics	Application Monitoring Open Telemetry Metrics Profile for Kubernetes Application Container Metrics. Collects OpenTelemetry metrics of the application using Azure Monitor OpenTelemetry based SDKs. See aka.ms/AzureMonitorApplicationMonitoring for an overview.	ManagedClusterAzureMonitorProfileAppMonitoringOpenTelemetryMetrics Optional

ManagedClusterAzureMonitorProfileAppMonitoring_STATUS

Used by: ManagedClusterAzureMonitorProfile_STATUS.

Property	Description	Type
autoInstrumentation	Application Monitoring Auto Instrumentation for Kubernetes Application Container. Deploys web hook to auto-instrument Azure Monitor OpenTelemetry based SDKs to collect OpenTelemetry metrics, logs and traces of the application. See aka.ms/AzureMonitorApplicationMonitoring for an overview.	ManagedClusterAzureMonitorProfileAppMonitoringAutoInstrumentation_STATUS Optional
openTelemetryLogs	Application Monitoring Open Telemetry Metrics Profile for Kubernetes Application Container Logs and Traces. Collects OpenTelemetry logs and traces of the application using Azure Monitor OpenTelemetry based SDKs. See aka.ms/AzureMonitorApplicationMonitoring for an overview.	ManagedClusterAzureMonitorProfileAppMonitoringOpenTelemetryLogs_STATUS Optional
openTelemetryMetrics	Application Monitoring Open Telemetry Metrics Profile for Kubernetes Application Container Metrics. Collects OpenTelemetry metrics of the application using Azure Monitor OpenTelemetry based SDKs. See aka.ms/AzureMonitorApplicationMonitoring for an overview.	ManagedClusterAzureMonitorProfileAppMonitoringOpenTelemetryMetrics_STATUS Optional

ManagedClusterAzureMonitorProfileContainerInsights

Azure Monitor Container Insights Profile for Kubernetes Events, Inventory and Container stdout & stderr logs etc. See aka.ms/AzureMonitorContainerInsights for an overview.

Used by: ManagedClusterAzureMonitorProfile.

Property	Description	Type
disableCustomMetrics	Indicates whether custom metrics collection has to be disabled or not. If not specified the default is false. No custom metrics will be emitted if this field is false but the container insights enabled field is false	bool Optional
disablePrometheusMetricsScraping	Indicates whether prometheus metrics scraping is disabled or not. If not specified the default is false. No prometheus metrics will be emitted if this field is false but the container insights enabled field is false	bool Optional
enabled	Indicates if Azure Monitor Container Insights Logs Addon is enabled or not.	bool Optional
logAnalyticsWorkspaceResourceReference	Fully Qualified ARM Resource Id of Azure Log Analytics Workspace for storing Azure Monitor Container Insights Logs.	genruntime.ResourceReference Optional
syslogPort	The syslog host port. If not specified, the default port is 28330.	int Optional

ManagedClusterAzureMonitorProfileContainerInsights_STATUS

Azure Monitor Container Insights Profile for Kubernetes Events, Inventory and Container stdout & stderr logs etc. See aka.ms/AzureMonitorContainerInsights for an overview.

Used by: ManagedClusterAzureMonitorProfile_STATUS.

Property	Description	Type
disableCustomMetrics	Indicates whether custom metrics collection has to be disabled or not. If not specified the default is false. No custom metrics will be emitted if this field is false but the container insights enabled field is false	bool Optional
disablePrometheusMetricsScraping	Indicates whether prometheus metrics scraping is disabled or not. If not specified the default is false. No prometheus metrics will be emitted if this field is false but the container insights enabled field is false	bool Optional
enabled	Indicates if Azure Monitor Container Insights Logs Addon is enabled or not.	bool Optional
logAnalyticsWorkspaceResourceId	Fully Qualified ARM Resource Id of Azure Log Analytics Workspace for storing Azure Monitor Container Insights Logs.	string Optional
syslogPort	The syslog host port. If not specified, the default port is 28330.	int Optional

ManagedClusterAzureMonitorProfileMetrics

Metrics profile for the prometheus service addon

Used by: ManagedClusterAzureMonitorProfile.

Property	Description	Type
enabled	Whether to enable the Prometheus collector	bool Required
kubeStateMetrics	Kube State Metrics for prometheus addon profile for the container service cluster	ManagedClusterAzureMonitorProfileKubeStateMetrics Optional

ManagedClusterAzureMonitorProfileMetrics_STATUS

Metrics profile for the prometheus service addon

Used by: ManagedClusterAzureMonitorProfile_STATUS.

Property	Description	Type
enabled	Whether to enable the Prometheus collector	bool Optional
kubeStateMetrics	Kube State Metrics for prometheus addon profile for the container service cluster	ManagedClusterAzureMonitorProfileKubeStateMetrics_STATUS Optional

ManagedClusterBootstrapProfile_ArtifactSource

Used by: ManagedClusterBootstrapProfile.

Value	Description
“Cache”
“Direct”

ManagedClusterBootstrapProfile_ArtifactSource_STATUS

Used by: ManagedClusterBootstrapProfile_STATUS.

Value	Description
“Cache”
“Direct”

ManagedClusterCostAnalysis

The cost analysis configuration for the cluster

Used by: ManagedClusterMetricsProfile.

Property	Description	Type
enabled	The Managed Cluster sku.tier must be set to ‘Standard’ or ‘Premium’ to enable this feature. Enabling this will add Kubernetes Namespace and Deployment details to the Cost Analysis views in the Azure portal. If not specified, the default is false. For more information see aka.ms/aks/docs/cost-analysis.	bool Optional

ManagedClusterCostAnalysis_STATUS

The cost analysis configuration for the cluster

Used by: ManagedClusterMetricsProfile_STATUS.

Property	Description	Type
enabled	The Managed Cluster sku.tier must be set to ‘Standard’ or ‘Premium’ to enable this feature. Enabling this will add Kubernetes Namespace and Deployment details to the Cost Analysis views in the Azure portal. If not specified, the default is false. For more information see aka.ms/aks/docs/cost-analysis.	bool Optional

ManagedClusterIdentity_Type

Used by: ManagedClusterIdentity.

Value	Description
“None”
“SystemAssigned”
“UserAssigned”

ManagedClusterIdentity_Type_STATUS

Used by: ManagedClusterIdentity_STATUS.

Value	Description
“None”
“SystemAssigned”
“UserAssigned”

ManagedClusterIdentity_UserAssignedIdentities_STATUS

Used by: ManagedClusterIdentity_STATUS.

Property	Description	Type
clientId	The client id of user assigned identity.	string Optional
principalId	The principal id of user assigned identity.	string Optional

ManagedClusterIngressProfileWebAppRouting

Web App Routing settings for the ingress profile.

Used by: ManagedClusterIngressProfile.

Property	Description	Type
dnsZoneResourceReferences	Resource IDs of the DNS zones to be associated with the Web App Routing add-on. Used only when Web App Routing is enabled. Public and private DNS zones can be in different resource groups, but all public DNS zones must be in the same resource group and all private DNS zones must be in the same resource group.	genruntime.ResourceReference[] Optional
enabled	Whether to enable Web App Routing.	bool Optional

ManagedClusterIngressProfileWebAppRouting_STATUS

Web App Routing settings for the ingress profile.

Used by: ManagedClusterIngressProfile_STATUS.

Property	Description	Type
dnsZoneResourceIds	Resource IDs of the DNS zones to be associated with the Web App Routing add-on. Used only when Web App Routing is enabled. Public and private DNS zones can be in different resource groups, but all public DNS zones must be in the same resource group and all private DNS zones must be in the same resource group.	string[] Optional
enabled	Whether to enable Web App Routing.	bool Optional
identity	Managed identity of the Web Application Routing add-on. This is the identity that should be granted permissions, for example, to manage the associated Azure DNS resource and get certificates from Azure Key Vault. See this overview of the add-on for more instructions.	UserAssignedIdentity_STATUS Optional

ManagedClusterLoadBalancerProfile

Profile of the managed cluster load balancer.

Used by: ContainerServiceNetworkProfile.

Property	Description	Type
allocatedOutboundPorts	The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.	int Optional
backendPoolType	The type of the managed inbound Load Balancer BackendPool.	ManagedClusterLoadBalancerProfile_BackendPoolType Optional
clusterServiceLoadBalancerHealthProbeMode	The health probing behavior for External Traffic Policy Cluster services.	ManagedClusterLoadBalancerProfile_ClusterServiceLoadBalancerHealthProbeMode Optional
effectiveOutboundIPs	The effective outbound IP resources of the cluster load balancer.	ResourceReference[] Optional
enableMultipleStandardLoadBalancers	Enable multiple standard load balancers per AKS cluster or not.	bool Optional
idleTimeoutInMinutes	Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 30 minutes.	int Optional
managedOutboundIPs	Desired managed outbound IPs for the cluster load balancer.	ManagedClusterLoadBalancerProfile_ManagedOutboundIPs Optional
outboundIPPrefixes	Desired outbound IP Prefix resources for the cluster load balancer.	ManagedClusterLoadBalancerProfile_OutboundIPPrefixes Optional
outboundIPs	Desired outbound IP resources for the cluster load balancer.	ManagedClusterLoadBalancerProfile_OutboundIPs Optional

ManagedClusterLoadBalancerProfile_STATUS

Profile of the managed cluster load balancer.

Used by: ContainerServiceNetworkProfile_STATUS.

Property	Description	Type
allocatedOutboundPorts	The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.	int Optional
backendPoolType	The type of the managed inbound Load Balancer BackendPool.	ManagedClusterLoadBalancerProfile_BackendPoolType_STATUS Optional
clusterServiceLoadBalancerHealthProbeMode	The health probing behavior for External Traffic Policy Cluster services.	ManagedClusterLoadBalancerProfile_ClusterServiceLoadBalancerHealthProbeMode_STATUS Optional
effectiveOutboundIPs	The effective outbound IP resources of the cluster load balancer.	ResourceReference_STATUS[] Optional
enableMultipleStandardLoadBalancers	Enable multiple standard load balancers per AKS cluster or not.	bool Optional
idleTimeoutInMinutes	Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 30 minutes.	int Optional
managedOutboundIPs	Desired managed outbound IPs for the cluster load balancer.	ManagedClusterLoadBalancerProfile_ManagedOutboundIPs_STATUS Optional
outboundIPPrefixes	Desired outbound IP Prefix resources for the cluster load balancer.	ManagedClusterLoadBalancerProfile_OutboundIPPrefixes_STATUS Optional
outboundIPs	Desired outbound IP resources for the cluster load balancer.	ManagedClusterLoadBalancerProfile_OutboundIPs_STATUS Optional

ManagedClusterNATGatewayProfile

Profile of the managed cluster NAT gateway.

Used by: ContainerServiceNetworkProfile.

Property	Description	Type
effectiveOutboundIPs	The effective outbound IP resources of the cluster NAT gateway.	ResourceReference[] Optional
idleTimeoutInMinutes	Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 4 minutes.	int Optional
managedOutboundIPProfile	Profile of the managed outbound IP resources of the cluster NAT gateway.	ManagedClusterManagedOutboundIPProfile Optional

ManagedClusterNATGatewayProfile_STATUS

Profile of the managed cluster NAT gateway.

Used by: ContainerServiceNetworkProfile_STATUS.

Property	Description	Type
effectiveOutboundIPs	The effective outbound IP resources of the cluster NAT gateway.	ResourceReference_STATUS[] Optional
idleTimeoutInMinutes	Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 4 minutes.	int Optional
managedOutboundIPProfile	Profile of the managed outbound IP resources of the cluster NAT gateway.	ManagedClusterManagedOutboundIPProfile_STATUS Optional

ManagedClusterNodeProvisioningProfile_Mode

Used by: ManagedClusterNodeProvisioningProfile.

Value	Description
“Auto”
“Manual”

ManagedClusterNodeProvisioningProfile_Mode_STATUS

Used by: ManagedClusterNodeProvisioningProfile_STATUS.

Value	Description
“Auto”
“Manual”

ManagedClusterNodeResourceGroupProfile_RestrictionLevel

Used by: ManagedClusterNodeResourceGroupProfile.

Value	Description
“ReadOnly”
“Unrestricted”

ManagedClusterNodeResourceGroupProfile_RestrictionLevel_STATUS

Used by: ManagedClusterNodeResourceGroupProfile_STATUS.

Value	Description
“ReadOnly”
“Unrestricted”

ManagedClusterOperatorConfigMaps

Used by: ManagedClusterOperatorSpec.

Property	Description	Type
oidcIssuerProfile	indicates where the OIDCIssuerProfile config map should be placed. If omitted, no config map will be created.	genruntime.ConfigMapDestination Optional

ManagedClusterOperatorSecrets

Used by: ManagedClusterOperatorSpec.

Property	Description	Type
adminCredentials	indicates where the AdminCredentials secret should be placed. If omitted, the secret will not be retrieved from Azure.	genruntime.SecretDestination Optional
userCredentials	indicates where the UserCredentials secret should be placed. If omitted, the secret will not be retrieved from Azure.	genruntime.SecretDestination Optional

ManagedClusterPodIdentity

Details about the pod identity assigned to the Managed Cluster.

Used by: ManagedClusterPodIdentityProfile.

Property	Description	Type
bindingSelector	The binding selector to use for the AzureIdentityBinding resource.	string Optional
identity	The user assigned identity details.	UserAssignedIdentity Required
name	The name of the pod identity.	string Required
namespace	The namespace of the pod identity.	string Required

ManagedClusterPodIdentity_STATUS

Details about the pod identity assigned to the Managed Cluster.

Used by: ManagedClusterPodIdentityProfile_STATUS.

Property	Description	Type
bindingSelector	The binding selector to use for the AzureIdentityBinding resource.	string Optional
identity	The user assigned identity details.	UserAssignedIdentity_STATUS Optional
name	The name of the pod identity.	string Optional
namespace	The namespace of the pod identity.	string Optional
provisioningInfo		ManagedClusterPodIdentity_ProvisioningInfo_STATUS Optional
provisioningState	The current provisioning state of the pod identity.	ManagedClusterPodIdentity_ProvisioningState_STATUS Optional

ManagedClusterPodIdentityException

See disable AAD Pod Identity for a specific Pod/Application for more details.

Used by: ManagedClusterPodIdentityProfile.

Property	Description	Type
name	The name of the pod identity exception.	string Required
namespace	The namespace of the pod identity exception.	string Required
podLabels	The pod labels to match.	map[string]string Required

ManagedClusterPodIdentityException_STATUS

See disable AAD Pod Identity for a specific Pod/Application for more details.

Used by: ManagedClusterPodIdentityProfile_STATUS.

Property	Description	Type
name	The name of the pod identity exception.	string Optional
namespace	The namespace of the pod identity exception.	string Optional
podLabels	The pod labels to match.	map[string]string Optional

ManagedClusterSecurityProfileDefender

Microsoft Defender settings for the security profile.

Used by: ManagedClusterSecurityProfile.

Property	Description	Type
logAnalyticsWorkspaceResourceReference	Resource ID of the Log Analytics workspace to be associated with Microsoft Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When Microsoft Defender is disabled, leave the field empty.	genruntime.ResourceReference Optional
securityMonitoring	Microsoft Defender threat detection for Cloud settings for the security profile.	ManagedClusterSecurityProfileDefenderSecurityMonitoring Optional

ManagedClusterSecurityProfileDefender_STATUS

Microsoft Defender settings for the security profile.

Used by: ManagedClusterSecurityProfile_STATUS.

Property	Description	Type
logAnalyticsWorkspaceResourceId	Resource ID of the Log Analytics workspace to be associated with Microsoft Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When Microsoft Defender is disabled, leave the field empty.	string Optional
securityMonitoring	Microsoft Defender threat detection for Cloud settings for the security profile.	ManagedClusterSecurityProfileDefenderSecurityMonitoring_STATUS Optional

ManagedClusterSecurityProfileImageCleaner

Image Cleaner removes unused images from nodes, freeing up disk space and helping to reduce attack surface area. Here are settings for the security profile.

Used by: ManagedClusterSecurityProfile.

Property	Description	Type
enabled	Whether to enable Image Cleaner on AKS cluster.	bool Optional
intervalHours	Image Cleaner scanning interval in hours.	int Optional

ManagedClusterSecurityProfileImageCleaner_STATUS

Image Cleaner removes unused images from nodes, freeing up disk space and helping to reduce attack surface area. Here are settings for the security profile.

Used by: ManagedClusterSecurityProfile_STATUS.

Property	Description	Type
enabled	Whether to enable Image Cleaner on AKS cluster.	bool Optional
intervalHours	Image Cleaner scanning interval in hours.	int Optional

ManagedClusterSecurityProfileImageIntegrity

Image integrity related settings for the security profile.

Used by: ManagedClusterSecurityProfile.

Property	Description	Type
enabled	Whether to enable image integrity. The default value is false.	bool Optional

ManagedClusterSecurityProfileImageIntegrity_STATUS

Image integrity related settings for the security profile.

Used by: ManagedClusterSecurityProfile_STATUS.

Property	Description	Type
enabled	Whether to enable image integrity. The default value is false.	bool Optional

ManagedClusterSecurityProfileNodeRestriction

Node Restriction settings for the security profile.

Used by: ManagedClusterSecurityProfile.

Property	Description	Type
enabled	Whether to enable Node Restriction	bool Optional

ManagedClusterSecurityProfileNodeRestriction_STATUS

Node Restriction settings for the security profile.

Used by: ManagedClusterSecurityProfile_STATUS.

Property	Description	Type
enabled	Whether to enable Node Restriction	bool Optional

ManagedClusterSecurityProfileWorkloadIdentity

Workload identity settings for the security profile.

Used by: ManagedClusterSecurityProfile.

Property	Description	Type
enabled	Whether to enable workload identity.	bool Optional

ManagedClusterSecurityProfileWorkloadIdentity_STATUS

Workload identity settings for the security profile.

Used by: ManagedClusterSecurityProfile_STATUS.

Property	Description	Type
enabled	Whether to enable workload identity.	bool Optional

ManagedClusterSKU_Name

Used by: ManagedClusterSKU.

Value	Description
“Automatic”
“Base”

ManagedClusterSKU_Name_STATUS

Used by: ManagedClusterSKU_STATUS.

Value	Description
“Automatic”
“Base”

ManagedClusterSKU_Tier

Used by: ManagedClusterSKU.

Value	Description
“Free”
“Premium”
“Standard”

ManagedClusterSKU_Tier_STATUS

Used by: ManagedClusterSKU_STATUS.

Value	Description
“Free”
“Premium”
“Standard”

ManagedClusterStaticEgressGatewayProfile

The Static Egress Gateway addon configuration for the cluster.

Used by: ContainerServiceNetworkProfile.

Property	Description	Type
enabled	Indicates if Static Egress Gateway addon is enabled or not.	bool Optional

ManagedClusterStaticEgressGatewayProfile_STATUS

The Static Egress Gateway addon configuration for the cluster.

Used by: ContainerServiceNetworkProfile_STATUS.

Property	Description	Type
enabled	Indicates if Static Egress Gateway addon is enabled or not.	bool Optional

ManagedClusterStorageProfileBlobCSIDriver

AzureBlob CSI Driver settings for the storage profile.

Used by: ManagedClusterStorageProfile.

Property	Description	Type
enabled	Whether to enable AzureBlob CSI Driver. The default value is false.	bool Optional

ManagedClusterStorageProfileBlobCSIDriver_STATUS

AzureBlob CSI Driver settings for the storage profile.

Used by: ManagedClusterStorageProfile_STATUS.

Property	Description	Type
enabled	Whether to enable AzureBlob CSI Driver. The default value is false.	bool Optional

ManagedClusterStorageProfileDiskCSIDriver

AzureDisk CSI Driver settings for the storage profile.

Used by: ManagedClusterStorageProfile.

Property	Description	Type
enabled	Whether to enable AzureDisk CSI Driver. The default value is true.	bool Optional
version	The version of AzureDisk CSI Driver. The default value is v1.	string Optional

ManagedClusterStorageProfileDiskCSIDriver_STATUS

AzureDisk CSI Driver settings for the storage profile.

Used by: ManagedClusterStorageProfile_STATUS.

Property	Description	Type
enabled	Whether to enable AzureDisk CSI Driver. The default value is true.	bool Optional
version	The version of AzureDisk CSI Driver. The default value is v1.	string Optional

ManagedClusterStorageProfileFileCSIDriver

AzureFile CSI Driver settings for the storage profile.

Used by: ManagedClusterStorageProfile.

Property	Description	Type
enabled	Whether to enable AzureFile CSI Driver. The default value is true.	bool Optional

ManagedClusterStorageProfileFileCSIDriver_STATUS

AzureFile CSI Driver settings for the storage profile.

Used by: ManagedClusterStorageProfile_STATUS.

Property	Description	Type
enabled	Whether to enable AzureFile CSI Driver. The default value is true.	bool Optional

ManagedClusterStorageProfileSnapshotController

Snapshot Controller settings for the storage profile.

Used by: ManagedClusterStorageProfile.

Property	Description	Type
enabled	Whether to enable Snapshot Controller. The default value is true.	bool Optional

ManagedClusterStorageProfileSnapshotController_STATUS

Snapshot Controller settings for the storage profile.

Used by: ManagedClusterStorageProfile_STATUS.

Property	Description	Type
enabled	Whether to enable Snapshot Controller. The default value is true.	bool Optional

ManagedClusterWindowsProfile_LicenseType

Used by: ManagedClusterWindowsProfile.

Value	Description
“None”
“Windows_Server”

ManagedClusterWindowsProfile_LicenseType_STATUS

Used by: ManagedClusterWindowsProfile_STATUS.

Value	Description
“None”
“Windows_Server”

ManagedClusterWorkloadAutoScalerProfileKeda

KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.

Used by: ManagedClusterWorkloadAutoScalerProfile.

Property	Description	Type
enabled	Whether to enable KEDA.	bool Required

ManagedClusterWorkloadAutoScalerProfileKeda_STATUS

KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.

Used by: ManagedClusterWorkloadAutoScalerProfile_STATUS.

Property	Description	Type
enabled	Whether to enable KEDA.	bool Optional

ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler

Used by: ManagedClusterWorkloadAutoScalerProfile.

Property	Description	Type
addonAutoscaling	Whether VPA add-on is enabled and configured to scale AKS-managed add-ons.	ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler_AddonAutoscaling Optional
enabled	Whether to enable VPA add-on in cluster. Default value is false.	bool Required

ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler_STATUS

Used by: ManagedClusterWorkloadAutoScalerProfile_STATUS.

Property	Description	Type
addonAutoscaling	Whether VPA add-on is enabled and configured to scale AKS-managed add-ons.	ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler_AddonAutoscaling_STATUS Optional
enabled	Whether to enable VPA add-on in cluster. Default value is false.	bool Optional

NetworkDataplane

Network dataplane used in the Kubernetes cluster.

Used by: ContainerServiceNetworkProfile.

Value	Description
“azure”
“cilium”

NetworkDataplane_STATUS

Network dataplane used in the Kubernetes cluster.

Used by: ContainerServiceNetworkProfile_STATUS.

Value	Description
“azure”
“cilium”

NetworkMode

This cannot be specified if networkPlugin is anything other than ‘azure’.

Used by: ContainerServiceNetworkProfile.

Value	Description
“bridge”
“transparent”

NetworkMode_STATUS

This cannot be specified if networkPlugin is anything other than ‘azure’.

Used by: ContainerServiceNetworkProfile_STATUS.

Value	Description
“bridge”
“transparent”

NetworkPlugin

Network plugin used for building the Kubernetes network.

Used by: ContainerServiceNetworkProfile.

Value	Description
“azure”
“kubenet”
“none”

NetworkPlugin_STATUS

Network plugin used for building the Kubernetes network.

Used by: ContainerServiceNetworkProfile_STATUS.

Value	Description
“azure”
“kubenet”
“none”

NetworkPluginMode

The mode the network plugin should use.

Used by: ContainerServiceNetworkProfile.

Value	Description
“overlay”

NetworkPluginMode_STATUS

The mode the network plugin should use.

Used by: ContainerServiceNetworkProfile_STATUS.

Value	Description
“overlay”

NetworkPolicy

Network policy used for building the Kubernetes network.

Used by: ContainerServiceNetworkProfile.

Value	Description
“azure”
“calico”
“cilium”
“none”

NetworkPolicy_STATUS

Network policy used for building the Kubernetes network.

Used by: ContainerServiceNetworkProfile_STATUS.

Value	Description
“azure”
“calico”
“cilium”
“none”

PodLinkLocalAccess

Defines access to special link local addresses (Azure Instance Metadata Service, aka IMDS) for pods with hostNetwork=false. If not specified, the default is ‘IMDS’.

Used by: ContainerServiceNetworkProfile.

Value	Description
“IMDS”
“None”

PodLinkLocalAccess_STATUS

Defines access to special link local addresses (Azure Instance Metadata Service, aka IMDS) for pods with hostNetwork=false. If not specified, the default is ‘IMDS’.

Used by: ContainerServiceNetworkProfile_STATUS.

Value	Description
“IMDS”
“None”

PortRange

The port range.

Used by: AgentPoolNetworkProfile.

Property	Description	Type
portEnd	The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or equal to portStart.	int Optional
portStart	The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or equal to portEnd.	int Optional
protocol	The network protocol of the port.	PortRange_Protocol Optional

PortRange_STATUS

The port range.

Used by: AgentPoolNetworkProfile_STATUS.

Property	Description	Type
portEnd	The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or equal to portStart.	int Optional
portStart	The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or equal to portEnd.	int Optional
protocol	The network protocol of the port.	PortRange_Protocol_STATUS Optional

PowerState_Code

Used by: PowerState.

Value	Description
“Running”
“Stopped”

PowerState_Code_STATUS

Used by: PowerState_STATUS.

Value	Description
“Running”
“Stopped”

SafeguardsProfile_Level

Used by: SafeguardsProfile.

Value	Description
“Enforcement”
“Off”
“Warning”

SafeguardsProfile_Level_STATUS

Used by: SafeguardsProfile_STATUS.

Value	Description
“Enforcement”
“Off”
“Warning”

ScaleProfile

Specifications on how to scale a VirtualMachines agent pool.

Used by: VirtualMachinesProfile.

Property	Description	Type
autoscale	Specifications on how to auto-scale the VirtualMachines agent pool within a predefined size range. Currently, at most one AutoScaleProfile is allowed.	AutoScaleProfile[] Optional
manual	Specifications on how to scale the VirtualMachines agent pool to a fixed size.	ManualScaleProfile[] Optional

ScaleProfile_STATUS

Specifications on how to scale a VirtualMachines agent pool.

Used by: VirtualMachinesProfile_STATUS.

Property	Description	Type
autoscale	Specifications on how to auto-scale the VirtualMachines agent pool within a predefined size range. Currently, at most one AutoScaleProfile is allowed.	AutoScaleProfile_STATUS[] Optional
manual	Specifications on how to scale the VirtualMachines agent pool to a fixed size.	ManualScaleProfile_STATUS[] Optional

ServiceMeshProfile_Mode

Used by: ServiceMeshProfile.

Value	Description
“Disabled”
“Istio”

ServiceMeshProfile_Mode_STATUS

Used by: ServiceMeshProfile_STATUS.

Value	Description
“Disabled”
“Istio”

SysctlConfig

Sysctl settings for Linux agent nodes.

Used by: LinuxOSConfig.

Property	Description	Type
fsAioMaxNr	Sysctl setting fs.aio-max-nr.	int Optional
fsFileMax	Sysctl setting fs.file-max.	int Optional
fsInotifyMaxUserWatches	Sysctl setting fs.inotify.max_user_watches.	int Optional
fsNrOpen	Sysctl setting fs.nr_open.	int Optional
kernelThreadsMax	Sysctl setting kernel.threads-max.	int Optional
netCoreNetdevMaxBacklog	Sysctl setting net.core.netdev_max_backlog.	int Optional
netCoreOptmemMax	Sysctl setting net.core.optmem_max.	int Optional
netCoreRmemDefault	Sysctl setting net.core.rmem_default.	int Optional
netCoreRmemMax	Sysctl setting net.core.rmem_max.	int Optional
netCoreSomaxconn	Sysctl setting net.core.somaxconn.	int Optional
netCoreWmemDefault	Sysctl setting net.core.wmem_default.	int Optional
netCoreWmemMax	Sysctl setting net.core.wmem_max.	int Optional
netIpv4IpLocalPortRange	Sysctl setting net.ipv4.ip_local_port_range.	string Optional
netIpv4NeighDefaultGcThresh1	Sysctl setting net.ipv4.neigh.default.gc_thresh1.	int Optional
netIpv4NeighDefaultGcThresh2	Sysctl setting net.ipv4.neigh.default.gc_thresh2.	int Optional
netIpv4NeighDefaultGcThresh3	Sysctl setting net.ipv4.neigh.default.gc_thresh3.	int Optional
netIpv4TcpFinTimeout	Sysctl setting net.ipv4.tcp_fin_timeout.	int Optional
netIpv4TcpkeepaliveIntvl	Sysctl setting net.ipv4.tcp_keepalive_intvl.	int Optional
netIpv4TcpKeepaliveProbes	Sysctl setting net.ipv4.tcp_keepalive_probes.	int Optional
netIpv4TcpKeepaliveTime	Sysctl setting net.ipv4.tcp_keepalive_time.	int Optional
netIpv4TcpMaxSynBacklog	Sysctl setting net.ipv4.tcp_max_syn_backlog.	int Optional
netIpv4TcpMaxTwBuckets	Sysctl setting net.ipv4.tcp_max_tw_buckets.	int Optional
netIpv4TcpTwReuse	Sysctl setting net.ipv4.tcp_tw_reuse.	bool Optional
netNetfilterNfConntrackBuckets	Sysctl setting net.netfilter.nf_conntrack_buckets.	int Optional
netNetfilterNfConntrackMax	Sysctl setting net.netfilter.nf_conntrack_max.	int Optional
vmMaxMapCount	Sysctl setting vm.max_map_count.	int Optional
vmSwappiness	Sysctl setting vm.swappiness.	int Optional
vmVfsCachePressure	Sysctl setting vm.vfs_cache_pressure.	int Optional

SysctlConfig_STATUS

Sysctl settings for Linux agent nodes.

Used by: LinuxOSConfig_STATUS.

Property	Description	Type
fsAioMaxNr	Sysctl setting fs.aio-max-nr.	int Optional
fsFileMax	Sysctl setting fs.file-max.	int Optional
fsInotifyMaxUserWatches	Sysctl setting fs.inotify.max_user_watches.	int Optional
fsNrOpen	Sysctl setting fs.nr_open.	int Optional
kernelThreadsMax	Sysctl setting kernel.threads-max.	int Optional
netCoreNetdevMaxBacklog	Sysctl setting net.core.netdev_max_backlog.	int Optional
netCoreOptmemMax	Sysctl setting net.core.optmem_max.	int Optional
netCoreRmemDefault	Sysctl setting net.core.rmem_default.	int Optional
netCoreRmemMax	Sysctl setting net.core.rmem_max.	int Optional
netCoreSomaxconn	Sysctl setting net.core.somaxconn.	int Optional
netCoreWmemDefault	Sysctl setting net.core.wmem_default.	int Optional
netCoreWmemMax	Sysctl setting net.core.wmem_max.	int Optional
netIpv4IpLocalPortRange	Sysctl setting net.ipv4.ip_local_port_range.	string Optional
netIpv4NeighDefaultGcThresh1	Sysctl setting net.ipv4.neigh.default.gc_thresh1.	int Optional
netIpv4NeighDefaultGcThresh2	Sysctl setting net.ipv4.neigh.default.gc_thresh2.	int Optional
netIpv4NeighDefaultGcThresh3	Sysctl setting net.ipv4.neigh.default.gc_thresh3.	int Optional
netIpv4TcpFinTimeout	Sysctl setting net.ipv4.tcp_fin_timeout.	int Optional
netIpv4TcpkeepaliveIntvl	Sysctl setting net.ipv4.tcp_keepalive_intvl.	int Optional
netIpv4TcpKeepaliveProbes	Sysctl setting net.ipv4.tcp_keepalive_probes.	int Optional
netIpv4TcpKeepaliveTime	Sysctl setting net.ipv4.tcp_keepalive_time.	int Optional
netIpv4TcpMaxSynBacklog	Sysctl setting net.ipv4.tcp_max_syn_backlog.	int Optional
netIpv4TcpMaxTwBuckets	Sysctl setting net.ipv4.tcp_max_tw_buckets.	int Optional
netIpv4TcpTwReuse	Sysctl setting net.ipv4.tcp_tw_reuse.	bool Optional
netNetfilterNfConntrackBuckets	Sysctl setting net.netfilter.nf_conntrack_buckets.	int Optional
netNetfilterNfConntrackMax	Sysctl setting net.netfilter.nf_conntrack_max.	int Optional
vmMaxMapCount	Sysctl setting vm.max_map_count.	int Optional
vmSwappiness	Sysctl setting vm.swappiness.	int Optional
vmVfsCachePressure	Sysctl setting vm.vfs_cache_pressure.	int Optional

SystemData_CreatedByType_STATUS

Used by: SystemData_STATUS.

Value	Description
“Application”
“Key”
“ManagedIdentity”
“User”

SystemData_LastModifiedByType_STATUS

Used by: SystemData_STATUS.

Value	Description
“Application”
“Key”
“ManagedIdentity”
“User”

UpgradeOverrideSettings

Settings for overrides when upgrading a cluster.

Used by: ClusterUpgradeSettings.

Property	Description	Type
forceUpgrade	Whether to force upgrade the cluster. Note that this option instructs upgrade operation to bypass upgrade protections such as checking for deprecated API usage. Enable this option only with caution.	bool Optional
until	Until when the overrides are effective. Note that this only matches the start time of an upgrade, and the effectiveness won’t change once an upgrade starts even if the `until` expires as upgrade proceeds. This field is not set by default. It must be set for the overrides to take effect.	string Optional

UpgradeOverrideSettings_STATUS

Settings for overrides when upgrading a cluster.

Used by: ClusterUpgradeSettings_STATUS.

Property	Description	Type
forceUpgrade	Whether to force upgrade the cluster. Note that this option instructs upgrade operation to bypass upgrade protections such as checking for deprecated API usage. Enable this option only with caution.	bool Optional
until	Until when the overrides are effective. Note that this only matches the start time of an upgrade, and the effectiveness won’t change once an upgrade starts even if the `until` expires as upgrade proceeds. This field is not set by default. It must be set for the overrides to take effect.	string Optional

UserAssignedIdentityDetails

Information about the user assigned identity for the resource

Used by: ManagedClusterIdentity.

Property	Description	Type
reference		genruntime.ResourceReference Optional

WindowsGmsaProfile

Windows gMSA Profile in the managed cluster.

Used by: ManagedClusterWindowsProfile.

Property	Description	Type
dnsServer	Specifies the DNS server for Windows gMSA. Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.	string Optional
enabled	Specifies whether to enable Windows gMSA in the managed cluster.	bool Optional
rootDomainName	Specifies the root domain name for Windows gMSA. Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.	string Optional

WindowsGmsaProfile_STATUS

Windows gMSA Profile in the managed cluster.

Used by: ManagedClusterWindowsProfile_STATUS.

Property	Description	Type
dnsServer	Specifies the DNS server for Windows gMSA. Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.	string Optional
enabled	Specifies whether to enable Windows gMSA in the managed cluster.	bool Optional
rootDomainName	Specifies the root domain name for Windows gMSA. Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.	string Optional

AdvancedNetworkingObservability

Observability profile to enable advanced network metrics and flow logs with historical contexts.

Used by: AdvancedNetworking.

Property	Description	Type
enabled	Indicates the enablement of Advanced Networking observability functionalities on clusters.	bool Optional

AdvancedNetworkingObservability_STATUS

Observability profile to enable advanced network metrics and flow logs with historical contexts.

Used by: AdvancedNetworking_STATUS.

Property	Description	Type
enabled	Indicates the enablement of Advanced Networking observability functionalities on clusters.	bool Optional

AutoScaleProfile

Specifications on auto-scaling.

Used by: ScaleProfile.

Property	Description	Type
maxCount	The maximum number of nodes of the specified sizes.	int Optional
minCount	The minimum number of nodes of the specified sizes.	int Optional
sizes	The list of allowed vm sizes e.g. [‘Standard_E4s_v3’, ‘Standard_E16s_v3’, ‘Standard_D16s_v5’]. AKS will use the first available one when auto scaling. If a VM size is unavailable (e.g. due to quota or regional capacity reasons), AKS will use the next size.	string[] Optional

AutoScaleProfile_STATUS

Specifications on auto-scaling.

Used by: ScaleProfile_STATUS.

Property	Description	Type
maxCount	The maximum number of nodes of the specified sizes.	int Optional
minCount	The minimum number of nodes of the specified sizes.	int Optional
sizes	The list of allowed vm sizes e.g. [‘Standard_E4s_v3’, ‘Standard_E16s_v3’, ‘Standard_D16s_v5’]. AKS will use the first available one when auto scaling. If a VM size is unavailable (e.g. due to quota or regional capacity reasons), AKS will use the next size.	string[] Optional

AzureKeyVaultKms_KeyVaultNetworkAccess

Used by: AzureKeyVaultKms.

Value	Description
“Private”
“Public”

AzureKeyVaultKms_KeyVaultNetworkAccess_STATUS

Used by: AzureKeyVaultKms_STATUS.

Value	Description
“Private”
“Public”

ContainerServiceNetworkProfile_KubeProxyConfig_IpvsConfig

Used by: ContainerServiceNetworkProfile_KubeProxyConfig.

Property	Description	Type
scheduler	IPVS scheduler, for more information please see http://www.linuxvirtualserver.org/docs/scheduling.html.	ContainerServiceNetworkProfile_KubeProxyConfig_IpvsConfig_Scheduler Optional
tcpFinTimeoutSeconds	The timeout value used for IPVS TCP sessions after receiving a FIN in seconds. Must be a positive integer value.	int Optional
tcpTimeoutSeconds	The timeout value used for idle IPVS TCP sessions in seconds. Must be a positive integer value.	int Optional
udpTimeoutSeconds	The timeout value used for IPVS UDP packets in seconds. Must be a positive integer value.	int Optional

ContainerServiceNetworkProfile_KubeProxyConfig_IpvsConfig_STATUS

Used by: ContainerServiceNetworkProfile_KubeProxyConfig_STATUS.

Property	Description	Type
scheduler	IPVS scheduler, for more information please see http://www.linuxvirtualserver.org/docs/scheduling.html.	ContainerServiceNetworkProfile_KubeProxyConfig_IpvsConfig_Scheduler_STATUS Optional
tcpFinTimeoutSeconds	The timeout value used for IPVS TCP sessions after receiving a FIN in seconds. Must be a positive integer value.	int Optional
tcpTimeoutSeconds	The timeout value used for idle IPVS TCP sessions in seconds. Must be a positive integer value.	int Optional
udpTimeoutSeconds	The timeout value used for IPVS UDP packets in seconds. Must be a positive integer value.	int Optional

ContainerServiceNetworkProfile_KubeProxyConfig_Mode

Used by: ContainerServiceNetworkProfile_KubeProxyConfig.

Value	Description
“IPTABLES”
“IPVS”

ContainerServiceNetworkProfile_KubeProxyConfig_Mode_STATUS

Used by: ContainerServiceNetworkProfile_KubeProxyConfig_STATUS.

Value	Description
“IPTABLES”
“IPVS”

ContainerServiceSshPublicKey

Contains information about SSH certificate public key data.

Used by: ContainerServiceSshConfiguration.

Property	Description	Type
keyData	Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.	string Required

ContainerServiceSshPublicKey_STATUS

Contains information about SSH certificate public key data.

Used by: ContainerServiceSshConfiguration_STATUS.

Property	Description	Type
keyData	Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.	string Optional

IstioCertificateAuthority

Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin certificates as described here https://aka.ms/asm-plugin-ca

Used by: IstioServiceMesh.

Property	Description	Type
plugin	Plugin certificates information for Service Mesh.	IstioPluginCertificateAuthority Optional

IstioCertificateAuthority_STATUS

Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin certificates as described here https://aka.ms/asm-plugin-ca

Used by: IstioServiceMesh_STATUS.

Property	Description	Type
plugin	Plugin certificates information for Service Mesh.	IstioPluginCertificateAuthority_STATUS Optional

IstioComponents

Istio components configuration.

Used by: IstioServiceMesh.

Property	Description	Type
egressGateways	Istio egress gateways.	IstioEgressGateway[] Optional
ingressGateways	Istio ingress gateways.	IstioIngressGateway[] Optional

IstioComponents_STATUS

Istio components configuration.

Used by: IstioServiceMesh_STATUS.

Property	Description	Type
egressGateways	Istio egress gateways.	IstioEgressGateway_STATUS[] Optional
ingressGateways	Istio ingress gateways.	IstioIngressGateway_STATUS[] Optional

ManagedClusterAzureMonitorProfileAppMonitoringAutoInstrumentation

Application Monitoring Auto Instrumentation for Kubernetes Application Container. Deploys web hook to auto-instrument Azure Monitor OpenTelemetry based SDKs to collect OpenTelemetry metrics, logs and traces of the application. See aka.ms/AzureMonitorApplicationMonitoring for an overview.

Used by: ManagedClusterAzureMonitorProfileAppMonitoring.

Property	Description	Type
enabled	Indicates if Application Monitoring Auto Instrumentation is enabled or not.	bool Optional

ManagedClusterAzureMonitorProfileAppMonitoringAutoInstrumentation_STATUS

Used by: ManagedClusterAzureMonitorProfileAppMonitoring_STATUS.

Property	Description	Type
enabled	Indicates if Application Monitoring Auto Instrumentation is enabled or not.	bool Optional

ManagedClusterAzureMonitorProfileAppMonitoringOpenTelemetryLogs

Application Monitoring Open Telemetry Metrics Profile for Kubernetes Application Container Logs and Traces. Collects OpenTelemetry logs and traces of the application using Azure Monitor OpenTelemetry based SDKs. See aka.ms/AzureMonitorApplicationMonitoring for an overview.

Used by: ManagedClusterAzureMonitorProfileAppMonitoring.

Property	Description	Type
enabled	Indicates if Application Monitoring Open Telemetry Logs and traces is enabled or not.	bool Optional
port	The Open Telemetry host port for Open Telemetry logs and traces. If not specified, the default port is 28331.	int Optional

ManagedClusterAzureMonitorProfileAppMonitoringOpenTelemetryLogs_STATUS

Used by: ManagedClusterAzureMonitorProfileAppMonitoring_STATUS.

Property	Description	Type
enabled	Indicates if Application Monitoring Open Telemetry Logs and traces is enabled or not.	bool Optional
port	The Open Telemetry host port for Open Telemetry logs and traces. If not specified, the default port is 28331.	int Optional

ManagedClusterAzureMonitorProfileAppMonitoringOpenTelemetryMetrics

Application Monitoring Open Telemetry Metrics Profile for Kubernetes Application Container Metrics. Collects OpenTelemetry metrics of the application using Azure Monitor OpenTelemetry based SDKs. See aka.ms/AzureMonitorApplicationMonitoring for an overview.

Used by: ManagedClusterAzureMonitorProfileAppMonitoring.

Property	Description	Type
enabled	Indicates if Application Monitoring Open Telemetry Metrics is enabled or not.	bool Optional
port	The Open Telemetry host port for Open Telemetry metrics. If not specified, the default port is 28333.	int Optional

ManagedClusterAzureMonitorProfileAppMonitoringOpenTelemetryMetrics_STATUS

Used by: ManagedClusterAzureMonitorProfileAppMonitoring_STATUS.

Property	Description	Type
enabled	Indicates if Application Monitoring Open Telemetry Metrics is enabled or not.	bool Optional
port	The Open Telemetry host port for Open Telemetry metrics. If not specified, the default port is 28333.	int Optional

ManagedClusterAzureMonitorProfileKubeStateMetrics

Kube State Metrics for prometheus addon profile for the container service cluster

Used by: ManagedClusterAzureMonitorProfileMetrics.

Property	Description	Type
metricAnnotationsAllowList	Comma-separated list of additional Kubernetes label keys that will be used in the resource’s labels metric.	string Optional
metricLabelsAllowlist	Comma-separated list of Kubernetes annotations keys that will be used in the resource’s labels metric.	string Optional

ManagedClusterAzureMonitorProfileKubeStateMetrics_STATUS

Kube State Metrics for prometheus addon profile for the container service cluster

Used by: ManagedClusterAzureMonitorProfileMetrics_STATUS.

Property	Description	Type
metricAnnotationsAllowList	Comma-separated list of additional Kubernetes label keys that will be used in the resource’s labels metric.	string Optional
metricLabelsAllowlist	Comma-separated list of Kubernetes annotations keys that will be used in the resource’s labels metric.	string Optional

ManagedClusterLoadBalancerProfile_BackendPoolType

Used by: ManagedClusterLoadBalancerProfile.

Value	Description
“NodeIP”
“NodeIPConfiguration”

ManagedClusterLoadBalancerProfile_BackendPoolType_STATUS

Used by: ManagedClusterLoadBalancerProfile_STATUS.

Value	Description
“NodeIP”
“NodeIPConfiguration”

ManagedClusterLoadBalancerProfile_ClusterServiceLoadBalancerHealthProbeMode

Used by: ManagedClusterLoadBalancerProfile.

Value	Description
“ServiceNodePort”
“Shared”

ManagedClusterLoadBalancerProfile_ClusterServiceLoadBalancerHealthProbeMode_STATUS

Used by: ManagedClusterLoadBalancerProfile_STATUS.

Value	Description
“ServiceNodePort”
“Shared”

ManagedClusterLoadBalancerProfile_ManagedOutboundIPs

Used by: ManagedClusterLoadBalancerProfile.

Property	Description	Type
count	The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1.	int Optional
countIPv6	The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack.	int Optional

ManagedClusterLoadBalancerProfile_ManagedOutboundIPs_STATUS

Used by: ManagedClusterLoadBalancerProfile_STATUS.

Property	Description	Type
count	The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1.	int Optional
countIPv6	The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack.	int Optional

ManagedClusterLoadBalancerProfile_OutboundIPPrefixes

Used by: ManagedClusterLoadBalancerProfile.

Property	Description	Type
publicIPPrefixes	A list of public IP prefix resources.	ResourceReference[] Optional

ManagedClusterLoadBalancerProfile_OutboundIPPrefixes_STATUS

Used by: ManagedClusterLoadBalancerProfile_STATUS.

Property	Description	Type
publicIPPrefixes	A list of public IP prefix resources.	ResourceReference_STATUS[] Optional

ManagedClusterLoadBalancerProfile_OutboundIPs

Used by: ManagedClusterLoadBalancerProfile.

Property	Description	Type
publicIPs	A list of public IP resources.	ResourceReference[] Optional

ManagedClusterLoadBalancerProfile_OutboundIPs_STATUS

Used by: ManagedClusterLoadBalancerProfile_STATUS.

Property	Description	Type
publicIPs	A list of public IP resources.	ResourceReference_STATUS[] Optional

ManagedClusterManagedOutboundIPProfile

Profile of the managed outbound IP resources of the managed cluster.

Used by: ManagedClusterNATGatewayProfile.

Property	Description	Type
count	The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 (inclusive). The default value is 1.	int Optional

ManagedClusterManagedOutboundIPProfile_STATUS

Profile of the managed outbound IP resources of the managed cluster.

Used by: ManagedClusterNATGatewayProfile_STATUS.

Property	Description	Type
count	The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 (inclusive). The default value is 1.	int Optional

ManagedClusterPodIdentity_ProvisioningInfo_STATUS

Used by: ManagedClusterPodIdentity_STATUS.

Property	Description	Type
error	Pod identity assignment error (if any).	ManagedClusterPodIdentityProvisioningError_STATUS Optional

ManagedClusterPodIdentity_ProvisioningState_STATUS

Used by: ManagedClusterPodIdentity_STATUS.

Value	Description
“Assigned”
“Canceled”
“Deleting”
“Failed”
“Succeeded”
“Updating”

ManagedClusterSecurityProfileDefenderSecurityMonitoring

Microsoft Defender settings for the security profile threat detection.

Used by: ManagedClusterSecurityProfileDefender.

Property	Description	Type
enabled	Whether to enable Defender threat detection	bool Optional

ManagedClusterSecurityProfileDefenderSecurityMonitoring_STATUS

Microsoft Defender settings for the security profile threat detection.

Used by: ManagedClusterSecurityProfileDefender_STATUS.

Property	Description	Type
enabled	Whether to enable Defender threat detection	bool Optional

ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler_AddonAutoscaling

Used by: ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler.

Value	Description
“Disabled”
“Enabled”

ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler_AddonAutoscaling_STATUS

Used by: ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler_STATUS.

Value	Description
“Disabled”
“Enabled”

ManualScaleProfile

Specifications on number of machines.

Used by: ScaleProfile.

Property	Description	Type
count	Number of nodes.	int Optional
sizes	The list of allowed vm sizes e.g. [‘Standard_E4s_v3’, ‘Standard_E16s_v3’, ‘Standard_D16s_v5’]. AKS will use the first available one when scaling. If a VM size is unavailable (e.g. due to quota or regional capacity reasons), AKS will use the next size.	string[] Optional

ManualScaleProfile_STATUS

Specifications on number of machines.

Used by: ScaleProfile_STATUS.

Property	Description	Type
count	Number of nodes.	int Optional
sizes	The list of allowed vm sizes e.g. [‘Standard_E4s_v3’, ‘Standard_E16s_v3’, ‘Standard_D16s_v5’]. AKS will use the first available one when scaling. If a VM size is unavailable (e.g. due to quota or regional capacity reasons), AKS will use the next size.	string[] Optional

PortRange_Protocol

Used by: PortRange.

Value	Description
“TCP”
“UDP”

PortRange_Protocol_STATUS

Used by: PortRange_STATUS.

Value	Description
“TCP”
“UDP”

ResourceReference

A reference to an Azure resource.

Used by: ManagedClusterLoadBalancerProfile, ManagedClusterLoadBalancerProfile_OutboundIPPrefixes, ManagedClusterLoadBalancerProfile_OutboundIPs, and ManagedClusterNATGatewayProfile.

Property	Description	Type
reference	The fully qualified Azure resource id.	genruntime.ResourceReference Optional

ResourceReference_STATUS

A reference to an Azure resource.

Used by: ManagedClusterLoadBalancerProfile_OutboundIPPrefixes_STATUS, ManagedClusterLoadBalancerProfile_OutboundIPs_STATUS, ManagedClusterLoadBalancerProfile_STATUS, and ManagedClusterNATGatewayProfile_STATUS.

Property	Description	Type
id	The fully qualified Azure resource id.	string Optional

ContainerServiceNetworkProfile_KubeProxyConfig_IpvsConfig_Scheduler

Used by: ContainerServiceNetworkProfile_KubeProxyConfig_IpvsConfig.

Value	Description
“LeastConnection”
“RoundRobin”

ContainerServiceNetworkProfile_KubeProxyConfig_IpvsConfig_Scheduler_STATUS

Used by: ContainerServiceNetworkProfile_KubeProxyConfig_IpvsConfig_STATUS.

Value	Description
“LeastConnection”
“RoundRobin”

IstioEgressGateway

Istio egress gateway configuration.

Used by: IstioComponents.

Property	Description	Type
enabled	Whether to enable the egress gateway.	bool Required

IstioEgressGateway_STATUS

Istio egress gateway configuration.

Used by: IstioComponents_STATUS.

Property	Description	Type
enabled	Whether to enable the egress gateway.	bool Optional

IstioIngressGateway

Istio ingress gateway configuration. For now, we support up to one external ingress gateway named aks-istio-ingressgateway-external and one internal ingress gateway named aks-istio-ingressgateway-internal.

Used by: IstioComponents.

Property	Description	Type
enabled	Whether to enable the ingress gateway.	bool Required
mode	Mode of an ingress gateway.	IstioIngressGateway_Mode Required

IstioIngressGateway_STATUS

Used by: IstioComponents_STATUS.

Property	Description	Type
enabled	Whether to enable the ingress gateway.	bool Optional
mode	Mode of an ingress gateway.	IstioIngressGateway_Mode_STATUS Optional

IstioPluginCertificateAuthority

Plugin certificates information for Service Mesh.

Used by: IstioCertificateAuthority.

Property	Description	Type
certChainObjectName	Certificate chain object name in Azure Key Vault.	string Optional
certObjectName	Intermediate certificate object name in Azure Key Vault.	string Optional
keyObjectName	Intermediate certificate private key object name in Azure Key Vault.	string Optional
keyVaultReference	The resource ID of the Key Vault.	genruntime.ResourceReference Optional
rootCertObjectName	Root certificate object name in Azure Key Vault.	string Optional

IstioPluginCertificateAuthority_STATUS

Plugin certificates information for Service Mesh.

Used by: IstioCertificateAuthority_STATUS.

Property	Description	Type
certChainObjectName	Certificate chain object name in Azure Key Vault.	string Optional
certObjectName	Intermediate certificate object name in Azure Key Vault.	string Optional
keyObjectName	Intermediate certificate private key object name in Azure Key Vault.	string Optional
keyVaultId	The resource ID of the Key Vault.	string Optional
rootCertObjectName	Root certificate object name in Azure Key Vault.	string Optional

ManagedClusterPodIdentityProvisioningError_STATUS

An error response from the pod identity provisioning.

Used by: ManagedClusterPodIdentity_ProvisioningInfo_STATUS.

Property	Description	Type
error	Details about the error.	ManagedClusterPodIdentityProvisioningErrorBody_STATUS Optional

IstioIngressGateway_Mode

Used by: IstioIngressGateway.

Value	Description
“External”
“Internal”

IstioIngressGateway_Mode_STATUS

Used by: IstioIngressGateway_STATUS.

Value	Description
“External”
“Internal”

ManagedClusterPodIdentityProvisioningErrorBody_STATUS

An error response from the pod identity provisioning.

Used by: ManagedClusterPodIdentityProvisioningError_STATUS.

Property	Description	Type
code	An identifier for the error. Codes are invariant and are intended to be consumed programmatically.	string Optional
details	A list of additional details about the error.	ManagedClusterPodIdentityProvisioningErrorBody_STATUS_Unrolled[] Optional
message	A message describing the error, intended to be suitable for display in a user interface.	string Optional
target	The target of the particular error. For example, the name of the property in error.	string Optional

ManagedClusterPodIdentityProvisioningErrorBody_STATUS_Unrolled

Used by: ManagedClusterPodIdentityProvisioningErrorBody_STATUS.

Property	Description	Type
code	An identifier for the error. Codes are invariant and are intended to be consumed programmatically.	string Optional
message	A message describing the error, intended to be suitable for display in a user interface.	string Optional
target	The target of the particular error. For example, the name of the property in error.	string Optional