containerservice.azure.com/v1api20250801
APIVersion
| Value | Description |
|---|---|
| “2025-08-01” |
MaintenanceConfiguration
Generator information: - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2025-08-01/managedClusters.json - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName}/maintenanceConfigurations/{configName}
Used by: MaintenanceConfigurationList.
| Property | Description | Type |
|---|---|---|
| metav1.TypeMeta | ||
| metav1.ObjectMeta | ||
| spec | MaintenanceConfiguration_Spec Optional |
|
| status | MaintenanceConfiguration_STATUS Optional |
MaintenanceConfiguration_Spec
| Property | Description | Type |
|---|---|---|
| azureName | The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn’t have to be. | string Optional |
| maintenanceWindow | Maintenance window for the maintenance configuration. | MaintenanceWindow Optional |
| notAllowedTime | Time slots on which upgrade is not allowed. | TimeSpan[] Optional |
| operatorSpec | The specification for configuring operator behavior. This field is interpreted by the operator and not passed directly to Azure | MaintenanceConfigurationOperatorSpec Optional |
| owner | The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a containerservice.azure.com/ManagedCluster resource | genruntime.KnownResourceReference Required |
| timeInWeek | Time slots during the week when planned maintenance is allowed to proceed. If two array entries specify the same day of the week, the applied configuration is the union of times in both entries. | TimeInWeek[] Optional |
MaintenanceConfiguration_STATUS
| Property | Description | Type |
|---|---|---|
| conditions | The observed state of the resource | conditions.Condition[] Optional |
| id | Resource ID. | string Optional |
| maintenanceWindow | Maintenance window for the maintenance configuration. | MaintenanceWindow_STATUS Optional |
| name | The name of the resource that is unique within a resource group. This name can be used to access the resource. | string Optional |
| notAllowedTime | Time slots on which upgrade is not allowed. | TimeSpan_STATUS[] Optional |
| systemData | The system metadata relating to this resource. | SystemData_STATUS Optional |
| timeInWeek | Time slots during the week when planned maintenance is allowed to proceed. If two array entries specify the same day of the week, the applied configuration is the union of times in both entries. | TimeInWeek_STATUS[] Optional |
| type | Resource type | string Optional |
MaintenanceConfigurationList
Generator information: - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2025-08-01/managedClusters.json - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName}/maintenanceConfigurations/{configName}
| Property | Description | Type |
|---|---|---|
| metav1.TypeMeta | ||
| metav1.ListMeta | ||
| items | MaintenanceConfiguration[] Optional |
ManagedCluster
Generator information: - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2025-08-01/managedClusters.json - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName}
Used by: ManagedClusterList.
| Property | Description | Type |
|---|---|---|
| metav1.TypeMeta | ||
| metav1.ObjectMeta | ||
| spec | ManagedCluster_Spec Optional |
|
| status | ManagedCluster_STATUS Optional |
ManagedCluster_Spec
| Property | Description | Type |
|---|---|---|
| aadProfile | The Azure Active Directory configuration. | ManagedClusterAADProfile Optional |
| addonProfiles | The profile of managed cluster add-on. | map[string]ManagedClusterAddonProfile Optional |
| agentPoolProfiles | The agent pool properties. | ManagedClusterAgentPoolProfile[] Optional |
| aiToolchainOperatorProfile | AI toolchain operator settings that apply to the whole cluster. | ManagedClusterAIToolchainOperatorProfile Optional |
| apiServerAccessProfile | The access profile for managed cluster API server. | ManagedClusterAPIServerAccessProfile Optional |
| autoScalerProfile | Parameters to be applied to the cluster-autoscaler when enabled | ManagedClusterProperties_AutoScalerProfile Optional |
| autoUpgradeProfile | The auto upgrade configuration. | ManagedClusterAutoUpgradeProfile Optional |
| azureMonitorProfile | Azure Monitor addon profiles for monitoring the managed cluster. | ManagedClusterAzureMonitorProfile Optional |
| azureName | The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn’t have to be. | string Optional |
| bootstrapProfile | Profile of the cluster bootstrap configuration. | ManagedClusterBootstrapProfile Optional |
| disableLocalAccounts | If local accounts should be disabled on the Managed Cluster. If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see disable local accounts. | bool Optional |
| diskEncryptionSetReference | The Resource ID of the disk encryption set to use for enabling encryption at rest. This is of the form: ‘/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}’ | genruntime.ResourceReference Optional |
| dnsPrefix | The DNS prefix of the Managed Cluster. This cannot be updated once the Managed Cluster has been created. | string Optional |
| enableRBAC | Whether to enable Kubernetes Role-Based Access Control. | bool Optional |
| extendedLocation | The extended location of the Virtual Machine. | ExtendedLocation Optional |
| fqdnSubdomain | The FQDN subdomain of the private cluster with custom private dns zone. This cannot be updated once the Managed Cluster has been created. | string Optional |
| httpProxyConfig | Configurations for provisioning the cluster with HTTP proxy servers. | ManagedClusterHTTPProxyConfig Optional |
| identity | The identity of the managed cluster, if configured. | ManagedClusterIdentity Optional |
| identityProfile | The user identity associated with the managed cluster. This identity will be used by the kubelet. Only one user assigned identity is allowed. The only accepted key is “kubeletidentity”, with value of “resourceId”: “/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}”. | map[string]UserAssignedIdentity Optional |
| ingressProfile | Ingress profile for the managed cluster. | ManagedClusterIngressProfile Optional |
| kind | This is primarily used to expose different UI experiences in the portal for different kinds | string Optional |
| kubernetesVersion | The version of Kubernetes specified by the user. Both patch version <major.minor.patch> (e.g. 1.20.13) and <major.minor> (e.g. 1.20) are supported. When <major.minor> is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same <major.minor> once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See upgrading an AKS cluster for more details. | string Optional |
| linuxProfile | The profile for Linux VMs in the Managed Cluster. | ContainerServiceLinuxProfile Optional |
| location | The geo-location where the resource lives | string Required |
| metricsProfile | Optional cluster metrics configuration. | ManagedClusterMetricsProfile Optional |
| networkProfile | The network configuration profile. | ContainerServiceNetworkProfile Optional |
| nodeProvisioningProfile | Node provisioning settings that apply to the whole cluster. | ManagedClusterNodeProvisioningProfile Optional |
| nodeResourceGroup | The name of the resource group containing agent pool nodes. | string Optional |
| nodeResourceGroupProfile | Profile of the node resource group configuration. | ManagedClusterNodeResourceGroupProfile Optional |
| oidcIssuerProfile | The OIDC issuer profile of the Managed Cluster. | ManagedClusterOIDCIssuerProfile Optional |
| operatorSpec | The specification for configuring operator behavior. This field is interpreted by the operator and not passed directly to Azure | ManagedClusterOperatorSpec Optional |
| owner | The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a resources.azure.com/ResourceGroup resource | genruntime.KnownResourceReference Required |
| podIdentityProfile | The pod identity profile of the Managed Cluster. See use AAD pod identity for more details on AAD pod identity integration. | ManagedClusterPodIdentityProfile Optional |
| privateLinkResources | Private link resources associated with the cluster. | PrivateLinkResource[] Optional |
| publicNetworkAccess | PublicNetworkAccess of the managedCluster. Allow or deny public network access for AKS | ManagedClusterProperties_PublicNetworkAccess Optional |
| securityProfile | Security profile for the managed cluster. | ManagedClusterSecurityProfile Optional |
| serviceMeshProfile | Service mesh profile for a managed cluster. | ServiceMeshProfile Optional |
| servicePrincipalProfile | Information about a service principal identity for the cluster to use for manipulating Azure APIs. | ManagedClusterServicePrincipalProfile Optional |
| sku | The managed cluster SKU. | ManagedClusterSKU Optional |
| storageProfile | Storage profile for the managed cluster. | ManagedClusterStorageProfile Optional |
| supportPlan | The support plan for the Managed Cluster. If unspecified, the default is KubernetesOfficial. |
KubernetesSupportPlan Optional |
| tags | Resource tags. | map[string]string Optional |
| upgradeSettings | Settings for upgrading a cluster. | ClusterUpgradeSettings Optional |
| windowsProfile | The profile for Windows VMs in the Managed Cluster. | ManagedClusterWindowsProfile Optional |
| workloadAutoScalerProfile | Workload Auto-scaler profile for the managed cluster. | ManagedClusterWorkloadAutoScalerProfile Optional |
ManagedCluster_STATUS
| Property | Description | Type |
|---|---|---|
| aadProfile | The Azure Active Directory configuration. | ManagedClusterAADProfile_STATUS Optional |
| addonProfiles | The profile of managed cluster add-on. | map[string]ManagedClusterAddonProfile_STATUS Optional |
| agentPoolProfiles | The agent pool properties. | ManagedClusterAgentPoolProfile_STATUS[] Optional |
| aiToolchainOperatorProfile | AI toolchain operator settings that apply to the whole cluster. | ManagedClusterAIToolchainOperatorProfile_STATUS Optional |
| apiServerAccessProfile | The access profile for managed cluster API server. | ManagedClusterAPIServerAccessProfile_STATUS Optional |
| autoScalerProfile | Parameters to be applied to the cluster-autoscaler when enabled | ManagedClusterProperties_AutoScalerProfile_STATUS Optional |
| autoUpgradeProfile | The auto upgrade configuration. | ManagedClusterAutoUpgradeProfile_STATUS Optional |
| azureMonitorProfile | Azure Monitor addon profiles for monitoring the managed cluster. | ManagedClusterAzureMonitorProfile_STATUS Optional |
| azurePortalFQDN | The special FQDN used by the Azure Portal to access the Managed Cluster. This FQDN is for use only by the Azure Portal and should not be used by other clients. The Azure Portal requires certain Cross-Origin Resource Sharing (CORS) headers to be sent in some responses, which Kubernetes APIServer doesn’t handle by default. This special FQDN supports CORS, allowing the Azure Portal to function properly. | string Optional |
| bootstrapProfile | Profile of the cluster bootstrap configuration. | ManagedClusterBootstrapProfile_STATUS Optional |
| conditions | The observed state of the resource | conditions.Condition[] Optional |
| currentKubernetesVersion | The version of Kubernetes the Managed Cluster is running. If kubernetesVersion was a fully specified version <major.minor.patch>, this field will be exactly equal to it. If kubernetesVersion was <major.minor>, this field will contain the full <major.minor.patch> version being used. | string Optional |
| disableLocalAccounts | If local accounts should be disabled on the Managed Cluster. If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see disable local accounts. | bool Optional |
| diskEncryptionSetID | The Resource ID of the disk encryption set to use for enabling encryption at rest. This is of the form: ‘/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}’ | string Optional |
| dnsPrefix | The DNS prefix of the Managed Cluster. This cannot be updated once the Managed Cluster has been created. | string Optional |
| enableRBAC | Whether to enable Kubernetes Role-Based Access Control. | bool Optional |
| eTag | Unique read-only string used to implement optimistic concurrency. The eTag value will change when the resource is updated. Specify an if-match or if-none-match header with the eTag value for a subsequent request to enable optimistic concurrency per the normal etag convention. | string Optional |
| extendedLocation | The extended location of the Virtual Machine. | ExtendedLocation_STATUS Optional |
| fqdn | The FQDN of the master pool. | string Optional |
| fqdnSubdomain | The FQDN subdomain of the private cluster with custom private dns zone. This cannot be updated once the Managed Cluster has been created. | string Optional |
| httpProxyConfig | Configurations for provisioning the cluster with HTTP proxy servers. | ManagedClusterHTTPProxyConfig_STATUS Optional |
| id | Fully qualified resource ID for the resource. E.g. “/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}” | string Optional |
| identity | The identity of the managed cluster, if configured. | ManagedClusterIdentity_STATUS Optional |
| identityProfile | The user identity associated with the managed cluster. This identity will be used by the kubelet. Only one user assigned identity is allowed. The only accepted key is “kubeletidentity”, with value of “resourceId”: “/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}”. | map[string]UserAssignedIdentity_STATUS Optional |
| ingressProfile | Ingress profile for the managed cluster. | ManagedClusterIngressProfile_STATUS Optional |
| kind | This is primarily used to expose different UI experiences in the portal for different kinds | string Optional |
| kubernetesVersion | The version of Kubernetes specified by the user. Both patch version <major.minor.patch> (e.g. 1.20.13) and <major.minor> (e.g. 1.20) are supported. When <major.minor> is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same <major.minor> once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See upgrading an AKS cluster for more details. | string Optional |
| linuxProfile | The profile for Linux VMs in the Managed Cluster. | ContainerServiceLinuxProfile_STATUS Optional |
| location | The geo-location where the resource lives | string Optional |
| maxAgentPools | The max number of agent pools for the managed cluster. | int Optional |
| metricsProfile | Optional cluster metrics configuration. | ManagedClusterMetricsProfile_STATUS Optional |
| name | The name of the resource | string Optional |
| networkProfile | The network configuration profile. | ContainerServiceNetworkProfile_STATUS Optional |
| nodeProvisioningProfile | Node provisioning settings that apply to the whole cluster. | ManagedClusterNodeProvisioningProfile_STATUS Optional |
| nodeResourceGroup | The name of the resource group containing agent pool nodes. | string Optional |
| nodeResourceGroupProfile | Profile of the node resource group configuration. | ManagedClusterNodeResourceGroupProfile_STATUS Optional |
| oidcIssuerProfile | The OIDC issuer profile of the Managed Cluster. | ManagedClusterOIDCIssuerProfile_STATUS Optional |
| podIdentityProfile | The pod identity profile of the Managed Cluster. See use AAD pod identity for more details on AAD pod identity integration. | ManagedClusterPodIdentityProfile_STATUS Optional |
| powerState | The Power State of the cluster. | PowerState_STATUS Optional |
| privateFQDN | The FQDN of private cluster. | string Optional |
| privateLinkResources | Private link resources associated with the cluster. | PrivateLinkResource_STATUS[] Optional |
| provisioningState | The current provisioning state. | string Optional |
| publicNetworkAccess | PublicNetworkAccess of the managedCluster. Allow or deny public network access for AKS | ManagedClusterProperties_PublicNetworkAccess_STATUS Optional |
| resourceUID | The resourceUID uniquely identifies ManagedClusters that reuse ARM ResourceIds (i.e: create, delete, create sequence) | string Optional |
| securityProfile | Security profile for the managed cluster. | ManagedClusterSecurityProfile_STATUS Optional |
| serviceMeshProfile | Service mesh profile for a managed cluster. | ServiceMeshProfile_STATUS Optional |
| servicePrincipalProfile | Information about a service principal identity for the cluster to use for manipulating Azure APIs. | ManagedClusterServicePrincipalProfile_STATUS Optional |
| sku | The managed cluster SKU. | ManagedClusterSKU_STATUS Optional |
| status | Contains read-only information about the Managed Cluster. | ManagedClusterStatus_STATUS Optional |
| storageProfile | Storage profile for the managed cluster. | ManagedClusterStorageProfile_STATUS Optional |
| supportPlan | The support plan for the Managed Cluster. If unspecified, the default is KubernetesOfficial. |
KubernetesSupportPlan_STATUS Optional |
| systemData | Azure Resource Manager metadata containing createdBy and modifiedBy information. | SystemData_STATUS Optional |
| tags | Resource tags. | map[string]string Optional |
| type | The type of the resource. E.g. “Microsoft.Compute/virtualMachines” or “Microsoft.Storage/storageAccounts” | string Optional |
| upgradeSettings | Settings for upgrading a cluster. | ClusterUpgradeSettings_STATUS Optional |
| windowsProfile | The profile for Windows VMs in the Managed Cluster. | ManagedClusterWindowsProfile_STATUS Optional |
| workloadAutoScalerProfile | Workload Auto-scaler profile for the managed cluster. | ManagedClusterWorkloadAutoScalerProfile_STATUS Optional |
ManagedClusterList
Generator information: - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2025-08-01/managedClusters.json - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName}
| Property | Description | Type |
|---|---|---|
| metav1.TypeMeta | ||
| metav1.ListMeta | ||
| items | ManagedCluster[] Optional |
ManagedClustersAgentPool
Generator information: - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2025-08-01/managedClusters.json - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName}/agentPools/{agentPoolName}
Used by: ManagedClustersAgentPoolList.
| Property | Description | Type |
|---|---|---|
| metav1.TypeMeta | ||
| metav1.ObjectMeta | ||
| spec | ManagedClustersAgentPool_Spec Optional |
|
| status | ManagedClustersAgentPool_STATUS Optional |
ManagedClustersAgentPool_Spec
| Property | Description | Type |
|---|---|---|
| availabilityZones | The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is VirtualMachineScaleSets. |
string[] Optional |
| azureName | The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn’t have to be. | string Optional |
| capacityReservationGroupReference | AKS will associate the specified agent pool with the Capacity Reservation Group. | genruntime.ResourceReference Optional |
| count | Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. | int Optional |
| creationData | CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot. | CreationData Optional |
| enableAutoScaling | Whether to enable auto-scaler | bool Optional |
| enableEncryptionAtHost | Whether to enable host based OS and data drive encryption. This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption | bool Optional |
| enableFIPS | Whether to use a FIPS-enabled OS. See Add a FIPS-enabled node pool for more details. | bool Optional |
| enableNodePublicIP | Whether each node is allocated its own public IP. Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see assigning a public IP per node. The default is false. | bool Optional |
| enableUltraSSD | Whether to enable UltraSSD | bool Optional |
| gatewayProfile | Profile specific to a managed agent pool in Gateway mode. This field cannot be set if agent pool mode is not Gateway. | AgentPoolGatewayProfile Optional |
| gpuInstanceProfile | GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU. | GPUInstanceProfile Optional |
| gpuProfile | GPU settings for the Agent Pool. | GPUProfile Optional |
| hostGroupReference | The fully qualified resource ID of the Dedicated Host Group to provision virtual machines from, used only in creation scenario and not allowed to changed once set. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see Azure dedicated hosts. | genruntime.ResourceReference Optional |
| kubeletConfig | The Kubelet configuration on the agent pool nodes. | KubeletConfig Optional |
| kubeletDiskType | Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage. | KubeletDiskType Optional |
| linuxOSConfig | The OS configuration of Linux agent nodes. | LinuxOSConfig Optional |
| maxCount | The maximum number of nodes for auto-scaling | int Optional |
| maxPods | The maximum number of pods that can run on a node. | int Optional |
| messageOfTheDay | Message of the day for Linux nodes, base64-encoded. A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script). | string Optional |
| minCount | The minimum number of nodes for auto-scaling | int Optional |
| mode | The mode of an agent pool. A cluster must have at least one System Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools |
AgentPoolMode Optional |
| networkProfile | Network-related settings of an agent pool. | AgentPoolNetworkProfile Optional |
| nodeLabels | The node labels to be persisted across all nodes in agent pool. | map[string]string Optional |
| nodePublicIPPrefixReference | The public IP prefix ID which VM nodes should use IPs from. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} | genruntime.ResourceReference Optional |
| nodeTaints | The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule. | string[] Optional |
| operatorSpec | The specification for configuring operator behavior. This field is interpreted by the operator and not passed directly to Azure | ManagedClustersAgentPoolOperatorSpec Optional |
| orchestratorVersion | The version of Kubernetes specified by the user. Both patch version <major.minor.patch> (e.g. 1.20.13) and <major.minor> (e.g. 1.20) are supported. When <major.minor> is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same <major.minor> once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see upgrading a node pool. | string Optional |
| osDiskSizeGB | ContainerServiceOSDisk Optional |
|
| osDiskType | The OS disk type to be used for machines in the agent pool. The default is Ephemeral if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to Managed. May not be changed after creation. For more information see Ephemeral OS. |
OSDiskType Optional |
| osSKU | Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows. | OSSKU Optional |
| osType | The operating system type. The default is Linux. | OSType Optional |
| owner | The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a containerservice.azure.com/ManagedCluster resource | genruntime.KnownResourceReference Required |
| podIPAllocationMode | Pod IP Allocation Mode. The IP allocation mode for pods in the agent pool. Must be used with podSubnetId. The default is DynamicIndividual. |
PodIPAllocationMode Optional |
| podSubnetReference | The ID of the subnet which pods will join when launched. If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} | genruntime.ResourceReference Optional |
| powerState | Whether the Agent Pool is running or stopped. When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded | PowerState Optional |
| proximityPlacementGroupReference | The ID for Proximity Placement Group. | genruntime.ResourceReference Optional |
| scaleDownMode | The scale down mode to use when scaling the Agent Pool. This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete. | ScaleDownMode Optional |
| scaleSetEvictionPolicy | The Virtual Machine Scale Set eviction policy to use. This cannot be specified unless the scaleSetPriority is Spot. If not specified, the default is Delete. |
ScaleSetEvictionPolicy Optional |
| scaleSetPriority | The Virtual Machine Scale Set priority. If not specified, the default is Regular. |
ScaleSetPriority Optional |
| securityProfile | The security settings of an agent pool. | AgentPoolSecurityProfile Optional |
| spotMaxPrice | The max price (in US Dollars) you are willing to pay for spot instances. Possible values are any decimal value greater than zero or -1 which indicates default price to be up-to on-demand. Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see spot VMs pricing | float64 Optional |
| tags | The tags to be persisted on the agent pool virtual machine scale set. | map[string]string Optional |
| type | The type of Agent Pool. | AgentPoolType Optional |
| upgradeSettings | Settings for upgrading the agentpool | AgentPoolUpgradeSettings Optional |
| virtualMachineNodesStatus | VirtualMachineNodes[] Optional |
|
| virtualMachinesProfile | Specifications on VirtualMachines agent pool. | VirtualMachinesProfile Optional |
| vmSize | The size of the agent pool VMs. VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions | string Optional |
| vnetSubnetReference | The ID of the subnet which agent pool nodes and optionally pods will join on startup. If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} | genruntime.ResourceReference Optional |
| windowsProfile | The Windows agent pool’s specific profile. | AgentPoolWindowsProfile Optional |
| workloadRuntime | Determines the type of workload a node can run. | WorkloadRuntime Optional |
ManagedClustersAgentPool_STATUS
| Property | Description | Type |
|---|---|---|
| availabilityZones | The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is VirtualMachineScaleSets. |
string[] Optional |
| capacityReservationGroupID | AKS will associate the specified agent pool with the Capacity Reservation Group. | string Optional |
| conditions | The observed state of the resource | conditions.Condition[] Optional |
| count | Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. | int Optional |
| creationData | CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot. | CreationData_STATUS Optional |
| currentOrchestratorVersion | The version of Kubernetes the Agent Pool is running. If orchestratorVersion is a fully specified version <major.minor.patch>, this field will be exactly equal to it. If orchestratorVersion is <major.minor>, this field will contain the full <major.minor.patch> version being used. | string Optional |
| enableAutoScaling | Whether to enable auto-scaler | bool Optional |
| enableEncryptionAtHost | Whether to enable host based OS and data drive encryption. This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption | bool Optional |
| enableFIPS | Whether to use a FIPS-enabled OS. See Add a FIPS-enabled node pool for more details. | bool Optional |
| enableNodePublicIP | Whether each node is allocated its own public IP. Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see assigning a public IP per node. The default is false. | bool Optional |
| enableUltraSSD | Whether to enable UltraSSD | bool Optional |
| eTag | Unique read-only string used to implement optimistic concurrency. The eTag value will change when the resource is updated. Specify an if-match or if-none-match header with the eTag value for a subsequent request to enable optimistic concurrency per the normal etag convention. | string Optional |
| gatewayProfile | Profile specific to a managed agent pool in Gateway mode. This field cannot be set if agent pool mode is not Gateway. | AgentPoolGatewayProfile_STATUS Optional |
| gpuInstanceProfile | GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU. | GPUInstanceProfile_STATUS Optional |
| gpuProfile | GPU settings for the Agent Pool. | GPUProfile_STATUS Optional |
| hostGroupID | The fully qualified resource ID of the Dedicated Host Group to provision virtual machines from, used only in creation scenario and not allowed to changed once set. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see Azure dedicated hosts. | string Optional |
| id | Resource ID. | string Optional |
| kubeletConfig | The Kubelet configuration on the agent pool nodes. | KubeletConfig_STATUS Optional |
| kubeletDiskType | Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage. | KubeletDiskType_STATUS Optional |
| linuxOSConfig | The OS configuration of Linux agent nodes. | LinuxOSConfig_STATUS Optional |
| maxCount | The maximum number of nodes for auto-scaling | int Optional |
| maxPods | The maximum number of pods that can run on a node. | int Optional |
| messageOfTheDay | Message of the day for Linux nodes, base64-encoded. A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script). | string Optional |
| minCount | The minimum number of nodes for auto-scaling | int Optional |
| mode | The mode of an agent pool. A cluster must have at least one System Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools |
AgentPoolMode_STATUS Optional |
| name | The name of the resource that is unique within a resource group. This name can be used to access the resource. | string Optional |
| networkProfile | Network-related settings of an agent pool. | AgentPoolNetworkProfile_STATUS Optional |
| nodeImageVersion | The version of node image | string Optional |
| nodeLabels | The node labels to be persisted across all nodes in agent pool. | map[string]string Optional |
| nodePublicIPPrefixID | The public IP prefix ID which VM nodes should use IPs from. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} | string Optional |
| nodeTaints | The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule. | string[] Optional |
| orchestratorVersion | The version of Kubernetes specified by the user. Both patch version <major.minor.patch> (e.g. 1.20.13) and <major.minor> (e.g. 1.20) are supported. When <major.minor> is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same <major.minor> once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see upgrading a node pool. | string Optional |
| osDiskSizeGB | int Optional |
|
| osDiskType | The OS disk type to be used for machines in the agent pool. The default is Ephemeral if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to Managed. May not be changed after creation. For more information see Ephemeral OS. |
OSDiskType_STATUS Optional |
| osSKU | Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows. | OSSKU_STATUS Optional |
| osType | The operating system type. The default is Linux. | OSType_STATUS Optional |
| podIPAllocationMode | Pod IP Allocation Mode. The IP allocation mode for pods in the agent pool. Must be used with podSubnetId. The default is DynamicIndividual. |
PodIPAllocationMode_STATUS Optional |
| podSubnetID | The ID of the subnet which pods will join when launched. If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} | string Optional |
| powerState | Whether the Agent Pool is running or stopped. When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded | PowerState_STATUS Optional |
| properties_type | The type of Agent Pool. | AgentPoolType_STATUS Optional |
| provisioningState | The current deployment or provisioning state. | string Optional |
| proximityPlacementGroupID | The ID for Proximity Placement Group. | string Optional |
| scaleDownMode | The scale down mode to use when scaling the Agent Pool. This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete. | ScaleDownMode_STATUS Optional |
| scaleSetEvictionPolicy | The Virtual Machine Scale Set eviction policy to use. This cannot be specified unless the scaleSetPriority is Spot. If not specified, the default is Delete. |
ScaleSetEvictionPolicy_STATUS Optional |
| scaleSetPriority | The Virtual Machine Scale Set priority. If not specified, the default is Regular. |
ScaleSetPriority_STATUS Optional |
| securityProfile | The security settings of an agent pool. | AgentPoolSecurityProfile_STATUS Optional |
| spotMaxPrice | The max price (in US Dollars) you are willing to pay for spot instances. Possible values are any decimal value greater than zero or -1 which indicates default price to be up-to on-demand. Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see spot VMs pricing | float64 Optional |
| status | Contains read-only information about the Agent Pool. | AgentPoolStatus_STATUS Optional |
| tags | The tags to be persisted on the agent pool virtual machine scale set. | map[string]string Optional |
| type | Resource type | string Optional |
| upgradeSettings | Settings for upgrading the agentpool | AgentPoolUpgradeSettings_STATUS Optional |
| virtualMachineNodesStatus | VirtualMachineNodes_STATUS[] Optional |
|
| virtualMachinesProfile | Specifications on VirtualMachines agent pool. | VirtualMachinesProfile_STATUS Optional |
| vmSize | The size of the agent pool VMs. VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions | string Optional |
| vnetSubnetID | The ID of the subnet which agent pool nodes and optionally pods will join on startup. If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} | string Optional |
| windowsProfile | The Windows agent pool’s specific profile. | AgentPoolWindowsProfile_STATUS Optional |
| workloadRuntime | Determines the type of workload a node can run. | WorkloadRuntime_STATUS Optional |
ManagedClustersAgentPoolList
Generator information: - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2025-08-01/managedClusters.json - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName}/agentPools/{agentPoolName}
| Property | Description | Type |
|---|---|---|
| metav1.TypeMeta | ||
| metav1.ListMeta | ||
| items | ManagedClustersAgentPool[] Optional |
TrustedAccessRoleBinding
Generator information: - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2025-08-01/managedClusters.json - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName}/trustedAccessRoleBindings/{trustedAccessRoleBindingName}
Used by: TrustedAccessRoleBindingList.
| Property | Description | Type |
|---|---|---|
| metav1.TypeMeta | ||
| metav1.ObjectMeta | ||
| spec | TrustedAccessRoleBinding_Spec Optional |
|
| status | TrustedAccessRoleBinding_STATUS Optional |
TrustedAccessRoleBinding_Spec
| Property | Description | Type |
|---|---|---|
| azureName | The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn’t have to be. | string Optional |
| operatorSpec | The specification for configuring operator behavior. This field is interpreted by the operator and not passed directly to Azure | TrustedAccessRoleBindingOperatorSpec Optional |
| owner | The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a containerservice.azure.com/ManagedCluster resource | genruntime.KnownResourceReference Required |
| roles | A list of roles to bind, each item is a resource type qualified role name. For example: ‘Microsoft.MachineLearningServices/workspaces/reader’. | string[] Required |
| sourceResourceReference | The ARM resource ID of source resource that trusted access is configured for. | genruntime.ResourceReference Required |
TrustedAccessRoleBinding_STATUS
| Property | Description | Type |
|---|---|---|
| conditions | The observed state of the resource | conditions.Condition[] Optional |
| id | Fully qualified resource ID for the resource. E.g. “/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}” | string Optional |
| name | The name of the resource | string Optional |
| provisioningState | The current provisioning state of trusted access role binding. | TrustedAccessRoleBindingProperties_ProvisioningState_STATUS Optional |
| roles | A list of roles to bind, each item is a resource type qualified role name. For example: ‘Microsoft.MachineLearningServices/workspaces/reader’. | string[] Optional |
| sourceResourceId | The ARM resource ID of source resource that trusted access is configured for. | string Optional |
| systemData | Azure Resource Manager metadata containing createdBy and modifiedBy information. | SystemData_STATUS Optional |
| type | The type of the resource. E.g. “Microsoft.Compute/virtualMachines” or “Microsoft.Storage/storageAccounts” | string Optional |
TrustedAccessRoleBindingList
Generator information: - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2025-08-01/managedClusters.json - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName}/trustedAccessRoleBindings/{trustedAccessRoleBindingName}
| Property | Description | Type |
|---|---|---|
| metav1.TypeMeta | ||
| metav1.ListMeta | ||
| items | TrustedAccessRoleBinding[] Optional |
MaintenanceConfiguration_Spec
Used by: MaintenanceConfiguration.
| Property | Description | Type |
|---|---|---|
| azureName | The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn’t have to be. | string Optional |
| maintenanceWindow | Maintenance window for the maintenance configuration. | MaintenanceWindow Optional |
| notAllowedTime | Time slots on which upgrade is not allowed. | TimeSpan[] Optional |
| operatorSpec | The specification for configuring operator behavior. This field is interpreted by the operator and not passed directly to Azure | MaintenanceConfigurationOperatorSpec Optional |
| owner | The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a containerservice.azure.com/ManagedCluster resource | genruntime.KnownResourceReference Required |
| timeInWeek | Time slots during the week when planned maintenance is allowed to proceed. If two array entries specify the same day of the week, the applied configuration is the union of times in both entries. | TimeInWeek[] Optional |
MaintenanceConfiguration_STATUS
Used by: MaintenanceConfiguration.
| Property | Description | Type |
|---|---|---|
| conditions | The observed state of the resource | conditions.Condition[] Optional |
| id | Resource ID. | string Optional |
| maintenanceWindow | Maintenance window for the maintenance configuration. | MaintenanceWindow_STATUS Optional |
| name | The name of the resource that is unique within a resource group. This name can be used to access the resource. | string Optional |
| notAllowedTime | Time slots on which upgrade is not allowed. | TimeSpan_STATUS[] Optional |
| systemData | The system metadata relating to this resource. | SystemData_STATUS Optional |
| timeInWeek | Time slots during the week when planned maintenance is allowed to proceed. If two array entries specify the same day of the week, the applied configuration is the union of times in both entries. | TimeInWeek_STATUS[] Optional |
| type | Resource type | string Optional |
ManagedCluster_Spec
Used by: ManagedCluster.
| Property | Description | Type |
|---|---|---|
| aadProfile | The Azure Active Directory configuration. | ManagedClusterAADProfile Optional |
| addonProfiles | The profile of managed cluster add-on. | map[string]ManagedClusterAddonProfile Optional |
| agentPoolProfiles | The agent pool properties. | ManagedClusterAgentPoolProfile[] Optional |
| aiToolchainOperatorProfile | AI toolchain operator settings that apply to the whole cluster. | ManagedClusterAIToolchainOperatorProfile Optional |
| apiServerAccessProfile | The access profile for managed cluster API server. | ManagedClusterAPIServerAccessProfile Optional |
| autoScalerProfile | Parameters to be applied to the cluster-autoscaler when enabled | ManagedClusterProperties_AutoScalerProfile Optional |
| autoUpgradeProfile | The auto upgrade configuration. | ManagedClusterAutoUpgradeProfile Optional |
| azureMonitorProfile | Azure Monitor addon profiles for monitoring the managed cluster. | ManagedClusterAzureMonitorProfile Optional |
| azureName | The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn’t have to be. | string Optional |
| bootstrapProfile | Profile of the cluster bootstrap configuration. | ManagedClusterBootstrapProfile Optional |
| disableLocalAccounts | If local accounts should be disabled on the Managed Cluster. If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see disable local accounts. | bool Optional |
| diskEncryptionSetReference | The Resource ID of the disk encryption set to use for enabling encryption at rest. This is of the form: ‘/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}’ | genruntime.ResourceReference Optional |
| dnsPrefix | The DNS prefix of the Managed Cluster. This cannot be updated once the Managed Cluster has been created. | string Optional |
| enableRBAC | Whether to enable Kubernetes Role-Based Access Control. | bool Optional |
| extendedLocation | The extended location of the Virtual Machine. | ExtendedLocation Optional |
| fqdnSubdomain | The FQDN subdomain of the private cluster with custom private dns zone. This cannot be updated once the Managed Cluster has been created. | string Optional |
| httpProxyConfig | Configurations for provisioning the cluster with HTTP proxy servers. | ManagedClusterHTTPProxyConfig Optional |
| identity | The identity of the managed cluster, if configured. | ManagedClusterIdentity Optional |
| identityProfile | The user identity associated with the managed cluster. This identity will be used by the kubelet. Only one user assigned identity is allowed. The only accepted key is “kubeletidentity”, with value of “resourceId”: “/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}”. | map[string]UserAssignedIdentity Optional |
| ingressProfile | Ingress profile for the managed cluster. | ManagedClusterIngressProfile Optional |
| kind | This is primarily used to expose different UI experiences in the portal for different kinds | string Optional |
| kubernetesVersion | The version of Kubernetes specified by the user. Both patch version <major.minor.patch> (e.g. 1.20.13) and <major.minor> (e.g. 1.20) are supported. When <major.minor> is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same <major.minor> once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See upgrading an AKS cluster for more details. | string Optional |
| linuxProfile | The profile for Linux VMs in the Managed Cluster. | ContainerServiceLinuxProfile Optional |
| location | The geo-location where the resource lives | string Required |
| metricsProfile | Optional cluster metrics configuration. | ManagedClusterMetricsProfile Optional |
| networkProfile | The network configuration profile. | ContainerServiceNetworkProfile Optional |
| nodeProvisioningProfile | Node provisioning settings that apply to the whole cluster. | ManagedClusterNodeProvisioningProfile Optional |
| nodeResourceGroup | The name of the resource group containing agent pool nodes. | string Optional |
| nodeResourceGroupProfile | Profile of the node resource group configuration. | ManagedClusterNodeResourceGroupProfile Optional |
| oidcIssuerProfile | The OIDC issuer profile of the Managed Cluster. | ManagedClusterOIDCIssuerProfile Optional |
| operatorSpec | The specification for configuring operator behavior. This field is interpreted by the operator and not passed directly to Azure | ManagedClusterOperatorSpec Optional |
| owner | The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a resources.azure.com/ResourceGroup resource | genruntime.KnownResourceReference Required |
| podIdentityProfile | The pod identity profile of the Managed Cluster. See use AAD pod identity for more details on AAD pod identity integration. | ManagedClusterPodIdentityProfile Optional |
| privateLinkResources | Private link resources associated with the cluster. | PrivateLinkResource[] Optional |
| publicNetworkAccess | PublicNetworkAccess of the managedCluster. Allow or deny public network access for AKS | ManagedClusterProperties_PublicNetworkAccess Optional |
| securityProfile | Security profile for the managed cluster. | ManagedClusterSecurityProfile Optional |
| serviceMeshProfile | Service mesh profile for a managed cluster. | ServiceMeshProfile Optional |
| servicePrincipalProfile | Information about a service principal identity for the cluster to use for manipulating Azure APIs. | ManagedClusterServicePrincipalProfile Optional |
| sku | The managed cluster SKU. | ManagedClusterSKU Optional |
| storageProfile | Storage profile for the managed cluster. | ManagedClusterStorageProfile Optional |
| supportPlan | The support plan for the Managed Cluster. If unspecified, the default is KubernetesOfficial. |
KubernetesSupportPlan Optional |
| tags | Resource tags. | map[string]string Optional |
| upgradeSettings | Settings for upgrading a cluster. | ClusterUpgradeSettings Optional |
| windowsProfile | The profile for Windows VMs in the Managed Cluster. | ManagedClusterWindowsProfile Optional |
| workloadAutoScalerProfile | Workload Auto-scaler profile for the managed cluster. | ManagedClusterWorkloadAutoScalerProfile Optional |
ManagedCluster_STATUS
Managed cluster.
Used by: ManagedCluster.
| Property | Description | Type |
|---|---|---|
| aadProfile | The Azure Active Directory configuration. | ManagedClusterAADProfile_STATUS Optional |
| addonProfiles | The profile of managed cluster add-on. | map[string]ManagedClusterAddonProfile_STATUS Optional |
| agentPoolProfiles | The agent pool properties. | ManagedClusterAgentPoolProfile_STATUS[] Optional |
| aiToolchainOperatorProfile | AI toolchain operator settings that apply to the whole cluster. | ManagedClusterAIToolchainOperatorProfile_STATUS Optional |
| apiServerAccessProfile | The access profile for managed cluster API server. | ManagedClusterAPIServerAccessProfile_STATUS Optional |
| autoScalerProfile | Parameters to be applied to the cluster-autoscaler when enabled | ManagedClusterProperties_AutoScalerProfile_STATUS Optional |
| autoUpgradeProfile | The auto upgrade configuration. | ManagedClusterAutoUpgradeProfile_STATUS Optional |
| azureMonitorProfile | Azure Monitor addon profiles for monitoring the managed cluster. | ManagedClusterAzureMonitorProfile_STATUS Optional |
| azurePortalFQDN | The special FQDN used by the Azure Portal to access the Managed Cluster. This FQDN is for use only by the Azure Portal and should not be used by other clients. The Azure Portal requires certain Cross-Origin Resource Sharing (CORS) headers to be sent in some responses, which Kubernetes APIServer doesn’t handle by default. This special FQDN supports CORS, allowing the Azure Portal to function properly. | string Optional |
| bootstrapProfile | Profile of the cluster bootstrap configuration. | ManagedClusterBootstrapProfile_STATUS Optional |
| conditions | The observed state of the resource | conditions.Condition[] Optional |
| currentKubernetesVersion | The version of Kubernetes the Managed Cluster is running. If kubernetesVersion was a fully specified version <major.minor.patch>, this field will be exactly equal to it. If kubernetesVersion was <major.minor>, this field will contain the full <major.minor.patch> version being used. | string Optional |
| disableLocalAccounts | If local accounts should be disabled on the Managed Cluster. If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see disable local accounts. | bool Optional |
| diskEncryptionSetID | The Resource ID of the disk encryption set to use for enabling encryption at rest. This is of the form: ‘/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}’ | string Optional |
| dnsPrefix | The DNS prefix of the Managed Cluster. This cannot be updated once the Managed Cluster has been created. | string Optional |
| enableRBAC | Whether to enable Kubernetes Role-Based Access Control. | bool Optional |
| eTag | Unique read-only string used to implement optimistic concurrency. The eTag value will change when the resource is updated. Specify an if-match or if-none-match header with the eTag value for a subsequent request to enable optimistic concurrency per the normal etag convention. | string Optional |
| extendedLocation | The extended location of the Virtual Machine. | ExtendedLocation_STATUS Optional |
| fqdn | The FQDN of the master pool. | string Optional |
| fqdnSubdomain | The FQDN subdomain of the private cluster with custom private dns zone. This cannot be updated once the Managed Cluster has been created. | string Optional |
| httpProxyConfig | Configurations for provisioning the cluster with HTTP proxy servers. | ManagedClusterHTTPProxyConfig_STATUS Optional |
| id | Fully qualified resource ID for the resource. E.g. “/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}” | string Optional |
| identity | The identity of the managed cluster, if configured. | ManagedClusterIdentity_STATUS Optional |
| identityProfile | The user identity associated with the managed cluster. This identity will be used by the kubelet. Only one user assigned identity is allowed. The only accepted key is “kubeletidentity”, with value of “resourceId”: “/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}”. | map[string]UserAssignedIdentity_STATUS Optional |
| ingressProfile | Ingress profile for the managed cluster. | ManagedClusterIngressProfile_STATUS Optional |
| kind | This is primarily used to expose different UI experiences in the portal for different kinds | string Optional |
| kubernetesVersion | The version of Kubernetes specified by the user. Both patch version <major.minor.patch> (e.g. 1.20.13) and <major.minor> (e.g. 1.20) are supported. When <major.minor> is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same <major.minor> once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See upgrading an AKS cluster for more details. | string Optional |
| linuxProfile | The profile for Linux VMs in the Managed Cluster. | ContainerServiceLinuxProfile_STATUS Optional |
| location | The geo-location where the resource lives | string Optional |
| maxAgentPools | The max number of agent pools for the managed cluster. | int Optional |
| metricsProfile | Optional cluster metrics configuration. | ManagedClusterMetricsProfile_STATUS Optional |
| name | The name of the resource | string Optional |
| networkProfile | The network configuration profile. | ContainerServiceNetworkProfile_STATUS Optional |
| nodeProvisioningProfile | Node provisioning settings that apply to the whole cluster. | ManagedClusterNodeProvisioningProfile_STATUS Optional |
| nodeResourceGroup | The name of the resource group containing agent pool nodes. | string Optional |
| nodeResourceGroupProfile | Profile of the node resource group configuration. | ManagedClusterNodeResourceGroupProfile_STATUS Optional |
| oidcIssuerProfile | The OIDC issuer profile of the Managed Cluster. | ManagedClusterOIDCIssuerProfile_STATUS Optional |
| podIdentityProfile | The pod identity profile of the Managed Cluster. See use AAD pod identity for more details on AAD pod identity integration. | ManagedClusterPodIdentityProfile_STATUS Optional |
| powerState | The Power State of the cluster. | PowerState_STATUS Optional |
| privateFQDN | The FQDN of private cluster. | string Optional |
| privateLinkResources | Private link resources associated with the cluster. | PrivateLinkResource_STATUS[] Optional |
| provisioningState | The current provisioning state. | string Optional |
| publicNetworkAccess | PublicNetworkAccess of the managedCluster. Allow or deny public network access for AKS | ManagedClusterProperties_PublicNetworkAccess_STATUS Optional |
| resourceUID | The resourceUID uniquely identifies ManagedClusters that reuse ARM ResourceIds (i.e: create, delete, create sequence) | string Optional |
| securityProfile | Security profile for the managed cluster. | ManagedClusterSecurityProfile_STATUS Optional |
| serviceMeshProfile | Service mesh profile for a managed cluster. | ServiceMeshProfile_STATUS Optional |
| servicePrincipalProfile | Information about a service principal identity for the cluster to use for manipulating Azure APIs. | ManagedClusterServicePrincipalProfile_STATUS Optional |
| sku | The managed cluster SKU. | ManagedClusterSKU_STATUS Optional |
| status | Contains read-only information about the Managed Cluster. | ManagedClusterStatus_STATUS Optional |
| storageProfile | Storage profile for the managed cluster. | ManagedClusterStorageProfile_STATUS Optional |
| supportPlan | The support plan for the Managed Cluster. If unspecified, the default is KubernetesOfficial. |
KubernetesSupportPlan_STATUS Optional |
| systemData | Azure Resource Manager metadata containing createdBy and modifiedBy information. | SystemData_STATUS Optional |
| tags | Resource tags. | map[string]string Optional |
| type | The type of the resource. E.g. “Microsoft.Compute/virtualMachines” or “Microsoft.Storage/storageAccounts” | string Optional |
| upgradeSettings | Settings for upgrading a cluster. | ClusterUpgradeSettings_STATUS Optional |
| windowsProfile | The profile for Windows VMs in the Managed Cluster. | ManagedClusterWindowsProfile_STATUS Optional |
| workloadAutoScalerProfile | Workload Auto-scaler profile for the managed cluster. | ManagedClusterWorkloadAutoScalerProfile_STATUS Optional |
ManagedClustersAgentPool_Spec
Used by: ManagedClustersAgentPool.
| Property | Description | Type |
|---|---|---|
| availabilityZones | The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is VirtualMachineScaleSets. |
string[] Optional |
| azureName | The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn’t have to be. | string Optional |
| capacityReservationGroupReference | AKS will associate the specified agent pool with the Capacity Reservation Group. | genruntime.ResourceReference Optional |
| count | Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. | int Optional |
| creationData | CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot. | CreationData Optional |
| enableAutoScaling | Whether to enable auto-scaler | bool Optional |
| enableEncryptionAtHost | Whether to enable host based OS and data drive encryption. This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption | bool Optional |
| enableFIPS | Whether to use a FIPS-enabled OS. See Add a FIPS-enabled node pool for more details. | bool Optional |
| enableNodePublicIP | Whether each node is allocated its own public IP. Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see assigning a public IP per node. The default is false. | bool Optional |
| enableUltraSSD | Whether to enable UltraSSD | bool Optional |
| gatewayProfile | Profile specific to a managed agent pool in Gateway mode. This field cannot be set if agent pool mode is not Gateway. | AgentPoolGatewayProfile Optional |
| gpuInstanceProfile | GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU. | GPUInstanceProfile Optional |
| gpuProfile | GPU settings for the Agent Pool. | GPUProfile Optional |
| hostGroupReference | The fully qualified resource ID of the Dedicated Host Group to provision virtual machines from, used only in creation scenario and not allowed to changed once set. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see Azure dedicated hosts. | genruntime.ResourceReference Optional |
| kubeletConfig | The Kubelet configuration on the agent pool nodes. | KubeletConfig Optional |
| kubeletDiskType | Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage. | KubeletDiskType Optional |
| linuxOSConfig | The OS configuration of Linux agent nodes. | LinuxOSConfig Optional |
| maxCount | The maximum number of nodes for auto-scaling | int Optional |
| maxPods | The maximum number of pods that can run on a node. | int Optional |
| messageOfTheDay | Message of the day for Linux nodes, base64-encoded. A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script). | string Optional |
| minCount | The minimum number of nodes for auto-scaling | int Optional |
| mode | The mode of an agent pool. A cluster must have at least one System Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools |
AgentPoolMode Optional |
| networkProfile | Network-related settings of an agent pool. | AgentPoolNetworkProfile Optional |
| nodeLabels | The node labels to be persisted across all nodes in agent pool. | map[string]string Optional |
| nodePublicIPPrefixReference | The public IP prefix ID which VM nodes should use IPs from. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} | genruntime.ResourceReference Optional |
| nodeTaints | The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule. | string[] Optional |
| operatorSpec | The specification for configuring operator behavior. This field is interpreted by the operator and not passed directly to Azure | ManagedClustersAgentPoolOperatorSpec Optional |
| orchestratorVersion | The version of Kubernetes specified by the user. Both patch version <major.minor.patch> (e.g. 1.20.13) and <major.minor> (e.g. 1.20) are supported. When <major.minor> is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same <major.minor> once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see upgrading a node pool. | string Optional |
| osDiskSizeGB | ContainerServiceOSDisk Optional |
|
| osDiskType | The OS disk type to be used for machines in the agent pool. The default is Ephemeral if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to Managed. May not be changed after creation. For more information see Ephemeral OS. |
OSDiskType Optional |
| osSKU | Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows. | OSSKU Optional |
| osType | The operating system type. The default is Linux. | OSType Optional |
| owner | The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a containerservice.azure.com/ManagedCluster resource | genruntime.KnownResourceReference Required |
| podIPAllocationMode | Pod IP Allocation Mode. The IP allocation mode for pods in the agent pool. Must be used with podSubnetId. The default is DynamicIndividual. |
PodIPAllocationMode Optional |
| podSubnetReference | The ID of the subnet which pods will join when launched. If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} | genruntime.ResourceReference Optional |
| powerState | Whether the Agent Pool is running or stopped. When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded | PowerState Optional |
| proximityPlacementGroupReference | The ID for Proximity Placement Group. | genruntime.ResourceReference Optional |
| scaleDownMode | The scale down mode to use when scaling the Agent Pool. This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete. | ScaleDownMode Optional |
| scaleSetEvictionPolicy | The Virtual Machine Scale Set eviction policy to use. This cannot be specified unless the scaleSetPriority is Spot. If not specified, the default is Delete. |
ScaleSetEvictionPolicy Optional |
| scaleSetPriority | The Virtual Machine Scale Set priority. If not specified, the default is Regular. |
ScaleSetPriority Optional |
| securityProfile | The security settings of an agent pool. | AgentPoolSecurityProfile Optional |
| spotMaxPrice | The max price (in US Dollars) you are willing to pay for spot instances. Possible values are any decimal value greater than zero or -1 which indicates default price to be up-to on-demand. Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see spot VMs pricing | float64 Optional |
| tags | The tags to be persisted on the agent pool virtual machine scale set. | map[string]string Optional |
| type | The type of Agent Pool. | AgentPoolType Optional |
| upgradeSettings | Settings for upgrading the agentpool | AgentPoolUpgradeSettings Optional |
| virtualMachineNodesStatus | VirtualMachineNodes[] Optional |
|
| virtualMachinesProfile | Specifications on VirtualMachines agent pool. | VirtualMachinesProfile Optional |
| vmSize | The size of the agent pool VMs. VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions | string Optional |
| vnetSubnetReference | The ID of the subnet which agent pool nodes and optionally pods will join on startup. If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} | genruntime.ResourceReference Optional |
| windowsProfile | The Windows agent pool’s specific profile. | AgentPoolWindowsProfile Optional |
| workloadRuntime | Determines the type of workload a node can run. | WorkloadRuntime Optional |
ManagedClustersAgentPool_STATUS
Used by: ManagedClustersAgentPool.
| Property | Description | Type |
|---|---|---|
| availabilityZones | The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is VirtualMachineScaleSets. |
string[] Optional |
| capacityReservationGroupID | AKS will associate the specified agent pool with the Capacity Reservation Group. | string Optional |
| conditions | The observed state of the resource | conditions.Condition[] Optional |
| count | Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. | int Optional |
| creationData | CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot. | CreationData_STATUS Optional |
| currentOrchestratorVersion | The version of Kubernetes the Agent Pool is running. If orchestratorVersion is a fully specified version <major.minor.patch>, this field will be exactly equal to it. If orchestratorVersion is <major.minor>, this field will contain the full <major.minor.patch> version being used. | string Optional |
| enableAutoScaling | Whether to enable auto-scaler | bool Optional |
| enableEncryptionAtHost | Whether to enable host based OS and data drive encryption. This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption | bool Optional |
| enableFIPS | Whether to use a FIPS-enabled OS. See Add a FIPS-enabled node pool for more details. | bool Optional |
| enableNodePublicIP | Whether each node is allocated its own public IP. Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see assigning a public IP per node. The default is false. | bool Optional |
| enableUltraSSD | Whether to enable UltraSSD | bool Optional |
| eTag | Unique read-only string used to implement optimistic concurrency. The eTag value will change when the resource is updated. Specify an if-match or if-none-match header with the eTag value for a subsequent request to enable optimistic concurrency per the normal etag convention. | string Optional |
| gatewayProfile | Profile specific to a managed agent pool in Gateway mode. This field cannot be set if agent pool mode is not Gateway. | AgentPoolGatewayProfile_STATUS Optional |
| gpuInstanceProfile | GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU. | GPUInstanceProfile_STATUS Optional |
| gpuProfile | GPU settings for the Agent Pool. | GPUProfile_STATUS Optional |
| hostGroupID | The fully qualified resource ID of the Dedicated Host Group to provision virtual machines from, used only in creation scenario and not allowed to changed once set. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see Azure dedicated hosts. | string Optional |
| id | Resource ID. | string Optional |
| kubeletConfig | The Kubelet configuration on the agent pool nodes. | KubeletConfig_STATUS Optional |
| kubeletDiskType | Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage. | KubeletDiskType_STATUS Optional |
| linuxOSConfig | The OS configuration of Linux agent nodes. | LinuxOSConfig_STATUS Optional |
| maxCount | The maximum number of nodes for auto-scaling | int Optional |
| maxPods | The maximum number of pods that can run on a node. | int Optional |
| messageOfTheDay | Message of the day for Linux nodes, base64-encoded. A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script). | string Optional |
| minCount | The minimum number of nodes for auto-scaling | int Optional |
| mode | The mode of an agent pool. A cluster must have at least one System Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools |
AgentPoolMode_STATUS Optional |
| name | The name of the resource that is unique within a resource group. This name can be used to access the resource. | string Optional |
| networkProfile | Network-related settings of an agent pool. | AgentPoolNetworkProfile_STATUS Optional |
| nodeImageVersion | The version of node image | string Optional |
| nodeLabels | The node labels to be persisted across all nodes in agent pool. | map[string]string Optional |
| nodePublicIPPrefixID | The public IP prefix ID which VM nodes should use IPs from. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} | string Optional |
| nodeTaints | The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule. | string[] Optional |
| orchestratorVersion | The version of Kubernetes specified by the user. Both patch version <major.minor.patch> (e.g. 1.20.13) and <major.minor> (e.g. 1.20) are supported. When <major.minor> is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same <major.minor> once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see upgrading a node pool. | string Optional |
| osDiskSizeGB | int Optional |
|
| osDiskType | The OS disk type to be used for machines in the agent pool. The default is Ephemeral if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to Managed. May not be changed after creation. For more information see Ephemeral OS. |
OSDiskType_STATUS Optional |
| osSKU | Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows. | OSSKU_STATUS Optional |
| osType | The operating system type. The default is Linux. | OSType_STATUS Optional |
| podIPAllocationMode | Pod IP Allocation Mode. The IP allocation mode for pods in the agent pool. Must be used with podSubnetId. The default is DynamicIndividual. |
PodIPAllocationMode_STATUS Optional |
| podSubnetID | The ID of the subnet which pods will join when launched. If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} | string Optional |
| powerState | Whether the Agent Pool is running or stopped. When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded | PowerState_STATUS Optional |
| properties_type | The type of Agent Pool. | AgentPoolType_STATUS Optional |
| provisioningState | The current deployment or provisioning state. | string Optional |
| proximityPlacementGroupID | The ID for Proximity Placement Group. | string Optional |
| scaleDownMode | The scale down mode to use when scaling the Agent Pool. This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete. | ScaleDownMode_STATUS Optional |
| scaleSetEvictionPolicy | The Virtual Machine Scale Set eviction policy to use. This cannot be specified unless the scaleSetPriority is Spot. If not specified, the default is Delete. |
ScaleSetEvictionPolicy_STATUS Optional |
| scaleSetPriority | The Virtual Machine Scale Set priority. If not specified, the default is Regular. |
ScaleSetPriority_STATUS Optional |
| securityProfile | The security settings of an agent pool. | AgentPoolSecurityProfile_STATUS Optional |
| spotMaxPrice | The max price (in US Dollars) you are willing to pay for spot instances. Possible values are any decimal value greater than zero or -1 which indicates default price to be up-to on-demand. Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see spot VMs pricing | float64 Optional |
| status | Contains read-only information about the Agent Pool. | AgentPoolStatus_STATUS Optional |
| tags | The tags to be persisted on the agent pool virtual machine scale set. | map[string]string Optional |
| type | Resource type | string Optional |
| upgradeSettings | Settings for upgrading the agentpool | AgentPoolUpgradeSettings_STATUS Optional |
| virtualMachineNodesStatus | VirtualMachineNodes_STATUS[] Optional |
|
| virtualMachinesProfile | Specifications on VirtualMachines agent pool. | VirtualMachinesProfile_STATUS Optional |
| vmSize | The size of the agent pool VMs. VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions | string Optional |
| vnetSubnetID | The ID of the subnet which agent pool nodes and optionally pods will join on startup. If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} | string Optional |
| windowsProfile | The Windows agent pool’s specific profile. | AgentPoolWindowsProfile_STATUS Optional |
| workloadRuntime | Determines the type of workload a node can run. | WorkloadRuntime_STATUS Optional |
TrustedAccessRoleBinding_Spec
Used by: TrustedAccessRoleBinding.
| Property | Description | Type |
|---|---|---|
| azureName | The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn’t have to be. | string Optional |
| operatorSpec | The specification for configuring operator behavior. This field is interpreted by the operator and not passed directly to Azure | TrustedAccessRoleBindingOperatorSpec Optional |
| owner | The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a containerservice.azure.com/ManagedCluster resource | genruntime.KnownResourceReference Required |
| roles | A list of roles to bind, each item is a resource type qualified role name. For example: ‘Microsoft.MachineLearningServices/workspaces/reader’. | string[] Required |
| sourceResourceReference | The ARM resource ID of source resource that trusted access is configured for. | genruntime.ResourceReference Required |
TrustedAccessRoleBinding_STATUS
Used by: TrustedAccessRoleBinding.
| Property | Description | Type |
|---|---|---|
| conditions | The observed state of the resource | conditions.Condition[] Optional |
| id | Fully qualified resource ID for the resource. E.g. “/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}” | string Optional |
| name | The name of the resource | string Optional |
| provisioningState | The current provisioning state of trusted access role binding. | TrustedAccessRoleBindingProperties_ProvisioningState_STATUS Optional |
| roles | A list of roles to bind, each item is a resource type qualified role name. For example: ‘Microsoft.MachineLearningServices/workspaces/reader’. | string[] Optional |
| sourceResourceId | The ARM resource ID of source resource that trusted access is configured for. | string Optional |
| systemData | Azure Resource Manager metadata containing createdBy and modifiedBy information. | SystemData_STATUS Optional |
| type | The type of the resource. E.g. “Microsoft.Compute/virtualMachines” or “Microsoft.Storage/storageAccounts” | string Optional |
AgentPoolGatewayProfile
Profile of the managed cluster gateway agent pool.
Used by: ManagedClusterAgentPoolProfile, and ManagedClustersAgentPool_Spec.
| Property | Description | Type |
|---|---|---|
| publicIPPrefixSize | The Gateway agent pool associates one public IPPrefix for each static egress gateway to provide public egress. The size of Public IPPrefix should be selected by the user. Each node in the agent pool is assigned with one IP from the IPPrefix. The IPPrefix size thus serves as a cap on the size of the Gateway agent pool. Due to Azure public IPPrefix size limitation, the valid value range is [28, 31](/31 = 2 nodes/IPs, /30 = 4 nodes/IPs, /29 = 8 nodes/IPs, /28 = 16 nodes/IPs). The default value is 31. | int Optional |
AgentPoolGatewayProfile_STATUS
Profile of the managed cluster gateway agent pool.
Used by: ManagedClusterAgentPoolProfile_STATUS, and ManagedClustersAgentPool_STATUS.
| Property | Description | Type |
|---|---|---|
| publicIPPrefixSize | The Gateway agent pool associates one public IPPrefix for each static egress gateway to provide public egress. The size of Public IPPrefix should be selected by the user. Each node in the agent pool is assigned with one IP from the IPPrefix. The IPPrefix size thus serves as a cap on the size of the Gateway agent pool. Due to Azure public IPPrefix size limitation, the valid value range is [28, 31](/31 = 2 nodes/IPs, /30 = 4 nodes/IPs, /29 = 8 nodes/IPs, /28 = 16 nodes/IPs). The default value is 31. | int Optional |
AgentPoolMode
The mode of an agent pool. A cluster must have at least one System Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools
Used by: ManagedClusterAgentPoolProfile, and ManagedClustersAgentPool_Spec.
| Value | Description |
|---|---|
| “Gateway” | |
| “System” | |
| “User” |
AgentPoolMode_STATUS
The mode of an agent pool. A cluster must have at least one System Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools
Used by: ManagedClusterAgentPoolProfile_STATUS, and ManagedClustersAgentPool_STATUS.
| Value | Description |
|---|---|
| “Gateway” | |
| “System” | |
| “User” |
AgentPoolNetworkProfile
Network settings of an agent pool.
Used by: ManagedClusterAgentPoolProfile, and ManagedClustersAgentPool_Spec.
| Property | Description | Type |
|---|---|---|
| allowedHostPorts | The port ranges that are allowed to access. The specified ranges are allowed to overlap. | PortRange[] Optional |
| applicationSecurityGroupsReferences | The IDs of the application security groups which agent pool will associate when created. | genruntime.ResourceReference[] Optional |
| nodePublicIPTags | IPTags of instance-level public IPs. | IPTag[] Optional |
AgentPoolNetworkProfile_STATUS
Network settings of an agent pool.
Used by: ManagedClusterAgentPoolProfile_STATUS, and ManagedClustersAgentPool_STATUS.
| Property | Description | Type |
|---|---|---|
| allowedHostPorts | The port ranges that are allowed to access. The specified ranges are allowed to overlap. | PortRange_STATUS[] Optional |
| applicationSecurityGroups | The IDs of the application security groups which agent pool will associate when created. | string[] Optional |
| nodePublicIPTags | IPTags of instance-level public IPs. | IPTag_STATUS[] Optional |
AgentPoolSecurityProfile
The security settings of an agent pool.
Used by: ManagedClusterAgentPoolProfile, and ManagedClustersAgentPool_Spec.
| Property | Description | Type |
|---|---|---|
| enableSecureBoot | Secure Boot is a feature of Trusted Launch which ensures that only signed operating systems and drivers can boot. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. | bool Optional |
| enableVTPM | vTPM is a Trusted Launch feature for configuring a dedicated secure vault for keys and measurements held locally on the node. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. | bool Optional |
| sshAccess | SSH access method of an agent pool. | AgentPoolSSHAccess Optional |
AgentPoolSecurityProfile_STATUS
The security settings of an agent pool.
Used by: ManagedClusterAgentPoolProfile_STATUS, and ManagedClustersAgentPool_STATUS.
| Property | Description | Type |
|---|---|---|
| enableSecureBoot | Secure Boot is a feature of Trusted Launch which ensures that only signed operating systems and drivers can boot. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. | bool Optional |
| enableVTPM | vTPM is a Trusted Launch feature for configuring a dedicated secure vault for keys and measurements held locally on the node. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. | bool Optional |
| sshAccess | SSH access method of an agent pool. | AgentPoolSSHAccess_STATUS Optional |
AgentPoolStatus_STATUS
Contains read-only information about the Agent Pool.
Used by: ManagedClusterAgentPoolProfile_STATUS, and ManagedClustersAgentPool_STATUS.
| Property | Description | Type |
|---|---|---|
| provisioningError | The error detail information of the agent pool. Preserves the detailed info of failure. If there was no error, this field is omitted. | ErrorDetail_STATUS Optional |
AgentPoolType
The type of Agent Pool.
Used by: ManagedClusterAgentPoolProfile, and ManagedClustersAgentPool_Spec.
| Value | Description |
|---|---|
| “AvailabilitySet” | |
| “VirtualMachineScaleSets” | |
| “VirtualMachines” |
AgentPoolType_STATUS
The type of Agent Pool.
Used by: ManagedClusterAgentPoolProfile_STATUS, and ManagedClustersAgentPool_STATUS.
| Value | Description |
|---|---|
| “AvailabilitySet” | |
| “VirtualMachineScaleSets” | |
| “VirtualMachines” |
AgentPoolUpgradeSettings
Settings for upgrading an agentpool
Used by: ManagedClusterAgentPoolProfile, and ManagedClustersAgentPool_Spec.
| Property | Description | Type |
|---|---|---|
| drainTimeoutInMinutes | The drain timeout for a node. The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not specified, the default is 30 minutes. | int Optional |
| maxSurge | The maximum number or percentage of nodes that are surged during upgrade. This can either be set to an integer (e.g. 5) or a percentage (e.g. ‘50%’). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 10%. For more information, including best practices, see: https://learn.microsoft.com/en-us/azure/aks/upgrade-cluster |
string Optional |
| maxUnavailable | The maximum number or percentage of nodes that can be simultaneously unavailable during upgrade. This can either be set to an integer (e.g. 1) or a percentage (e.g. ‘5%’). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 0. For more information, including best practices, see: https://learn.microsoft.com/en-us/azure/aks/upgrade-cluster |
string Optional |
| nodeSoakDurationInMinutes | The soak duration for a node. The amount of time (in minutes) to wait after draining a node and before reimaging it and moving on to next node. If not specified, the default is 0 minutes. | int Optional |
| undrainableNodeBehavior | Defines the behavior for undrainable nodes during upgrade. The most common cause of undrainable nodes is Pod Disruption Budgets (PDBs), but other issues, such as pod termination grace period is exceeding the remaining per-node drain timeout or pod is still being in a running state, can also cause undrainable nodes. | AgentPoolUpgradeSettings_UndrainableNodeBehavior Optional |
AgentPoolUpgradeSettings_STATUS
Settings for upgrading an agentpool
Used by: ManagedClusterAgentPoolProfile_STATUS, and ManagedClustersAgentPool_STATUS.
| Property | Description | Type |
|---|---|---|
| drainTimeoutInMinutes | The drain timeout for a node. The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not specified, the default is 30 minutes. | int Optional |
| maxSurge | The maximum number or percentage of nodes that are surged during upgrade. This can either be set to an integer (e.g. 5) or a percentage (e.g. ‘50%’). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 10%. For more information, including best practices, see: https://learn.microsoft.com/en-us/azure/aks/upgrade-cluster |
string Optional |
| maxUnavailable | The maximum number or percentage of nodes that can be simultaneously unavailable during upgrade. This can either be set to an integer (e.g. 1) or a percentage (e.g. ‘5%’). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 0. For more information, including best practices, see: https://learn.microsoft.com/en-us/azure/aks/upgrade-cluster |
string Optional |
| nodeSoakDurationInMinutes | The soak duration for a node. The amount of time (in minutes) to wait after draining a node and before reimaging it and moving on to next node. If not specified, the default is 0 minutes. | int Optional |
| undrainableNodeBehavior | Defines the behavior for undrainable nodes during upgrade. The most common cause of undrainable nodes is Pod Disruption Budgets (PDBs), but other issues, such as pod termination grace period is exceeding the remaining per-node drain timeout or pod is still being in a running state, can also cause undrainable nodes. | AgentPoolUpgradeSettings_UndrainableNodeBehavior_STATUS Optional |
AgentPoolWindowsProfile
The Windows agent pool’s specific profile.
Used by: ManagedClusterAgentPoolProfile, and ManagedClustersAgentPool_Spec.
| Property | Description | Type |
|---|---|---|
| disableOutboundNat | Whether to disable OutboundNAT in windows nodes. The default value is false. Outbound NAT can only be disabled if the cluster outboundType is NAT Gateway and the Windows agent pool does not have node public IP enabled. | bool Optional |
AgentPoolWindowsProfile_STATUS
The Windows agent pool’s specific profile.
Used by: ManagedClusterAgentPoolProfile_STATUS, and ManagedClustersAgentPool_STATUS.
| Property | Description | Type |
|---|---|---|
| disableOutboundNat | Whether to disable OutboundNAT in windows nodes. The default value is false. Outbound NAT can only be disabled if the cluster outboundType is NAT Gateway and the Windows agent pool does not have node public IP enabled. | bool Optional |
ClusterUpgradeSettings
Settings for upgrading a cluster.
Used by: ManagedCluster_Spec.
| Property | Description | Type |
|---|---|---|
| overrideSettings | Settings for overrides. | UpgradeOverrideSettings Optional |
ClusterUpgradeSettings_STATUS
Settings for upgrading a cluster.
Used by: ManagedCluster_STATUS.
| Property | Description | Type |
|---|---|---|
| overrideSettings | Settings for overrides. | UpgradeOverrideSettings_STATUS Optional |
ContainerServiceLinuxProfile
Profile for Linux VMs in the container service cluster.
Used by: ManagedCluster_Spec.
| Property | Description | Type |
|---|---|---|
| adminUsername | The administrator username to use for Linux VMs. | string Required |
| ssh | The SSH configuration for Linux-based VMs running on Azure. | ContainerServiceSshConfiguration Required |
ContainerServiceLinuxProfile_STATUS
Profile for Linux VMs in the container service cluster.
Used by: ManagedCluster_STATUS.
| Property | Description | Type |
|---|---|---|
| adminUsername | The administrator username to use for Linux VMs. | string Optional |
| ssh | The SSH configuration for Linux-based VMs running on Azure. | ContainerServiceSshConfiguration_STATUS Optional |
ContainerServiceNetworkProfile
Profile of network configuration.
Used by: ManagedCluster_Spec.
| Property | Description | Type |
|---|---|---|
| advancedNetworking | Advanced Networking profile for enabling observability and security feature suite on a cluster. For more information see aka.ms/aksadvancednetworking. | AdvancedNetworking Optional |
| dnsServiceIP | An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr. | string Optional |
| ipFamilies | The IP families used to specify IP versions available to the cluster. IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value is IPv4. For dual-stack, the expected values are IPv4 and IPv6. | ContainerServiceNetworkProfile_IpFamilies[] Optional |
| loadBalancerProfile | Profile of the cluster load balancer. | ManagedClusterLoadBalancerProfile Optional |
| loadBalancerSku | The load balancer sku for the managed cluster. The default is standard. See Azure Load Balancer SKUs for more information about the differences between load balancer SKUs. |
ContainerServiceNetworkProfile_LoadBalancerSku Optional |
| natGatewayProfile | Profile of the cluster NAT gateway. | ManagedClusterNATGatewayProfile Optional |
| networkDataplane | Network dataplane used in the Kubernetes cluster. | ContainerServiceNetworkProfile_NetworkDataplane Optional |
| networkMode | The network mode Azure CNI is configured with. This cannot be specified if networkPlugin is anything other than azure. |
ContainerServiceNetworkProfile_NetworkMode Optional |
| networkPlugin | Network plugin used for building the Kubernetes network. | ContainerServiceNetworkProfile_NetworkPlugin Optional |
| networkPluginMode | The mode the network plugin should use. | ContainerServiceNetworkProfile_NetworkPluginMode Optional |
| networkPolicy | Network policy used for building the Kubernetes network. | ContainerServiceNetworkProfile_NetworkPolicy Optional |
| outboundType | The outbound (egress) routing method. This can only be set at cluster creation time and cannot be changed later. For more information see egress outbound type. | ContainerServiceNetworkProfile_OutboundType Optional |
| podCidr | A CIDR notation IP range from which to assign pod IPs when kubenet is used. | string Optional |
| podCidrs | The CIDR notation IP ranges from which to assign pod IPs. One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking. | string[] Optional |
| serviceCidr | A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges. | string Optional |
| serviceCidrs | The CIDR notation IP ranges from which to assign service cluster IPs. One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking. They must not overlap with any Subnet IP ranges. | string[] Optional |
| staticEgressGatewayProfile | The profile for Static Egress Gateway addon. For more details about Static Egress Gateway, see https://aka.ms/aks/static-egress-gateway. | ManagedClusterStaticEgressGatewayProfile Optional |
ContainerServiceNetworkProfile_STATUS
Profile of network configuration.
Used by: ManagedCluster_STATUS.
| Property | Description | Type |
|---|---|---|
| advancedNetworking | Advanced Networking profile for enabling observability and security feature suite on a cluster. For more information see aka.ms/aksadvancednetworking. | AdvancedNetworking_STATUS Optional |
| dnsServiceIP | An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr. | string Optional |
| ipFamilies | The IP families used to specify IP versions available to the cluster. IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value is IPv4. For dual-stack, the expected values are IPv4 and IPv6. | ContainerServiceNetworkProfile_IpFamilies_STATUS[] Optional |
| loadBalancerProfile | Profile of the cluster load balancer. | ManagedClusterLoadBalancerProfile_STATUS Optional |
| loadBalancerSku | The load balancer sku for the managed cluster. The default is standard. See Azure Load Balancer SKUs for more information about the differences between load balancer SKUs. |
ContainerServiceNetworkProfile_LoadBalancerSku_STATUS Optional |
| natGatewayProfile | Profile of the cluster NAT gateway. | ManagedClusterNATGatewayProfile_STATUS Optional |
| networkDataplane | Network dataplane used in the Kubernetes cluster. | ContainerServiceNetworkProfile_NetworkDataplane_STATUS Optional |
| networkMode | The network mode Azure CNI is configured with. This cannot be specified if networkPlugin is anything other than azure. |
ContainerServiceNetworkProfile_NetworkMode_STATUS Optional |
| networkPlugin | Network plugin used for building the Kubernetes network. | ContainerServiceNetworkProfile_NetworkPlugin_STATUS Optional |
| networkPluginMode | The mode the network plugin should use. | ContainerServiceNetworkProfile_NetworkPluginMode_STATUS Optional |
| networkPolicy | Network policy used for building the Kubernetes network. | ContainerServiceNetworkProfile_NetworkPolicy_STATUS Optional |
| outboundType | The outbound (egress) routing method. This can only be set at cluster creation time and cannot be changed later. For more information see egress outbound type. | ContainerServiceNetworkProfile_OutboundType_STATUS Optional |
| podCidr | A CIDR notation IP range from which to assign pod IPs when kubenet is used. | string Optional |
| podCidrs | The CIDR notation IP ranges from which to assign pod IPs. One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking. | string[] Optional |
| serviceCidr | A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges. | string Optional |
| serviceCidrs | The CIDR notation IP ranges from which to assign service cluster IPs. One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking. They must not overlap with any Subnet IP ranges. | string[] Optional |
| staticEgressGatewayProfile | The profile for Static Egress Gateway addon. For more details about Static Egress Gateway, see https://aka.ms/aks/static-egress-gateway. | ManagedClusterStaticEgressGatewayProfile_STATUS Optional |
ContainerServiceOSDisk
Used by: ManagedClusterAgentPoolProfile, and ManagedClustersAgentPool_Spec.
CreationData
Data used when creating a target resource from a source resource.
Used by: ManagedClusterAgentPoolProfile, and ManagedClustersAgentPool_Spec.
| Property | Description | Type |
|---|---|---|
| sourceResourceReference | This is the ARM ID of the source object to be used to create the target object. | genruntime.ResourceReference Optional |
CreationData_STATUS
Data used when creating a target resource from a source resource.
Used by: ManagedClusterAgentPoolProfile_STATUS, and ManagedClustersAgentPool_STATUS.
| Property | Description | Type |
|---|---|---|
| sourceResourceId | This is the ARM ID of the source object to be used to create the target object. | string Optional |
ExtendedLocation
The complex type of the extended location.
Used by: ManagedCluster_Spec.
| Property | Description | Type |
|---|---|---|
| name | The name of the extended location. | string Optional |
| type | The type of the extended location. | ExtendedLocationType Optional |
ExtendedLocation_STATUS
The complex type of the extended location.
Used by: ManagedCluster_STATUS.
| Property | Description | Type |
|---|---|---|
| name | The name of the extended location. | string Optional |
| type | The type of the extended location. | ExtendedLocationType_STATUS Optional |
GPUInstanceProfile
GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.
Used by: ManagedClusterAgentPoolProfile, and ManagedClustersAgentPool_Spec.
| Value | Description |
|---|---|
| “MIG1g” | |
| “MIG2g” | |
| “MIG3g” | |
| “MIG4g” | |
| “MIG7g” |
GPUInstanceProfile_STATUS
GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.
Used by: ManagedClusterAgentPoolProfile_STATUS, and ManagedClustersAgentPool_STATUS.
| Value | Description |
|---|---|
| “MIG1g” | |
| “MIG2g” | |
| “MIG3g” | |
| “MIG4g” | |
| “MIG7g” |
GPUProfile
GPU settings for the Agent Pool.
Used by: ManagedClusterAgentPoolProfile, and ManagedClustersAgentPool_Spec.
| Property | Description | Type |
|---|---|---|
| driver | Whether to install GPU drivers. When it’s not specified, default is Install. | GPUProfile_Driver Optional |
GPUProfile_STATUS
GPU settings for the Agent Pool.
Used by: ManagedClusterAgentPoolProfile_STATUS, and ManagedClustersAgentPool_STATUS.
| Property | Description | Type |
|---|---|---|
| driver | Whether to install GPU drivers. When it’s not specified, default is Install. | GPUProfile_Driver_STATUS Optional |
KubeletConfig
Kubelet configurations of agent nodes. See AKS custom node configuration for more details.
Used by: ManagedClusterAgentPoolProfile, and ManagedClustersAgentPool_Spec.
| Property | Description | Type |
|---|---|---|
| allowedUnsafeSysctls | Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in *). |
string[] Optional |
| containerLogMaxFiles | The maximum number of container log files that can be present for a container. The number must be ≥ 2. | int Optional |
| containerLogMaxSizeMB | The maximum size (e.g. 10Mi) of container log file before it is rotated. | int Optional |
| cpuCfsQuota | If CPU CFS quota enforcement is enabled for containers that specify CPU limits. The default is true. | bool Optional |
| cpuCfsQuotaPeriod | The CPU CFS quota period value. The default is 100ms. Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: 300ms, 2h45m. Supported units are ns, us, ms, s, m, and h. |
string Optional |
| cpuManagerPolicy | The CPU Manager policy to use. The default is none. See Kubernetes CPU management policies for more information. Allowed values are none and static. |
string Optional |
| failSwapOn | If set to true it will make the Kubelet fail to start if swap is enabled on the node. | bool Optional |
| imageGcHighThreshold | The percent of disk usage after which image garbage collection is always run. To disable image garbage collection, set to 100. The default is 85% | int Optional |
| imageGcLowThreshold | The percent of disk usage before which image garbage collection is never run. This cannot be set higher than imageGcHighThreshold. The default is 80% | int Optional |
| podMaxPids | The maximum number of processes per pod. | int Optional |
| topologyManagerPolicy | The Topology Manager policy to use. For more information see Kubernetes Topology Manager. The default is none. Allowed values are none, ‘best-effort’, restricted, and ‘single-numa-node’. |
string Optional |
KubeletConfig_STATUS
Kubelet configurations of agent nodes. See AKS custom node configuration for more details.
Used by: ManagedClusterAgentPoolProfile_STATUS, and ManagedClustersAgentPool_STATUS.
| Property | Description | Type |
|---|---|---|
| allowedUnsafeSysctls | Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in *). |
string[] Optional |
| containerLogMaxFiles | The maximum number of container log files that can be present for a container. The number must be ≥ 2. | int Optional |
| containerLogMaxSizeMB | The maximum size (e.g. 10Mi) of container log file before it is rotated. | int Optional |
| cpuCfsQuota | If CPU CFS quota enforcement is enabled for containers that specify CPU limits. The default is true. | bool Optional |
| cpuCfsQuotaPeriod | The CPU CFS quota period value. The default is 100ms. Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: 300ms, 2h45m. Supported units are ns, us, ms, s, m, and h. |
string Optional |
| cpuManagerPolicy | The CPU Manager policy to use. The default is none. See Kubernetes CPU management policies for more information. Allowed values are none and static. |
string Optional |
| failSwapOn | If set to true it will make the Kubelet fail to start if swap is enabled on the node. | bool Optional |
| imageGcHighThreshold | The percent of disk usage after which image garbage collection is always run. To disable image garbage collection, set to 100. The default is 85% | int Optional |
| imageGcLowThreshold | The percent of disk usage before which image garbage collection is never run. This cannot be set higher than imageGcHighThreshold. The default is 80% | int Optional |
| podMaxPids | The maximum number of processes per pod. | int Optional |
| topologyManagerPolicy | The Topology Manager policy to use. For more information see Kubernetes Topology Manager. The default is none. Allowed values are none, ‘best-effort’, restricted, and ‘single-numa-node’. |
string Optional |
KubeletDiskType
Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.
Used by: ManagedClusterAgentPoolProfile, and ManagedClustersAgentPool_Spec.
| Value | Description |
|---|---|
| “OS” | |
| “Temporary” |
KubeletDiskType_STATUS
Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.
Used by: ManagedClusterAgentPoolProfile_STATUS, and ManagedClustersAgentPool_STATUS.
| Value | Description |
|---|---|
| “OS” | |
| “Temporary” |
KubernetesSupportPlan
Different support tiers for AKS managed clusters
Used by: ManagedCluster_Spec.
| Value | Description |
|---|---|
| “AKSLongTermSupport” | |
| “KubernetesOfficial” |
KubernetesSupportPlan_STATUS
Different support tiers for AKS managed clusters
Used by: ManagedCluster_STATUS.
| Value | Description |
|---|---|
| “AKSLongTermSupport” | |
| “KubernetesOfficial” |
LinuxOSConfig
OS configurations of Linux agent nodes. See AKS custom node configuration for more details.
Used by: ManagedClusterAgentPoolProfile, and ManagedClustersAgentPool_Spec.
| Property | Description | Type |
|---|---|---|
| swapFileSizeMB | The size in MB of a swap file that will be created on each node. | int Optional |
| sysctls | Sysctl settings for Linux agent nodes. | SysctlConfig Optional |
| transparentHugePageDefrag | Whether the kernel should make aggressive use of memory compaction to make more hugepages available. Valid values are always, defer, ‘defer+madvise’, madvise and never. The default is madvise. For more information see Transparent Hugepages. |
string Optional |
| transparentHugePageEnabled | Whether transparent hugepages are enabled. Valid values are always, madvise, and never. The default is always. For more information see Transparent Hugepages. |
string Optional |
LinuxOSConfig_STATUS
OS configurations of Linux agent nodes. See AKS custom node configuration for more details.
Used by: ManagedClusterAgentPoolProfile_STATUS, and ManagedClustersAgentPool_STATUS.
| Property | Description | Type |
|---|---|---|
| swapFileSizeMB | The size in MB of a swap file that will be created on each node. | int Optional |
| sysctls | Sysctl settings for Linux agent nodes. | SysctlConfig_STATUS Optional |
| transparentHugePageDefrag | Whether the kernel should make aggressive use of memory compaction to make more hugepages available. Valid values are always, defer, ‘defer+madvise’, madvise and never. The default is madvise. For more information see Transparent Hugepages. |
string Optional |
| transparentHugePageEnabled | Whether transparent hugepages are enabled. Valid values are always, madvise, and never. The default is always. For more information see Transparent Hugepages. |
string Optional |
MaintenanceConfigurationOperatorSpec
Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure
Used by: MaintenanceConfiguration_Spec.
| Property | Description | Type |
|---|---|---|
| configMapExpressions | configures where to place operator written dynamic ConfigMaps (created with CEL expressions). | core.DestinationExpression[] Optional |
| secretExpressions | configures where to place operator written dynamic secrets (created with CEL expressions). | core.DestinationExpression[] Optional |
MaintenanceWindow
Maintenance window used to configure scheduled auto-upgrade for a Managed Cluster.
Used by: MaintenanceConfiguration_Spec.
| Property | Description | Type |
|---|---|---|
| durationHours | Length of maintenance window range from 4 to 24 hours. | int Required |
| notAllowedDates | Date ranges on which upgrade is not allowed. utcOffset applies to this field. For example, with ‘utcOffset: +02:00’ and dateSpan being ‘2022-12-23’ to ‘2023-01-03’, maintenance will be blocked from ‘2022-12-22 22:00’ to ‘2023-01-03 22:00’ in UTC time. |
DateSpan[] Optional |
| schedule | Recurrence schedule for the maintenance window. | Schedule Required |
| startDate | The date the maintenance window activates. If the current date is before this date, the maintenance window is inactive and will not be used for upgrades. If not specified, the maintenance window will be active right away. | string Optional |
| startTime | The start time of the maintenance window. Accepted values are from ‘00:00’ to ‘23:59’. utcOffset applies to this field. For example: ‘02:00’ with ‘utcOffset: +02:00’ means UTC time ‘00:00’. |
string Required |
| utcOffset | The UTC offset in format +/-HH:mm. For example, ‘+05:30’ for IST and ‘-07:00’ for PST. If not specified, the default is ‘+00:00’. | string Optional |
MaintenanceWindow_STATUS
Maintenance window used to configure scheduled auto-upgrade for a Managed Cluster.
Used by: MaintenanceConfiguration_STATUS.
| Property | Description | Type |
|---|---|---|
| durationHours | Length of maintenance window range from 4 to 24 hours. | int Optional |
| notAllowedDates | Date ranges on which upgrade is not allowed. utcOffset applies to this field. For example, with ‘utcOffset: +02:00’ and dateSpan being ‘2022-12-23’ to ‘2023-01-03’, maintenance will be blocked from ‘2022-12-22 22:00’ to ‘2023-01-03 22:00’ in UTC time. |
DateSpan_STATUS[] Optional |
| schedule | Recurrence schedule for the maintenance window. | Schedule_STATUS Optional |
| startDate | The date the maintenance window activates. If the current date is before this date, the maintenance window is inactive and will not be used for upgrades. If not specified, the maintenance window will be active right away. | string Optional |
| startTime | The start time of the maintenance window. Accepted values are from ‘00:00’ to ‘23:59’. utcOffset applies to this field. For example: ‘02:00’ with ‘utcOffset: +02:00’ means UTC time ‘00:00’. |
string Optional |
| utcOffset | The UTC offset in format +/-HH:mm. For example, ‘+05:30’ for IST and ‘-07:00’ for PST. If not specified, the default is ‘+00:00’. | string Optional |
ManagedClusterAADProfile
AADProfile specifies attributes for Azure Active Directory integration. For more details see managed AAD on AKS.
Used by: ManagedCluster_Spec.
| Property | Description | Type |
|---|---|---|
| adminGroupObjectIDs | The list of AAD group object IDs that will have admin role of the cluster. | string[] Optional |
| clientAppID | (DEPRECATED) The client AAD application ID. Learn more at https://aka.ms/aks/aad-legacy. | string Optional |
| enableAzureRBAC | Whether to enable Azure RBAC for Kubernetes authorization. | bool Optional |
| managed | Whether to enable managed AAD. | bool Optional |
| serverAppID | (DEPRECATED) The server AAD application ID. Learn more at https://aka.ms/aks/aad-legacy. | string Optional |
| serverAppSecret | (DEPRECATED) The server AAD application secret. Learn more at https://aka.ms/aks/aad-legacy. | string Optional |
| tenantID | The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription. | string Optional |
ManagedClusterAADProfile_STATUS
AADProfile specifies attributes for Azure Active Directory integration. For more details see managed AAD on AKS.
Used by: ManagedCluster_STATUS.
| Property | Description | Type |
|---|---|---|
| adminGroupObjectIDs | The list of AAD group object IDs that will have admin role of the cluster. | string[] Optional |
| clientAppID | (DEPRECATED) The client AAD application ID. Learn more at https://aka.ms/aks/aad-legacy. | string Optional |
| enableAzureRBAC | Whether to enable Azure RBAC for Kubernetes authorization. | bool Optional |
| managed | Whether to enable managed AAD. | bool Optional |
| serverAppID | (DEPRECATED) The server AAD application ID. Learn more at https://aka.ms/aks/aad-legacy. | string Optional |
| serverAppSecret | (DEPRECATED) The server AAD application secret. Learn more at https://aka.ms/aks/aad-legacy. | string Optional |
| tenantID | The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription. | string Optional |
ManagedClusterAddonProfile
A Kubernetes add-on profile for a managed cluster.
Used by: ManagedCluster_Spec.
| Property | Description | Type |
|---|---|---|
| config | Key-value pairs for configuring an add-on. | map[string]string Optional |
| enabled | Whether the add-on is enabled or not. | bool Required |
ManagedClusterAddonProfile_STATUS
A Kubernetes add-on profile for a managed cluster.
Used by: ManagedCluster_STATUS.
| Property | Description | Type |
|---|---|---|
| config | Key-value pairs for configuring an add-on. | map[string]string Optional |
| enabled | Whether the add-on is enabled or not. | bool Optional |
| identity | Information of user assigned identity used by this add-on. | UserAssignedIdentity_STATUS Optional |
ManagedClusterAgentPoolProfile
Profile for the container service agent pool.
Used by: ManagedCluster_Spec.
| Property | Description | Type |
|---|---|---|
| availabilityZones | The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is VirtualMachineScaleSets. |
string[] Optional |
| capacityReservationGroupReference | AKS will associate the specified agent pool with the Capacity Reservation Group. | genruntime.ResourceReference Optional |
| count | Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. | int Optional |
| creationData | CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot. | CreationData Optional |
| enableAutoScaling | Whether to enable auto-scaler | bool Optional |
| enableEncryptionAtHost | Whether to enable host based OS and data drive encryption. This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption | bool Optional |
| enableFIPS | Whether to use a FIPS-enabled OS. See Add a FIPS-enabled node pool for more details. | bool Optional |
| enableNodePublicIP | Whether each node is allocated its own public IP. Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see assigning a public IP per node. The default is false. | bool Optional |
| enableUltraSSD | Whether to enable UltraSSD | bool Optional |
| gatewayProfile | Profile specific to a managed agent pool in Gateway mode. This field cannot be set if agent pool mode is not Gateway. | AgentPoolGatewayProfile Optional |
| gpuInstanceProfile | GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU. | GPUInstanceProfile Optional |
| gpuProfile | GPU settings for the Agent Pool. | GPUProfile Optional |
| hostGroupReference | The fully qualified resource ID of the Dedicated Host Group to provision virtual machines from, used only in creation scenario and not allowed to changed once set. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see Azure dedicated hosts. | genruntime.ResourceReference Optional |
| kubeletConfig | The Kubelet configuration on the agent pool nodes. | KubeletConfig Optional |
| kubeletDiskType | Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage. | KubeletDiskType Optional |
| linuxOSConfig | The OS configuration of Linux agent nodes. | LinuxOSConfig Optional |
| maxCount | The maximum number of nodes for auto-scaling | int Optional |
| maxPods | The maximum number of pods that can run on a node. | int Optional |
| messageOfTheDay | Message of the day for Linux nodes, base64-encoded. A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script). | string Optional |
| minCount | The minimum number of nodes for auto-scaling | int Optional |
| mode | The mode of an agent pool. A cluster must have at least one System Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools |
AgentPoolMode Optional |
| name | Unique name of the agent pool profile in the context of the subscription and resource group. Windows agent pool names must be 6 characters or less. | string Required |
| networkProfile | Network-related settings of an agent pool. | AgentPoolNetworkProfile Optional |
| nodeLabels | The node labels to be persisted across all nodes in agent pool. | map[string]string Optional |
| nodePublicIPPrefixReference | The public IP prefix ID which VM nodes should use IPs from. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} | genruntime.ResourceReference Optional |
| nodeTaints | The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule. | string[] Optional |
| orchestratorVersion | The version of Kubernetes specified by the user. Both patch version <major.minor.patch> (e.g. 1.20.13) and <major.minor> (e.g. 1.20) are supported. When <major.minor> is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same <major.minor> once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see upgrading a node pool. | string Optional |
| osDiskSizeGB | ContainerServiceOSDisk Optional |
|
| osDiskType | The OS disk type to be used for machines in the agent pool. The default is Ephemeral if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to Managed. May not be changed after creation. For more information see Ephemeral OS. |
OSDiskType Optional |
| osSKU | Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows. | OSSKU Optional |
| osType | The operating system type. The default is Linux. | OSType Optional |
| podIPAllocationMode | Pod IP Allocation Mode. The IP allocation mode for pods in the agent pool. Must be used with podSubnetId. The default is DynamicIndividual. |
PodIPAllocationMode Optional |
| podSubnetReference | The ID of the subnet which pods will join when launched. If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} | genruntime.ResourceReference Optional |
| powerState | Whether the Agent Pool is running or stopped. When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded | PowerState Optional |
| proximityPlacementGroupReference | The ID for Proximity Placement Group. | genruntime.ResourceReference Optional |
| scaleDownMode | The scale down mode to use when scaling the Agent Pool. This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete. | ScaleDownMode Optional |
| scaleSetEvictionPolicy | The Virtual Machine Scale Set eviction policy to use. This cannot be specified unless the scaleSetPriority is Spot. If not specified, the default is Delete. |
ScaleSetEvictionPolicy Optional |
| scaleSetPriority | The Virtual Machine Scale Set priority. If not specified, the default is Regular. |
ScaleSetPriority Optional |
| securityProfile | The security settings of an agent pool. | AgentPoolSecurityProfile Optional |
| spotMaxPrice | The max price (in US Dollars) you are willing to pay for spot instances. Possible values are any decimal value greater than zero or -1 which indicates default price to be up-to on-demand. Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see spot VMs pricing | float64 Optional |
| tags | The tags to be persisted on the agent pool virtual machine scale set. | map[string]string Optional |
| type | The type of Agent Pool. | AgentPoolType Optional |
| upgradeSettings | Settings for upgrading the agentpool | AgentPoolUpgradeSettings Optional |
| virtualMachineNodesStatus | VirtualMachineNodes[] Optional |
|
| virtualMachinesProfile | Specifications on VirtualMachines agent pool. | VirtualMachinesProfile Optional |
| vmSize | The size of the agent pool VMs. VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions | string Optional |
| vnetSubnetReference | The ID of the subnet which agent pool nodes and optionally pods will join on startup. If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} | genruntime.ResourceReference Optional |
| windowsProfile | The Windows agent pool’s specific profile. | AgentPoolWindowsProfile Optional |
| workloadRuntime | Determines the type of workload a node can run. | WorkloadRuntime Optional |
ManagedClusterAgentPoolProfile_STATUS
Profile for the container service agent pool.
Used by: ManagedCluster_STATUS.
| Property | Description | Type |
|---|---|---|
| availabilityZones | The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is VirtualMachineScaleSets. |
string[] Optional |
| capacityReservationGroupID | AKS will associate the specified agent pool with the Capacity Reservation Group. | string Optional |
| count | Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. | int Optional |
| creationData | CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot. | CreationData_STATUS Optional |
| currentOrchestratorVersion | The version of Kubernetes the Agent Pool is running. If orchestratorVersion is a fully specified version <major.minor.patch>, this field will be exactly equal to it. If orchestratorVersion is <major.minor>, this field will contain the full <major.minor.patch> version being used. | string Optional |
| enableAutoScaling | Whether to enable auto-scaler | bool Optional |
| enableEncryptionAtHost | Whether to enable host based OS and data drive encryption. This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption | bool Optional |
| enableFIPS | Whether to use a FIPS-enabled OS. See Add a FIPS-enabled node pool for more details. | bool Optional |
| enableNodePublicIP | Whether each node is allocated its own public IP. Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see assigning a public IP per node. The default is false. | bool Optional |
| enableUltraSSD | Whether to enable UltraSSD | bool Optional |
| eTag | Unique read-only string used to implement optimistic concurrency. The eTag value will change when the resource is updated. Specify an if-match or if-none-match header with the eTag value for a subsequent request to enable optimistic concurrency per the normal etag convention. | string Optional |
| gatewayProfile | Profile specific to a managed agent pool in Gateway mode. This field cannot be set if agent pool mode is not Gateway. | AgentPoolGatewayProfile_STATUS Optional |
| gpuInstanceProfile | GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU. | GPUInstanceProfile_STATUS Optional |
| gpuProfile | GPU settings for the Agent Pool. | GPUProfile_STATUS Optional |
| hostGroupID | The fully qualified resource ID of the Dedicated Host Group to provision virtual machines from, used only in creation scenario and not allowed to changed once set. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see Azure dedicated hosts. | string Optional |
| kubeletConfig | The Kubelet configuration on the agent pool nodes. | KubeletConfig_STATUS Optional |
| kubeletDiskType | Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage. | KubeletDiskType_STATUS Optional |
| linuxOSConfig | The OS configuration of Linux agent nodes. | LinuxOSConfig_STATUS Optional |
| maxCount | The maximum number of nodes for auto-scaling | int Optional |
| maxPods | The maximum number of pods that can run on a node. | int Optional |
| messageOfTheDay | Message of the day for Linux nodes, base64-encoded. A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script). | string Optional |
| minCount | The minimum number of nodes for auto-scaling | int Optional |
| mode | The mode of an agent pool. A cluster must have at least one System Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools |
AgentPoolMode_STATUS Optional |
| name | Unique name of the agent pool profile in the context of the subscription and resource group. Windows agent pool names must be 6 characters or less. | string Optional |
| networkProfile | Network-related settings of an agent pool. | AgentPoolNetworkProfile_STATUS Optional |
| nodeImageVersion | The version of node image | string Optional |
| nodeLabels | The node labels to be persisted across all nodes in agent pool. | map[string]string Optional |
| nodePublicIPPrefixID | The public IP prefix ID which VM nodes should use IPs from. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} | string Optional |
| nodeTaints | The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule. | string[] Optional |
| orchestratorVersion | The version of Kubernetes specified by the user. Both patch version <major.minor.patch> (e.g. 1.20.13) and <major.minor> (e.g. 1.20) are supported. When <major.minor> is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same <major.minor> once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see upgrading a node pool. | string Optional |
| osDiskSizeGB | int Optional |
|
| osDiskType | The OS disk type to be used for machines in the agent pool. The default is Ephemeral if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to Managed. May not be changed after creation. For more information see Ephemeral OS. |
OSDiskType_STATUS Optional |
| osSKU | Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows. | OSSKU_STATUS Optional |
| osType | The operating system type. The default is Linux. | OSType_STATUS Optional |
| podIPAllocationMode | Pod IP Allocation Mode. The IP allocation mode for pods in the agent pool. Must be used with podSubnetId. The default is DynamicIndividual. |
PodIPAllocationMode_STATUS Optional |
| podSubnetID | The ID of the subnet which pods will join when launched. If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} | string Optional |
| powerState | Whether the Agent Pool is running or stopped. When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded | PowerState_STATUS Optional |
| provisioningState | The current deployment or provisioning state. | string Optional |
| proximityPlacementGroupID | The ID for Proximity Placement Group. | string Optional |
| scaleDownMode | The scale down mode to use when scaling the Agent Pool. This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete. | ScaleDownMode_STATUS Optional |
| scaleSetEvictionPolicy | The Virtual Machine Scale Set eviction policy to use. This cannot be specified unless the scaleSetPriority is Spot. If not specified, the default is Delete. |
ScaleSetEvictionPolicy_STATUS Optional |
| scaleSetPriority | The Virtual Machine Scale Set priority. If not specified, the default is Regular. |
ScaleSetPriority_STATUS Optional |
| securityProfile | The security settings of an agent pool. | AgentPoolSecurityProfile_STATUS Optional |
| spotMaxPrice | The max price (in US Dollars) you are willing to pay for spot instances. Possible values are any decimal value greater than zero or -1 which indicates default price to be up-to on-demand. Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see spot VMs pricing | float64 Optional |
| status | Contains read-only information about the Agent Pool. | AgentPoolStatus_STATUS Optional |
| tags | The tags to be persisted on the agent pool virtual machine scale set. | map[string]string Optional |
| type | The type of Agent Pool. | AgentPoolType_STATUS Optional |
| upgradeSettings | Settings for upgrading the agentpool | AgentPoolUpgradeSettings_STATUS Optional |
| virtualMachineNodesStatus | VirtualMachineNodes_STATUS[] Optional |
|
| virtualMachinesProfile | Specifications on VirtualMachines agent pool. | VirtualMachinesProfile_STATUS Optional |
| vmSize | The size of the agent pool VMs. VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions | string Optional |
| vnetSubnetID | The ID of the subnet which agent pool nodes and optionally pods will join on startup. If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} | string Optional |
| windowsProfile | The Windows agent pool’s specific profile. | AgentPoolWindowsProfile_STATUS Optional |
| workloadRuntime | Determines the type of workload a node can run. | WorkloadRuntime_STATUS Optional |
ManagedClusterAIToolchainOperatorProfile
When enabling the operator, a set of AKS managed CRDs and controllers will be installed in the cluster. The operator automates the deployment of OSS models for inference and/or training purposes. It provides a set of preset models and enables distributed inference against them.
Used by: ManagedCluster_Spec.
| Property | Description | Type |
|---|---|---|
| enabled | Whether to enable AI toolchain operator to the cluster. Indicates if AI toolchain operator enabled or not. | bool Optional |
ManagedClusterAIToolchainOperatorProfile_STATUS
When enabling the operator, a set of AKS managed CRDs and controllers will be installed in the cluster. The operator automates the deployment of OSS models for inference and/or training purposes. It provides a set of preset models and enables distributed inference against them.
Used by: ManagedCluster_STATUS.
| Property | Description | Type |
|---|---|---|
| enabled | Whether to enable AI toolchain operator to the cluster. Indicates if AI toolchain operator enabled or not. | bool Optional |
ManagedClusterAPIServerAccessProfile
Access profile for managed cluster API server.
Used by: ManagedCluster_Spec.
| Property | Description | Type |
|---|---|---|
| authorizedIPRanges | The IP ranges authorized to access the Kubernetes API server. IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see API server authorized IP ranges. | string[] Optional |
| disableRunCommand | Whether to disable run command for the cluster or not. | bool Optional |
| enablePrivateCluster | Whether to create the cluster as a private cluster or not. For more details, see Creating a private AKS cluster. | bool Optional |
| enablePrivateClusterPublicFQDN | Whether to create additional public FQDN for private cluster or not. | bool Optional |
| enableVnetIntegration | Whether to enable apiserver vnet integration for the cluster or not. See aka.ms/AksVnetIntegration for more details. | bool Optional |
| privateDNSZone | The private DNS zone mode for the cluster. The default is System. For more details see configure private DNS zone. Allowed values are system and none. |
string Optional |
| subnetReference | The subnet to be used when apiserver vnet integration is enabled. It is required when creating a new cluster with BYO Vnet, or when updating an existing cluster to enable apiserver vnet integration. | genruntime.ResourceReference Optional |
ManagedClusterAPIServerAccessProfile_STATUS
Access profile for managed cluster API server.
Used by: ManagedCluster_STATUS.
| Property | Description | Type |
|---|---|---|
| authorizedIPRanges | The IP ranges authorized to access the Kubernetes API server. IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see API server authorized IP ranges. | string[] Optional |
| disableRunCommand | Whether to disable run command for the cluster or not. | bool Optional |
| enablePrivateCluster | Whether to create the cluster as a private cluster or not. For more details, see Creating a private AKS cluster. | bool Optional |
| enablePrivateClusterPublicFQDN | Whether to create additional public FQDN for private cluster or not. | bool Optional |
| enableVnetIntegration | Whether to enable apiserver vnet integration for the cluster or not. See aka.ms/AksVnetIntegration for more details. | bool Optional |
| privateDNSZone | The private DNS zone mode for the cluster. The default is System. For more details see configure private DNS zone. Allowed values are system and none. |
string Optional |
| subnetId | The subnet to be used when apiserver vnet integration is enabled. It is required when creating a new cluster with BYO Vnet, or when updating an existing cluster to enable apiserver vnet integration. | string Optional |
ManagedClusterAutoUpgradeProfile
Auto upgrade profile for a managed cluster.
Used by: ManagedCluster_Spec.
| Property | Description | Type |
|---|---|---|
| nodeOSUpgradeChannel | Node OS Upgrade Channel. Manner in which the OS on your nodes is updated. The default is NodeImage. | ManagedClusterAutoUpgradeProfile_NodeOSUpgradeChannel Optional |
| upgradeChannel | The upgrade channel for auto upgrade. The default is none. For more information see setting the AKS cluster auto-upgrade channel. |
ManagedClusterAutoUpgradeProfile_UpgradeChannel Optional |
ManagedClusterAutoUpgradeProfile_STATUS
Auto upgrade profile for a managed cluster.
Used by: ManagedCluster_STATUS.
| Property | Description | Type |
|---|---|---|
| nodeOSUpgradeChannel | Node OS Upgrade Channel. Manner in which the OS on your nodes is updated. The default is NodeImage. | ManagedClusterAutoUpgradeProfile_NodeOSUpgradeChannel_STATUS Optional |
| upgradeChannel | The upgrade channel for auto upgrade. The default is none. For more information see setting the AKS cluster auto-upgrade channel. |
ManagedClusterAutoUpgradeProfile_UpgradeChannel_STATUS Optional |
ManagedClusterAzureMonitorProfile
Azure Monitor addon profiles for monitoring the managed cluster.
Used by: ManagedCluster_Spec.
| Property | Description | Type |
|---|---|---|
| metrics | Metrics profile for the Azure Monitor managed service for Prometheus addon. Collect out-of-the-box Kubernetes infrastructure metrics to send to an Azure Monitor Workspace and configure additional scraping for custom targets. See aka.ms/AzureManagedPrometheus for an overview. | ManagedClusterAzureMonitorProfileMetrics Optional |
ManagedClusterAzureMonitorProfile_STATUS
Azure Monitor addon profiles for monitoring the managed cluster.
Used by: ManagedCluster_STATUS.
| Property | Description | Type |
|---|---|---|
| metrics | Metrics profile for the Azure Monitor managed service for Prometheus addon. Collect out-of-the-box Kubernetes infrastructure metrics to send to an Azure Monitor Workspace and configure additional scraping for custom targets. See aka.ms/AzureManagedPrometheus for an overview. | ManagedClusterAzureMonitorProfileMetrics_STATUS Optional |
ManagedClusterBootstrapProfile
The bootstrap profile.
Used by: ManagedCluster_Spec.
| Property | Description | Type |
|---|---|---|
| artifactSource | The artifact source. The source where the artifacts are downloaded from. | ManagedClusterBootstrapProfile_ArtifactSource Optional |
| containerRegistryReference | The resource Id of Azure Container Registry. The registry must have private network access, premium SKU and zone redundancy. | genruntime.ResourceReference Optional |
ManagedClusterBootstrapProfile_STATUS
The bootstrap profile.
Used by: ManagedCluster_STATUS.
| Property | Description | Type |
|---|---|---|
| artifactSource | The artifact source. The source where the artifacts are downloaded from. | ManagedClusterBootstrapProfile_ArtifactSource_STATUS Optional |
| containerRegistryId | The resource Id of Azure Container Registry. The registry must have private network access, premium SKU and zone redundancy. | string Optional |
ManagedClusterHTTPProxyConfig
Cluster HTTP proxy configuration.
Used by: ManagedCluster_Spec.
| Property | Description | Type |
|---|---|---|
| httpProxy | The HTTP proxy server endpoint to use. | string Optional |
| httpsProxy | The HTTPS proxy server endpoint to use. | string Optional |
| noProxy | The endpoints that should not go through proxy. | string[] Optional |
| trustedCa | Alternative CA cert to use for connecting to proxy servers. | string Optional |
ManagedClusterHTTPProxyConfig_STATUS
Cluster HTTP proxy configuration.
Used by: ManagedCluster_STATUS.
| Property | Description | Type |
|---|---|---|
| httpProxy | The HTTP proxy server endpoint to use. | string Optional |
| httpsProxy | The HTTPS proxy server endpoint to use. | string Optional |
| noProxy | The endpoints that should not go through proxy. | string[] Optional |
| trustedCa | Alternative CA cert to use for connecting to proxy servers. | string Optional |
ManagedClusterIdentity
Identity for the managed cluster.
Used by: ManagedCluster_Spec.
| Property | Description | Type |
|---|---|---|
| delegatedResources | The delegated identity resources assigned to this managed cluster. This can only be set by another Azure Resource Provider, and managed cluster only accept one delegated identity resource. Internal use only. | map[string]DelegatedResource Optional |
| type | The type of identity used for the managed cluster. For more information see use managed identities in AKS. | ManagedClusterIdentity_Type Optional |
| userAssignedIdentities | The user identity associated with the managed cluster. This identity will be used in control plane. Only one user assigned identity is allowed. The keys must be ARM resource IDs in the form: ‘/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}’. | UserAssignedIdentityDetails[] Optional |
ManagedClusterIdentity_STATUS
Identity for the managed cluster.
Used by: ManagedCluster_STATUS.
| Property | Description | Type |
|---|---|---|
| delegatedResources | The delegated identity resources assigned to this managed cluster. This can only be set by another Azure Resource Provider, and managed cluster only accept one delegated identity resource. Internal use only. | map[string]DelegatedResource_STATUS Optional |
| principalId | The principal id of the system assigned identity which is used by master components. | string Optional |
| tenantId | The tenant id of the system assigned identity which is used by master components. | string Optional |
| type | The type of identity used for the managed cluster. For more information see use managed identities in AKS. | ManagedClusterIdentity_Type_STATUS Optional |
| userAssignedIdentities | The user identity associated with the managed cluster. This identity will be used in control plane. Only one user assigned identity is allowed. The keys must be ARM resource IDs in the form: ‘/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}’. | map[string]ManagedClusterIdentity_UserAssignedIdentities_STATUS Optional |
ManagedClusterIngressProfile
Ingress profile for the container service cluster.
Used by: ManagedCluster_Spec.
| Property | Description | Type |
|---|---|---|
| webAppRouting | App Routing settings for the ingress profile. You can find an overview and onboarding guide for this feature at https://learn.microsoft.com/en-us/azure/aks/app-routing?tabs=default%2Cdeploy-app-default. | ManagedClusterIngressProfileWebAppRouting Optional |
ManagedClusterIngressProfile_STATUS
Ingress profile for the container service cluster.
Used by: ManagedCluster_STATUS.
| Property | Description | Type |
|---|---|---|
| webAppRouting | App Routing settings for the ingress profile. You can find an overview and onboarding guide for this feature at https://learn.microsoft.com/en-us/azure/aks/app-routing?tabs=default%2Cdeploy-app-default. | ManagedClusterIngressProfileWebAppRouting_STATUS Optional |
ManagedClusterMetricsProfile
The metrics profile for the ManagedCluster.
Used by: ManagedCluster_Spec.
| Property | Description | Type |
|---|---|---|
| costAnalysis | The configuration for detailed per-Kubernetes resource cost analysis. | ManagedClusterCostAnalysis Optional |
ManagedClusterMetricsProfile_STATUS
The metrics profile for the ManagedCluster.
Used by: ManagedCluster_STATUS.
| Property | Description | Type |
|---|---|---|
| costAnalysis | The configuration for detailed per-Kubernetes resource cost analysis. | ManagedClusterCostAnalysis_STATUS Optional |
ManagedClusterNodeProvisioningProfile
Used by: ManagedCluster_Spec.
| Property | Description | Type |
|---|---|---|
| defaultNodePools | The set of default Karpenter NodePools (CRDs) configured for node provisioning. This field has no effect unless mode is Auto. Warning: Changing this from Auto to None on an existing cluster will cause the default Karpenter NodePools to be deleted, which will drain and delete the nodes associated with those pools. It is strongly recommended to not do this unless there are idle nodes ready to take the pods evicted by that action. If not specified, the default is Auto. For more information see aka.ms/aks/nap#node-pools. |
ManagedClusterNodeProvisioningProfile_DefaultNodePools Optional |
| mode | The node provisioning mode. If not specified, the default is Manual. | ManagedClusterNodeProvisioningProfile_Mode Optional |
ManagedClusterNodeProvisioningProfile_STATUS
Used by: ManagedCluster_STATUS.
| Property | Description | Type |
|---|---|---|
| defaultNodePools | The set of default Karpenter NodePools (CRDs) configured for node provisioning. This field has no effect unless mode is Auto. Warning: Changing this from Auto to None on an existing cluster will cause the default Karpenter NodePools to be deleted, which will drain and delete the nodes associated with those pools. It is strongly recommended to not do this unless there are idle nodes ready to take the pods evicted by that action. If not specified, the default is Auto. For more information see aka.ms/aks/nap#node-pools. |
ManagedClusterNodeProvisioningProfile_DefaultNodePools_STATUS Optional |
| mode | The node provisioning mode. If not specified, the default is Manual. | ManagedClusterNodeProvisioningProfile_Mode_STATUS Optional |
ManagedClusterNodeResourceGroupProfile
Node resource group lockdown profile for a managed cluster.
Used by: ManagedCluster_Spec.
| Property | Description | Type |
|---|---|---|
| restrictionLevel | The restriction level applied to the cluster’s node resource group. If not specified, the default is Unrestricted |
ManagedClusterNodeResourceGroupProfile_RestrictionLevel Optional |
ManagedClusterNodeResourceGroupProfile_STATUS
Node resource group lockdown profile for a managed cluster.
Used by: ManagedCluster_STATUS.
| Property | Description | Type |
|---|---|---|
| restrictionLevel | The restriction level applied to the cluster’s node resource group. If not specified, the default is Unrestricted |
ManagedClusterNodeResourceGroupProfile_RestrictionLevel_STATUS Optional |
ManagedClusterOIDCIssuerProfile
The OIDC issuer profile of the Managed Cluster.
Used by: ManagedCluster_Spec.
| Property | Description | Type |
|---|---|---|
| enabled | Whether the OIDC issuer is enabled. | bool Optional |
ManagedClusterOIDCIssuerProfile_STATUS
The OIDC issuer profile of the Managed Cluster.
Used by: ManagedCluster_STATUS.
| Property | Description | Type |
|---|---|---|
| enabled | Whether the OIDC issuer is enabled. | bool Optional |
| issuerURL | The OIDC issuer url of the Managed Cluster. | string Optional |
ManagedClusterOperatorSpec
Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure
Used by: ManagedCluster_Spec.
| Property | Description | Type |
|---|---|---|
| configMapExpressions | configures where to place operator written dynamic ConfigMaps (created with CEL expressions). | core.DestinationExpression[] Optional |
| configMaps | configures where to place operator written ConfigMaps. | ManagedClusterOperatorConfigMaps Optional |
| secretExpressions | configures where to place operator written dynamic secrets (created with CEL expressions). | core.DestinationExpression[] Optional |
| secrets | configures where to place Azure generated secrets. | ManagedClusterOperatorSecrets Optional |
ManagedClusterPodIdentityProfile
The pod identity profile of the Managed Cluster. See use AAD pod identity for more details on pod identity integration.
Used by: ManagedCluster_Spec.
| Property | Description | Type |
|---|---|---|
| allowNetworkPluginKubenet | Whether pod identity is allowed to run on clusters with Kubenet networking. Running in Kubenet is disabled by default due to the security related nature of AAD Pod Identity and the risks of IP spoofing. See using Kubenet network plugin with AAD Pod Identity for more information. | bool Optional |
| enabled | Whether the pod identity addon is enabled. | bool Optional |
| userAssignedIdentities | The pod identities to use in the cluster. | ManagedClusterPodIdentity[] Optional |
| userAssignedIdentityExceptions | The pod identity exceptions to allow. | ManagedClusterPodIdentityException[] Optional |
ManagedClusterPodIdentityProfile_STATUS
The pod identity profile of the Managed Cluster. See use AAD pod identity for more details on pod identity integration.
Used by: ManagedCluster_STATUS.
| Property | Description | Type |
|---|---|---|
| allowNetworkPluginKubenet | Whether pod identity is allowed to run on clusters with Kubenet networking. Running in Kubenet is disabled by default due to the security related nature of AAD Pod Identity and the risks of IP spoofing. See using Kubenet network plugin with AAD Pod Identity for more information. | bool Optional |
| enabled | Whether the pod identity addon is enabled. | bool Optional |
| userAssignedIdentities | The pod identities to use in the cluster. | ManagedClusterPodIdentity_STATUS[] Optional |
| userAssignedIdentityExceptions | The pod identity exceptions to allow. | ManagedClusterPodIdentityException_STATUS[] Optional |
ManagedClusterProperties_AutoScalerProfile
Used by: ManagedCluster_Spec.
| Property | Description | Type |
|---|---|---|
| balance-similar-node-groups | Detects similar node pools and balances the number of nodes between them. Valid values are true and false |
string Optional |
| daemonset-eviction-for-empty-nodes | DaemonSet pods will be gracefully terminated from empty nodes. If set to true, all daemonset pods on empty nodes will be evicted before deletion of the node. If the daemonset pod cannot be evicted another node will be chosen for scaling. If set to false, the node will be deleted without ensuring that daemonset pods are deleted or evicted. | bool Optional |
| daemonset-eviction-for-occupied-nodes | DaemonSet pods will be gracefully terminated from non-empty nodes. If set to true, all daemonset pods on occupied nodes will be evicted before deletion of the node. If the daemonset pod cannot be evicted another node will be chosen for scaling. If set to false, the node will be deleted without ensuring that daemonset pods are deleted or evicted. | bool Optional |
| expander | The expander to use when scaling up. If not specified, the default is random. See expanders for more information. |
ManagedClusterProperties_AutoScalerProfile_Expander Optional |
| ignore-daemonsets-utilization | Should CA ignore DaemonSet pods when calculating resource utilization for scaling down. If set to true, the resources used by daemonset will be taken into account when making scaling down decisions. | bool Optional |
| max-empty-bulk-delete | The maximum number of empty nodes that can be deleted at the same time. This must be a positive integer. The default is 10. | string Optional |
| max-graceful-termination-sec | The maximum number of seconds the cluster autoscaler waits for pod termination when trying to scale down a node. The default is 600. | string Optional |
| max-node-provision-time | The maximum time the autoscaler waits for a node to be provisioned. The default is 15m. Values must be an integer followed by an m. No unit of time other than minutes (m) is supported. |
string Optional |
| max-total-unready-percentage | The maximum percentage of unready nodes in the cluster. After this percentage is exceeded, cluster autoscaler halts operations. The default is 45. The maximum is 100 and the minimum is 0. | string Optional |
| new-pod-scale-up-delay | Ignore unscheduled pods before they’re a certain age. For scenarios like burst/batch scale where you don’t want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they’re a certain age. The default is 0s. Values must be an integer followed by a unit (s for seconds, m for minutes, h for hours, etc). |
string Optional |
| ok-total-unready-count | The number of allowed unready nodes, irrespective of max-total-unready-percentage. This must be an integer. The default is 3. | string Optional |
| scale-down-delay-after-add | How long after scale up that scale down evaluation resumes. The default is 10m. Values must be an integer followed by an m. No unit of time other than minutes (m) is supported. |
string Optional |
| scale-down-delay-after-delete | How long after node deletion that scale down evaluation resumes. The default is the scan-interval. Values must be an integer followed by an m. No unit of time other than minutes (m) is supported. |
string Optional |
| scale-down-delay-after-failure | How long after scale down failure that scale down evaluation resumes. The default is 3m. Values must be an integer followed by an m. No unit of time other than minutes (m) is supported. |
string Optional |
| scale-down-unneeded-time | How long a node should be unneeded before it is eligible for scale down. The default is 10m. Values must be an integer followed by an m. No unit of time other than minutes (m) is supported. |
string Optional |
| scale-down-unready-time | How long an unready node should be unneeded before it is eligible for scale down. The default is 20m. Values must be an integer followed by an m. No unit of time other than minutes (m) is supported. |
string Optional |
| scale-down-utilization-threshold | Node utilization level, defined as sum of requested resources divided by capacity, below which a node can be considered for scale down. The default is 0.5. |
string Optional |
| scan-interval | How often cluster is reevaluated for scale up or down. The default is 10. Values must be an integer number of seconds. |
string Optional |
| skip-nodes-with-local-storage | If cluster autoscaler will skip deleting nodes with pods with local storage, for example, EmptyDir or HostPath. The default is true. | string Optional |
| skip-nodes-with-system-pods | If cluster autoscaler will skip deleting nodes with pods from kube-system (except for DaemonSet or mirror pods). The default is true. | string Optional |
ManagedClusterProperties_AutoScalerProfile_STATUS
Used by: ManagedCluster_STATUS.
| Property | Description | Type |
|---|---|---|
| balance-similar-node-groups | Detects similar node pools and balances the number of nodes between them. Valid values are true and false |
string Optional |
| daemonset-eviction-for-empty-nodes | DaemonSet pods will be gracefully terminated from empty nodes. If set to true, all daemonset pods on empty nodes will be evicted before deletion of the node. If the daemonset pod cannot be evicted another node will be chosen for scaling. If set to false, the node will be deleted without ensuring that daemonset pods are deleted or evicted. | bool Optional |
| daemonset-eviction-for-occupied-nodes | DaemonSet pods will be gracefully terminated from non-empty nodes. If set to true, all daemonset pods on occupied nodes will be evicted before deletion of the node. If the daemonset pod cannot be evicted another node will be chosen for scaling. If set to false, the node will be deleted without ensuring that daemonset pods are deleted or evicted. | bool Optional |
| expander | The expander to use when scaling up. If not specified, the default is random. See expanders for more information. |
ManagedClusterProperties_AutoScalerProfile_Expander_STATUS Optional |
| ignore-daemonsets-utilization | Should CA ignore DaemonSet pods when calculating resource utilization for scaling down. If set to true, the resources used by daemonset will be taken into account when making scaling down decisions. | bool Optional |
| max-empty-bulk-delete | The maximum number of empty nodes that can be deleted at the same time. This must be a positive integer. The default is 10. | string Optional |
| max-graceful-termination-sec | The maximum number of seconds the cluster autoscaler waits for pod termination when trying to scale down a node. The default is 600. | string Optional |
| max-node-provision-time | The maximum time the autoscaler waits for a node to be provisioned. The default is 15m. Values must be an integer followed by an m. No unit of time other than minutes (m) is supported. |
string Optional |
| max-total-unready-percentage | The maximum percentage of unready nodes in the cluster. After this percentage is exceeded, cluster autoscaler halts operations. The default is 45. The maximum is 100 and the minimum is 0. | string Optional |
| new-pod-scale-up-delay | Ignore unscheduled pods before they’re a certain age. For scenarios like burst/batch scale where you don’t want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they’re a certain age. The default is 0s. Values must be an integer followed by a unit (s for seconds, m for minutes, h for hours, etc). |
string Optional |
| ok-total-unready-count | The number of allowed unready nodes, irrespective of max-total-unready-percentage. This must be an integer. The default is 3. | string Optional |
| scale-down-delay-after-add | How long after scale up that scale down evaluation resumes. The default is 10m. Values must be an integer followed by an m. No unit of time other than minutes (m) is supported. |
string Optional |
| scale-down-delay-after-delete | How long after node deletion that scale down evaluation resumes. The default is the scan-interval. Values must be an integer followed by an m. No unit of time other than minutes (m) is supported. |
string Optional |
| scale-down-delay-after-failure | How long after scale down failure that scale down evaluation resumes. The default is 3m. Values must be an integer followed by an m. No unit of time other than minutes (m) is supported. |
string Optional |
| scale-down-unneeded-time | How long a node should be unneeded before it is eligible for scale down. The default is 10m. Values must be an integer followed by an m. No unit of time other than minutes (m) is supported. |
string Optional |
| scale-down-unready-time | How long an unready node should be unneeded before it is eligible for scale down. The default is 20m. Values must be an integer followed by an m. No unit of time other than minutes (m) is supported. |
string Optional |
| scale-down-utilization-threshold | Node utilization level, defined as sum of requested resources divided by capacity, below which a node can be considered for scale down. The default is 0.5. |
string Optional |
| scan-interval | How often cluster is reevaluated for scale up or down. The default is 10. Values must be an integer number of seconds. |
string Optional |
| skip-nodes-with-local-storage | If cluster autoscaler will skip deleting nodes with pods with local storage, for example, EmptyDir or HostPath. The default is true. | string Optional |
| skip-nodes-with-system-pods | If cluster autoscaler will skip deleting nodes with pods from kube-system (except for DaemonSet or mirror pods). The default is true. | string Optional |
ManagedClusterProperties_PublicNetworkAccess
Used by: ManagedCluster_Spec.
| Value | Description |
|---|---|
| “Disabled” | |
| “Enabled” |
ManagedClusterProperties_PublicNetworkAccess_STATUS
Used by: ManagedCluster_STATUS.
| Value | Description |
|---|---|
| “Disabled” | |
| “Enabled” |
ManagedClustersAgentPoolOperatorSpec
Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure
Used by: ManagedClustersAgentPool_Spec.
| Property | Description | Type |
|---|---|---|
| configMapExpressions | configures where to place operator written dynamic ConfigMaps (created with CEL expressions). | core.DestinationExpression[] Optional |
| secretExpressions | configures where to place operator written dynamic secrets (created with CEL expressions). | core.DestinationExpression[] Optional |
ManagedClusterSecurityProfile
Security profile for the container service cluster.
Used by: ManagedCluster_Spec.
| Property | Description | Type |
|---|---|---|
| azureKeyVaultKms | Azure Key Vault key management service settings for the security profile. | AzureKeyVaultKms Optional |
| customCATrustCertificates | A list of up to 10 base64 encoded CAs that will be added to the trust store on all nodes in the cluster. For more information see Custom CA Trust Certificates. | ManagedClusterSecurityProfileCustomCATrustCertificates Optional |
| defender | Microsoft Defender settings for the security profile. | ManagedClusterSecurityProfileDefender Optional |
| imageCleaner | Image Cleaner settings for the security profile. | ManagedClusterSecurityProfileImageCleaner Optional |
| workloadIdentity | Workload identity settings for the security profile. Workload identity enables Kubernetes applications to access Azure cloud resources securely with Azure AD. See https://aka.ms/aks/wi for more details. | ManagedClusterSecurityProfileWorkloadIdentity Optional |
ManagedClusterSecurityProfile_STATUS
Security profile for the container service cluster.
Used by: ManagedCluster_STATUS.
| Property | Description | Type |
|---|---|---|
| azureKeyVaultKms | Azure Key Vault key management service settings for the security profile. | AzureKeyVaultKms_STATUS Optional |
| customCATrustCertificates | A list of up to 10 base64 encoded CAs that will be added to the trust store on all nodes in the cluster. For more information see Custom CA Trust Certificates. | string[] Optional |
| defender | Microsoft Defender settings for the security profile. | ManagedClusterSecurityProfileDefender_STATUS Optional |
| imageCleaner | Image Cleaner settings for the security profile. | ManagedClusterSecurityProfileImageCleaner_STATUS Optional |
| workloadIdentity | Workload identity settings for the security profile. Workload identity enables Kubernetes applications to access Azure cloud resources securely with Azure AD. See https://aka.ms/aks/wi for more details. | ManagedClusterSecurityProfileWorkloadIdentity_STATUS Optional |
ManagedClusterServicePrincipalProfile
Information about a service principal identity for the cluster to use for manipulating Azure APIs.
Used by: ManagedCluster_Spec.
| Property | Description | Type |
|---|---|---|
| clientId | The ID for the service principal. | string Required |
| secret | The secret password associated with the service principal in plain text. | genruntime.SecretReference Optional |
ManagedClusterServicePrincipalProfile_STATUS
Information about a service principal identity for the cluster to use for manipulating Azure APIs.
Used by: ManagedCluster_STATUS.
| Property | Description | Type |
|---|---|---|
| clientId | The ID for the service principal. | string Optional |
ManagedClusterSKU
The SKU of a Managed Cluster.
Used by: ManagedCluster_Spec.
| Property | Description | Type |
|---|---|---|
| name | The name of a managed cluster SKU. | ManagedClusterSKU_Name Optional |
| tier | The tier of a managed cluster SKU. If not specified, the default is Free. See AKS Pricing Tier for more details. |
ManagedClusterSKU_Tier Optional |
ManagedClusterSKU_STATUS
The SKU of a Managed Cluster.
Used by: ManagedCluster_STATUS.
| Property | Description | Type |
|---|---|---|
| name | The name of a managed cluster SKU. | ManagedClusterSKU_Name_STATUS Optional |
| tier | The tier of a managed cluster SKU. If not specified, the default is Free. See AKS Pricing Tier for more details. |
ManagedClusterSKU_Tier_STATUS Optional |
ManagedClusterStatus_STATUS
Contains read-only information about the Managed Cluster.
Used by: ManagedCluster_STATUS.
| Property | Description | Type |
|---|---|---|
| provisioningError | The error details information of the managed cluster. Preserves the detailed info of failure. If there was no error, this field is omitted. | ErrorDetail_STATUS Optional |
ManagedClusterStorageProfile
Storage profile for the container service cluster.
Used by: ManagedCluster_Spec.
| Property | Description | Type |
|---|---|---|
| blobCSIDriver | AzureBlob CSI Driver settings for the storage profile. | ManagedClusterStorageProfileBlobCSIDriver Optional |
| diskCSIDriver | AzureDisk CSI Driver settings for the storage profile. | ManagedClusterStorageProfileDiskCSIDriver Optional |
| fileCSIDriver | AzureFile CSI Driver settings for the storage profile. | ManagedClusterStorageProfileFileCSIDriver Optional |
| snapshotController | Snapshot Controller settings for the storage profile. | ManagedClusterStorageProfileSnapshotController Optional |
ManagedClusterStorageProfile_STATUS
Storage profile for the container service cluster.
Used by: ManagedCluster_STATUS.
| Property | Description | Type |
|---|---|---|
| blobCSIDriver | AzureBlob CSI Driver settings for the storage profile. | ManagedClusterStorageProfileBlobCSIDriver_STATUS Optional |
| diskCSIDriver | AzureDisk CSI Driver settings for the storage profile. | ManagedClusterStorageProfileDiskCSIDriver_STATUS Optional |
| fileCSIDriver | AzureFile CSI Driver settings for the storage profile. | ManagedClusterStorageProfileFileCSIDriver_STATUS Optional |
| snapshotController | Snapshot Controller settings for the storage profile. | ManagedClusterStorageProfileSnapshotController_STATUS Optional |
ManagedClusterWindowsProfile
Profile for Windows VMs in the managed cluster.
Used by: ManagedCluster_Spec.
| Property | Description | Type |
|---|---|---|
| adminPassword | Specifies the password of the administrator account. Minimum-length: 8 characters Max-length: 123 characters Complexity requirements: 3 out of 4 conditions below need to be fulfilled Has lower characters Has upper characters Has a digit Has a special character (Regex match [\W_]) Disallowed values: “abc@123”, “P@$$w0rd”, “P@ssw0rd”, “P@ssword123”, “Pa$$word”, “pass@word1”, “Password!”, “Password1”, “Password22”, “iloveyou!” | genruntime.SecretReference Optional |
| adminUsername | Specifies the name of the administrator account. Restriction: Cannot end in “.” Disallowed values: “administrator”, “admin”, “user”, “user1”, “test”, “user2”, “test1”, “user3”, “admin1”, “1”, “123”, “a”, “actuser”, “adm”, “admin2”, “aspnet”, “backup”, “console”, “david”, “guest”, “john”, “owner”, “root”, “server”, “sql”, “support”, “support_388945a0”, “sys”, “test2”, “test3”, “user4”, “user5”. Minimum-length: 1 character Max-length: 20 characters | string Required |
| enableCSIProxy | Whether to enable CSI proxy. For more details on CSI proxy, see the CSI proxy GitHub repo. | bool Optional |
| gmsaProfile | The Windows gMSA Profile in the Managed Cluster. | WindowsGmsaProfile Optional |
| licenseType | The license type to use for Windows VMs. See Azure Hybrid User Benefits for more details. | ManagedClusterWindowsProfile_LicenseType Optional |
ManagedClusterWindowsProfile_STATUS
Profile for Windows VMs in the managed cluster.
Used by: ManagedCluster_STATUS.
| Property | Description | Type |
|---|---|---|
| adminUsername | Specifies the name of the administrator account. Restriction: Cannot end in “.” Disallowed values: “administrator”, “admin”, “user”, “user1”, “test”, “user2”, “test1”, “user3”, “admin1”, “1”, “123”, “a”, “actuser”, “adm”, “admin2”, “aspnet”, “backup”, “console”, “david”, “guest”, “john”, “owner”, “root”, “server”, “sql”, “support”, “support_388945a0”, “sys”, “test2”, “test3”, “user4”, “user5”. Minimum-length: 1 character Max-length: 20 characters | string Optional |
| enableCSIProxy | Whether to enable CSI proxy. For more details on CSI proxy, see the CSI proxy GitHub repo. | bool Optional |
| gmsaProfile | The Windows gMSA Profile in the Managed Cluster. | WindowsGmsaProfile_STATUS Optional |
| licenseType | The license type to use for Windows VMs. See Azure Hybrid User Benefits for more details. | ManagedClusterWindowsProfile_LicenseType_STATUS Optional |
ManagedClusterWorkloadAutoScalerProfile
Workload Auto-scaler profile for the managed cluster.
Used by: ManagedCluster_Spec.
| Property | Description | Type |
|---|---|---|
| keda | KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile. | ManagedClusterWorkloadAutoScalerProfileKeda Optional |
| verticalPodAutoscaler | VPA (Vertical Pod Autoscaler) settings for the workload auto-scaler profile. | ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler Optional |
ManagedClusterWorkloadAutoScalerProfile_STATUS
Workload Auto-scaler profile for the managed cluster.
Used by: ManagedCluster_STATUS.
| Property | Description | Type |
|---|---|---|
| keda | KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile. | ManagedClusterWorkloadAutoScalerProfileKeda_STATUS Optional |
| verticalPodAutoscaler | VPA (Vertical Pod Autoscaler) settings for the workload auto-scaler profile. | ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler_STATUS Optional |
OSDiskType
The OS disk type to be used for machines in the agent pool. The default is Ephemeral if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to Managed. May not be changed after creation. For more information see Ephemeral OS.
Used by: ManagedClusterAgentPoolProfile, and ManagedClustersAgentPool_Spec.
| Value | Description |
|---|---|
| “Ephemeral” | |
| “Managed” |
OSDiskType_STATUS
The OS disk type to be used for machines in the agent pool. The default is Ephemeral if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to Managed. May not be changed after creation. For more information see Ephemeral OS.
Used by: ManagedClusterAgentPoolProfile_STATUS, and ManagedClustersAgentPool_STATUS.
| Value | Description |
|---|---|
| “Ephemeral” | |
| “Managed” |
OSSKU
Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows.
Used by: ManagedClusterAgentPoolProfile, and ManagedClustersAgentPool_Spec.
| Value | Description |
|---|---|
| “AzureLinux” | |
| “AzureLinux3” | |
| “CBLMariner” | |
| “Ubuntu” | |
| “Ubuntu2204” | |
| “Windows2019” | |
| “Windows2022” |
OSSKU_STATUS
Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows.
Used by: ManagedClusterAgentPoolProfile_STATUS, and ManagedClustersAgentPool_STATUS.
| Value | Description |
|---|---|
| “AzureLinux” | |
| “AzureLinux3” | |
| “CBLMariner” | |
| “Ubuntu” | |
| “Ubuntu2204” | |
| “Windows2019” | |
| “Windows2022” |
OSType
The operating system type. The default is Linux.
Used by: ManagedClusterAgentPoolProfile, and ManagedClustersAgentPool_Spec.
| Value | Description |
|---|---|
| “Linux” | |
| “Windows” |
OSType_STATUS
The operating system type. The default is Linux.
Used by: ManagedClusterAgentPoolProfile_STATUS, and ManagedClustersAgentPool_STATUS.
| Value | Description |
|---|---|
| “Linux” | |
| “Windows” |
PodIPAllocationMode
Pod IP Allocation Mode. The IP allocation mode for pods in the agent pool. Must be used with podSubnetId. The default is DynamicIndividual.
Used by: ManagedClusterAgentPoolProfile, and ManagedClustersAgentPool_Spec.
| Value | Description |
|---|---|
| “DynamicIndividual” | |
| “StaticBlock” |
PodIPAllocationMode_STATUS
Pod IP Allocation Mode. The IP allocation mode for pods in the agent pool. Must be used with podSubnetId. The default is DynamicIndividual.
Used by: ManagedClusterAgentPoolProfile_STATUS, and ManagedClustersAgentPool_STATUS.
| Value | Description |
|---|---|
| “DynamicIndividual” | |
| “StaticBlock” |
PowerState
Describes the Power State of the cluster
Used by: ManagedClusterAgentPoolProfile, and ManagedClustersAgentPool_Spec.
| Property | Description | Type |
|---|---|---|
| code | Tells whether the cluster is Running or Stopped | PowerState_Code Optional |
PowerState_STATUS
Describes the Power State of the cluster
Used by: ManagedCluster_STATUS, ManagedClusterAgentPoolProfile_STATUS, and ManagedClustersAgentPool_STATUS.
| Property | Description | Type |
|---|---|---|
| code | Tells whether the cluster is Running or Stopped | PowerState_Code_STATUS Optional |
PrivateLinkResource
A private link resource
Used by: ManagedCluster_Spec.
| Property | Description | Type |
|---|---|---|
| groupId | The group ID of the resource. | string Optional |
| name | The name of the private link resource. | string Optional |
| reference | The ID of the private link resource. | genruntime.ResourceReference Optional |
| requiredMembers | The RequiredMembers of the resource | string[] Optional |
| type | The resource type. | string Optional |
PrivateLinkResource_STATUS
A private link resource
Used by: ManagedCluster_STATUS.
| Property | Description | Type |
|---|---|---|
| groupId | The group ID of the resource. | string Optional |
| id | The ID of the private link resource. | string Optional |
| name | The name of the private link resource. | string Optional |
| privateLinkServiceID | The private link service ID of the resource, this field is exposed only to NRP internally. | string Optional |
| requiredMembers | The RequiredMembers of the resource | string[] Optional |
| type | The resource type. | string Optional |
ScaleDownMode
Describes how VMs are added to or removed from Agent Pools. See billing states.
Used by: ManagedClusterAgentPoolProfile, and ManagedClustersAgentPool_Spec.
| Value | Description |
|---|---|
| “Deallocate” | |
| “Delete” |
ScaleDownMode_STATUS
Describes how VMs are added to or removed from Agent Pools. See billing states.
Used by: ManagedClusterAgentPoolProfile_STATUS, and ManagedClustersAgentPool_STATUS.
| Value | Description |
|---|---|
| “Deallocate” | |
| “Delete” |
ScaleSetEvictionPolicy
The Virtual Machine Scale Set eviction policy. The eviction policy specifies what to do with the VM when it is evicted. The default is Delete. For more information about eviction see spot VMs
Used by: ManagedClusterAgentPoolProfile, and ManagedClustersAgentPool_Spec.
| Value | Description |
|---|---|
| “Deallocate” | |
| “Delete” |
ScaleSetEvictionPolicy_STATUS
The Virtual Machine Scale Set eviction policy. The eviction policy specifies what to do with the VM when it is evicted. The default is Delete. For more information about eviction see spot VMs
Used by: ManagedClusterAgentPoolProfile_STATUS, and ManagedClustersAgentPool_STATUS.
| Value | Description |
|---|---|
| “Deallocate” | |
| “Delete” |
ScaleSetPriority
The Virtual Machine Scale Set priority.
Used by: ManagedClusterAgentPoolProfile, and ManagedClustersAgentPool_Spec.
| Value | Description |
|---|---|
| “Regular” | |
| “Spot” |
ScaleSetPriority_STATUS
The Virtual Machine Scale Set priority.
Used by: ManagedClusterAgentPoolProfile_STATUS, and ManagedClustersAgentPool_STATUS.
| Value | Description |
|---|---|
| “Regular” | |
| “Spot” |
ServiceMeshProfile
Service mesh profile for a managed cluster.
Used by: ManagedCluster_Spec.
| Property | Description | Type |
|---|---|---|
| istio | Istio service mesh configuration. | IstioServiceMesh Optional |
| mode | Mode of the service mesh. | ServiceMeshProfile_Mode Required |
ServiceMeshProfile_STATUS
Service mesh profile for a managed cluster.
Used by: ManagedCluster_STATUS.
| Property | Description | Type |
|---|---|---|
| istio | Istio service mesh configuration. | IstioServiceMesh_STATUS Optional |
| mode | Mode of the service mesh. | ServiceMeshProfile_Mode_STATUS Optional |
SystemData_STATUS
Metadata pertaining to creation and last modification of the resource.
Used by: MaintenanceConfiguration_STATUS, ManagedCluster_STATUS, and TrustedAccessRoleBinding_STATUS.
| Property | Description | Type |
|---|---|---|
| createdAt | The timestamp of resource creation (UTC). | string Optional |
| createdBy | The identity that created the resource. | string Optional |
| createdByType | The type of identity that created the resource. | SystemData_CreatedByType_STATUS Optional |
| lastModifiedAt | The timestamp of resource last modification (UTC) | string Optional |
| lastModifiedBy | The identity that last modified the resource. | string Optional |
| lastModifiedByType | The type of identity that last modified the resource. | SystemData_LastModifiedByType_STATUS Optional |
TimeInWeek
Time in a week.
Used by: MaintenanceConfiguration_Spec.
| Property | Description | Type |
|---|---|---|
| day | The day of the week. | WeekDay Optional |
| hourSlots | A list of hours in the day used to identify a time range. Each integer hour represents a time range beginning at 0m after the hour ending at the next hour (non-inclusive). 0 corresponds to 00:00 UTC, 23 corresponds to 23:00 UTC. Specifying [0, 1] means the 00:00 - 02:00 UTC time range. | HourInDay[] Optional |
TimeInWeek_STATUS
Time in a week.
Used by: MaintenanceConfiguration_STATUS.
| Property | Description | Type |
|---|---|---|
| day | The day of the week. | WeekDay_STATUS Optional |
| hourSlots | A list of hours in the day used to identify a time range. Each integer hour represents a time range beginning at 0m after the hour ending at the next hour (non-inclusive). 0 corresponds to 00:00 UTC, 23 corresponds to 23:00 UTC. Specifying [0, 1] means the 00:00 - 02:00 UTC time range. | int[] Optional |
TimeSpan
A time range. For example, between 2021-05-25T13:00:00Z and 2021-05-25T14:00:00Z.
Used by: MaintenanceConfiguration_Spec.
| Property | Description | Type |
|---|---|---|
| end | The end of a time span | string Optional |
| start | The start of a time span | string Optional |
TimeSpan_STATUS
A time range. For example, between 2021-05-25T13:00:00Z and 2021-05-25T14:00:00Z.
Used by: MaintenanceConfiguration_STATUS.
| Property | Description | Type |
|---|---|---|
| end | The end of a time span | string Optional |
| start | The start of a time span | string Optional |
TrustedAccessRoleBindingOperatorSpec
Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure
Used by: TrustedAccessRoleBinding_Spec.
| Property | Description | Type |
|---|---|---|
| configMapExpressions | configures where to place operator written dynamic ConfigMaps (created with CEL expressions). | core.DestinationExpression[] Optional |
| secretExpressions | configures where to place operator written dynamic secrets (created with CEL expressions). | core.DestinationExpression[] Optional |
TrustedAccessRoleBindingProperties_ProvisioningState_STATUS
Used by: TrustedAccessRoleBinding_STATUS.
| Value | Description |
|---|---|
| “Canceled” | |
| “Deleting” | |
| “Failed” | |
| “Succeeded” | |
| “Updating” |
UserAssignedIdentity
Details about a user assigned identity.
Used by: ManagedCluster_Spec, and ManagedClusterPodIdentity.
| Property | Description | Type |
|---|---|---|
| clientId | The client ID of the user assigned identity. | string Optional |
| clientIdFromConfig | The client ID of the user assigned identity. | genruntime.ConfigMapReference Optional |
| objectId | The object ID of the user assigned identity. | string Optional |
| objectIdFromConfig | The object ID of the user assigned identity. | genruntime.ConfigMapReference Optional |
| resourceReference | The resource ID of the user assigned identity. | genruntime.ResourceReference Optional |
UserAssignedIdentity_STATUS
Details about a user assigned identity.
Used by: ManagedCluster_STATUS, ManagedClusterAddonProfile_STATUS, ManagedClusterIngressProfileWebAppRouting_STATUS, and ManagedClusterPodIdentity_STATUS.
| Property | Description | Type |
|---|---|---|
| clientId | The client ID of the user assigned identity. | string Optional |
| objectId | The object ID of the user assigned identity. | string Optional |
| resourceId | The resource ID of the user assigned identity. | string Optional |
VirtualMachineNodes
Current status on a group of nodes of the same vm size.
Used by: ManagedClusterAgentPoolProfile, and ManagedClustersAgentPool_Spec.
| Property | Description | Type |
|---|---|---|
| count | Number of nodes. | int Optional |
| size | The VM size of the agents used to host this group of nodes. | string Optional |
VirtualMachineNodes_STATUS
Current status on a group of nodes of the same vm size.
Used by: ManagedClusterAgentPoolProfile_STATUS, and ManagedClustersAgentPool_STATUS.
| Property | Description | Type |
|---|---|---|
| count | Number of nodes. | int Optional |
| size | The VM size of the agents used to host this group of nodes. | string Optional |
VirtualMachinesProfile
Specifications on VirtualMachines agent pool.
Used by: ManagedClusterAgentPoolProfile, and ManagedClustersAgentPool_Spec.
| Property | Description | Type |
|---|---|---|
| scale | Specifications on how to scale a VirtualMachines agent pool. | ScaleProfile Optional |
VirtualMachinesProfile_STATUS
Specifications on VirtualMachines agent pool.
Used by: ManagedClusterAgentPoolProfile_STATUS, and ManagedClustersAgentPool_STATUS.
| Property | Description | Type |
|---|---|---|
| scale | Specifications on how to scale a VirtualMachines agent pool. | ScaleProfile_STATUS Optional |
WorkloadRuntime
Determines the type of workload a node can run.
Used by: ManagedClusterAgentPoolProfile, and ManagedClustersAgentPool_Spec.
| Value | Description |
|---|---|
| “OCIContainer” | |
| “WasmWasi” |
WorkloadRuntime_STATUS
Determines the type of workload a node can run.
Used by: ManagedClusterAgentPoolProfile_STATUS, and ManagedClustersAgentPool_STATUS.
| Value | Description |
|---|---|
| “OCIContainer” | |
| “WasmWasi” |
AdvancedNetworking
Advanced Networking profile for enabling observability and security feature suite on a cluster. For more information see aka.ms/aksadvancednetworking.
Used by: ContainerServiceNetworkProfile.
| Property | Description | Type |
|---|---|---|
| enabled | Indicates the enablement of Advanced Networking functionalities of observability and security on AKS clusters. When this is set to true, all observability and security features will be set to enabled unless explicitly disabled. If not specified, the default is false. | bool Optional |
| observability | Observability profile to enable advanced network metrics and flow logs with historical contexts. | AdvancedNetworkingObservability Optional |
| security | Security profile to enable security features on cilium based cluster. | AdvancedNetworkingSecurity Optional |
AdvancedNetworking_STATUS
Advanced Networking profile for enabling observability and security feature suite on a cluster. For more information see aka.ms/aksadvancednetworking.
Used by: ContainerServiceNetworkProfile_STATUS.
| Property | Description | Type |
|---|---|---|
| enabled | Indicates the enablement of Advanced Networking functionalities of observability and security on AKS clusters. When this is set to true, all observability and security features will be set to enabled unless explicitly disabled. If not specified, the default is false. | bool Optional |
| observability | Observability profile to enable advanced network metrics and flow logs with historical contexts. | AdvancedNetworkingObservability_STATUS Optional |
| security | Security profile to enable security features on cilium based cluster. | AdvancedNetworkingSecurity_STATUS Optional |
AgentPoolSSHAccess
SSH access method of an agent pool.
Used by: AgentPoolSecurityProfile.
| Value | Description |
|---|---|
| “Disabled” | |
| “LocalUser” |
AgentPoolSSHAccess_STATUS
SSH access method of an agent pool.
Used by: AgentPoolSecurityProfile_STATUS.
| Value | Description |
|---|---|
| “Disabled” | |
| “LocalUser” |
AgentPoolUpgradeSettings_UndrainableNodeBehavior
Used by: AgentPoolUpgradeSettings.
| Value | Description |
|---|---|
| “Cordon” | |
| “Schedule” |
AgentPoolUpgradeSettings_UndrainableNodeBehavior_STATUS
Used by: AgentPoolUpgradeSettings_STATUS.
| Value | Description |
|---|---|
| “Cordon” | |
| “Schedule” |
AzureKeyVaultKms
Azure Key Vault key management service settings for the security profile.
Used by: ManagedClusterSecurityProfile.
| Property | Description | Type |
|---|---|---|
| enabled | Whether to enable Azure Key Vault key management service. The default is false. | bool Optional |
| keyId | Identifier of Azure Key Vault key. See key identifier format for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key identifier. When Azure Key Vault key management service is disabled, leave the field empty. | string Optional |
| keyVaultNetworkAccess | Network access of the key vault. Network access of key vault. The possible values are Public and Private. Public means the key vault allows public access from all networks. Private means the key vault disables public access and enables private link. The default value is Public. |
AzureKeyVaultKms_KeyVaultNetworkAccess Optional |
| keyVaultResourceReference | Resource ID of key vault. When keyVaultNetworkAccess is Private, this field is required and must be a valid resource ID. When keyVaultNetworkAccess is Public, leave the field empty. |
genruntime.ResourceReference Optional |
AzureKeyVaultKms_STATUS
Azure Key Vault key management service settings for the security profile.
Used by: ManagedClusterSecurityProfile_STATUS.
| Property | Description | Type |
|---|---|---|
| enabled | Whether to enable Azure Key Vault key management service. The default is false. | bool Optional |
| keyId | Identifier of Azure Key Vault key. See key identifier format for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key identifier. When Azure Key Vault key management service is disabled, leave the field empty. | string Optional |
| keyVaultNetworkAccess | Network access of the key vault. Network access of key vault. The possible values are Public and Private. Public means the key vault allows public access from all networks. Private means the key vault disables public access and enables private link. The default value is Public. |
AzureKeyVaultKms_KeyVaultNetworkAccess_STATUS Optional |
| keyVaultResourceId | Resource ID of key vault. When keyVaultNetworkAccess is Private, this field is required and must be a valid resource ID. When keyVaultNetworkAccess is Public, leave the field empty. |
string Optional |
ContainerServiceNetworkProfile_IpFamilies
Used by: ContainerServiceNetworkProfile.
| Value | Description |
|---|---|
| “IPv4” | |
| “IPv6” |
ContainerServiceNetworkProfile_IpFamilies_STATUS
Used by: ContainerServiceNetworkProfile_STATUS.
| Value | Description |
|---|---|
| “IPv4” | |
| “IPv6” |
ContainerServiceNetworkProfile_LoadBalancerSku
Used by: ContainerServiceNetworkProfile.
| Value | Description |
|---|---|
| “basic” | |
| “standard” |
ContainerServiceNetworkProfile_LoadBalancerSku_STATUS
Used by: ContainerServiceNetworkProfile_STATUS.
| Value | Description |
|---|---|
| “basic” | |
| “standard” |
ContainerServiceNetworkProfile_NetworkDataplane
Used by: ContainerServiceNetworkProfile.
| Value | Description |
|---|---|
| “azure” | |
| “cilium” |
ContainerServiceNetworkProfile_NetworkDataplane_STATUS
Used by: ContainerServiceNetworkProfile_STATUS.
| Value | Description |
|---|---|
| “azure” | |
| “cilium” |
ContainerServiceNetworkProfile_NetworkMode
Used by: ContainerServiceNetworkProfile.
| Value | Description |
|---|---|
| “bridge” | |
| “transparent” |
ContainerServiceNetworkProfile_NetworkMode_STATUS
Used by: ContainerServiceNetworkProfile_STATUS.
| Value | Description |
|---|---|
| “bridge” | |
| “transparent” |
ContainerServiceNetworkProfile_NetworkPlugin
Used by: ContainerServiceNetworkProfile.
| Value | Description |
|---|---|
| “azure” | |
| “kubenet” | |
| “none” |
ContainerServiceNetworkProfile_NetworkPlugin_STATUS
Used by: ContainerServiceNetworkProfile_STATUS.
| Value | Description |
|---|---|
| “azure” | |
| “kubenet” | |
| “none” |
ContainerServiceNetworkProfile_NetworkPluginMode
Used by: ContainerServiceNetworkProfile.
| Value | Description |
|---|---|
| “overlay” |
ContainerServiceNetworkProfile_NetworkPluginMode_STATUS
Used by: ContainerServiceNetworkProfile_STATUS.
| Value | Description |
|---|---|
| “overlay” |
ContainerServiceNetworkProfile_NetworkPolicy
Used by: ContainerServiceNetworkProfile.
| Value | Description |
|---|---|
| “azure” | |
| “calico” | |
| “cilium” | |
| “none” |
ContainerServiceNetworkProfile_NetworkPolicy_STATUS
Used by: ContainerServiceNetworkProfile_STATUS.
| Value | Description |
|---|---|
| “azure” | |
| “calico” | |
| “cilium” | |
| “none” |
ContainerServiceNetworkProfile_OutboundType
Used by: ContainerServiceNetworkProfile.
| Value | Description |
|---|---|
| “loadBalancer” | |
| “managedNATGateway” | |
| “none” | |
| “userAssignedNATGateway” | |
| “userDefinedRouting” |
ContainerServiceNetworkProfile_OutboundType_STATUS
Used by: ContainerServiceNetworkProfile_STATUS.
| Value | Description |
|---|---|
| “loadBalancer” | |
| “managedNATGateway” | |
| “none” | |
| “userAssignedNATGateway” | |
| “userDefinedRouting” |
ContainerServiceSshConfiguration
SSH configuration for Linux-based VMs running on Azure.
Used by: ContainerServiceLinuxProfile.
| Property | Description | Type |
|---|---|---|
| publicKeys | The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified. | ContainerServiceSshPublicKey[] Required |
ContainerServiceSshConfiguration_STATUS
SSH configuration for Linux-based VMs running on Azure.
Used by: ContainerServiceLinuxProfile_STATUS.
| Property | Description | Type |
|---|---|---|
| publicKeys | The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified. | ContainerServiceSshPublicKey_STATUS[] Optional |
DateSpan
A date range. For example, between ‘2022-12-23’ and ‘2023-01-05’.
Used by: MaintenanceWindow.
| Property | Description | Type |
|---|---|---|
| end | The end date of the date span. | string Required |
| start | The start date of the date span. | string Required |
DateSpan_STATUS
A date range. For example, between ‘2022-12-23’ and ‘2023-01-05’.
Used by: MaintenanceWindow_STATUS.
| Property | Description | Type |
|---|---|---|
| end | The end date of the date span. | string Optional |
| start | The start date of the date span. | string Optional |
DelegatedResource
Delegated resource properties - internal use only.
Used by: ManagedClusterIdentity.
| Property | Description | Type |
|---|---|---|
| location | The source resource location - internal use only. | string Optional |
| referralResource | The delegation id of the referral delegation (optional) - internal use only. | string Optional |
| resourceReference | The ARM resource id of the delegated resource - internal use only. | genruntime.ResourceReference Optional |
| tenantId | The tenant id of the delegated resource - internal use only. | string Optional |
DelegatedResource_STATUS
Delegated resource properties - internal use only.
Used by: ManagedClusterIdentity_STATUS.
| Property | Description | Type |
|---|---|---|
| location | The source resource location - internal use only. | string Optional |
| referralResource | The delegation id of the referral delegation (optional) - internal use only. | string Optional |
| resourceId | The ARM resource id of the delegated resource - internal use only. | string Optional |
| tenantId | The tenant id of the delegated resource - internal use only. | string Optional |
ErrorDetail_STATUS
The error detail.
Used by: AgentPoolStatus_STATUS, and ManagedClusterStatus_STATUS.
| Property | Description | Type |
|---|---|---|
| additionalInfo | The error additional info. | ErrorAdditionalInfo_STATUS[] Optional |
| code | The error code. | string Optional |
| details | The error details. | ErrorDetail_STATUS_Unrolled[] Optional |
| message | The error message. | string Optional |
| target | The error target. | string Optional |
ExtendedLocationType
The type of extendedLocation.
Used by: ExtendedLocation.
| Value | Description |
|---|---|
| “EdgeZone” |
ExtendedLocationType_STATUS
The type of extendedLocation.
Used by: ExtendedLocation_STATUS.
| Value | Description |
|---|---|
| “EdgeZone” |
GPUProfile_Driver
Used by: GPUProfile.
| Value | Description |
|---|---|
| “Install” | |
| “None” |
GPUProfile_Driver_STATUS
Used by: GPUProfile_STATUS.
| Value | Description |
|---|---|
| “Install” | |
| “None” |
HourInDay
Used by: TimeInWeek.
IPTag
Contains the IPTag associated with the object.
Used by: AgentPoolNetworkProfile.
| Property | Description | Type |
|---|---|---|
| ipTagType | The IP tag type. Example: RoutingPreference. | string Optional |
| tag | The value of the IP tag associated with the public IP. Example: Internet. | string Optional |
IPTag_STATUS
Contains the IPTag associated with the object.
Used by: AgentPoolNetworkProfile_STATUS.
| Property | Description | Type |
|---|---|---|
| ipTagType | The IP tag type. Example: RoutingPreference. | string Optional |
| tag | The value of the IP tag associated with the public IP. Example: Internet. | string Optional |
IstioServiceMesh
Istio service mesh configuration.
Used by: ServiceMeshProfile.
| Property | Description | Type |
|---|---|---|
| certificateAuthority | Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin certificates as described here https://aka.ms/asm-plugin-ca | IstioCertificateAuthority Optional |
| components | Istio components configuration. | IstioComponents Optional |
| revisions | The list of revisions of the Istio control plane. When an upgrade is not in progress, this holds one value. When canary upgrade is in progress, this can only hold two consecutive values. For more information, see: https://learn.microsoft.com/en-us/azure/aks/istio-upgrade | string[] Optional |
IstioServiceMesh_STATUS
Istio service mesh configuration.
Used by: ServiceMeshProfile_STATUS.
| Property | Description | Type |
|---|---|---|
| certificateAuthority | Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin certificates as described here https://aka.ms/asm-plugin-ca | IstioCertificateAuthority_STATUS Optional |
| components | Istio components configuration. | IstioComponents_STATUS Optional |
| revisions | The list of revisions of the Istio control plane. When an upgrade is not in progress, this holds one value. When canary upgrade is in progress, this can only hold two consecutive values. For more information, see: https://learn.microsoft.com/en-us/azure/aks/istio-upgrade | string[] Optional |
ManagedClusterAutoUpgradeProfile_NodeOSUpgradeChannel
Used by: ManagedClusterAutoUpgradeProfile.
| Value | Description |
|---|---|
| “NodeImage” | |
| “None” | |
| “SecurityPatch” | |
| “Unmanaged” |
ManagedClusterAutoUpgradeProfile_NodeOSUpgradeChannel_STATUS
Used by: ManagedClusterAutoUpgradeProfile_STATUS.
| Value | Description |
|---|---|
| “NodeImage” | |
| “None” | |
| “SecurityPatch” | |
| “Unmanaged” |
ManagedClusterAutoUpgradeProfile_UpgradeChannel
Used by: ManagedClusterAutoUpgradeProfile.
| Value | Description |
|---|---|
| “node-image” | |
| “none” | |
| “patch” | |
| “rapid” | |
| “stable” |
ManagedClusterAutoUpgradeProfile_UpgradeChannel_STATUS
Used by: ManagedClusterAutoUpgradeProfile_STATUS.
| Value | Description |
|---|---|
| “node-image” | |
| “none” | |
| “patch” | |
| “rapid” | |
| “stable” |
ManagedClusterAzureMonitorProfileMetrics
Metrics profile for the Azure Monitor managed service for Prometheus addon. Collect out-of-the-box Kubernetes infrastructure metrics to send to an Azure Monitor Workspace and configure additional scraping for custom targets. See aka.ms/AzureManagedPrometheus for an overview.
Used by: ManagedClusterAzureMonitorProfile.
| Property | Description | Type |
|---|---|---|
| enabled | Whether to enable or disable the Azure Managed Prometheus addon for Prometheus monitoring. See aka.ms/AzureManagedPrometheus-aks-enable for details on enabling and disabling. | bool Required |
| kubeStateMetrics | Kube State Metrics profile for the Azure Managed Prometheus addon. These optional settings are for the kube-state-metrics pod that is deployed with the addon. See aka.ms/AzureManagedPrometheus-optional-parameters for details. | ManagedClusterAzureMonitorProfileKubeStateMetrics Optional |
ManagedClusterAzureMonitorProfileMetrics_STATUS
Metrics profile for the Azure Monitor managed service for Prometheus addon. Collect out-of-the-box Kubernetes infrastructure metrics to send to an Azure Monitor Workspace and configure additional scraping for custom targets. See aka.ms/AzureManagedPrometheus for an overview.
Used by: ManagedClusterAzureMonitorProfile_STATUS.
| Property | Description | Type |
|---|---|---|
| enabled | Whether to enable or disable the Azure Managed Prometheus addon for Prometheus monitoring. See aka.ms/AzureManagedPrometheus-aks-enable for details on enabling and disabling. | bool Optional |
| kubeStateMetrics | Kube State Metrics profile for the Azure Managed Prometheus addon. These optional settings are for the kube-state-metrics pod that is deployed with the addon. See aka.ms/AzureManagedPrometheus-optional-parameters for details. | ManagedClusterAzureMonitorProfileKubeStateMetrics_STATUS Optional |
ManagedClusterBootstrapProfile_ArtifactSource
Used by: ManagedClusterBootstrapProfile.
| Value | Description |
|---|---|
| “Cache” | |
| “Direct” |
ManagedClusterBootstrapProfile_ArtifactSource_STATUS
Used by: ManagedClusterBootstrapProfile_STATUS.
| Value | Description |
|---|---|
| “Cache” | |
| “Direct” |
ManagedClusterCostAnalysis
The cost analysis configuration for the cluster
Used by: ManagedClusterMetricsProfile.
| Property | Description | Type |
|---|---|---|
| enabled | Whether to enable cost analysis. The Managed Cluster sku.tier must be set to Standard or Premium to enable this feature. Enabling this will add Kubernetes Namespace and Deployment details to the Cost Analysis views in the Azure portal. If not specified, the default is false. For more information see aka.ms/aks/docs/cost-analysis. |
bool Optional |
ManagedClusterCostAnalysis_STATUS
The cost analysis configuration for the cluster
Used by: ManagedClusterMetricsProfile_STATUS.
| Property | Description | Type |
|---|---|---|
| enabled | Whether to enable cost analysis. The Managed Cluster sku.tier must be set to Standard or Premium to enable this feature. Enabling this will add Kubernetes Namespace and Deployment details to the Cost Analysis views in the Azure portal. If not specified, the default is false. For more information see aka.ms/aks/docs/cost-analysis. |
bool Optional |
ManagedClusterIdentity_Type
Used by: ManagedClusterIdentity.
| Value | Description |
|---|---|
| “None” | |
| “SystemAssigned” | |
| “UserAssigned” |
ManagedClusterIdentity_Type_STATUS
Used by: ManagedClusterIdentity_STATUS.
| Value | Description |
|---|---|
| “None” | |
| “SystemAssigned” | |
| “UserAssigned” |
ManagedClusterIdentity_UserAssignedIdentities_STATUS
Used by: ManagedClusterIdentity_STATUS.
| Property | Description | Type |
|---|---|---|
| clientId | The client id of user assigned identity. | string Optional |
| principalId | The principal id of user assigned identity. | string Optional |
ManagedClusterIngressProfileWebAppRouting
Application Routing add-on settings for the ingress profile.
Used by: ManagedClusterIngressProfile.
| Property | Description | Type |
|---|---|---|
| dnsZoneResourceReferences | Resource IDs of the DNS zones to be associated with the Application Routing add-on. Used only when Application Routing add-on is enabled. Public and private DNS zones can be in different resource groups, but all public DNS zones must be in the same resource group and all private DNS zones must be in the same resource group. | genruntime.ResourceReference[] Optional |
| enabled | Whether to enable the Application Routing add-on. | bool Optional |
| nginx | Configuration for the default NginxIngressController. See more at https://learn.microsoft.com/en-us/azure/aks/app-routing-nginx-configuration#the-default-nginx-ingress-controller. | ManagedClusterIngressProfileNginx Optional |
ManagedClusterIngressProfileWebAppRouting_STATUS
Application Routing add-on settings for the ingress profile.
Used by: ManagedClusterIngressProfile_STATUS.
| Property | Description | Type |
|---|---|---|
| dnsZoneResourceIds | Resource IDs of the DNS zones to be associated with the Application Routing add-on. Used only when Application Routing add-on is enabled. Public and private DNS zones can be in different resource groups, but all public DNS zones must be in the same resource group and all private DNS zones must be in the same resource group. | string[] Optional |
| enabled | Whether to enable the Application Routing add-on. | bool Optional |
| identity | Managed identity of the Application Routing add-on. This is the identity that should be granted permissions, for example, to manage the associated Azure DNS resource and get certificates from Azure Key Vault. See this overview of the add-on for more instructions. | UserAssignedIdentity_STATUS Optional |
| nginx | Configuration for the default NginxIngressController. See more at https://learn.microsoft.com/en-us/azure/aks/app-routing-nginx-configuration#the-default-nginx-ingress-controller. | ManagedClusterIngressProfileNginx_STATUS Optional |
ManagedClusterLoadBalancerProfile
Profile of the managed cluster load balancer.
Used by: ContainerServiceNetworkProfile.
| Property | Description | Type |
|---|---|---|
| allocatedOutboundPorts | The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports. | int Optional |
| backendPoolType | The type of the managed inbound Load Balancer BackendPool. | ManagedClusterLoadBalancerProfile_BackendPoolType Optional |
| enableMultipleStandardLoadBalancers | Enable multiple standard load balancers per AKS cluster or not. | bool Optional |
| idleTimeoutInMinutes | Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 30 minutes. | int Optional |
| managedOutboundIPs | Desired managed outbound IPs for the cluster load balancer. | ManagedClusterLoadBalancerProfile_ManagedOutboundIPs Optional |
| outboundIPPrefixes | Desired outbound IP Prefix resources for the cluster load balancer. | ManagedClusterLoadBalancerProfile_OutboundIPPrefixes Optional |
| outboundIPs | Desired outbound IP resources for the cluster load balancer. | ManagedClusterLoadBalancerProfile_OutboundIPs Optional |
ManagedClusterLoadBalancerProfile_STATUS
Profile of the managed cluster load balancer.
Used by: ContainerServiceNetworkProfile_STATUS.
| Property | Description | Type |
|---|---|---|
| allocatedOutboundPorts | The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports. | int Optional |
| backendPoolType | The type of the managed inbound Load Balancer BackendPool. | ManagedClusterLoadBalancerProfile_BackendPoolType_STATUS Optional |
| effectiveOutboundIPs | The effective outbound IP resources of the cluster load balancer. | ResourceReference_STATUS[] Optional |
| enableMultipleStandardLoadBalancers | Enable multiple standard load balancers per AKS cluster or not. | bool Optional |
| idleTimeoutInMinutes | Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 30 minutes. | int Optional |
| managedOutboundIPs | Desired managed outbound IPs for the cluster load balancer. | ManagedClusterLoadBalancerProfile_ManagedOutboundIPs_STATUS Optional |
| outboundIPPrefixes | Desired outbound IP Prefix resources for the cluster load balancer. | ManagedClusterLoadBalancerProfile_OutboundIPPrefixes_STATUS Optional |
| outboundIPs | Desired outbound IP resources for the cluster load balancer. | ManagedClusterLoadBalancerProfile_OutboundIPs_STATUS Optional |
ManagedClusterNATGatewayProfile
Profile of the managed cluster NAT gateway.
Used by: ContainerServiceNetworkProfile.
| Property | Description | Type |
|---|---|---|
| idleTimeoutInMinutes | Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 4 minutes. | int Optional |
| managedOutboundIPProfile | Profile of the managed outbound IP resources of the cluster NAT gateway. | ManagedClusterManagedOutboundIPProfile Optional |
ManagedClusterNATGatewayProfile_STATUS
Profile of the managed cluster NAT gateway.
Used by: ContainerServiceNetworkProfile_STATUS.
| Property | Description | Type |
|---|---|---|
| effectiveOutboundIPs | The effective outbound IP resources of the cluster NAT gateway. | ResourceReference_STATUS[] Optional |
| idleTimeoutInMinutes | Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 4 minutes. | int Optional |
| managedOutboundIPProfile | Profile of the managed outbound IP resources of the cluster NAT gateway. | ManagedClusterManagedOutboundIPProfile_STATUS Optional |
ManagedClusterNodeProvisioningProfile_DefaultNodePools
Used by: ManagedClusterNodeProvisioningProfile.
| Value | Description |
|---|---|
| “Auto” | |
| “None” |
ManagedClusterNodeProvisioningProfile_DefaultNodePools_STATUS
Used by: ManagedClusterNodeProvisioningProfile_STATUS.
| Value | Description |
|---|---|
| “Auto” | |
| “None” |
ManagedClusterNodeProvisioningProfile_Mode
Used by: ManagedClusterNodeProvisioningProfile.
| Value | Description |
|---|---|
| “Auto” | |
| “Manual” |
ManagedClusterNodeProvisioningProfile_Mode_STATUS
Used by: ManagedClusterNodeProvisioningProfile_STATUS.
| Value | Description |
|---|---|
| “Auto” | |
| “Manual” |
ManagedClusterNodeResourceGroupProfile_RestrictionLevel
Used by: ManagedClusterNodeResourceGroupProfile.
| Value | Description |
|---|---|
| “ReadOnly” | |
| “Unrestricted” |
ManagedClusterNodeResourceGroupProfile_RestrictionLevel_STATUS
Used by: ManagedClusterNodeResourceGroupProfile_STATUS.
| Value | Description |
|---|---|
| “ReadOnly” | |
| “Unrestricted” |
ManagedClusterOperatorConfigMaps
Used by: ManagedClusterOperatorSpec.
| Property | Description | Type |
|---|---|---|
| oidcIssuerProfile | indicates where the OIDCIssuerProfile config map should be placed. If omitted, no config map will be created. | genruntime.ConfigMapDestination Optional |
ManagedClusterOperatorSecrets
Used by: ManagedClusterOperatorSpec.
| Property | Description | Type |
|---|---|---|
| adminCredentials | indicates where the AdminCredentials secret should be placed. If omitted, the secret will not be retrieved from Azure. | genruntime.SecretDestination Optional |
| userCredentials | indicates where the UserCredentials secret should be placed. If omitted, the secret will not be retrieved from Azure. | genruntime.SecretDestination Optional |
ManagedClusterPodIdentity
Details about the pod identity assigned to the Managed Cluster.
Used by: ManagedClusterPodIdentityProfile.
| Property | Description | Type |
|---|---|---|
| bindingSelector | The binding selector to use for the AzureIdentityBinding resource. | string Optional |
| identity | The user assigned identity details. | UserAssignedIdentity Required |
| name | The name of the pod identity. | string Required |
| namespace | The namespace of the pod identity. | string Required |
ManagedClusterPodIdentity_STATUS
Details about the pod identity assigned to the Managed Cluster.
Used by: ManagedClusterPodIdentityProfile_STATUS.
| Property | Description | Type |
|---|---|---|
| bindingSelector | The binding selector to use for the AzureIdentityBinding resource. | string Optional |
| identity | The user assigned identity details. | UserAssignedIdentity_STATUS Optional |
| name | The name of the pod identity. | string Optional |
| namespace | The namespace of the pod identity. | string Optional |
| provisioningInfo | ManagedClusterPodIdentity_ProvisioningInfo_STATUS Optional |
|
| provisioningState | The current provisioning state of the pod identity. | ManagedClusterPodIdentity_ProvisioningState_STATUS Optional |
ManagedClusterPodIdentityException
A pod identity exception, which allows pods with certain labels to access the Azure Instance Metadata Service (IMDS) endpoint without being intercepted by the node-managed identity (NMI) server. See disable AAD Pod Identity for a specific Pod/Application for more details.
Used by: ManagedClusterPodIdentityProfile.
| Property | Description | Type |
|---|---|---|
| name | The name of the pod identity exception. | string Required |
| namespace | The namespace of the pod identity exception. | string Required |
| podLabels | The pod labels to match. | map[string]string Required |
ManagedClusterPodIdentityException_STATUS
A pod identity exception, which allows pods with certain labels to access the Azure Instance Metadata Service (IMDS) endpoint without being intercepted by the node-managed identity (NMI) server. See disable AAD Pod Identity for a specific Pod/Application for more details.
Used by: ManagedClusterPodIdentityProfile_STATUS.
| Property | Description | Type |
|---|---|---|
| name | The name of the pod identity exception. | string Optional |
| namespace | The namespace of the pod identity exception. | string Optional |
| podLabels | The pod labels to match. | map[string]string Optional |
ManagedClusterProperties_AutoScalerProfile_Expander
Used by: ManagedClusterProperties_AutoScalerProfile.
| Value | Description |
|---|---|
| “least-waste” | |
| “most-pods” | |
| “priority” | |
| “random” |
ManagedClusterProperties_AutoScalerProfile_Expander_STATUS
Used by: ManagedClusterProperties_AutoScalerProfile_STATUS.
| Value | Description |
|---|---|
| “least-waste” | |
| “most-pods” | |
| “priority” | |
| “random” |
ManagedClusterSecurityProfileDefender
Microsoft Defender settings for the security profile.
Used by: ManagedClusterSecurityProfile.
| Property | Description | Type |
|---|---|---|
| logAnalyticsWorkspaceResourceReference | Resource ID of the Log Analytics workspace to be associated with Microsoft Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When Microsoft Defender is disabled, leave the field empty. | genruntime.ResourceReference Optional |
| securityMonitoring | Microsoft Defender threat detection for Cloud settings for the security profile. | ManagedClusterSecurityProfileDefenderSecurityMonitoring Optional |
ManagedClusterSecurityProfileDefender_STATUS
Microsoft Defender settings for the security profile.
Used by: ManagedClusterSecurityProfile_STATUS.
| Property | Description | Type |
|---|---|---|
| logAnalyticsWorkspaceResourceId | Resource ID of the Log Analytics workspace to be associated with Microsoft Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When Microsoft Defender is disabled, leave the field empty. | string Optional |
| securityMonitoring | Microsoft Defender threat detection for Cloud settings for the security profile. | ManagedClusterSecurityProfileDefenderSecurityMonitoring_STATUS Optional |
ManagedClusterSecurityProfileImageCleaner
Image Cleaner removes unused images from nodes, freeing up disk space and helping to reduce attack surface area. Here are settings for the security profile.
Used by: ManagedClusterSecurityProfile.
| Property | Description | Type |
|---|---|---|
| enabled | Whether to enable Image Cleaner on AKS cluster. | bool Optional |
| intervalHours | Image Cleaner scanning interval in hours. | int Optional |
ManagedClusterSecurityProfileImageCleaner_STATUS
Image Cleaner removes unused images from nodes, freeing up disk space and helping to reduce attack surface area. Here are settings for the security profile.
Used by: ManagedClusterSecurityProfile_STATUS.
| Property | Description | Type |
|---|---|---|
| enabled | Whether to enable Image Cleaner on AKS cluster. | bool Optional |
| intervalHours | Image Cleaner scanning interval in hours. | int Optional |
ManagedClusterSecurityProfileWorkloadIdentity
Workload identity settings for the security profile.
Used by: ManagedClusterSecurityProfile.
| Property | Description | Type |
|---|---|---|
| enabled | Whether to enable workload identity. | bool Optional |
ManagedClusterSecurityProfileWorkloadIdentity_STATUS
Workload identity settings for the security profile.
Used by: ManagedClusterSecurityProfile_STATUS.
| Property | Description | Type |
|---|---|---|
| enabled | Whether to enable workload identity. | bool Optional |
ManagedClusterSKU_Name
Used by: ManagedClusterSKU.
| Value | Description |
|---|---|
| “Automatic” | |
| “Base” |
ManagedClusterSKU_Name_STATUS
Used by: ManagedClusterSKU_STATUS.
| Value | Description |
|---|---|
| “Automatic” | |
| “Base” |
ManagedClusterSKU_Tier
Used by: ManagedClusterSKU.
| Value | Description |
|---|---|
| “Free” | |
| “Premium” | |
| “Standard” |
ManagedClusterSKU_Tier_STATUS
Used by: ManagedClusterSKU_STATUS.
| Value | Description |
|---|---|
| “Free” | |
| “Premium” | |
| “Standard” |
ManagedClusterStaticEgressGatewayProfile
The Static Egress Gateway addon configuration for the cluster.
Used by: ContainerServiceNetworkProfile.
| Property | Description | Type |
|---|---|---|
| enabled | Enable Static Egress Gateway addon. Indicates if Static Egress Gateway addon is enabled or not. | bool Optional |
ManagedClusterStaticEgressGatewayProfile_STATUS
The Static Egress Gateway addon configuration for the cluster.
Used by: ContainerServiceNetworkProfile_STATUS.
| Property | Description | Type |
|---|---|---|
| enabled | Enable Static Egress Gateway addon. Indicates if Static Egress Gateway addon is enabled or not. | bool Optional |
ManagedClusterStorageProfileBlobCSIDriver
AzureBlob CSI Driver settings for the storage profile.
Used by: ManagedClusterStorageProfile.
| Property | Description | Type |
|---|---|---|
| enabled | Whether to enable AzureBlob CSI Driver. The default value is false. | bool Optional |
ManagedClusterStorageProfileBlobCSIDriver_STATUS
AzureBlob CSI Driver settings for the storage profile.
Used by: ManagedClusterStorageProfile_STATUS.
| Property | Description | Type |
|---|---|---|
| enabled | Whether to enable AzureBlob CSI Driver. The default value is false. | bool Optional |
ManagedClusterStorageProfileDiskCSIDriver
AzureDisk CSI Driver settings for the storage profile.
Used by: ManagedClusterStorageProfile.
| Property | Description | Type |
|---|---|---|
| enabled | Whether to enable AzureDisk CSI Driver. The default value is true. | bool Optional |
ManagedClusterStorageProfileDiskCSIDriver_STATUS
AzureDisk CSI Driver settings for the storage profile.
Used by: ManagedClusterStorageProfile_STATUS.
| Property | Description | Type |
|---|---|---|
| enabled | Whether to enable AzureDisk CSI Driver. The default value is true. | bool Optional |
ManagedClusterStorageProfileFileCSIDriver
AzureFile CSI Driver settings for the storage profile.
Used by: ManagedClusterStorageProfile.
| Property | Description | Type |
|---|---|---|
| enabled | Whether to enable AzureFile CSI Driver. The default value is true. | bool Optional |
ManagedClusterStorageProfileFileCSIDriver_STATUS
AzureFile CSI Driver settings for the storage profile.
Used by: ManagedClusterStorageProfile_STATUS.
| Property | Description | Type |
|---|---|---|
| enabled | Whether to enable AzureFile CSI Driver. The default value is true. | bool Optional |
ManagedClusterStorageProfileSnapshotController
Snapshot Controller settings for the storage profile.
Used by: ManagedClusterStorageProfile.
| Property | Description | Type |
|---|---|---|
| enabled | Whether to enable Snapshot Controller. The default value is true. | bool Optional |
ManagedClusterStorageProfileSnapshotController_STATUS
Snapshot Controller settings for the storage profile.
Used by: ManagedClusterStorageProfile_STATUS.
| Property | Description | Type |
|---|---|---|
| enabled | Whether to enable Snapshot Controller. The default value is true. | bool Optional |
ManagedClusterWindowsProfile_LicenseType
Used by: ManagedClusterWindowsProfile.
| Value | Description |
|---|---|
| “None” | |
| “Windows_Server” |
ManagedClusterWindowsProfile_LicenseType_STATUS
Used by: ManagedClusterWindowsProfile_STATUS.
| Value | Description |
|---|---|
| “None” | |
| “Windows_Server” |
ManagedClusterWorkloadAutoScalerProfileKeda
KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.
Used by: ManagedClusterWorkloadAutoScalerProfile.
| Property | Description | Type |
|---|---|---|
| enabled | Whether to enable KEDA. | bool Required |
ManagedClusterWorkloadAutoScalerProfileKeda_STATUS
KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.
Used by: ManagedClusterWorkloadAutoScalerProfile_STATUS.
| Property | Description | Type |
|---|---|---|
| enabled | Whether to enable KEDA. | bool Optional |
ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler
VPA (Vertical Pod Autoscaler) settings for the workload auto-scaler profile.
Used by: ManagedClusterWorkloadAutoScalerProfile.
| Property | Description | Type |
|---|---|---|
| enabled | Whether to enable VPA. Default value is false. | bool Required |
ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler_STATUS
VPA (Vertical Pod Autoscaler) settings for the workload auto-scaler profile.
Used by: ManagedClusterWorkloadAutoScalerProfile_STATUS.
| Property | Description | Type |
|---|---|---|
| enabled | Whether to enable VPA. Default value is false. | bool Optional |
PortRange
The port range.
Used by: AgentPoolNetworkProfile.
| Property | Description | Type |
|---|---|---|
| portEnd | The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or equal to portStart. | int Optional |
| portStart | The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or equal to portEnd. | int Optional |
| protocol | The network protocol of the port. | PortRange_Protocol Optional |
PortRange_STATUS
The port range.
Used by: AgentPoolNetworkProfile_STATUS.
| Property | Description | Type |
|---|---|---|
| portEnd | The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or equal to portStart. | int Optional |
| portStart | The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or equal to portEnd. | int Optional |
| protocol | The network protocol of the port. | PortRange_Protocol_STATUS Optional |
PowerState_Code
Used by: PowerState.
| Value | Description |
|---|---|
| “Running” | |
| “Stopped” |
PowerState_Code_STATUS
Used by: PowerState_STATUS.
| Value | Description |
|---|---|
| “Running” | |
| “Stopped” |
ScaleProfile
Specifications on how to scale a VirtualMachines agent pool.
Used by: VirtualMachinesProfile.
| Property | Description | Type |
|---|---|---|
| manual | Specifications on how to scale the VirtualMachines agent pool to a fixed size. | ManualScaleProfile[] Optional |
ScaleProfile_STATUS
Specifications on how to scale a VirtualMachines agent pool.
Used by: VirtualMachinesProfile_STATUS.
| Property | Description | Type |
|---|---|---|
| manual | Specifications on how to scale the VirtualMachines agent pool to a fixed size. | ManualScaleProfile_STATUS[] Optional |
Schedule
One and only one of the schedule types should be specified. Choose either daily, weekly, absoluteMonthly or relativeMonthly for your maintenance schedule.
Used by: MaintenanceWindow.
| Property | Description | Type |
|---|---|---|
| absoluteMonthly | For schedules like: ‘recur every month on the 15th’ or ‘recur every 3 months on the 20th’. | AbsoluteMonthlySchedule Optional |
| daily | For schedules like: ‘recur every day’ or ‘recur every 3 days’. | DailySchedule Optional |
| relativeMonthly | For schedules like: ‘recur every month on the first Monday’ or ‘recur every 3 months on last Friday’. | RelativeMonthlySchedule Optional |
| weekly | For schedules like: ‘recur every Monday’ or ‘recur every 3 weeks on Wednesday’. | WeeklySchedule Optional |
Schedule_STATUS
One and only one of the schedule types should be specified. Choose either daily, weekly, absoluteMonthly or relativeMonthly for your maintenance schedule.
Used by: MaintenanceWindow_STATUS.
| Property | Description | Type |
|---|---|---|
| absoluteMonthly | For schedules like: ‘recur every month on the 15th’ or ‘recur every 3 months on the 20th’. | AbsoluteMonthlySchedule_STATUS Optional |
| daily | For schedules like: ‘recur every day’ or ‘recur every 3 days’. | DailySchedule_STATUS Optional |
| relativeMonthly | For schedules like: ‘recur every month on the first Monday’ or ‘recur every 3 months on last Friday’. | RelativeMonthlySchedule_STATUS Optional |
| weekly | For schedules like: ‘recur every Monday’ or ‘recur every 3 weeks on Wednesday’. | WeeklySchedule_STATUS Optional |
ServiceMeshProfile_Mode
Used by: ServiceMeshProfile.
| Value | Description |
|---|---|
| “Disabled” | |
| “Istio” |
ServiceMeshProfile_Mode_STATUS
Used by: ServiceMeshProfile_STATUS.
| Value | Description |
|---|---|
| “Disabled” | |
| “Istio” |
SysctlConfig
Sysctl settings for Linux agent nodes.
Used by: LinuxOSConfig.
| Property | Description | Type |
|---|---|---|
| fsAioMaxNr | Sysctl setting fs.aio-max-nr. | int Optional |
| fsFileMax | Sysctl setting fs.file-max. | int Optional |
| fsInotifyMaxUserWatches | Sysctl setting fs.inotify.max_user_watches. | int Optional |
| fsNrOpen | Sysctl setting fs.nr_open. | int Optional |
| kernelThreadsMax | Sysctl setting kernel.threads-max. | int Optional |
| netCoreNetdevMaxBacklog | Sysctl setting net.core.netdev_max_backlog. | int Optional |
| netCoreOptmemMax | Sysctl setting net.core.optmem_max. | int Optional |
| netCoreRmemDefault | Sysctl setting net.core.rmem_default. | int Optional |
| netCoreRmemMax | Sysctl setting net.core.rmem_max. | int Optional |
| netCoreSomaxconn | Sysctl setting net.core.somaxconn. | int Optional |
| netCoreWmemDefault | Sysctl setting net.core.wmem_default. | int Optional |
| netCoreWmemMax | Sysctl setting net.core.wmem_max. | int Optional |
| netIpv4IpLocalPortRange | Sysctl setting net.ipv4.ip_local_port_range. | string Optional |
| netIpv4NeighDefaultGcThresh1 | Sysctl setting net.ipv4.neigh.default.gc_thresh1. | int Optional |
| netIpv4NeighDefaultGcThresh2 | Sysctl setting net.ipv4.neigh.default.gc_thresh2. | int Optional |
| netIpv4NeighDefaultGcThresh3 | Sysctl setting net.ipv4.neigh.default.gc_thresh3. | int Optional |
| netIpv4TcpFinTimeout | Sysctl setting net.ipv4.tcp_fin_timeout. | int Optional |
| netIpv4TcpkeepaliveIntvl | Sysctl setting net.ipv4.tcp_keepalive_intvl. | int Optional |
| netIpv4TcpKeepaliveProbes | Sysctl setting net.ipv4.tcp_keepalive_probes. | int Optional |
| netIpv4TcpKeepaliveTime | Sysctl setting net.ipv4.tcp_keepalive_time. | int Optional |
| netIpv4TcpMaxSynBacklog | Sysctl setting net.ipv4.tcp_max_syn_backlog. | int Optional |
| netIpv4TcpMaxTwBuckets | Sysctl setting net.ipv4.tcp_max_tw_buckets. | int Optional |
| netIpv4TcpTwReuse | Sysctl setting net.ipv4.tcp_tw_reuse. | bool Optional |
| netNetfilterNfConntrackBuckets | Sysctl setting net.netfilter.nf_conntrack_buckets. | int Optional |
| netNetfilterNfConntrackMax | Sysctl setting net.netfilter.nf_conntrack_max. | int Optional |
| vmMaxMapCount | Sysctl setting vm.max_map_count. | int Optional |
| vmSwappiness | Sysctl setting vm.swappiness. | int Optional |
| vmVfsCachePressure | Sysctl setting vm.vfs_cache_pressure. | int Optional |
SysctlConfig_STATUS
Sysctl settings for Linux agent nodes.
Used by: LinuxOSConfig_STATUS.
| Property | Description | Type |
|---|---|---|
| fsAioMaxNr | Sysctl setting fs.aio-max-nr. | int Optional |
| fsFileMax | Sysctl setting fs.file-max. | int Optional |
| fsInotifyMaxUserWatches | Sysctl setting fs.inotify.max_user_watches. | int Optional |
| fsNrOpen | Sysctl setting fs.nr_open. | int Optional |
| kernelThreadsMax | Sysctl setting kernel.threads-max. | int Optional |
| netCoreNetdevMaxBacklog | Sysctl setting net.core.netdev_max_backlog. | int Optional |
| netCoreOptmemMax | Sysctl setting net.core.optmem_max. | int Optional |
| netCoreRmemDefault | Sysctl setting net.core.rmem_default. | int Optional |
| netCoreRmemMax | Sysctl setting net.core.rmem_max. | int Optional |
| netCoreSomaxconn | Sysctl setting net.core.somaxconn. | int Optional |
| netCoreWmemDefault | Sysctl setting net.core.wmem_default. | int Optional |
| netCoreWmemMax | Sysctl setting net.core.wmem_max. | int Optional |
| netIpv4IpLocalPortRange | Sysctl setting net.ipv4.ip_local_port_range. | string Optional |
| netIpv4NeighDefaultGcThresh1 | Sysctl setting net.ipv4.neigh.default.gc_thresh1. | int Optional |
| netIpv4NeighDefaultGcThresh2 | Sysctl setting net.ipv4.neigh.default.gc_thresh2. | int Optional |
| netIpv4NeighDefaultGcThresh3 | Sysctl setting net.ipv4.neigh.default.gc_thresh3. | int Optional |
| netIpv4TcpFinTimeout | Sysctl setting net.ipv4.tcp_fin_timeout. | int Optional |
| netIpv4TcpkeepaliveIntvl | Sysctl setting net.ipv4.tcp_keepalive_intvl. | int Optional |
| netIpv4TcpKeepaliveProbes | Sysctl setting net.ipv4.tcp_keepalive_probes. | int Optional |
| netIpv4TcpKeepaliveTime | Sysctl setting net.ipv4.tcp_keepalive_time. | int Optional |
| netIpv4TcpMaxSynBacklog | Sysctl setting net.ipv4.tcp_max_syn_backlog. | int Optional |
| netIpv4TcpMaxTwBuckets | Sysctl setting net.ipv4.tcp_max_tw_buckets. | int Optional |
| netIpv4TcpTwReuse | Sysctl setting net.ipv4.tcp_tw_reuse. | bool Optional |
| netNetfilterNfConntrackBuckets | Sysctl setting net.netfilter.nf_conntrack_buckets. | int Optional |
| netNetfilterNfConntrackMax | Sysctl setting net.netfilter.nf_conntrack_max. | int Optional |
| vmMaxMapCount | Sysctl setting vm.max_map_count. | int Optional |
| vmSwappiness | Sysctl setting vm.swappiness. | int Optional |
| vmVfsCachePressure | Sysctl setting vm.vfs_cache_pressure. | int Optional |
SystemData_CreatedByType_STATUS
Used by: SystemData_STATUS.
| Value | Description |
|---|---|
| “Application” | |
| “Key” | |
| “ManagedIdentity” | |
| “User” |
SystemData_LastModifiedByType_STATUS
Used by: SystemData_STATUS.
| Value | Description |
|---|---|
| “Application” | |
| “Key” | |
| “ManagedIdentity” | |
| “User” |
UpgradeOverrideSettings
Settings for overrides when upgrading a cluster.
Used by: ClusterUpgradeSettings.
| Property | Description | Type |
|---|---|---|
| forceUpgrade | Whether to force upgrade the cluster. Note that this option instructs upgrade operation to bypass upgrade protections such as checking for deprecated API usage. Enable this option only with caution. | bool Optional |
| until | Until when the overrides are effective. Note that this only matches the start time of an upgrade, and the effectiveness won’t change once an upgrade starts even if the until expires as upgrade proceeds. This field is not set by default. It must be set for the overrides to take effect. |
string Optional |
UpgradeOverrideSettings_STATUS
Settings for overrides when upgrading a cluster.
Used by: ClusterUpgradeSettings_STATUS.
| Property | Description | Type |
|---|---|---|
| forceUpgrade | Whether to force upgrade the cluster. Note that this option instructs upgrade operation to bypass upgrade protections such as checking for deprecated API usage. Enable this option only with caution. | bool Optional |
| until | Until when the overrides are effective. Note that this only matches the start time of an upgrade, and the effectiveness won’t change once an upgrade starts even if the until expires as upgrade proceeds. This field is not set by default. It must be set for the overrides to take effect. |
string Optional |
UserAssignedIdentityDetails
Information about the user assigned identity for the resource
Used by: ManagedClusterIdentity.
| Property | Description | Type |
|---|---|---|
| reference | genruntime.ResourceReference Optional |
WeekDay
The weekday enum.
Used by: RelativeMonthlySchedule, TimeInWeek, and WeeklySchedule.
| Value | Description |
|---|---|
| “Friday” | |
| “Monday” | |
| “Saturday” | |
| “Sunday” | |
| “Thursday” | |
| “Tuesday” | |
| “Wednesday” |
WeekDay_STATUS
The weekday enum.
Used by: RelativeMonthlySchedule_STATUS, TimeInWeek_STATUS, and WeeklySchedule_STATUS.
| Value | Description |
|---|---|
| “Friday” | |
| “Monday” | |
| “Saturday” | |
| “Sunday” | |
| “Thursday” | |
| “Tuesday” | |
| “Wednesday” |
WindowsGmsaProfile
Windows gMSA Profile in the managed cluster.
Used by: ManagedClusterWindowsProfile.
| Property | Description | Type |
|---|---|---|
| dnsServer | Specifies the DNS server for Windows gMSA. Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster. | string Optional |
| enabled | Whether to enable Windows gMSA. Specifies whether to enable Windows gMSA in the managed cluster. | bool Optional |
| rootDomainName | Specifies the root domain name for Windows gMSA. Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster. | string Optional |
WindowsGmsaProfile_STATUS
Windows gMSA Profile in the managed cluster.
Used by: ManagedClusterWindowsProfile_STATUS.
| Property | Description | Type |
|---|---|---|
| dnsServer | Specifies the DNS server for Windows gMSA. Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster. | string Optional |
| enabled | Whether to enable Windows gMSA. Specifies whether to enable Windows gMSA in the managed cluster. | bool Optional |
| rootDomainName | Specifies the root domain name for Windows gMSA. Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster. | string Optional |
AbsoluteMonthlySchedule
For schedules like: ‘recur every month on the 15th’ or ‘recur every 3 months on the 20th’.
Used by: Schedule.
| Property | Description | Type |
|---|---|---|
| dayOfMonth | The date of the month. | int Required |
| intervalMonths | Specifies the number of months between each set of occurrences. | int Required |
AbsoluteMonthlySchedule_STATUS
For schedules like: ‘recur every month on the 15th’ or ‘recur every 3 months on the 20th’.
Used by: Schedule_STATUS.
| Property | Description | Type |
|---|---|---|
| dayOfMonth | The date of the month. | int Optional |
| intervalMonths | Specifies the number of months between each set of occurrences. | int Optional |
AdvancedNetworkingObservability
Observability profile to enable advanced network metrics and flow logs with historical contexts.
Used by: AdvancedNetworking.
| Property | Description | Type |
|---|---|---|
| enabled | Indicates the enablement of Advanced Networking observability functionalities on clusters. | bool Optional |
AdvancedNetworkingObservability_STATUS
Observability profile to enable advanced network metrics and flow logs with historical contexts.
Used by: AdvancedNetworking_STATUS.
| Property | Description | Type |
|---|---|---|
| enabled | Indicates the enablement of Advanced Networking observability functionalities on clusters. | bool Optional |
AdvancedNetworkingSecurity
Security profile to enable security features on cilium based cluster.
Used by: AdvancedNetworking.
| Property | Description | Type |
|---|---|---|
| advancedNetworkPolicies | Enable advanced network policies. This allows users to configure Layer 7 network policies (FQDN, HTTP, Kafka). Policies themselves must be configured via the Cilium Network Policy resources, see https://docs.cilium.io/en/latest/security/policy/index.html. This can be enabled only on cilium-based clusters. If not specified, the default value is FQDN if security.enabled is set to true. | AdvancedNetworkingSecurity_AdvancedNetworkPolicies Optional |
| enabled | This feature allows user to configure network policy based on DNS (FQDN) names. It can be enabled only on cilium based clusters. If not specified, the default is false. | bool Optional |
AdvancedNetworkingSecurity_STATUS
Security profile to enable security features on cilium based cluster.
Used by: AdvancedNetworking_STATUS.
| Property | Description | Type |
|---|---|---|
| advancedNetworkPolicies | Enable advanced network policies. This allows users to configure Layer 7 network policies (FQDN, HTTP, Kafka). Policies themselves must be configured via the Cilium Network Policy resources, see https://docs.cilium.io/en/latest/security/policy/index.html. This can be enabled only on cilium-based clusters. If not specified, the default value is FQDN if security.enabled is set to true. | AdvancedNetworkingSecurity_AdvancedNetworkPolicies_STATUS Optional |
| enabled | This feature allows user to configure network policy based on DNS (FQDN) names. It can be enabled only on cilium based clusters. If not specified, the default is false. | bool Optional |
AzureKeyVaultKms_KeyVaultNetworkAccess
Used by: AzureKeyVaultKms.
| Value | Description |
|---|---|
| “Private” | |
| “Public” |
AzureKeyVaultKms_KeyVaultNetworkAccess_STATUS
Used by: AzureKeyVaultKms_STATUS.
| Value | Description |
|---|---|
| “Private” | |
| “Public” |
ContainerServiceSshPublicKey
Contains information about SSH certificate public key data.
Used by: ContainerServiceSshConfiguration.
| Property | Description | Type |
|---|---|---|
| keyData | Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers. | string Required |
ContainerServiceSshPublicKey_STATUS
Contains information about SSH certificate public key data.
Used by: ContainerServiceSshConfiguration_STATUS.
| Property | Description | Type |
|---|---|---|
| keyData | Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers. | string Optional |
DailySchedule
For schedules like: ‘recur every day’ or ‘recur every 3 days’.
Used by: Schedule.
| Property | Description | Type |
|---|---|---|
| intervalDays | Specifies the number of days between each set of occurrences. | int Required |
DailySchedule_STATUS
For schedules like: ‘recur every day’ or ‘recur every 3 days’.
Used by: Schedule_STATUS.
| Property | Description | Type |
|---|---|---|
| intervalDays | Specifies the number of days between each set of occurrences. | int Optional |
ErrorAdditionalInfo_STATUS
The resource management error additional info.
Used by: ErrorDetail_STATUS, and ErrorDetail_STATUS_Unrolled.
| Property | Description | Type |
|---|---|---|
| info | The additional info. | map[string]v1.JSON Optional |
| type | The additional info type. | string Optional |
ErrorDetail_STATUS_Unrolled
Used by: ErrorDetail_STATUS.
| Property | Description | Type |
|---|---|---|
| additionalInfo | The error additional info. | ErrorAdditionalInfo_STATUS[] Optional |
| code | The error code. | string Optional |
| message | The error message. | string Optional |
| target | The error target. | string Optional |
IstioCertificateAuthority
Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin certificates as described here https://aka.ms/asm-plugin-ca
Used by: IstioServiceMesh.
| Property | Description | Type |
|---|---|---|
| plugin | Plugin certificates information for Service Mesh. | IstioPluginCertificateAuthority Optional |
IstioCertificateAuthority_STATUS
Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin certificates as described here https://aka.ms/asm-plugin-ca
Used by: IstioServiceMesh_STATUS.
| Property | Description | Type |
|---|---|---|
| plugin | Plugin certificates information for Service Mesh. | IstioPluginCertificateAuthority_STATUS Optional |
IstioComponents
Istio components configuration.
Used by: IstioServiceMesh.
| Property | Description | Type |
|---|---|---|
| egressGateways | Istio egress gateways. | IstioEgressGateway[] Optional |
| ingressGateways | Istio ingress gateways. | IstioIngressGateway[] Optional |
IstioComponents_STATUS
Istio components configuration.
Used by: IstioServiceMesh_STATUS.
| Property | Description | Type |
|---|---|---|
| egressGateways | Istio egress gateways. | IstioEgressGateway_STATUS[] Optional |
| ingressGateways | Istio ingress gateways. | IstioIngressGateway_STATUS[] Optional |
ManagedClusterAzureMonitorProfileKubeStateMetrics
Kube State Metrics profile for the Azure Managed Prometheus addon. These optional settings are for the kube-state-metrics pod that is deployed with the addon. See aka.ms/AzureManagedPrometheus-optional-parameters for details.
Used by: ManagedClusterAzureMonitorProfileMetrics.
| Property | Description | Type |
|---|---|---|
| metricAnnotationsAllowList | Comma-separated list of Kubernetes annotation keys that will be used in the resource’s labels metric (Example: ’namespaces=[kubernetes.io/team,…],pods=[kubernetes.io/team],…’). By default the metric contains only resource name and namespace labels. | string Optional |
| metricLabelsAllowlist | Comma-separated list of additional Kubernetes label keys that will be used in the resource’s labels metric (Example: ’namespaces=[k8s-label-1,k8s-label-n,…],pods=[app],…’). By default the metric contains only resource name and namespace labels. | string Optional |
ManagedClusterAzureMonitorProfileKubeStateMetrics_STATUS
Kube State Metrics profile for the Azure Managed Prometheus addon. These optional settings are for the kube-state-metrics pod that is deployed with the addon. See aka.ms/AzureManagedPrometheus-optional-parameters for details.
Used by: ManagedClusterAzureMonitorProfileMetrics_STATUS.
| Property | Description | Type |
|---|---|---|
| metricAnnotationsAllowList | Comma-separated list of Kubernetes annotation keys that will be used in the resource’s labels metric (Example: ’namespaces=[kubernetes.io/team,…],pods=[kubernetes.io/team],…’). By default the metric contains only resource name and namespace labels. | string Optional |
| metricLabelsAllowlist | Comma-separated list of additional Kubernetes label keys that will be used in the resource’s labels metric (Example: ’namespaces=[k8s-label-1,k8s-label-n,…],pods=[app],…’). By default the metric contains only resource name and namespace labels. | string Optional |
ManagedClusterIngressProfileNginx
Used by: ManagedClusterIngressProfileWebAppRouting.
| Property | Description | Type |
|---|---|---|
| defaultIngressControllerType | Ingress type for the default NginxIngressController custom resource | ManagedClusterIngressProfileNginx_DefaultIngressControllerType Optional |
ManagedClusterIngressProfileNginx_STATUS
Used by: ManagedClusterIngressProfileWebAppRouting_STATUS.
| Property | Description | Type |
|---|---|---|
| defaultIngressControllerType | Ingress type for the default NginxIngressController custom resource | ManagedClusterIngressProfileNginx_DefaultIngressControllerType_STATUS Optional |
ManagedClusterLoadBalancerProfile_BackendPoolType
Used by: ManagedClusterLoadBalancerProfile.
| Value | Description |
|---|---|
| “NodeIP” | |
| “NodeIPConfiguration” |
ManagedClusterLoadBalancerProfile_BackendPoolType_STATUS
Used by: ManagedClusterLoadBalancerProfile_STATUS.
| Value | Description |
|---|---|
| “NodeIP” | |
| “NodeIPConfiguration” |
ManagedClusterLoadBalancerProfile_ManagedOutboundIPs
Used by: ManagedClusterLoadBalancerProfile.
| Property | Description | Type |
|---|---|---|
| count | The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. | int Optional |
| countIPv6 | The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. | int Optional |
ManagedClusterLoadBalancerProfile_ManagedOutboundIPs_STATUS
Used by: ManagedClusterLoadBalancerProfile_STATUS.
| Property | Description | Type |
|---|---|---|
| count | The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. | int Optional |
| countIPv6 | The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. | int Optional |
ManagedClusterLoadBalancerProfile_OutboundIPPrefixes
Used by: ManagedClusterLoadBalancerProfile.
| Property | Description | Type |
|---|---|---|
| publicIPPrefixes | A list of public IP prefix resources. | ResourceReference[] Optional |
ManagedClusterLoadBalancerProfile_OutboundIPPrefixes_STATUS
Used by: ManagedClusterLoadBalancerProfile_STATUS.
| Property | Description | Type |
|---|---|---|
| publicIPPrefixes | A list of public IP prefix resources. | ResourceReference_STATUS[] Optional |
ManagedClusterLoadBalancerProfile_OutboundIPs
Used by: ManagedClusterLoadBalancerProfile.
| Property | Description | Type |
|---|---|---|
| publicIPs | A list of public IP resources. | ResourceReference[] Optional |
ManagedClusterLoadBalancerProfile_OutboundIPs_STATUS
Used by: ManagedClusterLoadBalancerProfile_STATUS.
| Property | Description | Type |
|---|---|---|
| publicIPs | A list of public IP resources. | ResourceReference_STATUS[] Optional |
ManagedClusterManagedOutboundIPProfile
Profile of the managed outbound IP resources of the managed cluster.
Used by: ManagedClusterNATGatewayProfile.
| Property | Description | Type |
|---|---|---|
| count | The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 (inclusive). The default value is 1. | int Optional |
ManagedClusterManagedOutboundIPProfile_STATUS
Profile of the managed outbound IP resources of the managed cluster.
Used by: ManagedClusterNATGatewayProfile_STATUS.
| Property | Description | Type |
|---|---|---|
| count | The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 (inclusive). The default value is 1. | int Optional |
ManagedClusterPodIdentity_ProvisioningInfo_STATUS
Used by: ManagedClusterPodIdentity_STATUS.
| Property | Description | Type |
|---|---|---|
| error | Pod identity assignment error (if any). | ManagedClusterPodIdentityProvisioningError_STATUS Optional |
ManagedClusterPodIdentity_ProvisioningState_STATUS
Used by: ManagedClusterPodIdentity_STATUS.
| Value | Description |
|---|---|
| “Assigned” | |
| “Canceled” | |
| “Deleting” | |
| “Failed” | |
| “Succeeded” | |
| “Updating” |
ManagedClusterSecurityProfileDefenderSecurityMonitoring
Microsoft Defender settings for the security profile threat detection.
Used by: ManagedClusterSecurityProfileDefender.
| Property | Description | Type |
|---|---|---|
| enabled | Whether to enable Defender threat detection | bool Optional |
ManagedClusterSecurityProfileDefenderSecurityMonitoring_STATUS
Microsoft Defender settings for the security profile threat detection.
Used by: ManagedClusterSecurityProfileDefender_STATUS.
| Property | Description | Type |
|---|---|---|
| enabled | Whether to enable Defender threat detection | bool Optional |
ManualScaleProfile
Specifications on number of machines.
Used by: ScaleProfile.
| Property | Description | Type |
|---|---|---|
| count | Number of nodes. | int Optional |
| size | VM size that AKS will use when creating and scaling e.g. Standard_E4s_v3, Standard_E16s_v3 or Standard_D16s_v5. |
string Optional |
ManualScaleProfile_STATUS
Specifications on number of machines.
Used by: ScaleProfile_STATUS.
| Property | Description | Type |
|---|---|---|
| count | Number of nodes. | int Optional |
| size | VM size that AKS will use when creating and scaling e.g. Standard_E4s_v3, Standard_E16s_v3 or Standard_D16s_v5. |
string Optional |
PortRange_Protocol
Used by: PortRange.
| Value | Description |
|---|---|
| “TCP” | |
| “UDP” |
PortRange_Protocol_STATUS
Used by: PortRange_STATUS.
| Value | Description |
|---|---|
| “TCP” | |
| “UDP” |
RelativeMonthlySchedule
For schedules like: ‘recur every month on the first Monday’ or ‘recur every 3 months on last Friday’.
Used by: Schedule.
| Property | Description | Type |
|---|---|---|
| dayOfWeek | Specifies on which day of the week the maintenance occurs. | WeekDay Required |
| intervalMonths | Specifies the number of months between each set of occurrences. | int Required |
| weekIndex | The week index. Specifies on which week of the month the dayOfWeek applies. | RelativeMonthlySchedule_WeekIndex Required |
RelativeMonthlySchedule_STATUS
For schedules like: ‘recur every month on the first Monday’ or ‘recur every 3 months on last Friday’.
Used by: Schedule_STATUS.
| Property | Description | Type |
|---|---|---|
| dayOfWeek | Specifies on which day of the week the maintenance occurs. | WeekDay_STATUS Optional |
| intervalMonths | Specifies the number of months between each set of occurrences. | int Optional |
| weekIndex | The week index. Specifies on which week of the month the dayOfWeek applies. | RelativeMonthlySchedule_WeekIndex_STATUS Optional |
ResourceReference_STATUS
A reference to an Azure resource.
Used by: ManagedClusterLoadBalancerProfile_OutboundIPPrefixes_STATUS, ManagedClusterLoadBalancerProfile_OutboundIPs_STATUS, ManagedClusterLoadBalancerProfile_STATUS, and ManagedClusterNATGatewayProfile_STATUS.
| Property | Description | Type |
|---|---|---|
| id | The fully qualified Azure resource id. | string Optional |
WeeklySchedule
For schedules like: ‘recur every Monday’ or ‘recur every 3 weeks on Wednesday’.
Used by: Schedule.
| Property | Description | Type |
|---|---|---|
| dayOfWeek | Specifies on which day of the week the maintenance occurs. | WeekDay Required |
| intervalWeeks | Specifies the number of weeks between each set of occurrences. | int Required |
WeeklySchedule_STATUS
For schedules like: ‘recur every Monday’ or ‘recur every 3 weeks on Wednesday’.
Used by: Schedule_STATUS.
| Property | Description | Type |
|---|---|---|
| dayOfWeek | Specifies on which day of the week the maintenance occurs. | WeekDay_STATUS Optional |
| intervalWeeks | Specifies the number of weeks between each set of occurrences. | int Optional |
AdvancedNetworkingSecurity_AdvancedNetworkPolicies
Used by: AdvancedNetworkingSecurity.
| Value | Description |
|---|---|
| “FQDN” | |
| “L7” | |
| “None” |
AdvancedNetworkingSecurity_AdvancedNetworkPolicies_STATUS
Used by: AdvancedNetworkingSecurity_STATUS.
| Value | Description |
|---|---|
| “FQDN” | |
| “L7” | |
| “None” |
IstioEgressGateway
Istio egress gateway configuration.
Used by: IstioComponents.
| Property | Description | Type |
|---|---|---|
| enabled | Whether to enable the egress gateway. | bool Required |
IstioEgressGateway_STATUS
Istio egress gateway configuration.
Used by: IstioComponents_STATUS.
| Property | Description | Type |
|---|---|---|
| enabled | Whether to enable the egress gateway. | bool Optional |
IstioIngressGateway
Istio ingress gateway configuration. For now, we support up to one external ingress gateway named aks-istio-ingressgateway-external and one internal ingress gateway named aks-istio-ingressgateway-internal.
Used by: IstioComponents.
| Property | Description | Type |
|---|---|---|
| enabled | Whether to enable the ingress gateway. | bool Required |
| mode | Mode of an ingress gateway. | IstioIngressGateway_Mode Required |
IstioIngressGateway_STATUS
Istio ingress gateway configuration. For now, we support up to one external ingress gateway named aks-istio-ingressgateway-external and one internal ingress gateway named aks-istio-ingressgateway-internal.
Used by: IstioComponents_STATUS.
| Property | Description | Type |
|---|---|---|
| enabled | Whether to enable the ingress gateway. | bool Optional |
| mode | Mode of an ingress gateway. | IstioIngressGateway_Mode_STATUS Optional |
IstioPluginCertificateAuthority
Plugin certificates information for Service Mesh.
Used by: IstioCertificateAuthority.
| Property | Description | Type |
|---|---|---|
| certChainObjectName | Certificate chain object name in Azure Key Vault. | string Optional |
| certObjectName | Intermediate certificate object name in Azure Key Vault. | string Optional |
| keyObjectName | Intermediate certificate private key object name in Azure Key Vault. | string Optional |
| keyVaultReference | The resource ID of the Key Vault. | genruntime.ResourceReference Optional |
| rootCertObjectName | Root certificate object name in Azure Key Vault. | string Optional |
IstioPluginCertificateAuthority_STATUS
Plugin certificates information for Service Mesh.
Used by: IstioCertificateAuthority_STATUS.
| Property | Description | Type |
|---|---|---|
| certChainObjectName | Certificate chain object name in Azure Key Vault. | string Optional |
| certObjectName | Intermediate certificate object name in Azure Key Vault. | string Optional |
| keyObjectName | Intermediate certificate private key object name in Azure Key Vault. | string Optional |
| keyVaultId | The resource ID of the Key Vault. | string Optional |
| rootCertObjectName | Root certificate object name in Azure Key Vault. | string Optional |
ManagedClusterIngressProfileNginx_DefaultIngressControllerType
Used by: ManagedClusterIngressProfileNginx.
| Value | Description |
|---|---|
| “AnnotationControlled” | |
| “External” | |
| “Internal” | |
| “None” |
ManagedClusterIngressProfileNginx_DefaultIngressControllerType_STATUS
Used by: ManagedClusterIngressProfileNginx_STATUS.
| Value | Description |
|---|---|
| “AnnotationControlled” | |
| “External” | |
| “Internal” | |
| “None” |
ManagedClusterPodIdentityProvisioningError_STATUS
An error response from the pod identity provisioning.
Used by: ManagedClusterPodIdentity_ProvisioningInfo_STATUS.
| Property | Description | Type |
|---|---|---|
| error | Details about the error. | ManagedClusterPodIdentityProvisioningErrorBody_STATUS Optional |
RelativeMonthlySchedule_WeekIndex
Used by: RelativeMonthlySchedule.
| Value | Description |
|---|---|
| “First” | |
| “Fourth” | |
| “Last” | |
| “Second” | |
| “Third” |
RelativeMonthlySchedule_WeekIndex_STATUS
Used by: RelativeMonthlySchedule_STATUS.
| Value | Description |
|---|---|
| “First” | |
| “Fourth” | |
| “Last” | |
| “Second” | |
| “Third” |
ResourceReference
A reference to an Azure resource.
Used by: ManagedClusterLoadBalancerProfile_OutboundIPPrefixes, and ManagedClusterLoadBalancerProfile_OutboundIPs.
| Property | Description | Type |
|---|---|---|
| reference | The fully qualified Azure resource id. | genruntime.ResourceReference Optional |
IstioIngressGateway_Mode
Used by: IstioIngressGateway.
| Value | Description |
|---|---|
| “External” | |
| “Internal” |
IstioIngressGateway_Mode_STATUS
Used by: IstioIngressGateway_STATUS.
| Value | Description |
|---|---|
| “External” | |
| “Internal” |
ManagedClusterPodIdentityProvisioningErrorBody_STATUS
An error response from the pod identity provisioning.
Used by: ManagedClusterPodIdentityProvisioningError_STATUS.
| Property | Description | Type |
|---|---|---|
| code | An identifier for the error. Codes are invariant and are intended to be consumed programmatically. | string Optional |
| details | A list of additional details about the error. | ManagedClusterPodIdentityProvisioningErrorBody_STATUS_Unrolled[] Optional |
| message | A message describing the error, intended to be suitable for display in a user interface. | string Optional |
| target | The target of the particular error. For example, the name of the property in error. | string Optional |
ManagedClusterPodIdentityProvisioningErrorBody_STATUS_Unrolled
Used by: ManagedClusterPodIdentityProvisioningErrorBody_STATUS.
| Property | Description | Type |
|---|---|---|
| code | An identifier for the error. Codes are invariant and are intended to be consumed programmatically. | string Optional |
| message | A message describing the error, intended to be suitable for display in a user interface. | string Optional |
| target | The target of the particular error. For example, the name of the property in error. | string Optional |